if (!defined("IN_FUSION")) { header("Location:../index.php"); exit; } include LOCALE.LOCALESET."comments.php"; function showcomments($ctype,$cdb,$ccol,$cid,$clink) { global $settings,$locale,$userdata,$aidlink; if (isset($_POST['post_comment']) && (iMEMBER || ($settings['guestposts'] == "1" && check_captcha($_POST['captcha_encode'], $_POST['captcha_code'])))) { $flood = false; if (dbrows(dbquery("SELECT $ccol FROM ".DB_PREFIX."$cdb WHERE $ccol='$cid'"))==0) { fallback(BASEDIR."index.php"); } if (iMEMBER) { $comment_name = $userdata['user_id']; } elseif ($settings['guestposts'] == "1") { $comment_name = trim(stripinput($_POST['comment_name'])); $comment_name = preg_replace("(^[0-9]*)", "", $comment_name); if (isNum($comment_name)) $comment_name=""; } $comment_message = trim(stripinput(censorwords($_POST['comment_message']))); $comment_smileys = isset($_POST['disable_smileys']) ? "0" : "1"; if ($comment_name != "" && $comment_message != "") { $result = dbquery("SELECT MAX(comment_datestamp) AS last_comment FROM ".DB_PREFIX."comments WHERE comment_ip='".USER_IP."'"); if (!iSUPERADMIN || dbrows($result) > 0) { $data = dbarray($result); if ((time() - $data['last_comment']) < $settings['flood_interval']) { $flood = true; $result = dbquery("INSERT INTO ".DB_PREFIX."flood_control (flood_ip, flood_timestamp) VALUES ('".USER_IP."', '".time()."')"); if (dbcount("(flood_ip)", "flood_control", "flood_ip='".USER_IP."'") > 4) { if (iMEMBER) $result = dbquery("UPDATE ".DB_PREFIX."users SET user_status='1' WHERE user_id='".$userdata['user_id']."'"); } } } if (!$flood) $result = dbquery("INSERT INTO ".DB_PREFIX."comments (comment_item_id, comment_type, comment_name, comment_message, comment_smileys, comment_datestamp, comment_ip) VALUES ('$cid', '$ctype', '$comment_name', '$comment_message', '$comment_smileys', '".time()."', '".USER_IP."')"); } redirect($clink); } tablebreak(); opentable($locale['c100']); $result = dbquery( "SELECT tcm.*,user_name FROM ".DB_PREFIX."comments tcm LEFT JOIN ".DB_PREFIX."users tcu ON tcm.comment_name=tcu.user_id WHERE comment_item_id='$cid' AND comment_type='$ctype' ORDER BY comment_datestamp ASC" ); if (dbrows($result) != 0) { $i = 0; echo "\n"; while ($data = dbarray($result)) { echo "\n\n\n"; $i++; } if (checkrights("C")) echo "\n\n\n"; echo "

\n"; if ($data['user_name']) { echo "".$data['user_name'].""; } else { echo $data['comment_name']; } if ($data['comment_smileys'] == "1") { $comment_message = parsesmileys($data['comment_message']); } else { $comment_message = $data['comment_message']; } $comment_message = nl2br(parseubb($comment_message)); echo "\n".$locale['041'].showdate("longdate", $data['comment_datestamp'])."
\n"; echo $comment_message."

\n"; } else { echo $locale['c101']."\n"; } closetable(); tablebreak(); opentable($locale['c102']); if (iMEMBER || $settings['guestposts'] == "1") { echo "