[ PHPXref.com ] [ Generated: Sun Jul 20 16:37:32 2008 ] [ BirdBlog 1.4.0 ]
[ Index ]     [ Variables ]     [ Functions ]     [ Classes ]     [ Constants ]     [ Statistics ]

title

Body

[close]

/admin/ -> comments.php (source)

   1  <?php
   2  
   3  /*
   4  +-----------------------------------------------------------
   5  |  BirdBlog v1.4.0
   6  |  ===========================
   7  |  Developer: Michael Swiger <mokkan at projectcow dot com>
   8  |  Site: http://birdblog.sourceforge.net
   9  |  Copyright (c) 2005
  10  |  ===========================
  11  |  File: ./admin/comments.php
  12  +-----------------------------------------------------------
  13  */
  14  
  15  //# Setting templates and requiring core
  16  $bb_templates = 'admin_base,admin_comments_arch,admin_comment_mngrow,admin_comments_mng,admin_comments_list,admin_comments_item,admin_comments_edit,admin_message';
  17  require ("admincore.php");
  18  
  19  $action = prepValue($_GET['a']);
  20  
  21  //# Switchboard
  22  switch($action){
  23      case '':
  24          //# Checking if user has permission
  25          if($userdata['edit_own'] != 1){
  26              bbg_admin_error("You do not have permission to edit comments.");
  27          }
  28  
  29          if($_GET['month'] != ""){
  30              $getmonth = prepValue($_GET['month']);
  31              $_SESSION['admin_comments_month'] = $getmonth;
  32          } else {
  33              $getmonth = prepValue($_SESSION['admin_comments_month']);
  34          }
  35  
  36          if($_GET['month'] != ""){
  37              $getyear = prepValue($_GET['year']);
  38              $_SESSION['admin_comments_year'] = $getyear;
  39          } else {
  40              $getyear = $_SESSION['admin_comments_year'];
  41          }
  42  
  43          if($getmonth == "" && $getyear == ""){
  44              $grablatest = $SQL->query("SELECT `dateline` FROM `".$database['prefix']."entries` ORDER BY `dateline` DESC LIMIT 1");
  45              $latest = $SQL->fetch_array($grablatest);
  46              if($SQL->num_rows($grablatest) > 0){
  47                  $getmonth = gmdate("n", $latest['dateline'] + configOffset());
  48                  $getyear = gmdate("Y", $latest['dateline'] + configOffset());
  49              }
  50          }
  51          if($SQL->num_rows($grablatest) > 0){
  52              $beginstamp = gmmktime(0, 0, 0, $getmonth, 1, $getyear) + (configOffset() * (-1));
  53              $endstamp = gmmktime(23, 59, 59, $getmonth, cal_days_in_month(CAL_GREGORIAN, $getmonth, $getyear), $getyear) + (configOffset() * (-1));
  54          }        
  55          
  56          //# Grabbing month area
  57          $grabarchives = $SQL->query("SELECT `dateline` FROM `".$database['prefix']."entries` ORDER BY `dateline` DESC");
  58          while($archive = $SQL->fetch_array($grabarchives)){
  59              $month = gmdate("n", $archive['dateline'] + configOffset());
  60              $year = gmdate("Y", $archive['dateline'] + configOffset());
  61              if($month == $getmonth && $year == $getyear){
  62                 $archive['selected'] = $template->getVar('entryarch_selected');
  63              } else {
  64                  $archive['selected'] = "";
  65              }
  66  
  67              if($month != $lastmonth){
  68                  $archives .= $template->getTemplate('admin_comments_arch');
  69                  $archives = stripslashes($archives);
  70                  $archive['month'] = gmdate("n", $archive['dateline'] + configOffset());
  71                  $archive['year'] = $year;
  72                  $archive['name'] = gmdate($template->getVar('entryarch_architem'), $archive['dateline'] + configOffset());
  73                  $archives = $template->cacheArray($archives, $archive);
  74              }
  75              $lastmonth = $month;
  76              $lastyear = $year;
  77          }
  78          $archive = $template->releaseCache();
  79          eval("\$archives = \"".addslashes($archives)."\";");
  80          
  81          if($userdata['edit_others'] == 1){
  82              $grabentries = $SQL->query("SELECT e.*,u.username FROM `".$database['prefix']."entries` AS e LEFT JOIN `".$database['prefix']."users` AS u ON (u.id = e.uid) WHERE e.dateline >= '$beginstamp' AND e.dateline <= '$endstamp' ORDER BY e.dateline DESC");
  83          } else {
  84              $grabentries = $SQL->query("SELECT e.*,u.username FROM `".$database['prefix']."entries` AS e LEFT JOIN `".$database['prefix']."users` AS u ON (u.id = e.uid) WHERE e.uid = '".$userdata['id']."' AND e.dateline >= '$beginstamp' AND e.dateline <= '$endstamp' ORDER BY e.dateline DESC");
  85          }
  86          while($entry = $SQL->fetch_array($grabentries)){
  87              $entryarea .= $template->getTemplate('admin_comment_mngrow');
  88              $entryarea = stripslashes($entryarea);
  89              $entry['title'] = stripslashes($entry['title']);
  90              $entry['dateposted'] = gmdate($template->getVar('entry_dateformat'), $entry['dateline'] + configOffset());
  91              $entryarea = $template->cacheArray($entryarea, $entry);
  92          }
  93          $entry = $template->releaseCache();
  94          eval("\$entryarea = \"".addslashes($entryarea)."\";");
  95          
  96          eval("\$include = \"".$template->getTemplate('admin_comments_mng')."\";");
  97      break;
  98      case 'list':
  99          $eid = prepValue($_GET['eid']);
 100          $grabentry = $SQL->query("SELECT * FROM `".$database['prefix']."entries` WHERE `id` = '$eid'");
 101          $entry = $SQL->fetch_array($grabentry);
 102          if(($entry['uid'] != $userdata['id'] && $userdata['edit_others'] != 1) || ($userdata['edit_own'] != 1)){
 103             bbg_admin_error("You don't have permission to edit comments.");
 104          }
 105          $grabcomments = $SQL->query("SELECT * FROM `".$database['prefix']."comments` WHERE `eid` = '$eid' ORDER BY `dateline` ASC");
 106          while($comment = $SQL->fetch_array($grabcomments)){
 107              $commentarea .= $template->getTemplate('admin_comments_item');
 108              $commentarea = stripslashes($commentarea);
 109              $comment['date'] = gmdate($template->getVar('comment_dateformat'), $comment['dateline'] + configOffset());
 110              $commentarea = $template->cacheArray($commentarea, $comment);
 111          }
 112          $comment = $template->releaseCache();
 113          eval("\$commentarea = \"".addslashes($commentarea)."\";");
 114          
 115          eval("\$include = \"".$template->getTemplate('admin_comments_list')."\";");
 116      break;
 117      case 'editform':
 118          $id = prepValue($_GET['id']);
 119          $grabcomment = $SQL->query("SELECT * FROM `".$database['prefix']."comments` WHERE `id` = '$id'");
 120          $comment = $SQL->fetch_array($grabcomment);
 121          $grabentry = $SQL->query("SELECT * FROM `".$database['prefix']."entries` WHERE `id` = '".$comment['eid']."'");
 122          $entry = $SQL->fetch_array($grabentry);
 123          if(($entry['uid'] != $userdata['id'] && $userdata['edit_others'] != 1) || ($userdata['edit_own'] != 1)){
 124             bbg_admin_error("You don't have permission to edit comments.");
 125          }
 126          $checked['parseurls'] = ($comment['parseurls'] == 1) ? "checked" : "";
 127          $checked['parsebbcode'] = ($comment['parsebbcode'] == 1) ? "checked" : "";
 128          $checked['parseemoticons'] = ($comment['parseemoticons'] == 1) ? "checked" : "";
 129          eval("\$include = \"".$template->getTemplate('admin_comments_edit')."\";");
 130      break;
 131      case 'edit':
 132          $id = prepValue($_GET['id']);
 133          $grabcomment = $SQL->query("SELECT * FROM `".$database['prefix']."comments` WHERE `id` = '$id'");
 134          $comment = $SQL->fetch_array($grabcomment);
 135          $grabentry = $SQL->query("SELECT * FROM `".$database['prefix']."entries` WHERE `id` = '".$comment['eid']."'");
 136          $entry = $SQL->fetch_array($grabentry);
 137          if(($entry['uid'] != $userdata['id'] && $userdata['edit_others'] != 1) || ($userdata['edit_own'] != 1)){
 138             bbg_admin_error("You don't have permission to edit comments.");
 139          }
 140          $postername = prepValue($_POST['postername']);
 141          $postersite = prepValue($_POST['postersite']);
 142          $comment = prepValue($_POST['comment']);
 143          $parseurls = prepValue($_POST['parseurls']);
 144          $parseemoticons = prepValue($_POST['parseemoticons']);
 145          $parsebbcode = prepValue($_POST['parsebbcode']);
 146          $update = $SQL->query("UPDATE `".$database['prefix']."comments` SET `postername` = '$postername', `postersite` = '$postersite', `comment` = '$comment', `parseurls` = '$parseurls', `parseemoticons` = '$parseemoticons', `parsebbcode` = '$parsebbcode' WHERE `id` = '$id'");
 147          die_header("Location: ".$config['blogurl']."admin/comments.php?msg=Comment+was+successfully+updated.");
 148      break;
 149      case 'delete':
 150          $id = prepValue($_GET['id']);
 151          $grabcomment = $SQL->query("SELECT * FROM `".$database['prefix']."comments` WHERE `id` = '$id'");
 152          $comment = $SQL->fetch_array($grabcomment);
 153          $grabentry = $SQL->query("SELECT * FROM `".$database['prefix']."entries` WHERE `id` = '".$comment['eid']."'");
 154          $entry = $SQL->fetch_array($grabentry);
 155          if(($entry['uid'] != $userdata['id'] && $userdata['edit_others'] != 1) || ($userdata['edit_own'] != 1)){
 156             bbg_admin_error("You don't have permission to edit comments.");
 157          }
 158          $delete = $SQL->query("DELETE FROM `".$database['prefix']."comments` WHERE `id` = '$id'");
 159          $update = $SQL->query("UPDATE `".$database['prefix']."entries` SET `comments` = comments - 1 WHERE `id` = '".$entry['id']."'");
 160          die_header("Location: ".$config['blogurl']."admin/comments.php?msg=Comment was successfully deleted.");
 161      break;
 162      default:
 163          die_header("Location: ".$config['blogurl']."admin/comments.php?a=");
 164  }
 165  
 166  //# Setting script vars
 167  $script['gzstatus'] = $gzip->checkGZText();
 168  $script['querycount'] = $SQL->counter();
 169  $script['exectime'] = $timer->stopTimer();
 170  
 171  //# Creating output, sending it to the buffer, and releasing the buffer
 172  eval("\$output = \"".$template->getTemplate('admin_base')."\";");
 173  echo stripslashes($output);
 174  $gzip->stopGZ();
 175  ?>


[ Powered by PHPXref - Served by Debian GNU/Linux ]