|
#11
|
|||
|
|||
offcomment.php
Code:
<? require_once("include/bittorrent.php"); $action = $_GET["action"]; dbconn(false); loggedinorreturn(); parked(); //=== uncomment if you use the parked mod if ($action == "add") { if ($_SERVER["REQUEST_METHOD"] == "POST") { $offid = 0 + $_POST["tid"]; if (!is_valid_id($offid)) stderr("Error", "Wrong ID"); $res = mysql_query("SELECT name FROM offers WHERE id = $offid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_array($res); if (!$arr) stderr("Error", "No offer with that ID"); $text = trim($_POST["body"]); if (!$text) stderr("Error", "Don't leave any fields blank!"); mysql_query("INSERT INTO comments (user, offer, added, text, ori_text) VALUES (" . $CURUSER["id"] . ",$offid, '" . get_date_time() . "', " . sqlesc($text) . "," . sqlesc($text) . ")"); $newid = mysql_insert_id(); mysql_query("UPDATE offers SET comments = comments + 1 WHERE id = $offid"); header("Refresh: 0; url=viewoffers.php?id=$offid&off_details=1&viewcomm=$newid#comm$newid"); die; } $offid = 0 + $_GET["tid"]; if (!is_valid_id($offid)) stderr("Error", "Wrong ID."); $res = mysql_query("SELECT name FROM offers WHERE id = $offid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_array($res); if (!$arr) stderr("Error", "Wrong ID."); stdhead("Add comment to \"" . $arr["name"] . "\""); print("<form method=post name=compose action=offcomment.php?action=add><input type=hidden name=tid value=$offid/>". "<table border=1 cellspacing=0 cellpadding=10><tr><td class=colhead align=center colspan=2><b>Comment on Offer: ". "" . htmlspecialchars($arr["name"]) . "</b></td><tr><tr><td align=right class=clearalt6><b>comment:</b></td>". "<td align=left class=clearalt6>\n"); textbbcode("compose","body","$body"); print("</td></tr><tr><td align=center colspan=2 class=clearalt6><input type=submit value='".Okay."' class=button></td></tr><br><br>\n"); $res = mysql_query("SELECT comments.id, text, UNIX_TIMESTAMP(comments.added) as utadded, UNIX_TIMESTAMP(editedat) as uteditedat, comments.added, username, users.id as user, users.class, users.avatar FROM comments LEFT JOIN users ON comments.user = users.id WHERE offer = $offid ORDER BY comments.id DESC LIMIT 5"); $allrows = array(); while ($row = mysql_fetch_array($res)) $allrows[] = $row; if (count($allrows)) commenttable($allrows); stdfoot(); die; } elseif ($action == "edit") { $commentid = 0 + $_GET["cid"]; if (!is_valid_id($commentid)) stderr("Error", "Wrong ID"); $res = mysql_query("SELECT * FROM comments WHERE id=$commentid") or sqlerr(__FILE__, __LINE__); $arr = mysql_fetch_array($res); if (!$arr) stderr("Error", "Wrong ID"); if ($arr["user"] != $CURUSER["id"] && get_user_class() < UC_MODERATOR) stderr("Error", "this is not your comment to edit."); if ($_SERVER["REQUEST_METHOD"] == "POST") { $text = $_POST["body"]; $returnto = htmlentities($_POST["returnto"]); if ($text == "") stderr("Error", "Don't leave any fields blank!"); $text = sqlesc($text); $editedat = sqlesc(get_date_time()); mysql_query("UPDATE comments SET text=$text, editedat=$editedat, editedby=$CURUSER[id] WHERE id=$commentid") or sqlerr(__FILE__, __LINE__); header("Refresh: 0; url=viewoffers.php?id=$arr[offer]&off_details=1&viewcomm=$commentid#comm$commentid"); die; } stdhead("Edit comment"); print("<form method=post name=compose action=offcomment.php?action=edit&cid=$commentid>". "<input type=hidden name=returnto value=\"" . $_SERVER["HTTP_REFERER"] . "\" /><input type=hidden name=cid value=$commentid />". "<p align=center><table border=1 cellspacing=1><tr><td align=center colspan=2 class=colhead><font size=\"+2\"><b>edit comment</b>". "</font></td></tr><tr><td align=center class=clearalt6>\n"); $body = $arr['text']; textbbcode("compose","body",htmlspecialchars(unesc($body))); print("</td></tr><tr><td align=center colspan=2 class=clearalt6><p><input type=submit class=button value=Edit! /></p></form></td></tr><br></table><br><br>\n"); stdfoot(); die; } elseif ($action == "delete") { if (get_user_class() < UC_MODERATOR) stderr("Error", "Access denied."); $commentid = 0 + $_GET["cid"]; if (!is_valid_id($commentid)) stderr("Error", "Invalid ID"); $sure = $_GET["sure"]; if (!$sure) { $referer = $_SERVER["HTTP_REFERER"]; stderr("Delete comment", "You`re about to delete this comment. Click\n" . "<a href=?action=delete&cid=$commentid&sure=1" . ($referer ? "&returnto=" . urlencode($referer) : "") . ">here</a>, if you`re sure."); } $res = mysql_query("SELECT offer FROM comments WHERE id=$commentid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_array($res); if ($arr) $offid = $arr["offer"]; mysql_query("DELETE FROM comments WHERE id=$commentid") or sqlerr(__FILE__,__LINE__); if ($offid && mysql_affected_rows() > 0) mysql_query("UPDATE offers SET comments = comments - 1 WHERE id = $offid"); header("Refresh: 0; url=viewoffers.php?id=$offid&off_details=1"); die; } elseif ($action == "vieworiginal") { if (get_user_class() < UC_MODERATOR) stderr("Error", "Access denied."); $commentid = 0 + $_GET["cid"]; if (!is_valid_id($commentid)) stderr("Error", "Invalid ID"); $res = mysql_query("SELECT c.*, t.name FROM comments AS c JOIN offers AS t ON c.offer = t.id WHERE c.id=$commentid") or sqlerr(__FILE__,__LINE__); $arr = mysql_fetch_array($res); if (!$arr) stderr("Error", "Invalid ID"); stdhead("Original"); print("<h1>Original content of comment #$commentid</h1><p>\n"); print("<table width=500 border=1 cellspacing=0 cellpadding=5>"); print("<tr><td class=comment>\n"); echo htmlspecialchars($arr["ori_text"]); print("</td></tr></table>\n"); $returnto = $_SERVER["HTTP_REFERER"]; if ($returnto) print("<p><font size=small>(<a href=$returnto>Back</a>)</font></p>\n"); stdfoot(); die; } else stderr("Error", "Unknown action"); die; ?> |
#12
|
|||
|
|||
Thanks for the offcomment.php
and nevermind the error i posted before, i managed to debug the script and correct it. Bump: @ rabtb: cheers! Does the torrenttable in your browse.php have the same way to sort like your viewrequests.php, with this code? if ($sort == "votes") $sort = " ORDER BY hits DESC"; elseif ($sort == "cat") $sort = " ORDER BY cat "; else if ($sort == "request") $sort = " ORDER BY request "; else if ($sort == "added") $sort = " ORDER BY added ASC"; else $sort = " ORDER BY added DESC"; list($pagertop, $pagerbottom, $limit) = pager($perpage, $count, $_SERVER["PHP_SELF"] ."?" . "category=" . $_GET[category] . "&sort=" . $_GET["sort"] . "&" ); print("<center>"); $res = mysql_query("SELECT users.downloaded, users.uploaded, users.username, requests.filled, requests.filledby, requests.id, requests.userid, requests.request, requests.added, requests.hits, requests.filledurl, categories.image, categories.name as cat FROM requests inner join categories on requests.cat = categories.id inner join users on requests.userid = users.id $categ $filter $search $sort $limit") or sqlerr(__FILE__, __LINE__); $num = mysql_num_rows($res); print("<div align=center><form method=get action=viewrequests.php><select name=category><option value=0>(Show All)</option>"); echo $pagertop; ?> <script language = "Javascript"> <!-- var form='viewreq' function SetChecked(val,chkName) { dml=document.forms[form]; len = dml.elements.length; var i=0; for( i=0 ; i<len ; i++) { if (dml.elements[i].name==chkName) { dml.elements[i].checked=val; } } } // --> </script> <? print("<form method=post name=viewreq action=viewrequests.php?staff_delete=1 onSubmit=\"return ValidateForm(this,'delreq')\">". "<table border=1 width=100% cellspacing=0 cellpadding=5><tr><td class=colhead align=left width=50><a class=altlink href=". $_SERVER[PHP_SELF] ."?category=" . (int)$_GET[category] . "&filter=" . $_GET[filter] . "&sort=cat>Type</a></td>". "<td class=colhead align=center><a class=altlink href=". $_SERVER[PHP_SELF] ."?category=" . (int)$_GET[category] . "&filter=" . $_GET[filter] . "&sort=request>Name</a></td>". "<td class=colhead align=center width=150><a class=altlink href=" . $_SERVER[PHP_SELF] ."?category=" . (int)$_GET[category] . "&filter=" . $_GET[filter] . "&sort=added>Added</a></td>". "<td class=colhead align=center>Requested by</td><td class=colhead align=center>Filled?</td><td class=colhead align=center>Filled By</td>". "<td class=colhead align=center><a class=altlink href=" . $_SERVER[PHP_SELF] . "?category=" . (int)$_GET[category] . "&filter=" . $_GET[filter] . "&sort=votes>Votes</a></td>"); Bump: Quote:
anyone can help? |
#13
|
|||
|
|||
is something missing here? why after i try to add a request, the page is blank?
/new_request=1 |
#14
|
|||
|
|||
set in php.ini to display the errors so you can see what's wrong :)
|
Tags |
08 , mod , request , tbv |
|
|