<?php require('layout/header.php'); ?>
<script type="text/javascript">
function insert(was) {
document.op.opinion.value += was + " ";
document.op.opinion.focus();
}
</script>
<script type="text/javascript">
function showSuccessMessage() {
showNotification({
type : "success",
message: "<?php echo $lang['succes_opinion']; ?>"
});
}
function showErrorMessage() {
showNotification({
type : "error",
message: "<?php echo $lang['couldnot_opinion']; ?>"
});
}
</script>
<div id="content_wrapper">
<div class="content"><?php
if((isset($_GET['id'])) && (is_numeric($_GET['id']))) {
$id = mysql_real_escape_string($_GET['id']);
$id = intval($_GET['id']);
}else{
echo '<p align="center" class="false">' . $lang['invalid_id'] . '!</p>';
exit();
}
include('functions/bbcode.php');
include('functions/badwords.php');
$sql = "SELECT * FROM discussions WHERE disc_id = '" . $id . "'";
$result = mysql_query($sql) OR die(mysql_error());
if(!$result) {
echo '<p class="false">' . $lang['disc_not_exists'] . '.</p>';
}else{
if(intval(mysql_num_rows($result)) == 0) {
echo '<p class="false">' . $lang['disc_not_exists'] . '.</p>';
}else{
echo '<h1>' . $lang['discussion'] . '</h1><br>';
while($row = mysql_fetch_assoc($result)) {
$viewsql = "UPDATE
discussions
SET
views = views + 1
WHERE
disc_id = " . $id;
$viewcount = mysql_query($viewsql) OR die(mysql_error());
$message = strip_tags($row['discussion']);
$message = str_replace("\\r\\n","<br>", $message);
echo '<span class="leftside"><img src="images/user.png" alt="User"> <a href="mailto:' . htmlentities($row['email'], ENT_QUOTES) . '">' . htmlentities($row['author'], ENT_QUOTES) . '</a></span>
<span class="rightside">';
if($language == "de") {
echo date('d.m.Y - H:i', strtotime($row['date']));
}elseif($language == "en") {
echo date('Y-m-d - H:i', strtotime($row['date'])); }
echo ' ' . $lang['o_clock'] . '</span>
<div id="head_line"> </div>
<p><span class="disc_tags">' . htmlentities($row['subject'], ENT_QUOTES) . '</span></p><br>
<p>' . parseBBCode2HTML(delBad(nl2br(stripslashes($message)))) . '</p><br>
<span class="leftside"><span class="comment_tags"><a href="#comment" class="comment_tags">' . $lang['write_comment'] . '</a></span></span>
<span class="rightside"><a href="#top"><img src="images/icons/top_small.png" alt="Top" border="0"></a></span><br>';
}
echo '<div id="com_line"> </div>';
$count = "SELECT * FROM opinions WHERE op_id2 = '" . $id . "'";
$allcomms = mysql_query($count) OR die(mysql_error());
$replies = intval(mysql_num_rows($allcomms));
echo '<h1>' . $lang['comments'] . '</h1><br>
<span class="disc_comments">' . $replies . ' ' . $lang['comments'] . '</span><br><br>';
$pfad = "read_disc.php?id=" . $id;
$query = mysql_query("SELECT op_id FROM opinions WHERE op_id2 = '" . $id . "'") OR die(mysql_error());
$total = intval(mysql_num_rows($query));
$seiten = ceil($total / $datensaetze_pro_kommentar);
if(empty($_GET['page'])) {
$page = 1;
}elseif($_GET['page'] <= 0 || $_GET['page'] > $seiten) {
$page = 1;
}else{
$page = mysql_real_escape_string($_GET['page']);
}
$links = array();
if(($page - $p) < 1){ $davor = $page - 1; }else { $davor = $p; }
if(($page + $p) > $seiten){ $danach = $seiten - $page; }else{ $danach = $p; }
$off = ($page - $davor);
if($page- $davor > 1) {
$first = 1;
$links[] = '<a href="read_disc.php?id=' . $id . '&page=' . $first . '" title="' . $lang['goto_first_page'] . '" class="topicby">« ' . $lang['first'] . ' ...</a>';
}
if($page != 1) {
$prev = $page-1;
$links[] = '<a href="read_disc.php?id=' . $id . '&page=' . $prev . '" title="' . $lang['page_back'] . '" class="topicby"> «</a>';
}
for($i = $off; $i <= ($page + $danach); $i++) {
if($i != $page) {
$links[] = '<a href="read_disc.php?id=' . $id . '&page=' . $i . '" class="topicby">' . $i . '</a>';
}elseif($i == $seiten) {
$links[] = '<span class="current_main">' . $i . '</span>';
}elseif($i == $page) {
$links[] = '<span class="current_main">' . $i . '</span>';
}
}
if($page != $seiten) {
$next = $page+1;
$links[] = '<a href="read_disc.php?id=' . $id . '&page=' . $next . '" title="' . $lang['next_page'] . '" class="topicby"> »</a>';
}
if($seiten - $page - $p > 0 ) {
$last = $seiten;
$links[] = '<a href="read_disc.php?id=' . $id . '&page=' . $last . '" title="' . $lang['last_page'] . '" class="topicby">... ' . $lang['last'] . ' »</a>';
}
$start = ($page-1) * $datensaetze_pro_kommentar;
$link_string = implode(" ", $links);
$query = "SELECT * FROM opinions WHERE op_id2 = '" . $id . "' ORDER BY op_id DESC LIMIT $start,$datensaetze_pro_kommentar";
$opinions = mysql_query($query) OR die(mysql_error());
if(!$opinions) {
echo '<p class="false">' . $lang['no_opinions'] . '.</p>';
}else{
if(intval(mysql_num_rows($opinions)) == 0) {
echo '<br><strong>' . $lang['no_opinions'] . '.</strong>';
}else{
while($op_row = mysql_fetch_assoc($opinions)) {
$message = strip_tags($op_row['opinion']);
$message = str_replace("\\r\\n","<br>", $message);
echo '<table width="100%" border="0">
<tr>
<td width="45"><img src="images/avatars/default.png" title="' . $lang['submitted_on'] . ': ' . date('d.m.Y - H:i', strtotime($op_row['date'])) . ' ' . $lang['o_clock'] . '" vspace="10"></td>
<td><a href="mailto:' . htmlentities($op_row['op_email'], ENT_QUOTES) . '" class="topicby">' . htmlentities($op_row['op_author'], ENT_QUOTES) . '</a><br><br>
<em><small>';
if($language == "de") {
echo date('d.m.Y - H:i', strtotime($op_row['date']));
}elseif($language == "en") {
echo date('Y-m-d - H:i', strtotime($op_row['date'])); }
echo ' ' . $lang['o_clock'] . '</small></em></td>
</tr>
<tr>
<td colspan="2"><blockquote class="speech_bubble">' . parseBBCode2HTML(delBad(nl2br(stripslashes($message)))) . '</blockquote></td>
</tr></table>';
}
echo '<span class="pages_main">' . $lang['page'] . ' <u>' . $page . '</u> ' . $lang['by'] . ' ' . $seiten . '</span>';
echo $link_string;
}
echo '<div id="com_line"> </div>';
$goto = 'read_disc.php?id=' . $id . '';
$autoforward = 3;
echo '<h1>' . $lang['write_comment'] . '</h1><a name="comment" id="comment"></a>';
if($_SERVER['REQUEST_METHOD'] != 'POST') {
include_once('functions/flood.php');
echo "<form action=\"\" method=\"post\" name=\"op\">
<p><input type=\"text\" name=\"op_author\" class=\"fields\" size=\"30\" maxlength=\"50\"> <strong>" . $lang['name'] . "*</strong></p>
<p><input type=\"text\" name=\"op_email\" class=\"fields\" size=\"30\" maxlength=\"60\"> <strong>" . $lang['e_mail'] . "*</strong></p>
<p><a href=\"javascript:insert('[b][/b]','')\"><img border=\"0\" src=\"images/bbcode/bold.png\" title=\"" . $lang['bold'] . "\"></a><a href=\"javascript:insert('[i][/i]','')\"><img border=\"0\" src=\"images/bbcode/italic.png\" title=\"" . $lang['italic'] . "\"></a><a href=\"javascript:insert('[u][/u]','')\"><img border=\"0\" src=\"images/bbcode/underline.png\" title=\"" . $lang['underline'] . "\"></a><a href=\"javascript:insert('[url]http://[/url]','')\"><img border=\"0\" src=\"images/bbcode/link.png\" title=\"" . $lang['url_with'] . "\"></a><br>
<textarea name=\"opinion\" class=\"fields_text\" cols=\"35\" rows=\"8\"></textarea></p>
<p><small>" . $lang['spam_protection_question'] . " *</small><br>
<strong>" . $lang['sum_of'] . " " . $random1 . " + " . $code . " =</strong> <input size=\"5\" name=\"zip\" id=\"Spamschutz\" type=\"text\" class=\"fields\" /><input type=\"hidden\" name=\"zip2\" value=" . $rand_result . "></p>
<p><input type=\"submit\" class=\"button\" value=\"" . $lang['add_comment'] . " \" name=\"" . $lang['add_comment'] . "\"></p>
</form>";
}else{
if(sha1($_POST["zip"]) != $_POST["zip2"]) {
echo '<p class="false">' . $lang['invalid_spam'] . '!</p>
<p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';
}else{
$errors = array();
if(isset($_POST['op_author'])) {
if(trim($_POST['op_author']) == "") {
$errors[] = '<p>' . $lang['fill_in_name'] . '.</p>';
}
if(isset($_POST['op_email'])) {
$email = htmlentities($_POST['op_email']);
if(!preg_match("/^[_\.0-9a-zA-Z-]+@([0-9a-zA-Z][0-9a-zA-Z-]+\.)+[a-zA-Z]{2,6}$/i", $email)) {
$errors[] = '<p>' . $lang['invalid_syntax'] . '.</p>';
}
}else{
$errors[] = '<p>' . $lang['fill_in_email'] . '.</p>';
}
if(isset($_POST['opinion'])) {
if(trim($_POST['opinion']) == "") {
$errors[] = '<p>' . $lang['enter_a_comment'] . '.</p>';
}
if(!empty($errors)) {
echo '<p class="false"><u>' . $lang['not_filled_all'] . '</u></p>
<p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';
echo '<ul>';
foreach($errors as $key => $value) {
echo '<li>' . $value . '</li>';
}
echo '</ul>';
echo "<script type=\"text/javascript\">showErrorMessage();</script>";
}else{
$sql = "INSERT INTO
opinions(op_id2, op_author, op_email, opinion, date)
VALUES ('" . $id . "',
'" . mysql_real_escape_string($_POST["op_author"]) . "',
'" . mysql_real_escape_string($_POST["op_email"]) . "',
'" . mysql_real_escape_string($_POST["opinion"]) . "',
NOW()
)";
$result = mysql_query($sql) OR die(mysql_error());
if(!$result) {
echo '<p class="false">' . $lang['couldnot_opinion'] . '</p>
[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]';
echo "<script type=\"text/javascript\">showErrorMessage();</script>";
}else{
echo '<p class="right">' . $lang['succes_opinion'] . '</p>
<p><meta http-equiv="refresh" content="' . $autoforward . '; URL=' . $goto . '">
<small>' . $lang['redirected_in'] . ' ' . $autoforward . ' ' . $lang['seconds'] . '...</small></p>';
echo "<script type=\"text/javascript\">showSuccessMessage();</script>";
}}}}}}}}}
echo '<div class="spacer_div"> </div>';
?>
</div>
</div>
<div id="infobox_wrapper">
<div class="infobox">
<?php include('layout/infobox.php'); ?>
</div>
</div>
<?php require('layout/footer.php'); ?>