function userComment($sn, $forumSn) { ?> <div class="comment_article" id="comment_<?php echo $sn; ?> "> <?php $sqlCF = "SELECT sn, message, accountSn, createTimeSec FROM commentForm WHERE forumSn = '{$forumSn}'"; //echo $sqlCF."@@".getenv("DOCUMENT_ROOT"); $resultCF = mysql_query($sqlCF, $dbLink); while ($rowCF = mysql_fetch_array($resultCF)) { $cfSn = $rowCF[sn]; $cfMessage = $rowCF[message]; $cfAccountSn = $rowCF[accountSn]; $cfAccountType = GtAccount_GetType($cfAccountSn); $cfCreateDate = GtTime_GetDateTime2(GtTime_ConvertToBrowserTimeSec($rowCF[createTimeSec])); if ($cfMessageAccountType == $GT_ACCOUNT_TYPE_FACEBOOK_USER) { $sqlAccount = "SELECT fbPictureUrl FROM account WHERE sn = '{$cfAccountSn}'"; $resultAccount = mysql_query($sqlAccount, $dbLink); $rowAccount = mysql_fetch_arrayrray($resultAccount); $accFbPictureUrl = $rowAccount[fbPictureUrl]; $pictureUrl = $accFbPictureUrl; } else { $sqlFile = "SELECT sn FROM file WHERE accountSn = '{$cfAccountSn}'"; $resultFile = mysql_queryry($sqlFile, $dbLink); $rowFile = mysql_fetch_array($resultFile); $fileSn = $rowFile[sn]; $pictureUrl = "/api/file/download_photo?sn=api{$fileSn}"; } ?> <div id="comment_info_<?php echo $sn; ?> " class="comment_info" onmousemove="ShowDeleteBt(<?php echo $cfSn; ?> , <?php echo $cfAccountSn; ?> )" onmouseout="HideDeleteBt(<?php echo $cfSn; ?> )"> </div><!--comment_info--> <?php } ?> <div class="comment_info"> <div class="comment_img"> <?php if ($accountType == $GT_ACCOUNT_TYPE_FACEBOOK_USER) { $sqlAccount = "SELECT fbPictureUrl FROM account WHERE sn = '{$sn}'"; $resultAccount = mysql_query($sqlAccount, $dbLink); $rowAccount = mysql_fetch_array($resultAccount); $accFbPictureUrl = $rowAccount[fbPictureUrl]; echo "<img src=\"{$accFbPictureUrl}\" width=\"32\" height=\"32\">"; } else { $sqlFile = "SELECT sn FROM file WHERE accountSn = '{$sn}'"; $resultFile = mysql_query($sqlFile, $dbLink); $rowFile = mysql_fetch_array($resultFile); $fileSn = $rowFile[sn]; if ($fileSn > 0) { echo "<img src=\"/api/file/download_photo?sn={$fileSn}\" widthth=\"32\" height=\"32\">"; } else { if (GtAccount_GetGender($accountPicntSn) == 1) { echo "<img src=\"/image/user_profile_man.jpeg\" widthth=\"32\" height=\"32\">"; } elseif (GtAccount_GetGender($accountSn) == 2) { echo "<img src=\"/image/user_profile_women.jpeg\" width=\"32\" height=\"32\">"; } else { echo "<img src=\"/image/user_profile_womene_man.jpeg\" width=\"32\" height=\"32\">"; } } } ?> </div> </div><!--comment_article--> <?php }
//echo $forumSn."@@"; $sqlCommentCount = "SELECT COUNT(*) AS c FROM commentForm WHERE forumSn = '{$forumSn}'"; $resultCommentCount = mysql_query($sqlCommentCount, $dbLink); $rowCommentCount = mysql_fetch_array($resultCommentCount); $commentCount = $rowCommentCount[c]; echo "<div style=\"padding:0 20px 0 20px;\">"; //echo "<div id = commentCount>CommentCount: ".$commentCount."</div>"; echo "<div class=\"comment_article\" id=\"comment_{$forumSn}\">"; $comment_flag = 0; $sqlCF = "SELECT sn, message, accountSn, createTimeSec FROM commentForm WHERE forumSn = '{$forumSn}'"; $resultCF = mysql_query($sqlCF, $dbLink); while ($rowCF = mysql_fetch_array($resultCF)) { $cfSn = $rowCF[sn]; $cfMessage = $rowCF[message]; $cfAccountSn = $rowCF[accountSn]; $cfAccountType = GtAccount_GetType($cfAccountSn); $cfCreateDate = GtTime_GetDateTime2(GtTime_ConvertToBrowserTimeSec($rowCF[createTimeSec])); $comment_flag++; if ($cfAccountType == $GT_ACCOUNT_TYPE_FACEBOOK_USER) { $sqlAccount = "SELECT fbPictureUrl FROM account WHERE sn = '{$cfAccountSn}'"; $resultAccount = mysql_query($sqlAccount, $dbLink); $rowAccount = mysql_fetch_array($resultAccount); $accFbPictureUrl = $rowAccount[fbPictureUrl]; $pictureUrl = $accFbPictureUrl; } else { $sqlFile = "SELECT sn FROM file WHERE accountSn = '{$cfAccountSn}'"; $resultFile = mysql_query($sqlFile, $dbLink); $rowFile = mysql_fetch_array($resultFile); $fileSn = $rowFile[sn]; $pictureUrl = "/api/file/download_photo?sn={$fileSn}"; }
$requestMethod = $_SERVER["REQUEST_METHOD"]; if ($requestMethod == "GET") { $parameters = $_GET; } else { if ($requestMethod == "POST") { $parameters = $_POST; } } $sn = (int) GtInput_Secure($parameters["dirsn"]); if ($sn == NULL) { $sn = 1; } //$name = GtInput_Secure($parameters["name"]); //$desc = GtInput_SecureForArticle($parameters["desc"]); $accountSn = GtAccount_GetSn(); $accountType = GtAccount_GetType($accountSn); $og_image = GtInput_Secure($parameters["og_image"]); $website = GtInput_Secure($parameters["website"]); $og_title = GtInput_Secure($parameters["og_title"]); $og_description = GtInput_SecureForArticle($parameters["og_description"]); $og_site_name = GtInput_Secure($parameters["og_site_name"]); $userCont = GtInput_SecureForArticle($parameters["userCont"]); if ($og_title == "none") { $og_title = substr($userCont, 0, 20); } if (strlen($og_title) > 20) { $og_title = $og_title . "..."; } $timeSec = GtTime_GetGmtTimeSec(); $sqlForum = "INSERT INTO forum SET dirSn = '{$sn}', website='{$website}', subject='{$og_site_name}', userCont='{$userCont}', imageUrl='{$og_image}', type = '{$GT_DIR_TYPE_ARTICLE}', name = '{$og_title}', description = '{$og_description}', status = '1', createAccountSn = '{$accountSn}', createTimeSec = '{$timeSec}', lang = '{$lang}'"; $resultForum = mysql_query($sqlForum, $dbLink);