isLoggedIn()) { apidb_header("Please login"); echo "To submit a comment for an application you must be logged in. Please login now or create a new account.","\n"; exit; } if(!is_numeric($_REQUEST['appId'])) { errorpage('Internal Database Access Error'); exit; } if(!is_numeric($_REQUEST['versionId'])) { $_REQUEST['versionId'] = 0; } if(!is_numeric($_REQUEST['thread'])) { $_REQUEST['thread'] = 0; } ############################ # ADDS COMMENT TO DATABASE # ############################ if(isset($_REQUEST['body'])) { $hostname = get_remote(); // get current userid $userId = $_SESSION['current']->userid; $aInsert = compile_insert_string(array( 'parentId' => $_REQUEST['thread'], 'appId' => $_REQUEST['appId'], 'versionId' => $_REQUEST['versionId'], 'userId' => $userId, 'hostname' => $hostname, 'subject' => $_REQUEST['subject'], 'body' => $_REQUEST['body'])); $result = query_appdb("INSERT INTO appComments (`time`, {$aInsert['FIELDS']}) VALUES (NOW(), {$aInsert['VALUES']})"); if ($result) { $sEmail = $oOriginator->sEmail; $sFullAppName = "Comment added to ".lookupAppName($_REQUEST['appId'])." ".lookupVersionName($_REQUEST['appId'], $_REQUEST['versionId']); $sMsg = APPDB_ROOT."appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'].".\n"; $sMsg .= "\n"; $sMsg .= $_SESSION['current']->sRealname." added comment to ".$sFullAppName."\n"; $sMsg .= "\n"; $sMsg .= "Subject: ".$_REQUEST['subject']."\n"; $sMsg .= $_REQUEST['body']."\n"; $oOriginator = new User($_REQUEST['originator']); if ($oOriginator->wantsEmail()) { mail_appdb($sEmail, $sFullAppName ,$sMsg); addmsg("Comment message sent to original poster", "green"); } $sEmail = get_notify_email_address_list($_REQUEST['appId'], $_REQUEST['versionId']); if($sEmail) { mail_appdb($sEmail, $sFullAppName ,$sMsg); } addmsg("New comment posted.", "green"); } redirect(apidb_fullurl("appview.php?appId=".$_REQUEST['appId']."&versionId=".$_REQUEST['versionId'])); } ################################ # USER WANTS TO SUBMIT COMMENT # ################################ else { apidb_header("Add Comment"); $mesTitle = "Post New Comment"; if($_REQUEST['thread'] > 0) { $result = query_appdb("SELECT * FROM appComments WHERE commentId = ".$_REQUEST['thread']); $ob = mysql_fetch_object($result); if($ob) { $mesTitle = "Replying To ... $ob->subject\n"; $originator = $ob->userId; echo html_frame_start($ob->subject,500); echo htmlify_urls($ob->body), "

\n"; echo html_frame_end(); } } echo "

\n"; echo html_frame_start($mesTitle,500,"",0); echo '',"\n"; echo "\n"; echo " \n"; echo "\n"; echo " \n"; echo "\n"; echo "\n"; echo "

From:	".$_SESSION['current']->sRealname."
Subject:
".$_REQUEST['body']."
\n"; echo " \n"; echo " \n"; echo "

\n"; echo html_frame_end(); echo "\n"; echo "\n"; echo "\n"; if (isset($_REQUEST['thread'])) { echo "\n"; } echo "

"; } ?>