<?php
// +----------------------------------------------------------------------+
// | Fantastic File Database |
// +----------------------------------------------------------------------+
// | By Tony Baird |
// | Copyright (c) 2003 Fantastic Scripts |
// | http://fscripts.com |
// +----------------------------------------------------------------------+
// | Fantastic File Database Can be modified freely as long as copyright |
// | is intact and this is left at the top of every source file |
// +----------------------------------------------------------------------+
// | comments.php |
// | Date Started: February 18, 2003 |
// | Last Modified: March 6, 2003 |
// +----------------------------------------------------------------------+
Class Comments {
//*************************************************/
// Just seing what we are doing
//*************************************************/
function Comments() {
global $tpl,$mysql,$online,$ffdb;
if ($_REQUEST['action']=="comments") {
$this->DisplayComments();
}elseif ($_REQUEST['action']=="post_comments") {
$this->PostCommentsForm();
}elseif (isset($_REQUEST['post_comments'])) {
$this->AddComments();
}elseif ($_REQUEST['action']=="delete_comments") {
$this->DeleteComments();
}elseif ($_REQUEST['action']=="edit_comments") {
$this->EditCommentsForm();
}elseif (isset($_REQUEST['edit_comments'])) {
$this->EditComments();
}
}
//*************************************************/
// Displays the Comments
//*************************************************/
function DisplayComments() {
global $tpl,$mysql,$online,$ffdb,$CONFIG;
$tpl->LoadTemplate("comments","templates/$online->skin/comments.tpl");
$mysql->Query("SELECT ffdb_comments.*,ffdb_users.* FROM ffdb_comments, ffdb_users WHERE ffdb_comments.user_id=ffdb_users.user_id");
while ($show_comments=mysql_fetch_array($mysql->result_id)) {
$has_comments=1;
$ffdb->strip_array($show_comments);
// Setting Date Variables
$registered=date($CONFIG[date_format],$show_comments[date_joined]);
$date=date($CONFIG[date_format],$show_comments[date]);
// Options Links
if (preg_match("/@3/",$online->user_level)) {
$options="[ <a href=\"filedb.php?action=edit_comments&id=$show_comments[comment_id]\">Edit Comments</a> | <a href=\"filedb.php?action=delete_comments&id=$show_comments[comment_id]\">Delete Comments</a> ]";
}elseif ($show_comments[user_id]==$online->user_id) {
$options="[ <a href=\"filedb.php?action=edit_comments&id=$show_comments[comment_id]\">Edit Comments</a> ]";
}
if ($show_comments[last_modified]>0) {
$last_modified="<i> Last Modified ".date($CONFIG[date_format],$show_comments[last_modified])."</i>";
}
$comments_array = array(
'username'=> $show_comments[username],
'user_title'=> $show_comments[user_title],
'title'=> $show_comments[comments_title],
'user_id'=>$show_comments[user_id],
'location'=>$show_comments[location],
'comments'=> $show_comments[comments],
'num_posts'=>$show_comments[num_comments],
'downloads' => $show_file[downloads],
'last_modified' => $last_modified,
'options' => $options,
'date' => $date,
'registered' => $registered,
);
$tpl->ParseTemplate("comments",$comments_array,"Yes");
$last_modified="";
}
if ($has_comments==1) {
$tpl->PrintTemplate("comments");
}
$tpl->LoadTemplate("comments_bottom","templates/$online->skin/comments_bottom.tpl");
$comments_bottom_array = array(
'file_id'=> $_REQUEST['id']
);
$tpl->ParseTemplate("comments_bottom",$comments_bottom_array,"No");
$tpl->PrintTemplate("comments_bottom");
}
//*************************************************/
// Post Comments Form
//*************************************************/
function PostCommentsForm() {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
if ($online->user_id==$CONFIG['guest_id']) {
$ffdb->Error("You need to be logged in to use this feature");
}
if (!preg_match("/@2/",$online->user_level)) {
$ffdb->Error("You don't have permission to use this feature");
}
$tpl->LoadTemplate("post_comments","templates/$online->skin/post_comments.tpl");
$post_comments_array = array(
'file_id'=> $_REQUEST['id']
);
$tpl->ParseTemplate("post_comments",$post_comments_array,"No");
$tpl->PrintTemplate("post_comments");
}
//*************************************************/
// Adds Comments to Database
//*************************************************/
function AddComments() {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
if ($online->user_id==$CONFIG['guest_id']) {
$ffdb->Error("You need to be logged in to use this feature");
}
if (!preg_match("/@2/",$online->user_level)) {
$ffdb->Error("You don't have permission to use this feature");
}
if (empty($_POST['comments_title'])) {
$error .="Missing Comments Title<br>";
}
if (empty($_POST['comments'])) {
$error .="Missing Comments<br>";
}
// Ok time to prevent them from flooding
$mysql->Query("SELECT * FROM ffdb_comments WHERE user_id=$online->user_id AND date<$ffdb->time-".$CONFIG['flood_time']."");
if (isset($error)) {
$ffdb->Error($error);
}
$_POST['comments_title']=HTMLSpecialChars($_POST['comments_title']);
$this->CommentsParser($_POST['comments']);
$insert_array = array(
'user_id' => $online->user_id,
'file_id' => $_POST['file_id'],
'comments_title' => $_POST['comments_title'],
'comments' => $_POST['comments'],
'date' => $ffdb->time
);
$mysql->MakeInsertString($insert_array);
$mysql->Query("INSERT INTO ffdb_comments ($mysql->insert_fields) VALUES ($mysql->insert_values)");
$mysql->Query("UPDATE ffdb_users SET num_comments=num_comments+1 WHERE user_id=$online->user_id");
$mysql->Query("UPDATE ffdb_files SET num_comments=num_comments+1 WHERE file_id=".$_POST['file_id']."");
$mysql->Query("UPDATE ffdb_stats SET num_comments=num_comments+1");
$ffdb->Success("Comments added");
}
//*************************************************/
// It deletes the comments! What did you expect
// it did, do your laundry?
//*************************************************/
function DeleteComments() {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
if ($online->user_id==$CONFIG['guest_id']) {
$ffdb->Error("You need to be logged in to use this feature");
}
if (!preg_match("/@3/",$online->user_level)) {
$ffdb->Error("You don't have permission to use this feature");
}
if (!$_REQUEST['id']) {
$ffdb->Error("Missing ID for comment deletetion");
}
$mysql->Query("SELECT * FROM ffdb_comments WHERE comment_id=".$_REQUEST['id']."");
$show_comment=mysql_fetch_array($mysql->result_id);
$mysql->Query("DELETE FROM ffdb_comments WHERE comment_id=".$_REQUEST['id']."");
$mysql->Query("UPDATE ffdb_files SET num_comments=num_comments-1 WHERE file_id=$show_comment[file_id]");
$mysql->Query("UPDATE ffdb_users SET num_comments=num_comments-1 WHERE user_id=$show_comment[user_id]");
$mysql->Query("UPDATE ffdb_stats SET num_comments=num_comments-1");
$ffdb->Success("Comment Deleted Successfully");
}
//*************************************************/
// Looks like we got someone editing the comments!
//*************************************************/
function EditCommentsForm() {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
if ($online->user_id==$CONFIG['guest_id']) {
$ffdb->Error("You need to be logged in to use this feature");
}
$mysql->Query("SELECT * FROM ffdb_comments WHERE comment_id=".$_REQUEST['id']."");
$show_comment=mysql_fetch_array($mysql->result_id);
if (!preg_match("/@3/",$online->user_level) && $show_comment[user_id] !=$online->user_id) {
$ffdb->Error("You don't have permission to use this feature");
}
$this->CommentsBackParser($show_comment[comments]);
$tpl->LoadTemplate("edit_comments_form","templates/$online->skin/edit_comments_form.tpl");
$edit_comments_form_array = array(
'comments'=>$show_comment[comments],
'comments_title'=>$show_comment[comments_title],
'comment_id'=>$show_comment[comment_id]
);
$tpl->ParseTemplate("edit_comments_form",$edit_comments_form_array,"Yes");
$tpl->PrintTemplate("edit_comments_form");
}
//*************************************************/
// Just updates the comments in the MySQL DB
//*************************************************/
function EditComments() {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
if (!preg_match("/@3/",$online->user_level) && $show_comment[user_id] !=$online->user_id) {
$ffdb->Error("You don't have permission to use this feature");
}
if (empty($_POST['comments_title'])) {
$error .="Missing Comments Title<br>";
}
if (empty($_POST['comments'])) {
$error .="Missing Comments<br>";
}
$_POST['comments_title']=HTMLSpecialChars($_POST['comments_title']);
$this->CommentsParser($_POST['comments']);
$update_comments_array = array(
'comments' => $_POST['comments'],
'comments_title' => $_POST['comments_title'],
'last_modified' => $ffdb->time
);
$mysql->MakeUpdateString($update_comments_array);
$mysql->Query("UPDATE ffdb_comments SET $mysql->update_string WHERE comment_id='".$_POST['comment_id']."'");
}
//*************************************************/
// Just Comments Parser right now it doesn't do
// much but with some simple modifications it
// could do smilies, custom comment code ect.
//*************************************************/
function CommentsParser(&$comments) {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
$comments=HTMLSPecialChars($comments);
$comments=nl2br($comments);
$comments=addslashes($comments);
return $comments;
}
//*************************************************/
// All it does is put comments back into nice form
//*************************************************/
function CommentsBackParser(&$comments) {
global $tpl,$mysql,$online,$ffdb,$online,$CONFIG;
$comments=str_replace("<br />","",$comments);
$comments=stripslashes($comments);
return $comments;
}
}
?>