$poster = $commentrow[$i]['comment_username'] == '' ? $lang['Guest'] : $commentrow[$i]['comment_username']; } else { $poster = '<a href="' . append_sid("profile.{$phpEx}?mode=viewprofile&" . POST_USERS_URL . '=' . $commentrow[$i]['user_id']) . '">' . $commentrow[$i]['username'] . '</a>'; } if ($commentrow[$i]['comment_edit_count'] > 0) { $sql = "SELECT c.comment_id, c.comment_edit_user_id, u.user_id, u.username\n\t\t\t\t\t\tFROM " . ADS_COMMENTS_TABLE . " AS c\n\t\t\t\t\t\tLEFT JOIN " . USERS_TABLE . " AS u ON c.comment_edit_user_id = u.user_id\n\t\t\t\t\t\tWHERE c.comment_id = '" . $commentrow[$i]['comment_id'] . "'\n\t\t\t\t\t\tLIMIT 0,1"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain last edit information from the database', '', __LINE__, __FILE__, $sql); } $lastedit_row = $db->sql_fetchrow($result); $edit_info = $commentrow[$i]['comment_edit_count'] == 1 ? $lang['Edited_time_total'] : $lang['Edited_times_total']; $edit_info = '<br /><br />» ' . sprintf($edit_info, $lastedit_row['username'], create_date($board_config['default_dateformat'], $commentrow[$i]['comment_edit_time'], $board_config['board_timezone']), $commentrow[$i]['comment_edit_count']) . '<br />'; } else { $edit_info = ''; } $template->assign_block_vars('commentrow', array('ID' => $commentrow[$i]['comment_id'], 'POSTER' => $poster, 'TIME' => create_date($board_config['default_dateformat'], $commentrow[$i]['comment_time'], $board_config['board_timezone']), 'IP' => $userdata['user_level'] == ADMIN ? '-----------------------------------<br />' . $lang['IP_Address'] . ': <a href="http://network-tools.com/default.asp?host=' . decode_ip($commentrow[$i]['comment_user_ip']) . '" target="_blank">' . decode_ip($commentrow[$i]['comment_user_ip']) . '</a><br />' : '', 'TEXT' => nl2br($commentrow[$i]['comment_text']), 'EDIT_INFO' => $edit_info, 'EDIT' => edit_allowed($commentrow[$i]['comment_user_id'], $cat_edit_level) == TRUE ? '<a href="' . append_sid("ads_comment_edit.{$phpEx}?comment_id=" . $commentrow[$i]['comment_id']) . '">' . $lang['edit'] . '</a>' : '', 'DELETE' => delete_allowed($commentrow[$i]['comment_user_id'], $cat_delete_level) == TRUE ? '<a href="' . append_sid("ads_comment_delete.{$phpEx}?comment_id=" . $commentrow[$i]['comment_id']) . '">' . $lang['delete'] . '</a>' : '')); } $template->assign_block_vars('switch_comment', array()); $template->assign_vars(array('PAGINATION' => generate_pagination(append_sid("ads_comment.{$phpEx}?ad_id={$ad_id}&sort_order={$sort_order}"), $total_comments, $comments_per_page, $start), 'PAGE_NUMBER' => sprintf($lang['Page_of'], floor($start / $comments_per_page) + 1, ceil($total_comments / $comments_per_page)))); } // // Start output of page // $page_title = $lang['comments']; include $phpbb_root_path . 'includes/page_header.' . $phpEx; $template->set_filenames(array('body' => 'ads_comment_body.tpl')); if ($user_id == ADS_GUEST or $username == '') { $poster = $username == '' ? $lang['Guest'] : $username; } else { $poster = '<a href="' . append_sid("profile.{$phpEx}?mode=viewprofile&" . POST_USERS_URL . '=' . $user_id) . '">' . $username . '</a>'; }
$email_img = ''; $email = ''; $www_img = ''; $www = ''; $icq_status_img = ''; $icq_img = ''; $icq = ''; $aim_img = ''; $aim = ''; $msn_img = ''; $msn = ''; $yim_img = ''; $yim = ''; } // Start populating template variables if (edit_allowed($user_id, $cat_edit_level) == TRUE) { $template->assign_block_vars('edit_allowed', array()); if (time() >= $expiry_date - $ads_config['first_chase_days'] * 60 * 60 * 24) { $template->assign_block_vars('switch_renewal_allowed', array()); } if ($status == 'active') { $template->assign_block_vars('switch_active', array()); } if ($status == 'sold') { $template->assign_block_vars('switch_sold', array()); } } if (delete_allowed($user_id, $cat_delete_level) == TRUE) { $template->assign_block_vars('delete_allowed', array()); } if ($ads_config['images'] == 1 && image_allowed($user_id, $cat_image_level) == TRUE && $ad_type_code > 2) {
// Read the categories table // ------------------------------------ $sql = "SELECT *\r\n\t\tFROM " . ADS_CATEGORIES_TABLE . "\r\n\t\tWHERE cat_category = '" . addslashes($category) . "'\r\n\t\tAND cat_sub_category = '" . addslashes($sub_category) . "'"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not query category information', '', __LINE__, __FILE__, $sql); } $row = $db->sql_fetchrow($result); if (empty($row)) { message_die(GENERAL_ERROR, $lang['category_does_not_exist']); } $cat_edit_level = $row['cat_edit_level']; // ------------------------------------ // Check the permissions // ------------------------------------ // Check the permissions if (edit_allowed($comment_user_id, $cat_edit_level) == FALSE) { if (!$userdata['session_logged_in']) { redirect(append_sid("login.{$phpEx}?redirect=ads_comment_edit.{$phpEx}&id={$id}")); } else { message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } // ------------------------------------ // Misc // ------------------------------------ $comments_per_page = $board_config['posts_per_page']; /* +---------------------------------------------------------- | Main work here... +---------------------------------------------------------- */
$private_checked = ''; $trade_checked = 'checked'; } // Put out the page header $page_title = $title; include $phpbb_root_path . 'includes/page_header.' . $phpEx; // Read the categories table $sql = "SELECT * \r\n\t\tFROM " . ADS_CATEGORIES_TABLE . "\r\n\t\tWHERE cat_category = '" . addslashes($category) . "'\r\n\t\tAND cat_sub_category = '" . addslashes($sub_category) . "'"; $result = $db->sql_query($sql); $category_row = $db->sql_fetchrow($result); if (!$category_row) { message_die(GENERAL_ERROR, "Error reading categories table", "", __LINE__, __FILE__, $sql); } $cat_edit_level = $category_row['cat_edit_level']; // Check the permissions if (edit_allowed($user_id, $cat_edit_level) == FALSE) { if (!$userdata['session_logged_in']) { redirect(append_sid("login.{$phpEx}?redirect=ads_item_edit.{$phpEx}&id={$id}")); } else { message_die(GENERAL_ERROR, $lang['Not_Authorised']); } } // // Main processing // if (!isset($HTTP_POST_VARS['submit'])) { // Read the details table $sql = "SELECT * \r\n\t\t\tFROM " . ADS_DETAILS_TABLE . "\r\n\t\t\tWHERE id = '{$id}'"; $result = $db->sql_query($sql); $row = $db->sql_fetchrow($result); $additional_info = $row['additional_info'];