50 lines
1.5 KiB
PHP
50 lines
1.5 KiB
PHP
|
<?php
|
||
|
require_once 'lib/common.php';
|
||
|
session_start();
|
||
|
|
||
|
$db = initDatabase();
|
||
|
|
||
|
if (empty($_REQUEST['id_article'])) {
|
||
|
header('Location: article_list.php');
|
||
|
exit();
|
||
|
}
|
||
|
if (!empty($_GET['title']) && !empty($_GET['content'])) {
|
||
|
$title = $_GET['title'];
|
||
|
$content = htmlspecialchars($_GET['content']);
|
||
|
if (empty($_GET['id_comment'])) { // nouveau ou modif ?
|
||
|
$sql = "INSERT INTO comment (id_article, title, content, id_user) "
|
||
|
."VALUES (".$_GET['id_article'].", '$title', '$content', ".$_SESSION['user']['id'].")";
|
||
|
} else {
|
||
|
$sql = "UPDATE comment SET title='$title', content='$content', id_user=". $_SESSION['user']['id']
|
||
|
." WHERE id = " . $_GET['id_comment'];
|
||
|
}
|
||
|
if (mysqli_query($db,$sql)) {
|
||
|
header('Location: article_view.php?id=' . $_GET['id_article']);
|
||
|
exit();
|
||
|
} else {
|
||
|
die("Erreur : $sql");
|
||
|
}
|
||
|
}
|
||
|
?>
|
||
|
<?php
|
||
|
include './templates/header.php';
|
||
|
?>
|
||
|
<body container>
|
||
|
|
||
|
<h1>Ajouter/modifier un commentaire</h1>
|
||
|
<form action="" method="get">
|
||
|
<fieldset>
|
||
|
<?php if (!empty($_REQUEST['id_comment'])) {
|
||
|
echo '<input name="id_comment" type="hidden" value="' . $_REQUEST['id_comment'] ."\" />\n";
|
||
|
} ?>
|
||
|
<input name="id_article" type="hidden" value="<?php echo $_REQUEST['id_article']; ?>" />
|
||
|
<div><label> Titre <input name="title" type="text" value="" size="60" /></label></div>
|
||
|
<div> <label> Texte <textarea name="content" cols="60" rows="6"></textarea></label></div>
|
||
|
<button type="submit" name="ok" value="1">Ajouter ce commentaire</button>
|
||
|
</fieldset>
|
||
|
</form>
|
||
|
<?php
|
||
|
include './templates/footer.php';
|
||
|
?>
|
||
|
</body>
|
||
|
</html>
|