blob: 82d22491d2f11edd81101ed28046fe21db9eedde (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
<?php
//include config
require_once('../includes/config.php');
//Si pas connecté OU si le membre n'est pas admin, pas de connexion à l'espace d'admin --> retour sur la page login
if(!$user->is_logged_in()) {
header('Location: login.php');
}
if(isset($_SESSION['userid'])) {
if($_SESSION['userid'] != 1) {
header('Location: '.SITEURL);
}
}
// titre de la page
$pagetitle= 'Admin : Edition des catégories';
require('../includes/header.php');
?>
<body>
<div id="container">
<?php
require('../includes/header-logo.php');
require('../includes/nav.php');
?>
<div id="body">
<div id="content">
<?php include('menu.php');?>
<p><a href="categories.php">Catégories Index</a></p>
<h2>Edition de la catégorie</h2>
<?php
//if form has been submitted process it
if(isset($_POST['submit'])){
$_POST = array_map( 'stripslashes', $_POST );
//collect form data
extract($_POST);
//very basic validation
if($catID ==''){
$error[] = 'Ce post possède un ID invalide !.';
}
if($catTitle ==''){
$error[] = 'Veuillez entrer un titre.';
}
if(!isset($error)){
try {
$catSlug = slug($catTitle);
//insert into database
$stmt = $db->prepare('UPDATE blog_cats SET catTitle = :catTitle, catSlug = :catSlug WHERE catID = :catID') ;
$stmt->execute(array(
':catTitle' => $catTitle,
':catSlug' => $catSlug,
':catID' => $catID
));
//redirect to index page
header('Location: categories.php?action=updated');
exit;
} catch(PDOException $e) {
echo $e->getMessage();
}
}
}
?>
<?php
//check for any errors
if(isset($error)){
foreach($error as $error){
echo $error.'<br />';
}
}
try {
$stmt = $db->prepare('SELECT catID, catTitle FROM blog_cats WHERE catID = :catID') ;
$stmt->execute(array(':catID' => $_GET['id']));
$row = $stmt->fetch();
} catch(PDOException $e) {
echo $e->getMessage();
}
?>
<form action='' method='post'>
<input type='hidden' name='catID' value='<?php echo $row['catID'];?>'>
<p><label>Titre</label><br />
<input type='text' name='catTitle' value='<?php echo $row['catTitle'];?>'></p>
<p><input type='submit' class="searchsubmit formbutton" name='submit' value='Mettre à jour'></p>
</form>
</div>
<?php require('../sidebar.php'); ?>
<div class="clear"></div>
</div>
</div>
<div id="footer">
<?php require('../includes/footer.php'); ?>
</div>
</body>
</html>
|
