Location: PHPKode > projects > Slashster > slashster/html/postcomment.php
<?

# Slashster: Open Source Friend of a Friend Software
# Copyright 2004 Mark El-Wakil
# Contact: hide@address.com
# http://seventhcycle.net
#
# This file is part of Slashster.
#
# Slashster is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# Slashster is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Slashster; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA


   import_request_variables("gPc");

   require("PageClass.php");

   $mpage = new PageClass("authonly");  
   $mpage->MembersOnly();
   $mpage->VerifiedOnly();

   if (!sizeof($mpage->Friend[1]))
   {
       $mpage->Initialize("authremainder");
       ?>
<BR>
<p class="title1">You have no friends</p>

<P>Sorry, but you can't post on the BBS unless you have some friends on
the <?= $mpage->sys[sitename] ?> network.  The reason for this is that you can only see posts
on the messageboard from people who are within your friend network.

<P>Please, <a href="invite.php">Invite some friends</a> to the site, and try
again later.</p>
<BR><BR>


       <?
       $mpage->ClosePage();
   }


   $lameness="";

   if ($submit)
   {
      $r = SubmitComment($_POST);
   
      if (is_numeric($r))
      {
           header("Location: bbs.php?showcomment=$r");
           exit;
      }
      else
      {
           $_POST[preview] = 1;
           $lameness = $r;
      }
   }

   $mpage->Initialize("authremainder");

?>


<table width=100% height=500 border=1 cellspacing=0 cellpadding=0>
<tr>
<td width=560 class="stdfilling">
<div style="height:500px; width=100%; overflow:auto;">
<?
    if ($postid)
    {
        $sql = "select * from CommentHead where Id = \"$postid\" ";
        $r = $mpage->DoQuery($sql,1);

        $lck = $r[0][Locked];
    }

    if ($lck)
    {
       Locked();
    }
    elseif ($preview)
    {
       PreviewText($reply);
       Form();
    }
    else
    {
       Form($reply);
    }
?>
</div>
</td>
<td width=200 class="stdfilling">
<div style="height:500px; width=100%; overflow:auto;">
<? 
    if ($preview)
    {
       PreviewWarning();
    }
    else
    {
       Rules();
    }
?>
</div>
</td>
</tr>

</table>

<?
   $mpage->ClosePage();


   function SubmitComment($p)
   {
        global $mpage;

        $txt = stripslashes($p[txt]);
        $txt = htmlentities($txt);
        $txt = $mpage->bbc($txt);
        $txt7 = $txt;
        $txt = addslashes($txt);

        $title = strip_tags($p[subject]);

        $interval = "1 minute";

        $sql = "select * from BoardSections where Id = \"$p[section]\"";
        $bs = $mpage->DoQuery($sql,1);

        if (!sizeof($bs))
            return "Please choose a section to post this in.";

        if (!$bs[0][Head])
            return "Please choose a <i>subtopic</i> to post this in, not a topic.";


        $sql = "select *, UNIX_TIMESTAMP(DateSub) as UT from CommentTable
                where Submittee = $mpage->IdNum AND DateSub > date_sub(NOW(), interval $interval)
                order by Id desc limit 1";

        $r   = $mpage->DoQuery($sql,1);

        if (sizeof($r) && !$mpage->Admin)
             return "You can only submit a comment once every 60 seconds";


        $sql = "select *, UNIX_TIMESTAMP(DateSub) as UT from CommentTable
                where Submittee = $mpage->IdNum AND DateSub > date_sub(NOW(), interval 30 minute)
                AND Txt = \"$txt\"
                order by Id desc limit 1";
        $r   = $mpage->DoQuery($sql,1);

        if (sizeof($r))
              return "Duplicate Post detected.";

        if ($p[reply])
        {
            $sql = "select * from CommentTable where Id = \"$p[reply]\" ";
            $rp  = $mpage->DoQuery($sql,1);
            if (!sizeof($rp)) return "Invalid reply";
            if ($rp[0][Head] != $p[postid]) return "Section Mismatch";
        }
         
        if ($mpage->CapsPercentage(trim(strip_tags($txt))) > 50)
            return "Lameness filter failed: Over 50% caps in body of your post.  Calm down.";
            
        if (strlen(trim($txt)) < 20)
            return "Lameness filter failed: Less than 20 characters in post.";
           
        $txt7 = stripslashes(strip_tags($txt7));
 
        if (preg_match("/\S{40}/", $txt7, $mtch)) 
        {
            return "Lameness filter failed: Don't print 40 letter+ words, doofus.";
        }

        if (!$p[postid])
        {
             if ($mpage->CapsPercentage($title) > 50)
                 return "Lameness filter failed: Over 50% caps in title";
                 
             if (strlen($title) < 10)
                 return "Lameness filter failed: Less than 10 characters in post title.";
                 
                 
             $sql = "insert into CommentHead set
                       Section=\"$p[section]\", Name=\"$title\", FSubm= $mpage->IdNum  ";
                     
             $mpage->DoQuery($sql);
             $p[postid] = mysql_insert_id();
             
             $frst=1;
        }
        else
        {   
             $sql = "select * from CommentHead where Id = \"$p[postid]\" ";
             $fp  = $mpage->DoQuery($sql,1);
             
             if (!sizeof($fp)) return "No proper Topic for posting this.";
             $fp = $fp[0];
             
             $level = $mpage->UserDistance($r[FSubm]);
             if ($level > 2) return "You do not have permission to post on this thread.";

             if ($fp[Section] != $p[section]) return "Section mismatch";
             if ($fp[Locked]) return "Cannot post here.  Thread is locked.";
        }
         
         
        $sql = "insert into CommentTable set
                Head = \"$p[postid]\", Txt=\"$txt\", DateSub=NOW(), Submittee=$mpage->IdNum,
                Parent = \"$p[reply]\" ";
                
        $mpage->DoQuery($sql);
        
        $mid = mysql_insert_id();
        
        
        if ($frst)
        {
           $sql = "update CommentHead set First=$mid, FSubm=$mpage->IdNum, Fdt=NOW()
                   where Id = \"$p[postid]\" ";
           $mpage->DoQuery($sql);
        }
         
        $sql = "update CommentHead set NumComments = NumComments + 1,
                Newest=$mid, NSubm=$mpage->IdNum, Ndt=NOW()
                where Id = \"$p[postid]\" ";
        $mpage->DoQuery($sql);
        
        $sql = "update UserTable set Posts = Posts + 1 where Id = $mpage->IdNum";
        $mpage->DoQuery($sql);
        
        if ($p[reply] && ($rp[0][Submittee] != $mpage->IdNum))
        {
           $msg = $mpage->PrintSnippit("NewMboardPost", array("id" => $mid));
           $mpage->MailSchedule($mpage->IdNum, $rp[0][Submittee], "New Comment to You",
                               $msg, 1);
        }
         
        return $mid;
        
   }    





function Locked()
{ ?>

<P>
This thread is locked.  You cannot post here.

<? } 



function PreviewText($repl)
{ 
   global $mpage;

   $txt2 = stripslashes($_POST[txt]);
   $txt2 = htmlentities($txt2);
   $txt2 = $mpage->bbc($txt2);


   $sql = "select CommentTable.*, UserTable.Fname, UserTable.PicDefault,
           UNIX_TIMESTAMP(DateSub) as CTUT
           from CommentTable
           left join UserTable on CommentTable.Submittee = UserTable.Id
           where CommentTable.Id= \"$repl\" order by Id asc $limit";

   $s = $mpage->DoQuery($sql,1);
   $s = $s[0];


?>

<center> 
<BR>
<table width=95% border=1 bordercolor=black cellspacing=0>
<tr>
<td colspan=2 class="stdtable">
&nbsp;
</td>
</tr>

<tr>
       <td width=100 valign=top class="stdtable">

<img src = "userpics/<?= $mpage->PicPr($mpage->user[PicDefault], $mpage->IdNum) ?>-b.jpg" width=80 height=60>
<a class="stdtxt" href= "user.php?id=<?= $mpage->IdNum ?>"><?= $mpage->user[Fname] 
?></a>
<BR>User #<?= $mpage->IdNum ?>
  
       </td>
       <td width=* valign=top class="stdfilling">

<? if (sizeof($s)) { 
 

?>
On <?= date("F d, Y h:i:a", $s[CTUT]) ?>, <a  href="~<?= $s[Login] ?>"><?= 
ucfirst($s[Fname]) ?></a> said:
(<a href="bbs.php?showcomment=<?= $s[Parent] ?>">link</a>)
<BR><BR>

<center>
<div align=left 
style="overflow:auto;width=90%;height=125px;border=1;" class="stdtable">
<?= $s[Txt] ?>
</div>
</center>
<BR>
<a href="user.php?id=<?= $mpage->IdNum ?>"><?= $mpage->user[Fname] ?></a>'s Response:
<BR><BR>

<? } ?>



<?= $txt2 ?>

</td>
</td></tr>
</table>
</center>
<BR><BR>
<? }


function Form($repl="")
{ 
   global $section;
   global $subsection;
   global $reply;
   global $postid;
   global $mpage;

   $rows = 20;

   if ($repl)
   {
   $sql = "select CommentTable.*, UserTable.Fname, UserTable.PicDefault, CT.Submittee as SubmitteeB,
           UTCTO.Fname as FnameB, UNIX_TIMESTAMP(CT.DateSub) as CTUT, CT.Txt as CTxt
           from CommentTable
           left join CommentTable as CT on CT.Id = CommentTable.Parent
           left join UserTable as UTCTO on UTCTO.Id = CT.Submittee
           left join UserTable on CommentTable.Submittee = UserTable.Id
           where CommentTable.Id = \"$repl\" order by Id asc";


       $s = $mpage->DoQuery($sql,1);

       if (sizeof($s))
       {
           $s = $s[0];
           $rows = 14;
           ?>
<center><BR>

<table width=95% border=1 cellspacing=0>
<tr>
       <td width=100 valign=top class="stdtable">
<a name="<?= $s[Id] ?>">

<img src = "userpics/<?= $mpage->PicPr($s[PicDefault], $s[Submittee]) ?>-b.jpg" width=80 height=60>
<a href = "~<?= $s[Login] ?>"><?= $s[Login] ?></a>
<BR>User #<?= $s[Submittee] ?>
<BR><BR><BR>

       </td>
       <td valign=top width=800 class="stdfilling">
<? if ($s[Parent]) { ?>
On <?= date("F d, Y h:i:a", $s[CTUT]) ?>, <a href="user.php?id=<?= $s[SubmitteeB] ?>"><?= $s[FnameB] ?></a> said:
(<a href="bbs.php?showcomment=<?= $s[Parent] ?>">link</a>)
<BR><BR>

<center>
<div align=left 
style="overflow:auto;width=90%;height=125px;border=1;" class="stdtable">
<?= $s[CTxt] ?>
</div>
</center>
<BR>
<a href="user.php?id=<?= $s[Submittee] ?>"><?= ucfirst($s[Fname]) ?></a>'s Response:
<BR><BR>

<? } ?>

<?= $s[Txt] ?>
     
</td>
</td></tr>
</table>
</center>
           <?

       }
   }



?>

<form name="newthread" method="post">
<input name="section"    value="<?= $section ?>" type=hidden>
<input name="subsection" value="<?= $subsection ?>" type=hidden>

<center>

<? if ($_POST[preview]) { ?>
<input class=submit name = "preview" type = "submit" value = "Preview Post">
<input class=submit name="submit" type = "submit" value = "Submit Post">
<? } ?>

<table width=95% cellspacing=0 cellpadding=0><tr><td>

<?
   global $lameness;

   if ($lameness) { ?>
<BR><font color=red><B><?= $lameness ?></b></font><BR><BR>
   <? } 
?>

<? if (!$postid) { ?>
Subject +(max 50 chars)<BR>
<input name = "subject" style = "width:500px" maxlength=50 value="<?=
 htmlentities(stripslashes($_POST[subject]))  ?>">
<BR>

Topic:<BR>
<select name="section" style="width:500px">
<?= $mpage->GetOptions($_POST[section]) ?>
</select>

<? } else { ?>
 <input name="reply"     value="<?= $reply ?>" type=hidden>
 <input name="postid" value="<?= $postid ?>" type=hidden>
<? } ?>

<BR>
<a href="bbcodeinfo.php" target="_blank">How to submit images and hyperlinks using BBcode</a>


<textarea name = "txt" rows="<?= $rows ?>" style = "width:500px">
<?= htmlentities(stripslashes($_POST[txt])) ?>
</textarea>

<BR><BR>
<center>
<input class=submit name = "preview" type = "submit" value = "Preview Post">
<? if ($_POST[preview]) { ?>
<input class=submit name="submit" type = "submit" value = "Submit Post">
<? } ?>
</center>
</td></tr></table>
</center>

</form>

<? }

function Rules()
{ ?>

<BR>
<table border=1 width=100% cellspacing=0 cellpadding=2px>
<form method=get>
<tr><td align=center class=stdtable>
<B>Submit a Comment</b>
</td></tr>
<tr><td align=left class="stdaltfilling">
<BR>
Just a couple notes when submitting something new:
<ul>
 <li> Be courteous!
 <li> Be friendly!
 <li> If you are going to debate something, be intellectual.
 <li> If you are going to ask a question, check to see that it already hasn't been answered.
</ul>

<P> Have Fun!

</td></tr>
    </table>


<? }


function PreviewWarning()
{ ?>

<BR>
    <table border=1 width=100% cellspacing=0 cellpadding=2px>
<form method=get>
<tr><td align=center class=stdtable>
<B>Preview Page</b>
</td></tr>
<tr><td align=left class="stdaltfilling">
<BR>

Here is what your post will look like when it appears on the site.  You can now check your post for:

<ul>
  <li>Spelling errors.
  <li>Grammar.
  <li>Anything you'd like to add to it.
</ul>

When your post is complete, hit submit.  You will be taken to the spot where it is posted.


</td></tr>
    </table>


<? }


?>
Return current item: Slashster