1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
<?php
$module = array("find" => "comment_find",
"admin" => "comment_admin");
function comment_find($keys) {
global $user;
$find = array();
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
array_push($find, array("subject" => check_output($comment->subject), "link" => (user_access($user, "comment") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "story.php?id=$comment->lid&cid=$comment->cid"), "user" => $story->userid, "date" => $comment->timestamp));
}
return $find;
}
function comment_search() {
global $keys, $mod;
print search_form($keys);
print search_data($keys, $mod);
}
function comment_edit($id) {
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
$output .= "<FORM ACTION=\"admin.php?mod=comment&op=save&id=$id\" METHOD=\"post\">\n";
$output .= "<B>Author:</B><BR>\n";
$output .= format_username($comment->userid) ."<P>\n";
$output .= "<B>Subject:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\"><P>\n";
$output .= "<B>Comment:</B><BR>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save comment\">\n";
$output .= "</FORM>\n";
print $output;
}
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '$subject', comment = '$comment' WHERE cid = '$id'");
watchdog("message", "comment: modified '$subject'");
}
function comment_display($order = "date") {
// Initialize variables:
$fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject");
// Perform SQL query:
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50");
// Display comments:
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR>\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"3\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=comment\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"order\">\n";
foreach ($fields as $key=>$value) {
$output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
$output .= " </FORM>\n";
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR>\n";
$output .= " <TH>subject</TH>\n";
$output .= " <TH>author</TH>\n";
$output .= " <TH>operations</TH>\n";
$output .= " </TR>\n";
while ($comment = db_fetch_object($result)) {
$output .= " <TR><TD>". ($comment->link == "story" ? "<A HREF=\"story.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A>" : check_output($comment->subject)) ."</TD><TD>". format_username($comment->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
print $output;
}
function comment_admin() {
global $op, $id, $subject, $comment, $order;
print "<SMALL><A HREF=\"admin.php?mod=comment\">overview</A> | <A HREF=\"admin.php?mod=comment&op=search\">search comment</A></SMALL><HR>\n";
switch ($op) {
case "edit":
comment_edit($id);
break;
case "search":
comment_search();
break;
case "Save comment":
comment_save(check_input($id), check_input($subject), check_input($comment));
comment_display();
break;
case "Update":
comment_display(check_input($order));
break;
default:
comment_display();
}
}
?>
|
