jonasled2/website
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

reformat file and fix new comment function

Browse source
This commit is contained in:
Jonas Leder 2022-03-14 15:38:13 +01:00
parent fa7109260e
commit b818a962d5
No known key found for this signature in database
GPG key ID: 8A53DD45A7D7B44B
1 changed files with 21 additions and 21 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

42
public/API/queries/comments.php
View file

@ -15,7 +15,8 @@ $commentField = new ObjectType([
], ],
]); ]);
function comments($article, $conn) { function comments($article, $conn)
{
$response = []; $response = [];
$result = $conn->query("SELECT * FROM comments WHERE article='$article'"); $result = $conn->query("SELECT * FROM comments WHERE article='$article'");
while ($row = $result->fetch_assoc()) { while ($row = $result->fetch_assoc()) {
@ -29,37 +30,36 @@ function comments($article, $conn) {
array_push($response, $commentElement); array_push($response, $commentElement);
} }
return $response; return $response;
} }
function newComment($conn, $article, $name, $email, $comment, $hCaptchaResponse) { function newComment($conn, $article, $name, $email, $comment, $hCaptchaResponse)
{
require "./lib/config.php"; require "./lib/config.php";
$data = array( $data = array(
'secret' => $secretkey, 'secret' => $secretkey,
'response' => $hCaptchaResponse 'response' => $hCaptchaResponse
); );
$client = new Client(); $client = new Client();
$response = $client->post("https://hcaptcha.com/siteverify", [ $response = $client->post("https://hcaptcha.com/siteverify", [
"form_params" => $data "form_params" => $data
]); ]);
$responseData = json_decode($response->getBody());
if(! $responseData->success) {
return "Failed to verify Captcha";
$article = $conn->escape_string($article); $responseData = json_decode($response->getBody());
$name = $conn->escape_string($name); if (!$responseData->success) {
$email = $conn->escape_string($email); return "Failed to verify Captcha";
$comment = $conn->escape_string($comment);
$sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
if ($conn->query($sql) === TRUE) {
return "OK";
} else {
return "Error: " . $sql . "<br>" . $conn->error;
}
} }
} $article = $conn->escape_string($article);
$name = $conn->escape_string($name);
$email = $conn->escape_string($email);
$comment = $conn->escape_string($comment);
$sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
if ($conn->query($sql) === TRUE) {
return "OK";
} else {
return "Error: " . $sql . "<br>" . $conn->error;
}
}