comment.class.php
<?php
class Comment
{
private $data = array();
function __construct($data)
{
$this->data = $data;
}
/**
* 检测用户输入的数据
* @param $arr
* @return bool
*/
public static function validate(&$arr)
{
if (!($data['email'] = filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL))) {
$errors['email'] = '请输入合法邮箱';
}
if (!($data['url'] = filter_input(INPUT_POST, 'url', FILTER_VALIDATE_URL))) {
$errors['url'] = '';
}
if (!($data['content'] = filter_input(INPUT_POST, 'content', FILTER_CALLBACK, array('options' => 'Comment::validate_str')))) {
$errors['content'] = "请输入合法内容";
}
if (!($data['username'] = filter_input(INPUT_POST, 'username', FILTER_CALLBACK, array('options' => 'Comment::validate_str')))) {
$errors['username'] = "请输入合法用户名";
}
$options = array(
'min_range' => 1,
'max_range' => 5
);
if (!($data['face'] = filter_input(INPUT_POST, 'face', FILTER_VALIDATE_INT, $options))) {
$errors['face'] = "请输入合法头像";
}
if (!empty($errors)) {
$arr = $errors;
return false;
}
$arr = $data;
$arr['email'] = strtolower(trim($arr['email']));
return true;
}
/**
* 过滤用户输入的特殊字符
* @param $str
* @return bool|string
*/
public static function validate_str($str)
{
if (mb_strlen($str, 'UTF8') < 1) {
return false;
}
//nl2br 将\n转换成br
//htmlspecialchars 把一些预定义的字符转换为 HTML 实体
//ENT_QUOTES单引号也转义
$str = nl2br(htmlspecialchars($str, ENT_QUOTES));
return $str;
}
/**
* 显示评论内容
* @return string
*/
public function output()
{
// if ($this->data['url']) {
$link_start = "<a href='" . $this->data['url'] . "' target='_blank'>";
$link_end = "</a>";
// }
$dateStr = date("Y年m月d日 H:i:s", $this->data['pubTime']);
$res = <<<EOF
<div class='comment'>
<div class='face'>
{$link_start}
<img width='50' height='50' src="img/{$this->data['face']}.jpg" alt="" />
{$link_end}
</div>
<div class='username'>
{$link_start}
{$this->data['username']}
{$link_end}
</div>
<div class='date' title='发布于{$dateStr}'>
{$dateStr}
</div>
<p>{$this->data['content']}</p>
</div>
EOF;
return $res;
}
}
doAction.php
<?php
header("content-type:text/html;charset=utf-8");
require_once 'connect.php';
require_once 'comment.class.php';
$arr = array();
$res = Comment::validate($arr);
if ($res) {
$sql = "INSERT comments(username,email,url,face,content,pubTime) VALUES(?,?,?,?,?,?);";
$mysqli_stmt = $mysqli->prepare($sql);
$arr['pubTime'] = time();
$mysqli_stmt->bind_param('sssssi', $arr['username'], $arr['email'], $arr['url'], $arr['face'], $arr['content'], $arr['pubTime']);
$mysqli_stmt->execute();
$comment = new Comment($arr);
echo json_encode(array('status' => 1, 'html' => $comment->output()));
} else {
echo '{"status":0,"errors":' . json_encode($arr) . '}';
}
?>
connect.php
<?php
$mysqli = new mysqli('localhost', 'root', '', 'imoocComment');
if ($mysqli->errno) {
die('CONNECT ERROR ' . $mysqli->error);
} else {
$mysqli->set_charset('UTF8');
}
index.php
<?php
require_once 'connect.php';
require_once 'comment.class.php';
$sql="SELECT username,email,url,face,content,pubTime FROM comments";
$mysqli_result=$mysqli->query($sql);
if($mysqli_result&& $mysqli_result->num_rows>0){
while($row=$mysqli_result->fetch_assoc()){
$comments[]=new Comment($row);
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
<title>Document</title>
<link rel="stylesheet" type="text/css" href="style/style.css" />
</head>
<body>
<h1>慕课网评论系统</h1>
<div id='main'>
<?php
foreach($comments as $val){
echo $val->output();
}
?>
<div id='addCommentContainer'>
<form id="addCommentForm" method="post" action="">
<div>
<label for="username">昵称</label>
<input type="text" name="username" id="username" required='required' placeholder='请输入您的昵称'/>
<label for="face">头像</label>
<div id='face'>
<input type="radio" name="face" checked='checked' value="1" />
<input type="radio" name="face" value="2" />
<input type="radio" name="face" value="3" />
<input type="radio" name="face" value="4" />
<input type="radio" name="face" value="5" />
</div>
<label for="email">邮箱</label>
<input type="email" name="email" id="email" required='required' placeholder='请输入合法邮箱'/>
<label for="url">个人博客</label>
<input type="url" name="url" id="url" />
<label for="content">评论内容</label>
<textarea name="content" id="content" cols="20" rows="5" required='required' placeholder='请输入您的评论...'></textarea>
<input type="submit" id="submit" value="发布评论" />
</div>
</form>
</div>
</div>
<script type="text/javascript" src="script/jquery.min.js"></script>
<script type="text/javascript" src="script/comment.js"></script>
</body>
</html>
Paste_Image.png
