Exemple #1
0
    // 'admin' connected is allowed to see draft articles, but not 'public'. Same for article posted with a date in the future.
    if (empty($_SESSION['user_id'])) {
        $query = "SELECT * FROM articles WHERE bt_id=? AND bt_date <=? AND bt_statut=1 LIMIT 1";
        $billets = liste_elements($query, array($id, date('YmdHis')), 'articles');
    } else {
        $query = "SELECT * FROM articles WHERE bt_id=? LIMIT 1";
        $billets = liste_elements($query, array($id), 'articles');
    }
    if (!empty($billets[0])) {
        // TRAITEMENT new commentaire
        $erreurs_form = array();
        if (isset($_POST['_verif_envoi'], $_POST['commentaire'], $_POST['captcha'], $_POST['_token'], $_POST['auteur'], $_POST['email'], $_POST['webpage']) and $billets[0]['bt_allow_comments'] == '1') {
            // COMMENT POST INIT
            $comment = init_post_comment($id, 'public');
            if (isset($_POST['enregistrer'])) {
                $erreurs_form = valider_form_commentaire($comment, 'public');
            }
        } else {
            unset($_POST['enregistrer']);
        }
        afficher_form_commentaire($id, 'public', $erreurs_form);
        if (empty($erreurs_form) and isset($_POST['enregistrer'])) {
            traiter_form_commentaire($comment, 'public');
        }
        afficher_index($billets[0], 'post');
    } else {
        afficher_index(NULL, 'list');
    }
} elseif (isset($_GET['id']) and preg_match('#\\d{14}#', $_GET['id'])) {
    $tableau = liste_elements("SELECT * FROM links WHERE bt_id=? AND bt_statut=1", array($_GET['id']), 'links');
    afficher_index($tableau, 'list');
Exemple #2
0
#
# *** LICENSE ***
$begin = microtime(TRUE);
$GLOBALS['BT_ROOT_PATH'] = '../';
require_once '../inc/inc.php';
error_reporting($GLOBALS['show_errors']);
operate_session();
$GLOBALS['db_handle'] = open_base($GLOBALS['db_location']);
// RECUP MAJ
$article_id = '';
$article_title = '';
// TRAITEMENT
$erreurs_form = array();
if (isset($_POST['_verif_envoi'])) {
    $comment = init_post_comment($_POST['comment_article_id'], 'admin');
    $erreurs_form = valider_form_commentaire($comment, 'admin');
    if (empty($erreurs_form)) {
        traiter_form_commentaire($comment, 'admin');
    }
}
$tableau = array();
// if article ID is given in query string
if (isset($_GET['post_id']) and preg_match('#\\d{14}#', $_GET['post_id'])) {
    $param_makeup['menu_theme'] = 'for_article';
    $article_id = $_GET['post_id'];
    $article_title = get_entry($GLOBALS['db_handle'], 'articles', 'bt_title', $article_id, 'return');
    $query = "SELECT * FROM commentaires WHERE bt_article_id=? ORDER BY bt_id";
    $commentaires = liste_elements($query, array($article_id), 'commentaires');
    $param_makeup['show_links'] = '0';
} else {
    $param_makeup['menu_theme'] = 'for_comms';