include './includes/functions.php'; $host_url = host_url(); if (!isset($_SESSION['user'])) { $_SESSION['errors']['state'] = 'am-alert-warning'; $_SESSION['errors']['details'] = ['请您先登录!']; header('Location:' . $host_url . 'login.php'); exit; } if ($_POST) { $database_config = (require __DIR__ . '/config/database.php'); require_once __DIR__ . '/lib/Medoo.class.php'; $medoo = @new Medoo($database_config); $medoo->query('set names utf8'); $title = handle_illegal_string($_POST['title']); $type = $_POST['type']; $content0 = handle_illegal_string($_POST['content']); $content = htmlspecialchars($content0); $class = $medoo->select('class', '*', ['name' => $type]); $pass = isset($_POST['pass']) ? $_POST['pass'] : '******'; if (count($class)) { $_SESSION['class'] = $class[0]; } else { echo "没有这种类型"; } if (strlen($content) > 10) { if ($medoo->insert('article', ['title' => $title, 'content' => $content, 'user_id' => $_SESSION['user']['id'], 'class_id' => $_SESSION['class']['id'], 'created_at' => date('Y-m-d H:i:s'), 'pass' => $pass])) { $_SESSION['errors']['state'] = 'am-alert-success'; $_SESSION['errors']['details'] = ['发帖成功啦!']; header('Location:' . $host_url . 'index.php'); exit; } else {
$_SESSION['article'] = $article; } else { $_SESSION['errors']['state'] = 'am-alert-warning'; $_SESSION['errors']['details'] = ['请您通过正确的方式进入读帖页面!']; header('Location:' . $host_url . 'index.php'); exit; } $comment_previous = $medoo->select('comment', ['[>]article' => ['comment.article_id' => 'id'], '[>]users' => ['comment.user_id' => 'id']], ['comment.id', 'comment.user_id', 'comment.article_id', 'comment.content', 'comment.created_at', 'users.name'], ['article.id' => $article['id']]); if ($_POST) { if (!isset($_SESSION['user'])) { $_SESSION['errors']['state'] = 'am-alert-warning'; $_SESSION['errors']['details'] = ['请您先登录!']; header('Location:' . $host_url . 'login.php'); exit; } $comment0 = isset($_POST['comment']) ? handle_illegal_string($_POST['comment']) : ''; $comment = htmlspecialchars($comment0); if ($medoo->insert('comment', ['content' => $comment, 'user_id' => $_SESSION['user']['id'], 'article_id' => $article['id'], 'created_at' => date('Y-m-d H:i:s')])) { $_SESSION['errors']['state'] = 'am-alert-success'; $_SESSION['errors']['details'] = ['评论成功啦!']; header('Location:' . $host_url . 'read_article.php?aid=' . $aid); exit; } else { $_SESSION['post']['comment'] = $_POST['comment']; $_SESSION['errors']['state'] = 'am-alert-warning'; $_SESSION['errors']['details'] = ['Sorry,@~_~@,我们的数据库出问题啦,稍后再试']; } } ?> <body> <?php