1 |
<?php |
2 |
|
3 |
###################################################################### |
4 |
# PHP-NUKE: Web Portal System |
5 |
# =========================== |
6 |
# |
7 |
# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve) |
8 |
# http://www.ncc.org.ve/php-nuke.php |
9 |
# |
10 |
# This modules is to manage all user's comments in the site |
11 |
# |
12 |
# This program is free software. You can redistribute it and/or modify |
13 |
# it under the terms of the GNU General Public License as published by |
14 |
# the Free Software Foundation; either version 2 of the License. |
15 |
###################################################################### |
16 |
|
17 |
function modone() { |
18 |
include("config.php"); |
19 |
global $admin; |
20 |
if(((isset($admin)) && ($moderate == 1)) || ($moderate==2)) echo "<form action=\"comments.php\" method=\"post\">"; |
21 |
} |
22 |
|
23 |
function modtwo($tid, $score, $reason) { |
24 |
include("config.php"); |
25 |
global $admin, $user; |
26 |
if((((isset($admin)) && ($moderate == 1)) || ($moderate == 2)) && ($user)) { |
27 |
echo " | <select name=dkn$tid>"; |
28 |
for($i=0; $i<sizeof($reasons); $i++) { |
29 |
echo "<option value=\"$score:$i\">$reasons[$i]</option>\n"; |
30 |
} |
31 |
echo "</select>"; |
32 |
} |
33 |
} |
34 |
|
35 |
function modthree($sid, $mode, $order, $thold=0) { |
36 |
include("config.php"); |
37 |
global $admin, $user; |
38 |
if((((isset($admin)) && ($moderate == 1)) || ($moderate==2)) && ($user)) echo "<center><input type=hidden name=sid value=$sid><input type=hidden name=mode value=$mode><input type=hidden name=order value=$order><input type=hidden name=thold value=$thold> |
39 |
<input type=hidden name=op value=moderate> |
40 |
<input type=image src=$uimages/moderate.gif border=0></form></center>"; |
41 |
} |
42 |
|
43 |
function navbar($sid, $title, $thold, $mode, $order) { |
44 |
global $user, $bgcolor1, $bgcolor2, $textcolor1, $textcolor2; |
45 |
dbconnect(); |
46 |
$query = mysql_query("select sid FROM comments where sid=$sid"); |
47 |
if(!$query) $count = 0; else $count = mysql_num_rows($query); |
48 |
if(!isset($thold)) $thold=0; ?> |
49 |
<table width=99% border=0 cellspacing=1 cellpadding=2> |
50 |
<?php if($title) { |
51 |
echo "<tr><td bgcolor=\"$bgcolor2\" align=center><font face=Arial,Helvetica size=2 color=\"$textcolor1\">\"$title\" | "; |
52 |
if($user) { |
53 |
echo "<a href=\"user.php\"><font color=\"$textcolor1\">".translate("Configure")."</font></a>"; |
54 |
} else { |
55 |
echo "<a href=\"user.php\"><font color=\"$textcolor1\">".translate("Login/Create Account")."</font></a>"; |
56 |
} |
57 |
if(($count==1)) { |
58 |
echo " | <B>$count</B> ".translate("comment")."</font></td></tr>"; |
59 |
} else { |
60 |
echo " | <B>$count</B> ".translate("comment")."s</font></td></tr>"; |
61 |
} |
62 |
} ?> |
63 |
<tr><td bgcolor="<?php echo"$bgcolor1"; ?>" align="center"><font face=Arial,Helvetica size=2> |
64 |
<form method=get action="article.php"> |
65 |
<font color="<?php echo"$textcolor2"; ?>"><?php echo translate("Threshold"); ?></font> <select name=thold> |
66 |
<option value="-1" <?PHP if ($thold == -1) { echo "selected"; } ?>>-1 |
67 |
<option value="0" <?PHP if ($thold == 0) { echo "selected"; } ?>>0 |
68 |
<option value="1" <?PHP if ($thold == 1) { echo "selected"; } ?>>1 |
69 |
<option value="2" <?PHP if ($thold == 2) { echo "selected"; } ?>>2 |
70 |
<option value="3" <?PHP if ($thold == 3) { echo "selected"; } ?>>3 |
71 |
<option value="4" <?PHP if ($thold == 4) { echo "selected"; } ?>>4 |
72 |
<option value="5" <?PHP if ($thold == 5) { echo "selected"; } ?>>5 |
73 |
</select> <select name=mode> |
74 |
<option value="nocomments" <?PHP if ($mode == 'nocomments') { echo "selected"; } ?>><?php echo translate("No Comments"); ?> |
75 |
<option value="nested" <?PHP if ($mode == 'nested') { echo "selected"; } ?>><?php echo translate("Nested"); ?> |
76 |
<option value="flat" <?PHP if ($mode == 'flat') { echo "selected"; } ?>><?php echo translate("Flat"); ?> |
77 |
<option value="threaded" <?PHP if (!isset($mode) || $mode=='threaded' || $mode=="") { echo "selected"; } ?>><?php echo translate("Threaded"); ?> |
78 |
</select> <select name=order> |
79 |
<option value="0" <?PHP if (!$order) { echo "selected"; } ?>><?php echo translate("Oldest First"); ?> |
80 |
<option value="1" <?PHP if ($order==1) { echo "selected"; } ?>><?php echo translate("Newest First"); ?> |
81 |
<option value="2" <?PHP if ($order==2) { echo "selected"; } ?>><?php echo translate("Highest Scores First"); ?> |
82 |
</select> |
83 |
<input type=hidden name=sid value=<?PHP echo "$sid"; ?>> |
84 |
<input type=submit value=<?php echo translate("Refresh"); ?>></font> |
85 |
</td></tr></form> |
86 |
<tr><td bgcolor="<?php echo"$bgcolor2"; ?>" align=center><font face=Arial,Helvetica size=1 color="#FFFFFF"><?php echo translate("The comments are owned by the poster. We aren't responsable for its content."); ?></td></tr> |
87 |
</table> |
88 |
<?php |
89 |
} |
90 |
|
91 |
function DisplayKids ($tid, $mode, $order=0, $thold=0, $level=0, $dummy=0, $tblwidth=99) { |
92 |
global $datetime, $user, $cookie; |
93 |
include "config.php"; |
94 |
$comments = 0; |
95 |
cookiedecode($user); |
96 |
$result = mysql_query("select tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason from comments where pid = $tid order by date, tid"); |
97 |
if ($mode == 'nested') { |
98 |
/* without the tblwidth variable, the tables run of the screen with netscape |
99 |
in nested mode in long threads so the text can't be read. */ |
100 |
while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { |
101 |
if($r_score >= $thold) { |
102 |
if (!isset($level)) { |
103 |
//echo "<ul>"; |
104 |
} else { |
105 |
if (!$comments) { |
106 |
echo "<ul>"; |
107 |
$tblwidth -= 5; |
108 |
} |
109 |
} |
110 |
$comments++; |
111 |
if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; |
112 |
if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[".translate("No Subject")."]"; |
113 |
// enter hex color between first two appostrophe for second alt bgcolor |
114 |
$r_bgcolor = ($dummy%2)?"":"#E6E6D2"; |
115 |
echo "<a name=\"$r_tid\">"; |
116 |
echo "<table width=90% border=0><tr bgcolor=\"$r_bgcolor\"><td>"; |
117 |
formatTimestamp($r_date); |
118 |
if ($r_email) { |
119 |
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
120 |
if(!$cookie[7]) { |
121 |
echo "(".translate("Score: ")."$r_score"; |
122 |
if($r_reason>0) echo ", $reasons[$r_reason]"; |
123 |
echo ")"; |
124 |
} |
125 |
echo "<br>".translate("by")." <a href=\"mailto:$r_email\">$r_name</a> <font face=Arial,Helvetica size=2><b>($r_email)</b></font> ".translate("on")." $datetime"; |
126 |
} else { |
127 |
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
128 |
if(!$cookie[7]) { |
129 |
echo "(".translate("Score: ")."$r_score"; |
130 |
if($r_reason>0) echo ", $reasons[$r_reason]"; |
131 |
echo ")"; |
132 |
} |
133 |
echo "<br>".translate("by")." $r_name ".translate("on")." $datetime"; |
134 |
} |
135 |
if ($r_name != $anonymous) { echo "<BR>(<a href=\"user.php?op=userinfo&uname=$r_name\">".translate("User Info")."</a>) "; } |
136 |
if (eregi("http://",$r_url)) { echo "<a href=\"$r_url\" target=\"window\">$r_url</a> "; } |
137 |
echo "</font></td></tr><tr><td>"; |
138 |
if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><b><a href=\"comments.php?sid=$r_sid&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
139 |
elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a href=\"comments.php?sid=$r_sid&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
140 |
else echo $r_comment; |
141 |
echo "</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=\"$bgcolor2\"> [ <a href=\"comments.php?op=Reply&pid=$r_tid&sid=$r_sid&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a>"; |
142 |
modtwo($r_tid, $r_score, $r_reason); |
143 |
echo " ]</font><p>"; |
144 |
DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1, $tblwidth); |
145 |
} |
146 |
} |
147 |
} elseif ($mode == 'flat') { |
148 |
while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { |
149 |
if($r_score >= $thold) { |
150 |
if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; |
151 |
if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[".translate("No Subject")."]"; |
152 |
echo "<a name=\"$r_tid\">"; |
153 |
echo "<hr><table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td>"; |
154 |
formatTimestamp($r_date); |
155 |
if ($r_email) { |
156 |
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
157 |
if(!$cookie[7]) { |
158 |
echo "(".translate("Score: ")."$r_score"; |
159 |
if($r_reason>0) echo ", $reasons[$r_reason]"; |
160 |
echo ")"; |
161 |
} |
162 |
echo "<br>".translate("by")." <a href=\"mailto:$r_email\">$r_name</a> <font face=Arial,Helvetica size=2><b>($r_email)</b></font> ".translate("on")." $datetime"; |
163 |
} else { |
164 |
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
165 |
if(!$cookie[7]) { |
166 |
echo "(".translate("Score: ")."$r_score"; |
167 |
if($r_reason>0) echo ", $reasons[$r_reason]"; |
168 |
echo ")"; |
169 |
} |
170 |
echo "<br>".translate("by")." $r_name ".translate("on")." $datetime"; |
171 |
} |
172 |
if ($r_name != $anonymous) { echo "<BR>(<a href=\"user.php?op=userinfo&uname=$r_name\">".translate("User Info")."</a>) "; } |
173 |
if (eregi("http://",$r_url)) { echo "<a href=\"$r_url\" target=\"window\">$r_url</a> "; } |
174 |
echo "</font></td></tr><tr><td>"; |
175 |
if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><b><a href=\"comments.php?sid=$r_sid&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
176 |
elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a href=\"comments.php?sid=$r_sid&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
177 |
else echo $r_comment; |
178 |
echo "</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=\"$bgcolor2\"> [ <a href=\"comments.php?op=Reply&pid=$r_tid&sid=$r_sid&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a>"; |
179 |
modtwo($r_tid, $r_score, $r_reason); |
180 |
echo " ]</font><p>"; |
181 |
DisplayKids($r_tid, $mode, $order, $thold); |
182 |
} |
183 |
} |
184 |
} else { |
185 |
while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { |
186 |
if($r_score >= $thold) { |
187 |
if (!isset($level)) { |
188 |
//echo "<ul>"; |
189 |
} else { |
190 |
if (!$comments) { |
191 |
echo "<ul>"; |
192 |
} |
193 |
} |
194 |
$comments++; |
195 |
if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; |
196 |
if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[".translate("No Subject")."]"; |
197 |
formatTimestamp($r_date); |
198 |
echo "<li><a href=\"comments.php?op=showreply&tid=$r_tid&sid=$r_sid&pid=$r_pid&mode=$mode&order=$order&thold=$thold#$r_tid\">$r_subject</a> ".translate("by")." $r_name <font face=Arial,Helvetica size=2>".translate("on")." $datetime</font><br>"; |
199 |
|
200 |
DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1); |
201 |
} |
202 |
} |
203 |
} |
204 |
if ($level && $comments) { |
205 |
echo "</ul>"; |
206 |
} |
207 |
|
208 |
} |
209 |
|
210 |
function DisplayBabies ($tid, $level=0, $dummy=0) { |
211 |
global $datetime; |
212 |
include "config.php"; |
213 |
$comments = 0; |
214 |
$result = mysql_query("select tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason from comments where pid = $tid order by date, tid"); |
215 |
while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) |
216 |
{ |
217 |
if (!isset($level)) { |
218 |
//echo "<ul>"; |
219 |
} else { |
220 |
if (!$comments) { |
221 |
echo "<ul>"; |
222 |
} |
223 |
} |
224 |
$comments++; |
225 |
if (!eregi("[a-z0-9]",$r_name)) { $r_name = $anonymous; } |
226 |
if (!eregi("[a-z0-9]",$r_subject)) { $r_subject = "[".translate("No Subject")."]"; } |
227 |
|
228 |
formatTimestamp($r_date); |
229 |
echo "<a href=\"comments.php?op=showreply&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">$r_subject</a> ".translate("by")." $r_name <font face=Arial,Helvetica size=2>".translate("on")." $datetime</font><br>"; |
230 |
DisplayBabies($r_tid, $level+1, $dummy+1); |
231 |
} |
232 |
if ($level && $comments) { |
233 |
echo "</ul>"; |
234 |
} |
235 |
} |
236 |
|
237 |
function DisplayTopic ($sid, $pid=0, $tid=0, $mode="threaded", $order=0, $thold=0, $level=0, $nokids=0) { |
238 |
global $hr, $user, $datetime, $cookie, $mainfile, $admin; |
239 |
if($mainfile) { |
240 |
global $title, $bgcolor1, $bgcolor2, $bgcolor3; |
241 |
include "config.php"; |
242 |
} else { |
243 |
include("mainfile.php"); |
244 |
include("header.php"); |
245 |
} |
246 |
dbconnect(); |
247 |
$count_times = 0; |
248 |
cookiedecode($user); |
249 |
$q = "select tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason from comments where sid=$sid and pid=$pid"; |
250 |
if($thold != "") { |
251 |
$q .= " and score>=$thold"; |
252 |
} else { |
253 |
$q .= " and score>=0"; |
254 |
} |
255 |
if ($order==1) $q .= " order by date desc"; |
256 |
if ($order==2) $q .= " order by score desc"; |
257 |
$something = mysql_query("$q"); |
258 |
$num_tid = mysql_num_rows($something); |
259 |
navbar($sid, $title, $thold, $mode, $order); |
260 |
modone(); |
261 |
while ($count_times < $num_tid) { |
262 |
list($tid, $pid, $sid, $date, $name, $email, $url, $host_name, $subject, $comment, $score, $reason) = mysql_fetch_row($something); |
263 |
if ($name == "") { $name = $anonymous; } |
264 |
if ($subject == "") { $subject = "[".translate("No Subject")."]"; } |
265 |
|
266 |
echo "<a name=\"$tid\">"; |
267 |
echo "<table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td width=500>"; |
268 |
formatTimestamp($date); |
269 |
if ($email) { |
270 |
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
271 |
if(!$cookie[7]) { |
272 |
echo "(".translate("Score: ")."$score"; |
273 |
if($reason>0) echo ", $reasons[$reason]"; |
274 |
echo ")"; |
275 |
} |
276 |
echo "<br>".translate("by")." <a href=\"mailto:$email\">$name</a> <b>($email)</b> ".translate("on")." $datetime"; |
277 |
} else { |
278 |
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
279 |
if(!$cookie[7]) { |
280 |
echo "(".translate("Score: ")."$score"; |
281 |
if($reason>0) echo ", $reasons[$reason]"; |
282 |
echo ")"; |
283 |
} |
284 |
echo "<br>".translate("by")." $name ".translate("on")." $datetime"; |
285 |
} |
286 |
|
287 |
// If you are admin you can see the Poster IP address (you have this right, no?) |
288 |
// with this you can see who is flaming you... ha-ha-ha |
289 |
|
290 |
if ($name != $anonymous) { echo "<br>(<a href=\"user.php?op=userinfo&uname=$name\">".translate("User Info")."</a>) "; } |
291 |
if (eregi("http://",$url)) { echo "<a href=\"$url\" target=\"window\">$url</a> "; } |
292 |
|
293 |
if($admin) { |
294 |
$result= mysql_query("select host_name from comments where tid='$tid'"); |
295 |
list($host_name) = mysql_fetch_row($result); |
296 |
echo "<br><b>(IP: $host_name)</b>"; |
297 |
} |
298 |
|
299 |
echo "</font></td></tr><tr><td>"; |
300 |
if(($cookie[10]) && (strlen($comment) > $cookie[10])) echo substr("$comment", 0, $cookie[10])."<br><br><b><a href=\"comments.php?sid=$sid&tid=$tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
301 |
elseif(strlen($comment) > $commentlimit) echo substr("$comment", 0, $commentlimit)."<br><br><b><a href=\"comments.php?sid=$sid&tid=$tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
302 |
else echo $comment; |
303 |
echo "</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=000000> [ <a href=\"comments.php?op=Reply&pid=$tid&sid=$sid&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a>"; |
304 |
|
305 |
if ($pid != 0) { |
306 |
list($erin) = mysql_fetch_row(mysql_query("select pid from comments where tid=$pid")); |
307 |
echo "| <a href=\"comments.php?sid=$sid&pid=$erin&mode=$mode&order=$order&thold=$thold\">".translate("Parent")."</a>"; |
308 |
} |
309 |
modtwo($tid, $score, $reason); |
310 |
|
311 |
if($admin) { |
312 |
echo " | <a href=\"admin.php?op=RemoveComment&tid=$tid&sid=$sid\">".translate("Delete")."</a> ]</font><p>"; |
313 |
} else { |
314 |
echo " ]</font><p>"; |
315 |
} |
316 |
|
317 |
DisplayKids($tid, $mode, $order, $thold, $level); |
318 |
echo "</ul>"; |
319 |
if($hr) echo "<hr noshade size=1>"; |
320 |
echo "</p>"; |
321 |
$count_times += 1; |
322 |
} |
323 |
modthree($sid, $mode, $order, $thold); |
324 |
if($pid==0) return array($sid, $pid, $subject); |
325 |
else include("footer.php"); |
326 |
} |
327 |
|
328 |
function singlecomment($tid, $sid, $mode, $order, $thold) { |
329 |
include("mainfile.php"); |
330 |
include("header.php"); |
331 |
global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3; |
332 |
dbconnect(); |
333 |
$deekayen = mysql_query("select date, name, email, url, subject, comment, score, reason from comments where tid=$tid and sid=$sid"); |
334 |
list($date, $name, $email, $url, $subject, $comment, $score, $reason) = mysql_fetch_row($deekayen); |
335 |
$titlebar = "<b>$subject</b>"; |
336 |
if($name == "") $name = $anonymous; |
337 |
if($subject == "") $subject = "[".translate("No Subject")."]"; |
338 |
modone(); |
339 |
echo "<table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td width=500>"; |
340 |
formatTimestamp($date); |
341 |
if($email) echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>(".translate("Score: ")."$score)<br>".translate("by")." <a href=\"mailto:$email\"><font color=\"$bgcolor2\">$name</font></a> <font face=Arial,Helvetica size=2><b>($email)</b></font> ".translate("on")." $datetime"; |
342 |
else echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>(".translate("Score: ")."$score)<br>".translate("by")." $name ".translate("on")." $datetime"; |
343 |
echo "</td></tr><tr><td>$comment</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=\"$bgcolor2\"> [ <a href=\"comments.php?op=Reply&pid=$tid&sid=$sid&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a> | <a href=\"article.php?sid=$sid&mode=$mode&order=$order&thold=$thold\">Root</a>"; |
344 |
modtwo($tid, $score, $reason); |
345 |
echo " ]"; |
346 |
modthree($sid, $mode, $order, $thold); |
347 |
include("footer.php"); |
348 |
} |
349 |
|
350 |
function reply ($pid, $sid, $mode, $order, $thold) { |
351 |
include("mainfile.php"); |
352 |
include("header.php"); |
353 |
global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3; |
354 |
dbconnect(); |
355 |
if($pid!=0) { |
356 |
list($date, $name, $email, $url, $subject, $comment, $score) = mysql_fetch_row(mysql_query("select date, name, email, url, subject, comment, score from comments where tid=$pid")); |
357 |
} else { |
358 |
list($date, $subject, $temp_comment, $comment, $name, $notes) = mysql_fetch_row(mysql_query("select time, title, hometext, bodytext, informant, notes FROM stories where sid=$sid")); |
359 |
} |
360 |
if($comment == "") $comment = $temp_comment; |
361 |
$titlebar = "<b>$subject</b>"; |
362 |
if($name == "") $name = $anonymous; |
363 |
if($subject == "") $subject = "[".translate("No Subject")."]"; |
364 |
echo "<table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td width=500>"; |
365 |
formatTimestamp($date); |
366 |
if($email) { |
367 |
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
368 |
if(!$temp_comment) echo"(".translate("Score: ")."$score)"; |
369 |
echo "<br>".translate("by")." <a href=\"mailto:$email\"><font color=\"$bgcolor2\">$name</font></a> <font face=Arial,Helvetica size=2><b>($email)</b></font> ".translate("on")." $datetime"; |
370 |
} else { |
371 |
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
372 |
if(!$temp_comment) echo"(".translate("Score: ")."$score)"; |
373 |
echo "<br>".translate("by")." $name ".translate("on")." $datetime"; |
374 |
} |
375 |
echo "</td></tr><tr><td>$comment $notes</td></tr></table><hr>"; |
376 |
|
377 |
if(!isset($pid) || !isset($sid)) { echo "Something is not right. This message is just to keep things from messing up down the road"; exit(); } |
378 |
if($pid == 0) { |
379 |
list($subject) = mysql_fetch_row(mysql_query("select title from stories where sid=$sid")); |
380 |
} else { |
381 |
list($subject) = mysql_fetch_row(mysql_query("select subject from comments where tid=$pid")); |
382 |
} |
383 |
|
384 |
echo "<form action=\"comments.php\" method=post>"; |
385 |
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Your Name")."</B></FONT> "; |
386 |
if ($user) { |
387 |
cookiedecode($user); |
388 |
echo "<a href=\"user.php\">$cookie[1]</a> <font face=Arial,Helvetica size=2>[ <a href=\"user.php?op=logout\">".translate("Logout")."</a> ]</font>"; |
389 |
} else { |
390 |
echo "$anonymous"; $postanon=2; |
391 |
} |
392 |
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Subject")."</B></FONT><BR>"; |
393 |
if (!eregi("Re:",$subject)) $subject = "Re: $subject"; |
394 |
echo "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject\"><BR>"; |
395 |
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Comment")."</B></FONT><BR>" |
396 |
."<TEXTAREA wrap=virtual cols=50 rows=10 name=comment></TEXTAREA><br> |
397 |
<font face=Arial,Helvetica size=2>".translate("Allowed HTML:")."<br>"; |
398 |
while (list($key,)= each($AllowableHTML)) echo " <".$key.">"; |
399 |
echo "<br>"; |
400 |
if ($user) { echo "<INPUT type=checkbox name=postanon> ".translate("Post Anonymously")."<br>"; } |
401 |
echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">" |
402 |
."<INPUT type=\"hidden\" name=\"sid\" value=\"$sid\"><INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">" |
403 |
."<INPUT type=\"hidden\" name=\"order\" value=\"$order\"><INPUT type=\"hidden\" name=\"thold\" value=\"$thold\">" |
404 |
."<INPUT type=submit name=op value=\"Preview\">" |
405 |
."<INPUT type=submit name=op value=\"Ok!\"> <SELECT name=\"posttype\"><OPTION value=\"exttrans\">".translate("Extrans (html tags to text)")."<OPTION value=\"html\" >".translate("HTML Formatted")."<OPTION value=\"plaintext\" SELECTED>".translate("Plain Old Text")."</SELECT></FORM><br>"; |
406 |
|
407 |
include("footer.php"); |
408 |
} |
409 |
|
410 |
function replyPreview ($pid, $sid, $subject, $comment, $postanon, $mode, $order, $thold, $posttype) { |
411 |
include("mainfile.php"); |
412 |
include("header.php"); |
413 |
global $user, $cookie; |
414 |
cookiedecode($user); |
415 |
$subject = stripslashes(FixQuotes($subject)); |
416 |
$comment = stripslashes(FixQuotes($comment)); |
417 |
if (!isset($pid) || !isset($sid)) { echo "Something is not right with passing a variable to this function. This message is just to keep things from messing up down the road"; exit(); } |
418 |
|
419 |
echo "<table width=99% border=0><tr><td>"; |
420 |
echo "<p><b>$subject</b>"; |
421 |
echo "<br><font face=Arial,Helvetica size=2>".translate("by")." "; |
422 |
if ($user) echo "$cookie[1]"; |
423 |
else echo "$anonymous"; |
424 |
echo "".translate(" on...")."</font></td></tr><tr><td>"; |
425 |
if($posttype=="exttrans") echo nl2br(htmlspecialchars($comment)); |
426 |
elseif($posttype=="plaintext") echo nl2br($comment); |
427 |
else echo $comment; |
428 |
echo "</td></tr></table><br>"; |
429 |
|
430 |
echo "<hr>"; |
431 |
|
432 |
echo "<form action=\"comments.php\" method=post><P><FONT color=\"$bgcolor2\"><B>".translate("Your Name")."</B></FONT> "; |
433 |
if ($user) echo "<a href=\"user.php\">$cookie[1]</a> <font face=Arial,Helvetica size=2>[ <a href=\"user.php?op=logout\">".translate("Logout")."</a> ]</font>"; |
434 |
else echo "$anonymous"; |
435 |
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Subject")."</B></FONT><BR>" |
436 |
."<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject\"><br>" |
437 |
."<P><FONT color=\"$bgcolor2\"><B>".translate("Comment")."</B></FONT><BR>" |
438 |
."<TEXTAREA wrap=virtual cols=50 rows=10 name=comment>$comment</TEXTAREA><br>"; |
439 |
echo"<font face=Arial,Helvetica size=2>".translate("Allowed HTML:")."<br>"; |
440 |
while (list($key,)= each($AllowableHTML)) echo " <".$key.">"; |
441 |
echo "<br>"; |
442 |
if ($postanon) { echo "<INPUT type=checkbox name=postanon checked> ".translate("Post Anonymously")."<br>"; } elseif($user) { echo "<INPUT type=checkbox name=postanon> ".translate("Post Anonymously")."<br>"; } |
443 |
echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">" |
444 |
."<INPUT type=\"hidden\" name=\"sid\" value=\"$sid\"><INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">" |
445 |
."<INPUT type=\"hidden\" name=\"order\" value=\"$order\"><INPUT type=\"hidden\" name=\"thold\" value=\"$thold\">" |
446 |
."<INPUT type=submit name=op value=\"Preview\">" |
447 |
."<INPUT type=submit name=op value=\"Ok!\"> <SELECT name=\"posttype\"><OPTION value=\"exttrans\""; |
448 |
if($posttype=="exttrans") echo" SELECTED"; |
449 |
echo ">".translate("Extrans (html tags to text)")."<OPTION value=\"html\"";; |
450 |
if($posttype=="html") echo" SELECTED"; |
451 |
echo ">".translate("HTML Formatted")."<OPTION value=\"plaintext\""; |
452 |
if(($posttype!="exttrans") && ($posttype!="html")) echo" SELECTED"; |
453 |
echo ">".translate("Plain Old Text")."</SELECT></FORM><br>"; |
454 |
|
455 |
include("footer.php"); |
456 |
} |
457 |
|
458 |
function CreateTopic ($postanon, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype) { |
459 |
global $user, $userinfo, $EditedMessage, $cookie; |
460 |
include("mainfile.php"); |
461 |
dbconnect(); |
462 |
$author = FixQuotes($author); |
463 |
$subject = FixQuotes(filter_text($subject, "nohtml")); |
464 |
if($posttype=="exttrans") |
465 |
$comment = FixQuotes(nl2br(htmlspecialchars(check_words($comment)))); |
466 |
elseif($posttype=="plaintext") |
467 |
$comment = FixQuotes(nl2br(filter_text($comment))); |
468 |
else |
469 |
$comment = FixQuotes(filter_text($comment)); |
470 |
if($user) getusrinfo($user); |
471 |
if (($user) && (!$postanon)) { |
472 |
getusrinfo($user); |
473 |
$name = $userinfo[uname]; |
474 |
$email = $userinfo[femail]; |
475 |
$url = $userinfo[url]; |
476 |
$score = 1; |
477 |
} else { |
478 |
$name = ""; $email = ""; $url = ""; |
479 |
$score = 0; |
480 |
} |
481 |
$ip = getenv("REMOTE_ADDR"); |
482 |
//begin fake thread control |
483 |
list($fake) = mysql_fetch_row(mysql_query("select count(*) from stories where sid=$sid")); |
484 |
mysql_query("LOCK TABLES comments WRITE"); |
485 |
//begin duplicate control |
486 |
list($tia) = mysql_fetch_row(mysql_query("select count(*) from comments where pid='$pid' and sid='$sid' and subject='$subject' and comment='$comment'")); |
487 |
//begin troll control |
488 |
if($user) { |
489 |
list($troll) = mysql_fetch_row(mysql_query("select count(*) from comments where (score=-1) and (name='$userinfo[uname]') and (to_days(now()) - to_days(date) < 3)")); |
490 |
} elseif(!$score) { |
491 |
list($troll) = mysql_fetch_row(mysql_query("select count(*) from comments where (score=-1) and (host_name='$ip') and (to_days(now()) - to_days(date) < 3)")); |
492 |
} |
493 |
if((!$tia) && ($fake == 1) && ($troll < 6)) { |
494 |
mysql_query("insert into comments values (NULL, '$pid', '$sid', now(), '$name', '$email', '$url', '$ip', '$subject', '$comment', '$score', '0')"); |
495 |
} else { |
496 |
mysql_query("UNLOCK TABLES"); |
497 |
include("header.php"); |
498 |
if($tia) echo "Duplicate. Did you submit twice?<br><br><a href=\"article.php?sid=$sid&mode=$mode&order=$order&thold=$thold\">Back to comments</a>"; |
499 |
elseif($troll > 5) echo "This account or IP has been temporarily disabled. |
500 |
This means that either this IP, or |
501 |
user account has been moderated down more than 5 times in |
502 |
the last few hours. If you think this is unfair, |
503 |
you should contact the admin. If you |
504 |
are being a troll, now is the time for you to either |
505 |
grow up, or change your IP.<br><br><a href=\"article.php?sid=$sid&mode=$mode&order=$order&thold=$thold\">Back to comments</a>"; |
506 |
elseif($fake == 0) echo "According to my records, the topic you are trying |
507 |
to reply to does not exist. If you're just trying to be |
508 |
annoying, well then too bad."; |
509 |
include("footer.php"); |
510 |
exit; |
511 |
} |
512 |
mysql_query("UNLOCK TABLES"); |
513 |
mysql_query("update stories set comments=comments+1 where sid='$sid'"); |
514 |
Header("Location: article.php?sid=$sid&mode=$mode&order=$order&thold=$thold"); |
515 |
} |
516 |
|
517 |
switch($op) { |
518 |
|
519 |
case "Reply": |
520 |
reply($pid, $sid, $mode, $order, $thold); |
521 |
break; |
522 |
|
523 |
case "Preview": |
524 |
replyPreview ($pid, $sid, $subject, $comment, $postanon, $mode, $order, $thold, $posttype); |
525 |
break; |
526 |
|
527 |
case "Ok!": |
528 |
CreateTopic($postanon, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype); |
529 |
break; |
530 |
|
531 |
case "moderate": |
532 |
if(isset($admin)) { |
533 |
include("auth.inc.php"); |
534 |
} else { |
535 |
include("mainfile.php"); |
536 |
dbconnect(); |
537 |
} |
538 |
if(($admintest==1) || ($moderate==2)) { |
539 |
while(list($tdw, $emp) = each($HTTP_POST_VARS)) { |
540 |
if (eregi("dkn",$tdw)) { |
541 |
$emp = explode(":", $emp); |
542 |
if($emp[1] != 0) { |
543 |
$tdw = ereg_replace("dkn", "", $tdw); |
544 |
$q = "UPDATE comments SET"; |
545 |
if(($emp[1] == 9) && ($emp[0]>=0)) { # Overrated |
546 |
$q .= " score=score-1 where tid=$tdw"; |
547 |
} elseif (($emp[1] == 10) && ($emp[0]<=4)) { # Underrated |
548 |
$q .= " score=score+1 where tid=$tdw"; |
549 |
} elseif (($emp[1] > 4) && ($emp[0]<=4)) { |
550 |
$q .= " score=score+1, reason=$emp[1] where tid=$tdw"; |
551 |
} elseif (($emp[1] < 5) && ($emp[0] > -1)) { |
552 |
$q .= " score=score-1, reason=$emp[1] where tid=$tdw"; |
553 |
} elseif (($emp[0] == -1) || ($emp[0] == 5)) { |
554 |
$q .= " reason=$emp[1] where tid=$tdw"; |
555 |
} |
556 |
if(strlen($q) > 20) mysql_query("$q"); |
557 |
} |
558 |
} |
559 |
} |
560 |
} |
561 |
Header("Location: article.php?sid=$sid&mode=$mode&order=$order&thold=$thold"); |
562 |
break; |
563 |
|
564 |
case "showreply": |
565 |
DisplayTopic($sid, $pid, $tid, $mode, $order, $thold); |
566 |
break; |
567 |
|
568 |
default: |
569 |
if ((isset($tid)) && (!isset($pid))) { |
570 |
singlecomment($tid, $sid, $mode, $order, $thold); |
571 |
} elseif (($mainfile) xor (($pid==0) || (!isset($pid)))) { |
572 |
Header("Location: article.php?sid=$sid&mode=$mode&order=$order&thold=$thold"); |
573 |
} else { |
574 |
if(!isset($pid)) $pid=0; |
575 |
DisplayTopic($sid, $pid, $tid, $mode, $order, $thold); |
576 |
} |
577 |
// if (!isset($pid)) $pid = 0; |
578 |
break; |
579 |
} |
580 |
|
581 |
?> |