The following files exists in this folder. Click to view.
blogpostdisplay.php102 lines UTF-8 Unix (LF) 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102
<?php
include("check_session.php");
require_once('databaseconnection.php');
$sql = "SELECT `headline`, `date`, `author`, `blogName`, `postId` FROM post WHERE blogId = :blogId";
$stm = $pdo->prepare($sql);
$stm->execute(['blogId' => $_GET["mess"]]);
$postInfo = $stm->fetchAll(PDO::FETCH_ASSOC);
if(isset($postInfo[0])){
$blogNameOutput = htmlspecialchars($postInfo[0]["blogName"]);
}
else{
$sql = "SELECT `name` FROM blog WHERE blogId = :blogId";
$stm = $pdo->prepare($sql);
$stm->execute(['blogId' => $_GET["mess"]]);
$blogInfo = $stm->fetchAll(PDO::FETCH_ASSOC);
$blogNameOutput = htmlspecialchars($blogInfo[0]["name"]);
}
$sql = "SELECT u.displayName FROM manage m JOIN users u ON m.userId = u.userId WHERE m.blogId = :blogId";
$stm = $pdo->prepare($sql);
$stm->execute(['blogId' => $_GET['mess']]);
$userNameInfo = $stm->fetchAll(PDO::FETCH_ASSOC);
$sql = "SELECT `userId` FROM manage WHERE blogId = :blogId";
$stm = $pdo->prepare($sql);
$stm->execute(['blogId' => $_GET["mess"]]);
$userIdInfo = $stm->fetchAll(PDO::FETCH_ASSOC);
$sql = "SELECT `userId` FROM manage WHERE blogId = :blogId AND `role` = :role";
$stm = $pdo->prepare($sql);
$stm->execute(['blogId' => $_GET["mess"], 'role' => "creator"
]);
$creatorIdInfo = $stm->fetchAll(PDO::FETCH_ASSOC);
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<title>Posts in <?php echo"$blogNameOutput";?></title>
<link rel="stylesheet" href="/spectre/spectre-master/dist/spectre.css">
<script src="https://kit.fontawesome.com/0b0c9a8dc7.js" crossorigin="anonymous"></script>
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Special+Gothic+Expanded+One&family=Special+Gothic:wght@400..700&display=swap" rel="stylesheet">
<style>
#navTop{
font-family: "Special Gothic Expanded One", Helvetica;
}
</style>
</head>
<body style="text-align: center;">
<header class="navbar">
<section class="navbar-section">
<a href="settings.php" class="btn btn-link">Settings</a>
<a href="home.php" class="btn btn-link">Home</a>
</section>
<section class="navbar-center">
<h3 id="navTop">PHiNTERNET</h3>
</section>
<section class="navbar-section">
<a href="newpost.php" class="btn btn-link">Create Post</a>
<a href="#" class="btn btn-link">Profile</a>
</section>
</header>
<?php
echo"<h1>$blogNameOutput</h1>";
echo"Members: ";
for($i=0; $i<=count($userIdInfo)-1; $i++){
$outputMember=htmlspecialchars($userNameInfo[$i]["displayName"]);
echo"<a href=\"profile.php?mess={$userIdInfo[$i]["userId"]}\">{$outputMember}</a>";
if($i != count($userIdInfo)-1){
echo" | ";
}
}
if($_SESSION["userId"]==$creatorIdInfo[0]["userId"]){
echo"<form method=\"post\" action=\"search.php?mess={$_GET["mess"]}\"><label for=\"addedId\">Add people to this blog using their ID</label><br><input type=\"number\" id=\"addedId\" name=\"addedId\"></form>";
}
else{
echo"<br>";
}
if(isset($postInfo[0])){
for ($i=count($postInfo)-1; $i>=0; $i--){
if (isset($postInfo[$i])){
$outputPostName=htmlspecialchars($postInfo[$i]["headline"]);
echo"<a style=\"margin:0.2rem;\" class=\"h3\" href=\"blogwatcher.php?mess={$postInfo[$i]["postId"]}\">{$outputPostName}</a><br>"; #skriv ut alla posts som länkar i storlek h3
echo"<p>uploaded: {$postInfo[$i]["date"]}</p>";
}
}
}
?>
</body>
</html>