Location: PHPKode > projects > PHPFreeNews > phpfn/Inc/CommentsApproval.php
<?php

/*	+--------------------------------------------------------------
	| PHPFreeNews - News Headlines on your website                |
	| Developed by Jim Willsher.                                  |
	| http://www.phpfreenews.co.uk                                |
	+-------------------------------------------------------------+
*/

if (! defined('IN_PHPFN'))
	die('Illegal attempt to access script directly!');

// Perform updates?
if (isset($_POST['Approve']))
{
	$ID = isset($_POST['commentid']) ? $_POST['commentid'] : '0';
	$Comment = isset($_POST['Comment']) ? $_POST['Comment'] : '';
	if ($ID != 0)
		mysql_query("UPDATE news_comments SET Comment = '$Comment', Approved='1' WHERE ID='$ID'");
}

if (isset($_POST['Unapprove']))
{
	$ID = isset($_POST['commentid']) ? $_POST['commentid'] : '0';
	$Comment = isset($_POST['Comment']) ? $_POST['Comment'] : '';
	if ($ID != 0)
		mysql_query("UPDATE news_comments SET Comment = '$Comment', Approved='0' WHERE ID='$ID'");
}

if (isset($_POST['Update']))
{
	$ID = isset($_POST['commentid']) ? $_POST['commentid'] : '0';
	$Comment = isset($_POST['Comment']) ? $_POST['Comment'] : '';

	if ($ID != 0)
		mysql_query("UPDATE news_comments SET Comment = '$Comment' WHERE ID='$ID'");
}

if (isset($_POST['Delete']))
{
	$ID = isset($_POST['commentid']) ? $_POST['commentid'] : '0';
	if ($ID != 0)
		mysql_query("DELETE FROM news_comments WHERE ID='$ID'");
}

$ListOffset = isset($_GET['offset']) ? $_GET['offset'] : '0';
$ReturnText = ' Click <A href="' . $AdminScript . '?action=NewsList">here</A> to return to the news items';

// If specified, store into the session the restriction-information
SetAdminCurrentRestrictions();

$RestrictCatId = $_SESSION['RestrictCategory'];
$Approved = $_SESSION['RestrictApproved'];
$PerPage = $_SESSION['PerPage'];
$ShowPage = isset($_REQUEST['ShowPage']) ? $_REQUEST['ShowPage'] : 1;

// Determine the number of records in the file, and work out the number of pages
$sql = "SELECT news_posts.ID AS NewsID, Headline, news_comments.ID AS CommentID, IPAddress, news_comments.Approved, Comment, news_comments.CommentDateTime, news_comments.Name, news_comments.EmailAddress";
$sql .= " FROM news_posts INNER JOIN news_comments ON news_posts.ID = news_comments.ArticleID";
$where = '';

// Apply any category-restriction
$where .= ApplyAdminCategoryRestriction($RestrictCatId);

// Restrict by Approved?
if ($Approved != '-')
	$where .= ' AND news_comments.Approved=' . $Approved;

// User can edit any posts?
if (!$LoggedInEditAnyPost)
	$where .= ' AND news_posts.AuthorID=' . $LoggedInUserId;

$where .= " AND VerificationCode = 'OK'";

$results = mysql_query($sql . $where); 
$NumRecords = mysql_num_rows($results);

$RecStart = $PerPage * ($ShowPage-1); 
$PageNavBar = ConstructPagingBar($_SERVER['PHP_SELF'].'?action=CommentsApproval', $NumRecords, $PerPage, $ShowPage, $RecStart, $AdminPageBarEntries, '', '');

DisplayGroupHeading("Approve Comments - Page $ShowPage");
?>
<br />
<table class="Admin">
	<tr>
		<td class="FieldPrompt">
			<form action="<?=$AdminScript?>?action=CommentsApproval" method="post">
				Per Page <?= BuildPerPageDropdown('PerPage', $PerPage, true) ?>
				Category <?= BuildUserCategoryDropdown('CatID', $RestrictCatId, false, true) ?>
				Approved <?= BuildApprovedDropdown('Approved', $Approved, true) ?>
				<input class="but" type="submit" name="submit" value="Filter" />
			</form>
		</td>
	</tr>
</table>
<br />
<table class="Admin">
	<tr>
		<td>
			<table class="Admin">
				<?php
				// Now process the resultset
				$PrevNewsID = -1;

				$sql .= $where;
				$sql .= " LIMIT $RecStart, $PerPage";
				$results =	mysql_query($sql);
				while ($row = mysql_fetch_array($results))
				{
					$NewsID = $row['NewsID'];
					$CommentID = $row['CommentID'];
					$Name = $row['Name'];
					$EmailAddress = $row['EmailAddress'];
					$Approved = $row['Approved'];
					$IPAddress = $row['IPAddress'];
					$CommentDateString = date($NewsDisplay_DateFormat, strtotime($row['CommentDateTime'])) . '&nbsp;' . date($NewsDisplay_TimeFormat, strtotime($row['CommentDateTime']));

					// New news article? Display the details
					if ($PrevNewsID != $NewsID)
					{
						$PrevNewsID = $NewsID;
						?>
						<tr>
							<td class="NewsListNonSticky" colspan="2">
								<hr size="3" width="100%">
								<?=$row['Headline']?>
							</td>
						</tr>
						<?
					}
					?>

					<tr>
						<form method="post" action="<?=$AdminScript?>?action=CommentsApproval">
							<td class="NewsListNonSticky">
								&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<textarea name="Comment" cols="48" rows="8"><?=$row['Comment']?></textarea>
							</td>
							<td class="C">
								Name: <?=$Name?><br />
								Email: <?=$EmailAddress?><br />
								IP=<?=$IPAddress?><br />
								<?=$CommentDateString?></BR>
								(<?= ($Approved == "1" ? "Approved" : "Unapproved") ?>)<br />
								<input class="but" type="hidden" name="commentid" value="<?=$CommentID?>" />
								<input class="but" type="submit" name="Approve" value="Approve" />
								<input class="but" type="submit" name="Unapprove" value="Unapprove" /><br /><br />
								<input class="but" type="submit" name="Update" value="Update" />
								<input class="but" type="submit" name="Delete" value="Delete" onclick="return confirm('Delete this comment?');" />
							</td>
						</form>
					</tr>
					<?php
				}
				?>
			</table>
			<br /><br />
			<div align="center">
				<?= $PageNavBar ?>
				<br />
			</div>
		</td>
	</tr>
</table>
<?php
?>
Web-based Email Marketing Software for sending email newsletters
Return current item: PHPFreeNews