+ private $id;
+ private $comments_enabled = false;
+ private $failed_captcha;
+ public $url;
+ public $title;
+ public $year_posted;
+ public $month_posted;
+ public $day_posted;
+ public $text;
+ public $number_of_comments;
+
+ public function __construct() {
+ $this->scripts = "
+ <script type='text/javascript' src='/includes/syntax/scripts/shCore.js'></script>
+ <script type='text/javascript' src='/includes/syntax/scripts/shAutoloader.js'></script>
+ <link type='text/css' rel='stylesheet' href='/includes/syntax/styles/shCore.css'>
+ <link type='text/css' rel='stylesheet' href='/includes/syntax/styles/shThemeDefault.css'>
+ <script type='text/javascript'>
+ function highlight() {
+ SyntaxHighlighter.autoloader(
+ 'js /includes/syntax/scripts/shBrushJScript.js',
+ 'bash /includes/syntax/scripts/shBrushBash.js',
+ 'sql /includes/syntax/scripts/shBrushSql.js',
+ 'cpp /includes/syntax/scripts/shBrushCpp.js');
+ SyntaxHighlighter.defaults['gutter'] = false;
+ SyntaxHighlighter.defaults['toolbar'] = false;
+ SyntaxHighlighter.all();
+ }
+ </script>
+ ";
+
+ if (isset($_GET['comments'])) {
+ $this->scripts .= "
+ <script type='text/javascript' src='http://www.google.com/recaptcha/api/js/recaptcha_ajax.js'></script>
+ <script type='text/javascript' src='/includes/comment.js'></script>";
+ }
+ parent::__construct();
+ if (isset($_GET['comments'])) {
+ $this->comments_enabled = true;
+ }
+ $url = htmlspecialchars($_SERVER['REQUEST_URI']);
+ if (isset($_GET['verify'])) {
+ $url = substr($url, 0, (strlen($url)-6));
+ }
+ $this->url = $url;
+ $sql = "SELECT title, date_posted, text, id
+ FROM notes WHERE url = ?";
+ $result = $this->query($sql, "s",
+ $_GET['note']);
+ if ($result) {
+ $entry = $result[0];
+ $this->id = $entry["id"];
+ $this->title = $entry["title"];
+ $date_posted = explode("-", $entry["date_posted"]);
+ $this->year_posted = $date_posted[0];
+ $this->month_posted = $date_posted[1];
+ $datetime_posted = explode(' ', $date_posted[2]);
+ $this->day_posted = $datetime_posted[0];
+ $this->text = $entry["text"];
+ } else {
+ throw new notFound();
+ }
+ $sql = "SELECT COUNT(*) FROM comments
+ WHERE note = $this->id";
+ $result = $this->db->query($sql);
+ $result = $result->fetch_array();
+ $this->number_of_comments = $result[0];
+ if (isset($_GET['verify'])) {
+ $this->verify();
+ }
+ }
+
+ public function display() {
+ $this->display_head();
+ $this->display_note();
+ if ($this->comments_enabled) {
+ $this->display_comments();
+ $this->display_comment_form();
+ }
+ $this->write_navigation();
+ $this->display_close();
+ }
+
+ private function verify() {
+ if (!isset($_POST['captcha'])) {
+ require_once('includes/recaptchalib.php');
+ echo "<br>";
+ $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
+ $_SERVER["REMOTE_ADDR"],
+ $_POST["recaptcha_challenge_field"],
+ $_POST["recaptcha_response_field"]);
+ if (!$resp->is_valid) {
+ $this->failed_captcha = true;
+ }
+ }
+ if (isset($_POST['captcha']) || $resp->is_valid) {
+ $sql = ("INSERT INTO comments (date_posted, author,
+ text, note)
+ VALUES(NOW(), ?, ?, ?)");
+ $stmt = $this->db->prepare($sql);
+ // Checks are needed here (no blank text,
+ // and a default author needs to be set
+ // for no-javascript users.
+ $stmt->bind_param('sss',
+ htmlspecialchars($_POST['name']),
+ htmlspecialchars($_POST['text']),
+ $this->id);
+ $stmt->execute();
+ }
+ }
+
+ private function display_note() {
+ echo <<<END_OF_NOTE
+ <div id='note'>
+ <h1><span class='date'>$this->year_posted/$this->month_posted/$this->day_posted/</span>$this->title</h1>
+ $this->text
+ </div>
+END_OF_NOTE;
+ }
+
+ private function write_navigation() {
+ echo <<<END_OF_NAVIGATION
+ <br><br><br><br>
+ <div id='navigation'>
+ <h1>
+END_OF_NAVIGATION;
+ if (!$this->comments_enabled) {
+ $this->display_comment_link();
+ }
+ echo <<<END_OF_NAVIGATION
+ <a href="/notes/">back to notes/</a>
+ </h1>
+ </div>
+END_OF_NAVIGATION;
+ }
+
+ private function display_comment_link() {
+ if ($this->number_of_comments > 0) {
+ $anchor_text = "comments($this->number_of_comments)/";
+ } else {
+ $anchor_text = "comment?";
+ }
+ if (substr($this->url, (strlen($this->url)-1), strlen($this->url)) == '/') {
+ $url = $this->url . 'comments/';
+ } else {
+ $url = $this->url . '/comments/';
+ }
+ echo "<a id='comment_link' href='$url'>$anchor_text</a>";
+ }
+
+ private function display_comments() {
+ echo "<div id='comments'>";
+ $sql= "SELECT date_posted, author, text
+ FROM comments WHERE note = ?
+ ORDER BY date_posted DESC";
+ $result = $this->query($sql, 'd', $this->id);
+ foreach ($result as $row => $entry) {
+ $date_posted = $entry['date_posted'];
+ $author = $entry['author'];
+ $text = htmlspecialchars($entry['text']);
+ $head = "<h3>$author</h3>";
+ echo <<<END_OF_COMMENT
+ <div class='comment'>
+ $head
+ $text
+ </div>
+END_OF_COMMENT;
+ }
+ echo "</div>";
+ }
+
+ private function display_comment_form() {
+ $publickey = $this->recaptcha_publickey;
+ echo <<<END_CAPTCHA_STYLE
+<script type="text/javascript">
+Recaptcha.create("$publickey",
+ "recaptcha_div",
+ {
+ theme : 'custom',
+ custom_theme_widget: 'recaptcha_widget',
+ callback: Recaptcha.focus_response_field
+ });
+</script>
+END_CAPTCHA_STYLE;
+ require_once('includes/recaptchalib.php');
+ $url = $this->url . "verify";
+ echo "<form id='comment_form' method='post' action='$url'>";
+ echo <<<END_OF_FORM
+ <div id="comment">
+ <h3>comment:</h3>
+ <textarea rows="10" cols="70" name="text" id="comment_text"></textarea>
+ <h3>name:</h3>
+ <input type=text name="name" id="comment_name">
+
+ <nowiki>
+ <div id="recaptcha_widget">
+ <br>
+ <h3><b>what's this say</b>?</h3>
+ <br>
+ <div id="recaptcha_image"></div>
+ <br><br><br>
+ <span class="recaptcha_only_if_image"><br><br><br></span>
+ <input type="text" id="recaptcha_response_field" name="recaptcha_response_field" />
+ <br><br>
+ <h3 class="recaptcha_only_if_audio"><b>enter the numbers you hear</b>:</h3>
+ <span class="recaptcha_help">
+ <a href="javascript:Recaptcha.reload()">another?</a> /
+ <span class="recaptcha_only_if_image"><a href="javascript:Recaptcha.switch_type('audio')">audio?</a> /</span>
+ <span class="recaptcha_only_if_audio"><a href="javascript:Recaptcha.switch_type('image')">image?</a></span><a href="javascript:Recaptcha.showhelp()">help?</a>
+ </span>
+ </div>
+END_OF_FORM;
+ echo recaptcha_get_html($this->recaptcha_publickey);
+ if ($this->failed_captcha) {
+ echo <<<END_OF_ERRORS
+ <div id="not_human">
+ reCAPTCHA said you're not human, <br>
+ try again?
+ </div>
+ <input id="submit" class="submit" type="submit" value="post comment">
+ </form>
+ </div>
+END_OF_ERRORS;
+ } else {
+ echo <<<END_OF_ERRORS
+ <div id="not_human">
+ reCAPTCHA said you're not human, <br>
+ try again?
+ </div>
+ <div id="blank_comment">
+ but you didn't write anything! <br>
+ </div>
+END_OF_ERRORS;
+ }
+ echo <<<END_OF_FORM
+ <input id="submit" class="submit" type="submit" value="post comment">
+ </form>
+ </div>
+END_OF_FORM;
+ }
+}
+
+
+class archive extends cms {
+