Location: PHPKode > projects > Sound PHP Engine > s-p-e-0.3.0/s-p-e-0.3.0/comsaver.php
<?php
// ===================================================== 
// 
// s-p-e - Content management system. 
// Copyright (C) 2004, 2005, 2010, 2011 Vladimir B. Tsarkov
// 
// This file is part of s-p-e. 
// 
// s-p-e is free software; you can redistribute it and/or modify 
// it under the terms of the GNU General Public License as published by 
// the Free Software Foundation, either version 3 of the License, or 
// (at your option) any later version. 
// 
// s-p-e is distributed in the hope that it will be useful, 
// but WITHOUT ANY WARRANTY; without even the implied warranty of 
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 
// GNU General Public License for more details. 
// 
// You should have received a copy of the GNU General Public License 
// along with s-p-e. If not, see <http://www.gnu.org/licenses/>.
//
// ------
//
//  You can contact me via e-mail: lipetsk-gnu-lug at bk period ru
//
//  comsaver.php
//
//  Abstract: Saves comments.
// 
//  Revision History:
// 
//	1  2004-03-27 - 2005-07-02 vbt
//	2  2005-07-19  vbt
//	3  2005-10-30  vbt
//	4  2010-06-23  vbt
//	5  2011-01-22  vbt
// 6	2011-11-04	vbt
//
// =====================================================
header("Content-Type: text/html; charset=UTF-8");

include("data/configure/specfg.php");
include("include/functions.php");

if(isset($_POST["lng"]))
{
	$lng = $_POST["lng"];
	$shortlng = substr($lng, 0, 2);
	language($lng);
}
else
{
	$cfg["language"] = $cfg["deflang"];
	$shortlng = substr($cfg["deflang"], 0, 2);
	language($cfg["deflangvisitor"]);
}

echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">
<html>
<head>

<title>".(_("Comment saving"))."&nbsp;-&nbsp;".($cfg["xtitle"])."</title>

<link rel='stylesheet' type='text/css' href='skin/".($cfg["skin"])."/style.css'>
</head>
<body class='client'>";

if(isset($_POST['id']) && isset($_POST['rid']) && isset($_POST['uname']) 
&& isset($_POST['umail']) && isset($_POST['comment']) && isset($_POST['send']) && isset($_POST["lng"]))
{
	$id = $_POST['id'];
	$rid = $_POST['rid'];
	$uname = $_POST['uname'];
	$uname = addslashes($uname);
	$umail = $_POST['umail'];
	$umail = trim($umail);
	$send = $_POST['send'];
	$comment = $_POST['comment'];
	$comment = addslashes($comment);
	
	if(isset($send) && ctype_digit($id) && ctype_digit($rid))
	{
		if($comment)
		{
			if($uname == false)
				echo "<font class='negative'>".(_("Please, specify your name."))."</font>";
			else if(strlen($comment)>500)
				echo "<font class='negative'>
				".(_("Comment is longer than 500 characters. Please shorten it and try again."))."
				</font>";
			else if($umail)
			{
			   if(ereg("^[0-9A-Z_a-z.\-]+"."@"."[0-9A-Z_a-z\-]+\."."[0-9A-Z_a-z]+(\.[0-9A-Z_a-z]+)?$", $umail) == false)
					echo "<font class='negative'>".(_("Invalid e-mail address."))."</font>";
			   else 
			   {
				$umail = addslashes($umail);
				connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
				mysql_query("insert into ".($cfg["prefix"])."comment 
				(partid, recid, uname, umail, comment, date, timer) 
				values ('$id', '$rid', '$uname', '$umail', '$comment', '".(date("Y-m-d"))."', now())", $connector) 
				or die("error #102");
				mysql_close($connector);
				echo "<font class='positive'>".(_("Comment was saved successfully."))."</font>";
			   }
			} 
			else 
			{
				connect($cfg["host"], $cfg["user"], $cfg["password"], $cfg["database"], $connector);
				mysql_query("insert into ".($cfg["prefix"])."comment 
				(partid, recid, uname, comment, date, timer) 
				values ('$id', '$rid', '$uname', '$comment', '".(date("Y-m-d"))."', now())", $connector) 
				or die("error #102");
				mysql_close($connector);
				echo "<font class='positive'>".(_("Comment was saved successfully."))."</font>";
			}
		} 
		else 
		{
			echo "<font class='negative'>".(_("Please, specify your comment."))."</font>";
		}
	} 
	else 
	{
		echo "error #101";
	}
} 
else 
{
	echo "error #101";
}

echo "<p>
".(_("Back to the"))." <a href='index.php?ins=com&id=$id&rid=$rid&lng=$shortlng'>".(_("Commented page"))."</a>
</p>
<p>
".(_("Back to the"))." <a href='index.php?lng=$shortlng'>".(_("Index page"))."</a>
</p>

</body>
</html>";

?>
Return current item: Sound PHP Engine