Untitled

<?php
session_start();

error_reporting(E_ALL);
ini_set('display_errors', 1);
require('../required/db.php');
require('../assets/nav.html');

if (isset($_SESSION['admin'])) {
  if ($_SESSION['admin'] = 'positive') {

  }else {
   header('Location:---');
  }
}else {
 header('Location: ---');
}

?>


    <!DOCTYPE html>
    <html>
       <head>
          <meta charset="UTF-8">
          <meta name="viewport" content="width=device-width,initial-scale=1">
          <title>Blog - Admin</title>
          <link rel="shortcut icon" href="../assets/favicon.ico">
          <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">
          <link rel="stylesheet" href="../assets/css/style.css" type="text/css">
          <link rel="ico" href="../assets/favicon.ico">
       </head>
       <body>
          <div class="cont">
             <div class="flol">
               <h1>Make a Post</h1>
                <form method="post">
                   <input type="text" placeholder="Post Title" class="input-box top-margin" name="title" required maxlength="40">
                   <br>
                   <input type="text" placeholder="Author Name" class="input-box top-margin" name="author" required>
                   <br>
                   <input type="text" placeholder="Short Preview Text" class="input-box top-margin" name="ptext" required>
                   <br>
                   <input type="text" class="top-margin input-box top-margin" placeholder="Insert an image path..." name="imagepath" required>
                   <br>
                   <input type="text" class="top-margin input-box top-margin" placeholder="Enter Tags..." name="tags" required>
                   <br>
                   <input type="text" class="top margin input-box top-margin" placeholder="Enter Hidden Tags..." name="hidden_tags" required>
                   <br>
                   <textarea class="input-box top-margin" style="height:150px;" name="body" required></textarea>
                   <br>
                   <input type="submit" value="Launch Post" class="long-btn btn-def top-margin bottom-margin" name="post">
                </form>


             </div>
             <div class="flor">
               <h1>Statistics</h1>
               <h6><em>Sitewide Data Collection Enforced 26 / 6 / 18 8:35 PM</em></h6>
               <?php
               $sql = "SELECT COUNT(*) as value FROM ips";
           $result = $con->query($sql);

        if ($result->num_rows > 0) {
            // output data of each row
            while($row = $result->fetch_assoc()) {
                echo '
                  There have been '.$row['value'].' views overall<br>

              ';
                }
        } else {
            echo "Whoops! The month must just started! We have no data for you.";
        }
        $date = date('M Y');
        $sql = "SELECT COUNT(*) as value FROM ippm WHERE date='$date'";
           $result = $con->query($sql);

        if ($result->num_rows > 0) {
            // output data of each row
            while($row = $result->fetch_assoc()) {
                echo '
                  There have been '.$row['value'].' SW Views This Month
                </div>
              </div>';
                }
        } else {
            echo "Whoops! The month must just started! We have no data for you.";
        }

    echo '<div style="padding-top:700px;"><div>';
    $sql="SELECT id,title,author,prev_text,body FROM posts ORDER BY id DESC";

    if ($result=mysqli_query($con,$sql))
  {
  // Fetch one and one row
  while ($row=mysqli_fetch_row($result))
    {

      printf('<a href="view_post.php?post_id='.$row['0'].'"><div class="row"><div class="row-inner"><p><strong>%s</strong></a> | %s | <a style="color:#42d7f4; text-decoration:none;" href="/admin/edit.php?edid='.$row['0'].'">Edit</a> | <a style="color:red; text-decoration:none;" href="https://willwam.com/admin/delete.php?delposid='.$row['0'].'">Delete</a></p></div></div>', $row[0],$row[1], $row[2], $row[3]);
  }

  // Free result set
  mysqli_free_result($result);
}

mysqli_close($con);

echo '</div></div>';


?>

<div class="wrapper">
  <div class="container">
    <form method="post" action="---">
      <input type="submit" class="btn btn-def" name="logout" value="Log Out">
    </form>
  </div>
</div>


<?php

            if (isset($_POST['post'])) {
              date_default_timezone_set('America/Chicago');
              $title = $_POST['title'];
              $author = $_POST['author'];
              $ptext = $_POST['ptext'];
              $imgpath = $_POST['imagepath'];
              $tags = $_POST['tags'];
              $hidden_tags = $_POST['hidden_tags'];
              $body = $_POST['body'];
              $post_date = date('Y/m/d H:i:s');
              $pad = date('M Y');


          $stmt = $con->prepare("INSERT INTO posts (title, author, prev_text, img_path, tags, hidden_tags, body, post_date, pad) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)");
          $stmt->bind_param("sssssssss", $title, $author, $ptext, $imgpath, $tags, $hidden_tags, $body, $post_date, $pad);


              $stmt->execute();
              $stmt->close();

              header('Location: ---');
            }

          if (isset($_POST['logout'])) {

            session_destroy();
          }


 ?>