-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy paththread.php
More file actions
102 lines (92 loc) · 4.08 KB
/
Copy paththread.php
File metadata and controls
102 lines (92 loc) · 4.08 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
<!DOCTYPE html>
<html lang="ja">
<head>
<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="robots" content="noindex">
<title>Rubyの掲示板</title>
<link rel="icon" href="src/cat.png">
<link rel="apple-touch-icon" href="src/cat.png">
<link rel="stylesheet" href="style.css">
<?php
$dbuser = 'XXX';
$dbpass = 'XXXX';
$server = 'XXXXX';
$db = 'XXXXX';
$dsn = "mysql:host=$server;dbname=$db;";
$sql = 'SELECT * FROM response;';
$url = urldecode($_SERVER['QUERY_STRING']);
$url_q = explode("?", $url);
$param = str_replace("param=", "", $url_q[0]);
$thre_name = str_replace("name=", "", $url_q[1]);
?>
</head>
<body>
<header>
<h1 onclick="js_title()">Rubyの掲示板</h1>
<img src="src/cat.png" alt="黒猫" height="100px" id="cat" onclick="meow_play()">
</header>
<div id="space"></div>
<main>
<div>
<script type="text/javascript" src="https://cache1.value-domain.com/xa.j?site=rubyzung2046.s223.xrea.com"></script>
<h2>
<?php echo $thre_name ?>
</h2>
<div id="thread">
</div>
<?php
try {
$dbh = new PDO($dsn, $dbuser, $dbpass); //インスタンスの生成
$sth = $dbh->query($sql); //SQLの実行
$result = $sth->fetchAll(PDO::FETCH_ASSOC); //SQLの実行結果を格納
//投稿機能の処理
if ($_SERVER['REQUEST_METHOD'] === 'POST') { //リクエストがあるときのみ実行
$insertSql = "INSERT INTO response (id,writing,date,menber,thread_id) VALUES (null, :value2, :value3,0,$param)";
$params = array(
':value2' => str_replace("<style>", "style", str_replace("<?php", "php", str_replace("<script>", "script", filter_input(INPUT_POST, 'massage')))),
//②入力内容送信
':value3' => date("Y-m-d H:i:s")
);
$insertStmt = $dbh->prepare($insertSql); // SQLの実行
$insertStmt->execute($params);
$selectSql = "SELECT id, writing, date, thread_id FROM response"; //追加データ取得のSQL
$selectStmt = $dbh->query($selectSql); // SQLの実行
$result = $selectStmt->fetchAll(PDO::FETCH_ASSOC);
header('Location:' . $_SERVER['PHP_SELF'] . "?" . $url); //リダイレクトすることでリクエストフラグを折る
}
$dbh = null; //接続を閉じる(省略可)
//URL置換
function replaceURL($text){
$pattern = '/((https?:\/\/)[^\s]+)/i';
$replacement = '<a href="$1" class="URL">$1</a>';
$text = preg_replace($pattern, $replacement, $text);
return $text;
}
//メッセージの表示処理
$res_i = 1;
foreach ($result as $row) {
$res_id = $row['id'];
$res_writing = $row['writing'];
$res_date = $row['date'];
$res_thre = $row['thread_id'];
if ($res_thre == $param) {
echo $res_i . ' 名無し(' . $res_date . ')<br>' . '<p class="pre">' . replaceURL($res_writing) . '</p>'; //③受信内容表示
$res_i++;
}
}
} catch (PDOException $e) { //エラー処理
exit('データベース接続失敗: ' . $e->getMessage());
}
?>
</div>
<div>
<form method="post" action=""> <!--①入力フォーム-->
<textarea name="massage" id="res" cols="50" rows="10"></textarea>
<input type="submit" name="submit" value="送信">
</form>
</div>
</main>
</body>
<script src="script.js"></script>
</html>