4,16 → 4,11 |
|
$page = new Taios_Page('Nowify', '../'); |
|
if (isset($_GET['id'])) |
{ |
if (isset($_GET['id'])) { |
$id = $_GET['id']; |
} |
else if (isset($_POST['id'])) |
{ |
} else if (isset($_POST['id'])) { |
$id = $_POST['id']; |
} |
else |
{ |
} else { |
$page->drawError('No ID set.'); |
} |
|
20,8 → 15,7 |
$page->checkLoggedIn(); |
|
$post = $page->getBlogPost($id); |
if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) || !$page->isUserNormal($page->getLoggedInUser())) |
{ |
if ((!$page->isUserAdmin($page->getLoggedInUser()) && $page->getLoggedInUser()->ID != $post->author->ID) || !$page->isUserNormal($page->getLoggedInUser())) { |
$page->drawError('You do not have permission to access this page.'); |
} |
|
31,7 → 25,7 |
{ |
$title = $_POST['title']; |
|
$page->query('UPDATE BlogPosts SET DatePosted = NOW() WHERE ID = "' . $id . '"'); |
$page->query("UPDATE BlogPosts SET DatePosted = NOW() WHERE ID = ?", array($id)); |
$page->redirect('/blog/post.php?id=' . $id); |
} |
|
39,8 → 33,7 |
$page->drawBlogCategoriesMenu(); |
$page->drawMiddle(); |
|
if (!empty($error)) |
{ |
if (!empty($error)) { |
$page->drawError($error, false); |
} |
|
65,4 → 58,3 |
$page->drawFooter(); |
|
?> |
|