-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathblogupdate.php
More file actions
57 lines (43 loc) · 1.42 KB
/
blogupdate.php
File metadata and controls
57 lines (43 loc) · 1.42 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
<?php
if($_SERVER['HTTP_HOST'] == "localhost"){
$private = "C:/wamp2/www/private/";
}else{
$private = "/home/jstockwin/private/";
}
include_once $private.'psl-config.php';
include_once $private.'db_connect.php';
include_once $private.'functions.php';
sec_session_start();
if (login_check($mysqli) == "admin" || login_check($mysqli) == "blog"){
function rrmdir($dir) {
foreach(glob($dir . '/*') as $file) {
if(is_dir($file)) rrmdir($file); else unlink($file);
} rmdir($dir);
}
if (!empty($_POST['title']) && !empty($_POST['body']) && !empty($_GET['blog']) && !empty($_GET['new'])){
if($_GET['new'] = "true"){
mkdir($_GET['blog']);
}
$dir = $_GET['blog'];
$title = fopen($dir.'/title.txt', "w") or die("Unable to open file!");
fwrite($title, $_POST['title']);
fclose($title);
$body = fopen($dir.'/body.txt', "w") or die("Unable to open file!");
fwrite($body, $_POST['body']);
fclose($body);
header('Location: /generateBlogPosts.php');
}else if(!empty($_GET['delete'])){
if (login_check($mysqli) == "admin"){
rrmdir($_GET['delete']);
header('Location: /generateBlogPosts.php');
}else{
echo 'You are not authorised to do this. Please log in to an admin account.';
}
}else{
echo 'Invalid request';
}
} else {
echo '<p>';
echo ' <span class="error">You are not authorised to access this page.</span> Please <a href="login.php">login</a>.';
echo '</p>';
} ?>