From 5b70780eb304ed68645d48f06f65034499d7a515 Mon Sep 17 00:00:00 2001
From: Dylan Lloyd <dylan@psu.edu>
Date: Tue, 8 Mar 2011 02:34:53 -0500
Subject: [PATCH] Added form fields and started insert SQL

I have NO idea how to get the recaptcha image to align right without floating it, which screws up everything else.

Insert SQL still does not work, I'm thinking there should be a cms->insert method to sanitize the data.

I was thinking about having a cms->sanitize method to abstract the htmlspecialchars() use etc. in case something changes but decided against it.

Now using custom styling for the recaptcha, it already looks much cleaner, but still needs cleaning up.
---
 includes/style.css | 22 ++++++++++++---
 index.php          | 67 ++++++++++++++++++++++++++++++++++++++--------
 2 files changed, 75 insertions(+), 14 deletions(-)

diff --git a/includes/style.css b/includes/style.css
index f4e7094..e7c97e0 100644
--- a/includes/style.css
+++ b/includes/style.css
@@ -169,13 +169,29 @@ pre {
 }
 
 #comments {
-	border-right:3px solid black;
+	border-right:1px solid black;
 	padding-right:15px;
 }
 
 #comment {
+	padding-right:15px;
+	border-right:1px solid black;
+	margin-top:15px;
+	text-align:right;
 }
 
-#recaptcha_widget_div {
-	float:right;
+#comment input {
+	border:1px solid grey;
+}
+
+#comment textarea {
+	border:1px solid grey;
+}
+
+#comment .submit {
+	background:#FFF;
+	border:1px solid white;
+	color:blue;
+	cursor:pointer;
+	font-size:120%;
 }
diff --git a/index.php b/index.php
index 16a01ec..516089e 100644
--- a/index.php
+++ b/index.php
@@ -340,7 +340,14 @@ class note extends cms {
 								    $_POST["recaptcha_response_field"]);
     if (!$resp->is_valid) {
       echo "The reCAPTCHA wasn't entered correctly. Go back and try it again." . "(reCAPTCHA said: " . $resp->error . ")";
-    }
+    } else {
+	  $sql = ("INSERT INTO comments (date_posted, author,
+	  			email, text, note
+				VALUES(NOW(), ?, ?, ?, ?, ?");
+	  echo htmlspecialchars($_POST['author']);
+	  echo htmlspecialchars($_POST['email']);
+	  echo htmlspecialchars($_POST['text']);
+	}
   }
 
   private function display_note() {
@@ -365,12 +372,14 @@ class note extends cms {
   }
 
   private function write_navigation() {
-	echo "<br>";
-    echo "<div id=\"navigation\">";
-    echo "<h2>";
-    echo "<a href=\"/notes/\">notes</a>/";
-    echo "</h2>";
-    echo "</div>";
+    echo <<<END_OF_NAVIGATION
+	<br>
+    <div id=\"navigation\">
+    <h2>
+    <a href=\"/notes/\">notes</a>/
+    </h2>
+    </div>
+END_OF_NAVIGATION;
   }
 
   private function display_comment_link() {
@@ -399,13 +408,49 @@ END_OF_COMMENT;
   }
 
   private function display_comment_form() {
+    echo <<<END_CAPTCHA_STYLE
+<script type="text/javascript">
+var RecaptchaOptions = {
+   theme : 'custom',
+   custom_theme_widget: 'recaptcha_widget'
+   };
+</script>
+END_CAPTCHA_STYLE;
+    require_once('includes/recaptchalib.php');
 	// Trailing slash is necessary for reloads to work
     $url = $this->url . "verify/";
-	echo "<form id=\"comment\" method=\"post\" action=\"$url\">";
-    require_once('includes/recaptchalib.php');
+	echo "<form method=\"post\" action=\"$url\">";
+	echo  <<<FORM
+	<div id="comment">
+
+<h3>comment:</h3><br>
+<textarea rows="10" cols="30" name=text></textarea><br>
+<h3>name:</h3><br>
+<input type=text name=author><br>
+<h3>email:</h3><br>
+<input type=text name=email><br>
+<nowiki>
+
+<div id="recaptcha_widget"> 
+  <div id="recaptcha_image"></div>
+  <div class="recaptcha_only_if_incorrect_sol" style="color:red">Incorrect please try again</div>
+  <span class="recaptcha_only_if_image"><b>enter the words above</b>:</span>
+  <span class="recaptcha_only_if_audio"><b>enter the numbers you hear</b>:</span>
+  <br>
+  <input type="text" id="recaptcha_response_field" name="recaptcha_response_field" />
+  <div><a href="javascript:Recaptcha.reload()">get another CAPTCHA</a></div>
+  <div class="recaptcha_only_if_image"><a href="javascript:Recaptcha.switch_type('audio')">get an audio CAPTCHA</a></div>
+  <div class="recaptcha_only_if_audio"><a href="javascript:Recaptcha.switch_type('image')">Get an image CAPTCHA</a></div>
+  <div><a href="javascript:Recaptcha.showhelp()">help?</a></div>
+  <br><br>
+</div>
+FORM;
 	echo recaptcha_get_html($this->recaptcha_publickey);
-	echo "<input type=\"submit\">";
-	echo "</form>";
+	echo  <<<END_OF_FORM
+	<input class="submit" type="submit" value="comment">
+	</form>
+	</div>
+END_OF_FORM;
   }
 }
 
-- 
2.30.2