personal-website/docs/www/blog/generatearticle.php

207 lines
5.6 KiB
PHP
Raw Normal View History

2024-07-23 23:18:32 +02:00
<?php
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
include_once($COMMONS."/header.php");
include_once("blogpost.php");
include_once("blogpostcomment.php");
/**
* Load comments under a given blog.
* Returns array of BlogpostComment objects.
*/
function load_comments($conn, $blogId, $blogAddress) {
// Prepare new statement for selecting all the child comments.
$stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp,
content FROM blogpost_comments WHERE blogpost_id = :blogpost_id
AND parent_id IS NULL ORDER BY timestamp ASC;");
// Bind and execute the comment select
$stmt->bindParam(":blogpost_id", $blogId);
$stmt->execute();
// Fetch the comments
$results_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
$comments_arr = [];
// Prepare comment author selection statement
$stmt = $conn->prepare("SELECT username FROM users WHERE
user_id = :user_id;");
// Recursively fetch all the child comments
for($i = 0; $i < count($results_arr); $i++) {
$com = $results_arr[$i];
// If comment has a registered author, fetch their name
if($com["poster_id"]) {
$stmt->bindParam(":user_id", $com["poster_id"]);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If user was erased from database, set name to [Deleted]
if(!$result) {
$username = "[Deleted]";
}
else {
$username = $result["username"];
}
}
else {
$username = "[Guest]";
}
$commentObj = new BlogpostComment($com["comment_id"], $com["poster_id"],
$username, $blogId, $blogAddress, $com["timestamp"],
$com["content"], NULL);
$commentObj->load_children($conn);
$comments_arr[] = $commentObj;
}
return $comments_arr;
}
/**
* Load info about the blog with a given guid and return corresponding
* Blogpost object. NULL if blog couldn't be loaded.
*/
function load_blog($conn, $blogId){
// Prepare and bind statement for gathering blogpost info
$stmt = $conn->prepare("SELECT readable_address, title, content,
date_posted, date_edited FROM blogposts WHERE
blogpost_id = :blogpost_id;");
$stmt->bindParam(":blogpost_id", $blogId);
// Execute the statement
$stmt->execute();
// Fetch the blogpost
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If no post with given guid was found,
// there is no information to gather, return.
if(!$result){
return null;
}
// Prepare new statement for selecting the tags for a given blogpost
$stmt = $conn->prepare("SELECT name, color FROM
blogpost_tags INNER JOIN blogpost_has_tag ON
blogpost_tags.tag_id = blogpost_has_tag.tag_id WHERE
blogpost_id = :blogpost_id;");
// Bind and execute the tag select
$stmt->bindParam(":blogpost_id", $blogId);
$stmt->execute();
// Fetch the tags
$tags_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
// Set the variables
$blogTitle = $result["title"];
$blogAddress = $result["readable_address"];
$blogContent = $result["content"];
$datePosted = $result["date_posted"];
$dateEdited = $result["date_edited"];
$tags = $tags_arr;
$comments = load_comments($conn, $blogId, $blogAddress);
return new Blogpost($blogId, $blogAddress, $blogTitle, $blogContent,
$datePosted, $dateEdited, $tags, $comments);
}
// If request is not POST, throw method not allowed
if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0)
{
header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/405.php");
include_once($COMMONS."/footer.php");
die();
}
2024-07-23 23:18:32 +02:00
// Check DB connection
if($conn == null){
header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/503.php");
die();
}
// If a human-readable address was provided, extract appropriate id.
if(isset($_POST["address"])) {
$blogAddr = sanitize_input($_POST["address"]);
// Prepare and bind statement for gathering blogpost address
$stmt = $conn->prepare("SELECT blogpost_id
FROM blogposts WHERE readable_address = :readable_address;");
$stmt->bindParam(":readable_address", $blogAddr);
// Execute the statement
$stmt->execute();
// Fetch the blogpost
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If post with given address was found, set the $blogId var.
if($result){
$blogId = sanitize_input($result["blogpost_id"]);
}
}
// Attempt to load the blogpost
$blogPost = load_blog($conn, $blogId);
// If blogpost could not be retieved, display warning and die.
if(!$blogPost) {
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404);
die();
}
// Try to open the file to which to render the blogpost.
if (!($fp = fopen("article/".$blogPost->address.".php", 'w'))) {
header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing",
true, 505);
echo "fail";
die();
}
fprintf($fp,
"<?php
include_once(\"%s\");
display_header(\"%s\");
echo \"%s\";
?>
<hr style=\"border-style: solid;\">
<article>
<h2> Comments: </h2>
<form method=\"post\" action=\"%s\">
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
<input type=\"hidden\" name=\"address\" value=\"%s\">
<label for=\"comment_entry\">Write a comment (<?php
echo isset(\$_SESSION[\"current_user\"]) ?
\$_SESSION[\"current_user\"]->user_name:
\"Guest\";
?>
):</label>
<div class=\"centered-container\">
<textarea name=\"comment_entry\" class=\"comment-box\"
tabindex=\"1\"></textarea>
</div>
<input name=\"submit\" type=\"submit\" tabindex=\"2\"
value=\"Send\">
</form>
</article>
<?php
echo \"%s\";
include_once(\"%s\");
?>
",
$COMMONS."/header.php",
$blogPost->title,
addslashes($blogPost->display_article()),
"SEND_COMMAND_ACTION",
$blogPost->blogId,
$blogPost->address,
addslashes($blogPost->display_comments()),
$COMMONS."/footer.php");
?>