summaryrefslogtreecommitdiff
path: root/lib/blog/edit.php
diff options
context:
space:
mode:
Diffstat (limited to 'lib/blog/edit.php')
-rw-r--r--lib/blog/edit.php61
1 files changed, 61 insertions, 0 deletions
diff --git a/lib/blog/edit.php b/lib/blog/edit.php
new file mode 100644
index 0000000..854c94f
--- /dev/null
+++ b/lib/blog/edit.php
@@ -0,0 +1,61 @@
+<?php
+
+require("lib/markdown.php");
+
+assert_redir(count($args) == 3, 'blog');
+$postid = intval($args[2]);
+
+$post = mysql_fetch_assoc(sql(
+ "SELECT blog_posts.title AS title, blog_posts.text AS text, blog_posts.owner AS owner, blog_posts.draft AS draft, ".
+ "GROUP_CONCAT(blog_tags.tag SEPARATOR ' ') AS tags ".
+ "FROM blog_posts LEFT JOIN blog_tags ON blog_tags.post = blog_posts.id ".
+ "WHERE id = $postid"
+));
+assert_error($post && $post['owner'] == $user['id'],
+ "This post does not exist, or you are not allowed to edit it.");
+
+$post_title = $post['title'];
+$post_tags = $post['tags'];
+$post_text = $post['text'];
+if (isset($_POST['title']) && isset($_POST['tags']) && isset($_POST['text'])) {
+ $post_title = esca($_POST['title']);
+ $post_text = esca($_POST['text']);
+ $post_html = Markdown($post_text);
+ $post_tags = esca($_POST['tags']);
+ if ($post_title == "") {
+ $error = "You must give a title to your post.";
+ } else {
+ sql("UPDATE blog_posts SET title = '" . escs($post_title) . "', text = '" . escs($post_text) .
+ "', text_html = '" . escs($post_html) . "'" . ($post['draft'] ? ', date = NOW()' : '') .
+ " WHERE id = $postid");
+ sql("DELETE FROM blog_tags WHERE post = $postid");
+ $tags = explode(' ', $post_tags);
+ if (count($tags) == 1 && $tags[0] == "") {
+ //do nothing lol
+ } else if (count($tags) >= 1) {
+ $v = array();
+ foreach ($tags as $tag) {
+ $v[] = "($postid, '" . escs($tag) . "')";
+ }
+ sql("INSERT INTO blog_tags(post, tag) VALUES " . implode(',', $v));
+ }
+ if ($post['draft']) {
+ header("Location: drafts-blog");
+ } else {
+ header("Location: blog");
+ }
+ die();
+ }
+}
+
+$title = "Edit : " . $post['title'];
+$fields = array(
+ array("label" => "Title : ", "name" => "title", "value" => $post_title),
+ array("label" => "Tags : ", "name" => "tags", "type" => "text", "value" => $post_tags),
+ array("label" => "Text : ", "name" => "text", "type" => "textarea", "value" => $post_text),
+ );
+$validate = "Edit post";
+
+require("tpl/general/form.php");
+
+