-
Notifications
You must be signed in to change notification settings - Fork 1
/
getcomments.php
104 lines (94 loc) · 3.7 KB
/
getcomments.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
<?php session_start(); ?>
<!--<link rel="stylesheet" type="text/css" href="thatshouldbeacomic.css" />-->
<?php
//PHP SCRIPT: getcomments.
require_once 'config.php';
date_default_timezone_set("America/New_York");
$step = 5;
$ses_email = $_SESSION['email'];
$fileName= strip_tags($_GET['fileName']);
$order= strip_tags($_GET['order']);
$page = strip_tags($_GET['page']);
$imgID = strip_tags($_GET['imgID']);
$goBack = $_SESSION['lastPage'];
if ($imgID)
{
$toSend = "SELECT `comments`.CommentID, `comments`.CommentDate, `comments`.Comment,
`User`.DisplayName, `User`.Email FROM `comments`,`User`
WHERE `User`.Email = `comments`.Email
AND `comments`.ImgID = :imgID
AND `User`.UserLevelID > 0
ORDER BY `comments`.CommentDate ";
if ($order == "desc")
$toSend .= "$order \n";
$connect = connect_tsbac();
$stmt = $connect->prepare($toSend, $GLOBALS['PDO_ATTRIBS']);
$stmt->execute(array(':imgID'=>$imgID)) or errormail($ses_email,"Failed to execute query. getcomments.php","initial comment retrieval failed","failed to get comments");
$rows = $stmt->fetchAll();
$rowCt = $stmt->rowCount();
echo "\n <br />";
if ($rowCt>0 && $rowCt<=$step)
{
foreach ($rows as $row) {
$commentid= $row['CommentID'];
$date = $row['CommentDate'];
$comment = $row['Comment'];
$displayName = $row['DisplayName'];
$dbemail = $row['Email'];
echo "\n<table class=\"comment\" border=\"0\">";
echo "\n<tr> <td><span class=\"comments\"> $comment </span> ";
$date = date("M d Y h:i:s A.",strtotime($date));
echo "\n<span class=\"username\"><br /> $displayName on $date.";
if ($dbemail==$ses_email)
{ echo "<br><a href='#' onclick='editComment($commentid); return false;'>edit</a>"; }
echo "</span> </td> </tr>";
echo "\n</table><br />";
}
} else if ($rowCt>5) {
$startComment = $rowCt-5;
$toSend .= " LIMIT :startComment , :comments ;";
if (empty($page))
$page = ceil($rowCt/5.0);
else
$startComment = ($page - 1) * $step;
$connect = connect_tsbac();
$stmt = $connect->prepare($toSend, $GLOBALS['PDO_ATTRIBS']);
$stmt->bindValue(":imgID", $imgID, PDO::PARAM_STR);
$stmt->bindValue(":startComment", intval($startComment), PDO::PARAM_INT);
$stmt->bindValue(":comments", intval($step), PDO::PARAM_INT);
$stmt->execute() or errormail($ses_email,"Failed to execute query. getcomments.php","Possible limit query issue. ImageID: $imgID StartComment: $startComment Comments: $step Rows: $rowCt Page: $page SQL ERROR:" . print_r($stmt->errorInfo(),true), "failed to get comments");
$rows = $stmt->fetchAll();
echo "\n<table class=\"comment\" border=\"0\">";
echo "\n<tr>";
for ($i=0; $i<$rowCt; $i+=$step)
{
echo "\n<td>";
if (($i/$step)==$page-1)
echo "<span class=\"small\">>>></span>";
echo "<a href='#' onclick=\"loadData('comments', 'getcomments.php?page=" . ($i/$step+1) . "&imgID=$imgID'); return false;\">Page ". ($i/$step+1) ."</a>";
if (($i/$step)==$page-1)
echo "<span class=\"small\"><<<</span>";
echo "\n</td>";
}
echo "\n</tr>";
echo "\n</table><br />";
foreach ($rows as $row) {
$commentid= $row['CommentID'];
$date = $row['CommentDate'];
$comment = $row['Comment'];
$displayName = $row['DisplayName'];
$dbemail = $row['Email'];
echo "\n<table class=\"comment\" border=\"0\">";
echo "\n<tr> <td><span class=\"comments\"> $comment </span> ";
$date = date("M d Y h:i:s A.",strtotime($date));
echo "\n<span class=\"username\"><br /> $displayName on $date.";
if ($dbemail==$ses_email)
{ echo "<br><a href='#' onclick='editComment($commentid); return false;'>edit</a>"; }
echo "</span> </td> </tr>";
echo "\n</table><br />";
}
} else {
echo "\nNo comments have been posted";
}
}
?>