-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathblog_details.php
114 lines (96 loc) · 3.9 KB
/
blog_details.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
<?php
include('./php/connect_DB.php');
// retrieve blog information from URL
$blog_title = $_GET['blog_title'];
$blog_ID = $_GET['id'];
// Prepare the query with form data
$query = 'SELECT * FROM blogs WHERE blog_ID = '.$blog_ID.';';
// Execute the query
$result = mysqli_query($conn, $query);
// get the data about the blog
$row = mysqli_fetch_assoc($result);
// Check if a form was submitted
if (isset($_POST['delete'])) {
// Get the ID value from the URL
$id = $_GET['id'];
$sql = 'DELETE FROM blogs WHERE blog_ID = '.$id.';';
$exec = mysqli_query($conn, $sql);
// Redirect the user back to the blog listing page
header("Location: /website/blog/index.php?blog_deleted=true");
}
// else if (isset($_POST['update'])) {
// header("Location: /website/blog/new_blog.php?blog_id=$blog_ID");
// }
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.4.0/css/all.min.css"/>
<link rel="stylesheet" href="../Blog/css/bootstrap.min.css"/>
<link rel="stylesheet" type="text/css" href="../Blog/css/style.css?<?php rand(1,9) ?>"/>
<title><?php echo'Blog | '. str_replace('-', ' ', trim($blog_title)); ?></title>
</head>
<body>
<?php include("./php/header.php")?>
<br><br><br>
<div class="container mt-5">
<div class="d-flex justify-content-between px-1">
<div class="description my-3">
<div class="h3">Title : <?php echo $row['blog_Title'] ?></div>
<div class="h6">Writer : <?php echo $row['blog_Writer'] ?></div>
<small class=""><?php echo $row['blog_DOC'] ?></small>
</div>
<!-- hide the delete button from all users except blog owner and 'admin' users -->
<?php
// initialize the show delete/update button to false
$show_delete_button = false;
$show_update_button = false;
// retrieve the blog owner id
$user_id = $row['user_id'];
// get the login user id
if (isset($_COOKIE['login_user_id'])) {
$login_user_id = $_COOKIE['login_user_id'];
}else {
$login_user_id = NULL;
}
// check if the logged-in user is the blog owner or an admin
if ($login_user_id === $user_id) {
$show_delete_button = true;
$show_update_button = true;
}
$user_type = '';
if (isset($_COOKIE['login_user_id'])) {
$sql = "SELECT * FROM users WHERE user_id='$login_user_id' ";
$sql_result = mysqli_query($conn, $sql);
$user_row = mysqli_fetch_assoc($sql_result);
$user_type = $user_row['user_type'];
}
// check if the user is admin
if ($user_type === 'admin') {
$show_delete_button = true;
}
// display the delete button if the user is the blog owner or the user is an admin
if ($show_delete_button === true):
?>
<form method="POST">
<i class="fa fa-trash text-danger me-2 mt-4 fs-md-4" title="Delete" style="cursor: pointer;" onclick="document.querySelector('#delete').click();">
<input value="" type="submit" name="delete" style="background-color:#EEE; border:none" id="delete">
</i>
<?php endif;if ($show_update_button):?>
<a href="./update_blog.php?blog_id=<?php echo $blog_ID ?>"><i class="fa fa-pen me-2 mt-4 fs-md-4" title="Update" style="cursor: pointer;"></i></a>
<?php endif; ?>
</form>
</div>
<div class="ps-2">
<?php echo $row['blog_Body'] ?>
</div>
</div>
<?php include("./php/footer.php");?>
<script src="../Blog/js/jquery.min.js"></script>
<script src="../Blog/js/script.js"></script>
<script src="../Blog/js/bootstrap.min.js"></script>
</body>
</html>