function show_comments($root_comment, $is_outer)
{
$children = get_comments(array('parent' => $root_comment->comment_ID));
// 子コメントでかつ最も外側で読んでいる場合は表示しない
if ($root_comment->comment_parent != '0' && $is_outer) {
return;
}
if (!is_null($children)) {
$children_coutput = '<ul class="mdl-list comments child">';
foreach ($children as $cc) {
$children_coutput = $children_coutput . show_comments($cc, false);
}
$children_coutput = $children_coutput . '</ul>';
}
$home_url = home_url();
$author = empty($root_comment->comment_author) ? '匿名' : $root_comment->comment_author;
$output = <<<HTML
<li class="mdl-list__item mdl-list__item--three-line" id="{$root_comment->comment_ID}">
<span class="mdl-list__item-primary-content">
<i class="material-icons mdl-list__item-avatar">person</i>
<span class="author">{$author}</span>
<span class="mdl-list__item-text-body">{$root_comment->comment_content}</span>
{$children_coutput}
</span>
<span class="mdl-list__item-secondary-content reply">
<button data-replytocom="{$root_comment->comment_ID}" data-commentauthor="{$author}" class="replytocom mdl-list__item-secondary-action mdl-button mdl-js-button mdl-button--icon" rel='nofollow'>
<i class="material-icons">reply</i>
</button>
</span>
</li>
HTML;
return $output;
}
<?php
require 'db.inc.php';
require 'output_functions.inc.php';
include 'header.inc.php';
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
$article_id = isset($_GET['article_id']) && ctype_digit($_GET['article_id']) ? $_GET['article_id'] : '';
output_story($db, $article_id);
?>
<h3>Add a comment</h3>
<form method="POST" action="transact_article.php">
<div>
<label for="comment_text">Comment:</label><br />
<textarea id="comment_text" name="comment_text" rows="10" cols="60"></textarea><br />
<input type="submit" name="action" value="Submit Comment" />
<input type="hidden" name="article_id" value="<?php
echo $article_id;
?>
" />
</div>
</form>
<?php
show_comments($db, $article_id, FALSE);
include 'footer.inc.php';
function post_show($id, $preview = TRUE, $db, $adm_log = 0)
{
if (!ctype_digit($id)) {
alert_try_sqlinj();
header('Location:index.php?error=error');
die;
}
$id = validate($id, $db);
$query = 'SELECT post_title,post_logo,p.categ_id,categ_name,post_text,UNIX_TIMESTAMP(post_edit_date) AS post_edit_date,UNIX_TIMESTAMP(post_date) AS post_date FROM posts p JOIN categories c ON p.categ_id=c.categ_id WHERE post_id=' . mysql_real_escape_string($id, $db);
$result = sql_query($query, $db);
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_assoc($result)) {
extract($row);
echo '<table class=post-tablef>
<tr><td>';
echo $adm_log == 1 ? '<div>
<span class="span-edit">
<a href="admin_main.php?mode=confirm&submit=post_delete&post_id=' . $id . '">
Delete this post
</a>
||
<a href="admin_main.php?mode=edit_post&post_id=' . $id . '">
Edit this post
</a>
</span>
</div>' : '';
echo '<div>
<div><span class="span-posttitle">
<a href="view_post.php?id=' . mysql_real_escape_string($id, $db) . '">
' . nl2br(deletenbsp($post_title)) . '
</a>
</span>
</div>
</br>';
echo '<span class="span-submitted"><strong>
Submitted:</strong>' . htmlspecialchars(date('l F j, Y H:i', $post_date)) . '
</span>
</br>';
if ($post_edit_date != "") {
echo '<span class="span-submitted">
<strong>Edit Date:</strong>
' . htmlspecialchars(date('l F j, Y H:i', $post_edit_date)) . '
</span>
</br>';
}
echo '
<span class="span-category">
<strong>Category:</strong>
<a href="index.php?categ=' . $categ_id . '">
' . deletenbsp($categ_name) . '
</a>
</span>
</br></br>';
if ($post_logo != "") {
echo '<img class="logo_link" src="' . stripslashes(deletescript(html_entity_decode(deletenbsp($post_logo), ENT_QUOTES))) . '"/></br></br>';
}
if ($preview) {
$text = nl2br(stripslashes(preview(htmlsostitution(deletenbsp($post_text)))));
echo '<table class="post-textf">
<tr>
<td>' . $text;
if (strlen(nl2br(stripslashes(htmlsostitution(deletenbsp($post_text))))) > MAX_LENGTH_PREVIEW) {
echo '</br>
<a href="view_post.php?id=' . $id . '">
More
</a>';
}
echo '</td>
</tr>
</table>';
} else {
echo '<table class="post-textf">
<tr>
<td>
' . nl2br(stripslashes(htmlsostitution(deletenbsp($post_text)))) . '
</td>
</tr>
</table>';
}
echo '</br>
<div>
<strong>
Tags:
</strong></br>
<span class="span-tags">';
$query = 'SELECT * FROM
tags t JOIN posttags pt ON t.tag_id=pt.tag_id
WHERE
pt.post_id= ' . mysql_real_escape_string($id, $db) . ' ORDER BY t.tag_name ASC ';
$result = sql_query($query, $db);
if (mysql_num_rows($result) > 0) {
while ($row = mysql_fetch_array($result)) {
extract($row);
echo $tag_name . '; ';
}
} else {
echo 'No tags for this post';
}
echo '</span>
</div></br>';
if (!$preview) {
add_view($id, $db);
echo '<span style="font-size:15px;">' . get_views($id, $db) . '</span></br>';
show_tag_posts($id, $db);
show_comments($id, $db);
}
if ($preview) {
$query = 'SELECT * FROM comments
WHERE
post_id=' . mysql_real_escape_string($id, $db);
$result2 = sql_query($query, $db);
echo '<span style="font-size:15px;">' . get_views($id, $db) . ',<a href="view_post.php?id=' . $id . '">
Comments:' . mysql_num_rows($result2) . '
</a>
</span>
</div>';
}
}
mysql_free_result($result);
} else {
echo 'Article Not found';
}
echo '</td>
</tr>';
echo '</table>
</br>';
}
}
} elseif ($type == 2) {
//check if you are from friends
$a = "user='******' and friend='{$authorID}'";
$b = "user='******' and friend='{$uid}'";
$check = mysql_query("select * from friends where ({$a} or {$b}) and permet='1'");
$oop = mysql_num_rows($check);
//end checking
if ($oop != 0 || $authorID == $uid) {
echo "Note by " . $author . " on " . date("M j'G", $date) . "<hr />";
echo $note . "<hr />";
show_comments($noteID);
if (isset($uid) && isset($user)) {
note_comment_forms($noteID);
} else {
echo "<div id='wrong'>YOU NEED TO BE LOGGED IN TO POST A COMMENT</a>";
}
} else {
echo "ONLY FRIENDS SEE THAT SORRY";
}
} elseif ($type == 1) {
echo "Note by " . $author . " on " . date("M j'G", $date) . "<hr />";
echo $note . "<hr />";
show_comments($noteID);
if (isset($uid) && isset($user)) {
note_comment_forms($noteID);
} else {
echo "<div id='wrong'>YOU NEED TO BE LOGGED IN TO POST A COMMENT</a>";
}
}
}
}
if ($comment->save()) {
redirectMsg('comments.php?' . $qs, __('Comment updated successfully!', 'rmcommon'), 0);
} else {
redirectMsg('comments.php?action=edit&' . $qs, __('Errros ocurrs while trying to update comment!', 1) . '<br />' . $comment->errors(), 1);
}
}
$action = rmc_server_var($_REQUEST, 'action', '');
switch ($action) {
case 'approve':
set_comments_status('approved');
break;
case 'unapprove':
set_comments_status('waiting');
break;
case 'spam':
set_comments_status('spam');
break;
case 'delete':
delete_comments();
break;
case 'edit':
edit_comment();
break;
case 'save':
save_comment();
break;
default:
show_comments();
break;
}
html_link("Return to Articles", "{$PHP_SELF}?L{$options}");
html_link("Show Comments", "#_USER_COMMENTS");
html_link("Submit Comment", "comment.php?r0+particles.php_L{$id}");
if ($LOGIN_LEVEL >= AUTH_DEVEL || $row['create_user'] == $LOGIN_USER) {
html_link("Modify Article", "{$PHP_SELF}?M{$id}{$options}");
html_link("Delete Article", "{$PHP_SELF}?D{$id}{$options}");
}
html_end_links();
if (!$row['is_published']) {
print "<p align='center'><b>This article is currently hidden from " . "public view.</b></p>\n";
}
print "<p><i>{$date} by {$create_user}</i><br>{$abstract}</p>\n" . "{$contents}\n" . "<h1><a name='_USER_COMMENTS'>Comments</a></h1>\n";
html_start_links();
html_link("Submit Comment", "comment.php?r0+particles.php_L{$id}");
html_end_links();
show_comments("articles.php_L{$id}");
db_free($result);
} else {
html_header("Articles");
html_start_links(1);
html_link("Submit Article", "{$PHP_SELF}?N{$options}");
html_end_links();
$htmlsearch = htmlspecialchars($search, ENT_QUOTES);
print "<form method='POST' action='{$PHP_SELF}'><p align='center'>" . "Search Words: <input type='text' size='60' " . "name='SEARCH' value='{$htmlsearch}'>" . "<input type='submit' value='Search Articles'></p></form>\n";
$query = "";
$prefix = "WHERE ";
if ($LOGIN_LEVEL < AUTH_DEVEL) {
$query .= "{$prefix}(is_published = 1 OR create_user = '******')";
$prefix = " AND ";
}
if ($search) {
<i class="material-icons">comment</i>
<?php
echo count(get_approved_comments(get_the_ID()));
?>
<i class="material-icons arrow">keyboard_arrow_down</i>
</span>
<div class="comments_area">
<ul class="mdl-list comments parent">
<?php
foreach (get_approved_comments(get_the_ID()) as $c) {
?>
<?php
var_dump($c);
?>
<?php
echo show_comments($c, true);
?>
<?php
}
?>
</ul>
</div>
<div class="comment-input">
<?php
get_template_part('shared/comment_form');
?>
</div>
<?php
} else {
?>
<span class="article__section--text">
<form name="comment">
<div id="statusbox">ПУСТЬ ТУТ ЧТО ТО БУДЕТ НАПИСАНО!</div>
<input id="name" type="text" name="name" value="Имя (Обязательно)" maxlength="60" onfocus="clearText(this)" onblur="clearText(this)"/>
<input id="mail" type="text" name="mail" value="Почта (Обязательно, непубликуется) " maxlength="60" onfocus="clearText(this)" onblur="clearText(this)"/>
<textarea id="text" name="text" onfocus="clearText(this)" onblur="clearText(this)"></textarea>
<span>
<br/><input id="nr" onClick="document.getElementById('nr').value='nerobot';" type="checkbox" name="nr"/>
<b>я не робот!</b>
</span>
<img class="button_add" src="images/button_add.png" onclick='ajax({
url:"add_comment.php?id_article=1",
statbox:"statusbox",
method:"POST",
data:
{
name:document.getElementById("name").value,
mail:document.getElementById("mail").value,
text:document.getElementById("text").value,
nr:document.getElementById("nr").value,
},
success:function(data){document.getElementById("statusbox").innerHTML=data;}
})'
/>
</form>
</div>
<?php
include "show_comments.php";
show_comments('1');
?>
</div>
</center>
}
$last_nav = 0;
$line = "";
}
}
print $line;
}
}
}
}
fclose($fp);
if ($last_nav) {
print "</p>\n";
}
print "<h1><a name='_USER_COMMENTS'>User Comments</a></h1>\n" . "<p><a href='{$html_path}/comment.php?r0+pdocumentation.php{$path}'>" . "Add Comment</a></p>\n";
$num_comments = show_comments("documentation.php{$path}");
if ($num_comments == 0) {
print "<p>No comments for this page.</p>\n";
}
html_footer();
} else {
header("Content-Type: image/{$type}");
print fread($fp, filesize("docfiles{$path}"));
fclose($fp);
}
}
}
} else {
html_header("Documentation");
if (array_key_exists("CLEAR", $_GET)) {
$q = "";
if ($row["answer{$i}"] != "") {
$percent = (int) (100 * $row["count{$i}"] / $votes);
$size = (int) (300 * $row["count{$i}"] / $max_count);
$answer = htmlspecialchars($row["answer{$i}"]);
$count = $row["count{$i}"];
print "<tr><td align='right'>{$answer}</td><td>" . "<img src='{$rootpath}images/graph.gif' width='{$size}' " . "height='12'> {$count} / {$percent}%</td></tr>\n";
}
}
print "<tr><td></td><th align='right'>{$votes} total votes.</th></tr>\n";
print "</table></center>\n";
}
print "<hr noshade/>\n" . "<h2><a name='_USER_COMMENTS'>User Comments</a></h2>\n";
html_start_links();
html_link("Submit Comment", "comment.php?r0+ppoll.php_r{$poll}");
html_end_links();
show_comments("poll.php_r{$poll}");
db_free($result);
html_footer();
break;
case 'v':
// Vote on a poll
$answers = "";
if ($REQUEST_METHOD == "POST") {
if (array_key_exists("ANSWER", $_POST)) {
$answer = (int) $_POST["ANSWER"];
$answers = ",count{$answer}=count{$answer}+1";
} else {
for ($i = 0; $i < 10; $i++) {
if (array_key_exists("ANSWER{$i}", $_POST)) {
$answers .= ",count{$i}=count{$i}+1";
}
function // O - Number of comments
show_comments($url, // I - URL for comment
$path = "", // I - Path component
$parent_id = 0, // I - Parent comment
$heading = 3) // I - Heading level
{
global $_COOKIE, $LOGIN_LEVEL;
$result = db_query("SELECT * FROM comment WHERE "
."url = '" . db_escape($url) ."' "
."AND parent_id = $parent_id "
."ORDER BY id");
if (array_key_exists("MODPOINTS", $_COOKIE))
$modpoints = $_COOKIE["MODPOINTS"];
else
$modpoints = 5;
if ($parent_id == 0 && $modpoints > 0)
print("<P>You have $modpoints moderation points available.</P>\n");
if ($heading > 6)
$heading = 6;
$safeurl = urlencode($url);
$num_comments = 0;
$div = 0;
while ($row = db_next($result))
{
if ($row["status"] > 0)
{
if ($heading > 3 && !$div)
{
print("<div style='margin-left: 3em;'>\n");
$div = 1;
}
$num_comments ++;
$create_date = date("H:i M d, Y", $row['create_date']);
$create_user = sanitize_email($row['create_user']);
$contents = format_text($row['contents']);
print("<h$heading><a name='_USER_COMMENT_$row[id]'>From</a> "
."$create_user, $create_date (score=$row[status])</h$heading>\n"
."$contents\n");
html_start_links();
if ($LOGIN_LEVEL >= AUTH_DEVEL)
{
html_link("Edit", "${path}comment.php?e$row[id]+p$safeurl");
html_link("Delete", "${path}comment.php?d$row[id]+p$safeurl");
}
html_link("Reply", "${path}comment.php?r$row[id]+p$safeurl");
if ($modpoints > 0)
{
if ($row['status'] > 0)
html_link("Moderate Down", "${path}comment.php?md$row[id]+p$safeurl");
if ($row['status'] < 5)
html_link("Moderate Up", "${path}comment.php?mu$row[id]+p$safeurl");
}
html_end_links();
}
$num_comments += show_comments($url, $path, $row['id'], $heading + 1);
}
db_free($result);
if ($div)
print("</div>\n");
return ($num_comments);
}
<?php
require 'db.inc.php';
require 'output_functions.inc.php';
$db = mysql_connect(MYSQL_HOST, MYSQL_USER, MYSQL_PASSWORD) or die('Unable to connect. Check your connection parameters.');
mysql_select_db(MYSQL_DB, $db) or die(mysql_error($db));
include 'header.inc.php';
output_story($db, $_GET['article_id']);
show_comments($db, $_GET['article_id'], TRUE);
include 'footer.inc.php';