emilyd/moodblog
1
1
Fork 0
Code Issues 6 Pull Requests Packages Projects Releases Activity

remove hardcoded password, add lang variable, make index.php HTML5 validated

Browse Source
This commit is contained in:
Emily Daemon 2022-11-18 22:24:55 +02:00
parent b3eb20ddfb
commit 856c0272bd
3 changed files with 8 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
index.php
View File

@ -14,16 +14,16 @@ while($res = mysqli_fetch_array($result)) {
echo " </div>";
echo " <div class='window-content'>";
echo " <span class='pre-post'>";
echo " <b class='mood'>current mood:</b> <img class='mood' src='img/moods/".$res['MoodImage']."'/> ".$res['Mood'];
echo " <b class='mood'>current mood:</b> <img class='mood' src='img/moods/".$res['MoodImage']."' alt='".$res['MoodImage']."'> ".$res['Mood'];
echo " </span>";
echo " <br/>";
echo " <br>";
echo " <span class='pre-post'>";
echo " <b class='tunes'>current tunes:</b> ".$res['Song'];
echo " </span>";
echo " <hr/>";
echo " <hr>";
echo $res['Message'];
echo " <hr/>";
echo " <span class='options'>share: <input type='text' readonly='readonly' value='".$root."/#".$res['ID']."'</span>";
echo " <hr>";
echo " <span class='options'>share: <input type='text' readonly='readonly' value='".$root."/#".$res['ID']."'></span>";
echo " </div>";
echo "</div>";
}

2
templates/config.def.php
View File

@ -7,6 +7,8 @@ $url="http://127.0.0.1";
$root=$url.""; // If moodblog is located in a subdirectory, you'll want to change this.
$style="glazed-gray.css"; // This would be a file located in your /css folder
$charset="UTF-8"; // If you don't know what this is, leave it be!
$lang="en-us";
$password="password";
$blog_title="Example User's blog created with moodblog"; // Title shown in the bio window
$short_blog_title="Example moodblog"; // String used in <title>

4
write/post.php
View File

@ -12,7 +12,7 @@ $go_back = "<br/><a class='button options' href='".$root."'>go back!</a>";
<div class='window-content'>
<?php
if(isset($_POST['articlebody'])) {
if($_POST['password'] == "yeppers") {
if($_POST['password'] == $password) {
$title = mysqli_real_escape_string($mysqli, $_POST['title']);
$mood = mysqli_real_escape_string($mysqli, $_POST['mood']);
$moodimage = mysqli_real_escape_string($mysqli, $_POST['moodimage']);
@ -20,8 +20,6 @@ if(isset($_POST['articlebody'])) {
$articlebody = mysqli_real_escape_string($mysqli, $_POST['articlebody']);
$mysqli->query("INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES('".$title."', '".$mood."', '".$moodimage."', '".$song."', '".$articlebody."')");
#$mysqli->query('INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES("title test", "mood", "what-a-night.png", "music", "styles!")');
#$mysqli->query('INSERT INTO articles (Title, Mood, MoodImage, Song, Message) VALUES("'.$title.'", "'.$mood.'", "what-a-night.png", "music", "styles!")');
echo "success".$go_back;
header("Location: ".$root);