-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathapp.js
More file actions
66 lines (52 loc) · 1.86 KB
/
app.js
File metadata and controls
66 lines (52 loc) · 1.86 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
document.addEventListener('DOMContentLoaded', function() {
const commentForm = document.getElementById('commentForm');
const commentsSection = document.getElementById('comments-section');
function sanitizeInput(input) {
// Remove any HTML tags
const cleanedInput = input.replace(/<[^>]*>?/gm, '');
// Replace special characters with their HTML entities
const escapedInput = cleanedInput.replace(/[&<>"']/g, function(match) {
return {
'&': '&',
'<': '<',
'>': '>',
'"': '"',
"'": '''
}[match];
});
return escapedInput;
}
commentForm.addEventListener('submit', function(event) {
event.preventDefault();
const name = sanitizeInput(document.getElementById('name').value);
const comment = sanitizeInput(document.getElementById('comment').value);
let comments;
if(localStorage.getItem('comments')) {
comments = JSON.parse(localStorage.getItem('comments'));
} else {
comments = [];
}
comments.push({ name, comment, date: new Date().toLocaleString() });
localStorage.setItem('comments', JSON.stringify(comments));
displayComments();
document.getElementById('name').value = '';
document.getElementById('comment').value = '';
});
function displayComments() {
const comments = JSON.parse(localStorage.getItem('comments')) || [];
commentsSection.innerHTML = '';
comments.forEach(comment => {
const commentHTML = `
<section class="comment">
<p>
<img src="/avatar.png" class="avatar">
<span class="comment-author">${sanitizeInput(comment.name)} | ${comment.date}</span>
</p>
<p>${sanitizeInput(comment.comment)}</p>
<p></p>
</section>`;
commentsSection.insertAdjacentHTML('beforeend', commentHTML);
});
}
displayComments();
});