saint/discourse-legacysite-perl
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fifth pass at adding key files

Browse Source
This commit is contained in:
dsainty
2024-06-17 22:42:14 +10:00
parent 67ccdbcc34
commit 9797a6824a
535 changed files with 95045 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
site/racecalendar/comments_add_X.php Normal file
View File

@@ -0,0 +1,33 @@
<?PHP
// do I need to do additional security checks to make sure the script is being called appropriately?
if (!$_POST){ header('Location: https://slowtwitch.com/calendar/?error=no_post'); }
include("config.php");
// error checking
if (isset($_POST[Review_Subject]) && isset($_POST[Review_Contents])) {
if ($_SERVER['HTTP_X_FORWARD_FOR']) {
$ip = $_SERVER['HTTP_X_FORWARD_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
$tsNow = time();
$uid = $_POST[uid];
$editor_id = $_POST[editor_id];
$subject = mysql_escape_string(trim($_POST[Review_Subject]));
$message = mysql_escape_string(nl2br(htmlspecialchars(substr(trim($_POST[Review_Contents]), 0, 4096))));
// build the SQL query to delete the edits that are bad
$sql = "INSERT INTO gforum_TriathlonsComment (triathlon_id_fk, comment_time, user_id_fk, comment_subject, comment_message, comment_ip, comment_valid) VALUES ($uid, '$tsNow', '$editor_id', '$subject', '$message', '$ip', 0)";
//echo $sql;
mysql_query($sql) or die(mysql_error());
}
header('Location: https://slowtwitch.com/calendar/individual.php?uid='.$uid.'&review_add=ok');
exit();
?>