chiro-canto/public/articles/admin.php

90 lines
2.4 KiB
PHP
Raw Normal View History

2021-04-02 10:13:23 +02:00
<?php
$root = realpath($_SERVER["DOCUMENT_ROOT"]);
session_start();
require("config.php");
require("Article.php");
$action = isset($_GET['action']) ? $_GET['action'] : "";
$username = isset($_SESSION['username']) ? $_SESSION['username'] : "";
if ($username == "") {
$_SESSION['error_msg'] = "You need to be logged in as administrator to perform these tasks.";
header("Location: $root/auth/login");
}
switch ($action) {
case 'new':
newArticle();
break;
case 'edit':
edit();
break;
case 'delete':
delete();
break;
default:
listArticles();
}
function newArticle() {
if (isset($_POST['save'])) {
$article = new Article;
$article->storeFormValues($_POST);
$article->insert();
header("Location: admin.php?status=saved");
} elseif (isset($_POST['cancel'])) {
header("Location: admin.php");
} else {
$results['article'] = new Article;
require("edit.php");
}
}
function edit() {
$results = array();
$results['pageTitle'] = "Edit Article";
$result['form'] = "edit";
if (isset($_POST['save'])) {
if (!$article = Article::getById((int)$_POST['id'])) {
header( "Location: admin.php?error=notFound" );
return;
}
$article->storeFormValues($_POST);
$article->update();
header("Location: admin.php?status=saved");
} elseif (isset($_POST['cancel'])) {
header("Location: admin.php");
} else {
$results['article'] = Article::getById((int)$_GET['article']);
require("edit.php");
}
}
function delete() {
if (!$article = Article::getById((int) $_GET['article'])) {
header("Location: admin.php?error=notFound");
return;
}
$article->delete();
header("Location: admin.php?status=deleted");
}
function listArticles() {
$results = array();
$data = Article::getList();
$results['articles'] = $data['results'];
$results['totalRows'] = $data['totalRows'];
$results['pageTitle'] = "All Articles";
if (isset($_GET['error'])) {
if ($_GET['error'] == "notFound") {
$results['error'] = "Error: Article not found.";
}
}
if ( isset( $_GET['status'] ) ) {
if ( $_GET['status'] == "saved" ) $results['status'] = "Your changes have been saved.";
if ( $_GET['status'] == "deleted" ) $results['status'] = "Article deleted.";
}
require("list.php");
}
?>