0){ $return_msg .= "

\n"; }else{ return false; } for($i = 0; $i < $comment_counter; $i++){ $get_rows = mysql_fetch_array($get_comments); $return_msg .= ShowLink($get_rows['CmID'],$get_rows['CmSubject'],$get_rows['CmName'],$get_rows['CmEmail'],$get_rows['CmDate']); $return_msg .= ShowContent($get_rows['CmContent'],$get_rows['CmDate2'],$get_rows['CmContent2'],$get_rows['CmIP']); // $return_msg .= ShowNav($get_rows[CmID],0); $return_msg .= GetSubComments($get_rows['CmID']); } $return_msg .= "\n"; return $return_msg; } /* ----------------------------- */ function GetSubComments($ParentID){ /* ----------------------------- */ global $t_cmt_auth_use, $db, $cmt_file, $ArtID, $depth, $max_indent; $return_msg = ""; if($t_cmt_auth_use){ $get_subcomments = mysql_query("SELECT * FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '$ParentID' AND CmAllow='1' ORDER BY CmDate ASC", $db); }else{ $get_subcomments = mysql_query("SELECT * FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '$ParentID' ORDER BY CmDate ASC", $db); } $subcomment_counter = mysql_num_rows($get_subcomments); if($subcomment_counter > 0){ if($depth < $max_indent){ $return_msg .= "

\n"; } for($i = 0; $i < $subcomment_counter; $i++){ $get_rows = mysql_fetch_array($get_subcomments); $return_msg .= ShowLink($get_rows['CmID'],$get_rows['CmSubject'],$get_rows['CmName'],$get_rows['CmEmail'],$get_rows['CmDate']); $return_msg .= ShowContent($get_rows['CmContent'],$get_rows['CmDate2'],$get_rows['CmContent2'],$get_rows['CmIP']); // $return_msg .= ShowNav($get_rows[CmID],0); $depth++; $return_msg .= GetSubComments($get_rows['CmID']); $depth--; } if($depth < $max_indent){ $return_msg .= "\n"; } return $return_msg; }else{ return false; } } /* ----------------------- */ function GetCommentHead($ID){ /* ----------------------- */ global $t_cmt_auth_use, $db, $cmt_file, $comment_re, $page_title, $ArtID; if($t_cmt_auth_use){ $get_comment = mysql_query("SELECT * FROM $cmt_file WHERE CmID = '$ID' AND CmArtID = '$ArtID' AND CmAllow='1' LIMIT 0,1",$db); }else{ $get_comment = mysql_query("SELECT * FROM $cmt_file WHERE CmID = '$ID' AND CmArtID = '$ArtID' LIMIT 0,1",$db); } if(mysql_num_rows($get_comment) > 0){ $get_row = mysql_fetch_array($get_comment); $CmPID = $get_row['CmPID']; $CmSubject = $get_row['CmSubject']; $page_title = $CmSubject; $comment_re = "Re: " . $CmSubject; $CmName = $get_row['CmName']; $CmEmail = $get_row['CmEmail']; $CmContent = nl2br($get_row['CmContent']); $CmDate = $get_row['CmDate']; $CmContent2 = nl2br($get_row['CmContent2']); $CmDate2 = $get_row['CmDate2']; $return_msg = ShowComment($ID,$CmPID,$CmSubject,$CmName,$CmEmail,$CmContent,$CmDate,$CmContent2,$CmDate2); return $return_msg; }else{ return false; } } /* ------------------------------------------------------- */ function ShowContent($CmC,$CmD2,$CmC2,$CmAipi){ /* ------------------------------------------------------- */ $CmC = nl2br($CmC); $return_msg = "\n

$CmC

"; return $return_msg; } /* ------------------------------------------------------- */ function ShowLink($CmID,$CmSubject,$CmName,$CmEmail,$CmDate){ /* ------------------------------------------------------- */ global $PHP_SELF, $ArtID, $lang_pre1, $lang_pre2, $lang_param; $pretty_time = pretty_time($CmDate,1); /* if($CmEmail != ""){ $email_name = "$CmName"; }else{ $email_name = $CmName; } */ $email_name = $CmName; $return_msg = "\n

$CmSubject - $email_name - $pretty_time"; return $return_msg; } /* ------------------------------------------------------------------------------------------------- */ function ShowComment($CmID,$CmPID,$CmSubject,$CmName,$CmEmail,$CmContent,$CmDate,$CmContent2,$CmDate2){ /* ------------------------------------------------------------------------------------------------- */ global $PHP_SELF, $ArtID, $grey, $act, $T_CMT_ADM; $pretty_time = pretty_time($CmDate,1); /* if($CmEmail != ""){ $email_name = "$CmName"; }else{ $email_name = $CmName; } */ $email_name = $CmName; $nw_comment2 = ""; if($CmContent2 != "" && $CmDate2 != "00000000000000"){ $nw_comment2 .= "

$T_CMT_ADM - " . pretty_time($CmDate2,1) . ""; $nw_comment2 .= "
" . nl2br($CmContent2) . "

"; } $return_msg = <<
EOF; //if($act == "vi"){ $nav = ShowNav($CmID, $CmPID); $return_msg .= "\n"; //} $return_msg .= "

$email_name - $pretty_time

$CmSubject
$CmContent $nw_comment2

$nav

\n"; return $return_msg; } /* ------------------------- */ function ShowNav($CmID,$CmPID){ /* ------------------------- */ global $PHP_SELF, $ArtID, $T_CMT_RPL, $T_CMT_ADD, $T_CMT_TOP, $T_CMT_PRN, $T_RETURN; global $lang_pre1, $lang_pre2, $lang_param; //$nav_repl = " $\"$T_CMT_RPL\"$ "; //$nav_top = " $\"$T_CMT_TOP\"$ "; //$nav_retr = " $\"$T_RETURN\"$ "; $nav_repl = "$T_CMT_RPL"; $nav_top = "$T_CMT_TOP"; $nav_retr = "$T_RETURN"; if($CmPID == "0"){ //$nav_prnt = " $\"$T_CMT_PRN\"$ "; $nav_prnt = "$T_CMT_PRN"; }else{ //$nav_prnt = " $\"$T_CMT_PRN\"$ "; $nav_prnt = "$T_CMT_PRN"; } return "

" . $nav_repl . " " . $nav_top . " " . $nav_prnt . " " .$nav_retr . "

"; } /* ----------------- */ function ShowAddLink(){ /* ----------------- */ global $PHP_SELF, $T_CMT_ADD, $ArtID, $act, $T_RETURN, $CmPID, $T_CMT_TOP; global $lang_pre1, $lang_pre2, $lang_param; //$return_msg = "\n

$\"$T_CMT_ADD\"$ "; $return_msg = "\n

$T_CMT_ADD"; if($act == "add" && $CmPID == "0"){ //$return_msg .= " $\"$T_CMT_TOP\"$ $\"$T_RETURN\"$ "; $return_msg .= " $T_CMT_TOP $T_RETURN"; } return $return_msg; } /* ----------------------- */ function AddCommentCounter(){ /* ----------------------- */ global $db, $article_file, $ArtID; /* $get_news = mysql_query("SELECT * FROM $article_file WHERE ArtID = '$ArtID' LIMIT 0,1", $db); while($get_row = mysql_fetch_array($get_news)){ $ArtDate = $get_row[ArtDate]; } */ $update = mysql_query("UPDATE $article_file SET ArtDate=ArtDate, ArtComment=ArtComment+1 WHERE ArtID='$ArtID'", $db); } /* ------------------------- */ function CheckAllow($ArtID=""){ /* ------------------------- */ global $db, $article_catfile, $article_file; if($ArtID == ""){ return false; }else{ $get_allow = mysql_query("SELECT * FROM $article_file LEFT JOIN $article_catfile ON ($article_catfile.ArtCat = $article_file.ArtCat) WHERE $article_file.ArtID='$ArtID' LIMIT 0,1", $db); while($get_row = mysql_fetch_array($get_allow)){ if($get_row['ArtUseComment'] == "1"){ return true; }else{ return false; } } } return false; } /* ---------------- * * Begin the action * * ---------------- */ $depth = 0; $max_indent = 5; $swear = array("isep","bau tai","kudis","kurap","nonok","entot","ngewe","kontol","titit","peler","jembut","memek","itil","taik","cibai","fuck","asshole","pekker","whore","bitch","shit","nigger","bigass","tits","cum ","cunt","clit"); $output = ""; $numpage = 0; if(!isset($act)){ if(!isset($ArtID)){ $ArtID = GetLast($article_file, "ArtID", "ArtDate"); } if($ArtID){ $allow_cmt = CheckAllow($ArtID); if(!$allow_cmt){ header("Location: $base_url"); } $headlines = GetArticle($ArtID); if($headlines){ if(!isset($pos)){$pos = 0;} $temp_pos = $pos; if($t_cmt_auth_use){ $get_count = mysql_query("SELECT COUNT(CmID) AS Total FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '0' AND CmAllow='1'",$db); }else{ $get_count = mysql_query("SELECT COUNT(CmID) AS Total FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '0'",$db); } $count_row = mysql_fetch_array($get_count); $numrec = $count_row['Total']; $numpage = intval($numrec / $step); if($numrec % $step){ $numpage++; } $output .= ShowAddLink(); $comment_top = GetComments(); if($comment_top){ $output .= $comment_top; }else{ $output .= "

" . $T_CMT_EPT; } }else{ $output .= "

$T_NEWS #$ArtID $T_NOEXISTS!"; } $output = << $headlines $output EOF; } }else{ if($act == "vi"){ if(!isset($ArtID)){ $ArtID = GetLast($article_file, "ArtID", "ArtDate"); } if($ArtID){ $headlines = GetArticle($ArtID); if($headlines){ if(!isset($CmPID)){ $CmPID = 0; } $output .= ShowAddLink(0); $comment_head = GetCommentHead($CmID); if($comment_head){ $output .= $comment_head; $output .= GetSubComments($CmID); }else{ $output .= "$T_CMT_EPT - #$CmID"; } }else{ $output .= "$T_NEWS #$ArtID $T_NOEXISTS"; } } $output = << $headlines $output EOF; }elseif($act == "add"){ if(!isset($tion)){ if(!isset($ArtID)){ $ArtID = GetLast($article_file, "ArtID", "ArtDate"); } if($ArtID){ $headlines = GetArticle($ArtID); if($headlines){ $output .= ShowAddLink(); $comment_re = ""; $comment_head = GetCommentHead($CmPID); if($comment_head){ $output .= $comment_head; $CmID = $CmPID; } $size = 40; $sizetarea = $size+round($size/2,0); if(!isset($g_maxcmt)){ $g_maxcmt = 500; } $cmt_form = << function ChrCount(field,remaining){ var MaxChr = $g_maxcmt; if (field.value.length > MaxChr){ field.value = field.value.substring(0, MaxChr); }else{ remaining.value = MaxChr - field.value.length; } }

EOF; // $output =<< $headlines $output $cmt_form EOF; //$output .= GetSubComments($CmID); } } }elseif($tion == "prv"){ $headlines = GetArticle($ArtID); $error = ""; if(trim($yname) == ""){ $error .= "

$T_ERR_BNM"; } if(!empty($ymail)){ if(!ereg("^([a-zA-Z0-9_]|\\-|\\.)+@(([a-zA-Z0-9_]|\\-)+\\.)+[a-z]{2,4}\$",$ymail)){ $error .= "

$T_ERR_WYM"; } } if(trim($subject) == ""){ $error .= "

$T_ERR_EPS"; } if(trim($comment) == ""){ $error .= "

$T_ERR_EPC"; } if(!isset($g_maxcmt)){ $g_maxcmt = 500; } if(strlen(trim($comment)) > $g_maxcmt){ $error.="

$T_CMT $T_ERR_TL"; } if($error!=""){ $cmt_form_err = << $headlines

$T_ERR_INV:

$error

$T_RETURN EOF; $output .= $cmt_form_err; }else{ foreach($swear as $badword => $filter){ $yname = eregi_replace($filter,"*",$yname); $ymail = eregi_replace($filter,"*",$ymail); $subject = eregi_replace($filter,"*",$subject); $subject = FixQuotes($subject); $comment = eregi_replace($filter,"*",$comment); } $subject = preg_replace("/\S{50,}/","*",$subject); $subject = FixQuotes($subject); $comment = strip_tags($comment); $comment = preg_replace("/\S{50,}/","*",$comment); $comment = FixQuotes($comment); $comment_disp = nl2br($comment); if(time()%2 == 1){ $disp_captcha = ''; }else{ $disp_captcha = ''; } // image verification $cmt_form_prev = << $headlines

$T_RF_YNA : $yname

$T_RF_YML : $ymail

$T_CMT_SBJ : $subject

$T_CMT : $comment_disp

IP Address : $_SERVER[REMOTE_ADDR]

$disp_captcha

*) $T_RF_ENTCAPT:

$T_CANCEL $T_RETURN

EOF; // $output .= $cmt_form_prev; } }elseif($tion == "ok"){ $error = ""; /* require_once('libs/recaptchalib.php'); $privatekey = "6LdSMcESAAAAADK3fCEeJ9EEvPuLzB7_nLP-MM0U"; if($_POST["recaptcha_response_field"]){ echo 'lewat'; die; $resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]); if($resp->is_valid){ }else{ $error .= "

$T_ERR_INVCAPT

"; } }else{ $error .= "

$T_ERR_INVCAPT

"; } */ if($_POST['word'] != $_SESSION['mathcaptcha']){ $error .= "

$T_ERR_INVCAPT

"; } $headlines = GetArticle($ArtID); if($error!=""){ $cmt_form_err = << $headlines

$T_ERR_INV:

$error

$T_RETURN EOF; $output .= $cmt_form_err; }else{ // Check for double entry first! $get_comment = mysql_query("SELECT 1 FROM $cmt_file WHERE (CmArtID='$ArtID' AND CmPID='$CmPID' AND CmName='$yname' AND CmEmail='$ymail' AND CmSubject='$subject' AND CmContent='$comment')",$db); if(mysql_num_rows($get_comment) == 1){ $cmt_form_exist = << $T_CMT_DON

EOF; $output .= $cmt_form_exist; }else{ $offset_time = offset_time(); if($t_cmt_auth_use){ $insert = "INSERT INTO $cmt_file (CmArtID,CmPID,CmDate,CmIP,CmName,CmEmail,CmSubject,CmContent,CmContent2,CmAllow) VALUES ('$ArtID','$CmPID','$offset_time','$yip','$yname','$ymail','$subject','$comment','','0')"; mysql_query($insert, $db) or die(mysql_error()); }else{ $insert = "INSERT INTO $cmt_file (CmArtID,CmPID,CmDate,CmIP,CmName,CmEmail,CmSubject,CmContent,CmContent2,CmAllow) VALUES ('$ArtID','$CmPID','$offset_time','$yip','$yname','$ymail','$subject','$comment','','1')"; mysql_query($insert, $db) or die(mysql_error()); AddCommentCounter(); CreateLComments($fnlc); } if($t_cmt_ctr){ // I want to know people who write comment // $em_subj = "User Posting"; $em_cont = "Hi " . $owner_email . "...,\n\n"; $em_cont .= "$yname ( $ymail ) - ( $yip ) write a comment on $offset_time:\n\n"; $em_cont .= "$subject\n"; $em_cont .= "$comment\n\n"; $em_cont .= "for article ID #$ArtID: $base_url/wmncomments.php?ArtID=$ArtID$lang_pre2$lang_param\n\n"; $em_cont .= "$T_REGARDS\n"; $em_cont .= "$site_title\n$owner_email\n\n"; mail($owner_email,$em_subj,$em_cont,"From: $owner_email\nReply-To: $owner_email"); } if($t_cmt_auth_use){ $cmt_form_ok = << $headlines

$T_CMT_THA

EOF; $output .= $cmt_form_ok; }else{ if($CmPID == "0"){ $Location = "$PHP_SELF?ArtID=$ArtID$lang_pre2$lang_param"; }else{ $Location = "$PHP_SELF?act=vi&CmID=$CmPID&ArtID=$ArtID$lang_pre2$lang_param"; } header("Location: $Location"); } } } } } } $output = "

" . $output . "

"; /* ------------------------------------ * * Push what we got above on the screen * * ------------------------------------ */ flush(); include("$base_themepath/$theme/header.php"); include("$base_themepath/$theme/body-inside-open.php"); echo theme_opencenter_box($T_CMT) . $output . theme_closecenter_box(); if($numpage > 1){ echo pagespan("$PHP_SELF?ArtID=$ArtID", $T_CMT_TOP, $T_WITH_S); } /* echo ""; echo "

Managed by WMNews, PHP & MySQL"; */ include("$base_themepath/$theme/body-inside-close.php"); include("$base_themepath/$theme/footer.php"); mysql_close($db); ?>

*) $T_RF_YNA:
$T_RF_YML:
*) $T_CMT_SBJ:
*) $T_CMT: $g_maxcmt $T_CHARACTER $T_MAXIMUM
*) $T_REQUIRED

$T_RF_YNA :	$yname
$T_RF_YML :	$ymail
$T_CMT_SBJ :	$subject
$T_CMT :	$comment_disp
IP Address :	$_SERVER[REMOTE_ADDR]

	$disp_captcha
*) $T_RF_ENTCAPT:
	$T_CANCEL $T_RETURN