Location: PHPKode > projects > PSlash > pslash-0.70/html/comments.php
<?

###############################################################################
# Copyright (C) 2000  Derek Leung
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# You may modify your copy or copies of this Program or any portion of it,
# but you must cause the modified files to carry prominent notices stating 
# that you changed the files and the date of any change.  And you are required 
# to keep a copy of this License along with this Program.
#
# You are not required to accept this License, since you have not signed it. 
# However, nothing else grants you permission to modify or distribute this 
# Program or its derivative works. These actions are prohibited by law if 
# you do not accept this License. Therefore, by modifying or distributing 
# this Program (or any work based on this Program), you indicate your 
# acceptance of this License to do so, and all its terms and conditions 
# for copying, distributing or modifying this Program or works based on it.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
# See the GNU General Public License for more details.
# http://www.opensource.org/licenses/gpl-license.html
###############################################################################

if ($come_from_article != true) {
	include("mainfile.php"); 
}
global $config;

function navbar($sid, $title, $mode, $order,$myTopic) {

	global $config;
	$settingArray = getCookie($config[setting_cookie_name]);

	if ($mode == "") {
		$mode = $settingArray[umode];
		
	}
	if (!isset($order)) {
		$order = $settingArray[uorder];
	}

	$rs = mysql_query("select sid FROM ps_comments where sid=$sid");
	if(!$rs) $count = 0; else $count = mysql_num_rows($rs);
	if ($rs) {
		mysql_free_result($rs);
	}

    ?>	
	<table width=100% border=0 cellspacing=1 cellpadding=2>
		<tr>
			<td class="leftbox" align="center"><font size=2>
				<form method=get action="article.php">
					<input type=hidden name=myTopic value=<? echo $myTopic; ?>>
	
					<select name=mode>
						<option value="nocomments" <?PHP if ($mode == 'nocomments') { echo "selected"; } ?>><?php echo translate("No Comments") . "\n"; ?>
						<option value="nested" <?PHP if ($mode == 'nested') { echo "selected"; } ?>><?php echo translate("Nested") . "\n"; ?>
						<option value="flat" <?PHP if ($mode == 'flat') { echo "selected"; } ?>><?php echo translate("Flat") . "\n"; ?>
						<option value="threaded" <?PHP if (!isset($mode) || $mode=='threaded' || $mode=="") { echo "selected"; } ?>><?php echo translate("Threaded") . "\n"; ?>
					</select> 
					<select name=order>
						<option value="0" <?PHP if ($order==0) { echo "selected"; } ?>><?php echo translate("Oldest First") . "\n"; ?>
						<option value="1" <?PHP if ($order==1 || !isset($order)) { echo "selected"; } ?>><?php echo translate("Newest First") . "\n"; ?>
					</select> 
	
					<input type=hidden name=sid value=<?PHP echo "$sid"; ?>>
					<input type=hidden name=op value=Refresh>
					<input type=submit value="<?php echo translate("Refresh"); ?>">
				</form>
			</td>
		</tr>
   
		<tr>
			<td align=center>
				<small>
				<?php echo translate("The comments are owned by whoever posted them. This site is not responsible for what they say."); ?>
				</small>
			</td>
		</tr>
	</table>
	<?
}

/*
function displayTopic($sid,$myTopic, $order=0,$mode="threaded") {

// Not in use anymore, merge with displayComments, I leave it here for now..
	global $config;

	$settingArray = getCookie($config[setting_cookie_name]);
	if ($mode == "" && $settingArray[umode] !="") {
		$mode = $settingArray[umode];
	}

	if ($order == "" && $settingArray[uorder] !="") {
		$order = $settingArray[uorder];
	}

	$pid = 0; // get the parent 
	$query = "select tid, pid, sid, date, name, email, url, host_name, subject, comment, uid from comments where sid=$sid and pid=$pid";

	// make the query str for sorting
	if ($order == "" || $order == 0) {
		$query .= " order by date";
		$order = 0;
	}
	if ($order == 1) {
		$query .= " order by date desc";
	}
	if ($mode == "") {
		$mode = "threaded";
	}

	echo "<hr>\n";
	navbar($sid,$title,$mode,$order,$myTopic);

	$rs = mysql_query("$query");
	$tidNum = mysql_num_rows($rs);

	for ($i=0; $i<$tidNum; $i++) {
   		list($tid, $pid, $sid, $date, $name, $email, $url, $host_name, $subject, $comment, $uid) = mysql_fetch_row($rs);
   		$date = formatShortTimestamp($date);   	
   		if ($name == "" || $name == null) {
   			$name= translate("Anonymous");
   		}
   		list($readmore,$comment) = comment_len($comment);
		if ($mode != "nocomments") {   	
		   $comment = myNl2Br($comment);
		   $comment = check_words($comment);
		   $subject = check_words($subject);
   		   themearticle($name,$date,$subject,$comment,$tid,$mode,$host_name);
		   comment_replylink($tid,$sid,$pid,$myTopic,$mode,$order,$readmore);

		   displayChild($tid,$sid,$myTopic,$mode,$order);
		   echo "\n";	
		}
   }

   mysql_free_result($rs);
}
*/

function comment_len($comment) {

// find the comment length we are going to display base on user setting or config.php, and return the chopped comment.
	global $config;

	$readmore = 0;
	$settingArray = getCookie($config[setting_cookie_name]);
	if ($settingArray[commentmax] != "") {
		$commentmax = $settingArray[commentmax];
	} else {
		$commentmax = $config[commentmax];
	}
	if(($commentmax) && (strlen($comment) > $commentmax)) {
		$comment = substr("$comment", 0, $commentmax);
		$readmore = 1;
	}
	return array($readmore,$comment);
}

function comment_replylink($tid,$sid,$pid,$myTopic,$mode,$order,$readmore) {

// display the reply link
	echo "[<a href=\"comments.php?op=Reply&pid=$tid&sid=$sid&tid=$tid&mode=$mode&order=$order&myTopic=$myTopic\"> ".translate("Reply to this")." </a>";
		   
	if ($readmore == 1) {
		echo "|<a href=\"comments.php?pid=$tid&tid=$tid&mode=$mode&order=$order&myTopic=$myTopic&op=ShowComment#$tid\"> ".translate("Read the rest of this comment")." </a>\n";
	}
	echo "]<br><br>\n";
}


function displayChild($tid,$sid,$myTopic,$mode,$order,$singleComment=0) {

// recursive function to display all the children of a comment
// when $singleComment = 1, we are displaying only 1 comment and its children. 
// only called by "read the rest of the comments" link.(when the comment is too long)  
// when $singleComment =0 , we are displaying the comments and its children at the same level

   $query = "select pid,tid,subject,date,name,email,host_name,comment from ps_comments where pid=$tid";
   $rs1 = mysql_query("$query");
   $numRow = mysql_num_rows($rs1);

	if ($numRow > 0) {
		for ($i=0;$i<$numRow;$i++) {
			list($pid,$childTid,$subject,$date,$name,$email,$hostname,$comment) = mysql_fetch_row($rs1);
	
			$comment = check_words($comment);
			$comment = myNl2br($comment);
			$subject = check_words($subject);
			switch ($mode) {
				case "threaded":
					if ($singleComment==1) {
   						echo "<ul><li><a href=\"comments.php?pid=$pid&tid=$childTid&mode=$mode&order=$order&myTopic=$myTopic&op=SingleComment#$childTid\">$subject</a>\n";
					} else {
						echo "<ul><li><a href=\"comments.php?sid=$sid&pid=$pid&tid=$childTid&mode=$mode&order=$order&myTopic=$myTopic#$childTid\">$subject</a>\n";
					}
				break;

				case "nested":
   					$date = formatShortTimestamp($date);
					if ($name == "" || $name == null) {
						$name= translate("Anonymous");
					}
					echo "<ul>";
   					list($readmore,$comment) = comment_len($comment);
					themearticle($name,$date,$subject,$comment,$childTid,$mode,$hostname);
					comment_replylink($childTid,$sid,$pid,$myTopic,$mode,$order,$readmore);
	   			break;

				case "flat":
					$date = formatShortTimestamp($date);
					if ($name == "" || $name == null) {
						$name= translate("Anonymous");
					}
   					list($readmore,$comment) = comment_len($comment);
					themearticle($name,$date,$subject,$comment,$tid,$mode,$hostname);
					comment_replylink($tid,$sid,$pid,$myTopic,$mode,$order,$readmore);
				break;
			}

			if ($singleComment == 1) {
				// we are displaying only 1 comment and its children
				displayChild($childTid,$sid,$myTopic,$mode,$order,1);
			} else {
				// we are displaying all comments at the same level under that story id
				displayChild($childTid,$sid,$myTopic,$mode,$order);
			}
      }
   } else {
        if ($mode != "flat") {
           echo "</ul>\n";
        }
        return;

   } 
   echo"</ul>\n";
   mysql_free_result($rs1);
}

function displayComments($tid,$mode,$order,$myTopic,$pid,$sid="") {

// display comments base on input, if there is no $sid input, we assume we are comming from some other file, header and footer has been called.
	global $header,$config;

	
	if ($sid =="" && $tid != "") {
		// no story id?  we display the comment and its children
		$query = "select sid,tid,subject,date,name,email,host_name,comment from ps_comments where tid=$tid";
	} elseif ($sid != "" && $pid == "") {
		// have a story id, but do not have a parent id, so, we get the all the comments base on story id
		$query = "select sid,tid, subject, date, name, email, host_name, comment from ps_comments where sid=$sid and pid=0";	
	} else {
		// we have story id and parent id, get that parent thread
		$query = "select sid,tid,subject,date,name,email,host_name,comment from ps_comments where pid=$pid AND sid=$sid";
	}


	// grap user perference
	$settingArray = getCookie($config[setting_cookie_name]);
	if ($mode == "" && $settingArray[umode] !="") {
		$mode = $settingArray[umode];
	}

	if ($order == "" && $settingArray[uorder] !="") {
		$order = $settingArray[uorder];
	}


	// make the query str for sorting
	if ($order == "" || $order == 0) {
		$query .= " order by date";
		$order = 0;
	}
	if ($order == 1) {
		$query .= " order by date desc";
	}
	if ($mode == "") {
		$mode = "threaded";
	}

	// do the query
	$rs = mysql_query("$query");
	$numRow = mysql_num_rows($rs);
	
	// should we include header?
	if ($sid != "" && $pid == "") {
		// we come from some other file that has already send the header..so do nothing	
	} else {
		$header[js] = "true";
		ps_header($header);
	}
   
	// if no sid input, we try to find it
	if ($sid == "") {	
		list($sid, $tid,$subject,$date,$name,$email,$hostname,$comment) = mysql_fetch_row($rs);
		mysql_data_seek ($rs, 0); 
		navbar($sid,$title,$mode,$order,$myTopic);
		unset($sid); // yea , make sure we unset it now...in order to get the rest of the script to work
	} else {
		navbar($sid,$title,$mode,$order,$myTopic);
	}

	// loop the result
	for ($i=0;$i<$numRow;$i++) {
		list($junk, $tid,$subject,$date,$name,$email,$hostname,$comment) = mysql_fetch_row($rs);

		if ($name=="" || $name == null) {
			$name=translate("Anonymous");
		}
		$titlebar = "$subject";
		$date = formatShortTimestamp($date);
		if ($sid != "") {
			list($readmore,$comment) = comment_len($comment);
		}
		$comment = check_words($comment);
		$comment = myNl2br($comment);
		$subject = check_words($subject);
		themearticle($name,$date,$subject,$comment,$tid,$mode,$hostname);
		comment_replylink($tid,$sid,$pid,$myTopic,$mode,$order,$readmore);

		if ($sid == "") {
			// we are displaying only one comment and its children.  only called by "read the rest of the comments" link.(when the comment is too long)  
			displayChild($tid,$sid,$myTopic,$mode,$order,1);
		} else {
			// we are displaying all comments under that comment id and all comments at the same level
			displayChild($tid,$sid,$myTopic,$mode,$order);
		}
	}
	mysql_free_result($rs);

	// should we include footer?
	if ($sid != "" && $pid == "") {
		// we come from some other file that has already send the footer..so do nothing	
	} else {
		ps_footer("");
	}
}


function reply ($pid, $sid, $mode, $order, $myTopic) {
	
// function for replying to a comment or a story
	global $header,$config;

	$userArray = getCookie($config[user_cookie_name]);

	if ($config[anon_users] == 0 && sizeof($userArray) <= 0) {
		header("Location: user.php?mesg=You+have+to+login+first+before+you+can+post+comments!");
		exit;
	}

	if($pid!=0) {
		list($date, $name, $email, $url, $subject, $comment) = mysql_fetch_row(mysql_query("select date, name, email, url, subject, comment from ps_comments where tid=$pid"));
	} else {
		list($date, $subject, $comment,$name) = mysql_fetch_row(mysql_query("select time, title, full_text, aid FROM ps_stories where sid=$sid"));
	}

	$header[titlebar] = translate("Reply to the following message:");;
	ps_header($header);
	$datetime = formatShortTimestamp($date);
	if($name == "") $name = translate("Anonymous");
	if($subject == "") $subject = translate("[no subject]");

	if(!isset($pid) || !isset($sid)) { echo translate("If you come into this page, your URL is not correct."); exit(); }
	$comment = myNl2Br(check_words($comment));

	themearticle($name, $datetime, $subject, $comment);
	echo "<hr>";
	if($pid == 0) {
		list($subject) = mysql_fetch_row(mysql_query("select title from ps_stories where sid=$sid"));
	} else {
		list($subject) = mysql_fetch_row(mysql_query("select subject from ps_comments where tid=$pid"));
	}
	
	echo "\n<form action=\"comments.php\" method=post name=\"comment\">";
	echo "<P><FONT color=\"$textcolor1\"><B>".translate("Your Name")."</B></FONT> ";
	$userArray = getCookie($config[user_cookie_name]);
	if (sizeof($userArray) > 0) {
		
		echo "<a href=\"user.php\">$userArray[username]</a>";
	} else {
		echo translate("Anonymous");
	}
	echo "<P><FONT color=\"$textcolor1\"><B>".translate("Subject")."</B></FONT><BR>";
	if ($replyprefix == "") {	
		if (!eregi(translate("Re:"),$subject) && !eregi("Re:",$subject)) {
			$subject = translate("Re:")." ".$subject;
		}
	} else {
		if (!eregi($replyprefix,$subject)) {
			$subject = $replyprefix." ".$subject;
		}
	}
	echo "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject\"><BR>";
	echo "<P><FONT color=\"$textcolor1\"><B>".translate("Your Comment")."</B></FONT><BR>"
		."<TEXTAREA wrap=virtual cols=40 rows=10 name=comment></TEXTAREA><br>";
	if (sizeof($userArray) > 0) { echo "<INPUT type=checkbox name=postanon> ".translate("Post Anonymously")."<br>"; }
	echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">
		<INPUT type=\"hidden\" name=\"sid\" value=\"$sid\">
		<INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">
		<INPUT type=\"hidden\" name=\"order\" value=\"$order\">
		<INPUT type=\"hidden\" name=\"myTopic\" value=\"$myTopic\">
		<SELECT name=\"op\">
			<OPTION value=\"Preview\">".translate("Preview")."</option>
			<OPTION value=\"Post\" selected>".translate("Post")."</option>
		</SELECT>
		<input type=\"hidden\" name=\"posttype\" value=\"html\" >

		<INPUT type=submit value=\"".translate("Submit")."\">
		</FORM><br>
		<small>".translate("Allowed HTML").":<br>";
		
	while (list($key,)= each($config[AllowableHTML])) echo " &lt;".$key."&gt;";

	ps_footer("");
}


function replyPreview ($pid, $sid, $subject, $comment, $postanon, $mode, $order, $posttype,$myTopic) {

// preview a reply before post
	global $config,$header;
      	
	$header[titlebar] = translate("Preview your reply message:");
	ps_header($header);
	
	if(empty($subject) || (!ereg("[a-zA-Z0-9]",$subject))) {
		echo translate("Nice try, but you have to enter a subject.");
		ps_footer("");
		exit();
	}
	if(empty($comment) || (!ereg("[a-zA-Z0-9]",$comment))) {
		echo translate("You're going to have to put some content. Hit back.");
		ps_footer("");
		exit();
	}

	$userArray = getCookie($config[user_cookie_name]);
	$subject = check_html($subject);
	$comment = myNl2br(check_html($comment));
	$subject2 = htmlspecialchars($subject);

	if (!isset($pid) || !isset($sid)) { echo translate("If you come into here, the URL is most likely wrong."); exit(); }

	echo "<table width=99% border=0><tr><td>";
	echo "<p><b>$subject</b>";
	echo "<br>";
	echo "</td></tr><tr><td>";

	echo auto_link($comment);
	echo "</td></tr></table><br>";

	echo "<hr size=1>";

	echo "\n<form action=\"comments.php\" method=post name=\"form1\">
		<P><B>".translate("Your Name")."</B> ";
	if ($userArray[username]) {
		echo "<a href=\"user.php\">$userArray[username]</a> ";
	} else {
		echo translate("Anonymous");
	}
	echo "<P><B>".translate("Subject")."</B><BR>"
		."<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject2\"><br>"
		."<P><B>".translate("Comment")."</B><BR>"
		."<TEXTAREA wrap=virtual cols=40 rows=10 name=comment>$comment</TEXTAREA><br>";
	if ($postanon) { 
		echo "<INPUT type=checkbox name=postanon checked> ".translate("Post Anonymously")."<br>"; 
	} elseif($userArray[username]) { 
		echo "<INPUT type=checkbox name=postanon> ".translate("Post Anonymously")."<br>"; 
	}
	echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">
		<INPUT type=\"hidden\" name=\"sid\" value=\"$sid\">
		<INPUT type=\"hidden\" name=\"mode\" value=\"$mode\">
		<INPUT type=\"hidden\" name=\"order\" value=\"$order\">
		<INPUT type=\"hidden\" name=\"myTopic\" value=\"$myTopic\">

		<SELECT name=\"op\">
			<OPTION value=\"Preview\">".translate("Preview")."</option>
			<OPTION value=\"Post\" selected>".translate("Post")."</option>
		</SELECT>";
	echo "<INPUT type=\"hidden\" name=\"posttype\" value=\"html\">";
	echo "<INPUT type=submit value=\"".translate("Submit")."\"></FORM><br>";
	echo "<font size=2>".translate("Allowed HTML").":<br>";

	while (list($key,)= each($config[AllowableHTML]))
		echo " &lt;".$key."&gt;";

	?>
	<script language="JavaScript">
	var newmsg2="";
	var myString=document.form1.comment.value;
		myString = myString.replace(/\r/g,'');
		myString = myString.replace(/\n/g,'');
		newmsg2 = myString.replace(/<br>/g,'\n');
		newmsg2 =document.form1.comment.value=newmsg2;
	</script>

	<?
	ps_footer("");
}


function Post ($postanon, $subject, $comment, $pid, $sid, $host_name, $mode, $order,$posttype,$myTopic) {

// post a comment
	global $config;
      	
	if(empty($subject) ) {
		errorPage("Error!!! You have to put in a subject.  Please hit back.",$myTopic);
	}
	if(empty($comment) ) {
		errorPage("Error!!! You have to enter some content.  Please hit back.",$myTopic);
	}

	$userArray = getCookie($config[user_cookie_name]);
	$subject = FixQuotes(check_html($subject, "nohtml"));
	$comment = FixQuotes(check_html($comment));
	
	if ($userArray[username] != "") {
		list($name, $email, $femail, $url, $uid) = @mysql_fetch_row(mysql_query("select a.uname, u.email, u.femail, u.url, u.uid from ps_users_info u, ps_users a where a.uid='$userArray[userid]' and u.uid = a.uid"));
		if ($config[use_fake_email]) {
			$email = $femail;
		}

	} elseif ($config[anon_users]==0 && sizeof($userArray) <= 0) {
		// we don't allow anonymous post, go out
		header("Location: user.php?mesg=You+have+to+login+first+before+you+can+post+comments!");
		exit;
	} else {
		// we allow anonymous post, set the variable
		$name = "Anonymous";
		$email = "";
		$femail = "";
		$url = "";
		$uid = -1;
	}

	$ip = getenv("REMOTE_ADDR");
	if ($postanon) {
		$name = "Anonymous";
	}

	$db_uname = FixQuotes($name);

	//begin fake thread control
	list($fake) = mysql_fetch_row(mysql_query("select count(*) from ps_stories where sid=$sid"));
	
	//begin duplicate control
	list($tia) = mysql_fetch_row(mysql_query("select count(*) from ps_comments where pid='$pid' and sid='$sid' and subject='$subject' and comment='$comment' limit 650"));

	if (!$tia)  {
		$tmp = "insert into ps_comments values (NULL, '$uid', '$pid', '$sid', now(), '$db_uname', '$email', '$url', '$ip', '$subject', '$comment')";
		mysql_query($tmp);
		if (sizeof($userArray) >0) {
			$tmp = "update ps_users set commentPostNum=commentPostNum+1 where uid=$userArray[userid]";
			$result= mysql_query($tmp);
			if (!$result) {
				echo mysql_errno(). ": ".mysql_error(). "<br>";
			}
		}
	} else {
		if($tia) {
			// we found duplicate comments post twice
			errorPage("Duplicate.  You can not submit the same comment twice!",$myTopic);
		} elseif($fake == 0) {
			errorPage("According to my records, the topic you are trying to reply to does not exist.",$myTopic);
		} else {
			errorPage("Something is wrong that I can't figure out.  Please go back.",$myTopic);
		}
	}
	
	Header("Location: article.php?sid=$sid&mode=$mode&order=$order&myTopic=$myTopic");
}


function editComment ($pid, $myTopic,$comment,$subject) {

// edit an existing comments.
	global $config,$header;
     
	$header[titlebar] = translate("Editing comment:");
	ps_header($header);
	
	$userArray = getCookie($config[user_cookie_name]);
	
	if (!isset($pid)) { 
		errorMsg("If you come into here, the URL is most likely wrong."); 
		ps_footer("");
		exit(); 
	}

	// get the comments
	$result = mysql_query("select * from ps_comments where tid=$pid");
	$comArray = mysql_fetch_array($result);
	if ($result) {
		mysql_free_result($result);
	}

	// kick out anyone who is not an admin/moderator or the owner of the comment
	if ($userArray[status] != "Admin" && $userArray[status] != "Moderator" && strcasecmp($userArray[username],$comArray[name]) != 0) {
		errorMsg("You are not allowed to edit this coment."); 
		ps_footer("");
		exit(); 
	}

	// no input?  we get it from DB
	if ($comment == "" && $subject == "") {
		$subject = check_html($comArray[subject],"nohtml");
		$comment = myNl2br(check_html($comArray[comment]));
		$subject = htmlspecialchars($subject);
		
	} else {
		$subject = check_html($subject,"nohtml");
		$comment = myNl2br(check_html($comment));
		$subject = htmlspecialchars($subject);
	}

	// now show the coment
		
	echo "<table width=99% border=0>";
	echo "<tr><td>";
	echo "<p><b>$subject</b>";
	echo "<br>";
	echo "</td></tr>";

	echo "<tr><td>";
	echo auto_link($comment);
	echo "</td></tr>";
	echo "</table><br>";

	echo "<hr size=1>\n";

	echo "<form action=\"comments.php\" method=post name=\"form1\"><P><B>";
	echo translate("Your Name")."</B> ";
	if ($userArray[username]) {
		echo "<a href=\"user.php\">$userArray[username]</a> ";
	} else {
		echo translate("Anonymous");
	}
	echo "<P><B>".translate("Subject")."</B><BR>"
		."<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=60 value=\"$subject\"><br>"
		."<P><B>".translate("Comment")."</B><BR>"
		."<TEXTAREA wrap=virtual cols=40 rows=10 name=comment>$comment</TEXTAREA><br>";
	
	echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">
		<INPUT type=\"hidden\" name=\"myTopic\" value=\"$myTopic\">

		<SELECT name=\"op\">
			<OPTION value=\"editComment\">".translate("Preview")."</option>
			<OPTION value=\"updateComment\" selected>".translate("Edit")."</option>
		</SELECT>";
	echo "<INPUT type=\"hidden\" name=\"pid\" value=\"$pid\">";
	echo "<INPUT type=submit value=\"".translate("Submit")."\"></FORM><br>";
	echo "<font size=2>".translate("Allowed HTML").":<br>";
	while (list($key,)= each($config[AllowableHTML]))
		echo " &lt;".$key."&gt;";
	?>

	<script language="JavaScript">
	var newmsg2="";
	var myString=document.form1.comment.value;
		myString = myString.replace(/\r/g,'');
		myString = myString.replace(/\n/g,'');
		newmsg2 = myString.replace(/<br>/g,'\n');
		newmsg2 =document.form1.comment.value=newmsg2;
	</script>

	<?
	ps_footer("");
}


function updateComment ($subject, $comment, $pid,$myTopic) {

// update the comment after edit
	global $config;
      	
	if(empty($subject)) {
		errorPage("Error!!! You have to put in a subject.  Please hit back.",$myTopic);
	}
	if(empty($comment) ) {
		errorPage("Error!!! You have to enter some content.  Please hit back.",$myTopic);
	}
	
	$result = mysql_query("select sid from ps_comments where tid=$pid");
	list($sid) = mysql_fetch_array($result);
	if ($result) {
		mysql_free_result($result);
	}
	$result = mysql_query("select * from ps_comments where tid=$pid");
	$comArray = mysql_fetch_array($result);
	$userArray = getCookie($config[user_cookie_name]);
	if ($result) {
		mysql_free_result($result);
	}

	// kick out everyone if he is not an admin/moderator or the owner of the comment
	if ($userArray[status] != "Admin" && $userArray[status] != "Moderator" && strcasecmp($userArray[username],$comArray[name]) != 0) {
		errorPage("You are not allowed to edit this comment.",$myTopic); 
	}
	
	$subject = FixQuotes(check_html($subject, "nohtml"));
	$comment = FixQuotes(check_html($comment));
	$userArray = getCookie($config[user_cookie_name]);
	$datetime = strftime($config[dateString],time());

	// add the edited signature
	$editSig = "<font size=-2 ><em>(".translate(sprintf("This post is edited by %s", fixquotes($userArray[username]) ))." on " . $datetime .")</em></font>";
	$comment .= "<br>$editSig";
	$ip = getenv("REMOTE_ADDR");

	$tmp = "update ps_comments set subject='$subject',comment='$comment' where tid=$pid";
	mysql_query($tmp);
	
	Header("Location: article.php?sid=$sid&mode=$mode&order=$order&myTopic=$myTopic");
}

function delComment ($pid,$myTopic) {

// delete a comment
	global $config;
      	
	$result = mysql_query("select sid from ps_comments where tid=$pid");
	list($sid) = mysql_fetch_array($result);
	if ($result) {
		mysql_free_result($result);
	}
	$result = mysql_query("select * from ps_comments where tid=$pid");
	$comArray = mysql_fetch_array($result);
	$userArray = getCookie($config[user_cookie_name]);
	if ($result) {
		mysql_free_result($result);
	}

	// kick out everyone if he is not an admin/moderator or the owner of the comment
	if ($userArray[status] != "Admin" && $userArray[status] != "Moderator" ) {
		errorPage("You are not allowed to delete this comment.",$myTopic); 
	}

	// delete all the comments and its children
	$tmp = "delete from ps_comments where pid=$pid";
	mysql_query($tmp);
	$tmp = "delete from ps_comments where tid=$pid";
	mysql_query($tmp);
	
	Header("Location: article.php?sid=$sid&mode=$mode&order=$order&myTopic=$myTopic");
}

//  --------------Main program start here-----------------


switch($op) {

	case "Reply":
		reply($pid, $sid, $mode, $order, $myTopic)  ;
		break;
	
	case "editComment":
		editComment($pid, $myTopic,$comment,$subject)  ;
		break;

	case "Preview":
		replyPreview ($pid, $sid, $subject, $comment, $postanon, $mode, $order, $posttype,$myTopic);
		break;

	case "Post":
		Post ($postanon, $subject, $comment, $pid, $sid, $host_name, $mode, $order, $posttype,$myTopic);
		break;

	case "ShowComment":
		displayComments($tid,$mode,$order,$myTopic,$pid);
		break;

	case "updateComment":
		updateComment ($subject, $comment, $pid,$myTopic) ;
		break;

	case "delComment":
		delComment ($pid,$myTopic) ;
		break;

	default:
		if (isset($tid)) {
		    displayComments($tid,$mode,$order,$myTopic,$pid,$sid);
		   return;
		}		
		if (ereg("article.php",$REQUEST_URI)) {
		   //displayTopic($sid,$myTopic, $order,$mode);
		   displayComments("",$mode,$order,$myTopic,"",$sid);
		   return;
		} 
		errorMsg("Error!!! No comment is choosen.  Most likely you have a wrong URL");
		break;
}

# no more code after this line avoid cookies error.
?>
Return current item: PSlash