function viewArticle()
{
if (!isset($_GET["articleId"]) || !$_GET["articleId"]) {
homepage();
return;
}
$results = array();
$results['article'] = Article::getById((int) $_GET["articleId"]);
$results['pageTitle'] = $results['article']->title . " | Widget News";
require TEMPLATE_PATH . "/viewArticle.php";
}
function viewArticle()
{
if (!isset($_GET["articleId"]) || !$_GET["articleId"]) {
homepage();
return;
}
$results = array();
$results['article'] = Article::getById((int) $_GET["articleId"]);
$results['pageTitle'] = $results['article']->title;
require "templates/viewArticle.php";
}
function viewArticle()
{
if (!isset($_GET["articleId"]) || !$_GET["articleId"]) {
homepage();
return;
}
$results = array();
$results['article'] = Article::getById((int) $_GET["articleId"]);
$results['category'] = Category::getById($results['article']->categoryId);
$results['pageTitle'] = $results['article']->title . " | SystemBolaget";
require TEMPLATE_PATH . "/viewArticle.php";
}
function viewArticle()
{
if (!isset($_GET["articleId"]) || !$_GET["articleId"]) {
/*what this does with ! is interesting. As you know, ! is a way to say NOT. != means not equal, !isset means not set, and so on. || is an OR operator.
So this line says that if $_GET["articleid"] isn't set to anything (no value was passed to the GET), OR if $_GET["articleID] equals 0 (boolean FALSE), execute the next few lines.
If either of those are true, it executes the next lines */
homepage();
return;
/*so this block says that if there is no articleID passed by GET, or if the ID does not correspond to an existing article, go to the homepage and then return.
return is different from break because rather than exiting a conditional tree it exits the current method (function, constuctor, conditional, switch, anything really.). */
}
$results = array();
/*same as line 22. I'm keeping the name the same so my HTML templates can just all pull from their respective $results array
(viewArticle.php will pull from the $results generated by the viewArticle() function, same for homepage() and archive() ) */
$results['article'] = Article::getById((int) $_GET["articleId"]);
/*this sets the article keyh equal to the article found by getById() when I pass it an integer version of $_GET["articleId"].
While the user isn't actually inputting text to execute this GET, just clikcing on a link that modifies the url to have .php?id=whatever, someone could still use XSS to mess with my stuff. Hence (int) */
$results['pageTitle'] = $results['article']->title . " | The Blag";
/*unlike archive(), the pageTitle here will vary depending on what article it is that the user is viewing.
Therefore, the page title should vary as well, whcih it can easily do by grabbing the title out of the associative array that is an article in the database (key/value pairs in the form of rows (values) and columns (keys) ) */
require TEMPLATE_PATH . "/viewArticle.php";
#I'mma need a template to display the article in HTML form, so my code should denote that by requiring it. Also, this is a cool little example of concatenation (the . operator).
}
function deleteArticle()
{
if (!($article = Article::getById((int) $_GET['articleId']))) {
header("Location: admin.php?error=articleNotFound");
return;
}
$article->delete();
header("Location: admin.php?status=articleDeleted");
}
function viewArticle()
{
if (!isset(Route::getCurrentRoute()->values["articleId"]) || !Route::getCurrentRoute()->values["articleId"]) {
homepage();
return;
}
$results = array();
$results['article'] = Article::getById((int) Route::getCurrentRoute()->values["articleId"]);
$results['pageTitle'] = $results['article']->getTitle();
require TEMPLATE_PATH . "/viewArticle.php";
}
function deleteArticle()
{
if (!($article = Article::getById((int) $_GET['articleId']))) {
/*this is a GET because the user isn't submitting data, just changing the url to delete the article.
This is secure because of the fact that my switchyard stops anyone without a session username (of which there is only the admin's) from using any of these functions. I hope. Same ! operator and stuff as newArticle() and editArticle() */
header("Location: admin.php?error=articleNotFound");
return;
#the aforementioned punt.
}
$article->delete();
header("Location: admin.php?status=articleDeleted");
}
public function update($f3, $param)
{
$table = MyConst::$tables[$param['table']];
$cols = MyConst::$cols[$param['table']];
$article = new Article($this->db, $table, $cols);
if ($this->f3->exists('POST.updateArticle')) {
if (isset($_POST['description'])) {
$_POST['description'] = str_replace(array('.', ' ', "\n", "\t", "\r"), '', $_POST['description']);
}
$this->updateAttachment($table);
$article->edit($this->f3->get('POST.id'));
$this->f3->reroute("/list/" . $param['table']);
} else {
$article->getById($this->f3->get('PARAMS.id'));
$this->f3->set('article', $article);
$this->f3->set('VIEWTABLE', $param['table']);
$this->f3->set('view', "/" . $param['table'] . "/update.html");
echo Template::instance()->render('layout.htm');
}
}
function delete()
{
if (!$GLOBALS['authentication']) {
header("Location: index.php?admin=login");
}
if (!($article = Article::getById((int) $_GET['id']))) {
header("Location:index.php?new=admin&error=articleNotFound");
return;
}
$article->delete();
header("Location:index.php?new=admin&status=articleDeleted");
}
