function admin_plugin_comments_run(&$loq) { // Again, the plugin API needs work. $commentAmount = 50; if (isset($_POST['commentsQuantity'])) { if ($_POST['commentsQuantity'] == 'ALL') { $commentAmount = 'ALL'; } else { $commentAmount = intval($_POST['commentsQuantity']); } } $commentAmount = isset($_POST['commentsQuantity']) ? intval($_POST['commentsQuantity']) : 50; $articles = null; if (isset($_POST['commentsPosts'])) { $articles = $_POST['commentsPosts'] === 'All' ? null : intval($_POST['commentsPosts']); } $commentdo = isset($_POST['commentdo']) ? strtolower($_POST['commentdo']) : ''; if ($commentdo == '') { $commentdo = isset($_GET['commentdo']) ? strtolower($_GET['commentdo']) : ''; } switch ($commentdo) { case "delete": // delete comments if (is_array($_POST['commentid'])) { foreach ($_POST['commentid'] as $key => $val) { deleteComment($loq, $val, $_POST['postid'][$val]); } } break; case "edit": $commentid = intval($_GET['editComment']); $postid = intval($_GET['postid']); editComment($loq, $commentid, $postid); break; case "editsave": saveEdit($loq); break; case "approve": if (is_array($_POST['commentid'])) { foreach ($_POST['commentid'] as $key => $val) { $loq->_adb->Execute("UPDATE " . T_COMMENTS . " SET onhold='0' WHERE commentid='" . intval($val) . "'"); } } break; case "filter": default: // show form break; } retrieveComments($loq, $commentAmount, $articles); populateSelectList($loq); }
/** * Main function of plugin * * @param object $bBlog Instance of bBlog object * @return void * */ function admin_plugin_comments_run(&$bBlog) { // Again, the plugin API needs work. $commentAmount = 50; if (isset($_GET['commentdo'])) { $commentdo = $_GET['commentdo']; } elseif (isset($_POST['commentdo'])) { $commentdo = $_POST['commentdo']; } else { $commentdo = ""; } switch ($commentdo) { case "Delete": // delete comments if (is_array($_POST['commentid'])) { foreach ($_POST['commentid'] as $key => $val) { deleteComment(&$bBlog, $val); } } break; case "Edit": $commentid = intval($_GET['editComment']); $postid = intval($_GET['postid']); editComment(&$bBlog, $commentid, $postid); break; case "editsave": saveEdit(&$bBlog); break; case "Approve": if (is_array($_POST['commentid'])) { foreach ($_POST['commentid'] as $key => $val) { $bBlog->query("UPDATE " . T_COMMENTS . " SET onhold='0' WHERE commentid='" . intval($val) . "'"); } } break; case "25": case "50": case "100": case "150": case "200": $commentAmount = intval($commentdo); break; default: // show form break; } retrieveComments(&$bBlog, $commentAmount); populateSelectList(&$bBlog); }
** E.g Create user, Delete user, Edit user, Search user, Logout user */ include "config.php"; session_start(); //get action var: action|'' $action = isset($_POST['action']) ? $_POST['action'] : ""; //controls what to show in the front page switch ($action) { case 'addComment': addComment(); break; case 'deleteComment': deleteComment(); break; case 'editComment': editComment(); break; default: homepage(); } function addComment() { $comment = new Comment(); $comment->storeFormValues($_POST); $comment->insertComment(); } function deleteComment() { $comment = new Comment(); $comment->deleteComment($_POST['cId']); }
break; default: $results["meta"] = methodNotAllowed($method, $path); } break; case "comments": switch ($method) { case "GET": $results = getComments($data); break; case "POST": $results = addComment($data); break; case "PATCH": $data["commentID"] = $path[1]; $results = editComment($data); break; case "DELETE": $data["commentID"] = $path[1]; $results = deleteComment($data); break; default: $results["meta"] = methodNotAllowed($method, $path); } break; case "follows": switch ($method) { case "POST": $results = addFriend($data); break; case "DELETE":
* modify it under the terms of the GNU General Public License * as published by the Free Software Foundation; version 2 of the License. */ /** ensure this file is being included by a parent file */ defined('_VALID_MOS') or die('Direct Access to this location is not allowed.'); require_once $mosConfig_absolute_path . "/administrator/components/com_comment/class.comment.php"; require_once $mainframe->getPath('admin_html'); switch ($task) { case "new": editComment($option, 0); break; case "edit": editComment($option, $cid[0]); break; case 'editA': editComment($option, intval($id)); break; case "save": saveComment($option); break; case "remove": removeComments($cid, $option); break; case "publish": publishComments($cid, 1, $option); break; case "unpublish": publishComments($cid, 0, $option); break; case "settings": showConfig($option);
function pagem_moderatecomment() { global $PIVOTX; require_once dirname(__FILE__) . '/modules/module_comments.php'; $PIVOTX['session']->minLevel(PIVOTX_UL_NORMAL); // uid should be numeric. (If it's not, someone is hacking ...) if (!is_numeric($_GET['uid'])) { echo "uid must be numeric"; die; } $entry = $PIVOTX['db']->read_entry(intval($_GET['uid'])); if (isset($entry['comments'][$_GET['key']])) { $comment = $entry['comments'][$_GET['key']]; } else { // This should only happen for non-SQL db when editing a comment from // the latest comments screen (or similar functions) which uses fake UIDs. foreach ($entry['comments'] as $key => $value) { if ($_GET['key'] == makeCommentUID($value)) { $comment = $value; // Setting the key to the array key $_GET['key'] = $key; break; } } } // Flip the moderation, and save it again.. $comment['moderate'] = 1 - intval($comment['moderate']); editComment($entry, $_GET['key'], $comment); if ($comment['moderate']) { $PIVOTX['messages']->addMessage(__('The Comment was disapproved!')); } else { $PIVOTX['messages']->addMessage(__('The Comment was approved!')); } pagem_comments(); }
<?php include "../universal/config.php"; //---saveComment---// if (isset($_POST["saveComment"])) { include "saveComment.php"; $result = saveComment($_POST["commentid"], $_POST["q"], $_POST["commentText"]); echo $result; } elseif (isset($_POST["editComment"])) { include "editComment.php"; $result = editComment($_POST["commentid"]); echo $result; } elseif (isset($_POST["deleteComment"])) { include "deleteComment.php"; $result = deleteComment($_POST["commentid"]); echo $result; } elseif (isset($_POST["showComments"])) { include "showComments.php"; $result = showComments($_POST["q"]); echo $result; }
<?php require 'functions.php'; session_start(); if ('save' == $_POST['edit']) { $_SESSION['comment'] = $_POST['comments']; editComment('images' . DIRECTORY_SEPARATOR . $_SESSION['img'], $_SESSION['comment']); } else { echo $_POST['comment']; echo $_POST['edit']; $_SESSION['comment'] = explodeImg('images' . DIRECTORY_SEPARATOR . 'behemoth.jpg', 1); $_SESSION['img'] = $_POST['edit']; if ('' == $_SESSION['comment']) { $_SESSION['comment'] = 'NO_COMMENTS'; } } // header('Location: index.php');
function showComments() { require 'database.php'; //will show all of user's comments $stmt = $mysqli->prepare("SELECT * FROM comments WHERE name=?"); if (!$stmt) { printf("Query Prep Failed: %s\n", $mysqli->error); exit; } $stmt->bind_param('s', $_SESSION['userAccount']); $stmt->execute(); $result = $stmt->get_result(); echo "<table>\n\t\t\t<tr>\n\t\t\t<th>Comments:</th>\n\t\t\t<th>Delete and Edit:</th>\n\t\t\t</tr>"; while ($row = $result->fetch_assoc()) { $_SESSION['comment'] = $row['comment']; echo "<tr>"; echo "<td>" . htmlentities($row['name']) . " said: " . htmlentities($row['comment']) . "</td>"; echo "<td>"; deleteComment($row['id']); editComment($row['id']); echo "</td>"; echo "</tr>"; } $stmt->close(); echo "</table>"; }