BRN_Systems/adlerka.space
1
0
Fork 0
forked from Adleraci/adlerka.top
Code Pull Requests Activity

Fix articles

Browse Source
This commit is contained in:
Bruno Rybársky
2024-02-24 09:01:13 +01:00
parent cb0c400f81
commit d508231265
6 changed files with 31 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
lib/newsarticle.php
View File

@@ -1,5 +1,4 @@
<?php
function getNewsArticles() :array
{
global $mysqli;
@@ -7,8 +6,7 @@ function getNewsArticles() :array
$output = ["Status" => "Fail"]; // Default Status is "Fail"
$articles = [];
if (isLoggedIn()) {
$stmt = $mysqli->prepare("SELECT NewsArticles.ID, NewsArticles.WrittenAt, NewsArticles.WrittenBy, NewsArticles.Title, NewsArticles.Body, NewsArticles.FileList, Users.Nickname FROM NewsArticles INNER JOIN Users ON NewsArticles.WrittenBy = Users.ID;");
$stmt = $mysqli->prepare("SELECT NewsArticles.ID, NewsArticles.WrittenAt, NewsArticles.WrittenBy, NewsArticles.Title, NewsArticles.Body, NewsArticles.FileList, Users.Nickname FROM NewsArticles INNER JOIN Users ON NewsArticles.WrittenBy = Users.ID WHERE NewsArticles.PrivilegeLevel <= ?;");
$id = 0;
$writtenAt = "";
$writtenBy = 0;
@@ -17,6 +15,7 @@ function getNewsArticles() :array
$filelist = 0;
$writtenByName = "";
$stmt->bind_param("i", $_SESSION["privilege_level"]);
$stmt->bind_result($id, $writtenAt, $writtenBy, $title, $body, $filelist, $writtenByName);
$stmt->execute();
@@ -37,19 +36,23 @@ function getNewsArticles() :array
$output["Articles"] = $articles;
}
}
return $output;
}
function addNewsArticle($title="Nazov", $body="Obsah") :array
function addNewsArticle($title="Nazov", $body="Obsah", $privilegeLevel=0) :array
{
global $mysqli;
global $routerConfig;
if ($privilegeLevel == 0){
$privilegeLevel = $routerConfig['newsarticle']['default_permissions'];
}
$output = ["Status" => "Fail"]; // Default Status is "Fail"
if (isLoggedIn()) {
$query = $mysqli->prepare("INSERT INTO NewsArticles (WrittenBy, Title, Body, FileList) VALUES (?, ?, ?, 0);");
$query->bind_param("iss", $_SESSION["ID"], htmlspecialchars($title), htmlspecialchars($body));
if (isLoggedIn() && $privilegeLevel <= $_SESSION["privilege_level"]) {
$query = $mysqli->prepare("INSERT INTO NewsArticles (WrittenBy, Title, Body, FileList, PrivilegeLevel) VALUES (?, ?, ?, 0, ?);");
$query->bind_param("issi", $_SESSION["ID"], htmlspecialchars($title), htmlspecialchars($body), intval($privilegeLevel));
$query->execute();
if ($query->affected_rows > 0) {
$output["Status"] = "Success";