Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- function setComments($conn) {
- if (isset($_POST['commentSubmit'])) {
- $uid = $_POST['uid'];
- $date = $_POST['date'];
- $message = $_POST['message'];
- $message = preg_replace (
- "/(?<!a href=")(?<!src=")((http|ftp)+(s)?://[^<>s]+)/i",
- "<a href="\0" target="blank">\0</a>",
- $message
- );
- $sql = "INSERT INTO comments (uid, date, message) VALUES ('".mysqli_real_escape_string($conn,$uid)."','".mysqli_real_escape_string($conn,$date)."','".mysqli_real_escape_string($conn,$message)."')";
- $result = $conn->query($sql);
- }
- }
- function getComments($conn) {
- $sql = "SELECT * FROM comments";
- $result = $conn->query($sql);
- while($row = $result->fetch_assoc()) {
- $id = $row['uid'];
- $sql2 = "SELECT * FROM users WHERE id='$id'";
- $result2 = $conn->query($sql2);
- if ($row2 = $result2->fetch_assoc()) {
- echo "<div class='comment-box'><p>";
- echo $row2['first_name']."<br>";
- echo $row['date']."<br>";
- echo nl2br($row['message']);
- echo "</p>";
- echo '<input type="button" onclick="displaycount()" value="Click Me"/> <p id="carrier"> 0 </p>
- ';
- if (isset($_SESSION['id'])) {
- if ($_SESSION['id'] == $row2['id']) {
- echo "<form class='delete-form' method='POST' action='".deleteComments($conn)."'>
- <input type='hidden' name='cid' value='".$row['cid']."'>
- <button type='submit' name='commentDelete'>Delete</button>
- </form>";
- } else {
- echo "<form class='edit-form' method='POST' action='replycomment.php'>
- <input type='hidden' name='cid' value='".$row['cid']."'>
- <input type='hidden' name='uid' value='".$row['uid']."'>
- <input type='hidden' name='date' value='".$row['date']."'>
- <input type='hidden' name='reply' value='".$row['reply']."'>
- <button>Reply</button>
- </form>";
- }
- } else {
- echo "<p class='commentmessage'>You need to be logged in to reply</p>";
- }
- echo "</div>";
- }
- }
- }
- function replyComments($conn) {
- if (isset($_POST['replySubmit'])) {
- $cid = $_POST['cid'];
- $uid = $_POST['uid'];
- $date = $_POST['date'];
- $reply = $_POST['reply'];
- $first_name = $_POST['first_name'];
- $reply = preg_replace (
- "/(?<!a href=")(?<!src=")((http|ftp)+(s)?://[^<>s]+)/i",
- "<a href="\0" target="blank">\0</a>",
- $reply
- );
- $sql = "INSERT INTO replies (uid, first_name, date, reply) VALUES ('".mysqli_real_escape_string($conn,$uid)."','".mysqli_real_escape_string($conn,$first_name)."','".mysqli_real_escape_string($conn,$date)."','".mysqli_real_escape_string($conn,$reply)."')";
- $result = $conn->query($sql);
- header("Location: index1.php");
- }
- }
- function deleteComments($conn) {
- if (isset($_POST['commentDelete'])) {
- $cid = $_POST['cid'];
- $sql = "DELETE FROM comments WHERE cid='".mysqli_real_escape_string($conn,$cid)."'";
- $result = $conn->query($sql);
- header("Location: index1.php");
- }
- }
- function getLogin($conn) {
- if (isset($_POST['loginSubmit'])) {
- $email = $_POST['email'];
- $password = md5($_POST['password']);
- $sql = "SELECT * FROM users WHERE email='$email' AND password='$password'";
- $result = $conn->query($sql);
- if (mysqli_num_rows($result) > 0) {
- if($row = $result->fetch_assoc()) {
- $_SESSION['id'] = $row['id'];
- header("Location: index1.php?loginsuccess");
- exit();
- }
- } else {
- header("Location: index.php?loginfailed");
- exit();
- }
- }
- }
- ?>
- <!doctype html>
- <html>
- <head>
- <script>
- var count = (function () {
- var counter = 0;
- return function () {return counter +=1;}
- })();
- function displaycount() {
- document.getElementById("carrier").innerHTML = count();
- }
- </script>
- </head>
- <body>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement