require_once "models/PasswordHash.php";
require_once "models/post.php";
session_start();
//Make sure the user is logged in
if (isset($_SESSION['user'])) {
$user = $_SESSION['user'];
} else {
die;
}
//If they aren't an admin they aren't allowed here either
if ($user->admin != 2) {
die;
}
//If they are authorized to be here, make a class object to handle the post
$post = new post();
//If the id is set in the query string, do the following
if (isset($_GET['id'])) {
//First find the post in the database
$page = $post->findPost($dbh, $_GET['id']);
//If it doesn't exist, kill the page
if (!$page) {
die;
} else {
//And then send them back to the main page
$post->deletePost($dbh, $page->id);
header("Location: /");
die;
}
} else {
die;
}
$user = $_SESSION['user'];
} else {
header("Location: loginCheckCtrl");
die;
}
//If they are logged in but not an admin kill the page
if ($user->admin != 2) {
die;
}
//Create the flags and class object
$post = new post();
$error = true;
$sent = false;
if (isset($_GET['id'])) {
$id = $_GET['id'];
$postToEdit = $post->findPost($dbh, $id);
//If that post doesn't exist, just kill the page
if (!$postToEdit) {
die;
}
} else {
die;
}
//Otherwise let them edit the post.
if ($_POST) {
if (isset($_POST['title'])) {
if (empty($_POST['title'])) {
$error = false;
}
} else {
$error = false;
