2011-04-26, 22:02
#25
header('Content-type: text/html; charset=utf-8');
header('Content-type: text/html; charset=utf-8');
<?php
include("connect.php");
if(isset($_POST['sub'])){
$title = stripslashes(trim($_POST['title']));
$content = stripslashes(trim($_POST['content']));
$title2 = $title;
$content2 = $content;
$error = false;
$reason = '';
if(strlen($title) < 3){
$error = true;
$reason .= "Bad Title.\n";
}
if(strlen($content) < 3){
$error = true;
$reason .= "Bad Post Content.\n";
}
if(!$error){
$title = mysql_real_escape_string($title);
$content = mysql_real_escape_string($content);
$sql = "INSERT INTO `posts` (`ID`, `username`, `title`, `content`, `date`) VALUES
(NULL, ".$_SESSION['userid'].", '$title', '$content', ".time().")";
mysql_query($sql);
if(mysql_errno()){
$reason .= mysql_error();
}else{
header("location: blog.php");
}
}else{
}
}
echo '<?xml version="1.0" encoding="UTF-8"?>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset="UTF-8" />
<title>Blog title</title>
<link href="style.css" type="text/css" media="screen" rel="stylesheet" />
</head>
<body>
<div id="maincontent">
<div id="top">Blog title</div>
<div id="postform">
<form method="POST" action="?">
<table>
<tr><td>Title:</td></tr>
<tr><td>
<input type="text" name="title" id="postformtitle" value="<?php
if(isset($title2)){
echo htmlentities($title2);
}
?>" /></td></tr>
<tr><td>Content:</td></tr>
<tr><td>
<textarea name="content" id="postformcontent" cols="40" rows="4"><?php
if(isset($content2)){
echo htmlentities($content2);
}
?></textarea>
</td></tr>
<tr><td>
<input type="submit" value="Post" />
<input type="hidden" name="sub" value="1" />
</td></tr>
</table>
</form>
<div class="errors">
<?php
if(isset($reason)){
echo $reason;
}
?>
</div>
</div>
</div>
</body>
</html>
<?php
include("connect.php");
echo '<?xml version="1.0" encoding="UTF-8"?>';
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html; charset="UTF-8" />
<title>Blog title</title>
<link href="style.css" type="text/css" media="screen" rel="stylesheet" />
</head>
<body>
<div id="controls">
<?php
if((int)$_SESSION['isin']){
?>
<ul>
<li><a href="put.php">Post</a></li>
<li><a href="logout.php">Logout</a></li>
</ul>
<?php
}else{
echo '<a href="login.php">Login</a>.';
}
?>
</div>
<div id="maincontent">
<div id="top">Blog title</div>
<div id="posts">
<?php
$sql = "SELECT posts.id as 'id',
users.postname as 'postname',
posts.title as 'title',
posts.content as 'content',
posts.date as 'date'
FROM posts
INNER JOIN users
ON users.id = posts.username
ORDER BY date DESC";
$result = mysql_query($sql);
while($row=mysql_fetch_array($result)){
?>
<div id="post">
<div id="post_title">
<a href="post.php?post=<?php
echo $row['id'];
echo '">';
echo htmlentities($row['title']);
?>
</a>
</div>
<div id="post_content">
<?php
echo nl2br(htmlentities($row['content']));
?>
</div>
<div id="post_author">
Written by:
<?php
echo htmlentities($row['postname']). " on " .date('l jS \of F Y h:i:s A',(int)htmlentities($row['date']))
?>
</div>
<?php
}
?>
</div>
</div><!-- end of posts section -->
</div>
</body>
</html>
echo '<?xml version="1.0" encoding="UTF-8"?>';
echo '<' . '?xml version="1.0" encoding="utf-8"?' . '>' . "\n";
echo '<?xml version="1.0" encoding="UTF-8"?>';
echo '<' . '?xml version="1.0" encoding="utf-8"?' . '>' . "\n";
Flashback finansieras genom donationer från våra medlemmar och besökare. Det är med hjälp av dig vi kan fortsätta erbjuda en fri samhällsdebatt. Tack för ditt stöd!
Swish: 123 536 99 96 Bankgiro: 211-4106
Flashback finansieras genom donationer från våra medlemmar och besökare. Det är med hjälp av dig vi kan fortsätta erbjuda en fri samhällsdebatt. Tack för ditt stöd!
Swish: 123 536 99 96 Bankgiro: 211-4106