<?php include('design/header.php'); ?>
<script type="text/javascript">
function insert(was) {
document.form.comment.value += was + " ";
document.form.comment.focus();
}
</script>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="50%" align="left" valign="top"><a href="<?php echo $index; ?>">Blog Index</a> » Suchergebnis</td>
<td width="50%" align="right" valign="top"><?php
if(isset($_GET['id'])) {
$blog_id = mysql_real_escape_string($_GET['id']);
}else{
echo '<p>Wählen Sie einen Blog-Kommentar aus</p>';
exit();
}
$abfrage = mysql_query("SELECT blog_id FROM comments WHERE blog_id2 = '" . $blog_id . "'");
$total = mysql_num_rows($abfrage);
echo '<u>' . $total . ' Kommentare</u>';
?></td>
</tr>
<tr>
<td colspan="2"><br /><div id="line"> </div></td>
</tr>
<tr>
<td colspan="2"><?php
include('data/config.php');
include('data/bbcode.php');
if((isset($_GET['id'])) && (is_numeric($_GET['id']))) {
$id = mysql_real_escape_string($_GET['id']);
}elseif( (isset($_POST['id'])) && (is_numeric($_POST['id']))) {
$id = mysql_real_escape_string($_POST['id']);
}else{
echo '<p class="false">Wählen Sie einen Beitrag aus!</p>';
exit();
}
$query = "SELECT title, post, author, date FROM blog WHERE blog_id='$id'";
$result = mysql_query($query);
if($result) {
$row = mysql_fetch_array($result, MYSQL_ASSOC);
echo '<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td colspan="2"><h1>' . htmlentities($row['title'], ENT_QUOTES) . '</h1></td>
</tr>
<tr>
<td width="70%" align="left">Von: <a href="mailto:' . $webmaster . '">' . htmlentities($row['author'], ENT_QUOTES) . '</a></td>
<td width="30%" align="right">' . date('d.m.Y - H:i', strtotime($row['date'])) . ' Uhr</td>
</tr>
<tr>
<td colspan="2"><div id="line"> </div></td>
</tr>
<tr>
<td colspan="2"><p>' . parseBBCode2HTML(nl2br(stripslashes(strip_tags($row['post'])))) . '</p></td>
</tr>
</table>';
if(isset($_GET['id'])) {
$blog_id = mysql_real_escape_string($_GET['id']);
}else{
echo '<p class="false">Wählen Sie einen Beitrag aus!</p>';
exit();
}
$pfad = "comments.php?id=" . $blog_id;
$query = mysql_query("SELECT blog_id FROM comments WHERE blog_id2 = '" . $blog_id . "'");
$total = mysql_num_rows($query);
$seiten = ceil($total / $datensaetze_pro_comment);
if(empty($_GET['page'])){
$page = 1;
}elseif($_GET['page'] <= 0 || $_GET['page'] > $seiten){
$page = 1;
}else{
$page = mysql_real_escape_string($_GET['page']);
}
$links = array();
if(($page - $p) < 1){ $davor = $page - 1; }else { $davor = $p; }
if(($page + $p) > $seiten){ $danach = $seiten - $page; }else{ $danach = $p; }
$off = ($page - $davor);
if ($page- $davor > 1){
$first = 1;
$links[] = "<a href=\"$pfad&page=$first\" title=\"Zur ersten Seite springen\">« Erste ...</a>\n";
}
if($page != 1){
$prev = $page-1;
$links[] = "<a href=\"$pfad&page=$prev\" title=\"Eine Seite zurueck blaettern\"> «</a>\n";
}
for($i = $off; $i <= ($page + $danach); $i++){
if ($i != $page){
$links[] = "<a href=\"$pfad&page=$i\">$i</a>\n";
}elseif($i == $seiten) {
$links[] = "<span class=\"current\">[ $i ]</span>\n";
}elseif($i == $page){
$links[] = "<span class=\"current\">[ $i ]</span>\n";
}
}
if($page != $seiten){
$next = $page+1;
$links[] = "<a href=\"$pfad&page=$next\" title=\"Eine Seite weiter blaettern\"> »</a>\n";
}
if($seiten - $page - $p > 0 ){
$last = $seiten;
$links[] = "<a href=\"$pfad&page=$last\" title=\"Zur letzten Seite springen\">... Letzte »</a>\n";
}
$start = ($page-1) * $datensaetze_pro_comment;
$link_string = implode(" ", $links);
$query = "SELECT * FROM comments WHERE blog_id2 = '" . $blog_id . "' ORDER BY date DESC LIMIT $start,$datensaetze_pro_comment";
$result = mysql_query($query);
echo '<h1>Kommentare</h1>';
while($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
echo '<table width="100%" class="tables">
<tr>
<td colspan="2"><h2>' . htmlentities($row['title'], ENT_QUOTES) . '</h2></td>
</tr>
<tr>
<td width="10%" valign="top"><strong>Author:</strong></td>
<td width="90%" valign="top">' . htmlentities($row['author'], ENT_QUOTES) . '</td>
</tr>
<tr>
<td width="10%" valign="top"><strong>Kommentar:</strong></td>
<td width="90%" valign="top">' . parseBBCode2HTML(nl2br(stripslashes(strip_tags($row['comment'])))) . '</td>
</tr>
<tr>
<td colspan="2"><br /></td>
</tr>
</table>';
}
echo '<br /><div id="navigation">';
echo '<span class="pages">Seite ' . $page . ' von ' . $seiten . '</span>';
echo $link_string;
echo '</div><br />';
if(isset($_POST['submitted'])) {
$errors = array();
if(empty($_POST['title'])) {
$errors[] = '<p>Geben Sie einen Titel ein</p>';
}else{
$title = mysql_real_escape_string($_POST['title']);
}
if(empty($_POST['author'])) {
$errors[] = '<p>Geben Sie Ihren Namen ein</p>';
}else{
$author = mysql_real_escape_string($_POST['author']);
}
if(empty($_POST['comment'])) {
$errors[] = '<p>Geben Sie einen Kommentar ein</p>';
}else{
$comment = mysql_real_escape_string($_POST['comment']);
}
if(empty($errors)) {
$query = "INSERT INTO comments (blog_id2, title, author, comment, date) VALUES ($blog_id, '$title', '$author', '$comment', NOW())";
$result = mysql_query($query);
if($result) {
echo '<p class="blue">Ihr Kommentar wurde erfolgreich eingetragen!</p>
<p><img src="design/dot.png" alt="weiter" /> <a href="comments.php?id=' . $blog_id . '">Weiter</a></p>';
}else{
echo '<p>Es ist ein Fehler aufgetreten - Versuchen Sie es erneut.</p>
<p><img src="design/dot.png" alt="zurück" /> <a href="comments.php?id=' . $blog_id . '">Klick hier</a></p>';
}
}else{
echo '<p>Es ist ein Fehler aufgetreten:</p>';
foreach ($errors as $msg) {
echo '' . $msg . '<br />';
}
}
}else{
include_once('data/flood.php');
echo '<div id="line"> </div>';
echo '<h1>Kommentar schreiben</h1><a name="comment" id="comment"></a>';
echo "<a name=\"comment\" id=\"comment\"></a><form action=\"\" method=\"post\" name=\"form\" />
<p><input type=\"text\" name=\"title\" class=\"textfield\" maxlength=\"70\" size=\"30\" value=\"" . htmlentities($_POST['title']) . "\" /> <strong>Titel</strong></p>
<p><input type=\"text\" name=\"author\" class=\"textfield\" length=\"25\" maxlength=\"50\" size=\"30\" value=\"" . htmlentities($_POST['author']) . "\" /> <strong>Name</strong></p>
<p><strong>Kommentar</strong><br />
<textarea cols=\"45\" rows=\"8\" name=\"comment\" class=\"textfield\">" . nl2br(stripslashes($_POST['comment'])) . "</textarea></p>
<p> <a href=\"javascript:insert(':P','')\"><img border=\"0\" src=\"design/smileys/000.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert(':)','')\"><img border=\"0\" src=\"design/smileys/001.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert(';)','')\"><img border=\"0\" src=\"design/smileys/002.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert(':(','')\"><img border=\"0\" src=\"design/smileys/003.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert('*grr*','')\"><img border=\"0\" src=\"design/smileys/004.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert('o_o','')\"><img border=\"0\" src=\"design/smileys/005.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert('*_*','')\"><img border=\"0\" src=\"design/smileys/006.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert('._.','')\"><img border=\"0\" src=\"design/smileys/007.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert('-_-','')\"><img border=\"0\" src=\"design/smileys/008.gif\" width=\"15\" height=\"14\" /></a>
<a href=\"javascript:insert(':D','')\"><img border=\"0\" src=\"design/smileys/009.gif\" width=\"15\" height=\"14\" /></a></p>
<p><small>Spamschutzfrage *</small><br />
<strong>Die Summe aus " . $random1 . " + " . $code . " =</strong> <input size=\"5\" name=\"zip\" id=\"Spamschutz\" type=\"text\" class=\"textfield\" /><input type=\"hidden\" name=\"zip2\" value=" . $rand_result . " /></p>
<p><input type=\"submit\" name=\"submit\" class=\"textfield\" value=\"Kommentar abgeben\" /></p>
<input type=\"hidden\" name=\"submitted\" value=\"TRUE\" />
</form>";
}
}
?><br /></td>
</tr>
</table>
<?php mysql_close($db); ?>
<?php include('design/footer.php'); ?>