Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20 System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64 User : apache ( 48) PHP Version : 7.4.20 Disable Function : NONE Directory : /var/www/html/truyentranh/code/ajax/ |
<?php
$chap_id = $CORE->input['chap_id'] ?? 0;
$manga_id = $CORE->input['manga_id'] ?? 0;
$name = $CORE->input['name'] ?? '';
$user_id = $CORE->input['user_id'] ?? 0;
$comment_id = $CORE->input['comment_id'] ?? 0;
$content = $CORE->input['content'] ?? '';
$content = html_entity_decode(html_entity_decode($content));
$content = strip_tags($content, "<img><br><p>");
$user_id_reply = $parent_id = 0;$user_id_reply_name='';
if($comment_id>0){
$r_comment = $DB->fetch_row($DB->query("SELECT * FROM tb_comment WHERE comment_id='$comment_id'"));
$user_id_reply = $r_comment['user_id_post'];
$user_id_reply_name = $r_comment['user_id_post_name'];
$parent_id = $comment_id;
}
if($name!='' and $user_id==$ob_user->user_id){
$row_check_locked = $DB->fetch_row($DB->query("SELECT user_comment_status FROM tb_user WHERE user_id='$user_id' LIMIT 1"));
if($row_check_locked['user_comment_status']=='locked'){
$txt_status = 'locked';
$comment_id = $comment_id_insert = 0;
$arr['comment_id_insert'] = $comment_id_insert;
$arr['comment_status'] = $txt_status;
echo json_encode($arr);
exit();
}
$q_bankw = $DB->query("SELECT * FROM tb_bankw ORDER BY bankw_name");
$arr_bad_word = array();
while($r_bankw = $DB->fetch_row($q_bankw)){
$arr_bad_word[] = $r_bankw['bankw_name'];
}
$txt_status = 'active';
if(badWords($content,$arr_bad_word)){
$txt_status = 'locked';
$comment_id = $comment_id_insert = 0;
}else {
$r_truyen = $DB->fetch_row($DB->query("SELECT * FROM tb_truyen WHERE truyen_id='$manga_id' "));
$r_chuong = $DB->fetch_row($DB->query("SELECT * FROM tb_chuong WHERE chuong_id='$chap_id' "));
if (!$r_chuong) {
$r_chuong['chuong_name'] = $r_chuong['chuong_fname'] = '';
}
$DB->query("UPDATE tb_guest SET guest_fullname='$name' WHERE user_id='" . $ob_user->user_id . "' ");
$DB->query("UPDATE tb_guest SET guest_fullname='$name' WHERE user_id='" . $ob_user->user_id . "' ");
$arr_insert = array('parent_id' => $parent_id, 'truyen_id' => $manga_id, 'truyen_name' => $r_truyen['truyen_name'], 'truyen_fname' => $r_truyen['truyen_fname'], 'chuong_id' => $chap_id, 'chuong_name' => $r_chuong['chuong_name'], 'chuong_fname' => $r_chuong['chuong_fname'], 'user_id_post' => $user_id, 'user_id_post_name' => $name, 'user_id_img' => $ob_user->guest_avatar, 'user_id_reply' => $user_id_reply, 'user_id_reply_name' => $user_id_reply_name, 'comment_content' => $content, 'like_num' => 0, 'dislike_num' => 0, 'have_report' => 0, 'time_post' => time(), 'comment_status' => $txt_status);
$comment_id_insert = $DB->do_insert('tb_comment', $arr_insert);
$r_count = $DB->fetch_row($DB->query("SELECT count(*) as total FROM tb_comment WHERE truyen_id='$manga_id' "));
$DB->query("UPDATE tb_truyen SET truyen_hitcomment='" . $r_count['total'] . "' WHERE truyen_id='$manga_id' ");
}
}
if($comment_id==0){
$arr['comment_id_insert'] = $comment_id_insert;
}else{
$arr['comment_id_insert'] = $comment_id;
}
$arr['comment_status'] = $txt_status;
echo json_encode($arr);
exit();
?>