From 24503e3abe705acde2df159aeae61be0d009f92e Mon Sep 17 00:00:00 2001 From: Starla Insigna Date: Wed, 19 Nov 2008 17:27:03 -0500 Subject: Imported sources --- pages/post.php | 107 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 pages/post.php (limited to 'pages/post.php') diff --git a/pages/post.php b/pages/post.php new file mode 100644 index 0000000..f7990bd --- /dev/null +++ b/pages/post.php @@ -0,0 +1,107 @@ +add('BACK','the previous page'); + +if (!isset($_GET['id'])) +{ + $template->add('MSG','I\'m sorry, but there\'s no page-id set here, so sadly you can\'t comment yet. Why not contact the administratior (link on the HatBar) and tell him that you saw this error?'); +} else { + if ($_POST['comment'] == "") + { + $template->add('MSG','I\'m sorry, but you didn\'t enter a comment!'); + } else { + if (!isLoggedIn()) + { + $resp = recaptcha_check_answer ($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); + if (!$resp->is_valid) + { + $template->add('MSG',"The reCAPTCHA wasn't entered correctly. Go back and try it again. (reCAPTCHA said: " . $resp->error . ")"); + } else { + if (preg_match('/^[A-Za-z0-9!#$&\'*+-\/=?^_`{|}~]+@[-A-Za-z0-9]+(\.[-A-Za-z0-9]+)+[A-Za-z]$/', $_POST['email'])) + { + $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $_POST['username'] . "\""; + $getanon2 = mysql_query($getanon); + $getanon3 = mysql_fetch_array($getanon2); + + if ($getanon3['username'] == $_POST['username']) + { + if ($getanon3['email'] == $_POST['email']) + { + $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . $_POST['username'] . "\", comment = \"" . $_POST['comment'] . "\""; + $setcomment2 = mysql_query($setcomment); + + $page_id = $_GET['id']; + $comType = substr($page_id,0,strpos($page_id,'-')); + $comID = substr($page_id,strpos($page_id,'-')+1); + if ($comType == 'updates') + { + recalcPop($comID); + } + + $template->add('MSG',"Thank you, " . $getanon3['username'] . ", for posting your valuable comment!"); + } else { + $template->add('MSG',"I'm sorry, but this anonymous username is already in use. If this is in fact you, please verify that you have entered the same email address that you entered the first time you commented here."); + } + } else { + $setcomment = "INSERT INTO moderation SET page_id = \"" . $_GET['id'] . "\", author = \"" . $_POST['username'] . "\", email = \"" . $_POST['email'] . "\", comment = \"" . $_POST['comment'] . "\", website = \"" . $_POST['website'] . "\""; + $setcomment2 = mysql_query($setcomment); + + mail('hatkirby@fourisland.com', 'New comment to moderate on Four Island', 'Some one has anonymously left a comment on Four Island and it will require moderation.'); + + $template->add('MSG',"Thank you for posting your valuable comment!

However, as you aren't logged in, your comment will have to be verified by a moderator before it appears. Sorry!"); + } + } else { + $template->add('MSG',"I'm sorry, but you've entered an invalid email address."); + } + } + } else { + $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . sess_get('uname') . "\", comment = \"" . $_POST['comment'] . "\""; + $setcomment2 = mysql_query($setcomment); + + mail('hatkirby@fourisland.com', 'New comment on Four Island!', sess_get('uname') . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); + + $page_id = $_GET['id']; + $comType = substr($page_id,0,strpos($page_id,'-')); + $comID = substr($page_id,strpos($page_id,'-')+1); + if ($comType == 'updates') + { + recalcPop($comID); + } + + $template->add('MSG',"Thank you, " . sess_get('uname') . ", for posting your valuable comment!"); + } + } +} + +$template->display(); + +?> -- cgit 1.4.1