index.php
8.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
<?php
/**
* Created by PhpStorm.
* User: aleksandarhristov
* Date: 02.02.15
* Time: 09:53
*/
//include the smarty class and the global functions
require "libs/Smarty.class.php";
require "global_functions.php";
//initialize smarty
$smarty = new Smarty;
//connect to the database
$db = new SQLite3('wiki.db');
$url=$_SERVER['REQUEST_URI'];
//if there's no "?page#id" string in the URL then show the page with the lowest ID from the database (should be the first created one)
if (strpos($url, '?') === false)
{
$current_page=$db->querySingle("SELECT MIN (id) FROM pages");
}
//else if there's "?page#id" string in the URL get the page
else
{
$current_page = explode ('?', $url);
$current_page=$current_page[1];
}
if(isset($_POST['editor_btn_submit']))
{
//get what we want to edit (page or section)
$to_edit = $_POST['to_edit'];
//if we want to edit a page
if($to_edit == "page")
{
//get the old title of the page (currently in the database) we want to edit
$page_to_edit = urldecode($_POST['old_title']);
//if theres no title value display the failure template with the error message
if(empty($page_to_edit))
{
$smarty->assign("error", "Something went wrong. Please try to fill the form again.");
}
//else if there is a value for the old (current) title
else
{
//find the id of this page by using the title
$id = $db->querySingle("SELECT id FROM pages WHERE title = '$page_to_edit'");
//get the new title submitted by the user
$title = $_POST['new_title'];
$title = str_replace("+", " ", $title);
//get the new text submitted by the user
$text = $db->escapeString($_POST['new_text']);
$plain_text = strip_tags($text);
//update the page in the database with the new title and text
$query = $db->exec("UPDATE pages SET title = '$title', text = '$text', plain_text='$plain_text' WHERE id = '$id'");
//if something went wrong show the failure template with the error message
if(!$query)
{
$smarty->assign("error", $db->lastErrorMsg());
}
}
}
//else if the user edited a section
else if($to_edit == "section")
{
//get the old (currently in the database) title of the section
$old_title = urldecode($_POST['old_title']);
//if it's empty display the failure template with the error message
if(empty($old_title))
{
$smarty->assign("error", "Something went wrong. Please try to fill the form again.");
$smarty->display("tpl/failure.tpl");
}
//else if it's not empty
else
{
//get the page_id and use it together with the old title to find the id of the section we want to edit
$section_to_edit = $old_title;
$page_id = $_POST['page_id'];
$id = $db->querySingle("SELECT id FROM sections WHERE page_id = '$page_id' AND title = '$section_to_edit'");
//get the new values for the text and title and update the row for this section in the database
$title = urldecode($_POST['new_title']);
$text = $db->escapeString($_POST['new_text']);
$plain_text = strip_tags($text);
$query = $db->exec("UPDATE sections SET title = '$title', text = '$text', plain_text='$plain_text' WHERE id = '$id'");
//if something went wrong show the failure template with the error message
if(!$query)
{
$smarty->assign("error", $db->lastErrorMsg());
}
}
}
}
if(isset($_POST['create_btn_submit']))
{
//get the values for what to add (page or section) and the title of what we add from the user input
$to_add = $_POST['select_option'];
$title = $_POST['title'];
//if there was no title entered
if (empty($title))
{
//display the failure template with the error message
$smarty->assign("error", "The title field has to have a value!");
}
//else if the user entered a title
else
{
//if the user chose to create a new page
if($to_add == 'page')
{
$checkIfExists = return_page_id($title);
if($checkIfExists!=0)
{
$smarty->assign("error", "The page already exists!");
}
else
{
//insert the new page in the database
$query = $db->exec("INSERT INTO pages (title) VALUES ('$title')");
//if something went wrong, show the failure template with the error message
if(!$query)
{
$smarty->assign("error", $db->lastErrorMsg());
}
else
{
$new_page_id = return_page_id($title);
header("Location: index.php?".$new_page_id);
}
}
}
//else if the user chose to create a new section
else if($to_add == 'section')
{
//if the user didn't choose a page to add the section to (can only happen if there's no page in the database), show the failure template with the error message
if(empty($_POST['page_to_add_section_to']))
{
$smarty->assign("error", "There has to be a page in the wiki first!");
}
//else if there's a page in the database and therefore the user chose it
else
{
//get the value of this page to add the section to and perform a database query to find the id of this page, needed for the page_id field in the sections table
$page_to_add_section_to = $_POST['page_to_add_section_to'];
$page_id = return_page_id($page_to_add_section_to);
//insert the new section in the database
$query = $db->exec("INSERT INTO sections (page_id, title) VALUES ('$page_id', '$title')");
//if something went wrong show the failure template with the error message
if(!$query)
{
$smarty->assign("error", $db->lastErrorMsg());
}
}
}
}
}
if(isset($_POST['remove_btn_submit']))
{
//get the user choice of what they want to remove/delete
$to_remove = $_POST['select_option'];
//if the user wants to remove a page
if ($to_remove == "page")
{
//if the variable with the page value is empty print an error and show the failure template
if (empty($_POST['page_to_remove']))
{
$smarty->assign("error", "Something went wrong. Please try to fill the form again.");
}
//else if the variable with the page value isn't empty
else
{
//get the title of the page to remove and find its id
$page_to_remove = $_POST['page_to_remove'];
$id = $db->querySingle("SELECT id FROM pages WHERE title = '$page_to_remove'");
//delete the page
$query=$db->exec("DELETE FROM pages WHERE id = '$id'");
//delete all its sections
$query=$db->exec("DELETE FROM sections WHERE page_id='$id'");
//if something went wrong show the failure template with the error message
if(!$query)
{
$smarty->assign("error", $db->lastErrorMsg());
}
}
}
//else if the user wants to remove a section
else if ($to_remove == "section")
{
//if the variable with the section title value is empty print an error and display the failure tempalte
if (empty($_POST['section_to_remove']))
{
$smarty->assign("error", "Something went wrong. Please try to fill the form again.");
}
//else if it's not empty
else
{
//get the title of the section we want to remove in format page: section
//explode the string to get the section title without the page and the page title so that we can find the page_id as well
$section_to_remove = $_POST['section_to_remove'];
$section_to_remove = explode(": ", $section_to_remove);
$page_of_section_to_remove = $section_to_remove[0];
$section_to_remove = $section_to_remove[1];
$page_id = $db->querySingle("SELECT id FROM pages WHERE title = '$page_of_section_to_remove'");
//find the id of this section and delete it from the database
$id = $db->querySingle("SELECT id FROM sections WHERE title = '$section_to_remove'");
$query=$db->exec("DELETE FROM sections WHERE id = '$id' AND page_id='$page_id'");
//if something went wrong show the failure template with the error message
if(!$query)
{
$smarty->assign("error", $db->lastErrorMsg());
}
}
}
}
//assign smarty variables and display the index.tpl
//assign values to the array needed to display all the pages found in the database; needed when creating a section
$smarty->assign("db_page_title", get_pages());
$smarty->assign("current_page", $current_page);
//assign values to the array needed to display all the pages found in the database; needed when creating a section
$smarty->assign("page_section", get_sections());
$smarty->assign("page_id", main_page("page_id", $current_page));
$smarty->assign("page_title", main_page("page_title", $current_page));
$smarty->assign("page_text", main_page("page_text", $current_page));
$smarty->assign("section_id", main_page("section_id", $current_page));
$smarty->assign("section_title", main_page("section_title", $current_page));
$smarty->assign("section_text", main_page("section_text", $current_page));
$smarty->assign("pages", get_pages());
$smarty->assign("pages_id", get_pages_id());
$smarty->display("tpl/index.tpl");