-
Notifications
You must be signed in to change notification settings - Fork 3
/
savecomments.php
82 lines (57 loc) · 1.68 KB
/
savecomments.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
<?php<style>
h1{
color:#708F1E;
}
</style>
@session_start();
if(isset($_SESSION["userlogged"])){
if(isset($_POST['sendcomments'])){
unset($_SESSION["message"]);
@session_start();
$conn=new mysqli("localhost","root",null,"sahara");
if($conn->connect_error){
die("reeor in database connectivity");
}
$subject=htmlentities(mysqli_real_escape_string($conn,$_POST['idd']));
$message=htmlentities(mysqli_real_escape_string($conn,$_POST['message']));
$source=htmlentities(mysqli_real_escape_string($conn,$_POST['userr']));
$count=0;
//// 1:checking all fields are not empty
if(!empty($subject)&&!empty($message)&&!empty($source)){
$count++;
$count++;
if(strlen($message)<1000){
$count++;
}else{
echo '<center><h1>Message length must be less than 1000 characters</h1></center><br>';
}
///2;checking that all the above conditions are true
$count++;
///2 end
}
///3:after checking that all the fields are corretly filled
if($count==4){
$myquery = "INSERT INTO `comments` (`comment_id`, `post_id`, `comments`, `user_id`) VALUES (NULL, '$subject', '$message', '$source')";
if ($conn->query($myquery) === TRUE) {
$_SESSION["message"]="Comment Saved";
ob_start();
header("Location: postDisplay.php?post_id=".$subject);
} else {
echo "Error : " . $myquery . "<br>" . $conn->error;
$conn->close();
}//3 end
//1 end
}else{
$_SESSION["message"]="Please write a comments";
ob_start();
header("Location: postDisplay.php?post_id=".$subject);
}
}//isset sendmail end
//userlogged
}else{
ob_start();
@session_start();
$_SESSION["post_id"]=$_POST['idd'];
header("Location: login.inc.php");
}
?>