saint/discourse-legacysite-perl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fifth pass at adding key files

Browse Source
This commit is contained in:
dsainty
2024-06-17 22:42:14 +10:00
parent 67ccdbcc34
commit 9797a6824a
535 changed files with 95045 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
site/fitters/comments_add_X.php Normal file
View File

@ -0,0 +1,33 @@
<?PHP
// do I need to do additional security checks to make sure the script is being called appropriately?
include("config.php");
if (!$_POST){ header('Location: '.$site_url); }
// error checking
if (isset($_POST[Review_Subject]) && isset($_POST[Review_Contents])) {
if ($_SERVER['HTTP_X_FORWARD_FOR']) {
$ip = $_SERVER['HTTP_X_FORWARD_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$tsNow = time();
$fitter_id = $_POST[fitter_id];
$editor_id = $_POST[editor_id];
$subject = mysql_escape_string(trim($_POST[Review_Subject]));
$message = mysql_escape_string(nl2br(htmlspecialchars(substr(trim($_POST[Review_Contents]), 0, 4096))));
// build the SQL query to delete the edits that are bad
$sql = "INSERT INTO ".$prefix."FittersComment (fitter_id_fk, comment_time, user_id_fk, comment_subject, comment_message, comment_ip, comment_valid) VALUES ($fitter_id, '$tsNow', '$editor_id', '$subject', '$message', '$ip', 0)";
//echo $sql;
mysql_query($sql) or die(mysql_error());
}
header('Location: '.$site_url.'/individual.php?fitter_id='.$fitter_id.'&review_add=ok');
exit();
?>