Added Search, errors and user validation

app/BlogPosts.php

@@ -11,4 +11,12 @@ class BlogPosts extends Model
     protected $fillable = [
         'post_title', 'post_description', 'image_name',
     ];
+
+    public function user(){
+    	return $this->belongsTo('App\User');
+    }
+
+    function userCanEdit(User $user){
+    	return $this->user_id == $user->id;
+    }
 }

app/Http/Controllers/AdminController.php

@@ -4,10 +4,14 @@
 
 use Illuminate\Http\Request;
 use App\BlogPosts;
+use App\User;
 
 class AdminController extends Controller
 {
     public function index(){
+    	$user = User::where('id', '=', \Auth::user()->id)->firstOrFail();
+    	$usersblogs = $user->posts;
+
     	return view('admin.index');
     }
 }

app/Http/Controllers/BlogController.php

@@ -51,6 +51,7 @@ public function store(Request $request)
         $newPost = new BlogPosts();
         $newPost->post_title = $request->post_title;
         $newPost->post_description = $request->post_description;
+        $newPost->user_id = \Auth::user()->id;
 
         $filename = uniqid();
         $newPost->image_name = $filename;
@@ -84,7 +85,8 @@ public function store(Request $request)
     public function show($id)
     {
       $post = BlogPosts::where('id', "=", $id)->firstOrFail();
-      return view('blog.show', compact('post'));
+      $userInfo = $post->user;
+      return view('blog.show', compact('post', 'userInfo'));
     }
 
     /**
@@ -96,6 +98,10 @@ public function show($id)
     public function edit($id)
     {
       $post = BlogPosts::where('id', "=", $id)->firstOrFail();
+
+      if(\Auth::user()->id !== $post->user_id){
+        return abort(401);
+      }
       return view('blog.edit', compact('post'));
     }
 
@@ -109,6 +115,9 @@ public function edit($id)
     public function update(Request $request, $id)
     {
         $post = BlogPosts::findOrFail($id);
+        if(\Auth::user()->id !== $post->user_id){
+            return abort(401);
+        }
         $this->validate($request, [
             'post_title' => 'required|min:5|max:255',
             'post_description' => 'required',
@@ -154,6 +163,9 @@ public function update(Request $request, $id)
     public function destroy($id)
     {
         $post = BlogPosts::findOrFail($id);
+        if(\Auth::user()->id !== $post->user_id){
+            return abort(401);
+        }
         $filename = $post->image_name;
         unlink('images/uploads/'.$filename.'-large.jpg');
         unlink('images/uploads/'.$filename.'-thumb.jpg');

app/Http/Controllers/SearchController.php

@@ -0,0 +1,24 @@
+<?php
+
+namespace App\Http\Controllers;
+
+use Illuminate\Http\Request;
+use App\BlogPosts;
+
+class SearchController extends Controller
+{
+    public function index(){
+    	if(isset($_GET['q'])){
+    		$searchTerm = $_GET['q'];
+    		//manipulate the variable if needed
+    	} else{
+    		$serachTerm = "";
+    	}
+
+    	$searchResults = BlogPosts::where('post_title', 'LIKE', '%'.$searchTerm.'%')
+    	->orWhere('post_description', 'LIKE', '%'.$searchTerm.'%')
+    	->get();
+
+    	return view('search.index', compact('searchResults'));
+    }
+}

app/User.php

@@ -26,4 +26,8 @@ class User extends Authenticatable
     protected $hidden = [
         'password', 'remember_token',
     ];
+
+    public function posts(){
+        return $this->hasMany('App\BlogPosts');
+    }
 }

database/migrations/2017_11_27_202520_add_userid_to_blogposts.php

@@ -0,0 +1,34 @@
+<?php
+
+use Illuminate\Support\Facades\Schema;
+use Illuminate\Database\Schema\Blueprint;
+use Illuminate\Database\Migrations\Migration;
+
+class AddUseridToBlogposts extends Migration
+{
+    /**
+     * Run the migrations.
+     *
+     * @return void
+     */
+    public function up()
+    {
+        Schema::table('blog_posts', function (Blueprint $table) {
+            $table->integer('user_id')->unsigned()->after('image_name');
+            $table->foreign('user_id')->references('id')->on('users');
+        });
+    }
+
+    /**
+     * Reverse the migrations.
+     *
+     * @return void
+     */
+    public function down()
+    {
+        Schema::table('blog_posts', function (Blueprint $table) {
+            $table->dropForeign(['user_id']);
+            $table->dropColumn('user_id');
+        });
+    }
+}

resources/views/blog/show.blade.php

@@ -10,7 +10,7 @@
 @section('content')
 	<div class="container">
 		<h1>{{ $post->post_title }}</h1>
-		<p><small>Created at : {{$post->created_at}}</small></p>
+		<p><small>Created at : {{$post->created_at}} by {{$userInfo->name}}</small></p>
 		<hr>
 		<div class="row">
 			<div class="col col-xs-4">
@@ -21,13 +21,15 @@
 			</div>
 		</div>
 		@if(Auth::user())
-		<div class="row">
-			<a class="btn btn-outline-primary" href="{{ route('blog.edit', $post->id ) }}" role="button">Edit Post</a>
-
-			{{Form::open(['method' => 'DELETE', 'route' => ['blog.destroy', $post->id]])}}
-				<button type="submit" class="btn btn-outline-danger">Delete Post</button>
-			{{Form::close()}}
-		</div>
+			@if($post->userCanEdit(Auth::user()))
+			<div class="row">
+				<a class="btn btn-outline-primary" href="{{ route('blog.edit', $post->id ) }}" role="button">Edit Post</a>
+
+				{{Form::open(['method' => 'DELETE', 'route' => ['blog.destroy', $post->id]])}}
+					<button type="submit" class="btn btn-outline-danger">Delete Post</button>
+				{{Form::close()}}
+			</div>
+			@endif
 		@endif		
 
 	</div>

resources/views/errors/401.blade.php

@@ -0,0 +1,24 @@
+@extends('layouts.master')
+
+@section('title', '401 Page not Found')
+@section('description', '401 Page not found')
+
+@section('styles')
+
+@endsection
+
+@section('content')
+<div class="container">
+	<div class="jumbotron jumbotron-fluid">
+		<h1>Error 401</h1>
+		<p>You must have the right privilages to view this page.</p>
+	</div>
+</div>
+@endsection
+
+@section('scripts')
+
+@endsection
+
+
+

resources/views/errors/404.blade.php

@@ -0,0 +1,24 @@
+@extends('layouts.master')
+
+@section('title', '404 Page not Found')
+@section('description', '404 Page not found')
+
+@section('styles')
+
+@endsection
+
+@section('content')
+<div class="container">
+	<div class="jumbotron jumbotron-fluid">
+		<h1>404 Page not found</h1>
+		<p>The page you are looking for is not found, please try again.</p>
+	</div>
+</div>
+@endsection
+
+@section('scripts')
+
+@endsection
+
+
+

resources/views/partials/_nav.blade.php

@@ -50,8 +50,8 @@
             </li>
         @endguest
     </ul>
-		<form class="form-inline my-2 my-lg-0">
-			<input class="form-control mr-sm-2" type="search" placeholder="Search" aria-label="Search">
+		<form method="get" action="search" class="form-inline my-2 my-lg-0">
+			<input class="form-control mr-sm-2" type="search" placeholder="Search" aria-label="Search" name="q">
 			<button class="btn btn-outline-success my-2 my-sm-0" type="submit">Search</button>
 		</form>
 	</div>

resources/views/search/index.blade.php

@@ -0,0 +1,33 @@
+@extends('layouts.master')
+
+@section('title', 'Serach results')
+@section('description', 'List of Search Results')
+
+@section('styles')
+
+@endsection
+
+@section('content')
+	<div class="container">
+		<h1>Search Results for: </h1>
+		<hr>
+		@if($searchResults)
+			@foreach($searchResults as $result)
+			<div class="col-xs-12">
+				<h3>{{$result->post_title}}</h3>
+				<p>{{$result->post_description}}</p>
+				<a href="{{ route('blog.show', $result->id)}}">go to post</a>
+			</div>
+			@endforeach
+		@else
+			<p>There was no results for your query</p>
+		@endif
+	</div>
+@endsection
+
+@section('scripts')
+
+@endsection
+
+
+

routes/web.php

@@ -31,3 +31,12 @@
 Auth::routes();
 
 Route::get('/home', 'HomeController@index')->name('home');
+
+Route::get('search', 'SearchController@index');
+
+
+
+
+
+
+