2022-09-11 16:01:14 +00:00
|
|
|
<?php
|
|
|
|
|
2022-09-25 09:32:03 +00:00
|
|
|
header("Access-Control-Allow-Origin: *");
|
|
|
|
|
2022-09-11 16:01:14 +00:00
|
|
|
require 'creds.php';
|
|
|
|
|
2022-09-25 09:32:03 +00:00
|
|
|
$banmessage = "<span class='message'>you have been banned from posting on rautafarmi!</span>";
|
|
|
|
$backbutton = "<br><a href='/rautafarmi'>[ back ]</a>";
|
|
|
|
|
2022-09-11 16:01:14 +00:00
|
|
|
if(isset($_POST['message'])) {
|
|
|
|
$username = mysqli_real_escape_string($mysqli, $_POST['username']);
|
|
|
|
$message = mysqli_real_escape_string($mysqli, $_POST['message']);
|
2022-09-25 09:32:03 +00:00
|
|
|
$imgurl = mysqli_real_escape_string($mysqli, $_POST['imgurl']);
|
2022-09-11 16:01:14 +00:00
|
|
|
|
|
|
|
if(empty($message)) {
|
2022-09-25 09:32:03 +00:00
|
|
|
die("<span class='message'>cannot post empty message!</span>".$backbutton);
|
|
|
|
}
|
|
|
|
|
|
|
|
if($_SERVER["HTTP_X_FORWARDED_FOR"] == "37.139.53.81") {
|
|
|
|
die($banmessage."<p>Reason: spam</p>.$backbutton");
|
|
|
|
}
|
|
|
|
|
|
|
|
if($username == "Crytoinimi") {
|
|
|
|
die($banmessage."<p>Reason: spam</p>.$backbutton");
|
|
|
|
}
|
|
|
|
if($username == "Tookdono") {
|
|
|
|
echo "<p>success</p>";
|
|
|
|
echo "<p>done</p>";
|
|
|
|
header("Location: index.php");
|
|
|
|
exit();
|
2022-09-11 16:01:14 +00:00
|
|
|
}
|
|
|
|
|
2022-09-25 09:32:03 +00:00
|
|
|
$mysqli->query("INSERT INTO posts (username, message, ip, imageurl) VALUES('" . $username . "', '" . $message . "', '" . $_SERVER["HTTP_X_FORWARDED_FOR"] . "', '" . $imgurl . "')");
|
|
|
|
//$stmt->bind_param("sis", $username, $message);
|
|
|
|
//$stmt->execute();
|
2022-09-11 16:01:14 +00:00
|
|
|
|
|
|
|
echo "<p>success</p>";
|
|
|
|
|
|
|
|
header("Location: index.php");
|
2022-09-25 09:32:03 +00:00
|
|
|
} else {
|
|
|
|
echo "<p>fail! no message!</p>";
|
2022-09-11 16:01:14 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
?>
|