/Quản lý website trường trung học phổ thông PHP/lc1/modules/download/funcs/getcomment.php
PHP | 312 lines | 265 code | 38 blank | 9 comment | 38 complexity | 1a1055bebf5a2aaca83cc6b0aed63ace MD5 | raw file
- <?php
- /**
- * @Project NUKEVIET 3.0
- * @Author VINADES.,JSC (contact@vinades.vn)
- * @Copyright (C) 2010 VINADES., JSC. All rights reserved
- * @Createdate 3-6-2010 0:30
- */
- if ( ! defined( 'NV_IS_MOD_DOWNLOAD' ) ) die( 'Stop!!!' );
- //if ( ! defined( 'NV_IS_AJAX' ) ) die( 'Wrong URL' );
- $list_cats = nv_list_cats( true );
- //dang thao luan
- if ( $nv_Request->isset_request( 'ajax', 'post' ) )
- {
- if ( ! empty( $list_cats ) )
- {
-
- $in = implode( ",", array_keys( $list_cats ) );
-
- $id = $nv_Request->get_int( 'id', 'post', 0 );
- $data = $error = array();
- if ( $id )
- {
-
- $query = "SELECT `who_comment`, `groups_comment` FROM `" . NV_PREFIXLANG . "_" . $module_data . "` WHERE `id`=" . $id . " AND `catid` IN (" . $in . ") AND `status`=1 AND `comment_allow`=1";
- $result = $db->sql_query( $query );
- $numrows = $db->sql_numrows( $result );
-
- if ( $numrows )
- {
- list( $who_comment, $groups_comment ) = $db->sql_fetchrow( $result );
-
- if ( nv_set_allow( $who_comment, $groups_comment ) )
- {
- $uname = filter_text_input( 'uname', 'post', '', 1 );
- $uemail = filter_text_input( 'uemail', 'post', '' );
- $subject = filter_text_input( 'subject', 'post', '', 1 );
- $content = filter_text_textarea( 'content', '', NV_ALLOWED_HTML_TAGS );
- $seccode = filter_text_input( 'seccode', 'post', '' );
- $post_id = 0;
-
- if ( defined( 'NV_IS_USER' ) )
- {
- $uname = ! empty( $user_info['full_name'] ) ? $user_info['full_name'] : $user_info['username'];
- $uemail = $user_info['email'];
- $post_id = $user_info['userid'];
- }
-
- if ( ! nv_capcha_txt( $seccode ) )
- {
- $error[] = $lang_module['comment_error2'];
- }
-
- if ( empty( $uname ) or nv_strlen( $uname ) < 3 )
- {
- $error[] = $lang_module['comment_error3'];
- }
-
- if ( ( $validemail = nv_check_valid_email( $uemail ) ) != "" )
- {
- $error[] = $validemail;
- }
-
- if ( empty( $subject ) or nv_strlen( $subject ) < 3 )
- {
- $error[] = $lang_module['comment_error4'];
- }
-
- if ( empty( $content ) or nv_strlen( $content ) < 3 )
- {
- $error[] = $lang_module['comment_error5'];
- }
-
- $download_config = initial_config_data();
- if ( $download_config['is_autocomment_allow'] )
- {
- $status = 1;
- }
- else
- {
- $status = 0;
- }
- if ( ! empty( $error ) )
- {
- echo implode( "\n", $error );
- die();
- }
- $content = nv_nl2br( $content, "<br />" );
-
- $sql = "INSERT INTO `" . NV_PREFIXLANG . "_" . $module_data . "_comments` VALUES (
- NULL,
- " . $id . ",
- " . $db->dbescape( $subject ) . ",
- " . $post_id . ",
- " . $db->dbescape( $uname ) . ",
- " . $db->dbescape( $uemail ) . ",
- " . $db->dbescape( $client_info['ip'] ) . ",
- " . NV_CURRENTTIME . ",
- " . $db->dbescape( $content ) . ",
- '', 0, " . $status . ")";
-
- if ( ! $db->sql_query_insert_id( $sql ) )
- {
- $error[] = $lang_module['comment_error6'];
- }
- if ( $status )
- {
- $sql = "UPDATE `" . NV_PREFIXLANG . "_" . $module_data . "` SET `comment_hits`=comment_hits+1 WHERE `id`=" . $id;
- $db->sql_query( $sql );
- }
- if ( ! empty( $error ) )
- {
- echo implode( "\n", $error );
- die();
- }
- elseif ( $status == 1 )
- {
- die( "OK" );
- }
- else
- {
- die( "WAIT" );
- }
-
- }
- }
- }
- }
- }
- //list_comment
- $generate_page = "";
- if ( $nv_Request->isset_request( 'list_comment', 'get' ) )
- {
- if ( ! empty( $list_cats ) )
- {
- $in = implode( ",", array_keys( $list_cats ) );
-
- $id = $nv_Request->get_int( 'list_comment', 'get', 0 );
-
- if ( $id )
- {
- $array = array();
- $users = array();
- $admins = array();
-
- $page = $nv_Request->get_int( 'page', 'get', 0 );
- $per_page = 15;
-
- $query = "SELECT SQL_CALC_FOUND_ROWS a.id AS id, a.subject AS subject, a.post_id AS post_id, a.post_name AS post_name, a.post_email AS post_email,
- a.post_ip AS post_ip, a.post_time AS post_time, a.comment AS comment, a.admin_reply AS admin_reply, a.admin_id AS admin_id,
- c.email as email, c.full_name as full_name, c.photo as photo, c.view_mail as view_mail
- FROM `" . NV_PREFIXLANG . "_" . $module_data . "_comments` AS a
- INNER JOIN `" . NV_PREFIXLANG . "_" . $module_data . "` AS b ON a.fid = b.id
- LEFT JOIN `" . NV_USERS_GLOBALTABLE . "` as c ON a.post_id =c.userid
- WHERE a.fid=" . $id . " AND a.status=1 AND b.catid IN (" . $in . ") AND b.status=1 AND b.comment_allow=1
- ORDER BY a.post_time DESC LIMIT " . $page . "," . $per_page;
-
- $result = $db->sql_query( $query );
- $query = $db->sql_query( "SELECT FOUND_ROWS()" );
- list( $all_page ) = $db->sql_fetchrow( $query );
-
- if ( $all_page )
- {
- $base_url = NV_BASE_SITEURL . "index.php?" . NV_LANG_VARIABLE . "=" . NV_LANG_DATA . "&" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=getcomment&list_comment=" . $id;
-
- $today = mktime( 0, 0, 0, date( "n" ), date( "j" ), date( "Y" ) );
- $yesterday = $today - 86400;
-
- while ( $row = $db->sql_fetchrow( $result ) )
- {
- $post_name = $row['post_name'];
- if ( ! $row['post_id'] )
- {
- $post_name .= " (" . nv_EncodeEmail( $row['post_email'] ) . ", " . $row['post_ip'] . ")";
- $row['photo'] = "";
- }
- else
- {
- $row['post_email'] = ( $row['view_mail'] ) ? $row['email'] : "";
- $row['post_name'] = $row['full_name'];
- if ( defined( 'NV_IS_MODADMIN' ) )
- {
- if ( isset( $users[$row['post_id']] ) )
- {
- $users[$row['post_id']][] = ( int )$row['id'];
- }
- else
- {
- $users[$row['post_id']] = array(
- $row['id']
- );
- }
- $post_name = "<a href=\"" . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=users&" . NV_OP_VARIABLE . "=edit&userid=" . $row['post_id'] . "\">" . $post_name . "</a>";
- }
- }
-
- $post_time = ( int )$row['post_time'];
- if ( $post_time >= $today )
- {
- $post_time = $lang_module['today'] . ", " . date( "H:i", $post_time );
- }
- elseif ( $post_time >= $yesterday )
- {
- $post_time = $lang_module['yesterday'] . ", " . date( "H:i", $post_time );
- }
- else
- {
- $post_time = nv_date( "d/m/Y H:i", $post_time );
- }
-
- $admin_reply = "";
- if ( ! empty( $row['admin_id'] ) and ! empty( $row['admin_reply'] ) )
- {
- if ( defined( 'NV_IS_ADMIN' ) )
- {
- if ( isset( $admins[$row['admin_id']] ) )
- {
- $admins[$row['admin_id']][] = ( int )$row['id'];
- }
- else
- {
- $admins[$row['admin_id']] = array(
- $row['id']
- );
- }
- $admin_reply = $row['admin_reply'];
- }
- else
- {
- $admin_reply = $lang_module['comment_admin_note'] . ": " . $row['admin_reply'];
- }
- }
-
- $array[$row['id']] = array( //
- 'id' => ( int )$row['id'], //
- 'post_name' => $post_name, //
- 'post_email' => $row['post_email'], //
- 'photo' => $row['photo'], //
- 'post_ip' => $row['post_ip'], //
- 'post_time' => $post_time, //
- 'subject' => $row['subject'], //
- 'comment' => $row['comment'], //
- 'admin_reply' => $admin_reply, //
- 'edit_link' => NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=comment&edit=1&id=" . $row['id'], //
- 'del_link' => NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=" . $module_name . "&" . NV_OP_VARIABLE . "=comment"
- ); //
- }
-
- if ( ! empty( $users ) )
- {
- $in = array_keys( $users );
- $in = array_unique( $in );
- $in = implode( ",", $in );
-
- $query = "SELECT `view_mail`, `userid` FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid` IN (" . $in . ")";
- $result = $db->sql_query( $query );
- while ( list( $view_mail, $userid ) = $db->sql_fetchrow( $result ) )
- {
- if ( isset( $users[$userid] ) )
- {
- foreach ( $users[$userid] as $id )
- {
- if ( ! empty( $array[$id]['post_email'] ) and ( defined( 'NV_IS_ADMIN' ) or $view_mail ) )
- {
- $array[$id]['post_email'] = nv_EncodeEmail( $array[$id]['post_email'] );
- $array[$id]['post_name'] .= " (" . $array[$id]['post_email'] . ", " . $array[$id]['post_ip'] . ")";
- }
- else
- {
- $array[$id]['post_email'] = "";
- }
- }
- }
- }
- }
-
- if ( ! empty( $admins ) )
- {
- $in = array_keys( $admins );
- $in = array_unique( $in );
- $in = implode( ",", $in );
-
- $query = "SELECT `userid` AS admin_id, `username` AS admin_login, `full_name` AS admin_name FROM `" . NV_USERS_GLOBALTABLE . "` WHERE `userid` IN (" . $in . ")";
- $result = $db->sql_query( $query );
- while ( list( $admin_id, $admin_login, $admin_name ) = $db->sql_fetchrow( $result ) )
- {
- $admin_name = ! empty( $admin_name ) ? $admin_name : $admin_login;
-
- if ( isset( $admins[$admin_id] ) )
- {
- foreach ( $admins[$admin_id] as $id )
- {
- $array[$id]['admin_reply'] = $lang_module['comment_admin_note'] . " <a href=\"" . NV_BASE_ADMINURL . "index.php?" . NV_NAME_VARIABLE . "=authors&id=" . $admin_id . "\">" . $admin_name . "</a>: " . $array[$id]['admin_reply'];
- }
- }
- }
- }
- $generate_page = nv_generate_page( $base_url, $all_page, $per_page, $page, true, true, 'nv_urldecode_ajax', 'list_comments' );
- }
- $contents = show_comment( $array, $generate_page );
- die( $contents );
- }
- }
-
- die( $lang_module['comment_error7'] );
- }
- ?>