S2OJ/web/app/controllers/subdomain/blog/blog_write.php
Baoshuo c5bb4a1a67
All checks were successful
continuous-integration/drone/push Build is passing
feat: redirect to login instead of return 403
2022-10-06 20:28:43 +08:00

77 lines
2.4 KiB
PHP

<?php
requirePHPLib('form');
if (!Auth::check()) {
redirectToLogin();
}
if (!UOJContext::hasBlogPermission()) {
become403Page();
}
if (isset($_GET['id'])) {
if (!validateUInt($_GET['id']) || !($blog = queryBlog($_GET['id'])) || !UOJContext::isHisBlog($blog)) {
become404Page();
}
}
$blog_editor = new UOJBlogEditor();
$blog_editor->name = 'blog';
if ($blog) {
$blog_editor->cur_data = array(
'title' => $blog['title'],
'content_md' => $blog['content_md'],
'content' => $blog['content'],
'tags' => queryBlogTags($blog['id']),
'is_hidden' => $blog['is_hidden']
);
} else {
$blog_editor->cur_data = array(
'title' => $_GET['title'] ?: '新博客',
'content_md' => '',
'content' => '',
'tags' => array(),
'is_hidden' => isset($_GET['is_hidden']) ? $_GET['is_hidden'] : true,
);
}
if ($blog) {
$blog_editor->blog_url = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}");
} else {
$blog_editor->blog_url = null;
}
function updateBlog($id, $data) {
DB::update("update blogs set title = '".DB::escape($data['title'])."', content = '".DB::escape($data['content'])."', content_md = '".DB::escape($data['content_md'])."', is_hidden = {$data['is_hidden']} where id = {$id}");
}
function insertBlog($data) {
DB::insert("insert into blogs (title, content, content_md, poster, is_hidden, post_time) values ('".DB::escape($data['title'])."', '".DB::escape($data['content'])."', '".DB::escape($data['content_md'])."', '".Auth::id()."', {$data['is_hidden']}, now())");
}
$blog_editor->save = function($data) {
global $blog;
$ret = array();
if ($blog) {
updateBlog($blog['id'], $data);
} else {
insertBlog($data);
$blog = array('id' => DB::insert_id(), 'tags' => array());
$ret['blog_write_url'] = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}/write");
$ret['blog_url'] = HTML::blog_url(UOJContext::user()['username'], "/post/{$blog['id']}");
}
if ($data['tags'] !== $blog['tags']) {
DB::delete("delete from blogs_tags where blog_id = {$blog['id']}");
foreach ($data['tags'] as $tag) {
DB::insert("insert into blogs_tags (blog_id, tag) values ({$blog['id']}, '".DB::escape($tag)."')");
}
}
return $ret;
};
$blog_editor->runAtServer();
?>
<?php echoUOJPageHeader('写博客') ?>
<div class="text-right">
<a href="http://uoj.ac/blog/7">这玩意儿怎么用?</a>
</div>
<?php $blog_editor->printHTML() ?>
<?php echoUOJPageFooter() ?>