summaryrefslogblamecommitdiff
path: root/lib/blog/comment.php
blob: 4bda912751c8a63af35aae8483f86c05c23d6b5b (plain) (tree) 
a535a9e






































1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38






































                                                                                                                                
<?php

require("lib/markdown.php");

assert_redir(count($args) == 3, 'blog');
$postid = intval($args[2]);

$post = mysql_fetch_assoc(sql(
	"SELECT blog_posts.id AS id, blog_posts.title AS title,
		blog_posts.draft AS draft ".
	"FROM blog_posts LEFT JOIN blog_tags ON blog_tags.post = blog_posts.id ".
	"WHERE blog_posts.id = $postid"
));

assert_error($post && $post['draft'] == 0,
	"This post does not exist.");

$comment = "";
if (isset($_POST['comment'])) {
	$comment = esca($_POST['comment']);
	$comment_html = Markdown($comment);

	if (trim($comment) == "") {
		$error = "You cannot enter an empty comment.";
	} else {
		sql("INSERT INTO blog_comments(owner, post, text, text_html, date) ".
			"VALUES(" . $user['id'] . ", $postid, '" . escs($comment) . "', '" . escs($comment_html) . "', NOW())");
		header("Location: view-blog-$postid");
		die();
	}
}

$title = "Comment '" . $post['title'] . "'";
$fields = array(
	array("label" => "Comment : ", "name" => "comment", "type" => "textarea", "value" => $comment),
	);
$validate = "Comment";
require("tpl/general/form.php");
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-21 17:29:50 +0000