<?
/* This file is part of bl0g. *
* *
* bl0g is free software; you can redistribute it and/or modify *
* it under the terms of the GNU General Public License as published by *
* the Free Software Foundation; either version 2 of the License, or *
* (at your option) any later version. *
* *
* bl0g is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
* GNU General Public License for more details. *
* *
* You should have received a copy of the GNU General Public License *
* along with bl0g; if not, write to the Free Software *
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA */
if (!empty( $_GET['sid'])) { $sid = $_GET['sid']; }
elseif (!empty($_POST['sid'])) { $sid = $_POST['sid']; }
else { $sid = 0; /* let's check this out */ }
require_once('include.inc.php');
require_once('conn.inc.php');
$date_format = 'Y\\\n\\\d H:i';
if ((!empty($_POST['action'])) and ($_POST['action']=='post_reply')) {
if ((!empty($_POST['poster'])) and (!empty($_POST['text']))) {
$sql = "INSERT INTO `".$db_prefix."comments` (sid, text, poster, email, date, ip) VALUES('$sid','".mysql_escape_string($_POST['text'])."','"
.mysql_escape_string($_POST['poster'])."','".mysql_escape_string($_POST['email'])
."','".time()."','".getenv('REMOTE_ADDR')
."')";
str_replace ("&", "&", $sql);
mysql_query ($sql);
if ($com_email == true) {
mail($webmaster_email, 'úâåáä çãùä ìñéôåø ùìê', 'äîùúîù '.$_POST['poster']
.' ùìç úâåáä çãùä ìñéôåøê ùîñôøå #'.$sid
.' ááì!â ùìê;'."\r\n".$_POST['text']."\r\n".'ëãé ìöôåú áúâåáä'
.' å/àå ìäâéá ìä, éù ìá÷ø á:'."\r\n<".$website_url.'comments.php?sid='
.$sid.">\r\n\r\n".'áëáåã øá,'."\r\n".'àðé'
."\r\n".$webmaster_email,'From: '.$webmaster_name.'<'.$webmaster_email.">\r\n"
.'X-Mailer: bl0g');
}
}
if (@$_POST['cookies']=='on') {
setcookie('poster',$_POST['poster'],time()+31536000);
setcookie('email', $_POST['email'], time()+31536000);
} else {
setcookie('poster','');
setcookie('email', '');
}
}
?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"DTD/xhtml1-transitional.dtd">
<html dir="rtl" xmlns="http://www.w3.org/1999/xhtml" xml:lang="he" lang="he">
<head>
<title><?=$website_name?> - úâåáåú</title>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-8-i" />
<meta http-equiv="pragma" content="no-cache" />
<meta name="author" content="Sagie Maoz" />
<style type="text/css" media="all">@import "styles/comments.css";</style>
</head>
<script language="javascript" type="text/javascript">
//<![CDATA[
function emoticon(code) {
x = document.postform.text;
x.value = x.value + ':' + code + ':';
document.postform.text.focus();
}
function emoticonp(code) {
if (window.event && window.event.keyCode == 13) {
return emoticon(code);
}
}
//]]>
</script>
<body>
<a name="top"></a>
<div id="toplink">[ <a href="#reply">äâéáå âí àúí</a> | <a href="javascript:window.close()">ñâåø</a> ]</div>
<?php
$c = 1;
$r = mysql_query("SELECT * FROM `".$db_prefix."comments` WHERE `sid`='$sid' ORDER BY id");
while ($d = mysql_fetch_array($r)) {
print "<div class=\"comment$c\">\n";
$text = htmlspecialchars ($d['text']);
$text = replace_emoticons ($text);
$text = str_replace ("\\\"", "\"", $text);
$text = str_replace ("\'", "'", $text);
print nl2br ($text);
print '<br /><span class="poster">';
if (!empty($d['email'])) { print '<a href="mailto:'.$d['email'].'">'.$d['poster'].'</a>'; }
else { print $d['poster']; }
print "</span>\n";
print '<span class="time"> · '.hebrew_date($d['date'],$date_format);
print " <a href=\"admin.php?action=del-comment&cid=".$d['id']."&sid=$sid\">îç÷</a>";
print "</span>\n</div>\n\n";
$c = abs($c-1);
}
?>
<a name="reply"></a>
<div id="postform">
<form action="comments.php" method="post" name="postform">
<div class="replyhead"><b>äâéáå âí àúí:</b></div>
<input type="hidden" name="action" value="post_reply" />
<input type="hidden" name="sid" value="<?=$sid?>" />
<table>
<tr><td class="required"><label for="namefield">ùí:</label></td>
<td><input type="text" name="poster" maxlength="100" id="namefield" value="<?=@$_COOKIE['poster']?>" /></td></tr>
<tr><td class="optional"><label for="emailfield">ãåàì:</label></td>
<td><input type="text" name="email" maxlength="100" id="emailfield" value="<?=@$_COOKIE['email']?>" /></td></tr>
<tr><td class="required"><label for="replytext">úâåáä:</label></td>
<td><textarea name="text" id="replytext"></textarea></td></tr>
<tr><td></td><td><input type="submit" value=" ùìéçä " class="button" />
<input type="reset" class="button" value=" ñâéøä " onclick="window.close();" /></td></tr>
<tr><td></td><td><input type="checkbox" name="cookies" checked="checked" id="chx" />
æëåø àåúé</td></tr>
<tr><td>àîåèé÷åðéí:</td><td><?php
for ($i=0;$i<=sizeof($emoticons_codes)-1;$i++) {
echo '<img src="img/emoticons/'.$emoticons_files[$i].'"'."\n"
.'width="15" height="15" alt=":'.$emoticons_codes[$i].':"'."\n"
.'title=":'.$emoticons_codes[$i].':"'."\n"
.'onclick="emoticon(\''.$emoticons_codes[$i].'\')" onkeypress="emoticonp'
.'(\''.$emoticons_codes[$i].'\')" style="cursor: pointer;" /> ';
}
?></td></tr>
</table>
</form>
</div>
<div id="toplink"><a href="#top">^^</a></div>
</body>
</html>
<!-- symba says roar! -->
<!-- raful says miaoo -->