This is something I've been working on for my site, I'm trying to put the ability to comment on articles into a class. I think it's something that can be used on other sites with a few alterations.
It can grab existing comments in the database, as well as insert new comments into it. It records the comments, name and email the person inputs. It also validates the email and the domain name using techniques brought in
this thread.
Tell me what you think and how it can be improved, this is the first class I've written and I'd like some critique on how to improve it, OOP is fairly new to me.
PHP Code:
<?php
/*
################################################
# Comment Class
################################################
*/
class Comments{
var $id;
var $table;
var $fields = array('name','comment','time');
var $field;
var $ip;
var $SQL;
var $result;
var $comments_final;
var $comment_id;
var $email;
var $name;
var $comment;
var $valid;
//here's the constructer
function Comments($itemid, $comtable, $ip){
$this->ip = $ip;
$this->id = $itemid;
$this->table = "`".$comtable."`";
}
//getting comments from the past
function GetComments(){
$this->field = implode(',', $this->fields);
$this->SQL = "SELECT ".$this->field." FROM ".$this->table." WHERE `columnid`='".$this->id."' ORDER BY `commentid` ASC";
$this->result = mysql_query($this->SQL) or die("There was a problem with this query:".mysql_error());
$this->comments_final = "<table width='70%' align='center'><tr><td>Reader Comments</td></tr>\n";
while($row = mysql_fetch_assoc($this->result))
{
$this->comments_final .= "\t<tr>\n\t\t<td><b>".$row['name']."</b> ".$row['time']."<br />\n<br />".htmlentities(stripslashes($row['comment']))."</td></tr\n>";
}
$this->comments_final .= "</table><br />
<hr /><span class='headertext'><a name=\"comment\"></a>Add a comment</span><br /><table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" height=\"451\" width=\"100%\">
<tbody>
<tr>
<td align=\"center\" valign=\"center\">
<form name=\"form\" action=\"".$_SERVER['PHP_SELF']."\" method=\"post\">
<table border=\"0\" cellpadding=\"0\" cellspacing=\"4\">
<tbody>
<tr>
<td align=\"right\">Name</td>
<td><input id=\"name\" size=\"40\" name=\"name\"></td></tr>
<tr>
<td align=\"right\">e-mail</td>
<td><input id=\"email\" size=\"40\" name=\"email\"></td></tr>
<tr>
<td align=\"right\">Comment</td>
<td><textarea id=\"message\" name=\"message\" rows=\"9\" cols=\"60\"></textarea> </td></tr>
<tr>
<td><input type=\"hidden\" value=\"sentdata\" name=\"sent\" /></td>
<td><input id=\"send\" value=\"Send\" name=\"send\" type=\"submit\"></td>
</tr></tbody></table></form><br /></td></tr></tbody></table>";
return $this->comments_final;
}
function AddComment($name, $columnid, $comment, $email)
{
$this->SQL = "SELECT `commentid` FROM ".$this->table." WHERE `columnid`=".$this->id." ORDER BY `commentid` DESC LIMIT 1";
$this->result = mysql_query($this->SQL);
while($row = mysql_fetch_assoc($this->result))
{
$this->commentid = $row['commentid'] + 1;
}
if((!$name) or (!$columnid) or (!$comment) or (!$email))
{
$this->valid = false;
break;
}
$this->name = $name;
$this->column_id = $columnid;
$this->comment = addslashes($comment);
$this->email = $email;
if(CheckEmail($this->email) == false)
{
$this->valid = false;
break;
}
if(ValidateDomain($this->email) == false)
{
$this->valid = false;
break;
}
$this->SQL = "INSERT INTO `".$this->table."`('columnid', 'name', 'comment', 'commentid', 'time', 'email', 'ip') VALUES (`".$this->column_id."`, `".$this->name."`, `".$this->comment."`, `".$this->commentid."`, NOW(), `".$this->email."`, `".$this->ip."`) LIMIT 1";
$this->result = mysql_query() or die("could not perform query because:".mysql_error());
$this->valid = true;
}
function CheckEmail($string){
$beg = '[-!#\$%&\'\*\+\/=\?\^_`{}\|~0-9A-Z]+(?:\.[-!#\$%&\'\*\+\/=\?\^_`{}\|~0-9A-Z]+)*';
$end = '[-0-9A-Z]+(?:\.[-0-9A-Z]+)*';
$full_pattern = '/^'.$beg.'(?:@'.$end.')?$/iD';
if (preg_match($full_pattern, $string))
{
return true;
}
else
{
return false;
}
}
function ValidateDomain($string){
$email = $string;
$intitial_url = explode("@",$email);
$url = "http://".$initial_url[1];
$url2 = "http://www.".$initial_url[1];
$hf1 = @fopen($url,"rb");
$hf2 = @fopen($url2,"rb");
if (strlen($hf1) == 0){
if (strlen($hf2) == 0) {
return false;
fclose($hf1);
fclose($hf2);
break;
}
else
{
return true;
fclose($hf1);
fclose($hf2);
break;
}
}
else
{
return true;
fclose($hf1);
fclose($hf2);
break;
}
}
function ValidationMessage()
{
if($this->valid == true)
{
$this->message = "Your comment has been submitted, thank you for your input.";
}
if($this->valid == false)
{
$this->message = "There was an error submitting your message. Please check that all fields are filled out and the email address is valid.";
}
return $this->message;
}
}
?>
Here's the way I use it
PHP Code:
require 'CommentsClass.php';
$com =& new Comments($_GET['id'], "table", $_SERVER["REMOTE_ADDR"]);
if($_POST['sent'] == 'sentdata')
{
$com->AddComment($_POST['name'], $_GET['id'], $_POST['comment'], $_POST['email']);
$validation = $com->ValidationMessage();
}
$comments = $com->GetComments();
echo $validation;
echo $comments;
Before you post, read our: 
