-
Notifications
You must be signed in to change notification settings - Fork 1
/
postedit.php
131 lines (115 loc) · 4.86 KB
/
postedit.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
<?php
session_start();
$user_id = $_GET['user'];
$idpass = $_GET['id'];
$id = $_SESSION['id'];
//echo $id;
if(!isset($_SESSION['user'])){
echo '<script language="javascript">';
echo 'alert("What? Dude login first :P")';
echo '</script>';
header("Refresh: 1; url=login.php");
exit();
}
elseif ($user_id != $id) {
echo '<script language="javascript">';
echo 'alert("You are not allowed to access this")';
echo '</script>';
header("Refresh: 1; url=profile.php");
exit();
}
else {
$name = $_SESSION['user'];
$_SESSION['editid'] = $idpass;
//echo $_SESSION['deleteid'];
$servername = "localhost";
$username = "root";
$password = "";
$dbname = "pdologin";
$tbname = "posts";
try {
$conn = new PDO("mysql:host=$servername;dbname=$dbname", $username, $password);
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$stmt = $conn->prepare("SELECT * FROM $tbname WHERE id = :id");
$stmt->execute(['id' => $idpass]);
$query = $stmt->fetch(PDO::FETCH_ASSOC);
}
catch(PDOException $e) {
echo '<script language="javascript">';
echo '$sql . "<br>" . $e->getMessage();';
echo '</script>';
header("Refresh: 1; url=welcome.php");
}
if ($query['user'] != $id) {
echo '<script language="javascript">';
echo 'alert("You are not allowed to access this")';
echo '</script>';
header("Refresh: 1; url=profile.php");
exit();
}
$conn = NULL;
}
?>
<!DOCTYPE html>
<html>
<head>
<title>Edit</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css">
<meta name="viewport" content="width=device-width, initial-scale=1.0"/>
<meta http-equiv="refresh" content="60" >
<link href="https://fonts.googleapis.com/css?family=Changa:200|Source+Sans+Pro:200" rel="stylesheet">
<link rel="stylesheet" type="text/css" href="https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css">
<link href="https://fonts.googleapis.com/css?family=Barrio|Permanent+Marker" rel="stylesheet">
<style type="text/css">
body {
font-family: 'Source Sans Pro', sans-serif;
font-weight: 700;
background-color: rgb(220, 198, 224);
}
.navbar {
background-color: rgb(103, 65, 114);
}
</style>
</head>
<body>
<nav class="navbar navbar-default">
<div class="container-fluid">
<!-- Brand and toggle get grouped for better mobile display -->
<div class="navbar-header">
<button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#bs-example-navbar-collapse-1" aria-expanded="false">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="#" style="color: white;margin-left: 7%;font-weight: 700;font-family: Permanent Marker;font-size: 23px;">yapdaily</a>
</div>
<!-- Collect the nav links, forms, and other content for toggling -->
<div class="collapse navbar-collapse" id="bs-example-navbar-collapse-1">
<ul class="nav navbar-nav navbar-right">
<li><a href="logout.php" style="color: white;font-weight: 700;">LOG OUT</a></li>
<li><a href="welcome.php" style="color: white;font-weight: 700;">ALL POSTS</a></li>
<li><a href="sent.php" style="color: white;font-weight: 700;">SENT MSG</a></li>
<li><a href="recv.php" style="color: white;font-weight: 700;">RECV MSG</a></li>
<li style="color: black;font-weight: 700;border: 1px solid black;background-color: black;"><a href="profile.php" style="color: white;font-weight: 700;"><?php echo $name ?></a></li>
</ul>
</div><!-- /.navbar-collapse -->
</div><!-- /.container-fluid -->
</nav>
<div class="container">
<h1 style="text-align: center;">Edit your Post</h1>
<hr>
<br>
<form method="POST" action="posteditadd.php">
<div class="form-group" style="width:60%;margin-left:20%;">
<input type="text" class="form-control" name="name" value="<?php echo $name ?>"><br>
<input type="text" class="form-control" name="title" value="<?php echo $query['title'] ?>"><br>
<input type="text" class="form-control" name="dater" value="<?php echo $query['dater'] ?>"><br>
<textarea type="text" class="form-control" name="body" rows="8"><?php echo $query['body'] ?></textarea><br>
<a href="profile.php" class="btn btn-default" style="margin-left:37%;font-weight: 700;">CANCEL</a>
<input type="submit" class="btn btn-default" name="editpost" value="SAVE CHANGES" style="background-color: rgb(103, 65, 114);color: white;font-weight: 700;">
</div>
</form>
</div>
</body>
</html>