<?PHP
/*
[Start: Program Information Header]
Name : Photolibrary: Comments
Purpose : Collate all photo comments on one page
Syntax :
[End: Program Information Header]
[Start: Author Information Header]
Name : James D. Forrester
E-mail : hide@address.com
Name : Ed Sanders
E-mail : hide@address.com
[End: Author Information Header]
*/
require('include.initialise.php');
if($settings['disable_stats']) die('Disabled.'); //lang
$page_title = language('comments');
include('include.menu.php');
if(isset($_GET['approved']) and isset($_GET['id']) and $_SESSION['PL_admin'])
{
$approved = getInt('approved');
$id = getInt('id');
mysql_query("UPDATE photocomments SET approved = '$approved' WHERE id = '$id'") or trigger_error(mysql_error(), E_USER_ERROR);
$hash = mysql_result(mysql_query("SELECT hash FROM photocomments WHERE id = '$id'"), 0);
update_comments($hash);
}
if(isset($_GET['delete']) and $_SESSION['PL_admin'])
{
$delete = getInt('delete');
$hash = mysql_result(mysql_query("SELECT hash FROM photocomments WHERE id = '$delete'"), 0);
mysql_query("DELETE FROM photocomments WHERE id = '$delete'") or trigger_error(mysql_error(), E_USER_ERROR);
update_comments($hash);
}
$table_name = 'photos';
if(!$_SESSION['PL_priv'])
{
mysql_query("
CREATE TEMPORARY TABLE photos_temp (PRIMARY KEY(hash)) TYPE=MyISAM
SELECT photos.*
FROM photos
INNER JOIN photostocategories as cat USING(hash)
WHERE category = '$public_category'
GROUP BY photos.hash") or trigger_error(mysql_error(), E_USER_ERROR);
$table_name .= '_temp';
}
format_html('<table cellspacing="0" cellpadding="3"><tr><td style="width:50%;" colspan="2"><table><tr><td></td></tr>');
$i = 0;
$oldhash = '';
$query_handle = mysql_query("
SELECT id, photocomments.hash, edited_hash, name, email, comment, approved, UNIX_TIMESTAMP(timestamp) AS timestamp, width, height, orientation, type, hits
FROM photocomments
INNER JOIN $table_name USING(hash)
ORDER BY taken DESC, photocomments.hash, timestamp DESC") or trigger_error(mysql_error(), E_USER_ERROR);
$results = mysql_num_rows($query_handle);
while($array = mysql_fetch_assoc($query_handle))
{
extract($array);
if($approved or $_SESSION['PL_admin'])
{
if($oldhash != $hash)
{
format_html('</table></td>');
if(!$i)
format_html('</tr><tr class="exif" valign="top">');
format_html('<td align="center" style="width:'.($settings['thumb_size']+10).'px">');
include('include.thumbnail.php');
format_html('<br /> <small><a href="javascript:comment(\''.$hash.'\', 1);">'.language('comments-add').'</a></small>');
format_html('</td><td style="padding-right:4%;"><table cellspacing="0" cellpadding="5" width="100%">');
$i = 1 - $i;
}
$email = str_replace("@", " at ", $email);
$fill = ($approved ? 'filled' : 'unassign');
format_html('<tr><td class="'.$fill.' '.($oldhash != $hash ? 'overlined' : '').'">'.($name ? $name : '<em>Anonymous</em>').($email ? ' <small>('.$email.')</small>' : '').':</td>');
if($_SESSION['PL_admin'])
format_html('<td rowspan="2" align="right" class="'.$fill.' '.($oldhash != $hash ? 'bothlines' : 'underlined').'"><small><a href="?approved='.(1-$approved).'&id='.$id.'">'.($approved ? 'disapprove' : 'approve').'</a><br /><a href="javascript:confirmLink(language(\'delete-comment-confirm\'), \'?delete='.$id.'\');">delete</a></small></td>');
format_html('</tr><tr><td class="'.$fill.' underlined">'.$comment.'<br /><span class="small" style="float: right;">'.language('posted').': '.full_date($timestamp).' '.strftime("%H:%M", $timestamp).'</span></td></tr>');
$oldhash = @$hash;
}
}
format_html('</table></td>');
if($i)
format_html('<td style="width:50%;" colspan="2"> </td>');
mysql_query("DROP TABLE IF EXISTS photos_temp") or trigger_error(mysql_error(), E_USER_ERROR);
format_html('</tr></table>');
include('include.footer.php');
?>