"comment_admin"); function comment_edit($id) { $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = $id"); $comment = db_fetch_object($result); $output .= "\n"; print $output; } function comment_save($id, $subject, $comment) { db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id"); watchdog("message", "comment: modified `$subject'"); } function comment_display($order = "date") { // Initialize variables: $fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject"); // Perform SQL query: $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50"); // Display comments: $output .= "\n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; while ($comment = db_fetch_object($result)) { $output .= " \n"; } $output .= "

\n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= "
subject	author	operations
". ($comment->link == "story" ? "lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."" : check_output($comment->subject)) ."	". format_username($comment->userid, 1) ."	cid\">edit

\n"; print $output; } function comment_admin() { global $op, $id, $subject, $comment, $order; switch ($op) { case "edit": comment_edit($id); break; case "Save comment": comment_save($id, $subject, $comment); comment_edit($id); break; case "Update": comment_display($order); break; default: comment_display(); } } ?>