public function indexAction() { header('content-type: application/json'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: POST'); $valid = true; $errors = []; if (ArticleModel::exists($this->pdo, htmlentities($_POST['id']))) { $id = htmlentities($_POST['id']); } else { return json_encode($errors['id'] = '<span class="errors">Cet article n\'existe pas</span>'); } $title = trim(ucfirst(strtolower(htmlentities($_POST['title'])))); $content = trim(htmlentities($_POST['content'])); if (!isset($title) || empty($title)) { $errors['title'] = '<span class="errors">Non saisi</span>'; $valid = false; } elseif (strlen($title) > 51) { $errors['title'] = '<span class="errors">Trop long</span>'; $valid = false; } if (!isset($content) || empty($content)) { $errors['content'] = '<span class="errors">Non saisi</span>'; $valid = false; } $errors['valid'] = $valid; if ($valid) { $errors['edit'] = ArticleModel::edit($this->pdo, $id, $title, $content, $_SESSION['auth']['username']); } echo json_encode($errors); }
public function indexAction() { header('content-type: application/json'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: POST'); $valid = true; $errors = []; $id = htmlentities($_POST['article']); $user = $_SESSION['auth']['username']; $comment = trim(htmlentities($_POST['comment'])); $timestamp = time(); if (!ArticleModel::exists($this->pdo, $id)) { $errors['article'] = '<span class="errors">Cet article n\'existe pas</span>'; $valid = false; } elseif (!isset($comment) || empty($comment)) { $errors['comment'] = '<span class="errors">Non saisi</span>'; $valid = false; } elseif (strlen($comment) > 200) { $errors['comment'] = '<span class="errors">200 caractères max</span>'; $valid = false; } $errors['valid'] = $valid; if ($valid) { CommentModel::create($this->pdo, $id, $user, $comment, $timestamp); } echo json_encode($errors); }
public function indexAction() { if (empty(explode('/', $_SERVER['REQUEST_URI'], 4)[2])) { header('Location : /'); exit; } else { $article_id = explode('/', $_SERVER['REQUEST_URI'], 4)[2]; } if (ArticleModel::exists($this->pdo, $article_id)) { include '../app/views/article.php'; return; } }
public function indexAction() { if (empty(explode('/', $_SERVER['REQUEST_URI'], 4)[2])) { header('Location: /'); exit; } else { $article_id = explode('/', $_SERVER['REQUEST_URI'], 4)[2]; } if (ArticleModel::exists($this->pdo, $article_id)) { if ($_SESSION['auth']['username'] === ArticleModel::getAuthor($this->pdo, $article_id) || $_SESSION['auth']['permissions'] === 'superadmin') { include '../app/views/editarticle.php'; return; } } else { header('Location: /404'); exit; } }