From be57ada3faa709f543b9387d0ebd62b3c4bce901 Mon Sep 17 00:00:00 2001
From: Jonas Leder <jonas@jonasled.de>
Date: Tue, 9 Nov 2021 12:18:22 +0100
Subject: [PATCH] get page name for new comments from frontend

---
 js/customElements/newComment.js | 4 +++-
 public/API/newComment.php       | 5 ++---
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/js/customElements/newComment.js b/js/customElements/newComment.js
index 9c01967..0080b3e 100644
--- a/js/customElements/newComment.js
+++ b/js/customElements/newComment.js
@@ -14,6 +14,7 @@ class newComment extends HTMLElement {
         script.src = "https://hCaptcha.com/1/api.js";
         script.type = 'text/javascript';
         script.onload = () => {
+            let pageName = path.split("/").pop();
             this.parentElement.innerHTML = ` 
                 <form action="/API/newComment.php" method="post">
                     <label for="name">Name:</label><br>
@@ -27,6 +28,7 @@ class newComment extends HTMLElement {
                     
                     <div class="h-captcha" data-theme="dark" data-sitekey="${sitekey}"></div><br>
                     
+                    <input type="hidden" name="pagename" id="pagename" value="${pageName}">
                     <input type="submit" value="Kommentar ver&ouml;ffentlichen"><br>
                     <p>Mit dem Klick auf den obigen Button erkl&auml;ren sie sich mit der <a href="/datenschutzerklaerung.html">Datenschutzerkl&auml;rung</a> einverstanden.</p>
                 </form>
@@ -36,4 +38,4 @@ class newComment extends HTMLElement {
     }
 }
 
-customElements.define("jl-new_comment", newComment);
\ No newline at end of file
+customElements.define("jl-new_comment", newComment);
diff --git a/public/API/newComment.php b/public/API/newComment.php
index c9e293e..1d63270 100644
--- a/public/API/newComment.php
+++ b/public/API/newComment.php
@@ -22,8 +22,7 @@ $responseData = json_decode($response->getBody());
 
 if($responseData->success) {
 
-    $ref = $_SERVER["HTTP_REFERER"];
-    $article = $conn->escape_string(explode(".php", explode("Projekte/", $ref)[1])[0]);
+    $article =$conn->escape_string($_POST["pagename"]);
     $name = $conn->escape_string($_POST["name"]);
     $email = $conn->escape_string($_POST["email"]);
     $comment = $conn->escape_string($_POST["comment"]);
@@ -37,4 +36,4 @@ if($responseData->success) {
     }
 } else {
     echo "Failed to verify captcha.";
-}
\ No newline at end of file
+}
-- 
GitLab