function affichage_comments($thread_id, $moderation_mode = false, $unique_mode = false) { $privileges = user_privilege_level(); $is_admin = $privileges > 3; $is_logged = is_logged(); $ancre = htmlentities($thread_id); if ($moderation_mode) { if ($is_admin) { $escaped_name = mysql_real_escape_string($_SESSION['login_c']); $comments = get_comments($thread_id, $privileges, $escaped_name, $output = ''); if ($comments->result) { $result_returned = false; foreach ($comments->data as $thread_id => $row) { $result_returned = true; $is_proprio = check_property($row["rand_prop"], $row["hash_prop"]); $ancre = htmlentities($row["comment_id"]); $date = $row['date']; $possibly_name = $row['possibly_name']; $sec_cid = htmlentities($row["comment_id"]); $thread_tmp = htmlentities($row["thread_id"]); $text = text_display_prepare(trim($row["text"])); // Informations de contexte display_comment($row, True, $privileges, $is_admin, $unique_mode); } if (!$result_returned) { echo '<div class="warning">Aucun commentaire n\'est disponible selon les critères choisis</div>'; } } else { echo '<div class="warning">Erreur lors de la recherche des commentaires non modérés</div>'; } } else { echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>'; } } else { if ($privileges > 1) { if (isset($_SESSION["unroll_comment"]) && $_SESSION["unroll_comment"] == $thread_id) { $escaped_threadid = mysql_real_escape_string($thread_id); $escaped_name = isset($_SESSION['login_c']) ? mysql_real_escape_string($_SESSION['login_c']) : ''; $comments = get_comments($escaped_threadid, $privileges, $escaped_name, $output = ''); if ($comments->result) { if ($privileges > 3) { $result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s'", mysql_real_escape_string($thread_id))); } else { if ($is_logged) { $result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s' AND (is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($thread_id), mysql_real_escape_string($_SESSION['login_c']))); } else { $result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE is_valid=1 AND thread_id='%s'", mysql_real_escape_string($thread_id))); } } if ($row = mysql_fetch_assoc($result_temp)) { $nb_comment = htmlentities($row["NB_COMMENT"]); display_speccom($unique_mode, $ancre, $thread_id, $nb_comment, 'roll'); } @mysql_free_result($result_temp); foreach ($comments->data as $thread_id => $row) { $is_proprio = check_property($row["rand_prop"], $row["hash_prop"]); $is_valid = $row["is_valid"]; if ($is_valid || $is_proprio || $privileges > 3) { // afficher les commentaires display_comment($row, $is_logged, $privileges, $unique_mode); } } $text_prec = ""; $anon_prec = ""; if (isset($_SESSION["text_new_comment_rest"])) { $text_prec = $_SESSION["text_new_comment_rest"]; } if (isset($_SESSION["text_anonymous_rest"])) { $anon_prec = 1; } if ($privileges > 2) { // display the form that allows users to post comments display_comment_form($unique_mode, $ancre, $thread_id, $text_prec, $anon_prec); } if (isset($_SESSION["text_new_comment_rest"])) { unset($_SESSION["text_new_comment_rest"]); } if (isset($_SESSION["text_anonymous_rest"])) { unset($_SESSION["text_anonymous_rest"]); } } else { echo '<div class="warning">Erreur lors de la recherche des commentaires</div></div>'; } } else { if ($privileges > 3) { $result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s'", mysql_real_escape_string($thread_id))); } else { if (is_logged()) { $result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s' AND (is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($thread_id), mysql_real_escape_string($_SESSION['login_c']))); } else { $result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE is_valid=1 AND thread_id='%s'", mysql_real_escape_string($thread_id))); } } if ($result && ($row = mysql_fetch_assoc($result))) { $nb_comment = htmlentities($row["NB_COMMENT"]); display_speccom($unique_mode, $ancre, $thread_id, $nb_comment, 'unroll'); } else { echo '<div class="warning">Erreur lors de la recherche des commentaires</div></div>'; } @mysql_free_result($result); } } else { echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>'; } } }
if ($__info['next_id'] > $__info['pic_id']) { ?> <li class="next"><a title="第 <?php echo $__info['next_id']; ?> 号图片" href="<?php echo picture_link($__info['next_id']); ?> ">下一张→</a> </li> <?php } ?> </ul> <?php display_comment($__CommentData); ?> </div> <script> $(function () { $(".single .like_picture").click(function () { var s_o = this; $.post('<?php echo get_url('UserApi', 'picture_like'); ?> ', {id:<?php echo $__info['pic_id']; ?> }, function (data) { if (data['status']) { var now_number = $(s_o).find("span span").text();
<?php #to do: turn layout into divs function display_comment($id) { global $dbcon; $R = $dbcon->CacheExecute("SELECT * FROM comments WHERE publish=1 and articleid = {$id} order by date desc") or die($dbcon->ErrorMsg()); echo '<br><p><a href="comment.php?cid=' . $id . '">add a comment</a></p>'; while (!$R->EOF) { echo "<hr><p><b>" . $R->Fields("title") . "</b><br>"; echo '<i>by '; if ($R->Fields("email")) { echo '<a href="mailto: ' . $R->Fields("email") . '">'; } echo $R->Fields("author"); echo '</a>, ' . DoDateTime($R->Fields("date"), "l, M j, Y g:iA") . '</i></p>'; echo '<p>' . converttext($R->Fields("comment")) . '</p>'; $R->MoveNext(); } } display_comment($MM_id);