$container['account_id'] = $album_id;
forward($container);
exit;
}
$db = new SmrMySqlDatabase();
if (!isset($_GET['comment']) || empty($_GET['comment'])) {
create_error_offline('Please enter a comment.');
} else {
$comment = $_GET['comment'];
}
// get current time
$curr_time = TIME;
$comment = word_filter($comment);
$account->sendMessageToBox(BOX_ALBUM_COMMENTS, $comment);
// check if we have comments for this album already
$db->lockTable('album_has_comments');
$db->query('SELECT MAX(comment_id) FROM album_has_comments WHERE album_id = ' . $db->escapeNumber($album_id));
if ($db->nextRecord()) {
$comment_id = $db->getField('MAX(comment_id)') + 1;
} else {
$comment_id = 1;
}
$db->query('INSERT INTO album_has_comments
(album_id, comment_id, time, post_id, msg)
VALUES (' . $db->escapeNumber($album_id) . ', ' . $db->escapeNumber($comment_id) . ', ' . $db->escapeNumber($curr_time) . ', ' . $db->escapeNumber($account->getAccountID()) . ', ' . $db->escapeString($comment) . ')');
$db->unlock();
header('Location: ' . URL . '/album/?' . get_album_nick($album_id));
exit;
} catch (Exception $e) {
handleException($e);
}
