"article", 1 => "page" ]; if(isset($_GET['article']) && filter_var($_GET['article'], FILTER_VALIDATE_INT)) { if(file_exists($wwwroot . "/content/journal/" . $_GET['article'] . ".md")){ $fichier = $wwwroot . "/content/journal/" . $_GET['article'] . ".md"; $filename = $_GET['article']; $filetype = 0; } } if(isset($_GET['page']) && strpos($_GET['page'], "..") == false && $_SESSION['role'] >= 3) { if(file_exists($wwwroot . "/content/" . $_GET['page'] . ".md")){ $fichier = $wwwroot . "/content/" . $_GET['page'] . ".md"; $filename = $_GET['page']; $filetype = 1; } } if (isset($_FILES['miniature']) && $_FILES['miniature']['error'] == 0 && isset($_GET['article'])) { // Chemins et noms de fichiers $tempPath = $_FILES['miniature']['tmp_name']; $path = '/src/miniature/'. $_GET['article'] .'.png'; $rootPath = $wwwroot . "/html" . $path; $webPath = $root . $path; // Redimensionnement de l'image list($width, $height) = getimagesize($tempPath); $imageInfo = getimagesize($tempPath); if ($imageInfo[2] === IMAGETYPE_PNG || $imageInfo[2] === IMAGETYPE_JPEG) { $newWidth = 600; $newHeight = ($height / $width) * $newWidth; $imageResized = imagecreatetruecolor($newWidth, $newHeight); imagealphablending($imageResized, false); imagesavealpha($imageResized, true); $imageOriginal = imagecreatefromstring(file_get_contents($tempPath)); imagecopyresampled($imageResized, $imageOriginal, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height); // Enregistrement de l'image redimensionnée imagepng($imageResized, $rootPath); // Nettoyage imagedestroy($imageOriginal); imagedestroy($imageResized); $bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $req = $bdd->prepare("UPDATE articles SET image = :image WHERE ID = :article AND auteur = :user_id"); $req->bindParam(":image", $webPath); $req->bindParam(":article", $_GET['article']); $req->bindParam(":user_id", $_SESSION['userid']); if($req->execute()) { $status = "Miniature mise à jour"; } else { $status = "Erreur SQL"; } } else { $status = "Le fichier doit être un PNG ou JPG"; } } $filename = isset($filename) ? $filename : ""; if(isset($fichier)) { if(isset($_GET['article']) && isset($_POST['deletefile']) && $_POST['deletefile'] == "Supprimer") { if(unlink($fichier)) { $bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $upload = $bdd->prepare("DELETE FROM articles WHERE ID = :filename AND auteur = :user_id"); $upload->bindParam(':filename', $filename); $upload->bindParam(':auteur', $_SESSION['userid']); if($upload->execute()) { header("Location: editpage.php"); echo "Fichier supprimé"; exit(); } else { die("Erreur SQL"); } } else { die("Erreur : Le fichier n'a pas pu être supprimé"); } } if(isset($_POST['page-content'])) { file_put_contents($fichier, nl2br($_POST['page-content'])); } if(isset($_POST['article-classification']) && isset($_POST['article-resume']) && isset($_GET['article'])) { $bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $req = $bdd->prepare("UPDATE articles SET classification = :classification, titre = :titre, resume = :resume WHERE ID = :article AND auteur = :user_id"); $req->bindParam(':classification', $_POST['article-classification']); $req->bindParam(':titre', htmlspecialchars($_POST['article-titre'])); $req->bindParam(':resume', nl2br($_POST['article-resume'])); $req->bindParam(':article', $_GET['article']); $req->bindParam(':user_id', $_SESSION['userid']); if($req->execute()) { $status = "Informations mises à jour"; } else { $status = "Erreur SQL"; } } $contenu = file_get_contents($fichier); } ?> <?=$title?>
'; echo "
Retour
"; echo "
Voir l'article
"; if(isset($_GET['article'])) { $bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $req = $bdd->prepare("SELECT classification, titre, image, resume FROM articles WHERE ID = :article AND auteur = :user_id"); $req->bindParam(":article", $_GET['article']); $req->bindParam(":user_id", $_SESSION['userid']); $req->execute(); $resultat = $req->fetchAll(PDO::FETCH_ASSOC); if($resultat) { echo '
'; $filetitle = $resultat[0]['titre']; echo '
'; echo '
'; } } echo "

" . $filetitle . "

"; echo '
'; echo '
'; if($resultat) { echo '
'; echo ''; echo ''; echo '
'; } } else { if($_SESSION['role'] >= 3) { echo "

Pages

"; echo "
"; $pages = scandir($wwwroot . "/content/"); foreach($pages as $page) { if($page != "." && $page != "..") { if (is_file($wwwroot . "/content/" . $page)) { echo "
" . pathinfo($page, PATHINFO_FILENAME) . "
"; } } } echo "
"; } echo "

Articles

"; echo "
"; $bdd = connect($dbhost, $dbname, $dbuser, $dbpass); $condition = ""; if(isset($_GET['search'])) { $search = "%" . htmlspecialchars($_GET['search']) . "%"; $condition = "AND (titre LIKE '" . $search . "' OR ID LIKE '" . $search . "' OR auteur LIKE '" . $search . "') "; } $req = $bdd->prepare("SELECT ID, titre, date, image, resume FROM articles WHERE auteur = :user_id ORDER BY date DESC LIMIT 10"); $req->bindParam(":user_id", $_SESSION['userid']); $req->execute(); $resultat = $req->fetchAll(PDO::FETCH_ASSOC); if ($resultat) { foreach($resultat as $row) { $date = strtotime($row['date']); echo '
'; echo '
'; echo ''; echo '
'; echo '
'; echo '
n° ' . $row['ID'] . ' | ' . date('d/m/Y', $date) . '
'; echo ''; echo '
' . $row['titre'] . '
'; echo ''; echo '
' . $row['resume'] . '
'; echo '
'; echo '
'; } } echo "
"; } ?>
'; } ?>