1 |
dpavlin |
1.1 |
<?php |
2 |
|
|
|
3 |
|
|
###################################################################### |
4 |
|
|
# PHP-NUKE: Web Portal System |
5 |
|
|
# =========================== |
6 |
|
|
# |
7 |
|
|
# Copyright (c) 2000 by Francisco Burzi (fburzi@ncc.org.ve) |
8 |
|
|
# http://www.ncc.org.ve/php-nuke.php |
9 |
|
|
# |
10 |
|
|
# This modules is to manage all user's comments in the site |
11 |
|
|
# |
12 |
|
|
# This program is free software. You can redistribute it and/or modify |
13 |
|
|
# it under the terms of the GNU General Public License as published by |
14 |
|
|
# the Free Software Foundation; either version 2 of the License. |
15 |
|
|
###################################################################### |
16 |
|
|
|
17 |
|
|
function modone() { |
18 |
|
|
include("config.php"); |
19 |
|
|
global $admin; |
20 |
|
|
if(((isset($admin)) && ($moderate == 1)) || ($moderate==2)) echo "<form action=\"pollcomments.php\" method=\"post\">"; |
21 |
|
|
} |
22 |
|
|
|
23 |
|
|
function modtwo($tid, $score, $reason) { |
24 |
|
|
include("config.php"); |
25 |
|
|
global $admin, $user; |
26 |
|
|
if((((isset($admin)) && ($moderate == 1)) || ($moderate == 2)) && ($user)) { |
27 |
|
|
echo " | <select name=dkn$tid>"; |
28 |
|
|
for($i=0; $i<sizeof($reasons); $i++) { |
29 |
|
|
echo "<option value=\"$score:$i\">$reasons[$i]</option>\n"; |
30 |
|
|
} |
31 |
|
|
echo "</select>"; |
32 |
|
|
} |
33 |
|
|
} |
34 |
|
|
|
35 |
|
|
function modthree($pollID, $mode, $order, $thold=0) { |
36 |
|
|
include("config.php"); |
37 |
|
|
global $admin, $user; |
38 |
|
|
if((((isset($admin)) && ($moderate == 1)) || ($moderate==2)) && ($user)) echo "<center><input type=hidden name=pollID value=$pollID><input type=hidden name=mode value=$mode><input type=hidden name=order value=$order><input type=hidden name=thold value=$thold> |
39 |
|
|
<input type=hidden name=op value=moderate> |
40 |
|
|
<input type=image src=$uimages/moderate.gif border=0></form></center>"; |
41 |
|
|
} |
42 |
|
|
|
43 |
|
|
function navbar($pollID, $title, $thold, $mode, $order) { |
44 |
|
|
global $user, $bgcolor1, $bgcolor2, $textcolor1, $textcolor2; |
45 |
|
|
echo "<table width=99% border=0 cellspacing=1 cellpadding=2> |
46 |
|
|
<tr><td bgcolor=$bgcolor2 align=center><font face=Arial,Helvetica size=1 color=FFFFFF>".translate("The comments are owned by the poster. We aren't responsable for its content.")."</td></tr> |
47 |
|
|
</table>"; |
48 |
|
|
} |
49 |
|
|
|
50 |
|
|
function DisplayKids ($tid, $mode, $order=0, $thold=0, $level=0, $dummy=0, $tblwidth=99) { |
51 |
|
|
global $datetime, $user, $cookie; |
52 |
|
|
include "config.php"; |
53 |
|
|
$comments = 0; |
54 |
|
|
cookiedecode($user); |
55 |
|
|
$result = mysql_query("select tid, pid, pollID, date, name, email, url, host_name, subject, comment, score, reason from pollcomments where pid = $tid order by date, tid"); |
56 |
|
|
if ($mode == 'nested') { |
57 |
|
|
/* without the tblwidth variable, the tables run of the screen with netscape |
58 |
|
|
in nested mode in long threads so the text can't be read. */ |
59 |
|
|
while (list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { |
60 |
|
|
if($r_score >= $thold) { |
61 |
|
|
if (!isset($level)) { |
62 |
|
|
//echo "<ul>"; |
63 |
|
|
} else { |
64 |
|
|
if (!$comments) { |
65 |
|
|
echo "<ul>"; |
66 |
|
|
$tblwidth -= 5; |
67 |
|
|
} |
68 |
|
|
} |
69 |
|
|
$comments++; |
70 |
|
|
if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; |
71 |
|
|
if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[".translate("No Subject")."]"; |
72 |
|
|
// enter hex color between first two appostrophe for second alt bgcolor |
73 |
|
|
$r_bgcolor = ($dummy%2)?"":"#E6E6D2"; |
74 |
|
|
echo "<a name=\"$r_tid\">"; |
75 |
|
|
echo "<table width=90% border=0><tr bgcolor=\"$r_bgcolor\"><td>"; |
76 |
|
|
formatTimestamp($r_date); |
77 |
|
|
if ($r_email) { |
78 |
|
|
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
79 |
|
|
if(!$cookie[7]) { |
80 |
|
|
echo "(".translate("Score: ")."$r_score"; |
81 |
|
|
if($r_reason>0) echo ", $reasons[$r_reason]"; |
82 |
|
|
echo ")"; |
83 |
|
|
} |
84 |
|
|
echo "<br>".translate("by")." <a href=\"mailto:$r_email\">$r_name</a> <font face=Arial,Helvetica size=2><b>($r_email)</b></font> ".translate("on")." $datetime"; |
85 |
|
|
} else { |
86 |
|
|
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
87 |
|
|
if(!$cookie[7]) { |
88 |
|
|
echo "(".translate("Score: ")."$r_score"; |
89 |
|
|
if($r_reason>0) echo ", $reasons[$r_reason]"; |
90 |
|
|
echo ")"; |
91 |
|
|
} |
92 |
|
|
echo "<br>".translate("by")." $r_name ".translate("on")." $datetime"; |
93 |
|
|
} |
94 |
|
|
if ($r_name != $anonymous) { echo "<BR>(<a href=\"user.php?op=userinfo&uname=$r_name\">".translate("User Info")."</a>) "; } |
95 |
|
|
if (eregi("http://",$r_url)) { echo "<a href=\"$r_url\" target=\"window\">$r_url</a> "; } |
96 |
|
|
echo "</font></td></tr><tr><td>"; |
97 |
|
|
if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><b><a href=\"pollcomments.php?pollID=$r_pollID&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
98 |
|
|
elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a href=\"pollcomments.php?pollID=$r_pollID&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
99 |
|
|
else echo $r_comment; |
100 |
|
|
echo "</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=\"$bgcolor2\"> [ <a href=\"pollcomments.php?op=Reply&pid=$r_tid&pollID=$r_pollID&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a>"; |
101 |
|
|
modtwo($r_tid, $r_score, $r_reason); |
102 |
|
|
echo " ]</font><p>"; |
103 |
|
|
DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1, $tblwidth); |
104 |
|
|
} |
105 |
|
|
} |
106 |
|
|
} elseif ($mode == 'flat') { |
107 |
|
|
while (list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { |
108 |
|
|
if($r_score >= $thold) { |
109 |
|
|
if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; |
110 |
|
|
if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[".translate("No Subject")."]"; |
111 |
|
|
echo "<a name=\"$r_tid\">"; |
112 |
|
|
echo "<hr><table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td>"; |
113 |
|
|
formatTimestamp($r_date); |
114 |
|
|
if ($r_email) { |
115 |
|
|
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
116 |
|
|
if(!$cookie[7]) { |
117 |
|
|
echo "(".translate("Score: ")."$r_score"; |
118 |
|
|
if($r_reason>0) echo ", $reasons[$r_reason]"; |
119 |
|
|
echo ")"; |
120 |
|
|
} |
121 |
|
|
echo "<br>".translate("by")." <a href=\"mailto:$r_email\">$r_name</a> <font face=Arial,Helvetica size=2><b>($r_email)</b></font> ".translate("on")." $datetime"; |
122 |
|
|
} else { |
123 |
|
|
echo "<p><b>$r_subject</b> <font face=Arial,Helvetica size=2>"; |
124 |
|
|
if(!$cookie[7]) { |
125 |
|
|
echo "(".translate("Score: ")."$r_score"; |
126 |
|
|
if($r_reason>0) echo ", $reasons[$r_reason]"; |
127 |
|
|
echo ")"; |
128 |
|
|
} |
129 |
|
|
echo "<br>".translate("by")." $r_name ".translate("on")." $datetime"; |
130 |
|
|
} |
131 |
|
|
if ($r_name != $anonymous) { echo "<BR>(<a href=\"user.php?op=userinfo&uname=$r_name\">".translate("User Info")."</a>) "; } |
132 |
|
|
if (eregi("http://",$r_url)) { echo "<a href=\"$r_url\" target=\"window\">$r_url</a> "; } |
133 |
|
|
echo "</font></td></tr><tr><td>"; |
134 |
|
|
if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><b><a href=\"pollcomments.php?pollID=$r_pollID&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
135 |
|
|
elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a href=\"pollcomments.php?pollID=$r_pollID&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
136 |
|
|
else echo $r_comment; |
137 |
|
|
echo "</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=\"$bgcolor2\"> [ <a href=\"pollcomments.php?op=Reply&pid=$r_tid&pollID=$r_pollID&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a>"; |
138 |
|
|
modtwo($r_tid, $r_score, $r_reason); |
139 |
|
|
echo " ]</font><p>"; |
140 |
|
|
DisplayKids($r_tid, $mode, $order, $thold); |
141 |
|
|
} |
142 |
|
|
} |
143 |
|
|
} else { |
144 |
|
|
while (list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { |
145 |
|
|
if($r_score >= $thold) { |
146 |
|
|
if (!isset($level)) { |
147 |
|
|
//echo "<ul>"; |
148 |
|
|
} else { |
149 |
|
|
if (!$comments) { |
150 |
|
|
echo "<ul>"; |
151 |
|
|
} |
152 |
|
|
} |
153 |
|
|
$comments++; |
154 |
|
|
if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; |
155 |
|
|
if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[".translate("No Subject")."]"; |
156 |
|
|
formatTimestamp($r_date); |
157 |
|
|
echo "<li><a href=\"pollcomments.php?op=showreply&tid=$r_tid&pollID=$r_pollID&pid=$r_pid&mode=$mode&order=$order&thold=$thold#$r_tid\">$r_subject</a> ".translate("by")." $r_name <font face=Arial,Helvetica size=2>".translate("on")." $datetime</font><br>"; |
158 |
|
|
|
159 |
|
|
DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1); |
160 |
|
|
} |
161 |
|
|
} |
162 |
|
|
} |
163 |
|
|
if ($level && $comments) { |
164 |
|
|
echo "</ul>"; |
165 |
|
|
} |
166 |
|
|
|
167 |
|
|
} |
168 |
|
|
|
169 |
|
|
function DisplayBabies ($tid, $level=0, $dummy=0) { |
170 |
|
|
global $datetime; |
171 |
|
|
include "config.php"; |
172 |
|
|
$comments = 0; |
173 |
|
|
$result = mysql_query("select tid, pid, pollID, date, name, email, url, host_name, subject, comment, score, reason from pollcomments where pid = $tid order by date, tid"); |
174 |
|
|
while (list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) |
175 |
|
|
{ |
176 |
|
|
if (!isset($level)) { |
177 |
|
|
//echo "<ul>"; |
178 |
|
|
} else { |
179 |
|
|
if (!$comments) { |
180 |
|
|
echo "<ul>"; |
181 |
|
|
} |
182 |
|
|
} |
183 |
|
|
$comments++; |
184 |
|
|
if (!eregi("[a-z0-9]",$r_name)) { $r_name = $anonymous; } |
185 |
|
|
if (!eregi("[a-z0-9]",$r_subject)) { $r_subject = "[".translate("No Subject")."]"; } |
186 |
|
|
|
187 |
|
|
formatTimestamp($r_date); |
188 |
|
|
echo "<a href=\"pollcomments.php?op=showreply&tid=$r_tid&mode=$mode&order=$order&thold=$thold\">$r_subject</a> ".translate("by")." $r_name <font face=Arial,Helvetica size=2>".translate("on")." $datetime</font><br>"; |
189 |
|
|
DisplayBabies($r_tid, $level+1, $dummy+1); |
190 |
|
|
} |
191 |
|
|
if ($level && $comments) { |
192 |
|
|
echo "</ul>"; |
193 |
|
|
} |
194 |
|
|
} |
195 |
|
|
|
196 |
|
|
function DisplayTopic ($pollID, $pid=0, $tid=0, $mode="threaded", $order=0, $thold=0, $level=0, $nokids=0) { |
197 |
|
|
global $hr, $user, $datetime, $cookie, $mainfile, $admin; |
198 |
|
|
if($mainfile) { |
199 |
|
|
global $title, $bgcolor1, $bgcolor2, $bgcolor3; |
200 |
|
|
include "config.php"; |
201 |
|
|
} else { |
202 |
|
|
include("mainfile.php"); |
203 |
|
|
include("header.php"); |
204 |
|
|
} |
205 |
|
|
dbconnect(); |
206 |
|
|
$count_times = 0; |
207 |
|
|
cookiedecode($user); |
208 |
|
|
$q = "select tid, pid, pollID, date, name, email, url, host_name, subject, comment, score, reason from pollcomments where pollID=$pollID and pid=$pid"; |
209 |
|
|
if($thold != "") { |
210 |
|
|
$q .= " and score>=$thold"; |
211 |
|
|
} else { |
212 |
|
|
$q .= " and score>=0"; |
213 |
|
|
} |
214 |
|
|
if ($order==1) $q .= " order by date desc"; |
215 |
|
|
if ($order==2) $q .= " order by score desc"; |
216 |
|
|
$something = mysql_query("$q"); |
217 |
|
|
$num_tid = mysql_num_rows($something); |
218 |
|
|
navbar($pollID, $title, $thold, $mode, $order); |
219 |
|
|
modone(); |
220 |
|
|
while ($count_times < $num_tid) { |
221 |
|
|
list($tid, $pid, $pollID, $date, $name, $email, $url, $host_name, $subject, $comment, $score, $reason) = mysql_fetch_row($something); |
222 |
|
|
if ($name == "") { $name = $anonymous; } |
223 |
|
|
if ($subject == "") { $subject = "[".translate("No Subject")."]"; } |
224 |
|
|
|
225 |
|
|
echo "<a name=\"$tid\">"; |
226 |
|
|
echo "<table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td width=500>"; |
227 |
|
|
formatTimestamp($date); |
228 |
|
|
if ($email) { |
229 |
|
|
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
230 |
|
|
if(!$cookie[7]) { |
231 |
|
|
echo "(".translate("Score: ")."$score"; |
232 |
|
|
if($reason>0) echo ", $reasons[$reason]"; |
233 |
|
|
echo ")"; |
234 |
|
|
} |
235 |
|
|
echo "<br>".translate("by")." <a href=\"mailto:$email\">$name</a> <b>($email)</b> ".translate("on")." $datetime"; |
236 |
|
|
} else { |
237 |
|
|
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
238 |
|
|
if(!$cookie[7]) { |
239 |
|
|
echo "(".translate("Score: ")."$score"; |
240 |
|
|
if($reason>0) echo ", $reasons[$reason]"; |
241 |
|
|
echo ")"; |
242 |
|
|
} |
243 |
|
|
echo "<br>".translate("by")." $name ".translate("on")." $datetime"; |
244 |
|
|
} |
245 |
|
|
|
246 |
|
|
// If you are admin you can see the Poster IP address (you have this right, no?) |
247 |
|
|
// with this you can see who is flaming you... ha-ha-ha |
248 |
|
|
|
249 |
|
|
if ($name != $anonymous) { echo "<br>(<a href=\"user.php?op=userinfo&uname=$name\">".translate("User Info")."</a>) "; } |
250 |
|
|
if (eregi("http://",$url)) { echo "<a href=\"$url\" target=\"window\">$url</a> "; } |
251 |
|
|
|
252 |
|
|
if($admin) { |
253 |
|
|
$result= mysql_query("select host_name from pollcomments where tid='$tid'"); |
254 |
|
|
list($host_name) = mysql_fetch_row($result); |
255 |
|
|
echo "<br><b>(IP: $host_name)</b>"; |
256 |
|
|
} |
257 |
|
|
|
258 |
|
|
echo "</font></td></tr><tr><td>"; |
259 |
|
|
if(($cookie[10]) && (strlen($comment) > $cookie[10])) echo substr("$comment", 0, $cookie[10])."<br><br><b><a href=\"pollcomments.php?pollID=$pollID&tid=$tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
260 |
|
|
elseif(strlen($comment) > $commentlimit) echo substr("$comment", 0, $commentlimit)."<br><br><b><a href=\"pollcomments.php?pollID=$pollID&tid=$tid&mode=$mode&order=$order&thold=$thold\">".translate("Read the rest of this comment...")."</a></b>"; |
261 |
|
|
else echo $comment; |
262 |
|
|
echo "</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=000000> [ <a href=\"pollcomments.php?op=Reply&pid=$tid&pollID=$pollID&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a>"; |
263 |
|
|
|
264 |
|
|
if ($pid != 0) { |
265 |
|
|
list($erin) = mysql_fetch_row(mysql_query("select pid from pollcomments where tid=$pid")); |
266 |
|
|
echo "| <a href=\"pollcomments.php?pollID=$pollID&pid=$erin&mode=$mode&order=$order&thold=$thold\">".translate("Parent")."</a>"; |
267 |
|
|
} |
268 |
|
|
modtwo($tid, $score, $reason); |
269 |
|
|
|
270 |
|
|
if($admin) { |
271 |
|
|
echo " | <a href=\"admin.php?op=RemovePollComment&tid=$tid&pollID=$pollID\">".translate("Delete")."</a> ]</font><p>"; |
272 |
|
|
} else { |
273 |
|
|
echo " ]</font><p>"; |
274 |
|
|
} |
275 |
|
|
|
276 |
|
|
DisplayKids($tid, $mode, $order, $thold, $level); |
277 |
|
|
echo "</ul>"; |
278 |
|
|
if($hr) echo "<hr noshade size=1>"; |
279 |
|
|
echo "</p>"; |
280 |
|
|
$count_times += 1; |
281 |
|
|
} |
282 |
|
|
modthree($pollID, $mode, $order, $thold); |
283 |
|
|
if($pid==0) return array($pollID, $pid, $subject); |
284 |
|
|
else include("footer.php"); |
285 |
|
|
} |
286 |
|
|
|
287 |
|
|
function singlecomment($tid, $pollID, $mode, $order, $thold) { |
288 |
|
|
include("mainfile.php"); |
289 |
|
|
include("header.php"); |
290 |
|
|
global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3; |
291 |
|
|
dbconnect(); |
292 |
|
|
$deekayen = mysql_query("select date, name, email, url, subject, comment, score, reason from pollcomments where tid=$tid and pollID=$pollID"); |
293 |
|
|
list($date, $name, $email, $url, $subject, $comment, $score, $reason) = mysql_fetch_row($deekayen); |
294 |
|
|
$titlebar = "<b>$subject</b>"; |
295 |
|
|
if($name == "") $name = $anonymous; |
296 |
|
|
if($subject == "") $subject = "[".translate("No Subject")."]"; |
297 |
|
|
modone(); |
298 |
|
|
echo "<table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td width=500>"; |
299 |
|
|
formatTimestamp($date); |
300 |
|
|
if($email) echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>(".translate("Score: ")."$score)<br>".translate("by")." <a href=\"mailto:$email\"><font color=\"$bgcolor2\">$name</font></a> <font face=Arial,Helvetica size=2><b>($email)</b></font> ".translate("on")." $datetime"; |
301 |
|
|
else echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>(".translate("Score: ")."$score)<br>".translate("by")." $name ".translate("on")." $datetime"; |
302 |
|
|
echo "</td></tr><tr><td>$comment</td></tr></table><br><p><font face=Arial,Helvetica size=2 color=\"$bgcolor2\"> [ <a href=\"pollcomments.php?op=Reply&pid=$tid&pollID=$pollID&mode=$mode&order=$order&thold=$thold\">".translate("Reply")."</a> | <a href=\"pollBooth.php?pollID=$pollID\">Root</a>"; |
303 |
|
|
modtwo($tid, $score, $reason); |
304 |
|
|
echo " ]"; |
305 |
|
|
modthree($pollID, $mode, $order, $thold); |
306 |
|
|
include("footer.php"); |
307 |
|
|
} |
308 |
|
|
|
309 |
|
|
function reply ($pid, $pollID, $mode, $order, $thold) { |
310 |
|
|
include("mainfile.php"); |
311 |
|
|
include("header.php"); |
312 |
|
|
global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3; |
313 |
|
|
dbconnect(); |
314 |
|
|
if($pid!=0) { |
315 |
|
|
list($date, $name, $email, $url, $subject, $comment, $score) = mysql_fetch_row(mysql_query("select date, name, email, url, subject, comment, score from pollcomments where tid=$pid")); |
316 |
|
|
} else { |
317 |
|
|
list($subject) = mysql_fetch_row(mysql_query("select pollTitle FROM poll_desc where pollID=$pollID")); |
318 |
|
|
} |
319 |
|
|
// pollResults($pollID); |
320 |
|
|
if($comment == "") $comment = $temp_comment; |
321 |
|
|
$titlebar = "<b>$subject</b>"; |
322 |
|
|
if($name == "") $name = $anonymous; |
323 |
|
|
if($subject == "") $subject = "[".translate("No Subject")."]"; |
324 |
|
|
echo "<table width=99% border=0><tr bgcolor=\"$bgcolor1\"><td width=500>"; |
325 |
|
|
formatTimestamp($date); |
326 |
|
|
echo "<p><b>$subject</b> <font face=Arial,Helvetica size=2>"; |
327 |
|
|
echo "</td></tr><tr><td>$comment $notes</td></tr></table><hr>"; |
328 |
|
|
|
329 |
|
|
if(!isset($pid) || !isset($pollID)) { echo "Something is not right. This message is just to keep things from messing up down the road"; exit(); } |
330 |
|
|
if($pid == 0) { |
331 |
|
|
list($subject) = mysql_fetch_row(mysql_query("select pollTitle from poll_desc where pollID=$pollID")); |
332 |
|
|
} else { |
333 |
|
|
list($subject) = mysql_fetch_row(mysql_query("select subject from pollcomments where tid=$pid")); |
334 |
|
|
} |
335 |
|
|
|
336 |
|
|
echo "<form action=\"pollcomments.php\" method=post>"; |
337 |
|
|
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Your Name")."</B></FONT> "; |
338 |
|
|
if ($user) { |
339 |
|
|
cookiedecode($user); |
340 |
|
|
echo "<a href=\"user.php\">$cookie[1]</a> <font face=Arial,Helvetica size=2>[ <a href=\"user.php?op=logout\">".translate("Logout")."</a> ]</font>"; |
341 |
|
|
} else { |
342 |
|
|
echo "$anonymous"; $postanon=2; |
343 |
|
|
} |
344 |
|
|
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Subject")."</B></FONT><BR>"; |
345 |
|
|
if (!eregi("Re:",$subject)) $subject = "Re: $subject"; |
346 |
|
|
echo "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject\"><BR>"; |
347 |
|
|
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Comment")."</B></FONT><BR>" |
348 |
|
|
."<TEXTAREA wrap=virtual cols=50 rows=10 name=comment></TEXTAREA><br> |
349 |
|
|
<font face=Arial,Helvetica size=2>".translate("Allowed HTML:")."<br>"; |
350 |
|
|
while (list($key,)= each($AllowableHTML)) echo " <".$key.">"; |
351 |
|
|
echo "<br>"; |
352 |
|
|
if ($user) { echo "<INPUT type=checkbox name=postanon> ".translate("Post Anonymously")."<br>"; } |
353 |
|
|
echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">" |
354 |
|
|
."<INPUT type=\"hidden\" name=\"pollID\" value=\"$pollID\"><INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">" |
355 |
|
|
."<INPUT type=\"hidden\" name=\"order\" value=\"$order\"><INPUT type=\"hidden\" name=\"thold\" value=\"$thold\">" |
356 |
|
|
."<INPUT type=submit name=op value=\"Preview\">" |
357 |
|
|
."<INPUT type=submit name=op value=\"Ok!\"> <SELECT name=\"posttype\"><OPTION value=\"exttrans\">".translate("Extrans (html tags to text)")."<OPTION value=\"html\" >".translate("HTML Formatted")."<OPTION value=\"plaintext\" SELECTED>".translate("Plain Old Text")."</SELECT></FORM><br>"; |
358 |
|
|
|
359 |
|
|
include("footer.php"); |
360 |
|
|
} |
361 |
|
|
|
362 |
|
|
function replyPreview ($pid, $pollID, $subject, $comment, $postanon, $mode, $order, $thold, $posttype) { |
363 |
|
|
include("mainfile.php"); |
364 |
|
|
include("header.php"); |
365 |
|
|
global $user, $cookie; |
366 |
|
|
cookiedecode($user); |
367 |
|
|
$subject = stripslashes(FixQuotes($subject)); |
368 |
|
|
$comment = stripslashes(FixQuotes($comment)); |
369 |
|
|
if (!isset($pid) || !isset($pollID)) { echo "Something is not right with passing a variable to this function. This message is just to keep things from messing up down the road"; exit(); } |
370 |
|
|
|
371 |
|
|
echo "<table width=99% border=0><tr><td>"; |
372 |
|
|
echo "<p><b>$subject</b>"; |
373 |
|
|
echo "<br><font face=Arial,Helvetica size=2>".translate("by")." "; |
374 |
|
|
if ($user) echo "$cookie[1]"; |
375 |
|
|
else echo "$anonymous"; |
376 |
|
|
echo "".translate(" on...")."</font></td></tr><tr><td>"; |
377 |
|
|
if($posttype=="exttrans") echo nl2br(htmlspecialchars($comment)); |
378 |
|
|
elseif($posttype=="plaintext") echo nl2br($comment); |
379 |
|
|
else echo $comment; |
380 |
|
|
echo "</td></tr></table><br>"; |
381 |
|
|
|
382 |
|
|
echo "<hr>"; |
383 |
|
|
|
384 |
|
|
echo "<form action=\"pollcomments.php\" method=post><P><FONT color=\"$bgcolor2\"><B>".translate("Your Name")."</B></FONT> "; |
385 |
|
|
if ($user) echo "<a href=\"user.php\">$cookie[1]</a> <font face=Arial,Helvetica size=2>[ <a href=\"user.php?op=logout\">".translate("Logout")."</a> ]</font>"; |
386 |
|
|
else echo "$anonymous"; |
387 |
|
|
echo "<P><FONT color=\"$bgcolor2\"><B>".translate("Subject")."</B></FONT><BR>" |
388 |
|
|
."<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject\"><br>" |
389 |
|
|
."<P><FONT color=\"$bgcolor2\"><B>".translate("Comment")."</B></FONT><BR>" |
390 |
|
|
."<TEXTAREA wrap=virtual cols=50 rows=10 name=comment>$comment</TEXTAREA><br>"; |
391 |
|
|
echo"<font face=Arial,Helvetica size=2>".translate("Allowed HTML:")."<br>"; |
392 |
|
|
while (list($key,)= each($AllowableHTML)) echo " <".$key.">"; |
393 |
|
|
echo "<br>"; |
394 |
|
|
if ($postanon) { echo "<INPUT type=checkbox name=postanon checked> ".translate("Post Anonymously")."<br>"; } elseif($user) { echo "<INPUT type=checkbox name=postanon> ".translate("Post Anonymously")."<br>"; } |
395 |
|
|
echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">" |
396 |
|
|
."<INPUT type=\"hidden\" name=\"pollID\" value=\"$pollID\"><INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">" |
397 |
|
|
."<INPUT type=\"hidden\" name=\"order\" value=\"$order\"><INPUT type=\"hidden\" name=\"thold\" value=\"$thold\">" |
398 |
|
|
."<INPUT type=submit name=op value=\"Preview\">" |
399 |
|
|
."<INPUT type=submit name=op value=\"Ok!\"> <SELECT name=\"posttype\"><OPTION value=\"exttrans\""; |
400 |
|
|
if($posttype=="exttrans") echo" SELECTED"; |
401 |
|
|
echo ">".translate("Extrans (html tags to text)")."<OPTION value=\"html\"";; |
402 |
|
|
if($posttype=="html") echo" SELECTED"; |
403 |
|
|
echo ">".translate("HTML Formatted")."<OPTION value=\"plaintext\""; |
404 |
|
|
if(($posttype!="exttrans") && ($posttype!="html")) echo" SELECTED"; |
405 |
|
|
echo ">".translate("Plain Old Text")."</SELECT></FORM><br>"; |
406 |
|
|
|
407 |
|
|
include("footer.php"); |
408 |
|
|
} |
409 |
|
|
|
410 |
|
|
function CreateTopic ($postanon, $subject, $comment, $pid, $pollID, $host_name, $mode, $order, $thold, $posttype) { |
411 |
|
|
global $user, $userinfo, $EditedMessage, $cookie; |
412 |
|
|
include("mainfile.php"); |
413 |
|
|
dbconnect(); |
414 |
|
|
$author = FixQuotes($author); |
415 |
|
|
$subject = FixQuotes(filter_text($subject, "nohtml")); |
416 |
|
|
if($posttype=="exttrans") |
417 |
|
|
$comment = FixQuotes(nl2br(htmlspecialchars(check_words($comment)))); |
418 |
|
|
elseif($posttype=="plaintext") |
419 |
|
|
$comment = FixQuotes(nl2br(filter_text($comment))); |
420 |
|
|
else |
421 |
|
|
$comment = FixQuotes(filter_text($comment)); |
422 |
|
|
if($user) getusrinfo($user); |
423 |
|
|
if (($user) && (!$postanon)) { |
424 |
|
|
getusrinfo($user); |
425 |
|
|
$name = $userinfo[uname]; |
426 |
|
|
$email = $userinfo[femail]; |
427 |
|
|
$url = $userinfo[url]; |
428 |
|
|
$score = 1; |
429 |
|
|
} else { |
430 |
|
|
$name = ""; $email = ""; $url = ""; |
431 |
|
|
$score = 0; |
432 |
|
|
} |
433 |
|
|
$ip = getenv("REMOTE_HOST"); |
434 |
|
|
if (empty($ip)) { |
435 |
|
|
$ip = getenv("REMOTE_ADDR"); |
436 |
|
|
} |
437 |
|
|
//begin fake thread control |
438 |
|
|
list($fake) = mysql_fetch_row(mysql_query("select count(*) from poll_desc where pollID=$pollID")); |
439 |
|
|
mysql_query("LOCK TABLES pollcomments WRITE"); |
440 |
|
|
//begin duplicate control |
441 |
|
|
list($tia) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where pid='$pid' and pollID='$pollID' and subject='$subject' and comment='$comment'")); |
442 |
|
|
//begin troll control |
443 |
|
|
if($user) { |
444 |
|
|
list($troll) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where (score=-1) and (name='$userinfo[uname]') and (to_days(now()) - to_days(date) < 3)")); |
445 |
|
|
} elseif(!$score) { |
446 |
|
|
list($troll) = mysql_fetch_row(mysql_query("select count(*) from pollcomments where (score=-1) and (host_name='$ip') and (to_days(now()) - to_days(date) < 3)")); |
447 |
|
|
} |
448 |
|
|
if((!$tia) && ($fake == 1) && ($troll < 6)) { |
449 |
|
|
mysql_query("insert into pollcomments values (NULL, '$pid', '$pollID', now(), '$name', '$email', '$url', '$ip', '$subject', '$comment', '$score', '0')"); |
450 |
|
|
} else { |
451 |
|
|
mysql_query("UNLOCK TABLES"); |
452 |
|
|
include("header.php"); |
453 |
|
|
if($tia) echo "Duplicate. Did you submit twice?<br><br><a href=\"pollBooth.php?op=results&pollID=$pollID\">Back to Poll</a>"; |
454 |
|
|
elseif($troll > 5) echo "This account or IP has been temporarily disabled. |
455 |
|
|
This means that either this IP, or |
456 |
|
|
user account has been moderated down more than 5 times in |
457 |
|
|
the last few hours. If you think this is unfair, |
458 |
|
|
you should contact the admin. If you |
459 |
|
|
are being a troll, now is the time for you to either |
460 |
|
|
grow up, or change your IP.<br><br><a href=\"pollBooth.php?pollID=$pollID\">Back to Poll</a>"; |
461 |
|
|
elseif($fake == 0) echo "According to my records, the topic you are trying |
462 |
|
|
to reply to does not exist. If you're just trying to be |
463 |
|
|
annoying, well then too bad."; |
464 |
|
|
include("footer.php"); |
465 |
|
|
exit; |
466 |
|
|
} |
467 |
|
|
mysql_query("UNLOCK TABLES"); |
468 |
|
|
Header("Location: pollBooth.php?op=results&pollID=$pollID"); |
469 |
|
|
} |
470 |
|
|
|
471 |
|
|
switch($op) { |
472 |
|
|
|
473 |
|
|
case "Reply": |
474 |
|
|
reply($pid, $pollID, $mode, $order, $thold); |
475 |
|
|
break; |
476 |
|
|
|
477 |
|
|
case "Preview": |
478 |
|
|
replyPreview ($pid, $pollID, $subject, $comment, $postanon, $mode, $order, $thold, $posttype); |
479 |
|
|
break; |
480 |
|
|
|
481 |
|
|
case "Ok!": |
482 |
|
|
CreateTopic($postanon, $subject, $comment, $pid, $pollID, $host_name, $mode, $order, $thold, $posttype); |
483 |
|
|
break; |
484 |
|
|
|
485 |
|
|
case "moderate": |
486 |
|
|
if(isset($admin)) { |
487 |
|
|
include("auth.inc.php"); |
488 |
|
|
} else { |
489 |
|
|
include("mainfile.php"); |
490 |
|
|
dbconnect(); |
491 |
|
|
} |
492 |
|
|
if(($admintest==1) || ($moderate==2)) { |
493 |
|
|
while(list($tdw, $emp) = each($HTTP_POST_VARS)) { |
494 |
|
|
if (eregi("dkn",$tdw)) { |
495 |
|
|
$emp = explode(":", $emp); |
496 |
|
|
if($emp[1] != 0) { |
497 |
|
|
$tdw = ereg_replace("dkn", "", $tdw); |
498 |
|
|
$q = "UPDATE pollcomments SET"; |
499 |
|
|
if(($emp[1] == 9) && ($emp[0]>=0)) { # Overrated |
500 |
|
|
$q .= " score=score-1 where tid=$tdw"; |
501 |
|
|
} elseif (($emp[1] == 10) && ($emp[0]<=4)) { # Underrated |
502 |
|
|
$q .= " score=score+1 where tid=$tdw"; |
503 |
|
|
} elseif (($emp[1] > 4) && ($emp[0]<=4)) { |
504 |
|
|
$q .= " score=score+1, reason=$emp[1] where tid=$tdw"; |
505 |
|
|
} elseif (($emp[1] < 5) && ($emp[0] > -1)) { |
506 |
|
|
$q .= " score=score-1, reason=$emp[1] where tid=$tdw"; |
507 |
|
|
} elseif (($emp[0] == -1) || ($emp[0] == 5)) { |
508 |
|
|
$q .= " reason=$emp[1] where tid=$tdw"; |
509 |
|
|
} |
510 |
|
|
if(strlen($q) > 20) mysql_query("$q"); |
511 |
|
|
} |
512 |
|
|
} |
513 |
|
|
} |
514 |
|
|
} |
515 |
|
|
Header("Location: pollBooth.php?op=results&pollID=$pollID"); |
516 |
|
|
break; |
517 |
|
|
|
518 |
|
|
case "showreply": |
519 |
|
|
DisplayTopic($pollID, $pid, $tid, $mode, $order, $thold); |
520 |
|
|
break; |
521 |
|
|
|
522 |
|
|
default: |
523 |
|
|
if ((isset($tid)) && (!isset($pid))) { |
524 |
|
|
singlecomment($tid, $pollID, $mode, $order, $thold); |
525 |
|
|
} elseif (($mainfile) xor (($pid==0) || (!isset($pid)))) { |
526 |
|
|
Header("Location: pollBooth.php?op=resultspollID=$pollID"); |
527 |
|
|
} else { |
528 |
|
|
if(!isset($pid)) $pid=0; |
529 |
|
|
DisplayTopic($pollID, $pid, $tid, $mode, $order, $thold); |
530 |
|
|
} |
531 |
|
|
// if (!isset($pid)) $pid = 0; |
532 |
|
|
break; |
533 |
|
|
} |
534 |
|
|
|
535 |
|
|
?> |