1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
|
<?
$module = array("admin" => "comment_admin");
function comment_edit($id) {
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = $id");
$comment = db_fetch_object($result);
$output .= "<FORM ACTION=\"admin.php?mod=comment&op=save&id=$id\" METHOD=\"post\">\n";
$output .= "<P>\n";
$output .= " <B>Author:</B><BR>\n";
$output .= " ". format_username($comment->userid, 1) ."\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <B>Subject:</B><BR>\n";
$output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\">\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= "<B>Comment:</B><BR>\n";
$output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA>\n";
$output .= "</P>\n";
$output .= "<P>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save comment\">\n";
$output .= "</P>\n";
$output .= "</FORM>\n";
print $output;
}
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
watchdog("message", "comment: modified `$subject'");
}
function comment_display($order = "date") {
// Initialize variables:
$fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject");
// Perform SQL query:
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50");
// Display comments:
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR>\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"3\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=comment\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"order\">\n";
foreach ($fields as $key=>$value) {
$output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
$output .= " </FORM>\n";
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR>\n";
$output .= " <TH>subject</TH>\n";
$output .= " <TH>author</TH>\n";
$output .= " <TH>operations</TH>\n";
$output .= " </TR>\n";
while ($comment = db_fetch_object($result)) {
$output .= " <TR><TD>". ($comment->link == "story" ? "<A HREF=\"story.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A>" : check_output($comment->subject)) ."</TD><TD>". format_username($comment->userid, 1) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
print $output;
}
function comment_admin() {
global $op, $id, $subject, $comment, $order;
switch ($op) {
case "edit":
comment_edit($id);
break;
case "Save comment":
comment_save($id, $subject, $comment);
comment_edit($id);
break;
case "Update":
comment_display($order);
break;
default:
comment_display();
}
}
?>
|
