summary refs log tree commit diff stats
path: root/pages/post.php
diff options
context:
space:
mode:
Diffstat (limited to 'pages/post.php')
-rwxr-xr-xpages/post.php103
1 files changed, 59 insertions, 44 deletions
diff --git a/pages/post.php b/pages/post.php index 87413e8..121435a 100755 --- a/pages/post.php +++ b/pages/post.php
@@ -22,74 +22,79 @@ if (!defined('S_INCLUDE_FILE')) {define('S_INCLUDE_FILE',1);}
22 22
23require('headerproc.php'); 23require('headerproc.php');
24 24
25$pageCategory = 'home';
26$pageAID = 'archive';
27
28include('includes/recaptchalib.php'); 25include('includes/recaptchalib.php');
29$privatekey = "6LfgvgEAAAAAAD0_UVLp57MU7tqcypsbZPS9qTnr"; 26$privatekey = "6LfgvgEAAAAAAD0_UVLp57MU7tqcypsbZPS9qTnr";
30 27
31$template = new FITemplate('msg'); 28if (!isset($_POST['id']))
32$template->add('BACK','the previous page');
33
34if (!isset($_GET['id']))
35{ 29{
36 $template->add('MSG','I\'m sorry, but there\'s no page-id set here, so sadly you can\'t comment yet. Why not contact the administratior (link on the HatBar) and tell her that you saw this error?'); 30 generateError('404');
37} else { 31} else {
38 if ($_POST['comment'] == "") 32 if ($_POST['comment'] == "")
39 { 33 {
40 $template->add('MSG','I\'m sorry, but you didn\'t enter a comment!'); 34 die('I\'m sorry, but you didn\'t enter a comment!');
41 } else { 35 } else {
42 if (!isLoggedIn()) 36 if (!isLoggedIn())
43 { 37 {
44 $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); 38 if ($_POST['username'] == "")
45 if (!$resp->is_valid)
46 { 39 {
47 $template->add('MSG',"The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")"); 40 die('You forgot to enter a username.');
48 } else { 41 } else {
49 if (preg_match('/^[A-Za-z0-9!#$&\'*+-\/=?^_`{|}~]+@[-A-Za-z0-9]+(\.[-A-Za-z0-9]+)+[A-Za-z]$/', $_POST['email'])) 42 if (preg_match('/^[A-Za-z0-9!#$&\'*+-\/=?^_`{|}~]+@[-A-Za-z0-9]+(\.[-A-Za-z0-9]+)+[A-Za-z]$/', $_POST['email']))
50 { 43 {
51 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\""; 44 $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
52 $getanon2 = mysql_query($getanon); 45 if (!$resp->is_valid)
53 $getanon3 = mysql_fetch_array($getanon2);
54
55 if ($getanon3['username'] == $_POST['username'])
56 { 46 {
57 if ($getanon3['email'] == $_POST['email']) 47 die('The reCAPTCHA wasn\'t entered correctly. Go back and try it again.');
58 { 48 } else {
59 $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; 49 $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\"";
60 $setcomment2 = mysql_query($setcomment); 50 $getanon2 = mysql_query($getanon);
51 $getanon3 = mysql_fetch_array($getanon2);
61 52
62 $page_id = $_GET['id']; 53 if ($getanon3['username'] == $_POST['username'])
63 $comType = substr($page_id,0,strpos($page_id,'-')); 54 {
64 $comID = substr($page_id,strpos($page_id,'-')+1); 55 if ($getanon3['email'] == $_POST['email'])
65 if ($comType == 'updates')
66 { 56 {
67 recalcPop($comID); 57 $setcomment = "INSERT INTO comments SET page_id = \"" . $_POST['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1";
58 $setcomment2 = mysql_query($setcomment);
59 $cid = mysql_insert_id();
60
61 $page_id = $_POST['id'];
62 $comType = substr($page_id,0,strpos($page_id,'-'));
63 $comID = substr($page_id,strpos($page_id,'-')+1);
64 if ($comType == 'updates')
65 {
66 recalcPop($comID);
67 }
68
69 $template = new FITemplate('new-comment');
70 $template->add('ID', $cid);
71 $template->add('CODEDEMAIL', md5(strtolower($getanon3['email'])));
72 $template->add('TEXT', stripslashes($_POST['comment']));
73 $template->add('USERNAME', $getanon3['username']);
74 $template->add('DATE', date("F jS Y \a\\t g:i:s a"));
75 $template->display();
76
77 exit;
78 } else {
79 die('I\'m sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here.');
68 } 80 }
69
70 $template->add('MSG',"Thank you, " . $getanon3['username'] . ", for posting your valuable comment!");
71 } else { 81 } else {
72 $template->add('MSG',"I'm sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here."); 82 $setcomment = "INSERT INTO moderation SET page_id = \"" . $_POST['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\"";
73 } 83 $setcomment2 = mysql_query($setcomment);
74 } else {
75 $setcomment = "INSERT INTO moderation SET page_id = \"" . $_GET['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\"";
76 $setcomment2 = mysql_query($setcomment);
77
78 mail('hatkirby@fourisland.com', 'New comment to moderate on Four Island', 'Some one has anonymously left a comment on Four Island and it will require moderation.');
79 84
80 $template->add('MSG',"Thank you for posting your valuable comment!<P>However, as you aren't logged in, your comment will have to be verified by a moderator before it appears. Sorry!"); 85 die('Thank you for posting your valuable comment!<br />However, as you aren\'t logged in, your comment will have to be verified by a moderator before it appears. Sorry!');
86 }
81 } 87 }
82 } else { 88 } else {
83 $template->add('MSG',"I'm sorry, but you've entered an invalid email address."); 89 die('I\'m sorry, but you\'ve entered an invalid email address.');
84 } 90 }
85 } 91 }
86 } else { 92 } else {
87 $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; 93 $setcomment = "INSERT INTO comments SET page_id = \"" . $_POST['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0";
88 $setcomment2 = mysql_query($setcomment); 94 $setcomment2 = mysql_query($setcomment);
95 $cid = mysql_insert_id();
89 96
90 mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); 97 $page_id = $_POST['id'];
91
92 $page_id = $_GET['id'];
93 $comType = substr($page_id,0,strpos($page_id,'-')); 98 $comType = substr($page_id,0,strpos($page_id,'-'));
94 $comID = substr($page_id,strpos($page_id,'-')+1); 99 $comID = substr($page_id,strpos($page_id,'-')+1);
95 if ($comType == 'updates') 100 if ($comType == 'updates')
@@ -97,11 +102,21 @@ if (!isset($_GET['id']))
97 recalcPop($comID); 102 recalcPop($comID);
98 } 103 }
99 104
100 $template->add('MSG',"Thank you, " . getSessionUsername() . ", for posting your valuable comment!"); 105 $getuser = "SELECT * FROM phpbb_users WHERE user_id = " . getSessionUserID();
106 $getuser2 = mysql_query($getuser);
107 $getuser3 = mysql_fetch_array($getuser2);
108
109 $template = new FITemplate('new-comment');
110 $template->add('ID', $cid);
111 $template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email'])));
112 $template->add('TEXT', stripslashes($_POST['comment']));
113 $template->add('USERNAME', getSessionUsername());
114 $template->add('DATE', date("F jS Y \a\\t g:i:s a"));
115 $template->display();
116
117 exit;
101 } 118 }
102 } 119 }
103} 120}
104 121
105$template->display();
106
107?> 122?>