function admin_plugin_comments_run(&$loq)
{
// Again, the plugin API needs work.
$commentAmount = 50;
if (isset($_POST['commentsQuantity'])) {
if ($_POST['commentsQuantity'] == 'ALL') {
$commentAmount = 'ALL';
} else {
$commentAmount = intval($_POST['commentsQuantity']);
}
}
$commentAmount = isset($_POST['commentsQuantity']) ? intval($_POST['commentsQuantity']) : 50;
$articles = null;
if (isset($_POST['commentsPosts'])) {
$articles = $_POST['commentsPosts'] === 'All' ? null : intval($_POST['commentsPosts']);
}
$commentdo = isset($_POST['commentdo']) ? strtolower($_POST['commentdo']) : '';
if ($commentdo == '') {
$commentdo = isset($_GET['commentdo']) ? strtolower($_GET['commentdo']) : '';
}
switch ($commentdo) {
case "delete":
// delete comments
if (is_array($_POST['commentid'])) {
foreach ($_POST['commentid'] as $key => $val) {
deleteComment($loq, $val, $_POST['postid'][$val]);
}
}
break;
case "edit":
$commentid = intval($_GET['editComment']);
$postid = intval($_GET['postid']);
editComment($loq, $commentid, $postid);
break;
case "editsave":
saveEdit($loq);
break;
case "approve":
if (is_array($_POST['commentid'])) {
foreach ($_POST['commentid'] as $key => $val) {
$loq->_adb->Execute("UPDATE " . T_COMMENTS . " SET onhold='0' WHERE commentid='" . intval($val) . "'");
}
}
break;
case "filter":
default:
// show form
break;
}
retrieveComments($loq, $commentAmount, $articles);
populateSelectList($loq);
}
/**
* Main function of plugin
*
* @param object $bBlog Instance of bBlog object
* @return void
*
*/
function admin_plugin_comments_run(&$bBlog)
{
// Again, the plugin API needs work.
$commentAmount = 50;
if (isset($_GET['commentdo'])) {
$commentdo = $_GET['commentdo'];
} elseif (isset($_POST['commentdo'])) {
$commentdo = $_POST['commentdo'];
} else {
$commentdo = "";
}
switch ($commentdo) {
case "Delete":
// delete comments
if (is_array($_POST['commentid'])) {
foreach ($_POST['commentid'] as $key => $val) {
deleteComment(&$bBlog, $val);
}
}
break;
case "Edit":
$commentid = intval($_GET['editComment']);
$postid = intval($_GET['postid']);
editComment(&$bBlog, $commentid, $postid);
break;
case "editsave":
saveEdit(&$bBlog);
break;
case "Approve":
if (is_array($_POST['commentid'])) {
foreach ($_POST['commentid'] as $key => $val) {
$bBlog->query("UPDATE " . T_COMMENTS . " SET onhold='0' WHERE commentid='" . intval($val) . "'");
}
}
break;
case "25":
case "50":
case "100":
case "150":
case "200":
$commentAmount = intval($commentdo);
break;
default:
// show form
break;
}
retrieveComments(&$bBlog, $commentAmount);
populateSelectList(&$bBlog);
}
** E.g Create user, Delete user, Edit user, Search user, Logout user
*/
include "config.php";
session_start();
//get action var: action|''
$action = isset($_POST['action']) ? $_POST['action'] : "";
//controls what to show in the front page
switch ($action) {
case 'addComment':
addComment();
break;
case 'deleteComment':
deleteComment();
break;
case 'editComment':
editComment();
break;
default:
homepage();
}
function addComment()
{
$comment = new Comment();
$comment->storeFormValues($_POST);
$comment->insertComment();
}
function deleteComment()
{
$comment = new Comment();
$comment->deleteComment($_POST['cId']);
}
break;
default:
$results["meta"] = methodNotAllowed($method, $path);
}
break;
case "comments":
switch ($method) {
case "GET":
$results = getComments($data);
break;
case "POST":
$results = addComment($data);
break;
case "PATCH":
$data["commentID"] = $path[1];
$results = editComment($data);
break;
case "DELETE":
$data["commentID"] = $path[1];
$results = deleteComment($data);
break;
default:
$results["meta"] = methodNotAllowed($method, $path);
}
break;
case "follows":
switch ($method) {
case "POST":
$results = addFriend($data);
break;
case "DELETE":
* modify it under the terms of the GNU General Public License
* as published by the Free Software Foundation; version 2 of the License.
*/
/** ensure this file is being included by a parent file */
defined('_VALID_MOS') or die('Direct Access to this location is not allowed.');
require_once $mosConfig_absolute_path . "/administrator/components/com_comment/class.comment.php";
require_once $mainframe->getPath('admin_html');
switch ($task) {
case "new":
editComment($option, 0);
break;
case "edit":
editComment($option, $cid[0]);
break;
case 'editA':
editComment($option, intval($id));
break;
case "save":
saveComment($option);
break;
case "remove":
removeComments($cid, $option);
break;
case "publish":
publishComments($cid, 1, $option);
break;
case "unpublish":
publishComments($cid, 0, $option);
break;
case "settings":
showConfig($option);
function pagem_moderatecomment()
{
global $PIVOTX;
require_once dirname(__FILE__) . '/modules/module_comments.php';
$PIVOTX['session']->minLevel(PIVOTX_UL_NORMAL);
// uid should be numeric. (If it's not, someone is hacking ...)
if (!is_numeric($_GET['uid'])) {
echo "uid must be numeric";
die;
}
$entry = $PIVOTX['db']->read_entry(intval($_GET['uid']));
if (isset($entry['comments'][$_GET['key']])) {
$comment = $entry['comments'][$_GET['key']];
} else {
// This should only happen for non-SQL db when editing a comment from
// the latest comments screen (or similar functions) which uses fake UIDs.
foreach ($entry['comments'] as $key => $value) {
if ($_GET['key'] == makeCommentUID($value)) {
$comment = $value;
// Setting the key to the array key
$_GET['key'] = $key;
break;
}
}
}
// Flip the moderation, and save it again..
$comment['moderate'] = 1 - intval($comment['moderate']);
editComment($entry, $_GET['key'], $comment);
if ($comment['moderate']) {
$PIVOTX['messages']->addMessage(__('The Comment was disapproved!'));
} else {
$PIVOTX['messages']->addMessage(__('The Comment was approved!'));
}
pagem_comments();
}
<?php
include "../universal/config.php";
//---saveComment---//
if (isset($_POST["saveComment"])) {
include "saveComment.php";
$result = saveComment($_POST["commentid"], $_POST["q"], $_POST["commentText"]);
echo $result;
} elseif (isset($_POST["editComment"])) {
include "editComment.php";
$result = editComment($_POST["commentid"]);
echo $result;
} elseif (isset($_POST["deleteComment"])) {
include "deleteComment.php";
$result = deleteComment($_POST["commentid"]);
echo $result;
} elseif (isset($_POST["showComments"])) {
include "showComments.php";
$result = showComments($_POST["q"]);
echo $result;
}
<?php
require 'functions.php';
session_start();
if ('save' == $_POST['edit']) {
$_SESSION['comment'] = $_POST['comments'];
editComment('images' . DIRECTORY_SEPARATOR . $_SESSION['img'], $_SESSION['comment']);
} else {
echo $_POST['comment'];
echo $_POST['edit'];
$_SESSION['comment'] = explodeImg('images' . DIRECTORY_SEPARATOR . 'behemoth.jpg', 1);
$_SESSION['img'] = $_POST['edit'];
if ('' == $_SESSION['comment']) {
$_SESSION['comment'] = 'NO_COMMENTS';
}
}
// header('Location: index.php');
function showComments()
{
require 'database.php';
//will show all of user's comments
$stmt = $mysqli->prepare("SELECT * FROM comments WHERE name=?");
if (!$stmt) {
printf("Query Prep Failed: %s\n", $mysqli->error);
exit;
}
$stmt->bind_param('s', $_SESSION['userAccount']);
$stmt->execute();
$result = $stmt->get_result();
echo "<table>\n\t\t\t<tr>\n\t\t\t<th>Comments:</th>\n\t\t\t<th>Delete and Edit:</th>\n\t\t\t</tr>";
while ($row = $result->fetch_assoc()) {
$_SESSION['comment'] = $row['comment'];
echo "<tr>";
echo "<td>" . htmlentities($row['name']) . " said: " . htmlentities($row['comment']) . "</td>";
echo "<td>";
deleteComment($row['id']);
editComment($row['id']);
echo "</td>";
echo "</tr>";
}
$stmt->close();
echo "</table>";
}
