/** * Grabs all avalible comments for the requested module and id * * @version 1.0 * @since 1.0.0 * @autor xLink * * @param string $tplVar */ function getComments($tplVar) { //set the template for the comments $this->objTPL->set_filenames(array('comments' => 'modules/core/template/comments/viewComments.tpl')); if (User::$IS_ONLINE) { $dontShow = false; switch ($_GET['mode']) { case 'postComment': if (HTTP_POST) { if (doArgs('comment_' . $this->module_id, false, $_SESSION[$this->module]) != $_POST['sessid']) { msg('FAIL', 'Error: Cant remember where you wer posting to.', '_ERROR'); } else { $comment = $this->insertComment($this->module, $this->module_id, $this->objUser->grab('id'), $_POST['comment']); if (!mysql_affected_rows()) { msg('FAIL', 'Error: Your comment wasnt posted, please try again.', '_ERROR'); } unset($_SESSION[$module]); } $dontShow = true; } break; case 'ajPostComment': if (HTTP_AJAX && HTTP_POST) { if (doArgs('comment_' . $this->module_id, false, $_SESSION[$this->module]) != $_POST['sessid']) { die('1 <script>console.log(' . json_encode(array('comment_' . $this->module_id, $_SESSION[$this->module], $_POST['sessid'], $_POST)) . ');</script>'); } else { $comment = $this->insertComment($this->module, $this->module_id, $this->objUser->grab('id'), $_POST['comment']); if (!mysql_affected_rows()) { die('0'); } echo $this->getLastComment($comment); } exit; } break; case 'deleteComment': $id = doArgs('id', 0, $_GET, 'is_number'); $comment = $this->objSQL->getLine('SELECT * FROM `$Pcomments` WHERE id = "%d"', array($id)); if (!$comment) { msg('FAIL', 'Error: Comment not found.', '_ERROR'); break; } //check if user has perms if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($this->objUser->grab('id') == $comments['author'] || $this->objUser->grab('id') == $this->author_id)) { //do teh the delete $log = 'Comments System: ' . $this->objUser->profile($this->objUser->grab('id'), RAW) . ' deleted comment from <a href="' . $this->aURL[1] . '">this</a>.'; $delete = $this->objSQL->deleteRow('comments', array('id = "%d"', $id), $log); if (!$delete) { msg('FAIL', 'Error: The comment was not deleted.', '_ERROR'); } else { msg('INFO', 'The comment was successfully deleted.', '_ERROR'); } } break; case 'ajDelComment': if (HTTP_AJAX && HTTP_POST) { $id = doArgs('id', 0, $_GET, 'is_number'); $comment = $this->objSQL->getLine('SELECT * FROM `$Pcomments` WHERE id = "%d"', array($id)); if (!$comment) { die('-1'); } //check if user has perms if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($this->objUser->grab('id') == $comments['author'] || $this->objUser->grab('id') == $this->author_id)) { //do teh the delete $log = 'Comments System: ' . $this->objUser->profile($this->objUser->grab('id'), RAW) . ' deleted comment from <a href="' . $this->aURL[1] . '">this</a>.'; $delete = $this->objSQL->deleteRow('comments', array('id = "%d"', $id), $log); die(!$delete ? '0' : '1'); } } else { die('-1'); } die('0'); break; } //make sure the submit form only shows when we want it to if (!$dontShow) { $this->makeSubmitForm(); } } //get a comments count for this module and id $commentsCount = $this->getCount(); $comPagination = new pagination('commentsPage', $this->perPage, $commentsCount); //check to see if we have a positive number if ($commentsCount) { //now lets actually grab the comments $commentsData = $this->objSQL->getTable('SELECT * FROM `$Pcomments` WHERE module="%s" AND module_id="%d" ORDER BY timestamp ASC LIMIT %s', array($this->module, $this->module_id, $comPagination->getSqlLimit())); if (!$commentsData) { //something went wrong msg('INFO', 'Error loading comments.', '_ERROR'); } else { $this->objTPL->assign_var('COM_PAGINATION', $comPagination->getPagination()); $i = 0; //assign the comments to the template foreach ($commentsData as $comments) { $this->objTPL->assign_block_vars('comment', array('ID' => $comments['id'], 'cID' => 'comment-' . $comments['id'], 'ROW' => $i % 2 ? 'row_color2' : 'row_color1', 'ALT_ROW' => $i % 2 ? 'row_color1' : 'row_color2', 'AUTHOR' => $this->objUser->profile($comments['author']), 'POSTED' => $this->objTime->mk_time($comments['timestamp']), 'POST' => contentParse($comments['comment']))); if (User::$IS_ADMIN || User::$IS_MOD || User::$IS_ONLINE && ($this->objUser->grab('id') == $comments['author'] || $this->objUser->grab('id') == $this->author_id)) { $this->objTPL->assign_block_vars('comment.functions', array('URL' => $this->aURL[0] . '?mode=deleteComment&id=' . $comments['id'])); } $i++; } } } else { //we have no comments so output a msg box saying so msg('INFO', 'No Comments.', '_ERROR'); } //and then output the comments to the parent template $this->objTPL->assign_var_from_handle($tplVar, 'comments'); }
/** * Allows a user to view a thread * * @version 2.0 * @since 1.0.0 * @author xLink * * @param int $id */ public function viewThread($id) { $vars = $this->objPage->getVar('tplVars'); $this->objTPL->set_filenames(array('body' => 'modules/forum/template/forum_thread.tpl')); //grab the thread $thread = $this->objSQL->getLine('SELECT t.*, COUNT(DISTINCT p.id) as posts FROM `$Pforum_threads` t LEFT JOIN `$Pforum_posts` p ON p.thread_id = t.id WHERE t.id = %d', array($id)); //make sure it exists if (is_empty($thread['id'])) { $this->throwHTTP(404); return; } //grab the cat $cat = $this->getForumInfo($thread['cat_id']); $cat = $cat[0]; //grab the auth and make sure they /can/ see it $threadAuth = $this->auth[$thread['cat_id']]; if (!$threadAuth['auth_view'] || !$threadAuth['auth_read']) { $this->objPage->setTitle(langVar('B_FORUM') . ' > ' . langVar('P_PERMISSION_DENIED')); hmsgDie('INFO', langVar('L_AUTH_MSG', $threadAuth['auth_read_type'])); return; } //sort out the breadcrumbs & page title $threadTitle = secureMe($thread['subject']); $threadUrl = $this->generateThreadURL($thread); $page_name = array(langVar('B_FORUM'), $cat['title'], !is_empty($threadTitle) ? $threadTitle : langVar('F_VIEWF')); $this->objPage->setTitle(implode(' > ', $page_name)); $this->getSubCrumbs($thread['cat_id']); $this->objPage->addPagecrumb(array(array('url' => $threadUrl, 'name' => $threadTitle))); //update views if (!isset($_SESSION['site']['forum']['view'][$thread['tid']])) { $this->objSQL->query('UPDATE `$Pforum_threads` SET views = (views+1) WHERE id = %d LIMIT 1', array($id)); $_SESSION['site']['forum']['view'][$thread['tid']] = 1; } //if the user is online if (User::$IS_ONLINE) { //do thread tracker part of the tour $tracker = doArgs('forum_tracker', false, $_SESSION['user']); $tracking_threads = array(); if (!is_empty($tracker)) { $tracking_threads = unserialize($tracker); } //find the thread row in the array or create a new one if (!is_empty($tracking_threads)) { foreach ($tracking_threads as $k => $v) { if ($tracking_threads[$k]['id'] == $id) { $tracking_threads[$k][$id]['read'] = true; $tracking_threads[$k][$id]['last_poster'] = time(); } } } else { $tracking_threads[$id]['read'] = true; $tracking_threads[$id]['last_poster'] = time(); } //now update the user row unset($update); $_SESSION['user']['forum_tracker'] = $update['forum_tracker'] = serialize($tracking_threads); $this->objUser->updateUserSettings($this->objUser->grab('id'), $update); unset($update); //update the users watch status $this->objSQL->updateRow('forum_watch', array('seen' => 1), array('user_id ="%d" AND thread_id ="%d"', $this->objUser->grab('id'), $id)); // && read notification if needed $this->objNotify->clearNotifications($id, true); } //setup a new pagination obj $objPagination = new pagination('page', 10, $thread['posts']); //see if the user wants us to jump to the last page if (doArgs('mode', false, $_GET) == 'last_page') { $objPagination->goLastPage(); } //check for guest restrictions $limit = $objPagination->getSqlLimit(); if (!User::$IS_ONLINE && $this->config('forum', 'guest_restriction')) { $this->objTPL->assign_block_vars('error', array('ERROR' => langVar('L_VIEW_GUEST'))); $limit = '1;'; } //grab the thread posts $posts = $this->objSQL->getTable('SELECT * FROM `$Pforum_posts` WHERE thread_id = %d ORDER by timestamp, id ASC LIMIT %s', array($id, $limit)); //assign some vars to the tpl $this->objTPL->assign_vars(array('THREAD_TITLE' => $threadTitle, 'PAGINATION' => $objPagination->getPagination(true), 'JUMPBOX' => $this->objForm->start('jump' . randcode(2)) . $this->buildJumpBox('jumpbox', $this->buildJumpBoxArray(), $thread['cat_id'], false) . $this->objForm->finish(), 'JUMPBOX2' => $this->objForm->start('jump' . randcode(2)) . $this->buildJumpBox('jumpbox2', $this->buildJumpBoxArray(), $thread['cat_id'], false) . $this->objForm->finish())); //setup the watch thread trigger $watchThread = $this->objSQL->getInfo('forum_watch', array('user_id ="%s" AND thread_id ="%s"', $this->objUser->grab('id'), $id)); $this->objTPL->assign_var('WATCH', USER::$IS_ONLINE ? '<a href="' . $threadUrl . '?mode=' . ($watchThread ? 'unwatch' : 'watch') . '">' . langVar($watchThread ? 'L_UNWATCH_THREAD' : 'L_WATCH_THREAD') . '</a>' : null); //check if the thread is currently locked if ($thread['locked'] == 0) { $quick_reply = doArgs('forum_quickreply', false, $_SESSION['user']); //test if we get to output quick reply if ($quick_reply && ($threadAuth['auth_reply'] || $threadAuth['auth_mod'] || User::$IS_MOD)) { $_SESSION['site']['forum'][$id]['id'] = $id; $_SESSION['site']['forum'][$id]['sessid'] = $sessid = md5($this->objUser->grab('username') . $id); //assign the form to the tpl $this->objTPL->assign_vars(array('F_START' => $this->objForm->start('qreply', array('method' => 'POST', 'action' => $threadUrl . '?mode=qreply')), 'F_END' => $this->objForm->finish(), 'HIDDEN' => $this->objForm->inputbox('sessid', 'hidden', $sessid) . $this->objForm->inputbox('id', 'hidden', $id) . $this->objForm->inputbox('quick_reply', 'hidden', 'true'), 'L_QUICK_REPLY' => langVar('L_QUICK_REPLY'), 'F_QUICK_REPLY' => $this->objForm->textarea('post', '', array('extra' => ' tabindex="2"', 'style' => 'width:100%;height:50px;border:0;padding:0;', 'placeholder' => langVar('L_QR_PLACEHOLDER'))), 'POST_OPTIONS' => langVar('L_OPTIONS'), 'OPTIONS' => $this->objForm->checkbox('autoLock', null, false) . ' ' . langVar('L_QR_LOCK_THREAD') . (!$watchThread ? $this->objForm->checkbox($this->objUser->grab('autowatch'), 'watch_topic') . ' Watch Topic.' : NULL), 'SUBMIT' => $this->objForm->button('submit', 'Post', array('extra' => ' tabindex="3"')))); $this->objTPL->assign_block_vars('qreply', array('TEXT' => langVar('L_QUICK_REPLY'))); if ($threadAuth['auth_mod'] || User::$IS_MOD) { $this->objTPL->assign_block_vars('qreply.options', array()); } } if ($threadAuth['auth_reply'] || $threadAuth['auth_mod'] || User::$IS_MOD) { $this->objTPL->assign_block_vars('reply', array('URL' => $threadUrl . '?mode=reply', 'TEXT' => langVar('L_POST_REPLY'), 'IMG' => $thread['locked'] == 1 ? '<img src="' . $vars['FIMG_locked'] . '" />' : '<img src="' . $vars['FIMG_reply'] . '" />')); } } else { $this->objTPL->assign_block_vars('reply', array('URL' => $threadUrl . '?mode=unlock', 'TEXT' => langVar('L_THREAD_LOCKED'), 'IMG' => $thread['locked'] == 1 ? '<img src="' . $vars['FIMG_locked'] . '" />' : NULL)); } $this->objTPL->assign_var('POSTS', $this->outputPosts($posts, $thread)); $this->objTPL->parse('body', false); }