login now or create a new account.","\n"; } if(!isset($_REQUEST['appId'])) { errorpage('Internal Database Access Error'); exit; } if(!isset($_REQUEST['versionId'])) { $_REQUEST['versionId'] = 0; } if(!isset($_REQUEST['thread'])) { $_REQUEST['thread'] = 0; } ############################ # ADDS COMMENT TO DATABASE # ############################ if(isset($_REQUEST['body'])) { $hostname = get_remote(); $subject = strip_tags($_REQUEST['subject']); $subject = mysql_escape_string($subject); $body1 = mysql_escape_string($_REQUEST['body']); // get current userid $userId = $_SESSION['current']->userid; $result = query_appdb("INSERT INTO appComments VALUES (NOW(), null, '".$_REQUEST['thread']."','". $_REQUEST['appId']."', '".$_REQUEST['versionId']."', $userId, '$hostname', '$subject', ". "'$body1', 0)"); if ($result) { if (isset($_REQUEST['originator'])) { if (UserWantsEmail($_REQUEST['originator'])) { $email = lookupEmail($_REQUEST['originator']); $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $ms .= APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n"; $ms .= "\n"; $ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." added comment to ".$fullAppName."\n"; $ms .= "\n"; $ms .= "Subject: ".$subject."\n"; $ms .= "\n"; $ms .= $_REQUEST['body']."\n"; $ms .= "\n"; $ms .= "------- You are receiving this mail because: -------\n"; $ms .= "Someone posted a comment in responce to your comment\n"; $ms .= "to change your preverences go to: http://appdb.winehq.org/preferences.php\n"; mail(stripslashes($email), "[AppDB] (Comment Reply): ".$fullAppName ,$ms); addmsg("Comment message sent to original poster", "green"); } } $email = getNotifyEmailAddressList($_REQUEST['appId'], $_REQUEST['versionId']); if($email) { $fullAppName = "Application: ".lookupAppName($_REQUEST['appId'])." Version: ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $ms = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n"; $ms .= "\n"; $ms .= $_SESSION['current']->username." added comment to ".$fullAppName."\n"; $ms .= "\n"; $ms .= "Subject: ".$subject."\n"; $ms .= "\n"; $ms .= $_REQUEST['body']."\n"; $ms .= "\n"; $ms .= STANDARD_NOTIFY_FOOTER; mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms); } else { $email = "no one"; } addmsg("mesage sent to: ".$email, "green"); addmsg("New Comment Posted", "green"); } redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); } ################################ # USER WANTS TO SUBMIT COMMENT # ################################ else if(loggedin()) { apidb_header("Add Comment"); $mesTitle = "Post New Comment"; if($_REQUEST['thread']) { $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']); $ob = mysql_fetch_object($result); if($ob) { $mesTitle = "Replying To ... $ob->subject\n"; $originator = $ob->userId; echo html_frame_start($ob->subject,500); echo htmlify_urls($ob->body), "

\n"; echo html_frame_end(); } } echo ""; } ?>

From:	".$_SESSION['current']->username."
Subject:
".$_REQUEST['body']."
\n"; echo " \n"; echo " \n"; echo "