Compare commits
13 commits
557c66edfb
...
5413493e79
Author | SHA1 | Date | |
---|---|---|---|
5413493e79 | |||
0179724ed7 | |||
5ce2bcb435 | |||
50e128f43f | |||
bbe31d4f82 | |||
c9533bf686 | |||
330a1414e2 | |||
d58562538f | |||
e8b715de8d | |||
48a0d1660a | |||
f526edf2d1 | |||
9b51435ec9 | |||
a50170c1c5 |
15 changed files with 526 additions and 344 deletions
1
.gitignore
vendored
1
.gitignore
vendored
|
@ -2,3 +2,4 @@
|
|||
/docs/common/config.php
|
||||
/assets/upload/**
|
||||
/docs/www/blog/feed.atom
|
||||
/docs/www/blog/article/**
|
||||
|
|
|
@ -37,6 +37,8 @@ Anyways, let's get to the *how*.
|
|||
- Also make sure that the directory /assets/uploads/ exists and php has write
|
||||
permissions there - if you are going to use that file upload
|
||||
functionality, that is.
|
||||
- The directory /docs/www/blog/article should also be created with
|
||||
the above permissions.
|
||||
- Php should also have write permissions in the docs/www/blog directory,
|
||||
so it can update the atom feed.
|
||||
- If you have problems connecting to the database, you can try
|
||||
|
|
|
@ -1,5 +1,6 @@
|
|||
# Custom error pages
|
||||
ErrorDocument 403 /errors/403.php
|
||||
ErrorDocument 404 /errors/404.php
|
||||
ErrorDocument 405 /errors/405.php
|
||||
ErrorDocument 500 /errors/500.php
|
||||
ErrorDocument 504 /errors/504.php
|
||||
|
|
18
assets/errors/405.php
Normal file
18
assets/errors/405.php
Normal file
|
@ -0,0 +1,18 @@
|
|||
<?php
|
||||
$COMMONS = "./../../docs/common";
|
||||
|
||||
include_once($COMMONS."/header.php");
|
||||
|
||||
display_header("405: Method not allowed");
|
||||
?>
|
||||
|
||||
<article>
|
||||
<h2>405: Method Not Allowed</h2>
|
||||
<div class="centered-container">
|
||||
<img src="https://assets.zdenekborovec.cz/upload/39486004aa605167cdda6623a4a3fa6d/7da36b469b34cc1008639612f0c17e21/d077e6ed1bd1a560a718590ae609422c.gif" alt="GIF of a cat shaking its head.">
|
||||
</div>
|
||||
</article>
|
||||
|
||||
<?php
|
||||
include_once($COMMONS."/footer.php");
|
||||
?>
|
|
@ -3,9 +3,9 @@
|
|||
-- https://www.phpmyadmin.net/
|
||||
--
|
||||
-- Host: localhost
|
||||
-- Generation Time: Jul 20, 2024 at 02:33 PM
|
||||
-- Generation Time: Aug 21, 2024 at 11:22 PM
|
||||
-- Server version: 11.4.2-MariaDB
|
||||
-- PHP Version: 8.3.9
|
||||
-- PHP Version: 8.3.10
|
||||
|
||||
SET SQL_MODE = "NO_AUTO_VALUE_ON_ZERO";
|
||||
START TRANSACTION;
|
||||
|
@ -29,7 +29,7 @@ SET time_zone = "+00:00";
|
|||
|
||||
CREATE TABLE IF NOT EXISTS `blogposts` (
|
||||
`blogpost_id` uuid NOT NULL DEFAULT uuid() COMMENT 'uuid of the blogpost',
|
||||
`readable_address` varchar(64) DEFAULT NULL COMMENT 'Human-readable addressing alternative for an article. For example, blogpost with readable_address = "example" can be accessed by article.php?address=example.',
|
||||
`readable_address` varchar(64) NOT NULL COMMENT 'Human-readable addressing alternative for an article. For example, blogpost with readable_address = "example" can be accessed by blog/article/example.',
|
||||
`title` varchar(64) DEFAULT NULL COMMENT 'title of the blogpost',
|
||||
`abstract` varchar(512) DEFAULT NULL COMMENT 'short version of the blogpost to be displayed as preview, usually the first paragraph of the real article.',
|
||||
`content` text DEFAULT NULL COMMENT 'html for the article',
|
||||
|
|
|
@ -1,7 +1,82 @@
|
|||
<?php
|
||||
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
||||
class Blogpost
|
||||
{
|
||||
public $blogpost_id;
|
||||
public $address;
|
||||
public $title;
|
||||
public $content;
|
||||
public $date_posted;
|
||||
public $date_edited;
|
||||
public $tags;
|
||||
public $comments;
|
||||
|
||||
include_once($COMMONS."/header.php");
|
||||
/**
|
||||
* Display the article, or a warning message.
|
||||
*/
|
||||
public function display_article(){
|
||||
// Display the blog title and metadata
|
||||
$body = "<article><table class=\"noborder-table\" style=\"width: 100%;
|
||||
margin-top: 16px;\">";
|
||||
$body .= sprintf("<tr><td style=\"padding: 0px;\">
|
||||
<h2 style=\"margin-top: 0px;\">%s</h2></td>
|
||||
<td class=\"blog-publish-date\">Published on: %s</td></tr><tr>
|
||||
<td class=\"blog-tags\">", $this->title,
|
||||
date("Y-m-d", strtotime($this->date_posted)));
|
||||
|
||||
// Display tags
|
||||
for($i = 0; $i < count($this->tags); $i++) {
|
||||
$tag = $this->tags[$i];
|
||||
$body .= sprintf("
|
||||
<span class=\"blog-tag\" style=\"background-color: %s\">
|
||||
%s
|
||||
</span>", $tag["color"], $tag["name"]);
|
||||
}
|
||||
|
||||
// Display publish date and end metadata div
|
||||
$body .= sprintf("</td><td class=\"blog-publish-date\">
|
||||
Last edited on: %s</td></tr></table>",
|
||||
date("Y-m-d", strtotime($this->date_edited)));
|
||||
|
||||
// Display hrule, article content and end the article
|
||||
$body .= sprintf("</article><hr><article>%s</article>", $this->content);
|
||||
return $body;
|
||||
}
|
||||
|
||||
/**
|
||||
* Display the comments for this post and their children.
|
||||
*/
|
||||
public function display_comments(){
|
||||
$body = "<article>";
|
||||
for($i = 0; $i < count($this->comments); $i++){
|
||||
$body .= $this->comments[$i]->display_comment();
|
||||
}
|
||||
return $body."</article>";
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor for the blogpost.
|
||||
* $blogpost_id GUID of the blogpost in the database.
|
||||
* $address Readable address of the blogpost.
|
||||
* $title Title of the blogpost.
|
||||
* $content Content of the blogpost article.
|
||||
* $date_posted Timestamp at publishing of article.
|
||||
* $date_edited Timestamp at whioch the article was last edited.
|
||||
* $tags Array of the tags this article has.
|
||||
* $comments Array of Blogpostcomment objects,
|
||||
* the comments of this article.
|
||||
*/
|
||||
public function __construct($blogpost_id, $address, $title,
|
||||
$content, $date_posted, $date_edited, $tags, $comments){
|
||||
$this->blogpost_id = $blogpost_id;
|
||||
$this->address = $address;
|
||||
$this->title = $title;
|
||||
$this->content = $content;
|
||||
$this->date_posted = $date_posted;
|
||||
$this->date_edited = $date_edited;
|
||||
$this->tags = $tags;
|
||||
$this->comments = $comments;
|
||||
}
|
||||
}
|
||||
|
||||
class BlogpostComment
|
||||
{
|
||||
|
@ -19,8 +94,7 @@ class BlogpostComment
|
|||
* Display the comment, and recursively it's children
|
||||
*/
|
||||
public function display_comment() {
|
||||
if(is_null($this->blogpost_addr)) {
|
||||
printf("
|
||||
$body = sprintf("
|
||||
<div class=\"comment\" id=\"comment-%s\">
|
||||
<div class=\"comment-own-wrapper\">
|
||||
<span class=\"comment-author\"> By: %s </span>
|
||||
|
@ -35,53 +109,15 @@ class BlogpostComment
|
|||
%s
|
||||
</div>
|
||||
<div class=\"comment-response\">
|
||||
<form method=\"post\" action=\"%s\">
|
||||
<form method=\"post\"
|
||||
action=\"http://www.zdenekborovec-dev.cz/blog/post_comment/\">
|
||||
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
|
||||
<input type=\"hidden\" name=\"comment_id\" value=\"%s\">
|
||||
<input type=\"hidden\" name=\"referer\"
|
||||
value=\"http://www.zdenekborovec-dev.cz/blog/article/%s\">
|
||||
<input type=\"hidden\" name=\"parent_id\" value=\"%s\">
|
||||
<label for=\"comment_entry\">Write response:</label>
|
||||
<div class=\"centered-container\">
|
||||
<textarea name=\"comment_entry\"
|
||||
class=\"comment-box\"></textarea>
|
||||
</div>
|
||||
<input name=\"submit\" type=\"submit\" value=\"Send\">
|
||||
</form>
|
||||
</div>
|
||||
</div>
|
||||
<div class=\"comment-child-wrapper\">
|
||||
",
|
||||
$this->comment_id,
|
||||
$this->poster_name,
|
||||
date("Y-m-d H:i", strtotime($this->timestamp)),
|
||||
$this->comment_id,
|
||||
$this->comment_id,
|
||||
$this->content,
|
||||
htmlspecialchars($_SERVER["PHP_SELF"]),
|
||||
$this->blogpost_id,
|
||||
$this->comment_id);
|
||||
}
|
||||
else {
|
||||
printf("
|
||||
<div class=\"comment\" id=\"comment-%s\">
|
||||
<div class=\"comment-own-wrapper\">
|
||||
<span class=\"comment-author\"> By: %s </span>
|
||||
<span class=\"comment-date\"> On: %s </span>
|
||||
<label for=\"reveal-response-%s\" class=\"checkbox-button\">
|
||||
Respond
|
||||
</label>
|
||||
<input type=\"checkbox\" id=\"reveal-response-%s\"
|
||||
style=\"display: none;\">
|
||||
<hr>
|
||||
<div class=\"comment-content\">
|
||||
%s
|
||||
</div>
|
||||
<div class=\"comment-response\">
|
||||
<form method=\"post\" action=\"%s\">
|
||||
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
|
||||
<input type=\"hidden\" name=\"address\" value=\"%s\">
|
||||
<input type=\"hidden\" name=\"comment_id\" value=\"%s\">
|
||||
<label for=\"comment_entry\">Write response:</label>
|
||||
<div class=\"centered-container\">
|
||||
<textarea name=\"comment_entry\"
|
||||
<textarea name=\"content\"
|
||||
class=\"comment-box\"></textarea>
|
||||
</div>
|
||||
<input name=\"submit\" type=\"submit\" value=\"Send\">
|
||||
|
@ -96,20 +132,18 @@ class BlogpostComment
|
|||
$this->comment_id,
|
||||
$this->comment_id,
|
||||
$this->content,
|
||||
htmlspecialchars($_SERVER["PHP_SELF"]),
|
||||
$this->blogpost_id,
|
||||
$this->blogpost_addr,
|
||||
$this->comment_id);
|
||||
}
|
||||
|
||||
if($this->children != null) {
|
||||
for($i = 0; $i < count($this->children); $i++)
|
||||
{
|
||||
$child = $this->children[$i];
|
||||
$child->display_comment();
|
||||
$body .= $child->display_comment();
|
||||
}
|
||||
}
|
||||
printf("</div></div>");
|
||||
return $body."</div></div>";
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -193,149 +227,6 @@ class BlogpostComment
|
|||
$this->parent_id = $parent_id;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
class Blogpost
|
||||
{
|
||||
public $blogpost_id;
|
||||
public $address;
|
||||
public $title;
|
||||
public $content;
|
||||
public $date_posted;
|
||||
public $date_edited;
|
||||
public $tags;
|
||||
public $comments;
|
||||
|
||||
/**
|
||||
* Display the article, or a warning message.
|
||||
*/
|
||||
public function display_article(){
|
||||
// If a blog with given ID was not found display warning message.
|
||||
if(!$this->title){
|
||||
printf("
|
||||
<article>
|
||||
<h2> Article not found </h2>
|
||||
<hr>
|
||||
<p>
|
||||
I am sorry, but I couldn't find an article with this ID.
|
||||
</p>
|
||||
</article>
|
||||
");
|
||||
return;
|
||||
}
|
||||
|
||||
if (isset($_COOKIE["PHPSESSID"]) &&
|
||||
(bool)($_SESSION["current_user"]->permissions & 128)) {
|
||||
$topRight = sprintf("<td class=\"blog-publish-date\">
|
||||
<a href=\"http://www.zdenekborovec-dev.cz/blog/writearticle/
|
||||
?guid=%s\">Edit</a></td>", $this->blogpost_id);
|
||||
}
|
||||
else {
|
||||
$topRight = sprintf("<td class=\"blog-publish-date\">
|
||||
Published on: %s</td>",
|
||||
date("Y-m-d", strtotime($this->date_posted)));
|
||||
}
|
||||
|
||||
// Display the blog title and metadata
|
||||
printf("<article>");
|
||||
print_r("<table class=\"noborder-table\" style=\"width: 100%;
|
||||
margin-top: 16px;\">");
|
||||
printf("<tr><td style=\"padding: 0px;\"><h2 style=\"margin-top: 0px;\">
|
||||
%s</h2></td>%s</tr><tr><td class=\"blog-tags\">",
|
||||
$this->title, $topRight);
|
||||
|
||||
// Display tags
|
||||
for($i = 0; $i < count($this->tags); $i++) {
|
||||
$tag = $this->tags[$i];
|
||||
printf("
|
||||
<span class=\"blog-tag\" style=\"background-color: %s\">
|
||||
%s
|
||||
</span>", $tag["color"], $tag["name"]);
|
||||
}
|
||||
|
||||
// Display publish date and end metadata div
|
||||
printf("</td><td class=\"blog-publish-date\">Last edited on: %s</td>
|
||||
</tr></table>", date("Y-m-d", strtotime($this->date_edited)));
|
||||
|
||||
// Display hrule, article content and end the article
|
||||
printf("</article><hr><article>%s</article>", $this->content);
|
||||
}
|
||||
|
||||
/**
|
||||
* Display the comments for this post and their children.
|
||||
*/
|
||||
public function display_comments(){
|
||||
printf("<article>");
|
||||
for($i = 0; $i < count($this->comments); $i++){
|
||||
$this->comments[$i]->display_comment();
|
||||
}
|
||||
printf("</article>");
|
||||
}
|
||||
|
||||
/**
|
||||
* Constructor for the blogpost.
|
||||
* $blogpost_id GUID of the blogpost in the database.
|
||||
* $address Readable address of the blogpost.
|
||||
* $title Title of the blogpost.
|
||||
* $content Content of the blogpost article.
|
||||
* $date_posted Timestamp at publishing of article.
|
||||
* $date_edited Timestamp at whioch the article was last edited.
|
||||
* $tags Array of the tags this article has.
|
||||
* $comments Array of Blogpostcomment objects,
|
||||
* the comments of this article.
|
||||
*/
|
||||
public function __construct($blogpost_id, $address, $title,
|
||||
$content, $date_posted, $date_edited, $tags, $comments){
|
||||
$this->blogpost_id = $blogpost_id;
|
||||
$this->address = $address;
|
||||
$this->title = $title;
|
||||
$this->content = $content;
|
||||
$this->date_posted = $date_posted;
|
||||
$this->date_edited = $date_edited;
|
||||
$this->tags = $tags;
|
||||
$this->comments = $comments;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Send a comment to the database.
|
||||
* If the poster is not signed in, send "NULL" (as a string) as the $posterID
|
||||
* The same goes for $parentId (that is the parent comment,
|
||||
* if this one is a response)
|
||||
* Returns: GUID PK of the newly added comment.
|
||||
*/
|
||||
function send_comment($conn, $blogId, $posterId, $content, $parentId) {
|
||||
// If content is empty, do not post
|
||||
if(empty($content)) {
|
||||
return "";
|
||||
}
|
||||
|
||||
// Get a uuid for the comment
|
||||
$stmt = $conn->prepare("SELECT UUID()");
|
||||
$stmt->execute();
|
||||
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$uuid = $result["UUID()"];
|
||||
|
||||
// Prepare the statemtnt
|
||||
$stmt = $conn->prepare("INSERT INTO blogpost_comments
|
||||
( comment_id, parent_id, blogpost_id, poster_id, content) VALUES
|
||||
(:comment_id, :parent_id, :blogpost_id, :poster_id, :content);");
|
||||
|
||||
// Bind all the parameters
|
||||
$stmt->bindValue(":comment_id", $uuid, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":parent_id", $parentId == "NULL"
|
||||
? NULL : $parentId, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":blogpost_id", $blogId, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":poster_id", $posterId == "NULL"
|
||||
? NULL : $posterId, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":content", $content, PDO::PARAM_STR);
|
||||
|
||||
// Execute the statement
|
||||
$stmt->execute();
|
||||
|
||||
return $uuid;
|
||||
}
|
||||
|
||||
/**
|
||||
* Load comments under a given blog.
|
||||
* Returns array of BlogpostComment objects.
|
||||
|
@ -392,6 +283,27 @@ function load_comments($conn, $blogId, $blogAddress) {
|
|||
return $comments_arr;
|
||||
}
|
||||
|
||||
function get_blogpost_address($conn, $blogId) {
|
||||
// Prepare and bind the statement for selecting address
|
||||
$stmt = $conn->prepare("SELECT readable_address FROM
|
||||
blogposts WHERE blogpost_id = :blogpost_id");
|
||||
$stmt->bindParam(":blogpost_id", $blogId);
|
||||
|
||||
// Execute the statement
|
||||
$stmt->execute();
|
||||
|
||||
// Fetch the blogpost address
|
||||
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
// If no blogpost with the given GUID was found, return null.
|
||||
if(!$result) {
|
||||
return null;
|
||||
}
|
||||
|
||||
// Return the blogpost address.
|
||||
return $result["readable_address"];
|
||||
}
|
||||
|
||||
/**
|
||||
* Load info about the blog with a given guid and return corresponding
|
||||
* Blogpost object. NULL if blog couldn't be loaded.
|
||||
|
@ -441,132 +353,57 @@ function load_blog($conn, $blogId){
|
|||
$datePosted, $dateEdited, $tags, $comments);
|
||||
}
|
||||
|
||||
// Check DB connection
|
||||
if($conn == null){
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/503.php");
|
||||
include_once($COMMONS."/footer.php");
|
||||
die();
|
||||
}
|
||||
function generate_article($conn, $fp, $blogId) {
|
||||
// Attempt to load the blogpost
|
||||
$blogPost = load_blog($conn, $blogId);
|
||||
|
||||
// If the method is post (user submitted a comment), try to post it,
|
||||
// Refill the appropriate comment sumbmission form and display
|
||||
// error message on error.
|
||||
if(isset($_POST["submit"])) {
|
||||
// Sanitise the user-submitted data
|
||||
$blogId = sanitize_input($_POST["blogpost_id"]);
|
||||
$commentContent = sanitize_input($_POST["comment_entry"]);
|
||||
$parentId = isset($_POST["comment_id"]) ? $_POST["comment_id"] : "NULL";
|
||||
$posterId = isset($_SESSION["current_user"]) ?
|
||||
$_SESSION["current_user"]->user_id : "NULL";
|
||||
$address = isset($_POST["address"]) ?
|
||||
sanitize_input($_POST["address"]) : NULL;
|
||||
|
||||
// Try to send the comment
|
||||
$commentId = send_comment($conn, $blogId, $posterId,
|
||||
$commentContent, $parentId);
|
||||
|
||||
// Redirect to this page with GET
|
||||
if(is_null($address)) {
|
||||
header("Location: http://www.zdenekborovec-dev.cz/blog/".
|
||||
"article?blogpost_id=".$blogId."#comment-".$commentId);
|
||||
if(!$blogPost) {
|
||||
return false;
|
||||
}
|
||||
else {
|
||||
header("Location: http://www.zdenekborovec-dev.cz/blog/".
|
||||
"article?address=".$address."#comment-".$commentId);
|
||||
}
|
||||
die();
|
||||
}
|
||||
|
||||
// If a human-readable address was provided, extract appropriate id.
|
||||
if(isset($_GET["address"])) {
|
||||
$blogAddr = sanitize_input($_GET["address"]);
|
||||
fprintf($fp,
|
||||
"<?php
|
||||
\$COMMONS = \$_SERVER['DOCUMENT_ROOT'] . \"/../common\";
|
||||
|
||||
// Prepare and bind statement for gathering blogpost address
|
||||
$stmt = $conn->prepare("SELECT blogpost_id
|
||||
FROM blogposts WHERE readable_address = :readable_address;");
|
||||
$stmt->bindParam(":readable_address", $blogAddr);
|
||||
include_once(\$COMMONS.\"/header.php\");
|
||||
|
||||
// Execute the statement
|
||||
$stmt->execute();
|
||||
|
||||
// Fetch the blogpost
|
||||
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
|
||||
// If post with given address was found, set the $blogId var.
|
||||
if($result){
|
||||
$blogId = sanitize_input($result["blogpost_id"]);
|
||||
}
|
||||
}
|
||||
// If a blogpost id was provided, get it.
|
||||
else if(isset($_GET["blogpost_id"])) {
|
||||
$blogId = sanitize_input($_GET["blogpost_id"]);
|
||||
}
|
||||
|
||||
// Attempt to load the blogpost
|
||||
$blogPost = load_blog($conn, $blogId);
|
||||
|
||||
// If blogpost could not be retieved, display warning and die.
|
||||
if(!$blogPost) {
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/404.php");
|
||||
include_once($COMMONS."/footer.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// Display the header with title being the blog name
|
||||
display_header($blogPost->title);
|
||||
|
||||
// Display the blog
|
||||
$blogPost->display_article();
|
||||
printf("<hr style=\"border-style: solid;\">");
|
||||
|
||||
// Display post comment form.
|
||||
if(is_null($blogPost->address))
|
||||
{
|
||||
printf("
|
||||
display_header(\"%s\");
|
||||
echo \"%s\";
|
||||
?>
|
||||
<hr style=\"border-style: solid;\">
|
||||
<article>
|
||||
<h2> Comments: </h2>
|
||||
<form method=\"post\" action=\"%s\">
|
||||
<form method=\"post\"
|
||||
action=\"http://www.zdenekborovec-dev.cz/blog/post_comment/\">
|
||||
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
|
||||
<label for=\"comment_entry\">Write a comment (%s):</label>
|
||||
<input type=\"hidden\" name=\"referer\"
|
||||
value=\"http://www.zdenekborovec-dev.cz/blog/article/%s\">
|
||||
<label for=\"comment_entry\">Write a comment (<?php
|
||||
echo isset(\$_SESSION[\"current_user\"]) ?
|
||||
\$_SESSION[\"current_user\"]->user_name:
|
||||
\"Guest\";
|
||||
?>
|
||||
):</label>
|
||||
<div class=\"centered-container\">
|
||||
<textarea name=\"comment_entry\" class=\"comment-box\"
|
||||
<textarea name=\"content\" class=\"comment-box\"
|
||||
tabindex=\"1\"></textarea>
|
||||
</div>
|
||||
<input name=\"submit\" type=\"submit\" tabindex=\"2\"
|
||||
value=\"Send\">
|
||||
</form>
|
||||
</article>
|
||||
<?php
|
||||
echo \"%s\";
|
||||
include_once(\$COMMONS.\"/footer.php\");
|
||||
?>
|
||||
",
|
||||
htmlspecialchars($_SERVER["PHP_SELF"]), $blogId,
|
||||
isset($_SESSION["current_user"]) ?
|
||||
$_SESSION["current_user"]->user_name : "Guest");
|
||||
}
|
||||
else
|
||||
{
|
||||
printf("
|
||||
<article>
|
||||
<h2> Comments: </h2>
|
||||
<form method=\"post\" action=\"%s\">
|
||||
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
|
||||
<input type=\"hidden\" name=\"address\" value=\"%s\">
|
||||
<label for=\"comment_entry\">Write a comment (%s):</label>
|
||||
<div class=\"centered-container\">
|
||||
<textarea name=\"comment_entry\" class=\"comment-box\"
|
||||
tabindex=\"1\"></textarea>
|
||||
</div>
|
||||
<input name=\"submit\" type=\"submit\" tabindex=\"2\"
|
||||
value=\"Send\">
|
||||
</form>
|
||||
</article>
|
||||
",
|
||||
htmlspecialchars($_SERVER["PHP_SELF"]), $blogId, $blogPost->address,
|
||||
isset($_SESSION["current_user"]) ?
|
||||
$_SESSION["current_user"]->user_name : "Guest");
|
||||
}
|
||||
// Display the blog comments
|
||||
$blogPost->display_comments();
|
||||
$blogPost->title,
|
||||
addslashes($blogPost->display_article()),
|
||||
$blogPost->blogpost_id,
|
||||
$blogPost->address,
|
||||
addslashes($blogPost->display_comments()));
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
include_once($COMMONS."/footer.php");
|
||||
?>
|
|
@ -15,5 +15,6 @@ RewriteRule ^([^\.]+)/$ $1.php
|
|||
# Custom error pages
|
||||
ErrorDocument 403 /errors/403.php
|
||||
ErrorDocument 404 /errors/404.php
|
||||
ErrorDocument 405 /errors/405.php
|
||||
ErrorDocument 500 /errors/500.php
|
||||
ErrorDocument 503 /errors/503.php
|
||||
|
|
102
docs/www/blog/generatearticle.php
Normal file
102
docs/www/blog/generatearticle.php
Normal file
|
@ -0,0 +1,102 @@
|
|||
<?php
|
||||
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
||||
|
||||
include_once($COMMONS."/header.php");
|
||||
include_once($COMMONS."/blog_utils.php");
|
||||
|
||||
// If request is GET, show request info.
|
||||
if(strcmp($_SERVER["REQUEST_METHOD"], "GET") == 0)
|
||||
{
|
||||
display_header("Generate Article");
|
||||
|
||||
printf("
|
||||
<article>
|
||||
<h2>Generate Article</h2>
|
||||
<p>
|
||||
Request this page with POST supplying following arguments:
|
||||
</p>
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
<b>Argument</b>
|
||||
</td>
|
||||
<td>
|
||||
<b>Comment</b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
blogpost_id
|
||||
</td>
|
||||
<td>
|
||||
GUID of the blogpost in the database.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
referer
|
||||
</td>
|
||||
<td>
|
||||
URL, from which this page was requested, after generating
|
||||
the article, the page will redirect back to the referer.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
</article>
|
||||
");
|
||||
|
||||
include_once($COMMONS."/footer.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// If request is not GET or POST, throw method not allowed
|
||||
if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0)
|
||||
{
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 405 Method Not Allowed", true, 405);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/405.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// Check DB connection
|
||||
if($conn == null){
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/503.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// If one of the needed parameters isn't set, show 400
|
||||
if(!(isset($_POST["blogpost_id"]) && isset($_POST["referer"])))
|
||||
{
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 400: Bad Request", true, 400);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/400.php");
|
||||
die;
|
||||
}
|
||||
|
||||
// Get the blogpost id and referer
|
||||
$blogId = sanitize_input($_POST["blogpost_id"]);
|
||||
$referer = sanitize_input($_POST["referer"]);
|
||||
|
||||
// Get the address of the blogpost
|
||||
$blogAddress = get_blogpost_address($conn, $blogId);
|
||||
|
||||
// Try to open the file to which to render the blogpost.
|
||||
if (!($fp = fopen("article/".$blogAddress.".php", 'w'))) {
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing",
|
||||
true, 505);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/500.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// Attempt to generate the blogpost
|
||||
$blogRendered = generate_article($conn, $fp, $blogId);
|
||||
|
||||
// If blogpost could not be loaded, display warning and die.
|
||||
if(!$blogRendered) {
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 404 Not Foud", true, 404);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/404.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// Redirect back to the referrer.
|
||||
header("Location: ".$referer);
|
||||
?>
|
|
@ -8,26 +8,27 @@ include_once($COMMONS."/header.php");
|
|||
*/
|
||||
function display_blog_preview($blogpost_id, $blogpost_addr, $title, $abstract,
|
||||
$date_posted, $tags){
|
||||
if(is_null($blogpost_addr)) {
|
||||
printf("
|
||||
print_r("
|
||||
<div class=\"blog-preview\">
|
||||
<a href=\"http://www.zdenekborovec-dev.cz/blog/article?blogpost_id=%s\">
|
||||
<table class=\"noborder-table\" style=\"width: 100%;\">
|
||||
<tr><td>");
|
||||
printf("
|
||||
<a href=\"http://www.zdenekborovec-dev.cz/blog/article/%s\">
|
||||
<h3>
|
||||
%s
|
||||
</h3>
|
||||
</a>
|
||||
", $blogpost_id, $title);
|
||||
}
|
||||
else {
|
||||
printf("
|
||||
<div class=\"blog-preview\">
|
||||
<a href=\"http://www.zdenekborovec-dev.cz/blog/article?address=%s\">
|
||||
<h3>
|
||||
%s
|
||||
</h3>
|
||||
</a>
|
||||
</a></td>
|
||||
", $blogpost_addr, $title);
|
||||
|
||||
if (isset($_COOKIE["PHPSESSID"]) &&
|
||||
(bool)($_SESSION["current_user"]->permissions & 128)) {
|
||||
print_r("<td style=\"display: inline-block; text-align: right;
|
||||
width: 100%;\">");
|
||||
printf("<a
|
||||
href=\"http://www.zdenekborovec-dev.cz/blog/writearticle?guid=%s\"
|
||||
style=\"border: dotted black;\">edit</a></td>", $blogpost_id);
|
||||
}
|
||||
print_r("</tr></table>");
|
||||
|
||||
print_r("<table class=\"noborder-table\" style=\"width: 100%;\">
|
||||
<tr><td class=\"blog-tags\">");
|
||||
|
|
157
docs/www/blog/post_comment.php
Normal file
157
docs/www/blog/post_comment.php
Normal file
|
@ -0,0 +1,157 @@
|
|||
<?php
|
||||
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
||||
|
||||
include_once($COMMONS."/header.php");
|
||||
include_once($COMMONS."/blog_utils.php");
|
||||
|
||||
/**
|
||||
* Send a comment to the database.
|
||||
* If the poster is not signed in, send "NULL" (as a string) as the $posterID
|
||||
* The same goes for $parentId (that is the parent comment,
|
||||
* if this one is a response)
|
||||
* Returns: GUID PK of the newly added comment.
|
||||
*/
|
||||
function send_comment($conn, $blogId, $posterId, $content, $parentId) {
|
||||
// If content is empty, do not post
|
||||
if(empty($content)) {
|
||||
return "";
|
||||
}
|
||||
|
||||
// Get a uuid for the comment
|
||||
$stmt = $conn->prepare("SELECT UUID()");
|
||||
$stmt->execute();
|
||||
$result = $stmt->fetch(PDO::FETCH_ASSOC);
|
||||
$uuid = $result["UUID()"];
|
||||
|
||||
// Prepare the statemtnt
|
||||
$stmt = $conn->prepare("INSERT INTO blogpost_comments
|
||||
( comment_id, parent_id, blogpost_id, poster_id, content) VALUES
|
||||
(:comment_id, :parent_id, :blogpost_id, :poster_id, :content);");
|
||||
|
||||
// Bind all the parameters
|
||||
$stmt->bindValue(":comment_id", $uuid, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":parent_id", $parentId == "NULL"
|
||||
? NULL : $parentId, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":blogpost_id", $blogId, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":poster_id", $posterId == "NULL"
|
||||
? NULL : $posterId, PDO::PARAM_STR);
|
||||
$stmt->bindValue(":content", $content, PDO::PARAM_STR);
|
||||
|
||||
// Execute the statement
|
||||
$stmt->execute();
|
||||
|
||||
return $uuid;
|
||||
}
|
||||
|
||||
// If request is not POST, show request info.
|
||||
if(strcmp($_SERVER["REQUEST_METHOD"], "POST") != 0)
|
||||
{
|
||||
display_header("Post Comment");
|
||||
|
||||
printf("
|
||||
<article>
|
||||
<h2>Post Comment</h2>
|
||||
<p>
|
||||
Request this page with POST supplying following arguments:
|
||||
</p>
|
||||
<table>
|
||||
<tr>
|
||||
<td>
|
||||
<b>Argument</b>
|
||||
</td>
|
||||
<td>
|
||||
<b>Comment</b>
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
referer
|
||||
</td>
|
||||
<td>
|
||||
URL, from which this page was requested,
|
||||
after adding the comment into the database,
|
||||
the page will redirect back to the referer.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
blogpost_id
|
||||
</td>
|
||||
<td>
|
||||
GUID of the blogpost, under which the comment was posted.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
content
|
||||
</td>
|
||||
<td>
|
||||
Content of the comment.
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
<td>
|
||||
parent_id (optional)
|
||||
</td>
|
||||
<td>
|
||||
GUID of the parent comment of the comment to be posted.
|
||||
</td>
|
||||
</tr>
|
||||
</table>
|
||||
<p>
|
||||
Note: takes the SESSION variable \"current_user\" into account, if set.
|
||||
</p>
|
||||
</article>
|
||||
");
|
||||
|
||||
include_once($COMMONS."/footer.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// Check DB connection
|
||||
if($conn == null){
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 503 Service Unavailable", true, 503);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/503.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// If one of the needed parameters isn't set, show 400
|
||||
if(!
|
||||
(isset($_POST["referer"]) && isset($_POST["blogpost_id"]) &&
|
||||
isset($_POST["content"])))
|
||||
{
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 400: Bad Request", true, 400);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/400.php");
|
||||
die;
|
||||
}
|
||||
|
||||
// Get the input arguments
|
||||
$referer = sanitize_input($_POST["referer"]);
|
||||
$blogpost_id = sanitize_input($_POST["blogpost_id"]);
|
||||
$content = sanitize_input($_POST["content"]);
|
||||
$parent_id = isset($_POST["parent_id"]) ?
|
||||
sanitize_input($_POST["parent_id"]) : "NULL";
|
||||
$poster_id = isset($_SESSION["current_user"]) ?
|
||||
sanitize_input($_SESSION["current_user"]->user_id) : "NULL";
|
||||
|
||||
// Send the comment to the database
|
||||
$commentId = send_comment($conn, $blogpost_id, $poster_id, $content,
|
||||
$parent_id);
|
||||
|
||||
// Get the address of the blogpost
|
||||
$blogAddress = get_blogpost_address($conn, $blogpost_id);
|
||||
|
||||
// Try to open the file to which to render the blogpost.
|
||||
if (!($fp = fopen("article/".$blogAddress.".php", 'w'))) {
|
||||
header($_SERVER["SERVER_PROTOCOL"]." 500 Could not open file for writing",
|
||||
true, 505);
|
||||
include_once($_SERVER["DOCUMENT_ROOT"]."/errors/500.php");
|
||||
die();
|
||||
}
|
||||
|
||||
// Attempt to regenerate the blogpost
|
||||
$blogRendered = generate_article($conn, $fp, $blogpost_id);
|
||||
|
||||
// Redirect back to the referrer.
|
||||
header("Location: ".$referer."#comment-".$commentId);
|
||||
?>
|
|
@ -175,6 +175,7 @@ function remove_blogpost_tags($conn, $blogpost_id) {
|
|||
* (space-separated).
|
||||
* @param $abstract Abstract for the article.
|
||||
* @param $content Content of the article.
|
||||
* @returns The guid of the newly generated blogpost.
|
||||
*/
|
||||
function publish_blogpost($conn, $blogpost_addr, $title, $tagStr, $abstract,
|
||||
$content) {
|
||||
|
@ -197,6 +198,9 @@ function publish_blogpost($conn, $blogpost_addr, $title, $tagStr, $abstract,
|
|||
|
||||
// Add the new tags to the blogpost
|
||||
add_tags_to_blogpost($conn, $blogpost_id, $tagStr);
|
||||
|
||||
// Return the newly generated blogposts id.
|
||||
return $blogpost_id;
|
||||
}
|
||||
|
||||
/**
|
||||
|
@ -251,28 +255,50 @@ if(isset($_POST["submit"])) {
|
|||
$abstract = $_POST["article_abstract"];
|
||||
$content = $_POST["article_content"];
|
||||
|
||||
// If adress is empty, set it to null
|
||||
// If adress is empty, repopulate the prefills and show error
|
||||
if(strcmp($address, "") == 0) {
|
||||
$address = null;
|
||||
}
|
||||
|
||||
if($_POST["blogpost_id"]) {
|
||||
$blogpostId = $_POST["blogpost_id"];
|
||||
update_blogpost($conn, $blogpostId, $address, $title, $tagsStr,
|
||||
$abstract, $content);
|
||||
// Set prefill values for the form
|
||||
$blogId_prefill = isset($_POST["blogpost_id"]) ?
|
||||
sanitize_input($_POST["blogpost_id"]) : "";
|
||||
$title_prefill = $title;
|
||||
$address_prefill = $address;
|
||||
$abstract_prefill = $abstract;
|
||||
$content_prefill = $content;
|
||||
$tagStr_prefill = $tagsStr;
|
||||
$addrErr = "Cannot be empty!";
|
||||
}
|
||||
// Otherwise update/create the blogpost
|
||||
else {
|
||||
publish_blogpost($conn, $address, $title, $tagsStr, $abstract,
|
||||
$content);
|
||||
if($_POST["blogpost_id"]) {
|
||||
$blogpostId = sanitize_input($_POST["blogpost_id"]);
|
||||
update_blogpost($conn, $blogpostId, $address, $title, $tagsStr,
|
||||
$abstract, $content);
|
||||
}
|
||||
else {
|
||||
$blogpostId = publish_blogpost($conn, $address, $title, $tagsStr,
|
||||
$abstract, $content);
|
||||
}
|
||||
|
||||
generate_atom_feed($conn);
|
||||
|
||||
// Show button to generate the article
|
||||
printf("
|
||||
<article>
|
||||
<form method=\"post\"
|
||||
action=\"http://www.zdenekborovec-dev.cz/blog/generatearticle/\">
|
||||
<input type=\"hidden\" name=\"blogpost_id\" value=\"%s\">
|
||||
<input type=\"hidden\" name=\"referer\"
|
||||
value=\"http://www.zdenekborovec-dev.cz/blog/article/%s\">
|
||||
<input name=\"submit\" type=\"submit\" value=\"Generate article\">
|
||||
</form>
|
||||
</article>
|
||||
", $blogpostId, $address);
|
||||
include_once($COMMONS."/footer.php");
|
||||
die;
|
||||
}
|
||||
|
||||
generate_atom_feed($conn);
|
||||
|
||||
header("Location: http://www.zdenekborovec-dev.cz/blog");
|
||||
die();
|
||||
}
|
||||
|
||||
if(isset($_GET["guid"])) {
|
||||
else if(isset($_GET["guid"])) {
|
||||
$blogId = sanitize_input($_GET["guid"]);
|
||||
|
||||
// select article title, abstract and content from the database
|
||||
|
@ -324,7 +350,7 @@ printf("
|
|||
</td><td style=\"padding: 0px 4px;\">
|
||||
<input type=\"text\" name=\"blogpost_address\" value=\"%s\">
|
||||
</td><td style=\"padding: 0px 4px;\">
|
||||
Leave empty to use GUID addressing
|
||||
%s
|
||||
</td></tr>
|
||||
<tr><td style=\"padding: 0px 4px;\">
|
||||
<label for=\"blogpost_tags\">Post tags:</label>
|
||||
|
@ -348,7 +374,7 @@ printf("
|
|||
<input name=\"submit\" type=\"submit\" value=\"Send File\">
|
||||
</form>
|
||||
</article>
|
||||
", $blogId_prefill, $title_prefill, $address_prefill, $tagStr_prefill, $abstract_prefill,
|
||||
$content_prefill);
|
||||
", $blogId_prefill, $title_prefill, $address_prefill, $addrErr,
|
||||
$tagStr_prefill, $abstract_prefill, $content_prefill);
|
||||
include_once($COMMONS."/footer.php");
|
||||
?>
|
||||
|
|
18
docs/www/errors/400.php
Normal file
18
docs/www/errors/400.php
Normal file
|
@ -0,0 +1,18 @@
|
|||
<?php
|
||||
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
||||
|
||||
include_once($COMMONS."/header.php");
|
||||
|
||||
display_header("400: Bad Request");
|
||||
?>
|
||||
|
||||
<article>
|
||||
<h2>400: Bad Request</h2>
|
||||
<div class="centered-container">
|
||||
<img src="https://assets.zdenekborovec.cz/upload/e1463bdfe24101b467cb8587980f14b6/9916594a95e8de21e0d41f90fe15d2a7/72dfbcf9e4809a28d8fdcf4940850164.gif" alt="Cat smacking another cat.">
|
||||
</div>
|
||||
</article>
|
||||
|
||||
<?php
|
||||
include_once($COMMONS."/footer.php");
|
||||
?>
|
18
docs/www/errors/405.php
Normal file
18
docs/www/errors/405.php
Normal file
|
@ -0,0 +1,18 @@
|
|||
<?php
|
||||
$COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
||||
|
||||
include_once($COMMONS."/header.php");
|
||||
|
||||
display_header("405: Method not allowed");
|
||||
?>
|
||||
|
||||
<article>
|
||||
<h2>405: Method Not Allowed</h2>
|
||||
<div class="centered-container">
|
||||
<img src="https://assets.zdenekborovec.cz/upload/39486004aa605167cdda6623a4a3fa6d/7da36b469b34cc1008639612f0c17e21/d077e6ed1bd1a560a718590ae609422c.gif" alt="GIF of a cat shaking its head.">
|
||||
</div>
|
||||
</article>
|
||||
|
||||
<?php
|
||||
include_once($COMMONS."/footer.php");
|
||||
?>
|
|
@ -3,7 +3,7 @@ $COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
|||
|
||||
include_once($COMMONS."/header.php");
|
||||
|
||||
display_header("403: Forbidden");
|
||||
display_header("500: Internal Server Error");
|
||||
?>
|
||||
|
||||
<article>
|
||||
|
|
|
@ -4,7 +4,7 @@ $COMMONS = $_SERVER['DOCUMENT_ROOT'] . "/../common";
|
|||
|
||||
include_once($COMMONS."/header.php");
|
||||
|
||||
display_header("403: Forbidden");
|
||||
display_header("503: Service Unavailable");
|
||||
?>
|
||||
|
||||
<article>
|
||||
|
|
Loading…
Reference in a new issue