Skip to content

Commit 4bf8914

Browse files
UnderemployedUnderemployed
committed
Responsive-blog-web/app-admin-panel-completed
1 parent cde3678 commit 4bf8914

36 files changed

+1191
-991
lines changed

admin/add-category-logic.php

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
<?php
2+
3+
require 'config/database.php';
4+
5+
if(isset($_POST['submit'])){
6+
//get form data
7+
$title =filter_var($_POST['title'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
8+
$description=filter_var($_POST['description'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
9+
10+
if(!$title){
11+
$_SESSION['add-category'] = "Enter title";
12+
13+
}elseif(!$description){
14+
$_SESSION['add-category']="Enter description";
15+
16+
}
17+
// redirect back to add category page if there was invalid input
18+
if(isset($_SESSION['add-category'])){
19+
$_SESSION['add-category-data'] = $_POST;
20+
header('location: ' . ROOT_URL . 'admin/add-category.php');
21+
die();
22+
}else{
23+
// insert category into database
24+
$query = "INSERT INTO categories (title , description) VALUES ('$title','$description')";
25+
$result = mysqli_query($connection, $query);
26+
if(mysqli_errno($connection)){
27+
$_SESSION['add-category'] = "Couldn't add category";
28+
header('location: ' . ROOT_URL . 'admin/add-category.php');
29+
die();
30+
}else{
31+
$_SESSION['add-category-success'] = "Category $title category added successfully";
32+
header('location: ' . ROOT_URL . 'admin/manage-categories.php');
33+
34+
}
35+
}
36+
}

admin/add-category.php

Lines changed: 13 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,19 +1,27 @@
11
<?php
22
include "partials/header.php";
3+
$title = $_SESSION["add-category-data"]['title'] ?? null;
4+
$description = $_SESSION["add-category-data"]['description'] ?? null;
5+
6+
unset($_SESSION['add-category-data'])
37
?>
48

59
<section class="form__section">
610

711
<div class="container form__section-container">
812
<h2>Add Category</h2>
13+
<?php if(isset($_SESSION['add-category'])): ?>
914
<div class="alert__message error">
10-
<p>This is an error message</p>
15+
<p><?=$_SESSION['add-category'];
16+
unset($_SESSION['add-category']);
17+
?></p>
1118
</div>
12-
<form action="">
13-
<input type="text" placeholder="Title">
14-
<textarea rows="4" placeholder="Description"></textarea>
19+
<?php endif?>
20+
<form action="<?= ROOT_URL ?>admin/add-category-logic.php" method="POST">
21+
<input type="text" name="title" value = "<?=$title?>"placeholder="Title">
22+
<textarea rows="4" name="description" value = "<?=$description?>"placeholder="Description"></textarea>
1523

16-
<button type="submit" class="btn">Add Category</button>
24+
<button type="submit" name="submit" class="btn">Add Category</button>
1725
</form>
1826
</div>
1927

admin/add-post-logic.php

Lines changed: 84 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,84 @@
1+
<?php
2+
require "config/database.php";
3+
4+
if(isset($_POST['submit'])){
5+
$author_id=$_SESSION['user-id'];
6+
$title =filter_var($_POST['title'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
7+
$body =filter_var($_POST['body'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
8+
$category_id =filter_var($_POST['category_id'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
9+
$is_featured =filter_var($_POST['is_featured'],FILTER_SANITIZE_FULL_SPECIAL_CHARS);
10+
$thumbnail =$_FILES['thumbnail'];
11+
12+
//set featured set to zero if unchecked
13+
$is_featured=$is_featured==1 ?:0;
14+
15+
//validate form data
16+
if(!$title){
17+
$_SESSION['add-post']="Enter post Title";
18+
}elseif(!$category_id){
19+
$_SESSION['add-post']="Select post category";
20+
21+
}elseif(!$body){
22+
$_SESSION['add-post']="Enter post body";
23+
24+
}elseif(!$thumbnail['name']){
25+
$_SESSION['add-post']="Choose post thumbnail";
26+
27+
}else{
28+
//work on thumbnail
29+
//rename the image
30+
$time=time();// make each name unique
31+
$thumbnail_name=$time . $thumbnail['name'];
32+
$thumbnail_tmp_name=$thumbnail['tmp_name'];
33+
$thumbnail_destination_path="../images/" . $thumbnail_name;
34+
35+
//make sure file is an image
36+
$allowed_files=['jpg','png','jpeg'];
37+
$extension=explode('.',$thumbnail_name);
38+
$extension=end($extension);
39+
if(in_array($extension,$allowed_files)){
40+
//make sure image is not too large.(2mb+)
41+
if($thumbnail['size']<2000000){
42+
//upload thumbnail
43+
move_uploaded_file($thumbnail_tmp_name,$thumbnail_destination_path);
44+
45+
}else{
46+
$_SESSION['add-post']="File size too big. Should be less than 2mb";
47+
48+
}
49+
}else{
50+
$_SESSION['add-post']="File should be png, jpg or jpeg";
51+
52+
}
53+
}
54+
55+
// redirect with form data
56+
if(isset($_SESSION['add-post'])){
57+
$_SESSION['add-post-data']=$_POST;
58+
header('location: ' . ROOT_URL . 'admin/add-post.php');
59+
die();
60+
}else{
61+
//set is_featured of all post is set to 0 if is_featured for this post is set to 1
62+
if($is_featured==1){
63+
$zero_all_is_featured_query="UPDATE posts SET is_featured=0";
64+
$zero_all_is_featured_result=mysqli_query($connection,$zero_all_is_featured_query);
65+
}
66+
//insert post into database
67+
$query="INSERT INTO posts (title, body, thumbnail, category_id, author_id, is_featured) VALUES ('$title', '$body', '$thumbnail_name', $category_id , $author_id, $is_featured)";
68+
$result=mysqli_query($connection,$query);
69+
if(mysqli_errno($connection)){
70+
$_SESSION['add-post']="Failed to add post";
71+
header("location: " . ROOT_URL . 'admin/index.php');
72+
die();
73+
}else{
74+
$_SESSION['add-post-success']="New post added successfully";
75+
header("location: " . ROOT_URL . 'admin/index.php');
76+
die();
77+
78+
}
79+
}
80+
}
81+
82+
header("location: " . ROOT_URL . 'admin/index.php');
83+
die();
84+
?>

admin/add-post.php

Lines changed: 32 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -1,41 +1,56 @@
11
<?php
22
include "partials/header.php";
3+
4+
// fetch categories from database
5+
$query = "SELECT * FROM categories";
6+
$categories=mysqli_query($connection,$query);
7+
8+
// get back form data if form was invalid
9+
10+
$title= $_SESSION['add-post-data']['title'] ?? null;
11+
$body= $_SESSION['add-post-data']['body'] ?? null;
12+
unset($_SESSION['add-post-data']);
313
?>
414

515

616

717
<section class="form__section">
818
<div class="container form__section-container">
919
<h2>Add Post</h2>
20+
<?php if(isset($_SESSION['add-post'])) : ?>
1021
<div class="alert__message error">
11-
<p>This is an error message</p>
22+
<p>
23+
<?=
24+
$_SESSION['add-post'];
25+
unset($_SESSION['add-post']);
26+
?>
27+
</p>
1228
</div>
13-
<form action="" enctype="multipart/form-data">
14-
<input type="text" placeholder="Title">
15-
<select >
16-
<option value="1">Wild Life</option>
17-
<option value="1">Music</option>
18-
<option value="1">Website</option>
19-
<option value="1">Movies</option>
20-
<option value="1">Travel</option>
21-
<option value="1">Science & Technology</option>
22-
<option value="1">Food</option>
29+
<?php endif ?>
30+
<form action="<?= ROOT_URL ?>admin/add-post-logic.php" enctype="multipart/form-data" method="POST">
31+
<input type="text" name="title" value ="<?= $title ?>" placeholder="Title">
32+
<select name="category_id">
33+
<?php while($category = mysqli_fetch_assoc($categories)) : ?>
34+
<option value="<?= $category['id'] ?>"><?= $category['title'] ?></option>
35+
<?php endwhile?>
2336
</select>
37+
<?php if(isset($_SESSION["user_is_admin"])) : ?>
2438
<div class="form__control inline">
25-
<input type="checkbox" id="is_featured" checked>
39+
<input type="checkbox" name="is_featured" value='1' id="is_featured" checked>
2640
<label for="is_featured" >Featured</label>
2741
</div>
28-
<textarea rows="8" placeholder="Body"></textarea>
42+
<?php endif ?>
43+
<textarea rows="8" name="body" placeholder="Body"><?=$body?></textarea>
2944

3045
<div class="form__control">
3146
<label for="thumbnail">Add Thumbnail</label>
32-
<input type="file" id="thumbnail">
47+
<input type="file" name="thumbnail" id="thumbnail">
3348
</div>
34-
<button type="submit" class="btn">Add Post</button>
49+
<button type="submit" name="submit" class="btn">Add Post</button>
3550
</form>
3651
</div>
3752
</section>
3853

3954
<?php
40-
include './partials/footer.php';
41-
?>
55+
include '../partials/footer.php';
56+
?>

admin/add-user-logic.php

Lines changed: 98 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,98 @@
1+
<?php
2+
require "config/database.php";
3+
session_start();
4+
5+
//get add-user form data if sbmit button is clicked
6+
7+
if(isset($_POST["submit"])){
8+
$firstname = filter_var($_POST['firstname'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
9+
$lastname = filter_var($_POST['lastname'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
10+
$username = filter_var($_POST['username'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
11+
$email = filter_var($_POST['email'], FILTER_VALIDATE_EMAIL);
12+
$createpassword = filter_var($_POST['createpassword'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
13+
$confirmpassword = filter_var($_POST['confirmpassword'], FILTER_SANITIZE_FULL_SPECIAL_CHARS);
14+
$is_admin = filter_var($_POST['userrole'], FILTER_SANITIZE_NUMBER_INT);
15+
$avatar = $_FILES['avatar'];
16+
if(!$firstname){
17+
$_SESSION['add-user'] = 'Please enter your First Name';
18+
}elseif(!$lastname){
19+
$_SESSION['add-user'] = 'Please enter your Last Name';
20+
}elseif(!$username){
21+
$_SESSION['add-user'] = 'Please enter your Username';
22+
}elseif(!$email){
23+
$_SESSION['add-user'] = 'Please enter your Email';
24+
}elseif(!($is_admin == 1 || $is_admin == 0 )){
25+
$_SESSION['add-user'] = 'Please select user role';
26+
}elseif(strlen($createpassword)<8 || strlen($confirmpassword)<8){
27+
$_SESSION['add-user'] = 'Password should be 8+ characters';
28+
}elseif(!$avatar['name']){
29+
$_SESSION['add-user'] = 'Please add Avatar ';
30+
}else{
31+
if($createpassword !== $confirmpassword){
32+
$_SESSION['add-user']="Passwords donot match";
33+
34+
}else{
35+
36+
37+
$hashed_password = password_hash($createpassword,PASSWORD_DEFAULT);
38+
39+
40+
41+
$user_check_query="SELECT * FROM users WHERE username='$username' OR email ='$email'";
42+
$user_check_result = mysqli_query($connection, $user_check_query);
43+
if(mysqli_num_rows($user_check_result)>0){
44+
$_SESSION['add-user'] = "Username or Email already exists";
45+
}else{
46+
//WORK ON AVATAR
47+
//rename avatar
48+
$time = time(); // make each image name unique using current timestamp
49+
$avatar_name = $time . $avatar['name'];
50+
$avatar_tmp_name=$avatar['tmp_name'];
51+
$avatar_destination_path='../images/' . $avatar_name;
52+
53+
//,ake sure file is an image
54+
$allowed_files = ['png', 'jpg', 'jpeg'];
55+
$extension = explode('.', $avatar_name);
56+
$extension = end($extension);
57+
58+
if(in_array($extension,$allowed_files)){
59+
60+
//if image not too large
61+
if($avatar['size']<1000000){
62+
63+
//upload avatar
64+
move_uploaded_file($avatar_tmp_name, $avatar_destination_path);
65+
}else{
66+
$_SESSION['add-user']="Folder size too big.Should be less than 1mb";
67+
}
68+
}else{
69+
$_SESSION['add-user']="File should be png, jpg or jpeg";
70+
}
71+
}
72+
73+
74+
75+
}
76+
}
77+
// redirect back t add-user on error
78+
if(isset($_SESSION['add-user'])){
79+
// pass data back to sign up page
80+
$_SESSION['add-user-data'] = $_POST;
81+
header('location: ' . ROOT_URL . 'admin/add-user.php');
82+
die();
83+
84+
}else{
85+
//insert new user into users table
86+
$inset_user_query = "INSERT INTO users SET firstname ='$firstname' ,lastname='$lastname',username='$username',email ='$email' ,password='$hashed_password',avatar='$avatar_name',is_admin='$is_admin'";
87+
$inset_user_result = mysqli_query($connection, $inset_user_query);
88+
if(!mysqli_errno($connection)){
89+
$_SESSION['add-user-success'] = "Registration Successful";
90+
header('location: ' . ROOT_URL . 'admin/manage-users.php');
91+
die();
92+
}
93+
}
94+
}else{
95+
//button not clicked
96+
header('location: ' . ROOT_URL . "admin/add-user.php");
97+
die();
98+
}

0 commit comments

Comments
 (0)