X-Git-Url: https://disinclined.org/git/?a=blobdiff_plain;f=index.php;h=5bf04d624bb2aeca2e97f88374664e31ff0d894c;hb=7a7a4e50628b1397204dfe1c3847aee0bda73a08;hp=16a01ec0fc051c7a87a63c42fd45a12b536bca81;hpb=d4adeb654507e6cd75aac3f264ae21ed5d16bfab;p=dylansserver.git diff --git a/index.php b/index.php index 16a01ec..5bf04d6 100644 --- a/index.php +++ b/index.php @@ -304,7 +304,7 @@ class note extends cms { $this->comments_enabled = $comments_enabled; $url = htmlspecialchars($_SERVER['REQUEST_URI']); if (isset($_GET['verify'])) { - $url = substr($url, 0, (strlen($url)-7)); + $url = substr($url, 0, (strlen($url)-6)); } $this->url = $url; } @@ -321,11 +321,8 @@ class note extends cms { public function display() { $this->display_head(); $this->display_note(); - if (isset($_GET['verify'])) { - $this->verify(); - } if ($this->comments_enabled) { - $this->display_comments(); // but where are they? + $this->display_comments(); $this->display_comment_form(); } $this->write_navigation(); @@ -334,13 +331,27 @@ class note extends cms { private function verify() { require_once('includes/recaptchalib.php'); + echo "
"; $resp = recaptcha_check_answer ($this->recaptcha_privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if (!$resp->is_valid) { - echo "The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")"; - } + echo "sorry, reCAPTCHA said you're not human.


"; + } else { + $sql = ("INSERT INTO comments (date_posted, author, + email, text, note) + VALUES(NOW(), ?, ?, ?, ?)"); + $stmt = $this->db->prepare($sql); + // Checks are needed here (no blank text, + // and a default author / email need to be set + $stmt->bind_param('ssss', + htmlspecialchars($_POST['author']), + htmlspecialchars($_POST['email']), + htmlspecialchars($_POST['text']), + $this->id); + $stmt->execute(); + } } private function display_note() { @@ -365,23 +376,32 @@ class note extends cms { } private function write_navigation() { - echo "
"; - echo "
"; - echo "

"; - echo "notes/"; - echo "

"; - echo "
"; + echo << +
+

+ notes/ +

+
+END_OF_NAVIGATION; } private function display_comment_link() { - $url = $this->url . 'comments/'; + // somehow I should be checking if there are any first, + // change to 'comment?' + if (substr($this->url, (strlen($this->url)-1), strlen($this->url)) == '/') { + $url = $this->url . 'comments/'; + } else { + $url = $this->url . '/comments/'; + } echo "comments"; } private function display_comments() { echo "
"; $sql= "SELECT date_posted, author, email, text - FROM comments WHERE note = ?"; + FROM comments WHERE note = ? + ORDER BY date_posted DESC"; $result = $this->query($sql, "d", $this->id); foreach ($result as $row => $entry) { $date_posted = $entry['date_posted']; @@ -399,13 +419,52 @@ END_OF_COMMENT; } private function display_comment_form() { - // Trailing slash is necessary for reloads to work - $url = $this->url . "verify/"; - echo "
"; + echo << +var RecaptchaOptions = { + theme : 'custom', + custom_theme_widget: 'recaptcha_widget' + }; + +END_CAPTCHA_STYLE; require_once('includes/recaptchalib.php'); + // Trailing slash is necessary for reloads to work + $url = $this->url . "verify"; + echo ""; + echo << + +

comment:


+
+

name:


+
+

email:


+
+ + +
+
+
Incorrect please try again
+ enter the words above: + enter the numbers you hear: +
+ + +
audio CAPTCHA?
+
Get an image CAPTCHA
+ +
+
+FORM; echo recaptcha_get_html($this->recaptcha_publickey); - echo ""; - echo ""; + if (isset($_GET['verify'])) { + $this->verify(); + } + echo << + +
+END_OF_FORM; } }