Subversion Repositories taios

<?php

require '../_taios.php';

$page = new Taios_Page('Blog Posts', '../');

if (isset($_GET['id']))

{

    $id = $_GET['id'];

}

else if (isset($_POST['id']))

{

    $id = $_POST['id'];

}

else

{

    $page->drawError('No ID set.');

}

$page->checkLoggedIn();

$post = $page->getBlogPost($id);

if (!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID)

{

    $page->drawError('You do not have permission to access this page.');

}

$error = '';

if (isset($_POST['id']))

{

    $title = $_POST['title'];

    $content = $_POST['content'];

    $category = $_POST['category'];

    if (empty($title))

    {

        $error = "No Title Specified";

    }

    else if (empty($content))

    {

        $error = "No Content Specified";

    }

    else

    {

        $page->query('UPDATE BlogPosts SET Content = "' . $content . '", Title = "' . $title . '", Category = "' . $category . '" WHERE ID = ' . $id);

        $page->redirect('index.php');

    }

}

$page->drawHeader();

$page->drawBlogCategoriesMenu();

$page->drawMiddle();

if (!empty($error))

{

    $page->drawError($error, false);

}

?>

<form action="edit-post.php" method="post">

<table>

<tr>

<td class="bold">Title: </td>

<td><input type="text" name="title" value="<?php echo $post->title; ?>/></td>

</tr>

<tr>

<td class="bold">Content: </td>

<td><textarea name="content" style="width: 500px; height: 300px;"><?php echo $post->content; ?></textarea></td>

</tr>

<tr>

<td class="bold">Catagory: </td>

<td><input type="text" name="category" /><?php echo $post->category; ?></td>

</tr>

<?php

write('<input type="hidden" name="id" value="' . $id . '" />');

?>

<tr>

<td class="bold"></td>

<td><input type="submit" value="Post" /></td>

</tr>

</table>

</form>

<?php

$page->drawFooter();

?>