Add PHPDocs generated by ChatGPT,
add additional clarification to some functions, add addNewsComment function and API, currently untested and not implemented in the client, fix a bunch of stuff that PHPStorm pointed out
This commit is contained in:
@@ -1,4 +1,15 @@
|
||||
<?php
|
||||
require_once "lib/account.php";
|
||||
/**
|
||||
* Retrieves news articles based on the current user's privilege level.
|
||||
* The function queries the NewsArticles and Users tables to fetch articles
|
||||
* that the user has the privilege to view. Articles are joined with user
|
||||
* information to include the author's nickname.
|
||||
*
|
||||
* @global mysqli $mysqli The mysqli database connection object.
|
||||
* @return array Returns an associative array with a status key indicating the success or failure,
|
||||
* and an 'Articles' key containing an array of articles if successful.
|
||||
*/
|
||||
function getNewsArticles() :array
|
||||
{
|
||||
global $mysqli;
|
||||
@@ -39,7 +50,18 @@ function getNewsArticles() :array
|
||||
return $output;
|
||||
}
|
||||
|
||||
function addNewsArticle($title="Nazov", $body="Obsah", $privilegeLevel=0) :array
|
||||
/**
|
||||
* Adds a new news article to the database if the user is logged in and has the appropriate
|
||||
* privilege level. The function sanitizes the title and body of the article to prevent XSS attacks.
|
||||
*
|
||||
* @global mysqli $mysqli The mysqli database connection object.
|
||||
* @global array $routerConfig Configuration array that includes default permission settings.
|
||||
* @param string $title The title of the news article. Default value is "Nazov".
|
||||
* @param string $body The body of the news article. Default value is "Obsah".
|
||||
* @param int $privilegeLevel The privilege level required to view the article. If set to 0, uses default from configuration.
|
||||
* @return array Returns an associative array with a status key that indicates the success or failure of the operation.
|
||||
*/
|
||||
function addNewsArticle(string $title="Nazov", string $body="Obsah", int $privilegeLevel=0) :array
|
||||
{
|
||||
global $mysqli;
|
||||
global $routerConfig;
|
||||
@@ -61,4 +83,48 @@ function addNewsArticle($title="Nazov", $body="Obsah", $privilegeLevel=0) :array
|
||||
$query->close();
|
||||
}
|
||||
return $output;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* Adds a comment to a news article.
|
||||
*
|
||||
* @param int $userId User who is commenting.
|
||||
* @param int $newsArticleId ID of the news article.
|
||||
* @param string $commentText The content of the comment.
|
||||
* @param int|null $parentId ID of the parent comment if it's a reply.
|
||||
* @return array Status array indicating success or failure.
|
||||
* @global mysqli $mysqli The mysqli database connection object.
|
||||
*/
|
||||
function addNewsComment(int $userId, int $newsArticleId, string $commentText, ?int $parentId = null): array {
|
||||
global $mysqli;
|
||||
|
||||
$output = ["Status" => "Fail"]; // Default Status is "Fail"
|
||||
|
||||
if (!isLoggedIn()) {
|
||||
$output['Error'] = "User must be logged in.";
|
||||
return $output;
|
||||
}
|
||||
|
||||
// Prepare the SQL statement to prevent SQL injection
|
||||
$stmt = $mysqli->prepare("INSERT INTO NewsComments (ParentID, UserID, NewsArticleID, CommentText) VALUES (?, ?, ?, ?);");
|
||||
|
||||
// Bind parameters. 'i' denotes an integer and 's' denotes a string.
|
||||
$stmt->bind_param("iiis", $parentId, $userId, $newsArticleId, $commentText);
|
||||
|
||||
// Execute the query
|
||||
if ($stmt->execute()) {
|
||||
// Check if any rows were affected
|
||||
if ($stmt->affected_rows > 0) {
|
||||
$output["Status"] = "Success";
|
||||
} else {
|
||||
$output["Error"] = "No rows affected.";
|
||||
}
|
||||
} else {
|
||||
$output["Error"] = $stmt->error;
|
||||
}
|
||||
|
||||
// Close statement
|
||||
$stmt->close();
|
||||
|
||||
return $output;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user