投稿内容はdatファイルに格納します。
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 | <?php $dataFile = 'bbs.dat' ; // csrf session_start(); function setToken(){ $token = sha1(uniqid(mt_rand(), true)); $_SESSION [ 'token' ] = $token ; } function checkToken(){ if ( empty ( $_SESSION [ 'token' ]) || ( $_SESSION [ 'token' ] != $_POST [ 'token' ])){ echo "不正なpostが行われました!" ; exit ; } } function h( $s ){ return htmlspecialchars( $s , ENT_QUOTES, 'utf-8' ); } if ( $_SERVER [ 'REQUEST_METHOD' ] == 'POST' && isset( $_POST [ 'message' ]) && isset( $_POST [ 'user' ])){ checkToken(); $message =trim( $_POST [ 'message' ]); $user = trim( $_POST [ 'user' ]); if ( $message !== '' ){ $user = ( $user === '' ) ? 'ななしさん' : $user ; $message = str_replace ( "\t" , '' , $message ); $user = str_replace ( "\t" , '' , $user ); $postedAt = date ( 'Y-m-d H:i:s' ); $newData = $message . "\t" . $user . "\t" . $postedAt . "\n" ; $fp = fopen ( $dataFile , 'a' ); fwrite( $fp , $newData ); fclose( $fp ); } } else { setToken(); } $posts = file( $dataFile , FILE_IGNORE_NEW_LINES); $posts = array_reverse ( $posts ); ?> <!DOCTYPE html> <html lang= "ja" > <head> <meta charset= "utf-8" > <title>簡易掲示板</title> </head> <body> <h1>簡易掲示板</h1> <form action= "" method= "post" > message: <input type= "text" name= "message" > user: <input type= "text" name= "user" > <input type= "submit" value= "投稿" > <input type= "hidden" name= "token" value= "<?php echo h($_SESSION['token']); ?>" > </form> <h2>投稿一覧(<?php echo count ( $posts ); ?>件)</h2> <ul> <?php if ( count ( $posts )) : ?> <?php foreach ( $posts as $post ) : ?> <?php list( $message , $user , $postedAt ) = explode ( "\t" , $post ); ?> <li><?php echo h( $message ); ?>(<?php echo h( $user ); ?>)-<?php echo h( $postedAt ); ?></li> <?php endforeach ; ?> <li></li> <?php else : ?> <li>まだ投稿はありません。</li> <?php endif ; ?> </ul> </body> </html> |