<?php
require_once 'lib/common.php';
session_start();

$db = initDatabase();

if (empty($_REQUEST['id_article'])) {
	header('Location: article_list.php');
	exit();
}
if (!empty($_GET['title']) && !empty($_GET['content'])) {
	$title = $_GET['title'];
	$content = $_GET['content'];
	if (empty($_GET['id_comment'])) { // nouveau ou modif ?
		$sql = "INSERT INTO comment (id_article, title, content, id_user) "
			."VALUES (".$_GET['id_article'].", '$title', '$content', ".$_SESSION['user']['id'].")";
	} else {
		$sql = "UPDATE comment SET title='$title', content='$content', id_user=". $_SESSION['user']['id']
			." WHERE id = " . $_GET['id_comment'];
	}
	if (mysqli_query($db,$sql)) {
		header('Location: article_view.php?id=' . $_GET['id_article']);
		exit();
	} else {
		die("Erreur  : $sql");
	}
}
?>
<?php
include './templates/header.php';
?>
<body container>

<h1>Ajouter/modifier un commentaire</h1>
<form action="" method="get">
<fieldset>
<?php if (!empty($_REQUEST['id_comment'])) {
echo '<input name="id_comment" type="hidden" value="' . $_REQUEST['id_comment'] ."\" />\n";
} ?>
		<input name="id_article" type="hidden" value="<?php echo $_REQUEST['id_article']; ?>" />
<div><label>        Titre  <input name="title" type="text" value="" size="60" /></label></div>
<div> <label>       Texte  <textarea name="content" cols="60" rows="6"></textarea></label></div>
		<button type="submit" name="ok" value="1">Ajouter ce commentaire</button>
</fieldset>
</form>
<?php
	include './templates/footer.php';
?>
</body>
</html>