corruptcity || skalman Posted September 21, 2023 Posted September 21, 2023 Hi I'm looking for help, adivce or suggestion on how I could fix my problem I've got. So I have made this blog mod for my website to the I can post about the roadmap, game info etc that can be viewed either logged in or out but was after ideas on how I could make this working using only one page as I currently have blogs and blogsnl (blogs Non Logged) on serperate scripts. when I first did create this I did have it on one page but I couldn't find a way for the script to determine if you were logged in or not and pick the right globals file either the globals or globals_nonauth without causing other problems or errors due to the wrong globals called, so I split up the file into two just going for the easy fix right now I will include what I have don sofar but bare in mind this isn't the finished mod and will be recoded if I can fix the problem cheers. ps if anyone wants to use my codes as a starting point for their own blog feel free to. Blog.php <?php require_once("globals.php"); echo' <style> .blog-container{ max-width: 30vw; border: 5px solid black; border-radius: 5px; margin: 0 auto; background-color: #1F2324; color: #ADD8E6; } .blog-grid { display: grid; grid-template-columns: repeat(1, 1fr); grid-gap: 20px; max-width: 30vw; text-align: center; z-index: 2; margin: 0 auto; border: 0px solid blue; } .blog-heading{ grid-column: span 1; padding-top: 5px; padding-left: 10px; font-size: 1.1rem; border: 0px solid green; text-align: center; } .blog-item{ grid-column: span 1; padding-top: 5px; padding-left: 10px; font-size: 1.2rem; border: 0px solid pink; } .content-area-grid{ display: grid; grid-template-columns: repeat(4, 1fr); grid-gap: 5px; max-width: 30vw; margin: 0 auto; border: 0px solid blue; padding-left: 10px; text-align: center; } .ca-grid-heading{ grid-column: span 4; padding-top: 10px; padding-left: 5px; font-size: 1.1rem; justify-items: left; border: 0px solid pink; } .ca-grid-item{ grid-column: span 1; padding-top: 10px; padding-left: 5px; background-repeat: no-repeat; border: 5px solid black; border-radius: 5px; text-align: left; background-color: #1F2324; } </style>'; if(!isset($_GET['action'])) { $_GET['action'] = ''; } switch($_GET['action']) { case "view": view(); case "comment": comment(); break; case "likecomment": likecomment(); break; case "dislikecomment": dislikecomment(); break; case "editcomment": editcomment(); break; case "deletecomment": deletecomment(); break; case "likeblog": likeblog(); break; case "dislikeblog": dislikeblog(); break; default: index(); break; } function index() { global $ir, $db; echo" <div class='content-area-grid'> <div class='ca-grid-heading'> <h3>Blog</h3> <hr/> </div>"; $query = $db->query("SELECT * FROM blog ORDER BY b_id DESC"); if($db->num_rows($query) == 0) { echo"<div class='ca-grid-heading'> No blog posts found. </div>"; } else { while($r = $db->fetch_row($query)) { $text = substr($r['b_text'], 0, 100); echo"<div class='ca-grid-item'> ".stripText($r['b_title'])."<br/> ".stripText($text)."<br/> Date: ".date('F j, y, g:i:s a', $r['b_time'])."<br/> Views: ".number_formatter($r['b_views'])."<br/> <a href='blog.php?action=view&id={$r['b_id']}'>Read More</a> </div>"; } } echo" </div>"; } function view() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); echo" <div class='blog-container'> <div class='blog-grid'>"; $query = $db->query("SELECT * FROM blog WHERE b_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { echo" <div class='blog-heading'> <h3>No blog post found.</h3> </div>"; } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog SET b_views = b_views + 1 WHERE b_id = {$_GET['id']}"); echo" <div class='blog-heading'> <h3>".stripText($r['b_title'])."</h3> </div> <div class='blog-item'> ".htmlspecialchars_decode($r['b_text'])." </div> <div class='blog-heading'> Date: ".date('F j, y, g:i:s a', $r['b_time'])." - Views: ".number_formatter($r['b_views'])." - ".number_formatter($r['b_likes'])." Likes [<a href='blog.php?action=likeblog&id={$r['b_id']}'>Like</a>] - ".number_formatter($r['b_dislikes'])." Dislikes [<a href='blog.php?action=dislikeblog&id={$r['b_id']}'>Dislike</a>] </div> </div>"; } echo"</div> <span style='text-align: center;'><h3>Comments</h3></span> <hr/>"; $query = $db->query("SELECT * FROM blog_comments WHERE bc_blog = {$_GET['id']} ORDER BY bc_id DESC"); if($db->num_rows($query) == 0) { echo" <div class='blog-heading'> <h3>No Comments.</h3> </div>"; } else { while($r = $db->fetch_row($query)) { echo" <div class='blog-container'> <div class='blog-grid'> <div class='blog-item'> ".stripText($r['bc_text'])." - Date: ".date('F j, y, g:i:s a', $r['bc_time'])."<br/>"; if(isset($_SESSION['userid'])) { echo" [<a href='blog.php?action=likecomment&id={$r['bc_id']}'>Like</a>] - [<a href='blog.php?action=dislikecomment&id={$r['bc_id']}'>Dislike</a>] - -"; if( $ir['userid'] == $r['bc_user']) { echo"[<a href='blog.php?action=editcomment&id={$r['bc_id']}'>Edit</a>] "; } if($ir['user_level'] > 2 || $ir['userid'] == $r['bc_user']) { echo"- [<a href='blog.php?action=deletecomment&id={$r['bc_id']}'>Delete</a>]"; } } echo"</div> </div> </div>"; } } echo"<br/>"; if(isset($_SESSION['userid'])) { echo" <div class='blog-container'> <div class='blog-grid'> <div class='blog-heading'> <h3>Post Comment</h3> </div> <div class='blog-item'> <form action='blog.php?action=comment&id={$_GET['id']}' method='post'> Text: <textarea name='text'></textarea><br/> <input type='submit' value='Post Comment' /> </form> </div> </div> </div>"; } } function comment() { global $ir, $db; if(isset($_SESSION['userid']) && (isset($_GET['id']) && isset($_POST['text']))) { $_GET['id'] = abs((int) $_GET['id']); #$_POST['text'] = stripText($_POST['text']); if(isset($_GET['id']) && $_POST['text']) { if(empty($_POST['text'])) { ErrorText("You must enter text to post a comment."); } $time = time(); $db->query("INSERT INTO blog_comments (bc_id, bc_blog, bc_user, bc_time, bc_text) VALUES ('', {$_GET['id']}, {$ir['userid']}, {$time}, '{$_POST['text']}')"); echo"Comment Added."; echo"<br/> [<a href='blog.php?view&id={$_GET['id']}'>Back</a>]"; } } } function likecomment() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog_comments WHERE bc_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { ErrorText("No comment found."); } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog_comments SET bc_likes = bc_likes + 1 WHERE bc_id = {$_GET['id']}"); echo"Comment Liked."; echo"<br/> [<a href='blog.php?view&id={$r['bc_blog']}'>Back</a>]"; } } function dislikecomment() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog_comments WHERE bc_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { ErrorText("No comment found."); } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog_comments SET bc_dislikes = bc_dislikes + 1 WHERE bc_id = {$_GET['id']}"); echo"Comment Disliked."; echo"<br/> [<a href='blog.php?view&id={$r['bc_blog']}'>Back</a>]"; } } function editcomment() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); if(isset($_GET['id'])) { if($_POST['submit']) { $_POST['text'] = $db->escape(stripslashes($_POST['text'])); if(empty($_POST['text'])) { ErrorText("You must enter text to edit a comment."); } $db->query("UPDATE blog_comments SET bc_text = '{$_POST['text']}' WHERE bc_id = {$_GET['id']}"); echo"Comment Edited."; echo"<br/> [<a href='blog.php?view&id={$_GET['id']}'>Back</a>]"; } else { $query = $db->query("SELECT * FROM blog_comments WHERE bc_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { ErrorText("No comment found."); } else { $r = $db->fetch_row($query); $db->free_result($query); if($ir['user_level'] > 2 || $ir['userid'] == $r['bc_user']) { echo" <form action='blog.php?action=editcomment&id={$_GET['id']}' method='post'> Text: <textarea name='text'>{$r['bc_text']}</textarea><br/> <input type='submit' name='submit' value='Edit Comment' /> </form>"; } else { ErrorText("You do not have permission to edit this comment."); } } } } } function deletecomment() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog_comments WHERE bc_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { ErrorText("No comment found."); } else { $r = $db->fetch_row($query); $db->free_result($query); if($ir['user_level'] > 2 || $ir['userid'] == $r['bc_user']) { $db->query("DELETE FROM blog_comments WHERE bc_id = {$_GET['id']}"); echo"Comment Deleted."; echo"<br/> [<a href='blog.php?view&id={$r['bc_blog']}'>Back</a>]"; } else { ErrorText("You do not have permission to delete this comment."); } } } function likeblog() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog WHERE b_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { ErrorText("No blog found."); } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog SET b_likes = b_likes + 1 WHERE b_id = {$_GET['id']}"); echo"Blog Liked."; echo"<br/> [<a href='blog.php?view&id={$_GET['id']}'>Back</a>]"; } } function dislikeblog() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog WHERE b_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { ErrorText("No blog found."); } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog SET b_dislikes = b_dislikes + 1 WHERE b_id = {$_GET['id']}"); echo"Blog Disliked."; echo"<br/> [<a href='blog.php?view&id={$_GET['id']}'>Back</a>]"; } } $h->endpage(); ?>  blogsnl.php  <?php require_once('globals_nonauth.php'); $login_csrf = request_csrf_code('login'); print <<<EOF <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>{$set['game_name']}</title> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <script type="text/javascript" src="js/login.js"></script> <link rel="icon" type="image/x-icon" href="/img/favicon.ico"> <link href="css/login.css" type="text/css" rel="stylesheet" /> <link href="css/blog.css" type="text/css" rel="stylesheet" /> </head> <body onload="getme();"> <div class="login-container"> <div class="login-banner"> </div> <div class="login-spacer"> </div> <div class="login-menu"> <div class="menu-grid"> <div class="menu-home"> <a href='login.php'>Home</a> </div> <div class="menu-register"> <a href='register.php'>Register</a> </div> <div class="menu-blog"> <a href='blogsnl.php'>Blog</a> </div> <div class="menu-support"> <a href='contactus.php'>Support</a> </div> </div> </div> <div class="login-form"> <form action="authenticate.php" method="post"> <div class="login-flex"> <div class="login-remember"> Remember me?<br /> <input type='radio' value='ON' name='save' checked='checked'/> Yes <input type='radio' value='OFF' name='save' /> No </div> <div class="login-username"> <input type='text' name='username' class="textbox"/><br /> </div> <div class="login-password"> <input type='password' name='password' class="textbox" /> </div> <div class="login-submit"> <input type='hidden' name='verf' value='{$login_csrf}' /> <input type='submit' name='submit' value='Submit'><br /> <a href="#">Reset Password</a> </div> </div> </form> </div> <div class="login-content"> EOF; if(!isset($_GET['action'])) { $_GET['action'] = ''; } switch($_GET['action']) { case "view": view(); case "likecomment": likecomment(); break; case "dislikecomment": dislikecomment(); break; case "likeblog": likeblog(); break; case "dislikeblog": dislikeblog(); break; default: index(); break; } function index() { global $db; echo" <div class='content-area-grid'> <div class='ca-grid-heading'> <h3>Blog</h3> <hr/> </div>"; $query = $db->query("SELECT * FROM blog ORDER BY b_id DESC"); if($db->num_rows($query) == 0) { echo"<div class='ca-grid-heading'> No blog posts found. </div>"; } else { while($r = $db->fetch_row($query)) { $text = substr($r['b_text'], 0, 100); echo"<div class='ca-grid-item'> ".stripText($r['b_title'])."<br/> ".stripText($text)."<br/> Date: ".date('F j, y, g:i:s a', $r['b_time'])."<br/> Views: ".number_formatter($r['b_views'])."<br/> <a href='blogsnl.php?action=view&id={$r['b_id']}'>Read More</a> </div>"; } } echo" </div>"; } function view() { global $db; echo" <div class='blog-container'> <div class='blog-grid'>"; $query = $db->query("SELECT * FROM blog WHERE b_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { echo" <div class='blog-heading'> <h3>No blog post found.</h3> </div>"; } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog SET b_views = b_views + 1 WHERE b_id = {$_GET['id']}"); echo" <div class='blog-heading'> <h3>".stripText($r['b_title'])."</h3> </div> <div class='blog-item'> ".htmlspecialchars_decode($r['b_text'])." </div> <div class='blog-heading'> Date: ".date('F j, y, g:i:s a', $r['b_time'])." - Views: ".number_formatter($r['b_views'])." - ".number_formatter($r['b_likes'])." Likes [<a href='blogsnl.php?action=likeblog&id={$r['b_id']}'>Like</a>] - ".number_formatter($r['b_dislikes'])." Dislikes [<a href='blogsnl.php?action=dislikeblog&id={$r['b_id']}'>Dislike</a>] </div> </div>"; } echo"</div> <span style='text-align: center;'><h3>Comments</h3></span> <hr/>"; $query = $db->query("SELECT * FROM blog_comments WHERE bc_blog = {$_GET['id']} ORDER BY bc_id DESC"); if($db->num_rows($query) == 0) { echo" <div class='blog-heading'> <h3>No Comments.</h3> </div>"; exit; } else { while($r = $db->fetch_row($query)) { echo" <div class='blog-container'> <div class='blog-grid'> <div class='blog-item'> ".stripText($r['bc_text'])." - Date: ".date('F j, y, g:i:s a', $r['bc_time'])."<br/>"; if(isset($_SESSION['userid'])) { echo" [<a href='blogsnl.php?action=likecomment&id={$r['bc_id']}'>Like</a>] - [<a href='blogsnl.php?action=dislikecomment&id={$r['bc_id']}'>Dislike</a>] - -"; } echo"</div> </div> </div>"; } } } function likecomment() { global $ir, $db, $h; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog_comments WHERE bc_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { echo("No comment found."); exit; } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog_comments SET bc_likes = bc_likes + 1 WHERE bc_id = {$_GET['id']}"); echo"Comment Liked."; echo"<br/> [<a href='blogsnl.php?view&id={$r['bc_blog']}'>Back</a>]"; } } function dislikecomment() { global $ir, $db; $_GET['id'] = abs((int) $_GET['id']); $query = $db->query("SELECT * FROM blog_comments WHERE bc_id = {$_GET['id']}"); if($db->num_rows($query) == 0) { echo"No comment found."; exit; } else { $r = $db->fetch_row($query); $db->free_result($query); $db->query("UPDATE blog_comments SET bc_dislikes = bc_dislikes + 1 WHERE bc_id = {$_GET['id']}"); echo"Comment Disliked."; echo"<br/> [<a href='blogsnl.php?view&id={$r['bc_blog']}'>Back</a>]"; } } echo" </div> </div> </div> </div> <div class='footer'> </div> </div>"; ?>  Quote
AdamHull Posted September 21, 2023 Posted September 21, 2023 (edited) if (isset($_SESSION['userid'])) { include("globals.php"); // Include the globals.php file for logged-in users } else { include("globals_nonauth.php"); // Include the globals_nonauth.php file for non-logged-in users } have you tried something like this? You may get a session already started issue tho Edited September 21, 2023 by AdamHull I was correct with my session call 1 Quote
corruptcity || skalman Posted September 21, 2023 Author Posted September 21, 2023 yeah that was the first thing I tried would work fine when logged in but got the session error when not logged in but couldn't get around that even with chatgpt help Quote
AdamHull Posted September 21, 2023 Posted September 21, 2023 (edited) is it the header already sent or what ever? if it is you could use something like if (session_status() === PHP_SESSION_NONE) { session_start(); } in your globals_nonauth Edited September 21, 2023 by AdamHull 1 Quote
corruptcity || skalman Posted September 22, 2023 Author Posted September 22, 2023 Managed to fix this but had to do some jankiness to get it working and used something I've never used before or even was a thing. I had to use output buffering for globals.php then in globals_nonauth put an if statement in so that it doesn't duplicate what was in globals, also had to add a shit ton of isset() into the header page before I managed to get it to work. I will now Include the working code in case it helps one else in the future Blog.php <?php #set_error_handler('error_php'); if (strpos($_SERVER['PHP_SELF'], "globals_nonauth.php") !== false) { exit; } if ($_SERVER['PHP_SELF'] !== '/blog.php') { session_name('MCCSID2'); @session_start(); if (!isset($_SESSION['started'])) { session_regenerate_id(); $_SESSION['started'] = true; } ob_start(); require "lib/basic_error_handler.php"; set_error_handler('error_php'); include "config.php"; define("MONO_ON", 1); require "class/class_db_{$_CONFIG['driver']}.php"; require_once('global_func.php'); $db = new database; $db->configure($_CONFIG['hostname'], $_CONFIG['username'], $_CONFIG['password'], $_CONFIG['database'], $_CONFIG['persistent']); $db->connect(); $c = $db->connection_id; $set = array(); $settq = $db->query("SELECT * FROM `settings`"); while ($r = $db->fetch_row($settq)) { $set[$r['conf_name']] = $r['conf_value']; } } ?> globals_nonauth.php <?php // Include your global settings for logged-in users ob_start(); require_once("globals.php"); $output = ob_get_contents(); ob_end_clean(); if(isset($_SESSION['userid']) && $_SESSION['userid'] > 0) { echo"Hello {$ir['username']}<br />"; echo "Welcome user"; $loggedIn = true; // Add code here to display blog posts for logged-in users } else { // Include only the specific data you need for non-logged-in users require_once("globals_nonauth.php"); $loggedIn = false; // Display a welcome message for guests echo "Welcome Guest <br />"; // Here, you can use $nonLoggedInData to display blog posts for non-logged-in users // Replace the following line with your actual code to display blog posts. echo "Display Blog Posts Here"; } ?> Â Â Also would like to say thanks to adam for his assistance Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.