PHP/BBS

$dataFile = "bbs.dat";

session_start();

function setToken(){
  $token = sha1(uniqid(mt_rand(), TRUE));
  $_SESSION["token"] = $token;
}
function checkToken(){
  if(empty($_SESSION["token"]) || ($_SESSION["token"] != $_POST["token"])){
  	echo "不正なpost";
	exit;
  }
}


function h($s){
  return htmlspecialchars($s, ENT_QUOTES, "utf-8");
}

if($_SERVER["REQUEST_METHOD"] == "POST" &&
	 isset($_POST["message"]) &&
	 isset($_POST["user"])){
	 
	 checkToken();
		
	$message = trim($_POST["message"]);
	$user = trim($_POST["user"]);
	
	if($message !== ""){
	  	
	  if($user === ""){
	  	$user = "匿名";
	  }
	  
	  $dt = date("Y/m/d H:i:s");
	  
	  $newData = $message . "\t" . $user . "\t" . $dt . "\n";

	  $fp = fopen($dataFile, "a");
	  fwrite($fp, $newData);
	  fclose($fp);
	}
} else {
  setToken();
}

$posts = file($dataFile, FILE_IGNORE_NEW_LINES);

$posts = array_reverse($posts);