jan/e59-website
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
e59-website/html/upload/index.php
cbo e7db3ee74c update 1.7
2024-07-29 22:15:21 +00:00

128 lines
4.8 KiB
PHP
Executable File
Raw Blame History

<?php
require("../../include/variables.php");
require("../../include/init.php");
if ($_SESSION['userRole'] < 10) {
header("Location: /login");
http_response_code(403);
die('Vous n\'avez pas la permission de publier des articles.');
}
require("../../include/main-functions.php");
require("../../include/inputs.php");
require("../../include/panels.php");
$pdo = sqlConnect($sqlDatabaseHost, $sqlDatabaseName, $sqlDatabaseUser, $sqlDatabasePass);
if(isset($_POST['article-content']) && isset($_POST['classification'])) {
$sqlRequest = "SELECT ID FROM articles WHERE ID >= 1 ORDER BY ID DESC LIMIT 1";
$request = $pdo->prepare($sqlRequest);
$request->execute();
$result = $request->fetchAll(PDO::FETCH_ASSOC);
$articleID = (int)$result[0]['ID'] + 1;
file_put_contents($rootFilePath . "content/articles/" . $articleID . ".md", nl2br($_POST['article-content']));
$sqlRequest = "INSERT INTO articles (ID, title, author, resume, classification) VALUES (:articleID, :title, :author, :resume, :classification)";
$request = $pdo->prepare($sqlRequest);
$request->bindParam(":articleID", $articleID);
$request->bindParam(":title", htmlspecialchars($_POST['article-title']));
$request->bindParam(":author", $_SESSION['userID']);
$request->bindParam(":resume", htmlspecialchars($_POST['article-resume']));
$request->bindParam(":classification", $_POST['classification'], PDO::PARAM_INT);
if($request->execute()) {
$webhook = "https://discord.com/api/webhooks/1267506225692545024/lbQ2utQVHiE_QxdhmmKzHc9XGnekqc_6G6CF478VER3hDjzDuNvTcGeKw1P-AZ8vLfai";
$message = "Nouvel Article : https://e59.fr/news?article=" . $articleID;
$data = [
'username' => "e59.fr",
'content' => $message,
];
$ch = curl_init($webhook);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json'
]);
$response = curl_exec($ch);
if ($response === false) {
throw new Exception('Erreur CURL : ' . curl_error($ch));
}
$httpStatusCode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
header("Location: /news?article=" . $articleID);
} else {
$status = "Erreur SQL";
}
}
?>
<!DOCTYPE html>
<html lang="fr">
<head>
<?php fillHead($rootPageURL, "Rédiger un article - " . $pageName, $darkTheme, $lightTheme);?>
<style>
.text-input label {
width: 0;
}
textarea {
min-width: 80%;
}
.article-content-input {
min-height: 40em;
}
</style>
</head>
<body class="body">
<header>
<div class="panel-content">
<?php fillHeader($rootPageURL, $headerTitle, $headerSubtitle, $social);?>
</div>
</header>
<nav>
<div class="panel-content">
<?php fillNav($rootPageURL);?>
</div>
</nav>
<main>
<div class="content">
<form action="#" method="post">
<div>
<div><h1>Rédiger un article</h1></div>
<div class="status"><?=$status?></div>
<?php textInput("text", "", "article-title", "Titre de l'article", "")?>
<div><textarea name="article-resume" placeholder="Résumé de l'article (200 cacactères) ..." class="article-resume-input" maxlength="200"></textarea></div>
<div><textarea name="article-content" placeholder="Contenu de l'article (MarkDown) ..." class="article-content-input"></textarea></div>
<?php
$sqlRequest = "SELECT ID, name FROM confidential_levels";
$request = $pdo->prepare($sqlRequest);
$request->execute();
$confidentialLevels = array();
foreach($request->fetchAll(PDO::FETCH_ASSOC) as $confidentialLevel) {
$confidentialLevels[$confidentialLevel['ID']] = $confidentialLevel['name'];
}
selectInput("classification", "Classification", $confidentialLevels, 0);
?>
<div><button type="submit">Publier</button></div>
</div>
</form>
</div>
</main>
<footer>
<div class="panel-content">
<?php fillFooter($footerText);?>
</div>
</footer>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink