-
Notifications
You must be signed in to change notification settings - Fork 0
/
posts-crud.php
95 lines (82 loc) · 3.17 KB
/
posts-crud.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
<?php $pageTitle = 'posts crud'?>
<?php
session_start();
if(!isset($_SESSION['sessionId'])){
header('location: login.php?status=not_logged_in');
exit;
}
if(empty($_SESSION['userPrivileges']) && $_SESSION['userPrivileges'] != 'admin'){
header('location: busted.php');
exit;
}
?>
<?php
require_once('components/top.php');
?>
<!-- TEMPLATE START -->
<div class="custom-container mb-5">
<h3 class="mt-5 text-center">Posts crud</h3>
<div class="table-responsive">
<table class="table table-hover table-dark mt-5">
<thead>
<tr>
<th scope="col">Id</th>
<th scope="col">Headline</th>
<th scope="col">Image</th>
<th scope="col">OP</th>
<th scope="col">Comments</th>
<th scope="col">Upvotes</th>
<th scope="col">Banned</th>
<th scope="col">Edit</th>
</tr>
</thead>
<tbody>
<?php
// TOKENS
session_start();
//if user is logged in, or on login/register page this will generate a session token for them
$newToken = uniqid();
$newTokenHashed = hash('sha256', $newToken);
$_SESSION['token'] = $newToken;
// get the data from db to display
require('controllers/database.php');
try{
$stmt = $db->prepare('SELECT posts.id_posts, posts.headline, posts.image_location, posts.image_name, posts.banned, users.username, COUNT(comments.id_posts) AS comments, COUNT(upvotes.id_posts) AS upvotes FROM posts
LEFT JOIN users ON posts.id_users = users.id_users
LEFT JOIN comments ON posts.id_posts = comments.id_posts
LEFT JOIN upvotes ON posts.id_posts = upvotes.id_posts
GROUP BY posts.id_posts');
$stmt->execute();
$aaResult = $stmt->fetchAll();
}catch( PDOException $ex ){
echo $ex;
exit;
}
// print_r($aaResult) ;
// DYNAMIC PART OF THE TEMPLATE
foreach($aaResult as $iIndex => $aResult){
// echo '<br>'.$aResult['headline'];
echo ' <tr>
<form class="posts-crud-form">
<input name="activityToken" type="text" value="'.$newTokenHashed.'" hidden>
<td><input type="text" class="posts-crud-input" name="txtPostIdCrud" value="'.htmlentities($aResult['id_posts']).'" disabled></td>
<td>'.htmlentities($aResult['headline']).'</td>
<td><a href="gag.php?p_id='.htmlentities($aResult['id_posts']).'"><div class="posts-crud-img" style="background-image: url('.htmlentities($aResult['image_location']).')"></div></a></td>
<td>'.htmlentities($aResult['username']).'</td>
<td><a href="comments-crud.php?p_id='.htmlentities($aResult['id_posts']).'">'.htmlentities($aResult['comments']).'</a></td>
<td>'.htmlentities($aResult['upvotes']).'</td>
<td><input type="text" class="posts-crud-input" name="txtBannedCrud" value="'.htmlentities($aResult['banned']).'" disabled></td>
<td><button class="btnSaveChangesAdmin admin-page-input edit" type="submit"><i class="editIcon fas fa-edit"></i><i class="saveIcon fas fa-save"></i></button></td>
</form>
</tr>';
}
// DYNAMIC PART END
?>
</tbody>
</table>
</div>
</div>
<!-- TEMPLATE END -->
<?php
require_once('components/bottom.php');
?>