path: root/modules/comment/comment.module

<?php
// $Id$

/**
 * @file
 * Enables users to comment on published content.
 *
 * When enabled, the Drupal comment module creates a discussion
 * board for each Drupal node. Users can post comments to discuss
 * a forum topic, weblog post, story, collaborative book page, etc.
 */

/**
 * Implementation of hook_help().
 */
function comment_help($section = "admin/help#comment") {
  switch ($section) {
    case 'admin/help#comment':
      return t("
      <p>When enabled, the Drupal comment module creates a discussion board for each Drupal node. Users can post comments to discuss a forum topic, weblog post, story, collaborative book page, etc. An administrator can give comment permissions to user groups, and users can (optionally) edit their last comment, assuming no others have been posted since.</p>

      <h3>User control of comment display</h3>
      <p>Attached to each comment board is a control panel for customizing the way that comments are displayed. Users can control the chronological ordering of posts (newest or oldest first) and the number of posts to display on each page. Additional settings include:</p>
      <ul><li><strong>Threaded</strong> &mdash; Displays the posts grouped according to conversations and subconversations.</li>
      <li><strong>Flat</strong> &mdash;  Displays the posts in chronological order, with no threading whatsoever.</li>
      <li><strong>Expanded</strong> &mdash; Displays the title and text for each post.</li>
      <li><strong>Collapsed</strong> &mdash; Displays only the title for each post.</li></ul>
      <p>When a user chooses <em>save settings</em>, the comments are then redisplayed using the user's new choices. Administrators can set the default settings for the comment control panel, along with other comment defaults, in <a href=\"%comment-config\">administer &raquo; comments &raquo; configure</a>. NOTE: When comment moderation is enabled, users will have another control panel option to control thresholds (see below).</p>

      <h3>Additional comment configurations</h3>
      <p>Comments behave like other user submissions in Drupal. Filters, smileys and HTML that work in nodes will also work with comments. Administrators can control access to various comment module functions through <a href=\"%user-permissions\">administer &raquo; users &raquo; configure &raquo; permissions</a>. Know that in a new Drupal installation, all comment permissions are disabled by default. The choice of which permissions to grant to which roles (groups of users) is left up to the site administrator. The following permissions:</p>
      <ul><li><strong>Access comments</strong> &mdash; Allows users to view comments.</li>
      <li><strong>Administrate comments</strong> &mdash; Allows users complete control over configuring, editing and deleting all comments.</li>
      <li><strong>Moderate comments</strong> &mdash; Allows users to rate comment postings (see more on moderation below).</li>
      <li><strong>Post comments</strong> &mdash; Allows users to post comments into an administrator moderation queue.</li>
      <li><strong>Post comments without approval</strong> &mdash; Allows users to directly post comments, bypassing the moderation queue.</li></ul>

      <h3>Notification of new comments</h3>
      <p>Drupal provides specific features to inform site members when new comments have been posted.</p>
      <p>Drupal displays the total number of comments attached to each node, and tracks comments read by individual site members. Members which have logged in will see a notice accompanying nodes which contain comments they have not read. Some administrators may want to <a href=\"%download-notify\">download, install and configure the notify module</a>. Users can then request that Drupal send them an e-mail when new comments are posted (the notify module requires that cron.php be configured properly).</p>
      <p>The <em>tracker</em> module, disabled by default, displays all the site's recent posts.  There is a link to the <a href=\"%tracker\">recent posts</a> page in the navigation block.  This page is a useful way to browse new or updated nodes and comments. Content which the user has not yet read is tagged with a red star (this graphic depends on the current theme). Visit the comment board for any node, and Drupal will display a red <em>\"new\"</em> label beside the text of unread comments.</p>

      <h3>Comment moderation</h3>
      <p>On sites with active commenting from users, the administrator can turn over comment moderation to the community. </p>
      <p>With comment moderation, each comment is automatically assigned an initial rating. As users read comments, they can apply a vote which affects the comment rating. At the same time, users have an additional option in the control panel which allows them to set a threshold for the comments they wish to view. Those comments with ratings lower than the set threshold will not be shown. To enable moderation, the administrator must grant <a href=\"%user-permissions\">moderate comments</a> permissions. Then, a number of options in <a href=\"%comment-config\">administer &raquo; comments &raquo; configure</a> must be configured.</p>

      <h4>Moderation votes</h4>
      <p>The first step is to create moderation labels which allow users to rate a comment.  Go to <a href=\"%comment-votes\">administer &raquo; comments &raquo; configure &raquo; moderation votes</a>. In the <em>vote</em> field, enter the textual labels which users will see when casting their votes. Some examples are</p>
      <ul><li>Excellent +3</li><li>Insightful +2</li><li>Useful +1</li><li>Redundant -1</li><li>Flame -3</li></ul>
      <p>So that users know how their votes affect the comment, these examples include the vote value as part of the label, although that is optional. Using the weight option, you can control the order in which the votes appear to users. Setting the weight heavier (positive numbers) will make the vote label appear at the bottom of the list. Lighter (a negative number) will push it to the top. To encourage positive voting, a useful order might be higher values, positive votes, at the top, with negative votes at the bottom.</p>

      <h4>Moderator vote/values matrix</h4>
      <p>Next go to <a href=\"%comment-matrix\">administer &raquo; comments &raquo; configure &raquo; moderation matrix</a>. Enter the values for the vote labels for each permission role in the vote matrix. The values entered here will be used to create the rating for each comment. NOTE: Comment ratings are calculated by averaging user votes with the initial rating.</p>

      <h4>Creating comment thresholds</h4>
      <p>In <a href=\"%comment-thresholds\">administer &raquo; comments &raquo; configure &raquo; moderation thresholds</a>, you'll have to create some comment thresholds to make the comment rating system useful. When comment moderation is enabled and the thresholds are created, users will find another comment control panel option for selecting their thresholds. They'll use the thresholds you enter here to filter out comments with low ratings. Consequently, you'll probably want to create more than one threshold to give users some flexibility in filtering comments.</p>
      <p>When creating the thresholds, note that the <em>Minimum score</em> is asking you for the lowest rating that a comment can have in order to be displayed. To see a common example of how thresholds work, you might visit <a href=\"%slashdot\">Slashdot</a> and view one of their comment boards associated with a story. You can reset the thresholds in their comment control panel.</p>

      <h4>Initial comment scores</h4>
      <p>Finally, you may want to enter some <em>initial comment scores</em>. In <a href=\"%comment-initial\">administer &raquo; comments &raquo; configure &raquo; moderation roles</a> you can assign a beginning rating for all comments posted by a particular permission role. If you do not assign any initial scores, Drupal will assign a rating of <strong>0</strong> as the default.</p>", array('%comment-config' => url('admin/comment/configure'), '%user-permissions' => url('admin/user/configure/permission'), '%tracker' => url('tracker'), '%download-notify' => 'http://drupal.org/project/releases', '%comment-votes' => url('admin/comment/configure/votes'), '%comment-matrix' => url('admin/comment/configure/matrix'), '%comment-thresholds' => url('admin/comment/configure/thresholds'), '%slashdot' => ' http://slashdot.org', '%comment-initial' => url('admin/comment/configure/roles')));
    case 'admin/comment':
    case 'admin/comment/new':
      return t("Below is a list of the latest comments posted your site. Click on a subject to see the comment, the author's name to edit the author's user information , \"edit\" to modify the text, and \"delete\" to remove their submission.");
    case 'admin/comment/approval':
      return t("Below is a list of the comments posted to your site that need approval. To approve a comment, click on \"edit\" and then change its \"moderation status\" to Approved. Click on a subject to see the comment, the author's name to edit the author's user information, \"edit\" to modify the text, and \"delete\" to remove their submission.");
    case 'admin/comment/configure':
    case 'admin/comment/configure/settings':
      return t("Comments can be attached to any node, and their settings are below. The display comes in two types: a \"flat list\" where everything is flush to the left side, and comments come in chronological order, and a \"threaded list\" where replies to other comments are placed immediately below and slightly indented, forming an outline. They also come in two styles: \"expanded\", where you see both the title and the contents, and \"collapsed\" where you only see the title. Preview comment forces a user to look at their comment by clicking on a \"Preview\" button before they can actually add the comment.");
    case 'admin/comment/configure/matrix':
      return t("Here you assign a value to each item in the comment moderation dropdown menu. This value is added to the vote total, which is then divided by the number of users who have voted and rounded off to the nearest integer. <ul><li>In order to use comment moderation, every text box on this page should be populated.</li><li>You must assign the \"moderate comments\" permission to at least one role in order to use this page.</li><li>Every box not filled in will have a value of zero, which will have the effect of lowering a comments overall score.</li></ul>");
    case 'admin/comment/configure/roles':
      return t("You can setup the initial vote value of a comment posted by each user role using these forms. This value is used before any other users vote on the comment. Blank entries are valued at zero.");
    case 'admin/comment/configure/thresholds':
      return t("Use these forms to setup the name and minimum \"cut off\" score to help your users hide comments they don't want to see. These thresholds appear in the user's comment control panel. Click \"edit threshold\" to modify the values of an already existing configuration. To delete a setting, \"edit\" it first, and then choose \"delete threshold\".");
    case 'admin/comment/configure/votes':
      return t("Create and control the possible comment moderation votes here. \"Weight\" lets you set the order of the drop down menu. Click \"edit\" to edit a current vote weight. To delete a name/weight combination go to the \"edit\" area. To delete a setting, \"edit\" it first, and then choose \"delete vote\".");
    case 'admin/modules#description':
      return t('Enables user to comment on published content.');
   }
}

/**
 * Implementation of hook_menu().
 */
function comment_menu($may_cache) {
  $items = array();

  if ($may_cache) {
    $access = user_access('administer comments');
    $items[] = array('path' => 'admin/comment', 'title' => t('comments'),
      'callback' => 'comment_admin_overview', 'access' => $access);
    $items[] = array('path' => 'admin/comment/edit', 'title' => t('edit comment'),
      'callback' => 'comment_admin_edit', 'access' => $access, 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'admin/comment/delete', 'title' => t('delete comment'),
      'callback' => 'comment_delete', 'access' => $access, 'type' => MENU_CALLBACK);

    // Tabs:
    $items[] = array('path' => 'admin/comment/list', 'title' => t('list'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/comment/configure', 'title' => t('configure'),
      'callback' => 'comment_configure', 'access' => $access, 'type' => MENU_LOCAL_TASK);

    // Subtabs:
    $items[] = array('path' => 'admin/comment/list/new', 'title' => t('new comments'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/comment/list/approval', 'title' => t('approval queue'),
      'callback' => 'comment_admin_overview', 'access' => $access,
      'callback arguments' => 'approval',
      'type' => MENU_LOCAL_TASK);

    $items[] = array('path' => 'admin/comment/configure/settings', 'title' => t('settings'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);

    $access = user_access('administer comments') && user_access('administer moderation');
    $items[] = array('path' => 'admin/comment/configure/matrix', 'title' => t('moderation matrix'),
      'callback' => 'comment_matrix_settings', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/comment/configure/thresholds', 'title' => t('moderation thresholds'),
      'callback' => 'comment_threshold_settings', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/comment/configure/roles', 'title' => t('moderation roles'),
      'callback' => 'comment_role_settings', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/comment/configure/votes', 'title' => t('moderation votes'),
      'callback' => 'comment_vote_settings', 'access' => $access,'type' => MENU_LOCAL_TASK);

    $access = user_access('post comments');
    $items[] = array('path' => 'comment/reply', 'title' => t('reply to comment'),
      'callback' => 'comment_reply', 'access' => $access, 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'comment/edit', 'title' => t('edit comment'),
      'callback' => 'comment_edit', 'access' => $access, 'type' => MENU_CALLBACK);

    $items[] = array('path' => 'comment', 'title' => t('reply to comment'),
      'callback' => 'comment_save_settings', 'access' => 1, 'type' => MENU_CALLBACK);
  }
  else if ((arg(0) == 'node') && is_numeric(arg(1)) && is_numeric(arg(2))) {
    $items[] = array('path' => ('node/'. arg(1) .'/'. arg(2)), 'title' => t('view'),
      'callback' => 'node_page',
      'type' => MENU_CALLBACK);
  }

  return $items;
}

/**
 * Implementation of hook_perm().
 */
function comment_perm() {
  return array('access comments', 'post comments', 'administer comments', 'moderate comments', 'post comments without approval', 'administer moderation');
}

/**
 * Implementation of hook_block().
 *
 * Generates a block with the most recent comments.
 */
function comment_block($op = 'list', $delta = 0) {
  if ($op == 'list') {
    $blocks[0]['info'] = t('Recent comments');
    return $blocks;
  }
  else if ($op == 'view' && user_access('access comments')) {
    $result = db_query_range('SELECT * FROM {comments} WHERE status = 0 ORDER BY timestamp DESC', 0, 10);
    $items = array();
    while ($comment = db_fetch_object($result)) {
      $items[] = l($comment->subject, 'node/'. $comment->nid, NULL, NULL, 'comment-'. $comment->cid) .'<br />'. t('%time ago', array('%time' => format_interval(time() - $comment->timestamp)));
    }

    $block['subject'] = t('Recent comments');
    $block['content'] = theme('item_list', $items);
    return $block;
  }
}

/**
 * Implementation of hook_link().
 */
function comment_link($type, $node = 0, $main = 0) {
  $links = array();

  if ($type == 'node' && $node->comment) {

    if ($main) {
      // Main page: display the number of comments that have been posted.

      if (user_access('access comments')) {
        $all = comment_num_all($node->nid);
        $new = comment_num_new($node->nid);

        if ($all) {
          $links[] = l(format_plural($all, '1 comment', '%count comments'), "node/$node->nid", array('title' => t('Jump to the first comment of this posting.')), NULL, 'comment');

          if ($new) {
            $links[] = l(format_plural($new, '1 new comment', '%count new comments'), "node/$node->nid", array('title' => t('Jump to the first new comment of this posting.')), NULL, 'new');
          }
        }
        else {
          if ($node->comment == 2) {
            if (user_access('post comments')) {
              $links[] = l(t('add new comment'), "comment/reply/$node->nid", array('title' => t('Add a new comment to this page.')));
            }
            else {
              $links[] = theme('comment_post_forbidden');
            }
          }
        }
      }
    }
    else {
      // Node page: add a "post comment" link if the user is allowed to
      // post comments, if this node is not read-only, and if the comment form isn't already shown

      if ($node->comment == 2 && variable_get('comment_form_location', 0) == 0) {
        if (user_access('post comments')) {
          $links[] = l(t('add new comment'), "comment/reply/$node->nid", array('title' => t('Share your thoughts and opinions related to this posting.')), NULL, 'comment');
        }
        else {
          $links[] = theme('comment_post_forbidden');
        }
      }
    }
  }

  if ($type == 'comment') {
    $links = comment_links($node, $main);
  }

  return $links;
}

/**
 * Implementation of hook_nodeapi().
 *
 */
function comment_nodeapi(&$node, $op, $arg = 0) {
  switch ($op) {
    case 'settings':
      $output[t('comment')] = form_select('', "comment_$node->type", variable_get("comment_$node->type", 2), array(t('Disabled'), t('Read only'), t('Read/Write')));
      return $output;
    case 'fields':
      return array('comment');
    case 'form admin':
      if (user_access('administer comments')) {
        $selected = isset($node->comment) ? $node->comment : variable_get("comment_$node->type", 2);
        $output = form_radios('', 'comment', $selected, array(t('Disabled'), t('Read only'), t('Read/write')));
        return form_group(t('User comments'), $output);
      }
      break;
    case 'load':
      return db_fetch_array(db_query("SELECT last_comment_timestamp, last_comment_name, last_comment_name, comment_count, cid as last_comment_cid FROM {node_comment_statistics} WHERE nid = %d", $node->nid));
    case 'validate':
      if (!user_access('administer nodes')) {
        // Force default for normal users:
        $node->comment = variable_get("comment_$node->type", 2);
      }
      break;
    case 'insert':
      db_query('INSERT INTO {node_comment_statistics} (nid, cid, last_comment_timestamp, last_comment_name, last_comment_uid, comment_count) VALUES (%d, 0, %d, NULL, %d, 0)', $node->nid, $node->created, $node->uid);
      break;
    case 'update':
      db_query('UPDATE {node_comment_statistics} SET last_comment_timestamp = %d WHERE nid = %d AND cid = 0', $node->changed, $node->nid);
      break;
    case 'delete':
      db_query('DELETE FROM {comments} WHERE nid = %d', $node->nid);
      db_query('DELETE FROM {node_comment_statistics} WHERE nid = %d', $node->nid);
      break;
    case 'update index':
      $text = '';
      $comments = db_query('SELECT subject, comment, format FROM {comments} WHERE nid = %d AND status = 0', $node->nid);
      while ($comment = db_fetch_object($comments)) {
        $text .= '<h2>'. $comment->subject .'</h2>'. check_output($comment->comment, $comment->format);
      }
      return $text;
    case 'search result':
      $comments = db_result(db_query('SELECT comment_count FROM {node_comment_statistics} WHERE nid = %d', $node->nid));
      return format_plural($comments, '1 comment', '%count comments');
  }
}

/**
 * Implementation of hook_user().
 *
 * Provides signature customization for the user's comments.
 */
function comment_user($type, $edit, &$user, $category = NULL) {
  if ($type == 'form' && $category == 'account') {
    // when user tries to edit his own data
    return array(array('title' => t('Comment settings'), 'data' => form_textarea(t('Signature'), 'signature', $edit['signature'], 64, 3, t('Your signature will be publicly displayed at the end of your comments.')), 'weight' => 2));
  }
  if ($type == 'validate') {
    // validate user data editing
    return array('signature' => $edit['signature']);
  }
}

/**
 * Menu callback; presents the comment settings page.
 */
function comment_configure() {
  if ($_POST) {
    system_settings_save();
  }

  $group  = form_radios(t('Default display mode'), 'comment_default_mode', variable_get('comment_default_mode', 4), _comment_get_modes(), t('The default view for comments. Expanded views display the body of the comment. Threaded views keep replies together.'));
  $group .= form_radios(t('Default display order'), 'comment_default_order', variable_get('comment_default_order', 1), _comment_get_orders(), t('The default sorting for new users and anonymous users while viewing comments. These users may change their view using the comment control panel. For registered users, this change is remembered as a persistent user preference.'));
  $group .= form_select(t('Default comments per page'), 'comment_default_per_page', variable_get('comment_default_per_page', '50'), _comment_per_page(), t('Default number of comments for each page: more comments are distributed in several pages.'));
  $group .= form_radios(t('Comment controls'), 'comment_controls', variable_get('comment_controls', 0), array(t('Display above the comments'), t('Display below the comments'), t('Display above and below the comments'), t('Do not display')), t('Position of the comment controls box.  The comment controls let the user change the default display mode and display order of comments.'));
  $output = form_group(t('Comment viewing options'), $group);

  $group  = form_radios(t('Anonymous poster settings'), 'comment_anonymous', variable_get('comment_anonymous', 0), array(t('Anonymous posters may not enter their contact information'), t('Anonymous posters may leave their contact information'), t('Anonymous posters must leave their contact information')), t('This feature is only useful if you allow anonymous users to post comments.  See the <a href="%url">permissions page</a>.', array('%url' => url('admin/user/configure/permission'))));
  $group .= form_radios(t('Comment subject field'), 'comment_subject_field', variable_get('comment_subject_field', 1), array(t('Disabled'), t('Enabled')), t('Can users provide a unique subject for their comments?'));
  $group .= form_radios(t('Preview comment'), 'comment_preview', variable_get('comment_preview', 1), array(t('Optional'), t('Required')));
  $group .= form_radios(t('Location of comment submission form'), 'comment_form_location', variable_get('comment_form_location', 0), array(t('Display on separate page'), t('Display below post or comments')));
  $output .= form_group(t('Comment posting settings'), $group);

  $result = db_query('SELECT fid, filter FROM {moderation_filters} ');
  while ($filter = db_fetch_object($result)) {
    $thresholds[$filter->fid] = ($filter->filter);
  }
  if ($thresholds) {
    $group = form_select(t('Default threshold'), 'comment_default_threshold', variable_get('comment_default_threshold', 0), $thresholds, t('Thresholds are values below which comments are hidden. These thresholds are useful for busy sites which want to hide poor comments from most users.'));
    $output .= form_group(t('Comment moderation settings'), $group);
  }

  print theme('page', system_settings_form($output));
}

/**
 * This is *not* a hook_access() implementation. This function is called
 * to determine whether the current user has access to a particular comment.
 *
 * Authenticated users can edit their comments as long they have not been
 * replied to. This prevents people from changing or revising their
 * statements based on the replies their posts got. Furthermore, users
 * can't reply to their own comments and are encouraged instead to extend
 * their original comment.
 */
function comment_access($op, $comment) {
  global $user;

  if ($op == 'edit') {
    return $user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0;
  }
}

function comment_node_url() {
  return arg(0) .'/'. arg(1);
}

function comment_edit($cid) {
  global $user;

  $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d', $cid));
  $comment = drupal_unpack($comment);
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
  if (comment_access('edit', $comment)) {
    print theme('page', comment_preview(object2array($comment)));
  }
  else {
    drupal_access_denied();
  }
}

function comment_reply($nid, $pid = NULL) {
  // set the breadcrumb trail
  $node = node_load(array('nid' => $nid));
  menu_set_location(array(array('path' => "node/$nid", 'title' => $node->title), array('path' => "comment/reply/$nid")));

  $output = '';

  // are we posting or previewing a reply?
  if ($_POST['op'] == t('Post comment')) {
    $edit = $_POST['edit'];
    comment_validate_form($edit);
    drupal_set_title(t('Post comment'));
    print theme('page', comment_post($edit));
    return;
  }
  else if ($_POST['op'] == t('Preview comment')) {
    $edit = $_POST['edit'];
    comment_validate_form($edit);
    drupal_set_title(t('Preview comment'));
    print theme('page', comment_preview($edit));
    return;
  }

  // or are we merely showing the form?
  if (user_access('access comments')) {

    // if this is a reply to another comment, show that comment first
    // else, we'll just show the user the node they're commenting on.
    if ($pid) {
      $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0', $pid));
      $comment = drupal_unpack($comment);
      $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
      $output .= theme('comment_view', $comment);
    }
    else if (user_access('access content')) {
      $output .= node_view($node);
      $pid = 0;
    }

    // should we show the reply box?
    if (node_comment_mode($nid) != 2) {
      $output .= theme('box', t('Reply'), t("This discussion is closed: you can't post new comments."));
    }
    else if (user_access('post comments')) {
      $output .= theme('comment_form', array('pid' => $pid, 'nid' => $nid), t('Reply'));
    }
    else {
      $output .= theme('box', t('Reply'), t('You are not authorized to post comments.'));
    }
  }
  else {
    $output .= theme('box', t('Reply'), t('You are not authorized to view comments.'));
  }

  drupal_set_title(t('Add new comment'));
  print theme('page', $output);
}

function comment_validate_form($edit) {
  global $user;

  /*
  ** Validate the comment's body.
  */

  if ($edit['comment'] == '') {
    form_set_error('comment', t('The body of your comment is empty.'));
  }

  /*
  ** Validate filter format
  */
  if (array_key_exists('format', $edit) && !filter_access($edit['format'])) {
    form_set_error('format', t('The supplied input format is invalid.'));
  }

  /*
  ** Check validity of name, mail and homepage (if given)
  */

  if (!$user->uid) {
    if (variable_get('comment_anonymous', 0) > 0) {
      if ($edit['name']) {
        $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", strip_tags($edit['name'])), 0);

        if ($taken != 0) {
          form_set_error('name', t('The name you used belongs to a registered user.'));
        }

      }
      else if (variable_get('comment_anonymous', 0) == 2) {
        form_set_error('name', t('You have to leave your name.'));
      }

      if ($edit['mail']) {
        if (!valid_email_address($edit['mail'])) {
          form_set_error('mail', t('The e-mail address you specified is not valid.'));
        }
      }
      else if (variable_get('comment_anonymous', 0) == 2) {
        form_set_error('mail', t('You have to leave an e-mail address.'));
      }

      if ($edit['homepage']) {
        if (!valid_url($edit['homepage'], TRUE)) {
          form_set_error('homepage', t('The URL of your homepage is not valid.  Remember that it must be fully qualified, i.e. of the form <code>http://example.com/directory</code>.'));
        }
      }
    }
  }
}

function comment_preview($edit) {
  global $user;

  $output = '';

  $comment = new StdClass();
  foreach ($edit as $key => $value) {
    $comment->$key = $value;
  }

  // Attach the user and time information.
  $comment->uid = $user->uid;
  $comment->timestamp = time();
  $comment->name = $user->name ? $user->name : $comment->name;

  // Preview the comment.
  $output .= theme('comment_view', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 1)));
  $output .= theme('comment_form', $edit, t('Reply'));

  if ($edit['pid']) {
    $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0', $edit['pid']));
    $comment = drupal_unpack($comment);
    $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
    $output .= theme('comment_view', $comment);
  }
  else {
    $output .= node_view(node_load(array('nid' => $edit['nid'])));
    $edit['pid'] = 0;
  }

  return $output;
}

function comment_post($edit) {
  global $user;

  if (user_access('post comments') && node_comment_mode($edit['nid']) == 2) {
    // Validate the comment's subject.  If not specified, extract
    // one from the comment's body.
    $edit['subject'] = strip_tags($edit['subject']);

    if ($edit['subject'] == '') {
      $edit['subject'] = truncate_utf8(strip_tags($edit['comment']), 29, TRUE);
    }

    if (!form_get_errors()) {
      // Check for duplicate comments.  Note that we have to use the
      // validated/filtered data to perform such check.
      $duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit['pid'], $edit['nid'], $edit['subject'], $edit['comment']), 0);
      if ($duplicate != 0) {
        watchdog('warning', t('Comment: duplicate %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')));
      }

      if ($edit['cid']) {
        // Update the comment in the database.  Note that the update
        // query will fail if the comment isn't owned by the current
        // user.
        db_query("UPDATE {comments} SET subject = '%s', comment = '%s', format = '%s' WHERE cid = %d AND uid = %d", $edit['subject'], $edit['comment'], $edit['format'], $edit['cid'], $user->uid);

        _comment_update_node_statistics($edit['nid']);

        // Allow modules to respond to the updating of a comment.
        module_invoke_all('comment', 'update', $edit);

        // Add entry to the watchdog log.
        watchdog('special', t('Comment: updated %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')), l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
      }
      else {
        // Add the comment to database.
        $status = user_access('post comments without approval') ? 0 : 1;
        $roles = variable_get('comment_roles', array());
        $score = 0;

        foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
          $score = max($roles[$rid], $score);
        }

        $users = serialize(array(0 => $score));

        // Here we are building the thread field.  See the comment
        // in comment_render().
        if ($edit['pid'] == 0) {
          // This is a comment with no parent comment (depth 0): we start
          // by retrieving the maximum thread level.
          $max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));

          // Strip the "/" from the end of the thread.
          $max = rtrim($max, '/');

          // Next, we increase this value by one.  Note that we can't
          // use 1, 2, 3, ... 9, 10, 11 because we order by string and
          // 10 would be right after 1.  We use 1, 2, 3, ..., 9, 91,
          // 92, 93, ... instead.  Ugly but fast.
          $decimals = (string) substr($max, 0, strlen($max) - 1);
          $units = substr($max, -1, 1);
          if ($units) {
            $units++;
          }
          else {
            $units = 1;
          }

          if ($units == 10) {
            $units = '90';
          }

          // Finally, build the thread field for this new comment.
          $thread = $decimals . $units .'/';
        }
        else {
          // This is comment with a parent comment: we increase
          // the part of the thread value at the proper depth.

          // Get the parent comment:
          $parent = db_fetch_object(db_query('SELECT * FROM {comments} WHERE cid = %d', $edit['pid']));

          // Strip the "/" from the end of the parent thread.
          $parent->thread = (string) rtrim((string) $parent->thread, '/');

          // Get the max value in _this_ thread.
          $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));

          if ($max == '') {
            // First child of this parent.
            $thread = $parent->thread .'.1/';
          }
          else {
            // Strip the "/" at the end of the thread.
            $max = rtrim($max, '/');

            // We need to get the value at the correct depth.
            $parts = explode('.', $max);
            $parent_depth = count(explode('.', $parent->thread));
            $last = $parts[$parent_depth];

            // Next, we increase this value by one.  Note that we can't
            // use 1, 2, 3, ... 9, 10, 11 because we order by string and
            // 10 would be right after 1.  We use 1, 2, 3, ..., 9, 91,
            // 92, 93, ... instead.  Ugly but fast.
            $decimals = (string)substr($last, 0, strlen($last) - 1);
            $units = substr($last, -1, 1);
            $units++;
            if ($units == 10) {
              $units = '90';
            }

            // Finally, build the thread field for this new comment.
            $thread = $parent->thread .'.'. $decimals . $units .'/';
          }
        }


        $edit['cid'] = db_next_id('{comments}_cid');
        $edit['timestamp'] = time();

        if ($edit['uid'] = $user->uid) {
          $edit['name'] = $user->name;
        }


        db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);

        _comment_update_node_statistics($edit['nid']);

        // Tell the other modules a new comment has been submitted.
        module_invoke_all('comment', 'insert', $edit);

        // Add an entry to the watchdog log.
        watchdog('special', t('Comment: added %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')), l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
      }

      // Clear the cache so an anonymous user can see his comment being added.
      cache_clear_all();

      // Explain the approval queue if necessary, and then
      // redirect the user to the node he's commenting on.
      if ($status == 1) {
        drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
        drupal_goto('node/'. $edit['nid']);
      }
      else {
        drupal_goto('node/'. $edit['nid'] .'#comment-'. $edit['cid']);
      }
    }
    else {
      print theme('page', comment_preview($edit));
    }
  }
  else {
    watchdog('error', t('Comment: unauthorized comment submitted or comment submitted to a closed node %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')));
  }
}

function comment_links($comment, $return = 1) {
  global $user;

  $links = array();

  // If we are viewing just this comment, we link back to the node.
  if ($return) {
    $links[] = l(t('parent'), comment_node_url(), NULL, NULL, "comment-$comment->cid");
  }

  if (node_comment_mode($comment->nid) == 2) {
    if (user_access('administer comments') && user_access('access administration pages')) {
      $links[] = l(t('delete'), "admin/comment/delete/$comment->cid");
      $links[] = l(t('edit'), "admin/comment/edit/$comment->cid");
      $links[] = l(t('reply'), "comment/reply/$comment->nid/$comment->cid");
    }
    else if (user_access('post comments')) {
      if (comment_access('edit', $comment)) {
        $links[] = l(t('edit'), "comment/edit/$comment->cid");
      }
      $links[] = l(t('reply'), "comment/reply/$comment->nid/$comment->cid");
    }
    else {
      $links[] = theme('comment_post_forbidden');
    }
  }

  if ($moderation = theme('comment_moderation_form', $comment)) {
    $links[] = $moderation;
  }

  return $links;
}

function comment_render($node, $cid = 0) {
  global $user;

  $mode = $_GET['mode'];
  $order = $_GET['order'];
  $threshold = $_GET['threshold'];
  $comments_per_page = $_GET['comments_per_page'];
  $comment_page = $_GET['comment_page'];

  $output = '';

  if (user_access('access comments')) {
    // Pre-process variables.
    $nid = $node->nid;
    if (empty($nid)) {
      $nid = 0;
    }

    if (empty($mode)) {
      $mode = $user->mode ? $user->mode : ($_SESSION['comment_mode'] ? $_SESSION['comment_mode'] : variable_get('comment_default_mode', 4));
    }

    if (empty($order)) {
      $order = $user->sort ? $user->sort : ($_SESSION['comment_sort'] ? $_SESSION['comment_sort'] : variable_get('comment_default_order', 1));
    }
    if (empty($threshold)) {
      $threshold = $user->threshold ? $user->threshold : ($_SESSION['comment_threshold'] ? $_SESSION['comment_threshold'] : variable_get('comment_default_threshold', 0));
    }
    $threshold_min = db_result(db_query('SELECT minimum FROM {moderation_filters} WHERE fid = %d', $threshold));

    if (empty($comments_per_page)) {
      $comments_per_page = $user->comments_per_page ? $user->comments_per_page : ($_SESSION['comment_comments_per_page'] ? $_SESSION['comment_comments_per_page'] : variable_get('comment_default_per_page', '50'));
    }

    $output .= "<a id=\"comment\"></a>\n";

    if ($cid) {
      // Single comment view.

      $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
      $output .= form_hidden('nid', $nid);

      $result = db_query('SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0 GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users', $cid);

      if ($comment = db_fetch_object($result)) {
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $output .= theme('comment_view', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 1)));
      }

      if ((comment_user_can_moderate($node)) && $user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
        $output .= '<div style="text-align: center;">'. form_submit(t('Moderate comment')) .'</div><br />';
      }
      $output .= '</div></form>';
    }
    else {
      // Multiple comment view

      $query .= "SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name , c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.thread FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.nid = '". db_escape_string($nid) ."' AND c.status = 0";

      $query .= ' GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users, c.thread';

      /*
      ** We want to use the standard pager, but threads would need every
      ** comment to build the thread structure, so we need to store some
      ** extra info.
      **
      ** We use a "thread" field to store this extra info. The basic idea
      ** is to store a value and to order by that value. The "thread" field
      ** keeps this data in a way which is easy to update and convenient
      ** to use.
      **
      ** A "thread" value starts at "1". If we add a child (A) to this
      ** comment, we assign it a "thread" = "1.1". A child of (A) will have
      ** "1.1.1". Next brother of (A) will get "1.2". Next brother of the
      ** parent of (A) will get "2" and so on.
      **
      ** First of all note that the thread field stores the depth of the
      ** comment: depth 0 will be "X", depth 1 "X.X", depth 2 "X.X.X", etc.
      **
      ** Now to get the ordering right, consider this example:
      **
      ** 1
      ** 1.1
      ** 1.1.1
      ** 1.2
      ** 2
      **
      ** If we "ORDER BY thread ASC" we get the above result, and this is
      ** the natural order sorted by time.  However, if we "ORDER BY thread
      ** DESC" we get:
      **
      ** 2
      ** 1.2
      ** 1.1.1
      ** 1.1
      ** 1
      **
      ** Clearly, this is not a natural way to see a thread, and users
      ** will get confused. The natural order to show a thread by time
      ** desc would be:
      **
      ** 2
      ** 1
      ** 1.2
      ** 1.1
      ** 1.1.1
      **
      ** which is what we already did before the standard pager patch. To
      ** achieve this we simply add a "/" at the end of each "thread" value.
      ** This way out thread fields will look like depicted below:
      **
      ** 1/
      ** 1.1/
      ** 1.1.1/
      ** 1.2/
      ** 2/
      **
      ** we add "/" since this char is, in ASCII, higher than every number,
      ** so if now we "ORDER BY thread DESC" we get the correct order.  Try
      ** it, it works ;).  However this would spoil the "ORDER BY thread ASC"
      ** Here, we do not need to consider the trailing "/" so we use a
      ** substring only.
      */

      if ($order == 1) {
        if ($mode == 1 || $mode == 2) {
          $query .= ' ORDER BY c.timestamp DESC';
        }
        else {
          $query .= ' ORDER BY c.thread DESC';
        }
      }
      else if ($order == 2) {
        if ($mode == 1 || $mode == 2) {
          $query .= ' ORDER BY c.timestamp';
        }
        else {

          /*
          ** See comment above.  Analysis learns that this doesn't cost
          ** too much.  It scales much much better than having the whole
          ** comment structure.
          */

          $query .= ' ORDER BY SUBSTRING(c.thread, 1, (LENGTH(c.thread) - 1))';
        }
      }

      // Start a form, for use with comment control and moderation.
      $result = pager_query($query, $comments_per_page, 0, "SELECT COUNT(*) FROM {comments} WHERE nid = '". db_escape_string($nid) ."'");
      if (db_num_rows($result) && (variable_get('comment_controls', 0) == 0 || variable_get('comment_controls', 0) == 2)) {
        $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
        $output .= theme('comment_controls', $threshold, $mode, $order, $comments_per_page);
        $output .= form_hidden('nid', $nid);
        $output .= '</div></form>';
      }

      $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
      $output .= form_hidden('nid', $nid);

      while ($comment = db_fetch_object($result)) {
        $comment = drupal_unpack($comment);
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $comment->depth = count(explode('.', $comment->thread)) - 1;

        if ($mode == 1) {
          $output .= theme('comment_flat_collapsed', $comment, $threshold_min);
        }
        else if ($mode == 2) {
          $output .= theme('comment_flat_expanded', $comment, $threshold_min);
        }
        else if ($mode == 3) {
          $output .= theme('comment_thread_min', $comment, $threshold_min);
        }
        else if ($mode == 4) {
          $output .= theme('comment_thread_max', $comment, $threshold_min);
        }
      }

      /*
      ** Use the standard pager; $pager_total is the number of returned rows,
      ** is global and defined in pager.inc.
      */
      if ($pager = theme('pager', NULL, $comments_per_page, 0, array('comments_per_page' => $comments_per_page))) {
        $output .= $pager;
      }

      if (db_num_rows($result) && comment_user_can_moderate($node)) {
        $output .= '<div align="center">'. form_submit(t('Moderate comments')) .'</div><br />';
      }

      $output .= '</div></form>';

      if (db_num_rows($result) && (variable_get('comment_controls', 0) == 1 || variable_get('comment_controls', 0) == 2)) {
        $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
        $output .= theme('comment_controls', $threshold, $mode, $order, $comments_per_page);
        $output .= form_hidden('nid', $nid);
        $output .= '</div></form>';
      }
    }

    // If enabled, show new comment form.
    if (user_access('post comments') && node_comment_mode($nid) == 2 && variable_get('comment_form_location', 0)) {
      $output .= theme('comment_form', array('nid' => $nid), t('Post new comment'));
    }
  }
  return $output;
}

/**
 * Menu callback; edit a comment from the administrative interface.
 */
function comment_admin_edit($cid) {

  // Comment edits need to be saved.
  if ($_POST['op'] == t('Submit')) {
    $edit = $_POST['edit'];
    comment_save($edit['cid'], $edit);
    drupal_goto('admin/comment');
  }

  // If we're not saving our changes above, we're editing it.
  $result = db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d', $cid);
  $comment = db_fetch_object($result);
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
  $comment = drupal_unpack($comment);

  if ($comment) {
    if (!$comment->uid) {
      // If comment from non-registered user, allow admin to modify anonymous fields.
      $form .= form_textfield(t('Name'), 'name', $comment->name ? $comment->name : variable_get('anonymous', 'Anonymous') , 20, 40);
      $form .= form_textfield(t('E-mail'), 'mail', $comment->mail, 20, 40);
      $form .= form_textfield(t('Homepage'), 'homepage', $comment->homepage, 20, 40);
    }
    else {
      // Otherwise, just display the author's name.
      $form .= form_item(t('Author'), format_name($comment));
    }
    $form .= form_textfield(t('Subject'), 'subject', $comment->subject, 70, 128);
    $form .= form_textarea(t('Comment'), 'comment', $comment->comment, 70, 15, '');
    $form .= filter_form('format', $comment->format);
    $form .= form_radios(t('Status'), 'status', $comment->status, array(t('Published'), t('Not published')));
    $form .= form_hidden('cid', $cid);
    $form .= form_submit(t('Submit'));
    print theme('page', form($form));
  }
}

/**
 * Menu callback; delete a comment.
 */
function comment_delete($cid) {
  $comment = db_fetch_object(db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.cid = %d', $cid));
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;

  $output = '';

  // We'll only delete if the user has confirmed the
  // deletion using the form in our else clause below.
  if ($comment->cid && $_POST['op'] == t('Delete')) {
    drupal_set_message(t('The comment and all its replies have been deleted.'));

    // Delete comment and its replies.
    _comment_delete_thread($comment);

    _comment_update_node_statistics($comment->nid);

    // Clear the cache so an anonymous user
    // can see his comment being added.
    cache_clear_all();

  }

  // Print a confirmation.
  else if ($comment->cid) {
    drupal_set_message(t('Do you want to delete this comment and all its replies?'));
    $comment->comment = check_output($comment->comment, $comment->format);
    $output  = theme('comment', $comment);
    $output .= form_submit(t('Delete'));
  }
  else {
    drupal_set_message(t('The comment no longer exists.'));
  }

  print theme('page', form($output));
}

function comment_save($id, $edit) {
  db_query("UPDATE {comments} SET subject = '%s', comment = '%s', status = %d, format = '%s', name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['subject'], $edit['comment'], $edit['status'], $edit['format'], $edit['name'], $edit['mail'], $edit['homepage'], $id);
  watchdog('special', t('Comment: modified %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')));
  drupal_set_message(t('The comment has been saved.'));
}

/**
 * Menu callback; present an administrative comment listing.
 */
function comment_admin_overview($type = 'new') {

  $header = array(
    array('data' => t('Subject'), 'field' => 'subject'),
    array('data' => t('Author'), 'field' => 'u.name'),
    array('data' => t('Status'), 'field' => 'status'),
    array('data' => t('Time'), 'field' => 'c.timestamp', 'sort' => 'desc'),
    array('data' => t('Operations'), 'colspan' => '2')
  );

  $status = ($type == 'approval') ? 1 : 0;
  $sql = 'SELECT c.subject, c.nid, c.cid, c.comment, c.timestamp, c.status, c.name, c.homepage, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.status = '. db_escape_string($status);
  $sql .= tablesort_sql($header);
  $result = pager_query($sql,  50);

  while ($comment = db_fetch_object($result)) {
    $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
    $rows[] = array(
        l($comment->subject, "node/$comment->nid", array('title' => htmlspecialchars(truncate_utf8($comment->comment, 128))), NULL, "comment-$comment->cid") ." ". (node_is_new($comment->nid, $comment->timestamp) ? theme('mark') : ''),
        format_name($comment),
        ($comment->status == 0 ? t('Published') : t('Not published')),
        format_date($comment->timestamp, 'small'),
        l(t('edit'), "admin/comment/edit/$comment->cid"),
        l(t('delete'), "admin/comment/delete/$comment->cid")
      );
  }

  if ($pager = theme('pager', NULL, 50, 0, tablesort_pager())) {
    $rows[] = array(array('data' => $pager, 'colspan' => '6'));
  }

  if (!$rows) {
    $rows[] = array(array('data' => t('No comments available.'), 'colspan' => '6'));
  }

  print theme('page', theme('table', $header, $rows));
}

/**
 * Menu callback; presents the moderation vote matrix.
 */
function comment_matrix_settings() {

  if ($edit = $_POST['edit']) {
    db_query('DELETE FROM {moderation_roles} ');
    foreach ($edit as $role_id => $votes) {
      foreach ($votes as $mid => $value) {
        $sql = "('$mid', '$role_id', '". ($value ? $value : 0) ."')";
        db_query('INSERT INTO {moderation_roles} (mid, rid, value) VALUES '. $sql);
      }
    }
    drupal_set_message(t('The vote values have been saved.'));
  }

  $output .= '<h3>'. t('Moderation vote/value matrix') .'</h3>';

  $result = db_query("SELECT r.rid, r.name FROM {role} r, {permission} p WHERE r.rid = p.rid AND p.perm LIKE '%moderate comments%'");
  $role_names = array();
  while ($role = db_fetch_object($result)) {
    $role_names[$role->rid] = $role->name;
  }

  $result = db_query('SELECT rid, mid, value FROM {moderation_roles} ');
  while ($role = db_fetch_object($result)) {
    $mod_roles[$role->rid][$role->mid] = $role->value;
  }

  $header = array_merge(array(t('Votes')), array_values($role_names));

  $result = db_query('SELECT mid, vote FROM {moderation_votes} ORDER BY weight');
  while ($vote = db_fetch_object($result)) {
    $row = array($vote->vote);
    foreach (array_keys($role_names) as $rid) {
      $row[] = array('data' => form_textfield(NULL, "$rid][$vote->mid", $mod_roles[$rid][$vote->mid], 4, 3));
    }
    $rows[] = $row;
  }
  if (!$rows) {
    $rows[] = array(array('data' => t('No votes have been defined.'), 'colspan' => '5'));
  }

  $output .= theme('table', $header, $rows);
  if ($rows) { $output .= '<br />'. form_submit(t('Submit votes')); }

  print theme('page', form($output));
}

/**
 * Menu callback; allows admin to set default scores for different roles.
 */
function comment_role_settings() {

  $edit = $_POST['edit'];

  $output .= '<h3>Initial comment scores</h3>';

  if ($edit) {
    variable_set('comment_roles', $edit);
    drupal_set_message(t('The comment scores have been saved.'));
  }

  $start_values = variable_get('comment_roles', array());

  $result = db_query("SELECT r.rid, r.name FROM {role} r, {permission} p WHERE r.rid = p.rid AND p.perm LIKE '%post comments%'");

  $header = array(t('User role'), t('Initial score'));

  while ($role = db_fetch_object($result)) {
    $rows[] = array($role->name, array('data' => form_textfield(NULL, $role->rid, $start_values[$role->rid], 4, 3), 'align' => 'center'));
  }

  $output .= theme('table', $header, $rows);
  $output .= '<br />'. form_submit(t('Save scores'));

  print theme('page', form($output));
}

/**
 * Menu callback; displays page for assigning names to vote values.
 */
function comment_vote_settings($mid = 0) {
  $op   = $_POST['op'];
  $edit = $_POST['edit'];

  if ($op == t('Save vote')) {
    db_query("UPDATE {moderation_votes} SET vote = '%s', weight = %d WHERE mid = %d", $edit['vote'], $edit['weight'], $mid);
    $mid = 0; // zero it out so we return to the overview.
    drupal_set_message(t('The vote has been saved.'));
  }
  else if ($op == t('Delete vote')) {
    db_query('DELETE FROM {moderation_votes} WHERE mid = %d', $mid);
    db_query('DELETE FROM {moderation_roles} WHERE mid = %d', $mid);
    $mid = 0; // zero it out so we return to the overview.
    drupal_set_message(t('The vote has been deleted.'));
  }
  else if ($op == t('Add new vote')) {
    db_query("INSERT INTO {moderation_votes} (vote, weight) VALUES ('%s', %d)", $edit['vote'], $edit['weight']);
    $mid = 0; // zero it out so we return to the overview.
    drupal_set_message(t('The vote has been added.'));
  }

  $output .= '<h3>'. t('Moderation votes overview') .'</h3>';

  // load up and show any vote types previously defined.
  $header = array(t('Votes'), t('Weight'), t('Operations'));
  $result = db_query('SELECT mid, vote, weight FROM {moderation_votes} ORDER BY weight');
  while ($vote = db_fetch_object($result)) {
    $rows[] = array($vote->vote, array('data' => $vote->weight), array('data' => l(t('edit'), "admin/comment/configure/votes/$vote->mid")));
  }
  if (!$rows) {
    $rows[] = array(array('data' => t('No vote types have been defined.'), 'colspan' => '3'));
  }
  $output .= theme('table', $header, $rows);

  if ($mid) { // if we're not saving, deleting, or adding, we must be editing, so prefill the form fields.
    $vote = db_fetch_object(db_query('SELECT vote, weight FROM {moderation_votes} WHERE mid = %d', $mid));
  }

  $output .= '<br /><h3>'. (isset($mid) ? t('Edit moderation option') : t('Add new moderation option')) .'</h3>';
  $form .= form_textfield(t('Vote'), 'vote', $vote->vote, 32, 64, t('The name of this vote.  Example: "off topic", "excellent", "sucky".'));
  $form .= form_textfield(t('Weight'), 'weight', $vote->weight, 32, 64, t('Used to order votes in the comment control box; heavier sink.'));
  if ($mid) {
    $form .= form_submit(t('Save vote'));
    $form .= form_submit(t('Delete vote'));
  }
  else {
    $form .= form_submit(t('Add new vote'));
  }

  print theme('page', $output . form($form));
}

/**
 * Menu callback; displays settings for thresholds at which comments are displayed.
 */
function comment_threshold_settings($fid = 0) {
  $op   = $_POST['op'];
  $edit = $_POST['edit'];

  if ($op == t('Save threshold')) {
    db_query("UPDATE {moderation_filters} SET filter = '%s', minimum = %d WHERE fid = %d", $edit['filter'], $edit['minimum'], $fid);
    $fid = 0; // zero it out so we return to the overview.
    drupal_set_message(t('The threshold has been saved.'));
  }
  else if ($op == t('Delete threshold')) {
    db_query('DELETE FROM {moderation_filters} WHERE fid = %d', $fid);
    $fid = 0; // zero it out so we return to the overview.
    drupal_set_message(t('The threshold has been deleted.'));
  }
  else if ($op == t('Add new threshold')) {
    db_query("INSERT INTO {moderation_filters} (filter, minimum) VALUES ('%s', %d)", $edit['filter'], $edit['minimum']);
    $fid = 0; // zero it out so we return to the overview.
    drupal_set_message(t('The threshold has been added.'));
  }

  $output .= '<h3>'. t('Comment threshold overview') .'</h3>';

  // load up and show any thresholds previously defined.
  $header = array(t('Name'), t('Minimum score'), t('Operations'));
  $result = db_query('SELECT fid, filter, minimum FROM {moderation_filters} ORDER BY minimum');
  while ($filter = db_fetch_object($result)) {
    $rows[] = array($filter->filter, array('data' => $filter->minimum), array('data' => l(t('edit'), "admin/comment/configure/thresholds/$filter->fid")));
  }
  if (!$rows) {
    $rows[] = array(array('data' => t('No thresholds have been defined.'), 'colspan' => '3'));
  }
  $output .= theme('table', $header, $rows);

  if ($fid) { // if we're not saving, deleting, or adding, we must be editing, so prefill the form fields.
    $filter = db_fetch_object(db_query('SELECT filter, fid, minimum FROM {moderation_filters} WHERE fid = %d', $fid));
  }

  $output .= '<br /><h3>'. (isset($fid) ? t('Edit threshold') : t('Add new threshold')) .'</h3>';
  $form .= form_textfield(t('Threshold name'), 'filter', $filter->filter, 32, 64, t('The name of this threshold. Example: "good comments", "+1 comments", "everything".'));
  $form .= form_textfield(t('Minimum score'), 'minimum', $filter->minimum, 32, 64, t('Show all comments whose score is larger or equal to the provided minimal score. Range: -127 +128'));
  if ($fid) {
    $form .= form_submit(t('Save threshold'));
    $form .= form_submit(t('Delete threshold'));
  }
  else {
    $form .= form_submit(t('Add new threshold'));
  }

  print theme('page', $output . form($form));
}

/**
*** misc functions: helpers, privates, history
**/


function comment_visible($comment, $threshold = 0) {
  if ($comment->score >= $threshold) {
    return 1;
  }
  else {
    return 0;
  }
}

function comment_moderate() {
  global $user;

  $moderation = $_POST['moderation'];

  if ($moderation) {
    $result = db_query('SELECT DISTINCT mid, value, ABS(value) FROM {moderation_roles} WHERE rid IN (%s) ORDER BY mid, ABS(value), value', implode(', ', array_keys($user->roles)));
    while ($mod = db_fetch_object($result)) {
      $votes[$mod->mid] = $mod->value;
    }

    $node = node_load(array('nid' => db_result(db_query('SELECT nid FROM {comments} WHERE cid = %d', key($moderation)))));

    if (user_access('administer comments') || comment_user_can_moderate($node)) {
      foreach ($moderation as $cid => $vote) {
        if ($vote) {
          $comment = db_fetch_object(db_query('SELECT * FROM {comments} WHERE cid = %d', $cid));
          $users = unserialize($comment->users);
          if ($user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
            $users[$user->uid] = $vote;
            $tot_score = 0;
            foreach ($users as $uid => $vote) {
              if ($uid) {
                $tot_score = $tot_score + $votes[$vote];
              }
              else {
                // vote 0 is the start value
                $tot_score = $tot_score + $vote;
              }
            }
            $new_score = round($tot_score / count($users));
            db_query("UPDATE {comments} SET score = '$new_score', users = '%s' WHERE cid = %d", serialize($users), $cid);

            /*
            ** Fire a hook
            */

            module_invoke_all('comment', 'moderate', $cid, $vote);
          }
        }
      }
    }
  }
}

function comment_save_settings() {
  $mode              = db_escape_string($_POST['mode']);
  $order             = db_escape_string($_POST['order']);
  $threshold         = db_escape_string($_POST['threshold']);
  $comments_per_page = db_escape_string($_POST['comments_per_page']);

  global $user;
  $edit = $_POST['edit'];

  // this functions perform doubletime: it either saves the
  // user's comment viewing options, or it handles comment
  // moderation. let's figure out which one we're using, eh?
  if ($_POST['moderation']) {
    comment_moderate($edit); // include code inline?
  }
  else if ($user->uid) {
    $user = user_save($user, array('mode' => $mode, 'sort' => $order, 'threshold' => $threshold, 'comments_per_page' => $comments_per_page));
  }
  else {
    $_SESSION['comment_mode'] = $mode;
    $_SESSION['comment_sort'] = $order;
    $_SESSION['comment_threshold'] = $threshold;
    $_SESSION['comment_comments_per_page'] = $comments_per_page;
  }

  drupal_goto('node/'. $edit['nid'] .'#comment');
}

function comment_num_all($nid) {
  static $cache;

  if (!isset($cache[$nid])) {
    $cache[$nid] = db_result(db_query('SELECT comment_count FROM {node_comment_statistics} WHERE nid = %d', $nid));
  }
  return $cache[$nid];
}

function comment_num_replies($pid) {
  static $cache;

  if (!isset($cache[$pid])) {
    $cache[$pid] = db_result(db_query('SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND status = 0', $pid));
  }

  return $cache[$pid];
}

/**
 * get number of new comments for current user and specified node
 *
 * @param $nid node-id to count comments for
 * @param $timestamp time to count from (defaults to time of last user access
 *   to node)
 */
function comment_num_new($nid, $timestamp = 0) {
  global $user;

  if ($user->uid) {
    // Retrieve the timestamp at which the current user last viewed the
    // specified node.
    if (!$timestamp) {
      $timestamp = node_last_viewed($nid);
    }

    // Use the timestamp to retrieve the number of new comments.
    $result = db_result(db_query('SELECT COUNT(c.cid) FROM {node} n INNER JOIN {comments} c ON n.nid = c.nid WHERE n.nid = %d AND timestamp > %d AND c.status = 0', $nid, $timestamp));

    return $result;
  }
  else {
    return 0;
  }

}

function comment_user_can_moderate($node) {
  global $user;
  return (user_access('moderate comments'));
  // TODO: || (($user->uid == $node->uid) && user_access("moderate comments in owned node")));
}

function comment_already_moderated($uid, $users) {
  $comment_users = unserialize($users);
  if (!$comment_users) {
    $comment_users = array();
  }
  return in_array($uid, array_keys($comment_users));
}

/*
** Renderer or visualization functions this can be optionally
** overridden by themes.
*/

function theme_comment_form($edit, $title) {
  global $user;

  $form .= "<a id=\"comment-form\"></a>\n";

  // contact information:
  if ($user->uid) {
    $form .= form_item(t('Your name'), format_name($user));
  }
  else if (variable_get('comment_anonymous', 0) == 1) {
    $form .= form_textfield(t('Your name'), 'name', $edit['name'] ? $edit['name'] : variable_get('anonymous', 'Anonymous') , 20, 40);
    $form .= form_textfield(t('E-mail'), 'mail', $edit['mail'], 20, 40);
    $form .= form_textfield(t('Homepage'), 'homepage', $edit['homepage'], 20, 40);
  }
  else if (variable_get('comment_anonymous', 0) == 2) {
    $form .= form_textfield(t('Your name'), 'name', $edit['name'] ? $edit['name'] : variable_get('anonymous', 'Anonymous') , 20, 40, NULL, NULL, TRUE);
    $form .= form_textfield(t('E-mail'), 'mail', $edit['mail'], 20, 40, NULL, NULL, TRUE);
    $form .= form_textfield(t('Homepage'), 'homepage', $edit['homepage'], 20, 40);
  }

  // subject field:
  if (variable_get('comment_subject_field', 1)) {
    $form .= form_textfield(t('Subject'), 'subject', $edit['subject'], 50, 64);
  }

  // comment field:
  $form .= form_textarea(t('Comment'), 'comment', $edit['comment'] ? $edit['comment'] : $user->signature, 70, 10, '', NULL, TRUE);

  // format selector
  $form .= filter_form('format', $edit['format']);

  // preview button:
  $form .= form_hidden('cid', $edit['cid']);
  $form .= form_hidden('pid', $edit['pid']);
  $form .= form_hidden('nid', $edit['nid']);

  $form .= form_submit(t('Preview comment'));

  // Only show post button if preview is optional or if we are in preview mode.
  // We show the post button in preview mode even if there are form errors so that
  // optional form elements (e.g., captcha) can be updated in preview mode.
  if (!variable_get('comment_preview', 1) || ($_POST['op'] == t('Preview comment')) || ($_POST['op'] == t('Post comment'))) {
    $form .= form_submit(t('Post comment'));
  }

  return theme('box', $title, form($form, 'post', url('comment/reply/'. $edit['nid'])));
}

function theme_comment_view($comment, $links = '', $visible = 1) {

  // Emit selectors:
  $output = '';
  if (node_is_new($comment->nid, $comment->timestamp)) {
    $comment->new = 1;
    $output .= "<a id=\"new\"></a>\n";
  }

  $output .= "<a id=\"comment-$comment->cid\"></a>\n";

  // Switch to folded/unfolded view of the comment
  if ($visible) {
    $comment->comment = check_output($comment->comment, $comment->format);
    $output .= theme('comment', $comment, $links);
  }
  else {
    $output .= theme('comment_folded', $comment);
  }

  return $output;
}

function theme_comment_mode_form($mode) {

  $modes = _comment_get_modes();
  foreach ($modes as $key => $value) {
    $options .= " <option value=\"$key\"". ($mode == $key ? ' selected="selected"' : '') .">$value</option>\n";
  }

  return "<select name=\"mode\">$options</select>\n";
}

function theme_comment_order_form($order) {

  $orders = _comment_get_orders();
  foreach ($orders as $key=>$value) {
    $options .= " <option value=\"$key\"". ($order == $key ? ' selected="selected"' : '') .">$value</option>\n";
  }

  return "<select name=\"order\">$options</select>\n";
}

function theme_comment_per_page_form($comments_per_page) {
  foreach (_comment_per_page() as $i) {
    $options .= " <option value=\"$i\"". ($comments_per_page == $i ? ' selected="selected"' : '') .'>'. t('%a comments per page', array('%a' => $i)) .'</option>';
  }
  return "<select name=\"comments_per_page\">$options</select>\n";
}

function theme_comment_threshold($threshold) {
  $result = db_query('SELECT fid, filter FROM {moderation_filters} ');
  $options .= ' <option value="0">'. t('-- threshold --') .'</option>';
  while ($filter = db_fetch_object($result)) {
    $filters .= " <option value=\"$filter->fid\"". ($threshold == $filter->fid ? ' selected="selected"' : '') .'>'. $filter->filter .'</option>';
  }

  if ($filters) {
    return "<select name=\"threshold\">$filters</select>\n";
  }
  else {
    return "<input type=\"hidden\" name=\"threshold\" value=\"$threshold\" />\n";
  }
}

function theme_comment_controls($threshold = 1, $mode = 3, $order = 1, $comments_per_page = 50) {
  static $output;

  if (!$output) {
    $output .= theme('comment_mode_form', $mode);
    $output .= theme('comment_order_form', $order);
    $output .= theme('comment_per_page_form', $comments_per_page);
    $output .= theme('comment_threshold', $threshold);

    $output .= ' '. form_submit(t('Save settings'));

    $output = form_item(NULL, $output, t('Select your preferred way to display the comments and click "Save settings" to activate your changes.'));
  }

  return theme('box', t('Comment viewing options'), $output);
}

function theme_comment_moderation_form($comment) {
  global $comment_votes, $user, $node;
  static $votes;

  $op = $_POST['op'];

  if ($op == 'reply') {
    // preview comment:
    $output .= '&nbsp;';
  }
  else if ((comment_user_can_moderate($node)) && $user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
    // comment hasn't been moderated yet:

    if (!isset($votes) && $user->roles) {
      $result = db_query('SELECT v.mid, v.vote, MAX(v.weight) AS weight, MAX(r.value) AS value FROM {moderation_votes} v INNER JOIN {moderation_roles} r ON r.mid = v.mid WHERE r.rid IN (%s) GROUP BY v.mid, v.vote ORDER BY weight', implode(', ', array_keys($user->roles)));
      $votes = array();
      while ($vote = db_fetch_object($result)) {
        if ($vote->value != 0) {
          $votes[] = $vote;
        }
      }
    }

    $options .= ' <option value="">'. t('moderate comments') ."</option>\n";
    if ($votes) {
      foreach ($votes as $vote) {
        $options .= " <option value=\"$vote->mid\">$vote->vote</option>\n";
      }
    }

    if (user_access('administer comments')) {
      $options .= ' <option value="">'. t('---') ."</option>\n";
      $options .= ' <option value="offline">'. t('unpublish') ."</option>\n";
    }

    $output .= "<select name=\"moderation[$comment->cid]\">$options</select>\n";
  }

  return $output;
}

function theme_comment($comment, $links = 0) {
  $output  = "<div class=\"comment\">\n";
  $output .= '<div class="subject">'. l($comment->subject, $_GET['q'], NULL, NULL, "comment-$comment->cid") . ($comment->new ? ' '. theme('mark') : '') ."</div>\n";
  $output .= '<div class="moderation">'. $comment->moderation ."</div>\n";
  $output .= '<div class="credit">'. t('by %a on %b', array('%a' => format_name($comment), '%b' => format_date($comment->timestamp))) ."</div>\n";
  $output .= "<div class=\"body\">$comment->comment</div>\n";
  $output .= "<div class=\"links\">$links</div>\n";
  $output .= "</div>\n";
  return $output;
}

function theme_comment_folded($comment) {
  $output  = "<div class=\"comment-folded\">\n";
  $output .= ' <span class="subject">'. l($comment->subject, comment_node_url() .'/'. $comment->cid, NULL, NULL, "comment-$comment->cid") . ($comment->new ? ' '. theme('mark') : '') .'</span> ';
  $output .= '<span class="credit">'. t('by') .' '. format_name($comment) ."</span>\n";
  $output .= "</div>\n";
  return $output;
}

function theme_comment_flat_collapsed($comment, $threshold) {
  if (comment_visible($comment, $threshold)) {
    return theme('comment_view', $comment, '', 0);
  }
  return '';
}

function theme_comment_flat_expanded($comment, $threshold) {
  return theme('comment_view', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 0)), comment_visible($comment, $threshold));
}

function theme_comment_thread_min($comment, $threshold, $pid = 0) {
  if (comment_visible($comment, $threshold)) {
    $output  = '<div style="margin-left:'. ($comment->depth * 25) ."px;\">\n";
    $output .= theme('comment_view', $comment, '', 0);
    $output .= "</div>\n";
  }
  return $output;
}

function theme_comment_thread_max($comment, $threshold, $level = 0) {
  $output = '';
  if ($comment->depth) {
    $output .= '<div style="margin-left:'. ($comment->depth * 25) ."px;\">\n";
  }

  $output .= theme('comment_view', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 0)), comment_visible($comment, $threshold));

  if ($comment->depth) {
    $output .= "</div>\n";
  }
  return $output;
}

function theme_comment_post_forbidden() {
  global $user;
  if ($user->uid) {
    return t("you can't post comments");
  }
  else {
    if (variable_get('user_register', 1)) {
      return t('<a href="%login">login</a> or <a href="%register">register</a> to post comments', array('%login' => url('user/login'), '%register' => url('user/register')));
    }
    else {
      return t('<a href="%login">login</a> to post comments', array('%login' => url('user/login')));
    }
  }
}

function _comment_delete_thread($comment) {
  // Delete the comment:
  db_query('DELETE FROM {comments} WHERE cid = %d', $comment->cid);
  watchdog('special', t('Comment: deleted %subject.', array('%subject' => "<em>$comment->subject</em>")));

  module_invoke_all('comment', 'delete', $comment);

  // Delete the comment's replies:
  $result = db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE pid = %d', $comment->cid);
  while ($comment = db_fetch_object($result)) {
    $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
    _comment_delete_thread($comment);
  }
}

/**
 * Return an array of viewing modes for comment listings.
 *
 * We can't use a global variable array because the locale system
 * is not initialized yet when the comment module is loaded.
 */
function _comment_get_modes() {
  return array(1 => t('Flat list - collapsed'), 2 => t('Flat list - expanded'), 3 => t('Threaded list - collapsed'), 4 => t('Threaded list - expanded'));
}

/**
 * Return an array of viewing orders for comment listings.
 *
 * We can't use a global variable array because the locale system
 * is not initialized yet when the comment module is loaded.
 */
function _comment_get_orders() {
  return array(1 => t('Date - newest first'), 2 => t('Date - oldest first'));
}

/**
 * Return an array of "comments per page" settings from which the user
 * can choose.
 */
function _comment_per_page() {
  return drupal_map_assoc(array(10, 30, 50, 70, 90));
}

/**
 * Updates the comment statistics for a given node.  This should be called any
 * time a comment is added, deleted, or updated.
 *
 * The following fields are contained in the node_comment_statistics table.
 * - cid: cid of the last comment to be created for the node.
 * - last_comment_timestamp: the timestamp of the last comment for this node or the node create stamp if no comments exist for the node.
 * - last_comment_name: the name of the anonymous poster for the last comment
 * - last_comment_uid: the uid of the poster for the last comment for this node or the node authors uid if no comments exists for the node.
 * - comment_count: the total number of approved/published comments on this node.
 */
function _comment_update_node_statistics($nid) {
  $count = db_result(db_query('SELECT COUNT(cid) FROM {comments} WHERE nid = %d AND status = 0', $nid));
  $node = node_load(array('nid' => $nid));
  $last_reply = db_fetch_object(db_query_range('SELECT cid, name, timestamp, uid FROM {comments} WHERE nid = %d AND status = 0 ORDER BY cid DESC', $nid, 0, 1));
  db_query("UPDATE {node_comment_statistics} SET comment_count = %d, last_comment_timestamp = '%s', last_comment_name = '%s', last_comment_uid = %d WHERE nid = %d", $count, $last_reply ? $last_reply->timestamp : $node->created, $last_reply->name, $last_reply ? $last_reply->uid : $node->uid, $nid);
}

?>