This free blog PHP script uses a MySQL database to store the blog posts, as well as handle the creation and deletion of posts. The script uses the mysqli extension to interact with the database, which is a improved version of the old mysql extension and it’s more secure.
This script also includes a form for creating new posts, which when submitted, the data is inserted into the database. The script also includes a link for deleting posts, which when clicked, the post is deleted from the database and also the image is deleted from the server.
The script retrieves all the posts from the database and display them on the page in descending order, showing the most recent post first. Each post also display the image associated with it.
This is a basic example, and you could add more functionality like adding pagination to split the posts, also you could add a login system for users to post on the blog, or add a search functionality to look for specific posts.
You could also add some validation to the form inputs to prevent any malicious inputs.
And also you should implement a way to sanitize the inputs, to prevent SQL injection attacks.
<?php
// Connect to the database
$conn = mysqli_connect('host', 'username', 'password', 'database');
// Create a new post or edit an existing post
if (isset($_POST['submit'])) {
$id = mysqli_real_escape_string($conn, $_POST['id']);
$title = mysqli_real_escape_string($conn, $_POST['title']);
$content = mysqli_real_escape_string($conn, $_POST['content']);
$author = mysqli_real_escape_string($conn, $_POST['author']);
$date = date("Y-m-d H:i:s");
$image = mysqli_real_escape_string($conn, $_FILES['image']['name']);
$image_temp = $_FILES['image']['tmp_name'];
if ($id == "") { // create a new post
move_uploaded_file($image_temp, "images/$image");
$sql = "INSERT INTO posts (title, content, author, date, image) VALUES ('$title', '$content', '$author', '$date', '$image')";
} else { // edit an existing post
if ($image != "") {
$query = "SELECT * FROM posts WHERE id = $id";
$result = mysqli_query($conn, $query);
while ($row = mysqli_fetch_array($result)) {
$prev_image = $row['image'];
}
unlink("images/$prev_image");
move_uploaded_file($image_temp, "images/$image");
$sql = "UPDATE posts SET title='$title', content='$content', author='$author', date='$date', image='$image' WHERE id=$id";
} else {
$sql = "UPDATE posts SET title='$title', content='$content', author='$author', date='$date' WHERE id=$id";
}
}
mysqli_query($conn, $sql);
}
// Delete a post
if (isset($_GET['delete'])) {
$id = $_GET['delete'];
$query = "SELECT * FROM posts WHERE id = $id";
$result = mysqli_query($conn, $query);
while ($row = mysqli_fetch_array($result)) {
$image = $row['image'];
}
unlink("images/$image");
mysqli_query($conn, "DELETE FROM posts WHERE id=$id");
}
// Retrieve all posts from the database
$result = mysqli_query($conn, "SELECT * FROM posts ORDER BY id DESC");
?>
<!DOCTYPE html>
<html>
<head>
<title>Blog</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<h1>Blog</h1>
<form action="blog.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="id" value="<?php echo (isset($_GET['edit'])) ? $_GET['edit'] : ''; ?>">
<label for="title">Title:</label>
<input type="text" id="title" name="title" value="<?php echo (isset($_GET['edit'])) ? $title : ''; ?>" required>
<label for="content">Content:</label>
<textarea id="content" name="content" required><?php echo (isset($_GET['edit'])) ? $content : ''; ?></textarea>
<label for="author">Author:</label>
<input type="text" id="author" name="author" value="<?php echo (isset($_GET['edit'])) ? $author : ''; ?>" required>
<label for="image">Image:</label>
<input type="file" id="image" name="image">
<input type="submit" name="submit" value="<?php echo (isset($_GET['edit'])) ? 'Save' : 'Create Post'; ?>">
</form>
<?php while ($row = mysqli_fetch_array($result)) { ?>
<div class="post">
<h2><?php echo $row['title']; ?></h2>
<p><?php echo $row['content']; ?></p>
<p>Author: <?php echo $row['author']; ?></p>
<p>Date: <?php echo $row['date']; ?></p>
<img src="images/<?php echo $row['image']; ?>" width="100">
<br>
<a href="index.php?edit=<?php echo $row['id']; ?>">Edit</a>
<a href="index.php?delete=<?php echo $row['id']; ?>">Delete</a>
</div>
<?php } ?>
</div>
<br />
<a href="https://php.org" title="PHP tutorials">Powered by PHP.org</a>
</body>
</html>