function make_comment_from_id($comment_id) { $comment = get_comment_by_id($comment_id); $user = find_user_by_id($comment["user_id"]); $votes = get_votes_by_comment_id($comment_id); $formatted_votes = format_votes($votes); $avatar = get_user_avatar($comment["user_id"])["file_path"]; // bug where time since doesn;'t show, figure it out later (edit, this fixes that) $time = format_time_in_words(strtotime($comment["date"])); if ($time == "") { $time_text = "now"; } else { $time_text = $time . " ago "; } $output = "<div class=\"row comment_output_panel\" data-comment-id=\"{$comment_id}\">"; $output .= "<div>"; $output .= "<img class=\"left\" src=\"" . $avatar . "\"/>"; $output .= "</div>"; $output .= "<div class=\"comment_output\">"; $output .= "<div ><span class=\"comment_output_info_label\">"; $output .= "<a href=\"user.php?user="******"user_id"] . "\">" . $user["username"] . "</a>"; $output .= "</span> "; $output .= "<span> " . $time_text . " </span></div>"; $output .= "<div>"; $output .= $comment["text"]; $output .= "</div>"; $output .= "<div class=\"vote_panel\">"; $output .= "<span class=\"upvote_button "; if (user_logged_in() && already_upvoted($_SESSION["user_id"], $comment_id)) { $output .= "upvote_button_clicked"; } $output .= "\">"; $output .= "<i class=\"fi-like\" ></i> Upvote <span class=\"vote_display_box "; if ($votes != "null" && (int) $votes > 0) { $output .= " positive_votes "; } else { if ($votes != "null" && (int) $votes < 0) { $output .= " negative_votes "; } else { if ($votes != "null" && (int) $votes == 0) { $output .= " zero_votes "; } } } $output .= "\" >" . $formatted_votes . "</span>"; $output .= "</span>"; $output .= "<span class=\"downvote_button "; if (user_logged_in() && already_downvoted($_SESSION["user_id"], $comment_id)) { $output .= "downvote_button_clicked"; } $output .= "\">"; $output .= "<i class=\"fi-dislike\" > </i>"; $output .= "</span>"; $output .= "</div>"; $output .= "</div>"; $output .= "</div>"; return $output; }
if (!is_logged_in()) { die("You must be logged in to perform this action"); } $performanceId = -1; $artistId = -1; $commentId = -1; $comment = ""; if (isset($_GET['performanceId'])) { $performanceId = intval($_GET['performanceId']); } if (isset($_GET['artistId'])) { $artistId = intval($_GET['artistId']); } if ($_GET['action'] == "editcomment" && isset($_GET['commentId'])) { $commentId = intval($_GET['commentId']); $details = get_comment_by_id($commentId); $comment = $details['comment']; $performanceId = $details['performanceId'] == null ? -1 : $details['performanceId']; $artistId = $details['artistId'] == null ? -1 : $details['artistId']; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $comment = sanitize_input($_POST['comment']); $performanceId = intval($_POST['performanceId']); $artistId = intval($_POST['artistId']); if (isset($_POST['commentId'])) { $commentId = intval($_POST['commentId']); } $has_error = false; if (!$has_error) { // Successful $postDate = date("Y-m-d");
function sn_update_comment($comment_array) { global $sn_sql; if (!is_array($comment_array) || empty($comment_array)) { return null; } if (!isset($comment_array['id']) || !(int) $comment_array['id']) { return 'hahahah'; } $id = (int) $comment_array['id']; $comment = get_comment_by_id($id); $comment_array['author'] = !isset($comment_array['author']) ? $comment->comment_author : mysql_real_escape_string($comment_array['author']); $comment_array['author_email'] = !isset($comment_array['author_email']) ? $comment->comment_author_email : mysql_real_escape_string($comment_array['author_email']); $comment_array['author_url'] = !isset($comment_array['author_url']) ? $comment->comment_author_url : mysql_real_escape_string($comment_array['author_url']); $comment_array['content'] = !isset($comment_array['content']) ? $comment->comment_content : mysql_real_escape_string($comment_array['content']); $comment_array['approved'] = !isset($comment_array['approved']) ? $comment->comment_approved : mysql_real_escape_string($comment_array['approved']); $sql_c = "UPDATE `comments` SET `comment_author` = '{$comment_array['author']}', `comment_author_email` = '{$comment_array['author_email']}', \n\t\t\t\t\t\t\t\t\t\t\t\t\t `comment_author_url` = '{$comment_array['author_url']}', `comment_content` = '{$comment_array['content']}',\n\t\t\t\t\t\t\t\t\t\t\t\t\t `comment_approved` = '{$comment_array['approved']}'\n\n\t\t\t\t\t\t\t\t\t\t\t\t WHERE `comment_id` = {$id}"; $result = $sn_sql->query($sql_c); if (!$result) { return false; } return true; }