e59-website/html/upload/index.php

<?php
require("../../include/variables.php");
require("../../include/init.php");
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");

$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);

if ($_SESSION['level'] < 1) {
    header("Location: login.php");
    http_response_code(404);
}

if(isset($_POST['article-content']) && isset($_POST['classification'])) {
    $sqlRequest = "SELECT ID FROM articles WHERE ID >= 1 ORDER BY ID DESC LIMIT 1";
    $request = $pdo->prepare($sqlRequest);
    $request->bindParam(":userAccreditation", $_SESSION['userAccreditation']);
    $request->execute();
    $result = $request->fetchAll(PDO::FETCH_ASSOC);

    $articleID = (int)$result[0]['ID'] + 1;

    file_put_contents($rootFilePath . "content/articles/" . $articleID . ".md", nl2br($_POST['article-content']));

    $sqlRequest = "INSERT INTO articles (ID, title, author, resume, classification) VALUES (:articleID, :title, :author, :resume, :classification)";
    $request = $pdo->prepare($sqlRequest);
    $request->bindParam(":articleID", $articleID);
    $request->bindParam(":title", htmlspecialchars($_POST['article-title']));
    $request->bindParam(":author", $_SESSION['userID']);
    $request->bindParam(":resume", htmlspecialchars($_POST['article-resume']));
    $request->bindParam(":classification", $_POST['classification'], PDO::PARAM_INT);
    if($request->execute()) {
        header("Location: /editor?article=" . $articleID);
    } else {
        $status = "Erreur SQL";
    }
}

?>

<!DOCTYPE html>
<html lang="fr">

    <head>
        <?php fillHead($rootPageURL, $pageTitle, $darkTheme, $lightTheme);?>
        <style>
            .text-input label {
                width: 0;
            }
            textarea {
                min-width: 80%;
            }
            .article-content-input {
                min-height: 40em;
            }
        </style>
    </head>

    <body class="body">

        <header>
            <div class="panel-content">
                <?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle);?>
            </div>
        </header>

        <nav>
            <div class="panel-content">
                <?php fillNav($rootPageURL);?>
            </div>
        </nav>

        <main>
            <div class="content">
                <form action="#" method="post">
                    <div>
                        <div><h1>Rédiger un article</h1></div>
                        <div  class="status"><?=$status?></div>
                        <?php textInput("text", "", "article-title", "Titre de l'article", "")?>
                        <div><textarea name="article-resume" placeholder="Résumé de l'article (200 cacactères) ..." class="article-resume-input" maxlength="200"></textarea></div>
                        <div><textarea name="article-content" placeholder="Contenu de l'article (MarkDown) ..." class="article-content-input"></textarea></div>
                        <?php 
                            selectInput("classification", "Classification", $confidentialLevels, 0);
                        ?>
                        <div><button type="submit">Publier</button></div>
                    </div>
                </form>
            </div>
        </main>
        <footer>
            <div class="panel-content">
                <?php fillFooter($footerText);?>
            </div>
        </footer>
    </body>
</html>