Esempio n. 1
0
function show_comments($root_comment, $is_outer)
{
    $children = get_comments(array('parent' => $root_comment->comment_ID));
    // 子コメントでかつ最も外側で読んでいる場合は表示しない
    if ($root_comment->comment_parent != '0' && $is_outer) {
        return;
    }
    if (!is_null($children)) {
        $children_coutput = '<ul class="mdl-list comments child">';
        foreach ($children as $cc) {
            $children_coutput = $children_coutput . show_comments($cc, false);
        }
        $children_coutput = $children_coutput . '</ul>';
    }
    $home_url = home_url();
    $author = empty($root_comment->comment_author) ? '匿名' : $root_comment->comment_author;
    $output = <<<HTML
<li class="mdl-list__item mdl-list__item--three-line" id="{$root_comment->comment_ID}">
  <span class="mdl-list__item-primary-content">
    <i class="material-icons mdl-list__item-avatar">person</i>
    <span class="author">{$author}</span>
    <span class="mdl-list__item-text-body">{$root_comment->comment_content}</span>
    {$children_coutput}
  </span>
  <span class="mdl-list__item-secondary-content reply">
    <button data-replytocom="{$root_comment->comment_ID}" data-commentauthor="{$author}" class="replytocom mdl-list__item-secondary-action mdl-button mdl-js-button mdl-button--icon" rel='nofollow'>
       <i class="material-icons">reply</i>
    </button>
  </span>
</li>
HTML;
    return $output;
}
Esempio n. 2
0
<?php

require 'db.inc.php';
require 'output_functions.inc.php';
include 'header.inc.php';
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
$article_id = isset($_GET['article_id']) && ctype_digit($_GET['article_id']) ? $_GET['article_id'] : '';
output_story($db, $article_id);
?>
<h3>Add a comment</h3>
<form method="POST" action="transact_article.php">
	<div>
		<label for="comment_text">Comment:</label><br />
		<textarea id="comment_text" name="comment_text" rows="10" cols="60"></textarea><br />
		<input type="submit" name="action" value="Submit Comment" />
		<input type="hidden" name="article_id" value="<?php 
echo $article_id;
?>
" />
	</div>
</form>
<?php 
show_comments($db, $article_id, FALSE);
include 'footer.inc.php';
Esempio n. 3
0
function post_show($id, $preview = TRUE, $db, $adm_log = 0)
{
    if (!ctype_digit($id)) {
        alert_try_sqlinj();
        header('Location:index.php?error=error');
        die;
    }
    $id = validate($id, $db);
    $query = 'SELECT post_title,post_logo,p.categ_id,categ_name,post_text,UNIX_TIMESTAMP(post_edit_date) AS post_edit_date,UNIX_TIMESTAMP(post_date) AS post_date FROM posts p JOIN categories c ON p.categ_id=c.categ_id  WHERE  post_id=' . mysql_real_escape_string($id, $db);
    $result = sql_query($query, $db);
    if (mysql_num_rows($result) > 0) {
        while ($row = mysql_fetch_assoc($result)) {
            extract($row);
            echo '<table class=post-tablef>
<tr><td>';
            echo $adm_log == 1 ? '<div>
<span class="span-edit">
<a href="admin_main.php?mode=confirm&submit=post_delete&post_id=' . $id . '">
Delete this post
</a>
||
<a href="admin_main.php?mode=edit_post&post_id=' . $id . '">
Edit this post
</a>
</span>
</div>' : '';
            echo '<div>
<div><span class="span-posttitle">
<a href="view_post.php?id=' . mysql_real_escape_string($id, $db) . '">
' . nl2br(deletenbsp($post_title)) . '
</a>
</span>
</div>
</br>';
            echo '<span class="span-submitted"><strong>
Submitted:</strong>' . htmlspecialchars(date('l F j, Y H:i', $post_date)) . '
</span>
</br>';
            if ($post_edit_date != "") {
                echo '<span class="span-submitted">
<strong>Edit Date:</strong>
' . htmlspecialchars(date('l F j, Y H:i', $post_edit_date)) . '
</span>
</br>';
            }
            echo '
<span class="span-category">
<strong>Category:</strong>
<a href="index.php?categ=' . $categ_id . '">
' . deletenbsp($categ_name) . '
</a>
</span>
</br></br>';
            if ($post_logo != "") {
                echo '<img class="logo_link" src="' . stripslashes(deletescript(html_entity_decode(deletenbsp($post_logo), ENT_QUOTES))) . '"/></br></br>';
            }
            if ($preview) {
                $text = nl2br(stripslashes(preview(htmlsostitution(deletenbsp($post_text)))));
                echo '<table class="post-textf">
<tr>
<td>' . $text;
                if (strlen(nl2br(stripslashes(htmlsostitution(deletenbsp($post_text))))) > MAX_LENGTH_PREVIEW) {
                    echo '</br>
<a href="view_post.php?id=' . $id . '">
More
</a>';
                }
                echo '</td>
</tr>
</table>';
            } else {
                echo '<table class="post-textf">
<tr>
<td>
' . nl2br(stripslashes(htmlsostitution(deletenbsp($post_text)))) . '
</td>
</tr>
</table>';
            }
            echo '</br>
<div>
<strong>
Tags:
</strong></br>
<span class="span-tags">';
            $query = 'SELECT * FROM
tags t JOIN posttags pt ON t.tag_id=pt.tag_id
WHERE
pt.post_id= ' . mysql_real_escape_string($id, $db) . ' ORDER BY t.tag_name ASC ';
            $result = sql_query($query, $db);
            if (mysql_num_rows($result) > 0) {
                while ($row = mysql_fetch_array($result)) {
                    extract($row);
                    echo $tag_name . '; ';
                }
            } else {
                echo 'No tags for this post';
            }
            echo '</span>
</div></br>';
            if (!$preview) {
                add_view($id, $db);
                echo '<span style="font-size:15px;">' . get_views($id, $db) . '</span></br>';
                show_tag_posts($id, $db);
                show_comments($id, $db);
            }
            if ($preview) {
                $query = 'SELECT * FROM comments 
WHERE 
post_id=' . mysql_real_escape_string($id, $db);
                $result2 = sql_query($query, $db);
                echo '<span style="font-size:15px;">' . get_views($id, $db) . ',<a href="view_post.php?id=' . $id . '">
Comments:' . mysql_num_rows($result2) . '
</a>
</span>
</div>';
            }
        }
        mysql_free_result($result);
    } else {
        echo 'Article Not found';
    }
    echo '</td>
</tr>';
    echo '</table>
</br>';
}
Esempio n. 4
0
        }
    } elseif ($type == 2) {
        //check if you are from friends
        $a = "user='******' and friend='{$authorID}'";
        $b = "user='******' and friend='{$uid}'";
        $check = mysql_query("select * from friends where ({$a} or {$b}) and permet='1'");
        $oop = mysql_num_rows($check);
        //end checking
        if ($oop != 0 || $authorID == $uid) {
            echo "Note by " . $author . " on " . date("M j'G", $date) . "<hr />";
            echo $note . "<hr />";
            show_comments($noteID);
            if (isset($uid) && isset($user)) {
                note_comment_forms($noteID);
            } else {
                echo "<div id='wrong'>YOU NEED TO BE LOGGED IN TO POST A COMMENT</a>";
            }
        } else {
            echo "ONLY FRIENDS SEE THAT SORRY";
        }
    } elseif ($type == 1) {
        echo "Note by " . $author . " on " . date("M j'G", $date) . "<hr />";
        echo $note . "<hr />";
        show_comments($noteID);
        if (isset($uid) && isset($user)) {
            note_comment_forms($noteID);
        } else {
            echo "<div id='wrong'>YOU NEED TO BE LOGGED IN TO POST A COMMENT</a>";
        }
    }
}
Esempio n. 5
0
    }
    if ($comment->save()) {
        redirectMsg('comments.php?' . $qs, __('Comment updated successfully!', 'rmcommon'), 0);
    } else {
        redirectMsg('comments.php?action=edit&' . $qs, __('Errros ocurrs while trying to update comment!', 1) . '<br />' . $comment->errors(), 1);
    }
}
$action = rmc_server_var($_REQUEST, 'action', '');
switch ($action) {
    case 'approve':
        set_comments_status('approved');
        break;
    case 'unapprove':
        set_comments_status('waiting');
        break;
    case 'spam':
        set_comments_status('spam');
        break;
    case 'delete':
        delete_comments();
        break;
    case 'edit':
        edit_comment();
        break;
    case 'save':
        save_comment();
        break;
    default:
        show_comments();
        break;
}
Esempio n. 6
0
     html_link("Return to Articles", "{$PHP_SELF}?L{$options}");
     html_link("Show Comments", "#_USER_COMMENTS");
     html_link("Submit Comment", "comment.php?r0+particles.php_L{$id}");
     if ($LOGIN_LEVEL >= AUTH_DEVEL || $row['create_user'] == $LOGIN_USER) {
         html_link("Modify Article", "{$PHP_SELF}?M{$id}{$options}");
         html_link("Delete Article", "{$PHP_SELF}?D{$id}{$options}");
     }
     html_end_links();
     if (!$row['is_published']) {
         print "<p align='center'><b>This article is currently hidden from " . "public view.</b></p>\n";
     }
     print "<p><i>{$date} by {$create_user}</i><br>{$abstract}</p>\n" . "{$contents}\n" . "<h1><a name='_USER_COMMENTS'>Comments</a></h1>\n";
     html_start_links();
     html_link("Submit Comment", "comment.php?r0+particles.php_L{$id}");
     html_end_links();
     show_comments("articles.php_L{$id}");
     db_free($result);
 } else {
     html_header("Articles");
     html_start_links(1);
     html_link("Submit Article", "{$PHP_SELF}?N{$options}");
     html_end_links();
     $htmlsearch = htmlspecialchars($search, ENT_QUOTES);
     print "<form method='POST' action='{$PHP_SELF}'><p align='center'>" . "Search&nbsp;Words: &nbsp;<input type='text' size='60' " . "name='SEARCH' value='{$htmlsearch}'>" . "<input type='submit' value='Search Articles'></p></form>\n";
     $query = "";
     $prefix = "WHERE ";
     if ($LOGIN_LEVEL < AUTH_DEVEL) {
         $query .= "{$prefix}(is_published = 1 OR create_user = '******')";
         $prefix = " AND ";
     }
     if ($search) {
Esempio n. 7
0
      <i class="material-icons">comment</i>
      <?php 
    echo count(get_approved_comments(get_the_ID()));
    ?>
      <i class="material-icons arrow">keyboard_arrow_down</i>
    </span>
    <div class="comments_area">
      <ul class="mdl-list comments parent">
        <?php 
    foreach (get_approved_comments(get_the_ID()) as $c) {
        ?>
          <?php 
        var_dump($c);
        ?>
          <?php 
        echo show_comments($c, true);
        ?>
        <?php 
    }
    ?>
      </ul>
    </div>
    <div class="comment-input">
      <?php 
    get_template_part('shared/comment_form');
    ?>
    </div>
  <?php 
} else {
    ?>
    <span class="article__section--text">
Esempio n. 8
0
<form name="comment">
<div id="statusbox">ПУСТЬ ТУТ ЧТО ТО БУДЕТ НАПИСАНО!</div>
<input id="name" type="text" name="name" value="Имя (Обязательно)" maxlength="60" onfocus="clearText(this)" onblur="clearText(this)"/>
<input id="mail" type="text" name="mail" value="Почта (Обязательно, непубликуется) " maxlength="60" onfocus="clearText(this)" onblur="clearText(this)"/>
<textarea id="text" name="text" onfocus="clearText(this)" onblur="clearText(this)"></textarea>
<span>
<br/><input id="nr" onClick="document.getElementById('nr').value='nerobot';" type="checkbox" name="nr"/>
<b>я не робот!</b>
</span>
<img class="button_add" src="images/button_add.png" onclick='ajax({
url:"add_comment.php?id_article=1",
statbox:"statusbox",
method:"POST",
data:
	{
	   name:document.getElementById("name").value,
	   mail:document.getElementById("mail").value,
	   text:document.getElementById("text").value,
	   nr:document.getElementById("nr").value,
	},
success:function(data){document.getElementById("statusbox").innerHTML=data;}
})'
/>
</form>
</div>
<?php 
include "show_comments.php";
show_comments('1');
?>
</div>
</center>
Esempio n. 9
0
                                        }
                                        $last_nav = 0;
                                        $line = "";
                                    }
                                }
                                print $line;
                            }
                        }
                    }
                }
                fclose($fp);
                if ($last_nav) {
                    print "</p>\n";
                }
                print "<h1><a name='_USER_COMMENTS'>User Comments</a></h1>\n" . "<p><a href='{$html_path}/comment.php?r0+pdocumentation.php{$path}'>" . "Add&nbsp;Comment</a></p>\n";
                $num_comments = show_comments("documentation.php{$path}");
                if ($num_comments == 0) {
                    print "<p>No comments for this page.</p>\n";
                }
                html_footer();
            } else {
                header("Content-Type: image/{$type}");
                print fread($fp, filesize("docfiles{$path}"));
                fclose($fp);
            }
        }
    }
} else {
    html_header("Documentation");
    if (array_key_exists("CLEAR", $_GET)) {
        $q = "";
Esempio n. 10
0
             if ($row["answer{$i}"] != "") {
                 $percent = (int) (100 * $row["count{$i}"] / $votes);
                 $size = (int) (300 * $row["count{$i}"] / $max_count);
                 $answer = htmlspecialchars($row["answer{$i}"]);
                 $count = $row["count{$i}"];
                 print "<tr><td align='right'>{$answer}</td><td>" . "<img src='{$rootpath}images/graph.gif' width='{$size}' " . "height='12'> {$count} / {$percent}%</td></tr>\n";
             }
         }
         print "<tr><td></td><th align='right'>{$votes} total votes.</th></tr>\n";
         print "</table></center>\n";
     }
     print "<hr noshade/>\n" . "<h2><a name='_USER_COMMENTS'>User Comments</a></h2>\n";
     html_start_links();
     html_link("Submit Comment", "comment.php?r0+ppoll.php_r{$poll}");
     html_end_links();
     show_comments("poll.php_r{$poll}");
     db_free($result);
     html_footer();
     break;
 case 'v':
     // Vote on a poll
     $answers = "";
     if ($REQUEST_METHOD == "POST") {
         if (array_key_exists("ANSWER", $_POST)) {
             $answer = (int) $_POST["ANSWER"];
             $answers = ",count{$answer}=count{$answer}+1";
         } else {
             for ($i = 0; $i < 10; $i++) {
                 if (array_key_exists("ANSWER{$i}", $_POST)) {
                     $answers .= ",count{$i}=count{$i}+1";
                 }
Esempio n. 11
0
function				// O - Number of comments
show_comments($url,			// I - URL for comment
              $path = "",		// I - Path component
              $parent_id = 0,		// I - Parent comment
	      $heading = 3)		// I - Heading level
{
  global $_COOKIE, $LOGIN_LEVEL;


  $result = db_query("SELECT * FROM comment WHERE "
                    ."url = '" . db_escape($url) ."' "
                    ."AND parent_id = $parent_id "
		    ."ORDER BY id");

  if (array_key_exists("MODPOINTS", $_COOKIE))
    $modpoints = $_COOKIE["MODPOINTS"];
  else
    $modpoints = 5;

  if ($parent_id == 0 && $modpoints > 0)
    print("<P>You have $modpoints moderation points available.</P>\n");
  
  if ($heading > 6)
    $heading = 6;

  $safeurl      = urlencode($url);
  $num_comments = 0;
  $div          = 0;

  while ($row = db_next($result))
  {
    if ($row["status"] > 0)
    {
      if ($heading > 3 && !$div)
      {
	print("<div style='margin-left: 3em;'>\n");
	$div = 1;
      }

      $num_comments ++;

      $create_date = date("H:i M d, Y", $row['create_date']);
      $create_user = sanitize_email($row['create_user']);
      $contents    = format_text($row['contents']);

      print("<h$heading><a name='_USER_COMMENT_$row[id]'>From</a> "
           ."$create_user, $create_date (score=$row[status])</h$heading>\n"
	   ."$contents\n");

      html_start_links();

      if ($LOGIN_LEVEL >= AUTH_DEVEL)
      {
        html_link("Edit", "${path}comment.php?e$row[id]+p$safeurl");
        html_link("Delete", "${path}comment.php?d$row[id]+p$safeurl");
      }

      html_link("Reply", "${path}comment.php?r$row[id]+p$safeurl");

      if ($modpoints > 0)
      {
	if ($row['status'] > 0)
          html_link("Moderate Down", "${path}comment.php?md$row[id]+p$safeurl");

	if ($row['status'] < 5)
          html_link("Moderate Up", "${path}comment.php?mu$row[id]+p$safeurl");
      }

      html_end_links();
    }

    $num_comments += show_comments($url, $path, $row['id'], $heading + 1);
  }

  db_free($result);

  if ($div)
    print("</div>\n");

  return ($num_comments);
}
Esempio n. 12
0
<?php

require 'db.inc.php';
require 'output_functions.inc.php';
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
include 'header.inc.php';
output_story($db, $_GET['article_id']);
show_comments($db, $_GET['article_id'], TRUE);
include 'footer.inc.php';