| /admin/all-blog-posts.php |
|---|
| 40,7 → 40,7 |
| } |
| write('<td><a href="account.php?id=' . $post->author->ID . '">' . $post->author->name . '</a></td>'); |
| write('<td>' . $post->title . '</td>'); |
| write('<td>' . $post->content . '</td>'); |
| write('<td>' . str_replace("\n", '<br />', $post->content) . '</td>'); |
| write('<td>' . date('j/m/Y H:i', $post->datePosted) . '</td>'); |
| write('<td>' . $post->category . '</td>'); |
| write('<td>' . $post->spam . '</td>'); |
| 51,7 → 51,7 |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| $page->drawFooter(); |
| /admin/all-accounts.php |
|---|
| 42,7 → 42,7 |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| $page->drawFooter(); |
| /admin/account.php |
|---|
| 21,7 → 21,7 |
| <form action="account-do.php" method="POST"> |
| <table> |
| <tr><td class="bold">ID: </td><td><?php echo $user->ID; ?></td></tr> |
| <tr><td class="bold">ID: </td><td><input type="hidden" name="id" value="<?php echo $user->ID; ?>" /><?php echo $user->ID; ?></td></tr> |
| <?php |
| if ($page->isUserAdmin($page->getLoggedInUser())) |
| { |
| 46,11 → 46,11 |
| { |
| if (!$user) |
| { |
| drawError('No such user, #' . $userID); |
| $page->drawError('No such user, #' . $userID); |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| } |
| /admin/account-do.php |
|---|
| 39,11 → 39,11 |
| { |
| if (!$user) |
| { |
| drawError('No such user, #' . $userID); |
| $page->drawError('No such user, #' . $userID); |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| } |
| /index.php |
|---|
| 28,7 → 28,7 |
| $id = $ids[$i]; |
| $post = $page->getBlogPost($id); |
| write('<h4>' . $post->title. '</h4>'); |
| write('<h4><a href="blog/post.php?id=' . $post->ID . '">' . $post->title. '</a></h4>'); |
| write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>'); |
| write('<p>' . $page->replaceBBCode($post->content) . '</p>'); |
| write('<br />'); |
| /blog/post.php |
|---|
| 4,7 → 4,7 |
| $page = new Taios_Page('Blog Posts', '../'); |
| if (empty($_GET['id'])) |
| if (empty($_GET['id']) || $_GET['id'] == -1) |
| { |
| $page->redirect('index.php'); |
| } |
| /blog/add-post.php |
|---|
| 40,7 → 40,7 |
| } |
| else |
| { |
| if ($page->getLoggedInUser() >= 2 && $parentID == -1) |
| if ($page->getLoggedInUser()->accessID >= 2 && $parentID == -1) |
| { |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| /_taios.php |
|---|
| 129,7 → 129,7 |
| if ($this->isUserNormal($this->getLoggedInUser())) |
| { |
| echo '<p class="bold"><a href="add-post.php?id=' . $id . '">Add Comment</a>'; |
| if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser() == $post->author->ID) |
| if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser()->ID == $post->author->ID) |
| { |
| echo ' · <a href="edit-post.php?id=' . $id . '">Edit Post</a>'; |
| echo ' · <a href="del-post.php?id=' . $id . '">Delete Post</a>'; |