Skip to content

Kyle's branch #1

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
ktickner wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Kyle's branch #1

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
7c5b38c
test
Nov 19, 2014
35893be
crud changes
Nov 21, 2014
2160094
lotsa php scripts
Dec 2, 2014
c3608aa
funsies
Dec 4, 2014
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
121 changes: 121 additions & 0 deletions comment.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,121 @@
<?php

//PLAN AND PSUEDOCODE COMMENTS SECTIONS

//ONLY AVAILABLE ON ARTICLES, NOT ARCHIVES... NEED TO REDO DB AGAIN OTHERWISE
//INCLUDE COMMENTS SECTION INTO ARTICLE PAGES?!?
//CAN DO IT ALL HERE PHP then HTML AND HAVE IT ALL DONE IN ONE PAGE

require 'database.php';

//setting previous page var for redirection after process
if(isset($_COOKIE['prevPage']))
{
$prevPage = $_COOKIE['prevPage'];
}
else
{
$prevPage = 'index.php';
}

# Write comment #
if($_POST['submitComment'])
{
$valid = true;
$commentError = "";

$comment = "";
$userId = "";
$articleId = "";
$dateCreated = "";

//Ensures a user is logged in
if(isset($_SESSION['user']))
{
//Ensures script is run on a singular article
if($_GET['type'] == 'article' && isset($_GET['article']))
{
//Validation and Sanitization of user inputs
if($_POST['comment'])
{
$comment = filter_input(INPUT_POST, 'comment', FILTER_SANITIZE_STRING);
if(strlen($comment) > 2500)
{
$valid = false;
$commentError = 'Your comment is too long, please shorten it and resubmit';
}
}
else
{
$valid = false;
$commentError = 'Your comment was empty, please try again.';
}
}
else
{
header("Location: index.php");
}
}
else
{
$valid = false;
$commentError = 'Please log in to comment.';
}

//Writes to DB only if valid
if($valid == true)
{
//setting non-user input vars
$userId = $_SESSION['user'];
$userId = filter_var($userId, FILTER_SANITIZE_INT);

$articleId = $_GET['article'];
$articleId = filter_var($articleId, FILTER_SANITIZE_INT);

$dateCreated = date("Y/m/d");


$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);

//Write to database table comment
$sql = "INSERT INTO comment (user_id,article_id,date_created,comment) values(?, ?, ?, ?)";
$q = $pdo->prepare($sql);
$q->execute(array($userId,$articleId,$dateCreated,$comment));

Database::disconnect();

header("Location: " . $prevPage);
}
}

# Read comments #
else
{
if(isset($_GET['article']))
{
//Retrieving and sanitizing article id from url
$article = $_GET['article'];
$article = filter_var($article, FILTER_SANITIZE_INT);


//needs to join to user table, need to figure that one out
$pdo = Database::connect();
$pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "SELECT comment.comment, comment.date_created, user.first_name, user.last_name
FROM comment, user
WHERE comment.user_id=user.id
AND comment.article_id=$article
ORDER BY comment.date_created DESC";
echo($sql);
}
else
{
header: ("index.php");
}
}
//Open DB
//run article id into comment table order by date_written DESC??
//write to an array for looping into HTML

?>
Loading