$container['account_id'] = $album_id;
forward($container);
exit;
}
$db = new SmrMySqlDatabase();
if (!isset($_GET['comment']) || empty($_GET['comment'])) {
create_error_offline('Please enter a comment.');
} else {
$comment = $_GET['comment'];
}
// get current time
$curr_time = TIME;
$comment = word_filter($comment);
$account->sendMessageToBox(BOX_ALBUM_COMMENTS, $comment);
// check if we have comments for this album already
$db->lockTable('album_has_comments');
$db->query('SELECT MAX(comment_id) FROM album_has_comments WHERE album_id = ' . $db->escapeNumber($album_id));
if ($db->nextRecord()) {
$comment_id = $db->getField('MAX(comment_id)') + 1;
} else {
$comment_id = 1;
}
$db->query('INSERT INTO album_has_comments
(album_id, comment_id, time, post_id, msg)
VALUES (' . $db->escapeNumber($album_id) . ', ' . $db->escapeNumber($comment_id) . ', ' . $db->escapeNumber($curr_time) . ', ' . $db->escapeNumber($account->getAccountID()) . ', ' . $db->escapeString($comment) . ')');
$db->unlock();
header('Location: ' . URL . '/album/?' . get_album_nick($album_id));
exit;
} catch (Exception $e) {
handleException($e);
}
$PHP_OUTPUT .= 'Nothing to approve!';
return;
}
if ($db->nextRecord()) {
$album_id = $db->getField('account_id');
$location = stripslashes($db->getField('location'));
$email = stripslashes($db->getField('email'));
$website = stripslashes($db->getField('website'));
$day = $db->getField('day');
$month = $db->getField('month');
$year = $db->getField('year');
$other = nl2br(stripslashes($db->getField('other')));
$last_changed = $db->getField('last_changed');
$disabled = $db->getField('disabled');
// get this user's nick
$nick = get_album_nick($album_id);
$PHP_OUTPUT .= '<table border="0" align="center" cellpadding="5" cellspacing="0">';
$PHP_OUTPUT .= '<tr>';
$PHP_OUTPUT .= '<td align="center" colspan="2">';
$PHP_OUTPUT .= '<span style="font-size:150%;">' . $nick . '</span>';
$PHP_OUTPUT .= '</td>';
$PHP_OUTPUT .= '</tr>';
$PHP_OUTPUT .= '<tr>';
$PHP_OUTPUT .= '<td colspan="2" align="center" valign="middle">';
if ($disabled == 'FALSE') {
$PHP_OUTPUT .= '<img src="' . URL . '/upload/' . $album_id . '">';
} else {
$PHP_OUTPUT .= '<img src="' . URL . '/upload/0">';
}
$PHP_OUTPUT .= '</td>';
$PHP_OUTPUT .= '</tr>';
function search_result($album_ids)
{
// list of all first letter nicks
create_link_list();
echo '<div align="center" style="font-size:125%;">Please make a selection!</div>';
echo '<table border="0" align="center" cellpadding="5" cellspacing="0">';
$count = 0;
echo '<tr><td width="25%" valign="top">';
foreach ($album_ids as $album_id) {
$count++;
$nick = get_album_nick($album_id);
echo '<a href="' . URL . '/album/?' . urlencode($nick) . '" style="font-size:80%;">' . $nick . '</a><br />';
if (floor(sizeof($album_ids) / 4) > 0 && $count % floor(sizeof($album_ids) / 4) == 0) {
echo '</td><td width="25%" valign="top">';
}
}
echo '</td></tr>';
echo '</table>';
}
$PHP_OUTPUT .= create_echo_form($container);
$PHP_OUTPUT .= '<td align="center">';
$PHP_OUTPUT .= create_submit('Reset');
$PHP_OUTPUT .= '</td>';
$PHP_OUTPUT .= '</form>';
if (empty($other)) {
$other = 'N/A';
}
$PHP_OUTPUT .= '<td align="right" valign="top" width="10%" class="bold">Other Info :<br /><small>(AIM/ICQ) </small></td><td colspan="2">' . $other . '</td>';
$PHP_OUTPUT .= '</tr>';
$container['task'] = 'delete_comment';
$PHP_OUTPUT .= create_echo_form($container);
$PHP_OUTPUT .= '<input type="hidden" name="task" value="delete_comment">';
$PHP_OUTPUT .= '<tr><td> </td><td colspan="3"><u>Comments</u></td></tr>';
$db->query('SELECT *
FROM album_has_comments
WHERE album_id = ' . $db->escapeNumber($account_id));
while ($db->nextRecord()) {
$comment_id = $db->getInt('comment_id');
$time = $db->getInt('time');
$postee = get_album_nick($db->getInt('post_id'));
$msg = stripslashes($db->getField('msg'));
$PHP_OUTPUT .= '<tr><td align="center"><input type="checkbox" name="comment_ids[]" value="' . $comment_id . '"></td><td colspan="3"><span style="font-size:85%;">[' . date('Y/n/j g:i A', $time) . '] <' . $postee . '> ' . $msg . '</span></td></tr>';
}
$PHP_OUTPUT .= '<tr><td align="center">';
$PHP_OUTPUT .= create_submit('Delete');
$PHP_OUTPUT .= '</td>';
$PHP_OUTPUT .= '<td colspan="3"> </td></tr>';
$PHP_OUTPUT .= '</form>';
$PHP_OUTPUT .= '</table>';
}
