From f14711590ad4886028ad5e3ec28e1f5fe7234091 Mon Sep 17 00:00:00 2001 From: Atlaskor Date: Tue, 25 Nov 2025 23:14:30 +0000 Subject: [PATCH] Update admin_posts.php --- admin_posts.php | 66 +++++++++++++++++++++++++++++++++++++------------ 1 file changed, 50 insertions(+), 16 deletions(-) diff --git a/admin_posts.php b/admin_posts.php index 1174b72..a8844e3 100644 --- a/admin_posts.php +++ b/admin_posts.php @@ -5,9 +5,17 @@ session_start(); Admin Posts Panel for Mediakor ------------------------------ - Protect this file (admin password below, and ideally via IP/HTTP auth). - - Requires the `posts` table as described in index.php: + - Uses database from your Docker stack: - CREATE TABLE posts ( + DB: + host: mariadb + name: appdb + user: appuser + pass: apppass + + - On first successful connection it will ensure the "posts" table exists: + + CREATE TABLE IF NOT EXISTS posts ( id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY, title VARCHAR(255) NOT NULL, meta VARCHAR(255) DEFAULT NULL, @@ -18,16 +26,16 @@ session_start(); */ // --- ADMIN CONFIG --- -// !! CHANGE THIS PASSWORD !! +// !! CHANGE THIS PASSWORD OR SET MK_ADMIN_PASSWORD IN ENV !! $adminPassword = $_ENV['MK_ADMIN_PASSWORD'] ?? 'change_this_password'; -// --- DB CONFIG (match index.php) --- +// --- DB CONFIG (matches your docker-compose) --- $dbHost = $_ENV['DB_HOST'] ?? 'mariadb'; $dbName = $_ENV['DB_NAME'] ?? 'appdb'; $dbUser = $_ENV['DB_USER'] ?? 'appuser'; $dbPass = $_ENV['DB_PASS'] ?? 'apppass'; -$pdo = null; +$pdo = null; $dbError = null; $message = null; @@ -48,6 +56,39 @@ function h($v) { return htmlspecialchars((string)$v, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8'); } +/** + * Connect to appdb and ensure the posts table exists. + */ +function mk_get_pdo_and_bootstrap_admin(&$dbErrorOut = null) { + global $dbHost, $dbName, $dbUser, $dbPass; + + try { + // Connect directly to the DB you set in MYSQL_DATABASE (appdb) + $dsn = "mysql:host={$dbHost};dbname={$dbName};charset=utf8mb4"; + $pdo = new PDO($dsn, $dbUser, $dbPass, [ + PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, + PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, + ]); + + // Ensure posts table exists + $pdo->exec(" + CREATE TABLE IF NOT EXISTS posts ( + id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY, + title VARCHAR(255) NOT NULL, + meta VARCHAR(255) DEFAULT NULL, + body TEXT NOT NULL, + is_published TINYINT(1) NOT NULL DEFAULT 1, + created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP + ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4; + "); + + return $pdo; + } catch (PDOException $e) { + $dbErrorOut = $e->getMessage(); + return null; + } +} + // --- Handle login / logout --- if (isset($_GET['logout'])) { unset($_SESSION['mk_admin_logged_in']); @@ -67,17 +108,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login_password'])) { $loggedIn = !empty($_SESSION['mk_admin_logged_in']); -// Connect to DB once logged in +// Connect once logged in and ensure table exists if ($loggedIn) { - try { - $dsn = "mysql:host={$dbHost};dbname={$dbName};charset=utf8mb4"; - $pdo = new PDO($dsn, $dbUser, $dbPass, [ - PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION, - PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC, - ]); - } catch (PDOException $e) { - $dbError = $e->getMessage(); - } + $pdo = mk_get_pdo_and_bootstrap_admin($dbError); } // --- Handle CRUD actions --- @@ -157,7 +190,7 @@ if ($loggedIn && $pdo && isset($_GET['delete'], $_GET['token'])) { } // Fetch posts + maybe a single post to edit -$posts = []; +$posts = []; $editPost = null; if ($loggedIn && $pdo) { @@ -331,6 +364,7 @@ if ($loggedIn && $pdo) { } input[type="text"], + input[type="password"], textarea{ width:100%; border-radius:10px;