Blog system enhancements: fix publish/unpublish permissions, add action buttons to blog listings, update gallery to show only published blog images, improve blog card layout and description truncation

src/processors/blog/publish_blog.php

@@ -0,0 +1,54 @@
+<?php
+$rootPath = dirname(dirname(dirname(__DIR__)));
+require_once($rootPath . "/src/config/env.php");
+require_once($rootPath . "/src/config/connection.php");
+require_once($rootPath . "/src/config/functions.php");
+session_start();
+
+if (!isset($_SESSION['user_id'])) {
+    http_response_code(401);
+    echo "Not authorized";
+    exit;
+}
+
+$article_id = (int)($_POST['id'] ?? 0);
+$user_id = $_SESSION['user_id'];
+$role = getUserRole();
+
+if ($article_id <= 0) {
+    http_response_code(400);
+    echo "Invalid blog ID";
+    exit;
+}
+
+// Check permissions: user must be author or admin
+$stmt = $conn->prepare("SELECT author FROM blogs WHERE blog_id = ?");
+$stmt->bind_param("i", $article_id);
+$stmt->execute();
+$result = $stmt->get_result();
+$blog = $result->fetch_assoc();
+$stmt->close();
+
+if (!$blog) {
+    http_response_code(404);
+    echo "Blog not found";
+    exit;
+}
+
+// Allow if user is author or admin
+if ($blog['author'] != $user_id && !in_array($role, ['admin', 'superadmin'])) {
+    http_response_code(403);
+    echo "Not authorized to publish this blog";
+    exit;
+}
+
+$stmt = $conn->prepare("UPDATE blogs SET status = 'published' WHERE blog_id = ?");
+$stmt->bind_param("i", $article_id);
+
+if ($stmt->execute()) {
+    echo "Published";
+} else {
+    http_response_code(500);
+    echo "Failed to publish: " . $stmt->error;
+}
+?>