lafouine022 |
15th May 2010 06:10 |
Comments in request
my new page reqcomment.php
PHP Code:
<?php require_once("global.php"); $action = $_GET["action"]; dbconn(false); loggedinorreturn(); parked(); //=== uncomment if you use the parked mod if ($action == "add") { if ($_SERVER["REQUEST_METHOD"] == "POST") { $reqid = 0 + $_POST["tid"]; if (!is_valid_id($reqid)) stderr("Error", "Wrong ID."); $res = mysql_query("SELECT request FROM requests WHERE id = $reqid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_array($res); if (!$arr) stderr("Error", "No request with that ID."); $text = ($_POST["message"]); $text = trim($_POST["message"]); if (!$text) stderr("Error", "Don't leave any fields blank!"); mysql_query("INSERT INTO comments (user, request, added, text, ori_text) VALUES (" . $CURUSER["id"] . "', ". $reqid .", '" . get_date_time() . "', " . sqlesc($text) . "," . sqlesc($text) . ")"); $newid = mysql_insert_id(); mysql_query("UPDATE requests SET comments = comments + 1 WHERE id = $reqid"); header("Refresh: 0; url=viewrequests.php?do=view_request&rid=$reqid&req_details=1&$newid#comm$newid"); die; } $reqid = 0 + $_GET["tid"]; if (!is_valid_id($reqid)) stderr("Error", "Wrong ID."); $res = mysql_query("SELECT request FROM requests WHERE id = $reqid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_array($res); if (!$arr) stderr("Error", "Wrong ID."); stdhead("Add comment to \"" . $arr["request"] . "\""); include_once INC_PATH . '/editor.php'; print("<p><form method=post name=compose action=reqcomment.php?action=add><input type=hidden name=tid value=$reqid/>". "<table border=1 cellspacing=0 cellpadding=10><tr><td class=colhead align=center colspan=2><b>". "Comment on Request: " . htmlspecialchars($arr["request"]) . "</b></td><tr><tr><td align=right class=clearalt6><b>comment:</b>". "</td><td align=left class=clearalt6>\n"); $str .= insert_editor (false, NULL, (!empty ($_POST['message']) ? $_POST['message'] : ''), $lang->requests['addtitle1'], sprintf ($lang->requests['addtitle'], htmlspecialchars_uni ($arr['name']))); $str .= '</form>'; echo $str; $res = mysql_query("SELECT comments.id, text, UNIX_TIMESTAMP(comments.added) as utadded, UNIX_TIMESTAMP(editedat) as uteditedat, comments.added, username, users.id as user, users.class, users.avatar FROM comments LEFT JOIN users ON comments.user = users.id WHERE request = $reqid ORDER BY comments.id DESC LIMIT 5"); $allrows = array(); while ($row = mysql_fetch_array($res)) $allrows[] = $row; if (count($allrows)) { commenttable($allrows); } echo '</table>'; stdfoot(); die; } ?>
and add in my viewrequest.php
PHP Code:
if (($do == 'view_request' AND is_valid_id ($rid))) { check_rid (); ($query = sql_query ('SELECT r.id, r.userid, r.filledby, r.filledurl, r.request, r.descr, r.added, r.hits, r.cat, r.filled, c.image as category_image, c.name as category_name, u.username, g.namestyle FROM requests r LEFT JOIN categories c ON (r.cat=c.id) LEFT JOIN users u ON (r.userid=u.id) LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE r.id = ' . sqlesc ($rid)) OR sqlerr (__FILE__, 401)); $request = mysql_fetch_assoc ($query); stdhead ($lang->requests['rhead'] . ' - ' . $lang->requests['viewreq'] . ' : ' . htmlspecialchars_uni ($request['request'])); $delete_image = (($is_mod OR $request['userid'] == $CURUSER['id']) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=delete_request&rid=' . $request['id'] . '" onclick="return confirm_delete_request()">' . $lang->requests['field12'] . '</a></h2> ' : ''); $edit_image = (($is_mod OR $request['userid'] == $CURUSER['id']) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=edit_request&rid=' . $request['id'] . '">' . $lang->requests['field11'] . '</a></h2> ' : ''); $fillrequest = (($request['filled'] == 'no' AND ($is_mod OR $usergroups['canrequest'] == 'yes')) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=fill_request&rid=' . $request['id'] . '">' . $lang->requests['field18'] . '</a></h2> ' : ''); $reset_request = (($request['filled'] == 'yes' AND ($is_mod OR $CURUSER['id'] == $request['userid'])) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=reset_request&rid=' . $request['id'] . '">' . $lang->requests['field13'] . '</a></h2> ' : ''); $back = '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '">' . $lang->requests['return'] . '</a></h2> '; $commentbar = '' . '<div align=left><h2><a class=hoptobutton size=4 href=reqcomment.php?action=add&tid=' . $request['id'] . '>' . $lang->requests['addcomment'] . '</a></h2></div>'; echo ' <script type="text/javascript"> function confirm_delete_request() { var confirm_delete = confirm("' . $lang->requests['are_you_sure'] . '"); if (confirm_delete) { return true; } else { return false; } } </script> <table width="100%" border="0" cellpadding="5" cellspacing="0"> <tr> <td class="thead" colspan="2" align="center">' . $lang->requests['viewreq'] . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['rtitle'] . '</td> <td align="left" width="80%">' . htmlspecialchars_uni ($request['request']) . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field9'] . '</td> <td align="left" width="80%"><a href="' . $BASEURL . '/userdetails.php?id=' . $request['userid'] . '">' . get_user_color ($request['username'], $request['namestyle']) . '</a></td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field8'] . '</td> <td align="left" width="80%">' . my_datee ($dateformat, $request['added']) . ' ' . my_datee ($timeformat, $request['added']) . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field6'] . '</td> <td align="left" width="80%">' . $request['category_name'] . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['votes'] . '</td> <td align="left" width="80%">' . $request['hits'] . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field5'] . '</td> <td align="left" width="80%">' . format_comment ($request['descr']) . '</td> </tr>'; if ($request['filled'] == 'yes') { ($query = sql_query ('SELECT u.username, g.namestyle FROM users u LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE u.id=' . sqlesc ($request['filledby'])) OR sqlerr (__FILE__, 455)); $fillerdetails = mysql_fetch_assoc ($query); echo ' <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['filledby'] . '</td> <td align="left" width="80%"><a href="' . $BASEURL . '/userdetails.php?id=' . $request['filledby'] . '">' . get_user_color ($fillerdetails['username'], $fillerdetails['namestyle']) . '</a> [<a href="' . $request['filledurl'] . '">' . $lang->requests['view_details'] . '</a>]</td> </tr>'; } echo ' <tr> <td colspan="2" align="center" class="subheader"><p>' . $back . $delete_image . $edit_image . $fillrequest . $reset_request . '</p></td> </tr> </table> '; //--- added comments function reqcommenttable($rows) { global $CURUSER, $HTTP_SERVER_VARS; begin_main_frame(); begin_frame(); $count = 0; foreach ($rows as $row) { //=======change colors if($count2 == 0) { $count2 = $count2+1; $class = "clearalt6"; } else { $count2 = 0; $class = "clearalt7"; } print(""); begin_table(true); print("<tr><td class=colhead colspan=2><p class=sub><a name=comment_" . $row["id"] . ">#" . $row["id"] . "</a> by: "); if (isset($row["username"])) { $username = $row["username"]; $ratres = mysql_query("SELECT uploaded, downloaded from users where username='$username'"); $rat = mysql_fetch_array($ratres); if ($rat["downloaded"] > 0) { $ratio = $rat['uploaded'] / $rat['downloaded']; $ratio = number_format($ratio, 3); $color = get_ratio_color($ratio); if ($color) $ratio = "<font color=$color>$ratio</font>"; } else if ($rat["uploaded"] > 0) $ratio = "Inf."; else $ratio = "---"; $title = $row["title"]; if ($title == "") $title = get_user_class_name($row["class"]); else $title = htmlspecialchars($title); print("<a name=comm". $row["id"] . " href=userdetails.php?id=" . $row["user"] . "><b>" . htmlspecialchars($row["username"]) . "</b></a>" . ($row["donor"] == "yes" ? "<img src=pic/star.gif alt='Donor'>" : "") . ($row["warned"] == "yes" ? "<img src=". "pic/warned.gif alt=\"Warned\">" : "") . "<font size=\"-3\"> ($title) (ratio: $ratio)\n"); } else print("<a name=\"comm" . $row["id"] . "\"><i>(orphaned)</i></a>\n"); //=== if using report mod uncomment the next bit and change to your report system print(" at " . $row["added"] . " GMT</font> " . ($row["user"] == $CURUSER["id"] || get_user_class() >= UC_MODERATOR ? "[ <a href=reqcomment.php?action=edit&cid=$row[id]>Edit</a> ]" : "") . (get_user_class() >= UC_MODERATOR ? " [ <a href=reqcomment.php?action=delete&cid=$row[id]>Delete</a> ] " : "") . ($row["editedby"] && get_user_class() >= UC_MODERATOR ? "" : "") . " [ <a href=userdetails.php?id=" . $row["user"] . ">Profile</a> ] [ <a href=sendmessage.php?receiver=" . $row["user"] . ">PM</a> ] [ <a href=report.php?reqcommentid=$row[id]>Report</a> ]</p>\n"); /* //=== if not using report use this instead print(" at " . $row["added"] . " GMT</font> " . ($row["user"] == $CURUSER["id"] || get_user_class() >= UC_MODERATOR ? "[ <a href=reqcomment.php?action=edit&cid=$row[id]>Edit</a> ]" : "") . (get_user_class() >= UC_MODERATOR ? " [ <a href=reqcomment.php?action=delete&cid=$row[id]>Delete</a> ] " : "") . ($row["editedby"] && get_user_class() >= UC_MODERATOR ? "" : "") . " [ <a href=userdetails.php?id=" . $row["user"] . ">Profile</a> ] [ <a href=sendmessage.php?receiver=" . $row["user"] . ">PM</a> ]</p>\n"); */ $avatar = ($CURUSER["avatars"] == "yes" ? htmlspecialchars($row["avatar"]) : ""); if (!$avatar) $avatar = "pic/default_avatar.gif"; $text = format_comment($row["message"]); if ($row["editedby"]) $text .= "<p><font size=1 class=small>Edited by <a href=userdetails.php?id=$row[editedby]><b>$row[username]</b></a> $row[editedat] GMT</font></p>\n"; print("</td></tr><tr valign=top><td align=center width=150 class=$class><img width=150 src=$avatar></td><td class=$class>$text</td></tr>\n"); end_table(); } end_frame(); end_main_frame(); } //=== end request comment print("<tr><td class=embedded colspan=2><p><a name=startcomments></a></p>\n"); $commentbar = '' . '<div align=left><h2><a class=hoptobutton size=4 href=reqcomment.php?action=add&tid=' . $request['id'] . '>' . $lang->requests['addcomment'] . '</a></h2></div></ br></ br>'; $subres = mysql_query("SELECT COUNT(*) FROM comments WHERE request = $id"); $subrow = mysql_fetch_array($subres); $count = $subrow[0]; print("</td></tr></table>"); if (!$count) print($commentbar); else { list($pagertop, $pagerbottom, $limit) = pager(20, $count, "viewrequests.php?id=$id&req_details=1&", array(lastpagedefault => 1)); $subres = mysql_query("SELECT comments.id, text, user, comments.added, editedby, editedat, avatar, warned, ". "username, title, class, donor FROM comments LEFT JOIN users ON comments.user = users.id WHERE request = " . "$id ORDER BY comments.id $limit") or sqlerr(__FILE__, __LINE__); $allrows = array(); while ($subrow = mysql_fetch_array($subres)) $allrows[] = $subrow; print($commentbar); print($pagertop); reqcommenttable($allrows); print($pagerbottom); print($commentbar); } end_frame(); die; //=== end request details stdfoot (); exit (); }
not inscription in Data base WhY???? :sos:
Oki my new viewrequests.php I'm add fonction offcommenttable
PHP Code:
<? /***********************************************/ /*=========[TS Special Edition v.5.6]==========*/ /*=============[Special Thanks To]=============*/ /* DrNet - wWw.SpecialCoders.CoM */ /* Vinson - wWw.Decode4u.CoM */ /* MrDecoder - wWw.Fearless-Releases.CoM */ /* Fynnon - wWw.BvList.CoM */ /***********************************************/ function offcommenttable ($rows) { global $CURUSER; global $HTTP_SERVER_VARS; global $lang; global $timeformat; global $dateformat; $count = 0; foreach ($rows as $row) { if ($count2 == 0) { $count2 = $count2 + 1; $class = 'clearalt6'; } else { $count2 = 0; $class = 'clearalt7'; } begin_table (true); print '<tr><td class=subheader colspan=2><p class=text><a name=comment_' . $row['id'] . '>#' . $row['id'] . '</a> ' . $lang->requests['by'] . ' '; if (isset ($row['username'])) { $username = $row['username']; $ratres = sql_query ('' . 'SELECT uploaded, downloaded from users where username=\'' . $username . '\''); $rat = mysql_fetch_array ($ratres); if (0 < $rat['downloaded']) { $ratio = $rat['uploaded'] / $rat['downloaded']; $ratio = number_format ($ratio, 3); $color = get_ratio_color ($ratio); if ($color) { $ratio = '' . '<font color=' . $color . '>' . $ratio . '</font>'; } } else { if (0 < $rat['uploaded']) { $ratio = 'Inf.'; } else { $ratio = '---'; } } $title = $row['title']; if ($title == '') { $title = $row['grouptitle']; } else { $title = htmlspecialchars ($title); } print '<a name=comm' . $row['id'] . ' href=userdetails.php?id=' . $row['user'] . '><b>' . htmlspecialchars ($row['username']) . '</b></a>' . ($row['donor'] == 'yes' ? '<img src=' . $pic_base_url . 'star.gif alt=\'' . $lang->global['imgdonated'] . '\'>' : '') . ($row['warned'] == 'yes' ? '<img src=' . $pic_base_url . 'warned.gif alt="' . $lang->global['imgwarned'] . '">' : '') . ('' . ' <i>' . $title . '</i>') . ' '; } else { print '<a name="comm' . $row['id'] . '"><i>' . $lang->requests['orphaned'] . '</i></a> '; } print ' ' . my_datee ($dateformat, $row['added']) . ' ' . $lang->requests['at'] . ' ' . my_datee ($timeformat, $row['added']) . ' ' . (($row['user'] == $CURUSER['id'] OR is_mod ($usergroups)) ? '' . '[ <a href=offcomment.php?action=edit&cid=' . $row['id'] . '>' . $lang->requests['edit'] . '</a> ] ' : '') . (is_mod ($usergroups) ? '' . '[ <a href=offcomment.php?action=delete&cid=' . $row['id'] . '>' . $lang->requests['delete'] . '</a> ]' : '') . (($row['editedby'] AND is_mod ($usergroups)) ? '' : '') . ' [ <a href=userdetails.php?id=' . $row['user'] . '>' . $lang->requests['profile'] . '</a> ] [ <a href=sendmessage.php?receiver=' . $row['user'] . '>' . $lang->requests['pm'] . ('' . '</a> ] [ <a href=report.php?action=reportoffercomment&reportid=' . $row['id'] . '>') . $lang->requests['report'] . '</a> ]</p> '; $text = format_comment ($row['text']); $avatar = get_user_avatar ($row['useravatar']); if ($row['editedby']) { $text .= '<p><font size=1 class=small>' . $lang->requests['editedby'] . ('' . ' <a href=userdetails.php?id=' . $row['editedby'] . '><b>' . $row['username'] . '</b></a> ' . $row['editedat'] . ' ') . $lang->requests['gmt'] . '</font></p> '; } print '' . '</td></tr><td class="comments" width="20%" align="center" valign="middle">' . $avatar . ('' . '</td><td class="comments" width="80%" align="left" valign="top" >' . $text . '</td></tr> '); end_table (); } } function check_r_count () { global $lang; global $CURUSER; global $error; global $usergroups; global $is_mod; $query = sql_query ('SELECT COUNT(id) as total FROM requests WHERE filled=\'no\' AND userid = ' . sqlesc ($CURUSER['id'])); $count = @mysql_result ($query, 0, 'total'); if (((0 < $count AND !$is_mod) AND $usergroups['isvipgroup'] != 'yes')) { $error[] = $lang->requests['can_not_add']; return null; } if ($usergroups['canrequest'] != 'yes') { $error[] = $lang->requests['no_perm']; return null; } return ''; } function check_rid () { global $rid; global $lang; $query = sql_query ('SELECT id FROM requests WHERE id = ' . sqlesc ($rid)); if (mysql_num_rows ($query) == 0) { stderr ($lang->global['error'], $lang->requests['noreqid']); return null; } return ''; } function check_rid_permission () { global $rid; global $is_mod; global $CURUSER; $query = sql_query ('SELECT userid FROM requests WHERE id = ' . sqlesc ($rid)); $userid = mysql_result ($query, 0, 'userid'); if (($CURUSER['id'] != $userid AND !$is_mod)) { print_no_permission (); return null; } return ''; } function check_fill_permission () { global $is_mod; global $usergroups; global $CURUSER; if (($is_mod OR $usergroups['canrequest'] == 'yes')) { return ''; } print_no_permission (); } function show_request_errors () { global $error; global $lang; if (0 < count ($error)) { $errors = implode ('', $error); echo ' <table class="main" border="1" cellspacing="0" cellpadding="5" width="100%"> <tr> <td class="thead"> ' . $lang->global['error'] . ' </td> </tr> <tr> <td> <font color="red"> <strong> ' . $errors . ' </strong> </font> </td> </tr> </table> '; } } function unesc ($x) { if (get_magic_quotes_gpc ()) { return stripslashes ($x); } return $x; } require_once 'global.php'; gzip (); dbconn (); loggedinorreturn (); maxsysop (); parked (); define ('VR_VERSION', '2.2.5 '); define ('NcodeImageResizer', true); $lang->load ('requests'); $is_mod = is_mod ($usergroups); if (($rqs == 'no' AND !$is_mod)) { stderr ($lang->global['error'], $lang->requests['offline']); } $do = (isset ($_GET['do']) ? trim ($_GET['do']) : (isset ($_POST['do']) ? trim ($_POST['do']) : '')); $rid = (isset ($_GET['rid']) ? intval ($_GET['rid']) : (isset ($_POST['rid']) ? intval ($_POST['rid']) : 0)); if (($do == 'delete_request' AND is_valid_id ($rid))) { check_rid (); check_rid_permission (); sql_query ('DELETE FROM requests WHERE id = ' . sqlesc ($rid)); sql_query ('DELETE FROM addedrequests WHERE requestid = ' . sqlesc ($rid)); } if (($do == 'add_vote' AND is_valid_id ($rid))) { check_rid (); $query = sql_query ('SELECT filled FROM requests WHERE id = ' . sqlesc ($rid)); $is_filled = mysql_result ($query, 0, 'filled'); if ($is_filled == 'yes') { $error[] = $lang->requests['not_voted_yet']; } else { $query = sql_query ('SELECT userid FROM addedrequests WHERE userid = ' . sqlesc ($CURUSER['id']) . ' AND requestid = ' . sqlesc ($rid)); if (0 < mysql_num_rows ($query)) { $error[] = $lang->requests['already_voted']; } else { sql_query ('UPDATE requests SET hits = hits + 1 WHERE id = ' . sqlesc ($rid)); sql_query ('INSERT INTO addedrequests (requestid, userid) VALUES (' . sqlesc ($rid) . ', ' . sqlesc ($CURUSER['id']) . ')'); } } } if (($do == 'remove_vote' AND is_valid_id ($rid))) { check_rid (); $query = sql_query ('SELECT filled FROM requests WHERE id = ' . sqlesc ($rid)); $is_filled = mysql_result ($query, 0, 'filled'); if ($is_filled == 'yes') { $error[] = $lang->requests['not_voted_yet']; } else { $query = sql_query ('SELECT userid FROM addedrequests WHERE userid = ' . sqlesc ($CURUSER['id']) . ' AND requestid = ' . sqlesc ($rid)); if (0 < mysql_num_rows ($query)) { sql_query ('UPDATE requests SET hits = hits - 1 WHERE id = ' . sqlesc ($rid)); sql_query ('DELETE FROM addedrequests WHERE userid = ' . sqlesc ($CURUSER['id']) . ' AND requestid = ' . sqlesc ($rid)); } else { $error[] = $lang->requests['not_voted_yet']; } } } if (($do == 'edit_request' AND is_valid_id ($rid))) { check_rid (); check_rid_permission (); if (strtoupper ($_SERVER['REQUEST_METHOD']) == 'POST') { if (($_POST['previewpost'] AND !empty ($_POST['message']))) { $avatar = get_user_avatar ($CURUSER['avatar']); $prvp = ' <table border="0" cellspacing="0" cellpadding="4" class="none" width="100%"> <tr> <td class="thead" colspan="2"><strong><h2>' . $lang->global['buttonpreview'] . '</h2></strong></td> </tr> <tr> <td class="tcat" width="20%" align="center" valign="middle">' . $avatar . '</td><td class="tcat" width="80%" align="left" valign="top">' . format_comment ($_POST['message']) . '</td> </tr> </table> '; } if (isset ($_POST['submit'])) { $title = trim ($_POST['subject']); $descr = trim ($_POST['message']); $cat = intval ($_POST['category']); if ($is_mod) { $filled = ($_POST['filled'] == 'yes' ? 'yes' : 'no'); $filledurl = $_POST['filledurl']; } if ((empty ($title) OR strlen ($title) < 3)) { $error[] = $lang->requests['error1']; } if ((empty ($descr) OR strlen ($descr) < 3)) { $error[] = $lang->requests['error3']; } if (!is_valid_id ($cat)) { $error[] = $lang->requests['error2']; } $query = sql_query ('SELECT id FROM categories WHERE id = ' . sqlesc ($cat)); if (mysql_num_rows ($query) == 0) { $error[] = $lang->requests['error2']; } $set = ''; if (($filled == 'yes' AND $is_mod)) { if (!preg_match ('#^' . preg_quote ('' . $BASEURL . '/details.php?id=') . ('' . '([0-9]{1,6})$#'), $filledurl)) { $error[] = sprintf ($lang->requests['error6'], $BASEURL); } else { $set = ', filled=' . sqlesc ($filled) . ', filledurl = ' . sqlesc ($filledurl); } } else { if ($is_mod) { $set = ', filled=' . sqlesc ($filled) . ', filledurl = \'\''; } } if (count ($error) == 0) { (sql_query ('UPDATE requests SET request = ' . sqlesc ($title) . ', descr = ' . sqlesc ($descr) . ', cat = ' . sqlesc ($cat) . $set . ' WHERE id = ' . sqlesc ($rid)) OR sqlerr (__FILE__, 257)); redirect ('viewrequests.php?do=view_request&rid=' . $rid); exit (); } } } define ('IN_EDITOR', true); include_once INC_PATH . '/editor.php'; stdhead ($lang->requests['rhead'] . ' - ' . $lang->requests['field11']); show_request_errors (); $query = sql_query ('SELECT request, descr, cat, filled, filledurl FROM requests WHERE id = ' . sqlesc ($rid)); $request = mysql_fetch_assoc ($query); $str = '<form method="post" action="' . $_SERVER['SCRIPT_NAME'] . '?do=edit_request&rid=' . $rid . '">'; if (!empty ($prvp)) { $str .= $prvp; } require_once INC_PATH . '/functions_category.php'; $catdropdown = ts_category_list ('category', intval (($_POST['category'] ? $_POST['category'] : $request['cat']))); $postoptionstitle = array ('1' => $lang->global['type'], '2' => ($is_mod ? $lang->requests['filled'] : ''), '3' => ($is_mod ? $lang->requests['filledurl'] : '')); $postoptions = array ('1' => $catdropdown, '2' => ($is_mod ? '<select name="filled"><option values="yes"' . (($request['filled'] == 'yes' OR $_POST['filled'] == 'yes') ? ' selected="selected"' : '') . '>' . $lang->global['yes'] . '</option><option values="no"' . (($request['filled'] == 'no' OR $_POST['filled'] == 'no') ? ' selected="selected"' : '') . '>' . $lang->global['no'] . '</option></select>' : ''), '3' => ($is_mod ? '<input type="text" size="50" name="filledurl" value="' . htmlspecialchars_uni (($_POST['filledurl'] ? $_POST['filledurl'] : $request['filledurl'])) . '">' : '')); $str .= insert_editor (true, (!empty ($_POST['subject']) ? $_POST['subject'] : unesc ($request['request'])), (!empty ($_POST['message']) ? $_POST['message'] : $request['descr']), $lang->requests['rhead3'], $lang->requests['rhead3'] . ': ' . htmlspecialchars_uni ($request['request']), $postoptionstitle, $postoptions); $str .= '</form>'; echo $str; stdfoot (); exit (); } if ($do == 'add_request') { check_r_count (); if (count ($error) == 0) { if (strtoupper ($_SERVER['REQUEST_METHOD']) == 'POST') { if (($_POST['previewpost'] AND !empty ($_POST['message']))) { $avatar = get_user_avatar ($CURUSER['avatar']); $prvp = ' <table border="0" cellspacing="0" cellpadding="4" class="none" width="100%"> <tr> <td class="thead" colspan="2"><strong><h2>' . $lang->global['buttonpreview'] . '</h2></strong></td> </tr> <tr> <td class="tcat" width="20%" align="center" valign="middle">' . $avatar . '</td> <td class="tcat" width="80%" align="left" valign="top">' . format_comment ($_POST['message']) . '</td> </tr> </table> '; } if (isset ($_POST['submit'])) { $title = trim ($_POST['subject']); $descr = trim ($_POST['message']); $cat = intval ($_POST['category']); if ((empty ($title) OR strlen ($title) < 3)) { $error[] = $lang->requests['error1']; } if ((empty ($descr) OR strlen ($descr) < 3)) { $error[] = $lang->requests['error3']; } if (!is_valid_id ($cat)) { $error[] = $lang->requests['error2']; } $query = sql_query ('SELECT id FROM categories WHERE id = ' . sqlesc ($cat)); if (mysql_num_rows ($query) == 0) { $error[] = $lang->requests['error2']; } if (count ($error) == 0) { (sql_query ('INSERT INTO requests (userid,request,descr,added,hits,cat) VALUES (' . sqlesc ($CURUSER['id']) . ',' . sqlesc ($title) . ',' . sqlesc ($descr) . ',' . sqlesc (get_date_time ()) . ',1,' . sqlesc ($cat) . ')') OR sqlerr (__FILE__, 348)); $rid = mysql_insert_id (); (sql_query ('' . 'INSERT INTO addedrequests VALUES(0, ' . $rid . ', ' . sqlesc ($CURUSER['id']) . ')') OR sqlerr (__FILE__, 350)); (sql_query ('UPDATE users SET seedbonus = seedbonus-5.0 WHERE id = ' . sqlesc ($CURUSER['id'])) OR sqlerr (__FILE__, 351)); write_log ('' . 'Request (' . $title . ') was added to the Request section by ' . $CURUSER['username']); if (($tsshoutbot == 'yes' AND preg_match ('#request#', $tsshoutboxoptions))) { $shoutbOT = sprintf ($lang->requests['shoutbOT'], '[URL=' . $BASEURL . '/viewrequests.php?do=view_request&rid=' . $rid . ']' . $title . '[/URL]', '[URL=' . $BASEURL . '/userdetails.php?id=' . $CURUSER['id'] . ']' . $CURUSER['username'] . '[/URL]'); $shout_sql = 'INSERT INTO shoutbox (userid, date, content) VALUES (\'999999999\', \'' . TIMENOW . '\', ' . sqlesc ('{systemnotice}' . $shoutbOT) . ')'; $shout_result = sql_query ($shout_sql); } redirect ('viewrequests.php?do=view_request&rid=' . $rid); exit (); } } } require_once INC_PATH . '/functions_category.php'; define ('IN_EDITOR', true); include_once INC_PATH . '/editor.php'; stdhead ($lang->requests['rhead'] . ' - ' . $lang->requests['makereq']); show_request_errors (); $str = '<form method="post" action="' . $_SERVER['SCRIPT_NAME'] . '?do=add_request">'; if (!empty ($prvp)) { $str .= $prvp; } require_once INC_PATH . '/functions_category.php'; $catdropdown = ts_category_list ('category', intval (($_POST['category'] ? $_POST['category'] : 0))); $postoptionstitle = array ('1' => $lang->global['type']); $postoptions = array ('1' => $catdropdown); $str .= insert_editor (true, (!empty ($_POST['subject']) ? $_POST['subject'] : ''), (!empty ($_POST['message']) ? $_POST['message'] : ''), $lang->requests['makereq'], $lang->requests['makereq'], $postoptionstitle, $postoptions); $str .= '</form>'; echo $str; stdfoot (); exit (); } } if (($do == 'view_request' AND is_valid_id ($rid))) { check_rid (); ($query = sql_query ('SELECT r.id, r.userid, r.filledby, r.filledurl, r.request, r.descr, r.added, r.hits, r.cat, r.filled, c.image as category_image, c.name as category_name, u.username, g.namestyle FROM requests r LEFT JOIN categories c ON (r.cat=c.id) LEFT JOIN users u ON (r.userid=u.id) LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE r.id = ' . sqlesc ($rid)) OR sqlerr (__FILE__, 401)); $request = mysql_fetch_assoc ($query); stdhead ($lang->requests['rhead'] . ' - ' . $lang->requests['viewreq'] . ' : ' . htmlspecialchars_uni ($request['request'])); $delete_image = (($is_mod OR $request['userid'] == $CURUSER['id']) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=delete_request&rid=' . $request['id'] . '" onclick="return confirm_delete_request()">' . $lang->requests['field12'] . '</a></h2> ' : ''); $edit_image = (($is_mod OR $request['userid'] == $CURUSER['id']) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=edit_request&rid=' . $request['id'] . '">' . $lang->requests['field11'] . '</a></h2> ' : ''); $fillrequest = (($request['filled'] == 'no' AND ($is_mod OR $usergroups['canrequest'] == 'yes')) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=fill_request&rid=' . $request['id'] . '">' . $lang->requests['field18'] . '</a></h2> ' : ''); $reset_request = (($request['filled'] == 'yes' AND ($is_mod OR $CURUSER['id'] == $request['userid'])) ? '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '?do=reset_request&rid=' . $request['id'] . '">' . $lang->requests['field13'] . '</a></h2> ' : ''); $back = '<h2><a class=hoptobutton size=4 href="' . $_SERVER['SCRIPT_NAME'] . '">' . $lang->requests['return'] . '</a></h2> '; $commentbar = '' . '<div align=left><h2><a class=hoptobutton size=4 href=reqcomment.php?action=add&tid=' . $request['id'] . '>' . $lang->requests['addcomment'] . '</a></h2></div>'; echo ' <script type="text/javascript"> function confirm_delete_request() { var confirm_delete = confirm("' . $lang->requests['are_you_sure'] . '"); if (confirm_delete) { return true; } else { return false; } } </script> <table width="100%" border="0" cellpadding="5" cellspacing="0"> <tr> <td class="thead" colspan="2" align="center">' . $lang->requests['viewreq'] . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['rtitle'] . '</td> <td align="left" width="80%">' . htmlspecialchars_uni ($request['request']) . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field9'] . '</td> <td align="left" width="80%"><a href="' . $BASEURL . '/userdetails.php?id=' . $request['userid'] . '">' . get_user_color ($request['username'], $request['namestyle']) . '</a></td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field8'] . '</td> <td align="left" width="80%">' . my_datee ($dateformat, $request['added']) . ' ' . my_datee ($timeformat, $request['added']) . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field6'] . '</td> <td align="left" width="80%">' . $request['category_name'] . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['votes'] . '</td> <td align="left" width="80%">' . $request['hits'] . '</td> </tr> <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['field5'] . '</td> <td align="left" width="80%">' . format_comment ($request['descr']) . '</td> </tr>'; if ($request['filled'] == 'yes') { ($query = sql_query ('SELECT u.username, g.namestyle FROM users u LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE u.id=' . sqlesc ($request['filledby'])) OR sqlerr (__FILE__, 455)); $fillerdetails = mysql_fetch_assoc ($query); echo ' <tr> <td align="right" width="20%" class="subheader">' . $lang->requests['filledby'] . '</td> <td align="left" width="80%"><a href="' . $BASEURL . '/userdetails.php?id=' . $request['filledby'] . '">' . get_user_color ($fillerdetails['username'], $fillerdetails['namestyle']) . '</a> [<a href="' . $request['filledurl'] . '">' . $lang->requests['view_details'] . '</a>]</td> </tr>'; } echo ' <tr> <td colspan="2" align="center" class="subheader"><p>' . $back . $delete_image . $edit_image . $fillrequest . $reset_request . '</p></td> </tr> </table> '; print("<tr><td class=embedded colspan=2><p><a name=startcomments></a></p>\n"); $commentbar = '' . '<div align=left><h2><a class=hoptobutton size=4 href=reqcomment.php?action=add&tid=' . $request['id'] . '>' . $lang->requests['addcomment'] . '</a></h2></div></ br></ br>'; $subres = sql_query ('' . 'SELECT COUNT(*) FROM comments WHERE request = ' . $id); $subrow = mysql_fetch_array ($subres); $count = $subrow[0]; print '</td></tr></table>'; if ($count) { list ($pagertop, $pagerbottom, $limit) = pager ($ts_perpage, $count, '' . 'viewrequests1.php?do=view_request&rid=' . $id .' &', array (lastpagedefault => 1)); ($subres = sql_query ('' . 'SELECT c.id, c.text, c.user, c.added, c.editedby, c.editedat, u.warned, u.username, u.title, u.usergroup, u.donor, g.title as grouptitle,u.avatar as useravatar FROM comments c LEFT JOIN users u ON (c.user=u.id) LEFT JOIN usergroups g ON (u.usergroup=g.gid) WHERE c.request = ' . $id . ' ORDER BY c.id ' . $limit) OR sqlerr (__FILE__, 335)); $allrows = array (); while ($subrow = mysql_fetch_array ($subres)) { $allrows[] = $subrow; } print $pagertop; offcommenttable ($allrows); print $pagerbottom; } $subres print $commentbar; echo '</table>'; stdfoot (); exit (); }
http://img843.imageshack.us/img843/9803/comentreq.png
|