Update admin_posts.php

admin_posts.php

@@ -5,9 +5,17 @@ session_start();
   Admin Posts Panel for Mediakor
   ------------------------------
   - Protect this file (admin password below, and ideally via IP/HTTP auth).
-  - Requires the `posts` table as described in index.php:
+  - Uses database from your Docker stack:
 
-    CREATE TABLE posts (
+    DB:
+      host: mariadb
+      name: appdb
+      user: appuser
+      pass: apppass
+
+  - On first successful connection it will ensure the "posts" table exists:
+
+    CREATE TABLE IF NOT EXISTS posts (
       id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
       title VARCHAR(255) NOT NULL,
       meta  VARCHAR(255) DEFAULT NULL,
@@ -18,10 +26,10 @@ session_start();
 */
 
 // --- ADMIN CONFIG ---
-// !! CHANGE THIS PASSWORD !!
+// !! CHANGE THIS PASSWORD OR SET MK_ADMIN_PASSWORD IN ENV !!
 $adminPassword = $_ENV['MK_ADMIN_PASSWORD'] ?? 'change_this_password';
 
-// --- DB CONFIG (match index.php) ---
+// --- DB CONFIG (matches your docker-compose) ---
 $dbHost = $_ENV['DB_HOST'] ?? 'mariadb';
 $dbName = $_ENV['DB_NAME'] ?? 'appdb';
 $dbUser = $_ENV['DB_USER'] ?? 'appuser';
@@ -48,6 +56,39 @@ function h($v) {
     return htmlspecialchars((string)$v, ENT_QUOTES | ENT_SUBSTITUTE, 'UTF-8');
 }
 
+/**
+ * Connect to appdb and ensure the posts table exists.
+ */
+function mk_get_pdo_and_bootstrap_admin(&$dbErrorOut = null) {
+    global $dbHost, $dbName, $dbUser, $dbPass;
+
+    try {
+        // Connect directly to the DB you set in MYSQL_DATABASE (appdb)
+        $dsn = "mysql:host={$dbHost};dbname={$dbName};charset=utf8mb4";
+        $pdo = new PDO($dsn, $dbUser, $dbPass, [
+            PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
+            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
+        ]);
+
+        // Ensure posts table exists
+        $pdo->exec("
+            CREATE TABLE IF NOT EXISTS posts (
+              id INT UNSIGNED AUTO_INCREMENT PRIMARY KEY,
+              title VARCHAR(255) NOT NULL,
+              meta  VARCHAR(255) DEFAULT NULL,
+              body  TEXT NOT NULL,
+              is_published TINYINT(1) NOT NULL DEFAULT 1,
+              created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP
+            ) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
+        ");
+
+        return $pdo;
+    } catch (PDOException $e) {
+        $dbErrorOut = $e->getMessage();
+        return null;
+    }
+}
+
 // --- Handle login / logout ---
 if (isset($_GET['logout'])) {
     unset($_SESSION['mk_admin_logged_in']);
@@ -67,17 +108,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['login_password'])) {
 
 $loggedIn = !empty($_SESSION['mk_admin_logged_in']);
 
-// Connect to DB once logged in
+// Connect once logged in and ensure table exists
 if ($loggedIn) {
-    try {
+    $pdo = mk_get_pdo_and_bootstrap_admin($dbError);
-        $dsn = "mysql:host={$dbHost};dbname={$dbName};charset=utf8mb4";
-        $pdo = new PDO($dsn, $dbUser, $dbPass, [
-            PDO::ATTR_ERRMODE            => PDO::ERRMODE_EXCEPTION,
-            PDO::ATTR_DEFAULT_FETCH_MODE => PDO::FETCH_ASSOC,
-        ]);
-    } catch (PDOException $e) {
-        $dbError = $e->getMessage();
-    }
 }
 
 // --- Handle CRUD actions ---
@@ -331,6 +364,7 @@ if ($loggedIn && $pdo) {
   }
 
   input[type="text"],
+  input[type="password"],
   textarea{
     width:100%;
     border-radius:10px;