bu bepul blog PHP skript blog xabarlarini saqlash, shuningdek, xabarlarni yaratish va o'chirish uchun MySQL ma'lumotlar bazasidan foydalanadi. Skript ma'lumotlar bazasi bilan o'zaro ishlash uchun mysqli kengaytmasidan foydalanadi, bu eski MySQL kengaytmasining takomillashtirilgan versiyasi va u xavfsizroq.
Ushbu skript yangi xabarlarni yaratish uchun shaklni ham o'z ichiga oladi, ular yuborilganda ma'lumotlar ma'lumotlar bazasiga kiritiladi. Skript shuningdek postlarni o'chirish uchun havolani o'z ichiga oladi, uni bosgandan so'ng post ma'lumotlar bazasidan o'chiriladi, shuningdek, tasvir serverdan o'chiriladi.
Skript ma'lumotlar bazasidan barcha xabarlarni oladi va ularni sahifada kamayish tartibida ko'rsatadi, birinchi navbatda eng so'nggi xabarni ko'rsatadi. Har bir post, shuningdek, u bilan bog'liq rasmni ko'rsatadi.
Bu asosiy misol bo'lib, siz postlarni bo'lish uchun sahifalarni qo'shish kabi qo'shimcha funktsiyalarni qo'shishingiz mumkin, shuningdek, foydalanuvchilarning blogga joylashtirishlari uchun kirish tizimini qo'shishingiz yoki muayyan postlarni qidirish uchun qidiruv funksiyasini qo'shishingiz mumkin.
Har qanday zararli kirishlarni oldini olish uchun ariza kiritishlariga ba'zi tekshirishlarni ham qo'shishingiz mumkin.
Shuningdek, siz SQL in'ektsion hujumlarini oldini olish uchun kirishlarni tozalash usulini qo'llashingiz kerak.
<?php
// Connect to the database
$conn = mysqli_connect('host', 'username', 'password', 'database');
// Create a new post or edit an existing post
if (isset($_POST['submit'])) {
$id = mysqli_real_escape_string($conn, $_POST['id']);
$title = mysqli_real_escape_string($conn, $_POST['title']);
$content = mysqli_real_escape_string($conn, $_POST['content']);
$author = mysqli_real_escape_string($conn, $_POST['author']);
$date = date("Y-m-d H:i:s");
$image = mysqli_real_escape_string($conn, $_FILES['image']['name']);
$image_temp = $_FILES['image']['tmp_name'];
if ($id == "") { // create a new post
move_uploaded_file($image_temp, "images/$image");
$sql = "INSERT INTO posts (title, content, author, date, image) VALUES ('$title', '$content', '$author', '$date', '$image')";
} else { // edit an existing post
if ($image != "") {
$query = "SELECT * FROM posts WHERE id = $id";
$result = mysqli_query($conn, $query);
while ($row = mysqli_fetch_array($result)) {
$prev_image = $row['image'];
}
unlink("images/$prev_image");
move_uploaded_file($image_temp, "images/$image");
$sql = "UPDATE posts SET title='$title', content='$content', author='$author', date='$date', image='$image' WHERE id=$id";
} else {
$sql = "UPDATE posts SET title='$title', content='$content', author='$author', date='$date' WHERE id=$id";
}
}
mysqli_query($conn, $sql);
}
// Delete a post
if (isset($_GET['delete'])) {
$id = $_GET['delete'];
$query = "SELECT * FROM posts WHERE id = $id";
$result = mysqli_query($conn, $query);
while ($row = mysqli_fetch_array($result)) {
$image = $row['image'];
}
unlink("images/$image");
mysqli_query($conn, "DELETE FROM posts WHERE id=$id");
}
// Retrieve all posts from the database
$result = mysqli_query($conn, "SELECT * FROM posts ORDER BY id DESC");
?>
<!DOCTYPE html>
<html>
<head>
<title>Blog</title>
<link rel="stylesheet" type="text/css" href="style.css">
</head>
<body>
<div class="container">
<h1>Blog</h1>
<form action="blog.php" method="post" enctype="multipart/form-data">
<input type="hidden" name="id" value="<?php echo (isset($_GET['edit'])) ? $_GET['edit'] : ''; ?>">
<label for="title">Title:</label>
<input type="text" id="title" name="title" value="<?php echo (isset($_GET['edit'])) ? $title : ''; ?>" required>
<label for="content">Content:</label>
<textarea id="content" name="content" required><?php echo (isset($_GET['edit'])) ? $content : ''; ?></textarea>
<label for="author">Author:</label>
<input type="text" id="author" name="author" value="<?php echo (isset($_GET['edit'])) ? $author : ''; ?>" required>
<label for="image">Image:</label>
<input type="file" id="image" name="image">
<input type="submit" name="submit" value="<?php echo (isset($_GET['edit'])) ? 'Save' : 'Create Post'; ?>">
</form>
<?php while ($row = mysqli_fetch_array($result)) { ?>
<div class="post">
<h2><?php echo $row['title']; ?></h2>
<p><?php echo $row['content']; ?></p>
<p>Author: <?php echo $row['author']; ?></p>
<p>Date: <?php echo $row['date']; ?></p>
<img src="images/<?php echo $row['image']; ?>" width="100">
<br>
<a href="index.php?edit=<?php echo $row['id']; ?>">Edit</a>
<a href="index.php?delete=<?php echo $row['id']; ?>">Delete</a>
</div>
<?php } ?>
</div>
<br />
<a href="https://php.org" title="PHP tutorials">Powered by PHP.org</a>
</body>
</html>
