public function addNewComment() { $response['signed'] = false; $response['valid'] = false; $response['succeeded'] = false; $response['comment'] = array(); $postdata = file_get_contents("php://input"); $request = json_decode($postdata); $comment = ['post_id' => $comment_id = $request->post_id, 'caption' => $caption = $request->caption]; $v = new Validator(); $v->required('post_id')->digits(); $v->required('caption')->lengthBetween(1, 1000); $result = $v->validate($comment); $response['valid'] = $result->isValid(); if (isset($_SESSION["user_id"]) && strlen(trim($_SESSION["user_id"])) > 0) { $response['signed'] = true; if ($response['valid']) { $response['comment'] = addComment($_SESSION['user_id'], $comment); $response['succeeded'] = true; } else { print_r($result->getFailures()); } } echo json_encode($response); }
function add_comment($moderator_email) { $caller = strtolower($_POST["url"]); //$_SERVER['HTTP_REFERER']; $filename = md5($caller); $abs_comment_file = realpath('.') . '/' . $filename . '.xml'; $date_value = time(); $comment_id = $date_value . '-' . rand(1, 100000000); $author_value = processText($_POST["name"]); $subject_value = trim(processText($_POST["subject"])); $msg_value = processText($_POST["message"]); $email = processText($_POST["email"]); $site = processText($_POST["site"]); $title = processText($_POST["title"]); $parent_id = processText($_POST["id"]); $dom_id = processText($_POST["domid"]); $moderate = processText($_POST["moderate"]); // 0 No moderate, 1: waiting for moderate 2: trash 3: spamn 4: approved $max_reply = intval(processText($_POST["max"])); $secured = empty($_SERVER["HTTPS"]) ? '' : $_SERVER["HTTPS"] == "on" ? "s" : ""; $protocol = strleft(strtolower($_SERVER["SERVER_PROTOCOL"]), "/") . $secured; $ec_path = $protocol . '://' . $_SERVER['HTTP_HOST'] . processText($_POST["path"]); if (empty($parent_id)) { $parent_id = null; } $ip = $_SERVER["REMOTE_ADDR"]; $ret = addComment($abs_comment_file, $caller, $title, $dom_id, $comment_id, $date_value, $author_value, $subject_value, $email, $site, $msg_value, $ip, $moderate, $parent_id, $max_reply); $msg_value = str_replace(array("\r", "\n"), "<br />", $msg_value); echo json_encode(array("id" => $comment_id, "comment" => '<li class="ec-comment" id="' . $comment_id . '">' . ' <div class="avatar"></div>' . ' <span class="user-name author">' . $author_value . '</span> <br/>' . ' <span class="comment-html">' . (empty($subject_value) ? '' : ' <strong>' . $subject_value . '</strong><br /><br />') . $msg_value . ' </span><br/>' . ' <span class="comment-time">' . ago(time() - $date_value * 1) . '</span><br/>' . ($ret ? ' <button name="reply" id="reply_' . $comment_id . '">Reply</button>' : "") . '</li>')); // send email to moderator if ($moderate == "1") { $body = 'A new comment is waiting for your approval:<br /><br />' . 'Author:' . $author_value . '(IP: ' . $ip . ')<br/>' . 'Email:' . $email . '<br/>' . 'URL:' . $site . '<br/>' . 'Subject:' . $subject_value . '<br/>' . 'Whois:<a href="http://whois.arin.net/rest/ip/' . $ip . '" target="_blank">http://whois.arin.net/rest/ip/' . $ip . '</a><br/>' . 'Comment:<br/>' . '<blockquote>' . $msg_value . '</blockquote><br/>' . 'To moderate this message, click <a href="' . $ec_path . 'ec-dashboard.html">' . $ec_path . 'ec-dashboard.html</a><br/>' . '<br/>' . 'Thanks for choosing EastComment<br/><br/>' . '<a href="http://www.jswidget.com/lab/easy-comment.html" target="_blank">http://www.jswidget.com/lab/easy-comment.html</a>'; sendEmail($moderator_email, $body); } }
<?php include 'functions.php'; $commentBody = htmlspecialchars($_POST['commentBody']); $postId = htmlspecialchars($_POST['postId']); $userId = htmlspecialchars($_SESSION['userId']); if (!commentIsOkay($commentBody)) { $_SESSION['errors'] = ['error' => 'Comment cannot be empty!']; return header('Location: ' . 'viewPost.php?postId=' . $postId); } addComment($commentBody, $postId, $userId); header('Location: ' . 'viewPost.php?postId=' . $postId);
echo "</form>"; } session_start(); $storyCreator = showStory(); showLink(); echo "<br><br><br><br>"; showComment(); if (isset($_SESSION['user_name'])) { if (isset($_POST["replyCommentButton"])) { $replyTo = htmlspecialchars($_POST["replyCommentTo"]); } elseif (isset($_POST["replyStoryButton"])) { $replyTo = htmlspecialchars($_POST["replyStory"]); } else { $replyTo = $storyCreator; } addComment($storyCreator, $replyTo); } else { echo "<br>log in to reply<br><br>"; } ?> <form action="storyBoard.php" > <?php session_start(); echo "<input type=\"hidden\" name=\"token\" value=" . htmlspecialchars($_SESSION['token']) . ">"; ?> <input type="submit" name="returnStoryBoard" value="Back"> </form> </div> </body>
} if ($count == 0) { addView($mid); } addIPAddress($mid); $r = mysql_query("SELECT uid,cvid,mid,comment FROM `Comments` WHERE mid='{$mid}'") or die(mysql_error()); $q = mysql_query("SELECT * FROM `Media` WHERE mid='{$mid}'") or die(mysql_error()); $row = mysql_fetch_assoc($q); $path = $row["MediaPath"]; $name = $row['Title']; $text = $row['Description']; $type = $row['Type']; if (isset($_POST['comment'])) { if ($_SESSION["username"]) { if (strlen($_POST['text']) > 0) { addComment($id, $mid, $_POST['text']); } } else { $url = $_SERVER['REQUEST_URI']; echo "<meta http-equiv=\"refresh\" content=\"0;url=Login.php?url={$url}\">"; } } } ?> <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"> <html xmlns="http://www.w3.org/1999/xhtml"> <link rel="stylesheet" type="text/css" href="css/style.css"/> <head> <title> PLAYER
$xmlRoot->appendChild(userInfo($dbconn, $xmlDoc, $_REQUEST['id'])); break; case "editUsername": $xmlRoot->appendChild(editUsername($dbconn, $xmlDoc, $_REQUEST['id'], $_REQUEST['username'])); break; case "castVote": $xmlRoot->appendChild(castVote($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['vote'])); break; case "tallyVotes": $xmlRoot->appendChild(tallyVotes($dbconn, $xmlDoc, $_REQUEST['post_id'])); break; case "checkForUserVote": $xmlRoot->appendChild(checkForUserVote($dbconn, $xmlDoc, $_REQUEST['post_id'], $_REQUEST['user_id'])); break; case "addComment": $xmlRoot->appendChild(addComment($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['post_id'], $_REQUEST['comment'])); break; case "getComments": $xmlRoot->appendChild(getComments($dbconn, $xmlDoc, $_REQUEST['post_id'])); break; case "addNewUser": $xmlRoot->appendChild(addNewUser($dbconn, $xmlDoc, $_REQUEST['username'], $_REQUEST['password'], $_REQUEST['email'])); break; case "signIn": $xmlRoot->appendChild(signIn($dbconn, $xmlDoc, $_REQUEST['username'], $_REQUEST['password'])); break; case "getConnections": $xmlRoot->appendChild(getConnections($dbconn, $xmlDoc, $_REQUEST['user_id'], $_REQUEST['module_type'])); break; case "logs": $xmlRoot->appendChild(getLogs($dbconn, $xmlDoc, $_REQUEST['user_id']));
require 'header.php'; require 'config.php'; // Empty pour n'envoyer des commentaires à la bdd que si $errors est vide ! if (!empty($_POST['submitcomm'])) { $id_post = $_POST['id_post']; $auteur = $_POST['auteur']; $message = $_POST['commentaire']; $errors = []; if (empty($message)) { $errors = "Message requis !"; } if (empty($auteur)) { $errors = "Auteur requis !"; } if (empty($errors)) { addComment($bdd, $id_post, $auteur, $message); } } // Empty pour n'envoyer des posts à la bdd que si $errors est vide ! if (!empty($_POST['submitpost'])) { $titre = $_POST['titre']; $contenu = $_POST['contenu']; $errors = []; if (empty($contenu)) { $errors = "Message requis !"; } if (empty($titre)) { $errors = "Titre requis !"; } if (empty($errors)) { addPost($bdd, $titre, $contenu);
break; case "DELETE": $data["goalID"] = $path[1]; $results = deleteGoal($data); break; default: $results["meta"] = methodNotAllowed($method, $path); } break; case "comments": switch ($method) { case "GET": $results = getComments($data); break; case "POST": $results = addComment($data); break; case "PATCH": $data["commentID"] = $path[1]; $results = editComment($data); break; case "DELETE": $data["commentID"] = $path[1]; $results = deleteComment($data); break; default: $results["meta"] = methodNotAllowed($method, $path); } break; case "follows": switch ($method) {
print getData($sql); break; case 'getAlbum': $albumUserID = intval($_POST['albumUserID']); if ($albumUserID <= 0) { $sql = "SELECT * FROM AlbumTable WHERE AlbumName!='Face' and AlbumName!='Default'"; } else { $sql = "SELECT * FROM AlbumTable WHERE UserID={$albumUserID}"; } print getData($sql); break; case 'sendComment': if ($ifLogin == 1) { $cmt = $_POST['cmt']; $picID = $_POST['picID']; addComment($userID, $picID, $cmt, time()); } else { } break; case 'addLike': if ($ifLogin == 1) { $picID = $_POST['picID']; addLike($userID, $picID, time()); } else { } break; case 'uploadPic': if ($ifLogin == 1) { $picAlbumID = $_POST['upAlbumID']; $picAlbumName = $_POST['upAlbumName']; $sql = "SELECT * FROM AlbumTable WHERE AlbumID={$picAlbumID} AND UserID={$userID}";
case 'sharePhotos': $sCaption = db_value("SELECT `Caption` FROM `ProfileCompose` WHERE `Func` = 'SharePhotos'"); echo PageCompSharePhotosContent($sCaption, $profileID); break; case 'shareVideos': $sCaption = db_value("SELECT `Caption` FROM `ProfileCompose` WHERE `Func` = 'ShareVideos'"); echo PageCompShareVideosContent($sCaption, $profileID); break; } exit; } $_page['header'] = process_line_output($p_arr['NickName']) . ": " . htmlspecialchars_adv($p_arr['Headline']); //$_page['header_text'] = process_line_output( $p_arr['Headline'] ); //post comment if ($_POST['commentsubmit']) { $ret .= addComment($profileID); } //delete comment if ($_GET['action'] == 'commentdelete') { $ret .= deleteComment((int) $_GET['commentID']); } // track profile views if ($track_profile_view && $memberID && !$oProfile->owner) { db_res("DELETE FROM `ProfilesTrack` WHERE `Member` = {$memberID} AND `Profile` = {$profileID}", 0); db_res("INSERT INTO `ProfilesTrack` SET `Arrived` = NOW(), `Member` = {$memberID}, `Profile` = {$profileID}", 0); } $_ni = $_page['name_index']; $_page_cont[$_ni]['page_main_code'] = $oProfile->genColumns(); PageCode(); function addComment($profileID) {
<?php session_start(); include "config.php"; include "db.php"; dbconnect() or send_err_mail("Cannot connect to server" . mysql_error(), $PHP_SELF); $user_id = $_SESSION[vis_user_id]; $organiser_id = $_SESSION[vis_organiser_id]; $track_discussion = addslashes($track_discussion); $result = addComment($discus_track_id, $discus_event_id, $track_discussion); ?> <table border='0' width='100%' cellspacing="0" cellpadding="0" style="padding:100px;" > <?php $Discus_track_sql = "SELECT {$tbltrackDiscussion}.contact_id,{$tbltrackDiscussion}.track_discussion,{$tblcontact}.contact_prof_pic,{$tblcontact}.contact_name,{$tblcontact}.salutation,{$tblcontact}.first_name,{$tblcontact}.last_name FROM {$tbltrackDiscussion},{$tblcontact} WHERE {$tbltrackDiscussion}.status IN ('active') AND {$tbltrackDiscussion}.track_id='{$discus_track_id}' AND {$tbltrackDiscussion}.event_id='{$discus_event_id}' AND {$tbltrackDiscussion}.contact_id={$tblcontact}.contact_id ORDER BY {$tbltrackDiscussion}.added_on"; $Discus_track_res = mysql_query($Discus_track_sql) or send_err_mail($Discus_track_sql . mysql_error(), $PHP_SELF); $Discus_track_total = mysql_num_rows($Discus_track_res); if ($Discus_track_total > 0) { while ($Discus_track_row = mysql_fetch_array($Discus_track_res)) { $discuss_contact_id = $Discus_track_row['contact_id']; $registarnt_type_id = get_registarnt_type_of_this_event($event_id, $discuss_contact_id); if ($registarnt_type_id == "1") { $discuss_profile_page = "buyer_profile.php"; } if ($registarnt_type_id == "2") { $discuss_profile_page = "seller_profile.php"; } if ($registarnt_type_id == "3") { $discuss_profile_page = "speaker_profile.php"; } if ($registarnt_type_id == "4") {
$arg = round($arg); } else { $arg = 0; } return $arg; } require_once 'gshare.php'; // work // outputs if ($_GET['ss']) { if (file_exists("styles/{$_GET['ss']}")) { setcookie('style', $_GET['ss'], time() + 3600 * 24 * 30); redir("/"); } } elseif (int_esc($_GET['ac']) && isset($_POST['name']) && isset($_POST['text'])) { addComment($_GET['ac'], strip_tags($_POST['name']), $_POST['text']); redir("/?e={$_GET['ac']}"); } elseif ($_GET['a'] == 'new-uri') { if (preg_match('|^gnunet://ecrs/chk/[A-Z0-9]+\\.[A-Z0-9]+\\.\\d+$|', $_POST['uri'], $matches) && isset($_POST['title']) && isset($_POST['desc'])) { $_POST['title'] = strip_tags($_POST['title']); if ($num = postNewEntry($_POST['uri'], $_POST['title'], $_POST['desc'])) { redir("/?e={$num}"); } } else { $page = "Something's not right"; } } elseif (int_esc($_GET['p'])) { $page = getPage($_GET['p']); if (getPagesCount() > $_GET['p']) { $nextpage = "| <a href='{$r}/?p='" . ($_GET['p'] + 1) . "'>25 older entries »</a>"; }
$bool = $cod->setUsed($code32); $bool = $cod->setUsed($code33); $msg = "Votation Done."; header("Location: ../views/popularVote.php?msg={$msg}"); } } else { if (isset($_GET["idpincho"])) { //Código para leer comentarios $idpincho = $_GET["idpincho"]; viewComments($idpincho); } else { if (isset($_POST["message"])) { //Código para añadir comentario $message = $_POST["message"]; $idpincho = $_POST["idpincho"]; addComment($message, $idpincho); } else { echo "No recibe"; } } } } } } } } function viewComments($idpincho) { $c = new Comments(); $array = $c->getComments($idpincho); if ($array == false) {
function story_addcomment() { if (!empty($_POST['content'])) { $id = $_GET['id']; addComment(2, $id); } header("location:" . $_SERVER['HTTP_REFERER']); }
function reportForumPost($itemId) { if (!is_numeric($itemId)) { return false; } $item = getForumItem($itemId); if (!$item) { return false; } if (isset($_POST['motivation'])) { $queueId = addToModerationQueue(MODERATION_FORUM, $itemId); addComment(COMMENT_MODERATION, $queueId, $_POST['motivation']); goLoc('forum.php?id=' . $item['parentId']); die; } echo showForumPost($item, '', false) . '<br/>'; echo xhtmlForm('abuse', $_SERVER['PHP_SELF'] . '?id=' . $itemId); echo t('Write a motivation') . ':<br/>'; echo xhtmlTextarea('motivation', '', 50, 5) . '<br/><br/>'; echo xhtmlSubmit('Report'); echo xhtmlFormClose() . '<br/><br/>'; }
$response = array(); $response["result"] = false; $curtime = time(); if ($lastcomment != null && $curtime - $lastcomment < 5) { $response["feedback"] = "!-- don't comment too frequently"; } else { if ($activityid > 0 && $userid != null) { include_once "../model/connect.php"; include_once "../model/activitymodel.php"; include_once "../model/audiencemodel.php"; include_once "../model/commentmodel.php"; include_once "../model/filter.php"; $conn = getConnection(); if (getActivityState($conn, $activityid) == 1) { if (getmsgAuthority($conn, $activityid, $userid) == 0) { $content = commentFilter($content); $response["result"] = addComment($conn, $activityid, $userid, $content); $_SESSION["lastcomment"] = $curtime; } else { $response["feedback"] = "you are not allowed to comment by the administrator"; } } else { $response["feedback"] = "this activity not exists or has been closed"; } mysql_close($conn); } else { $response["feedback"] = "!-- you are not online"; } } header("Content-Type:application/json;charset=utf-8"); echo json_encode($response);
} } $userName = isset($_POST["name_{$entryId}"]) ? $_POST["name_{$entryId}"] : ''; $userSecret = isset($_POST["secret_{$entryId}"]) ? 1 : 0; $userHomepage = isset($_POST["homepage_{$entryId}"]) ? $_POST["homepage_{$entryId}"] : ''; $userComment = isset($_POST["comment_{$entryId}"]) ? $_POST["comment_{$entryId}"] : ''; $comment = array(); $comment['entry'] = $entryId; $comment['parent'] = null; $comment['name'] = $userName; $comment['password'] = OPENID_PASSWORD; $comment['homepage'] = $userHomepage == '' || $userHomepage == 'http://' ? $openid_identity : $userHomepage; $comment['secret'] = $userSecret; $comment['comment'] = $userComment; $comment['ip'] = $_SERVER['REMOTE_ADDR']; $result = addComment($blogid, $comment); $errorString = ''; if (in_array($result, array("ip", "name", "homepage", "comment", "etc"))) { switch ($result) { case "name": $errorString = _text('차단된 이름을 사용하고 계시므로 댓글을 남기실 수 없습니다.'); break; case "ip": $errorString = _text('차단된 IP를 사용하고 계시므로 댓글을 남기실 수 없습니다.'); break; case "homepage": $errorString = _text('차단된 홈페이지 주소를 사용하고 계시므로 댓글을 남기실 수 없습니다.'); break; case "comment": $errorString = _text('금칙어를 사용하고 계시므로 댓글을 남기실 수 없습니다.'); break;
function about_media_addcomment() { global $name; if (!empty($_POST['content'])) { include "./module/{$name}/function.php"; $id = $_GET['id']; addComment(1, $id); } header("location:" . $_SERVER['HTTP_REFERER']); }
</script> <?php } else { if ($comment['comment'] == '') { ?> <script type="text/javascript"> //<![CDATA[ alert("<?php echo _text('본문을 입력해 주십시오.'); ?> "); //]]> </script> <?php } else { if (addComment($blogid, $comment) !== false) { if (!$comment['secret']) { $pool->init("Entries"); $pool->setQualifier("blogid", "eq", $blogid); $pool->setQualifier("id", "eq", $comment['entry']); $pool->setQualifier("draft", "eq", 0); $pool->setQualifier("visibility", "eq", 3); $pool->setQualifier("acceptcomment", "eq", 1); if ($row = $pool->getRow()) { sendCommentPing($comment['entry'], $context->getProperty('uri.default') . "/" . ($context->getProperty('blog.useSloganOnPost') ? "entry/{$row['slogan']}" : $comment['entry']), !doesHaveMembership() ? $comment['name'] : User::getName(), !doesHaveMembership() ? $comment['homepage'] : User::getHomepage()); } } $skin = new Skin($context->getProperty('skin.skin')); printHtmlHeader(); ?> <script type="text/javascript">
} } // Grab each line of a comment and push them on an array to be re-joined later $fullComment = array(); while ($ljParser->parse()) { $value = trim($ljParser->iNodeValue); if ($ljParser->iNodeType == NODE_TYPE_TEXT && $value != "" && $value != ")" && $value != "(" && $value != "link") { // When we get to the reply link, the comment is over if (strtolower($value) == "reply to this") { break; } $fullComment[] = $value; } } $comment = implode("\n\n", $fullComment); addComment($entryID, $user, $comment, $time); } } } } echo "</pre>"; mysql_close(); function addComment($entryID, $commenter, $comment, $time) { global $commentTable, $blogID, $knownCommenters; $comment .= "\n(posted on LiveJournal)"; $commenter = addslashes($commenter); $comment = htmlentities($comment); $commenterEmail = $commenter . "@livejournal.com"; $commenterURL = "http://" . $commenter . ".livejournal.com"; $commenterName = $commenter;
$username = "******"; $password = "******"; $db = 'test'; $dbh = new PDO("mysql:host={$servername}; dbname={$db};", $username, $password); $dbh->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $data = $_POST['data']; $type = $_POST['type']; $values = split(',', $data); if ($type == 'kit') { addKit($values, $dbh); } if ($type == 'log') { addLog($values, $dbh); } if ($type == 'comment') { addComment($values, $dbh); } if ($type == 'challange') { addChallange($values, $dbh); } if ($type == 'chComment') { addChComment($values, $dbh); } if ($type == 'site') { addSite($values, $dbh); } if ($type == 'like') { like($values, $dbh); } function addKit($json, $db) {
<?php session_start(); include "carpoolingDAO.php"; $commentText = $_POST["commentText"]; $tripId = $_POST["tripId"]; $userId = $_SESSION["userId"]; addComment($commentText, $userId, $tripId); ?>
if (isset($username) && isset($_GET["favorite"])) { addFavoriteMedia($username, $mediaid); } if (isset($username) && isset($_GET["commentid"])) { $commentid = $_GET["commentid"]; rmComment($commentid); } if (isset($username) && $_SERVER["REQUEST_METHOD"] == "POST") { if (!empty($_POST["playlist"])) { foreach ($_POST["playlist"] as $playlistid) { addPlaylistMedia($playlistid, $mediaid); } } if (!empty($_POST["comment"])) { $content = $_POST["comment"]; addComment($username, $mediaid, $content); } if (!empty($_POST["rate"])) { $score = $_POST["rate"]; rateMedia($mediaid, $username, $score); } } $recommend = recommend($mediaid, 8); $media = viewMedia($mediaid); $comments = getComments($mediaid); if (isset($username) && isset($_GET["subscribe"])) { $subscriber_id = $username; $channel_id = $media['username']; if ($subscriber_id != $channel_id) { addChannel($subscriber_id, $channel_id); }
<?php include_once 'database/connection.php'; include_once 'database/comments.php'; try { addComment($_POST['event_id'], $_POST['user_id'], $_POST['text']); } catch (PDOException $e) { die($e->getMessage()); } header('Location: ' . $_SERVER['HTTP_REFERER']);
} if (isset($_GET["logout"])) { include 'user_class.php'; logoutUser(); header("Location: login.php"); } $comment = ""; $comment_error = ""; if (isset($_POST["comment"])) { if (empty($_POST["comment"])) { $comment_error = "See väli on kohustuslik"; } else { $comment = cleanInput($_POST["comment"]); } if ($comment_error == "") { $message = addComment($comment); if ($message != "") { // õnnestus, teeme inputi väljad tühjaks $comment = ""; echo $message; } } } // kuulan, kas kasutaja tahab vastata if (isset($_GET["yes"])) { ///saadan kustutatava auto id yesAnswer($_GET["yes"]); } if (isset($_GET["no"])) { ///saadan kustutatava auto id noAnswer($_GET["no"]);
function insertFeedback($uid, $pid, $done, $time, $tried, $liked, $skills, $breakthrough, $fun, $difficulty, $when_return) { mysql_query('START TRANSACTION'); if (strcmp($done, 'yes') == 0) { $donetext = 'Yes'; $done = 0; } else { if (strcmp($done, 'no') == 0) { doneTestingPuzzle($uid, $pid); $donetext = 'No'; $done = 1; } else { if (strcmp($done, 'notype') == 0) { doneTestingPuzzle($uid, $pid); $donetext = 'No, this isn\'t a puzzle type I like.'; $done = 2; } else { if (strcmp($done, 'nostuck') == 0) { doneTestingPuzzle($uid, $pid); $donetext = 'No, I\'m not sure what to do and don\'t feel like working on it anymore.'; $done = 3; } else { if (strcmp($done, 'nofun') == 0) { doneTestingPuzzle($uid, $pid); $donetext = 'No, I think I know what to do but it isn\'t fun/I\'m not making progress.'; $done = 4; } else { if (strcmp($done, 'nospoiled') == 0) { doneTestingPuzzle($uid, $pid); $donetext = 'No, I was already spoiled on this puzzle'; $done = 5; } else { if (strcmp($done, 'nodone') == 0) { doneTestingPuzzle($uid, $pid); $donetext = 'No, I\'ve solved it.'; $done = 6; } } } } } } } $comment = createFeedbackComment($donetext, $time, $tried, $liked, $skills, $breakthrough, $fun, $difficulty, $when_return); $ncomment = "<p><strong>Testing Feedback</strong></p>"; $ncomment .= "<p><a class='description' href='#'>[View Feedback]</a></p>"; $ncomment .= "<div>{$comment}</div>"; addComment($uid, $pid, $ncomment, FALSE, TRUE, TRUE); $sql = sprintf("INSERT INTO testing_feedback (uid, pid, done, how_long, tried, liked, skills, breakthrough, fun, difficulty, when_return)\n VALUES ('%s', '%s', '%s', '%s', '%s', '%s', '%s', '%s', %s, %s, '%s')", mysql_real_escape_string($uid), mysql_real_escape_string($pid), mysql_real_escape_string($done), mysql_real_escape_string($time), mysql_real_escape_string($tried), mysql_real_escape_string($liked), mysql_real_escape_string($skills), mysql_real_escape_string($breakthrough), mysql_real_escape_string($fun), mysql_real_escape_string($difficulty), mysql_real_escape_string($when_return)); query_db($sql); mysql_query('COMMIT'); }
$db->setFetchMode(MDB2_FETCHMODE_ASSOC); function showPaper($code) { global $smarty; $article = new Lesen_paper($code); if (is_null($article)) { die("wrong paper code"); } foreach (array("authors", "tutors") as $name) { foreach ($article->{"_" . $name} as $val) { ${$name}[] = new Lesen_person((int) $val); } } $smarty->assign(array('paper' => $article, 'authors' => $authors, 'tutors' => $tutors, 'comments' => lesen_getComment($code))); $smarty->assign('body', $smarty->fetch('paper.tpl')); } function addComment() { if (ereg("[A-Za-z0-9]", $_POST['name']) && ereg("[A-Za-z0-9]", $_POST['body'])) { lesen_saveComment($_POST['name'], $_POST['email'], $_POST['url'], $_POST['body'], $_GET['code'], 0); } else { return false; } } if (isset($_POST)) { addComment(); } if (isset($_GET['code'])) { showPaper($_GET['code']); } $smarty->display('page.tpl');
<?php include 'db.php'; include 'application.php'; $user = $_SESSION['username']; $type = $_GET['type']; $id = $_SESSION['songid']; $comment = $_GET['textarea']; addComment($id, $comment, $user, $type); header("Location: ../info.php?playlist=" . $id);
/** * Processes loading of this sample code through a web browser. Uses AuthSub * authentication and outputs a list of a user's albums if succesfully * authenticated. * * @return void */ function processPageLoad() { global $_SESSION, $_GET; if (!isset($_SESSION['sessionToken']) && !isset($_GET['token'])) { requestUserLogin('Please login to your Google Account.'); } else { $client = getAuthSubHttpClient(); if (!empty($_REQUEST['command'])) { switch ($_REQUEST['command']) { case 'retrieveSelf': outputUserFeed($client, "default"); break; case 'retrieveUser': outputUserFeed($client, $_REQUEST['user']); break; case 'retrieveAlbumFeed': outputAlbumFeed($client, $_REQUEST['user'], $_REQUEST['album']); break; case 'retrievePhotoFeed': outputPhotoFeed($client, $_REQUEST['user'], $_REQUEST['album'], $_REQUEST['photo']); break; } } // Now we handle the potentially destructive commands, which have to // be submitted by POST only. if (!empty($_POST['command'])) { switch ($_POST['command']) { case 'addPhoto': addPhoto($client, $_POST['user'], $_POST['album'], $_FILES['photo']); break; case 'deletePhoto': deletePhoto($client, $_POST['user'], $_POST['album'], $_POST['photo']); break; case 'addAlbum': addAlbum($client, $_POST['user'], $_POST['name']); break; case 'deleteAlbum': deleteAlbum($client, $_POST['user'], $_POST['album']); break; case 'addComment': addComment($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['comment']); break; case 'addTag': addTag($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['tag']); break; case 'deleteComment': deleteComment($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['comment']); break; case 'deleteTag': deleteTag($client, $_POST['user'], $_POST['album'], $_POST['photo'], $_POST['tag']); break; default: break; } } // If a menu parameter is available, display a submenu. if (!empty($_REQUEST['menu'])) { switch ($_REQUEST['menu']) { case 'user': displayUserMenu(); break; case 'photo': displayPhotoMenu(); break; case 'album': displayAlbumMenu(); break; case 'logout': logout(); break; default: header('HTTP/1.1 400 Bad Request'); echo "<h2>Invalid menu selection.</h2>\n"; echo "<p>Please check your request and try again.</p>"; } } if (empty($_REQUEST['menu']) && empty($_REQUEST['command'])) { displayMenu(); } } }
</head> <body> <main> <header> <span class="headerText">Flat Chat</span> </header> <section class="chat"> <div class="editor"> <?php showEditor(); ?> </div> <div class="commentField"> <?php $messages = getContent(); $messages = addComment($messages); showContent($messages); ?> </div> </section> <section> </section> </main> </body> </html>