X-Git-Url: https://disinclined.org/git/?a=blobdiff_plain;f=index.php;h=e743a3897ac6d06e471cf459b41beef527beff4d;hb=8a98916cf3e32d836493c4f1800aea0b25d7b63f;hp=16a01ec0fc051c7a87a63c42fd45a12b536bca81;hpb=d4adeb654507e6cd75aac3f264ae21ed5d16bfab;p=dylansserver.git
diff --git a/index.php b/index.php
index 16a01ec..e743a38 100644
--- a/index.php
+++ b/index.php
@@ -321,11 +321,8 @@ class note extends cms {
public function display() {
$this->display_head();
$this->display_note();
- if (isset($_GET['verify'])) {
- $this->verify();
- }
if ($this->comments_enabled) {
- $this->display_comments(); // but where are they?
+ $this->display_comments();
$this->display_comment_form();
}
$this->write_navigation();
@@ -334,13 +331,27 @@ class note extends cms {
private function verify() {
require_once('includes/recaptchalib.php');
+ echo "
";
$resp = recaptcha_check_answer ($this->recaptcha_privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
- echo "The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")";
- }
+ echo "sorry, reCAPTCHA said you're not human.
";
+ } else {
+ $sql = ("INSERT INTO comments (date_posted, author,
+ email, text, note)
+ VALUES(NOW(), ?, ?, ?, ?)");
+ $stmt = $this->db->prepare($sql);
+ // Checks are needed here (no blank text,
+ // and a default author / email need to be set
+ $stmt->bind_param('ssss',
+ htmlspecialchars($_POST['author']),
+ htmlspecialchars($_POST['email']),
+ htmlspecialchars($_POST['text']),
+ $this->id);
+ $stmt->execute();
+ }
}
private function display_note() {
@@ -365,15 +376,19 @@ class note extends cms {
}
private function write_navigation() {
- echo "
";
- echo "