$url = substr($url, 0, (strlen($url)-6));
}
$this->url = $url;
+ $this->fetch_note();
+ $this->fetch_comments();
+ }
+
+ public function fetch_note() {
$sql = "SELECT title, date_posted, text, id
FROM notes WHERE url = ?";
$result = $this->query($sql, "s",
} else {
throw new notFound();
}
+ }
+
+ public function fetch_comments() {
$sql = "SELECT COUNT(*) FROM comments
WHERE note = $this->id";
$result = $this->db->query($sql);
require_once("view/note.php");
}
- public function verify() {
- if (!isset($_POST['captcha'])) {
- require_once('includes/recaptchalib.php');
- echo "<br>";
- $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
- $_SERVER["REMOTE_ADDR"],
- $_POST["recaptcha_challenge_field"],
- $_POST["recaptcha_response_field"]);
- if (!$resp->is_valid) {
- $this->failed_captcha = true;
- }
- }
- if (isset($_POST['captcha']) || $resp->is_valid) {
- $sql = ("INSERT INTO comments (date_posted, author,
- text, note)
- VALUES(NOW(), ?, ?, ?)");
- $stmt = $this->db->prepare($sql);
- // Checks are needed here (no blank text,
- // and a default author needs to be set
- // for no-javascript users.
- $stmt->bind_param('sss',
- $_POST['name'],
- $_POST['text'],
- $this->id);
- $stmt->execute();
- }
- }
-
public function display_comment_link() {
if ($this->number_of_comments > 0) {
$anchor_text = "comments($this->number_of_comments)/";
}
public function display_comments() {
- // should be called like $note->comment[0]['author']
$sql= "SELECT date_posted, author, text
FROM comments WHERE note = ?
ORDER BY date_posted DESC";
$i = 0;
foreach ($result as $row => $entry) {
$this->comment[$i]['date_posted'] = $entry['date_posted'];
- $this->comment[$i]['author'] = $entry['author'];
+ $this->comment[$i]['author'] = htmlspecialchars($entry['author']);
$this->comment[$i]['text'] = htmlspecialchars($entry['text']);
- $this->comment[$i]['head'] = "<h3>" . htmlspecialchars($author) . "</h3>";
$i++;
- }
+ }
+ require_once('view/comment.php');
}
public function display_comment_form() {
$publickey = $this->recaptcha_publickey;
require_once("view/comment-form.php");
}
+
+ public function verify() {
+ if (!isset($_POST['captcha'])) {
+ require_once('includes/recaptchalib.php');
+ echo "<br>";
+ $resp = recaptcha_check_answer ($this->recaptcha_privatekey,
+ $_SERVER["REMOTE_ADDR"],
+ $_POST["recaptcha_challenge_field"],
+ $_POST["recaptcha_response_field"]);
+ if (!$resp->is_valid) {
+ $this->failed_captcha = true;
+ }
+ }
+ if (isset($_POST['captcha']) || $resp->is_valid) {
+ $sql = ("INSERT INTO comments (date_posted, author,
+ text, note)
+ VALUES(NOW(), ?, ?, ?)");
+ $stmt = $this->db->prepare($sql);
+ // Checks are needed here (no blank text,
+ // and a default author needs to be set
+ // for no-javascript users.
+ $stmt->bind_param('sss',
+ $_POST['name'],
+ $_POST['text'],
+ $this->id);
+ $stmt->execute();
+ }
+ }
+
}
?>
disinclined.org / git / dylansserver.git / blobdiff