Priority File Manager

📁 public_html
Base Directory:
public_html / cce / service
/home/ecedu/public_html/cce/service
NameTypeSizeActions
📁 .. Folder -
📄 commentAdd.php File 2848
Edit Download
📄 commentRead.php File 1326
Edit Download
📁 images Folder -
📄 loadMoreNews.php File 3073
Edit Download
📄 session.php File 536
Edit Download
getDb(); // ضبط الترميز للإخراج والاستعلامات $pdo->exec("SET NAMES utf8mb4 COLLATE utf8mb4_unicode_ci"); // 2) جلب وتنقية المدخلات $comment = trim((string)($_POST['comment'] ?? '')); $author = trim((string)($_POST['author'] ?? '')); $newsId = intval($_POST['news_id'] ?? 0); $emailRaw = trim((string)($_POST['email'] ?? '')); $email = filter_var($emailRaw, FILTER_VALIDATE_EMAIL) ? $emailRaw : ''; $parentId = (isset($_POST['comment_id']) && intval($_POST['comment_id']) > 0) ? intval($_POST['comment_id']) : null; // 3) تحقق من الحقول الأساسية if ($comment === '' || $author === '' || $newsId <= 0) { echo json_encode(['error' => 'post false']); exit; } // 4) INSERT باستخدام Prepared Statement عبر PDO $insertSql = " INSERT INTO dbs_comment (parent_comment_id, comment, comment_sender_name, comment_sender_email, news_id) VALUES (:parent, :c, :name, :email, :nid) "; $stmt = $pdo->prepare($insertSql); $stmt->bindValue(':parent', $parentId, PDO::PARAM_INT); $stmt->bindValue(':c', $comment, PDO::PARAM_STR); $stmt->bindValue(':name', $author, PDO::PARAM_STR); $stmt->bindValue(':email', $email, PDO::PARAM_STR); $stmt->bindValue(':nid', $newsId, PDO::PARAM_INT); if (! $stmt->execute()) { throw new RuntimeException('Execute failed: ' . implode(' | ', $stmt->errorInfo())); } $insertId = (int)$pdo->lastInsertId(); // 5) جلب السجل المضاف $selectSql = " SELECT comment_id, parent_comment_id, comment, comment_sender_name, comment_sender_email, comment_at, news_id FROM dbs_comment WHERE comment_id = :id LIMIT 1 "; $stmt = $pdo->prepare($selectSql); $stmt->bindValue(':id', $insertId, PDO::PARAM_INT); $stmt->execute(); $row = $stmt->fetch(PDO::FETCH_ASSOC); // 6) إخراج JSON if ($row) { echo json_encode($row); } else { echo json_encode(['error' => 'Comment not found']); } } catch (Exception $e) { // في حالة أي خطأ، نعيد رسالة خطأ http_response_code(500); echo json_encode(['error' => $e->getMessage()]); }