From 827dbcdb39a4ba0c3bef767e3dcae3535f6eef57 Mon Sep 17 00:00:00 2001
From: Jan BELLON <jan@intra.e59.fr>
Date: Thu, 7 Mar 2024 17:26:43 +0000
Subject: [PATCH] Update 3 files

- /html/editpage.php
- /html/upload-file.php
- /html/upload.php
---
 html/editpage.php    |  2 +-
 html/upload-file.php | 95 ++++++++++++++++++++++++++++++++++++++++++++
 html/upload.php      | 60 ++++++++++++++--------------
 3 files changed, 125 insertions(+), 32 deletions(-)
 create mode 100644 html/upload-file.php

diff --git a/html/editpage.php b/html/editpage.php
index d385e4f3..563c6ef4 100644
--- a/html/editpage.php
+++ b/html/editpage.php
@@ -84,7 +84,7 @@ if(isset($fichier)) {
                     <div>
                         <?php 
                             if(isset($contenu)) {
-                                echo "<div><div>" . $filename . "</div>";
+                                echo "<div><div><h1>" . $filename . "</h1></div>";
                                 echo '<div><textarea name="page-content">' . $texte = str_replace("<br />", "", $contenu) . '</textarea></div>';
                                 echo '<div><input type="submit" value="Publier"></div>';
                             } else {
diff --git a/html/upload-file.php b/html/upload-file.php
new file mode 100644
index 00000000..e0c0218e
--- /dev/null
+++ b/html/upload-file.php
@@ -0,0 +1,95 @@
+<?php
+require "../include/variables.php";
+require "../include/functions.php";
+
+if(isset($_SESSION['userid']) == false) {
+    header("Location: login.php");
+    http_response_code(404);
+    die();
+}
+
+if(isset($_POST['titre']) && isset($_FILES['file'])) {
+    $filename = rand(100000, 999999);
+    $destination = "/var/www/e59/content/journal/" . $filename . ".md";
+    $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
+    if (!move_uploaded_file($_FILES['file']['tmp_name'], $destination)) {
+        $erreur = error_get_last();
+        die("Le fichier n'a pas pu être téléchargé. Erreur : " . $erreur['message']);
+    }
+    $upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)");
+    $upload->bindParam(':filename', $filename);
+    $upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
+    $upload->bindParam(':auteur', $_SESSION['display_name']);
+    if (isset($_POST['date']) && empty($_POST['date']) == false) {
+        $upload->bindParam(':date', htmlspecialchars($_POST['date']));
+    } else {
+        $upload->bindParam(':date', date());
+    }
+	if($upload->execute()) {
+        $status = "Uploaded";
+    } else {
+        $status = "SQL Error";
+    }
+}
+
+?>
+<!DOCTYPE html>
+<html lang="fr">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <link rel="stylesheet" href="./src/css/style.css">
+    <link rel="icon" href="src/img/favicon.ico">
+    <titre><?=$titre?></titre>
+</head>
+<body>
+    <header>
+        <div class="pancontent">
+            <div class="athena-container">
+                <a href="/" class="athena-link">
+                    <img src="./src/img/athena-mono.png" class="athena">
+                </a>
+            </div>
+            <div class="content">
+                <div>
+                    <div class="main-titre">
+                        <div class="titre"><?=$header_titre?></div>
+                        <div class="subtitre"><?=$header_subtitre?></div>
+                    </div>
+                </div>
+            </div>
+        </div>
+    </header>
+    <nav>
+        <div class="pancontent">
+            <?php nav($nav);?>
+        </div>
+    </nav>
+    <main>
+        <div class="content">
+            <div>
+                <div>
+                    <h1>Publier un article</h1>
+                    <form action="#" method="post" enctype="multipart/form-data">
+                        <div>
+                            <div><input type="text" name="titre" placeholder="Titre de l'article" required></div>
+                            <div><input type="date" name="date"></div>
+                            <!--<div><input type="radio">Interne</input></div>-->
+                            <div><input type="file" name="file" required></div>
+                            <div><input type="submit" value="Publier"></div>
+                            <div><?=$status?></div>
+                        </div>
+                    </form>
+                </div>
+            </div>
+        </div>
+    </main>
+    <footer>
+        <div class="content">
+            <div>
+                <div><?=$copyright?></div>
+            </div>
+        </div>
+    </footer>
+</body>
+</html>
\ No newline at end of file
diff --git a/html/upload.php b/html/upload.php
index e0c0218e..2e8bd451 100644
--- a/html/upload.php
+++ b/html/upload.php
@@ -2,36 +2,33 @@
 require "../include/variables.php";
 require "../include/functions.php";
 
+$repertoire = "/var/www/e59/";
+
 if(isset($_SESSION['userid']) == false) {
     header("Location: login.php");
     http_response_code(404);
     die();
 }
 
-if(isset($_POST['titre']) && isset($_FILES['file'])) {
+if(isset($_POST['page-content'])) {
     $filename = rand(100000, 999999);
-    $destination = "/var/www/e59/content/journal/" . $filename . ".md";
-    $bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
-    if (!move_uploaded_file($_FILES['file']['tmp_name'], $destination)) {
-        $erreur = error_get_last();
-        die("Le fichier n'a pas pu être téléchargé. Erreur : " . $erreur['message']);
+    while(file_exists($repertoire . "content/" . $filename)) {
+        $filename = rand(100000, 999999);
     }
+    file_put_contents($repertoire . "content/" . $filename, nl2br($_POST['page-content']));
     $upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)");
     $upload->bindParam(':filename', $filename);
     $upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
     $upload->bindParam(':auteur', $_SESSION['display_name']);
-    if (isset($_POST['date']) && empty($_POST['date']) == false) {
-        $upload->bindParam(':date', htmlspecialchars($_POST['date']));
-    } else {
-        $upload->bindParam(':date', date());
-    }
-	if($upload->execute()) {
+    $upload->bindParam(':date', date());
+    if($upload->execute()) {
         $status = "Uploaded";
     } else {
         $status = "SQL Error";
     }
+    header("Location: editpage.php?article=" . $filename);
+    exit();
 }
-
 ?>
 <!DOCTYPE html>
 <html lang="fr">
@@ -40,21 +37,27 @@ if(isset($_POST['titre']) && isset($_FILES['file'])) {
     <meta name="viewport" content="width=device-width, initial-scale=1.0">
     <link rel="stylesheet" href="./src/css/style.css">
     <link rel="icon" href="src/img/favicon.ico">
-    <titre><?=$titre?></titre>
+    <title><?=$title?></title>
+    <style>
+        textarea {
+            width: 100%;
+            min-height: 50em;
+        }
+    </style>
 </head>
 <body>
     <header>
         <div class="pancontent">
             <div class="athena-container">
-                <a href="/" class="athena-link">
+                <a href="/">
                     <img src="./src/img/athena-mono.png" class="athena">
                 </a>
             </div>
             <div class="content">
                 <div>
-                    <div class="main-titre">
-                        <div class="titre"><?=$header_titre?></div>
-                        <div class="subtitre"><?=$header_subtitre?></div>
+                    <div class="main-title">
+                        <div class="title"><?=$header_title?></div>
+                        <div class="subtitle"><?=$header_subtitle?></div>
                     </div>
                 </div>
             </div>
@@ -68,19 +71,14 @@ if(isset($_POST['titre']) && isset($_FILES['file'])) {
     <main>
         <div class="content">
             <div>
-                <div>
-                    <h1>Publier un article</h1>
-                    <form action="#" method="post" enctype="multipart/form-data">
-                        <div>
-                            <div><input type="text" name="titre" placeholder="Titre de l'article" required></div>
-                            <div><input type="date" name="date"></div>
-                            <!--<div><input type="radio">Interne</input></div>-->
-                            <div><input type="file" name="file" required></div>
-                            <div><input type="submit" value="Publier"></div>
-                            <div><?=$status?></div>
-                        </div>
-                    </form>
-                </div>
+                <form action="?article=<?=$filename?>" method="post">
+                    <div>
+                        <div><div><h1>Publier un article</h1></div>
+                        <div><input type="text" name="titre" placeholder="Titre"></div>
+                        <div><textarea name="page-content"></textarea></div>
+                        <div><input type="submit" value="Publier"></div>
+                    </div>
+                </form>
             </div>
         </div>
     </main>