投稿内容はdatファイルに格納します。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 | <?php$dataFile = 'bbs.dat';// csrfsession_start();function setToken(){ $token = sha1(uniqid(mt_rand(), true)); $_SESSION['token'] = $token;}function checkToken(){ if (empty($_SESSION['token']) || ($_SESSION['token'] !=$_POST['token'])){ echo "不正なpostが行われました!"; exit; }}function h($s){ return htmlspecialchars($s, ENT_QUOTES, 'utf-8');}if($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['message']) && isset($_POST['user'])){ checkToken(); $message =trim($_POST['message']); $user = trim($_POST['user']); if($message !== ''){ $user = ($user === '') ? 'ななしさん' : $user; $message = str_replace("\t", '', $message); $user = str_replace("\t", '', $user); $postedAt = date('Y-m-d H:i:s'); $newData = $message . "\t" . $user . "\t" . $postedAt. "\n"; $fp = fopen($dataFile, 'a'); fwrite($fp, $newData); fclose($fp); }} else { setToken();}$posts = file($dataFile, FILE_IGNORE_NEW_LINES);$posts = array_reverse($posts);?><!DOCTYPE html><html lang="ja"><head> <meta charset="utf-8"> <title>簡易掲示板</title></head><body> <h1>簡易掲示板</h1> <form action="" method="post"> message: <input type="text" name="message"> user: <input type="text" name="user"> <input type="submit" value="投稿"> <input type="hidden" name="token" value="<?php echo h($_SESSION['token']); ?>"> </form> <h2>投稿一覧(<?php echo count($posts); ?>件)</h2> <ul> <?php if (count($posts)) : ?> <?php foreach ($posts as $post) : ?> <?php list($message, $user, $postedAt) = explode("\t", $post); ?> <li><?php echo h($message); ?>(<?php echo h($user); ?>)-<?php echo h($postedAt); ?></li> <?php endforeach; ?> <li></li> <?php else : ?> <li>まだ投稿はありません。</li> <?php endif; ?> </ul></body></html> |
