Adding fix
This commit is contained in:
parent
31155fb925
commit
96e6bc8356
@ -42,13 +42,16 @@ else{
|
|||||||
</div>
|
</div>
|
||||||
</div>
|
</div>
|
||||||
</nav>
|
</nav>
|
||||||
<form method="post" action="insert.php">
|
<form method="post" action="insert.php" ENCTYPE="multipart/form-data">
|
||||||
<div class="addPostForm">
|
<div class="addPostForm">
|
||||||
<input type="text" name="title" size="120">
|
<input type="text" name="title" size="120">
|
||||||
<p>Meta opis</p>
|
<p>Meta opis</p>
|
||||||
<input name="meta_desc" size="120">
|
<input name="meta_desc" size="120">
|
||||||
<p>Treść posta</p>
|
<p>Treść posta</p>
|
||||||
<textarea name="post_text" id="editor1" rows="10" cols="80"></textarea>
|
<textarea name="post_text" id="editor1" rows="10" cols="80"></textarea>
|
||||||
|
<p>Zdjęcie posta</p>
|
||||||
|
<label>Wybierz zdjęcie:</label>
|
||||||
|
<input type="file" name="avatar" accept="image/*" required />
|
||||||
<input type="submit" class="btn btn-success" value="Dodaj post">
|
<input type="submit" class="btn btn-success" value="Dodaj post">
|
||||||
</div>
|
</div>
|
||||||
</form>
|
</form>
|
||||||
|
@ -52,6 +52,7 @@ $_SESSION['user_blog_id']=$user_blog_id;
|
|||||||
<th>ID Postu</th>
|
<th>ID Postu</th>
|
||||||
<th>Tytuł</th>
|
<th>Tytuł</th>
|
||||||
<th>Meta Description</th>
|
<th>Meta Description</th>
|
||||||
|
<th>Obraz postu</th>
|
||||||
<th>Data dodania</th>
|
<th>Data dodania</th>
|
||||||
<th>Data modyfikacji</th>
|
<th>Data modyfikacji</th>
|
||||||
</tr>
|
</tr>
|
||||||
@ -64,17 +65,18 @@ if ($sql = $mysqli->prepare("SELECT * FROM post WHERE blog_id IN (SELECT user_i
|
|||||||
$sql->execute();
|
$sql->execute();
|
||||||
$sql->bind_result($post_id,$trash,$title,$description,$main,$img,$date,$mod_date);
|
$sql->bind_result($post_id,$trash,$title,$description,$main,$img,$date,$mod_date);
|
||||||
while ($sql->fetch())
|
while ($sql->fetch())
|
||||||
{
|
{?>
|
||||||
echo "<tr>
|
<tr>
|
||||||
<td>$post_id</td>
|
<td><?php echo $post_id;?></td>
|
||||||
<td>$title</td>
|
<td><?php echo $title; ?></td>
|
||||||
<td>$description</td>
|
<td><?php echo $description; ?></td>
|
||||||
<td>$date</td>
|
<td><img style="margin-left:20px;" width="50" height= "50" src="<?php echo $img; ?>"></td>
|
||||||
<td>$mod_date</td>
|
<td><?php echo $date; ?></td>
|
||||||
<td><a href=\"edit.php?post_id=$post_id\" class=\"btn btn-info\">Edytuj</a></td>
|
<td><?php echo $mod_date; ?></td>
|
||||||
<td><a href=\"delete_post.php?post_id=$post_id\" class=\"btn btn-danger\" onclick=\"javascript:return confirm('Czy na pewno usunąć?'); \">Usuń</a></td>
|
<td><a href="edit.php?post_id=<?php echo $post_id; ?>" class="btn btn-info">Edytuj</a></td>
|
||||||
</tr>";
|
<td><a href="delete_post.php?post_id=<?php echo $post_id; ?>" class="btn btn-danger" onclick="javascript:return confirm('Czy na pewno usunąć?'); ">Usuń</a></td>
|
||||||
}
|
</tr>
|
||||||
|
<?php }
|
||||||
$sql->close();
|
$sql->close();
|
||||||
}
|
}
|
||||||
else die( "Błąd w zapytaniu SQL! Sprawdź kod SQL w PhpMyAdmin. $user $password" );
|
else die( "Błąd w zapytaniu SQL! Sprawdź kod SQL w PhpMyAdmin. $user $password" );
|
||||||
|
@ -5,20 +5,24 @@ $title = $_POST["title"];
|
|||||||
$meta_desc = $_POST["meta_desc"];
|
$meta_desc = $_POST["meta_desc"];
|
||||||
$text = $_POST["post_text"];
|
$text = $_POST["post_text"];
|
||||||
$userlogin=$_SESSION['user'];
|
$userlogin=$_SESSION['user'];
|
||||||
|
$avatar_path = $mysqli->real_escape_string('../blog-post/img/post/'.$_FILES['avatar']['name']);
|
||||||
$query="SELECT user_id FROM user WHERE username='$userlogin'";
|
$query="SELECT user_id FROM user WHERE username='$userlogin'";
|
||||||
if ($result=mysqli_query($mysqli,$query)){
|
if ($result=mysqli_query($mysqli,$query)){
|
||||||
while ($row=mysqli_fetch_row($result)){
|
while ($row=mysqli_fetch_row($result)){
|
||||||
$userid=$row[0];
|
$userid=$row[0];
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
$sql = $mysqli->prepare("INSERT INTO post VALUES (NULL,?, ?, ?, ?,NOW(),NOW());");
|
if (preg_match("!image!", $_FILES['avatar']['type'])){
|
||||||
if ($sql)
|
if(copy($_FILES['avatar']['tmp_name'], $avatar_path)){
|
||||||
{
|
$sql = $mysqli->prepare("INSERT INTO post VALUES (NULL,?, ?, ?, ?, ?,NOW(),NOW());");
|
||||||
$sql->bind_param("isss",$userid,$title,$meta_desc,$text);
|
if ($sql){
|
||||||
$sql->execute();
|
$sql->bind_param("issss",$userid,$title,$meta_desc,$text,$avatar_path);
|
||||||
$sql->close();
|
$sql->execute();
|
||||||
|
$sql->close();
|
||||||
|
}
|
||||||
|
else echo "ERROR";
|
||||||
|
}
|
||||||
}
|
}
|
||||||
$mysqli->close();
|
$mysqli->close();
|
||||||
|
header('Location: index.php');
|
||||||
header ("Location: ./");
|
|
||||||
?>
|
?>
|
Loading…
Reference in New Issue
Block a user