function add_comment() { global $db, $fullsite, $cla_cid, $cla_nid, $cla_site, $ts_config; $result = array('result' => -1, 'data' => ''); if (!is_login()) { die(json_encode($result)); } $user_info = get_user_info_login(); $user_id = get_userid(); $comment = __post('comment'); $post_id = (int) __post('post_id'); $token = __post('token'); $tokenCheck = md5(md5($post_id)); if ($token != $tokenCheck) { $result['result'] = -2; die(json_encode($result)); } $sSQL = " insert into ntk_forum_comments(user_id,post_id,content,`status`,create_date)\n\t\t\t\tvalues({$user_id},{$post_id},'{$comment}',0,NOW() )\n\t\t\t"; $resultSQL = $db->query($sSQL, true, "Query failed"); $result['result'] = 1; $html_comment = '<div class="forum_comment ' . $class . '">'; $html_comment .= '<div class="forum_comment_header">'; $html_comment .= '<span class="forum_comment_full_name">' . $user_info['full_name'] . '</span> '; $html_comment .= '<span class="forum_comment_date">' . date("d/m/Y H:i:s") . '</span><br>'; $html_comment .= '</div>'; $html_comment .= '<div class="forum_comment_content">'; $html_comment .= ' <pre>' . $comment . '<pre>'; $html_comment .= '</div>'; $html_comment .= '</div>'; $result['data'] = $html_comment; die(json_encode($result)); }
function page_post() { global $db, $fullsite, $cla_cid, $cla_nid, $cla_site, $ts_config; $_msg = null; if (isset($_POST['title']) && __post('title') != '') { $result = array('result' => -1, 'data' => ''); if (!is_login()) { $_msg['msg'] = get_lang('forum_post_error_1'); $_msg['result'] = -1; } $user_info = get_user_info_login(); $user_email = $user_info['email']; $title = __post('title'); $category_id = __post('category_id'); $content = __post('content'); $status = 1; if ($title != '' && $category_id > 0 && $content != '') { $sSQL = " insert into ntk_forum_posts (cid,title_vi,content_vi,status,create_date,create_by)\n\t\t\t\t\t\tvalues(" . (int) $category_id . ",N'" . $title . "',N'" . $content . "'," . $status . ",NOW(),'" . $user_email . "')\n\t\t\t\t\t\t"; $result = $db->query($sSQL, true, "Query failed"); if ($result != NULL) { $sSQL = "\tselect * from ntk_forum_posts where `status` = 1 order by id desc limit 0,1 "; $result = $db->query($sSQL, true, "Query failed"); if ($aR = $db->fetchByAssoc($result)) { $_msg['result'] = 1; $_msg['msg'] = get_lang('forum_post_success'); $_msg['post_id'] = $aR['id']; $post_id = $aR['id']; $title_link = fnStrConvert($title); $title_link = str_replace(" ", '-', $title_link); $link_detail = forum_path . "/" . $category_id . "/" . $post_id . "/" . $title_link . ".html"; } } else { $_msg['result'] = -3; $_msg['msg'] = get_lang('forum_post_error_3'); } } else { $_msg['result'] = -2; $_msg['msg'] = get_lang('forum_post_error_2'); } } if ($_msg != null) { if ($_msg['result'] == 1) { $post_success = true; $_msg['msg'] == '<span style="color:#0000FF; font-size:14px;">' . $_msg['msg'] . '</span>'; } else { $_msg['msg'] == '<span style="color:#FF0000; font-size:14px;">' . $_msg['msg'] . '</span>'; } } $category_list = get_list_categories(); include 'themes/NTK/forum_post.php'; }