last update: Mon, 05 Sep 2011 17:16:56 +0000
  1. <?
  2. require_once('add_smarty.php');
  3. require_once("session.php");
  4. require_once('mysql_cfg.php');
  5. require_once('bbcode.php');
  6. /*
  7. CREATE TABLE `comments` (
  8. `id` INT NOT NULL AUTO_INCREMENT ,
  9. `topicid` INT NOT NULL,
  10. `userid` INT NOT NULL ,
  11. `username` VARCHAR( 100 ) NOT NULL ,
  12. `datum` DATETIME NOT NULL ,
  13. `text` LONGTEXT NOT NULL ,
  14. PRIMARY KEY ( `id` ) ,
  15. INDEX ( `datum` )
  16. ) TYPE = innodb;
  17. */
  18. function unescape_string($s)
  19. {
  20. $r = $s;
  21. //$r = str_replace('&', '&', $r);
  22. //$r = str_replace('<', '<', $r);
  23. //$r = str_replace('>', '>', $r);
  24. $r = str_replace('\\"', '"', $r);
  25. $r = str_replace("\\'", "'", $r);
  26. $r = str_replace('\\\\', '\\', $r);
  27. //$r = str_replace('\\"', '\\"', $r);
  28. return $r;
  29. }
  30. function getip()
  31. {
  32. if (isSet($_SERVER))
  33. {
  34. if (isSet($_SERVER["HTTP_X_FORWARDED_FOR"]))
  35. {
  36. $realip = $_SERVER["HTTP_X_FORWARDED_FOR"];
  37. }
  38. elseif (isSet($_SERVER["HTTP_CLIENT_IP"]))
  39. {
  40. $realip = $_SERVER["HTTP_CLIENT_IP"];
  41. }
  42. else {
  43. $realip = $_SERVER["REMOTE_ADDR"];
  44. }
  45. }
  46. else
  47. {
  48. if ( getenv( 'HTTP_X_FORWARDED_FOR' ) )
  49. {
  50. $realip = getenv( 'HTTP_X_FORWARDED_FOR' );
  51. }
  52. elseif ( getenv( 'HTTP_CLIENT_IP' ) )
  53. {
  54. $realip = getenv( 'HTTP_CLIENT_IP' );
  55. }
  56. else {
  57. $realip = getenv( 'REMOTE_ADDR' );
  58. }
  59. }
  60. return $realip;
  61. }
  62. function make_ago_timer2 ($_seconds)
  63. {
  64. $seconds =intval($_seconds);
  65. if ($seconds > (60*60*24) )
  66. {
  67. $i = intval($seconds / (60*60*24));
  68. return ($i > 1) ? "$i Tagen" : "einem Tag";
  69. }
  70. elseif ($seconds > (60*60) )
  71. {
  72. $i = intval($seconds / (60*60));
  73. return ($i > 1) ? "$i Stunden" : "einer Stunde";
  74. }
  75. elseif ($seconds > (60) )
  76. {
  77. $i = intval($seconds / (60));
  78. return ($i > 1) ? "$i Minuten" : "einer Minute";
  79. }
  80. else
  81. {
  82. $i = intval($seconds);
  83. return ($i > 1) ? "$i Sekunden" : "einer Sekunde";
  84. }
  85. }
  86. function get_topic_comment_count($topic)
  87. {
  88. $query = 'SELECT count(*) as c FROM comments WHERE topicid = '.$topic.';';
  89. $row = mysql_fetch_array(mysql_query($query));
  90. return $row['c'];
  91. }
  92. function add_page_switcher($topic, $cur_from, $posts_per_page = 10)
  93. {
  94. $count = get_topic_comment_count($topic);
  95. $i = 0;
  96. $comment_pages = array();
  97. while ($i*$posts_per_page < $count)
  98. {
  99. $i++;
  100. $comment_pages[] = array("i" => $i, "from" => ($i-1)*$posts_per_page, "count" => $posts_per_page, "current" => (($i-1)*$posts_per_page == $cur_from));
  101. }
  102. global $smarty;
  103. $smarty->assign('comment_pages', $comment_pages);
  104. }
  105. function add_comments($topic, $from = 0, $count = 10)
  106. {
  107. $query = 'SELECT *, UNIX_TIMESTAMP(NOW())- UNIX_TIMESTAMP(datum) as diff_datum FROM comments WHERE topicid = '.$topic.' ORDER BY datum DESC LIMIT '.$from.', '.$count.';';
  108. $data = mysql_query($query);
  109. $comments = array();
  110. while ($row = mysql_fetch_array($data))
  111. {
  112. $comments[] = array_merge($row,array(
  113. "ago_time" => make_ago_timer2($row['diff_datum']),
  114. "parsed_text" => bbcode_parse(unescape_string($row['text']))));
  115. //$comments[] = array_merge($row,array("ago_time" => make_ago_timer2($row['diff_datum']), "parsed_text" => "<pre>".htmlspecialchars($row['text'])."</pre>"));
  116. }
  117. global $smarty;
  118. $smarty->assign('comments', $comments);
  119. add_page_switcher($topic, $from);
  120. }
  121. if (isset($_POST['ajax']))
  122. {
  123. $action = $_POST['ajax'];
  124. if ($action == "addcomments")
  125. {
  126. $topic = intval($_POST['topic']);
  127. $from = intval($_POST['from']);
  128. $count = intval($_POST['count']);
  129. /*
  130. CREATE TABLE `comments` (
  131. `id` INT NOT NULL AUTO_INCREMENT ,
  132. `topicid` INT NOT NULL,
  133. `userid` INT NOT NULL ,
  134. `username` VARCHAR( 100 ) NOT NULL ,
  135. `datum` DATETIME NOT NULL ,
  136. `text` LONGTEXT NOT NULL ,
  137. PRIMARY KEY ( `id` ) ,
  138. INDEX ( `datum` )
  139. ) TYPE = innodb;
  140. */
  141. $user = session_get_user_secure();
  142. $userid = 0;
  143. $username = "";
  144. $ip = "";
  145. $hostname = "";
  146. $time_left = 0;
  147. $guest_comment_delay = 60*3;
  148. $guest_comment_delay = 0;
  149. $captchacorrect = true;
  150. if ($user)
  151. {
  152. $userid = $user['id'];
  153. $username = $user['name'];
  154. }
  155. else
  156. {
  157. die("Gast-Kommentare sind wegen Spam-Problemen momentan deaktiviert."); $username = "Gast ( ".mysql_escape_string(htmlspecialchars($_POST['username']))." )";
  158. $ip = mysql_real_escape_string(getip());
  159. $hostname = gethostbyaddr($ip);
  160. $query = 'SELECT (UNIX_TIMESTAMP(`datum`)+'.$guest_comment_delay.' - UNIX_TIMESTAMP(NOW())) as time FROM comments WHERE `ip` = "'.$ip.'" AND UNIX_TIMESTAMP(`datum`) > UNIX_TIMESTAMP(NOW())-'.$guest_comment_delay.' ORDER BY `datum` DESC;';
  161. $row = mysql_fetch_array(mysql_query($query));
  162. echo mysql_error();
  163. if ($row)
  164. {
  165. $time_left = $row['time'];
  166. }
  167. //captcha
  168. $captcha = "";
  169. if (isset($_POST['captcha']))
  170. {
  171. $captcha = $_POST['captcha'];
  172. }
  173. if (strtolower($captcha) != strtolower($_SESSION['captcha']))
  174. {
  175. $captchacorrect = false;
  176. }
  177. else
  178. {
  179. $_SESSION['captcha'] = "";
  180. }
  181. }
  182. //$text = mysql_escape_string(nl2br(htmlspecialchars($_POST['text'])));
  183. $text = mysql_escape_string($_POST['text']);
  184. $text = trim($text);
  185. $text = str_replace(""," ",$text);
  186. if ($time_left > 0)
  187. {
  188. if ($_POST['method'] == "ajax")
  189. {
  190. echo "<span class=\"error\">Du darfst als Gast nicht so schnell Kommentare posten. Bitte warte noch $time_left Skeunden</span>";
  191. add_comments($topic, 0, $count);
  192. $smarty->assign('draw_comments_form', false);
  193. $smarty->display('comments.tpl');
  194. }
  195. }
  196. elseif (!$captchacorrect)
  197. {
  198. if ($_POST['method'] == "ajax")
  199. {
  200. echo "<span class=\"error\">Der eingegebene Captcha-Code war falsch.</span>";
  201. add_comments($topic, 0, $count);
  202. $smarty->assign('draw_comments_form', false);
  203. $smarty->display('comments.tpl');
  204. }
  205. }
  206. else
  207. {
  208. if (!$text)
  209. {
  210. if ($_POST['method'] == "ajax")
  211. {
  212. echo '<span class="error">Kein Text eingegeben.</span>';
  213. add_comments($topic, 0, $count);
  214. $smarty->assign('draw_comments_form', false);
  215. $smarty->display('comments.tpl');
  216. }
  217. }
  218. else
  219. {
  220. //check for spam
  221. /*
  222. require_once("add_akismet.php");
  223. #
  224. $akismet->setCommentAuthor($username);
  225. $akismet->setCommentContent($text);
  226. $akismet->setPermalink('http://peq.bplaced.de/');
  227. //$akismet->setUserIP($ip);
  228. $akismet->setCommentType("comment");
  229. $is_spam = 0;
  230. if($akismet->isCommentSpam())
  231. {
  232. $is_spam = 1;
  233. }
  234. */
  235. $is_spam = 0;
  236. //
  237. $query = 'INSERT INTO comments (`topicid`, `userid`, `username`, `datum`, `text`, `ip`, `host`, `spam`)
  238. VALUES("'.$topic.'", "'.$userid.'", "'.$username.'", NOW(), "'.$text.'", "'.$ip.'", "'.$hostname.'","'.($is_spam*100).'")
  239. ;';
  240. $data = mysql_query($query);
  241. echo mysql_error();
  242. if ($_POST['method'] == "ajax")
  243. {
  244. add_comments($topic, 0, $count);
  245. $smarty->assign('draw_comments_form', false);
  246. $smarty->display('comments.tpl');
  247. }
  248. }
  249. }
  250. }
  251. }
  252. if (isset($_GET['ajax']))
  253. {
  254. $action = $_GET['ajax'];
  255. if ($action == "changepage")
  256. {
  257. $from = isset($_GET['from'] ) ? intval($_GET['from']) : 0;
  258. $count = isset($_GET['count']) ? intval($_GET['count']) : 10;
  259. $topic = isset($_GET['topic']) ? intval($_GET['topic']) : 0;
  260. add_comments($topic, $from, $count);
  261. $smarty->assign('draw_comments_form', false);
  262. $smarty->display('comments.tpl');
  263. }
  264. }
  265. $additional_headers[] = '<link rel="stylesheet" type="text/css" href="bbcode.css" />';
  266. $smarty->assign('additional_headers', $additional_headers);
  267. ?>

goto line:
Compare with:
text copy window edit this code post new code