"Flat list - collapsed", 2 => "Flat list - expanded", 3 => "Threaded list - collapsed", 4 => "Threaded list - expanded"); $GLOBALS["corder"] = array(1 => "Date - newest first", 2 => "Date - oldest first"); function comment_settings($mode, $order, $threshold) { global $user; if ($user->uid) { $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold)); } } function comment_num_all($nid) { $comment = db_fetch_object(db_query("SELECT COUNT(c.nid) AS number FROM node n LEFT JOIN comments c ON n.nid = c.nid WHERE n.nid = '$nid' GROUP BY n.nid")); return $comment->number ? $comment->number : 0; } function comment_num_new($nid) { global $user; if ($user->uid) { /* ** Retrieve the timestamp at which the current user last viewed ** the specified node and use this timestamp to find the number ** of new comments. */ $history = db_fetch_object(db_query("SELECT timestamp FROM history WHERE uid = '$user->uid' AND nid = '$nid'")); $comment = db_fetch_object(db_query("SELECT COUNT(c.nid) AS number FROM node n LEFT JOIN comments c ON n.nid = c.nid WHERE n.nid = '$nid' AND timestamp > '". ($history->timestamp ? $history->timestamp : 0) ."' GROUP BY n.nid")); return $comment->number ? $comment->number : 0; } else { return 0; } } function comment_tag_new($nid) { global $user; if ($user->uid) { $nid = check_query($nid); $result = db_query("SELECT timestamp FROM history WHERE uid = '$user->uid' AND nid = '$nid'"); if (db_fetch_object($result)) { db_query("UPDATE history SET timestamp = '". time() ."' WHERE uid = '$user->uid' AND nid = '$nid'"); } else { db_query("INSERT INTO history (uid, nid, timestamp) VALUES ('$user->uid', '$nid', '". time() ."')"); } } } function comment_is_new($comment) { global $user; static $date; if (!$date) { if ($user->uid) { $history = db_fetch_object(db_query("SELECT timestamp FROM history WHERE uid = '$user->uid' AND nid = '$comment->nid'")); $date = $history->timestamp ? $history->timestamp : 0; } else { $date = time(); } } if ($comment->timestamp > $date) { return 1; } else { return 0; } } function comment_access($op, $comment) { global $user; if ($op == "edit") { /* ** Authenticated users can edit their comments as long they have ** not been replied to. This, in order to avoid people changing ** or revising their statements based on the replies their posts ** got. Furthermore, users can't reply to their own comments and ** are encouraged to extend their original comment. */ return $user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0; } } function comment_form($edit) { global $user; $form .= "\n"; // name field: $form .= form_item(t("Your name"), format_name($user)); // subject field: $form .= form_textfield(t("Subject"), "subject", $edit["subject"], 50, 64); // comment field: $form .= form_textarea(t("Comment"), "comment", $edit["comment"] ? $edit["comment"] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", ""))); // preview button: $form .= form_hidden("cid", $edit["cid"]); $form .= form_hidden("pid", $edit["pid"]); $form .= form_hidden("nid", $edit["nid"]); if (!$edit["comment"]) { $form .= form_submit(t("Preview comment")); } else { $form .= form_submit(t("Preview comment")); $form .= form_submit(t("Post comment")); } return form($form); } function comment_edit($cid) { global $user; $comment = db_fetch_object(db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$cid'")); if (comment_access("edit", $comment)) { comment_preview(object2array($comment)); } } function comment_reply($pid, $nid) { global $theme; if ($pid) { $comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$pid'")); comment_view($comment, t("reply to this comment")); } else { node_view(node_load(array("nid" => $nid))); $pid = 0; } if (user_access("post comments")) { $theme->box(t("Reply"), comment_form(array("pid" => $pid, "nid" => $nid))); } else { $theme->box(t("Reply"), t("You are not authorized to post comments.")); } } function comment_preview($edit) { global $theme, $user; foreach ($edit as $key => $value) { $comment->$key = filter($value); } /* ** Attach the user information: */ $comment->uid = $user->uid; $comment->name = $user->name; /* ** Attach the time: */ $comment->timestamp = time(); /* ** Preview the comment: */ comment_view($comment, t("reply to this comment")); $theme->box(t("Reply"), comment_form($edit)); } function comment_post($edit) { global $theme, $user; if (user_access("post comments")) { /* ** Validate the comment's subject. If not specified, extract ** one from the comment's body. */ $edit["subject"] = strip_tags(($edit["subject"] ? $edit["subject"] : substr($edit["comment"], 0, 29))); /* ** Validate the comment's body. */ $edit["comment"] = filter($edit["comment"]); /* ** Check for duplicate comments. Note that we have to use the ** validated/filtered data to perform such check. */ $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_query($edit["pid"]) ."' AND nid = '". check_query($edit["nid"]) ."' AND subject = '". check_query($edit["subject"]) ."' AND comment = '". check_query($edit["comment"]) ."'"), 0); if ($duplicate != 0) { watchdog("warning", "comment: duplicate '". $edit["subject"] ."'"); } else { if ($edit["cid"]) { /* ** Update the comment in the database. Note that the update ** query will fail if the comment isn't owned by the current ** user. */ db_query("UPDATE comments SET subject = '". check_query($edit["subject"]) ."', comment = '". check_query($edit["comment"]) ."' WHERE cid = '". check_query($edit["cid"]) ."' AND uid = '$user->uid'"); /* ** Add entry to the watchdog log: */ watchdog("special", "comment: updated '". $edit["subject"] ."'"); } else { /* ** Check the user's comment submission rate. If exceeded, ** throttle() will bail out. */ throttle("post comment", variable_get("max_comment_rate", 60)); /* ** Add the comment to database: */ db_query("INSERT INTO comments (nid, pid, uid, subject, comment, hostname, timestamp) VALUES ('". check_query($edit["nid"]) ."', '". check_query($edit["pid"]) ."', '$user->uid', '". check_query($edit["subject"]) ."', '". check_query($edit["comment"]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')"); /* ** Add entry to the watchdog log: */ watchdog("special", "comment: added '". $edit["subject"] ."'"); } /* ** Clear the cache: */ cache_clear(); } } /* ** Redirect the user the node he commented on: */ $url = "node.php?id=". $edit["nid"]; drupal_goto($url); } function comment_num_replies($id) { $result = db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$id'"); return ($result) ? db_result($result, 0) : 0; } function comment_moderation($comment) { global $user; // XXX: disabled for now return ""; $values = array("--", "1", "2", "3", "4", "5"); $moderate = db_fetch_object(db_query("SELECT * FROM moderate WHERE cid = '$comment->cid' AND uid = '$user->uid'")); foreach ($values as $key => $value) { $options .= " \n"; } $output .= "
". ($comment->score ? $comment->score : "--") ." / $comment->votes"; return $output; } function comment_threshold($threshold) { // XXX: disabled for now return ""; for ($i = 0; $i < 6; $i++) $options .= " "; return "\n"; } function comment_mode($mode) { global $cmodes; foreach ($cmodes as $key => $value) $options .= " \n"; return "\n"; } function comment_order($order) { global $corder; foreach ($corder as $key=>$value) $options .= " \n"; return "\n"; } function comment_query($nid, $order, $pid = -1) { $query .= "SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.nid = '$nid'"; if ($pid >= 0) { $query .= " AND pid = '$pid'"; } $query .= " GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name"; if ($order == 1) { $query .= " ORDER BY c.timestamp DESC"; } else if ($order == 2) { $query .= " ORDER BY c.timestamp"; } return db_query($query); } function comment_visible($comment, $threshold = 0) { if ($comment->votes == 0 || $comment->score >= $threshold) { return 1; } else { return 0; } } function comment_links($comment, $return = 1) { global $user, $theme; $links = array(); if ($return) { $links[] = "nid#$comment->cid\">type;\">". t("return") .""; } if (user_access("administer comments")) { $links[] = "cid\" title=\"". t("Administer this comment.") ."\">type;\">". t("administer") .""; } if (user_access("post comments")) { if (comment_access("edit", $comment)) { $links[] = "cid\" title=\"". t("Make changes to your comment.") ."\">type\">". t("edit your comment") .""; } else { $links[] = "nid&pid=$comment->cid\" title=\"". t("Reply to this comment.") ."\">type;\">". t("reply to this comment") .""; } } return $theme->links($links); } function comment_view($comment, $folded = 0) { global $theme, $id; if (comment_is_new($comment)) { $comment->subject = "$comment->subject *"; } if ($folded) { $theme->comment($comment, $folded); } else { print "nid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ." by ". format_name($comment) ."

"; } } function comment_thread_min($comments, $threshold, $pid = 0) { global $user; foreach ($comments as $comment) { if ($comment->pid == $pid) { print "

"; print comment_view($comment); comment_thread_min($comments, $threshold, $comment->cid); print ""; } } } function comment_thread_max($comments, $threshold, $pid = 0, $level = 0) { global $user; /* ** We had quite a few browser specific issues: expanded comments below ** the top level got truncated on the right hand side. A range of ** solutions have been proposed and tried but either the right margins of ** the comments didn't line up well, or the heavily nested tables made ** for slow rendering and cluttered HTML. This is the best work-around ** in terms of speed and size. */ foreach ($comments as $comment) { if ($comment->pid == $pid) { print "

\n"; comment_view($comment, comment_links($comment, 0)); print "

\n"; comment_thread_max($comments, $threshold, $comment->cid, $level + 1); } } } function comment_render($nid, $cid) { global $user, $theme, $mode, $order, $threshold, $REQUEST_URI; if (user_access("access comments")) { /* ** Pre-process variables: */ if (empty($nid)) { $nid = 0; } if (empty($cid)) { $cid = 0; } if (empty($mode)) { $mode = $user->uid ? $user->mode : variable_get("default_comment_mode", 4); } if (empty($order)) { $order = $user->uid ? $user->sort : variable_get("default_comment_order", 1); } if (empty($threshold)) { // $threshold = $user->uid ? $user->threshold : variable_get("default_comment_threshold", 3); $threshold = 0; } print "\n"; print "

\n"; /* ** Render control panel: */ $theme->box(t("Control panel"), $theme->comment_controls($threshold, $mode, $order)); if ($cid > 0) { $result = db_query("SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$cid' GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name"); if ($comment = db_fetch_object($result)) { comment_view($comment, comment_links($comment)); } } else { if ($mode == 1) { $result = comment_query($nid, $order); print "\n"; print " \n"; while ($comment = db_fetch_object($result)) { if (comment_visible($comment, $threshold)) { print " \n"; } } print "

Subject	Author	Date	Score
nid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."	". format_name($comment) ."	". format_date($comment->timestamp, "small") ."	$comment->score

\n"; } else if ($mode == 2) { $result = comment_query($nid, $order); while ($comment = db_fetch_object($result)) { comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0)); } } else if ($mode == 3) { $result = comment_query($nid, $order); while ($comment = db_fetch_object($result)) { $comments[] = $comment; } if ($comments) { comment_thread_min($comments, $threshold); } } else { $result = comment_query($nid, $order); while ($comment = db_fetch_object($result)) { $comments[] = $comment; } if ($comments) { comment_thread_max($comments, $threshold); } } } print "

"; /* ** Tag the node's comments as being read: */ comment_tag_new($nid); } } function comment_search($keys) { global $PHP_SELF; $result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20"); while ($comment = db_fetch_object($result)) { $find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->nid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp); } return $find; } function comment_perm() { return array("access comments", "post comments", "administer comments"); } function comment_link($type, $node = 0, $main = 0) { if ($type == "admin" && user_access("administer comments")) { $links[] = "comments"; } if ($type == "node" && $node->comment) { if ($main) { /* ** Main page: display the number of comments that have been posted. */ if (user_access("access comments")) { $all = comment_num_all($node->nid); $new = comment_num_new($node->nid); $links[] = "nid#comment\" title=\"". t("View this posting and all of its comments.") ."\">". format_plural($all, "comment", "comments") . ($new ? ", $new ". t("new") : "") .""; } } else { /* ** Node page: add a "post comment" link if the user is allowed to ** post comments. */ if (user_access("post comments")) { $links[] = "nid#comment\" title=\"". t("Share your thoughts and opinions related to this posting.") ."\">". t("add new comment") .""; } } } return $links ? $links : array(); } function comment_node_link($node) { if (user_access("administer comments") && comment_num_all($node->nid)) { /* ** Edit comments: */ $result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE nid = '$node->nid' ORDER BY c.timestamp"); $output .= "

". t("Edit comments") ."

"; $output .= ""; $output .= " "; while ($comment = db_fetch_object($result)) { $output .= ""; } $output .= "

title	author	operations
nid&cid=$comment->cid#$comment->cid\">$comment->subject	". format_name($comment) ."	nid&cid=$comment->cid#$comment->cid\">". t("view comment") ."	cid\">". t("edit comment") ."	cid\">". t("delete comment") ."

"; return $output; } } function comment_save($id, $edit) { db_query("UPDATE comments SET subject = '". check_query(filter($edit["subject"])) ."', comment = '". check_query(filter($edit["comment"])) ."' WHERE cid = '$id'"); watchdog("special", "comment: modified '". $edit["subject"] ."'"); } function comment_page() { global $theme, $op, $edit, $id, $pid, $cid; switch ($op) { case "edit": $theme->header(); comment_edit(check_query($id)); $theme->footer(); break; case "reply": $theme->header(); comment_reply(check_query($pid), check_query($id)); $theme->footer(); break; case t("Preview comment"): $theme->header(); comment_preview($edit); $theme->footer(); break; case t("Post comment"): comment_post($edit); break; case t("Update settings"): comment_settings(check_query($mode), check_query($order), check_query($threshold)); break; default: } } function comment_admin_edit($id) { $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$id'"); $comment = db_fetch_object($result); $form .= form_item(t("Author"), format_name($comment)); $form .= form_textfield(t("Subject"), "subject", $comment->subject, 70, 128); $form .= form_textarea(t("Comment"), "comment", $comment->comment, 70, 15); $form .= form_hidden("cid", $id); $form .= form_submit(t("Submit")); $form .= form_submit(t("Delete")); return form($form); } function comment_admin_overview() { $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.uid ORDER BY timestamp DESC LIMIT 50"); $output .= "\n"; $output .= " \n"; while ($comment = db_fetch_object($result)) { $output .= " \n"; } $output .= "

subject	author	date	operations
nid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."	". format_name($comment) ."	". format_date($comment->timestamp, "small") ."	cid\">edit comment	cid\">delete comment

\n"; return $output; } function comment_delete($edit) { if ($edit["confirm"]) { db_query("DELETE FROM comments WHERE cid = '". check_query($edit["cid"]) ."'"); watchdog("special", "comment: deleted comment #". $edit["cid"]); } else { $output .= form_item(t("Confirm deletion"), ""); $output .= form_hidden("cid", $edit["cid"]); $output .= form_hidden("confirm", 1); $output .= form_submit(t("Delete")); $output = form($output); } return $output; } function comment_admin() { global $op, $id, $edit, $mod, $keys, $order; if (user_access("administer comments")) { print "overview | search comment

\n"; switch ($op) { case "edit": print comment_admin_edit($id); break; case "search": print search_type("comment", "admin.php?mod=comment&op=search"); break; case "delete": print comment_delete(array("cid" => $id)); break; case t("Delete"): print comment_delete($edit); break; case t("Submit"): print status(comment_save(check_query($id), $edit)); print comment_admin_overview(); break; default: print comment_admin_overview(); } } else { print message_access(); } } ?>