function html_comments($pid)
{
global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $username, $FAVPICS, $CURRENT_PIC_DATA, $THEME_DIR;
global $template_image_comments, $template_add_your_comment, $db;
$html = '';
if (!$CONFIG['enable_smilies']) {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_smilies');
template_extract_block($template_add_your_comment, 'input_box_smilies');
} else {
$tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
template_extract_block($template_image_comments, 'edit_box_no_smilies');
template_extract_block($template_add_your_comment, 'input_box_no_smilies');
}
$tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
$tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');
$result = $db->sql_query("SELECT msg_id, msg_author, msg_body, msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='{$pid}' ORDER BY msg_id ASC", false, __FILE__, __LINE__);
while ($row = $db->sql_fetchrow($result)) {
$user_can_edit = GALLERY_ADMIN_MODE || USER_ID > 1 && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS || USER_ID < 2 && USER_CAN_POST_COMMENTS && $USER['ID'] == $row['author_md5_id'];
$comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
$comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
$comment_ipinfo = $row['msg_raw_ip'] && GALLERY_ADMIN_MODE ? $tmpl_comments_ipinfo : '';
if ($CONFIG['enable_smilies']) {
$comment_body = set_smilies(make_clickable($row['msg_body']));
$smilies = smilies_table('onerow', 'msg_body', "f{$row['msg_id']}");
} else {
$comment_body = make_clickable($row['msg_body']);
$smilies = '';
}
$params = array('{EDIT}' => &$comment_edit_box, '{BUTTONS}' => &$comment_buttons, '{IPINFO}' => &$comment_ipinfo);
$template = template_eval($template_image_comments, $params);
$info = '';
if (!in_array($pid, $FAVPICS)) {
$info = '<a href="' . URL::index('&file=addfav&pid=' . $CURRENT_PIC_DATA['pid']) . '" >' . ADDFAV . '</a>';
} else {
$info = '<a href="' . URL::index('&file=addfav&pid=' . $CURRENT_PIC_DATA['pid']) . '" >' . REMFAV . '</a>';
}
$params = array('{MSG_AUTHOR}' => $row['msg_author'], '{MSG_ID}' => $row['msg_id'], '{MSG_TYPE}' => GALLERY_ADMIN_MODE ? 'text' : 'hidden', '{EDIT_TITLE}' => COM_EDIT_TITLE, '{CONFIRM_DELETE}' => CONFIRM_DELETE_COM, '{DELETE_LINK}' => URL::index("&file=delete"), '{DELETE_TEXT}' => DELETE . ' ' . COMMENT, '{MSG_DATE}' => localised_date($row['msg_date'], COMMENT_DATE_FMT), '{MSG_BODY}' => &$comment_body, '{MSG_BODY_RAW}' => $row['msg_body'], '{OK}' => OK, '{SMILIES}' => $smilies, '{HDR_IP}' => NET::decode_ip($row['msg_hdr_ip']), '{RAW_IP}' => NET::decode_ip($row['msg_raw_ip']), '{ACTION}' => 'action="' . URL::index('&file=db_input') . '" enctype="multipart/form-data" accept-charset="utf-8"', '{ADDFAVLINK}' => URL::index("&file=addfav&pid={$pid}"), '{ADDFAVTEXT}' => $info, '{THEMEDIR}' => $THEME_DIR);
$html .= template_eval($template, $params);
}
if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments']) {
if (USER_ID > 1) {
$username_input = '<input type="hidden" name="msg_author" value="' . CPG_USERNAME . '" />';
template_extract_block($template_add_your_comment, 'username_input', $username_input);
// $username = '';
} else {
$username = isset($USER['name']) ? '"' . htmlprepare($USER['name']) . '"' : '"' . YOUR_NAME . '" onclick="javascript:this.value=\'\';"';
}
if (!in_array($pid, $FAVPICS)) {
$info = '<a href="' . URL::index('&file=addfav&pid=' . $CURRENT_PIC_DATA['pid']) . '" >' . ADDFAV . '</a>';
} else {
$info = '<a href="' . URL::index('&file=addfav&pid=' . $CURRENT_PIC_DATA['pid']) . '" >' . REMFAV . '</a>';
}
$params = array('{ADD_YOUR_COMMENT}' => ADD_YOUR_COMMENT, '{NAME}' => COM_NAME, '{COMMENT}' => COMMENT, '{PIC_ID}' => $pid, '{username}' => $username, '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'], '{OK}' => OK, '{SMILIES}' => '', '{ACTION}' => 'action="' . URL::index("&file=db_input") . '" enctype="multipart/form-data" accept-charset="utf-8"', '{ADDFAVLINK}' => URL::index("&file=addfav&pid={$pid}"), '{ADDFAVTEXT}' => $info);
if ($CONFIG['enable_smilies']) {
$params['{SMILIES}'] = smilies_table('onerow', 'message', 'post');
}
// if ($CONFIG['enable_smilies']) $params['{SMILIES}'] = generate_smilies();
$html .= template_eval($template_add_your_comment, $params);
}
if (USER_ID > 1 or $CONFIG['allow_anon_fullsize'] or USER_IS_ADMIN) {
return $html;
}
}
}
$content .= "{$i}: " . $session['uname'] . " > <a href=\"{$session['url']}\"> {$session['module']}</a><br />\n";
}
unset($online[3]);
}
$online_num = count($online[1]);
if ($online_num > 0) {
$content .= '<img src="images/blocks/visitors.gif" alt="" /> <span class="content"><b>' . _BVIS . ':</b></span><br />';
for ($i = 1; $i <= $online_num; $i++) {
$session = $online[1][$i - 1];
if ($i < 10 && $online_num > 99) {
$content .= '00';
} else {
if ($i < 10 && $online_num > 9 || $i < 99 && $online_num > 99) {
$content .= '0';
}
}
/* or use:
Asian Pacific http://apnic.net/apnic-bin/whois.pl?searchtext=
Europe http://ripe.net/whois?searchtext=
Latin America http://lacnic.net/cgi-bin/lacnic/whois?query=
Brazil https://registro.br/cgi-bin/nicbr/whois?qr=
Korea http://whois.nida.or.kr/whois/webapisvc?VALUE=
*/
$content .= "{$i}: " . (is_admin() ? '<a href="http://ws.arin.net/cgi-bin/whois.pl?queryinput=' . NET::decode_ip($session['host_addr']) . '" target="_blank" title="Query ARIN Whois">' . (strlen(NET::decode_ip($session['host_addr'])) > 17 ? substr(NET::decode_ip($session['host_addr']), 0, 17) . '...' : NET::decode_ip($session['host_addr'])) . '</a> >' : '') . " <a href=\"{$session['url']}\"> {$session['module']}</a><br />\n";
}
unset($online[1]);
}
if ($hidden > 0) {
$content .= '<span class="content"><b>' . _BHID . ':</b></span> ' . $hidden;
}
