2001-12-08 11:37:07 +00:00
<?
2001-10-20 18:57:09 +00:00
// $Id$
2000-12-14 14:13:37 +00:00
2001-12-08 12:36:05 +00:00
$GLOBALS["cmodes"] = array(1 => "List - min", 2 => "List - max", 3 => "Threaded - min", 4 => "Threaded - max");
$GLOBALS["corder"] = array(1 => "Date - new", 2 => "Date - old", 3 => "Rate - high", 4 => "Rate - low");
2001-12-08 11:37:07 +00:00
function comment_moderate($moderate) {
global $user;
if ($user->uid && $moderate) {
foreach ($moderate as $cid => $score) {
if ($score > 0 && $score < 6) {
if (db_fetch_object(db_query("SELECT * FROM moderate WHERE uid = '". check_query($user->uid) ."' AND cid = '". check_query($cid) ."'"))) {
db_query("UPDATE moderate SET score = '". check_query($score) ."' WHERE uid = '". check_query($user->uid) ."' AND cid = '". check_query($cid) ."'");
}
else {
db_query("INSERT INTO moderate (uid, cid, score, timestamp) VALUES ('". check_query($user->uid) ."', '". check_query($cid) ."', '". check_query($score) ."', '". time() ."')");
}
}
}
}
}
function comment_settings($mode, $order, $threshold) {
global $user;
if ($user->uid) {
$user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
}
}
function comment_form($edit) {
global $user;
$form .= "<a name=\"comment\"></a>\n";
// name field:
$form .= form_item(t("Your name"), format_name($user));
// subject field:
2001-12-22 14:12:18 +00:00
$form .= form_textfield(t("Subject"), "subject", $edit["subject"], 50, 64);
2001-12-08 11:37:07 +00:00
// comment field:
2001-12-22 14:12:18 +00:00
$form .= form_textarea(t("Comment"), "comment", $edit["comment"] ? $edit["comment"] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
2001-12-08 11:37:07 +00:00
// preview button:
2001-12-22 14:12:18 +00:00
$form .= form_hidden("pid", $edit["pid"]);
$form .= form_hidden("id", $edit["id"]);
2001-12-08 11:37:07 +00:00
2001-12-22 14:12:18 +00:00
if (!$edit["comment"]) {
2001-12-08 11:37:07 +00:00
$form .= form_submit(t("Preview comment"));
}
else {
$form .= form_submit(t("Preview comment"));
$form .= form_submit(t("Post comment"));
}
return form($form);
}
function comment_reply($pid, $id) {
global $theme;
if ($pid) {
2001-12-22 14:12:18 +00:00
$comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$pid'"));
comment_view($comment, t("reply to this comment"));
2001-12-08 11:37:07 +00:00
}
else {
node_view(node_load(array("nid" => $id)));
$pid = 0;
}
if (user_access("post comments")) {
$theme->box(t("Reply"), comment_form(array(pid=>$pid, id=>$id)));
}
else {
$theme->box(t("Reply"), t("You are not authorized to post comments."));
}
}
function comment_preview($edit) {
global $theme, $user;
2001-12-22 14:12:18 +00:00
foreach ($edit as $key => $value) {
$comment->$key = filter($value);
}
/*
** Attach the user information:
*/
$comment->uid = $user->uid;
$comment->name = $user->name;
/*
** Attach the time:
*/
$comment->timestamp = time();
/*
** Preview the comment:
*/
comment_view($comment, t("reply to this comment"));
2001-12-08 11:37:07 +00:00
$theme->box(t("Reply"), comment_form($edit));
}
function comment_post($edit) {
global $theme, $user;
if (user_access("post comments")) {
2001-12-22 14:12:18 +00:00
/*
** Check the user's comment submission rate. If exceeded,
** throttle() will bail out.
*/
2001-12-08 11:37:07 +00:00
throttle("post comment", variable_get(max_comment_rate, 60));
2001-12-22 14:12:18 +00:00
/*
** Validate the comment's subject. If not specified, extract
** one from the comment's body.
*/
$edit["subject"] = strip_tags(($edit["subject"] ? $edit["subject"] : substr($edit["comment"], 0, 29)));
/*
** Validate the comment's body.
*/
$edit["comment"] = filter($edit["comment"]);
/*
** Check for duplicate comments. Note that we have to use the
** validated/filtered data to perform such check.
*/
$duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_input($edit["pid"]) ."' AND lid = '". check_input($edit["id"]) ."' AND subject = '". check_input($edit["subject"]) ."' AND comment = '". check_input($edit["comment"]) ."'"), 0);
2001-12-08 11:37:07 +00:00
if ($duplicate != 0) {
2001-12-22 14:12:18 +00:00
watchdog("warning", "comment: duplicate '". $edit["subject"] ."'");
2001-12-08 11:37:07 +00:00
}
else {
2001-12-22 14:12:18 +00:00
/*
** Add the comment to database:
*/
2001-12-08 11:37:07 +00:00
2001-12-22 14:12:18 +00:00
db_query("INSERT INTO comments (lid, pid, uid, subject, comment, hostname, timestamp) VALUES ('". check_query($edit["id"]) ."', '". check_query($edit["pid"]) ."', '$user->uid', '". check_query($edit["subject"]) ."', '". check_query($edit["comment"]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
2001-12-08 11:37:07 +00:00
2001-12-22 14:12:18 +00:00
/*
** Add entry to the watchdog log:
*/
watchdog("special", "comment: added '". $edit["subject"] ."'");
/*
** Clear the cache:
*/
2001-12-08 11:37:07 +00:00
cache_clear();
}
}
}
function comment_num_replies($id, $count = 0) {
$result = db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$id'");
return ($result) ? db_result($result, 0) : 0;
}
function comment_moderation($comment) {
global $user;
2001-12-22 14:12:18 +00:00
$values = array("--", "1", "2", "3", "4", "5");
2001-12-08 11:37:07 +00:00
$moderate = db_fetch_object(db_query("SELECT * FROM moderate WHERE cid = '$comment->cid' AND uid = '$user->uid'"));
foreach ($values as $key => $value) {
$options .= " <option value=\"$key\"". ($moderate->score == $key ? " selected=\"selected\"" : "") .">$value</option>\n";
}
$output .= "<select name=\"moderate[comment][$comment->cid]\">$options</select><br />". ($comment->score ? $comment->score : "--") ." / $comment->votes";
return $output;
}
function comment_threshold($threshold) {
for ($i = 0; $i < 6; $i++) $options .= " <option value=\"$i\"". ($threshold == $i ? " SELECTED" : "") .">". t("Visibility") ." - $i</option>";
return "<select name=\"threshold\">$options</select>\n";
}
function comment_mode($mode) {
global $cmodes;
2001-12-22 14:12:18 +00:00
foreach ($cmodes as $key => $value) $options .= " <option value=\"$key\"". ($mode == $key ? " SELECTED" : "") .">$value</option>\n";
2001-12-08 11:37:07 +00:00
return "<select name=\"mode\">$options</select>\n";
}
function comment_order($order) {
global $corder;
foreach ($corder as $key=>$value) $options .= " <option value=\"$key\"". ($order == $key ? " SELECTED" : "") .">$value</option>\n";
return "<select name=\"order\">$options</select>\n";
}
function comment_query($lid, $order, $pid = -1) {
$query .= "SELECT c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name, AVG(m.score) AS score, COUNT(m.cid) AS votes FROM comments c LEFT JOIN users u ON c.uid = u.uid LEFT JOIN moderate m ON c.cid = m.cid WHERE c.lid = '$lid'";
if ($pid >= 0) {
$query .= " AND pid = '$pid'";
}
$query .= " GROUP BY c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name";
if ($order == 1) {
$query .= " ORDER BY c.timestamp DESC";
}
else if ($order == 2) {
$query .= " ORDER BY c.timestamp";
}
else if ($order == 3) {
$query .= " ORDER BY score DESC";
}
else if ($order == 4) {
$query .= " ORDER BY score";
}
return db_query($query);
}
function comment_visible($comment, $threshold = 0) {
if ($comment->votes == 0 || $comment->score >= $threshold) {
return 1;
}
else {
return 0;
}
}
function comment_links($comment, $return = 1) {
global $theme;
2001-12-27 20:35:40 +00:00
$links = array();
2001-12-08 11:37:07 +00:00
if ($return) {
2001-12-27 20:35:40 +00:00
$links[] = "<a href=\"node.php?id=$comment->lid#$comment->cid\"><font color=\"$theme->type\">". t("return") ."</font></a>";
2001-12-08 11:37:07 +00:00
}
2001-12-27 20:35:40 +00:00
if (user_access("administer comments")) {
$links[] = "<a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\"><font color=\"$theme->type\">". t("administer") ."</font></a>";
}
if (user_access("post comments")) {
$links[] = "<a href=\"node.php?op=reply&id=$comment->lid&pid=$comment->cid\"><font color=\"$theme->type\">". t("reply to this comment") ."</font></a>";
2001-12-08 11:37:07 +00:00
}
2001-12-27 20:35:40 +00:00
return $theme->links($links);
2001-12-08 11:37:07 +00:00
}
function comment_view($comment, $folded = 0) {
global $theme;
if ($folded) {
$theme->comment($comment, $folded);
}
else {
print "<a href=\"node.php?id=$comment->lid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a> by ". format_name($comment) ." <small>(". ($comment->score ? $comment->score : "--") ." / $comment->votes)</small><p />";
}
}
2001-12-27 20:35:40 +00:00
function comment_thread_min($comments, $threshold, $pid = 0) {
2001-12-08 11:37:07 +00:00
global $user;
2001-12-27 20:35:40 +00:00
foreach ($comments as $comment) {
if ($comment->pid == $pid) {
print "<ul>";
print comment_view($comment);
comment_thread_min($comments, $threshold, $comment->cid);
print "</ul>";
}
2001-12-08 11:37:07 +00:00
}
}
2001-12-27 20:35:40 +00:00
function comment_thread_max($comments, $threshold, $pid = 0, $level = 0) {
2001-12-08 11:37:07 +00:00
global $user;
/*
** We had quite a few browser specific issues: expanded comments below
** the top level got truncated on the right hand side. A range of
** solutions have been proposed and tried but either the right margins of
** the comments didn't line up well, or the heavily nested tables made
** for slow rendering and cluttered HTML. This is the best work-around
** in terms of speed and size.
*/
2001-12-27 20:35:40 +00:00
foreach ($comments as $comment) {
if ($comment->pid == $pid) {
print "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr><td width=\"". ($level * 25) ."\"> </td><td>\n";
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
print "</td></tr></table>\n";
2001-12-08 11:37:07 +00:00
2001-12-27 20:35:40 +00:00
comment_thread_max($comments, $threshold, $comment->cid, $level + 1);
}
2001-12-08 11:37:07 +00:00
}
}
function comment_render($lid, $cid) {
global $user, $theme, $mode, $order, $threshold, $REQUEST_URI;
if (user_access("access comments")) {
/*
** Pre-process variables:
*/
if (empty($lid)) {
$lid = 0;
}
if (empty($cid)) {
$cid = 0;
}
if (empty($mode)) {
$mode = $user->uid ? $user->mode : variable_get(default_comment_mode, 4);
}
if (empty($order)) {
$order = $user->uid ? $user->sort : variable_get(default_comment_order, 1);
}
if (empty($threshold)) {
$threshold = $user->uid ? $user->threshold : variable_get(default_comment_threshold, 3);
}
print "<a name=\"comment\"></a>\n";
print "<form method=\"post\" action=\"$REQUEST_URI\">\n";
/*
** Render control panel:
*/
$theme->box(t("Control panel"), $theme->comment_controls($threshold, $mode, $order));
if ($cid > 0) {
$result = db_query("SELECT c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name, AVG(m.score) AS score, COUNT(m.cid) AS votes FROM comments c LEFT JOIN users u ON c.uid = u.uid LEFT JOIN moderate m ON c.cid = m.cid WHERE c.cid = '$cid' GROUP BY c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name");
if ($comment = db_fetch_object($result)) {
comment_view($comment, comment_links($comment));
}
}
else {
if ($mode == 1) {
$result = comment_query($lid, $order);
print "<table border=\"0\" cellpadding=\"2\" cellspacing=\"2\">\n";
print " <tr><th>Subject</th><th>Author</th><th>Date</th><th>Score</th></tr>\n";
while ($comment = db_fetch_object($result)) {
if (comment_visible($comment, $threshold)) {
print " <tr><td><a href=\"node.php?id=$comment->lid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td>$comment->score</td></tr>\n";
}
}
print "</table>\n";
}
else if ($mode == 2) {
$result = comment_query($lid, $order);
while ($comment = db_fetch_object($result)) {
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
}
}
else if ($mode == 3) {
2001-12-27 20:35:40 +00:00
$result = comment_query($lid, $order);
2001-12-08 11:37:07 +00:00
while ($comment = db_fetch_object($result)) {
2001-12-27 20:35:40 +00:00
$comments[] = $comment;
}
if ($comments) {
comment_thread_min(array_reverse($comments), $threshold);
2001-12-08 11:37:07 +00:00
}
}
else {
2001-12-27 20:35:40 +00:00
$result = comment_query($lid, $order);
2001-12-08 11:37:07 +00:00
while ($comment = db_fetch_object($result)) {
2001-12-27 20:35:40 +00:00
$comments[] = $comment;
}
if ($comments) {
comment_thread_max(array_reverse($comments), $threshold);
2001-12-08 11:37:07 +00:00
}
}
}
print "</form>";
}
}
2001-05-09 18:28:09 +00:00
function comment_search($keys) {
2001-09-16 14:05:10 +00:00
global $PHP_SELF;
2001-10-16 20:13:22 +00:00
$result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
2001-02-07 22:01:57 +00:00
while ($comment = db_fetch_object($result)) {
2001-09-27 20:51:26 +00:00
$find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
2001-02-07 22:01:57 +00:00
}
return $find;
}
2000-12-14 14:13:37 +00:00
2001-06-20 20:00:40 +00:00
function comment_perm() {
2001-06-29 22:08:57 +00:00
return array("access comments", "post comments", "administer comments");
}
2001-11-24 12:14:31 +00:00
function comment_link($type, $node = 0, $main = 0) {
2001-12-27 20:35:40 +00:00
if ($type == "admin" && user_access("administer comments")) {
2001-06-29 22:08:57 +00:00
$links[] = "<a href=\"admin.php?mod=comment\">comments</a>";
}
2001-12-05 20:22:58 +00:00
if ($type == "node" && $node->comment) {
2001-11-24 12:14:31 +00:00
if ($main) {
/*
** Main page: display the number of comments that have been posted.
*/
if (user_access("access comments")) {
$links[] = "<a href=\"node.php?id=$node->nid#comment\">". format_plural(node_get_comments($node->nid), "comment", "comments") ."</a>";
}
}
else {
/*
** Node page: add a "post comment" link if the user is allowed to
** post comments.
*/
if (user_access("post comments")) {
$links[] = "<a href=\"node.php?id=$node->nid&op=comment#comment\">". t("add new comment") ."</a>";
}
}
}
2001-06-29 22:08:57 +00:00
return $links ? $links : array();
2001-06-20 20:00:40 +00:00
}
2001-12-05 20:22:58 +00:00
function comment_node_link($node) {
2001-12-27 20:35:40 +00:00
if (user_access("administer comments") && node_get_comments($node->nid)) {
2001-12-05 20:22:58 +00:00
2001-12-08 11:37:07 +00:00
/*
** Edit comments:
*/
2001-12-05 20:22:58 +00:00
2001-12-08 11:37:07 +00:00
$result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE lid = '$node->nid' ORDER BY c.timestamp");
2001-12-05 20:22:58 +00:00
2001-12-08 11:37:07 +00:00
$output .= "<h3>". t("Edit comments") ."</h3>";
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">";
$output .= " <tr><th>title</th><th>author</th><th colspan=\"3\">operations</th></tr>";
while ($comment = db_fetch_object($result)) {
$output .= "<tr><td><a href=\"node.php?id=$node->nid&cid=$comment->cid#$comment->cid\">$comment->subject</a></td><td>". format_name($comment) ."</td><td><a href=\"node.php?id=$node->nid&cid=$comment->cid#$comment->cid\">". t("view comment") ."</a></td><td><a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\">". t("edit comment") ."</a></td><td><a href=\"admin.php?mod=comment&op=delete&id=$comment->cid\">". t("delete comment") ."</a></td></tr>";
}
$output .= "</table>";
return $output;
}
2001-12-05 20:22:58 +00:00
}
2000-12-14 14:13:37 +00:00
function comment_edit($id) {
2001-05-02 20:52:19 +00:00
2001-10-16 20:13:22 +00:00
$result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$id'");
2000-12-14 14:13:37 +00:00
$comment = db_fetch_object($result);
2001-09-16 11:33:14 +00:00
$form .= form_item(t("Author"), format_name($comment));
2001-11-01 11:00:51 +00:00
$form .= form_textfield(t("Subject"), "subject", $comment->subject, 70, 128);
$form .= form_textarea(t("Comment"), "comment", $comment->comment, 70, 15);
2001-05-03 18:48:42 +00:00
$form .= form_submit(t("Submit"));
2000-12-14 14:13:37 +00:00
2001-09-28 16:20:55 +00:00
return form($form);
2000-12-14 14:13:37 +00:00
}
2001-04-30 17:13:08 +00:00
function comment_save($id, $edit) {
2001-12-22 14:12:18 +00:00
db_query("UPDATE comments SET subject = '". check_query(filter($edit["subject"])) ."', comment = '". check_query(filter($edit["comment"])) ."' WHERE cid = '$id'");
watchdog("special", "comment: modified '". $edit["subject"] ."'");
2000-12-14 14:13:37 +00:00
}
2001-05-02 20:52:19 +00:00
function comment_overview() {
2001-10-16 20:13:22 +00:00
$result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.uid ORDER BY timestamp DESC LIMIT 50");
2001-01-26 13:38:46 +00:00
2001-12-22 14:12:18 +00:00
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
$output .= " <tr><th>subject</th><th>author</th><th>date</th><th colspan=\"2\">operations</th></tr>\n";
2000-12-14 14:13:37 +00:00
while ($comment = db_fetch_object($result)) {
2001-12-22 14:12:18 +00:00
$output .= " <tr><td><a href=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td><a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</a></td><td><a href=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</a></td></tr>\n";
2000-12-14 14:13:37 +00:00
}
2001-12-22 14:12:18 +00:00
$output .= "</table>\n";
2001-01-26 13:38:46 +00:00
2001-04-30 17:13:08 +00:00
return $output;
2000-12-14 14:13:37 +00:00
}
2001-08-03 18:39:17 +00:00
function comment_delete($id) {
db_query("DELETE FROM comments WHERE cid = '$id'");
2001-09-28 16:20:55 +00:00
db_query("DELETE FROM moderate WHERE cid = '$id'");
2001-08-03 18:39:17 +00:00
watchdog("special", "comment: deleted '$id'");
}
2000-12-14 14:13:37 +00:00
function comment_admin() {
2001-06-29 22:08:57 +00:00
global $op, $id, $edit, $mod, $keys, $order;
2000-12-14 14:13:37 +00:00
2001-06-29 22:08:57 +00:00
if (user_access("administer comments")) {
2001-02-10 11:59:06 +00:00
2001-12-22 14:12:18 +00:00
print "<small><a href=\"admin.php?mod=comment\">overview</a> | <a href=\"admin.php?mod=comment&op=search\">search comment</a></small><hr />\n";
2001-06-20 20:00:40 +00:00
switch ($op) {
case "edit":
print comment_edit($id);
break;
case "search":
2001-10-03 20:57:01 +00:00
print search_type("comment", "admin.php?mod=comment&op=search");
2001-06-20 20:00:40 +00:00
break;
2001-08-03 18:39:17 +00:00
case "delete":
2001-11-25 13:48:34 +00:00
print comment_delete(check_query($id));
2001-08-03 18:39:17 +00:00
print comment_overview();
break;
2001-06-20 20:00:40 +00:00
case t("Submit"):
2001-11-25 13:48:34 +00:00
print status(comment_save(check_query($id), $edit));
2001-06-20 20:00:40 +00:00
print comment_overview();
break;
default:
print comment_overview();
}
}
else {
print message_access();
2000-12-14 14:13:37 +00:00
}
}
2001-11-01 11:00:51 +00:00
2001-10-09 21:01:47 +00:00
?>
