feed-reader-central/src/public/item.php

<?php

/**
 * Item View Page
 *
 * Retrieves and displays an item from a feed belonging to the current user
 */

include '../start.php';

$db = Data::getConnection();
Security::verifyUser($db);

if ($_SERVER['REQUEST_METHOD'] == 'POST') {
    // "Keep as New" button sends a POST request to reset the is_read flag before going back to the list of unread items
    $isValidQuery = $db->prepare(<<<'SQL'
        SELECT COUNT(*)
          FROM item INNER JOIN feed ON feed.id = item.feed_id
         WHERE item.id = :id AND feed.user_id = :user
        SQL);
    $isValidQuery->bindValue(':id',   $_POST['id']);
    $isValidQuery->bindValue(':user', $_SESSION[Key::USER_ID]);
    $isValidResult = $isValidQuery->execute();
    if ($isValidResult && $isValidResult->fetchArray(SQLITE3_NUM)[0] == 1) {
        $keepUnread = $db->prepare('UPDATE item SET is_read = 0 WHERE id = :id');
        $keepUnread->bindValue(':id', $_POST['id']);
        $keepUnread->execute();
    }
    $db->close();
    frc_redirect($_POST['from']);
}

$from = $_GET['from'] ?? '/';

if ($_SERVER['REQUEST_METHOD'] == 'DELETE') {
    $deleteQuery = $db->prepare(<<<'SQL'
        DELETE FROM item
         WHERE id IN (
                 SELECT item.id
                   FROM item INNER JOIN feed ON feed.id = item.feed_id
                  WHERE item.id      = :id
                    AND feed.user_id = :user)
        SQL);
    $deleteQuery->bindValue(':id',   $_GET['id']);
    $deleteQuery->bindValue(':user', $_SESSION[Key::USER_ID]);
    if ($deleteQuery->execute()) {
        add_info('Item deleted');
    } else {
        add_error(Data::error($db)['error']);
    }
    $db->close();
    frc_redirect($from);
}

$query = $db->prepare(<<<'SQL'
    SELECT item.title AS item_title, item.item_link, item.published_on, item.updated_on, item.content,
           feed.title AS feed_title
      FROM item INNER JOIN feed ON feed.id = item.feed_id
     WHERE item.id      = :id
       AND feed.user_id = :user
    SQL);
$query->bindValue(':id',   $_GET['id']);
$query->bindValue(':user', $_SESSION[Key::USER_ID]);
$result = $query->execute();
$item = $result ? $result->fetchArray(SQLITE3_ASSOC) : false;

if ($item) {
    $markRead = $db->prepare('UPDATE item SET is_read = 1 WHERE id = :id');
    $markRead->bindValue(':id', $_GET['id']);
    $markRead->execute();
}

$published = date_time($item['published_on']);
$updated   = isset($item['updated_on']) ? date_time($item['updated_on']) : null;

page_head(htmlentities("{$item['item_title']} | {$item['feed_title']}")); ?>
<h1 class=item_heading>
    <span class=bookmark hx-get="/bookmark?id=<?=$_GET['id']?>" hx-trigger=load hx-target=this hx-swap=outerHTML
          hx-push-url=false></span>
    <a href="<?=$item['item_link']?>" target=_blank rel=noopener><?=strip_tags($item['item_title'])?></a><br>
</h1>
<div class=item_published>
    From <strong><?=htmlentities($item['feed_title'])?></strong><br>
    Published <?=date_time($item['published_on'])?><?=$updated && $updated != $published ? " (Updated $updated)" : ''?>
</div>
<article>
    <div class=item_content><?=str_replace('<a ', '<a target=_blank rel=noopener ', $item['content'])?></div>
    <form class=action_buttons action=/item method=POST hx-post=/item>
        <input type=hidden name=id value=<?=$_GET['id']?>>
        <input type=hidden name=from value="<?=$from?>">
        <?=hx_get($from, 'Done')?>
        <button type=submit>Keep as New</button>
        <button type=button hx-delete=/item>Delete</button>
    </form>
</article><?php
page_foot();
$db->close();