Paste_Image.png
http://img.mukewang.com/down/55fa763b0001745800000000.rar
index.php
<?php
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<meta http-equiv="Content-Type" content="text/html;charset=UTF-8" />
<title>Document</title>
<link rel="stylesheet" type="text/css" href="style/style.css" />
</head>
<body>
<h1>慕课网评论系统</h1>
<div id='main'>
<?php
// foreach($comments as $val){
// echo $val->output();
// }
?>
<div id='addCommentContainer'>
<form id="addCommentForm" method="post" action="">
<div>
<label for="username">昵称</label>
<input type="text" name="username" id="username" required='required' placeholder='请输入您的昵称'/>
<label for="face">头像</label>
<div id='face'>
<input type="radio" name="face" checked='checked' value="1" />
<input type="radio" name="face" value="2" />
<input type="radio" name="face" value="3" />
<input type="radio" name="face" value="4" />
<input type="radio" name="face" value="5" />
</div>
<label for="email">邮箱</label>
<input type="email" name="email" id="email" required='required' placeholder='请输入合法邮箱'/>
<label for="url">个人博客</label>
<input type="url" name="url" id="url" />
<label for="content">评论内容</label>
<textarea name="content" id="content" cols="20" rows="5" required='required' placeholder='请输入您的评论...'></textarea>
<input type="submit" id="submit" value="发布评论" />
</div>
</form>
</div>
</div>
<script type="text/javascript" src="script/jquery.min.js"></script>
<script type="text/javascript" src="script/comment.js"></script>
</body>
</html>
doAction.php
<?php
header("Content-type:text/html;charset=utf-8");
require_once 'connect.php';
require_once 'comment.class.php';
?>
connect.php
<?php
$mysqli = new mysqli('localhost', 'root', '', 'imoocComment');
if ($mysqli->errno) {
die('CONNECT ERROR ' . $mysqli->error);
} else {
$mysqli->set_charset('UTF8');
}
cpmment.class.php
<?php
class Comment
{
private $data = array();
function __construct($data)
{
$this->data = $data;
}
/**
* 检测用户输入的数据
* @param $arr
* @return bool
*/
public static function validate(&$arr)
{
if (!(filter_input(INPUT_POST, 'email', FILTER_VALIDATE_EMAIL))) {
$errors['email'] = '请输入合法邮箱';
}
if (!(filter_input(INPUT_POST, 'url', FILTER_VALIDATE_URL))) {
$url = "";
}
if (!(filter_input(INPUT_POST, 'content', FILTER_CALLBACK, array('options' => 'Comment::validate_str')))) {
$errors['content'] = "请输入合法内容";
}
if (!(filter_input(INPUT_POST, 'username', FILTER_CALLBACK, array('options' => 'Comment::validate_str')))) {
$errors['username'] = "请输入合法用户名";
}
$options = array(
'min_range' => 1,
'max_range' => 5
);
if (!(filter_input(INPUT_POST, 'face', FILTER_VALIDATE_INT, $options))) {
$errors['face'] = "请输入合法头像";
}
if (!empty($errors)) {
$arr = $errors;
return false;
}
$arr = $data;
$arr['email'] = strtolower(trim($arr['email']));
return true;
}
/**
* 过滤用户输入的特殊字符
* @param $str
* @return bool|string
*/
public static function validate_str($str)
{
if (mb_strlen($str, 'UTF8') < 1) {
return false;
}
//nl2br 将\n转换成br
//htmlspecialchars 把一些预定义的字符转换为 HTML 实体
//ENT_QUOTES单引号也转义
$str = nl2br(htmlspecialchars($str, ENT_QUOTES));
return $str;
}
}
