From cff371031c0f0bdfaaaa57bab300be154d1e3590 Mon Sep 17 00:00:00 2001
From: Jonas Leder <jonas@jonasled.de>
Date: Tue, 27 Oct 2020 13:46:22 +0100
Subject: [PATCH] added comment publish function

---
 Projekte/proxdroid.php | 18 +++++++++++++++++-
 css/style.css          | 20 ++++++++++++++++++++
 newComment.php         | 16 ++++++++++++++++
 3 files changed, 53 insertions(+), 1 deletion(-)
 create mode 100644 newComment.php

diff --git a/Projekte/proxdroid.php b/Projekte/proxdroid.php
index c7f5945..e5cdbe1 100644
--- a/Projekte/proxdroid.php
+++ b/Projekte/proxdroid.php
@@ -65,8 +65,24 @@ include "../internal/mysql.php";
     <img src="/img/Nexus_6P_-_Screenshot_21-576x1024.png">
     <img src="/img/Nexus_6P_-_Screenshot_31-576x1024.png">
     <img src="/img/Nexus_6P_-_Screenshot_41-576x1024.png">
+
+    <h2>Kommentare:</h2>
+    <div id="newComment">
+        <form action="/newComment.php" method="post">
+            <label for="name">Name:</label><br>
+            <input type="text" id="name" name="name"><br><br>
+
+            <label for="email">E-Mail: (wird nicht ver&ouml;ffentlicht)</label><br>
+            <input type="text" id="email" name="email"><br><br>
+
+            <label for="comment">Kommentar:</label><br>
+            <textarea name="comment" id="comment"></textarea><br><br>
+
+            <input type="submit" value="Kommentar ver&ouml;ffentlichen"><br>
+            <p>Mit dem klick auf den obigen Button erklären sie sich mit der <a href="/datenschutzerklaerung.html">Datenschutzerkl&auml;rung</a> einverstanden.</p>
+        </form>
+    </div>
 </div>
-    
 
 </div>
 <footer includeHTML="/include/footer.php">
diff --git a/css/style.css b/css/style.css
index 6470911..0362078 100644
--- a/css/style.css
+++ b/css/style.css
@@ -404,3 +404,23 @@ button{
     text-decoration: none;
     color: #1cb09a;
 }
+#newComment form input, #newComment form textarea{
+    width: 100%;
+    background: #1a2332;
+    color: #b3b3b3;
+    border: solid #212a39;
+}
+
+#newComment form textarea{
+    resize: vertical;
+}
+#newComment form input[type=submit]{
+    background: #1cb09a;
+    color: #fff;
+    text-transform: uppercase;
+    padding: 15px;
+    font-size: 14px;
+    cursor: pointer;
+    outline: 0;
+    border: 0;
+}
\ No newline at end of file
diff --git a/newComment.php b/newComment.php
new file mode 100644
index 0000000..b68e19b
--- /dev/null
+++ b/newComment.php
@@ -0,0 +1,16 @@
+<?php
+include("./internal/mysql.php");
+
+$ref = $_SERVER["HTTP_REFERER"];
+$article =  $conn->escape_string(explode(".php", explode("Projekte/", $ref)[1])[0]);
+$name = $conn->escape_string($_POST["name"]);
+$email = $conn->escape_string($_POST["email"]);
+$comment = $conn->escape_string($_POST["comment"]);
+
+$sql = "INSERT INTO comments (name, email, comment, article) VALUES ('$name', '$email', '$comment', '$article')";
+
+if ($conn->query($sql) === TRUE) {
+    header("Location: $ref");
+} else {
+    echo "Error: " . $sql . "<br>" . $conn->error;
+}
\ No newline at end of file
-- 
GitLab