2006-12-02 04:36:16 +00:00
< ? php
/*
2010-08-23 07:28:46 +00:00
* e107 website system
*
* Copyright ( C ) 2008 - 2010 e107 Inc ( e107 . org )
* Released under the terms and conditions of the
* GNU General Public License ( http :// www . gnu . org / licenses / gpl . txt )
*
* Comment handling generic interface
*
* $URL $
* $Id $
*/
2010-01-09 12:06:15 +00:00
/**
* @ package e107
* @ subpackage user
2010-02-10 18:18:01 +00:00
* @ version $Id $ ;
2010-01-09 12:06:15 +00:00
*
* Display comments
*/
require_once ( 'class2.php' );
2009-08-28 15:30:25 +00:00
include_lan ( e_LANGUAGEDIR . e_LANGUAGE . '/lan_' . e_PAGE );
2012-06-16 12:41:30 +00:00
// print_r($_POST);
// exit;
if ( e_AJAX_REQUEST )
{
if ( vartrue ( $_POST [ 'comment' ]) && USERID )
{
$pid = intval ( varset ( $_POST [ 'pid' ], 0 )); // ID of the specific comment being edited (nested comments - replies)
$clean_authorname = $_POST [ 'author_name' ];
$clean_comment = $_POST [ 'comment' ];
$clean_subject = $_POST [ 'subject' ];
$newid = e107 :: getComment () -> enter_comment ( $clean_authorname , $clean_comment , $_POST [ 'table' ], intval ( $_POST [ 'itemid' ]), $pid , $clean_subject );
if ( $newid )
{
$row [ 'comment_id' ] = $newid ;
$row [ 'comment_item_id' ] = intval ( $_POST [ 'itemid' ]);
$row [ 'comment_type' ] = e107 :: getComment () -> getCommentType ( $tp -> toDB ( $_POST [ 'table' ], true ));
$row [ 'comment_subject' ] = $_POST [ 'subject' ];
$row [ 'comment_comment' ] = $_POST [ 'comment' ];
$row [ 'user_image' ] = USERIMAGE ;
$row [ 'user_id' ] = USERID ;
$row [ 'user_name' ] = USERNAME ;
$row [ 'comment_datestamp' ] = time ();
$row [ 'comment_blocked' ] = ( vartrue ( $pref [ 'comments_moderate' ]) ? 2 : 0 );
echo " \n <!-- Appended --> \n " ;
echo e107 :: getComment () -> render_comment ( $row , 'comment' , intval ( $_POST [ 'itemid' ]));
echo " \n <!-- end Appended --> \n " ;
}
}
exit ;
}
2006-12-02 04:36:16 +00:00
require_once ( e_HANDLER . " news_class.php " );
require_once ( e_HANDLER . " comment_class.php " );
define ( " PAGE_NAME " , COMLAN_99 );
2009-01-22 01:58:29 +00:00
if ( ! e_QUERY )
2008-09-23 19:44:08 +00:00
{
2006-12-02 04:36:16 +00:00
header ( " location: " . e_BASE . " index.php " );
exit ;
}
2009-09-14 18:18:36 +00:00
$cobj = new comment ;
2006-12-02 04:36:16 +00:00
$temp_query = explode ( " . " , e_QUERY );
2007-08-17 19:23:26 +00:00
$action = $temp_query [ 0 ]; // Usually says 'comment' - may say 'reply'
$table = $temp_query [ 1 ]; // Table containing item associated with comment(s)
2010-08-23 07:28:46 +00:00
$id = intval ( varset ( $temp_query [ 2 ], 0 )); // ID of item associated with comments (e.g. news ID)
// For reply with nested comments, its the ID of the comment
2007-08-17 19:23:26 +00:00
$nid = intval ( varset ( $temp_query [ 3 ], " " )); // Action - e.g. 'edit'. Or news ID for reply with nested comments
$xid = intval ( varset ( $temp_query [ 4 ], " " )); // ID of target comment
global $comment_edit_query ;
$comment_edit_query = $temp_query [ 0 ] . " . " . $temp_query [ 1 ] . " . " . $temp_query [ 2 ];
2006-12-02 04:36:16 +00:00
unset ( $temp_query );
2008-05-25 08:26:11 +00:00
$redirectFlag = 0 ;
2009-01-22 01:58:29 +00:00
if ( isset ( $_POST [ 'commentsubmit' ]) || isset ( $_POST [ 'editsubmit' ]))
2008-05-25 08:26:11 +00:00
{ // New comment, or edited comment, being posted.
2006-12-02 04:36:16 +00:00
if ( ! ANON && ! USER )
{
2009-01-22 01:58:29 +00:00
header ( " location: " . e_BASE . " index.php " );
exit ;
2006-12-02 04:36:16 +00:00
}
2010-08-23 07:28:46 +00:00
switch ( $table )
2007-08-17 19:23:26 +00:00
{
2010-08-23 07:28:46 +00:00
case 'poll' :
if ( ! $sql -> db_Select ( " polls " , " poll_title " , " `poll_id` = ' { $id } ' AND `poll_comment` = 1 " ))
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
break ;
case 'news' :
if ( ! $sql -> db_Select ( " news " , " news_allow_comments " , " `news_id` = ' { $id } ' AND `news_allow_comments` = 0 " ))
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
2010-08-27 06:53:59 +00:00
break ;
2010-08-23 07:28:46 +00:00
case 'user' :
if ( ! $sql -> db_Select ( 'user' , 'user_name' , '`user_id` =' . $id ))
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
2010-08-27 06:53:59 +00:00
break ;
2006-12-02 04:36:16 +00:00
}
2008-05-25 08:26:11 +00:00
$pid = intval ( varset ( $_POST [ 'pid' ], 0 )); // ID of the specific comment being edited (nested comments - replies)
2006-12-02 04:36:16 +00:00
2008-05-25 08:26:11 +00:00
$editpid = intval ( varset ( $_POST [ 'editpid' ], 0 )); // ID of the specific comment being edited (in-line comments)
2006-12-02 04:36:16 +00:00
$clean_authorname = $_POST [ 'author_name' ];
$clean_comment = $_POST [ 'comment' ];
$clean_subject = $_POST [ 'subject' ];
$cobj -> enter_comment ( $clean_authorname , $clean_comment , $table , $id , $pid , $clean_subject );
2009-01-22 01:58:29 +00:00
if ( $table == " news " )
2007-08-17 19:23:26 +00:00
{
2006-12-02 04:36:16 +00:00
$e107cache -> clear ( " news " );
2009-01-22 01:58:29 +00:00
}
else
2007-08-17 19:23:26 +00:00
{
2006-12-02 04:36:16 +00:00
$e107cache -> clear ( " comment.php? { $table } . { $id } " );
}
2009-01-22 01:58:29 +00:00
if ( $editpid )
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
$redirectFlag = $id ;
/* $redir = preg_replace ( " # \ .edit.*#si " , " " , e_QUERY );
2006-12-02 04:36:16 +00:00
header ( " Location: " . e_SELF . " ? { $redir } " );
2008-05-25 08:26:11 +00:00
exit ; */
2006-12-02 04:36:16 +00:00
}
}
2007-08-17 19:23:26 +00:00
2006-12-02 04:36:16 +00:00
if ( isset ( $_POST [ 'replysubmit' ]))
2008-05-25 08:26:11 +00:00
{ // Reply to nested comment being posted
2009-01-22 01:58:29 +00:00
if ( $table == " news " && ! $sql -> db_Select ( " news " , " news_allow_comments " , " news_id=' { $nid } ' " ))
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
header ( " location: " . e_BASE . " index.php " );
exit ;
}
else
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
$row = $sql -> db_Fetch ();
if ( ! $row [ 'news_id' ])
{
$pid = ( isset ( $_POST [ 'pid' ]) ? $_POST [ 'pid' ] : 0 );
$pid = intval ( $pid );
2006-12-02 04:36:16 +00:00
2009-01-22 01:58:29 +00:00
$clean_authorname = $_POST [ 'author_name' ];
$clean_comment = $_POST [ 'comment' ];
$clean_subject = $_POST [ 'subject' ];
2006-12-02 04:36:16 +00:00
2009-01-22 01:58:29 +00:00
$cobj -> enter_comment ( $clean_authorname , $clean_comment , $table , $nid , $pid , $clean_subject );
$e107cache -> clear ( " comment.php? { $table } . { $id } " );
}
$redirectFlag = $nid ;
2008-05-25 08:26:11 +00:00
}
}
2006-12-02 04:36:16 +00:00
2008-05-25 08:26:11 +00:00
if ( $redirectFlag )
{ // Need to go back to original page
2011-12-06 09:42:27 +00:00
2010-08-23 07:28:46 +00:00
// Check for core tables first
switch ( $table )
{
case " news " :
2011-11-26 18:17:42 +00:00
header ( 'Location: ' . e107 :: getUrl () -> create ( 'news/view/item' , 'id=' . $redirectFlag ));
2010-08-23 07:28:46 +00:00
exit ;
case " poll " :
echo " <script type='text/javascript'>document.location.href=' " . e_HTTP . " comment.php?comment. { $table } . { $redirectFlag } '</script> \n " ;
exit ;
case " download " :
echo " <script type='text/javascript'>document.location.href=' " . e_HTTP . " download.php?view. { $redirectFlag } '</script> \n " ;
exit ;
case " page " :
echo " <script type='text/javascript'>document.location.href=' " . e_HTTP . " page.php? { $redirectFlag } '</script> \n " ;
exit ;
case 'user' :
2011-12-06 09:42:27 +00:00
echo " <script type='text/javascript'>document.location.href=' " . e107 :: getUrl () -> create ( 'user/profile/view' , 'id=' . $redirectFlag ) . " '</script> \n " ;
2010-08-23 07:28:46 +00:00
exit ;
}
2009-01-22 01:58:29 +00:00
// Check plugin e_comment.php files
$plugin_redir = false ;
$e_comment = $cobj -> get_e_comment ();
if ( $table == $e_comment [ $table ][ 'eplug_comment_ids' ])
2008-05-25 08:26:11 +00:00
{
2009-01-22 01:58:29 +00:00
$plugin_redir = TRUE ;
2010-08-23 07:28:46 +00:00
$reply_location = str_replace ( '{NID}' , $redirectFlag , $e_comment [ $table ][ 'reply_location' ]);
2009-01-22 01:58:29 +00:00
}
2009-09-14 18:18:36 +00:00
2009-01-22 01:58:29 +00:00
if ( $plugin_redir )
{
echo " <script type='text/javascript'>document.location.href=' { $reply_location } '</script> \n " ;
2008-05-25 08:26:11 +00:00
exit ;
2006-12-02 04:36:16 +00:00
}
2010-08-23 07:28:46 +00:00
// No redirect found if we get here.
2006-12-02 04:36:16 +00:00
}
2007-08-17 19:23:26 +00:00
$comment_ob_start = FALSE ;
2009-01-22 01:58:29 +00:00
if ( $action == " reply " )
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
if ( ! $pref [ 'nested_comments' ])
2007-08-17 19:23:26 +00:00
{
2006-12-02 04:36:16 +00:00
header ( " Location: " . e_BASE . " comment.php?comment. { $table } . { $nid } " );
exit ;
}
2009-01-22 01:58:29 +00:00
2006-12-02 04:36:16 +00:00
$query = " `comment_id` = ' { $id } ' LIMIT 0,1 " ;
2009-01-22 01:58:29 +00:00
if ( $sql -> db_Select ( " comments " , " comment_subject " , " `comment_id` = ' { $id } ' " ))
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
$comments = $sql -> db_Fetch ();
2007-01-05 09:00:52 +00:00
$subject = $comments [ 'comment_subject' ];
$subject_header = $tp -> toHTML ( $comments [ 'comment_subject' ]);
2006-12-02 04:36:16 +00:00
}
2009-01-22 01:58:29 +00:00
if ( $subject == " " )
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
switch ( $table )
{
case " news " :
2010-08-23 07:28:46 +00:00
if ( ! $sql -> db_Select ( " news " , " news_title " , " news_id=' { $nid } ' " ))
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
else
{
$news = $sql -> db_Fetch ();
$subject = $news [ 'news_title' ];
$title = COMLAN_100 ;
}
2010-08-27 06:53:59 +00:00
break ;
2009-01-22 01:58:29 +00:00
case " poll " :
2010-08-23 07:28:46 +00:00
if ( ! $sql -> db_Select ( " polls " , " poll_title " , " poll_id=' { $nid } ' " ))
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
else
{
$poll = $sql -> db_Fetch ();
$subject = $poll [ 'poll_title' ];
$title = COMLAN_101 ;
}
break ;
2009-01-22 01:58:29 +00:00
case 'download' :
2010-08-23 07:28:46 +00:00
if ( $sql -> db_Select ( 'download' , 'download_name' , " download_id= { $nid } " ))
{
$row = $sql -> db_Fetch ();
$subject = $row [ 'download_name' ];
$title = COMLAN_106 ;
}
else
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
break ;
case 'user' :
if ( $sql -> db_Select ( 'user' , 'user_name' , " user_id= { $nid } " ))
{
$row = $sql -> db_Fetch ();
$subject = $row [ 'user_name' ];
$title = COMLAN_12 ;
}
else
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
break ;
2009-01-22 01:58:29 +00:00
}
2006-12-02 04:36:16 +00:00
}
2009-09-14 18:18:36 +00:00
define ( 'e_PAGETITLE' , COMLAN_102 . $subject . ( $title ? ' / ' . $title : '' ) . " / " . COMLAN_99 );
2006-12-02 04:36:16 +00:00
require_once ( HEADERF );
2009-01-22 01:58:29 +00:00
}
2008-09-23 19:44:08 +00:00
elseif ( $action == 'comment' )
2008-05-25 08:26:11 +00:00
{ // Default code if not reply
// Check cache
2009-01-22 01:58:29 +00:00
if ( $cache = $e107cache -> retrieve ( " comment.php? { $table } . { $id } " ))
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
require_once ( HEADERF );
echo $cache ;
require_once ( FOOTERF );
exit ;
}
else
2007-08-17 19:23:26 +00:00
{
2009-01-22 01:58:29 +00:00
switch ( $table )
{
case " news " :
2010-08-23 07:28:46 +00:00
if ( isset ( $pref [ 'trackbackEnabled' ]) && $pref [ 'trackbackEnabled' ])
{
$query = " SELECT COUNT(tb.trackback_pid) AS tb_count, n.*, u.user_id, u.user_name, u.user_customtitle, nc.category_name, nc.category_icon FROM #news AS n
LEFT JOIN #user AS u ON n.news_author = u.user_id
LEFT JOIN #news_category AS nc ON n.news_category = nc.category_id
LEFT JOIN #trackback AS tb ON tb.trackback_pid = n.news_id
WHERE n . news_class REGEXP '".e_CLASS_REGEXP."'
AND n . news_id = { $id }
AND n . news_allow_comments = 0
GROUP by n . news_id " ;
}
else
{
$query = " SELECT n.*, u.user_id, u.user_name, u.user_customtitle, nc.category_name, nc.category_icon FROM #news AS n
LEFT JOIN #user AS u ON n.news_author = u.user_id
LEFT JOIN #news_category AS nc ON n.news_category = nc.category_id
WHERE n . news_class REGEXP '".e_CLASS_REGEXP."'
AND n . news_id = { $id }
AND n . news_allow_comments = 0 " ;
}
2006-12-02 04:36:16 +00:00
2010-08-23 07:28:46 +00:00
if ( ! $sql -> db_Select_gen ( $query ))
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
else
{
$news = $sql -> db_Fetch ();
$subject = $tp -> toForm ( $news [ 'news_title' ]);
define ( " e_PAGETITLE " , " { $subject } - " . COMLAN_100 . " / " . COMLAN_99 );
require_once ( HEADERF );
ob_start ();
$comment_ob_start = TRUE ;
$ix = new news ;
$ix -> render_newsitem ( $news , " extend " ); // extend so that news-title-only news text is displayed in full when viewing comments.
$field = $news [ 'news_id' ];
}
break ;
2009-01-22 01:58:29 +00:00
case " poll " :
2010-08-23 07:28:46 +00:00
if ( ! $sql -> db_Select ( " polls " , " * " , " poll_id=' { $id } ' " ))
2009-01-22 01:58:29 +00:00
{
2010-08-23 07:28:46 +00:00
header ( " location: " . e_BASE . " index.php " );
2009-01-22 01:58:29 +00:00
exit ;
}
2010-08-23 07:28:46 +00:00
else
{
$row = $sql -> db_Fetch ();
$comments_poll = $row [ 'poll_comment' ];
$subject = $row [ 'poll_title' ];
define ( " e_PAGETITLE " , $subject . ' - ' . COMLAN_101 . " / " . COMLAN_99 );
$poll_to_show = $id ; // Need to pass poll number through to display routine
require_once ( HEADERF );
require ( e_PLUGIN . " poll/poll_menu.php " );
$field = $row [ 'poll_id' ];
if ( ! $comments_poll )
{
require_once ( FOOTERF );
exit ;
}
}
break ;
2009-01-22 01:58:29 +00:00
case 'download' :
2010-08-23 07:28:46 +00:00
if ( $sql -> db_Select ( 'download' , 'download_name' , " download_id= { $id } " ))
2009-01-22 01:58:29 +00:00
{
$row = $sql -> db_Fetch ();
2010-08-23 07:28:46 +00:00
$subject = $row [ 'download_name' ];
$title = COMLAN_106 ;
2009-01-22 01:58:29 +00:00
$field = $id ;
require_once ( HEADERF );
}
else
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
2010-08-23 07:28:46 +00:00
break ;
case 'user' :
if ( $sql -> db_Select ( 'user' , 'user_name' , " user_id= { $id } " ))
2010-01-15 21:10:23 +00:00
{
2010-08-23 07:28:46 +00:00
$row = $sql -> db_Fetch ();
$subject = $row [ 'user_name' ];
//$title = 'Edit comment about user';
$field = $id ;
require_once ( HEADERF );
2010-01-15 21:10:23 +00:00
}
else
{
2010-08-23 07:28:46 +00:00
header ( " location: " . e_BASE . " index.php " );
2010-01-15 21:10:23 +00:00
exit ;
}
2010-08-23 07:28:46 +00:00
break ;
default : // Hope its a plugin table
$e_comment = $cobj -> get_e_comment ();
if ( $table == $e_comment [ $table ][ 'eplug_comment_ids' ])
{
2011-05-04 21:35:14 +00:00
if ( $sql -> db_Select ( $e_comment [ $table ][ 'db_table' ], $e_comment [ $table ][ 'db_title' ], $e_comment [ $table ][ 'db_id' ] . " = { $id } " ))
2010-08-23 07:28:46 +00:00
{
$row = $sql -> db_Fetch ();
$subject = $row [ $e_comment [ $table ][ 'db_title' ]];
$title = $e_comment [ $table ][ 'plugin_name' ];
$field = $id ;
require_once ( HEADERF );
}
else
{
header ( " location: " . e_BASE . " index.php " );
exit ;
}
}
else
{ // Error - emit some debug code
require_once ( HEADERF );
if ( E107_DEBUG_LEVEL )
{
echo " Comment error: { $table } Field: { $e_comment [ 'db_id' ] } ID { $id } Title: { $e_comment [ 'db_title' ] } <br /> " ;
echo " <pre> " ;
var_dump ( $e_comment );
echo " </pre> " ;
}
else
{
header ( 'location:' . e_BASE . 'index.php' );
exit ;
}
}
2009-01-22 01:58:29 +00:00
}
2006-12-02 04:36:16 +00:00
}
}
2008-09-23 19:44:08 +00:00
else
{ // Invalid action - just exit
header ( " location: " . e_BASE . " index.php " );
exit ;
}
2006-12-02 04:36:16 +00:00
2007-08-17 19:23:26 +00:00
if ( isset ( $pref [ 'trackbackEnabled' ]) && $pref [ 'trackbackEnabled' ] && $table == " news " )
{
2010-01-09 12:06:15 +00:00
echo " <span class='smalltext'><b> " . $pref [ 'trackbackString' ] . " </b> " . SITEURLBASE . e_PLUGIN_ABS . " trackback/trackback.php?pid= { $id } </span> " ;
2006-12-02 04:36:16 +00:00
}
2008-05-25 08:26:11 +00:00
$field = ( $field ? $field : ( $id ? $id : " " )); // ID of associated source item
2006-12-02 04:36:16 +00:00
$width = ( isset ( $width ) && $width ? $width : " " );
$cobj -> compose_comment ( $table , $action , $field , $width , $subject , $rate = FALSE );
2008-05-25 08:26:11 +00:00
if ( isset ( $pref [ 'trackbackEnabled' ]) && $pref [ 'trackbackEnabled' ] && $table == " news " )
{
2006-12-02 04:36:16 +00:00
if ( $sql -> db_Select ( " trackback " , " * " , " trackback_pid= { $id } " ))
{
$tbArray = $sql -> db_getList ();
if ( file_exists ( THEME . " trackback_template.php " )) {
require_once ( THEME . " trackback_template.php " );
} else {
require_once ( e_THEME . " templates/trackback_template.php " );
}
$text = " " ;
foreach ( $tbArray as $trackback )
{
extract ( $trackback );
$TITLE = $trackback_title ;
$EXCERPT = $trackback_excerpt ;
$BLOGNAME = " <a href=' { $trackback_url } ' rel='external'> { $trackback_blogname } </a> " ;
$text .= preg_replace ( " / \ { (.*?) \ }/e " , '$\1' , $TRACKBACK );
}
if ( $TRACKBACK_RENDER_METHOD )
{
$ns -> tablerender ( " <a name='track'></a> " . COMLAN_315 , $text );
}
else
{
echo " <a name='track'></a> " . $text ;
}
}
else
{
echo " <a name='track'></a> " . COMLAN_316 ;
}
if ( ADMIN && getperms ( " B " )) {
2010-01-09 12:06:15 +00:00
echo " <div style='text-align:right'><a href=' " . e_PLUGIN_ABS . " trackback/modtrackback.php? " . $id . " '> " . COMLAN_317 . " </a></div><br /> " ;
2006-12-02 04:36:16 +00:00
}
}
2008-11-05 21:17:50 +00:00
2009-01-22 01:58:29 +00:00
//if (!strstr(e_QUERY, "poll"))
2008-11-05 21:17:50 +00:00
// If output buffering started, cache the result
2009-01-22 01:58:29 +00:00
if ( $comment_ob_start )
2007-12-08 14:49:56 +00:00
{
2009-01-22 01:58:29 +00:00
$cache = ob_get_contents ();
$e107cache -> set ( " comment.php? { $table } . { $field } " , $cache );
2008-11-05 21:17:50 +00:00
ob_end_flush (); // dump the buffer we started
2007-12-08 14:49:56 +00:00
}
2006-12-02 04:36:16 +00:00
require_once ( FOOTERF );
?>
