-
Notifications
You must be signed in to change notification settings - Fork 36
/
Copy pathStory.php
101 lines (83 loc) · 3.6 KB
/
Story.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
<?php
class Story {
public function __construct($config) {
$dbconfig = $config['database'];
$dsn = 'mysql:host=' . $dbconfig['host'] . ';dbname=' . $dbconfig['name'];
$this->db = new PDO($dsn, $dbconfig['user'], $dbconfig['pass']);
$this->db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
}
public function index() {
if(!isset($_GET['id'])) {
header("Location: /");
exit;
}
$story_sql = 'SELECT * FROM story WHERE id = ?';
$story_stmt = $this->db->prepare($story_sql);
$story_stmt->execute(array($_GET['id']));
if($story_stmt->rowCount() < 1) {
header("Location: /");
exit;
}
$story = $story_stmt->fetch(PDO::FETCH_ASSOC);
$comment_sql = 'SELECT * FROM comment WHERE story_id = ?';
$comment_stmt = $this->db->prepare($comment_sql);
$comment_stmt->execute(array($story['id']));
$comment_count = $comment_stmt->rowCount();
$comments = $comment_stmt->fetchAll(PDO::FETCH_ASSOC);
$content = '
<a class="headline" href="' . $story['url'] . '">' . $story['headline'] . '</a><br />
<span class="details">' . $story['created_by'] . ' | ' . $comment_count . ' Comments |
' . date('n/j/Y g:i a', strtotime($story['created_on'])) . '</span>
';
if(isset($_SESSION['AUTHENTICATED'])) {
$content .= '
<form method="post" action="/comment/create">
<input type="hidden" name="story_id" value="' . $_GET['id'] . '" />
<textarea cols="60" rows="6" name="comment"></textarea><br />
<input type="submit" name="submit" value="Submit Comment" />
</form>
';
}
foreach($comments as $comment) {
$content .= '
<div class="comment"><span class="comment_details">' . $comment['created_by'] . ' | ' .
date('n/j/Y g:i a', strtotime($story['created_on'])) . '</span>
' . $comment['comment'] . '</div>
';
}
require_once 'layout.phtml';
}
public function create() {
if(!isset($_SESSION['AUTHENTICATED'])) {
header("Location: /user/login");
exit;
}
$error = '';
if(isset($_POST['create'])) {
if(!isset($_POST['headline']) || !isset($_POST['url']) ||
!filter_input(INPUT_POST, 'url', FILTER_VALIDATE_URL)) {
$error = 'You did not fill in all the fields or the URL did not validate.';
} else {
$sql = 'INSERT INTO story (headline, url, created_by, created_on) VALUES (?, ?, ?, NOW())';
$stmt = $this->db->prepare($sql);
$stmt->execute(array(
$_POST['headline'],
$_POST['url'],
$_SESSION['username'],
));
$id = $this->db->lastInsertId();
header("Location: /story/?id=$id");
exit;
}
}
$content = '
<form method="post">
' . $error . '<br />
<label>Headline:</label> <input type="text" name="headline" value="" /> <br />
<label>URL:</label> <input type="text" name="url" value="" /><br />
<input type="submit" name="create" value="Create" />
</form>
';
require_once 'layout.phtml';
}
}