| /index.php |
|---|
| 28,7 → 28,7 |
| $id = $ids[$i]; |
| $post = $page->getBlogPost($id); |
| write('<h4>' . $post->title. '</h4>'); |
| write('<h4><a href="blog/post.php?id=' . $post->ID . '">' . $post->title. '</a></h4>'); |
| write('<h5 style="color: #666666;">Posted On ' . date('l j F Y', $post->datePosted) . ' by ' . $post->user->name . ' (' . $post->user->username . ')</h5>'); |
| write('<p>' . $page->replaceBBCode($post->content) . '</p>'); |
| write('<br />'); |
| /admin/all-blog-posts.php |
|---|
| 51,7 → 51,7 |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| $page->drawFooter(); |
| /admin/all-accounts.php |
|---|
| 42,7 → 42,7 |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| $page->drawFooter(); |
| /admin/account.php |
|---|
| 21,7 → 21,7 |
| <form action="account-do.php" method="POST"> |
| <table> |
| <tr><td class="bold">ID: </td><td><?php echo $user->ID; ?></td></tr> |
| <tr><td class="bold">ID: </td><td><input type="hidden" name="id" value="<?php echo $user->ID; ?>" /><?php echo $user->ID; ?></td></tr> |
| <?php |
| if ($page->isUserAdmin($page->getLoggedInUser())) |
| { |
| 46,11 → 46,11 |
| { |
| if (!$user) |
| { |
| drawError('No such user, #' . $userID); |
| $page->drawError('No such user, #' . $userID); |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| } |
| /admin/account-do.php |
|---|
| 39,11 → 39,11 |
| { |
| if (!$user) |
| { |
| drawError('No such user, #' . $userID); |
| $page->drawError('No such user, #' . $userID); |
| } |
| else |
| { |
| drawError('You do not have permission to access this page.'); |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| } |
| /blog/post.php |
|---|
| 4,7 → 4,7 |
| $page = new Taios_Page('Blog Posts', '../'); |
| if (empty($_GET['id'])) |
| if (empty($_GET['id']) || $_GET['id'] == -1) |
| { |
| $page->redirect('index.php'); |
| } |
| /blog/add-post.php |
|---|
| 14,7 → 14,7 |
| require '../_taios.php'; |
| $page = new Taios_Page('Blog Posts', '../'); |
| $page = new Taios_Page('Add Post', '../'); |
| $page->checkLoggedIn(); |
| $error = ''; |
| 40,7 → 40,7 |
| } |
| else |
| { |
| if ($page->isUserNormal($page->getLoggedInUser()) && $parentID == -1) |
| if ($page->getLoggedInUser()->accessID >= 2 && $parentID == -1) |
| { |
| $page->drawError('You do not have permission to access this page.'); |
| } |
| /blog/edit-post.php |
|---|
| 2,7 → 2,7 |
| require '../_taios.php'; |
| $page = new Taios_Page('Blog Posts', '../'); |
| $page = new Taios_Page('Edit Post', '../'); |
| if (isset($_GET['id'])) |
| { |
| 80,7 → 80,7 |
| <tr> |
| <td class="bold"></td> |
| <td><input type="submit" value="Post" /></td> |
| <td><input type="submit" value="Edit" /></td> |
| </tr> |
| </table> |
| </form> |
| /_taios.php |
|---|
| 129,10 → 129,10 |
| if ($this->isUserNormal($this->getLoggedInUser())) |
| { |
| echo '<p class="bold"><a href="add-post.php?id=' . $id . '">Add Comment</a>'; |
| if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser() == $post->author->ID) |
| if ($this->isUserAdmin($this->getLoggedInUser()) || $this->getLoggedInUser()->ID == $post->author->ID) |
| { |
| echo ' · <a href="del-post.php?id=' . $id . '">Delete Post</a>'; |
| echo ' · <a href="edit-post.php?id=' . $id . '">Edit Post</a>'; |
| echo ' · <a href="del-post.php?id=' . $id . '">Delete Post</a>'; |
| } |
| write('</p><br />'); |
| } |