2022-03-08 12:18:31 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
use GraphQL\Type\Definition\Type;
|
|
|
|
use GraphQL\Type\Definition\ObjectType;
|
2022-03-08 15:10:52 +01:00
|
|
|
use GuzzleHttp\Client;
|
2022-03-08 12:18:31 +01:00
|
|
|
|
|
|
|
include "lib/getGravatar.php";
|
|
|
|
$commentField = new ObjectType([
|
|
|
|
"name" => "Comment",
|
|
|
|
"fields" => [
|
|
|
|
"name" => Type::string(),
|
|
|
|
"comment" => Type::string(),
|
|
|
|
"gravatarURL" => Type::string(),
|
|
|
|
"id" => Type::int()
|
|
|
|
],
|
|
|
|
]);
|
|
|
|
|
2022-03-14 15:38:13 +01:00
|
|
|
function comments($article, $conn)
|
|
|
|
{
|
2022-03-08 12:18:31 +01:00
|
|
|
$response = [];
|
2022-03-16 10:18:46 +01:00
|
|
|
$article = $conn->real_escape_string($article);
|
2022-03-08 12:18:31 +01:00
|
|
|
$result = $conn->query("SELECT * FROM comments WHERE article='$article'");
|
|
|
|
while ($row = $result->fetch_assoc()) {
|
|
|
|
$commentElement = [
|
|
|
|
"name" => $row["name"],
|
|
|
|
"comment" => $row["comment"],
|
|
|
|
"gravatarURL" => get_gravatar($row["email"]),
|
|
|
|
"id" => $row["id"]
|
|
|
|
];
|
|
|
|
|
|
|
|
array_push($response, $commentElement);
|
|
|
|
}
|
|
|
|
return $response;
|
2022-03-08 15:10:52 +01:00
|
|
|
}
|
|
|
|
|
2022-03-14 15:38:13 +01:00
|
|
|
function newComment($conn, $article, $name, $email, $comment, $hCaptchaResponse)
|
|
|
|
{
|
2022-03-08 15:10:52 +01:00
|
|
|
require "./lib/config.php";
|
|
|
|
$data = array(
|
|
|
|
'secret' => $secretkey,
|
|
|
|
'response' => $hCaptchaResponse
|
|
|
|
);
|
|
|
|
$client = new Client();
|
2022-03-14 15:38:13 +01:00
|
|
|
|
2022-03-08 15:10:52 +01:00
|
|
|
$response = $client->post("https://hcaptcha.com/siteverify", [
|
|
|
|
"form_params" => $data
|
|
|
|
]);
|
2022-03-14 15:38:13 +01:00
|
|
|
|
2022-03-08 15:10:52 +01:00
|
|
|
$responseData = json_decode($response->getBody());
|
2022-03-14 15:38:13 +01:00
|
|
|
if (!$responseData->success) {
|
2022-03-08 15:10:52 +01:00
|
|
|
return "Failed to verify Captcha";
|
|
|
|
}
|
|
|
|
|
2022-03-14 15:38:13 +01:00
|
|
|
$article = $conn->escape_string($article);
|
|
|
|
$name = $conn->escape_string($name);
|
|
|
|
$email = $conn->escape_string($email);
|
|
|
|
$comment = $conn->escape_string($comment);
|
|
|
|
|
|
|
|
$sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
|
|
|
|
|
|
|
|
if ($conn->query($sql) === TRUE) {
|
|
|
|
return "OK";
|
|
|
|
} else {
|
|
|
|
return "Error: " . $sql . "<br>" . $conn->error;
|
|
|
|
}
|
|
|
|
}
|