"List - min", 2 => "List - max", 3 => "Threaded - min", 4 => "Threaded - max"); $corder = array(1 => "Date - new", 2 => "Date - old", 3 => "Rate - high", 4 => "Rate - low"); class Comment { function Comment($name, $subject, $comment, $timestamp, $url, $fake_email, $score, $votes, $cid, $lid) { $this->name = $name; $this->subject = $subject; $this->comment = $comment; $this->timestamp = $timestamp; $this->url = $url; $this->fake_email = $fake_email; $this->score = $score; $this->votes = $votes; $this->cid = $cid; $this->lid = $lid; } } function comment_moderate($moderate) { global $user, $comment_votes; if ($user->id && $moderate) { $none = $comment_votes[key($comment_votes)]; foreach ($moderate as $id=>$vote) { if ($vote != $comment_votes[$none]) { $id = check_output($id); $vote = check_output($vote); $comment = db_fetch_object(db_query("SELECT * FROM comments WHERE cid = '$id'")); if ($comment && !field_get($comment->users, $user->id)) { $result = db_query("UPDATE comments SET score = score $vote, votes = votes + 1, users = '". field_set($comment->users, $user->id, $vote) ."' WHERE cid = '$id'"); } } } } } function comment_settings($mode, $order, $threshold) { global $user; if ($user->id) $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold)); } function comment_form($edit) { global $REQUEST_URI, $user; // name field: $form .= form_item(t("Your name"), format_name($user->name)); // subject field: $form .= form_textfield(t("Subject"), "subject", $edit[subject], 50, 64); // comment field: $form .= form_textarea(t("Comment"), "comment", $edit[comment] ? $edit[comment] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", ""))); // preview button: $form .= form_hidden("pid", $edit[pid]); $form .= form_hidden("id", $edit[id]); if (!$edit[comment]) { $form .= form_submit(t("Preview comment")); } else { $form .= form_submit(t("Preview comment")); $form .= form_submit(t("Post comment")); } return form($REQUEST_URI, $form); } function comment_reply($pid, $id) { global $theme; if ($pid) { $item = db_fetch_object(db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = '$pid'")); comment_view(new Comment($item->name, $item->subject, $item->comment, $item->timestamp, $item->url, $item->fake_email, comment_score($comment), $comment->votes, $item->cid, $item->lid), t("reply to this comment")); } else { node_view(node_get_object(array("nid" => $id))); $pid = 0; } if (user_access("post comments")) { $theme->box(t("Reply"), comment_form(array(pid=>$pid, id=>$id))); } else { $theme->box(t("Reply"), t("You are not authorized to post comments.")); } } function comment_preview($edit) { global $REQUEST_URI, $theme, $user; // Preview comment: comment_view(new Comment($user->name, check_preview($edit[subject]), check_preview($edit[comment]), time(), check_preview($user->url), check_preview($user->fake_email), 0, 0, 0, 0), t("reply to this comment")); $theme->box(t("Reply"), comment_form($edit)); } function comment_post($edit) { global $theme, $user; if (user_access("post comments")) { // check comment submission rate: throttle("post comment", variable_get(max_comment_rate, 60)); // check for duplicate comments: $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_input($edit[pid]) ."' AND lid = '". check_input($edit[id]) ."' AND subject = '". check_input($edit[subject]) ."' AND comment = '". check_input($edit[comment]) ."'"), 0); if ($duplicate != 0) { watchdog("warning", "comment: duplicate '$edit[subject]'"); } else { // validate subject: $edit[subject] = $edit[subject] ? $edit[subject] : substr($edit[comment], 0, 29); // add watchdog entry: watchdog("special", "comment: added '$edit[subject]'"); // add comment to database: db_query("INSERT INTO comments (lid, pid, author, subject, comment, hostname, timestamp, score) VALUES ('". check_input($edit[id]) ."', '". check_input($edit[pid]) ."', '$user->id', '". check_input($edit[subject]) ."', '". check_input($edit[comment]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."', '". ($user->name ? 1 : 0) ."')"); // clear cache: cache_clear(); } } } function comment_score($comment) { $value = ($comment->votes) ? ($comment->score / $comment->votes) : (($comment->score) ? $comment->score : 0); return ((strpos($value, ".")) ? substr($value ."00", 0, 4) : $value .".00"); } function comment_num_replies($id, $count = 0) { $result = db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$id'"); return ($result) ? db_result($result, 0) : 0; } function comment_moderation($comment) { global $comment_votes, $op, $user; if ($op == "reply") { // preview comment: $output .= " "; } else if ($user->id && $user->name != $comment->name && !field_get($comment->users, $user->id)) { // comment hasn't been moderated yet: foreach ($comment_votes as $key=>$value) $options .= " \n"; $output .= "\n"; } else { // comment has already been moderated: $output .= "
". t("score") .": | ". check_output($comment->score) ." |
". t("votes") .": | ". check_output($comment->votes) ." |
"; } function comment_thread_min($cid, $threshold) { global $user; $result = db_query("SELECT c.*, u.* FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.pid = '$cid' ORDER BY c.timestamp, c.cid"); while ($comment = db_fetch_object($result)) { print "
\n"; comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0)); print " |