Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/NS-Comments/index.php
<?php
// File: $Id: index.php,v 1.31 2001/12/07 13:26:44 chv Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Original Author of file: Francisco Burzi
// Purpose of file: 
// ----------------------------------------------------------------------


if (!defined("LOADED_AS_MODULE")) {
         die ("You can't access this file directly...");
     }

include 'mainfile.php';

if (file_exists("language/$currentlang/comments.php"))
    {
       include "language/$currentlang/comments.php";
    } elseif (file_exists("language/eng/comments.php")) {
       include "language/eng/comments.php";
    }
    
function modtwo($tid, $score, $reason) {
    global $reasons;
    echo " | <select name=dkn$tid>";
    for($i=0; $i<sizeof($reasons); $i++) {
        echo "<option value=\"$score:$i\">$reasons[$i]</option>\n";
    }
    echo "</select>";
}

function modthree($sid, $mode, $order, $thold=0) {
    global $userimg;
    echo "<center><input type=\"hidden\" name=\"sid\" value=\"$sid\">"
        ."<input type=\"hidden\" name=\"mode\" value=\"$mode\">"
        ."<input type=\"hidden\" name=\"order\" value=\"$order\">"
        ."<input type=\"hidden\" name=\"thold\" value=\"$thold\">"
        ."<input type=\"hidden\" name=\"req\" value=\"moderate\">"
        ."<input type=\"submit\" value=\""._MODERATE."\">"
        ."<input type=\"hidden\" name=\"op\" value=\"modload\">"
        ."<input type=\"hidden\" name=\"name\" value=\"NS-Comments\">"
        ."<input type=\"hidden\" name=\"file\" value=\"index\">"
        ."</form></center>";
}

function navbar($info, $sid, $title, $thold, $mode, $order) {
    global $user, $bgcolor1, $bgcolor2, $textcolor1, $textcolor2, $anonpost, $pntable, $pid, $dbconn;
    $result = $dbconn->Execute("SELECT count({$pntable['comments_column']['sid']}) 
                                                         FROM $pntable[comments] 
                                                         WHERE {$pntable['comments_column']['sid']}=$sid");
    list($count) = $result->fields;
    if(!isset($thold)) {
        $thold=0;
    }
    echo "\n\n<!-- COMMENTS NAVIGATION BAR START -->\n\n";
    echo "<table width=\"99%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n";
    if($title) {
        echo "<tr><td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-title\">\"$title\"</font><font class=\"pn-normal\"> | </font>";
            if(is_user($user)) {
                echo "<a class=\"pn-normal\" href=\"user.php?op=editcomm\">"._CONFIGURE."</a>";
            } else {
                echo "<a class=\"pn-normal\" href=\"user.php\">"._LOGINCREATE."</a>";
            }
            if(($count==1)) {
                echo "<font class=\"pn-normal\"> | $count "._COMMENT."</font></td></tr>\n";
            } else {
                echo "<font class=\"pn-normal\"> | $count "._COMMENTS."</font></td></tr>\n";
            }
    }
    echo "<tr><td bgcolor=\"$bgcolor1\" align=\"center\" width=\"100%\">\n"
        ."<table border=\"0\"><tr><td>\n"
        ."<form method=\"post\" action=\"modules.php\">\n"
        ."<font class=\"pn-normal\">"._THRESHOLD."</font> <select name=\"thold\">\n"
        ."<option value=\"-1\"";
    if ($thold == -1) {
        echo " selected";
    }
    echo ">-1</option>\n"
         ."<option value=\"0\"";
    if ($thold == 0) {
        echo " selected";
    }
    echo ">0</option>\n"
         ."<option value=\"1\"";
    if ($thold == 1) {
        echo " selected";
    }
    echo ">1</option>\n"
         ."<option value=\"2\"";
    if ($thold == 2) {
        echo " selected";
    }
    echo ">2</option>\n"
         ."<option value=\"3\"";
    if ($thold == 3) {
        echo " selected";
    }
    echo ">3</option>\n"
         ."<option value=\"4\"";
    if ($thold == 4) {
        echo " selected";
    }
    echo ">4</option>\n"
         ."<option value=\"5\"";
    if ($thold == 5) {
        echo " selected";
    }
    echo ">5</option>\n"
         ."</select> <select name=mode>"
         ."<option value=\"nocomments\"";
    if ($mode == 'nocomments') {
        echo " selected";
    }
    echo ">"._NOCOMMENTS."</option>\n"
         ."<option value=\"nested\"";
    if ($mode == 'nested') {
        echo " selected";
    }
    echo ">"._NESTED."</option>\n"
         ."<option value=\"flat\"";
    if ($mode == 'flat') {
        echo " selected";
    }
    echo ">"._FLAT."</option>\n"
         ."<option value=\"thread\"";
    if (!isset($mode) || $mode=='thread' || $mode=="") {
        echo " selected";
    }
    echo ">"._THREAD."</option>\n"
         ."</select> <select name=\"order\">"
         ."<option value=\"0\"";
    if (!$order) {
        echo " selected";
    }
    echo ">"._OLDEST."</option>\n"
         ."<option value=\"1\"";
    if ($order == 1) {
        echo " selected";
    }
    echo ">"._NEWEST."</option>\n"
         ."<option value=\"2\"";
    if ($order == 2) {
        echo " selected";
    }
    echo ">"._HIGHEST."</option>\n"
         ."</select>\n"
         ."<input type=\"hidden\" name=\"op\" value=\"modload\">\n"
         ."<input type=\"hidden\" name=\"name\" value=\"News\">\n"
         ."<input type=\"hidden\" name=\"file\" value=\"article\">\n"
         ."<input type=\"hidden\" name=\"sid\" value=\"$sid\">\n"
         ."<input type=\"submit\" value=\""._REFRESH."\"></form>\n";
    if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_COMMENT)) {
        echo "</td><td bgcolor=\"$bgcolor1\"><form action=\"modules.php\" method=\"post\">"
            ."<input type=\"hidden\" name=\"op\" value=\"modload\">"
            ."<input type=\"hidden\" name=\"name\" value=\"NS-Comments\">"
            ."<input type=\"hidden\" name=\"file\" value=\"index\">"
            ."<input type=\"hidden\" name=\"pid\" value=\"$pid\">"
            ."<input type=\"hidden\" name=\"sid\" value=\"$sid\">"
            ."<input type=\"hidden\" name=\"req\" value=\"Reply\">"
            ."&nbsp;&nbsp;<input type=\"submit\" value=\""._REPLYMAIN."\">";
    }
    echo "</form></td></tr></table>\n"
        ."</td></tr>"
        ."<tr><td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-sub\">"._COMMENTSWARNING."</font></td></tr>\n"
        ."</table>"
        ."\n\n<!-- COMMENTS NAVIGATION BAR END -->\n\n";
}

function DisplayKids ($tid, $mode, $order=0, $thold=0, $level=0, $dummy=0, $tblwidth=99) {
    global $datetime, $user, $cookie, $bgcolor1, $reasons, $anonymous, $anonpost, $commentlimit, $pntable, $dbconn;
    $comments = 0;
    cookiedecode($user);
        $column = &$pntable['comments_column'];
	
    $sql = "SELECT $column[tid], $column[pid], $column[sid], 
                              $column[date], 
                              $column[name], $column[email], $column[url], 
                              $column[host_name], $column[subject], $column[comment], 
                              $column[score], $column[reason] 
                              FROM $pntable[comments] 
                              WHERE $column[pid] = $tid 
                              ORDER BY $column[tid]";
    // 2 most popular first
    // 1 newest first
    // 0 - oldest first

    if ($order==1) $sql .= ", $column[date] DESC";
    if ($order==0) $sql .= ", $column[date] ASC";
    if ($order==2) $sql .= ", $column[score] DESC";
    $result = $dbconn->Execute($sql);

     // FTO Check EOF and databse error + do not use record count
        //FTO : Test database error

    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    if ($mode == 'nested') {
        /* without the tblwidth variable, the tables run of the screen with netscape */
        /* in nested mode in long threads so the text can't be read. */

// FTO Check EOF and databse error + do not use record count

        while(!$result->EOF) {

            list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;
            $r_date=$result->UnixTimeStamp($r_date);
            $result->MoveNext();
            if($r_score >= $thold) {
                if (!isset($level)) {
                } else {
                    if (!$comments) {
                        echo "<ul>";
                        $tblwidth -= 5;
                    }
                }
                $comments++;
                if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous;
                if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "["._NOSUBJECT."]";
                // HIJO enter hex color between first two appostrophe for second alt bgcolor
                $r_bgcolor = ($dummy%2)?"":"#E6E6D2";
                echo "<a name=\"$r_tid\">";
                echo "<table border=\"0\"><tr bgcolor=\"$bgcolor1\"><td>";
                $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
                if ($r_email) {
                    echo "<font class=\"pn-title\">$r_subject</font> <font class=\"pn-normal\">";
                    if(!$cookie[7]) {
                        echo "("._SCORE." $r_score";
                        if($r_reason>0) echo ", $reasons[$r_reason]";
                        echo ")";
                    }
                    echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$r_email\">$r_name</a> <font class=\"pn-normal\">($r_email)</font><font class=\"pn-sub\"> "._ON." $datetime</font>";
                } else {
                    echo "<font class=\"pn-title\">$r_subject</font>";
                    if(!$cookie[7]) {
                        echo "<font class=\"pn-normal\">("._SCORE." $r_score";
                        if($r_reason>0) echo ", $reasons[$r_reason]";
                        echo ")</font>";
                    }
                    echo "<br><font class=\"pn-sub\">"._BY." $r_name "._ON." $datetime</font>";
                }
                if ($r_name != $anonymous) { echo "<br><font class=\"pn-normal\">(<a class=\"pn-normal\" href=\"user.php?op=userinfo&amp;uname=$r_name&amp;module=NS-User\">"._USERINFO."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=Messages&amp;file=replypmsg&amp;send=1&amp;uname=$r_name\">"._SENDAMSG."</a>) "; }
                if (eregi("http://",$r_url)) { echo "<a class=\"pn-normal\" href=\"$r_url\" target=\"window\">$r_url</a> "; }
                echo "</font></td></tr><tr><td>";
                if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$r_sid&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a>";
                elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$r_sid&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a>";
                else echo "<font class=\"pn-normal\">$r_comment</font>";
                echo "</td></tr></table><br><br>";
                if ($anonpost==1 OR is_admin($admin) OR is_user($user)) {
                    echo "<font class=\"pn-normal\"> [ <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;req=Reply&amp;pid=$r_tid&amp;sid=$r_sid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a>";

                } else {
                    echo "[ "._NOANONCOMMENTS." ";
                }
                modtwo($r_tid, $r_score, $r_reason);
                echo " ]</font><br><br>";
                DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1, $tblwidth);
            }
        }
        } elseif ($mode == 'flat') {
// FTO Check EOF and databse error + do not use record count

            while(!$result->EOF) {

                list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;
                $r_date=$result->UnixTimeStamp($r_date);
                $result->MoveNext();
                if($r_score >= $thold) {
                    if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous;
                    if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "<font class=\"pn-normal\">["._NOSUBJECT."]</font>";
                    echo "<a name=\"$r_tid\">";
                    echo "<hr><table width=\"99%\" border=\"0\"><tr bgcolor=\"$bgcolor1\"><td>";
                    $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
                    if ($r_email) {
                        echo "<font class=\"pn-title\">$r_subject</font><font class=\"pn-normal\">";
                        if(!$cookie[7]) {
                            echo "("._SCORE." $r_score";
                            if($r_reason>0) echo ", $reasons[$r_reason]";
                            echo ")</font>";
                        }
                        echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$r_email\">$r_name</a> <font class=\"pn-normal\">($r_email)</font><font class=\"pn-sub\"> "._ON." $datetime</font>";
                     } else {
                        echo "<font class=\"pn-title\">$r_subject</font> <font class=\"pn-normal\">";
                        if(!$cookie[7]) {
                            echo "("._SCORE." $r_score";
                            if($r_reason>0) echo ", $reasons[$r_reason]";
                            echo ")";
                        }
                        echo "<br>"._BY." $r_name "._ON." $datetime";
                    }
                    if ($r_name != $anonymous) { echo "<br><font class=\"pn-normal\">(<a class=\"pn-normal\" href=\"user.php?op=userinfo&amp;uname=$r_name&amp;module=NS-User\">"._USERINFO."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=Messages&amp;file=replypmsg&amp;send=1&amp;uname=$r_name\">"._SENDAMSG."</a>)</font> "; }
                    if (eregi("http://",$r_url)) { echo "<a class=\"pn-normal\" href=\"$r_url\" target=\"window\">$r_url</a> "; }
                    echo "</font></td></tr><tr><td><font class=\"pn-normal\">";
                    if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><a  class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$r_sid&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a>";
                    elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$r_sid&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a>";
                    else echo $r_comment;
                    echo "</font></td></tr></table><br><br>";
                    if ($anonpost==1 OR is_admin($admin) OR is_user($user)) {
                        echo "<font class=\"pn-normal\"> [ <a class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;req=Reply&amp;pid=$r_tid&amp;sid=$r_sid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a>";
                    } else {
                        echo "[ "._NOANONCOMMENTS." ";
                    }
                    modtwo($r_tid, $r_score, $r_reason);
                    echo " ]</font><br><br>";
                    DisplayKids($r_tid, $mode, $order, $thold);
                }
            }
	} else {
          // FTO Check EOF and databse error + do not use record count

           while(!$result->EOF) {

                list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;
                $r_date=$result->UnixTimeStamp($r_date);
                $result->MoveNext();
                if($r_score >= $thold) {
                    if (!isset($level)) {
                    } else {
                        if (!$comments) {
                            echo "<ul>";
                        }
                    }
                    $comments++;
                    if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous;
                    if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "["._NOSUBJECT."]";
                    $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
                    echo "<li><font class=\"pn-normal\"><a         class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;req=showreply&amp;tid=$r_tid&amp;sid=$r_sid&amp;pid=$r_pid&amp;mode=$mode&amp;order=$order&amp;thold=$thold#$r_tid\">$r_subject</a></font><font class=\"pn-sub\"> "._BY." $r_name "._ON." $datetime</font><br>";
                    DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1);
                }
            }
        }
    if ($level && $comments) {
        echo "</ul>";
    }
}

function DisplayBabies ($tid, $level=0, $dummy=0) {
    global $datetime, $anonymous, $pntable, $dbconn;
    $comments = 0;
    $culumn = &$pntable['comments_column'];
    $result = $dbconn->Execute("SELECT $column[tid], $column[pid], $column[sid], 
                              $column[date], $column[name], 
                              $column[email], $column[url], $column[host_name], 
                              $column[subject], $column[comment], $column[score], 
                              $column[reason] 
                              FROM $pntable[comments] 
                              WHERE $column[pid] = $tid 
                              ORDER BY $column[date], $column[tid]");
// FTO Check EOF and databse error + do not use record count
    if (!$result) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

    while(!$result->EOF) {

        list($r_tid, $r_pid, $r_sid, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;
        $r_date=$result->UnixTimeStamp($r_date);
        $result->MoveNext();
        if (!isset($level)) {
        } else {
            if (!$comments) {
                echo "<ul>";
            }
        }
        $comments++;
        if (!eregi("[a-z0-9]",$r_name)) { $r_name = $anonymous; }
        if (!eregi("[a-z0-9]",$r_subject)) { $r_subject = "["._NOSUBJECT."]"; }
        $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
        echo "<a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;req=showreply&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">$r_subject</a></font><font class=\"pn-normal\"> "._BY." $r_name "._ON." $datetime<br>";
        DisplayBabies($r_tid, $level+1, $dummy+1);
    }
    if ($level && $comments) {
            echo "</ul>";
    }
}

function DisplayTopic ($info, $sid, $pid=0, $tid=0, $mode="thread", $order=0, $thold=0, $level=0, $nokids=0) {
    global $hr, $user, $datetime, $cookie, $mainfile, $admin, $commentlimit, $anonymous, $reasons, $anonpost, $foot1, $subject, $pntable, $dbconn;
    if($mainfile) {
        global $title, $bgcolor1, $bgcolor2, $bgcolor3;
    } else {
        global $title, $bgcolor1, $bgcolor2, $bgcolor3;
        include_once("mainfile.php");
        include("header.php");
    }
    if ($pid!=0) {
        include("header.php");
    }
    cookiedecode($user);
        $column = &$pntable['comments_column'];
    $selectcolumns = array ('tid' => 0,
                            'pid' => 0,
                            'sid' => 0,
                            'name' => 0,
                            'email' => 0,
                            'url' => 0,
                            'host_name' => 0,
                            'subject' => 0,
                            'comment' => 0,
                            'score' => 0,
                            'reason' => 0 );
    $q = "SELECT ";
    $q .= getColumnsViaHashKeys('comments', $selectcolumns);
    $q .= ", $column[date]" ;
    $q .= " FROM $pntable[comments] WHERE $column[sid]=$sid AND $column[pid]=$pid";
    if($thold != "") {
        $q .= " AND $column[score]>=$thold";
    } else {
        $q .= " AND $column[score]>=0";
    }

    // 2 most popular first
    // 1 newest first
    // 0 - oldest first

    if ($order==1) $q .= " ORDER BY $column[date] DESC";
    if ($order==0) $q .= " ORDER BY $column[date] ASC";
    if ($order==2) $q .= " ORDER BY $column[score] DESC";
    
// I've set $bruce to $sid because $sid was getting corrupted later.  
// I can't figure out where. - skribe

    $bruce = $sid; 


    $something = $dbconn->Execute("$q");

    navbar($info, $sid, $title, $thold, $mode, $order);
    if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_COMMENT)) {
        echo "<form action=\"modules.php\" method=\"post\">";
    }

// FTO Check EOF and databse error + do not use record count
    if (!$something) {
          PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
          die();
        }

      while(!$something->EOF) {

        list($tid, $pid, $sid, $name, $email, $url, $host_name, $subject, $comment, $score, $reason, $date) = $something->fields;
        $date=$something->UnixTimeStamp($date);
        $something->MoveNext();
        if ($name == "") { $name = $anonymous; }
        if ($subject == "") { $subject = "["._NOSUBJECT."]"; }
        echo "<a name=\"$tid\"></a>";
        echo "<table width=\"99%\" border=\"0\"><tr bgcolor=\"$bgcolor1\"><td width=\"500\">";        
        $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($date));
        if ($email) {
            echo "<font class=\"pn-title\">$subject <font class=\"pn-normal\">";
            if(!$cookie[7]) {
                echo "("._SCORE." $score";
                if($reason>0) echo ", $reasons[$reason]";
                echo ")";
            }
            echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$email\">$name</a> <b>($email)</b></font><font class=\"pn-sub\"> "._ON." $datetime";
        } else {
            echo "<font class=\"pn-title\">$subject</font><font class=\"pn-normal\">";
            if(!$cookie[7]) {
                echo "("._SCORE." $score";
                if($reason>0) echo ", $reasons[$reason]";
                echo ")";
            }
            echo "<br>"._BY." $name "._ON." $datetime";
        }

        /* If you are admin you can see the Poster IP address (you have this right, no?) */
        /* with this you can see who is flaming you... ha-ha-ha */

        if ($name != $anonymous) { echo "<br><font class=\"pn-normal\">(<a class=\"pn-normal\" href=\"user.php?op=userinfo&amp;uname=$name&amp;module=NS-User\">"._USERINFO."</a> | <a href=\"modules.php?op=modload&amp;name=Messages&amp;file=replypmsg&amp;send=1&amp;uname=$name\">"._SENDAMSG."</a>)</font> "; }
        if (eregi("http://",$url)) { echo "<a class=\"pn-normal\" href=\"$url\" target=\"window\">$url</a> "; }

        if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_ADMIN)) {
            $column = &$pntable['comments_column'];
            $result= $dbconn->Execute("SELECT $column[host_name] 
                                     FROM $pntable[comments] 
                                     WHERE $column[tid]=$tid");
            list($host_name) = $result->fields;
            echo "<br><font class=\"pn-normal\">(IP: $host_name)</font>";
        }

        echo "</font></td></tr><tr><td>";
        if(($cookie[10]) && (strlen($comment) > $cookie[10])) echo substr("$comment", 0, $cookie[10])."<br><br><b><a         class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$sid&tid=$tid&mode=$mode&order=$order&thold=$thold\">"._READREST."</a></b>";
        elseif(strlen($comment) > $commentlimit) echo substr("$comment", 0, $commentlimit)."<br><br><b><a         class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$sid&tid=$tid&mode=$mode&order=$order&thold=$thold\">"._READREST."</a></b>";
        else echo "<font class=\"pn-normal\">$comment</font>";
        echo "</td></tr></table><br><br>";
        if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_COMMENT)) {
            echo "<font class=\"pn-normal\"> [ <a class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;req=Reply&amp;pid=$tid&amp;sid=$sid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a>";

            if ($pid != 0) {
                $column = &$pntable['comments_column'];
                $pidResult = $dbconn->Execute("SELECT $column[pid] 
                                             FROM $pntable[comments] 
                                             WHERE $column[tid]=$pid");
                list($erin) = $pidResult->fields;
                echo " | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;sid=$sid&pid=$erin&mode=$mode&order=$order&thold=$thold\">"._PARENT."</a>";
            }
            if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_MODERATE)) {
                modtwo($tid, $score, $reason);
            }

            if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_DELETE)) {
                echo " | <a class=\"pn-normal\" href=\"admin.php?op=RemoveComment&amp;tid=$tid&amp;sid=$sid\">"._DELETE."</a> ]</font><br><br>";
            } else {
                echo " ]</font><br><br>";
            }
        }

        DisplayKids($tid, $mode, $order, $thold, $level);
        echo "</ul>";
        if($hr) echo "<hr noshade size=\"1\">";

// $sid changes value between here
    }
// and here - skribe

/**************************************************************************
*  I've changed $sid to $bruce below (until the end of the function) so
* so that moderation will work.
*
*- skribe
*
***********************************************************************/



    if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_MODERATE)) {
        $column = &$pntable['comments_column'];
        $result2 = $dbconn->Execute("SELECT count(*) FROM $pntable[comments] WHERE $column[sid]='$bruce'");
        list($numrow) = $result2->fields;
        if ($numrow == 0) {
            echo "";
            } else {
            modthree($bruce, $mode, $order, $thold);
            }
         }
    if($pid==0) return array($bruce, $pid, $subject);
    else include("footer.php");

// $sid to $bruce ends here - skribe 
}

function singlecomment($info, $tid, $sid, $mode, $order, $thold) {
    global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3, $bgcolor4, $admin, $anonpost, $pntable, $dbconn;

    include("header.php");
        $column = &$pntable['comments_column'];
    $result = $dbconn->Execute("SELECT $column[date], 
                              $column[name], $column[email], $column[url], 
                              $column[subject], $column[comment], $column[score], 
                              $column[reason] 
                              FROM $pntable[comments] 
                              WHERE $column[tid]=$tid AND $column[sid]=$sid");
    list($date, $name, $email, $url, $subject, $comment, $score, $reason) = $result->fields;
    $date=$result->UnixTimeStamp($date);
    $titlebar = "<font class=\"pn-title\">$subject</font><font class=\"pn-normal\">";
    if($name == "") $name = $anonymous;
    if($subject == "") $subject = "["._NOSUBJECT."]</font>";
    if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_COMMENT)) {
        echo "<form action=\"modules.php\" method=\"post\">";
    }
    echo "<table width=\"99%\" border=\"0\"><tr bgcolor=\"$bgcolor1\"><td width=\"500\">";
    $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($date));
    if($email) {
        echo "<font class=\"pn-title\">$subject</font><font class=\"pn-normal\">("._SCORE." $score)<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$email\">$name</a><font  class=\"pn-normal\">($email)</font><font class=\"pn-sub\"> "._ON." $datetime</font>";
    } else {
        echo "<font class=\"pn-title\">$subject</font><font class=\"pn-normal\">("._SCORE." $score)<br>"._BY." $name</font><font class=\"pn-sub\"> "._ON." $datetime</font>";
    }
    echo "</td></tr><tr><td><font class=\"pn-normal\">$comment</font></td></tr></table><br><br>";
    if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_COMMENT)) {
        echo "<font class=\"pn-normal\"> [ <a class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=NS-Comments&amp;file=index&amp;req=Reply&amp;pid=$tid&amp;sid=$sid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=News&amp;file=article&amp;sid=$sid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._ROOT."</a>";
    }
    if (authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_MODERATE)) {
       modtwo($tid, $score, $reason);
       echo " ]</font>";
       modthree($sid, $mode, $order, $thold);
    }
    include("footer.php");
}

function reply($pid, $sid, $mode, $order, $thold) {
    include(WHERE_IS_PERSO."config.php");
    // attention, corrected this, in order to allow not to have pntables in a private folder.
    if (file_exists(WHERE_IS_PERSO."pntables.php"))
        { include(WHERE_IS_PERSO."pntables.php"); }
    else
        { include("pntables.php"); }
    include("header.php");
    global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3, $pntable, $HTTP_COOKIE_VARS, $dbconn;
    $row = getArticles("sid=$sid", "", "");
    $info = genArticleInfo($row[0]);

    if($pid!=0) {
                $column = &$pntable['comments_column'];
                $result = $dbconn->Execute("SELECT $column[date], $column[name], $column[email],
                                  $column[url], $column[subject], $column[comment], 
                                                                  $column[score] 
                                                                  FROM $pntable[comments] 
                                                                  WHERE $column[tid]=$pid");        
            list($date, $name, $email, $url, $subject, $comment, $score) = $result->fields;
    } else {
        $date = $info['time'];
        $subject = $info['title'];
        $temp_comment = $info['hometext'];
        $comment2 = $info['bodytext'];
        $name = $info['informant'];
        $notes = $info['notes'];
    }
    if($comment == "") {
        $comment = "$temp_comment<br><br>$comment2";
    }
    OpenTable();
    echo "<center><font class=\"pn-title\">"._COMMENTREPLY."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();    
    if (!authorised(0, 'Stories::', "$info[aid]:$info[cattitle]:$info[sid]", ACCESS_COMMENT)) {
        echo _NOTAUTHORIZEDCOMMENT;
        include 'footer.php';
        exit;
    }
    if($name == "") $name = $anonymous;
    if($subject == "") $subject = "<font class=\"pn-normal\">["._NOSUBJECT."]</font>";
    formatTimestamp($date);
    echo "<font class=\"pn-title\">$subject</font><font class=\"pn-normal\">";
    if(!$temp_comment) echo"("._SCORE." $score)";
    if($email) {
        echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$email\">$name</a> <font class=\"pn-normal\">($email)</font><font class=\"pn-sub\"> "._ON." $datetime</font>";
    } else {
        echo "<br><font class=\"pn-sub\">"._BY." $name "._ON." $datetime</font>";
    }
    echo "<br><br><font class=\"pn-normal\">$comment</font><br><br>";
    if ($pid == 0) {
        if ($notes != "") {
            echo "<b>"._NOTE."</b><font class=\"pn-normal\">$notes</font><br><br>";
        } else {
            echo "";
        }
    }
    if(!isset($pid) || !isset($sid)) { echo "<font class=\"pn-normal\">Something is not right. This message is just to keep things from messing up down the road</font>"; exit(); }
        if($pid == 0) {
            $column = &$pntable['stories_column'];
            $result = $dbconn->Execute("SELECT $column[title] 
                                      FROM $pntable[stories] 
                                      WHERE $column[sid]=$sid");
            list($subject) = $result->fields;
        } else {
            $column = &$pntable['comments_column'];
            $result = $dbconn->Execute("SELECT $column[subject] 
                                      FROM $pntable[comments] 
                                      WHERE $column[tid]=$pid");
            list($subject) = $result->fields;
        }
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<form action=\"modules.php\" method=\"post\">";
    echo "<font class=\"pn-title\">"._YOURNAME.":</font> ";
    if (is_user($user)) {
        cookiedecode($user);
        echo "<a href=\"user.php\">$cookie[1]</a> <font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"user.php?op=logout\">"._LOGOUT."</a> ]</font><br><br>";
    } else {
            echo "<font class=\"pn-normal\">$anonymous";
        echo " <font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"user.php\">"._NEWUSER."</a> ]</font><br><br>";
    }
    echo "<font class=\"pn-title\">"._SUBJECT.":</font><br>";
    if (!eregi("Re:",$subject))
		{ 
			$myts = new MyTextSanitizer; // MyTextSanitizer object
			$subject = $myts->makeTareaData4Show($subject);
			$subject = "Re: ".substr($subject,0,81).""; 
		}
    echo "<input type=\"text\" name=\"subject\" size=\"50\" maxlength=\"85\" value=\"$subject\"><br><br>";
    echo "<font class=\"pn-title\">"._COMMENT.":</font><br>"
         ."<textarea wrap=\"virtual\" cols=\"50\" rows=\"10\" name=\"comment\"></textarea><br>
           <font class=\"pn-sub\">"._ALLOWEDHTML."<br>";
    while (list($key,)= each($AllowableHTML)) echo " &lt;".$key."&gt;";
    echo "</font><br>";
    if (is_user($user)) { echo "<input type=\"checkbox\" name=\"xanonpost\"><font class=\"pn-normal\"> "._POSTANON."</font><br>"; }
    echo "<input type=\"hidden\" name=\"op\" value=\"modload\">\n"
        ."<input type=\"hidden\" name=\"name\" value=\"NS-Comments\">\n"
        ."<input type=\"hidden\" name=\"file\" value=\"index\">\n"
        ."<input type=\"hidden\" name=\"pid\" value=\"$pid\">\n"
        ."<input type=\"hidden\" name=\"sid\" value=\"$sid\">\n"
        ."<input type=\"hidden\" name=\"mode\" value=\"$mode\">\n"
        ."<input type=\"hidden\" name=\"order\" value=\"$order\">\n"
        ."<input type=\"hidden\" name=\"thold\" value=\"$thold\">\n"
        ."<input type=\"submit\" name=\"req\" value=\""._PREVIEW."\">\n"
        ."<input type=\"submit\" name=\"req\" value=\""._OK."\">\n"
        ."<select name=\"posttype\">\n"
        ."<option value=\"exttrans\">"._EXTRANS."</option>\n"
        ."<option value=\"html\" >"._HTMLFORMATED."</option>\n"
        ."<option value=\"plaintext\" selected>"._PLAINTEXT."</option>\n"
        ."</select></font></form>\n";
    CloseTable();
    include("footer.php");
}

function replyPreview ($pid, $sid, $subject, $comment, $xanonpost, $mode, $order, $thold, $posttype) {
    include("header.php");
    global $user, $cookie, $AllowableHTML, $anonymous;
    OpenTable();
    echo "<center><font class=\"pn-title\">"._COMREPLYPRE."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    cookiedecode($user);
    $subject = stripslashes($subject);
    $comment = stripslashes($comment);
    if (!isset($pid) || !isset($sid)) {
        echo ""._NOTRIGHT."";
        exit();
    }
    if($subject == '' or $comment == '') {
        OpenTable2();
        echo "<font class=\"pn-normal\"><b>"._MPROBLEM."</b> "._NOSUBJECT."</font><br><br><br>";
        echo "<center>"._GOBACK."</center><br><br>";
        CloseTable2();
        include("footer.php");
        exit;
    }
    echo "<font class=\"pn-title\">$subject</font>";
    echo "<br><font class=\"pn-normal\">"._BY." ";
    if (is_user($user)) {
        echo "$cookie[1]";
    } else {
        echo "$anonymous";
    }
    echo " "._ONN."</font><br><br>";
        echo "<font class=\"pn-normal\">";
    if ($posttype=="exttrans") {
                echo nl2br(htmlspecialchars($comment));
    } elseif ($posttype=="plaintext") {
        echo nl2br($comment);
    } else {
        echo $comment;
    }
        echo "</font>";
        CloseTable();
    echo "<br>";
    OpenTable();
    echo "<form action=\"modules.php\" method=\"post\"><font class=\"pn-title\">"._YOURNAME.":</font> ";
    if (is_user($user)) {
        echo "<a href=\"user.php\">$cookie[1]</a> <font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"user.php?op=logout\">"._LOGOUT."</a> ]</font><br><br>";
    } else {
        echo "<font class=\"pn-normal\">$anonymous</font><br><br>";
    }
    echo "<font class=\"pn-title\">"._SUBJECT.":</font><br>"
        ."<input type=\"text\" name=\"subject\" size=\"50\" maxlength=\"85\" value=\"$subject\"><br><br>"
        ."<font class=\"pn-title\">"._COMMENT.":</font><br>"
        ."<textarea wrap=\"virtual\" cols=\"50\" rows=\"10\" name=\"comment\">$comment</textarea><br>"
        ."<font class=\"pn-sub\">"._ALLOWEDHTML."<br>";
    while (list($key,) = each($AllowableHTML)) echo " &lt;".$key."&gt;";
    echo "</font><br>";
    if ($xanonpost) {
        echo "<input type=\"checkbox\" name=\"xanonpost\" checked><font class=\"pn-normal\"> "._POSTANON."</font><br>";
    } elseif (is_user($user)) {
        echo "<input type=\"checkbox\" name=\"xanonpost\"><font class=\"pn-normal\"> "._POSTANON."</font><br>";
    }
    echo "<input type=\"hidden\" name=\"pid\" value=\"$pid\">"
        ."<input type=\"hidden\" name=\"sid\" value=\"$sid\">"
        ."<input type=\"hidden\" name=\"mode\" value=\"$mode\">"
        ."<input type=\"hidden\" name=\"order\" value=\"$order\">"
        ."<input type=\"hidden\" name=\"thold\" value=\"$thold\">"
        ."<input type=\"submit\" name=\"req\" value=\""._PREVIEW."\">"
        ."<input type=\"submit\" name=\"req\" value=\""._OK."\">\n"
        ."<input type=\"hidden\" name=\"op\" value=\"modload\">\n"
        ."<input type=\"hidden\" name=\"name\" value=\"NS-Comments\">\n"
        ."<input type=\"hidden\" name=\"file\" value=\"index\">\n"
        ."<select name=\"posttype\"><option value=\"exttrans\"";
    if ($posttype=="exttrans") {
        echo " selected";
    }
    echo ">"._EXTRANS."</option>\n"
        ."<OPTION value=\"html\"";;
    if ($posttype=="html") {
        echo " selected";
    }
    echo ">"._HTMLFORMATED."</option>\n"
        ."<OPTION value=\"plaintext\"";
    if (($posttype!="exttrans") && ($posttype!="html")) {
        echo " selected";
    }
    echo ">"._PLAINTEXT."</option></select></font></form>";
    CloseTable();
    include("footer.php");
}

function CreateTopic ($xanonpost, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype) {
    global $user, $userinfo, $EditedMessage, $cookie, $AllowableHTML, $pntable, $dbconn, $pnconfig;
    //FTO To check if oracle db
    global $oracledb;
    
    csrfcheck();

    cookiedecode($user);
    if($subject == '' or $comment == '') {
        include("header.php");
        OpenTable2();
        echo "<font class=\"pn-normal\"><b>"._MPROBLEM."</b> "._NOSUBJECT."</font><br><br><br>";
        echo "<center>"._GOBACK."</center><br><br>";
        CloseTable2();
        include("footer.php");
        exit;
    }
    $author = FixQuotes($author);
    $subject = FixQuotes(filter_text($subject, "nohtml"));
    if($posttype=="exttrans") {
            $comment = FixQuotes(nl2br(htmlspecialchars(check_words($comment))));
    } elseif($posttype=="plaintext") {
            $comment = FixQuotes(nl2br(filter_text($comment)));
    } else {
        $comment = FixQuotes(filter_text($comment));
    }
    if($user) {
        getusrinfo($user);
    }
    if (($user) && (!$xanonpost)) {
        getusrinfo($user);
//FTO Use quotes for index names
        $name = $userinfo['uname'];
        $email = $userinfo['femail'];
        $url = $userinfo['url'];
        $score = 1;
    } else {
        $name = ""; $email = ""; $url = "";
        $score = 0;
    }
    $ip = getenv("REMOTE_ADDR");
    //FTO : use column to remove warning
    $column = &$pntable['stories_column'];


/* begin fake thread control */


    $result = $dbconn->Execute("SELECT count(*)
                               FROM $pntable[stories]
                               WHERE $column[sid]=$sid");
//                               WHERE {$pntable[stories_column][sid]}=$sid");

    //FTO : database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    list($fake) = $result->fields;

/* begin duplicate control */

/* 
 * hootbah:
 * Is this needed? If the table is set up correctly with indexes then this test
 * would be obsolete.
 */
    $column = &$pntable['comments_column'];

    //FTO Test every Oracle drivers
    if ( $oracledb )
      {
       $sql = "SELECT count(*) FROM $pntable[comments]
               WHERE $column[pid]=$pid
                 AND $column[sid]=$sid
                 AND $column[subject]='$subject'
                 AND DBMS_LOB.INSTR($column[comment], '$comment', 1, 1) > 0";
    } else {
        $sql = "SELECT count(*) FROM $pntable[comments] 
                WHERE $column[pid]=$pid 
                  AND $column[sid]=$sid 
                  AND $column[subject]='$subject' 
                  AND $column[comment]='$comment'";
    }
    $result = $dbconn->Execute($sql);

    //FTO : database error
    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    list($tia) = $result->fields;

    /* begin troll control */

    $column = &$pntable['comments_column'];

    //FTO : Handle dates differences between databases
    //FTO Test if Oracle

    $sql = "SELECT count(*) FROM $pntable[comments] WHERE ($column[score]=-1)";
    if ( $oracledb )
        {
             $sql .= " AND (SYSDATE - $column[date] < 3)";
        }
    else
        {
             $sql .= " AND (to_days(now()) - to_days($column[date]) < 3)";
        }


    if($user)
    {
        $sql .= " AND ($column[name]='$userinfo[uname]')";
        $result = $dbconn->Execute($sql);

        //FTO : Test database error
        if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
        
        list($troll) = $result->fields;
    } elseif(!$score)
    {

        $sql .= " AND ($column[host_name]='$ip')";
        $result = $dbconn->Execute($sql);

        //FTO : Test database error

        if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

        list($troll) = $result->fields;

    }
    if((!$tia) && ($fake == 1) && ($troll < 6)) {

	csrfcheck();

        $column = &$pntable['comments_column'];

// FTO : Add SEQ suffix to avoid conflict name with ORACLE
        $nextid = $dbconn->GenId("{$pntable['comments']}_SEQ");

        //FTO Use a php date time to stay compatible with
        //    all databases.
        $now=$dbconn->DBTimeStamp(mktime());

        $result = $dbconn->Execute("INSERT INTO $pntable[comments] ($column[tid], $column[pid],
                          $column[sid], $column[date], $column[name], $column[email], 
                                                  $column[url], $column[host_name], $column[subject], 
                                                  $column[comment], $column[score], $column[reason] )
                        VALUES ($nextid, $pid, $sid, $now, '$name', '$email',
                                                  '$url', '$ip', '$subject', '$comment', '$score', 0)");
        if($dbconn->ErrorNo()<>0) {
            error_log("DB Error: Can not add comment: " . $dbconn->ErrorMsg());
        }

    } else {
        include("header.php");
        if ($tia) {
            echo "<font class=\"pn-normal\">"._DUPLICATE."<br><br><a class=\"pn-normal\"  href=\"modules.php?op=modload&amp;name=News&amp;file=article&amp;sid=$sid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._COMMENTSBACK."</a></font>";
        } elseif($troll > 5) {
            echo _TROLL;
        } elseif($fake == 0) {
            echo _FAKETOPIC;
        }
        include("footer.php");
        exit;
    }

    csrfcheck();

    $column = &$pntable['stories_column'];
    $result = $dbconn->Execute("UPDATE $pntable[stories] 
                    SET $column[comments]=$column[comments]+1 
                                        WHERE $column[sid]=$sid");

    //FTO : Test database error

    if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    if (isset($cookie[4])) { $options .= "&mode=$cookie[4]"; } else { $options .= "&mode=thread"; }
    if (isset($cookie[5])) { $options .= "&order=$cookie[5]"; } else { $options .= "&order=0"; }
    if (isset($cookie[6])) { $options .= "&thold=$cookie[6]"; } else { $options .= "&thold=0"; }
    pnRedirect('modules.php?op=modload&name=News&file=article&sid='.$sid.$options);
}

global $dbconn;
if (empty($req)) {
    $req = "";
}
switch($req) {
        
    case "Reply":
        reply($pid, $sid, $mode, $order, $thold);
        break;

    case ""._PREVIEW."":
        replyPreview ($pid, $sid, $subject, $comment, $xanonpost, $mode, $order, $thold, $posttype);
        break;

    case ""._OK."":
        CreateTopic($xanonpost, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $thold, $posttype);
        break;

    case "moderate":
        include_once("mainfile.php");

	csrfcheck();

        if(($admintest==1) || ($moderate==2)) {
            while(list($tdw, $emp) = each($HTTP_POST_VARS)) {
                if (eregi("dkn",$tdw)) {
                    $emp = explode(":", $emp);
                    if($emp[1] != 0) {
                        $tdw = ereg_replace("dkn", "", $tdw);
                                                $column = &$pntable['comments_column'];
                        $q = "UPDATE $pntable[comments] SET";
                        if(($emp[1] == 9) && ($emp[0]>=0)) { # Overrated
                            $q .= " $column[score]=$column[score]-1 WHERE $column[tid]=$tdw";
                        } elseif (($emp[1] == 10) && ($emp[0]<=4)) { # Underrated
                            $q .= " $column[score]=$column[score]+1 WHERE $column[tid]=$tdw";
                        } elseif (($emp[1] > 4) && ($emp[0]<=4)) {
                            $q .= " $column[score]=$column[score]+1, $column[reason]=$emp[1] WHERE $column[tid]=$tdw";
                        } elseif (($emp[1] < 5) && ($emp[0] > -1)) {
                            $q .= " $column[score]=$column[score]-1, $column[reason]=$emp[1] WHERE $column[tid]=$tdw";
                        } elseif (($emp[0] == -1) || ($emp[0] == 5)) {
                            $q .= " $column[reason]=$emp[1] WHERE $column[tid]=$tdw";
                        }
                        if(strlen($q) > 20) {
                            $result = $dbconn->Execute($q);
                        }
                    }
                }
            }
        }
        pnRedirect('modules.php?op=modload&name=News&file=article&sid='.$sid.'&mode='.$mode.'&order='.$order.'&thold='.$thold);
        break;

    case "showreply":
        DisplayTopic($info, $sid, $pid, $tid, $mode, $order, $thold);
        break;

    default:
      global $sid, $pid, $tid, $mode, $order, $thold;
        if ((isset($tid)) && (!isset($pid))) {
            singlecomment($info, $tid, $sid, $mode, $order, $thold);
        } elseif (($mainfile) xor (($pid==0) AND (!isset($pid)))) {
            pnRedirect('modules.php?op=modload&name=News&file=article&sid='.$sid.'&mode='.$mode.'&order='.$order.'&thold='.$thold);
        } else {
            if(!isset($pid)) $pid=0;
            DisplayTopic($info, $sid, $pid, $tid, $mode, $order, $thold);
        }
        break;
}

?>
Return current item: ProNuke. Postnuke To Oracle