/** * @author Jim Ahlstrand * @param string $comment content of comment to be stored * @return void */ function addComment($comment) { try { // Create the comment $comment = Comment::createComment($comment); // Update the database $this->comments[] = intval($comment->id); $comments = serialize($this->comments); // TODO Check so this actually fits in database $sth = $this->dbh->prepare(SQL_UPDATE_REVIEW_COMMENTS_WHERE_ID); $sth->bindParam(":comments", $comments, PDO::PARAM_STR); $sth->bindParam(":id", $this->id, PDO::PARAM_INT); $sth->execute(); } catch (Exception $e) { echo $e->getMessage(); } }
public function viewAction() { $id = $this->_request->getParam('id'); $captchaCode = $this->_request->getParam('captcha_code'); $modelBlog = new Page(); $blog = $modelBlog->getPage($id); if ($blog) { $this->view->blog = $blog; // tags $modelTags = new Tags(); $where = array('blog_id' => $id); $tags = $modelTags->getTags($where); if ($tags) { $this->view->tags = $tags; } // 评论 $modelComment = new Comment(); $comments = $modelComment->getComments($id); $this->view->comments = $comments; $dataComment = $this->_request->getPost(); // 获取表单提交值 if ($dataComment) { if ($dataComment['captcha'] == $captchaCode) { // 定义过滤规则 $filters = array('name' => array('StringTrim'), 'comment' => 'StripTags'); // 定义验证规则 $validators = array('name' => array(array('StringLength', 3, 16), 'NotEmpty', Zend_Filter_Input::MESSAGES => array(array(Zend_Validate_StringLength::INVALID => "请输入一个合法的字符串", Zend_Validate_StringLength::TOO_SHORT => "请输入字符长度为3-16", Zend_Validate_StringLength::TOO_LONG => "请输入字符长度为3-16"))), 'email' => array('EmailAddress', Zend_Filter_Input::MESSAGES => array(array(Zend_Validate_EmailAddress::INVALID_FORMAT => "邮件格式不正确,请重新输入。"))), 'comment' => array()); // 实例化过滤器并进行过滤验证 $data = $_POST; $filterPost = new Zend_Filter_Input($filters, $validators, $data); if ($filterPost->hasInvalid() || $filterPost->hasMissing()) { $messages = $filterPost->getMessages(); foreach ($messages as $message) { foreach ($message as $value) { echo $value . "<br />"; } } } // 将经过验证的数据写入数据库 $modelComment = new Comment(); $newComment = $modelComment->createComment($pid = $id, $filterPost->name, $filterPost->email, $filterPost->comment); if ($newComment) { $this->_redirect('/blog/view/id/' . $id); } else { echo "评论提交出错!"; } } else { echo "验证码错误,请刷新后重新输入。"; } } // 生成验证码 $this->captcha_session = new Zend_Session_Namespace('captcha'); //在默认构造函数里实例化 $captcha = new Zend_Captcha_Image(array('font' => 'images/SIMYOU.TTF', 'session' => $this->captcha_session, 'fontsize' => 15, 'imgdir' => 'images/code/', 'width' => 120, 'height' => 30, 'gcFreq' => 3, 'dotNoiseLevel' => 5, 'lineNoiseLevel' => 1, 'wordlen' => 4)); $captcha->generate(); // 生成图片 // 界面方式 $this->view->img_dir = $captcha->getImgDir(); $this->view->captcha_id = $captcha->getId(); //图片文件名,md5编码 $this->view->captcha_code = $captcha->getWord(); $this->view->id = $id; } else { echo "该博客文章不存在!"; } }
//show all users printf("Show all users:\n"); $users = DocumentsManager::showUsers(); while ($row = $users->fetch_assoc()) { printf("%s\n", $row['username']); } //////////////////////////// //Comment UNIT TESTS //////////////////////////// printf("/////////////////////////////////\n"); printf("STARTING Comment UNIT TESTS\n"); printf("/////////////////////////////////\n"); //construct empty comment $comment = new Comment(); //add comment $comment->createComment(1083097730, "kmassey", "I love this studyguide."); //delete comment $comment->deleteComment(); //fetch existing comment $comment2 = new Comment(255494673); //fetch body of existing comment $comment_body = $comment2->getCommentBody(); printf("Fetched Comment: %s\n", $comment_body); //block comment printf("Blocking comment %d\n", 255494673); $comment2->block(); $isBlocked = $comment2->isBlocked(); $bool_str = $isBlocked ? "true" : "false"; printf("Comment %d is blocked: %s\n", 255494673, $bool_str); //unblock comment printf("Unblocking comment %d\n", 255494673);
<?php require_once "header.php"; if ($_SERVER["REQUEST_METHOD"] === 'POST') { $newComment = new Comment(); $newComment->createComment($conn, $_SESSION["user_id"], $_GET["tweet_id"], $_POST["comment"]); header("Location: http://localhost/ProjectTwitter/index.php"); } ?> <hr> <form method="post" action="#" style="padding: 20px"> <textarea name="comment" placeholder="Enter comment here"></textarea><br> <label></label><br> <input type="submit" value="Comment"> </form> <hr>
require_once "functions/function.inputSanitizer.inc.php"; if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['tweetText'])) { $tweet = new Tweet($conn); if (strlen($_POST['tweetText']) > 140) { echo "Twój tweet jest za długi"; } else { if (!$tweet->createTweet($user->getId(), sanitizeMySQL($conn, $_POST['tweetText']))) { echo "BŁĄD!"; } } } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['commentText'])) { if (strlen($_POST['commentText']) > 5) { $comment = new Comment($conn); $comment->createComment($user->getId(), sanitizeMySQL($conn, $_POST['tweetID']), sanitizeMySQL($conn, $_POST['commentText'])); } else { echo "Twój komentarz jest za krótki"; } } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['tweetDelete'])) { $tweet = new Tweet($conn); $tweet->loadFromDB(sanitizeMySQL($conn, $_POST['tweetDelete'])); $tweet->deleteTweet(); } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['commentDelete'])) { $comment = new Comment($conn); $comment->loadFromDB(sanitizeMySQL($conn, $_POST['commentDelete'])); $comment->deleteComment(); } if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['userLogout'])) {
define("OK", 31); function errorDie($paramError, $paramErrorCode) { $arrayToJs = array(); $arrayToJs["response"] = $paramError; $arrayToJs["response_code"] = $paramErrorCode; die(json_encode($arrayToJs)); } if (!isset($_POST['article']) || !is_numeric($_POST['article'])) { errorDie("No article!", NO_ARTICLE); exit; } if (!isset($_POST['content'])) { errorDie("Comment has no content!", NO_CONTENT); exit; } if (strlen($_POST['content']) < 3) { errorDie("Content is too short!", TOO_SHORT); exit; } $user = getUser(); if ($user == null) { errorDie("You need to be logged in in order to post comments.", NOT_LOGGED_IN); exit; } $comment = Comment::createComment(Security::escape($_POST['article']), $user); $comment->setContent(Security::escape($_POST['content'])); $succesArray = array(); $succesArray["response"] = "Comment posted!"; $succesArray["response_code"] = OK; die(json_encode($succesArray));
require_once "src/connection.php"; session_start(); if (isset($_SESSION['user']) == false) { header("location: login.php"); } $myUser = $_SESSION['user']; if ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST') { if (isset($_GET['tweetId'])) { $tweetIdToShow = $_GET['tweetId']; $tweetToShow = Tweet::getTweetById($tweetIdToShow); } if ($tweetToShow == true) { echo "Tweet: <b>{$tweetToShow->getText()}</b>"; echo "<p>{$tweetToShow->getCreationDate()}</p><br><br>"; } else { echo "Taki tweet nie istnieje, spieprzaj dziadu.<br><br>"; } if ($_SERVER['REQUEST_METHOD'] == 'POST') { Comment::createComment($myUser->getId(), $tweetToShow->getId(), $_POST['comment']); } } echo "Ostatnie komentarze:<br>"; $allComments = Comment::loadAllComments($tweetIdToShow); foreach ($allComments as $comment) { $userIdToShow = $comment->getUserId(); $userToShow = User::getUserById($userIdToShow); echo "<a href='show_user.php?userId={$userIdToShow}'>{$userToShow->getUserName()}:\n {$comment->getCommentText()}</a><br>"; echo "{$comment->getCommentDate()}<br><br>"; } echo "\n <form action='show_tweet.php?tweetId={$tweetIdToShow}' method='POST'>\n <input type = 'text' name = 'comment' placeholder = 'Write comment''>\n <input type = 'submit' value = 'Post comment'>\n </form>\n <br><br>"; echo "\n <br><br>\n <a href = 'show_user.php?userId={$myUser->getId()}'>Powrót na swój profil</a>\n <br><br>\n <a href = 'main.php'>Powrot do glównej</a>\n <br><br>\n <a href = 'logout.php'>Wyloguj</a>";
<li><a href="show_user.php?userId=<?php echo "{$myUser->getId()}"; ?> "><span class="glyphicon glyphicon-user"></span> My profile</a></li> <li><a href="logout.php"><span class="glyphicon glyphicon-log-out"></span> Logout</a></li> </ul> </div> </div> </nav> <?php if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_POST['tweet'])) { Tweet::createTweet($myUser->getId(), $_POST['tweet']); } if (isset($_POST['comment'])) { Comment::createComment($myUser->getId(), $_POST['tweet_id'], $_POST['comment']); } } ?> <div class="container"> <div class="jumbotron"> <h1>Tweeter</h1> <p><?php echo "Welcome {$myUser->getEmail()}"; ?> .</p> <hr> <h4>What's on your mind?</h4> <form role='form' action="main.php" method="post"> <div class='form-group'> <input class='form-control' id='inputdefault' type="text" name="tweet" placeholder="...">
} else { /* header("HTTP/1.0 401 Unauthorized"); */ // If sent Javascript will do anything... echo "Error: Unauthorized."; } } if (is_writable($jsonDatabaseFile) && is_readable($jsonDatabaseFile)) { if (!($handle = fopen($jsonDatabaseFile, 'a+'))) { echo "Cannot open file ({$jsonDatabaseFile})"; exit; } $comments = new Comments(); $comments->allComments($jsonDatabaseFile); if ($_GET['action'] == "save" && $_POST['id'] == "E73BF175-F920-447D-993D-CE4169F17BCD") { $postedComment = new Comment(); $postedComment->createComment($_POST['commentatorName'], $_POST['commentatorEmail'], $_POST['commentatorText'], $_POST['commentatorWebsite'], $_SERVER['REMOTE_ADDR']); if (!is_null($postedComment)) { $comments->addComment($postedComment); echo json_encode($postedComment); } else { echo "Error: Comment could not be saved."; } } else { if ($_GET['action'] == "save" && $_POST['id'] != "E73BF175-F920-447D-993D-CE4169F17BCD") { echo "Error: Unauthorized."; } } if ($_GET['action'] == "remove") { if ($_POST['adminUsername'] == $encryptedUsername && $_POST['adminPassword'] == $encryptedPassword) { $postid = $_GET['id']; if ($postid == "") {