Zeftax/personal-website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

static page generation

Browse source
This commit is contained in:
Zdenek Borovec 2024-08-21 23:06:32 +02:00
parent 330a1414e2
commit c9533bf686
6 changed files with 652 additions and 402 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

409
docs/common/blog_utils.php Normal file
View file

@ -0,0 +1,409 @@
<?php
class Blogpost
{
public $blogpost_id;
public $address;
public $title;
public $content;
public $date_posted;
public $date_edited;
public $tags;
public $comments;
/**
* Display the article, or a warning message.
*/
public function display_article(){
// Display the blog title and metadata
$body = "<article><table class=\"noborder-table\" style=\"width: 100%;
margin-top: 16px;\">";
$body .= sprintf("<tr><td style=\"padding: 0px;\">
<h2 style=\"margin-top: 0px;\">%s</h2></td>
<td class=\"blog-publish-date\">Published on: %s</td></tr><tr>
<td class=\"blog-tags\">", $this->title,
date("Y-m-d", strtotime($this->date_posted)));
// Display tags
for($i = 0; $i < count($this->tags); $i++) {
$tag = $this->tags[$i];
$body .= sprintf("
<span class=\"blog-tag\" style=\"background-color: %s\">
%s
</span>", $tag["color"], $tag["name"]);
}
// Display publish date and end metadata div
$body .= sprintf("</td><td class=\"blog-publish-date\">
Last edited on: %s</td></tr></table>",
date("Y-m-d", strtotime($this->date_edited)));
// Display hrule, article content and end the article
$body .= sprintf("</article><hr><article>%s</article>", $this->content);
return $body;
}
/**
* Display the comments for this post and their children.
*/
public function display_comments(){
$body = "<article>";
for($i = 0; $i < count($this->comments); $i++){
$body .= $this->comments[$i]->display_comment();
}
return $body."</article>";
}
/**
* Constructor for the blogpost.
* $blogpost_id GUID of the blogpost in the database.
* $address Readable address of the blogpost.
* $title Title of the blogpost.
* $content Content of the blogpost article.
* $date_posted Timestamp at publishing of article.
* $date_edited Timestamp at whioch the article was last edited.
* $tags Array of the tags this article has.
* $comments Array of Blogpostcomment objects,
* the comments of this article.
*/
public function __construct($blogpost_id, $address, $title,
$content, $date_posted, $date_edited, $tags, $comments){
$this->blogpost_id = $blogpost_id;
$this->address = $address;
$this->title = $title;
$this->content = $content;
$this->date_posted = $date_posted;
$this->date_edited = $date_edited;
$this->tags = $tags;
$this->comments = $comments;
}
}
class BlogpostComment
{
public $comment_id;
public $blogpost_id;
public $blogpost_addr;
public $poster_id;
public $poster_name;
public $parent_id;
public $timestamp;
public $content;
public $children;
/**
* Display the comment, and recursively it's children
*/
public function display_comment() {
$body = sprintf("
<div class=\"comment\" id=\"comment-%s\">
<div class=\"comment-own-wrapper\">
<span class=\"comment-author\"> By: %s </span>
<span class=\"comment-date\"> On: %s </span>
<label for=\"reveal-response-%s\" class=\"checkbox-button\">
Respond
</label>
<input type=\"checkbox\" id=\"reveal-response-%s\"
style=\"display: none;\">
<hr>
<div class=\"comment-content\">
%s
</div>
<div class=\"comment-response\">
<form method=\"post\"
action=\"http://www.zdenekborovec-dev.cz/blog/post_comment/\">
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
<input type=\"hidden\" name=\"referer\"
value=\"http://www.zdenekborovec-dev.cz/blog/article/%s\">
<input type=\"hidden\" name=\"parent_id\" value=\"%s\">
<label for=\"comment_entry\">Write response:</label>
<div class=\"centered-container\">
<textarea name=\"content\"
class=\"comment-box\"></textarea>
</div>
<input name=\"submit\" type=\"submit\" value=\"Send\">
</form>
</div>
</div>
<div class=\"comment-child-wrapper\">
",
$this->comment_id,
$this->poster_name,
date("Y-m-d H:i", strtotime($this->timestamp)),
$this->comment_id,
$this->comment_id,
$this->content,
$this->blogpost_id,
$this->blogpost_addr,
$this->comment_id);
if($this->children != null) {
for($i = 0; $i < count($this->children); $i++)
{
$child = $this->children[$i];
$body .= $child->display_comment();
}
}
return $body."</div></div>";
}
/**
* Load the child comments to this comment, and recursively their children.
*/
public function load_children($conn) {
// Prepare new statement for selecting all the child comments.
$stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp,
content FROM blogpost_comments WHERE blogpost_id = :blogpost_id AND
parent_id = :comment_id ORDER BY timestamp ASC;");
// Bind and execute the comment select
$stmt->bindParam(":blogpost_id", $this->blogpost_id);
$stmt->bindParam(":comment_id", $this->comment_id);
$stmt->execute();
// Fetch the comments
$results_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
$comments_arr = [];
// Prepare comment author selection statement
$stmt = $conn->prepare("SELECT username FROM users WHERE
user_id = :user_id;");
// Recursively fetch all the child comments
for($i = 0; $i < count($results_arr); $i++) {
$com = $results_arr[$i];
// If comment has a registered author, fetch their name
if($com["poster_id"]) {
$stmt->bindParam(":user_id", $com["poster_id"]);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If user was erased from database, set name to [Deleted]
if(!$result) {
$username = "[Deleted]";
}
else {
$username = $result["username"];
}
}
else {
$username = "[Guest]";
}
$commentObj = new BlogpostComment($com["comment_id"],
$com["poster_id"], $username, $this->blogpost_id,
$this->blogpost_addr, $com["timestamp"], $com["content"],
$this->comment_id);
$comments_arr[] = $commentObj;
$commentObj->load_children($conn);
}
$this->children = $comments_arr;
}
/**
* Constructor for the BlogpostComment object.
* $comment_id GUID of the comment.
* $poster_id GUID of the comment author.
* $poster_name Name of the comment author.
* $blogpost_id GUID of the blogpost this comment is under.
* $blogpost_addr Human-readable address of the blogpost this
comment is under.
* $timestamp Timestamp at comment creation.
* $content Content of the comment.
* $parent_id GUID of the comment this is a reply to (or NULL).
*/
public function __construct($comment_id, $poster_id, $poster_name,
$blogpost_id, $blogpost_address, $timestamp, $content, $parent_id) {
$this->comment_id = $comment_id;
$this->blogpost_id = $blogpost_id;
$this->blogpost_addr = $blogpost_address;
$this->poster_id = $poster_id;
$this->poster_name = $poster_name;
$this->timestamp = $timestamp;
$this->content = $content;
$this->parent_id = $parent_id;
}
}
/**
* Load comments under a given blog.
* Returns array of BlogpostComment objects.
*/
function load_comments($conn, $blogId, $blogAddress) {
// Prepare new statement for selecting all the child comments.
$stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp,
content FROM blogpost_comments WHERE blogpost_id = :blogpost_id
AND parent_id IS NULL ORDER BY timestamp ASC;");
// Bind and execute the comment select
$stmt->bindParam(":blogpost_id", $blogId);
$stmt->execute();
// Fetch the comments
$results_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
$comments_arr = [];
// Prepare comment author selection statement
$stmt = $conn->prepare("SELECT username FROM users WHERE
user_id = :user_id;");
// Recursively fetch all the child comments
for($i = 0; $i < count($results_arr); $i++) {
$com = $results_arr[$i];
// If comment has a registered author, fetch their name
if($com["poster_id"]) {
$stmt->bindParam(":user_id", $com["poster_id"]);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If user was erased from database, set name to [Deleted]
if(!$result) {
$username = "[Deleted]";
}
else {
$username = $result["username"];
}
}
else {
$username = "[Guest]";
}
$commentObj = new BlogpostComment($com["comment_id"], $com["poster_id"],
$username, $blogId, $blogAddress, $com["timestamp"],
$com["content"], NULL);
$commentObj->load_children($conn);
$comments_arr[] = $commentObj;
}
return $comments_arr;
}
function get_blogpost_address($conn, $blogId) {
// Prepare and bind the statement for selecting address
$stmt = $conn->prepare("SELECT readable_address FROM
blogposts WHERE blogpost_id = :blogpost_id");
$stmt->bindParam(":blogpost_id", $blogId);
// Execute the statement
$stmt->execute();
// Fetch the blogpost address
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If no blogpost with the given GUID was found, return null.
if(!$result) {
return null;
}
// Return the blogpost address.
return $result["readable_address"];
}
/**
* Load info about the blog with a given guid and return corresponding
* Blogpost object. NULL if blog couldn't be loaded.
*/
function load_blog($conn, $blogId){
// Prepare and bind statement for gathering blogpost info
$stmt = $conn->prepare("SELECT readable_address, title, content,
date_posted, date_edited FROM blogposts WHERE
blogpost_id = :blogpost_id;");
$stmt->bindParam(":blogpost_id", $blogId);
// Execute the statement
$stmt->execute();
// Fetch the blogpost
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If no post with given guid was found,
// there is no information to gather, return.
if(!$result){
return null;
}
// Prepare new statement for selecting the tags for a given blogpost
$stmt = $conn->prepare("SELECT name, color FROM
blogpost_tags INNER JOIN blogpost_has_tag ON
blogpost_tags.tag_id = blogpost_has_tag.tag_id WHERE
blogpost_id = :blogpost_id;");
// Bind and execute the tag select
$stmt->bindParam(":blogpost_id", $blogId);
$stmt->execute();
// Fetch the tags
$tags_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
// Set the variables
$blogTitle = $result["title"];
$blogAddress = $result["readable_address"];
$blogContent = $result["content"];
$datePosted = $result["date_posted"];
$dateEdited = $result["date_edited"];
$tags = $tags_arr;
$comments = load_comments($conn, $blogId, $blogAddress);
return new Blogpost($blogId, $blogAddress, $blogTitle, $blogContent,
$datePosted, $dateEdited, $tags, $comments);
}
function generate_article($conn, $fp, $blogId) {
// Attempt to load the blogpost
$blogPost = load_blog($conn, $blogId);
if(!$blogPost) {
return false;
}
fprintf($fp,
"<?php
\$COMMONS = \$_SERVER['DOCUMENT_ROOT'] . \"/../common\";
include_once(\$COMMONS.\"/header.php\");
display_header(\"%s\");
echo \"%s\";
?>
<hr style=\"border-style: solid;\">
<article>
<h2> Comments: </h2>
<form method=\"post\"
action=\"http://www.zdenekborovec-dev.cz/blog/post_comment/\">
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
<input type=\"hidden\" name=\"referer\"
value=\"http://www.zdenekborovec-dev.cz/blog/article/%s\">
<label for=\"comment_entry\">Write a comment (<?php
echo isset(\$_SESSION[\"current_user\"]) ?
\$_SESSION[\"current_user\"]->user_name:
\"Guest\";
?>
):</label>
<div class=\"centered-container\">
<textarea name=\"content\" class=\"comment-box\"
tabindex=\"1\"></textarea>
</div>
<input name=\"submit\" type=\"submit\" tabindex=\"2\"
value=\"Send\">
</form>
</article>
<?php
echo \"%s\";
include_once(\$COMMONS.\"/footer.php\");
?>
",
$blogPost->title,
addslashes($blogPost->display_article()),
$blogPost->blogpost_id,
$blogPost->address,
addslashes($blogPost->display_comments()));
return true;
}
?>

80
docs/www/blog/blogpost.php
View file

@ -1,80 +0,0 @@
<?php
class Blogpost
{
public $blogpost_id;
public $address;
public $title;
public $content;
public $date_posted;
public $date_edited;
public $tags;
public $comments;
/**
* Display the article, or a warning message.
*/
public function display_article(){
// Display the blog title and metadata
$body = "<article><table class=\"noborder-table\" style=\"width: 100%;
margin-top: 16px;\">";
$body .= sprintf("<tr><td style=\"padding: 0px;\">
<h2 style=\"margin-top: 0px;\">%s</h2></td>
<td class=\"blog-publish-date\">Published on: %s</td></tr><tr>
<td class=\"blog-tags\">", $this->title,
date("Y-m-d", strtotime($this->date_posted)));
// Display tags
for($i = 0; $i < count($this->tags); $i++) {
$tag = $this->tags[$i];
$body .= sprintf("
<span class=\"blog-tag\" style=\"background-color: %s\">
%s
</span>", $tag["color"], $tag["name"]);
}
// Display publish date and end metadata div
$body .= sprintf("</td><td class=\"blog-publish-date\">
Last edited on: %s</td></tr></table>",
date("Y-m-d", strtotime($this->date_edited)));
// Display hrule, article content and end the article
$body .= sprintf("</article><hr><article>%s</article>", $this->content);
return $body;
}
/**
* Display the comments for this post and their children.
*/
public function display_comments(){
$body = "<article>";
for($i = 0; $i < count($this->comments); $i++){
$body .= $this->comments[$i]->display_comment();
}
return $body."</article>";
}
/**
* Constructor for the blogpost.
* $blogpost_id GUID of the blogpost in the database.
* $address Readable address of the blogpost.
* $title Title of the blogpost.
* $content Content of the blogpost article.
* $date_posted Timestamp at publishing of article.
* $date_edited Timestamp at whioch the article was last edited.
* $tags Array of the tags this article has.
* $comments Array of Blogpostcomment objects,
* the comments of this article.
*/
public function __construct($blogpost_id, $address, $title,
$content, $date_posted, $date_edited, $tags, $comments){
$this->blogpost_id = $blogpost_id;
$this->address = $address;
$this->title = $title;
$this->content = $content;
$this->date_posted = $date_posted;
$this->date_edited = $date_edited;
$this->tags = $tags;
$this->comments = $comments;
}
}
?>

150
docs/www/blog/blogpostcomment.php
View file

@ -1,150 +0,0 @@
<?php
class BlogpostComment
{
public $comment_id;
public $blogpost_id;
public $blogpost_addr;
public $poster_id;
public $poster_name;
public $parent_id;
public $timestamp;
public $content;
public $children;
/**
* Display the comment, and recursively it's children
*/
public function display_comment() {
$body = sprintf("
<div class=\"comment\" id=\"comment-%s\">
<div class=\"comment-own-wrapper\">
<span class=\"comment-author\"> By: %s </span>
<span class=\"comment-date\"> On: %s </span>
<label for=\"reveal-response-%s\" class=\"checkbox-button\">
Respond
</label>
<input type=\"checkbox\" id=\"reveal-response-%s\"
style=\"display: none;\">
<hr>
<div class=\"comment-content\">
%s
</div>
<div class=\"comment-response\">
<form method=\"post\" action=\"%s\">
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
<input type=\"hidden\" name=\"address\" value=\"%s\">
<input type=\"hidden\" name=\"comment_id\" value=\"%s\">
<label for=\"comment_entry\">Write response:</label>
<div class=\"centered-container\">
<textarea name=\"comment_entry\"
class=\"comment-box\"></textarea>
</div>
<input name=\"submit\" type=\"submit\" value=\"Send\">
</form>
</div>
</div>
<div class=\"comment-child-wrapper\">
",
$this->comment_id,
$this->poster_name,
date("Y-m-d H:i", strtotime($this->timestamp)),
$this->comment_id,
$this->comment_id,
$this->content,
htmlspecialchars($_SERVER["PHP_SELF"]),
$this->blogpost_id,
$this->blogpost_addr,
$this->comment_id);
if($this->children != null) {
for($i = 0; $i < count($this->children); $i++)
{
$child = $this->children[$i];
$body .= $child->display_comment();
}
}
return $body."</div></div>";
}
/**
* Load the child comments to this comment, and recursively their children.
*/
public function load_children($conn) {
// Prepare new statement for selecting all the child comments.
$stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp,
content FROM blogpost_comments WHERE blogpost_id = :blogpost_id AND
parent_id = :comment_id ORDER BY timestamp ASC;");
// Bind and execute the comment select
$stmt->bindParam(":blogpost_id", $this->blogpost_id);
$stmt->bindParam(":comment_id", $this->comment_id);
$stmt->execute();
// Fetch the comments
$results_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
$comments_arr = [];
// Prepare comment author selection statement
$stmt = $conn->prepare("SELECT username FROM users WHERE
user_id = :user_id;");
// Recursively fetch all the child comments
for($i = 0; $i < count($results_arr); $i++) {
$com = $results_arr[$i];
// If comment has a registered author, fetch their name
if($com["poster_id"]) {
$stmt->bindParam(":user_id", $com["poster_id"]);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If user was erased from database, set name to [Deleted]
if(!$result) {
$username = "[Deleted]";
}
else {
$username = $result["username"];
}
}
else {
$username = "[Guest]";
}
$commentObj = new BlogpostComment($com["comment_id"],
$com["poster_id"], $username, $this->blogpost_id,
$this->blogpost_addr, $com["timestamp"], $com["content"],
$this->comment_id);
$comments_arr[] = $commentObj;
$commentObj->load_children($conn);
}
$this->children = $comments_arr;
}
/**
* Constructor for the BlogpostComment object.
* $comment_id GUID of the comment.
* $poster_id GUID of the comment author.
* $poster_name Name of the comment author.
* $blogpost_id GUID of the blogpost this comment is under.
* $blogpost_addr Human-readable address of the blogpost this
comment is under.
* $timestamp Timestamp at comment creation.
* $content Content of the comment.
* $parent_id GUID of the comment this is a reply to (or NULL).
*/
public function __construct($comment_id, $poster_id, $poster_name,
$blogpost_id, $blogpost_address, $timestamp, $content, $parent_id) {
$this->comment_id = $comment_id;
$this->blogpost_id = $blogpost_id;
$this->blogpost_addr = $blogpost_address;
$this->poster_id = $poster_id;
$this->poster_name = $poster_name;
$this->timestamp = $timestamp;
$this->content = $content;
$this->parent_id = $parent_id;
}
}
?>

240
docs/www/blog/generatearticle.php
View file

@ -2,120 +2,58 @@
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common"; $COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
include_once($COMMONS."/header.php"); include_once($COMMONS."/header.php");
include_once("blogpost.php"); include_once($COMMONS."/blog_utils.php");
include_once("blogpostcomment.php");
/** // If request is GET, show request info.
* Load comments under a given blog. if(strcmp($_SERVER["REQUEST_METHOD"], "GET") == 0)
* Returns array of BlogpostComment objects. {
*/ display_header("Generate Article");
function load_comments($conn, $blogId, $blogAddress) {
// Prepare new statement for selecting all the child comments.
$stmt = $conn->prepare("SELECT comment_id, poster_id, timestamp,
content FROM blogpost_comments WHERE blogpost_id = :blogpost_id
AND parent_id IS NULL ORDER BY timestamp ASC;");
// Bind and execute the comment select printf("
$stmt->bindParam(":blogpost_id", $blogId); <article>
$stmt->execute(); <h2>Generate Article</h2>
<p>
Request this page with POST supplying following arguments:
</p>
<table>
<tr>
<td>
<b>Argument</b>
</td>
<td>
<b>Comment</b>
</td>
</tr>
<tr>
<td>
blogpost_id
</td>
<td>
GUID of the blogpost in the database.
</td>
</tr>
<tr>
<td>
referer
</td>
<td>
URL, from which this page was requested, after generating
the article, the page will redirect back to the referer.
</td>
</tr>
</table>
</article>
");
// Fetch the comments include_once($COMMONS."/footer.php");
$results_arr = $stmt->fetchall(PDO::FETCH_ASSOC); die();
$comments_arr = [];
// Prepare comment author selection statement
$stmt = $conn->prepare("SELECT username FROM users WHERE
user_id = :user_id;");
// Recursively fetch all the child comments
for($i = 0; $i < count($results_arr); $i++) {
$com = $results_arr[$i];
// If comment has a registered author, fetch their name
if($com["poster_id"]) {
$stmt->bindParam(":user_id", $com["poster_id"]);
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If user was erased from database, set name to [Deleted]
if(!$result) {
$username = "[Deleted]";
}
else {
$username = $result["username"];
}
}
else {
$username = "[Guest]";
} }
$commentObj = new BlogpostComment($com["comment_id"], $com["poster_id"], // If request is not GET or POST, throw method not allowed
$username, $blogId, $blogAddress, $com["timestamp"],
$com["content"], NULL);
$commentObj->load_children($conn);
$comments_arr[] = $commentObj;
}
return $comments_arr;
}
/**
* Load info about the blog with a given guid and return corresponding
* Blogpost object. NULL if blog couldn't be loaded.
*/
function load_blog($conn, $blogId){
// Prepare and bind statement for gathering blogpost info
$stmt = $conn->prepare("SELECT readable_address, title, content,
date_posted, date_edited FROM blogposts WHERE
blogpost_id = :blogpost_id;");
$stmt->bindParam(":blogpost_id", $blogId);
// Execute the statement
$stmt->execute();
// Fetch the blogpost
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If no post with given guid was found,
// there is no information to gather, return.
if(!$result){
return null;
}
// Prepare new statement for selecting the tags for a given blogpost
$stmt = $conn->prepare("SELECT name, color FROM
blogpost_tags INNER JOIN blogpost_has_tag ON
blogpost_tags.tag_id = blogpost_has_tag.tag_id WHERE
blogpost_id = :blogpost_id;");
// Bind and execute the tag select
$stmt->bindParam(":blogpost_id", $blogId);
$stmt->execute();
// Fetch the tags
$tags_arr = $stmt->fetchall(PDO::FETCH_ASSOC);
// Set the variables
$blogTitle = $result["title"];
$blogAddress = $result["readable_address"];
$blogContent = $result["content"];
$datePosted = $result["date_posted"];
$dateEdited = $result["date_edited"];
$tags = $tags_arr;
$comments = load_comments($conn, $blogId, $blogAddress);
return new Blogpost($blogId, $blogAddress, $blogTitle, $blogContent,
$datePosted, $dateEdited, $tags, $comments);
}
// If request is not POST, throw method not allowed
if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0) if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0)
{ {
header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405); header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/405.php"); include_once($_SERVER["DOCUMENT_ROOT"]."/errors/405.php");
include_once($COMMONS."/footer.php");
die(); die();
} }
@ -126,81 +64,39 @@ if($conn == null){
die(); die();
} }
// If a human-readable address was provided, extract appropriate id. // If one of the needed parameters isn't set, show 400
if(isset($_POST["address"])) { if(!(isset($_POST["blogpost_id"]) && isset($_POST["referer"])))
$blogAddr = sanitize_input($_POST["address"]); {
header($_SERVER["SERVER_PROTOCOL"]." 400: Bad Request", true, 400);
// Prepare and bind statement for gathering blogpost address include_once($_SERVER["DOCUMENT_ROOT"]."/errors/400.php");
$stmt = $conn->prepare("SELECT blogpost_id die;
FROM blogposts WHERE readable_address = :readable_address;");
$stmt->bindParam(":readable_address", $blogAddr);
// Execute the statement
$stmt->execute();
// Fetch the blogpost
$result = $stmt->fetch(PDO::FETCH_ASSOC);
// If post with given address was found, set the $blogId var.
if($result){
$blogId = sanitize_input($result["blogpost_id"]);
}
} }
// Attempt to load the blogpost // Get the blogpost id and referer
$blogPost = load_blog($conn, $blogId); $blogId = sanitize_input($_POST["blogpost_id"]);
$referer = sanitize_input($_POST["referer"]);
// If blogpost could not be retieved, display warning and die. // Get the address of the blogpost
if(!$blogPost) { $blogAddress = get_blogpost_address($conn, $blogId);
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404);
die();
}
// Try to open the file to which to render the blogpost. // Try to open the file to which to render the blogpost.
if (!($fp = fopen("article/".$blogPost->address.".php", 'w'))) { if (!($fp = fopen("article/".$blogAddress.".php", 'w'))) {
header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing", header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing",
true, 505); true, 505);
echo "fail"; include_once($_SERVER["DOCUMENT_ROOT"]."/errors/500.php");
die(); die();
} }
fprintf($fp, // Attempt to generate the blogpost
"<?php $blogRendered = generate_article($conn, $fp, $blogId);
include_once(\"%s\");
display_header(\"%s\"); // If blogpost could not be loaded, display warning and die.
echo \"%s\"; if(!$blogRendered) {
?> header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404);
<hr style=\"border-style: solid;\"> include_once($_SERVER["DOCUMENT_ROOT"]."/errors/404.php");
<article> die();
<h2> Comments: </h2> }
<form method=\"post\" action=\"%s\">
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\"> // Redirect back to the referrer.
<input type=\"hidden\" name=\"address\" value=\"%s\"> header("Location: ".$referer);
<label for=\"comment_entry\">Write a comment (<?php
echo isset(\$_SESSION[\"current_user\"]) ?
\$_SESSION[\"current_user\"]->user_name:
\"Guest\";
?>
):</label>
<div class=\"centered-container\">
<textarea name=\"comment_entry\" class=\"comment-box\"
tabindex=\"1\"></textarea>
</div>
<input name=\"submit\" type=\"submit\" tabindex=\"2\"
value=\"Send\">
</form>
</article>
<?php
echo \"%s\";
include_once(\"%s\");
?>
",
$COMMONS."/header.php",
$blogPost->title,
addslashes($blogPost->display_article()),
"SEND_COMMAND_ACTION",
$blogPost->blogId,
$blogPost->address,
addslashes($blogPost->display_comments()),
$COMMONS."/footer.php");
?> ?>

157
docs/www/blog/post_comment.php Normal file
View file

@ -0,0 +1,157 @@
<?php
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
include_once($COMMONS."/header.php");
include_once($COMMONS."/blog_utils.php");
/**
* Send a comment to the database.
* If the poster is not signed in, send "NULL" (as a string) as the $posterID
* The same goes for $parentId (that is the parent comment,
* if this one is a response)
* Returns: GUID PK of the newly added comment.
*/
function send_comment($conn, $blogId, $posterId, $content, $parentId) {
// If content is empty, do not post
if(empty($content)) {
return "";
}
// Get a uuid for the comment
$stmt = $conn->prepare("SELECT UUID()");
$stmt->execute();
$result = $stmt->fetch(PDO::FETCH_ASSOC);
$uuid = $result["UUID()"];
// Prepare the statemtnt
$stmt = $conn->prepare("INSERT INTO blogpost_comments
( comment_id, parent_id, blogpost_id, poster_id, content) VALUES
(:comment_id, :parent_id, :blogpost_id, :poster_id, :content);");
// Bind all the parameters
$stmt->bindValue(":comment_id", $uuid, PDO::PARAM_STR);
$stmt->bindValue(":parent_id", $parentId == "NULL"
? NULL : $parentId, PDO::PARAM_STR);
$stmt->bindValue(":blogpost_id", $blogId, PDO::PARAM_STR);
$stmt->bindValue(":poster_id", $posterId == "NULL"
? NULL : $posterId, PDO::PARAM_STR);
$stmt->bindValue(":content", $content, PDO::PARAM_STR);
// Execute the statement
$stmt->execute();
return $uuid;
}
// If request is not POST, show request info.
if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0)
{
display_header("Post Comment");
printf("
<article>
<h2>Post Comment</h2>
<p>
Request this page with POST supplying following arguments:
</p>
<table>
<tr>
<td>
<b>Argument</b>
</td>
<td>
<b>Comment</b>
</td>
</tr>
<tr>
<td>
referer
</td>
<td>
URL, from which this page was requested,
after adding the comment into the database,
the page will redirect back to the referer.
</td>
</tr>
<tr>
<td>
blogpost_id
</td>
<td>
GUID of the blogpost, under which the comment was posted.
</td>
</tr>
<tr>
<td>
content
</td>
<td>
Content of the comment.
</td>
</tr>
<tr>
<td>
parent_id (optional)
</td>
<td>
GUID of the parent comment of the comment to be posted.
</td>
</tr>
</table>
<p>
Note: takes the SESSION variable \"current_user\" into account, if set.
</p>
</article>
");
include_once($COMMONS."/footer.php");
die();
}
// Check DB connection
if($conn == null){
header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/503.php");
die();
}
// If one of the needed parameters isn't set, show 400
if(!
(isset($_POST["referer"]) && isset($_POST["blogpost_id"]) &&
isset($_POST["content"])))
{
header($_SERVER["SERVER_PROTOCOL"]." 400: Bad Request", true, 400);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/400.php");
die;
}
// Get the input arguments
$referer = sanitize_input($_POST["referer"]);
$blogpost_id = sanitize_input($_POST["blogpost_id"]);
$content = sanitize_input($_POST["content"]);
$parent_id = isset($_POST["parent_id"]) ?
sanitize_input($_POST["parent_id"]) : "NULL";
$poster_id = isset($_SESSION["current_user"]) ?
sanitize_input($_SESSION["current_user"]->user_id) : "NULL";
// Send the comment to the database
$commentId = send_comment($conn, $blogpost_id, $poster_id, $content,
$parent_id);
// Get the address of the blogpost
$blogAddress = get_blogpost_address($conn, $blogpost_id);
// Try to open the file to which to render the blogpost.
if (!($fp = fopen("article/".$blogAddress.".php", 'w'))) {
header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing",
true, 505);
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/500.php");
die();
}
// Attempt to regenerate the blogpost
$blogRendered = generate_article($conn, $fp, $blogpost_id);
// Redirect back to the referrer.
header("Location: ".$referer."#comment-".$commentId);
?>

18
docs/www/errors/400.php Normal file
View file

@ -0,0 +1,18 @@
<?php
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
include_once($COMMONS."/header.php");
display_header("400: Bad Request");
?>
<article>
<h2>400: Bad Request</h2>
<div class="centered-container">
<img src="https://assets.zdenekborovec.cz/upload/e1463bdfe24101b467cb8587980f14b6/9916594a95e8de21e0d41f90fe15d2a7/72dfbcf9e4809a28d8fdcf4940850164.gif" alt="Cat smacking another cat.">
</div>
</article>
<?php
include_once($COMMONS."/footer.php");
?>