-
Notifications
You must be signed in to change notification settings - Fork 1
/
getnewcomments.php
112 lines (92 loc) · 3.39 KB
/
getnewcomments.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
<link rel="stylesheet" type="text/css" href="thatshouldbeacomic.css" />
<?php
//PHP SCRIPT: getcomments.php
session_start();
require_once 'config.php';
$step = 5;
$ses_email = $_SESSION['email'];
$fileName= strip_tags($_GET['fileName']);
$order= strip_tags($_GET['order']);
$page = strip_tags($_GET['page']);
$goBack = $_SESSION['lastPage'];
$toSend = "SELECT `comments`.ImgID, `comments`.CommentID, `comments`.CommentDate, `comments`.Comment, "
." `User`.DisplayName, `User`.Email FROM `comments`,`User` "
." WHERE `User`.Email = `comments`.Email "
." AND `User`.UserLevelID > 0 "
." ORDER BY `comments`.CommentDate DESC ";
$connect = mysql_connect("localhost", $GLOBALS['DB_FULLUSER'], $GLOBALS['DB_PASSWORD']) or die("Couldn't connect!");
mysql_select_db($GLOBALS['DB_NAME']) or die ("couldn't find db!");
$query = mysql_query($toSend) or die ("Query problem");
echo "\n <br />";
$totnumrows = mysql_num_rows($query);
if ($totnumrows!=1)
{
echo "$totnumrows comments submitted <br />\n";
}
else
{
echo "$totnumrows comment submitted <br />\n";
}
if (($totnumrows>0)&&($totnumrows<=5))
{
while ($row = mysql_fetch_assoc($query))
{
$imgID = $row['ImgID'];
$commentid= $row['CommentID'];
$date = $row['CommentDate'];
$comment = $row['Comment'];
$displayName = $row['DisplayName'];
$dbemail = $row['Email'];
echo "\n<table class=\"comment\" border=\"0\">";
echo "\n<tr> <td><span class=\"comments\"> $comment </span> ";
echo "\n<br /><span class=\"username\"> $displayName on $date";
if ($dbemail==$ses_email)
{ echo "<br><a href='editcomment.php?id=$commentid'>edit</a>"; }
echo "</span><span class='small'><a href='showimg.php?image=$imgID'>view comment</a></span> </td> </tr>";
echo "\n</table></a><br />";
}
}
else if ($totnumrows>5)
{
/*echo "\n<table class=\"comment\" border=\"0\">";
echo "\n<tr>"; */
$toSend .= "LIMIT 0 , 5";
$page = ceil($totnumrows/5);
$connect = mysql_connect("localhost", $GLOBALS['DB_FULLUSER'], $GLOBALS['DB_PASSWORD']) or die("Couldn't connect!");
mysql_select_db($GLOBALS['DB_NAME']) or die ("couldn't find db!");
$query = mysql_query($toSend) or die("Comment with limit query problem! Couldn't send $toSend");
$numrows= mysql_num_rows($query);
/* for ($i=0; $i<$totnumrows; $i+=$step)
{
echo "\n<td>";
if (($i/$step)==$page-1)
echo "<span class=\"small\">>>></span>";
echo "<a href='getcomments.php?page=" . ($i/$step+1) . "&imgID=$imgID'>Page ". ($i/$step+1) ."</a>";
if (($i/$step)==$page-1)
echo "<span class=\"small\"><<<</span>";
echo "\n</td>";
}
echo "\n</tr>";
echo "\n</table><br />"; */
while ($row = mysql_fetch_assoc($query))
{
$imgID = $row['ImgID'];
$commentid= $row['CommentID'];
$date = $row['CommentDate'];
$comment = $row['Comment'];
$displayName = $row['DisplayName'];
$dbemail = $row['Email'];
echo "\n<table class=\"comment\" border=\"0\">";
echo "\n<tr> <td><span class=\"comments\"> $comment </span> ";
echo "\n<span class=\"username\"><br /> $displayName on $date";
if ($dbemail==$ses_email)
{ echo "<br><a href='editcomment.php?id=$commentid'>edit</a>"; }
echo "</span><span class='small'><a href='showimg.php?image=$imgID'>view comment</a></span> </td> </tr>";
echo "\n</table><br />";
}
}
else
{
echo "\nNo comments have been posted";
}
?>