<?php
/**************************************************************************
* *
* *
* Solution: eBlog *
* Release: 1.7 *
* File: topics.php *
* By: Emuci inc. *
* Website: http://www.emuci.com *
* Copyright: (C) 2010 Emcui inc. *
* *
* *
**************************************************************************
* *
* *
* This script is NOT freeware and is subjected to Emuci terms of use *
* located in the docs folder. *
* *
* *
*************************************************************************/
include_once 'includes/global.php';
$action = $_GET['action'];
$id = $_GET['id'];
$defaultTemplate = $template;
$copyrights = "© " . date("Y") . " " . $lang_admin_globalRights1;
// 1: Show Topic
if(($action == "show")&&(!empty($id))){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$result = mysql_query("SELECT * FROM eblog_topics WHERE id = '$id'");
$row = mysql_fetch_row($result);
$rowID = $row[0];
if(empty($rowID))
{
echo "
<script type='text/javascript'>
alert('$lang_erorr_PgaeNotFound');
parent.location='index.php';
</script>
";
}
$rowSec = $row[1];
$rowTitle = $row[2];
$rowDate = $row[3];
$rowContent = $row[4];
$rowMain = $row[6];
$allViewers = $row[7];
$result = mysql_query("SELECT allviewers FROM eblog_topics WHERE id = '$id'");
$row = mysql_fetch_row($result);
$rowViewers = $row[0]+1;
$sql="UPDATE eblog_topics SET allviewers='$rowViewers' WHERE id = '$id'";
$result=mysql_query($sql);
$chunks = explode("-",$rowDate);
$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
$lengthX = strlen($rowMain);
$rowMain = substr($rowMain, 3, $lengthX);
if(!empty($rowMain))
$rowMain = "<img src=\"$rowMain\" border=\"$bw\">";
$result = mysql_query("SELECT allow_comments, title FROM eblog_sections WHERE id = '$rowSec'");
$row = mysql_fetch_row($result);
$allowCommenting = $row[0];
$parentName = $row[1];
$result = mysql_query("SELECT allow_comments FROM eblog_settings WHERE id = '1'");
$row = mysql_fetch_row($result);
$allowCommenting2 = $row[0];
if(($allowCommenting == 1)&&($allowCommenting2 == 1))
{
$tabGroup = 2;
}
else
{
$tabGroup = 1;
}
$tabs = $new_template->load_template ("templates/$defaultTemplate/tabsGroup$tabGroup.html");
// prepare tree
$tempParent = $rowSec;
while(!empty($tempParent))
{
$result = mysql_query("SELECT title FROM eblog_sections WHERE id = '$tempParent'");
$row = mysql_fetch_row($result);
$parentName = $row[0];
$parentLink = " <img src=\"images/prev_$blog_dir.gif\"> <a href=\"sections.php?action=show&id=$tempParent\">$parentName</a>" . $parentLink;
$result = mysql_query("SELECT parent FROM eblog_sections WHERE id = '$tempParent'");
$row = mysql_fetch_row($result);
$tempParent = $row[0];
}
$tree_map = "<a href=\"index.php\">$lang_online_index</a>$parentLink <img src=\"images/prev_$blog_dir.gif\"> <font class=\"normalfont\">$rowTitle</font>";
$wh2 = $wh - 70;
if($wh2 < 350)
$wh2 = $wh;
if($popup < 1){
$wh2 = "";
}
mysql_close($conn);
$static_value = array ($blog_dir, $tabs, $rowMain, $rowContent,$id,$rowTitle,$lang_blog_commentBox,$lang_blog_readComments,
$lang_blog_date,$rowDate,$lang_blog_andTopicsWasRead,$rowViewers,$lang_blog_times, $wh2, $commentsList, $box,
$lang_blog_form_name, $lang_blog_form_country, $countries_list, $lang_blog_form_comment, $lang_blog_form_cc, $random, $lang_blog_submit, $blog_windows_encoding
);
$static_name = array ("{blog_dir}","{tabs}", "{rowMain}", "{rowContent}","{id}", "{rowTitle}", "{lang_blog_commentBox}" , "{lang_blog_readComments}","{lang_blog_date}","{rowDate}","{lang_blog_andTopicsWasRead}","{rowViewers}","{lang_blog_times}", "{wh}", "{comments}", "{box}", "{lang_blog_form_name}", "{lang_blog_form_country}", "{countries_list}", "{lang_blog_form_comment}",
"{lang_blog_form_cc}", "{random}", "{lang_blog_submit}", "{blog_windows_encoding}"
);
$file = $new_template->load_template ("templates/$defaultTemplate/topics.html");
$template = $new_template->replace_static($static_name, $static_value, $file);
if($popup < 1){
$static_value = array ($lang_blog_secionsList, $sections_list);
$static_name = array ("{lang_blog_secionsList}","{sections_list}");
$file = $new_template->load_template ("templates/$defaultTemplate/sideMenu.html");
$side_menu = $new_template->replace_static($static_name, $static_value, $file);
$static_value = array (
$blog_slogan, $lang_blog_search, $lang_blog_recentTopics,
$tree_map, $css, $side_menu,$template, $blog_dir, $blog_name,
$meta, $social_networks, $copyrights, $lang_blog_emailMe, $lang_blog_joinMyMainingList,
$lang_blog_MyFriends, $lang_blog_visitors, $visitors,$popupDefine, $blog_windows_encoding
);
$static_name = array (
"{blog_slogan}","{lang_blog_search}", "{lang_blog_recentTopics}",
"{tree_map}", "{css}", "{side_menu}", "{page_content}", "{blog_dir}", "{blog_name}",
"{meta}", "{social_networks}", "{copyrights}", "{lang_blog_emailMe}", "{lang_blog_joinMyMainingList}",
"{lang_blog_MyFriends}", "{lang_blog_visitors}", "{visitors}", "{popupDefine}", "{blog_windows_encoding}"
);
$header = $new_template->load_template ("templates/$defaultTemplate/header.html");
$body = $new_template->load_template ("templates/$defaultTemplate/layout.html");
$footer = $new_template->load_template ("templates/$defaultTemplate/footer.html");
$template = $new_template->replace_static($static_name, $static_value, $header . $body . $footer);
}
echo $template;
}
// 2: Save Comment
else if(($action == "SaveComment")&&(!empty($id))){
$erorr = 0;
$name = htmlspecialchars($_POST['name']);
$comment = htmlspecialchars($_POST['comment']);
$code = $_POST['code'];
$code2 = $_POST['code2'];
$location = $_POST['location'];
if(empty($name)){
$erorr++;
}
if(empty($comment)){
$erorr++;
}
if($code != $code2){
$erorr++;
}
if($erorr < 1)
{
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$newID = 0;
$query = "SELECT id FROM eblog_comments ORDER BY id ASC";
$result = mysql_query($query);
$rowDate = date("d-m-Y");
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$newID = $row['id'];
}
$newID++;
$result2 = mysql_query("SELECT auto_validate, enable1, bad_words, replace_words FROM eblog_settings WHERE id = '1'");
$row2 = mysql_fetch_row($result2);
$statusID = $row2[0];
$enable1 = $row2[1];
$badWords = $row2[2];
$replacment = $row2[3];
if($statusID == 0)
{$messageToShow = $lang_blog_commentUnderReview;}
if($statusID == 1)
{$messageToShow = $lang_blog_commentAdded;}
$LOFW = explode(",", $badWords);
$ArrayLength = count($LOFW);
$driver = 0;
while($driver < $ArrayLength)
{
$thisFW = $LOFW[$driver];
$comment = str_replace($thisFW, $replacment, $comment);
$driver++;
}
$driver = 0;
while($driver < $ArrayLength)
{
$thisFW = $LOFW[$driver];
$name = str_replace($thisFW, $replacment, $name);
$driver++;
}
mysql_query("INSERT INTO eblog_comments VALUES ('$newID', '$name', '$rowDate', '$comment', '$id','$statusID','$location')");
if($enable1 == 1)
{
$result2 = mysql_query("SELECT comments FROM eblog_alerts WHERE id = '1'");
$row2 = mysql_fetch_row($result2);
$currentAlerts = $row2[0];
$currentAlerts = $currentAlerts + 1;
$sql="UPDATE eblog_alerts SET comments='$currentAlerts' WHERE id = '1'";
$result=mysql_query($sql);
$query = "SELECT id FROM eblog_new";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$thisNewID = $row['id'];
}
$thisNewID++;
mysql_query("INSERT INTO eblog_new VALUES ('$thisNewID', '$newID', '1')");
}
mysql_close($conn);
echo "
<script type='text/javascript'>
alert('$messageToShow');
window.location='topics.php?action=CommentForm&id=$id';
</script>
";
}
}
// 3: Show Comment Form
else if($action == "CommentForm")
{
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$random = rand(18989, 99999);
$countries_list = "<select name=\"location\">";
$query = "SELECT id, name FROM eblog_countries";
$result = mysql_query($query);
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$ThisRowID = $row['id'];
$ThisRowName = $row['name'];
if($ThisRowID == $location)
{
$countries_list = $countries_list . "<option value=\"$ThisRowID\" SELECTED>$ThisRowName</option>";
}
else
{
$countries_list = $countries_list . "<option value=\"$ThisRowID\">$ThisRowName</option>";
}
}
$countries_list = $countries_list . "</select>";
$box = $new_template->load_template ("templates/$defaultTemplate/commentForm.html");
$static_value = array ($blog_dir, $tabs, $rowMain, $rowContent,$id,$rowTitle,$lang_blog_commentBox,$lang_blog_readComments,
$lang_blog_date,$rowDate,$lang_blog_andTopicsWasRead,$rowViewers,$lang_blog_times, $wh2, $commentsList, $box,
$lang_blog_form_name, $lang_blog_form_country, $countries_list, $lang_blog_form_comment, $lang_blog_form_cc, $random, $lang_blog_submit, $blog_windows_encoding, $lang_erorr_code149, $lang_erorr_code150, $lang_erorr_code151
);
$static_name = array ("{blog_dir}","{tabs}", "{rowMain}", "{rowContent}","{id}", "{rowTitle}", "{lang_blog_commentBox}" , "{lang_blog_readComments}","{lang_blog_date}","{rowDate}","{lang_blog_andTopicsWasRead}","{rowViewers}","{lang_blog_times}", "{wh}", "{comments}", "{box}", "{lang_blog_form_name}", "{lang_blog_form_country}", "{countries_list}", "{lang_blog_form_comment}",
"{lang_blog_form_cc}", "{random}", "{lang_blog_submit}", "{blog_windows_encoding}", "{lang_erorr_code149}", "{lang_erorr_code150}", "{lang_erorr_code151}"
);
$box = $new_template->replace_static($static_name, $static_value, $box);
echo $box;
mysql_close($conn);
}
// 4: Show comments of given topic
else if(($action == "ShowComment")&&(!empty($id))){
$conn = mysql_connect($dbhost, $dbuser, $dbpass);
mysql_select_db($dbname);
$query = "SELECT * FROM eblog_comments WHERE topicID = $id ORDER BY id DESC";
$result = mysql_query($query);
$totalComments = 0;
$commentsList = "";
while($row = mysql_fetch_array($result, MYSQL_ASSOC))
{
$rowAuthor = $row['author'];
$rowDate = $row['date'];
$chunks = explode("-",$rowDate);
$toGet = $chunks[1];$rowDate = $chunks[0] . " " . $MonthsArray[$toGet] . " " . $chunks[2];
$rowContent = $row['contents'];
$rowLocation = $row['location'];
$result3 = mysql_query("SELECT name FROM eblog_countries WHERE id = '$rowLocation'");
$row3 = mysql_fetch_row($result3);
$rowCountry = $row3[0];
$static_value = array ($lang_blog_date, $rowDate, $lang_blog_byAuthor, $rowAuthor, $lang_blog_from, $rowCountry, $rowContent);
$static_name = array ("{lang_blog_date}","{rowDate}", "{lang_blog_byAuthor}", "{rowAuthor}", "{lang_blog_from}", "{rowCountry}", "{rowContent}");
$m = $new_template->load_template ("templates/$defaultTemplate/comment.html");
$m = $new_template->replace_static($static_name, $static_value, $m);
$commentsList = $commentsList . $m;
$totalComments++;
}
if($totalComments < 1)
{
$static_value = array ();
$static_value = array ("", "", "", "", "", "", $lang_blog_noComments . "<br> ");
$static_name = array ("{lang_blog_date}","{rowDate}", "{lang_blog_byAuthor}", "{rowAuthor}", "{lang_blog_from}", "{rowCountry}", "{rowContent}");
$commentsList = $new_template->load_template ("templates/$defaultTemplate/comment.html");
$commentsList = $new_template->replace_static($static_name, $static_value, $commentsList);
}
$static_value = array ($blog_dir, $blog_windows_encoding);
$static_name = array ("{blog_dir}", "{blog_windows_encoding}");
$m = $new_template->load_template ("templates/$defaultTemplate/includes.html");
$m = $new_template->replace_static($static_name, $static_value, $m);
$commentsList = $m . $commentsList;
echo $commentsList;
mysql_close($conn);
}
// 5: Else, show error message
else
{
echo "
<script type='text/javascript'>
alert('$lang_erorr_PgaeNotFound');
parent.location='index.php';
</script>
";
}
?>