30882-vm/admin.php

<?php
session_start();
require_once 'db/config.php';

if (!isset($_SESSION['user_id'])) {
    header('Location: login.php');
    exit;
}


// Handle deletion
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['delete_id'])) {
    try {
        $pdo = db();
        $stmt = $pdo->prepare("DELETE FROM posts WHERE id = ?");
        $stmt->execute([$_POST['delete_id']]);
        header("Location: admin.php?deleted=true");
        exit;
    } catch (PDOException $e) {
        error_log("DB Error: " . $e->getMessage());
        // In a real app, you'd have a more robust error handling system
        die("Error deleting post. Check logs for details.");
    }
}

$posts = [];
try {
    $pdo = db();
    $stmt = $pdo->query("SELECT id, title, created_at FROM posts ORDER BY created_at DESC");
    $posts = $stmt->fetchAll();
} catch (PDOException $e) {
    error_log("DB Error: " . $e->getMessage());
}
?>
<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Admin - Manage Posts</title>
    <meta name="robots" content="noindex, nofollow">
    <link href="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/css/bootstrap.min.css" rel="stylesheet">
    <link rel="stylesheet" href="assets/css/custom.css?v=<?php echo time(); ?>">
</head>
<body>

    <nav class="navbar navbar-expand-lg navbar-light bg-white shadow-sm">
        <div class="container">
            <a class="navbar-brand" href="/">My Awesome Blog</a>
            <a href="admin.php" class="nav-link">Admin</a>
            <a href="logout.php" class="nav-link">Logout</a>
        </div>
    </nav>

    <main class="container my-5">
        <div class="d-flex justify-content-between align-items-center mb-4">
            <h1 class="h2">Manage Posts</h1>
            <a href="editor.php" class="btn btn-primary">Create New Post</a>
        </div>

        <?php if (isset($_GET['deleted'])): ?>
            <div class="alert alert-success">Post deleted successfully.</div>
        <?php endif; ?>
        <?php if (isset($_GET['saved'])): ?>
            <div class="alert alert-success">Post saved successfully.</div>
        <?php endif; ?>

        <?php if (empty($posts)): ?>
            <div class="text-center py-5">
                <p class="lead">No posts found.</p>
                <a href="editor.php" class="btn btn-primary">Create your first post</a>
            </div>
        <?php else: ?>
            <div class="card">
                <div class="table-responsive">
                    <table class="table table-hover mb-0">
                        <thead class="table-light">
                            <tr>
                                <th scope="col">Title</th>
                                <th scope="col">Created At</th>
                                <th scope="col" class="text-end">Actions</th>
                            </tr>
                        </thead>
                        <tbody>
                            <?php foreach ($posts as $post): ?>
                                <tr>
                                    <td><?php echo htmlspecialchars($post['title']); ?></td>
                                    <td><?php echo date("F j, Y, g:i a", strtotime($post['created_at'])); ?></td>
                                    <td class="text-end">
                                        <a href="editor.php?id=<?php echo $post['id']; ?>" class="btn btn-sm btn-outline-primary">Edit</a>
                                        <form action="admin.php" method="POST" onsubmit="return confirm('Are you sure you want to delete this post?');" class="d-inline">
                                            <input type="hidden" name="delete_id" value="<?php echo $post['id']; ?>">
                                            <button type="submit" class="btn btn-sm btn-outline-danger">Delete</button>
                                        </form>
                                    </td>
                                </tr>
                            <?php endforeach; ?>
                        </tbody>
                    </table>
                </div>
            </div>
        <?php endif; ?>
    </main>

    <footer class="footer mt-auto py-3 bg-white border-top">
        <div class="container text-center">
            <span class="text-muted">&copy; <?php echo date("Y"); ?> My Awesome Blog. All Rights Reserved.</span>
        </div>
    </footer>

    <script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
</body>
</html>