comment.module

<?php
// $Id$

/**
 * @file
 * Enables users to comment on published content.
 *
 * When enabled, the Drupal comment module creates a discussion
 * board for each Drupal node. Users can post comments to discuss
 * a forum topic, weblog post, story, collaborative book page, etc.
 */

/*
 * Constants to define a comment's published state
 */
define('COMMENT_PUBLISHED', 0);
define('COMMENT_NOT_PUBLISHED', 1);

/**
 * Constants to define the viewing modes for comment listings
 */
define('COMMENT_MODE_FLAT_COLLAPSED', 0);
define('COMMENT_MODE_FLAT_EXPANDED', 1);
define('COMMENT_MODE_THREADED_COLLAPSED', 2);
define('COMMENT_MODE_THREADED_EXPANDED', 3);

/**
 * Constants to define the viewing orders for comment listings
 */
define('COMMENT_ORDER_NEWEST_FIRST', 0);
define('COMMENT_ORDER_OLDEST_FIRST', 1);

/**
 * Constants to define the position of the comment controls
 */
define('COMMENT_CONTROLS_ABOVE', 0);
define('COMMENT_CONTROLS_BELOW', 1);
define('COMMENT_CONTROLS_ABOVE_BELOW', 2);
define('COMMENT_CONTROLS_HIDDEN', 3);

/**
 * Constants to define the anonymous poster contact handling
 */
define('COMMENT_ANONYMOUS_MAYNOT_CONTACT', 0);
define('COMMENT_ANONYMOUS_MAY_CONTACT', 1);
define('COMMENT_ANONYMOUS_MUST_CONTACT', 2);

/**
 * Constants to define the comment form location
 */
define('COMMENT_FORM_SEPARATE_PAGE', 0);
define('COMMENT_FORM_BELOW', 1);

/**
 * Constants to define a node's comment state
 */
define('COMMENT_NODE_DISABLED', 0);
define('COMMENT_NODE_READ_ONLY', 1);
define('COMMENT_NODE_READ_WRITE', 2);

/**
 * Constants to define if comment preview is optional or required
 */
define('COMMENT_PREVIEW_OPTIONAL', 0);
define('COMMENT_PREVIEW_REQUIRED', 1);

/**
 * Implementation of hook_help().
 */
function comment_help($section) {
  switch ($section) {
    case 'admin/help#comment':
      $output = '<p>'. t('The comment module creates a discussion board for each post. Users can post comments to discuss a forum topic, weblog post, story, collaborative book page, etc. The ability to comment is an important part of involving members in a communtiy dialogue.') .'</p>';
      $output .= '<p>'. t('An administrator can give comment permissions to user groups, and users can (optionally) edit their last comment, assuming no others have been posted since.  Attached to each comment board is a control panel for customizing the way that comments are displayed. Users can control the chronological ordering of posts (newest or oldest first) and the number of posts to display on each page.  Comments behave like other user submissions. Filters, smileys and HTML that work in nodes will also work with comments. The comment module provides specific features to inform site members when new comments have been posted.') .'</p>';
      $output .= t('<p>You can</p>
<ul>
<li>control access for various comment module functions through access permissions <a href="%admin-access">administer &gt;&gt; access control</a>.</li>
<li>administer comments <a href="%admin-comment-configure"> administer &gt;&gt; comments &gt;&gt; configure</a>.</li>
</ul>
', array('%admin-access' => url('admin/access'), '%admin-comment-configure' => url('admin/comment/configure')));
      $output .= '<p>'. t('For more information please read the configuration and customization handbook <a href="%comment">Comment page</a>.', array('%comment' => 'http://www.drupal.org/handbook/modules/comment/')) .'</p>';
      return $output;
    case 'admin/modules#description':
      return t('Allows users to comment on and discuss published content.');
    case 'admin/comment':
    case 'admin/comment/new':
      return t("<p>Below is a list of the latest comments posted to your site. Click on a subject to see the comment, the author's name to edit the author's user information , \"edit\" to modify the text, and \"delete\" to remove their submission.</p>");
    case 'admin/comment/approval':
      return t("<p>Below is a list of the comments posted to your site that need approval. To approve a comment, click on \"edit\" and then change its \"moderation status\" to Approved. Click on a subject to see the comment, the author's name to edit the author's user information, \"edit\" to modify the text, and \"delete\" to remove their submission.</p>");
    case 'admin/comment/configure':
    case 'admin/comment/configure/settings':
      return t("<p>Comments can be attached to any node, and their settings are below. The display comes in two types: a \"flat list\" where everything is flush to the left side, and comments come in chronological order, and a \"threaded list\" where replies to other comments are placed immediately below and slightly indented, forming an outline. They also come in two styles: \"expanded\", where you see both the title and the contents, and \"collapsed\" where you only see the title. Preview comment forces a user to look at their comment by clicking on a \"Preview\" button before they can actually add the comment.</p>");
   }
}

/**
 * Implementation of hook_menu().
 */
function comment_menu($may_cache) {
  $items = array();

  if ($may_cache) {
    $access = user_access('administer comments');
    $items[] = array('path' => 'admin/comment', 'title' => t('comments'),
      'callback' => 'comment_admin_overview', 'access' => $access);

    // Tabs:
    $items[] = array('path' => 'admin/comment/list', 'title' => t('list'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/comment/configure', 'title' => t('configure'),
      'callback' => 'comment_configure', 'access' => $access, 'type' => MENU_LOCAL_TASK);

    // Subtabs:
    $items[] = array('path' => 'admin/comment/list/new', 'title' => t('published comments'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/comment/list/approval', 'title' => t('approval queue'),
      'callback' => 'comment_admin_overview', 'access' => $access,
      'callback arguments' => array('approval'),
      'type' => MENU_LOCAL_TASK);

    $items[] = array('path' => 'admin/comment/configure/settings', 'title' => t('settings'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);

    $access = user_access('post comments');
    $items[] = array('path' => 'comment/edit', 'title' => t('edit comment'),
      'callback' => 'comment_edit', 'access' => $access, 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'comment/delete', 'title' => t('delete comment'),
      'callback' => 'comment_delete', 'access' => $access, 'type' => MENU_CALLBACK);
  }
  else {
    if (arg(0) == 'comment' && arg(1) == 'reply' && is_numeric(arg(2))) {
      $node = node_load(arg(2));
      if ($node->nid) {
        $items[] = array('path' => 'comment/reply', 'title' => t('reply to comment'),
          'callback' => 'comment_reply', 'access' => node_access('view', $node), 'type' => MENU_CALLBACK);
      }
    }
    if ((arg(0) == 'node') && is_numeric(arg(1)) && is_numeric(arg(2))) {
      $items[] = array('path' => ('node/'. arg(1) .'/'. arg(2)), 'title' => t('view'),
        'callback' => 'node_page',
        'type' => MENU_CALLBACK);
    }
  }

  return $items;
}

/**
 * Implementation of hook_perm().
 */
function comment_perm() {
  return array('access comments', 'post comments', 'administer comments', 'post comments without approval');
}

/**
 * Implementation of hook_block().
 *
 * Generates a block with the most recent comments.
 */
function comment_block($op = 'list', $delta = 0) {
  if ($op == 'list') {
    $blocks[0]['info'] = t('Recent comments');
    return $blocks;
  }
  else if ($op == 'view' && user_access('access comments')) {
    $block['subject'] = t('Recent comments');
    $block['content'] = theme('comment_block');
    return $block;
  }
}

function theme_comment_block() {
  $result = db_query_range(db_rewrite_sql('SELECT c.nid, c.* FROM {comments} c INNER JOIN {node} n ON n.nid = c.nid WHERE n.status = 1 AND c.status = %d ORDER BY c.timestamp DESC', 'c'), COMMENT_PUBLISHED, 0, 10);
  $items = array();
  while ($comment = db_fetch_object($result)) {
    $items[] = l($comment->subject, 'node/'. $comment->nid, NULL, NULL, 'comment-'. $comment->cid) .'<br />'. t('%time ago', array('%time' => format_interval(time() - $comment->timestamp)));
  }
  return theme('item_list', $items);
}

/**
 * Implementation of hook_link().
 */
function comment_link($type, $node = 0, $main = 0) {
  $links = array();

  if ($type == 'node' && $node->comment) {

    if ($main) {
      // Main page: display the number of comments that have been posted.

      if (user_access('access comments')) {
        $all = comment_num_all($node->nid);
        $new = comment_num_new($node->nid);

        if ($all) {
          $links[] = l(format_plural($all, '1 comment', '%count comments'), "node/$node->nid", array('title' => t('Jump to the first comment of this posting.')), NULL, 'comment');

          if ($new) {
            $links[] = l(format_plural($new, '1 new comment', '%count new comments'), "node/$node->nid", array('title' => t('Jump to the first new comment of this posting.')), NULL, 'new');
          }
        }
        else {
          if ($node->comment == COMMENT_NODE_READ_WRITE) {
            if (user_access('post comments')) {
              $links[] = l(t('add new comment'), "comment/reply/$node->nid", array('title' => t('Add a new comment to this page.')));
            }
            else {
              $links[] = theme('comment_post_forbidden', $node->nid);
            }
          }
        }
      }
    }
    else {
      // Node page: add a "post comment" link if the user is allowed to
      // post comments, if this node is not read-only, and if the comment form isn't already shown

      if ($node->comment == COMMENT_NODE_READ_WRITE) {
        if (user_access('post comments')) {
          if (variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_SEPARATE_PAGE) {
            $links[] = l(t('add new comment'), "comment/reply/$node->nid", array('title' => t('Share your thoughts and opinions related to this posting.')), NULL, 'comment');
          }
        }
        else {
          $links[] = theme('comment_post_forbidden', $node->nid);
        }
      }
    }
  }

  if ($type == 'comment') {
    $links = comment_links($node, $main);
  }

  return $links;
}

function comment_form_alter($form_id, &$form) {
  if (isset($form['type'])) {
    if ($form['type']['#value'] .'_node_settings' == $form_id) {
      $form['workflow']['comment_'. $form['type']['#value']] = array('#type' => 'radios', '#title' => t('Default comment setting'), '#default_value' => variable_get('comment_'. $form['type']['#value'], COMMENT_NODE_READ_WRITE), '#options' => array(t('Disabled'), t('Read only'), t('Read/Write')), '#description' => t('Users with the <em>administer comments</em> permission will be able to override this setting.'));
    }
    if ($form['type']['#value'] .'_node_form' == $form_id) {
      $node = $form['#node'];
      if (user_access('administer comments')) {
        $form['user_comments'] = array(
          '#type' => 'fieldset',
          '#title' => t('User comments'),
          '#collapsible' => TRUE,
          '#collapsed' => TRUE,
          '#weight' => 30,
        );
        $form['user_comments']['comment'] = array(
          '#type' => 'radios',
          '#parents' => array('comment'),
          '#default_value' => $node->comment,
          '#options' => array(t('Disabled'), t('Read only'), t('Read/Write')),
        );
      }
      else {
        $form['user_comments']['comment'] = array(
          '#type' => 'value',
          '#value' => $node->comment,
        );
      }
    }
  }
}

/**
 * Implementation of hook_nodeapi().
 *
 */
function comment_nodeapi(&$node, $op, $arg = 0) {
  switch ($op) {
    case 'fields':
      return array('comment');

    case 'load':
      return db_fetch_array(db_query("SELECT last_comment_timestamp, last_comment_name, comment_count FROM {node_comment_statistics} WHERE nid = %d", $node->nid));
      break;

    case 'prepare':
      if (!isset($node->comment)) {
        $node->comment = variable_get("comment_$node->type", COMMENT_NODE_READ_WRITE);
      }
      break;

    case 'insert':
      db_query('INSERT INTO {node_comment_statistics} (nid, last_comment_timestamp, last_comment_name, last_comment_uid, comment_count) VALUES (%d, %d, NULL, %d, 0)', $node->nid, $node->created, $node->uid);
      break;

    case 'delete':
      db_query('DELETE FROM {comments} WHERE nid = %d', $node->nid);
      db_query('DELETE FROM {node_comment_statistics} WHERE nid = %d', $node->nid);
      break;

    case 'update index':
      $text = '';
      $comments = db_query('SELECT subject, comment, format FROM {comments} WHERE nid = %d AND status = %d', $node->nid, COMMENT_PUBLISHED);
      while ($comment = db_fetch_object($comments)) {
        $text .= '<h2>'. check_plain($comment->subject) .'</h2>'. check_markup($comment->comment, $comment->format, FALSE);
      }
      return $text;

    case 'search result':
      $comments = db_result(db_query('SELECT comment_count FROM {node_comment_statistics} WHERE nid = %d', $node->nid));
      return format_plural($comments, '1 comment', '%count comments');

    case 'rss item':
      return array(array('key' => 'comments', 'value' => url('node/'. $node->nid, NULL, 'comment', TRUE)));
  }
}

/**
 * Implementation of hook_user().
 *
 * Provides signature customization for the user's comments.
 */
function comment_user($type, $edit, &$user, $category = NULL) {
  if ($type == 'form' && $category == 'account') {
    // when user tries to edit his own data
    $form['comment_settings'] = array(
      '#type' => 'fieldset',
      '#title' => t('Comment settings'),
      '#collapsible' => TRUE,
      '#weight' => 4);
    $form['comment_settings']['signature'] = array(
      '#type' => 'textarea',
      '#title' => t('Signature'),
      '#default_value' => $edit['signature'],
      '#description' => t('Your signature will be publicly displayed at the end of your comments.'));

    return $form;
  }
}

/**
 * Menu callback; presents the comment settings page.
 */
function comment_configure() {
  $form['viewing_options'] = array(
    '#type' => 'fieldset',
    '#title' => t('Viewing options'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );

  $form['viewing_options']['comment_default_mode'] = array(
    '#type' => 'radios',
    '#title' => t('Default display mode'),
    '#default_value' => variable_get('comment_default_mode', COMMENT_MODE_THREADED_EXPANDED),
    '#options' => _comment_get_modes(),
    '#description' => t('The default view for comments. Expanded views display the body of the comment. Threaded views keep replies together.'),
  );

  $form['viewing_options']['comment_default_order'] = array(
    '#type' => 'radios',
    '#title' => t('Default display order'),
    '#default_value' => variable_get('comment_default_order', COMMENT_ORDER_NEWEST_FIRST),
    '#options' => _comment_get_orders(),
    '#description' => t('The default sorting for new users and anonymous users while viewing comments. These users may change their view using the comment control panel. For registered users, this change is remembered as a persistent user preference.'),
  );

  $form['viewing_options']['comment_default_per_page'] = array(
    '#type' => 'select',
    '#title' => t('Default comments per page'),
    '#default_value' => variable_get('comment_default_per_page', 50),
    '#options' => _comment_per_page(),
    '#description' => t('Default number of comments for each page: more comments are distributed in several pages.'),
  );

  $form['viewing_options']['comment_controls'] = array(
    '#type' => 'radios',
    '#title' => t('Comment controls'),
    '#default_value' => variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN),
    '#options' => array(
      t('Display above the comments'),
      t('Display below the comments'),
      t('Display above and below the comments'),
      t('Do not display')),
    '#description' => t('Position of the comment controls box.  The comment controls let the user change the default display mode and display order of comments.'),
  );

  $form['posting_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Posting settings'),
    '#collapsible' => TRUE,
    '#collapsed' => TRUE,
  );

  $form['posting_settings']['comment_anonymous'] = array(
    '#type' => 'radios',
    '#title' => t('Anonymous commenting'),
    '#default_value' => variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT),
    '#options' => array(
      COMMENT_ANONYMOUS_MAYNOT_CONTACT => t('Anonymous posters may not enter their contact information'),
      COMMENT_ANONYMOUS_MAY_CONTACT => t('Anonymous posters may leave their contact information'),
      COMMENT_ANONYMOUS_MUST_CONTACT => t('Anonymous posters must leave their contact information')),
    '#description' => t('This option is enabled when anonymous users have permission to post comments on the <a href="%url">permissions page</a>.', array('%url' => url('admin/access'))),
  );
  if (!user_access('post comments', user_load(array('uid' => 0)))) {
    $form['posting_settings']['comment_anonymous']['#attributes'] = array('disabled' => 'disabled');
  }

  $form['posting_settings']['comment_subject_field'] = array(
    '#type' => 'radios',
    '#title' => t('Comment subject field'),
    '#default_value' => variable_get('comment_subject_field', 1),
    '#options' => array(t('Disabled'), t('Enabled')),
    '#description' => t('Can users provide a unique subject for their comments?'),
  );

  $form['posting_settings']['comment_preview'] = array(
    '#type' => 'radios',
    '#title' => t('Preview comment'),
    '#default_value' => variable_get('comment_preview', COMMENT_PREVIEW_REQUIRED),
    '#options' => array(t('Optional'), t('Required')),
  );

  $form['posting_settings']['comment_form_location'] = array(
    '#type' => 'radios',
    '#title' => t('Location of comment submission form'),
    '#default_value' => variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE),
    '#options' => array(t('Display on separate page'), t('Display below post or comments')),
  );

  return system_settings_form('comment_settings_form', $form);
}

/**
 * This is *not* a hook_access() implementation. This function is called
 * to determine whether the current user has access to a particular comment.
 *
 * Authenticated users can edit their comments as long they have not been
 * replied to. This prevents people from changing or revising their
 * statements based on the replies their posts got. Furthermore, users
 * can't reply to their own comments and are encouraged instead to extend
 * their original comment.
 */
function comment_access($op, $comment) {
  global $user;

  if ($op == 'edit') {
    return ($user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0) || user_access('administer comments');
  }
}

function comment_node_url() {
  return arg(0) .'/'. arg(1);
}

function comment_edit($cid) {
  global $user;

  $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d', $cid));
  $comment = drupal_unpack($comment);
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
  if (comment_access('edit', $comment)) {
    return comment_form((array)$comment);
  }
  else {
    drupal_access_denied();
  }
}

function comment_reply($nid, $pid = NULL) {
  // set the breadcrumb trail
  $node = node_load($nid);
  menu_set_location(array(array('path' => "node/$nid", 'title' => $node->title), array('path' => "comment/reply/$nid")));

  $op = isset($_POST['op']) ? $_POST['op'] : '';

  $output = '';

  // or are we merely showing the form?
  if (user_access('access comments')) {

    if ($op == t('Preview comment')) {
      if (user_access('post comments')) {
        $output .= comment_form(array('pid' => $pid, 'nid' => $nid), NULL);
      }
      else {
        drupal_set_message(t('You are not authorized to post comments.'), 'error');
      }
    }
    else {
      // if this is a reply to another comment, show that comment first
      // else, we'll just show the user the node they're commenting on.
      if ($pid) {
        $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d', $pid, COMMENT_PUBLISHED));
        $comment = drupal_unpack($comment);
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $output .= theme('comment_view', $comment);
      }
      else if (user_access('access content')) {
        $output .= node_view($node);
        $pid = 0;
      }

      // should we show the reply box?
      if (node_comment_mode($nid) != COMMENT_NODE_READ_WRITE) {
        drupal_set_message(t("This discussion is closed: you can't post new comments."), 'error');
      }
      else if (user_access('post comments')) {
        $output .= comment_form(array('pid' => $pid, 'nid' => $nid), t('Reply'));
      }
      else {
        drupal_set_message(t('You are not authorized to post comments.'), 'error');
      }
    }
  }
  else {
    drupal_set_message(t('You are not authorized to view comments.'), 'error');
  }

  return $output;
}

/**
 * Accepts a submission of new or changed comment content.
 *
 * @param $edit
 *   A comment array.
 *
 * @return
 *   If the comment is successfully saved the comment ID is returned.  If the comment
 *   is not saved, FALSE is returned.
 */
function comment_save($edit) {
  global $user;
  if (user_access('post comments') && (user_access('administer coments') || node_comment_mode($edit['nid']) == COMMENT_NODE_READ_WRITE)) {
    if (!form_get_errors()) {
      // Check for duplicate comments.  Note that we have to use the
      // validated/filtered data to perform such check.
      $duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit['pid'], $edit['nid'], $edit['subject'], $edit['comment']), 0);
      if ($duplicate != 0) {
        watchdog('content', t('Comment: duplicate %subject.', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_WARNING);
      }

      if ($edit['cid']) {
        // Update the comment in the database.
        db_query("UPDATE {comments} SET status = '%s', timestamp = %d, subject = '%s', comment = '%s', format = '%s', uid = %d, name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);

        _comment_update_node_statistics($edit['nid']);

        // Allow modules to respond to the updating of a comment.
        comment_invoke_comment($edit, 'update');


        // Add an entry to the watchdog log.
        watchdog('content', t('Comment: updated %subject.', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
      }
      else {
        // Add the comment to database.
        $status = user_access('post comments without approval') ? COMMENT_PUBLISHED : COMMENT_NOT_PUBLISHED;
        $roles = variable_get('comment_roles', array());
        $score = 0;

        foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
          $score = max($roles[$rid], $score);
        }

        $users = serialize(array(0 => $score));

        // Here we are building the thread field.  See the comment
        // in comment_render().
        if ($edit['pid'] == 0) {
          // This is a comment with no parent comment (depth 0): we start
          // by retrieving the maximum thread level.
          $max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));

          // Strip the "/" from the end of the thread.
          $max = rtrim($max, '/');

          // Next, we increase this value by one.  Note that we can't
          // use 1, 2, 3, ... 9, 10, 11 because we order by string and
          // 10 would be right after 1.  We use 1, 2, 3, ..., 9, 91,
          // 92, 93, ... instead.  Ugly but fast.
          $decimals = (string) substr($max, 0, strlen($max) - 1);
          $units = substr($max, -1, 1);
          if ($units) {
            $units++;
          }
          else {
            $units = 1;
          }

          if ($units == 10) {
            $units = '90';
          }

          // Finally, build the thread field for this new comment.
          $thread = $decimals . $units .'/';
        }
        else {
          // This is comment with a parent comment: we increase
          // the part of the thread value at the proper depth.

          // Get the parent comment:
          $parent = _comment_load($edit['pid']);

          // Strip the "/" from the end of the parent thread.
          $parent->thread = (string) rtrim((string) $parent->thread, '/');

          // Get the max value in _this_ thread.
          $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));

          if ($max == '') {
            // First child of this parent.
            $thread = $parent->thread .'.1/';
          }
          else {
            // Strip the "/" at the end of the thread.
            $max = rtrim($max, '/');

            // We need to get the value at the correct depth.
            $parts = explode('.', $max);
            $parent_depth = count(explode('.', $parent->thread));
            $last = $parts[$parent_depth];

            // Next, we increase this value by one.  Note that we can't
            // use 1, 2, 3, ... 9, 10, 11 because we order by string and
            // 10 would be right after 1.  We use 1, 2, 3, ..., 9, 91,
            // 92, 93, ... instead.  Ugly but fast.
            $decimals = (string)substr($last, 0, strlen($last) - 1);
            $units = substr($last, -1, 1);
            $units++;
            if ($units == 10) {
              $units = '90';
            }

            // Finally, build the thread field for this new comment.
            $thread = $parent->thread .'.'. $decimals . $units .'/';
          }
        }

        $edit['cid'] = db_next_id('{comments}_cid');
        $edit['timestamp'] = time();

        if ($edit['uid'] = $user->uid) {
          $edit['name'] = $user->name;
        }

        db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);

        _comment_update_node_statistics($edit['nid']);

        // Tell the other modules a new comment has been submitted.
        comment_invoke_comment($edit, 'insert');

        // Add an entry to the watchdog log.
        watchdog('content', t('Comment: added %subject.', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
      }

      // Clear the cache so an anonymous user can see his comment being added.
      cache_clear_all();

      // Explain the approval queue if necessary, and then
      // redirect the user to the node he's commenting on.
      if ($status == COMMENT_NOT_PUBLISHED) {
        drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
      }
      return $edit['cid'];
    }
    else {
      return FALSE;
    }
  }
  else {
    $txt = t('Comment: unauthorized comment submitted or comment submitted to a closed node %subject.', array('%subject' => theme('placeholder', $edit['subject'])));
    watchdog('content', $txt, WATCHDOG_WARNING);
    drupal_set_message($txt, 'error');
    return FALSE;
  }
}

function comment_links($comment, $return = 1) {
  global $user;

  $links = array();

  // If we are viewing just this comment, we link back to the node.
  if ($return) {
    $links[] = l(t('parent'), comment_node_url(), NULL, NULL, "comment-$comment->cid");
  }

  if (node_comment_mode($comment->nid) == COMMENT_NODE_READ_WRITE) {
    if (user_access('administer comments') && user_access('post comments')) {
      $links[] = l(t('delete'), "comment/delete/$comment->cid");
      $links[] = l(t('edit'), "comment/edit/$comment->cid");
      $links[] = l(t('reply'), "comment/reply/$comment->nid/$comment->cid");
    }
    else if (user_access('post comments')) {
      if (comment_access('edit', $comment)) {
        $links[] = l(t('edit'), "comment/edit/$comment->cid");
      }
      $links[] = l(t('reply'), "comment/reply/$comment->nid/$comment->cid");
    }
    else {
      $links[] = theme('comment_post_forbidden', $comment->nid);
    }
  }

  return $links;
}

function comment_render($node, $cid = 0) {
  global $user;

  $mode = $_GET['mode'];
  $order = $_GET['order'];
  $comments_per_page = $_GET['comments_per_page'];
  $comment_page = $_GET['comment_page'];

  $output = '';

  if (user_access('access comments')) {
    // Pre-process variables.
    $nid = $node->nid;
    if (empty($nid)) {
      $nid = 0;
    }

    if (empty($mode)) {
      $mode = $user->mode ? $user->mode : ($_SESSION['comment_mode'] ? $_SESSION['comment_mode'] : variable_get('comment_default_mode', COMMENT_MODE_THREADED_EXPANDED));
    }

    if (empty($order)) {
      $order = $user->sort ? $user->sort : ($_SESSION['comment_sort'] ? $_SESSION['comment_sort'] : variable_get('comment_default_order', COMMENT_ORDER_NEWEST_FIRST));
    }

    if (empty($comments_per_page)) {
      $comments_per_page = $user->comments_per_page ? $user->comments_per_page : ($_SESSION['comment_comments_per_page'] ? $_SESSION['comment_comments_per_page'] : variable_get('comment_default_per_page', '50'));
    }

    $output .= "<a id=\"comment\"></a>\n";

    if ($cid) {
      // Single comment view.
      $result = db_query('SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users', $cid, COMMENT_PUBLISHED);

      if ($comment = db_fetch_object($result)) {
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $output .= theme('comment_view', $comment, module_invoke_all('link', 'comment', $comment, 1));
      }
    }
    else {
      // Multiple comment view
      $query .= "SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.thread FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.nid = %d AND c.status = %d";

      $query .= ' GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users, c.thread';

      /*
      ** We want to use the standard pager, but threads would need every
      ** comment to build the thread structure, so we need to store some
      ** extra info.
      **
      ** We use a "thread" field to store this extra info. The basic idea
      ** is to store a value and to order by that value. The "thread" field
      ** keeps this data in a way which is easy to update and convenient
      ** to use.
      **
      ** A "thread" value starts at "1". If we add a child (A) to this
      ** comment, we assign it a "thread" = "1.1". A child of (A) will have
      ** "1.1.1". Next brother of (A) will get "1.2". Next brother of the
      ** parent of (A) will get "2" and so on.
      **
      ** First of all note that the thread field stores the depth of the
      ** comment: depth 0 will be "X", depth 1 "X.X", depth 2 "X.X.X", etc.
      **
      ** Now to get the ordering right, consider this example:
      **
      ** 1
      ** 1.1
      ** 1.1.1
      ** 1.2
      ** 2
      **
      ** If we "ORDER BY thread ASC" we get the above result, and this is
      ** the natural order sorted by time.  However, if we "ORDER BY thread
      ** DESC" we get:
      **
      ** 2
      ** 1.2
      ** 1.1.1
      ** 1.1
      ** 1
      **
      ** Clearly, this is not a natural way to see a thread, and users
      ** will get confused. The natural order to show a thread by time
      ** desc would be:
      **
      ** 2
      ** 1
      ** 1.2
      ** 1.1
      ** 1.1.1
      **
      ** which is what we already did before the standard pager patch. To
      ** achieve this we simply add a "/" at the end of each "thread" value.
      ** This way out thread fields will look like depicted below:
      **
      ** 1/
      ** 1.1/
      ** 1.1.1/
      ** 1.2/
      ** 2/
      **
      ** we add "/" since this char is, in ASCII, higher than every number,
      ** so if now we "ORDER BY thread DESC" we get the correct order.  Try
      ** it, it works ;).  However this would spoil the "ORDER BY thread ASC"
      ** Here, we do not need to consider the trailing "/" so we use a
      ** substring only.
      */

      if ($order == COMMENT_ORDER_NEWEST_FIRST) {
        if ($mode == COMMENT_MODE_FLAT_COLLAPSED || $mode == COMMENT_MODE_FLAT_EXPANDED) {
          $query .= ' ORDER BY c.timestamp DESC';
        }
        else {
          $query .= ' ORDER BY c.thread DESC';
        }
      }
      else if ($order == COMMENT_ORDER_OLDEST_FIRST) {
        if ($mode == COMMENT_MODE_FLAT_COLLAPSED || $mode == COMMENT_MODE_FLAT_EXPANDED) {
          $query .= ' ORDER BY c.timestamp';
        }
        else {

          /*
          ** See comment above.  Analysis learns that this doesn't cost
          ** too much.  It scales much much better than having the whole
          ** comment structure.
          */

          $query .= ' ORDER BY SUBSTRING(c.thread, 1, (LENGTH(c.thread) - 1))';
        }
      }

      // Start a form, for use with comment control.
      $result = pager_query($query, $comments_per_page, 0, "SELECT COUNT(*) FROM {comments} WHERE nid = %d AND status = %d", $nid, COMMENT_PUBLISHED);
      if (db_num_rows($result) && (variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE || variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE_BELOW)) {
        $output .= comment_controls($mode, $order, $comments_per_page);
      }

      while ($comment = db_fetch_object($result)) {
        $comment = drupal_unpack($comment);
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $comment->depth = count(explode('.', $comment->thread)) - 1;

        if ($mode == COMMENT_MODE_FLAT_COLLAPSED) {
          $output .= theme('comment_flat_collapsed', $comment);
        }
        else if ($mode == COMMENT_MODE_FLAT_EXPANDED) {
          $output .= theme('comment_flat_expanded', $comment);
        }
        else if ($mode == COMMENT_MODE_THREADED_COLLAPSED) {
          $output .= theme('comment_thread_collapsed', $comment);
        }
        else if ($mode == COMMENT_MODE_THREADED_EXPANDED) {
          $output .= theme('comment_thread_expanded', $comment);
        }
      }

      // Use the standard pager; $pager_total is the number of returned rows,
      // is global and defined in pager.inc.
      $output .= theme('pager', NULL, $comments_per_page, 0, array('comments_per_page' => $comments_per_page));

      if (db_num_rows($result) && (variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_BELOW || variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE_BELOW)) {
        $output .= comment_controls($mode, $order, $comments_per_page);
      }
    }

    // If enabled, show new comment form.
    if (user_access('post comments') && node_comment_mode($nid) == COMMENT_NODE_READ_WRITE && (variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_BELOW)) {
      $output .= comment_form(array('nid' => $nid), t('Post new comment'));
    }
  }
  return $output;
}


/**
 * Menu callback; delete a comment.
 */
function comment_delete($cid) {
  $comment = db_fetch_object(db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.cid = %d', $cid));
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;

  $output = '';

  // We'll only delete if the user has confirmed the
  // deletion using the form in our else clause below.
  if ($comment->cid && $_POST['edit']['confirm']) {
    drupal_set_message(t('The comment and all its replies have been deleted.'));

    // Delete comment and its replies.
    _comment_delete_thread($comment);

    _comment_update_node_statistics($comment->nid);

    // Clear the cache so an anonymous user sees that his comment was deleted.
    cache_clear_all();

    drupal_goto("node/$comment->nid");
  }
  else if ($comment->cid) {
    $output = confirm_form('comment_confirm_delete',
                    array(),
                    t('Are you sure you want to delete the comment %title?', array('%title' => theme('placeholder', $comment->subject))),
                    'node/'. $comment->nid,
                    t('Any replies to this comment will be lost. This action cannot be undone.'),
                    t('Delete'),
                    t('Cancel'));
  }
  else {
    drupal_set_message(t('The comment no longer exists.'));
  }

  return $output;
}

/**
 * Comment operations.  We offer different update operations depending on
 * which comment administration page we're on.
 */
function comment_operations($action = NULL) {
  if ($action == 'publish') {
    $operations = array(
      'publish' => array(t('Publish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_PUBLISHED .' WHERE cid = %d'),
      'delete' => array(t('Delete the selected comments'), '')
    );
  }
  else if ($action == 'unpublish') {
    $operations = array(
      'unpublish' => array(t('Unpublish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_NOT_PUBLISHED .' WHERE cid = %d'),
      'delete' => array(t('Delete the selected comments'), '')
    );
  }
  else {
    $operations = array(
      'publish' => array(t('Publish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_PUBLISHED .' WHERE cid = %d'),
      'unpublish' => array(t('Unpublish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_NOT_PUBLISHED .' WHERE cid = %d'),
      'delete' => array(t('Delete the selected comments'), '')
    );
  }
  return $operations;
}

/**
 * Menu callback; present an administrative comment listing.
 */
function comment_admin_overview($type = 'new') {
  global $form_values;
  $edit = $_POST['edit'];

  if ($edit['operation'] == 'delete') {
    return comment_multiple_delete_confirm();
  }

  // build an 'Update options' form
  $form['options'] = array(
    '#type' => 'fieldset', '#title' => t('Update options'),
    '#prefix' => '<div class="container-inline">', '#suffix' => '</div>'
  );
  $options = array();
  foreach (comment_operations(arg(3) == 'approval' ? 'publish' : 'unpublish') as $key => $value) {
    $options[$key] = $value[0];
  }
  $form['options']['operation'] = array('#type' => 'select', '#options' => $options, '#default_value' => 'publish');
  $form['options']['submit'] = array('#type' => 'submit', '#value' => t('Update'));

  // load the comments that we want to display
  $status = ($type == 'approval') ? COMMENT_NOT_PUBLISHED : COMMENT_PUBLISHED;
  $form['header'] = array('#type' => 'value', '#value' => array(
    NULL,
    array('data' => t('Subject'), 'field' => 'subject'),
    array('data' => t('Author'), 'field' => 'name'),
    array('data' => t('Time'), 'field' => 'timestamp', 'sort' => 'desc'),
    array('data' => t('Operations'))
  ));
  $result = pager_query('SELECT c.subject, c.nid, c.cid, c.comment, c.timestamp, c.status, c.name, c.homepage, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.status = %d'. tablesort_sql($form['header']['#value']), 50, 0, NULL, $status);

  // build a table listing the appropriate comments
  $destination = drupal_get_destination();
  while ($comment = db_fetch_object($result)) {