<?php
function getParentID
()
{
if (isset($_GET['id']))
{
return $_GET['id'];
}
else
{
return -1;
}
}
require '../_taios.php';
$page = new Taios_Page
('Add Post', '../');
$page->checkLoggedIn();
$error = '';
if (isset($_POST['post']))
{
$title = $_POST['title'];
$content = $_POST['content'];
$parentID = $_POST['parentID'];
$category = $_POST['category'];
if (empty($title))
{
$error = "No Title Specified";
}
else if (empty($content))
{
$error = "No Content Specified";
}
else if (empty($parentID))
{
$error = "No Parent ID Specified";
}
else
{
if (($page->getLoggedInUser()->accessID >= 2 && $parentID == -1) || $page->getLoggedInUser()->accessID > 2)
{
$page->drawError('You do not have permission to access this page.');
}
$page->query('INSERT INTO BlogPosts VALUES(0, ' . $parentID . ', "' . $page->getLoggedInUser()->ID . '", "' . $title . '", "' . $content . '", NOW(), "' . $category . '", 0)');
$page->redirect('post.php?id=' . $parentID);
}
}
$page->drawHeader();
$page->drawBlogCategoriesMenu();
$page->drawMiddle();
if (!empty($error))
{
$page->drawError($error, false);
}
?>
<form action="add-post.php?id=
<?php echo getParentID
(); ?>" method="post">
<table>
<tr>
<td class="bold">Title: </td>
<td><input type="text" name="title" /></td>
</tr>
<tr>
<td class="bold">Content: </td>
<td><textarea name="content" style="width: 500px; height: 300px;"></textarea></td>
</tr>
<tr>
<td class="bold">Catagory: </td>
<td><input type="text" name="category" /></td>
</tr>
<input type="hidden" name="post" value="yes" />
<?php
write
('<input type="hidden" name="parentID" value="' . getParentID
() . '" />');
?>
<tr>
<td class="bold"></td>
<td><input type="submit" value="Post" /></td>
</tr>
</table>
</form>
<?php
$page->drawFooter();
?>