getDatabaseLink($link);
$result = mysql_query("SELECT * FROM stories WHERE id={$storyId}") or die("ERROR: Query failed");
if (mysql_num_rows($result) == 0) {
$result = mysql_query("SELECT * FROM old_stories WHERE id={$storyId}") or die("ERROR: Query failed");
$comment_table = "old_comments";
} else {
$comment_table = "comments";
}
if (mysql_num_rows($result) == 0) {
die("<h3>ERROR: Sorry, but this story does not exist.</h3><br>\n");
}
$row = mysql_fetch_array($result);
$username = getUserName($row["writer"], $link);
// Display the story
printHTMLheader("RUBBoS: Viewing story " . $row["title"]);
printHTMLHighlighted($row["title"]);
print "Posted by " . $username . " on " . $row["date"] . "<br>\n";
print $row["body"] . "<br>\n";
print "<p><center><a href=\"PostComment.php?comment_table={$comment_table}&storyId={$storyId}&parent=0\">Post a comment on this story</a></center><p>";
// Display filter chooser header
print "<br><hr><br>";
print "<center><form action=\"ViewComment.php\" method=POST>\n" . "<input type=hidden name=commentId value=0>\n" . "<input type=hidden name=storyId value={$storyId}>\n" . "<input type=hidden name=comment_table value={$comment_table}>\n" . "<B>Filter :</B>  <SELECT name=filter>\n";
$count_result = mysql_query("SELECT rating, COUNT(rating) AS count FROM {$comment_table} WHERE story_id={$storyId} GROUP BY rating ORDER BY rating", $link) or die("ERROR: Query failed");
$i = -1;
while ($count_row = mysql_fetch_array($count_result)) {
while ($i < 6 && $count_row["rating"] != $i) {
if ($i == $filter) {
print "<OPTION selected value=\"{$i}\">{$i}: 0 comment</OPTION>\n";
} else {
print "<OPTION value=\"{$i}\">{$i}: 0 comment</OPTION>\n";
}
}
$sellerNameRow = mysql_fetch_array($sellerNameResult);
$sellerName = $sellerNameRow["nickname"];
mysql_free_result($sellerNameResult);
commit($link);
printHTMLheader("RUBiS: Buy Now");
printHTMLHighlighted("You are ready to buy this item: " . $row["name"]);
print "<TABLE>\n";
print "<TR><TD>Quantity<TD><b><BIG>" . $row["quantity"] . "</BIG></b>\n";
print "<TR><TD>Seller<TD><a href=\"ViewUserInfo.php?userId=" . $row["seller"] . "\">{$sellerName}</a> (<a href=\"PutCommentAuth.php?to=" . $row["seller"] . "&itemId=" . $row["id"] . "\">Leave a comment on this user</a>)\n";
print "<TR><TD>Started<TD>" . $row["start_date"] . "\n";
print "<TR><TD>Ends<TD>" . $row["end_date"] . "\n";
print "</TABLE>\n";
printHTMLHighlighted("Item description");
print $row["description"];
print "<br><p>\n";
printHTMLHighlighted("Buy Now");
print "<form action=\"StoreBuyNow.php\" method=POST>\n" . "<input type=hidden name=userId value={$userId}>\n" . "<input type=hidden name=itemId value=" . $row["id"] . ">\n" . "<input type=hidden name=maxQty value=" . $row["quantity"] . ">\n";
if ($row["quantity"] > 1) {
print "<center><table><tr><td>Quantity:</td><td><input type=text size=5 name=qty></td></tr></table></center>\n";
} else {
print "<input type=hidden name=qty value=1>\n";
}
print "</table><p><center><input type=submit value=\"Buy now!\"></center><p>\n";
mysql_free_result($result);
mysql_close($link);
printHTMLfooter($scriptName, $startTime);
?>
</body>
</html>
mysql_free_result($sellerNameResult);
print "<TR><TD>Quantity<TD><b><BIG>" . $row["quantity"] . "</BIG></b>\n";
print "<TR><TD>First bid<TD><b><BIG>{$firstBid}</BIG></b>\n";
print "<TR><TD># of bids<TD><b><BIG>{$nbOfBids}</BIG></b> (<a href=\"ViewBidHistory.php?itemId=" . $row["id"] . "\">bid history</a>)\n";
print "<TR><TD>Seller<TD><a href=\"ViewUserInfo.php?userId=" . $row["seller"] . "\">{$sellerName}</a> (<a href=\"PutCommentAuth.php?to=" . $row["seller"] . "&itemId=" . $row["id"] . "\">Leave a comment on this user</a>)\n";
print "<TR><TD>Started<TD>" . $row["start_date"] . "\n";
print "<TR><TD>Ends<TD>" . $row["end_date"] . "\n";
print "</TABLE>\n";
// Can the user by this item now ?
if ($buyNow > 0) {
print "<p><a href=\"BuyNowAuth.php?itemId=" . $row["id"] . "\">" . "<IMG SRC=\"buy_it_now.jpg\" height=22 width=150></a>" . " <BIG><b>You can buy this item right now for only \${$buyNow}</b></BIG><br><p>\n";
}
printHTMLHighlighted("Item description");
print $row["description"];
print "<br><p>\n";
printHTMLHighlighted("Bidding");
$minBid = $maxBid + 1;
print "<form action=\"StoreBid.php\" method=POST>\n" . "<input type=hidden name=minBid value={$minBid}>\n" . "<input type=hidden name=userId value={$userId}>\n" . "<input type=hidden name=itemId value=" . $row["id"] . ">\n" . "<input type=hidden name=maxQty value=" . $row["quantity"] . ">\n" . "<center><table>\n" . "<tr><td>Your bid (minimum bid is {$minBid}):</td>\n" . "<td><input type=text size=10 name=bid></td></tr>\n" . "<tr><td>Your maximum bid:</td>\n" . "<td><input type=text size=10 name=maxBid></td></tr>\n";
if ($row["quantity"] > 1) {
print "<tr><td>Quantity:</td><td><input type=text size=5 name=qty></td></tr>\n";
} else {
print "<input type=hidden name=qty value=1>\n";
}
print "</table><p><input type=submit value=\"Bid now!\"></center><p>\n";
commit($link);
mysql_free_result($maxBidResult);
mysql_free_result($result);
mysql_close($link);
printHTMLfooter($scriptName, $startTime);
?>
</body>
print "<TR><TD><a href=\"/PHP/ViewItem.php?itemId=" . $itemId . "\">" . $itemName . "<TD>" . $itemInitialPrice . "<TD>" . $currentPrice . "<TD>" . $quantity . "<TD>" . $itemReservePrice . "<TD>" . $buyNow . "<TD>" . $startDate . "<TD>" . $endDate . "\n";
//mysql_free_result($currentPriceResult);
}
print "</TABLE><p>\n";
}
// Get the comments about the user
$commentsResult = mysql_query("SELECT * FROM comments WHERE comments.to_user_id={$userId}", $link);
if (!$commentsResult) {
error_log("[" . __FILE__ . "] Query 'SELECT * FROM comments WHERE comments.to_user_id={$userId}' failed for the list of comments: " . mysql_error($link));
die("ERROR: Query failed for the list of comments: " . mysql_error($link));
}
if (mysql_num_rows($commentsResult) == 0) {
printHTMLHighlighted("<h2>There is no comment for this user.</h2>\n");
} else {
print "<p><DL>\n";
printHTMLHighlighted("<h3>Comments about you.</h3>\n");
while ($commentsRow = mysql_fetch_array($commentsResult)) {
$authorId = $commentsRow["from_user_id"];
$authorResult = mysql_query("SELECT nickname FROM users WHERE users.id={$authorId}", $link);
if (!$authorResult) {
error_log("[" . __FILE__ . "] Query 'SELECT nickname FROM users WHERE users.id={$authorId}' failed for the comment author: " . mysql_error($link));
die("ERROR: Query failed for the comment author '{$authorId}': " . mysql_error($link));
}
if (mysql_num_rows($authorResult) == 0) {
rollback($link);
die("ERROR: This author '{$authorId}' does not exist.<br>\n");
} else {
$authorRow = mysql_fetch_array($authorResult);
$authorName = $authorRow["nickname"];
}
$date = $commentsRow["date"];
<body>
<?php
$scriptName = "StoriesOfTheDay.php";
include "PHPprinter.php";
$startTime = getMicroTime();
getDatabaseLink($link);
printHTMLheader("RUBBoS stories of the day");
$bodySizeLimit = 512;
$now = date("Y:m:d H:i:s");
$result = mysql_query("SELECT * FROM stories ORDER BY date DESC LIMIT 10", $link) or die("ERROR: Query failed");
if (mysql_num_rows($result) == 0) {
print "<h2>Sorry, but there is no story available at this time.</h2><br>\n";
}
while ($row = mysql_fetch_array($result)) {
print "<br><hr>\n";
printHTMLHighlighted("<a href=\"/PHP/ViewStory.php?storyId=" . $row["id"] . "\">" . $row["title"] . "</a>");
$username = getUserName($row["writer"], $link);
print "<B>Posted by " . $username . " on " . $row["date"] . "</B><br>\n";
if (strlen($row["body"]) > $bodySizeLimit) {
print substr($row["body"], 1, $bodySizeLimit);
print "<br><B>...</B>";
} else {
print $row["body"];
}
print "<br>\n";
}
mysql_free_result($result);
mysql_close($link);
printHTMLfooter($scriptName, $startTime);
?>
</body>
if (!$sellerNameResult) {
error_log("[" . __FILE__ . "] Query 'SELECT users.nickname FROM users WHERE id=" . $row["seller"] . "' failed: " . mysql_error($link));
die("ERROR: Seller name query failed for user '" . $row["seller"] . "': " . mysql_error($link));
}
$sellerNameRow = mysql_fetch_array($sellerNameResult);
$sellerName = $sellerNameRow["nickname"];
mysql_free_result($sellerNameResult);
print "<TR><TD>Quantity<TD><b><BIG>" . $row["quantity"] . "</BIG></b>\n";
print "<TR><TD>First bid<TD><b><BIG>{$firstBid}</BIG></b>\n";
print "<TR><TD># of bids<TD><b><BIG>{$nbOfBids}</BIG></b> (<a href=\"ViewBidHistory.php?itemId=" . $row["id"] . "\">bid history</a>)\n";
print "<TR><TD>Seller<TD><a href=\"ViewUserInfo.php?userId=" . $row["seller"] . "\">{$sellerName}</a> (<a href=\"PutCommentAuth.php?to=" . $row["seller"] . "&itemId=" . $row["id"] . "\">Leave a comment on this user</a>)\n";
print "<TR><TD>Started<TD>" . $row["start_date"] . "\n";
print "<TR><TD>Ends<TD>" . $row["end_date"] . "\n";
print "</TABLE>\n";
// Can the user by this item now ?
if ($buyNow > 0) {
print "<p><a href=\"BuyNowAuth.php?itemId=" . $row["id"] . "\">" . "<IMG SRC=\"buy_it_now.jpg\" height=22 width=150></a>" . " <BIG><b>You can buy this item right now for only \${$buyNow}</b></BIG><br><p>\n";
}
print "<a href=\"PutBidAuth.php?itemId=" . $row["id"] . "\"><IMG SRC=\"bid_now.jpg\" height=22 width=90> on this item</a>\n";
printHTMLHighlighted("Item description");
print $row["description"];
print "<br><p>\n";
commit($link);
mysql_free_result($maxBidResult);
mysql_free_result($result);
mysql_close($link);
printHTMLfooter($scriptName, $startTime);
?>
</body>
</html>