From c9533bf686ea750b464cea109f9ea0bb90071d8b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zden=C4=9Bk=20Borovec?= Date: Wed, 21 Aug 2024 23:06:32 +0200 Subject: [PATCH] static page generation --- docs/common/blog_utils.php | 409 ++++++++++++++++++++++++++++++ docs/www/blog/blogpost.php | 80 ------ docs/www/blog/blogpostcomment.php | 150 ----------- docs/www/blog/generatearticle.php | 240 +++++------------- docs/www/blog/post_comment.php | 157 ++++++++++++ docs/www/errors/400.php | 18 ++ 6 files changed, 652 insertions(+), 402 deletions(-) create mode 100644 docs/common/blog_utils.php delete mode 100644 docs/www/blog/blogpost.php delete mode 100644 docs/www/blog/blogpostcomment.php create mode 100644 docs/www/blog/post_comment.php create mode 100644 docs/www/errors/400.php diff --git a/docs/common/blog_utils.php b/docs/common/blog_utils.php new file mode 100644 index 0000000..ec90c27 --- /dev/null +++ b/docs/common/blog_utils.php @@ -0,0 +1,409 @@ +"; + $body .= sprintf(" + +
+

%s

Published on: %s
", $this->title, + date("Y-m-d", strtotime($this->date_posted))); + + // Display tags + for($i = 0; $i < count($this->tags); $i++) { + $tag = $this->tags[$i]; + $body .= sprintf(" + + %s + ", $tag["color"], $tag["name"]); + } + + // Display publish date and end metadata div + $body .= sprintf(" + Last edited on: %s
", + date("Y-m-d", strtotime($this->date_edited))); + + // Display hrule, article content and end the article + $body .= sprintf("
%s
", $this->content); + return $body; + } + + /** + * Display the comments for this post and their children. + */ + public function display_comments(){ + $body = "
"; + for($i = 0; $i < count($this->comments); $i++){ + $body .= $this->comments[$i]->display_comment(); + } + return $body."
"; + } + + /** + * Constructor for the blogpost. + * $blogpost_id GUID of the blogpost in the database. + * $address Readable address of the blogpost. + * $title Title of the blogpost. + * $content Content of the blogpost article. + * $date_posted Timestamp at publishing of article. + * $date_edited Timestamp at whioch the article was last edited. + * $tags Array of the tags this article has. + * $comments Array of Blogpostcomment objects, + * the comments of this article. + */ + public function __construct($blogpost_id, $address, $title, + $content, $date_posted, $date_edited, $tags, $comments){ + $this->blogpost_id = $blogpost_id; + $this->address = $address; + $this->title = $title; + $this->content = $content; + $this->date_posted = $date_posted; + $this->date_edited = $date_edited; + $this->tags = $tags; + $this->comments = $comments; + } +} + +class BlogpostComment +{ + public $comment_id; + public $blogpost_id; + public $blogpost_addr; + public $poster_id; + public $poster_name; + public $parent_id; + public $timestamp; + public $content; + public $children; + + /** + * Display the comment, and recursively it's children + */ + public function display_comment() { + $body = sprintf(" +
+
+ By: %s + On: %s + + +
+
+ %s +
+
+
+ + + + +
+ +
+ +
+
+
+
+ ", + $this->comment_id, + $this->poster_name, + date("Y-m-d H:i", strtotime($this->timestamp)), + $this->comment_id, + $this->comment_id, + $this->content, + $this->blogpost_id, + $this->blogpost_addr, + $this->comment_id); + + if($this->children != null) { + for($i = 0; $i < count($this->children); $i++) + { + $child = $this->children[$i]; + $body .= $child->display_comment(); + } + } + return $body."
"; + } + + /** + * Load the child comments to this comment, and recursively their children. + */ + public function load_children($conn) { + // Prepare new statement for selecting all the child comments. + $stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp, + content FROM blogpost_comments WHERE blogpost_id = :blogpost_id AND + parent_id = :comment_id ORDER BY timestamp ASC;"); + + // Bind and execute the comment select + $stmt->bindParam(":blogpost_id", $this->blogpost_id); + $stmt->bindParam(":comment_id", $this->comment_id); + $stmt->execute(); + + // Fetch the comments + $results_arr = $stmt->fetchall(PDO::FETCH_ASSOC); + $comments_arr = []; + + // Prepare comment author selection statement + $stmt = $conn->prepare("SELECT username FROM users WHERE + user_id = :user_id;"); + + // Recursively fetch all the child comments + for($i = 0; $i < count($results_arr); $i++) { + $com = $results_arr[$i]; + + // If comment has a registered author, fetch their name + if($com["poster_id"]) { + $stmt->bindParam(":user_id", $com["poster_id"]); + + $stmt->execute(); + + $result = $stmt->fetch(PDO::FETCH_ASSOC); + + // If user was erased from database, set name to [Deleted] + if(!$result) { + $username = "[Deleted]"; + } + else { + $username = $result["username"]; + } + } + else { + $username = "[Guest]"; + } + + $commentObj = new BlogpostComment($com["comment_id"], + $com["poster_id"], $username, $this->blogpost_id, + $this->blogpost_addr, $com["timestamp"], $com["content"], + $this->comment_id); + $comments_arr[] = $commentObj; + $commentObj->load_children($conn); + } + + $this->children = $comments_arr; + } + + /** + * Constructor for the BlogpostComment object. + * $comment_id GUID of the comment. + * $poster_id GUID of the comment author. + * $poster_name Name of the comment author. + * $blogpost_id GUID of the blogpost this comment is under. + * $blogpost_addr Human-readable address of the blogpost this + comment is under. + * $timestamp Timestamp at comment creation. + * $content Content of the comment. + * $parent_id GUID of the comment this is a reply to (or NULL). + */ + public function __construct($comment_id, $poster_id, $poster_name, + $blogpost_id, $blogpost_address, $timestamp, $content, $parent_id) { + $this->comment_id = $comment_id; + $this->blogpost_id = $blogpost_id; + $this->blogpost_addr = $blogpost_address; + $this->poster_id = $poster_id; + $this->poster_name = $poster_name; + $this->timestamp = $timestamp; + $this->content = $content; + $this->parent_id = $parent_id; + } +} +/** + * Load comments under a given blog. + * Returns array of BlogpostComment objects. + */ +function load_comments($conn, $blogId, $blogAddress) { + // Prepare new statement for selecting all the child comments. + $stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp, + content FROM blogpost_comments WHERE blogpost_id = :blogpost_id + AND parent_id IS NULL ORDER BY timestamp ASC;"); + + // Bind and execute the comment select + $stmt->bindParam(":blogpost_id", $blogId); + $stmt->execute(); + + // Fetch the comments + $results_arr = $stmt->fetchall(PDO::FETCH_ASSOC); + $comments_arr = []; + + // Prepare comment author selection statement + $stmt = $conn->prepare("SELECT username FROM users WHERE + user_id = :user_id;"); + + // Recursively fetch all the child comments + for($i = 0; $i < count($results_arr); $i++) { + $com = $results_arr[$i]; + + // If comment has a registered author, fetch their name + if($com["poster_id"]) { + $stmt->bindParam(":user_id", $com["poster_id"]); + + $stmt->execute(); + + $result = $stmt->fetch(PDO::FETCH_ASSOC); + + // If user was erased from database, set name to [Deleted] + if(!$result) { + $username = "[Deleted]"; + } + else { + $username = $result["username"]; + } + } + else { + $username = "[Guest]"; + } + + $commentObj = new BlogpostComment($com["comment_id"], $com["poster_id"], + $username, $blogId, $blogAddress, $com["timestamp"], + $com["content"], NULL); + $commentObj->load_children($conn); + $comments_arr[] = $commentObj; + } + + return $comments_arr; +} + +function get_blogpost_address($conn, $blogId) { + // Prepare and bind the statement for selecting address + $stmt = $conn->prepare("SELECT readable_address FROM + blogposts WHERE blogpost_id = :blogpost_id"); + $stmt->bindParam(":blogpost_id", $blogId); + + // Execute the statement + $stmt->execute(); + + // Fetch the blogpost address + $result = $stmt->fetch(PDO::FETCH_ASSOC); + + // If no blogpost with the given GUID was found, return null. + if(!$result) { + return null; + } + + // Return the blogpost address. + return $result["readable_address"]; +} + +/** + * Load info about the blog with a given guid and return corresponding + * Blogpost object. NULL if blog couldn't be loaded. + */ +function load_blog($conn, $blogId){ + // Prepare and bind statement for gathering blogpost info + $stmt = $conn->prepare("SELECT readable_address, title, content, + date_posted, date_edited FROM blogposts WHERE + blogpost_id = :blogpost_id;"); + $stmt->bindParam(":blogpost_id", $blogId); + + // Execute the statement + $stmt->execute(); + + // Fetch the blogpost + $result = $stmt->fetch(PDO::FETCH_ASSOC); + + // If no post with given guid was found, + // there is no information to gather, return. + if(!$result){ + return null; + } + + // Prepare new statement for selecting the tags for a given blogpost + $stmt = $conn->prepare("SELECT name, color FROM + blogpost_tags INNER JOIN blogpost_has_tag ON + blogpost_tags.tag_id = blogpost_has_tag.tag_id WHERE + blogpost_id = :blogpost_id;"); + + // Bind and execute the tag select + $stmt->bindParam(":blogpost_id", $blogId); + $stmt->execute(); + + // Fetch the tags + $tags_arr = $stmt->fetchall(PDO::FETCH_ASSOC); + + // Set the variables + $blogTitle = $result["title"]; + $blogAddress = $result["readable_address"]; + $blogContent = $result["content"]; + $datePosted = $result["date_posted"]; + $dateEdited = $result["date_edited"]; + $tags = $tags_arr; + $comments = load_comments($conn, $blogId, $blogAddress); + + return new Blogpost($blogId, $blogAddress, $blogTitle, $blogContent, + $datePosted, $dateEdited, $tags, $comments); +} + +function generate_article($conn, $fp, $blogId) { + // Attempt to load the blogpost + $blogPost = load_blog($conn, $blogId); + + if(!$blogPost) { + return false; + } + + fprintf($fp, + " +
+
+

Comments:

+
+ + + +
+ +
+ +
+
+ + ", + $blogPost->title, + addslashes($blogPost->display_article()), + $blogPost->blogpost_id, + $blogPost->address, + addslashes($blogPost->display_comments())); + + return true; +} + +?> diff --git a/docs/www/blog/blogpost.php b/docs/www/blog/blogpost.php deleted file mode 100644 index 7d48ced..0000000 --- a/docs/www/blog/blogpost.php +++ /dev/null @@ -1,80 +0,0 @@ -"; - $body .= sprintf(" - -
-

%s

Published on: %s
", $this->title, - date("Y-m-d", strtotime($this->date_posted))); - - // Display tags - for($i = 0; $i < count($this->tags); $i++) { - $tag = $this->tags[$i]; - $body .= sprintf(" - - %s - ", $tag["color"], $tag["name"]); - } - - // Display publish date and end metadata div - $body .= sprintf(" - Last edited on: %s
", - date("Y-m-d", strtotime($this->date_edited))); - - // Display hrule, article content and end the article - $body .= sprintf("
%s
", $this->content); - return $body; - } - - /** - * Display the comments for this post and their children. - */ - public function display_comments(){ - $body = "
"; - for($i = 0; $i < count($this->comments); $i++){ - $body .= $this->comments[$i]->display_comment(); - } - return $body."
"; - } - - /** - * Constructor for the blogpost. - * $blogpost_id GUID of the blogpost in the database. - * $address Readable address of the blogpost. - * $title Title of the blogpost. - * $content Content of the blogpost article. - * $date_posted Timestamp at publishing of article. - * $date_edited Timestamp at whioch the article was last edited. - * $tags Array of the tags this article has. - * $comments Array of Blogpostcomment objects, - * the comments of this article. - */ - public function __construct($blogpost_id, $address, $title, - $content, $date_posted, $date_edited, $tags, $comments){ - $this->blogpost_id = $blogpost_id; - $this->address = $address; - $this->title = $title; - $this->content = $content; - $this->date_posted = $date_posted; - $this->date_edited = $date_edited; - $this->tags = $tags; - $this->comments = $comments; - } -} -?> diff --git a/docs/www/blog/blogpostcomment.php b/docs/www/blog/blogpostcomment.php deleted file mode 100644 index b28303e..0000000 --- a/docs/www/blog/blogpostcomment.php +++ /dev/null @@ -1,150 +0,0 @@ - -
- By: %s - On: %s - - -
-
- %s -
-
-
- - - - -
- -
- -
-
-
-
- ", - $this->comment_id, - $this->poster_name, - date("Y-m-d H:i", strtotime($this->timestamp)), - $this->comment_id, - $this->comment_id, - $this->content, - htmlspecialchars($_SERVER["PHP_SELF"]), - $this->blogpost_id, - $this->blogpost_addr, - $this->comment_id); - - if($this->children != null) { - for($i = 0; $i < count($this->children); $i++) - { - $child = $this->children[$i]; - $body .= $child->display_comment(); - } - } - return $body."
"; - } - - /** - * Load the child comments to this comment, and recursively their children. - */ - public function load_children($conn) { - // Prepare new statement for selecting all the child comments. - $stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp, - content FROM blogpost_comments WHERE blogpost_id = :blogpost_id AND - parent_id = :comment_id ORDER BY timestamp ASC;"); - - // Bind and execute the comment select - $stmt->bindParam(":blogpost_id", $this->blogpost_id); - $stmt->bindParam(":comment_id", $this->comment_id); - $stmt->execute(); - - // Fetch the comments - $results_arr = $stmt->fetchall(PDO::FETCH_ASSOC); - $comments_arr = []; - - // Prepare comment author selection statement - $stmt = $conn->prepare("SELECT username FROM users WHERE - user_id = :user_id;"); - - // Recursively fetch all the child comments - for($i = 0; $i < count($results_arr); $i++) { - $com = $results_arr[$i]; - - // If comment has a registered author, fetch their name - if($com["poster_id"]) { - $stmt->bindParam(":user_id", $com["poster_id"]); - - $stmt->execute(); - - $result = $stmt->fetch(PDO::FETCH_ASSOC); - - // If user was erased from database, set name to [Deleted] - if(!$result) { - $username = "[Deleted]"; - } - else { - $username = $result["username"]; - } - } - else { - $username = "[Guest]"; - } - - $commentObj = new BlogpostComment($com["comment_id"], - $com["poster_id"], $username, $this->blogpost_id, - $this->blogpost_addr, $com["timestamp"], $com["content"], - $this->comment_id); - $comments_arr[] = $commentObj; - $commentObj->load_children($conn); - } - - $this->children = $comments_arr; - } - - /** - * Constructor for the BlogpostComment object. - * $comment_id GUID of the comment. - * $poster_id GUID of the comment author. - * $poster_name Name of the comment author. - * $blogpost_id GUID of the blogpost this comment is under. - * $blogpost_addr Human-readable address of the blogpost this - comment is under. - * $timestamp Timestamp at comment creation. - * $content Content of the comment. - * $parent_id GUID of the comment this is a reply to (or NULL). - */ - public function __construct($comment_id, $poster_id, $poster_name, - $blogpost_id, $blogpost_address, $timestamp, $content, $parent_id) { - $this->comment_id = $comment_id; - $this->blogpost_id = $blogpost_id; - $this->blogpost_addr = $blogpost_address; - $this->poster_id = $poster_id; - $this->poster_name = $poster_name; - $this->timestamp = $timestamp; - $this->content = $content; - $this->parent_id = $parent_id; - } -} -?> diff --git a/docs/www/blog/generatearticle.php b/docs/www/blog/generatearticle.php index b18a126..2598328 100644 --- a/docs/www/blog/generatearticle.php +++ b/docs/www/blog/generatearticle.php @@ -2,120 +2,58 @@ $COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common"; include_once($COMMONS."/header.php"); -include_once("blogpost.php"); -include_once("blogpostcomment.php"); +include_once($COMMONS."/blog_utils.php"); -/** - * Load comments under a given blog. - * Returns array of BlogpostComment objects. - */ -function load_comments($conn, $blogId, $blogAddress) { - // Prepare new statement for selecting all the child comments. - $stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp, - content FROM blogpost_comments WHERE blogpost_id = :blogpost_id - AND parent_id IS NULL ORDER BY timestamp ASC;"); +// If request is GET, show request info. +if(strcmp($_SERVER["REQUEST_METHOD"], "GET") == 0) +{ + display_header("Generate Article"); - // Bind and execute the comment select - $stmt->bindParam(":blogpost_id", $blogId); - $stmt->execute(); + printf(" +
+

Generate Article

+

+ Request this page with POST supplying following arguments: +

+ + + + + + + + + + + + + +
+ Argument + + Comment +
+ blogpost_id + + GUID of the blogpost in the database. +
+ referer + + URL, from which this page was requested, after generating + the article, the page will redirect back to the referer. +
+
+ "); - // Fetch the comments - $results_arr = $stmt->fetchall(PDO::FETCH_ASSOC); - $comments_arr = []; - - // Prepare comment author selection statement - $stmt = $conn->prepare("SELECT username FROM users WHERE - user_id = :user_id;"); - - // Recursively fetch all the child comments - for($i = 0; $i < count($results_arr); $i++) { - $com = $results_arr[$i]; - - // If comment has a registered author, fetch their name - if($com["poster_id"]) { - $stmt->bindParam(":user_id", $com["poster_id"]); - - $stmt->execute(); - - $result = $stmt->fetch(PDO::FETCH_ASSOC); - - // If user was erased from database, set name to [Deleted] - if(!$result) { - $username = "[Deleted]"; - } - else { - $username = $result["username"]; - } - } - else { - $username = "[Guest]"; - } - - $commentObj = new BlogpostComment($com["comment_id"], $com["poster_id"], - $username, $blogId, $blogAddress, $com["timestamp"], - $com["content"], NULL); - $commentObj->load_children($conn); - $comments_arr[] = $commentObj; - } - - return $comments_arr; + include_once($COMMONS."/footer.php"); + die(); } -/** - * Load info about the blog with a given guid and return corresponding - * Blogpost object. NULL if blog couldn't be loaded. - */ -function load_blog($conn, $blogId){ - // Prepare and bind statement for gathering blogpost info - $stmt = $conn->prepare("SELECT readable_address, title, content, - date_posted, date_edited FROM blogposts WHERE - blogpost_id = :blogpost_id;"); - $stmt->bindParam(":blogpost_id", $blogId); - - // Execute the statement - $stmt->execute(); - - // Fetch the blogpost - $result = $stmt->fetch(PDO::FETCH_ASSOC); - - // If no post with given guid was found, - // there is no information to gather, return. - if(!$result){ - return null; - } - - // Prepare new statement for selecting the tags for a given blogpost - $stmt = $conn->prepare("SELECT name, color FROM - blogpost_tags INNER JOIN blogpost_has_tag ON - blogpost_tags.tag_id = blogpost_has_tag.tag_id WHERE - blogpost_id = :blogpost_id;"); - - // Bind and execute the tag select - $stmt->bindParam(":blogpost_id", $blogId); - $stmt->execute(); - - // Fetch the tags - $tags_arr = $stmt->fetchall(PDO::FETCH_ASSOC); - - // Set the variables - $blogTitle = $result["title"]; - $blogAddress = $result["readable_address"]; - $blogContent = $result["content"]; - $datePosted = $result["date_posted"]; - $dateEdited = $result["date_edited"]; - $tags = $tags_arr; - $comments = load_comments($conn, $blogId, $blogAddress); - - return new Blogpost($blogId, $blogAddress, $blogTitle, $blogContent, - $datePosted, $dateEdited, $tags, $comments); -} - -// If request is not POST, throw method not allowed +// If request is not GET or POST, throw method not allowed if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0) { header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405); include_once($_SERVER["DOCUMENT_ROOT"]."/errors/405.php"); - include_once($COMMONS."/footer.php"); die(); } @@ -126,81 +64,39 @@ if($conn == null){ die(); } -// If a human-readable address was provided, extract appropriate id. -if(isset($_POST["address"])) { - $blogAddr = sanitize_input($_POST["address"]); - - // Prepare and bind statement for gathering blogpost address - $stmt = $conn->prepare("SELECT blogpost_id - FROM blogposts WHERE readable_address = :readable_address;"); - $stmt->bindParam(":readable_address", $blogAddr); - - // Execute the statement - $stmt->execute(); - - // Fetch the blogpost - $result = $stmt->fetch(PDO::FETCH_ASSOC); - - // If post with given address was found, set the $blogId var. - if($result){ - $blogId = sanitize_input($result["blogpost_id"]); - } +// If one of the needed parameters isn't set, show 400 +if(!(isset($_POST["blogpost_id"]) && isset($_POST["referer"]))) +{ + header($_SERVER["SERVER_PROTOCOL"]." 400: Bad Request", true, 400); + include_once($_SERVER["DOCUMENT_ROOT"]."/errors/400.php"); + die; } -// Attempt to load the blogpost -$blogPost = load_blog($conn, $blogId); +// Get the blogpost id and referer +$blogId = sanitize_input($_POST["blogpost_id"]); +$referer = sanitize_input($_POST["referer"]); -// If blogpost could not be retieved, display warning and die. -if(!$blogPost) { - header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404); - die(); -} +// Get the address of the blogpost +$blogAddress = get_blogpost_address($conn, $blogId); // Try to open the file to which to render the blogpost. -if (!($fp = fopen("article/".$blogPost->address.".php", 'w'))) { +if (!($fp = fopen("article/".$blogAddress.".php", 'w'))) { header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing", true, 505); - echo "fail"; + include_once($_SERVER["DOCUMENT_ROOT"]."/errors/500.php"); die(); } -fprintf($fp, -" -
-
-

Comments:

-
- - - -
- -
- -
-
- -", - $COMMONS."/header.php", - $blogPost->title, - addslashes($blogPost->display_article()), - "SEND_COMMAND_ACTION", - $blogPost->blogId, - $blogPost->address, - addslashes($blogPost->display_comments()), - $COMMONS."/footer.php"); +// Attempt to generate the blogpost +$blogRendered = generate_article($conn, $fp, $blogId); + +// If blogpost could not be loaded, display warning and die. +if(!$blogRendered) { + header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404); + include_once($_SERVER["DOCUMENT_ROOT"]."/errors/404.php"); + die(); +} + +// Redirect back to the referrer. +header("Location: ".$referer); ?> diff --git a/docs/www/blog/post_comment.php b/docs/www/blog/post_comment.php new file mode 100644 index 0000000..ffd254b --- /dev/null +++ b/docs/www/blog/post_comment.php @@ -0,0 +1,157 @@ +prepare("SELECT UUID()"); + $stmt->execute(); + $result = $stmt->fetch(PDO::FETCH_ASSOC); + $uuid = $result["UUID()"]; + + // Prepare the statemtnt + $stmt = $conn->prepare("INSERT INTO blogpost_comments + ( comment_id, parent_id, blogpost_id, poster_id, content) VALUES + (:comment_id, :parent_id, :blogpost_id, :poster_id, :content);"); + + // Bind all the parameters + $stmt->bindValue(":comment_id", $uuid, PDO::PARAM_STR); + $stmt->bindValue(":parent_id", $parentId == "NULL" + ? NULL : $parentId, PDO::PARAM_STR); + $stmt->bindValue(":blogpost_id", $blogId, PDO::PARAM_STR); + $stmt->bindValue(":poster_id", $posterId == "NULL" + ? NULL : $posterId, PDO::PARAM_STR); + $stmt->bindValue(":content", $content, PDO::PARAM_STR); + + // Execute the statement + $stmt->execute(); + + return $uuid; +} + +// If request is not POST, show request info. +if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0) +{ + display_header("Post Comment"); + + printf(" +
+

Post Comment

+

+ Request this page with POST supplying following arguments: +

+ + + + + + + + + + + + + + + + + + + + + +
+ Argument + + Comment +
+ referer + + URL, from which this page was requested, + after adding the comment into the database, + the page will redirect back to the referer. +
+ blogpost_id + + GUID of the blogpost, under which the comment was posted. +
+ content + + Content of the comment. +
+ parent_id (optional) + + GUID of the parent comment of the comment to be posted. +
+

+ Note: takes the SESSION variable \"current_user\" into account, if set. +

+
+ "); + + include_once($COMMONS."/footer.php"); + die(); +} + +// Check DB connection +if($conn == null){ + header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503); + include_once($_SERVER["DOCUMENT_ROOT"]."/errors/503.php"); + die(); +} + +// If one of the needed parameters isn't set, show 400 +if(! + (isset($_POST["referer"]) && isset($_POST["blogpost_id"]) && + isset($_POST["content"]))) +{ + header($_SERVER["SERVER_PROTOCOL"]." 400: Bad Request", true, 400); + include_once($_SERVER["DOCUMENT_ROOT"]."/errors/400.php"); + die; +} + +// Get the input arguments +$referer = sanitize_input($_POST["referer"]); +$blogpost_id = sanitize_input($_POST["blogpost_id"]); +$content = sanitize_input($_POST["content"]); +$parent_id = isset($_POST["parent_id"]) ? + sanitize_input($_POST["parent_id"]) : "NULL"; +$poster_id = isset($_SESSION["current_user"]) ? + sanitize_input($_SESSION["current_user"]->user_id) : "NULL"; + +// Send the comment to the database +$commentId = send_comment($conn, $blogpost_id, $poster_id, $content, + $parent_id); + +// Get the address of the blogpost +$blogAddress = get_blogpost_address($conn, $blogpost_id); + +// Try to open the file to which to render the blogpost. +if (!($fp = fopen("article/".$blogAddress.".php", 'w'))) { + header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing", + true, 505); + include_once($_SERVER["DOCUMENT_ROOT"]."/errors/500.php"); + die(); +} + +// Attempt to regenerate the blogpost +$blogRendered = generate_article($conn, $fp, $blogpost_id); + +// Redirect back to the referrer. +header("Location: ".$referer."#comment-".$commentId); +?> diff --git a/docs/www/errors/400.php b/docs/www/errors/400.php new file mode 100644 index 0000000..3b7856b --- /dev/null +++ b/docs/www/errors/400.php @@ -0,0 +1,18 @@ + + +
+

400: Bad Request

+
+Cat smacking another cat. +
+
+ +