MYSOPHAL/front/publications_fonctions.php

<?php


	function getUser($id){
			
		global $DB;	

		$query = "SELECT realname as nom , firstname as prenom from glpi_users where id = {$id} ";		
		$result = $DB->query($query);
		$User = array(); 
		  if ($result->num_rows > 0) {
				 
			   while($row = $result->fetch_assoc()) {
				  $User[] = $row;
				}
				
		   }
		return $User[0];
	} 

	function getAllPublications(){
			
		global $DB;	
		
			
		$query = "SELECT * from publication where is_deleted = 0 ORDER BY id_publication DESC LIMIT {$_GET['next']}, 6";		
		$result = $DB->query($query);
		$List = array(); 
		  if ($result->num_rows > 0) {
				 
			   while($row = $result->fetch_assoc()) {
				  $List[] = $row;
				}
				
		   }
		return $List;
	} 
	
	function getPublication($id){
			
		global $DB;	
			
		$stmt = $DB->prepare('SELECT * from publication where is_deleted = 0 and id_publication = ? '); 
		$stmt->bind_param("i", $id);
		$stmt->execute();
		$result = $stmt->get_result();
		$List = array();
		while ($row = $result->fetch_assoc()) {
			 $List[] = $row;
		}	
		
        if(count($List) > 0) return $List[0];
		
		return null;
		
	} 
	
	function getTopEmoj($id_publication){
			
		global $DB;	
			
		$stmt = $DB->prepare("SELECT *,count(*) FROM `publication_reactions` WHERE `id_publication`= ? and type = 'jaime' GROUP by `reaction`  
                              ORDER BY `count(*)`  DESC LIMIT 3"); 
		$stmt->bind_param("i", $id_publication);
		$stmt->execute();
		$result = $stmt->get_result();
		$List = array();
		while ($row = $result->fetch_assoc()) {
			 $List[] = $row;
		}		
		
		return $List;
	} 
	
	function getPublicationsFiles($id){
			
		global $DB;	
			
		$stmt = $DB->prepare('SELECT * from publication_file where id_publication = ? and is_deleted = 0 '); 
		$stmt->bind_param("i", $id);
		$stmt->execute();
		$result = $stmt->get_result();
		$List = array();
		while ($row = $result->fetch_assoc()) {
			 $List[] = $row;
		}	

        if(count($List) > 0) return $List;		
		
		return null;
	} 
	
	function getTotalPublications(){
			
		global $DB;	
		
			
		$query = "SELECT count(*) as total from publication ";		
		$result = $DB->query($query);
		$List = array(); 
		  if ($result->num_rows > 0) {
				 
			   while($row = $result->fetch_assoc()) {
				  $List[] = $row;
				}
				
		   }
		return $List[0]['total'];
	}

	
    //get total of jaime or comment
	function getTotal($id ,$type){
			
		global $DB;	
		
			
		$query = "SELECT count(*) as total from publication_reactions where id_publication = {$id} and type ='".$type."'";		
		$result = $DB->query($query);
		$List = array(); 
		  if ($result->num_rows > 0) {
				 
			   while($row = $result->fetch_assoc()) {
				  $List[] = $row;
				}
				
		   }
		return $List[0]['total'];
	} 
    
	//get all Commentaires by id publication
	function getCommentaires($id){
			
		global $DB;	
		
			
		$query = "SELECT * from publication_reactions where id_publication = {$id} and type ='comment'  ORDER BY publication_reactions.id ASC";		
		$result = $DB->query($query);
		$List = array(); 
		  if ($result->num_rows > 0) {
				 
			   while($row = $result->fetch_assoc()) {
				  $List[] = $row;
				}
				
		   }
		return $List;
	} 
	
	function isJaime($id_publication ,$id_user){
			
		global $DB;	
		
			
		$query = "SELECT * from publication_reactions where id_publication = {$id_publication} and id_user = {$id_user}  and type='jaime' ";		
		$result = $DB->query($query);
		$List = array();
		  if ($result->num_rows > 0) {
				while($row = $result->fetch_assoc()) {
				  $List[] = $row;
				}
				return $List[0]['reaction'];
		   }
		return false;
	} 


   function getUserID($idCommentaire){
		global $DB;
		$query = "SELECT id_user from publication_reactions where id='".(int) $idCommentaire."'";		
							$result = $DB->query($query);
							$List = array(); 
							  if ($result->num_rows > 0) {
									 
								   while($row = $result->fetch_assoc()) {
									  $List[] = $row;
									}
									
							   }
						   
			return $List[0]['id_user'] ;
	}	
	
	function getUserIdByPublication($idPublication){
		global $DB;
		
		$stmt = $DB->prepare('SELECT id_user from publication where id_publication = ? '); 
		$stmt->bind_param("i", $idPublication);
		$stmt->execute();
		$result = $stmt->get_result();
		$List = array();
		while ($row = $result->fetch_assoc()) {
			 $List[] = $row;
		}		
		
		return $List[0]['id_user'] ;
	}
	
	 function cleanHtmlXss($text){
			 $text  = Toolbox::unclean_html_cross_side_scripting_deep($text);
			 $text  = html_entity_decode($text, ENT_NOQUOTES, 'UTF-8');
			 //$text  = addslashes($text);
			 $text  = Toolbox::clean_cross_side_scripting_deep($text);
			 return $text;
	 }	 
	 
	 function updatePublication(array $request , array $requestFiles){ 
		 global $DB;
		 	$userId = getUserIdByPublication($request['id_publication']);
			if($userId == $_SESSION["glpiID"] ){	 
				$a = !empty($request["titre"]) ? 1 : 0;	
				$b = !empty($requestFiles['files']['name'][0]) ? 1 : 0;
				$c = count(getPublicationsFiles($request['id_publication'])) > 0 ? 1 : 0;
									
				if ( ($a+ $b +$c) > 0) {				
					 $stmt = $DB->prepare("UPDATE publication SET titre = ?  where id_publication = ? ");
					 $stmt->bind_param("si", cleanHtmlXss($request["titre"]) , $request['id_publication']);
					 $stmt->execute();
					 
					 $idsFileToDelete = $request['id_file_delete'];
					 if(count($idsFileToDelete) > 0){ 
						 foreach ($idsFileToDelete as $value) {echo $value;
							 $stmt = $DB->prepare("UPDATE publication_file SET is_deleted = 1  where id_file = ? ");
							 $stmt->bind_param("i", $value);
							 $stmt->execute();
						 }
					 }
					 
					uploadFiles($requestFiles , $request['id_publication']);
					 
									
				}	
		    }			
								 
	 }
	 
	 
	 function CanAddPublication(){ 
		
		if( $_SESSION['glpiactiveprofile']['name'] == "Super-Admin"  || 
		    $_SESSION['glpiactiveprofile']['name'] == "Directeur RH" ||
            $_SESSION['glpiactiveprofile']['name'] == "Charge de Communication" ) return true;
			
		return false;						 
	 }
	 
	 function addPublication(array $request , array $requestFiles){ 
		 global $DB;
		 
        if( CanAddPublication() == true){	
		
            $a = !empty($request["titre"]) ? 1 : 0;	
            $b = !empty($requestFiles['files']['name'][0]) ? 1 : 0;
			
								
		    if ( ($a+ $b ) > 0) {				
				$stmt = $DB->prepare("INSERT INTO publication( id_user , titre ,date) VALUES ( ? , ? , NOW())");
				$stmt->bind_param("is",$_SESSION["glpiID"],cleanHtmlXss($request["titre"]));
				$stmt->execute();
				$lastId = $DB->insert_id();
				 				 				 
				uploadFiles($requestFiles , $lastId);
                 
								
			}
		}			
								 
	 }
	 
	 function deletePublication(array $request){
		 global $DB;
		 $userId = getUserIdByPublication($request['id_publication']);
				if($userId == $_SESSION["glpiID"] ){
					$stmt = $DB->prepare("UPDATE publication SET is_deleted = 1  where id_publication = ? ");
					$stmt->bind_param("i", $request['id_publication']);
					$stmt->execute(); 

					$stmt = $DB->prepare("UPDATE publication_file SET is_deleted = 1  where id_publication = ? ");
					$stmt->bind_param("i", $request['id_publication']);
					$stmt->execute(); 
				}				
	 }
	 
	 function uploadFiles(array $requestFiles , $id_publication){ 
	 
		 global $DB;
		 
		        $countfiles = count($requestFiles['files']['name']);
												
				
				for($index = 0; $index < $countfiles;$index++){

				   if(isset($requestFiles['files']['name'][$index]) && $requestFiles['files']['name'][$index] != ''){
					  // File name
					  $filename = $requestFiles['files']['name'][$index];

					  // Get extension
					  $ext = strtolower(pathinfo($filename, PATHINFO_EXTENSION));

					  // Valid image extension
					  $valid_ext = array("png","jpeg","jpg");

					  // Check extension
					  if(in_array($ext, $valid_ext)){

						 // File path
						 $datetime = date("Ymdhis");
						 $extensionToMinuscule = strtolower($ext);
						 $path =$datetime.$index.".".$extensionToMinuscule;
						 
						 if(move_uploaded_file($requestFiles['files']['tmp_name'][$index],"../file_upload/".$path)){							
                            $stmt = $DB->prepare("INSERT INTO publication_file( id_publication , type , lien ,filename ) VALUES ( ? , 'image' , ? ,? )");
				            $stmt->bind_param("iss",$id_publication,  $path ,$filename);
				            $stmt->execute();							
						 }
					  }
				   }
				} 
				
				
		 
	 }
	 
	 function addCommentaire(array $request){
		global $DB;
		 
			$stmt = $DB->prepare("INSERT INTO publication_reactions( id_publication , id_user , type , commentaire ) VALUES ( ? , ? , 'comment' , ?)");
			$stmt->bind_param("iis",$request["id_publication"],$_SESSION["glpiID"]  , cleanHtmlXss($request["commentaire"]));
			$stmt->execute();													 		
			header('Content-type: application/json;charset=utf-8');						 		
			$tab = json_encode(array('id' => $DB->insert_id() , 'commentaire' => cleanHtmlXss($request["commentaire"]) ));
			echo json_encode($tab);		 
	 }
	 
	 function updateCommentaire(array $request){
		global $DB;
		 
			$userId = getUserID($request['idCommentaire']);
				if($userId == $_SESSION["glpiID"] ){
					$stmt = $DB->prepare("UPDATE publication_reactions SET commentaire = ?  where id = ? ");
					$stmt->bind_param("si", cleanHtmlXss($request["commentaire"]) , $request['idCommentaire']);
					$stmt->execute();
				 }	 
	 }
	 
	 function deleteCommentaire(array $request){
		global $DB;
		
		$userId = getUserID($request['idCommentaire']);
				  if($userId == $_SESSION["glpiID"] ){
					  $stmt = $DB->prepare("DELETE FROM `publication_reactions`  where id= ? ");
					  $stmt->bind_param("i" , $request['idCommentaire']);
					  $stmt->execute();				
				  }
	 }