ez-site/includes/admin.php

<!-- TODO: Markdown write -->
<body>
    <h1>后台管理 - 发布文章</h1>

    <?php
    // 检查用户是否登录且为管理员
    if (!isset($_SESSION['user_id'])) {
        echo "<p>请<a href='/?page=account'>登录</a>后访问此页面。</p>";
        exit;
    }

    $stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");
    $stmt->execute([$_SESSION['user_id']]);
    $user = $stmt->fetch();

    if ($user['group'] !== 'admin') {
        echo "<p>您没有权限访问此页面。</p>";
        exit;
    }

    // 发布文章逻辑
    if ($_SERVER['REQUEST_METHOD'] == 'POST') {
        $title = $_POST['title'];
        $content = $_POST['content'];
        $type = $_POST['type']; // 获取文章类型

        $stmt = $pdo->prepare("INSERT INTO articles (title, content, type, created_at) VALUES (?, ?, ?, NOW())");
        if ($stmt->execute([$title, $content, $type])) {
            echo "<p>文章发布成功！</p>";
        } else {
            echo "<p>文章发布失败！</p>";
        }
    }
    ?>

    <form method="POST" action="">
        <input type="text" name="title" placeholder="文章标题" required>
        <textarea name="content" placeholder="文章内容" required></textarea>
        <select name="type" required>
            <option value="activity">活动</option>
            <option value="news">新闻</option>
        </select>
        <button type="submit">发布文章</button>
    </form>
</body>
</html>
sync from github 2024-10-19 21:33:47 +08:00			`<!-- TODO: Markdown write -->`
			`<body>`
			`<h1>后台管理 - 发布文章</h1>`

			`<?php`
			`// 检查用户是否登录且为管理员`
			`if (!isset($_SESSION['user_id'])) {`
			`echo "<p>请<a href='/?page=account'>登录</a>后访问此页面。</p>";`
			`exit;`
			`}`

			`$stmt = $pdo->prepare("SELECT * FROM users WHERE id = ?");`
			`$stmt->execute([$_SESSION['user_id']]);`
			`$user = $stmt->fetch();`

			`if ($user['group'] !== 'admin') {`
			`echo "<p>您没有权限访问此页面。</p>";`
			`exit;`
			`}`

			`// 发布文章逻辑`
			`if ($_SERVER['REQUEST_METHOD'] == 'POST') {`
			`$title = $_POST['title'];`
			`$content = $_POST['content'];`
			`$type = $_POST['type']; // 获取文章类型`

			`$stmt = $pdo->prepare("INSERT INTO articles (title, content, type, created_at) VALUES (?, ?, ?, NOW())");`
			`if ($stmt->execute([$title, $content, $type])) {`
			`echo "<p>文章发布成功！</p>";`
			`} else {`
			`echo "<p>文章发布失败！</p>";`
			`}`
			`}`
			`?>`

			`<form method="POST" action="">`
			`<input type="text" name="title" placeholder="文章标题" required>`
			`<textarea name="content" placeholder="文章内容" required></textarea>`
			`<select name="type" required>`
			`<option value="activity">活动</option>`
			`<option value="news">新闻</option>`
			`</select>`
			`<button type="submit">发布文章</button>`
			`</form>`
			`</body>`
			`</html>`