<?
// Copyright (C) Bloggie Lite Written by : Sean
// http://www.mywebland.com , http://mybloggie.mywebland.com
// You are requested to retain this copyright notice in order to use
// this software.
//This program is free software; you can redistribute it and/or
//modify it under the terms of the GNU General Public License
//as published by the Free Software Foundation; either version 2
//of the License, or (at your option) any later version.
//This program is distributed in the hope that it will be useful,
//but WITHOUT ANY WARRANTY; without even the implied warranty of
//MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
//GNU General Public License for more details.
//You should have received a copy of the GNU General Public License
//along with this program; if not, write to the Free Software
//Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
if ( !defined('IN_BLOGGIE') )
{
die("You are not allowed to access this page directly !");
}
if (!authenticate()) {
redirect($site_url."/login.php");
}
//echo $_SERVER['PATH_INFO'];
//echo $_SERVER['REQUEST_URI'];
//echo $_SERVER['SCRIPT_NAME'];
$pno = ( isset($_GET['pno']) ) ? intval($_GET['pno']) : 0;
if ( isset($_GET['action']) ) $action = $_GET['action'];
if ( isset($_GET['comment_id']) ) $comment_id = intval($_GET['comment_id']);
if ( isset($_GET['limit']) ) $editlimit = intval($_GET['limit']);
if ( !isset($editlimit) ) $editlimit = 5;
if (isset($_POST['delete'])) {
//if($delete){
if (isset($_POST['checkbox'])) { $checkbox = $_POST['checkbox'] ; }
$del_id = $_POST['checkbox'];
for ($i=0; $i<count($del_id); $i++ ) {
// echo $del_id."<br />";
//for ($i=0; $i<count($checkbox); $i++ ) {
if ($userlevel==1) {
$sql = "DELETE FROM ".COMMENT_TBL." WHERE comment_id='$del_id[$i]'";
} elseif ($userlevel==2) {
$sql = "DELETE FROM ".COMMENT_TBL." WHERE comment_id='$del_id[$i]' AND user_id ='$userid'";
}
if( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
echo $sql_error['message'];
}
}
$template->assign_block_vars('status', array(
'STATUS' => "Comment(s) Deleted",
));
} elseif (isset($_POST['approve'])) {
if (isset($_POST['comment'])) { $comment_id1 = $_POST['comment'] ; }
for ($i=0; $i<count($comment_id1); $i++ ) {
$sql = "UPDATE ".COMMENT_TBL." SET approved='1' WHERE comment_id='$comment_id1[$i]'";
$result = $db->sql_query($sql);
if( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
error($lang['Error'], 'SQL Query Error : '.$sql_error['message'].' !');
}
}
$template->assign_block_vars('status', array(
'STATUS' => $lang['Comment_App_Info'],
));
$sql = "SELECT post_id FROM ".COMMENT_TBL." LIMIT 0 , 1";
$result = $db->sql_query($sql);
$row = $db->sql_fetchrow($result) ;
$post_id = $row['post_id'];
$sql = "UPDATE ".POST_TBL." SET comments_count='".comments_count($post_id)."' WHERE post_id='$post_id'";
$result = $db->sql_query($sql);
if( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
error($lang['Error'], 'SQL Query Error : '.$sql_error['message'].' !');
}
}
if (isset($action)) {
switch ($action) {
case "del":
if ($userlevel==1) {
$sql = "DELETE FROM ".COMMENT_TBL." WHERE comment_id='$comment_id'";
} elseif ($userlevel==2) {
$sql = "DELETE FROM ".COMMENT_TBL." WHERE comment_id='$comment_id' AND user_id ='$userid'";
}
if( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
echo $sql_error['message'];
} else
{
$template->assign_block_vars('status', array(
'STATUS' => $lang['Comment_Del_Info'].$comment_id,
));
}
break;
default:
$template->assign_vars(array(
'VERSION_INFO' => versioncheck($pref_data['version']),
));
$template->pparse('admincontent') ; break;
}
}
if (!isset($mode)) {
$template->assign_vars(array(
'VERSION_INFO' => versioncheck($pref_data['version']),
));
$template->pparse('admincontent') ;
}
/**
if (isset($_GET['post_id']))
{ $post_id = intval($_GET['post_id']); }
elseif (isset($_POST['post_id']))
{ $post_id = intval($_POST['post_id']); }
else
{ error('Error', 'invalid Post ID '); } **/
if ($userlevel==1) {
$sql = "SELECT COUNT(p.comment_id) AS num_comments
FROM " . COMMENT_TBL . " p ";
} elseif ($userlevel==2) {
$sql = "SELECT COUNT(p.comment_id) AS num_comments
FROM " . COMMENT_TBL . " p
Where user_id ='$userid' " ;
}
if ( !($result = $db->sql_query($sql)) )
{ $sql_error = $db->sql_error(); echo $sql_error['message']; }
$numrow= ( $row = $db->sql_fetchrow($result) ) ? intval($row['num_comments']) : 0;
//$nocom = ( $db->sql_numrows($result) ) ? intval( $db->sql_numrows($result)) : 0;
//$pagination = pagination("","./admin.php?mode=editlist",$row , $editlimit, $pno);
$pagination = pagination("","./admin.php?mode=commentlist", $numrow, $editlimit, $pno);
$template->assign_vars(array(
'PAGE' => $pagination,
'L_CHECK_ALL' => $lang['Check_All'],
'L_IP' => $lang['IP'],
'L_APPROVE' => $lang['Approve'],
'L_ACTION' => $lang['Action'],
'L_DELETE' => $lang['Delete'] ,
'DEL_CONF' => $lang['Delete_Confirmation'],
'APP_CONF' => $lang['Approve_Confirmation'],
));
if ($userlevel==1) {
$sql = "SELECT * FROM ".COMMENT_TBL."
Order by ".COMMENT_TBL.".com_tstamp DESC, ".COMMENT_TBL.".comment_type ASC
LIMIT ".$pno." , ".$editlimit; }
elseif ($userlevel==2) {
$sql = "SELECT * FROM ".COMMENT_TBL."
Where user_id ='$userid'
Order by ".COMMENT_TBL.".com_tstamp DESC, ".COMMENT_TBL.".comment_type ASC
LIMIT ".$pno." , ".$editlimit;
}
if ( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
echo $sql_error['message'];
}
if( !($result = $db->sql_query($sql)) )
{
$sql_error = $db->sql_error();
die($sql_error['message']);;
}
//$result = $db->sql_query($sql) ;
$n = 0;
while ($row = $db->sql_fetchrow($result)){
if ( $n % 2 ) { $alt_clr =" class=\"whitebg\""; } else { $alt_clr = " class=\"greybg\""; }
if (!(preg_match("#^http\\:\\/\\/#i", $row['home']))) {
$commenthome1 = "http://".$row['home'] ;
}
else
{ $commenthome1 = $row['home'] ; }
if (!empty($row['email'])) { $com_email =" : <a class=\"std\" href=\"mailto:".$row['email']."\">".$lang['Email']."</a> : "; } else { $com_email = " : ";}
if (!empty($row['home'])) { $com_home ="<a class=\"std\" href=\"".$commenthome1."\">".$lang['Home']."</a>"; } else { $com_home = "";}
$comments = $row['comments'] ;
$comment_id = $row['comment_id'] ;
$comments=viewsmile($comments);
$comments=viewbbcode($comments);
$comments=viewlink($comments);
$comments=autolink($comments);
// end
$comments = nl2br($comments);
$time = date("H:i", $row['com_tstamp']) ;
$date = date("d M Y", $row['com_tstamp']) ;
if ($row['approved']) { $approved = $lang['Yes']; }
else { $approved = "<input type=\"checkbox\" name=\"comment[]\" id=\"comment[]\" value=\"".$comment_id."\" />";
}
$template->assign_block_vars('listing', array(
'ALT_CLR' => $alt_clr,
'COM_ID' => $comment_id,
'COM_TIME' => $date.", ".$time,
'POSTER' => $row['poster'],
'L_BY' => $lang['By'],
'L_TIME' => $lang['Time'],
'L_COMMENTS' => $lang['Comments'] ,
'L_DEL' => $lang['Del'] ,
'COM_IP' => $row['ip'],
'COM_EMAIL' => $com_email,
'COM_HOME' => $com_home,
'COMMENTS' => $comments,
'COM_SUBJECT' => $row['comment_subject'],
'COM_APPROVED' => $approved ,
'COM_EDIT' => "<a href=\"".$_SERVER['PHP_SELF']."?mode=editcom&post_id=".$row['post_id']."&comment_id=".$comment_id."\" class=\"delete\" id=\"delete-$comment_id\">".$lang['Edit']."</a>",
// 'COM_DEL' => "<a href='test2.php?action=del&comment_id=$comment_id' class=\"delete\" id=\"delete-$comment_id\">Del</a>",
'DEL_CHECKBOX_ID' => $comment_id,
'DEL_CONF' => $lang['Delete_Confirmation'],
'APP_CONF' => $lang['Approve_Confirmation'],
));
$template->assign_block_vars('listing.admin', array(
'ADMIN' => "[<a class=\"std\" href=\"".$_SERVER['PHP_SELF']."?mode=editcom&post_id=".$row['post_id']."&redirect=allcom&comment_id=".$comment_id."\">".$lang['Edit']."</a>] [<a class=\"std\" href=\"".$_SERVER['PHP_SELF']."?mode=delcom&post_id=".$row['post_id']."&redirect=adm&comment_id=".$comment_id."\">".$lang['Del']."</a>]",
));
$n++;
}
//<a href="javascript:void(window.open('http://localhost/info.php', 'display1', 'left=50,top=50,resizable=yes,scrollbars=yes,width=400,height=220'))">Some limitations apply.</a>
$template->pparse('comment-list');
?>