f28fa7b51b
phpstan level 0 error free - fixes for kyu subpage - move mams into participo framework - remove legacy `lib/db.php` usage - add attributer admin function - add newsposter - fixing apiKey creation
317 lines
8.9 KiB
PHP
317 lines
8.9 KiB
PHP
<?php
|
|
require_once "bootstrap.php";
|
|
|
|
require_once "participoLib/participo.php";
|
|
|
|
require_once "parsedown/Parsedown.php";
|
|
|
|
# @todo Legacy libs. Move into participo!
|
|
require_once "cwsvJudo/newsLib.php";
|
|
require_once "cwsvJudo/miscAssis.php";
|
|
|
|
participo::init($CONFIG["cwsvJudo"], $SECRETS["cwsvJudo"]);
|
|
|
|
// benötigt parsedown
|
|
function submitNewsToDb($aNews, $someOptions = [])
|
|
{
|
|
// Standardargumente setzen
|
|
$someOptions["tableName"] = firstNonEmptyOf([
|
|
$someOptions["tableName"] ?? null,
|
|
"nachrichten",
|
|
]);
|
|
$someOptions["newsCharset"] = firstNonEmptyOf([
|
|
$someOptions["newsCharset"] ?? null,
|
|
"UTF-8",
|
|
]);
|
|
$someOptions["dbCharset"] = firstNonEmptyOf([
|
|
$someOptions["dbCharset"] ?? null,
|
|
"ISO-8859-1",
|
|
]);
|
|
//@toDo: $aNews auf Validität testen
|
|
$dbConnection = dbConnector::getDbConnection();
|
|
|
|
try {
|
|
// prepare sql and bind parameters
|
|
$stmt = $dbConnection->prepare(
|
|
"INSERT INTO " .
|
|
$someOptions["tableName"] .
|
|
" (datum, betreff, nachricht, autor, promoImg) VALUES (:datum, :betreff, :nachricht, :autor, :promoImg)",
|
|
);
|
|
$stmt->bindParam(":datum", $aNews["datum"]);
|
|
$stmt->bindParam(
|
|
":betreff",
|
|
iconv(
|
|
$someOptions["newsCharset"],
|
|
$someOptions["dbCharset"],
|
|
$aNews["betreff"],
|
|
),
|
|
);
|
|
$stmt->bindParam(
|
|
":nachricht",
|
|
iconv(
|
|
$someOptions["newsCharset"],
|
|
$someOptions["dbCharset"],
|
|
Parsedown::instance()->text($aNews["text"]),
|
|
),
|
|
);
|
|
$stmt->bindParam(
|
|
":autor",
|
|
iconv(
|
|
$someOptions["newsCharset"],
|
|
$someOptions["dbCharset"],
|
|
$aNews["autor"],
|
|
),
|
|
);
|
|
$stmt->bindParam(":promoImg", json_encode($aNews["promoImg"]));
|
|
// insert a row
|
|
$stmt->execute();
|
|
echo "New records created successfully";
|
|
} catch (PDOException $e) {
|
|
echo "Error: " . $e->getMessage();
|
|
}
|
|
return;
|
|
}
|
|
|
|
$defaultPromoImg = [
|
|
"src" => "/ressourcen/graphiken/logos/cwsvJudoLogoWappen.256w.png",
|
|
"width" => "207",
|
|
"height" => "256",
|
|
"alt" => "cwsvJudo",
|
|
];
|
|
|
|
/// Auslesen des Newsarrays
|
|
$newsArticle = [];
|
|
if (empty($_POST["nachrichtenPromoImg"])) {
|
|
$newsArticle["promoImg"] = $defaultPromoImg;
|
|
} else {
|
|
$newsArticle["promoImg"]["src"] = $_POST["nachrichtenPromoImg"]["src"];
|
|
$newsArticle["promoImg"]["width"] = $_POST["nachrichtenPromoImg"]["width"];
|
|
$newsArticle["promoImg"]["height"] =
|
|
$_POST["nachrichtenPromoImg"]["heigth"] ?? null;
|
|
|
|
if (
|
|
!is_positive_integer($newsArticle["promoImg"]["width"]) ||
|
|
!is_positive_integer($newsArticle["promoImg"]["height"])
|
|
) {
|
|
$newsArticle["promoImg"]["path"] = urldecode(
|
|
parse_url($newsArticle["promoImg"]["src"])["path"],
|
|
);
|
|
if (file_exists($newsArticle["promoImg"]["path"])) {
|
|
[
|
|
$newsArticle["promoImg"]["width"],
|
|
$newsArticle["promoImg"]["height"],
|
|
] = array_slice(
|
|
getimagesize($newsArticle["promoImg"]["path"]),
|
|
0,
|
|
2,
|
|
);
|
|
} else {
|
|
// @todo: Wirklich nötig? Es könnte ja auch auf einem anderen Server liegen...
|
|
// $newsArticle['promoImg'] = null;
|
|
}
|
|
}
|
|
}
|
|
|
|
// @todo Validierung!
|
|
$newsArticle["datum"] = !empty($_POST["nachrichtenDatum"])
|
|
? $_POST["nachrichtenDatum"]
|
|
: date("Y-m-d");
|
|
$newsArticle["betreff"] = !empty($_POST["nachrichtenBetreff"])
|
|
? $_POST["nachrichtenBetreff"]
|
|
: "Kein Betreff!";
|
|
if (empty($newsArticle["promoImg"]["alt"])) {
|
|
$newsArticle["promoImg"]["alt"] =
|
|
$newsArticle["betreff"] . " (Promobildchen)";
|
|
}
|
|
$newsArticle["text"] = !empty($_POST["nachrichtenText"])
|
|
? $_POST["nachrichtenText"]
|
|
: "Kein Text!";
|
|
$newsArticle["autor"] = !empty($_POST["nachrichtenAutor"])
|
|
? $_POST["nachrichtenAutor"]
|
|
: "Kein Autor!";
|
|
|
|
if (!empty($_POST["action"])) {
|
|
if ($_POST["action"] == "submitToDb") {
|
|
submitNewsToDb($newsArticle);
|
|
$dbConnection = null;
|
|
}
|
|
}
|
|
?>
|
|
<!doctype html>
|
|
<html lang="de">
|
|
<head>
|
|
<meta charset="utf-8">
|
|
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
|
<title>Nachrichtenadministration</title>
|
|
<style>
|
|
body{
|
|
background-color: #FF8100;
|
|
}
|
|
|
|
.noDisplay{
|
|
display: none;
|
|
}
|
|
|
|
.fullWidth{
|
|
width: 100%;
|
|
}
|
|
.newsPromoImage{
|
|
float: left;
|
|
}
|
|
.newsFooter{
|
|
clear: both;
|
|
}
|
|
|
|
.newsSubmitForm{
|
|
width=100%;
|
|
}
|
|
|
|
.newsPreviewForm textarea{
|
|
width: 100%;
|
|
}
|
|
</style>
|
|
<link rel="stylesheet" href="http://cwsvjudo.bplaced.net/pages/desktop2018/cwsvJudo-2018-news.css">
|
|
</head>
|
|
<body>
|
|
<?php echo getHtmlNews([
|
|
"datum" => $newsArticle["datum"],
|
|
"betreff" => $newsArticle["betreff"],
|
|
"promoImg" => $newsArticle["promoImg"],
|
|
"nachricht" => Parsedown::instance()->text($newsArticle["text"]),
|
|
"autor" => $newsArticle["autor"],
|
|
]); ?>
|
|
<hr />
|
|
<form class="newsSubmitForm" action="newnews.php" method="post" id="nachricht">
|
|
<input
|
|
id="nachrichtenDatum"
|
|
name="nachrichtenDatum"
|
|
type="hidden"
|
|
value="<?php echo $newsArticle["datum"]; ?>"
|
|
/>
|
|
<textarea class="noDisplay"
|
|
id="nachrichtenBetreff"
|
|
name="nachrichtenBetreff"
|
|
><?php echo htmlentities($newsArticle["betreff"]); ?></textarea>
|
|
<input
|
|
id="nachrichtenPromoImg[src]"
|
|
name="nachrichtenPromoImg[src]"
|
|
type="hidden"
|
|
value="<?php echo $newsArticle["promoImg"]["src"]; ?>"
|
|
/>
|
|
<input
|
|
id="nachrichtenPromoImg[width]"
|
|
name="nachrichtenPromoImg[width]"
|
|
type="hidden"
|
|
value="<?php echo $newsArticle["promoImg"]["width"]; ?>"
|
|
/>
|
|
<input
|
|
id="nachrichtenPromoImg[height]"
|
|
name="nachrichtenPromoImg[height]"
|
|
type="hidden"
|
|
value="<?php echo $newsArticle["promoImg"]["height"]; ?>"
|
|
/>
|
|
<textarea class="noDisplay"
|
|
id="nachrichtenText"
|
|
name="nachrichtenText"
|
|
><?php echo htmlentities($newsArticle["text"]);
|
|
//textarea ersetzt selbständig htmlEnt, ohne dass man es verhindern kann
|
|
?></textarea>
|
|
<input
|
|
id="nachrichtenAutor"
|
|
name="nachrichtenAutor"
|
|
type="hidden"
|
|
value="<?php echo $newsArticle["autor"]; ?>"
|
|
/>
|
|
<input
|
|
id="action"
|
|
name="action"
|
|
type="hidden"
|
|
value="submitToDb"
|
|
/>
|
|
<div>
|
|
<button type="submit">In Datenbank eintragen</button>
|
|
</div>
|
|
</form>
|
|
|
|
<hr />
|
|
|
|
<form class="newsPreviewForm" action="newnews.php" method="post" id="nachricht">
|
|
<label for="nachricht">Nachricht</label>
|
|
|
|
<div>
|
|
<label for="nachrichtenDatum">Nachrichtendatum</label>
|
|
<input id="nachrichtenDatum" name="nachrichtenDatum" type="text" value="<?php echo $newsArticle[
|
|
"datum"
|
|
]; ?>" />
|
|
</div>
|
|
|
|
<div>
|
|
<label for="nachrichtenBetreff">Nachrichtenbetreff</label>
|
|
<!--Achtung: Textarea nimmt alle Zeilenumbrüche, Tabulatoren etc. mit! Also keine Quellcodeformatierung mit Einschüben. -->
|
|
<textarea id="nachrichtenBetreff" name="nachrichtenBetreff" rows="1" ><?php echo htmlentities(
|
|
$newsArticle["betreff"],
|
|
); ?></textarea>
|
|
</div>
|
|
|
|
<div>
|
|
<label for="nachrichtenPromoImg[src]">SrcUrl des Nachrichtenbildes</label>
|
|
<input id="nachrichtenPromoImg[src]" name="nachrichtenPromoImg[src]" type="text" value="<?php echo empty(
|
|
$newsArticle["promoImg"]["src"]
|
|
)
|
|
? ""
|
|
: $newsArticle["promoImg"]["src"]; ?>"/>
|
|
<label for="nachrichtenPromoImg[width]">width des Nachrichtenbildes</label>
|
|
<input id="nachrichtenPromoImg[width]" name="nachrichtenPromoImg[width]" type="text" value="<?php echo empty(
|
|
$newsArticle["promoImg"]["width"]
|
|
)
|
|
? ""
|
|
: $newsArticle["promoImg"]["width"]; ?>"/>
|
|
<label for="nachrichtenPromoImg[height]">height des Nachrichtenbildes</label>
|
|
<input id="nachrichtenPromoImg[height]" name="nachrichtenPromoImg[height]" type="text" value="<?php echo empty(
|
|
$newsArticle["promoImg"]["height"]
|
|
)
|
|
? ""
|
|
: $newsArticle["promoImg"]["height"]; ?>"/>
|
|
</div>
|
|
|
|
<div>
|
|
<label for="nachrichtenText">Nachrichtentext</label>
|
|
<textarea id="nachrichtenText" name="nachrichtenText" rows="12" ><?php echo htmlentities(
|
|
$newsArticle["text"],
|
|
);
|
|
//textarea ersetzt selbständig htmlEnt, ohne dass man es verhindern kann
|
|
?></textarea>
|
|
</div>
|
|
|
|
<div>
|
|
<label for="nachrichtenAutor">Nachrichtenautor</label>
|
|
<input id="nachrichtenAutor" name="nachrichtenAutor" type="text" value="<?php echo $newsArticle[
|
|
"autor"
|
|
]; ?>" />
|
|
</div>
|
|
|
|
<div>
|
|
<button type="reset">Eingaben zurücksetzen</button>
|
|
<button type="submit">Vorschau</button>
|
|
</div>
|
|
</form>
|
|
|
|
<?php
|
|
try {
|
|
$newsList = getNews(dbConnector::getDbConnection(), ["limit" => 6]);
|
|
} catch (PDOException $e) {
|
|
echo "Error: " . $e->getMessage();
|
|
}
|
|
$dbConnection = null;
|
|
if (!empty($newsList)) {
|
|
foreach ($newsList as $news) {
|
|
echo "<hr />" . getHtmlNews($news);
|
|
}
|
|
} else {
|
|
echo "Keine Nachrichten gefunden!";
|
|
}
|
|
?>
|
|
<div>
|
|
</body>
|
|
</html>
|