last update: Mon, 05 Sep 2011 17:16:56 +0000
  1. <?
  2. require_once('add_smarty.php');
  3. require_once("session.php");
  4. require_once('mysql_cfg.php');
  5. require_once('bbcode.php');
  7. /*
  8. CREATE TABLE `comments` (
  9. `id` INT NOT NULL AUTO_INCREMENT ,
  10. `topicid` INT NOT NULL,
  11. `userid` INT NOT NULL ,
  12. `username` VARCHAR( 100 ) NOT NULL ,
  13. `datum` DATETIME NOT NULL ,
  14. `text` LONGTEXT NOT NULL ,
  15. PRIMARY KEY ( `id` ) ,
  16. INDEX ( `datum` )
  17. ) TYPE = innodb;
  18. */
  20. function unescape_string($s)
  21. {
  22. $r = $s;
  23. //$r = str_replace('&', '&', $r);
  24. //$r = str_replace('<', '<', $r);
  25. //$r = str_replace('>', '>', $r);
  28. $r = str_replace('\\"', '"', $r);
  29. $r = str_replace("\\'", "'", $r);
  30. $r = str_replace('\\\\', '\\', $r);
  32. //$r = str_replace('\\"', '\\"', $r);
  34. return $r;
  35. }
  37. function getip()
  38. {
  39. if (isSet($_SERVER))
  40. {
  41. if (isSet($_SERVER["HTTP_X_FORWARDED_FOR"]))
  42. {
  43. $realip = $_SERVER["HTTP_X_FORWARDED_FOR"];
  44. }
  45. elseif (isSet($_SERVER["HTTP_CLIENT_IP"]))
  46. {
  47. $realip = $_SERVER["HTTP_CLIENT_IP"];
  48. }
  49. else {
  50. $realip = $_SERVER["REMOTE_ADDR"];
  51. }
  52. }
  53. else
  54. {
  55. if ( getenv( 'HTTP_X_FORWARDED_FOR' ) )
  56. {
  57. $realip = getenv( 'HTTP_X_FORWARDED_FOR' );
  58. }
  59. elseif ( getenv( 'HTTP_CLIENT_IP' ) )
  60. {
  61. $realip = getenv( 'HTTP_CLIENT_IP' );
  62. }
  63. else {
  64. $realip = getenv( 'REMOTE_ADDR' );
  65. }
  66. }
  67. return $realip;
  68. }
  71. function make_ago_timer2 ($_seconds)
  72. {
  73. $seconds =intval($_seconds);
  74. if ($seconds > (60*60*24) )
  75. {
  76. $i = intval($seconds / (60*60*24));
  77. return ($i > 1) ? "$i Tagen" : "einem Tag";
  78. }
  79. elseif ($seconds > (60*60) )
  80. {
  81. $i = intval($seconds / (60*60));
  82. return ($i > 1) ? "$i Stunden" : "einer Stunde";
  83. }
  84. elseif ($seconds > (60) )
  85. {
  86. $i = intval($seconds / (60));
  87. return ($i > 1) ? "$i Minuten" : "einer Minute";
  88. }
  89. else
  90. {
  91. $i = intval($seconds);
  92. return ($i > 1) ? "$i Sekunden" : "einer Sekunde";
  93. }
  94. }
  96. function get_topic_comment_count($topic)
  97. {
  98. $query = 'SELECT count(*) as c FROM comments WHERE topicid = '.$topic.';';
  99. $row = mysql_fetch_array(mysql_query($query));
  100. return $row['c'];
  101. }
  103. function add_page_switcher($topic, $cur_from, $posts_per_page = 10)
  104. {
  106. $count = get_topic_comment_count($topic);
  107. $i = 0;
  108. $comment_pages = array();
  109. while ($i*$posts_per_page < $count)
  110. {
  111. $i++;
  112. $comment_pages[] = array("i" => $i, "from" => ($i-1)*$posts_per_page, "count" => $posts_per_page, "current" => (($i-1)*$posts_per_page == $cur_from));
  113. }
  114. global $smarty;
  115. $smarty->assign('comment_pages', $comment_pages);
  116. }
  119. function add_comments($topic, $from = 0, $count = 10)
  120. {
  121. $query = 'SELECT *, UNIX_TIMESTAMP(NOW())- UNIX_TIMESTAMP(datum) as diff_datum FROM comments WHERE topicid = '.$topic.' ORDER BY datum DESC LIMIT '.$from.', '.$count.';';
  122. $data = mysql_query($query);
  123. $comments = array();
  124. while ($row = mysql_fetch_array($data))
  125. {
  126. $comments[] = array_merge($row,array(
  127. "ago_time" => make_ago_timer2($row['diff_datum']),
  128. "parsed_text" => bbcode_parse(unescape_string($row['text']))));
  129. //$comments[] = array_merge($row,array("ago_time" => make_ago_timer2($row['diff_datum']), "parsed_text" => "<pre>".htmlspecialchars($row['text'])."</pre>"));
  130. }
  131. global $smarty;
  132. $smarty->assign('comments', $comments);
  134. add_page_switcher($topic, $from);
  135. }
  137. if (isset($_POST['ajax']))
  138. {
  139. $action = $_POST['ajax'];
  142. if ($action == "addcomments")
  143. {
  145. $topic = intval($_POST['topic']);
  146. $from = intval($_POST['from']);
  147. $count = intval($_POST['count']);
  150. /*
  151. CREATE TABLE `comments` (
  152. `id` INT NOT NULL AUTO_INCREMENT ,
  153. `topicid` INT NOT NULL,
  154. `userid` INT NOT NULL ,
  155. `username` VARCHAR( 100 ) NOT NULL ,
  156. `datum` DATETIME NOT NULL ,
  157. `text` LONGTEXT NOT NULL ,
  158. PRIMARY KEY ( `id` ) ,
  159. INDEX ( `datum` )
  160. ) TYPE = innodb;
  161. */
  162. $user = session_get_user_secure();
  163. $userid = 0;
  164. $username = "";
  165. $ip = "";
  166. $hostname = "";
  167. $time_left = 0;
  168. $guest_comment_delay = 60*3;
  169. $guest_comment_delay = 0;
  170. $captchacorrect = true;
  171. if ($user)
  172. {
  173. $userid = $user['id'];
  174. $username = $user['name'];
  175. }
  176. else
  177. {
  178. die("Gast-Kommentare sind wegen Spam-Problemen momentan deaktiviert."); $username = "Gast ( ".mysql_escape_string(htmlspecialchars($_POST['username']))." )";
  179. $ip = mysql_real_escape_string(getip());
  180. $hostname = gethostbyaddr($ip);
  181. $query = 'SELECT (UNIX_TIMESTAMP(`datum`)+'.$guest_comment_delay.' - UNIX_TIMESTAMP(NOW())) as time FROM comments WHERE `ip` = "'.$ip.'" AND UNIX_TIMESTAMP(`datum`) > UNIX_TIMESTAMP(NOW())-'.$guest_comment_delay.' ORDER BY `datum` DESC;';
  182. $row = mysql_fetch_array(mysql_query($query));
  183. echo mysql_error();
  184. if ($row)
  185. {
  186. $time_left = $row['time'];
  188. }
  190. //captcha
  191. $captcha = "";
  192. if (isset($_POST['captcha']))
  193. {
  194. $captcha = $_POST['captcha'];
  195. }
  196. if (strtolower($captcha) != strtolower($_SESSION['captcha']))
  197. {
  198. $captchacorrect = false;
  199. }
  200. else
  201. {
  202. $_SESSION['captcha'] = "";
  203. }
  204. }
  208. //$text = mysql_escape_string(nl2br(htmlspecialchars($_POST['text'])));
  210. $text = mysql_escape_string($_POST['text']);
  211. $text = trim($text);
  212. $text = str_replace("Â"," ",$text);
  215. if ($time_left > 0)
  216. {
  217. if ($_POST['method'] == "ajax")
  218. {
  219. echo "<span class=\"error\">Du darfst als Gast nicht so schnell Kommentare posten. Bitte warte noch $time_left Skeunden</span>";
  220. add_comments($topic, 0, $count);
  221. $smarty->assign('draw_comments_form', false);
  222. $smarty->display('comments.tpl');
  223. }
  224. }
  225. elseif (!$captchacorrect)
  226. {
  227. if ($_POST['method'] == "ajax")
  228. {
  229. echo "<span class=\"error\">Der eingegebene Captcha-Code war falsch.</span>";
  230. add_comments($topic, 0, $count);
  231. $smarty->assign('draw_comments_form', false);
  232. $smarty->display('comments.tpl');
  233. }
  234. }
  235. else
  236. {
  237. if (!$text)
  238. {
  239. if ($_POST['method'] == "ajax")
  240. {
  241. echo '<span class="error">Kein Text eingegeben.</span>';
  242. add_comments($topic, 0, $count);
  243. $smarty->assign('draw_comments_form', false);
  244. $smarty->display('comments.tpl');
  245. }
  246. }
  247. else
  248. {
  249. //check for spam
  250. /*
  251. require_once("add_akismet.php");
  252. #
  253. $akismet->setCommentAuthor($username);
  254. $akismet->setCommentContent($text);
  255. $akismet->setPermalink('http://peq.bplaced.de/');
  256. //$akismet->setUserIP($ip);
  257. $akismet->setCommentType("comment");
  258. $is_spam = 0;
  262. if($akismet->isCommentSpam())
  263. {
  264. $is_spam = 1;
  265. }
  266. */
  267. $is_spam = 0;
  268. //
  270. $query = 'INSERT INTO comments (`topicid`, `userid`, `username`, `datum`, `text`, `ip`, `host`, `spam`)
  271. VALUES("'.$topic.'", "'.$userid.'", "'.$username.'", NOW(), "'.$text.'", "'.$ip.'", "'.$hostname.'","'.($is_spam*100).'")
  272. ;';
  273. $data = mysql_query($query);
  274. echo mysql_error();
  276. if ($_POST['method'] == "ajax")
  277. {
  278. add_comments($topic, 0, $count);
  280. $smarty->assign('draw_comments_form', false);
  281. $smarty->display('comments.tpl');
  282. }
  283. }
  284. }
  286. }
  287. }
  288. if (isset($_GET['ajax']))
  289. {
  290. $action = $_GET['ajax'];
  291. if ($action == "changepage")
  292. {
  293. $from = isset($_GET['from'] ) ? intval($_GET['from']) : 0;
  294. $count = isset($_GET['count']) ? intval($_GET['count']) : 10;
  295. $topic = isset($_GET['topic']) ? intval($_GET['topic']) : 0;
  296. add_comments($topic, $from, $count);
  297. $smarty->assign('draw_comments_form', false);
  298. $smarty->display('comments.tpl');
  299. }
  300. }
  302. $additional_headers[] = '<link rel="stylesheet" type="text/css" href="bbcode.css" />';
  303. $smarty->assign('additional_headers', $additional_headers);
  305. ?>

goto line:
Compare with:
text copy window edit this code post new code