Location: PHPKode > scripts > WH Board > wh_board/blog_result.php
<?php require('style/layout/header.php'); ?>

    <div class="content_left"><?php $crumb = mysql_query("SELECT blog_id, blog_title FROM articles WHERE blog_id = " . mysql_real_escape_string(intval($_GET['id']))); ?>
        <ul id="breadcrumbs">
            <li><a href="index.php"><?php echo $lang['main_page']; ?></a></li>
            <li><a href="blog.php">Blog</a></li>
            <li><a href="blog_result.php?id=<?php echo intval($_GET['id']); ?>" class="actual"><?php while($info = mysql_fetch_assoc($crumb)) { echo htmlentities($info['blog_title'], ENT_QUOTES); } ?></a></li>
        </ul>
    </div>
    <div class="content_right"><form method="post" id="search" action="search.php?search">
        <input type="text" name="search" placeholder="<?php echo $lang['enter_search_term']; ?>..." class="searchfield">
        <input type="hidden" name="submit" value="<?php echo $lang['search']; ?>" alt="<?php echo $lang['search']; ?>">
        </form>
    </div>

    <div class="clear"></div>

    <div id="headline">&nbsp;</div>

    <?php

        if((isset($_GET['id'])) && (is_numeric($_GET['id']))) {

    	$id = mysql_real_escape_string($_GET['id']);
    	$id = intval($_GET['id']);

    		}else{
    		echo '<p>' . $lang['invalid_id'] . '!</p>';
    		exit();
    		}

        $inquiry = mysql_query("SELECT com_id FROM comments WHERE com_id2 = '" . $id . "'") OR die(mysql_error());
    	$total = intval(mysql_num_rows($inquiry));

        echo '<span class="right">' . (int)$total . ' ' . $lang['comments'] . '</span>
        <div class="clear"></div>';

    	include_once('functions/bbcode.php');
		include_once('functions/badwords.php');
		include_once('functions/makeurl.php');

    	$query = "SELECT * FROM articles WHERE blog_id='" . $id . "'";
    	$result = mysql_query($query) OR die(mysql_error());

    	if(!$result) {

    	echo '<p class="false">' . $lang['no_articles_available'] . '</p>' . mysql_error();

    	   }else{

    		if(intval(mysql_num_rows($result)) == 0) {

    		echo '<p class="false">' . $lang['no_articles_available'] . '</p>';

        }else{

    	while($row = mysql_fetch_assoc($result)) {

            echo '<h1>' . htmlentities($row['blog_title'], ENT_QUOTES) . '</h1>
            <p><a href="mailto:' . $webmaster . '" class="author">' . htmlentities($row['blog_author'], ENT_QUOTES) . '</a>
            <span class="com_time">' . date('d.m.Y - H:i', strtotime($row['blog_date'])) . '</span></p>
            <div class="articles_post">' . bbcode(makeurl(stripslashes(nl2br($row['blog_post'])))) . '</div>';

            echo '<div class="clear"></div>';
            }
        }
        }

        $count = mysql_query("SELECT com_id FROM comments WHERE com_id2 = '" . $id . "'");
        include('framework/navi_extended.php');

    	$query = "SELECT * FROM comments WHERE com_id2 = '" . $id . "' ORDER BY com_date DESC LIMIT $start,$entries";
    	$result = mysql_query($query) OR die(mysql_error());

    	echo '<div id="commentsline">&nbsp;</div><h1>' . $lang['comments'] . '</h1>';

        if(!$result) {

    	echo '<p class="false">' . $lang['no_comments'] . '</p>' . mysql_error();

    	   }else{

    		if(intval(mysql_num_rows($result)) == 0) {

    		echo '<p class="false">' . $lang['no_comments'] . '</p>';

        }else{

        while($row = mysql_fetch_assoc($result)) {

            echo '<ol id="conversationPosts" class="postList">
            <li>
            <div class="post hasControls">
            <div class="avatar"><img src="style/images/grafics/avatar_big.png" title="' . $lang['entered_on'] . ': ' . date('d.m.Y - H:i', strtotime($row['com_date'])) . ' Uhr" class="Avatar"></div>
            <div class="postContent thing">
            <div class="postHeader">
            <div class="info">
            <h3><span class="com_author">' . htmlentities($row['com_author'], ENT_QUOTES) . '</span></h3>
            <span class="time">' . date('d.m.Y - H:i', strtotime($row['com_date'])) . '</span>
            </div>
            <div class="controls"></div>
            </div>
            <div class="postBody">
            <span class="green">' . htmlentities($row['com_title'], ENT_QUOTES) . '</span>
            <p>' . bbcode(badwords(makeurl(stripslashes(nl2br($row['com_comment']))))) . '</p>
            </div>
            </div>
            </div></li>
            </ol>';

            echo '<div class="cleaning"></div>';
            }

        echo '<div id="navigation">
        <span class="pages">' . $lang['page'] . ' ' . $page . ' ' . $lang['of'] . ' ' . $allsites . '</span>';
        echo $link_string;
        echo '</div>
        <div class="clear_navi"></div>';
        }
        }

        include_once('functions/flood.php');

        echo '<div id="navline">&nbsp;</div><div class="clear"></div><h1>' . $lang['publish_comment'] . '</h1><a name="comment" id="comment"></a>';

    	if($_SERVER['REQUEST_METHOD'] != 'POST') {

    	echo '<a name="form" id="form"></a><form action="" method="post" name="form">
        <p><input type="text" name="title" class="textfields" maxlength="70" size="50"> ' . $lang['title'] . '</p>
        <p><input type="text" name="author" class="textfields" length="25" maxlength="50" size="50"> ' . $lang['blank_name'] . '</p>
        <textarea cols="45" rows="8" name="comment" id="comment" class="textareas"></textarea></p>
        <p><small>' . $lang['spam_protection'] . '*</small><br>
        <strong>' . $lang['the_sum_of'] . ' ' . $random1 . ' + ' . $code . ' =</strong> <input size="5" name="zip" id="Spamschutz" type="text" class="protection"><input type="hidden" name="zip2" value=' . $rand_result . '></p>
        <p><input type="submit" name="submit" value="' . $lang['publish_comment'] . '" alt="' . $lang['publish_comment']. '" class="buttons"></p>
        <input type="hidden" name="submitted" value="TRUE">
        </form>';

    	}else{

    	if(sha1($_POST["zip"]) != $_POST["zip2"]) {

    	echo '<br><div id="nav_line">&nbsp;</div>
        <div class="whole">
        <p class="false">' . $lang['spam_failed'] . '!</p>
        <p>[ <a href="javascript:history.back();">' . $lang['back'] . '</a> ]</p>';

        	}else{

        	$errors = array();

        	if(empty($_POST['title'])) {
        	$errors[] = $lang['enter_a_title'];

        		}else{
        		$title = htmlentities($_POST['title']);
        		$title = mysql_real_escape_string($_POST['title']);
        		}

        	if(empty($_POST['author'])) {
        	$errors[] = $lang['reg_fill_name'];

        		}else{
        		$author = htmlentities($_POST['author']);
        		$author = mysql_real_escape_string($_POST['author']);
        		}

        	if(empty($_POST['comment'])) {
        	$errors[] = $lang['enter_a_comment'];

        		}else{
        		$comment = htmlentities($_POST['comment']);
        		$comment = mysql_real_escape_string($_POST['comment']);
        		}

    	if(empty($errors)) {

    	$query = "INSERT INTO
                      comments(com_id2, com_title, com_author, com_comment, com_date)
                  VALUES('" . $id . "', '" . $title . "', '" . $author . "', '" . $comment . "', NOW())";

    	$result = mysql_query($query) OR die(mysql_error());

    	if($result) {

    	echo '<p class="success">' . $lang['comment_success'] . '!</p>
    	<p>&#8226; <a href="comments.php?id=' . $id . '">' . $lang['go_on']. '</a></p>';

        	}else{

        	echo '<p class="false">' . $lang['comment_failed'] . '</p>
        	<p>&#8226; <a href="javascript:history.back();">' . $lang['back']. '</a></p>';
        	}

        		}else{

        		echo '<p class="false">' . $lang['not_filled_all'] . '</p>';
        		echo '<ul>';

        		foreach ($errors as $value) {
        		echo '<li>&#8226; ' . $value . '</li>';
        		}
        		echo '</ul>';

        		echo '<p><a href="javascript:history.back();">' . $lang['back'] . '</a></p>';
    	        }
            }
        }

    ?>

<?php require('style/layout/footer.php'); ?>
Return current item: WH Board