d3d9e853d9
- replaced <? with <?php for compatibility sake (see TODO and CODING_STANDARD to know more) - improved overall code lisibility
165 lines
5.2 KiB
PHP
165 lines
5.2 KiB
PHP
<?php
|
|
/********************************/
|
|
/* code to submit a new comment */
|
|
/********************************/
|
|
|
|
# APPLICATION ENVIRONMENT
|
|
include("path.php");
|
|
require(BASE."include/"."incl.php");
|
|
require(BASE."include/"."application.php");
|
|
|
|
// you must be logged in to submit comments
|
|
if(!loggedin())
|
|
{
|
|
unset($_REQUEST['body']);
|
|
apidb_header("Please login");
|
|
echo "To submit a comment for an application you must be logged in. Please <a href=\"account.php?cmd=login\">login now</a> or create a <a href=\"account.php?cmd=new\">new account</a>.","\n";
|
|
}
|
|
|
|
if(!isset($_REQUEST['appId']))
|
|
{
|
|
errorpage('Internal Database Access Error');
|
|
exit;
|
|
}
|
|
|
|
if(!$_REQUEST['versionId'])
|
|
{
|
|
$versionId = 0;
|
|
}
|
|
|
|
if(!$_REQUEST['thread'])
|
|
{
|
|
$thread = 0;
|
|
}
|
|
|
|
############################
|
|
# ADDS COMMENT TO DATABASE #
|
|
############################
|
|
if($_REQUEST[body])
|
|
{
|
|
$hostname = get_remote();
|
|
|
|
$subject = strip_tags($subject);
|
|
$subject = mysql_escape_string($subject);
|
|
$body1 = mysql_escape_string($body);
|
|
|
|
// get current userid
|
|
$userId = $_SESSION['current']->userid;
|
|
|
|
$result = mysql_query("INSERT INTO appComments VALUES (NOW(), null, $thread, ".
|
|
"$appId, $versionId, $userId, '$hostname', '$subject', ".
|
|
"'$body1', 0)");
|
|
|
|
if (!$result)
|
|
{
|
|
errorpage('Internal Database Access Error',mysql_error());
|
|
exit;
|
|
} else
|
|
{
|
|
if ($originator)
|
|
{
|
|
if (UserWantsEmail($originator))
|
|
{
|
|
$email = lookupEmail($originator);
|
|
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
|
|
$ms .= APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n";
|
|
$ms .= "\n";
|
|
$ms .= ($_SESSION['current']->username ? $_SESSION['current']->username : "Anonymous")." added comment to ".$fullAppName."\n";
|
|
$ms .= "\n";
|
|
$ms .= "Subject: ".$subject."\n";
|
|
$ms .= "\n";
|
|
$ms .= $body."\n";
|
|
$ms .= "\n";
|
|
$ms .= "------- You are receiving this mail because: -------\n";
|
|
$ms .= "Someone posted a comment in responce to your comment\n";
|
|
$ms .= "to change your preverences go to: http://appdb.winehq.org/preferences.php\n";
|
|
|
|
mail(stripslashes($email), "[AppDB] (Comment Reply): ".$fullAppName ,$ms);
|
|
|
|
addmsg("Comment message sent to original poster", "green");
|
|
}
|
|
}
|
|
$email = getNotifyEmailAddressList($appId, $versionId);
|
|
if($email)
|
|
{
|
|
$fullAppName = "Application: ".lookupAppName($appId)." Version: ".lookupVersionName($appId, $versionId);
|
|
$ms = APPDB_ROOT."appview.php?appId=$appId&versionId=$versionId"."\n";
|
|
$ms .= "\n";
|
|
$ms .= $_SESSION['current']->username." added comment to ".$fullAppName."\n";
|
|
$ms .= "\n";
|
|
$ms .= "Subject: ".$subject."\n";
|
|
$ms .= "\n";
|
|
$ms .= $body."\n";
|
|
$ms .= "\n";
|
|
$ms .= STANDARD_NOTIFY_FOOTER;
|
|
|
|
mail(stripslashes($email), "[AppDB] ".$fullAppName ,$ms);
|
|
} else
|
|
{
|
|
$email = "no one";
|
|
}
|
|
addmsg("mesage sent to: ".$email, green);
|
|
|
|
addmsg("New Comment Posted", "green");
|
|
redirect(apidb_fullurl("appview.php?appId=$appId&versionId=$versionId"));
|
|
}
|
|
}
|
|
|
|
################################
|
|
# USER WANTS TO SUBMIT COMMENT #
|
|
################################
|
|
else if(loggedin())
|
|
{
|
|
apidb_header("Add Comment");
|
|
|
|
$mesTitle = "<b>Post New Comment</b>";
|
|
|
|
if($_REQUEST['thread'])
|
|
{
|
|
$result = mysql_query("SELECT * FROM appComments WHERE commentId = $thread");
|
|
$ob = mysql_fetch_object($result);
|
|
if($ob)
|
|
{
|
|
$mesTitle = "<b>Replying To ...</b> $ob->subject\n";
|
|
$originator = $ob->userId;
|
|
echo html_frame_start($ob->subject,500);
|
|
echo htmlify_urls($ob->body), "<br /><br />\n";
|
|
echo html_frame_end();
|
|
}
|
|
}
|
|
|
|
echo "<form method=POST action='addcomment.php'>\n";
|
|
|
|
echo html_frame_start($mesTitle,500,"",0);
|
|
|
|
echo '<table width="100%" border=0 cellpadding=0 cellspacing=1>',"\n";
|
|
echo "<tr bgcolor=#E0E0E0><td align=right><b>From:</b> </td>\n";
|
|
echo " <td> ".$_SESSION['current']->username."</td></tr>\n";
|
|
echo "<tr bgcolor=#E0E0E0><td align=right><b>Subject:</b> </td>\n";
|
|
echo " <td> <input type=text size=35 name=subject value='$subject'> </td></tr>\n";
|
|
echo "<tr bgcolor=#C0C0C0><td colspan=2><textarea name=body cols=70 rows=15 wrap=virtual>$body</textarea></td></tr>\n";
|
|
echo "<tr bgcolor=#C0C0C0><td colspan=2 align=center>\n";
|
|
echo " <input type=SUBMIT value='Post Comment' class=button>\n";
|
|
echo " <input type=RESET value='Reset' class=button>\n";
|
|
echo "</td></tr>\n";
|
|
echo "</table>\n";
|
|
|
|
echo html_frame_end();
|
|
|
|
echo "<input type=HIDDEN name=thread value=$thread>\n";
|
|
echo "<input type=HIDDEN name=appId value=$appId>\n";
|
|
echo "<input type=HIDDEN name=versionId value=$versionId>\n";
|
|
if ($thread)
|
|
{
|
|
echo "<input type=HIDDEN name=originator value=$originator>\n";
|
|
}
|
|
echo "</form>";
|
|
}
|
|
?>
|
|
|
|
<p> </p>
|
|
|
|
<?
|
|
apidb_footer();
|
|
?>
|