PHP Script To ASP.NET (3.5)

Question

Hi.

I am not a PHP guy and would really love to see what the below PHP script looks like in ASP.NET (I am working in 3.5 but anything that gets me started would be wonderful). I have tried downloading Microsoft's migration assistant but am having difficulties running it on my machine. Any kind soul out there willing to convert this for me?

<?php
include('dbcon.php');

if($_REQUEST['comment_text'] && $_REQUEST['post_id'])
{
    $userip = $_SERVER['REMOTE_ADDR'];

    mysql_query("INSERT INTO facebook_posts_comments (post_id,comments,userip,date_created) VALUES('".$_REQUEST['post_id']."','".$_REQUEST['comment_text']."','".$userip."','".strtotime(date("Y-m-d H:i:s"))."')");

    $result = mysql_query("SELECT *,
    UNIX_TIMESTAMP() - date_created AS CommentTimeSpent FROM facebook_posts_comments order by c_id desc limit 1");
}

while ($rows = mysql_fetch_array($result))
{
    $days2 = floor($rows['CommentTimeSpent'] / (60 * 60 * 24));
    $remainder = $rows['CommentTimeSpent'] % (60 * 60 * 24);
    $hours = floor($remainder / (60 * 60));
    $remainder = $remainder % (60 * 60);
    $minutes = floor($remainder / 60);
    $seconds = $remainder % 60; ?>
    <div class="commentPanel" id="record-<?php  echo $rows['c_id'];?>" align="left">
        <img src="small.png" width="40" class="CommentImg" style="float:left;" alt="" />
        <label class="postedComments">
            <?php  echo $rows['comments'];?>
        </label>
        <br clear="all" />

        <span style="margin-left:43px; color:#666666; font-size:11px">
        <?php

        if($days2 > 0)
        echo date('F d Y', $rows['date_created']);
        elseif($days2 == 0 && $hours == 0 && $minutes == 0)
        echo "few seconds ago";     
        elseif($days2 == 0 && $hours == 0)
        echo $minutes.' minutes ago';
        else
        echo "few seconds ago"; 

        ?>
        </span>

        <?php
        $userip = $_SERVER['REMOTE_ADDR'];
        if($rows['userip'] == $userip){?>
        &nbsp;&nbsp;<a href="#" id="CID-<?php  echo $rows['c_id'];?>" class="c_delete">Delete</a>
        <?php
        }?>
    </div>
<?php
}?>

Answer 1

I just love questions that expose SQL injection vulnerabilities.

mysql_query("INSERT INTO facebook_posts_comments
             (post_id,comments,userip,date_created)
       VALUES('".$_REQUEST['post_id']."','".$_REQUEST['comment_text']."','".$userip."','".strtotime(date("Y-m-d H:i:s"))."')");
                 ^ SQL Injection!           ^ SQL Injection!

Answer 2

If what you're looking for is a direct line-by-line conversion, you're definitely not going to find that here. There's a lot that needs to be cleaned up in that, and just directly porting it to .NET would require writing code in a way that nobody here wants to be responsible for :)

You're much better off separating out the various pieces of functionality taking place there and putting each piece into its proper context in .NET (also, are you talking web forms or MVC? makes a big difference in converting this code). Now, based on the text of your question, it sounds like you are familiar with .NET and are not familiar with PHP, and you're just trying to know what this does? Or are you not familiar with either? It's a little unclear.

If you're just trying to figure out what this code does, what specifically are you having trouble with? The request variable gathering? The database interaction? All the silly date/time math?