/**
* @author Jim Ahlstrand
* @param string $comment content of comment to be stored
* @return void
*/
function addComment($comment)
{
try {
// Create the comment
$comment = Comment::createComment($comment);
// Update the database
$this->comments[] = intval($comment->id);
$comments = serialize($this->comments);
// TODO Check so this actually fits in database
$sth = $this->dbh->prepare(SQL_UPDATE_REVIEW_COMMENTS_WHERE_ID);
$sth->bindParam(":comments", $comments, PDO::PARAM_STR);
$sth->bindParam(":id", $this->id, PDO::PARAM_INT);
$sth->execute();
} catch (Exception $e) {
echo $e->getMessage();
}
}
public function viewAction()
{
$id = $this->_request->getParam('id');
$captchaCode = $this->_request->getParam('captcha_code');
$modelBlog = new Page();
$blog = $modelBlog->getPage($id);
if ($blog) {
$this->view->blog = $blog;
// tags
$modelTags = new Tags();
$where = array('blog_id' => $id);
$tags = $modelTags->getTags($where);
if ($tags) {
$this->view->tags = $tags;
}
// 评论
$modelComment = new Comment();
$comments = $modelComment->getComments($id);
$this->view->comments = $comments;
$dataComment = $this->_request->getPost();
// 获取表单提交值
if ($dataComment) {
if ($dataComment['captcha'] == $captchaCode) {
// 定义过滤规则
$filters = array('name' => array('StringTrim'), 'comment' => 'StripTags');
// 定义验证规则
$validators = array('name' => array(array('StringLength', 3, 16), 'NotEmpty', Zend_Filter_Input::MESSAGES => array(array(Zend_Validate_StringLength::INVALID => "请输入一个合法的字符串", Zend_Validate_StringLength::TOO_SHORT => "请输入字符长度为3-16", Zend_Validate_StringLength::TOO_LONG => "请输入字符长度为3-16"))), 'email' => array('EmailAddress', Zend_Filter_Input::MESSAGES => array(array(Zend_Validate_EmailAddress::INVALID_FORMAT => "邮件格式不正确,请重新输入。"))), 'comment' => array());
// 实例化过滤器并进行过滤验证
$data = $_POST;
$filterPost = new Zend_Filter_Input($filters, $validators, $data);
if ($filterPost->hasInvalid() || $filterPost->hasMissing()) {
$messages = $filterPost->getMessages();
foreach ($messages as $message) {
foreach ($message as $value) {
echo $value . "<br />";
}
}
}
// 将经过验证的数据写入数据库
$modelComment = new Comment();
$newComment = $modelComment->createComment($pid = $id, $filterPost->name, $filterPost->email, $filterPost->comment);
if ($newComment) {
$this->_redirect('/blog/view/id/' . $id);
} else {
echo "评论提交出错!";
}
} else {
echo "验证码错误,请刷新后重新输入。";
}
}
// 生成验证码
$this->captcha_session = new Zend_Session_Namespace('captcha');
//在默认构造函数里实例化
$captcha = new Zend_Captcha_Image(array('font' => 'images/SIMYOU.TTF', 'session' => $this->captcha_session, 'fontsize' => 15, 'imgdir' => 'images/code/', 'width' => 120, 'height' => 30, 'gcFreq' => 3, 'dotNoiseLevel' => 5, 'lineNoiseLevel' => 1, 'wordlen' => 4));
$captcha->generate();
// 生成图片
// 界面方式
$this->view->img_dir = $captcha->getImgDir();
$this->view->captcha_id = $captcha->getId();
//图片文件名,md5编码
$this->view->captcha_code = $captcha->getWord();
$this->view->id = $id;
} else {
echo "该博客文章不存在!";
}
}
//show all users
printf("Show all users:\n");
$users = DocumentsManager::showUsers();
while ($row = $users->fetch_assoc()) {
printf("%s\n", $row['username']);
}
////////////////////////////
//Comment UNIT TESTS
////////////////////////////
printf("/////////////////////////////////\n");
printf("STARTING Comment UNIT TESTS\n");
printf("/////////////////////////////////\n");
//construct empty comment
$comment = new Comment();
//add comment
$comment->createComment(1083097730, "kmassey", "I love this studyguide.");
//delete comment
$comment->deleteComment();
//fetch existing comment
$comment2 = new Comment(255494673);
//fetch body of existing comment
$comment_body = $comment2->getCommentBody();
printf("Fetched Comment: %s\n", $comment_body);
//block comment
printf("Blocking comment %d\n", 255494673);
$comment2->block();
$isBlocked = $comment2->isBlocked();
$bool_str = $isBlocked ? "true" : "false";
printf("Comment %d is blocked: %s\n", 255494673, $bool_str);
//unblock comment
printf("Unblocking comment %d\n", 255494673);
<?php
require_once "header.php";
if ($_SERVER["REQUEST_METHOD"] === 'POST') {
$newComment = new Comment();
$newComment->createComment($conn, $_SESSION["user_id"], $_GET["tweet_id"], $_POST["comment"]);
header("Location: http://localhost/ProjectTwitter/index.php");
}
?>
<hr>
<form method="post" action="#" style="padding: 20px">
<textarea name="comment" placeholder="Enter comment here"></textarea><br>
<label></label><br>
<input type="submit" value="Comment">
</form>
<hr>
require_once "functions/function.inputSanitizer.inc.php";
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['tweetText'])) {
$tweet = new Tweet($conn);
if (strlen($_POST['tweetText']) > 140) {
echo "Twój tweet jest za długi";
} else {
if (!$tweet->createTweet($user->getId(), sanitizeMySQL($conn, $_POST['tweetText']))) {
echo "BŁĄD!";
}
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['commentText'])) {
if (strlen($_POST['commentText']) > 5) {
$comment = new Comment($conn);
$comment->createComment($user->getId(), sanitizeMySQL($conn, $_POST['tweetID']), sanitizeMySQL($conn, $_POST['commentText']));
} else {
echo "Twój komentarz jest za krótki";
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['tweetDelete'])) {
$tweet = new Tweet($conn);
$tweet->loadFromDB(sanitizeMySQL($conn, $_POST['tweetDelete']));
$tweet->deleteTweet();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['commentDelete'])) {
$comment = new Comment($conn);
$comment->loadFromDB(sanitizeMySQL($conn, $_POST['commentDelete']));
$comment->deleteComment();
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['userLogout'])) {
define("OK", 31);
function errorDie($paramError, $paramErrorCode)
{
$arrayToJs = array();
$arrayToJs["response"] = $paramError;
$arrayToJs["response_code"] = $paramErrorCode;
die(json_encode($arrayToJs));
}
if (!isset($_POST['article']) || !is_numeric($_POST['article'])) {
errorDie("No article!", NO_ARTICLE);
exit;
}
if (!isset($_POST['content'])) {
errorDie("Comment has no content!", NO_CONTENT);
exit;
}
if (strlen($_POST['content']) < 3) {
errorDie("Content is too short!", TOO_SHORT);
exit;
}
$user = getUser();
if ($user == null) {
errorDie("You need to be logged in in order to post comments.", NOT_LOGGED_IN);
exit;
}
$comment = Comment::createComment(Security::escape($_POST['article']), $user);
$comment->setContent(Security::escape($_POST['content']));
$succesArray = array();
$succesArray["response"] = "Comment posted!";
$succesArray["response_code"] = OK;
die(json_encode($succesArray));
require_once "src/connection.php";
session_start();
if (isset($_SESSION['user']) == false) {
header("location: login.php");
}
$myUser = $_SESSION['user'];
if ($_SERVER['REQUEST_METHOD'] == 'GET' || $_SERVER['REQUEST_METHOD'] == 'POST') {
if (isset($_GET['tweetId'])) {
$tweetIdToShow = $_GET['tweetId'];
$tweetToShow = Tweet::getTweetById($tweetIdToShow);
}
if ($tweetToShow == true) {
echo "Tweet: <b>{$tweetToShow->getText()}</b>";
echo "<p>{$tweetToShow->getCreationDate()}</p><br><br>";
} else {
echo "Taki tweet nie istnieje, spieprzaj dziadu.<br><br>";
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
Comment::createComment($myUser->getId(), $tweetToShow->getId(), $_POST['comment']);
}
}
echo "Ostatnie komentarze:<br>";
$allComments = Comment::loadAllComments($tweetIdToShow);
foreach ($allComments as $comment) {
$userIdToShow = $comment->getUserId();
$userToShow = User::getUserById($userIdToShow);
echo "<a href='show_user.php?userId={$userIdToShow}'>{$userToShow->getUserName()}:\n {$comment->getCommentText()}</a><br>";
echo "{$comment->getCommentDate()}<br><br>";
}
echo "\n <form action='show_tweet.php?tweetId={$tweetIdToShow}' method='POST'>\n <input type = 'text' name = 'comment' placeholder = 'Write comment''>\n <input type = 'submit' value = 'Post comment'>\n </form>\n <br><br>";
echo "\n <br><br>\n <a href = 'show_user.php?userId={$myUser->getId()}'>Powrót na swój profil</a>\n <br><br>\n <a href = 'main.php'>Powrot do glównej</a>\n <br><br>\n <a href = 'logout.php'>Wyloguj</a>";
<li><a href="show_user.php?userId=<?php
echo "{$myUser->getId()}";
?>
"><span class="glyphicon glyphicon-user"></span> My profile</a></li>
<li><a href="logout.php"><span class="glyphicon glyphicon-log-out"></span> Logout</a></li>
</ul>
</div>
</div>
</nav>
<?php
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($_POST['tweet'])) {
Tweet::createTweet($myUser->getId(), $_POST['tweet']);
}
if (isset($_POST['comment'])) {
Comment::createComment($myUser->getId(), $_POST['tweet_id'], $_POST['comment']);
}
}
?>
<div class="container">
<div class="jumbotron">
<h1>Tweeter</h1>
<p><?php
echo "Welcome {$myUser->getEmail()}";
?>
.</p>
<hr>
<h4>What's on your mind?</h4>
<form role='form' action="main.php" method="post">
<div class='form-group'>
<input class='form-control' id='inputdefault' type="text" name="tweet" placeholder="...">
} else {
/* header("HTTP/1.0 401 Unauthorized"); */
// If sent Javascript will do anything...
echo "Error: Unauthorized.";
}
}
if (is_writable($jsonDatabaseFile) && is_readable($jsonDatabaseFile)) {
if (!($handle = fopen($jsonDatabaseFile, 'a+'))) {
echo "Cannot open file ({$jsonDatabaseFile})";
exit;
}
$comments = new Comments();
$comments->allComments($jsonDatabaseFile);
if ($_GET['action'] == "save" && $_POST['id'] == "E73BF175-F920-447D-993D-CE4169F17BCD") {
$postedComment = new Comment();
$postedComment->createComment($_POST['commentatorName'], $_POST['commentatorEmail'], $_POST['commentatorText'], $_POST['commentatorWebsite'], $_SERVER['REMOTE_ADDR']);
if (!is_null($postedComment)) {
$comments->addComment($postedComment);
echo json_encode($postedComment);
} else {
echo "Error: Comment could not be saved.";
}
} else {
if ($_GET['action'] == "save" && $_POST['id'] != "E73BF175-F920-447D-993D-CE4169F17BCD") {
echo "Error: Unauthorized.";
}
}
if ($_GET['action'] == "remove") {
if ($_POST['adminUsername'] == $encryptedUsername && $_POST['adminPassword'] == $encryptedPassword) {
$postid = $_GET['id'];
if ($postid == "") {
