OSI-Certified logo

Source code of file usercomment.php
from the Content Management module for Phprojekt.

<?php
// Content Management System module for PHProjekt (CMS4P).
// Copyright 2002-2005 by Mario A. Valdez-Ramirez
// http://www.mariovaldez.net/

// This program is free software; you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation; either version 2 of the License, or
// (at your option) any later version.

// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.

// You should have received a copy of the GNU General Public License
// along with this program; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place - Suite 330, 
// Boston, MA 02111-1307, USA.

// You can contact Mario A. Valdez-Ramirez by email 
// at mario@mariovaldez.org or paper mail at 
// Olmos 809, San Nicolas, NL. 66495, Mexico.

//session_start();
$path_pre="../";
include_once (
$path_pre "cm/cm_anon.inc.php");
$include_path $path_pre "lib/lib.inc.php";
include_once 
$include_path;
include_once (
$path_pre "cm/cm_lib.inc.php");
fcm_load_secdb ($cm_security);
echo 
$cm_html_header;




function 
cm_firsttimeform () {
  global 
$cm_text$cm_docpath;
  global 
$cm_title$cm_path$cm_comment$row1;
  global 
$user_kurz$user_group$timezone$groups$cm_langua;
  
$cm_pub_date fcm_curdate_string ();
  echo 
"<form class=\"cms\" action=\"usercomment.php\" method=\"post\">";
  
$cm_authornames fcm_user_names ($user_kurz);
  echo 
"<span class=\"inputname\">{$cm_text["commentfrom"]}:</span> <span class=\"pseudoinput\">" fcm_htmlentity ($cm_authornames[1] . " " $cm_authornames[2]) . "</span><br>
  <input type=\"hidden\" name=\"cm_uauthor\" value=\"
$user_kurz\">";
  echo 
"<span class=\"inputname\">{$cm_text["postedin"]}:</span> <span class=\"pseudoinput\">$cm_pub_date</span><br>
  <input type=\"hidden\" name=\"cm_pub_date\" value=\"
$cm_pub_date\">
  <input type=\"hidden\" name=\"cm_viewer_group\" value=\"
$row1[1]\">
  <span class=\"inputname\">
{$cm_text["title"]}:</span><br>
  <input class=\"cms\" type=\"text\" name=\"cm_title\" size=\"40\" maxlength=\"255\" value=\"
$cm_title\"><br>
  <input type=\"hidden\" name=\"cm_path\" value=\"
$cm_path\">
  <span class=\"inputname\">
{$cm_text["comment"]}:</span> 
  (<span class=\"pseudoinput\">
{$cm_text["dontusehtml"]} <a class=\"cms\" href=\"$cm_docpath/$cm_langua.edithelp.php\" target=\"_blank\">{$cm_text["awmvariant"]}</a>).</span><br>
  <textarea class=\"cms\" cols=\"100\" rows=\"10\" name=\"cm_comment\">
$cm_comment</textarea><br>
  <input class=\"cms\" type=\"submit\" name=\"cm_post\" value=\"
{$cm_text["postcomment"]}\">
  <input class=\"cms\" type=\"submit\" name=\"cm_preview\" value=\"
{$cm_text["preview"]}\">
  </form>\n
  "
;
}


function 
cm_createdtimeform () {
  global 
$cm_text$cm_docpath$cm_langua;
  global 
$cm_pub_date$cm_uauthor$cm_viewer_group;
  global 
$cm_title$cm_path$cm_comment$cm_uauthor;
  echo 
"
  <form class=\"cms\" action=\"usercomment.php\" method=\"post\">\n
  <input type=\"hidden\" name=\"cm_path\" value=\"
$cm_path\">\n
  <input type=\"hidden\" name=\"cm_uauthor\" value=\"
$user_kurz\">
  <input type=\"hidden\" name=\"cm_pub_date\" value=\"
$cm_pub_date\">
  <input type=\"hidden\" name=\"cm_viewer_group\" value=\"
$cm_viewer_group\">
  <span class=\"inputname\">
{$cm_text["title"]}:</span><br>
  <input class=\"cms\" type=\"text\" name=\"cm_title\" size=\"40\" maxlength=\"255\" value=\"
$cm_title\"><br>
  <span class=\"inputname\">
{$cm_text["comment"]}:</span> <span class=\"pseudoinput\">({$cm_text["dontusehtml"]} <a class=\"cms\" href=\"$cm_docpath/$cm_langua.edithelp.php\" target=\"_blank\">{$cm_text["awmvariant"]}</a>).</span><br>
  <textarea class=\"cms\" cols=\"100\" rows=\"10\" name=\"cm_comment\">
$cm_comment</textarea><br>
  <input class=\"cms\" type=\"submit\" name=\"cm_confirmedpost\" value=\"
{$cm_text["postcomment"]}\">\n
  <input class=\"cms\" type=\"submit\" name=\"cm_preview\" value=\"
{$cm_text["preview"]}\">
  <input class=\"cms\" type=\"submit\" name=\"cm_canceledpost\" value=\"
{$cm_text["cancelposting"]}\">\n
  </form>\n
  "
;
}



if (
$cm_path) {
  if (
fcm_can_becommented ($cm_path)) {
    if (
$cm_confirmedpost) {
      if (
fcm_check_constraints (CM_SEC_COMMEN$user_kurz$cm_path)) {
        if (
$cm_title) {
          
$cm_title fcm_truncate_string (fcm_htmlentity ($cm_title), 255);
        }
        else {
          
$cm_title fcm_unspecialchars ($cm_text["untitled"]);
        }
        if (
$cm_comment) {
          
$cm_comment fcm_htmlentity ($cm_comment);
        }
        else {
          
$cm_comment fcm_unspecialchars ($cm_text["emptycomment"]);
        }
        
$cm_pub_date fcm_curdate_string ();
        
$result2 db_query("insert into " CM_DB_PREFIX "cmcomments3 values($dbIDnull,'" CM_HITTYPE_PAGE "','$cm_path','$cm_title','$user_kurz','$cm_pub_date','$cm_comment')") or db_die();
        if (
$cm_resethits_aftercomment) {
          
fcm_reset_updatedvisit ($cm_pathCM_HITTYPE_PAGE);
        }
        
$cm_validops fcm_check_validops ($user_kurz$cm_path);
        
fcm_title_nav2 ($cm_path$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], ($cm_validops[CM_SEC_COMMEN] && fcm_can_becommented ($cm_path)), $cm_validops[CM_SEC_DISPLA], fcm_user_is_superuser($user_kurz), ($cm_validops[CM_SEC_COMMEN] && fcm_can_berated ($cm_path)));
        
fcm_message ($cm_text["postedcomment"], CM_MSGSTYLE_INFORMATION);
        
fcm_add_logentry (""$user_kurzCM_APPLOG_POST_COMMENT"Comment posted to $cm_path.");
      }
      else {
        
fcm_title_nav2 (""falsefalsefalsefalsefalsefalsefalse);
        
fcm_message ($cm_text["needaccesstopost"], CM_MSGSTYLE_WARNING);
        
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when posintg comment. Not enough permissions.");
      }
    }
    elseif (
$cm_post) {
//      if (get_magic_quotes_gpc ()) {
        
$cm_title stripslashes ($cm_title);
        
$cm_comment stripslashes ($cm_comment);
//      }
      
$cm_validops fcm_check_validops ($user_kurz$cm_path);
      
fcm_title_nav2 ($cm_path$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], ($cm_validops[CM_SEC_COMMEN] && fcm_can_becommented ($cm_path)), $cm_validops[CM_SEC_DISPLA], fcm_user_is_superuser($user_kurz), ($cm_validops[CM_SEC_COMMEN] && fcm_can_berated ($cm_path)));
      
fcm_message ("{$cm_text["confirmpostingon"]} $cm_path{$cm_text["oncepostedcantdel"]}"CM_MSGSTYLE_QUESTION);
      
cm_createdtimeform ();
    }
    elseif (
$cm_canceledpost) {
      
$cm_validops fcm_check_validops ($user_kurz$cm_path);
      
fcm_title_nav2 ($cm_path$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], ($cm_validops[CM_SEC_COMMEN] && fcm_can_becommented ($cm_path)), $cm_validops[CM_SEC_DISPLA], fcm_user_is_superuser($user_kurz), ($cm_validops[CM_SEC_COMMEN] && fcm_can_berated ($cm_path)));
      
fcm_message ($cm_text["canceledposting"], CM_MSGSTYLE_INFORMATION);
    }
    elseif (
$cm_preview) {
      
$cm_validops fcm_check_validops ($user_kurz$cm_path);
      
fcm_title_nav2 ($cm_path$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], ($cm_validops[CM_SEC_COMMEN] && fcm_can_becommented ($cm_path)), $cm_validops[CM_SEC_DISPLA], fcm_user_is_superuser($user_kurz), ($cm_validops[CM_SEC_COMMEN] && fcm_can_berated ($cm_path)));
//      if (get_magic_quotes_gpc ()) {
        
$cm_title stripslashes ($cm_title);
        
$cm_comment stripslashes ($cm_comment);
//      }
      
$cm_title fcm_truncate_string (fcm_htmlentity ($cm_title), 255);
      
cm_createdtimeform ();
      echo 
"<p>&nbsp;</p><TABLE BORDER=\"1\" CELLPADDING=\"5\" CELLSPACING=\"0\"><TR><TD class=\"previewcontent\">";
      echo 
fcm_process_markup (fcm_htmlentity ($cm_comment), $cm_pathfalse);
      echo 
"</TD></TR></TABLE>";
    }
    else {
      
$result1 db_query("select cmdb_directory, cmdb_viewer_group from " CM_DB_PREFIX "content3 where cmdb_directory like '$cm_path'") or db_die();
      
$row1 db_fetch_row($result1);
      if (
$row1[0]) {
        if (
fcm_check_constraints (CM_SEC_COMMEN$user_kurz$cm_path)) {
          
$cm_validops fcm_check_validops ($user_kurz$cm_path);
          
fcm_title_nav2 ($cm_path$cm_validops[CM_SEC_CREATE], $cm_validops[CM_SEC_DELETE], $cm_validops[CM_SEC_CHANGE], $cm_validops[CM_SEC_DISPLA], ($cm_validops[CM_SEC_COMMEN] && fcm_can_becommented ($cm_path)), $cm_validops[CM_SEC_DISPLA], fcm_user_is_superuser($user_kurz), ($cm_validops[CM_SEC_COMMEN] && fcm_can_berated ($cm_path)));
          
fcm_message ("{$cm_text["writingcommenton"]} $cm_path."CM_MSGSTYLE_INFORMATION);
          
cm_firsttimeform ();
        }
        else {
          
fcm_title_nav2 ($cm_pathfalsefalsefalsefalsefalsefalsefalse);
          
fcm_message ($cm_text["needaccesstopost"], CM_MSGSTYLE_WARNING);
          
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when posting comment. Not enough permissions.");
        }
      }
      else {
        
fcm_title_nav2 (""falsefalsefalsefalsefalsefalsefalse);
        
fcm_message ($cm_text["dirnotfound"], CM_MSGSTYLE_ERROR);
        
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when posting comment. Not enough permissions.");
      }
    }
  }
  else {
    
fcm_title_nav2 ($cm_pathfalsefalsefalsefalsefalsefalsefalse);
    
fcm_message ($cm_text["commentsdisabled"], CM_MSGSTYLE_WARNING);
    
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when posting comment. User comments are disabled for this page.");
  }
}
else {
  
fcm_title_nav2 (""falsefalsefalsefalsefalsefalsefalse);
  
fcm_message ($cm_text["dirnotfound"], CM_MSGSTYLE_ERROR);
  
fcm_add_logentry (""$user_kurzCM_APPLOG_ERROR"Error when posting comment. Dir not found.");
}


echo 
$cm_html_footer;
?>

 
 
NA fum/lmd: 2004.09.16
Copyright ©1994-2018 by Mario A. Valdez-Ramírez.
no siga este enlace / do not follow this link