SaeDEV2.2/php/créer_commentaire.php

49 lines
1.4 KiB
PHP
Raw Normal View History

<?php
2024-06-16 15:02:27 +02:00
require_once 'common.php';
session_start();
$db = initDatabase();
if (empty($_REQUEST['id_article'])) {
2024-06-16 15:02:27 +02:00
header('Location: evenement.php');
exit();
}
2024-06-16 15:02:27 +02:00
if (!empty($_GET['tit']) && !empty($_GET['content'])) {
$title = $_GET['title'];
$content = htmlspecialchars($_GET['content']);
if (empty($_GET['id_comment'])) { // nouveau ou modif ?
$sql = "INSERT INTO comment (id_article, title, content, id_user) "
."VALUES (".$_GET['id_article'].", '$title', '$content', ".$_SESSION['user']['id'].")";
} else {
$sql = "UPDATE comment SET title='$title', content='$content', id_user=". $_SESSION['user']['id']
." WHERE id = " . $_GET['id_comment'];
}
if (mysqli_query($db,$sql)) {
header('Location: article_view.php?id=' . $_GET['id_article']);
exit();
} else {
die("Erreur : $sql");
}
}
?>
<?php
include './templates/header.php';
?>
<body container>
<h1>Ajouter/modifier un commentaire</h1>
<form action="" method="get">
<fieldset>
<?php if (!empty($_REQUEST['id_comment'])) {
echo '<input name="id_comment" type="hidden" value="' . $_REQUEST['id_comment'] ."\" />\n";
} ?>
<input name="id_article" type="hidden" value="<?php echo $_REQUEST['id_article']; ?>" />
<div> <label> Texte <textarea name="content" cols="60" rows="6"></textarea></label></div>
<button type="submit" name="ok" value="1">Ajouter ce commentaire</button>
</fieldset>
</form>
<?php
include './templates/footer.php';
?>
</body>
</html>