function save_blog($projectUrlName, $curBlogUrlName, $newBlogName, $imgLink, $firstSnippet, $blogContents) { //TODO: escape all other variables $eBlogContents = str_replace("\"", "'", $blogContents); $eBlogContents = escape($eBlogContents); //TODO: makes sure the escape function is doing what it is supposed to do... the \ are not showing up in the db $currentUser = current_account(); if ($currentUser < 0) { echo '{"result": "user-not-signed-in"}'; return; } // 1 - Get the blog num of the blog to save $blogNum = _getBlogNumFromNothing($projectUrlName, $curBlogUrlName, $currentUser); if ($blogNum == false) { return; } // 2 - Update the tables related to the blog the user is editing $updateBlogResult = _updateBlogInfo($blogNum, $imgLink, $firstSnippet); if ($updateBlogResult == false) { //probably also need to do database cleanup return; } $newUrlName = name_to_url_name(trim($newBlogName)); _updateBlogHead($blogNum, $newBlogName, $newUrlName); //TODO: error handling _updateBlogContents($blogNum, $eBlogContents); //TODO: error handling echo '{"result": "blog-save-success", "new_url_name": "' . $newUrlName . '"}'; }
function save_project_name($project_id, $new_value) { $deletor_account = current_account(); if ($deletor_account == -1) { echo '{"result": "save-project-failure"}'; return; } //TODO: make sure the project name validation works -----------------------------<< if (!valid_item_name($new_value)) { echo '{"result": "invalid-item-name"}'; return; } $name = $new_value; $url_name = name_to_url_name($name); $sql = "UPDATE project_info SET name='{$name}', url_name='{$url_name}' WHERE project={$project_id};"; $result = query($sql); if (!$result) { echo '{"result": "save-project-failure"}'; return; } echo '{"result": "save-project-success", "url_name": "' . $url_name . '"}'; }
function create_new_blog($projectUrlName) { //TODO: include more error checking $currentUser = current_account(); if ($currentUser == -1) { echo '{"result": "not-signed-in"}'; } $projectNum = _getProjectNum($projectUrlName, $currentUser); $time = time(); $blogName = "new blog " . $time; $blogUrl = name_to_url_name($blogName); $createBlog = "INSERT INTO blog_head values(null, {$projectNum}, '{$blogName}', '{$blogUrl}', {$time})"; $result = query($createBlog); $createdBlog = last_insert_id(); $createBlogInfo = "INSERT INTO blog_info values({$createdBlog}, 'http://i.imgur.com/WtDPZp7.png', '', {$time})"; $result2 = query($createBlogInfo); $blogTitle = "<p id='blog-title' contenteditable='true'> BlogTitle </p>"; $createBlogContent = "INSERT INTO blog_contents VALUES({$createdBlog}, \"{$blogTitle}\");"; $result3 = query($createBlogContent); echo '{"result": "create-new-blog-success"}'; }