Click the button below to confirm the deletion.

\n" ."\n"); html_footer(); break; case 'D' : // Delete comment (confirmed) db_query("DELETE FROM comment WHERE id = $id"); header("Location: $PHP_SELF"); break; case 'e' : // Edit comment case 'r' : // New comment if ($LOGIN_USER == "") { header("Location: login.php?PAGE=comment.php?$op$id+p" . urlencode($path)); return; } $havedata = 0; if ($REQUEST_METHOD == "POST") { if ($LOGIN_USER != "" && $LOGIN_LEVEL < AUTH_DEVEL) $create_user = $LOGIN_USER; else if (array_key_exists("AUTHOR", $_POST)) $create_user = trim($_POST["AUTHOR"]); else $create_user = ""; if (array_key_exists("FILE", $_POST)) $file = $_POST["FILE"]; else $file = ""; if (array_key_exists("STATUS", $_POST)) $status = (int)$_POST["STATUS"]; else $status = 2; if (array_key_exists("MESSAGE", $_POST)) $contents = trim($_POST["MESSAGE"]); else $contents = ""; if (strpos($contents, "http:") === FALSE && strpos($contents, "https:") === FALSE && strpos($contents, "ftp:") === FALSE && strpos($contents, "mailto:") === FALSE && $contents != "" && $create_user != "" && $file != "") $havedata = 1; if ($create_user != "" && $id == 0 && !$LOGIN_USER) setcookie("FROM", $create_user, time() + 90 * 86400, "/"); } else { if ($id) { $result = db_query("SELECT * FROM comment WHERE id = $id"); if (db_count($result) > 0) { $row = db_next($result); $create_user = $row['create_user']; $contents = $row['contents']; $status = $row['status']; } else { if ($LOGIN_USER != "") $create_user = $LOGIN_USER; else if (array_key_exists("FROM", $_COOKIE)) $create_user = $_COOKIE["FROM"]; else $create_user = "Anonymous "; $contents = ""; $status = 2; } db_free($result); } else { if ($LOGIN_USER != "") $create_user = $LOGIN_USER; else if (array_key_exists("FROM", $_COOKIE)) $create_user = $_COOKIE["FROM"]; else $create_user = "Anonymous "; $contents = ""; $status = 2; } } if ($havedata) { $create_user = db_escape($create_user); $file = db_escape($file); $contents = db_escape($contents); if ($id) { // Update existing record. db_query("UPDATE comment SET create_user='$create_user',url='$file'," ."status=$status,contents='$contents' WHERE id = $id"); } else { // Add new record. $create_date = time(); db_query("INSERT INTO comment VALUES(NULL,$refer_id,2,'$file'," ."'$contents',$create_date,'$create_user')"); $id = db_insert_id(); } $location = str_replace("_", "?", $path); header("Location: $location#_USER_COMMENT_$id"); } else { if ($id) html_header("Edit Comment"); else html_header("Add Comment"); if ($REQUEST_METHOD == "POST") { print("

Your comment posting is missing required information. " ."Please fill in all fields marked in " ."red and resubmit your comments.

\n"); $hstart = ""; $hend = ""; } else { $hstart = ""; $hend = ""; } if ($op == "e") print("

\n" ."\n"); else print("\n" ."

\n"); $create_user = htmlspecialchars($create_user); if ($create_user == "") print("" ."\n"); else print("" ."\n"); $contents = htmlspecialchars($contents); if ($contents == "") print("" ."" ."\n"); if ($LOGIN_LEVEL >= AUTH_DEVEL) { print("" ."\n"); print("" ."\n"); } else { print("\n"); print("\n"); } if ($id) print("\n"); else print("\n"); print("

${hstart}Author:${hend}
Author:
${hstart}Message:${hend}	$contents"); else print("
Message:	$contents"); print(" Comments may contain the following " ."HTML elements: `A`, `B`, `BLOCKQUOTE`, " ."`CODE`, `EM`, `H1`, `H2`, " ."`H3`, `H4`, `H5`, `H6`, `I`, " ."`IMG`, `LI`, `OL`, `P`, `PRE`, " ."`TT`, `U`, `UL`
File Path:
Score:

\n" ."

\n"); html_footer(); } break; case 'L' : // List all comments... case 'l' : // List unapproved comments... html_header("Comments"); if ($LOGIN_LEVEL < AUTH_DEVEL) { $result = db_query("SELECT * FROM comment WHERE status = 1 AND " ."url LIKE '${listpath}%' ORDER BY id"); } else { if ($op == 'L') { $result = db_query("SELECT * FROM comment WHERE " ."url LIKE '${listpath}%' ORDER BY id"); print("

Show Hidden Comments

\n"); } else { $result = db_query("SELECT * FROM comment WHERE status = 0 AND " ."url LIKE '${listpath}%' ORDER BY id"); print("

Show All Comments

\n"); } } if (db_count($result) == 0) { if ($LOGIN_LEVEL >= AUTH_DEVEL && $op == 'l') print("

No hidden comments.

\n"); else print("

No visible comments.

\n"); } else { print("

$row[url] " ." by $create_user on $create_date " ."Edit " ."· Delete" ."
$contents

\n"); } db_free($result); html_footer(); break; case 'm' : // Moderate if (array_key_exists("MODPOINTS", $_COOKIE)) $modpoints = $_COOKIE["MODPOINTS"]; else $modpoints = 5; if ($modpoints > 0) { $modpoints --; setcookie("MODPOINTS", $modpoints, time() + 2 * 86400, "/"); $result = db_query("SELECT status FROM comment WHERE id=$id"); $row = db_next($result); if ($dir == 'd') { // Moderate down... if ($row['status'] > 0) db_query("UPDATE comment SET status = status - 1 WHERE id=$id"); } else { // Moderate down... if ($row['status'] < 5) db_query("UPDATE comment SET status = status + 1 WHERE id=$id"); } db_free($result); } $location = str_replace("_", "?", $path); header("Location: $location#_USER_COMMENT_$id"); break; } } // // End of "$Id$". // ?>