melder/ajax/ajax_comment_push.php

<?php

require ("../config.php");

if ($boolComment){
   $strUsername = htmlentities(trim($_POST['comment_username']));
   $strUsername = addslashes($strUsername);
   $strComment =  htmlentities(trim($_POST['comment']));
   $strComment = addslashes($strComment);
   $id=(int)$_POST['loc_id'];

   $stmt = $db->prepare("INSERT INTO comment (loc_id,username,comment) 
             VALUES (:loc_id,:username,:comment)");
    $stmt->bindValue(':username', $strUsername);
    $stmt->bindValue(':comment', $strComment);
    $stmt->bindValue(':loc_id', $id);
    $stmt->execute();
   
    echo "ok";
}
?>
Alter Version 2024-02-16 15:35:01 +01:00			`<?php`
fixes 2024-03-11 12:55:17 +01:00
Alter Version 2024-02-16 15:35:01 +01:00			`require ("../config.php");`

			`if ($boolComment){`
			`$strUsername = htmlentities(trim($_POST['comment_username']));`
			`$strUsername = addslashes($strUsername);`
			`$strComment = htmlentities(trim($_POST['comment']));`
			`$strComment = addslashes($strComment);`
			`$id=(int)$_POST['loc_id'];`

			`$stmt = $db->prepare("INSERT INTO comment (loc_id,username,comment)`
			`VALUES (:loc_id,:username,:comment)");`
			`$stmt->bindValue(':username', $strUsername);`
			`$stmt->bindValue(':comment', $strComment);`
			`$stmt->bindValue(':loc_id', $id);`
			`$stmt->execute();`

			`echo "ok";`
			`}`
			`?>`