<?php include_once '../../app/services/session.php'; include_once '../../app/services/HttpService.php'; include_once '../../app/services/AuthenticationService.php'; include_once '../../app/services/SanitationService.php'; include_once '../../app/services/ArticleService.php'; include_once '../../app/services/CommentService.php'; include_once '../../app/models/comment.php'; $method = $_SERVER['REQUEST_METHOD']; if ($method == "POST") { // Check user role if (!AuthenticationService::can_write_comment()) { HttpService::return_unauthorized(); } // Validate data $article_id = SanitationService::convertHtml($_POST['article-id']); $text = SanitationService::convertHtml($_POST['comment']); // Save comment $comments = new CommentService(); $comment = $comments->add_comment_to_article($article_id, $text); // Generate view data $user = $comment->user; $date = date("F d, Y", $comment->creation_date); $text = $comment->text; // Return comment to client include '../../app/views/comments/show.php'; exit; } if ($method == 'DELETE') { // Get form data