-
Notifications
You must be signed in to change notification settings - Fork 0
/
post_comment.php
48 lines (48 loc) · 1.09 KB
/
post_comment.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
<?php
session_start();
$content='<section><h1>Comment on the blog</h1>';
//get the blog id
$tid = (int)$_POST['id'];
//get the information from the form
if (!empty($_POST['comment']) && !empty($_POST['name']))
{
$name = stripslashes($_POST['name']);
$name = htmlentities($name);
$comment = stripslashes($_POST['comment']);
$comment = htmlentities($comment);
//connect to the database
if ($conn)
{
// put the information in the database
$sql = "INSERT INTO blogre (tid, name, comment, post_time)
VALUES ('$tid','$name','$comment',NOW())";
$res = $conn->query($sql);
if($res)
{
//if all is ok redirect
header('Location: blog-s.php?id='.$tid);
}
else
{
//something went wrong
$content.= '<p>Your post was not added</p>';
}
}
else
{
$content.= '<p>Cannot connect to the database</p>';
}
}
else
{
$content.='<p>You need to fill all the fields in. In order tho post a comment on the blog.</p>';
}
$content.='</section>';
//show the page
$file='./head.php';
if(file_exists($file)) { include($file); }
//show all the information
echo $content;
$file='./foot.php';
if(file_exists($file)) { include($file); }
?>