inkletblot/inkletblot-com-v1
Archived
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
This repository has been archived on 2025-12-28. You can view files and clone it, but cannot push or open issues or pull requests.
c05005dc16
inkletblot-com-v1/php forum/edit_post.php
inkletblot dfdde50b24 initial commit
2019-12-02 12:10:45 +10:30

90 lines
2.8 KiB
PHP
Raw Blame History

<?php
//edit_post.php
include 'connect.php';
include 'header.php';
//fetch the post from the database
$post_sql = "SELECT postContent, postBy
FROM posts
WHERE postNo = ?";
$stmt = $conn->prepare($post_sql);
$stmt->bind_param('i', $_GET['post']);
$stmt->execute();
$post_result = $stmt->get_result();
if(!$post_result)
{
echo 'The post could not be retrieved, please try again later.';
}
else
{
if($_SERVER['REQUEST_METHOD'] != 'POST')
{
$post_result = $post_result->fetch_assoc();
if(!$_SESSION['signedIn'])
{
echo 'You must be <a href="signin.php">signed in</a> to edit a post. You can also <a href="signup.php">sign up</a> for an account.';
}
else if ($_SESSION['userNo'] != $post_result['postBy'])
{
echo 'You cannot edit this post. You are not OP!';
}
else
{
$content = htmlentities(stripslashes($post_result['postContent']));
//show edit form
echo ' <br />
<form method="post" action="">
<label for="postContent">Post: </label><br />
<textarea name="postContent">' . htmlentities($content, ENT_QUOTES | ENT_HTML5, 'UTF-8') . '</textarea><br /><br />
<input type="submit" value="Submit edit" />
</form>';
}
}
else
{
//the form has been posted, now it's time to process.
//start the transaction
$query = "BEGIN WORK;";
if(!$conn->query($query))
{
//Damn! the query failed, quit
echo 'An error occured while editing your post. Please try again later.';
}
else
{
//the form has been posted, so save it
//update the post in the posts table then save it
$update_sql = " UPDATE posts
SET postContent = ?
WHERE postNo = ?";
$update_stmt = $conn->prepare($update_sql);
$update_stmt->bind_param('si', $_POST['postContent'], $_GET['post']);
if(!$update_stmt->execute())
{
//something went wrong, display the error
echo 'An error occured while inserting your data. Please try again later.<br /><br />' . $conn->error;
$sql = "ROLLBACK;";
$conn->query($sql);
}
else
{
$sql = "COMMIT;";
$conn->query($sql);
//after a lot of work, the query succeeded!
echo 'You have succesfully edited <a href="topic.php?id='. htmlentities($_GET['topic'], ENT_QUOTES | ENT_HTML5, 'UTF-8') . '">your post</a>.';
}
}
}
}
include 'footer.php';
?>
Reference in New Issue View Git Blame Copy Permalink