diff --git a/www/account.php b/www/account.php index 137f54d..eef4e42 100644 --- a/www/account.php +++ b/www/account.php @@ -1,6 +1,6 @@ diff --git a/www/articles.php b/www/articles.php index c6b9ff9..59e333e 100644 --- a/www/articles.php +++ b/www/articles.php @@ -1,6 +1,6 @@ ", "$PHP_SELF?M$id$options"); @@ -217,7 +218,15 @@ switch ($op) print("Contents:$temp\n"); print("

\n"); + db_free($result); + + print("
\n" + ."

Comments " + ."[ " + ."Add Comment ]

\n"); + + show_comments("articles.php_L$id"); } else { @@ -345,7 +354,7 @@ switch ($op) print("

\n"); } - html_start_table(array("ID","Title","Last Modified")); + html_start_table(array("ID","Title","Last Modified", "Comment(s)")); db_seek($result, $index); for ($i = 0; $i < $ARTICLE_PAGE_MAX && $row = db_next($result); $i ++) @@ -359,7 +368,7 @@ switch ($op) ."$id"); $temp = htmlspecialchars($row['title']); - print("" ."$temp"); @@ -368,11 +377,16 @@ switch ($op) ."alt='Article #$id'>" ."$temp"); + $count = count_comments("articles.php_L$id"); + print("" + ."$count"); + html_end_row(); html_start_row(); $temp = htmlspecialchars($row['abstract']); - print("$temp"); + print("$temp"); html_end_row(); } @@ -537,6 +551,6 @@ switch ($op) // -// End of "$Id: articles.php,v 1.3 2004/05/18 19:58:34 mike Exp $". +// End of "$Id: articles.php,v 1.4 2004/05/18 21:26:52 mike Exp $". // ?> diff --git a/www/comment.php b/www/comment.php index ad56438..a64b8fb 100644 --- a/www/comment.php +++ b/www/comment.php @@ -1,7 +1,8 @@ Delete Comment #$id\n"); + print("

Click the button below to confirm the deletion.

\n" + ."
" + ."
" + ."
\n"); + html_footer(); + break; + + case 'D' : // Delete comment (confirmed) + db_query("DELETE FROM comment WHERE id = $id"); + header("Location: $PHP_SELF"); + break; + + case 'e' : // Edit comment + case 'r' : // New comment + $havedata = 0; + + if ($REQUEST_METHOD == "POST") + { + if (array_key_exists("AUTHOR", $_POST)) + $create_user = trim($_POST["AUTHOR"]); + else + $create_user = ""; + + if (array_key_exists("FILE", $_POST)) + $file = $_POST["FILE"]; + else + $file = ""; + + if (array_key_exists("STATUS", $_POST)) + $status = (int)$_POST["STATUS"]; + else + $status = 2; + + if (array_key_exists("MESSAGE", $_POST)) + $contents = trim($_POST["MESSAGE"]); + else + $contents = ""; + + if ($create_user != "" && $contents != "" && $file != "") + $havedata = 1; + + if ($create_user != "" && $id == 0 && !$LOGIN_USER) + setcookie("FROM", $create_user, time() + 90 * 86400, "/"); + } + else + { + if ($id) + { + $result = db_query("SELECT * FROM comment WHERE id = $id"); + if (db_count($result) > 0) + { + $row = db_next($result); + $create_user = $row['create_user']; + $contents = $row['contents']; + $status = $row['status']; + } + else + { + if (array_key_exists("FROM", $_COOKIE)) + $create_user = $_COOKIE["FROM"]; + else + $create_user = "Anonymous "; + + $contents = ""; + $status = 2; + } + + db_free($result); + } + else + { + if (array_key_exists("FROM", $_COOKIE)) + $create_user = $_COOKIE["FROM"]; + else + $create_user = "Anonymous "; + + $contents = ""; + $status = 2; + } + } + + if ($havedata) + { + $create_user = db_escape($create_user); + $file = db_escape($file); + $contents = db_escape($contents); + + if ($id) + { + // Update existing record. + db_query("UPDATE comment SET create_user='$create_user',file='$file'," + ."status=$status,contents='$contents' WHERE id = $id"); + } + else + { + // Add new record. + $create_date = time(); + db_query("INSERT INTO comment VALUES(NULL,$refer_id,2,'$file'," + ."'$contents',$create_date,'$create_user')"); + } + + $location = str_replace("_", "?", $path); + header("Location: $location"); + } + else + { + if ($id) + { + html_header("Edit Comment"); + print("

Edit Comment

\n"); + } + else + { + html_header("Add Comment"); + print("

Add Comment

\n"); + } + + if ($REQUEST_METHOD == "POST") + { + print("

Your comment posting is missing required information. " + ."Please fill in all fields marked in " + ."red and resubmit your comments.

\n"); + $hstart = ""; + $hend = ""; + } + else + { + $hstart = ""; + $hend = ""; + } + + if ($op == "e") + print("
\n" + ."
\n"); + else + print("\n" + ."
\n"); + + $create_user = htmlspecialchars($create_user); + if ($create_user == "") + print("" + ."\n"); + else + print("" + ."\n"); + + $contents = htmlspecialchars($contents); + if ($contents == "") + print("" + ."\n"); + else + print("" + ."\n"); + + if ($LOGIN_USER) + { + print("" + ."\n"); + print("" + ."\n"); + } + else + { + print("\n"); + print("\n"); + } + + if ($id) + print("\n"); + else + print("\n"); + + print("
${hstart}Author:${hend}
Author:
${hstart}Message:${hend}
Message:
File Path:
Status:
\n" + ."
\n"); + + html_footer(); + } + break; + + case 'L' : // List all comments... + case 'l' : // List unapproved comments... + html_header("Comments"); + print("

Comments

\n"); + + if (!$LOGIN_USER) + { + $result = db_query("SELECT * FROM comment WHERE status = 1 AND " + ."url LIKE '${listpath}%' ORDER BY id"); + } + else + { + if ($op == 'L') + { + $result = db_query("SELECT * FROM comment WHERE " + ."url LIKE '${listpath}%' ORDER BY id"); + print("

[ Show Hidden Comments ]

\n"); + } + else + { + $result = db_query("SELECT * FROM comment WHERE status = 0 AND " + ."url LIKE '${listpath}%' ORDER BY id"); + print("

[ Show All Comments ]

\n"); + } + } + + if (db_count($result) == 0) + { + if ($LOGIN_USER && $op == 'l') + print("

No hidden comments.

\n"); + else + print("

No visible comments.

\n"); + } + else + { + print("\n"); + } + + db_free($result); + + html_footer(); + break; + + case 'm' : // Moderate + if (array_key_exists("MODPOINTS", $_COOKIE)) + $modpoints = $_COOKIE["MODPOINTS"]; + else + $modpoints = 5; + + if ($modpoints > 0) + { + $modpoints --; + + setcookie("MODPOINTS", $modpoints, time() + 2 * 86400, "/"); + + $result = db_query("SELECT status FROM comment WHERE id=$id"); + $row = db_next($result); + + if ($dir == 'd') + { + // Moderate down... + if ($row['status'] > 0) + db_query("UPDATE comment SET status = status - 1 WHERE id=$id"); + } + else + { + // Moderate down... + if ($row['status'] < 5) + db_query("UPDATE comment SET status = status + 1 WHERE id=$id"); + } + + db_free($result); + } + + if ($LOGIN_USER) + header("Location: $PHP_SELF"); + else + { + $location = str_replace("_", "?", $path); + header("Location: $location"); + } + break; + } +} + +// +// End of "$Id: comment.php,v 1.2 2004/05/18 21:26:52 mike Exp $". // ?> diff --git a/www/phplib/common.php b/www/phplib/common.php index c971670..78a34fd 100644 --- a/www/phplib/common.php +++ b/www/phplib/common.php @@ -1,9 +1,11 @@ for the "is published" field... +// show_comments() - Show comments for the given path... // @@ -75,6 +78,30 @@ abbreviate($text, // I - String } +// +// 'count_comments()' - Count visible comments for the given path... +// + +function // O - Number of comments +count_comments($url, // I - URL for comment + $parent_id = 0) // I - Parent comment +{ + $result = db_query("SELECT * FROM comment WHERE " + ."url = '" . db_escape($url) ."' " + ."AND status > 0 AND parent_id = $parent_id " + ."ORDER BY id"); + + $num_comments = db_count($result); + + while ($row = db_next($result)) + $num_comments += count_comments($url, $row['id']); + + db_free($result); + + return ($num_comments); +} + + // // 'format_text()' - Convert plain text to HTML... // @@ -486,6 +513,78 @@ select_is_published($is_published = 1) // I - Default state // -// End of "$Id: common.php,v 1.4 2004/05/18 19:58:35 mike Exp $". +// 'show_comments()' - Show comments for the given path... +// + +function // O - Number of comments +show_comments($url, // I - URL for comment + $path = "", // I - Path component + $parent_id = 0, // I - Parent comment + $heading = 3) // I - Heading level +{ + global $_COOKIE; + + + $result = db_query("SELECT * FROM comment WHERE " + ."url = '" . db_escape($url) ."' " + ."AND status > 0 AND parent_id = $parent_id " + ."ORDER BY id"); + + if (array_key_exists("MODPOINTS", $_COOKIE)) + $modpoints = $_COOKIE["MODPOINTS"]; + else + $modpoints = 5; + + if ($parent_id == 0 && $modpoints > 0) + print("

You have $modpoints moderation points available.

\n"); + + if ($heading > 6) + $heading = 6; + + $safeurl = urlencode($url); + $num_comments = 0; + + while ($row = db_next($result)) + { + if ($heading > 3 && $num_comments == 0) + print("
\n"); + + $num_comments ++; + + $create_date = date("M d, Y", $row['create_date']); + $create_user = sanitize_email($row['create_user']); + $contents = sanitize_text($row['contents']); + + print("From $create_user on $create_date (score=$row[status])\n" + ."

$contents

\n"); + + html_start_links(); + html_link("Reply", "${path}comment.php?r$row[id]+p$safeurl"); + + if ($modpoints > 0) + { + if ($row['status'] > 0) + html_link("Moderate Down", "${path}comment.php?md$row[id]+p$safeurl"); + + if ($row['status'] < 5) + html_link("Moderate Up", "${path}comment.php?mu$row[id]+p$safeurl"); + } + + html_end_links(); + + $num_comments += show_comments($url, $path, $row['id'], $heading + 1); + } + + db_free($result); + + if ($num_comments > 0 && $heading > 3) + print("
\n"); + + return ($num_comments); +} + + +// +// End of "$Id: common.php,v 1.5 2004/05/18 21:26:52 mike Exp $". // ?>