-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathblog_editPost.php
70 lines (50 loc) · 1.84 KB
/
blog_editPost.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
<?PHP
require_once("blog_db.php");
$db = new DB();
session_start();
$blogID = $_SESSION['blogID'];
$oldPostID = $_SESSION['postID'];
$userID = $_SESSION['userID'];
$postTitle = $_REQUEST['editPostTitle'];
$postText = $_REQUEST['editPostText'];
if($postTitle!= "' '" && $postText != "' '") {
$postTitle = $db->getCon()->real_escape_string($postTitle);
$postText = $db->getCon()->real_escape_string($postText);
//echo("text".$postTitle."mertext");
}
$deletePost = false;
if($postTitle == "' '" && $postText == "' '") {
$postTitle = " ";
$postText = " ";
$deletePost = true;
}
$SQL = "SELECT postID FROM post ORDER BY postID DESC";
//echo($SQL."\n");
$matrix = $db->getData($SQL);
$postID = $matrix[0][0]+1;
$source = "blog/blog_$blogID/post_$postID/post.php";
$SQL = "INSERT INTO post(postTitle, source, userID, blogID) VALUES('$postTitle', '$source', $userID, $blogID)";
//echo($SQL."\n");
$db->execute($SQL);
//echo($oldPostID." ".$postID);
$SQL = "INSERT INTO postversion(oldID, newID) VALUES($oldPostID, $postID)";
$db->execute($SQL);
//echo $SQL."\n";
$old = umask(0);
$source = str_replace("post.php", "", $source);
mkdir($source);
$SQL = "SELECT commentID FROM comment WHERE postID = $oldPostID";
$matrix = $db->getData($SQL);
for($i = 0; $i<count($matrix); $i++) {
$commentID = $matrix[$i][0];
$commentSource = $source."comment_'$commentID'.txt";
$SQL = "UPDATE comment SET postID = '$postID' WHERE commentID=$commentID";
$db->execute($SQL);
}
$postFile = fopen($source."/post.php", "w");
fwrite($postFile, $postText);
umask($old);
if(!$deletePost) {
header("location: blog_blog.php?blogID=$blogID");
}
?>