comment.module 3.79 KB
Newer Older
Dries's avatar
 
Dries committed
1 2
<?

Dries's avatar
 
Dries committed
3 4 5 6 7 8 9 10 11 12 13
$module = array("find" => "comment_find",
                "admin" => "comment_admin");

function comment_find($keys) {
  $find = array();
  $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.subject LIKE '%". check_input($keys) ."%' OR c.comment LIKE '%". check_input($keys) ."%' ORDER BY c.timestamp DESC LIMIT 20");
  while ($comment = db_fetch_object($result)) {
    array_push($find, array("subject" => check_output($comment->subject), "link" => "story.php?id=$comment->lid&cid=$comment->cid", "user" => $story->userid, "date" => $comment->timestamp));
  }
  return $find;
}
Dries's avatar
 
Dries committed
14 15 16 17 18 19 20 21 22 23 24 25 26 27 28

function comment_edit($id) {
  $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = $id");

  $comment = db_fetch_object($result);

  $output .= "<FORM ACTION=\"admin.php?mod=comment&op=save&id=$id\" METHOD=\"post\">\n";

  $output .= "<P>\n";
  $output .= " <B>Author:</B><BR>\n";
  $output .= " ". format_username($comment->userid, 1) ."\n";
  $output .= "</P>\n";

  $output .= "<P>\n";
  $output .= " <B>Subject:</B><BR>\n";
Dries's avatar
 
Dries committed
29
  $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\">\n";
Dries's avatar
 
Dries committed
30 31 32 33
  $output .= "</P>\n";

  $output .= "<P>\n";
  $output .= "<B>Comment:</B><BR>\n";
Dries's avatar
 
Dries committed
34
  $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA>\n";
Dries's avatar
 
Dries committed
35 36 37 38 39 40
  $output .= "</P>\n";

  $output .= "<P>\n";
  $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save comment\">\n";
  $output .= "</P>\n";
  $output .= "</FORM>\n";
Dries's avatar
 
Dries committed
41

Dries's avatar
 
Dries committed
42 43 44 45 46
  print $output;
}

function comment_save($id, $subject, $comment) {
  db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
Dries's avatar
 
Dries committed
47
  watchdog("message", "comment: modified `$subject'");
Dries's avatar
 
Dries committed
48 49 50 51 52 53 54 55
}

function comment_display($order = "date") {
  // Initialize variables:
  $fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject");

  // Perform SQL query:
  $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50");
Dries's avatar
 
Dries committed
56

Dries's avatar
 
Dries committed
57
  // Display comments:
Dries's avatar
 
Dries committed
58
  $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
Dries's avatar
 
Dries committed
59
  $output .= " <TR>\n";
Dries's avatar
 
Dries committed
60
  $output .= "  <TH ALIGN=\"right\" COLSPAN=\"3\">\n";
Dries's avatar
 
Dries committed
61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78
  $output .= "   <FORM ACTION=\"admin.php?mod=comment\" METHOD=\"post\">\n";
  $output .= "    <SELECT NAME=\"order\">\n";
  foreach ($fields as $key=>$value) {
    $output .= "     <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n";
  }
  $output .= "    </SELECT>\n";
  $output .= "    <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
  $output .= "   </FORM>\n";
  $output .= "  </TH>\n";
  $output .= " </TR>\n";

  $output .= " <TR>\n";
  $output .= "  <TH>subject</TH>\n";
  $output .= "  <TH>author</TH>\n";
  $output .= "  <TH>operations</TH>\n";
  $output .= " </TR>\n";

  while ($comment = db_fetch_object($result)) {
Dries's avatar
 
Dries committed
79
    $output .= " <TR><TD>". ($comment->link == "story" ? "<A HREF=\"story.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A>" : check_output($comment->subject)) ."</TD><TD>". format_username($comment->userid, 1) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit</A></TD></TR>\n";
Dries's avatar
 
Dries committed
80 81 82
  }

  $output .= "</TABLE>\n";
Dries's avatar
 
Dries committed
83

Dries's avatar
 
Dries committed
84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106
  print $output;
}

function comment_admin() {
  global $op, $id, $subject, $comment, $order;

  switch ($op) {
    case "edit":
      comment_edit($id);
      break;
    case "Save comment":
      comment_save($id, $subject, $comment);
      comment_edit($id);
      break;
    case "Update":
      comment_display($order);
      break;
    default:
      comment_display();
  }
}

?>