From 8611d3fa1e4ec5b986dee04c88e78588eda597a9 Mon Sep 17 00:00:00 2001 From: Pierre Date: Wed, 31 Jan 2018 06:47:25 +0100 Subject: [PATCH] Can create comments. --- RestControllers/commentsController.php | 50 ++++++++++++++++++++++++-- classes/components/comments.php | 28 +++++++++++++++ 2 files changed, 76 insertions(+), 2 deletions(-) diff --git a/RestControllers/commentsController.php b/RestControllers/commentsController.php index 42ea0eb..8926512 100644 --- a/RestControllers/commentsController.php +++ b/RestControllers/commentsController.php @@ -7,6 +7,51 @@ class commentsController { + /** + * Create a comment + * + * @url POST /comments/create + */ + public function create(){ + + user_login_required(); + + //Get the ID of the associated post + $postID = getPostPostIDWithAccess("postID"); + + //Check if an image was included in the request + if(check_post_file("image")){ + + //Get comment content + $content = $this->get_comment_content("content", false); + + //Save the image + $image_path = save_post_image("image", userID, "imgcommentaire", 700, 700); + } + + //Else check the content of the comment before getting it + else + $content = $this->get_comment_content("content", true); + + //Try to create the comment + $commentID = components()->comments->create( + $postID, + userID, + $content, + isset($image_path) ? $image_path : "" + ); + + //Check for errors + if($commentID < 1) + Rest_fatal_error(500, "An error occured while trying to create comment !"); + + //Success + return array( + "success" => "The comment was created!", + "commentID" => $commentID + ); + } + /** * Get informations about a single comment * @@ -96,9 +141,10 @@ class commentsController { * Get a comment content from $_POST field * * @param string $name The name of post field containing the commment content + * @param bool $need_check TRUE if the comment content has to be checked / FALSE else * @return string The comment content, if it passed security checks */ - private function get_comment_content(string $name) : string { + private function get_comment_content(string $name, bool $need_check = true) : string { //Get comment content if(!isset($_POST[$name])) @@ -106,7 +152,7 @@ class commentsController { $comment_content = (string) $_POST[$name]; //Perform security check - if(!check_string_before_insert($comment_content)) + if(!check_string_before_insert($comment_content) && $need_check) Rest_fatal_error(400, "Please check new comment content !"); //Make the comment secure before insertion diff --git a/classes/components/comments.php b/classes/components/comments.php index 45d936b..ceecf44 100644 --- a/classes/components/comments.php +++ b/classes/components/comments.php @@ -12,6 +12,34 @@ class Comments { */ const COMMENTS_TABLE = "commentaires"; + /** + * Create a comment + * + * @param int $postID The ID of the associated post + * @param int $userID The ID of the associated user + * @param string $content The content of the comment + * @param string $image The path of an associated image (if any) + * @return int The ID of the created comment or 0 in case of failure + */ + public function create(int $postID, int $userID, string $content, string $image = "") : int { + + //Generate data set + $data = array( + "ID_texte" => $postID, + "ID_personne" => $userID, + "date_envoi" => mysql_date(), + "commentaire" => $content, + "image_commentaire" => $image == "" ? "" : "file:".$image + ); + + //Insert it in the database + if(!CS::get()->db->addLine($this::COMMENTS_TABLE, $data)) + return 0; + + //Get the ID of the last inserted comment and return it + return CS::get()->db->getLastInsertedID(); + } + /** * Fetch the comments of a post *