Changeset 78
- Timestamp:
- Sep 7, 2003, 11:33:36 PM (21 years ago)
- Location:
- trunk
- Files:
-
- 2 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/admin/comments.php
r61 r78 85 85 { 86 86 $vtp->addSession( $sub, 'comment' ); 87 $vtp->setVar( $sub, 'comment.author', $subrow['author'] ); 87 $author = $subrow['author']; 88 if ( $subrow['author'] == '' ) $author = $lang['guest']; 89 $vtp->setVar( $sub, 'comment.author', $author ); 88 90 $displayed_date = format_date( $subrow['date'], 'unix', true ); 89 91 $vtp->setVar( $sub, 'comment.date', $displayed_date ); -
trunk/picture.php
r66 r78 541 541 if ( isset( $_POST['content'] ) and $_POST['content'] != '' ) 542 542 { 543 $author = $user['username']; 543 $register_comment = true; 544 545 if ( !$user['is_the_guest'] ) $author = $user['username']; 544 546 if ( $_POST['author'] != '' ) $author = $_POST['author']; 545 546 // anti-flood system 547 $reference_date = time() - $conf['anti-flood_time']; 548 $query = 'SELECT id'; 549 $query.= ' FROM '.PREFIX_TABLE.'comments'; 550 $query.= ' WHERE date > '.$reference_date; 551 $query.= " AND author = '".$author."'"; 552 $query.= ';'; 553 if ( mysql_num_rows( mysql_query( $query ) ) == 0 554 or $conf['anti-flood_time'] == 0 ) 555 { 556 $query = 'INSERT INTO '.PREFIX_TABLE.'comments'; 557 $query.= ' (author,date,image_id,content,validated) VALUES'; 558 $query.= " ('".$author."',".time().",".$page['id']; 559 $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'"; 560 if ( !$conf['comments_validation'] or $user['status'] == 'admin' ) 561 $query.= ",'true'"; 547 // if a guest try to use the name of an already existing user, he must 548 // be rejected 549 if ( isset( $author ) and $author != $user['username'] ) 550 { 551 $query = 'SELECT COUNT(*) AS user_exists'; 552 $query.= ' FROM '.PREFIX_TABLE.'users'; 553 $query.= " WHERE username = '".$author."'"; 554 $query.= ';'; 555 $row = mysql_fetch_array( mysql_query( $query ) ); 556 if ( $row['user_exists'] == 1 ) 557 { 558 $vtp->addSession( $handle, 'information' ); 559 $message = $lang['comment_user_exists']; 560 $vtp->setVar( $handle, 'information.content', $message ); 561 $vtp->closeSession( $handle, 'information' ); 562 $register_comment = false; 563 } 564 } 565 566 if ( $register_comment ) 567 { 568 // anti-flood system 569 $reference_date = time() - $conf['anti-flood_time']; 570 $query = 'SELECT id'; 571 $query.= ' FROM '.PREFIX_TABLE.'comments'; 572 $query.= ' WHERE date > '.$reference_date; 573 $query.= " AND author = '".$author."'"; 574 $query.= ';'; 575 if ( mysql_num_rows( mysql_query( $query ) ) == 0 576 or $conf['anti-flood_time'] == 0 ) 577 { 578 $query = 'INSERT INTO '.PREFIX_TABLE.'comments'; 579 $query.= ' (author,date,image_id,content,validated) VALUES'; 580 $query.= ' ('; 581 if ( !isset( $author ) ) $query.= 'NULL'; 582 else $query.= "'".$author."'"; 583 $query.= ','.time().','.$page['id']; 584 $query.= ",'".htmlspecialchars( $_POST['content'], ENT_QUOTES)."'"; 585 if ( !$conf['comments_validation'] or $user['status'] == 'admin' ) 586 $query.= ",'true'"; 587 else 588 $query.= ",'false'"; 589 $query.= ');'; 590 mysql_query( $query ); 591 // information message 592 $vtp->addSession( $handle, 'information' ); 593 $message = $lang['comment_added']; 594 if ( $conf['comments_validation'] and $user['status'] != 'admin' ) 595 { 596 $message.= '<br />'.$lang['comment_to_validate']; 597 } 598 $vtp->setVar( $handle, 'information.content', $message ); 599 $vtp->closeSession( $handle, 'information' ); 600 } 562 601 else 563 $query.= ",'false'";564 $query.= ');';565 mysql_query( $query );566 // information message567 $vtp->addSession( $handle, 'information' );568 $message = $lang['comment_added'];569 if ( $conf['comments_validation'] and $user['status'] != 'admin' )570 602 { 571 $message.= '<br />'.$lang['comment_to_validate']; 603 // information message 604 $vtp->addSession( $handle, 'information' ); 605 $message = $lang['comment_anti-flood']; 606 $vtp->setVar( $handle, 'information.content', $message ); 607 $vtp->closeSession( $handle, 'information' ); 572 608 } 573 $vtp->setVar( $handle, 'information.content', $message );574 $vtp->closeSession( $handle, 'information' );575 }576 else577 {578 // information message579 $vtp->addSession( $handle, 'information' );580 $message = $lang['comment_anti-flood'];581 $vtp->setVar( $handle, 'information.content', $message );582 $vtp->closeSession( $handle, 'information' );583 609 } 584 610 } … … 636 662 { 637 663 $vtp->addSession( $handle, 'comment' ); 638 $vtp->setVar( $handle, 'comment.author', $row['author'] ); 664 $author = $row['author']; 665 if ( $row['author'] == '' ) $author = $lang['guest']; 666 $vtp->setVar( $handle, 'comment.author', $author ); 639 667 $vtp->setVar( $handle, 'comment.date', 640 668 format_date( $row['date'], 'unix', true ) );
Note: See TracChangeset
for help on using the changeset viewer.