| Server IP : 43.241.58.20 / Your IP : 216.73.216.25 Web Server : Apache/2 System : Linux ns1-1556229.dragonhispeed.com 3.16.0 #1 SMP Fri Mar 29 22:50:14 MSK 2024 x86_64 User : ratsitne ( 1130) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF Directory : /home/ratsitne/public_html/request/ |
Upload File : |
<?php
require 'inc/mysqli.inc.php';
if ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (!isset($_POST['topic_id'], $_POST['description'], $_POST['name'])) {
header('Location: index.php');
exit;
}
$DATA = $_POST;
$TOPIC_ID = (int)$DATA['topic_id'];
foreach ($DATA as $key => $value) {
$DATA[$key] = trim($value);
}
$result = $mysqli->query(
"
SELECT `id`
FROM `re_topic`
WHERE `id` = {$TOPIC_ID}
LIMIT 1
"
);
if (!$result->fetch_row()) {
header('Location: index.php');
exit;
}
if ($DATA['description'] === '') {
$FORM_ERRORS['description'] = "กรุณาระบุ 'ข้อความ'";
} elseif (mb_strlen($DATA['description'], 'UTF-8') > 65535) {
$FORM_ERRORS['description'] = "'ข้อความ' ต้องมีความยาวไม่เกิน 65535 ตัวอักษร";
}
if ($DATA['name'] === '') {
$FORM_ERRORS['name'] = "กรุณาระบุ 'ชื่อ'";
} elseif (mb_strlen($DATA['name'], 'UTF-8') > 64) {
$FORM_ERRORS['name'] = "'ชื่อ' ต้องมีความยาวไม่เกิน 64 ตัวอักษร";
}
if (!isset($FORM_ERRORS)) {
$mysqli->query(
"
INSERT INTO `re_comment`
(
`topic_id`,
`description`,
`name`,
`ip`
)
VALUES
(
{$TOPIC_ID},
'{$mysqli->escape_string($DATA['description'])}',
'{$mysqli->escape_string($DATA['name'])}',
'{$_SERVER['REMOTE_ADDR']}'
)
"
);
$comment_id = $mysqli->insert_id;
$mysqli->query(
"
UPDATE `re_topic`
SET
`last_commented` = NOW(),
`num_comments` = `num_comments` + 1,
`last_commented_name` = '{$mysqli->escape_string($DATA['name'])}'
WHERE `id` = {$TOPIC_ID}
"
);
header("Location: view.php?topic_id={$TOPIC_ID}#comment-{$comment_id}");
exit;
}
} else {
$TOPIC_ID = empty($_GET['topic_id'])
? 0
: (int)$_GET['topic_id'];
$DATA = array(
'description' => '',
'name' => '',
);
}
$result = $mysqli->query(
"
SELECT
`id`,
`created`,
`title`,
`description`,
`name`,
`ip`,
`num_comments`,
`num_views`
FROM `re_topic`
WHERE `id` = {$TOPIC_ID}
LIMIT 1
"
);
$topic = $result->fetch_assoc();
if (!isset($topic)) {
$FATAL_ERROR = $TITLE = "ไม่มีกระทู้หมายเลข {$TOPIC_ID} อยู่ในฐานข้อมูล";
require 'inc/main.inc.php';
}
$ITEMS = array($topic);
$result->free();
$mysqli->query(
"
UPDATE `re_topic`
SET `num_views` = `num_views` + 1
WHERE `id` = {$TOPIC_ID}
LIMIT 1
"
);
if ($topic['num_comments']) {
$PAGE = empty($_GET['page'])
? 1
: (int)$_GET['page'];
$ITEMS_PER_PAGE = 100;
$START_OFFSET = ($PAGE - 1) * $ITEMS_PER_PAGE;
$result = $mysqli->query("
SELECT
`id`,
`created`,
`description`,
`name`,
`ip`
FROM `re_comment`
WHERE `topic_id` = {$TOPIC_ID}
ORDER BY `created`
LIMIT {$START_OFFSET}, {$ITEMS_PER_PAGE}
");
while ($comment = $result->fetch_assoc()) {
$ITEMS[] = $comment;
}
$result->free();
$result = $mysqli->query(
"
SELECT COUNT(*)
FROM `re_comment`
WHERE `topic_id` = {$TOPIC_ID}
"
);
$FOUND_ROWS = current($result->fetch_row());
$result->free();
$NUM_PAGES = ceil($FOUND_ROWS / $ITEMS_PER_PAGE);
} else {
$NUM_PAGES = 0;
}
$TITLE = $topic['title'];
$PAGE_TEMPLATE = 'inc/view.inc.php';
require 'inc/main.inc.php';