diff options
Diffstat (limited to 'status/post.php')
| -rw-r--r-- | status/post.php | 84 |
1 files changed, 0 insertions, 84 deletions
diff --git a/status/post.php b/status/post.php deleted file mode 100644 index 064d86f..0000000 --- a/status/post.php +++ /dev/null @@ -1,84 +0,0 @@ -<?php -include_once $_SERVER['DOCUMENT_ROOT'] . '/lib/time.php'; - -function str_safe(string $s, int|null $max_length, bool $remove_new_lines = true): string -{ - $output = $s; - - if ($remove_new_lines) { - $output = str_replace(PHP_EOL, "", $output); - } - - $output = htmlspecialchars($output); - $output = strip_tags($output); - - if ($max_length) { - $output = substr($output, 0, $max_length); - } - - $output = trim($output); - - return $output; -} - -$db = new PDO("sqlite:{$_SERVER['DOCUMENT_ROOT']}/database.db"); - -if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $title = str_safe($_POST['title'], 500, true) ?: null; - $contents = str_safe($_POST['contents'], null, false) ?: null; - - $db->prepare('INSERT INTO statuses(title, contents) VALUES (?, ?)') - ->execute([$title, $contents]); - - $id = $db->lastInsertId(); - - header("Location: /status/?id=$id"); - exit; -} - -if (isset($_GET['id']) && !empty(trim($_GET['id']))) { - $stmt = $db->prepare('SELECT * FROM statuses WHERE id = ?'); - $stmt->execute([$_GET['id']]); - - $status = $stmt->fetch(PDO::FETCH_ASSOC) ?: null; -} else { - $stmt = $db->query('SELECT id, title, posted_at FROM statuses ORDER BY posted_at DESC'); - $statuses = $stmt->fetchAll(PDO::FETCH_ASSOC); -} -?> -<!DOCTYPE html> -<html> - -<head> - <title>new status - ilt.su</title> - <meta name="description" content="my statuses."> - <meta http-equiv="Content-Type" content="text/html;charset=UTF-8"> - <link rel="stylesheet" href="/static/style.css"> - <link rel="shortcut icon" href="favicon.ico" type="image/x-icon"> - <meta name="robots" content="noindex, nofollow"> -</head> - -<body> - <main> - <p><a href="/">ilt.su</a> - <a href="/status/">statuses</a></p> - <h1>post a new status</h1> - <form action="/status/post.php" method="post"> - <table> - <tr> - <th>title:</th> - <td><input type="text" name="title" required></td> - </tr> - <tr> - <th>contents:</th> - <td><textarea name="contents" placeholder="Can be empty"></textarea></td> - </tr> - <tr> - <th></th> - <td><button type="submit">post</button></td> - </tr> - </table> - </form> - </main> -</body> - -</html>
\ No newline at end of file |