jan/e59-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update 2 files

Browse Source 
- /html/upload.php
- /html/editpage.php
This commit is contained in:
Jan BELLON 2024-03-07 17:37:44 +00:00
parent 827dbcdb39
commit a447574e6b
2 changed files with 23 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
html/editpage.php
View File

@ -32,6 +32,20 @@ if(isset($_GET['page']) && strpos($_GET['page'], "..") == false) {
} }
if(isset($fichier)) { if(isset($fichier)) {
if(isset($_GET['article']) && isset($_POST['deletefile']) && $_POST['deletefile'] == "Supprimer") {
if(unlink($fichier)) {
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$upload = $bdd->prepare("DELETE FROM articles WHERE ID = :filename");
$upload->bindParam(':filename', $filename);
if($upload->execute()) {
$status = "Fichier supprimé";
} else {
$status = "Erreur SQL";
}
} else {
die("Erreur : Le fichier n'a pas pu être supprimé");
}
}
if(isset($_POST['page-content'])) { if(isset($_POST['page-content'])) {
file_put_contents($fichier, nl2br($_POST['page-content'])); file_put_contents($fichier, nl2br($_POST['page-content']));
} }
@ -117,6 +131,11 @@ if(isset($fichier)) {
?> ?>
</div> </div>
</form> </form>
<form action="?<?php echo $filetypes[$filetype] . "=" . $filename?>" method="post">
<div>
<input type="submit" name="deletefile" value="Supprimer">
</div>
</form>
</div> </div>
</div> </div>
</main> </main>

6
html/upload.php
View File

@ -16,15 +16,17 @@ if(isset($_POST['page-content'])) {
$filename = rand(100000, 999999); $filename = rand(100000, 999999);
} }
file_put_contents($repertoire . "content/" . $filename, nl2br($_POST['page-content'])); file_put_contents($repertoire . "content/" . $filename, nl2br($_POST['page-content']));
$bdd = connect($dbhost, $dbname, $dbuser, $dbpass);
$upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)"); $upload = $bdd->prepare("INSERT INTO articles (ID, titre, date, auteur) VALUES (:filename, :titre, :date, :auteur)");
$upload->bindParam(':filename', $filename); $upload->bindParam(':filename', $filename);
$upload->bindParam(':titre', htmlspecialchars($_POST['titre'])); $upload->bindParam(':titre', htmlspecialchars($_POST['titre']));
$upload->bindParam(':auteur', $_SESSION['display_name']); $upload->bindParam(':auteur', $_SESSION['display_name']);
$upload->bindParam(':date', date()); $upload->bindParam(':date', date());
if($upload->execute()) { if($upload->execute()) {
$status = "Uploaded"; $status = "Article Publié";
} else { } else {
$status = "SQL Error"; $status = "Erreur SQL";
} }
header("Location: editpage.php?article=" . $filename); header("Location: editpage.php?article=" . $filename);
exit(); exit();