public function indexAction() { header('content-type: application/json'); header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: POST'); $valid = true; $errors = []; $id = htmlentities($_POST['article']); $user = $_SESSION['auth']['username']; $comment = trim(htmlentities($_POST['comment'])); $timestamp = time(); if (!ArticleModel::exists($this->pdo, $id)) { $errors['article'] = '<span class="errors">Cet article n\'existe pas</span>'; $valid = false; } elseif (!isset($comment) || empty($comment)) { $errors['comment'] = '<span class="errors">Non saisi</span>'; $valid = false; } elseif (strlen($comment) > 200) { $errors['comment'] = '<span class="errors">200 caractères max</span>'; $valid = false; } $errors['valid'] = $valid; if ($valid) { CommentModel::create($this->pdo, $id, $user, $comment, $timestamp); } echo json_encode($errors); }
public function createAction() { if (!isset($_POST['comment_content'])) { return json_encode(["error" => "comment_content missing"]); } $comment_content = strip_tags($_POST['comment_content']); $comment_content = htmlentities($comment_content); $comment_content = trim($comment_content); $comment_id = CommentModel::create($this->pdo, $comment_content); return json_encode(["message" => "Créé !", "comment_id" => $comment_id, "comment_content" => $comment_content]); }
</div> <div class="container"> <?php if ($diary == NULL) { echo '<div class="well">'; echo 'bai dang khong hop le </div>'; } else { //dem so comment $user = $u->getUser($_SESSION['id']); $submit = 'submit' . $i; if (isset($_POST[$submit])) { if (isset($_POST['comment'])) { $comment['user_id'] = $_SESSION['id']; $comment['diary_id'] = $diary['id']; $comment['content'] = nl2br($_POST['comment']); $c->create($comment); //header('Location: baidang.php'); } } $dem = $c->countComment($diary['id']); echo ' <div class="well">'; $anh = '../images/' . $user['img']; echo "<img src={$anh} width=\"40px\" height=\"40\" />"; echo '<a href=trangcanhan.php'; echo '><i class=" icon-pencil icon-2x"></i><b>' . ' ' . $user['username'] . '</b></a>'; echo '<h3 color="blue">' . $diary['subject'] . '</h3>'; echo $diary['time_on'] . '</br>'; echo $diary['content'] . '</br><br>'; echo ' <a href="edit_diary.php?did=' . $diary['id'] . '"><i class="glyphicon glyphicon-edit"> </i></a>