emilyd/rautafarmi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
main
rautafarmi/post.php
jornmann c3e0c86604 update
2022-09-25 12:32:03 +03:00

46 lines
1.2 KiB
PHP
Raw Permalink Blame History

<?php
header("Access-Control-Allow-Origin: *");
require 'creds.php';
$banmessage = "<span class='message'>you have been banned from posting on rautafarmi!</span>";
$backbutton = "<br><a href='/rautafarmi'>[ back ]</a>";
if(isset($_POST['message'])) {
$username = mysqli_real_escape_string($mysqli, $_POST['username']);
$message = mysqli_real_escape_string($mysqli, $_POST['message']);
$imgurl = mysqli_real_escape_string($mysqli, $_POST['imgurl']);
if(empty($message)) {
die("<span class='message'>cannot post empty message!</span>".$backbutton);
}
if($_SERVER["HTTP_X_FORWARDED_FOR"] == "37.139.53.81") {
die($banmessage."<p>Reason: spam</p>.$backbutton");
}
if($username == "Crytoinimi") {
die($banmessage."<p>Reason: spam</p>.$backbutton");
}
if($username == "Tookdono") {
echo "<p>success</p>";
echo "<p>done</p>";
header("Location: index.php");
exit();
}
$mysqli->query("INSERT INTO posts (username, message, ip, imageurl) VALUES('" . $username . "', '" . $message . "', '" . $_SERVER["HTTP_X_FORWARDED_FOR"] . "', '" . $imgurl . "')");
//$stmt->bind_param("sis", $username, $message);
//$stmt->execute();
echo "<p>success</p>";
header("Location: index.php");
} else {
echo "<p>fail! no message!</p>";
}
?>
Reference in New Issue View Git Blame Copy Permalink