function affichage_comments($thread_id, $moderation_mode = false, $unique_mode = false)
{
$privileges = user_privilege_level();
$is_admin = $privileges > 3;
$is_logged = is_logged();
$ancre = htmlentities($thread_id);
if ($moderation_mode) {
if ($is_admin) {
$escaped_name = mysql_real_escape_string($_SESSION['login_c']);
$comments = get_comments($thread_id, $privileges, $escaped_name, $output = '');
if ($comments->result) {
$result_returned = false;
foreach ($comments->data as $thread_id => $row) {
$result_returned = true;
$is_proprio = check_property($row["rand_prop"], $row["hash_prop"]);
$ancre = htmlentities($row["comment_id"]);
$date = $row['date'];
$possibly_name = $row['possibly_name'];
$sec_cid = htmlentities($row["comment_id"]);
$thread_tmp = htmlentities($row["thread_id"]);
$text = text_display_prepare(trim($row["text"]));
// Informations de contexte
display_comment($row, True, $privileges, $is_admin, $unique_mode);
}
if (!$result_returned) {
echo '<div class="warning">Aucun commentaire n\'est disponible selon les critères choisis</div>';
}
} else {
echo '<div class="warning">Erreur lors de la recherche des commentaires non modérés</div>';
}
} else {
echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>';
}
} else {
if ($privileges > 1) {
if (isset($_SESSION["unroll_comment"]) && $_SESSION["unroll_comment"] == $thread_id) {
$escaped_threadid = mysql_real_escape_string($thread_id);
$escaped_name = isset($_SESSION['login_c']) ? mysql_real_escape_string($_SESSION['login_c']) : '';
$comments = get_comments($escaped_threadid, $privileges, $escaped_name, $output = '');
if ($comments->result) {
if ($privileges > 3) {
$result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s'", mysql_real_escape_string($thread_id)));
} else {
if ($is_logged) {
$result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s' AND (is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($thread_id), mysql_real_escape_string($_SESSION['login_c'])));
} else {
$result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE is_valid=1 AND thread_id='%s'", mysql_real_escape_string($thread_id)));
}
}
if ($row = mysql_fetch_assoc($result_temp)) {
$nb_comment = htmlentities($row["NB_COMMENT"]);
display_speccom($unique_mode, $ancre, $thread_id, $nb_comment, 'roll');
}
@mysql_free_result($result_temp);
foreach ($comments->data as $thread_id => $row) {
$is_proprio = check_property($row["rand_prop"], $row["hash_prop"]);
$is_valid = $row["is_valid"];
if ($is_valid || $is_proprio || $privileges > 3) {
// afficher les commentaires
display_comment($row, $is_logged, $privileges, $unique_mode);
}
}
$text_prec = "";
$anon_prec = "";
if (isset($_SESSION["text_new_comment_rest"])) {
$text_prec = $_SESSION["text_new_comment_rest"];
}
if (isset($_SESSION["text_anonymous_rest"])) {
$anon_prec = 1;
}
if ($privileges > 2) {
// display the form that allows users to post comments
display_comment_form($unique_mode, $ancre, $thread_id, $text_prec, $anon_prec);
}
if (isset($_SESSION["text_new_comment_rest"])) {
unset($_SESSION["text_new_comment_rest"]);
}
if (isset($_SESSION["text_anonymous_rest"])) {
unset($_SESSION["text_anonymous_rest"]);
}
} else {
echo '<div class="warning">Erreur lors de la recherche des commentaires</div></div>';
}
} else {
if ($privileges > 3) {
$result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s'", mysql_real_escape_string($thread_id)));
} else {
if (is_logged()) {
$result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s' AND (is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($thread_id), mysql_real_escape_string($_SESSION['login_c'])));
} else {
$result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE is_valid=1 AND thread_id='%s'", mysql_real_escape_string($thread_id)));
}
}
if ($result && ($row = mysql_fetch_assoc($result))) {
$nb_comment = htmlentities($row["NB_COMMENT"]);
display_speccom($unique_mode, $ancre, $thread_id, $nb_comment, 'unroll');
} else {
echo '<div class="warning">Erreur lors de la recherche des commentaires</div></div>';
}
@mysql_free_result($result);
}
} else {
echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>';
}
}
}
if ($__info['next_id'] > $__info['pic_id']) {
?>
<li class="next"><a title="第 <?php
echo $__info['next_id'];
?>
号图片" href="<?php
echo picture_link($__info['next_id']);
?>
">下一张→</a>
</li>
<?php
}
?>
</ul>
<?php
display_comment($__CommentData);
?>
</div>
<script>
$(function () {
$(".single .like_picture").click(function () {
var s_o = this;
$.post('<?php
echo get_url('UserApi', 'picture_like');
?>
', {id:<?php
echo $__info['pic_id'];
?>
}, function (data) {
if (data['status']) {
var now_number = $(s_o).find("span span").text();
<?php
#to do: turn layout into divs
function display_comment($id)
{
global $dbcon;
$R = $dbcon->CacheExecute("SELECT * FROM comments WHERE publish=1 and articleid = {$id} order by date desc") or die($dbcon->ErrorMsg());
echo '<br><p><a href="comment.php?cid=' . $id . '">add a comment</a></p>';
while (!$R->EOF) {
echo "<hr><p><b>" . $R->Fields("title") . "</b><br>";
echo '<i>by ';
if ($R->Fields("email")) {
echo '<a href="mailto: ' . $R->Fields("email") . '">';
}
echo $R->Fields("author");
echo '</a>, ' . DoDateTime($R->Fields("date"), "l, M j, Y g:iA") . '</i></p>';
echo '<p>' . converttext($R->Fields("comment")) . '</p>';
$R->MoveNext();
}
}
display_comment($MM_id);
