diff --git a/public/API/queries/comments.php b/public/API/queries/comments.php
index cb3f33ac7b942119843ece8ea4aa8e2d33c32f44..3b3d46ba952ab523e35140ffd1299ea0ee1c54dd 100644
--- a/public/API/queries/comments.php
+++ b/public/API/queries/comments.php
@@ -15,7 +15,8 @@ $commentField = new ObjectType([
],
]);
-function comments($article, $conn) {
+function comments($article, $conn)
+{
$response = [];
$result = $conn->query("SELECT * FROM comments WHERE article='$article'");
while ($row = $result->fetch_assoc()) {
@@ -29,37 +30,36 @@ function comments($article, $conn) {
array_push($response, $commentElement);
}
return $response;
-
}
-function newComment($conn, $article, $name, $email, $comment, $hCaptchaResponse) {
+function newComment($conn, $article, $name, $email, $comment, $hCaptchaResponse)
+{
require "./lib/config.php";
$data = array(
'secret' => $secretkey,
'response' => $hCaptchaResponse
);
$client = new Client();
-
+
$response = $client->post("https://hcaptcha.com/siteverify", [
"form_params" => $data
]);
-
+
$responseData = json_decode($response->getBody());
- if(! $responseData->success) {
+ if (!$responseData->success) {
return "Failed to verify Captcha";
-
- $article = $conn->escape_string($article);
- $name = $conn->escape_string($name);
- $email = $conn->escape_string($email);
- $comment = $conn->escape_string($comment);
-
- $sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
-
- if ($conn->query($sql) === TRUE) {
- return "OK";
- } else {
- return "Error: " . $sql . "<br>" . $conn->error;
- }
}
-}
\ No newline at end of file
+ $article = $conn->escape_string($article);
+ $name = $conn->escape_string($name);
+ $email = $conn->escape_string($email);
+ $comment = $conn->escape_string($comment);
+
+ $sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
+
+ if ($conn->query($sql) === TRUE) {
+ return "OK";
+ } else {
+ return "Error: " . $sql . "<br>" . $conn->error;
+ }
+}