<?php
class cocoCOMMENTER
{
function lastComment($cocodb,$pageid,$scope,$comments)
{
global $COCO_CONF_VARS;
if($comments > 0)
{
$query = "SELECT c.id as cid, c.name as cname, c.title as ctitle, ";
$query.= "c.email as cemail, a.lasttime as ctime from ";
$query.= "$COCO_CONF_VARS[TBCOMMENT] as c, $COCO_CONF_VARS[TBACCESS] as a WHERE ";
if($scope=="page")
{
$query.= "c.pgid='$pageid' AND ";
}
$query.= "c.acid=a.id ORDER BY ctime DESC LIMIT 0,1;";
$answer = $cocodb -> db_query($query);
if($result= $cocodb -> db_fetch_array($answer))
{
return $result;
}
}
}
// If we receive a comment, we need to process it and add
// it to the database
// returns true on success
function enterComment($cocodb,$pgid,$paid,$acid)
{
global $COCO_CONF_VARS;
global $COCO_STRINGS;
global $HTTP_POST_VARS;
// Add some shortcuts
$cname = $HTTP_POST_VARS[name];
$ctitle = $HTTP_POST_VARS[title];
$cemail = $HTTP_POST_VARS[email];
$curl = $HTTP_POST_VARS[url];
$ctext = $HTTP_POST_VARS[text];
$creplies = $HTTP_POST_VARS[replies];
$errorstring = "";
// Begin processing the forms input ...
if($cname==""){$cname=$COCO_STRINGS[ANONYMOUS];}
if($ctitle==""){$ctitle=$COCO_STRINGS[NOTITLE];}
if($COCO_CONF_VARS[REQUIREMAIL]=="yes")
{
if($cemail=="")
{
$errorstring .= "$COCO_STRINGS[REQ_NOEMAIL]\n<br>";
} else {
$validator = new email_validation_class;
$validator -> timeout = 10;
if($validator->ValidateEmailBox($cemail)!=1)
{
$errorstring .= "$COCO_STRINGS[FAILEDEMAIL]\n<br>";
}
}
} else {
if($cemail==""){$cemail=$COCO_STRINGS[NOEMAIL];}
}
if($COCO_CONF_VARS[REQUIRETEXT]=="yes")
{
if($ctext=="")
{ $errorstring .= "$COCO_STRINGS[REQ_TEXT]\n<br>";}
} else {
if($ctext==""){$ctext=$COCO_STRINGS[NOTEXT];}
}
if($errorstring!="")
{
$this -> errors .= $errorstring;
return false;
}
if(empty($creplies))
{ $creplies = "no";} else { $creplies = "yes";}
// Remove all unwanted HTML from all variables ...
$allowedtags = $COCO_CONF_VARS[ALLOWED_TAGS];
$cname = strip_tags($cname, $allowedtags);
$ctitle = strip_tags($ctitle, $allowedtags);
$cemail = strip_tags($cemail, $allowedtags);
$curl = strip_tags($curl, $allowedtags);
$ctext = strip_tags($ctext, $allowedtags);
// Now the input should be fine.
// Now: If there is a parent comment and the author
// requested an email to be sent for replies to his
// comment we have to do this now:
$query = "SELECT replies,name,email,title FROM";
$query.= " $COCO_CONF_VARS[TBCOMMENT] WHERE id='$paid';";
if($answer = $cocodb -> db_query($query))
{
if($result = $cocodb -> db_fetch_array($answer))
{
if($result[replies]=="yes")
{
$mailtext = "$COCO_STRINGS[MAILSTART]\n \n$ctext";
mail( $result[email],
"Re: [phpMyCoCo] $result[title]",
$mailtext,
"From: phpMyCoCo <$COCO_CONF_VARS[COCOEMAIL]>\n"
. "Reply-To: $cname <$cemail>");
}
}
}
// Insert Comment into TBCOMMENT
$query = "INSERT INTO $COCO_CONF_VARS[TBCOMMENT] ";
$query.= "(id,pgid,paid,acid,name,title,email,url,text,replies) ";
$query.= "VALUES ('','$pgid','$paid','$acid','$cname',";
$query.= "'$ctitle','$cemail','$curl','$ctext','$creplies');";
$cocodb -> db_query($query);
// Do not forget to add 1 to #comments in TBCOUNTER
$query = "UPDATE $COCO_CONF_VARS[TBCOUNTER] ";
$query.= "SET comments=1+comments WHERE id=$pgid;";
$cocodb -> db_query($query);
return true;
}
}
?>
|