Location: PHPKode > projects > ACollab > drafting/comments.php
<?php
/****************************************************************************************/
/* ACollab                                                                              */
/****************************************************************************************/
/* Copyright (c) 2002-2005  Adaptive Technology Resource Centre / University of Toronto */
/*                                                                                      */
/* http://atutor.ca/acollab                                                             */
/*                                                                                      */
/* This program is free software. You may redistribute it and/or                        */
/* modify it under the terms of the GNU General Public License                          */
/* as published by the Free Software Foundation; either version 2 of the License,       */
/* or (at your option) any later version.                                               */
/*                                                                                      */
/* This program is distributed in the hope that it will be useful, but                  */
/* WITHOUT ANY WARRANTY; without even the implied warranty of                           */
/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.                                 */
/* See the GNU General Public License for more details.                                 */
/*                                                                                      */
/* You may access the GNU General Public License at:                                    */
/* http://www.opensource.org/licenses/gpl-license.php                                   */
/*                                                                                      */
/* You may contact the Adaptive Technology Resource Centre at                           */
/* Robarts Library, University of Toronto                                               */
/* 130 St. George Street, Toronto, Ontario, Canada M5S 1A5                              */
/* Further contact information is available at http://www.utoronto.ca/atrc/             */
/****************************************************************************************/
/* Programmer:                                                                          */
/* Joel Kronenberg - ATRC                                                               */
/****************************************************************************************/
// $Id: comments.php 408 2005-02-18 16:56:14Z shozubq $

define('AC_INCLUDE_PATH', '../include/');

require(AC_INCLUDE_PATH.'vitals.inc.php');
authenticate(USER_CLIENT, USER_GROUP_ADMIN);

$id = intval($_REQUEST['id']);
$fid = intval($_REQUEST['fid']);
$r = intval($_REQUEST['r']);

if (isset($_POST['cancel'])) {
	if (!$_REQUEST['pid']) {
		$_REQUEST['pid'] = $id;
	}

	header('Location: revisions.php?id='.$_REQUEST['pid']);
	exit;
}

if (isset($_POST['submit'])) {
	$_POST['comment']   = trim($_POST['comment']);

	if ($_POST['comment'] == '') {
		$error[] = E_DRAFT_EMPTY_COMM;
	}

	if (!isset($error)) {
		$_POST['comment'] = $addslashes($_POST['comment']);

		$sql	= "INSERT INTO ".TABLE_PREFIX."revisions_comments VALUES (0, $id, $_SESSION[member_id], NOW(), '$_POST[comment]')";

		if (mysql_query($sql, $db)) {
			$sql	= "UPDATE ".TABLE_PREFIX."files_revisions SET num_comments=num_comments+1 WHERE revision_id=$id";
			$result	= mysql_query($sql, $db);

			header('Location: revisions.php?id='.$fid.SEP.'f='.F_DRAFT_COMMENT);
			exit;
		}
	}
}

$sql	= "SELECT * FROM ".TABLE_PREFIX."files WHERE file_id=$fid AND group_id=$_SESSION[group_id]";
$result = mysql_query($sql, $db);

if (!$row = mysql_fetch_assoc($result)) {
	$_SECTION[0][0] = _AC('home');
	$_SECTION[0][1] = 'home.php';
	$_SECTION[1][0] = _AC('drafting_room');
	$_SECTION[1][1] = 'drafting/';
	$_SECTION[2][0] = _AC('revisions');

	require(AC_INCLUDE_PATH.'header.inc.php');

	$error = E_FILE_NOT_FOUND;
	print_errors($error);

	require(AC_INCLUDE_PATH.'footer.inc.php');
	exit;
}
$title = $row['title'];
$description = $row['description'];
$locked = $row['locked'];

$_SECTION[0][0] = _AC('home');
$_SECTION[0][1] = 'home.php';
$_SECTION[1][0] = _AC('drafting_room');
$_SECTION[1][1] = 'drafting/';
$_SECTION[2][0] = _AC('revisions'). ': '.$title;
$_SECTION[2][1] = 'drafting/revisions.php?id='. $fid;
$_SECTION[3][0] = _AC('comments'). ': '._AC('revision') .' #'.$r;
$_SECTION[3][1] = 'drafting/revisions.php';

require(AC_INCLUDE_PATH.'header.inc.php');

if (isset($error)) {
	print_errors($error);
}

?>
<table border="0" cellspacing="0" cellpadding="5" class="box" align="center" width="95%">
<tr>
	<td valign="top" class="row1 white"><h1><img src="images/file_types/file.gif" height="16" width="13" border="0" alt="*" class="img" /> <?php echo $title;
	if (!authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) && $locked) {
		echo ' - <img src="images/lock.gif" class="img" height="12" width="16" alt="'._AC('locked').'" border="0" />';
	}
	?></h1></td>
</tr>
<tr>
	<td valign="top" class="row1 nobar"><?php echo nl2br($description); ?></td>
</tr>
</table>
<?php
	$col = 1;

	$sql	= "SELECT * FROM ".TABLE_PREFIX."files_revisions WHERE revision_id=$id AND file_id=$fid";
	$result = mysql_query($sql, $db);

	if (!$file_row = mysql_fetch_assoc($result)) {
		$_SECTION[0][0] = _AC('home');
		$_SECTION[0][1] = 'home.php';
		$_SECTION[1][0] = _AC('drafting_room');
		$_SECTION[1][1] = 'drafting/';
		$_SECTION[2][0] = _AC('revisions');

		require(AC_INCLUDE_PATH.'header.inc.php');

		$error = E_FILE_NOT_FOUND;
		print_errors($error);

		require(AC_INCLUDE_PATH.'footer.inc.php');
		exit;
	}

	echo '<br /><br /><table cellspacing="0" cellpadding="3" border="0" bgcolor="white" width="90%" align="center" summary="" class="box">';
	echo '<tr><td class="row'.$col.' white" colspan="2" align="center"><a href="'.$_SERVER['REQUEST_URI'].'#comment" onfocus="this.className=\'highlight\'" onblur="this.className=\'\'">'._AC('add_comment').'</a></td></tr>';

	echo '<tr>';
	echo '<td class="row2 nobar">#'.$_REQUEST['r'].' '._AC('by') . ' <a href="profile.php?id='.$file_row['member_id'].'">' . get_login($file_row['member_id']).'</a></td>';
	echo '<td class="row2 boxed" align="right"><a href="get_file.php?id='.$file_row['file_id'].'"><img src="images/dl.jpg" class="img" height="14" width="14" alt="" border="0" /> '._AC('download_revision', $_REQUEST['r']).'</a> | <img src="images/comments.gif" class="img" height="15" width="15" alt="" border="0" /> <strong>'.$file_row['num_comments'].' '._AC('comments').'</strong> ';
	if (authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) || !$locked) {
		echo '| <a href="drafting/revision_edit_file.php?id='.$file_row['file_id'].SEP.'pid='.$_GET['fid'].'"><img src="images/edit.gif" class="img" height="12" width="16" alt="" border="0" /> '._AC('edit').'</a> | <a href="drafting/revision_delete_file.php?id='.$file_row['revision_id'].SEP.'fid='.$fid.'"><img src="images/delete.gif" class="img" height="14" width="14" alt="" border="0" /> '._AC('delete').'</a>';
	}
	echo '</td>';
	echo '</tr>';

	echo '<tr>';
	echo '<td class="row2" valign="top"><small>'.$file_row['initial_date'].'<br />'.$file_row['file_size'].' Bytes<br />'.$row['file_name'].'</small></td>';
	echo '<td class="row2" valign="top" width="75%">'.$file_row['description'].'</td>';
	echo '</tr>';


	$sql	= "SELECT * FROM ".TABLE_PREFIX."revisions_comments WHERE revision_id=$id ORDER BY date";
	$result = mysql_query($sql, $db);

	if ($row = mysql_fetch_assoc($result)) {

		echo '<tr><td class="row1" colspan="2"><img src="images/clr.gif" height="5" width="5" alt="" /></td></tr>';

		$col = 1;
		do {
			$col = abs($col-1);

			echo '<tr>';
			echo '<td class="row'.$col.' nobar">'._AC('by').' <a href="profile.php?id='.$row['member_id'].'">' . get_login($row['member_id']).'</a></td>';
			echo '<td class="row'.$col.' nobar" align="right">';
			if (authenticate(USER_GROUP_ADMIN, USER_RETURN_CHECK) || ($row['member_id']==$_SESSION['member_id'] && !$locked)) {	
				echo'<a href="drafting/revision_edit_comment.php?id='.$row['comment_id'].SEP.'r='.$r.SEP.'fid='.$id.SEP.'ffid='.$fid.'"><img src="images/edit.gif" class="img" height="12" width="17" alt="" border="0" /> '._AC('edit').'</a> | <a href="drafting/revision_delete_comment.php?id='.$row['comment_id'].SEP.'fid='.$id.SEP.'ffid='.$fid.'"><img src="images/delete.gif" class="img" height="14" width="14" alt="" border="0" /> '._AC('delete').'</a>';
			}
			echo '</td></tr>';
			
			echo '<tr>';
			echo '<td class="row'.$col.'" valign="top"><small>'.$row['date'].'</small></td>';
			echo '<td class="row'.$col.'">'.nl2br($row['comment']).'</td>';
			echo '</tr>';
		} while ($row = mysql_fetch_assoc($result));
	} else {
		echo '<tr><td class="row1" colspan="2" align="center">'._AC('no_comments_found').'</td></tr>';
	}
?>
	<tr>
		<td class="row<?php echo $col; ?> nobar white" colspan="2" align="center"><a href="<?php echo $_SERVER['REQUEST_URI']; ?>#comment" onfocus="this.className='highlight'" onblur="this.className=''"><?php echo _AC('add_comment'); ?></a></td>
	</tr>
	</table>
<br />
<?php
	if (!$locked) {
?>
<form method="post" action="<?php echo $_SERVER['PHP_SELF']; ?>" enctype="multipart/form-data" name="form" id="form">
	<input type="hidden" name="id" value="<?php echo $id; ?>" />
	<input type="hidden" name="r" value="<?php echo $_REQUEST['r']; ?>" />
	<input type="hidden" name="fid" value="<?php echo $fid; ?>" />

	<table border="0" cellspacing="0" cellpadding="2" align="center" class="box2">
	<tr>
		<th colspan="5" class="box"><h3><?php echo _AC('add_comment'); ?></h3></th>
	</tr>
	<tr>
		<td class="row1">&nbsp;</td>
		<td colspan="3" class="row1"><img src="images/clr.gif" height="1" width="1" alt="" /><br /><?php
			echo _AC('denotes_required', '<img src="images/required.gif" height="14" width="14" alt="'._AC('required_field').'" />');
		?><br /></td>
		<td class="row1">&nbsp;</td>
	</tr>
	<tr>
		<td class="row1">&nbsp;</td>
		<td class="row1" align="right" valign="top"><label for="comment"><b><?php echo _AC('comment'); ?>:</b></label></td>
		<td class="row1" valign="top"><img src="images/required.gif" height="14" width="14" alt="<?php echo _AC('required_field'); ?>" class="img" /></td>
		<td class="row1"><textarea name="comment" id="comment" class="input" onfocus="this.className='input highlight'" onblur="this.className='input'" cols="45" rows="8"><?php echo $_POST['comment']; ?></textarea></td>
		<td class="row1">&nbsp;</td>
	</tr>
	<tr>
		<td class="row1">&nbsp;</td>
		<td class="row1" colspan="3" align="right"><br /><input type="submit" name="submit" value="<?php echo _AC('add_comment'); ?>" class="submitY" onfocus="this.className='submitY highlight'" onblur="this.className='submitY'" /> &nbsp; <input type="submit" name="cancel" value="<?php echo _AC('cancel'); ?>" class="submitN" onfocus="this.className='submitN highlight'" onblur="this.className='submitN'" /><br /><br /></td>
		<td class="row1">&nbsp;</td>
	</tr>
	</table>
</form>
<?php } //endif; ?>
<br />
<?php
	require(AC_INCLUDE_PATH.'footer.inc.php');
?>
Return current item: ACollab