All user/ pages require authentication against database users.

user/edit.php

@@ -1,6 +1,7 @@
 <?php
 require "../includes/htmlcode.php";
 start_html("Find post to edit");
+include "../includes/login.inc";
 ?>
 
 <h1>Find post to edit</h1>

user/editpost.php

@@ -6,6 +6,8 @@ require "../includes/dbconnect.php";
 require "../includes/htmlcode.php";
 
 start_html("Edit post");
+include "../includes/login.inc";
+
 print "<h1>Edit post</h1>";
 
 $query = "SELECT * FROM blog WHERE date='$_GET[date]' AND title='$_GET[title]'";

user/index.php

@@ -1,6 +1,7 @@
 <?php
 require "../includes/htmlcode.php";
 start_html("simlog user interface");
+include "../includes/login.inc";
 ?>
 
 <h1>simplog user interface</h1>

user/updatepost.php

@@ -6,6 +6,7 @@ require "../includes/dbconnect.php";
 require "../includes/htmlcode.php";
 
 start_html("Post updated");
+include "../includes/login.inc";
 
 
 $query = "UPDATE blog SET date='$_POST[date]', title='$_POST[title]',