Location: PHPKode > projects > bl0g > comments.php
<?

/* This file is part of bl0g.                                                *
 *                                                                           *
 * bl0g is free software; you can redistribute it and/or modify              *
 * it under the terms of the GNU General Public License as published by      *
 * the Free Software Foundation; either version 2 of the License, or         *
 * (at your option) any later version.                                       *
 *                                                                           *
 * bl0g is distributed in the hope that it will be useful,                   *
 * but WITHOUT ANY WARRANTY; without even the implied warranty of            *
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the             *
 * GNU General Public License for more details.                              *
 *                                                                           *
 * You should have received a copy of the GNU General Public License         *
 * along with bl0g; if not, write to the Free Software                       *
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA */

if     (!empty( $_GET['sid']))  { $sid =  $_GET['sid'];  }
elseif (!empty($_POST['sid'])) { $sid = $_POST['sid']; }
else   { $sid = 0;			/* let's check this out */ }

require_once('include.inc.php');
require_once('conn.inc.php');

$date_format		= 'Y\\\n\\\d H:i';

if ((!empty($_POST['action'])) and ($_POST['action']=='post_reply')) {
	if ((!empty($_POST['poster'])) and (!empty($_POST['text']))) {
		$sql = "INSERT INTO `".$db_prefix."comments` (sid, text, poster, email, date, ip) VALUES('$sid','".mysql_escape_string($_POST['text'])."','"
				.mysql_escape_string($_POST['poster'])."','".mysql_escape_string($_POST['email'])
				."','".time()."','".getenv('REMOTE_ADDR')
				."')";
		str_replace ("&", "&amp;", $sql);
		mysql_query ($sql);

		if ($com_email == true) {
			mail($webmaster_email, 'úâåáä çãùä ìñéôåø ùìê', 'äîùúîù '.$_POST['poster']
				.' ùìç úâåáä çãùä ìñéôåøê ùîñôøå #'.$sid
				.' ááì!â ùìê;'."\r\n".$_POST['text']."\r\n".'ëãé ìöôåú áúâåáä'
				.' å/àå ìäâéá ìä, éù ìá÷ø á:'."\r\n<".$website_url.'comments.php?sid='
				.$sid.">\r\n\r\n".'áëáåã øá,'."\r\n".'àðé'
				."\r\n".$webmaster_email,'From: '.$webmaster_name.'<'.$webmaster_email.">\r\n"
				.'X-Mailer: bl0g');
		}
	}
	if (@$_POST['cookies']=='on') {
		setcookie('poster',$_POST['poster'],time()+31536000);
		setcookie('email', $_POST['email'], time()+31536000);
	} else {
		setcookie('poster','');
		setcookie('email', '');
	}
}
?>
<!DOCTYPE html 
     PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
     "DTD/xhtml1-transitional.dtd">
<html dir="rtl" xmlns="http://www.w3.org/1999/xhtml" xml:lang="he" lang="he">

<head>
	<title><?=$website_name?> - úâåáåú</title>
	<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-8-i" />
	<meta http-equiv="pragma" content="no-cache" />
	<meta name="author" content="Sagie Maoz" />
	<style type="text/css" media="all">@import "styles/comments.css";</style>
</head>

   <script language="javascript" type="text/javascript">
   //<![CDATA[
      function emoticon(code) {
         x = document.postform.text;
         x.value = x.value + ':' + code + ':';
         document.postform.text.focus();
      }
      function emoticonp(code) {
         if (window.event && window.event.keyCode == 13) {
            return emoticon(code);
         }
      }
   //]]>
   </script>

<body>

<a name="top"></a>
<div id="toplink">[ <a href="#reply">äâéáå âí àúí</a> | <a href="javascript:window.close()">ñâåø</a> ]</div>

<?php
$c = 1;
$r = mysql_query("SELECT * FROM `".$db_prefix."comments` WHERE `sid`='$sid' ORDER BY id");
while ($d = mysql_fetch_array($r)) {
	print "<div class=\"comment$c\">\n";
	$text = htmlspecialchars ($d['text']);
	$text = replace_emoticons ($text);
	$text = str_replace ("\\\"", "\"", $text);
	$text = str_replace ("\'", "'", $text);
	print nl2br ($text);
	print '<br /><span class="poster">';
	if (!empty($d['email'])) { print '<a href="mailto:'.$d['email'].'">'.$d['poster'].'</a>'; }
	else { print $d['poster']; }
	print "</span>\n";
	print '<span class="time">&nbsp;&middot;&nbsp;'.hebrew_date($d['date'],$date_format);
	print " <a href=\"admin.php?action=del-comment&amp;cid=".$d['id']."&amp;sid=$sid\">îç÷</a>";
	print "</span>\n</div>\n\n";
	$c = abs($c-1);
}
?>

<a name="reply"></a>
<div id="postform">
<form action="comments.php" method="post" name="postform">
<div class="replyhead"><b>äâéáå âí àúí:</b></div>
<input type="hidden" name="action" value="post_reply" />
<input type="hidden" name="sid" value="<?=$sid?>" />
<table>
	<tr><td class="required"><label for="namefield">ùí:</label></td>
		<td><input type="text" name="poster" maxlength="100" id="namefield" value="<?=@$_COOKIE['poster']?>" /></td></tr>
	<tr><td class="optional"><label for="emailfield">ãåàì:</label></td>
		<td><input type="text" name="email" maxlength="100" id="emailfield" value="<?=@$_COOKIE['email']?>" /></td></tr>
	<tr><td class="required"><label for="replytext">úâåáä:</label></td>
		<td><textarea name="text" id="replytext"></textarea></td></tr>
	<tr><td></td><td><input type="submit" value=" ùìéçä " class="button" />&nbsp;
		<input type="reset" class="button" value=" ñâéøä " onclick="window.close();" /></td></tr>
	<tr><td></td><td><input type="checkbox" name="cookies" checked="checked" id="chx" />
		æëåø àåúé</td></tr>
	<tr><td>àîåèé÷åðéí:</td><td><?php
for ($i=0;$i<=sizeof($emoticons_codes)-1;$i++) {
   echo '<img src="img/emoticons/'.$emoticons_files[$i].'"'."\n"
       .'width="15" height="15" alt=":'.$emoticons_codes[$i].':"'."\n"
       .'title=":'.$emoticons_codes[$i].':"'."\n"
       .'onclick="emoticon(\''.$emoticons_codes[$i].'\')" onkeypress="emoticonp'
       .'(\''.$emoticons_codes[$i].'\')" style="cursor: pointer;" /> ';
}
?></td></tr>
</table>
</form>
</div>

<div id="toplink"><a href="#top">^^</a></div>

</body>
</html>
<!-- symba says roar! -->
<!-- raful says miaoo -->
Return current item: bl0g