if (!AuthenticationService::can_delete_article($article)) {
HttpService::return_unauthorized();
}
// Delete article
$articles->remove_article($id);
HttpService::return_no_content();
}
HttpService::return_bad_request();
}
// GET - Show form
if ($method == "GET") {
if (!isset($_GET['id'])) {
HttpService::return_bad_request();
}
$id = $_GET['id'];
$srv = ArticleService::get_instance();
$article = $srv->get_article($id);
if (!isset($article)) {
HttpService::return_not_found();
}
$article_id = $article->get_id();
$title = $article->get_title();
$keywords = $article->get_keywords();
$author = $article->get_author();
$content = BulletBoardCodeParser::convertToHtml($article->get_text());
$creation_date = date('F d, Y', $article->get_creation_date());
$commentsSrv = new CommentService();
$comments = $commentsSrv->get_comments_from_article($article_id);
$page_title = "Article {$id}";
$page_content = '../../app/views/articles/details.php';
include_once '../../app/views/_layout.php';
include_once '../../app/services/HttpService.php';
// Parse parameters from request
$title = isset($_POST['title']) ? $_POST['title'] : null;
$keywords = isset($_POST['keywords']) ? $_POST['keywords'] : null;
$content = isset($_POST['content']) ? $_POST['content'] : null;
$user = $_SESSION['username'];
// Validate required parameters
if (!isset($title, $content, $user)) {
HttpService::return_bad_request();
}
// Sanitize user input
$title = SanitationService::convertHtml($title);
$keywords = SanitationService::convertHtml($keywords);
$content = SanitationService::convertHtml($content);
// Save article
$articles = ArticleService::get_instance();
$articles->add_article($user, $title, $keywords, $content);
// Redirect to articles
HttpService::redirect_to('/articles/');
}
// GET - Show form
if ($method == "GET") {
$page_title = "New Article";
$form_action = '/articles/new';
$id = '';
$title = '';
$keywords = '';
$author = $_SESSION['username'];
$content = '';
$date = date('F d, Y', time());
$page_content = '../../app/views/articles/edit.php';