$container['account_id'] = $album_id; forward($container); exit; } $db = new SmrMySqlDatabase(); if (!isset($_GET['comment']) || empty($_GET['comment'])) { create_error_offline('Please enter a comment.'); } else { $comment = $_GET['comment']; } // get current time $curr_time = TIME; $comment = word_filter($comment); $account->sendMessageToBox(BOX_ALBUM_COMMENTS, $comment); // check if we have comments for this album already $db->lockTable('album_has_comments'); $db->query('SELECT MAX(comment_id) FROM album_has_comments WHERE album_id = ' . $db->escapeNumber($album_id)); if ($db->nextRecord()) { $comment_id = $db->getField('MAX(comment_id)') + 1; } else { $comment_id = 1; } $db->query('INSERT INTO album_has_comments (album_id, comment_id, time, post_id, msg) VALUES (' . $db->escapeNumber($album_id) . ', ' . $db->escapeNumber($comment_id) . ', ' . $db->escapeNumber($curr_time) . ', ' . $db->escapeNumber($account->getAccountID()) . ', ' . $db->escapeString($comment) . ')'); $db->unlock(); header('Location: ' . URL . '/album/?' . get_album_nick($album_id)); exit; } catch (Exception $e) { handleException($e); }
$PHP_OUTPUT .= 'Nothing to approve!'; return; } if ($db->nextRecord()) { $album_id = $db->getField('account_id'); $location = stripslashes($db->getField('location')); $email = stripslashes($db->getField('email')); $website = stripslashes($db->getField('website')); $day = $db->getField('day'); $month = $db->getField('month'); $year = $db->getField('year'); $other = nl2br(stripslashes($db->getField('other'))); $last_changed = $db->getField('last_changed'); $disabled = $db->getField('disabled'); // get this user's nick $nick = get_album_nick($album_id); $PHP_OUTPUT .= '<table border="0" align="center" cellpadding="5" cellspacing="0">'; $PHP_OUTPUT .= '<tr>'; $PHP_OUTPUT .= '<td align="center" colspan="2">'; $PHP_OUTPUT .= '<span style="font-size:150%;">' . $nick . '</span>'; $PHP_OUTPUT .= '</td>'; $PHP_OUTPUT .= '</tr>'; $PHP_OUTPUT .= '<tr>'; $PHP_OUTPUT .= '<td colspan="2" align="center" valign="middle">'; if ($disabled == 'FALSE') { $PHP_OUTPUT .= '<img src="' . URL . '/upload/' . $album_id . '">'; } else { $PHP_OUTPUT .= '<img src="' . URL . '/upload/0">'; } $PHP_OUTPUT .= '</td>'; $PHP_OUTPUT .= '</tr>';
function search_result($album_ids) { // list of all first letter nicks create_link_list(); echo '<div align="center" style="font-size:125%;">Please make a selection!</div>'; echo '<table border="0" align="center" cellpadding="5" cellspacing="0">'; $count = 0; echo '<tr><td width="25%" valign="top">'; foreach ($album_ids as $album_id) { $count++; $nick = get_album_nick($album_id); echo '<a href="' . URL . '/album/?' . urlencode($nick) . '" style="font-size:80%;">' . $nick . '</a><br />'; if (floor(sizeof($album_ids) / 4) > 0 && $count % floor(sizeof($album_ids) / 4) == 0) { echo '</td><td width="25%" valign="top">'; } } echo '</td></tr>'; echo '</table>'; }
$PHP_OUTPUT .= create_echo_form($container); $PHP_OUTPUT .= '<td align="center">'; $PHP_OUTPUT .= create_submit('Reset'); $PHP_OUTPUT .= '</td>'; $PHP_OUTPUT .= '</form>'; if (empty($other)) { $other = 'N/A'; } $PHP_OUTPUT .= '<td align="right" valign="top" width="10%" class="bold">Other Info :<br /><small>(AIM/ICQ) </small></td><td colspan="2">' . $other . '</td>'; $PHP_OUTPUT .= '</tr>'; $container['task'] = 'delete_comment'; $PHP_OUTPUT .= create_echo_form($container); $PHP_OUTPUT .= '<input type="hidden" name="task" value="delete_comment">'; $PHP_OUTPUT .= '<tr><td> </td><td colspan="3"><u>Comments</u></td></tr>'; $db->query('SELECT * FROM album_has_comments WHERE album_id = ' . $db->escapeNumber($account_id)); while ($db->nextRecord()) { $comment_id = $db->getInt('comment_id'); $time = $db->getInt('time'); $postee = get_album_nick($db->getInt('post_id')); $msg = stripslashes($db->getField('msg')); $PHP_OUTPUT .= '<tr><td align="center"><input type="checkbox" name="comment_ids[]" value="' . $comment_id . '"></td><td colspan="3"><span style="font-size:85%;">[' . date('Y/n/j g:i A', $time) . '] <' . $postee . '> ' . $msg . '</span></td></tr>'; } $PHP_OUTPUT .= '<tr><td align="center">'; $PHP_OUTPUT .= create_submit('Delete'); $PHP_OUTPUT .= '</td>'; $PHP_OUTPUT .= '<td colspan="3"> </td></tr>'; $PHP_OUTPUT .= '</form>'; $PHP_OUTPUT .= '</table>'; }