-
Notifications
You must be signed in to change notification settings - Fork 0
/
mdeditor.php
138 lines (119 loc) · 5.47 KB
/
mdeditor.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
<?php
session_start();
# 判断用户是否登录
if(!(isset($_SESSION['isLogin']) && $_SESSION['isLogin'] == 1)){
header("Location:login.php");
}
# 到这里用户肯定登录了,如果用户发表文章,则判断文章标题、文章内容是否为空
if(isset($_POST['submit']) && $_POST['submit'] != '' && isset($_POST['articletitle']) && $_POST['articletitle'] != '' && isset($_POST['articledetails']) && $_POST['articledetails'] != ''&& isset($_POST['articlecategoryid']) && $_POST['articlecategoryid'] != ''){
# 验证数据库是否连接成功
if(!(isset($mysqli) && $mysqli -> connect_errno)){
require './includes/connect.php';
}
# 处理数据 防注入攻击
$userid = $_SESSION['userid'];
$articletitle = $_POST['articletitle'];
$articledetails = $_POST['articledetails'];
$articletitle = htmlspecialchars(addslashes($articletitle),ENT_QUOTES,'UTF-8');
$articledetails = htmlspecialchars(addslashes($articledetails),ENT_QUOTES,'UTF-8');
$articlecategoryid = $_POST['articlecategoryid'];
$articleexcerpt = $_POST['articleexcerpt'];
$sql_statement = "INSERT INTO articles (article_user_id, article_title, article_details, article_category_id, article_post_datetime, article_modify_datetime,article_excerpt
) VALUES ('$userid','$articletitle','$articledetails', '$articlecategoryid', now(), now(),'$articleexcerpt')";
$result = $mysqli -> prepare($sql_statement);
$result -> execute();
if($mysqli -> affected_rows == 1){
$result ->close();
header("refresh:3;url=./index.php");
echo '发表成功<br>三秒后自动跳转~~~';
die();
}else{
$result ->close();
header("refresh:3;url=./index.php");
echo '发表失败<br>三秒后自动跳转~~~';
die();
}
}
if(isset($_POST['submit']) && $_POST['submit'] != '' && (!isset($_POST['articletitle']) || $_POST['articletitle'] == '')){
echo '<font color="red">文章标题是必填项</font><br>';
}
if(isset($_POST['submit']) && $_POST['submit'] != '' && (!isset($_POST['articledetails']) || $_POST['articledetails'] == '')){
echo '<font color="red">文章内容是必填项</font><br>';
}
if(isset($_POST['submit']) && $_POST['submit'] != '' && (!isset($_POST['articlecategoryid']) || $_POST['articlecategoryid'] == '')){
echo '<font color="red">文章类别是必填项</font><br>';
}
if(isset($_POST['submit']) && $_POST['submit'] != '' && (!isset($_POST['articleexcerpt']) || $_POST['articleexcerpt'] == '')){
echo '<font color="red">文章摘要是必填项</font><br>';
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8" />
<title>写文章 - <?php echo $_SESSION['username'];?> </title>
<link rel="stylesheet" href="./editormd/examples/css/style.css" />
<link rel="stylesheet" href="./editormd/css/editormd.css" />
<link rel="shortcut icon" href="./images/favicon.ico">
</head>
<body>
<form action="mdeditor.php" method="post">
<br>
<br>
<h2>文章名称:</h2><input type="text" name="articletitle" style="width:200px; height:40px;">
<br>
<br>
<select name="articlecategoryid">
<option value="">请选择文章的类别</option>
<?php
# 从数据中选择可选文章类别
if(!(isset($mysqli) && $mysqli -> connect_errno)){
require './includes/connect.php';
}
$query = "SELECT category_id, category_name FROM categories";
$result = $mysqli -> prepare($query);
$result -> execute();
$result -> bind_result($categoryid, $categoryname);
while($result -> fetch()){
echo '<option value="'.$categoryid.'">'.$categoryname.'</option>';
}
?>
</select>
<br>
<br>
<h2>文章摘要:</h2>
<br>
<textarea name="articleexcerpt" style="width:1135px; height:130px;"></textarea>
<br>
<input type="submit" name="submit" value="发表" style="width:90px; height:30px;">
<div id="layout">
<div id="editormd">
<textarea style="display:none;" name="articledetails">
</textarea>
</div>
</div>
</form>
<script src="./editormd/examples/js/jquery.min.js"></script>
<script src="./editormd/editormd.min.js"></script>
<script type="text/javascript">
var Editor;
$(function() {
Editor = editormd("editormd", {
width : "90%",
height : 640,
syncScrolling : "single",
path : "./editormd/lib/"
});
/*
// or
testEditor = editormd({
id : "test-editormd",
width : "90%",
height : 640,
path : "../lib/"
});
*/
});
</script>
</body>
</html>