⭐ 欢迎来到虫虫下载站! | 📦 资源下载 📁 资源专辑 ℹ️ 关于我们
⭐ 虫虫下载站
📤 上传资源

📄 edit_comment.php

📁 一个全功能的国外博客商业程序
💻 PHP
字号:
🔍 
<?
include "header.php";
if(isset($_POST['task'])) { $task = $_POST['task']; } elseif(isset($_GET['task'])) { $task = $_GET['task']; } else { $task = "main"; }

//SET PRIVACY SETTINGS
if($is_admin_logged_in == "yes") {
$privacy = "AND (privacy='0' OR privacy='1' OR privacy='2' OR privacy='3')";
} elseif($member_info[u_id] == $user_info[u_id]) {
$privacy = "AND (privacy='0' OR privacy='1' OR privacy='2' OR privacy='3')";
} elseif($group_info[allow_members] == "1" & mysql_num_rows(mysql_query("SELECT m_id FROM bhost_members WHERE u_id='$user_info[u_id]' AND member_u_id='$member_info[u_id]'")) == "1") {
$privacy = "AND (privacy='1' OR privacy='2' OR privacy='3')";
} elseif($is_logged_in == "yes") {
$privacy = "AND (privacy='2' OR privacy='3')";
} else {
$privacy = "AND privacy='3'";
}

// IF PRIVACY FEATURE IS DISABLED BY ADMIN
if($group_info[allow_privacy] != 1) {
$privacy = "AND (privacy='0' OR privacy='1' OR privacy='2' OR privacy='3')";
}


if(isset($_POST['task'])) { $task = $_POST['task']; } elseif(isset($_GET['task'])) { $task = $_GET['task']; } else { $task = "main"; }
if(isset($_POST['e_id'])) { $e_id = $_POST['e_id']; } elseif(isset($_GET['e_id'])) { $e_id = $_GET['e_id']; } else { exit(); }
if(isset($_POST['c_id'])) { $c_id = $_POST['c_id']; } elseif(isset($_GET['c_id'])) { $c_id = $_GET['c_id']; } else { exit(); }
if(mysql_num_rows(mysql_query("SELECT e_id FROM bhost_entries WHERE e_id='$e_id' AND u_id='$user_info[u_id]' $privacy")) != 1) { exit(); }
if(mysql_num_rows(mysql_query("SELECT c_id FROM bhost_comments WHERE c_id='$c_id' AND e_id='$e_id' AND u_id='$user_info[u_id]'")) != 1) { exit(); }
$entry_info = mysql_fetch_assoc(mysql_query("SELECT * FROM bhost_entries WHERE e_id='$e_id' AND u_id='$user_info[u_id]' $privacy"));
$comment_info = mysql_fetch_assoc(mysql_query("SELECT * FROM bhost_comments WHERE c_id='$c_id' AND e_id='$e_id' AND u_id='$user_info[u_id]'"));


$is_error = "no";
$error = "";
if($group_info[allow_members] == "1" & $user_info[show_comments] == "1" & $member_info[u_id] != $user_info[u_id] & $is_admin_logged_in != "yes" & ($is_logged_in == "no" | mysql_num_rows(mysql_query("SELECT m_id FROM bhost_members WHERE u_id='$user_info[u_id]' AND member_u_id='$member_info[u_id]'")) != "1")) {
  $is_error = "yes";
  $error = "<b>$edit_comment1</b><br>$edit_comment2 <a href='login.php?u=$user_info[username]&e_id=$e_id&c_id=$c_id&ref=3'>$edit_comment3</a>.";
  $icon = "./images/key.gif";
} elseif($user_info[show_comments] == "2" & $is_logged_in == "no" & $is_admin_logged_in != "yes") {
  $is_error = "yes";
  $error = "<b>$edit_comment1</b><br>$edit_comment4 <a href='login.php?u=$user_info[username]&e_id=$e_id&c_id=$c_id&ref=3'>$edit_comment3</a>.";
  $icon = "./images/key.gif";
} elseif($entry_info[comments] == "0") {
  $is_error = "yes";
  $error = "<b>$edit_comment5</b><br>$edit_comment6";
  $icon = "./images/error.gif";
} elseif($group_info[allow_comments] == "0" | $user_info[show_comments] == "0") { 
  $is_error = "yes"; 
  $error = "<b>$edit_comment5</b><br>$edit_comment7"; 
  $icon = "./images/error.gif";
} elseif(($user_info[manage_comments] == "0" | $user_info[manage_comments] == "2") & $user_info[u_id] != $member_info[u_id] & $is_admin_logged_in != "yes") {
  $is_error = "yes"; 
  $error = "<b>$edit_comment8</b><br>$edit_comment9"; 
  $icon = "./images/error.gif";
} elseif($is_logged_in != "yes" & $is_admin_logged_in != "yes") {
  $is_error = "yes";
  $error = "<b>$edit_comment1</b><br>$edit_comment4 <a href='login.php?u=$user_info[username]&e_id=$e_id&c_id=$c_id&ref=3'>$edit_comment3</a>.";
  $icon = "./images/key.gif";
} elseif($member_info[username] != $comment_info[username] & $user_info[u_id] != $member_info[u_id] & $is_admin_logged_in != "yes") {
  $is_error = "yes"; 
  $error = "<b>$edit_comment1</b><br>$edit_comment10 <a href='login.php?u=$user_info[username]&e_id=$e_id&c_id=$c_id&ref=3'>$edit_comment3</a>"; 
  $icon = "./images/key.gif";
}


if($is_error == "yes") {
echo $head;
echo "
<div class='float' style='padding-right: 2px;'><img src='$icon' border='0'></div>
<div>$error</div>
";
echo $foot;
exit();
}



if($task == "cancel") {
$url = url("entry", "$user_info[username]", "$e_id", "", "", "#c$c_id");
header("Location: $url");
exit();
}




if($task == "doedit") {
$is_error = "no";
$error = "";

if($is_logged_in == "yes" & $is_admin_logged_in != "yes") { $username = "<a href=\'".url("profile", "$member_info[username]")."\'>$member_info[username]</a>"; } else { $username = $member_info[username]; }
$title = htmlspecialchars($_POST['title'], ENT_QUOTES);
$contents = str_replace("\n", "<br>", htmlspecialchars($_POST['contents'], ENT_QUOTES));
$nickname = $_POST['nickname'];

if(str_replace(" ", "", $title) == "") { $title = "<i>$edit_comment11</i>"; }
if(str_replace(" ", "", $contents) == "") {
 $is_error = "yes";
 $error = "$edit_comment12";
 $icon = "./images/error.gif";
}

if($is_error == "yes") {
echo $head;
echo "
<div class='float' style='padding-right: 2px;'><img src='$icon' border='0'></div>
<div>$error</div>
";
echo $foot;
exit();
}

// CENSOR BAD WORDS
$bad_words = explode(",", trim($admin_info[banned_badwords]));
$bad_words_replace = explode(",", trim($admin_info[banned_badwords_replace]));
$contents = str_replace($bad_words, $bad_words_replace, $contents);
$title = str_replace($bad_words, $bad_words_replace, $title);

$contents .= "<!--StartEdit--><br><br><font style=\'font-size: 8pt;\'><i>$edit_comment20 $username $edit_comment21 ".date("$user_info[format_date]", time())." $edit_comment22 ".date("$user_info[format_time]", time())."</i></font><!--EndEdit-->";
mysql_query("UPDATE bhost_comments SET username='$nickname', title='$title', contents='$contents' WHERE u_id='$user_info[u_id]' AND e_id='$e_id' AND c_id='$c_id'");
$url = url("entry", "$user_info[username]", "$e_id", "", "", "#c$c_id");
header("Location: $url");
exit();
}



$comment_info[contents] = str_replace("<br>", "\n", $comment_info[contents]);
$comment_info[contents] = str_replace("<!--StartEdit-->".between("<!--StartEdit-->", "<!--EndEdit-->", $comment_info[contents])."<!--EndEdit-->", "", $comment_info[contents]);

echo $head;
echo "
<script language=\"JavaScript\" type=\"text/javascript\">
<!--
function fill() {
window.document.preview.contents.value = window.document.info.contents.value;
window.document.preview.title.value = window.document.info.title.value;
if(window.document.info.nickname) {
window.document.preview.nickname.value = window.document.info.nickname.value;
}
}
//-->
</script>
<h2>$edit_comment13</h2>
<br>
<form action='edit_comment.php' method='POST' name='info'>
<table cellpadding='0' cellspacing='0'>
<tr>
<td valign='top' align='right' style='padding-top: 2px;'>$edit_comment14 &nbsp;</td>
<td>

<table cellpadding='0' cellspacing='0'>
<tr>
<td><input type='radio' name='from' value='1' CHECKED></td>
<td>"; if($comment_info[author_u_id] == "0") { if($comment_info[username] == "<b>Administrator</b>") { echo "$comment_info[username]"; } else { echo "<input type='text' name='nickname' value='$comment_info[username]'>"; } } else { echo "Registered User: <b>$comment_info[username]</b>"; } echo " 
</td>
</tr>
</table></td></tr>

<tr>
<td colspan='2'>&nbsp;</td>
<tr>
<td align='right' style='padding-right: 10px;'>$edit_comment15</td>
<td><input type='text' class='text' name='title' maxlength='255' size='60' value='$comment_info[title]'></td>
</tr>
<tr>
<td align='right' valign='top' style='padding-right: 10px;'>$edit_comment16</td>
<td><textarea rows='8' cols='80' name='contents'>$comment_info[contents]</textarea></td>
</tr>
</table>

<br>

<table cellpadding='0' cellspacing='0'>
<tr>
<td>
<input type='submit' class='button' value='$edit_comment17'>&nbsp;
<input type='hidden' name='task' value='doedit'>
<input type='hidden' name='u' value='$user_info[username]'>
<input type='hidden' name='e_id' value='$e_id'>
<input type='hidden' name='c_id' value='$c_id'>
<input type='hidden' name='IP' value='".$_SERVER['REMOTE_ADDR']."'>
</td>
</form>
<form action='previewcomment.php#c$c_id' method='POST' target='_blank' name='preview'>
<td>
<input type='submit' name='submit' class='button' value='$edit_comment18' onClick='fill();'>&nbsp;
<input type='hidden' name='from' value='1'>
<input type='hidden' name='nickname' value=''>
<input type='hidden' name='title' value=''>
<input type='hidden' name='contents' value=''>
<input type='hidden' name='u' value='$user_info[username]'>
<input type='hidden' name='e_id' value='$e_id'>
<input type='hidden' name='c_id' value='$c_id'>
</td>
</form>
<form action='post_comment.php' method='POST'>
<td>
<input type='submit' class='button' value='$edit_comment19'>
<input type='hidden' name='task' value='cancel'>
<input type='hidden' name='u' value='$user_info[username]'>
<input type='hidden' name='e_id' value='$e_id'>
<input type='hidden' name='c_id' value='$c_id'>
</td>
</form>
</tr>
</table>
";




echo $foot;
?>

⌨️ 快捷键说明

复制代码 Ctrl + C
搜索代码 Ctrl + F
全屏模式 F11
切换主题 Ctrl + Shift + D
显示快捷键 ?
增大字号 Ctrl + =
减小字号 Ctrl + -