+ public function display() {
+ $this->display_head();
+ echo "<div id='notes'>";
+ $sql = "SELECT date_posted, title, url, text
+ FROM notes ORDER BY date_posted DESC
+ LIMIT ?, ?";
+ $result = $this->query($sql, "ii",
+ $this->offset,
+ $this->notes_per_page);
+ foreach ($result as $row => $entry) {
+ $title = $entry['title'];
+ $url = '/note/' . $entry['url'];
+ $date_posted = explode("-", $entry['date_posted']);
+ $year_posted = $date_posted[0];
+ $month_posted = $date_posted[1];
+ $datetime_posted = explode(' ', $date_posted[2]);
+ $day_posted = $datetime_posted[0];
+ $text = $entry['text'];
+ echo <<<END_NOTE
+ <div class='note'>
+ <h1>
+ <span class='date'>$year_posted/$month_posted/$day_posted/</span><a rel="canonical" href='$url'>$title</a>
+ </h1>
+ $text
+ </div>
+END_NOTE;
+ }
+ echo "</div>";
+ $this->write_navigation();
+ $this->display_close();
+ }
+
+ private function write_navigation() {
+ echo "<div id='navigation'>";
+ echo "<h1>";
+ if($this->page > 1){
+ $previous_page = $this->page - 1;
+ echo "<a href='/notes/page/$previous_page'>prev</a>";
+ }
+ if($this->page < $this->number_of_pages) {
+ $forward_page = $this->page + 1;
+ echo " <a href='/notes/page/$forward_page'>next</a>";
+ }
+ echo "</h1>";
+ echo "</div>";
+ }
+
+}
+
+
+class note extends cms {
+
+ private $id;
+ private $comments_enabled = false;
+ private $failed_captcha;
+ public $url;
+ public $title;
+ public $year_posted;
+ public $month_posted;
+ public $day_posted;
+ public $text;
+ public $number_of_comments;
+
+ public function __construct() {
+ $this->scripts = "
+ <script type='text/javascript' src='/includes/syntax/scripts/shCore.js'></script>
+ <script type='text/javascript' src='/includes/syntax/scripts/shAutoloader.js'></script>
+ <link type='text/css' rel='stylesheet' href='/includes/syntax/styles/shCore.css'>
+ <link type='text/css' rel='stylesheet' href='/includes/syntax/styles/shThemeDefault.css'>
+ <script type='text/javascript'>
+ function highlight() {
+ SyntaxHighlighter.autoloader(
+ 'js /includes/syntax/scripts/shBrushJScript.js',
+ 'bash /includes/syntax/scripts/shBrushBash.js',
+ 'sql /includes/syntax/scripts/shBrushSql.js',
+ 'cpp /includes/syntax/scripts/shBrushCpp.js');
+ SyntaxHighlighter.defaults['gutter'] = false;
+ SyntaxHighlighter.defaults['toolbar'] = false;
+ SyntaxHighlighter.all();
+ }
+ </script>
+ ";
+
+ if (isset($_GET['comments'])) {
+ $this->scripts .= "
+ <script type='text/javascript' src='http://www.google.com/recaptcha/api/js/recaptcha_ajax.js'></script>
+ <script type='text/javascript' src='/includes/comment.js'></script>";
+ }
+ parent::__construct();
+ if (isset($_GET['comments'])) {
+ $this->comments_enabled = true;
+ }
+ $url = htmlspecialchars($_SERVER['REQUEST_URI']);
+ if (isset($_GET['verify'])) {
+ $url = substr($url, 0, (strlen($url)-6));
+ }
+ $this->url = $url;
+ $sql = "SELECT title, date_posted, text, id
+ FROM notes WHERE url = ?";
+ $result = $this->query($sql, "s",
+ $_GET['note']);
+ if ($result) {
+ $entry = $result[0];
+ $this->id = $entry["id"];
+ $this->title = $entry["title"];
+ $date_posted = explode("-", $entry["date_posted"]);
+ $this->year_posted = $date_posted[0];
+ $this->month_posted = $date_posted[1];
+ $datetime_posted = explode(' ', $date_posted[2]);
+ $this->day_posted = $datetime_posted[0];
+ $this->text = $entry["text"];
+ } else {
+ throw new notFound();
+ }
+ $sql = "SELECT COUNT(*) FROM comments
+ WHERE note = $this->id";
+ $result = $this->db->query($sql);
+ $result = $result->fetch_array();
+ $this->number_of_comments = $result[0];
+ if (isset($_GET['verify'])) {
+ $this->verify();
+ }
+ }
+
+ public function display() {
+ $this->display_head();
+ $this->display_note();
+ if ($this->comments_enabled) {
+ $this->display_comments();
+ $this->display_comment_form();
+ }
+ $this->write_navigation();
+ $this->display_close();
+ }
+
+ private function verify() {
+ if (!isset($_POST['captcha'])) {
+ require_once('includes/recaptchalib.php');
+ echo "<br>";
+ $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
+ $_SERVER["REMOTE_ADDR"],
+ $_POST["recaptcha_challenge_field"],
+ $_POST["recaptcha_response_field"]);
+ if (!$resp->is_valid) {
+ $this->failed_captcha = true;
+ }
+ }
+ if (isset($_POST['captcha']) || $resp->is_valid) {
+ $sql = ("INSERT INTO comments (date_posted, author,
+ text, note)
+ VALUES(NOW(), ?, ?, ?)");
+ $stmt = $this->db->prepare($sql);
+ // Checks are needed here (no blank text,
+ // and a default author needs to be set
+ // for no-javascript users.
+ $stmt->bind_param('sss',
+ htmlspecialchars($_POST['name']),
+ htmlspecialchars($_POST['text']),
+ $this->id);
+ $stmt->execute();
+ }
+ }
+
+ private function display_note() {
+ echo <<<END_OF_NOTE
+ <div id='note'>
+ <h1><span class='date'>$this->year_posted/$this->month_posted/$this->day_posted/</span>$this->title</h1>
+ $this->text
+ </div>
+END_OF_NOTE;
+ }