188 lines
4.6 KiB
PHP
Executable File
188 lines
4.6 KiB
PHP
Executable File
<?php
|
|
|
|
class comments {
|
|
|
|
var $host;
|
|
var $username;
|
|
var $password;
|
|
var $db;
|
|
var $table;
|
|
|
|
/**
|
|
* Contructor
|
|
* @param String $host
|
|
* @param String $username
|
|
* @param String $password
|
|
* @param String $db
|
|
*/
|
|
public function comments($table, $host, $username, $password, $db){
|
|
$this->host = $host;
|
|
$this->username = $username;
|
|
$this->password = $password;
|
|
$this->db = $db;
|
|
$this->table = $table;
|
|
$this->connect();
|
|
}
|
|
|
|
/**
|
|
deletes all the comments in the database for the suppled report
|
|
*/
|
|
public function delete_comment($id, $thread){
|
|
$table = $this->table;
|
|
$q = "DELETE FROM $table WHERE report = '$thread' and id = '$id'";
|
|
mysql_query($q);
|
|
return"Deleted Post";
|
|
}
|
|
|
|
/**
|
|
Display all comment entrys for the specified report
|
|
*/
|
|
public function get_comments($report) {
|
|
|
|
$page = $_SERVER['PHP_SELF'];
|
|
|
|
$table = $this->table;
|
|
|
|
$entry_display .= <<<ENTRY_DISPLAY
|
|
<h2>
|
|
Comments
|
|
</h2>
|
|
|
|
ENTRY_DISPLAY;
|
|
|
|
$q = "SELECT * FROM $table WHERE report=".$report." ORDER BY id";
|
|
$r = mysql_query($q);
|
|
|
|
if ( $r !== false && mysql_num_rows($r) > 0 ) {
|
|
while ( $a = mysql_fetch_assoc($r) ) {
|
|
$title = stripslashes($a['title']);
|
|
$bodytext = stripslashes($a['bodytext']);
|
|
$username = $a['name'];
|
|
$gravatar = 'http://www.gravatar.com/avatar/' . $a['email'] . '?s=48';
|
|
$date = $a['created'];
|
|
$id = $a['id'];
|
|
|
|
$entry_display .= <<<ENTRY_DISPLAY
|
|
<div class="post"><img src="$gravatar" /> <b>$username : $title</b>
|
|
ENTRY_DISPLAY;
|
|
|
|
if($_SESSION['access'] == "admin" || $_SESSION['username'] == $username)
|
|
$entry_display .= <<<ENTRY_DISPLAY
|
|
<a align="right" href="$page?deletepost=$id&thread=$report" onclick="return confirm('Are you sure You want to delete this post forever?');">Delete Post</a>
|
|
ENTRY_DISPLAY;
|
|
|
|
|
|
$entry_display .= <<<ENTRY_DISPLAY
|
|
<hr/>
|
|
<p> $bodytext
|
|
<hr class="commentfooter" /> Posted: $date</p>
|
|
</div>
|
|
<br/>
|
|
ENTRY_DISPLAY;
|
|
}
|
|
}
|
|
else {
|
|
$entry_display .= <<<ENTRY_DISPLAY
|
|
<p>
|
|
No entries have been made on this page.
|
|
</p>
|
|
|
|
ENTRY_DISPLAY;
|
|
}
|
|
|
|
/*
|
|
$entry_display .= <<<ADMIN_OPTION
|
|
|
|
<p class="admin_link">
|
|
<a href="{$_SERVER['PHP_SELF']}?new_comment=1">Add a New Entry</a>
|
|
</p>
|
|
|
|
ADMIN_OPTION;
|
|
*/
|
|
return $entry_display;
|
|
}
|
|
|
|
/*
|
|
This function will be used to display the new comment entry form
|
|
*/
|
|
public function display_post($report) {
|
|
|
|
return <<<ADMIN_FORM
|
|
|
|
<h2>
|
|
New Comment
|
|
</h2>
|
|
<form action="{$_SERVER['PHP_SELF']}" method="post">
|
|
|
|
<input type="hidden" name="comment" value="$report" />
|
|
|
|
<div class="clearfix">
|
|
<label for="title">Title</label><br />
|
|
<div class="input">
|
|
<input name="title" id="title" type="text" maxlength="55" class="xlarge" required/>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="clearfix">
|
|
<label for="bodytext">Body Text</label><br />
|
|
<div class="input">
|
|
<textarea name="bodytext" id="bodytext" rows=10 cols=56 class="xxlarge"required></textarea>
|
|
</div>
|
|
</div>
|
|
|
|
<div class="actions">
|
|
<button type="submit" class="btn primary" onclick="checkRequired(this.forum)" >Create This Entry</button>
|
|
<button type="reset" class="btn">Cancel</button>
|
|
</div>
|
|
</form>
|
|
|
|
ADMIN_FORM;
|
|
}
|
|
|
|
public function write($thread, $title, $body) {
|
|
$table = $this->table;
|
|
$title = mysql_real_escape_string(strip_tags($title));
|
|
$bodytext = mysql_real_escape_string(strip_tags($body));
|
|
$name = $_SESSION['username'];
|
|
$email = $_SESSION['email'];
|
|
|
|
if ( $title && $bodytext ) {
|
|
$created = date("g:iA M d, Y");
|
|
$sql = "INSERT INTO $table (title, bodytext, created, report, name, email) VALUES ('$title','$bodytext','$created','$thread', '$name', '$email' )";
|
|
return mysql_query($sql) or die("Could not instert." . mysql_error());
|
|
} else {
|
|
return false;
|
|
}
|
|
}
|
|
|
|
/**
|
|
This function connects to the database
|
|
*/
|
|
public function connect() {
|
|
mysql_connect($this->host,$this->username,$this->password) or die("Could not connect. " . mysql_error());
|
|
mysql_select_db($this->db) or die("Could not select database. " . mysql_error());
|
|
|
|
return $this->buildDB();
|
|
}
|
|
|
|
private function buildDB() {
|
|
$table = $this->table;
|
|
$sql = <<<MySQL_QUERY
|
|
CREATE TABLE IF NOT EXISTS $table (
|
|
id INTEGER NOT NULL PRIMARY KEY AUTO_INCREMENT,
|
|
title VARCHAR(150),
|
|
bodytext TEXT,
|
|
created VARCHAR(100),
|
|
report INTEGER,
|
|
name VARCHAR(20),
|
|
email VARCHAR(100)
|
|
)
|
|
MySQL_QUERY;
|
|
|
|
return mysql_query($sql);
|
|
}
|
|
|
|
}
|
|
|
|
?>
|