--- /dev/null
+<?php\r
+\r
+class NPG_COMMENTS {\r
+\r
+ var $itemid;\r
+ var $itemactions;\r
+ var $commentcount;\r
+ \r
+ function NPG_COMMENTS($itemid) {\r
+ $this->itemid = intval($itemid);\r
+ }\r
+ \r
+ function setItemActions(&$itemActions) {\r
+ $this->itemActions =& $itemActions;\r
+ }\r
+ \r
+ function showComments( & $template, $maxToShow = -1, $showNone = 1) {\r
+ \r
+ \r
+ $actions = & new NPG_COMMENTACTIONS($this);\r
+ $parser = & new PARSER($actions->getdefinedactions(), $actions);\r
+ $actions->settemplate($template);\r
+ $actions->setparser($parser);\r
+ \r
+ if ($maxToShow == 0) {\r
+ $this->commentcount = $this->amountComments();\r
+\r
+ } else {\r
+ $query = 'select * from '.sql_table('plug_gallery_comment').\r
+ ' where cpictureid='.intval($this->itemid).' order by ctime';\r
+ $comments = sql_query($query);\r
+ $this->commentcount = mysql_num_rows($comments);\r
+ \r
+ }\r
+ \r
+ if($this->commentcount == 0) {\r
+ echo __NPG_NO_COMMENTS.'<br/>';\r
+ return 0;\r
+ }\r
+ if (($maxToShow != -1) && ($this->commentcount > $maxToShow)) return 0;\r
+ \r
+ \r
+ //$template->readall();\r
+ $parser->parse($template->section['COMMENT_HEADER']);\r
+ while($comment = mysql_fetch_assoc($comments)) {\r
+ $actions->setcurrentcomment($comment);\r
+ $parser->parse($template->section['COMMENT_BODY']);\r
+ }\r
+ $parser->parse($template->section['COMMENT_FOOTER']);\r
+ \r
+ mysql_free_result($comments);\r
+ return $this->commentcount;\r
+ \r
+ }\r
+ \r
+ function amountComments() {\r
+ $query = 'select count(*)'.\r
+ ' from '.sql_table('plug_gallery_comment').\r
+ ' where cpictureid='.intval($this->itemid);\r
+ $res = sql_query($query);\r
+ $arr = mysql_fetch_row($res);\r
+ return $arr[0];\r
+ }\r
+ \r
+ function addComment($comment) {\r
+ global $member,$NPG_CONF,$CONF;\r
+ \r
+ if ($CONF['ProtectMemNames'] && !$member->isLoggedIn() && MEMBER::isNameProtected($comment['user']))\r
+ return _ERROR_COMMENTS_MEMBERNICK;\r
+ \r
+ $isvalid = $this->isValidComment($comment);\r
+ if ($isvalid != 1)\r
+ return $isvalid;\r
+ \r
+ \r
+ $comment['host'] = gethostbyaddr(serverVar('REMOTE_ADDR'));\r
+ $comment['ip'] = serverVar('REMOTE_ADDR');\r
+ \r
+ if ($member->isLoggedIn()) {\r
+ $comment['memberid'] = $member->getID();\r
+ $comment['user'] = '';\r
+ $comment['userid'] = '';\r
+ } else {\r
+ $comment['memberid'] = 0;\r
+ }\r
+ \r
+ $comment = NPG_COMMENT::prepare($comment);\r
+ $name = addslashes($comment['user']);\r
+ $usid = addslashes($comment['userid']);\r
+ $body = addslashes($comment['body']);\r
+ $host = addslashes($comment['host']);\r
+ $ip = addslashes($comment['ip']);\r
+ $memberid = intval($comment['memberid']);\r
+ $pictureid = intval($this->itemid);\r
+ \r
+ $query = 'insert into '.sql_table('plug_gallery_comment').\r
+ '(cbody, cuser, cmail, chost, cip, cmemberid, ctime, cpictureid) '.\r
+ " values ('$body','$name','$usid','$host','$ip','$memberid',NULL,$pictureid) ";\r
+ sql_query($query);\r
+ $commentid = mysql_insert_id();\r
+ return true;\r
+ }\r
+ \r
+ function isValidComment($comment) {\r
+ global $member,$manager;\r
+ \r
+ if (eregi('[a-zA-Z0-9|\.,;:!\?=\/\\]{90,90}',$comment['body']) != false)\r
+ return _ERROR_COMMENT_LONGWORD;\r
+\r
+ // check lengths of comment\r
+ if (strlen($comment['body'])<3)\r
+ return _ERROR_COMMENT_NOCOMMENT;\r
+\r
+ if (strlen($comment['body'])>5000)\r
+ return _ERROR_COMMENT_TOOLONG;\r
+\r
+ // only check username if no member logged in\r
+ if (!$member->isLoggedIn())\r
+ if (strlen($comment['user'])<2)\r
+ return _ERROR_COMMENT_NOUSERNAME;\r
+ \r
+ $result = 1;\r
+ \r
+ $manager->notify('ValidateForm', array('type' => 'comment', 'comment' => &$comment, 'error' => &$result));\r
+ \r
+ return $result;\r
+ }\r
+ \r
+}\r
+\r
+class NPG_COMMENT extends COMMENT {\r
+\r
+\r
+}\r
+\r
+\r
+class NPG_COMMENTACTIONS extends BaseActions {\r
+ var $currentComment;\r
+ var $commentsObj;\r
+ var $parser;\r
+ var $template;\r
+ \r
+ function NPG_COMMENTACTIONS(&$comments) {\r
+ $this->BaseActions();\r
+ $this->setCommentsObj($comments);\r
+ }\r
+ \r
+ function getdefinedactions() {\r
+ return array(\r
+ 'commentcount',\r
+ 'commentword',\r
+ 'picturelink',\r
+ 'pictureid',\r
+ 'date',\r
+ 'time',\r
+ 'commentid',\r
+ 'body',\r
+ 'memberid',\r
+ 'host',\r
+ 'ip',\r
+ 'user',\r
+ 'userid',\r
+ 'userlink',\r
+ 'userlinkraw',\r
+ 'timestamp' );\r
+ }\r
+ \r
+ function setCommentsObj(& $cobj) { $this->commentsObj = & $cobj; }\r
+ function setparser(& $parser) { $this->parser = & $parser; }\r
+ function settemplate(& $template) { $this->template = & $template; }\r
+ function setcurrentcomment(& $comment) {\r
+ if ($comment['cmemberid'] != 0) {\r
+ //$comment['authtext'] = $template['COMMENTS_AUTH'];\r
+\r
+ $mem = MEMBER::createFromID($comment['cmemberid']);\r
+ $comment['cuser'] = $mem->getDisplayName();\r
+ if ($mem->getURL())\r
+ $comment['cuserid'] = $mem->getURL();\r
+ else\r
+ $comment['cuserid'] = $mem->getEmail();\r
+\r
+ $comment['cuserlinkraw'] = \r
+ createMemberLink(\r
+ $comment['cmemberid'],\r
+ $this->commentsObj->itemActions->linkparams\r
+ );\r
+ } else {\r
+\r
+ // create smart links\r
+ if (isValidMailAddress($comment['userid']))\r
+ $comment['userlinkraw'] = 'mailto:'.$comment['userid'];\r
+ elseif (strstr($comment['userid'],'http://') != false)\r
+ $comment['userlinkraw'] = $comment['userid'];\r
+ elseif (strstr($comment['userid'],'www') != false)\r
+ $comment['userlinkraw'] = 'http://'.$comment['userid'];\r
+ }\r
+\r
+ $this->currentComment =& $comment;\r
+\r
+ }\r
+ \r
+ function parse_commentcount() {echo $this->commentsObj->commentcount;}\r
+ //this needs to be modified so not hardcoded\r
+ function parse_commentword() { echo 'comment';}\r
+ \r
+ function parse_picturelink() { echo generatelink('item',$this->commentsObj->itemid);}\r
+ function parse_pictureid() { echo $this->commentsObj->itemid; }\r
+ function parse_date() {\r
+ $this->parse_timestamp('l jS of F Y');\r
+ }\r
+ \r
+ function parse_time() {\r
+ $this->parse_timestamp('h:i:s A');\r
+ }\r
+ \r
+ function parse_commentid() {echo $this->currentComment['commentid']; }\r
+ function parse_body() { echo $this->currentComment['cbody']; }\r
+ function parse_memberid() { echo $this->currentComment['cmemberid']; }\r
+ function parse_timestamp($format = 'l jS of F Y h:i:s A') {\r
+ $d = $this->currentComment['ctime'];\r
+ $d = converttimestamp($d);\r
+ $d = date($format,$d);\r
+ echo $d;\r
+ }\r
+ function parse_host() { echo $this->currentComment['chost']; }\r
+ function parse_ip() { echo $this->currentComment['cip']; }\r
+ \r
+ function parse_user() { echo $this->currentComment['cuser']; }\r
+ function parse_userid() { echo $this->currentComment['cuserid']; }\r
+ function parse_userlinkraw() { echo $this->currentComment['cuserlinkraw']; }\r
+ function parse_userlink() {\r
+ if ($this->currentComment['cuserlinkraw']) {\r
+ echo '<a href="'.$this->currentComment['cuserlinkraw'].'" rel="nofollow">'.$this->currentComment['cuser'].'</a>';\r
+ } else {\r
+ echo $this->currentComment['cuser'];\r
+ }\r
+ }\r
+ \r
+ \r
+}\r
+\r
+?>\r