/* ======================================================================================== * WMNews Version 0.3 * Another PHP & MySQL driven News Publishing system * * Filename : wmncomments.php * Description : Part of WMNews, user comments script * Last Updated : Sunday, November 23, 2003 09:53:34 PM * Latest Version : http://wartamikael.org/PHPScripts/ * * Copyright (c) 2001-2003 Rudy S. Ingga (toekangweb@wartamikael.org). All rights reserved. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * ======================================================================================== */ /* ----------------------------------------- * * Tables, configuration and library we need * * ----------------------------------------- */ if(!isset($config)){ include("config/config.php"); } if(!isset($lib_lib)){ include("libs/lib-wmlib.php"); } if(!isset($lib_news)){ include("libs/lib-wmnews.php"); } if($lang == "ina"){ $article_catfile = "WMNCat"; $article_file = "WMNArticle"; $cmt_file = "WMNComments"; }else{ $article_catfile = "en_WMNCat"; $article_file = "en_WMNArticle"; $cmt_file = "en_WMNComments"; } $members_file = "WMLMembers"; $fnlc = "WMN_Komentar_Terakhir.wmn"; session_save_path($base_temp); session_start(); if(!$t_cmt_use){ header("Location: $base_url"); } // Do not use comment system, back to mainpage! /* ------------------------ */ function GetComments($CmID=0){ /* ------------------------ */ global $t_cmt_auth_use, $db, $ArtID, $cmt_file, $pos, $step; $return_msg = ""; if(!$CmID){ $CmID = 0; } if($t_cmt_auth_use){ $get_comments = mysql_query("SELECT * FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '$CmID' AND CmAllow='1' ORDER BY CmDate ASC LIMIT $pos, $step", $db); }else{ $get_comments = mysql_query("SELECT * FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '$CmID' ORDER BY CmDate ASC LIMIT $pos, $step", $db); } $comment_counter = mysql_num_rows($get_comments); if($comment_counter > 0){ $return_msg .= "
$CmC
"; return $return_msg; } /* ------------------------------------------------------- */ function ShowLink($CmID,$CmSubject,$CmName,$CmEmail,$CmDate){ /* ------------------------------------------------------- */ global $PHP_SELF, $ArtID, $lang_pre1, $lang_pre2, $lang_param; $pretty_time = pretty_time($CmDate,1); /* if($CmEmail != ""){ $email_name = "$CmName"; }else{ $email_name = $CmName; } */ $email_name = $CmName; $return_msg = "\n$T_CMT_ADM - " . pretty_time($CmDate2,1) . ""; $nw_comment2 .= ""; } $return_msg = <<
" . nl2br($CmContent2) . "
$email_name - $pretty_time |
$CmSubject $CmContent $nw_comment2 |
$nav |
" . $nav_repl . " " . $nav_top . " " . $nav_prnt . " " .$nav_retr . "
"; } /* ----------------- */ function ShowAddLink(){ /* ----------------- */ global $PHP_SELF, $T_CMT_ADD, $ArtID, $act, $T_RETURN, $CmPID, $T_CMT_TOP; global $lang_pre1, $lang_pre2, $lang_param; //$return_msg = "\n$T_CMT_ADD"; if($act == "add" && $CmPID == "0"){ //$return_msg .= " "; $return_msg .= " $T_CMT_TOP $T_RETURN"; } return $return_msg; } /* ----------------------- */ function AddCommentCounter(){ /* ----------------------- */ global $db, $article_file, $ArtID; /* $get_news = mysql_query("SELECT * FROM $article_file WHERE ArtID = '$ArtID' LIMIT 0,1", $db); while($get_row = mysql_fetch_array($get_news)){ $ArtDate = $get_row[ArtDate]; } */ $update = mysql_query("UPDATE $article_file SET ArtDate=ArtDate, ArtComment=ArtComment+1 WHERE ArtID='$ArtID'", $db); } /* ------------------------- */ function CheckAllow($ArtID=""){ /* ------------------------- */ global $db, $article_catfile, $article_file; if($ArtID == ""){ return false; }else{ $get_allow = mysql_query("SELECT * FROM $article_file LEFT JOIN $article_catfile ON ($article_catfile.ArtCat = $article_file.ArtCat) WHERE $article_file.ArtID='$ArtID' LIMIT 0,1", $db); while($get_row = mysql_fetch_array($get_allow)){ if($get_row['ArtUseComment'] == "1"){ return true; }else{ return false; } } } return false; } /* ---------------- * * Begin the action * * ---------------- */ $depth = 0; $max_indent = 5; $swear = array("isep","bau tai","kudis","kurap","nonok","entot","ngewe","kontol","titit","peler","jembut","memek","itil","taik","cibai","fuck","asshole","pekker","whore","bitch","shit","nigger","bigass","tits","cum ","cunt","clit"); $output = ""; $numpage = 0; if(!isset($act)){ if(!isset($ArtID)){ $ArtID = GetLast($article_file, "ArtID", "ArtDate"); } if($ArtID){ $allow_cmt = CheckAllow($ArtID); if(!$allow_cmt){ header("Location: $base_url"); } $headlines = GetArticle($ArtID); if($headlines){ if(!isset($pos)){$pos = 0;} $temp_pos = $pos; if($t_cmt_auth_use){ $get_count = mysql_query("SELECT COUNT(CmID) AS Total FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '0' AND CmAllow='1'",$db); }else{ $get_count = mysql_query("SELECT COUNT(CmID) AS Total FROM $cmt_file WHERE CmArtID = '$ArtID' AND CmPID = '0'",$db); } $count_row = mysql_fetch_array($get_count); $numrec = $count_row['Total']; $numpage = intval($numrec / $step); if($numrec % $step){ $numpage++; } $output .= ShowAddLink(); $comment_top = GetComments(); if($comment_top){ $output .= $comment_top; }else{ $output .= "
" . $T_CMT_EPT; } }else{ $output .= "
$T_NEWS #$ArtID $T_NOEXISTS!";
}
$output = << $T_ERR_INV: $T_ERR_INV: $T_CMT_THA Managed by WMNews, PHP & MySQL";
*/
include("$base_themepath/$theme/body-inside-close.php");
include("$base_themepath/$theme/footer.php");
mysql_close($db);
?>
$headlines
EOF;
}
}else{
if($act == "vi"){
if(!isset($ArtID)){
$ArtID = GetLast($article_file, "ArtID", "ArtDate");
}
if($ArtID){
$headlines = GetArticle($ArtID);
if($headlines){
if(!isset($CmPID)){ $CmPID = 0; }
$output .= ShowAddLink(0);
$comment_head = GetCommentHead($CmID);
if($comment_head){
$output .= $comment_head;
$output .= GetSubComments($CmID);
}else{
$output .= "$T_CMT_EPT - #$CmID";
}
}else{
$output .= "$T_NEWS #$ArtID $T_NOEXISTS";
}
}
$output = <<$output $headlines
EOF;
}elseif($act == "add"){
if(!isset($tion)){
if(!isset($ArtID)){
$ArtID = GetLast($article_file, "ArtID", "ArtDate");
}
if($ArtID){
$headlines = GetArticle($ArtID);
if($headlines){
$output .= ShowAddLink();
$comment_re = "";
$comment_head = GetCommentHead($CmPID);
if($comment_head){
$output .= $comment_head;
$CmID = $CmPID;
}
$size = 40;
$sizetarea = $size+round($size/2,0);
if(!isset($g_maxcmt)){ $g_maxcmt = 500; }
$cmt_form = <<$output $headlines $output
EOF;
//$output .= GetSubComments($CmID);
}
}
}elseif($tion == "prv"){
$headlines = GetArticle($ArtID);
$error = "";
if(trim($yname) == ""){ $error .= "$cmt_form $headlines
EOF;
$output .= $cmt_form_err;
}else{
foreach($swear as $badword => $filter){
$yname = eregi_replace($filter,"*",$yname);
$ymail = eregi_replace($filter,"*",$ymail);
$subject = eregi_replace($filter,"*",$subject);
$subject = FixQuotes($subject);
$comment = eregi_replace($filter,"*",$comment);
}
$subject = preg_replace("/\S{50,}/","*",$subject);
$subject = FixQuotes($subject);
$comment = strip_tags($comment);
$comment = preg_replace("/\S{50,}/","*",$comment);
$comment = FixQuotes($comment);
$comment_disp = nl2br($comment);
if(time()%2 == 1){
$disp_captcha = '';
}else{
$disp_captcha = '';
}
//
$error
$cmt_form_prev = << $headlines
EOF;
//
$output .= $cmt_form_prev;
}
}elseif($tion == "ok"){
$error = "";
/*
require_once('libs/recaptchalib.php');
$privatekey = "6LdSMcESAAAAADK3fCEeJ9EEvPuLzB7_nLP-MM0U";
if($_POST["recaptcha_response_field"]){
echo 'lewat'; die;
$resp = recaptcha_check_answer($privatekey,
$_SERVER["REMOTE_ADDR"],
$_POST["recaptcha_challenge_field"],
$_POST["recaptcha_response_field"]);
if($resp->is_valid){
}else{
$error .= "
$T_RF_YNA : $yname $T_RF_YML : $ymail $T_CMT_SBJ : $subject $T_CMT : $comment_disp IP Address : $_SERVER[REMOTE_ADDR] $headlines
EOF;
$output .= $cmt_form_err;
}else{
// Check for double entry first!
$get_comment = mysql_query("SELECT 1 FROM $cmt_file WHERE (CmArtID='$ArtID' AND CmPID='$CmPID' AND CmName='$yname' AND CmEmail='$ymail' AND CmSubject='$subject' AND CmContent='$comment')",$db);
if(mysql_num_rows($get_comment) == 1){
$cmt_form_exist = <<
$error
EOF;
$output .= $cmt_form_exist;
}else{
$offset_time = offset_time();
if($t_cmt_auth_use){
$insert = "INSERT INTO $cmt_file (CmArtID,CmPID,CmDate,CmIP,CmName,CmEmail,CmSubject,CmContent,CmContent2,CmAllow) VALUES ('$ArtID','$CmPID','$offset_time','$yip','$yname','$ymail','$subject','$comment','','0')";
mysql_query($insert, $db) or die(mysql_error());
}else{
$insert = "INSERT INTO $cmt_file (CmArtID,CmPID,CmDate,CmIP,CmName,CmEmail,CmSubject,CmContent,CmContent2,CmAllow) VALUES ('$ArtID','$CmPID','$offset_time','$yip','$yname','$ymail','$subject','$comment','','1')";
mysql_query($insert, $db) or die(mysql_error());
AddCommentCounter();
CreateLComments($fnlc);
}
if($t_cmt_ctr){
// I want to know people who write comment //
$em_subj = "User Posting";
$em_cont = "Hi " . $owner_email . "...,\n\n";
$em_cont .= "$yname ( $ymail ) - ( $yip ) write a comment on $offset_time:\n\n";
$em_cont .= "$subject\n";
$em_cont .= "$comment\n\n";
$em_cont .= "for article ID #$ArtID: $base_url/wmncomments.php?ArtID=$ArtID$lang_pre2$lang_param\n\n";
$em_cont .= "$T_REGARDS\n";
$em_cont .= "$site_title\n$owner_email\n\n";
mail($owner_email,$em_subj,$em_cont,"From: $owner_email\nReply-To: $owner_email");
}
if($t_cmt_auth_use){
$cmt_form_ok = <<
$T_CMT_DON
$headlines
EOF;
$output .= $cmt_form_ok;
}else{
if($CmPID == "0"){
$Location = "$PHP_SELF?ArtID=$ArtID$lang_pre2$lang_param";
}else{
$Location = "$PHP_SELF?act=vi&CmID=$CmPID&ArtID=$ArtID$lang_pre2$lang_param";
}
header("Location: $Location");
}
}
}
}
}
}
$output = "
";
/* ------------------------------------ *
* Push what we got above on the screen *
* ------------------------------------ */
flush();
include("$base_themepath/$theme/header.php");
include("$base_themepath/$theme/body-inside-open.php");
echo theme_opencenter_box($T_CMT) . $output . theme_closecenter_box();
if($numpage > 1){
echo pagespan("$PHP_SELF?ArtID=$ArtID", $T_CMT_TOP, $T_WITH_S);
}
/*
echo "";
echo "" . $output . "