⚝
One Hat Cyber Team
⚝
Your IP:
216.73.216.124
Server IP:
50.28.103.30
Server:
Linux host.jcukjv-lwsites.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64
Server Software:
nginx/1.28.0
PHP Version:
8.3.12
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
www
/
wwwroot
/
china-democracyparty.com
/
2
/
admin
/
View File Name :
posts.php
<?php require_once __DIR__ . '/../includes/auth.php'; require_once __DIR__ . '/../config/sql.php'; require_once __DIR__ . '/../includes/functions.php'; check_csrf(); // Handle create/update if($_SERVER['REQUEST_METHOD']==='POST'){ $id = intval($_POST['id'] ?? 0); $title = trim($_POST['title'] ?? ''); $slug = trim($_POST['slug'] ?? ''); $excerpt = trim($_POST['excerpt'] ?? ''); $content = $_POST['content'] ?? ''; $published = isset($_POST['is_published']) ? 1 : 0; if($id>0){ $stmt = $conn->prepare("UPDATE posts SET title=?, slug=?, excerpt=?, content=?, is_published=? WHERE id=?"); $stmt->bind_param("ssssii", $title, $slug, $excerpt, $content, $published, $id); $stmt->execute(); $stmt->close(); } else { $stmt = $conn->prepare("INSERT INTO posts(title, slug, excerpt, content, is_published) VALUES(?,?,?,?,?)"); $stmt->bind_param("ssssi", $title, $slug, $excerpt, $content, $published); $stmt->execute(); $stmt->close(); } header("Location: /admin/posts.php"); exit; } // Handle delete if(isset($_GET['delete'])){ $id = intval($_GET['delete']); $conn->query("DELETE FROM posts WHERE id={$id}"); header("Location: /admin/posts.php"); exit; } // Load list / edit $edit = null; if(isset($_GET['id'])){ $id = intval($_GET['id']); $res = $conn->query("SELECT * FROM posts WHERE id={$id} LIMIT 1"); $edit = $res->fetch_assoc(); } $posts = $conn->query("SELECT id,title,slug,is_published,created_at FROM posts ORDER BY created_at DESC"); $page_title = '管理文章'; include __DIR__ . '/../includes/header.php'; ?> <div class="row g-4"> <div class="col-lg-7"> <h1 class="h4">文章列表</h1> <table class="table table-sm align-middle"> <thead><tr><th>ID</th><th>标题</th><th>Slug</th><th>发布</th><th>操作</th></tr></thead> <tbody> <?php while($row = $posts->fetch_assoc()): ?> <tr> <td><?php echo (int)$row['id']; ?></td> <td><?php echo h($row['title']); ?></td> <td><?php echo h($row['slug']); ?></td> <td><?php echo $row['is_published'] ? '✅' : '—'; ?></td> <td> <a class="btn btn-sm btn-outline-primary" href="/admin/posts.php?id=<?php echo (int)$row['id']; ?>">编辑</a> <a class="btn btn-sm btn-outline-danger" href="/admin/posts.php?delete=<?php echo (int)$row['id']; ?>" onclick="return confirm('确认删除?')">删除</a> </td> </tr> <?php endwhile; ?> </tbody> </table> </div> <div class="col-lg-5"> <h1 class="h4"><?php echo $edit ? '编辑文章' : '新建文章'; ?></h1> <form method="post"> <input type="hidden" name="csrf" value="<?php echo h(csrf_token()); ?>"> <input type="hidden" name="id" value="<?php echo (int)($edit['id'] ?? 0); ?>"> <div class="mb-2"> <label class="form-label">标题</label> <input name="title" class="form-control" required value="<?php echo h($edit['title'] ?? ''); ?>"> </div> <div class="mb-2"> <label class="form-label">Slug(URL)</label> <input name="slug" class="form-control" placeholder="e.g. first-post" required value="<?php echo h($edit['slug'] ?? ''); ?>"> </div> <div class="mb-2"> <label class="form-label">摘要</label> <textarea name="excerpt" class="form-control" rows="2"><?php echo h($edit['excerpt'] ?? ''); ?></textarea> </div> <div class="mb-2"> <label class="form-label">内容(支持 HTML)</label> <textarea name="content" class="form-control" rows="10"><?php echo h($edit['content'] ?? ''); ?></textarea> </div> <div class="form-check mb-2"> <input class="form-check-input" type="checkbox" name="is_published" id="published" <?php echo !empty($edit['is_published'])?'checked':''; ?>> <label class="form-check-label" for="published">发布</label> </div> <button class="btn btn-primary">保存</button> </form> </div> </div> <?php include __DIR__ . '/../includes/footer.php'; ?>