-
Notifications
You must be signed in to change notification settings - Fork 3
/
diary.php
90 lines (90 loc) · 2.77 KB
/
diary.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
<?php
$table = "diary";
$post_count = 5;
include("lib/layout.php");
include("lib/ironserver.php");
authentication();
?>
<?php
if(isset($_POST["action"])){
$dbh = new sqlite3('../main.db');
if($_POST["action"] == "new"){
$prepare = $dbh->prepare('INSERT INTO diary(username, title, content) VALUES(:username, :title, :content)');
$prepare->bindParam(':username', $_SESSION["username"]);
}
if($_POST["action"] == "edit"){
$prepare = $dbh->prepare('UPDATE diary SET title= :title, content= :content WHERE id = :id');
$prepare->bindParam(':id', $_POST["id"]);
}
if($_POST["action"] == "new" || $_POST["action"] == "edit"){
$title= prepare_db_string($_POST["title"]);
$prepare->bindParam(':title', $title);
$content= prepare_db_string($_POST["content"]);
$prepare->bindParam(':content', $content);
$result = $prepare->execute();
if(!$result){
echo $dbh->lastErrorMsg();
exit();
}
}
$dbh->close();
header("location:diary.php");
}
?>
<html>
<?php
doctype();
head();
?>
<body>
<div class='container'>
<?php
html_header($table);
navigation();
?>
<div class="navigation">
<?php page_navigation($table, $post_count, 'all'); ?>
</div>
<div class="main">
<div class="content">
<?php
echo "<p id='newform'><button class='database' onclick=\"javascript:newDiary()\">new</button></p>";
$dbh = new sqlite3('../main.db');
if(isset($_GET["offset"])){
$offset = $_GET["offset"];
} else {
$offset = 0;
}
$prepare = $dbh->prepare("SELECT * FROM diary ORDER BY id DESC LIMIT :limit OFFSET :offset");
$prepare->bindParam(':limit', $post_count);
$prepare->bindParam(':offset', $offset);
$result=$prepare->execute();
while($row = $result->fetchArray(SQLITE3_ASSOC)){
echo "<div class='post' id='post_" . $row["id"] . "'>";
if($_SESSION["username"] == $row["username"] || $_SESSION["user_id"] == 1){
echo "<div class='controls'><button class='database' onclick=\"javascript:editDiary('".$row["id"]."')\">
edit
<button class='database' onclick=\"javascript:archive('diary', '".$row["id"]."')\">
archive
</button></div>";
}
echo "<h1 id='title_" . $row["id"] . "'>" . $row["title"] . "</h1>
<div class='descr'>" . $row["username"] . ", " . gmdate('Y-m-d', $row['date']) . "</div>
<div class='clearer'><span></span></div><p id='content_" . $row["id"] . "'>" . $row["content"] . "</p>\n<div class='clearer'><span></span></div>
</div>";
}
$dbh->close();
?>
</div>
<?php
sidenav();
?>
<div class="clearer"><span></span></div>
</div>
<div class="navigation">
<?php page_navigation($table, $post_count, 'all'); ?>
</div>
<?php footer(); ?>
</div>
</body>
</html>