z9bhYadM

1<?php
2
3function setComments($conn)
4{
5    if (isset($_POST['commentSubmit']))
6    {
7        
8        $uid = $_POST['uid'];
9        $date = $_POST['date'];
10        $message = $_POST['message'];
11        $secretKey = "6LfnN3oUAAAAAOfW8etfkB-VizxMldeYtaX2Zt_1";
12        $responseKey = $_POST['g-recaptcha-response'];
13        $userIP = $_SERVER['REMOTE_ADDR'];
14
15        $url = "https://www.google.com/recaptcha/api/siteverify?secret=$secretKey&response=$responseKey&remoteip=$userIP";
16        $response = file_get_contents($url);
17        $captcha_success= json_decode($response);
18
19        $text = array('/\bass(es|holes?)?\b/i', '/\bshit(ting|ty|head)\b/i', '/\bfuck(ed|ing)?\b/i', '/\bcb?\b/i');
20        $newmessage = preg_replace($text, '***',  $message);
21
22        $message = $newmessage;
23
24        if ($captcha_success->success == false)
25        {
26            echo "Verification Failed! Try Again!";
27        }
28
29        else if ($captcha_success->success == true && strlen($message) > 2)
30        {        
31            $query = $conn -> prepare("INSERT INTO comments (uid, date, message) VALUES ('$uid', '$date', '$message')");
32            $query -> bind_param("ss", $uid, $date, $message);
33            $query -> execute();
34            $result = $query -> get_result();
35            header("Location: index.php");
36
37        }
38    
39        else
40        {
41            echo "Comment is too short! Please rewrite!";
42        } 
43    }           
44        
45}
46
47
48
49function getComments($conn)
50{
51    $query = $conn -> prepare("SELECT * FROM comments ORDER BY date DESC");
52    $query -> execute();
53    $result =  $query -> get_result();
54    while ($row = $result->fetch_assoc()) 
55    {   
56        echo "<div class='comment-box'><p>";
57        echo $row['uid']."<br>";
58        echo $row['date']."<br><br>";
59        echo $row['message']."<br><br>";
60        echo "</p>
61            <form method='POST' action='".deleteComments($conn)."'>
62                <input type='hidden' name='cid' value='".$row['cid']."'>
63                <button type='submit' name='commentDelete'>Delete</button>
64            </form>
65            <form method='POST' action='editcomment.php'>
66                <input type='hidden' name='cid' value='".$row['cid']."'>
67                <input type='hidden' name='uid' value='".$row['uid']."'>
68                <input type='hidden' name='date' value='".$row['date']."'>
69                <input type='hidden' name='message' value='".$row['message']."'>
70                <button>Edit</button>
71            </form>
72        </div>";
73
74    }
75
76}
77
78function editComments($conn)
79{
80    if (isset($_POST['commentSubmit']))
81    {
82        $cid = $_POST['cid'];
83        $uid = $_POST['uid'];
84        $date = date("Y-m-d H:i:s");
85        $message = $_POST['message'];    
86
87        $query = $conn -> prepare("UPDATE comments SET date='$date',message='$message' WHERE cid='$cid'");
88        $query -> execute();
89        $result =  $query -> get_result();
90        header("Location: index.php");
91    }
92
93}
94
95
96function deleteComments($conn)
97{
98    if (isset($_POST['commentDelete']))
99    {
100        $cid = $_POST['cid'];
101
102        $query = $conn -> prepare("DELETE FROM comments WHERE cid='$cid'");
103        $query -> execute();
104        $result =  $query -> get_result();
105
106        header("Location: index.php");
107    }
108
109}