function comment_main($module)
{
global $fpdb, $fp_params;
// hackish solution to get title before fullparse starts dunno, I don't like it
$q =& $fpdb->getQuery();
list($id, $entry) = @$q->peekEntry();
if (!$entry) {
return $module;
}
if (!empty($fp_params['feed'])) {
switch ($fp_params['feed']) {
case 'atom':
header('Content-type: application/atom+xml');
$module = SHARED_TPLS . 'comment-atom.tpl';
break;
case 'rss2':
default:
header('Content-type: application/rss+xml');
$module = SHARED_TPLS . 'comment-rss.tpl';
}
} elseif (!in_array('commslock', $entry['categories'])) {
commentform();
}
return $module;
}
function shownews($post_integra = 1, $post_cabecalho = 9, $comenta = 0, $categ = -1)
{
global $newsmessage, $set, $pagenum, $prefix;
if ($_GET['action'] == "delete" && is_intval($_GET['id']) && is_intval($_GET['commentid']) && $_SESSION['adminlevel'] > 3) {
dbquery("DELETE FROM " . $prefix . "comments WHERE id=" . $_GET['commentid']);
}
if (isset($_GET['id'])) {
if (!is_intval($_GET['id'])) {
die("news - Aha! Clever!");
} else {
$noticia_numero = $_GET['id'];
}
}
if ($noticia_numero != "") {
$query = "SELECT titulo,data,noticia,autor,email,visto, reg FROM " . $prefix . "noticias WHERE reg=" . $noticia_numero;
if ($categ > -1) {
$query .= " AND cat=" . $categ;
}
} else {
$query = "SELECT titulo, data, noticia, autor, email, visto, reg FROM " . $prefix . "noticias";
if ($categ > -1) {
$query .= " WHERE cat=" . $categ;
}
$query .= " ORDER BY reg DESC LIMIT 0, {$post_integra}";
}
$row = dbquery($query);
$first = false;
while ($row_db = fetch_array($row)) {
$out .= show_one_news($row_db['titulo'], $row_db['data'], $row_db['noticia'], $row_db['autor'], $row_db['email']);
//check if there are comments on this news
$res = dbquery("SELECT * FROM " . $prefix . "comments WHERE newsid=" . $row_db['reg'] . " ORDER BY time DESC");
$num = num_rows($res);
if ($_GET['showcomments'] == "1" || $comenta == 2) {
//show the comments
$ff = true;
$i = 0;
while ($row1 = fetch_array($res)) {
if ($ff) {
$out .= "<div class=\"LNEnews_comments\">" . $newsmessage[143] . ":</div>";
$ff = false;
}
$out .= "<div class=\"LNEnews_comment\">\n";
if ($_SESSION['adminlevel'] > 3) {
$out .= "\n<form method=\"post\" action=\"\" class=\"delete\">\n";
$out .= "<input type=\"hidden\" name=\"newsid\" value=\"" . $row1['newsid'] . "\" />\n";
$out .= "<input type=\"hidden\" name=\"id\" value=\"" . $row1['id'] . "\" />\n";
$out .= "<input type=\"hidden\" name=\"submit\" value=\"deletecomment\" />\n";
$out .= "<input type=\"image\" name=\"aaa\" src=\"images/editdelete.png\" value=\"\" title=\"{$newsmessage['174']}\" style=\"border: none; background: transparent; width: 16px; height: 16px;\"/>\n";
$out .= "</form>\n";
}
$out .= "<span class=\"time\">" . $newsmessage[112] . " " . data_formatada($row1['time']) . "</span>";
$out .= "<span class=\"text\">" . decode($row1['text']) . "</span>";
$out .= "<span class=\"poster\">" . $newsmessage[144] . ": </span>\n";
/* if($row1['postermail']!="")
$out.="<span class=\"author\"><a href=\"mailto:".decode($row1['postermail'])."\">".stripslashes(decode($row1['poster']))."</a></span>";
else */
$out .= "<span class=\"author\">" . stripslashes(decode($row1['poster'])) . "</span>";
$out .= "</div>\n";
unset($_GET['showcomments']);
}
} else {
if ($num) {
$out .= "<a href=\"" . $_SERVER['SCRIPT_NAME'] . "?page=" . $pagenum . "&id=" . $row_db['reg'] . "&showcomments=1\">" . $newsmessage[143] . ": " . $num . "</a><br />\n";
}
}
$out .= "\n<br />";
if (!$first && ($comenta == 2 || $comenta == 1 && $_SESSION['user'] != "")) {
$out .= commentform($row_db[6]);
}
$first = true;
$novo_visto = $row_db[5] + 1;
$query_add = dbquery("UPDATE " . $prefix . "noticias SET visto = {$novo_visto} WHERE reg = " . $row_db[6]);
}
$post_cabecalho_s = $post_cabecalho + $post_integra;
if ($noticia_numero != "") {
$query = "SELECT titulo, reg ,data, visto FROM " . $prefix . "noticias WHERE reg != " . $noticia_numero;
if ($categ > -1) {
$query .= " AND cat=" . $categ;
}
$query .= " ORDER BY reg DESC LIMIT 0, " . $post_cabecalho_s;
} else {
$query = "SELECT titulo, reg ,data, visto FROM " . $prefix . "noticias";
if ($categ > -1) {
$query .= " WHERE cat=" . $categ;
}
$query .= " ORDER BY reg DESC LIMIT {$post_integra}, " . $post_cabecalho_s;
}
$query = dbquery($query);
$GETarray = $_GET;
$first = true;
while ($row_db = fetch_array($query)) {
if ($first) {
$first = false;
$out .= "<div align=\"center\"><span style=\"font-size: 85%; font-weight: bold;\">{$newsmessage['113']}</span></div>";
$out .= "<table border='0' align='center'><tr><td>{$newsmessage['12']}</td><td>{$newsmessage['114']}</td><td>{$newsmessage['115']}</td></tr>";
}
$GETarray['id'] = $row_db[1];
$GETarray['showcomments'] = "0";
$call = $_SERVER['SCRIPT_NAME'] . "?" . http_build_query($GETarray, '', '&');
$out .= "<tr><td><a href=\"" . $call . "\">" . stripslashes(decode($row_db["0"])) . "</a></td><td>" . data_formatada($row_db["2"]) . "</td><td>" . $row_db["3"] . "</td></tr>";
}
if (!$first) {
$out .= "</table>";
}
$out .= "<span class=\"rss\">" . showrss() . "</span>\n";
return $out;
}
<?php
include_once "../includes/admin_init.php";
//$comment = new Table("comments");
require_once "comment.form.php";
require_once "delcomment.php";
commentform("Id=1");
