[Permite] la publicación de comentarios a usuarios de sesión

2022-02-20 18:58:58 -06:00 · 2022-02-20 18:58:58 -06:00 · 9f8149ec8e
parent 977d912c15
commit 9f8149ec8e
3 changed files with 34 additions and 3 deletions
--- a/controllers/articlesController.php
+++ b/controllers/articlesController.php
@ -221,5 +221,23 @@ class articlesController {
    }

    csrf::validate($_POST['csrf']);
+
+    utils::check_session(NABU_ROUTES['login']);
+
+    $validations -> route = $view;
+
+    // Valida el formulario para publicar un comentario.
+    $data = $validations -> validate($_POST, array(
+      array('field' => 'body', 'trim_all' => true, 'min_length' => 1, 'max_length' => 255),
+    ));
+
+    $data['user_id']      = $_SESSION['user']['id'];
+    $data['article_id']   = $article['id'];
+    $data['comment_date'] = utils::current_date();
+
+    // Publica un comentario.
+    $articlesModel -> post_comment($data);
+
+    utils::redirect($view);
  }
 }
--- a/models/articlesModel.php
+++ b/models/articlesModel.php
@ -151,6 +151,19 @@ class articlesModel extends dbConnection {
    }
  }

+  // Publica un comentario.
+  public function post_comment(array $data) {
+    $query = 'INSERT INTO comments(user_id, article_id, body, comment_date) ' .
+             'VALUES(:user_id, :article_id, :body, :comment_date)';
+
+    try {
+      $this -> pdo -> prepare($query) -> execute($data);
+    }
+    catch (PDOException $e) {
+      $this -> errors($e -> getMessage(), 'tuvimos un problema para publicar un comentario');
+    }
+  }
+
  public function __destruct() {
    parent::__destruct();
    $this -> pdo = null;
--- a/views/pages/article.php
+++ b/views/pages/article.php
@ -41,6 +41,8 @@

 <!-- HTML head -->
 <?php require_once 'views/components/head.php' ?>
+<?php require_once 'views/components/messages.php' ?>
+
 <!-- HTML body -->
 <header>
    <!-- Nav bar -->
@ -107,8 +109,6 @@
    </div>
 </section>

-<?php require_once 'views/components/messages.php' ?>
-
 <section class="comments">
    <div class="comments__container">
        <h2 class="comments__title">Deja tu opinión al autor</h2>
@ -121,7 +121,7 @@
            </picture>
            <form class="comments__form" method="POST" action="<?= $view ?>">
                <input type="hidden" name="csrf" value="<?= $token ?>">
-                <textarea class="comments__textarea" placeholder="Hazle saber que estuviste aqui"  maxlength="255" name="textarea"></textarea>
+                <textarea class="comments__textarea" placeholder="Hazle saber que estuviste aqui"  minlength="1" maxlength="255" name="body" required></textarea>
                <input type="submit" name="comments-form" class="comments__button" value="Enviar">
            </form>
        </div>