comment.module

<?php
// $Id$

$GLOBALS["cmodes"] = array(1 => t("Flat list - collapsed"), 2 => t("Flat list - expanded"), 3 => t("Threaded list - collapsed"), 4 => t("Threaded list - expanded"));
$GLOBALS["corder"] = array(1 => t("Date - newest first"), 2 => t("Date - oldest first"));

function comment_help() {
-  $output .= t("<p>The comment module enables users to submit posts that are directly associated with a piece of content, a node.  These associated posts are called <i>comments</i>.  Comments may be <i>threaded</i>, which means that Drupal keeps track of multiple subconversations around a piece of content.  Threading helps to keep the comment conversation organized.  Users are presented with several ways to view the comment conversation, and if desired, users may easily choose a <i>flat</i> presentation of comments instead of a threaded one.  Further, users may choose to order their comments view by <i>newest comments first</i> or by <i>oldest comments first</i>.  Finally, users may view a folded list, where only comment <i>subjects</i> are displayed, or an expanded list, where the whole comment is shown.</p>");
-  $output .= t("<p>Since a busy site generates lots of comments, Drupal takes care to present a personalized view of comments for each user. A user can setup how they want they comments displayed -- Threaded/Flat, Expanded/Folded -- and how many comments to display per page. If there are more comments than you have configured to display on a page, navigation links are displayed.  The home page displays, for the current user, the number of read and unread comments for a given node.  Also, the tracker module (when installed) displays all recent comments on the site.  Finally, comments which the user has not yet read are highlighted with a red star (this graphic may depend on the current theme).</p>");
-  $output .= t("<p>Comments behave like other user submissions in Drupal.  Specifically, if the administrator has enabled them, ". l("filters", "admin/system/filters") .", like smileys and HTML, work fine.  Also, throttles are usually enabled to prevent a single user from spamming the web site with too many comments in a short period of time.</p>");
-  $output .= t("<p>Administrators may control which roles are allowed to submit, submit without moderation, view and administer comments using the \"post comments\", \"post comments without approval\", \"access comments\", and \"administrate comments\" ". l("user permissions", "admin/user/permission") .".  Additionally, administrators may set the default display view, edit or search through comments on the ". l("comments admininistration page", "admin/comment") .".</p>");
-  $output .= t("<p>If you really have a lot of comments, you can enable moderation. You assign ". l("moderation permissions", "admin/user/permission") ." to role(s), then setup some \"". l("moderation votes","admin/comment/moderation/votes") ."\"; these votes will appear to moderators in a dropdown menu near the comment. You also have to assign, for every role and every vote, ". l("a value", "admin/comment/moderation/matrix") .", which can be either positive or negative. This allows, if you wish, some roles to have greater \"weight\" in their moderation. If you set a value to 0, that vote won't be available to that role. When a user moderates, the value of their vote is added or subtracted to the score of that comment. Next your have to setup the \"". l("Queue settings", "admin/system/modules/queue") ."\" to allow a moderated comment to either be posted or dumpped. Finally, you may want to setup the ". l("comment thresholds", "admin/comment/moderation/threshold") .": these are floor/ceiling values which users can set in the comment control panel. Thresholds are useful for hiding poorly rated comments from your users while they are reading.</p>");

  return $output;
}

function comment_system($field) {
  $system["description"] = t("Enables user to comment on content (nodes).");
  $system["admin_help"] = t("Comments can be attached to any node. Below are the settings for comments. The display comes in two types, a \"flat list\" where everything is flush to the left side, and comments come in cronological order, and a \"threaded list\" where comments to other comments are placed immediately below the orignal, and slightly indented forming an outline of comments. They also come in two styles: \"expanded\", where you get to see both the title and the contents, and \"collapsed\" where you only see the titles. To set the default threshold you first have to set up thresholds in the <a href=\"%threshold\">comment management &gt;&gt; comment moderation &gt;&gt; thresholds</a> area. Preview comment forces a user to click on a \"Preview\" button so they can see what their comment will look like before they can actually add the comment to the system. If \"New comment form\" is enabled then at the bottom of every comment page there will be a form too add a new comment.", array("%threshold" => url("admin/comment/moderation/filters")));
  return $system[$field];
}

function comment_settings() {
  global $cmodes, $corder;

  $output .= form_select(t("Default display mode"), "comment_default_mode", variable_get("comment_default_mode", 4), $cmodes, t("The default view for comments. Expanded views display the body of the comment. Threaded views keep replies together."));
  $output .= form_select(t("Default display order"), "comment_default_order", variable_get("comment_default_order", 1), $corder, t("The default sorting for new users and anonymous users while viewing comments. These users may change their view using the comment control panel. For registered users, this change is remembered as a persistent user preference."));
  $output .= form_textfield(t("Default comments per page"), "comment_default_per_page", variable_get("comment_default_per_page", "50"), 5, 5, t("Default number of comments for each page; more comments are distributed in several pages."));

  $result = db_query("SELECT fid, filter FROM moderation_filters");
  while ($filter = db_fetch_object($result)) {
    $thresholds[$filter->fid] = ($filter->filter);
  }

  $output .= form_select(t("Default threshold"), "comment_default_threshold", variable_get("comment_default_threshold", 0), $thresholds, t("Thresholds are values below which comments are hidden. These thresholds are useful for busy sites which want to hide poor comments from most users."));

  $output .= form_select(t("Preview comment"), "comment_preview", variable_get("comment_preview", 1), array(t("Optional"), t("Required")), t("Must users preview comments before submitting?"));
  $output .= form_select(t("New comment form"), "comment_new_form", variable_get("comment_new_form", 0), array(t("Disabled"), t("Enabled")), t("New comment form in the node page?"));
  $output .= form_select(t("Comment controls"), "comment_controls", variable_get("comment_controls", 0), array(t("Above comments"), t("Below comments"), t("Above and below")), t("Position of the comment controls box."));

  return $output;
}

function comment_user($type, $edit, &$user) {
  switch ($type) {
    case "view_public":
      if ($user->signature) {
        return form_item(t("Signature"), check_output($user->signature));
      }
      break;
    case "view_private":
      if ($user->signature) {
        return form_item(t("Signature"), check_output($user->signature));
      }
      break;
    case "edit_form":
      // when user tries to edit his own data
      return form_textarea(t("Signature"), "signature", $edit["signature"], 70, 3, t("Your signature will be publicly displayed at the end of your comments.") ."<br />". t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>")));
    case "edit_validate":
      // validate user data editing
      return array("signature" => $edit["signature"]);
  }
}

function comment_access($op, $comment) {
  global $user;

  if ($op == "edit") {

    /*
    ** Authenticated users can edit their comments as long they have
    ** not been replied to.  This, in order to avoid people changing
    ** or revising their statements based on the replies their posts
    ** got. Furthermore, users can't reply to their own comments and
    ** are encouraged to extend their original comment.
    */

    return $user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0;
  }

}

function comment_form($edit) {
  global $user;

  $form .= "<a name=\"comment\"></a>\n";

  // name field:
  $form .= form_item(t("Your name"), format_name($user));

  // subject field:
  $form .= form_textfield(t("Subject"), "subject", $edit["subject"], 50, 64);

  // comment field:
  $form .= form_textarea(t("Comment"), "comment", $edit["comment"] ? $edit["comment"] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "<a> <b> <dd> <dl> <dt> <i> <li> <ol> <u> <ul>")));

  // preview button:
  $form .= form_hidden("cid", $edit["cid"]);
  $form .= form_hidden("pid", $edit["pid"]);
  $form .= form_hidden("nid", $edit["nid"]);

  if (!$edit["comment"] && variable_get("comment_preview", 1)) {
    $form .= form_submit(t("Preview comment"));
  }
  else {
    $form .= form_submit(t("Preview comment"));
    $form .= form_submit(t("Post comment"));
  }

  return form($form, "post", url("comment/reply/". $edit["nid"]));
}

function comment_edit($cid) {
  global $user;

  $comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name, u.data FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = %d AND c.status != 2", $cid));

  if (comment_access("edit", $comment)) {
    comment_preview(object2array($comment));
  }
}

function comment_reply($pid, $nid) {


  if (user_access("access comments")) {

    /*
    ** Show comment
    */

    if ($pid) {
      $comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name, u.data FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0", $pid));
      comment_view($comment);
    }
    else {
      node_view(node_load(array("nid" => $nid)));
      $pid = 0;
    }

    /*
    ** If possible, show reply form
    */

    if (node_comment_mode($nid) == 1) {
      theme("box", t("Reply"), t("This discussion is closed: you can't post new comments."));
    }
    else if (user_access("post comments", $context)) {
      theme("box", t("Reply"), comment_form(array("pid" => $pid, "nid" => $nid)));
    }
    else {
      theme("box", t("Reply"), t("You are not authorized to post comments."));
    }
  }
  else {
    theme("box", t("Reply"), t("You are not authorized to view comments."));
  }
}

function comment_preview($edit) {
  global $user;

  foreach ($edit as $key => $value) {
    $comment->$key = $value;
  }

  /*
  ** Attach the user and time information:
  */

  $comment->uid = $user->uid;
  $comment->name = $user->name;
  $comment->timestamp = time();

  /*
  ** Preview the comment:
  */

  comment_view($comment);

  theme("box", t("Reply"), comment_form($edit));

  if ($edit["pid"]) {
    $comment = db_fetch_object(db_query("SELECT c.*, u.uid, u.name, u.data FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0", $edit["pid"]));
    comment_view($comment);
  }
  else {
    node_view(node_load(array("nid" => $edit["nid"])));
    $edit["pid"] = 0;
  }
}

function comment_post($edit) {
  global $user;

  if (user_access("post comments") && node_comment_mode($edit["nid"]) == 2) {

    /*
    ** Validate the comment's subject.  If not specified, extract
    ** one from the comment's body.
    */

    $edit["subject"] = strip_tags($edit["subject"]);

    if ($edit["subject"] == "") {
      $edit["subject"] = substr(strip_tags($edit["comment"]), 0, 29);
    }

    /*
    ** Validate the comment's body.
    */

    if ($edit["comment"] == "") {
      return array(t("Empty comment"), t("The comment you submitted is empty."));
    }

    /*
    ** Check for duplicate comments.  Note that we have to use the
    ** validated/filtered data to perform such check.
    */

    $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit["pid"], $edit["nid"], $edit["subject"], $edit["comment"]), 0);

    if ($duplicate != 0) {
      watchdog("warning", "comment: duplicate '". $edit["subject"] ."'");
      return array(t("Duplicate comment"), t("The comment you submitted has already been inserted."));
    }
    else {

      if ($edit["cid"]) {

        /*
        ** Update the comment in the database.  Note that the update
        ** query will fail if the comment isn't owned by the current
        ** user.
        */

        db_query("UPDATE comments SET subject = '%s', comment = '%s' WHERE cid = %d AND uid = '$user->uid'", $edit["subject"], $edit["comment"], $edit["cid"]);

        /*
        ** Fire a hook
        */

        module_invoke_all("comment", "update", $edit);

        /*
        ** Add entry to the watchdog log:
        */

        watchdog("special", "comment: updated '". $edit["subject"] ."'", l(t("view comment"), "node/view/". $edit["nid"] ."#". $edit["cid"]));
      }
      else {
        /*
        ** Check the user's comment submission rate.  If exceeded,
        ** throttle() will bail out.
        */

        throttle("post comment", variable_get("max_comment_rate", 60));

        /*
        ** Add the comment to database:
        */

        $status = user_access("post comments without approval") ? 0 : 1;
        $roles = variable_get("comment_roles", array());
        $score = $roles[$user->rid] ? $roles[$user->rid] : 0;
        $users = serialize(array(0 => $score));

        $edit["cid"] = db_next_id("comments_cid");

        db_query("INSERT INTO comments (cid, nid, pid, uid, subject, comment, hostname, timestamp, status, score, users) VALUES (%d, %d, %d, %d, '%s', '%s', '%s', %d, %d, %d, '%s')", $edit["cid"], $edit["nid"], $edit["pid"], $user->uid, $edit["subject"], $edit["comment"], getenv("REMOTE_ADDR"), time(), $status, $score, $users);

        /*
        ** Tell the other modules a new comment has been submitted:
        */

        module_invoke_all("comment", "insert", $edit);

        /*
        ** Add entry to the watchdog log:
        */

        watchdog("special", "comment: added '". $edit["subject"] ."'", l(t("view comment"), "node/view/". $edit["nid"] ."#". $edit["cid"]));
      }

      /*
      ** Clear the cache so an anonymous user can see his comment being
      ** added.
      */

      cache_clear_all();
    }
  }
  else {
    watchdog("error", "comment: unauthorized comment submitted or comment submitted to a closed node '". $edit["subject"] ."'");
    return array(t("Error"), t("You are not authorized to post comments, or this node doesn't accept new comments."));
  }

  /*
  ** Redirect the user the node he commented on, or explain queue
  */

  if ($status == 1) {
    return array(t("Comment queued"), t("Your comment has been queued for moderation by site administrators and will be published after approval."));
  }
}

function comment_links($comment, $return = 1) {
  global $user;

  $links = array();

  /*
  ** If we are viewing just this comment, we link back to the node
  */

  if ($return) {
    $links[] = l(t("parent"), "node/view/$comment->nid#$comment->cid");
  }

  /*
  ** Admin link
  */

  if (user_access("administer comments") && user_access("access administration pages")) {
    $links[] = l(t("administer"), "admin/comment/edit/$comment->cid");
  }

  /*
  ** Possibly show edit and reply links
  */

  if (node_comment_mode($comment->nid) == 2) {
    if (user_access("post comments")) {
      if (comment_access("edit", $comment)) {
        $links[] = l(t("edit your comment"), "comment/edit/$comment->cid", array("title" => t("Make changes to your comment.")));
      }
      $links[] = l(t("reply to this comment"), "comment/reply/$comment->nid/$comment->cid");
    }
    else {
      $links[] = theme("comment_post_forbidden");
    }
  }

  if ($moderation = comment_moderation_form($comment)) {
    $links[] = $moderation;
  }

  return theme("links", $links);
}

function comment_view($comment, $links = "", $visible = 1) {

  /*
  ** Switch to folded/unfolded view of the comment
  */

  if (node_is_new($comment->nid, $comment->timestamp)) {
    $comment->new = 1;
    print "<a name=\"new\"></a>\n";
  }

  print "<a name=\"$comment->cid\"></a>\n";

  if ($visible) {
    $comment->comment = check_output($comment->comment);
    theme("comment", $comment, $links);
  }
  else {
    theme("comment_folded", $comment);
  }
}

function comment_render($node, $cid = 0) {
  global $user, $mode, $order, $threshold, $comment_page;

  if (user_access("access comments")) {

    /*
    ** Pre-process variables:
    */

    $nid = $node->nid;
    if (empty($nid)) {
      $nid = 0;
    }

    if (empty($mode)) {
      $mode = $user->mode ? $user->mode : variable_get("comment_default_mode", 4);
    }

    if (empty($order)) {
      $order = $user->sort ? $user->sort : variable_get("comment_default_order", 1);
    }

    if (empty($threshold)) {
      $threshold = $user->uid ? $user->threshold : variable_get("comment_default_threshold", 0);
    }
    $threshold_min = db_result(db_query("SELECT minimum FROM moderation_filters WHERE fid = %d", $threshold));

    if (empty($comment_page)) {
      $comment_page = 1;
    }

    $comments_per_page = $user->comments_per_page ? $user->comments_per_page : variable_get("comment_default_per_page", "50");

    print "<a name=\"comment\"></a>\n";


    if ($cid) {

      /*
      ** Single comment view
      */

      print "<form method=\"post\" action=\"". url("comment") ."\">\n";
      print form_hidden("nid", $nid);

      $result = db_query("SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name, u.data, c.score, c.users FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0 GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name, u.data, c.score, c.users", $cid);

      if ($comment = db_fetch_object($result)) {
        comment_view($comment, comment_links($comment));
      }

      if ((comment_user_can_moderate($node)) && $user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
        print "<div align=\"center\">". form_submit(t("Moderate comment")) ."</div><br />";
      }
      print "</form>";
    }
    else {

      /*
      ** Multiple comments view
      */

      $query .= "SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name, u.data, c.score, c.users FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.nid = '". check_query($nid) ."' AND c.status = 0";

      if ($cid) {
        $query .= " AND pid = '". check_query($cid) ."'";
      }

      $query .= " GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name, u.data, c.score, c.users";

      if ($order == 1) {
        $query .= " ORDER BY c.timestamp DESC";
      }
      else if ($order == 2) {
        $query .= " ORDER BY c.timestamp";
      }

      /*
      ** Start a form, to use with comment control and moderation
      */

      $result = db_query($query);
      $comment_num = db_num_rows($result);

      if ($comment_num && ((variable_get("comment_controls", 0) == 0) || (variable_get("comment_controls", 0) == 2))) {
        print "<form method=\"post\" action=\"". url("comment") ."\">\n";
        theme("box", t("Control panel"), theme("comment_controls", $threshold, $mode, $order, $nid, $comment_page, $comment_num, $comments_per_page));
        print form_hidden("nid", $nid);
        print "</form>";
      }

      print "<form method=\"post\" action=\"". url("comment") ."\">\n";
      print form_hidden("nid", $nid);

      if ($comment_num) {
        if ($mode == 1) {
          /*
          ** Flat collapsed
          */

          while ($comment = db_fetch_object($result)) {
            $comments[$comment->cid] = $comment;
          }
          theme("comment_flat_collapsed", $comments, $threshold_min);
        }
        else if ($mode == 2) {
          /*
          ** Flat expanded
          **
          ** We page using PHP, not using SQL because otherwise we'd
          ** have to use two queries; one for each comment and one for
          ** the paged comments.  In method 1-3 we take all results
          ** anyway, wheras in method 4 we need every result to create
          ** proper pages.  It is here where we lose more, in fact for
          ** higher pages we transfer unneeded data from the db and
          ** the web server.
          **
          ** TODO: the comment above is a bit cryptic.  Mind to make it
          **       a bit more verbose/explanatory?
          */

          $comment_num = 0;
          $page = 1;
          while ($comment = db_fetch_object($result)) {
            if ($page == $comment_page) {
              $comments[$comment->cid] = $comment;
            }
            $comment_num++;
            if ($comment_num == $comments_per_page) {
              if ($page == $comment_page) {
                break;
              }
              else {
                $comment_num = 0;
                $page++;
              }
            }

            if ($user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
              $show_moderate_button = 1;
            }
          }

          theme("comment_flat_expanded", $comments, $threshold_min);

          if (comment_user_can_moderate($node) && $show_moderate_button) {
            print "<div align=\"center\">". form_submit(t("Moderate comments")) ."</div><br />";
          }
        }
        else if ($mode == 3) {
          /*
          ** Threaded collapsed
          */

          while ($comment = db_fetch_object($result)) {
            $comments[$comment->cid] = $comment;
          }
          if ($comments) {
            theme("comment_thread_min", $comments, $threshold_min);
          }
        }
        else {
          /*
          ** Threaded expanded
          */

          while ($comment = db_fetch_object($result)) {
            $comments[$comment->cid] = $comment;

            if ($user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
              $show_moderate_button = 1;
            }
          }

          /*
          ** Build the comment structure
          */

          $structure = comment_thread_structure($comments, 0, 0, array());

          $comment_num = 0;
          $page = 1;
          foreach ($structure as $cid => $depth) {
            if ($page == $comment_page) {
              theme("comment_thread_max", $comments[$cid], $threshold_min, $depth - 1);
            }
            $comment_num++;
            if ($comment_num == $comments_per_page) {
              if ($page == $comment_page) {
                break;
              }
              else {
                $comment_num = 0;
                $page++;
              }
            }
          }

          if (comment_user_can_moderate($node) && $show_moderate_button) {
            print "<div align=\"center\">". form_submit(t("Moderate comments")) ."</div><br />";
          }
        }
      }

      print "</form>";

      if ($comment_num && ((variable_get("comment_controls", 0) == 1) || (variable_get("comment_controls", 0) == 2))) {
        print "<form method=\"post\" action=\"". url("comment") ."\">\n";
        theme("box", t("Control panel"), theme("comment_controls", $threshold, $mode, $order, $nid, $comment_page, $comment_num, $comments_per_page));
        print form_hidden("nid", $nid);
        print "</form>";
      }
    }

    /*
    ** If enabled, show new comment form
    */

    if (user_access("post comments") && node_comment_mode($nid) == 2 && variable_get("comment_new_form", 0)) {
      theme("box", t("Post new comment"), comment_form(array("nid" => $nid)));
    }

  }
}

function comment_perm() {
  return array("access comments", "post comments", "administer comments", "moderate comments", "post comments without approval", "administer moderation");
}

function comment_link($type, $node = 0, $main = 0) {

  if ($type == "node" && $node->comment) {

    if ($main) {

      /*
      ** Main page: display the number of comments that have been posted.
      */

      if (user_access("access comments")) {
        $all = comment_num_all($node->nid);
        $new = comment_num_new($node->nid);

        if ($all) {
          $links[] = l(format_plural($all, "1 comment", "%count comments"), "node/view/$node->nid#comment", array("title" => t("Jump to the first comment of this posting.")));

          if ($new) {
            $links[] = l(format_plural($new, "1 new comment", "%count new comments"), "node/view/$node->nid#new", array("title" => t("Jump to the first new comment of this posting.")));
          }
        }
        else {
          if (user_access("post comments")) {
            $links[] = l(t("add new comment"), "comment/reply/$node->nid", array("title" => t("Add a new comment to this page.")));
          }
          else {
            $links[] = theme("comment_post_forbidden");
          }
        }
      }
    }
    else {
      /*
      ** Node page: add a "post comment" link if the user is allowed to
      ** post comments and if this node is not read-only
      */

      if ($node->comment == 2) {
        if (user_access("post comments")) {
          $links[] = l(t("add new comment"), "comment/reply/$node->nid", array("title" => t("Share your thoughts and opinions related to this posting.")));
        }
        else {
          $links[] = theme("comment_post_forbidden");
        }
      }
      else {
        $links[] = t("Closed discussion: you can't post new comments.");
      }
    }
  }

  if ($type == "admin" && user_access("administer comments")) {
    $help["general"] = t("Comments let users give feedback to content authors.  Here you may review/approve/deny recent comments, and configure moderation if desired.");
    $help["post-overview"] = t("Click on <a href=\"%nup\">new or updated comments</a> to see your latest comments, or <a href=\"%queue\">comment approval queue</a> to approve new comments.", array("%nup" => url("admin/comment/0"), "%queue" => url("admin/comment/1")));
    $help["new-update"] = t("Below is a list of the latest comments posted your site. Click on a subject to see the comment, the author's name to edit the author's user information , \"edit comment\" to edit the comment, and \"delete comment\" to remove the comment.");
    $help["queue"] = t("Below is a list of the comments posted to your site that need <b>approval</b>. To approve a comment click on <b>\"edit comment\"</b> and then change it's <b>moderation status</b> to Approved.<br />Click on a subject to see the comment, the author's name to edit the author's user information, \"edit comment\" to edit the comment, and \"delete comment\" to remove the comment.");
    $help["moderation-overview"] = t("If you have a get a lot of comments, you can enable comment moderation. Once moderation is enabled users can vote on a comment based on dropdown menus. <a href=\"%votes\">votes</a> sets up the names of each item, and the order of the menu, using weights. <a href=\"%matrix\">matrix</a> sets up the value of each user's vote, and <a href=\"%threshold\">threshold</a> sets up the levels at which a comment will be displayed.", array("%votes" => url("admin/comment/moderation/votes"), "%matrix" => url("admin/comment/moderation/matrix"), "%threshold" => url("admin/comment/moderation/threshold")));
    $help["moderation-vote"] = t("Here is where you setup the names of each type of vote. Weight lets you set the order of the drop down menu. Click <b>edit</b> to edit a current vote weight.<br />Notes: <ul><li>you can have more than one type with the same name. The system does not protect you from this.</li><li>To <b>delete</b> a name/weight combiniation go to the <b>edit</b> area.</li></ul>");
    $help["moderation-matrix"] = t("Here is where you assign a value to each item in the dropdown. This value is added to the vote total, which is then divided by the number of users who have voted and rounded off to the nearest integer.<br />Notes:<ul><li>In order to use comment moderation, every text box on this page should be populated.</li><li>You must assign the <b>moderate comments</b> permission to at least one role in order to use this page.</li><li>Every box not filled in will have a value of zero, which will have the effect of <b>lowering</b> a comments over all score.</li></ul> ");
    $help["moderation-threshold"] = t("<i>Optional</i> Here you can setup the name and minimum \"cut off\" score to help your users hide comments that they don't want too see. These thresholds appear in the Comment Control Panel. Click \"edit\" to edit the values of an already exsisting threashold. To <b>delete</b> a threshold click on \"edit\". ");
    $help["initial"] = t("Here you can setup the <b>initial</b> vote value of a comment posted by each user role. This value is used before any other users vote on the comment.<br />Note: Blank entries are valued at zero");
    $help["search"] = t("Enter a simple pattern ( '*' maybe used as a wildcard match) to search for a comment.  For example, one may search for 'br' and Drupal might return 'bread brakers', 'our daily bread' and 'brenda'.");

    menu("admin/comment", "comment management", "comment_admin", $help["general"], 2);
    menu("admin/comment/comments", "comment overview",NULL, $help["post-overview"], 2);
    menu("admin/comment/comments/0", "new or updated comments", "comment_admin", $help["new-update"], 1);
    menu("admin/comment/comments/1", "comment approval queue", "comment_admin", $help["queue"], 2);
    menu("admin/comment/search", "search comments", "comment_admin", $help["search"], 8);
    menu("admin/comment/help", "help", "comment_help", NULL, 9);
    menu("admin/comment/edit", "edit comment", "comment_admin", NULL, 0, 1);

    // comment settings:
    if (user_access("administer moderation")) {
      menu("admin/comment/moderation", "comment moderation", NULL, $help["moderation-overview"], 3);
      menu("admin/comment/moderation/votes", "votes", "comment_admin", $help["moderation-vote"]);
      menu("admin/comment/moderation/matrix", "matrix", "comment_admin", $help["moderation-matrix"]);
      menu("admin/comment/moderation/filters", "thresholds", "comment_admin", $help["moderation-threshold"]);
      menu("admin/comment/roles", "initial comment scores", "comment_admin", $help["initial"], 6);
    }
  }

  return $links ? $links : array();
}

function comment_page() {
  $op = $_POST["op"];
  $edit = $_POST["edit"];

  if (empty($op)) {
    $op = arg(1);
  }

  switch ($op) {
    case "edit":
      theme("header");
      comment_edit(check_query(arg(2)));
      theme("footer");
      break;
    case t("Moderate comments"):
    case t("Moderate comment"):
      comment_moderate($edit);
      drupal_goto(url("node/view/". $edit["nid"]));
      break;
    case "reply":
      theme("header");
      comment_reply(check_query(arg(3)), check_query(arg(2)));
      theme("footer");
      break;
    case t("Preview comment"):
      theme("header");
      comment_preview($edit);
      theme("footer");
      break;
    case t("Post comment"):
      list($error_title, $error_body) = comment_post($edit);
      if ($error_body) {
        theme("header");
        theme("box", $error_title, $error_body);
        theme("footer");
      }
      else {
        drupal_goto(url("node/view/". $edit["nid"]));
      }
      break;
    case t("Save settings"):
      global $mode, $order, $threshold, $comments_per_page;
      comment_save_settings(check_query($mode), check_query($order), check_query($threshold), check_query($comments_per_page));
      drupal_goto(url("node/view/". $edit["nid"], "mode=$mode&amp;order=$order&amp;threshold=$threshold&amp;comments_per_page=$comments_per_page"));
      break;
  }
}

/**
*** admin functions
**/

function comment_node_link($node) {

  if (user_access("administer comments")) {

    /*
    ** Edit comments:
    */

    $result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE nid = %d AND c.status = 0 ORDER BY c.timestamp", $node->nid);


    $header = array(t("title"), t("author"), array("data" => t("operations"), "colspan" => 3));

    while ($comment = db_fetch_object($result)) {
      $rows[] = array(l($comment->subject, "node/view/$node->nid#$comment->cid"), format_name($comment), l(t("view comment"), "node/view/$node->nid#$comment->cid"), l(t("edit comment"), "admin/comment/edit/$comment->cid"), l(t("delete comment"), "admin/comment/delete/$comment->cid"));
    }

    if ($rows) {
      $output  = "<h3>". t("Edit comments") ."</h3>";
      $output .= table($header, $rows);
    }

    return $output;
  }
}

function comment_admin_edit($id) {

  $result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = %d AND c.status != 2", $id);
  $comment = db_fetch_object($result);

  // if a comment is "deleted", it's deleted
  if ($comment) {
    $form .= form_item(t("Author"), format_name($comment));
    $form .= form_textfield(t("Subject"), "subject", $comment->subject, 70, 128);
    $form .= form_textarea(t("Comment"), "comment", $comment->comment, 70, 15);
    $form .= form_select(t("Status"), "status", $comment->status, array("published", "not published"));
    $form .= form_hidden("cid", $id);
    $form .= form_submit(t("Submit"));
    $form .= form_submit(t("Delete"));

    return form($form);
  }
}

function comment_delete($edit) {

  if ($edit["confirm"]) {
    db_query("UPDATE comments SET status = 2 WHERE cid = %d", $edit["cid"]);
    watchdog("special", "comment: deleted comment #". $edit["cid"]);
    $output = "deleted comment.";
  }
  else {
    $output .= form_item(t("Confirm deletion"), "");
    $output .= form_hidden("cid", $edit["cid"]);
    $output .= form_hidden("confirm", 1);
    $output .= form_submit(t("Delete"));
    $output = form($output);
  }

  return $output;
}

function comment_save($id, $edit) {
  db_query("UPDATE comments SET subject = '%s', comment = '%s', status = %d WHERE cid = %d", $edit["subject"], $edit["comment"], $edit["status"], $id);
  watchdog("special", "comment: modified '". $edit["subject"] ."'");
  return "updated comment.";
}

function comment_admin_overview($status = 0) {

  $result = pager_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE c.status = '". check_query($status). "' ORDER BY c.timestamp DESC",  50);

  $header = array(t("subject"), t("author"), t("status"), array("data" => t("operations"), "colspan" => 2));
  while ($comment = db_fetch_object($result)) {
    $rows[] = array(l($comment->subject, "node/view/$comment->nid/$comment->cid#$comment->cid", array("title" => htmlentities(substr($comment->comment, 0, 128)))) ." ". (node_is_new($comment->nid, $comment->timestamp) ? theme_mark() : ""), format_name($comment), ($comment->status == 0 ? t("published") : t("not published")) ."</td><td>". l(t("edit comment"), "admin/comment/edit/$comment->cid"), l(t("delete comment"), "admin/comment/delete/$comment->cid"));
  }

  if ($pager = pager_display(NULL, 50, 0, "admin")) {
    $rows[] = array(array("data" => $pager, "colspan" => 5));
  }

  return table($header, $rows);
}

function comment_mod_matrix($edit) {

  $output .= "<h3>Moderators/vote values matrix</h3>";

  if ($edit) {
    db_query("DELETE FROM moderation_roles");
    foreach ($edit as $role_id => $votes) {
      foreach ($votes as $mid => $value) {
        $sql[] = "('$mid', '$role_id', '". ($value ? $value : 0 ) ."')";
      }
    }
    db_query("INSERT INTO moderation_roles (mid, rid, value) VALUES ". implode(", ", $sql));
  }

  $result = db_query("SELECT r.rid, r.name FROM role r, permission p WHERE r.rid = p.rid AND p.perm LIKE '%moderate comments%'");
  $role_names = array();
  while ($role = db_fetch_object($result)) {
    $role_names[$role->rid] = $role->name;
  }

  $result = db_query("SELECT rid, mid, value FROM moderation_roles");
  while ($role = db_fetch_object($result)) {
    $mod_roles[$role->rid][$role->mid] = $role->value;
  }

  $header = array_merge(array(t("votes")), array_values($role_names));

  $result = db_query("SELECT mid, vote FROM moderation_votes ORDER BY weight");
  while ($vote = db_fetch_object($result)) {
    $row = array($vote->vote);
    foreach (array_keys($role_names) as $rid) {
      $row[] = array("data" => form_textfield(NULL, "$rid][$vote->mid", $mod_roles[$rid][$vote->mid], 4, 3), "align" => "center");
    }
    $rows[] = $row;
  }
  $output .= table($header, $rows);
  $output .= "<br />". form_submit(t("Submit votes"));

  return form($output);
}

function comment_mod_roles($edit) {

  $output .= "<h3>Initial comment scores</h3>";

  if ($edit) {
    variable_set("comment_roles", $edit);
  }

  $start_values = variable_get("comment_roles", array());

  $result = db_query("SELECT r.rid, r.name FROM role r, permission p WHERE r.rid = p.rid AND p.perm LIKE '%post comments%'");

  $header = array(t("user role"), t("initial score"));

  while ($role = db_fetch_object($result)) {
    $rows[] = array($role->name, array("data" => form_textfield(NULL, $role->rid, $start_values[$role->rid], 4, 3), "align" => "center"));
  }

  $output .= table($header, $rows);
  $output .= "<br />". form_submit(t("Save scores"));

  return form($output);
}

function comment_mod_votes($edit) {
  $op = $_POST["op"];

  $mid = arg(4);

  if ($op == t("Save vote")) {
    db_query("UPDATE moderation_votes SET vote = '%s', weight = %d WHERE mid = %d", $edit["vote"], $edit["weight"], $mid);
    $mid = 0;
  }
  else if ($op == t("Delete vote")) {
    db_query("DELETE FROM moderation_votes WHERE mid = %d", $mid);
    db_query("DELETE FROM moderation_roles WHERE mid = %d", $mid);
    $mid = 0;
  }
  else if ($op == t("Add new vote")) {
    db_query("INSERT INTO moderation_votes (vote, weight) VALUES ('%s', %d)", $edit["vote"], $edit["weight"]);
    $mid = 0;
  }

  $output .= "<h3>" . t("Moderation votes overview") . "</h3>";
  $header = array(t("votes"), t("weight"), t("operations"));

  $result = db_query("SELECT mid, vote, weight FROM moderation_votes ORDER BY weight");
  while ($vote = db_fetch_object($result)) {
    $rows[] = array($vote->vote, array("data" => $vote->weight, "align" => "center"), array("data" => l(t("edit"), "admin/comment/moderation/votes/$vote->mid"), "align" => "center"));
  }
  $output .= table($header, $rows);

  if ($mid) {
    $vote = db_fetch_object(db_query("SELECT vote, weight FROM moderation_votes WHERE mid = %d", $mid));
  }

  $output .= "<br /><h3>". (isset($mid) ? "Edit" : "Add new") ."moderation option</h3>";
  $form .= form_textfield(t("Vote"), "vote", $vote->vote, 32, 64, t("The name of this vote.  Example: 'off topic', 'excellent', 'sucky'."));
  $form .= form_textfield(t("Weight"), "weight", $vote->weight, 32, 64, t("Used to order votes in the comment control box; heavier sink."));
  if ($mid) {
    $form .= form_submit(t("Save vote"));
    $form .= form_submit(t("Delete vote"));
  }
  else {
    $form .= form_submit(t("Add new vote"));
  }

  $output .= form($form);

  return $output;
}

function comment_mod_filters($edit) {
  $op = $_POST["op"];

  $fid = arg(4);

  if ($op == t("Save threshold")) {
    db_query("UPDATE moderation_filters SET filter = '%s', minimum = %d WHERE fid = %d", $edit["filter"], $edit["minimum"], $fid);
    $fid = 0;
  }
  else if ($op == t("Delete threshold")) {
    db_query("DELETE FROM moderation_filters WHERE fid = %d", $fid);