Location: PHPKode > projects > ProNuke. Postnuke To Oracle > postnuke/html/modules/NS-Polls/comments.php
<?php // $Id: comments.php,v 1.31 2001/12/04 13:07:47 jgm Exp $ $Name:  $
// ----------------------------------------------------------------------
// POST-NUKE Content Management System
// Copyright (C) 2001 by the Post-Nuke Development Team.
// http://www.postnuke.com/
// ----------------------------------------------------------------------
// Based on:
// PHP-NUKE Web Portal System - http://phpnuke.org/
// Thatware - http://thatware.org/
// ----------------------------------------------------------------------
// LICENSE
//
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License (GPL)
// as published by the Free Software Foundation; either version 2
// of the License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// To read the license please visit http://www.gnu.org/copyleft/gpl.html
// ----------------------------------------------------------------------
// Filename: modules/NS-Polls/index.php
// Original Author: Till Gerken (hide@address.com)
// Purpose: Voting system
// ----------------------------------------------------------------------

if (!defined("LOADED_AS_MODULE")) {
         die ("You can't access this file directly...");
     }

include 'mainfile.php';

/* Credits to Edgar Miller -- http://www.bosna.de/ from his post on PHP-Nuke ( http://phpnuke.org/article.php?sid=2010&mode=nested&order=0&thold=0 )
Further Credits go to Djordjevic Nebojsa (nesh) for the fix for the fix */

$ModName = basename( dirname( __FILE__ ) );

modules_get_language();

function modone() {
    global $admin, $moderate, $ModName;
    if(((isset($admin)) && ($moderate == 1)) || ($moderate==2)) echo "<form action=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments\" method=\"post\">";
}

function modtwo($tid, $score, $reason) {
    global $admin, $user, $moderate, $reasons;
    if((((isset($admin)) && ($moderate == 1)) || ($moderate == 2)) && ($user)) {
        echo " | <select name=dkn$tid>";
        for($i=0; $i<sizeof($reasons); $i++) {
            echo "<option value=\"$score:$i\">$reasons[$i]</option>\n";
        }
        echo "</select>";
    }
}

function modthree($pollID, $mode, $order, $thold=0) {
    global $admin, $user, $moderate, $userimg;
    if((((isset($admin)) && ($moderate == 1)) || ($moderate==2)) && ($user)) echo "<center><input type=hidden name=pollID value=$pollID><input type=hidden name=mode value=$mode><input type=hidden name=order value=$order><input type=hidden name=\"thold\" value=\"$thold\">
    <input type=\"hidden\" name=\"req\" value=\"moderate\">
    <input type=\"image\" src=\"$userimg/moderate.gif\" border=\"0\"></form></center>";
}

function navbar($pollID, $title, $thold, $mode, $order) {
    global $user, $bgcolor1, $bgcolor2, $textcolor1, $textcolor2, $anonpost, $pollcomm, $pntable, $ModName, $dbconn;


    //FTO Use column to remove warning
    $column=&$pntable['pollcomments'];
    
    $query = $dbconn->Execute("SELECT COUNT(*) 
                             FROM $pntable[pollcomments] 
                             WHERE $column[pollid]=$pollID");
    //FTO                    WHERE {$pntable[pollcomments_column][pollid]}=$pollID");
    list($count) = $query->fields;
    $column = &$pntable['poll_desc_column'];
    $result = $dbconn->Execute("SELECT $column[polltitle] 
                              FROM $pntable[poll_desc] 
                              WHERE $column[pollid]=$pollID");

    list($title) = $result->fields;

    if(!isset($thold)) $thold=0;
    echo "\n\n<!-- COMMENTS NAVIGATION BAR START -->\n\n";
    echo "<table width=\"99%\" border=\"0\" cellspacing=\"1\" cellpadding=\"2\">\n";
    if($title) {
    echo "<tr><td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-normal\">\"$title\" | ";
        if(is_user($user)) {
        echo "<a class=\"pn-normal\" href=\"user.php?op=editcomm\"><font class=\"pn-normal\">"._CONFIGURE."</font></a>";
        } else {
        echo "<a class=\"pn-normal\" href=\"user.php\"><font class=\"pn-normal\">"._LOGINCREATE."</font></a>";
        }
        if(($count==1)) {
            echo " | $count "._COMMENT."</font></td></tr>\n";
        } else {
            echo " | $count "._COMMENTS."</font></td></tr>\n";
        }
    }
    echo "<tr><td bgcolor=\"$bgcolor1\" align=\"center\" width=\"100%\">\n"
    ."<table border=\"0\"><tr><td><font class=\"pn-normal\">\n"
    ."<form method=\"post\" action=\"modules.php?op=modload&amp;name=$ModName&amp;file=index&amp;req=results&pollID=$pollID\">\n"
    ."<font class=\"pn-normal\">"._THRESHOLD."</font> <select name=\"thold\">\n"
    ."<option value=\"-1\"";
    if ($thold == -1) {
    echo " selected";
    }
    echo ">-1</option>\n"
         ."<option value=\"0\"";
    if ($thold == 0) {
    echo " selected";
    }
    echo ">0</option>\n"
     ."<option value=\"1\"";
    if ($thold == 1) {
    echo " selected";
    }
    echo ">1</option>\n"
     ."<option value=\"2\"";
    if ($thold == 2) {
    echo " selected";
    }
    echo ">2</option>\n"
     ."<option value=\"3\"";
    if ($thold == 3) {
    echo " selected";
    }
    echo ">3</option>\n"
     ."<option value=\"4\"";
    if ($thold == 4) {
    echo " selected";
    }
    echo ">4</option>\n"
     ."<option value=\"5\"";
    if ($thold == 5) {
    echo " selected";
    }
    echo ">5</option>\n"
     ."</select> <select name=mode>"
     ."<option value=\"nocomments\"";
    if ($mode == 'nocomments') {
    echo " selected";
    }
    echo ">"._NOCOMMENTS."</option>\n"
     ."<option value=\"nested\"";
    if ($mode == 'nested') {
    echo " selected";
    }
    echo ">"._NESTED."</option>\n"
     ."<option value=\"flat\"";
    if ($mode == 'flat') {
    echo " selected";
    }
    echo ">"._FLAT."</option>\n"
     ."<option value=\"thread\"";
    if (!isset($mode) || $mode=='thread' || $mode=="") {
    echo " selected";
    }
    echo ">"._THREAD."</option>\n"
     ."</select> <select name=\"order\">"
     ."<option value=\"0\"";
    if (!$order) {
    echo " selected";
    }
    echo ">"._OLDEST."</option>\n"
     ."<option value=\"1\"";
    if ($order==1) {
    echo " selected";
    }
    echo ">"._NEWEST."</option>\n"
         ."<option value=\"2\"";
    if ($order==2) {
    echo " selected";
    }
    //FTO Remove warning
    if (!isset($sid)) $sid='';
    if (!isset($pid)) $pid='';

    echo ">"._HIGHEST."</option>\n"
     ."</select>\n"
     ."<input type=\"hidden\" name=\"sid\" value=\"$sid\">\n"
     ."<input type=\"submit\" value=\""._REFRESH."\"></form>\n";
    cookiedecode($user);
    if (($pollcomm) AND ($mode != "nocomments")) {
    if ($anonpost==1 OR is_admin($admin) OR is_user($user)) {
        echo "</font></td><td bgcolor=\"$bgcolor1\"><font class=\"pn-normal\"><form action=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments\" method=\"post\">"
        ."<input type=\"hidden\" name=\"pid\" value=\"$pid\">"
        ."<input type=\"hidden\" name=\"pollID\" value=\"$pollID\">"
        ."<input type=\"hidden\" name=\"req\" value=\"Reply\">"
        ."&nbsp;&nbsp;<input type=\"submit\" value=\""._REPLYMAIN."\">";
    }
    }
    echo "</form></font></td></tr></table>\n"
    ."</td></tr>"
    ."<tr><td bgcolor=\"$bgcolor2\" align=\"center\"><font class=\"pn-sub\">"._COMMENTSWARNING."</font></td></tr>\n"
    ."</table>"
    ."\n\n<!-- COMMENTS NAVIGATION BAR END -->\n\n";
}

function DisplayKids ($tid, $mode, $order=0, $thold=0, $level=0, $dummy=0, $tblwidth=99) {
    global $datetime, $user, $cookie, $bgcolor1, $reasons, $anonymous, $anonpost, $commentlimit, $pntable, $ModName, $dbconn;
    $comments = 0;
    cookiedecode($user);
    $column = &$pntable['pollcomments_column'];
    $result = $dbconn->Execute("SELECT $column[tid], $column[pid], $column[pollid], 
                                $column[date], $column[name],
                                $column[email], $column[url], $column[host_name], 
                                $column[subject], $column[comment], $column[score], 
                                $column[reason] 
                              FROM $pntable[pollcomments] 
                              WHERE $column[pid] = $tid 
                              ORDER BY $column[date], $column[tid]");
    //FTO : Test EOF and database error
    if (!$result) {
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
        die();
    }

    if ($mode == 'nested') {
        /* without the tblwidth variable, the tables run of the screen with netscape
           in nested mode in long threads so the text can't be read. */

    //FTO : Test EOF and database error

       while(! $result->EOF ) {
            list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;
            $r_date=$result->UnixTimeStamp($r_date);
            $result->MoveNext();
            if($r_score >= $thold) {
                if (!isset($level)) {
                } else {
                    if (!$comments) {
                        echo "<ul>";
                        $tblwidth -= 5;
                    }
                }
                $comments++;
                if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous;
                if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "["._NOSUBJECT."]";
            // enter hex color between first two appostrophe for second alt bgcolor
                $r_bgcolor = ($dummy%2)?"":"#E6E6D2";
                echo "<a name=\"$r_tid\">";
                echo "<table border=\"0\"><tr bgcolor=\"$r_bgcolor\"><td>";
                //formatTimestamp($r_date);
                $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
                if ($r_email) {
                    echo "<p><font class=\"pn-normal\">$r_subject</font> <font class=\"pn-normal\">";
                    if(!$cookie[7]) {
                        echo "("._SCORE." $r_score";
                        if($r_reason>0) echo ", $reasons[$r_reason]";
                        echo ")";
                    }
                    echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$r_email\">$r_name</a> <font class=\"pn-normal\"><b>($r_email)</b></font> "._ON." $datetime";
                } else {
                    echo "<p><font class=\"pn-normal\"><b>$r_subject</b></font> <font class=\"pn-normal\">";
                    if(!$cookie[7]) {
                        echo "("._SCORE." $r_score";
                        if($r_reason>0) echo ", $reasons[$r_reason]";
                        echo ")";
                    }
                    echo "<br>"._BY." $r_name "._ON." $datetime";
                }
                if ($r_name != $anonymous) { echo "<BR>(<a class=\"pn-normal\" href=\"user.php?op=userinfo&uname=$r_name\">"._USERINFO."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=Messages&amp;file=replypmsg&amp;send=1&amp;uname=$r_name\">"._SENDAMSG."</a>) "; }
                if (eregi("http://",$r_url)) { echo "<a class=\"pn-normal\" href=\"$r_url\" target=\"window\">$r_url</a> "; }
                echo "</font></td></tr><tr><td>";
                if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><b><a href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$r_pollID&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a></b>";
                elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$r_pollID&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a></b>";
                else echo "<font class=\"pn-normal\">$r_comment</font>";
                echo "</td></tr></table><br><p>";
                if ($anonpost==1 OR is_admin($admin) OR is_user($user)) {
                    echo "<font class=\"pn-normal\"> [ <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;req=Reply&amp;pid=$r_tid&amp;pollID=$r_pollID&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a>";
                }
                modtwo($r_tid, $r_score, $r_reason);
                echo " ]</font><p>";
                DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1, $tblwidth);
            }
        }
    } elseif ($mode == 'flat') {

        //FTO : Test EOF and database error

        while(! $result->EOF ) {


            list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;

            $result->MoveNext();
            if($r_score >= $thold) {
                if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous;
                if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "["._NOSUBJECT."]";
                echo "<a name=\"$r_tid\">";
                echo "<hr><table width=\"99%\" border=\"0\"><tr bgcolor=\"$bgcolor1\"><td>";
                $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
                if ($r_email) {
                    echo "<p><font class=\"pn-normal\">$r_subject</font> <font class=\"pn-normal\">";
                    if(!$cookie[7]) {
                        echo "("._SCORE." $r_score";
                        if($r_reason>0) echo ", $reasons[$r_reason]";
                        echo ")";
                    }
                    echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$r_email\">$r_name</a> <font class=\"pn-normal\"><b>($r_email)</b></font> "._ON." $datetime";
                } else {
                    echo "<p><font class=\"pn-normal\">$r_subject</font> <font class=\"pn-normal\">";
                    if(!$cookie[7]) {
                        echo "("._SCORE." $r_score";
                        if($r_reason>0) echo ", $reasons[$r_reason]";
                        echo ")";
                    }
                    echo "<br>"._BY." $r_name "._ON." $datetime";
                }
                if ($r_name != $anonymous) { echo "<BR>(<a class=\"pn-normal\" href=\"user.php?op=userinfo&uname=$r_name\">"._USERINFO."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=Messages&amp;file=replypmsg&amp;send=1&amp;uname=$r_name\">"._SENDAMSG."</a>) "; }
                if (eregi("http://",$r_url)) { echo "<a class=\"pn-normal\" href=\"$r_url\" target=\"window\">$r_url</a> "; }
                echo "</font></td></tr><tr><td>";
                if(($cookie[10]) && (strlen($r_comment) > $cookie[10])) echo substr("$r_comment", 0, $cookie[10])."<br><br><b><a href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$r_pollID&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a></b>";
                elseif(strlen($r_comment) > $commentlimit) echo substr("$r_comment", 0, $commentlimit)."<br><br><b><a href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$r_pollID&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a></b>";
                else echo "<font class=\"pn-normal\">$r_comment</font>";
                echo "</td></tr></table><br><p><font class=\"pn-normal\"> [ <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;req=Reply&amp;pid=$r_tid&amp;pollID=$r_pollID&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a>";
                modtwo($r_tid, $r_score, $r_reason);
                echo " ]</font><p>";
                DisplayKids($r_tid, $mode, $order, $thold);
            }
        }
    } else {

        //FTO : Test EOF and database error

        while(! $result->EOF ) {

            list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;

            $result->MoveNext();
            if($r_score >= $thold) {
                if (!isset($level)) {
                } else {
                    if (!$comments) {
                        echo "<ul>";
                    }
                }
                $comments++;
                if (!eregi("[a-z0-9]",$r_name)) $r_name = $anonymous;
                if (!eregi("[a-z0-9]",$r_subject)) $r_subject = "["._NOSUBJECT."]";
                $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
                echo "<li><font class=\"pn-normal\"><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;req=showreply&amp;tid=$r_tid&amp;pollID=$r_pollID&amp;pid=$r_pid&amp;mode=$mode&amp;order=$order&amp;thold=$thold#$r_tid\">$r_subject</a> "._BY." $r_name "._ON." $datetime</font><br>";

                DisplayKids($r_tid, $mode, $order, $thold, $level+1, $dummy+1);
            }
        }
    }
    if ($level && $comments) {
        echo "</ul>";
    }

}

function DisplayBabies ($tid, $level=0, $dummy=0) {
    global $datetime, $anonymous, $pntable, $ModName, $dbconn;
    $comments = 0;
    $column = &$pntable['pollcomments_column'];
    $result = $dbconn->Execute("SELECT $column[tid], $column[pid], $column[pollID], 
                                $column[date], $column[name], 
                                $column[email], $column[url], $column[host_name], 
                                $column[subject], $column[comment], $column[score], 
                                $column[reason] 
                              FROM $pntable[pollcomments] 
                              WHERE $column[pid] = $tid 
                                ORDER BY $column[date], $column[tid]");

    //FTO : Test EOF and database error
    if (!$result) {
        PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");
        die();
    }

    while(! $result->EOF ) {

        list($r_tid, $r_pid, $r_pollID, $r_date, $r_name, $r_email, $r_url, $r_host_name, $r_subject, $r_comment, $r_score, $r_reason) = $result->fields;
        $r_date=$result->UnixTimeStamp($r_date);
        $result->MoveNext();
        if (!isset($level)) {
        } else {
            if (!$comments) {
                echo "<ul>";
            }
        }
        $comments++;
        if (!eregi("[a-z0-9]",$r_name)) { $r_name = $anonymous; }
        if (!eregi("[a-z0-9]",$r_subject)) { $r_subject = "["._NOSUBJECT."]"; }

        $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($r_date));
        echo "<a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;req=showreply&amp;tid=$r_tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">$r_subject</a><font class=\"pn-normal\"> "._BY." $r_name "._ON." $datetime<br>";
        DisplayBabies($r_tid, $level+1, $dummy+1);
    }
    if ($level && $comments) {
        echo "</ul>";
    }
}

function DisplayTopic ($pollID, $pid=0, $tid=0, $mode="thread", $order=0, $thold=0, $level=0, $nokids=0) {
    global $hr, $user, $datetime, $cookie, $mainfile, $admin, $commentlimit, $anonymous, $reasons, $anonpost, $foot1, $pntable, $ModName, $dbconn;
    if($mainfile) {
        global $title, $bgcolor1, $bgcolor2, $bgcolor3;
    } else {
        global $title, $bgcolor1, $bgcolor2, $bgcolor3;
        include("mainfile.php");
        include("header.php");
    }
    if ($pid!=0) {
        include("header.php");
    }
    $count_times = 0;
    cookiedecode($user);
    $column = &$pntable['pollcomments_column'];
    $q = "SELECT $column[tid], $column[pid], $column[pollid], 
            $column[date], $column[name], $column[email], 
            $column[url], $column[host_name], $column[subject], $column[comment], 
            $column[score], $column[reason] 
          FROM $pntable[pollcomments] 
          WHERE $column[pollid]=$pollID AND $column[pid]=$pid";
    if($thold != "") {
        $q .= " AND $column[score]>=$thold";
    } else {
        $q .= " AND $column[score]>=0";
    }
    if ($order==1) $q .= " ORDER BY $column[date] DESC";
    if ($order==2) $q .= " ORDER BY $column[score] DESC";
    $something = $dbconn->Execute("$q");

    // FTO Check database error
    if (!$something) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

//FTO Do not use record count. Use EOF instead
//    $num_tid = $something->PO_Record Count();

    navbar($pollID, $title, $thold, $mode, $order);
    modone();

//    while ($count_times < $num_tid) {
      while (!$something->EOF) {
        list($tid, $pid, $pollID, $date, $name, $email, $url, $host_name, $subject, $comment, $score, $reason) = $something->fields;
        $date=$something->UnixTimeStamp($date);
        $something->MoveNext();
        if ($name == "") { $name = $anonymous; }
        if ($subject == "") { $subject = "["._NOSUBJECT."]"; }

        echo "<a name=\"$tid\">";
        echo "<table width=\"99%\" border=\"0\"><tr bgcolor=\"$bgcolor1\"><td width=500>";
        //formatTimestamp($date);
        $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($date));
        if ($email) {
            echo "<p><font class=\"pn-normal\">$subject</font> <font class=\"pn-normal\">";
            if(!$cookie[7]) {
                echo "("._SCORE." $score";
                if($reason>0) echo ", $reasons[$reason]";
                echo ")";
            }
            echo "<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$email\">$name</a> ($email) "._ON." $datetime";
        } else {
            echo "<p><font class=\"pn-normal\">$subject</font> <font class=\"pn-normal\">";
            if(!$cookie[7]) {
                echo "("._SCORE." $score";
                if($reason>0) echo ", $reasons[$reason]";
                echo ")";
            }
            echo "<br>"._BY." $name "._ON." $datetime";
        }

    // If you are admin you can see the Poster IP address (you have this right, no?)
    // with this you can see who is flaming you... ha-ha-ha

        if ($name != $anonymous) { echo "<br>(<a class=\"pn-normal\" href=\"user.php?op=userinfo&uname=$name\">"._USERINFO."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=Messages&amp;file=replypmsg&amp;send=1&amp;uname=$name\">"._SENDAMSG."</a>) "; }
        if (eregi("http://",$url)) { echo "<a class=\"pn-normal\" href=\"$url\" target=\"window\">$url</a> "; }

        if(is_admin($admin)) {
            $column = &$pntable['pollcomments_column'];
            $result= $dbconn->Execute("SELECT $column[host_name] 
                                     FROM $pntable[pollcomments] 
                                     WHERE $column[tid]='$tid'");
            // FTO Check database error
            if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

            list($host_name) = $result->fields;
            echo "<br><font class=\"pn-normal\">(IP: $host_name)</font>";
        }

        echo "</font></td></tr><tr><td>";
        if(($cookie[10]) && (strlen($comment) > $cookie[10])) echo substr("$comment", 0, $cookie[10])."<br><br><b><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$pollID&amp;tid=$tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a></b>";
        elseif(strlen($comment) > $commentlimit) echo substr("$comment", 0, $commentlimit)."<br><br><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$pollID&amp;tid=$tid&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._READREST."</a>";
        else echo "<font class=\"pn-normal\">$comment</font>";
        echo "</td></tr></table><br><p>";
        if ($anonpost==1 OR is_admin($admin) OR is_user($user)) {
            echo "<font class=\"pn-normal\"> [ <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;req=Reply&amp;pid=$tid&amp;pollID=$pollID&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a>";
        } else {
            echo "[ "._NOANONCOMMENTS." ";
        }
        if ($pid != 0) {
            $column = &$pntable['pollcomments_column'];
            $result = $dbconn->Execute("SELECT $column[pid] 
                                      FROM $pntable[pollcomments] 
                                      WHERE $column[tid]=$pid");

            // FTO Check database error
            if (!$result) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

            list($erin) = $result->fields;
            echo "| <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;pollID=$pollID&amp;pid=$erin&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._PARENT."</a>";
        }
        modtwo($tid, $score, $reason);

        if(is_admin($admin)) {
            echo " | <a class=\"pn-normal\" href=\"admin.php?op=RemovePollComment&amp;tid=$tid&amp;pollID=$pollID\">"._DELETE."</a> ]</font><p>";
        } else {
            echo " ]</font><p>";
        }

        DisplayKids($tid, $mode, $order, $thold, $level);
        echo "</ul>";
        if($hr) echo "<hr noshade size=1>";
        echo "</p>";
        $count_times ++;
    }
    modthree($pollID, $mode, $order, $thold);
    if($pid==0) return array($pollID, $pid, $subject);
    else include("footer.php");
}

function singlecomment($tid, $pollID, $mode, $order, $thold) {
    include("header.php");
    global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3, $anonpost, $admin, $anonymous, $pntable, $ModName, $dbconn;
    $column = &$pntable['pollcomments_column'];
    $deekayen = $dbconn->Execute("SELECT $column[date], $column[name], 
                                  $column[email], $column[url], $column[subject], 
                                  $column[comment], $column[score], $column[reason] 
                                FROM $pntable[pollcomments] 
                                WHERE $column[tid]=$tid AND $column[pollid]=$pollID");

    // FTO Check database error
    if (!$deekayen) PN_DBMsgError($dbconn, __FILE__, __LINE__, "An error ocurred");

    list($date, $name, $email, $url, $subject, $comment, $score, $reason) = $deekayen->fields;
    $date=$deekayen->UnixTimeStamp($date);
    $titlebar = "<font class=\"pn-normal\">$subject</font>";
    if($name == "") $name = $anonymous;
    if($subject == "") $subject = "["._NOSUBJECT."]";
    modone();
    echo "<table width=\"99%\" border=\"0\"><tr bgcolor=\"$bgcolor1\"><td width=500>";
    $datetime = ml_ftime(_DATETIMEBRIEF, GetUserTime($date));
    if($email) echo "<p><font class=\"pn-normal\">$subject</font> <font class=\"pn-normal\">("._SCORE." $score)<br>"._BY." <a class=\"pn-normal\" href=\"mailto:$email\"><font class=\"pn-normal\">$name</font></a> <font class=\"pn-normal\">($email)</font> "._ON." $datetime";
    else echo "<p><font class=\"pn-normal\">$subject</font> <font class=\"pn-normal\">("._SCORE." $score)<br>"._BY." $name "._ON." $datetime";
    echo "</td></tr><tr><td><font class=\"pn-normal\">$comment</font></td></tr></table><br><p><font class=\"pn-normal\"> [ <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments&amp;req=Reply&amp;pid=$tid&amp;pollID=$pollID&amp;mode=$mode&amp;order=$order&amp;thold=$thold\">"._REPLY."</a> | <a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=index&amp;pollID=$pollID\">"._ROOT."</a>";
    modtwo($tid, $score, $reason);
    echo " ]";
    modthree($pollID, $mode, $order, $thold);
    include("footer.php");
}

function reply ($pid, $pollID, $mode, $order, $thold) {
    include("header.php");
    global $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3, $AllowableHTML, $anonymous, $pntable, $ModName, $dbconn;
    if($pid!=0) {
        $column = &$pntable['pollcomments_column'];
        $result = $dbconn->Execute("SELECT $column[date], $column[name], $column[email],
                                    $column[url], $column[subject], $column[comment],
                                    $column[score] 
                                  FROM $pntable[pollcomments] 
                                  WHERE $column[tid]=$pid");

        list($date, $name, $email, $url, $subject, $comment, $score) = $result->fields;
    } else {
        $column = &$pntable['poll_desc_column'];
        $result =  $dbconn->Execute("SELECT $column[polltitle] 
                                   FROM $pntable[poll_desc] 
                                   WHERE $column[pollid]=$pollID");

        list($subject) = $result->fields;
    }
    if($comment == "") {
        $comment = $temp_comment;
    }
    $titlebar = "<font class=\"pn-normal\">$subject</font>";
    if($name == "") $name = $anonymous;
    if($subject == "") $subject = "["._NOSUBJECT."]";
    formatTimestamp($date);
    OpenTable();
    echo "<center><font class=\"pn-title\">"._SURVEYCOM."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<center><font class=\"pn-normal\">$subject</center><br>";
    if ($comment == "") {
        echo "<center>"._DIRECTCOM."</font></center><br>";
    } else {
        echo "<br>$comment</font>";
    }
    CloseTable();
    if(!isset($pid) || !isset($pollID)) { echo "Something is not right. This message is just to keep things from messing up down the road"; exit(); }
    echo "<br>";
    OpenTable();
    echo "<form action=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments\" method=post>";
    echo "<font class=\"pn-title\">"._YOURNAME.":</font> ";
    if (is_user($user)) {
        cookiedecode($user);
        echo "<font class=\"pn-normal\"><a class=\"pn-normal\" href=\"user.php\">$cookie[1]</a> [ <a class=\"pn-normal\" href=\"user.php?op=logout\">"._LOGOUT."</a> ]</font>";
    } else {
        echo "<font class=\"pn-normal\">$anonymous</font>";
        $xanonpost=1;
    }
    echo "<br><br><font class=\"pn-title\">"._SUBJECT.":</font><br>";
    if (!eregi("Re:",$subject)) $subject = "Re: ".substr($subject,0,81)."";
    echo "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=85 value=\"$subject\"><BR>";
    echo "<br><br><font class=\"pn-title\">"._COMMENT.":</font><br>"
        ."<TEXTAREA wrap=\"virtual\" cols=\"50\" rows=\"10\" name=\"comment\"></TEXTAREA><br>
        <font class=\"pn-normal\">"._ALLOWEDHTML."<br>";
        while (list($key,)= each($AllowableHTML)) echo " &lt;".$key."&gt;";
        echo "<br>";
    if (is_user($user)) { echo "<INPUT type=checkbox name=xanonpost> "._POSTANON."<br>"; }
    echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">"
        ."<INPUT type=\"hidden\" name=\"pollID\" value=\"$pollID\">"
        ."<INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">"
        ."<INPUT type=\"hidden\" name=\"order\" value=\"$order\">"
        ."<INPUT type=\"hidden\" name=\"thold\" value=\"$thold\">"
        ."<INPUT type=submit name=req value=\""._PREVIEW."\">"
        ."<INPUT type=submit name=req value=\""._OK."\">"
        ."<SELECT name=\"posttype\">"
        ."<OPTION value=\"exttrans\">"._EXTRANS."</option>"
        ."<OPTION value=\"html\" >"._HTMLFORMATED."</option>"
        ."<OPTION value=\"plaintext\" SELECTED>"._PLAINTEXT."</option>"
        ."</SELECT>"
        ."</FORM>";
    CloseTable();
    include("footer.php");
}

function replyPreview ($pid, $pollID, $subject, $comment, $xanonpost, $mode, $order, $thold, $posttype) {
    include("header.php");
    global $user, $cookie, $AllowableHTML, $anonymous, $ModName;
    cookiedecode($user);
    $subject = stripslashes($subject);
    $comment = stripslashes($comment);
    if (!isset($pid) || !isset($pollID)) {
        echo "<font class=\"pn-normal\">"._NOTRIGHT."</font>";
        exit();
    }
    OpenTable();
    echo "<center><font class=\"pn-title\">"._SURVEYCOMPRE."</font></center>";
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<font class=\"pn-normal\">$subject</font><br>";
    echo "<font class=\"pn-normal\">"._BY." ";
    if (is_user($user)) {
        echo "$cookie[1]";
    } else {
        echo "$anonymous ";
    }
    echo ""._ONN."</font><br><br>";
    if ($posttype=="exttrans") {
        echo "<font class=\"pn-normal\">".nl2br(htmlspecialchars($comment))."</font>";
    } elseif ($posttype=="plaintext") {
        echo "<font class=\"pn-normal\">".nl2br($comment)."</font>";
    } else {
        echo "<font class=\"pn-normal\">$comment</font>";
    }
    CloseTable();
    echo "<br>";
    OpenTable();
    echo "<form action=\"modules.php?op=modload&amp;name=$ModName&amp;file=comments\" method=post>"
        ."<font class=\"pn-title\">"._YOURNAME.":</font> ";
    if (is_user($user)) {
        echo "<font class=\"pn-normal\"><a class=\"pn-normal\" href=\"user.php\">$cookie[1]</a> <font class=\"pn-normal\">[ <a class=\"pn-normal\" href=\"user.php?op=logout\">"._LOGOUT."</a> ]</font>";
    } else {
        echo "<font class=\"pn-normal\">$anonymous</font>";
    }
    echo "<br><br><font class=\"pn-title\">"._SUBJECT.":</font><br>"
        ."<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=85 value=\"$subject\"><br><br>"
        ."<P><font class=\"pn-title\">"._COMMENT.":</FONT><BR>"
        ."<TEXTAREA wrap=\"virtual\" cols=\"50\" rows=\"10\" name=\"comment\">$comment</TEXTAREA><br>";
        echo"<font class=\"pn-normal\">"._ALLOWEDHTML."<br>";
        while (list($key,)= each($AllowableHTML)) echo " &lt;".$key."&gt;";
        echo "<br>";
    if ($xanonpost) { echo "<INPUT type=checkbox name=xanonpost checked> "._POSTANON."<br>"; } elseif(is_user($user)) { echo "<INPUT type=checkbox name=xanonpost> "._POSTANON."<br>"; }
    echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">"
        ."<INPUT type=\"hidden\" name=\"pollID\" value=\"$pollID\"><INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">"
        ."<INPUT type=\"hidden\" name=\"order\" value=\"$order\"><INPUT type=\"hidden\" name=\"thold\" value=\"$thold\">"
        ."<INPUT type=submit name=req value=\""._PREVIEW."\">"
        ."<INPUT type=submit name=req value=\""._OK."\"> <SELECT name=\"posttype\"><OPTION value=\"exttrans\"";
        if($posttype=="exttrans") echo" SELECTED";
        echo  ">"._EXTRANS."<OPTION value=\"html\"";;
        if($posttype=="html") echo" SELECTED";
        echo ">"._HTMLFORMATED."<OPTION value=\"plaintext\"";
        if(($posttype!="exttrans") && ($posttype!="html")) echo" SELECTED";
        echo ">"._PLAINTEXT."</SELECT></FORM>";
    CloseTable();
    include("footer.php");
}

function CreateTopic ($xanonpost, $subject, $comment, $pid, $pollID, $host_name, $mode, $order, $thold, $posttype) {
    global $user, $userinfo, $EditedMessage, $cookie, $pntable, $ModName, $dbconn;

    $author = FixQuotes($author);
    $subject = FixQuotes(filter_text($subject, "nohtml"));
    if($posttype=="exttrans")
        $comment = FixQuotes(nl2br(htmlspecialchars(check_words($comment))));
    elseif($posttype=="plaintext")
        $comment = FixQuotes(nl2br(filter_text($comment)));
    else
        $comment = FixQuotes(filter_text($comment));
    if($user) getusrinfo($user);
    if (($user) && (!$xanonpost)) {
        getusrinfo($user);
        $name = $userinfo[uname];
        $email = $userinfo[femail];
        $url = $userinfo[url];
        $score = 1;
    } else {
        $name = ""; $email = ""; $url = "";
        $score = 0;
    }
    $ip = getenv("REMOTE_HOST");
    if (empty($ip)) {
        $ip = getenv("REMOTE_ADDR");
    }

    // default $pid if it is not set
    if (!$pid) $pid=0;

//begin fake thread control
    $column = &$pntable['poll_desc_column'];
    $result = $dbconn->Execute("SELECT COUNT(*) 
                              FROM $pntable[poll_desc] 
                              WHERE $column[pollid]=$pollID");

    list($fake) = $result->fields;

//begin duplicate control
    $column = &$pntable['pollcomments_column'];
    $result = $dbconn->Execute("SELECT COUNT(*) 
                              FROM $pntable[pollcomments] 
                              WHERE $column[pid]='$pid' AND $column[pollid]='$pollID'
                                AND $column[subject]='$subject' 
                                AND $column[comment]='$comment'");
//begin troll control
    if($user) {
        $column = &$pntable['pollcomments_column'];
        $result = $dbconn->Execute("SELECT COUNT(*) 
                               FROM $pntable[pollcomments] 
                               WHERE ($column[score]=-1) 
                                 AND ($column[name]='$userinfo[uname]') 
                                 AND (to_days(now()) - to_days($column[date]) < 3)");

        list($troll) = $result->fields;
    } elseif(!$score) {
        $column = &$pntable['pollcomments_column'];
        $result = $dbconn->Execute("SELECT COUNT(*) 
                                  FROM $pntable[pollcomments] 
                                  WHERE ($column[score]=-1) 
                                    AND ($column[host_name]='$ip') 
                                    AND (to_days(now()) - to_days($column[date]) < 3)");

        list($troll) = $result->fields;
    }
    if((!$tia) && ($fake == 1) && ($troll < 6)) {

        csrfcheck();

        $column = &$pntable['pollcomments_column'];

        // FTO : Add SEQ suffix to avoid conflict name with ORACLE
        $nextid = $dbconn->GenId("{$pntable['pollcomments']}_SEQ");

        //FTO Use a php date time to stay compatible with
        //    all databases.
        $now=$dbconn->DBTimeStamp(mktime());

        $result = $dbconn->Execute("INSERT INTO $pntable[pollcomments] ($column[tid], 
                                    $column[pid], $column[pollid], $column[date], 
                                    $column[name], $column[email], $column[url], 
                                    $column[host_name], $column[subject], 
                                    $column[comment], $column[score], $column[reason])
                                    VALUES ($nextid, '$pid', '$pollID', $now, '$name',
                                      '$email', '$url', '$ip', '$subject', '$comment',
                                      '$score', '0')");
        if($dbconn->ErrorNo()<>0)
        {
            error_log("Error: creating pollcomments, " . $dbconn->ErrorMsg);
        }
    } else {
        include("header.php");
        if($tia) echo "<font class=\"pn-normal\">Duplicate.  Did you submit twice?<br><br><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=index&amp;req=results&pollID=$pollID\">Back to Poll</a>";
        elseif($troll > 5) echo "This account or IP has been temporarily disabled.
                This means that either this IP, or
                user account has been moderated down more than 5 times in
                the last few hours.  If you think this is unfair,
                you should contact the admin.  If you
                are being a troll, now is the time for you to either
                grow up, or change your IP.<br><br><a class=\"pn-normal\" href=\"modules.php?op=modload&amp;name=$ModName&amp;file=index&amp;pollID=$pollID\">Back to Poll</a>";
        elseif($fake == 0) echo "According to my records, the topic you are trying
                to reply to does not exist. If you're just trying to be
                annoying, well then too bad.</font>";
        include("footer.php");
        exit;
    }
    pnRedirect('modules.php?op=modload&amp;name='.$ModName.'&amp;file=index&amp;req=results&amp;pollID='.$pollID);

}

switch($req) {

    case "Reply":
        reply($pid, $pollID, $mode, $order, $thold);
        break;

    case ""._PREVIEW."":
        replyPreview ($pid, $pollID, $subject, $comment, $xanonpost, $mode, $order, $thold, $posttype);
        break;

    case ""._OK."":
            CreateTopic($xanonpost, $subject, $comment, $pid, $pollID, $host_name, $mode, $order, $thold, $posttype);
        break;

    case "moderate":
        include("mainfile.php");

        csrfcheck();

	if(($admintest==1) || ($moderate==2)) {
            while(list($tdw, $emp) = each($HTTP_POST_VARS)) {
                if (eregi("dkn",$tdw)) {
                    $emp = explode(":", $emp);
                    if($emp[1] != 0) {
                        $tdw = ereg_replace("dkn", "", $tdw);
                        $column = &$pntable['pollcomments_column'];
                        $q = "UPDATE $pntable[pollcomments] SET";
                        if(($emp[1] == 9) && ($emp[0]>=0)) { # Overrated
                            $q .= " $column[score]=$column[score]-1 WHERE $column[tid]=$tdw";
                        } elseif (($emp[1] == 10) && ($emp[0]<=4)) { # Underrated
                            $q .= " $column[score]=$column[score]+1 WHERE $column[tid]=$tdw";
                        } elseif (($emp[1] > 4) && ($emp[0]<=4)) {
                            $q .= " $column[score]=$column[score]+1, $column[reason]=$emp[1] WHERE $column[tid]=$tdw";
                        } elseif (($emp[1] < 5) && ($emp[0] > -1)) {
                            $q .= " $column[score]=$column[score]-1, $column[reason]=$emp[1] WHERE $column[tid]=$tdw";
                        } elseif (($emp[0] == -1) || ($emp[0] == 5)) {
                            $q .= " $column[reason]=$emp[1] WHERE $column[tid]=$tdw";
                        }
                        if(strlen($q) > 20) $dbconn->Execute($q);
                    }
                }
            }
        }
    pnRedirect('modules.php?op=modload&name='.$ModName.'&file=index&req=results&pollID='.$pollID);
        break;

    case "showreply":
        DisplayTopic($pollID, $pid, $tid, $mode, $order, $thold);
        break;

    default:
    //FTO Remove warning
    if (!isset($tid)) $tid='';
    if (!isset($pid)) $pid='';
    if (!isset($order)) $order='';
    if (!isset($thold)) $thold='';

//        if ((isset($tid)) && (!isset($pid))) {
    if ((!empty($tid)) && (empty($pid))) {
            singlecomment($tid, $pollID, $mode, $order, $thold);
//        } elseif (($mainfile) xor (($pid==0) AND (!isset($pid)))) {
        } elseif (($mainfile) xor (($pid==0) AND (empty($pid)))) {
            pnRedirect('modules.php?op=modload&name='.$ModName.'&file=index&req=results&pollID='.$pollID.'&mode='.$mode.'&order='.$order.'&thold='.$thold);
        } else {
//            if(!isset($pid)) $pid=0;
            if(empty($pid)) $pid=0;
            DisplayTopic($pollID, $pid, $tid, $mode, $order, $thold);
        }
        break;
}

?>
Return current item: ProNuke. Postnuke To Oracle