-
Notifications
You must be signed in to change notification settings - Fork 51
/
Copy pathPersistence.php
108 lines (85 loc) · 2.52 KB
/
Persistence.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
<?php
date_default_timezone_set('UTC');
class Persistence {
private $data = array();
function __construct() {
session_start();
if( isset($_SESSION['blog_comments']) == true ){
$this->data = $_SESSION['blog_comments'];
}
}
/**
* Get all comments for the given post.
*/
function get_comments($comment_post_ID) {
$comments = array();
if( isset($this->data[$comment_post_ID]) == true ) {
$comments = $this->data[$comment_post_ID];
}
return $comments;
}
/**
* Get all comments.
*/
function get_all_comments() {
return $this->data;
}
/**
* Store the comment.
*/
function add_comment($vars) {
$added = false;
$comment_post_ID = $vars['comment_post_ID'];
$input = array(
'comment_author' => $vars['comment_author'],
'email' => $vars['email'],
'comment' => $vars['comment'],
'comment_post_ID' => $comment_post_ID,
'date' => date('r'));
if($this->validate_input($input) == true) {
if( isset($this->data[$comment_post_ID]) == false ) {
$this->data[$comment_post_ID] = array();
}
$input['id'] = uniqid('comment_');
$this->data[$comment_post_ID][] = $input;
$this->sync();
$added = $input;
}
return $added;
}
function delete_all() {
$this->data = array();
$this->sync();
}
private function sync() {
$_SESSION['blog_comments'] = $this->data;
}
/**
* TODO: much more validation and sanitization. Use a library.
*/
private function validate_input($input) {
$input['email'] = filter_var($input['email'], FILTER_SANITIZE_EMAIL);
if (filter_var($input['email'], FILTER_VALIDATE_EMAIL) == false) {
return false;
}
$input['comment_author'] = substr($input['comment_author'], 0, 70);
if($this->check_string($input['comment_author']) == false) {
return false;
}
$input['comment_author'] = htmlentities($input['comment_author']);
$input['comment'] = substr($input['comment'], 0, 300);
if($this->check_string($input['comment'], 5) == false) {
return false;
}
$input['comment'] = htmlentities($input['comment']);
$input['comment_post_ID'] = filter_var($input['comment_post_ID'], FILTER_VALIDATE_INT);
if (filter_var($input['comment_post_ID'], FILTER_VALIDATE_INT) == false) {
return false;
}
return true;
}
private function check_string($string, $min_size = 1) {
return strlen(trim($string)) >= $min_size;
}
}
?>