-
Notifications
You must be signed in to change notification settings - Fork 0
/
feedback.php
89 lines (68 loc) · 3.02 KB
/
feedback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
<?php
session_start();
header("Content-Type: text/html; charset=utf-8");
require_once "includes.php";
function feedback_check($arr, $values) {
foreach ($values as $val) {
if (!isset($arr[$val]) || empty($arr[$val])) {
return FALSE;
}
}
return TRUE;
}
$errorMessage = "";
$successMessage = "";
if (isset($_POST["feedbackForm"]) && !empty($_POST["feedbackForm"])) {
// check captcha
$captcha = array_shift($_POST["captcha"]);
if (isset($_SESSION["captcha"]) && $captcha == $_SESSION["captcha"]) {
if (feedback_check($_POST, array("nameInput", "opinionInput"))) {
$name = $_POST["nameInput"];
$opinion = $_POST["opinionInput"];
$likedLeaderboard = isset($_POST["likedLeaderboard"]) ? 1 : 0;
$learnedSomething = isset($_POST["learnedSomething"]) ? 1 : 0;
$extraEscapingFunctions = array("trim", "htmlspecialchars");
$name = substr($name, 0, 255);
$name = $database->escape($name, $xtraEscapingFunctions);
$opinion = substr($opinion, 0, 3000);
$opinion = $database->escape($opinion, $extraEscapingFunctions);
$timeStamp = time();
$sql = "INSERT INTO feedback(name, opinion, likedLeaderboard, learnedSomething, timestamp) VALUES('%s', '%s', %d, %d, %d)";
$sql = sprintf($sql, $name, $opinion, $likedLeaderboard, $learnedSomething, $timeStamp);
$database->query($sql);
$successMessage = "Благодаря ти $name. Мнението ти се съхранява на топло и сигурно място.";
} else {
$errorMessage = "Нещо не е въведено :)";
}
} else {
$errorMessage = "Картинката не съвпадата :(";
}
}
$smarty = new Smarty();
$fs = FolderStructure::getInstance();
$captcha = new VisualCaptcha();
$feedbackPage = "feedbackPage.tpl";
$imagesFolder = $fs->getImagesFolder();
$captcha->setImagesFolder($imagesFolder . DIRECTORY_SEPARATOR . "captcha");
$captcha->setCorrectImageNames(array("ivaylo.png", "rado.jpg", "emo.jpg", "nikolay.jpg", "joro.jpg"));
// generate 4 random images where one is correct
$files = $captcha->generate(4);
unset($_SESSION["captcha"]);
$radioButtonValues = array();
$seedForRandomToken = "abcdefghijklmnopqrstuvw0123456789";
$correct = $captcha->getLastCorrect();
foreach ($files as $image) {
$token = new Token($seedForRandomToken, 10/* 10 chars long */);
$randomValue = md5($token->getString());
if ($image === $correct) {
$_SESSION["captcha"] = $randomValue;
}
$radioButtonValues[$randomValue] = $captcha->getImagesFolder() . DIRECTORY_SEPARATOR . $image;
}
$smarty->setTemplateDir($fs->getTemplatesFolder());
$smarty->assign("imagesFolder", $imagesFolder);
$smarty->assign("cssFolder", $fs->getCSSFolder());
$smarty->assign("captchaImages", $radioButtonValues);
$smarty->assign("errorMessage", $errorMessage);
$smarty->assign("successMessage", $successMessage);
$smarty->display($feedbackPage);