"; } function moderate_2($tid, $reason) { include "config.inc"; echo ""; for($i = 0; $i < sizeof($comments_meta_reasons); $i++) { echo "$comments_meta_reasons[$i]\n"; } echo ""; } function moderate_3($sid, $mode, $order, $thold = 0) { echo ""; } function displayKids ($tid, $mode, $order = 0, $thold = 0, $level = 0, $dummy = 0) { global $user, $theme; include "config.inc"; $comments = 0; $result = mysql_query("SELECT tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason FROM comments WHERE pid = $tid ORDER BY date, tid"); if ($mode == 'nested') { while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { if ($r_score >= $thold) { if ($level && !$comments) { echo "

"; $tblwidth -= 5; } $comments++; $link = "hlcolor2\">reply to this comment"; $theme->comment($r_name, $r_subject, $r_tid, $r_date, $r_url, $r_email, $r_score, $r_reason, $r_comment, $link); displayKids($r_tid, $mode, $order, $thold, $level + 1, $dummy + 1); } } } elseif ($mode == 'flat') { while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { if ($r_score >= $thold) { if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous; if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "[no subject]"; $link = "hlcolor2\">reply to this comment"; $theme->comment($r_name, $r_subject, $r_tid, $r_date, $r_url, $r_email, $r_score, $r_reason, $r_comment, $link); } displayKids($r_tid, $mode, $order, $thold); } } else { echo "ERROR: we should not get here!"; } if ($level && $comments) { echo "

"; } } function displayBabies ($tid, $level = 0, $dummy = 0, $thread) { global $datetime, $theme, $user; include "config.inc"; $comments = 0; $result = mysql_query("SELECT tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason FROM comments WHERE pid = $tid ORDER BY date, tid"); if ($level == 0) $thread = ""; while (list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = mysql_fetch_row($result)) { if ($level && !$comments) { $thread .= "

"; } $comments++; if (!eregi("[a-z0-9]",$r_name)) { $r_name = $anonymous; } if (!eregi("[a-z0-9]",$r_subject)) { $r_subject = "[no subject]"; } if ($user) { ### Make sure to respect the user preferences: $thread .= "
• umode)) { $thread .= "&mode=$user->umode"; } else { $thread .= "&mode=threaded"; } if (isset($user->uorder)) { $thread .= "&order=$user->uorder"; } else { $thread .= "&order=0"; } if (isset($user->thold)) { $thread .= "&thold=$user->thold"; } else { $thread .= "&thold=0"; } $thread .= "\">$r_subject by $r_name (". formatTimestamp($r_date) .")
"; } else { $thread .= "
• $r_subject by $r_name (". formatTimestamp($r_date) .")
"; } displayBabies($r_tid, $level + 1, $dummy + 1, &$thread); } if ($level && $comments) { $thread .= "

"; } return $thread; } function displayTopic ($sid, $pid = 0, $tid = 0, $mode = "threaded", $order = 0, $thold = 0, $level = 0, $nokids = 0) { global $user, $theme, $functions; ### include required files: if ($functions) { include "config.inc"; } else { include "functions.inc"; include "theme.inc"; $theme->header(); } ### ensure default value: if (!isset($pid)) $pid = 0; ### connect to database: dbconnect(); $count_times = 0; $q = "SELECT tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason FROM comments WHERE sid = $sid AND pid = $pid"; if ($mode == 'threaded' || mode == 'nested') { if ($thold != "") { $q .= " AND score >= $thold"; } else { $q .= " AND score >= 0"; } } if ($order == 1) $q .= " ORDER BY date DESC"; if ($order == 2) $q .= " ORDER BY score DESC"; $res = mysql_query("$q"); $num_tid = mysql_num_rows($res); $theme->commentControl($sid, $title, $thold, $mode, $order); moderate_1(); while ($count_times < $num_tid) { list($tid, $pid, $sid, $date, $name, $email, $url, $host_name, $subject, $comment, $score, $reason) = mysql_fetch_row($res); if ($name == "") { $name = $anonymous; } if ($subject == "") { $subject = "[no subject]"; } ### Dynamically generate the link: if ($pid != 0) { list($erin) = mysql_fetch_row(mysql_query("SELECT pid FROM comments WHERE tid=$pid")); $link = "hlcolor2\">return to parent | hlcolor2\">reply to this comment"; } else { $link = "hlcolor2\">reply to this comment "; } if ($mode == "threaded") { $thread = displayBabies($tid, $mode, $order, $thold, $level); $theme->comment($name, $subject, $tid, $date, $url, $email, $score, $reason, $comment, $link, $thread); } else { $theme->comment($name, $subject, $tid, $date, $url, $email, $score, $reason, $comment, $link); displayKids($tid, $mode, $order, $thold, $level); } echo ""; echo "

"; $count_times += 1; } moderate_3($sid, $mode, $order, $thold); if ($pid == 0) return array($sid, $pid, $subject); else $theme->footer(); } function reply($pid, $sid, $mode, $order, $thold) { include "functions.inc"; include "theme.inc"; global $user; dbconnect(); $theme->header(); if ($pid != 0) { list($date, $name, $email, $url, $subject, $comment, $score) = mysql_fetch_row(mysql_query("SELECT date, name, email, url, subject, comment, score FROM comments WHERE tid = $pid")); } else { list($date, $subject, $comment, $name) = mysql_fetch_row(mysql_query("SELECT time, subject, abstract, informant FROM stories WHERE sid = $sid")); } ### Pre-process the variables: if ($comment == "") $comment = $comment; if ($subject == "") $subject = "[no subject]"; if ($name == "") $name = $anonymous; ### Display parent comment: echo ""; if ($email) { echo " bgcolor1\">"; } else { echo " bgcolor1\">"; } echo " bgcolor2\">"; echo "

hlcolor1\">$subject by $name ($email) on ". formatTimestamp($date) ."

hlcolor1\">$subject by $name on ". formatTimestamp($date) ."

$comment

"; if (!isset($pid) || !isset($sid)) { exit(); } if ($pid == 0) { list($subject) = mysql_fetch_row(mysql_query("SELECT subject FROM stories WHERE sid = $sid")); } else { list($subject) = mysql_fetch_row(mysql_query("SELECT subject FROM comments WHERE tid = $pid")); } ### Build reply form: echo "

"; echo "Your name:
"; if ($user) { echo "$user->userid     [ logout ]"; } else { echo "$anonymous"; $postanon = 2; } echo "

"; echo "Subject:
"; if (!eregi("Re:",$subject)) $subject = "Re: $subject"; // Only one 'Re:' will just do fine. ;) echo ""; echo "

"; if ($user) { $userinfo = getusrinfo($user); echo "$userinfo[signature]
"; echo " Post this comment anonymously."; echo "

"; } else { echo ""; echo "

"; } echo ""; echo ""; echo ""; echo " HTML to textHTML-formattedPlain text

"; echo "Allowed HTML-tags:
"; for ($i=0; $i < sizeof($AllowableHTML); $i++) { if (!eregi("/",$AllowableHTML[$i])) echo " <$AllowableHTML[$i]>"; } $theme->footer(); } function replyPreview ($pid, $sid, $subject, $comment, $postanon, $mode, $order, $thold, $posttype) { include "functions.inc"; include "theme.inc" ; global $user, $bgcolor1, $bgcolor2; $subject = stripslashes($subject); $comment = stripslashes($comment); $theme->header(); ### Display preview: echo ""; if ($user) { echo " "; } else { echo " "; } if ($posttype == "exttrans") { echo " "; } elseif ($posttype == "plaintext") { echo " "; } else { echo " "; } echo "

$subject by $user->userid.

$subject by $anonymous.

". nl2br(htmlspecialchars($comment)) ."

". nl2br($comment) ."

$comment

"; ### Build reply form: echo "

"; echo "Your name:
"; if ($user) { echo "$user->userid     [ logout ]"; } else { echo "$anonymous"; $postanon = 2; } echo "

"; echo "Subject:
"; if (!eregi("Re:",$subject)) $subject = "Re: $subject"; // one Re: will do ;) echo ""; echo "

"; $userinfo = getusrinfo($user); echo "$comment"; if ($user) { if ($postanon) echo "
Post this comment anonymously."; else echo "
Post this comment anonymously."; } echo "

"; echo ""; echo ""; echo ""; echo " "; echo " "; echo ""; if ($posttype == "exttrans") echo " HTML to text"; else echo " HTML to text"; if ($posttype == "html") echo " HTML-formatted"; else echo " HTML-formatted"; if ($posttype == "plaintext") echo " Plain text"; else echo " Plain text"; echo ""; echo "

"; echo "Allowed HTML-tags:
"; for ($i=0; $i < sizeof($AllowableHTML); $i++) { if (!eregi("/",$AllowableHTML[$i])) echo " <$AllowableHTML[$i]>"; } $theme->footer(); } function postComment($postanon, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype) { global $user, $userinfo; include "functions.inc"; include "config.inc"; dbconnect(); $subject = FixQuotes($subject); $comment = FixQuotes($comment); $author = FixQuotes($author); if ($posttype == "exttrans") $comment = nl2br(htmlspecialchars($comment)); elseif($posttype == "plaintext") $comment = nl2br($comment); else $comment = $comment; if (($user) && (!$postanon)) { getusrinfo($user); $name = $userinfo[uname]; $email = $userinfo[femail]; $url = $userinfo[url]; $score = 1; } else { $name = ""; $email = ""; $url = ""; $score = 0; } $ip = getenv("REMOTE_ADDR"); ### Check for fake threads: $fake = mysql_result(mysql_query("SELECT COUNT(*) FROM stories WHERE sid = $sid"), 0); ### Check for duplicate comments: $duplicate = mysql_result(mysql_query("SELECT COUNT(*) FROM comments WHERE pid = '$pid' AND sid = '$sid' AND subject = '$subject' AND comment = '$comment'"), 0); if ($fake != 1) { include "theme.inc"; $theme->header(); $theme->box("fake comment", "fake comment: $fake"); $theme->footer(); } elseif ($duplicate != 0) { include "theme.inc"; $theme->header(); $theme->box("duplicate comment", "duplicate comment: $duplicate"); $theme->footer(); } else { ### Add comment to table: $reason = (int) sizeof($comments_meta_reasons) / 2; mysql_query("INSERT INTO comments (tid, pid, sid, date, name, email, url, host_name, subject, comment, score, reason) VALUES (NULL, '$pid', '$sid', now(), '$name', '$email', '$url', '$ip', '$subject', '$comment', '$score', '$reason')"); ### Compose header: if ($user) { $header = "article.php?sid=$sid"; if (isset($user->umode)) { $header .= "&mode=$user->umode"; } else { $header .= "&mode=threaded"; } if (isset($user->uorder)) { $header .= "&order=$user->uorder"; } else { $header .= "&order=0"; } if (isset($user->thold)) { $header .= "&thold=$user->thold"; } else { $header .= "&thold=1"; } } else { $header .= "article.php?sid=$sid&mode=threaded&order=1&thold=0"; } header("Location: $header"); } } function moderate($tid, $meta_value = 0) { include "config.inc"; if ($meta_value != -1) { ### Compose query: $query = "UPDATE comments SET"; if ($meta_value > (sizeof($comments_meta_reasons) / 2)) { $query .= " score = score + 1, reason = $meta_value WHERE tid = $tid"; } elseif ($meta_value < ((sizeof($comments_meta_reasons) / 2) - 1)) { $query .= " score = score - 1, reason = $meta_value WHERE tid = $tid"; } else { $query .= " reason = $meta_value WHERE tid = $tid"; } ### Perform query: mysql_query("$query"); } } switch($op) { case "reply": reply($pid, $sid, $mode, $order, $thold); break; case "Preview comment": replyPreview($pid, $sid, $subject, $comment, $postanon, $mode, $order, $thold, $posttype); break; case "Post comment": postComment($postanon, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype); break; case "Moderate": include "functions.inc"; dbconnect(); while (list($name, $value) = each($HTTP_POST_VARS)) { if (eregi("meta", $name)) { ### extract comment id (tid): $info = explode(":", $name); moderate($info[1], $value); } } Header("Location: article.php?sid=$sid&mode=$mode&order=$order&thold=$thold"); break; case "showreply": displayTopic($sid, $pid, $tid, $mode, $order, $thold); break; default: displayTopic($sid, $pid, $tid, $mode, $order, $thold); } ?>