query($query); $User = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $User[] = $row; } } return $User[0]; } function getAllPublications(){ global $DB; $query = "SELECT * from publication where is_deleted = 0 ORDER BY id_publication DESC LIMIT {$_GET['next']}, 6"; $result = $DB->query($query); $List = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $List[] = $row; } } return $List; } function getPublication($id){ global $DB; $stmt = $DB->prepare('SELECT * from publication where is_deleted = 0 and id_publication = ? '); $stmt->bind_param("i", $id); $stmt->execute(); $result = $stmt->get_result(); $List = array(); while ($row = $result->fetch_assoc()) { $List[] = $row; } if(count($List) > 0) return $List[0]; return null; } function getTopEmoj($id_publication){ global $DB; $stmt = $DB->prepare("SELECT *,count(*) FROM `publication_reactions` WHERE `id_publication`= ? and type = 'jaime' GROUP by `reaction` ORDER BY `count(*)` DESC LIMIT 3"); $stmt->bind_param("i", $id_publication); $stmt->execute(); $result = $stmt->get_result(); $List = array(); while ($row = $result->fetch_assoc()) { $List[] = $row; } return $List; } function getPublicationsFiles($id){ global $DB; $stmt = $DB->prepare('SELECT * from publication_file where id_publication = ? and is_deleted = 0 '); $stmt->bind_param("i", $id); $stmt->execute(); $result = $stmt->get_result(); $List = array(); while ($row = $result->fetch_assoc()) { $List[] = $row; } if(count($List) > 0) return $List; return null; } function getTotalPublications(){ global $DB; $query = "SELECT count(*) as total from publication "; $result = $DB->query($query); $List = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $List[] = $row; } } return $List[0]['total']; } //get total of jaime or comment function getTotal($id ,$type){ global $DB; $query = "SELECT count(*) as total from publication_reactions where id_publication = {$id} and type ='".$type."'"; $result = $DB->query($query); $List = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $List[] = $row; } } return $List[0]['total']; } //get all Commentaires by id publication function getCommentaires($id){ global $DB; $query = "SELECT * from publication_reactions where id_publication = {$id} and type ='comment' ORDER BY publication_reactions.id ASC"; $result = $DB->query($query); $List = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $List[] = $row; } } return $List; } function isJaime($id_publication ,$id_user){ global $DB; $query = "SELECT * from publication_reactions where id_publication = {$id_publication} and id_user = {$id_user} and type='jaime' "; $result = $DB->query($query); $List = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $List[] = $row; } return $List[0]['reaction']; } return false; } function getUserID($idCommentaire){ global $DB; $query = "SELECT id_user from publication_reactions where id='".(int) $idCommentaire."'"; $result = $DB->query($query); $List = array(); if ($result->num_rows > 0) { while($row = $result->fetch_assoc()) { $List[] = $row; } } return $List[0]['id_user'] ; } function getUserIdByPublication($idPublication){ global $DB; $stmt = $DB->prepare('SELECT id_user from publication where id_publication = ? '); $stmt->bind_param("i", $idPublication); $stmt->execute(); $result = $stmt->get_result(); $List = array(); while ($row = $result->fetch_assoc()) { $List[] = $row; } return $List[0]['id_user'] ; } function cleanHtmlXss($text){ $text = Toolbox::unclean_html_cross_side_scripting_deep($text); $text = html_entity_decode($text, ENT_NOQUOTES, 'UTF-8'); //$text = addslashes($text); $text = Toolbox::clean_cross_side_scripting_deep($text); return $text; } function updatePublication(array $request , array $requestFiles){ global $DB; $userId = getUserIdByPublication($request['id_publication']); if($userId == $_SESSION["glpiID"] ){ $a = !empty($request["titre"]) ? 1 : 0; $b = !empty($requestFiles['files']['name'][0]) ? 1 : 0; $c = count(getPublicationsFiles($request['id_publication'])) > 0 ? 1 : 0; if ( ($a+ $b +$c) > 0) { $stmt = $DB->prepare("UPDATE publication SET titre = ? where id_publication = ? "); $stmt->bind_param("si", cleanHtmlXss($request["titre"]) , $request['id_publication']); $stmt->execute(); $idsFileToDelete = $request['id_file_delete']; if(count($idsFileToDelete) > 0){ foreach ($idsFileToDelete as $value) {echo $value; $stmt = $DB->prepare("UPDATE publication_file SET is_deleted = 1 where id_file = ? "); $stmt->bind_param("i", $value); $stmt->execute(); } } uploadFiles($requestFiles , $request['id_publication']); } } } function CanAddPublication(){ if( $_SESSION['glpiactiveprofile']['name'] == "Super-Admin" || $_SESSION['glpiactiveprofile']['name'] == "Directeur RH" || $_SESSION['glpiactiveprofile']['name'] == "Charge de Communication" ) return true; return false; } function addPublication(array $request , array $requestFiles){ global $DB; if( CanAddPublication() == true){ $a = !empty($request["titre"]) ? 1 : 0; $b = !empty($requestFiles['files']['name'][0]) ? 1 : 0; if ( ($a+ $b ) > 0) { $stmt = $DB->prepare("INSERT INTO publication( id_user , titre ,date) VALUES ( ? , ? , NOW())"); $stmt->bind_param("is",$_SESSION["glpiID"],cleanHtmlXss($request["titre"])); $stmt->execute(); $lastId = $DB->insert_id(); uploadFiles($requestFiles , $lastId); } } } function deletePublication(array $request){ global $DB; $userId = getUserIdByPublication($request['id_publication']); if($userId == $_SESSION["glpiID"] ){ $stmt = $DB->prepare("UPDATE publication SET is_deleted = 1 where id_publication = ? "); $stmt->bind_param("i", $request['id_publication']); $stmt->execute(); $stmt = $DB->prepare("UPDATE publication_file SET is_deleted = 1 where id_publication = ? "); $stmt->bind_param("i", $request['id_publication']); $stmt->execute(); } } function uploadFiles(array $requestFiles , $id_publication){ global $DB; $countfiles = count($requestFiles['files']['name']); for($index = 0; $index < $countfiles;$index++){ if(isset($requestFiles['files']['name'][$index]) && $requestFiles['files']['name'][$index] != ''){ // File name $filename = $requestFiles['files']['name'][$index]; // Get extension $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION)); // Valid image extension $valid_ext = array("png","jpeg","jpg"); // Check extension if(in_array($ext, $valid_ext)){ // File path $datetime = date("Ymdhis"); $extensionToMinuscule = strtolower($ext); $path =$datetime.$index.".".$extensionToMinuscule; if(move_uploaded_file($requestFiles['files']['tmp_name'][$index],"../file_upload/".$path)){ $stmt = $DB->prepare("INSERT INTO publication_file( id_publication , type , lien ,filename ) VALUES ( ? , 'image' , ? ,? )"); $stmt->bind_param("iss",$id_publication, $path ,$filename); $stmt->execute(); } } } } } function addCommentaire(array $request){ global $DB; $stmt = $DB->prepare("INSERT INTO publication_reactions( id_publication , id_user , type , commentaire ) VALUES ( ? , ? , 'comment' , ?)"); $stmt->bind_param("iis",$request["id_publication"],$_SESSION["glpiID"] , cleanHtmlXss($request["commentaire"])); $stmt->execute(); header('Content-type: application/json;charset=utf-8'); $tab = json_encode(array('id' => $DB->insert_id() , 'commentaire' => cleanHtmlXss($request["commentaire"]) )); echo json_encode($tab); } function updateCommentaire(array $request){ global $DB; $userId = getUserID($request['idCommentaire']); if($userId == $_SESSION["glpiID"] ){ $stmt = $DB->prepare("UPDATE publication_reactions SET commentaire = ? where id = ? "); $stmt->bind_param("si", cleanHtmlXss($request["commentaire"]) , $request['idCommentaire']); $stmt->execute(); } } function deleteCommentaire(array $request){ global $DB; $userId = getUserID($request['idCommentaire']); if($userId == $_SESSION["glpiID"] ){ $stmt = $DB->prepare("DELETE FROM `publication_reactions` where id= ? "); $stmt->bind_param("i" , $request['idCommentaire']); $stmt->execute(); } }