-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathverify.php
85 lines (66 loc) · 2.81 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
<?php
$captcha;
if(isset($_POST['g-recaptcha-response']))
$captcha=$_POST['g-recaptcha-response'];
if(!$captcha){
echo '<h2>Please check the the captcha form.</h2>';
echo "<BUTTON onClick=" . "javascript:history.back()>" . "Back </BUTTON>";
exit;
}
$response=json_decode(file_get_contents("https://www.google.com/recaptcha/api/siteverify?secret='6Lc9VSITAAAAAKJsGQJF-uRUhBKIdUh5yB3g-glv'&response=".$captcha."&remoteip=".$_SERVER['REMOTE_ADDR']), true);
if($response['success'] == false)
{
echo '<h2>You are a spammer! Get the @$%K off my website!!</h2>';
}
else
{ //Do stuff here
require_once('comment_dbconfig.php');
//define variables
$subject = $message = $message2 = $from = "";
//form variables
$name = $email = $site = $comment = $publish = "";
$name = $_POST["name"];
$email = $_POST["email"];
$site = $_POST["website"];
$comment = $_POST["comment"];
$publish = $_POST["0"];
try {
//connect to batabase
$conn = new PDO("mysql:host=$host;dbname=$dbname", $username, $password);
//echo "Connected to database $dbname at $host successfully. <br/>";
//insert data into database
$conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$sql = "INSERT INTO comment(name,email,site,comment,entered,publish)
values('$name','$email','$site','$comment',now(),'$publish')";
$conn->exec($sql);
$last_id = $conn->lastInsertId();
echo "Your comment was recieved. <br/><br/>";
echo "Name: " . htmlspecialchars($name) . "<br/>" ;
echo "Email: " . htmlspecialchars($email) . "<br/>" ;
echo "Website: " . htmlspecialchars($site) . "<br/>" ;
echo "Comment: " . htmlspecialchars($comment) . "<br/>" ;
//echo "Publish: " . htmlspecialchars($publish) . "<br/>" ;
//echo "Entered: " . htmlspecialchars($entered) . "<br/>" ;
//echo "Last Record: " . htmlspecialchars($last_id) . "<br/>" ;
$conn=null;
//echo "Connection to database $dbname at $host closed successfully. <br/>";
}
// connection error message
catch (PDOException $pe) {
die("Could not connect to the database $dbname :" . $pe->getMessage());
}
//send a notification email to database owner - me
if($_POST['name']==""||$_POST['email']==""){
echo "Fill in required fields.....";
}else{
$subject = "A comment was left on stevewright.nz";
$message = "Comment No : ". $last_id . "\n" . $comment;
$message = wordwrap($message, 70);
}
mail("$to",$subject,$message,$headers);
echo "An Email was sent to the site administrator. Thank you. <br/>";
echo "<BUTTON onClick=" . "location.href='contact.php';>". "Back </BUTTON>";
//echo "<BUTTON onClick=" . "javascript:history.back()>" . "Back </BUTTON>";
}
?>