<br> <textarea name='content' id="" cols="30" rows="3"></textarea> <br> <span>Coment</span> <input name='count'> <span>Tag</span> <input name='tag'> <br> <button name="insert_post" type="submit">Insert</button> <br> </form> <?php if (isset($_POST['insert_post'])) { extract($_POST); $img = $_FILES["img"]['name']; move_uploaded_file($_FILES["img"]["tmp_name"], "../img/{$img}"); $posts = new Posts($db); $posts->insert($id, $title, $author, $date, $views, $img, $content, $count, $tag); } ?> </div> </div> </div> </div> </div> </div> </body> </html>
unset($row['postid']); $postarr['comments'][] = $row; } $rarr = array_merge($postarr, $rarr); die(json_encode($rarr)); } else { if ($r['action'] == 'set') { // create a new post // send token, userid, content, [groupid, pollid] $postObj = new Posts($r); $postObj->checkTokenValid(); $postObj->checkInputHas(['content']); $postObj->addInsertsFromArray($r, ['id', 'content']); $postObj->addInsert('username', getUsername($r['id'])); $postObj->addInsert('doc', date('Y-m-d H:i:s')); $result = $postObj->insert(); if ($result) { $result = $postObj->customUpdate("weight = postid", "id = {$r['id']}", "order by postid desc limit 1"); // add weight=posts to the last post // id = r[id] is a safety belt in case of parallel requests die(json_encode($rarr)); } } else { if ($r['action'] == 'feed') { // get feed for a user or a group // userid, groupid $postObj = new Posts($r); if ($postObj->inputHas(['gid'])) { $postObj->checkInputHas(['id']); // limit by post id if ($postObj->inputHas(['after'])) {
$content = Typo::cleanX($_POST['content']); if (!isset($_POST['title']) || $_POST['title'] == "") { $alertred[] = TITLE_CANNOT_EMPTY; } if (isset($alertred)) { $data['alertred'] = $alertred; } else { if (!isset($_POST['date']) || $_POST['date'] == "") { # code... $date = date("Y-m-d H:i:s"); } else { $date = $_POST['date']; } $vars = array('title' => $title, 'content' => $content, 'date' => $date, 'type' => 'page', 'author' => Session::val('username'), 'status' => Typo::int($_POST['status'])); //print_r($vars); Posts::insert($vars); $data['alertgreen'][] = PAGE . " {$_POST['title']} " . MSG_PAGE_ADDED; Token::remove($_POST['token']); } break; default: # code... //System::inc('pages_form', $data); break; } Theme::admin('header', $data); System::inc('pages_form', $data); Theme::admin('footer'); break; case 'edit': //echo "edit";
}); $app->post('/posts/new', $authenticate($app, $settings), function () use($app, $settings) { $title = $app->request->post('title'); $text = $app->request->post('markdown'); $redirect = $app->request->post('redirect'); if ($title == "") { $app->flash('error', 1); $app->redirect($settings->base_url . '/admin/posts/new'); } if ($text == "") { $app->flash('error', 2); $app->redirect($settings->base_url . '/admin/posts/new'); } $date = time(); $author = Users::get_id($_SESSION['user']); Posts::insert(array('title' => $title, 'creation' => $date, 'text' => $text, 'user_id' => $author)); $app->render('success.html', array('redirect' => $redirect)); }); $app->post('/markdown/ajax', $authenticate($app, $settings), function () use($app) { if ($app->request->post('markdown') !== null) { echo $app->markdown->parse($app->request->post('markdown')); } }); $app->get('/posts/edit/:id', $authenticate($app, $settings), function ($id) use($app) { $post = Posts::where('id', '=', $id)->first(); if ($post) { $title = $post->title; $text = $post->text; $postId = $id; $flash = $app->view()->getData('flash'); $error = isset($flash['error']) ? $flash['error'] : '';