Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /************************************************************************/
- /* PHP-NUKE: Web Portal System */
- /* =========================== */
- /* */
- /* Copyright (c) 2002 by Francisco Burzi */
- /* http://phpnuke.org */
- /* */
- /* This program is free software. You can redistribute it and/or modify */
- /* it under the terms of the GNU General Public License as published by */
- /* the Free Software Foundation; either version 2 of the License. */
- /************************************************************************/
- if (!defined('CPG_NUKE')) {
- die ("You can't access this file directly...");
- }
- require_once("mainfile.php");
- $module_name = basename(dirname(__FILE__));
- get_lang($module_name);
- require_once("includes/nbbcode.php");
- if (!$rid && !$cid && !$scid) $pagetitle = "- Reviews";
- elseif ($cid) {
- $cid = intval($cid);
- $sql = "SELECT title FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $pagetitle = "- Reviews | " . $row['title'] . "";
- } elseif ($rid) {
- $rid = intval($rid);
- $sql = "SELECT cid, pagename FROM " . $prefix . "_MReviews WHERE rid='$rid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $sql = "SELECT title FROM " . $prefix . "_MReviews_cats WHERE cid='" . $row[cid] ."'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- $pagetitle = "- Reviews | " . $row2['title'] . " | " . $row['pagename'] . "";
- } elseif ($scid) {
- $scid = intval($scid);
- $sql = "SELECT cid, sub_title FROM " . $prefix . "_MReviews_sub_cats WHERE scid='$scid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $sql = "SELECT title FROM " . $prefix . "_MReviews_cats WHERE cid='".$row[cid]."'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- $pagetitle = "- Reviews | " . $row2['title'] ." | " .$row['sub_title'] . "";
- }
- include("header.php");
- // Customization Area Starts
- $sql = "SELECT review_image_url, guests_to_post, email_notify, max_results FROM " . $prefix . "_MReviews_conf";
- $result3 = $db->sql_query($sql);
- $row3 = $db->sql_fetchrow($result3);
- $review_image_url = $row3['review_image_url'];
- $guests_to_post = $row3['guests_to_post'];
- $email_notify = $row3['email_notify'];
- $max_results = $row3['max_results'];
- function alpha($scid)
- {
- global $module_name, $module_name, $db, $prefix;
- $alphabet = array ("A", "B", "C", "D", "E", "F", "G", "H", "I", "J", "K", "L", "M",
- "N", "O", "P", "Q", "R", "S", "T", "U", "V", "W", "X", "Y", "Z", "1", "2", "3", "4", "5", "6", "7", "8", "9", "0");
- $num = count($alphabet) - 1;
- $scid = intval($scid);
- echo "<center>[ ";
- $counter = 0;
- while (list(, $ltr) = each($alphabet)) {
- $ltr_num = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_MReviews WHERE (scid='$scid' && UPPER(pagename) LIKE '$ltr%')"));
- if ($ltr_num == 0) {
- $altr = "$ltr";
- } else {
- $altr = "<a title=\"$ltr_num Reviews\" href=\"" . getlink("$module_name&op=$ltr&scid=$scid") . "\"><b>$ltr</b></a>";
- }
- echo "$altr";
- if ($counter == round($num / 2)) {
- echo " ]\n<br>\n[ ";
- } elseif ($counter != $num) {
- echo " | \n";
- }
- $counter++;
- }
- echo " ]</center><br><br>\n\n\n";
- }
- function display_score($score)
- {
- $image = "<img src=\"images/MReviews/blue.gif\" alt=\"\">";
- $halfimage = "<img src=\"images/MReviews/bluehalf.gif\" alt=\"\">";
- $full = "<img src=\"images/MReviews/star.gif\" alt=\"\">";
- $notrated = "<img src=\"images/MReviews/NotRated.gif\" alt=\"\">";
- if ($score == 10) {
- echo "<img src=\"images/MReviews/10stars.gif\" alt=\"Top of All\" title=\"Excellent\">";
- } else if ($score == 9) {
- echo "<img src=\"images/MReviews/9stars.gif\" alt=\"Excellent\" title=\"Excellent\">";
- } else if ($score == 8) {
- echo "<img src=\"images/MReviews/8stars.gif\" alt=\"Best\" title=\"Best\">";
- } else if ($score == 7) {
- echo "<img src=\"images/MReviews/7stars.gif\" alt=\"Very Good\" title=\"Very Good\">";
- } else if ($score == 6) {
- echo "<img src=\"images/MReviews/6stars.gif\" alt=\"Good\" title=\"Good\">";
- } else if ($score == 5) {
- echo "<img src=\"images/MReviews/5stars.gif\" alt=\"Fair\" title=\"Fair\">";
- } else if ($score == 4) {
- echo "<img src=\"images/MReviews/4stars.gif\" alt=\"Not Bad\" title=\"Not Bad\">";
- } else if ($score == 3) {
- echo "<img src=\"images/MReviews/3stars.gif\" alt=\"Bad\" title=\"Bad\">";
- } else if ($score == 2) {
- echo "<img src=\"images/MReviews/2stars.gif\" alt=\"Worst\" title=\"Worst\">";
- } else if ($score == 1) {
- echo "<img src=\"images/MReviews/1stars.gif\" alt=\"Worst Of All\" title=\"Worst Of All\">";
- } else {
- echo "<img src=\"images/MReviews/NotRated.gif\" alt=\"No Score\" title=\"No Score\">";
- }
- }
- function preview_review($date, $pagename, $MReview_content, $author, $author_email, $score, $cover, $r_link, $r_link_title, $counter, $rid, $cid, $scid)
- {
- global $module_name, $prefix, $admin, $db, $sitename, $user, $userinfo, $user_prefix, $module_name, $review_image_url;
- if (isset($rid)) { $rid = intval($rid); }
- if (isset($cid)) { $rid = intval($cid); }
- if (isset($scid)) { $rid = intval($scid); }
- OpenTable();
- if (eregi("<!--pagebreak-->", $MReview_content)) {
- $MReview_content = ereg_replace("<!--pagebreak-->", "<!--pagebreak-->", $MReview_content);
- }
- $pagename = stripslashes(check_html($pagename, "nohtml"));
- $PReview_content = decode_bbcode($MReview_content);
- $MReview_content = stripslashes(check_html($MReview_content, ""));
- $author = stripslashes(check_html($author, "nohtml"));
- $r_link_title = stripslashes(check_html($r_link_title, "nohtml"));
- echo "<form method=\"post\" action=\"" . getlink("$module_name") . "\">";
- if ($pagename == "") {
- $error = 1;
- echo "" . _INVALIDTITLE . "<br>";
- }
- if ($MReview_content == "") {
- $error = 1;
- echo "" . _INVALIDTEXT . "<br>";
- }
- if (($counter < 0) && ($rid != 0)) {
- $error = 1;
- echo "" . _INVALIDHITS . "<br>";
- }
- if ($author == "" || $author_email == "") {
- $error = 1;
- echo "" . _CHECKNAME . "<br>";
- } else if ($author != "" && $author_email != "")
- if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$", $author_email))) {
- $error = 1;
- /* eregi checks for a valid email! works nicely for me! */
- echo "" . _INVALIDEMAIL . "<br>";
- }
- if (($r_link_title != "" && $r_link == "") || ($r_link_title == "" && $r_link != "")) {
- $error = 1;
- echo "" . _INVALIDLINK . "<br>";
- } else if (($r_link != "") && (!(eregi('(^http[s]*:[/]+)(.*)', $r_link))))
- $r_link = "http:" . $r_link;
- /* If the user ommited the http, this nifty eregi will add it */
- if ($error == 1)
- echo "<br>[ " . _GOBACK . " ]";
- else {
- if ($date == "")
- $date = date("Y-m-d", time());
- $year2 = substr($date, 0, 4);
- $month = substr($date, 5, 2);
- $day = substr($date, 8, 2);
- $fdate = date("F jS Y", mktime (0, 0, 0, $month, $day, $year2));
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE scid='$scid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- echo "<table border=\"0\" width=\"100%\"><tr><td colspan=\"2\">";
- echo "<p><font class=\"title\"><i><b>$pagename</b></i></font><br>";
- echo "<blockquote><p>";
- if ($cover != "")
- echo "<img src=\"$review_image_url/$cover\" align=\"right\" border=\"1\" vspace=\"2\" alt=\"\">";
- $PReview_content = nl2br($PReview_content);
- echo "$PReview_content<p>";
- echo "<b>" . _ADDED . ":</b> $fdate<br>";
- echo "<b>" . _AUTHOR . ":</b> <a href=\"mailto:$author_email\">$author</a><br>";
- echo "<b>" . _SCORE . ":</b> ";
- display_score($score);
- if ($r_link != "")
- echo "<br><b>" . _RLINK . ":</b> <a href=\"$r_link\" target=\"new\">$r_link_title</a>";
- if ($rid != 0) {
- echo "<br><b>" . _REVIEWID . ":</b> $rid<br>";
- echo "<b>" . _HITS . ":</b> $counter<br>";
- }
- echo "<br><b>" . _CATEGORY . ":</b> " . $row2['title'] ."<br>";
- echo "<br><b>" . _SUBCATEGORY . ":</b> " . $row['sub_title'] . "<br>";
- echo "</font></blockquote>";
- echo "</td></tr></table>";
- echo "<p><i>" . _LOOKSRIGHT . "</i><br>";
- $PReview_content = urlencode($PReview_content);
- echo "<input type=\"hidden\" name=\"rid\" value=$rid>
- <input type=\"hidden\" name=\"cid\" value=$cid>
- <input type=\"hidden\" name=\"scid\" value=$scid>
- <input type=\"hidden\" name=\"counter\" value=\"$counter\">
- <input type=\"hidden\" name=\"op\" value=\"send_MReview\">
- <input type=\"hidden\" name=\"date\" value=\"$date\">
- <input type=\"hidden\" name=\"pagename\" value=\"$pagename\">";
- echo "<input type=\"hidden\" name=\"MReview_content\" value=\"$MReview_content\">
- <input type=\"hidden\" name=\"author\" value=\"$author\">
- <input type=\"hidden\" name=\"author_email\" value=\"$author_email\">
- <input type=\"hidden\" name=\"score\" value=\"$score\">
- <input type=\"hidden\" name=\"r_link\" value=\"$r_link\">
- <input type=\"hidden\" name=\"r_link_title\" value=\"$r_link_title\">";
- if (is_admin($admin)) {
- echo "<input type=\"hidden\" name=\"cover\" value=\"$cover\">";
- }
- echo "<input type=\"submit\" value=\"" . _YES . "\"> <a href=\"#No\">[ " . _NO . " ]</a></form>";
- if ($rid != 0)
- $word = "" . _RMODIFIED . "";
- else
- $word = "" . _RADDED . "";
- if (is_admin($admin))
- echo "<br><br><b>" . _NOTE . ":</b> " . _ADMINLOGGED . " $word.";
- CloseTable();
- echo "<br><br><br><br><br>";
- OpenTable();
- echo "<a name=No></a><center><h1>Modification</h1></centeR>";
- echo "<form action=\"" . getlink($module_name) . "\" method=POST>";
- echo "<input type=\"hidden\" name=\"op\" value=\"preview_review\">";
- echo "<b>" . _REVIEWNAME . ":</b><br> <input type=\"text\" name=\"pagename\" value=\"$pagename\"><br><i>" . _NAMEPRODUCT . "</i><br><br>";
- echo "<b>" . _CATEGORY . ":</b> ";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- echo "<input name=\"cid\" value=\"".$row['cid']."\" type=\"hidden\"><b>".$row['title']."</b>";
- echo "<br><i>" . _PRODUCTCAT . "</i><Br><br>";
- echo "<b>" . _SUBCATEGORY . ":</b><br> <select name=\"scid\">";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE cid='$cid'";
- $result2 = $db->sql_query($sql);
- while ($row2 = $db->sql_fetchrow($result2)) {
- if ($row2[scid] == $scid) {
- $sel = "selected";
- }
- echo "<option value=\"".$row2['scid']."\" $sel>".$row2['sub_title']."</option>";
- $sel = "";
- }
- echo "</select><br><i>" . _PRODUCTSUBCAT . "</i><Br><br>";
- echo " <b>" . _YOURNAME . ":</b><br>";
- if (is_user($user)) {
- $sql = "SELECT name, user_email FROM " . $user_prefix . "_users WHERE username='" . $userinfo['username'] . "'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- }
- echo "<input value=\"$author\" type=\"text\" name=\"author\" size=\"41\" maxlength=\"40\" value=\"".$row2['name']."\"><br>
- <i>" . _FULLNAMEREQ . "</i><br><br>
- <b>" . _REMAIL . ":</b><br>
- <input type=\"text\" value=\"$author_email\" name=\"author_email\" size=\"40\" maxlength=\"80\" value=\"".$row2['user_email']."\"><br>
- <i>" . _REMAILREQ . "</i><br><br>";
- echo "<b>" . _REVIEW . ":</b><br> <textarea name=\"MReview_content\" rows=\"15\" cols=\"60\" class=\"post\">$MReview_content</textarea><br><i>" . _CHECKREVIEW . "</i><br><br>";
- echo"<b>" . _SCORE . ":</b>
- <select name=\"score\">
- <option name=\"score\" value=\"10\">10</option>
- <option name=\"score\" value=\"9\">9</option>
- <option name=\"score\" value=\"8\">8</option>
- <option name=\"score\" value=\"7\">7</option>
- <option name=\"score\" value=\"6\">6</option>
- <option name=\"score\" value=\"5\">5</option>
- <option name=\"score\" value=\"4\">4</option>
- <option name=\"score\" value=\"3\">3</option>
- <option name=\"score\" value=\"2\">2</option>
- <option name=\"score\" value=\"1\">1</option>
- </select><br>
- <i>" . _SELECTSCORE . "</i><br><br>";
- if (is_admin($admin)) {
- echo "<b>" . _COVERIMAGE . ":</b><br> <input value=\"$cover\" type=\"text\" name=\"cover\"><br>";
- echo "<i>" . _RIMAGEFILEREQ . "</i><br><br>";
- }
- echo "<b>" . _RLINK . ":</b><br> <input type=\"text\" value=\"$r_link\" name=\"r_link\"><br>";
- echo "<i>" . _PRODUCTSITE . "</i><br><br>";
- echo "<b>" . _RLINKTITLE . "</b>:<br> <input type=\"text\" value=\"$r_link_title\" name=\"r_link_title\"><br>";
- echo "<i>" . _LINKTITLEREQ . "</i><br><br>";
- echo "<input type=\"submit\" value=\"" . _PREMODS . "\">";
- echo "</form>";
- CloseTable();
- }
- }
- function show_cats()
- {
- global $module_name, $prefix, $db, $bgcolor3;
- OpenTable();
- echo "<center><font class=\"title\">" . _RWELCOME . " <br></font><font class=small>" . _VCATEGORIES . "</font></center>";
- echo "<br><table width=100% border=0 cellspacing=1 bgcolor=$textcolor1>";
- function chopSent($varb, $num)
- {
- $dNum = intval($num);
- if (strlen($varb) > $dNum) {
- $nVarb = substr($varb, 0, $dNum);
- $nVarb .= "...";
- } elseif (strlen($varb) < $dNum) {
- $nVarb = $varb;
- }
- return $nVarb;
- }
- // Usage of function
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats";
- $result = $db->sql_query($sql);
- $count = 0;
- while ($row = $db->sql_fetchrow($result)) {
- if ($count == 2) {
- echo "<tr>";
- $count = 0;
- }
- echo "<td width=50% align=left><a class='cattitle' href=\"" . getlink("$module_name&op=list_sub_cats&cid=".$row['cid']."") . "\"><b>".$row['title']."</b></a>¬<br>";
- $sql2 = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE cid='".$row['cid']."' LIMIT 3";
- $result2 = $db->sql_query($sql2);
- while ($row2 = $db->sql_fetchrow($result2)) {
- $theSent = $row2[sub_title];
- $theSent = chopSent($theSent, 450);
- $subcats = "<a href='" . getlink("$module_name&op=list_revs&cid=".$row['cid']."&scid=".$row2['scid']."") . "'>$theSent</a>,";
- echo " $subcats";
- }
- echo "...";
- echo "</td>";
- $count++;
- if ($count == 2) {
- echo "</tr>";
- echo "<tr><td colspan=2 height=10></td></tr>";
- }
- echo "</td>";
- }
- echo "</table>";
- //Added by Mike Allen on 7/14/04
- echo "<br>";
- $uid = intval($uid);
- $sql3 = "SELECT * FROM " . $prefix . "_MReviews_upcoming";
- $result3 = $db->sql_query($sql3);
- if ($db->sql_numrows($result3)) {
- echo "<center><font class=\"title\">Upcoming Reviews</font><br>";
- while($row3= $db->sql_fetchrow($result3)){
- echo "<font color=red class=medium>" . $row3['text'] . "</font><br>";
- }
- }
- CloseTable();
- //End Add
- }
- function list_sub_cats($cid)
- {
- global $module_name, $prefix, $db, $admin, $sitename, $bgcolor4, $bgcolor2, $bgcolor3, $bgcolor1, $textcolor1, $max_results;
- $cid = intval($cid);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- OpenTable();
- echo "<centeR>"
- . "<font class=\"title\"><i>".$row['title']."</i> " . _REVIEWS . "</font><br>"
- . "<font class=\"content\">".$row['description']."</font><br><hr><br>";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- echo "<center><a name=\"#AllReviews\"></a>" . _LISTINGALLSUBCATSIN . " <i><b>".$row['title']."</b></i> " . _CATEGORY . "<br></center>";
- echo "<table bgcolor=\"$textcolor1\" name=TopReviews width=\"100%\" cellpadding=2 cellspacing=1>";
- echo "<tr>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=35%><b>" . _SUBCATTITLE . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=20%><b>" . _TOTALREVIEW . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=23%><b>" . _LATESTADDED . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=8%><b>" . _HITS . "</b></td>";
- if (is_admin($admin)) {
- echo "<td bgcolor=\"$bgcolor2\" width=10%><b>" . _ADMIN . "</b></td>\n";
- }
- echo "</tr>";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE cid='".$row['cid']."' ORDER BY sub_title DESC";
- $result2 = $db->sql_query($sql);
- while ($row2 = $db->sql_fetchrow($result2)) {
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE scid='".$row2['scid']."' ORDER BY pagename DESC LIMIT 1";
- $result3 = $db->sql_query($sql);
- $row3 = $db->sql_fetchrow($result3);
- if ($row3[pagename] == '') {
- $latest = "N/A";
- } else {
- $latest = "<a href=\"" . getlink("$module_name&op=show&rid=".$row3['rid']."") . "\">".$row3['pagename']."</a>";
- }
- $arrow = "<img src='modules/Topics/images/arrow.gif' border='0' alt='' title=''> ";
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE scid='".$row2['scid']."'";
- $result4 = $db->sql_query($sql);
- $total = $db->sql_numrows($result4);
- echo "<tr>\n
- <td width=35% bgcolor=\"$bgcolor1\">$arrow<a href=\"" . getlink("$module_name&op=list_revs&scid=".$row2['scid']."") . "\">".$row2['sub_title']."</A></td>\n
- <td width=20% bgcolor=\"$bgcolor1\" align=center><b>$total</b> " . _REVIEWS . "</td>\n
- <td width=23% bgcolor=\"$bgcolor1\" align=center>$latest</td>\n
- <td bgcolor=\"$bgcolor1\" width=8% align=center><b>".$row2['counter']."</b></td>";
- if (is_admin($admin)) {
- echo "<td bgcolor=\"$bgcolor1\" width=10%><a href=\"admin.php?op=modMRevSubCat&scid=".$row2['scid']."\">E</a> | <a href=\"admin.php?op=delMRevSubCat&scid=".$row2[scid]."\">D</a></td>\n";
- }
- echo "</tr>";
- }
- echo "</td></tr></table><br>";
- echo "</center>";
- CloseTable();
- }
- function list_revs($scid, $orderby, $page)
- {
- global $module_name, $prefix, $db, $admin, $sitename, $bgcolor4, $bgcolor2, $bgcolor3, $bgcolor1, $textcolor1, $max_results;
- $scid = intval($scid);
- $max_results = intval($max_results);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE scid='$scid'";
- $result0 = $db->sql_query($sql);
- $row0 = $db->sql_fetchrow($result0);
- if (!$page) {
- $page = "1";
- }
- OpenTable();
- echo "<centeR>"
- . "<font class=\"title\">" . _WELCOMETO . " $sitename <i><b>".$row0['sub_title']."</b></i> " . _REVIEWS . "</font><br>"
- . "<font class=\"content\">".$row0['sub_description']."</font><br><br>";
- alpha($scid);
- echo "[ <a href=\"" . getlink("$module_name&op=write_MReview&cid=".$row0['cid']."") . "\">" . _WRITEREVIEW . "</a> ] "
- . "[ <a href=\"" . getlink("$module_name#AllReviews") . "\">" . _ALLREVIEWS . "</a> ] "
- . "</center>";
- echo "<br><br>";
- echo "<table name=Table1 width=\"100%\" name=MainTable cellspacing=1 cellpadding=2>\n";
- echo "<tr><td width=50% name=TopReviewsColoumn>";
- echo "<table bgcolor=\"$textcolor1\" name=TopReviews width=\"100%\" cellpadding=2 cellspacing=1>";
- echo "<tr><td bgcolor=\"$bgcolor2\" valign=top width=100%><b>" . _10MOSTPOP . "</b></td></tr>";
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE scid='$scid' ORDER BY counter DESC LIMIT 10";
- $result = $db->sql_query($sql);
- while ($row = $db->sql_fetchrow($result)) {
- echo "<tr>\n<td width=100% bgcolor=\"$bgcolor1\"><a href=\"" . getlink("$module_name&op=show&rid=".$row['rid']."") . "\">".$row['pagename']."</A></td></tr>";
- }
- echo "</table name=TopReviews>\n\n";
- echo "</td><td width=50% name=LatestReviewsColoumn>\n";
- echo "<table bgcolor=\"$textcolor1\" name=LatestReviews width=\"100%\" cellpadding=2 cellspacing=1>\n";
- echo "<tr><td bgcolor=\"$bgcolor2\" valign=top width=100%><b>" . _10MOSTREC . "</b></td></tr>\n";
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE scid='$scid' ORDER BY date DESC LIMIT 10";
- $result2 = $db->sql_query($sql);
- while ($row2 = $db->sql_fetchrow($result2)) {
- echo "<tr>\n<td width=100% bgcolor=\"$bgcolor1\"><a href=\"" . getlink("$module_name&op=show&rid=".$row2['rid']."") . "\">".$row2['pagename']."</A></td></tr>";
- }
- echo "</table name=LatestReviews>\n";
- echo "</td></tr>";
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE scid='$scid'";
- $result3 = $db->sql_query($sql);
- $numresults = $db->sql_numrows($result3);
- echo "<tr><td colspan=\"2\"><center>" . _THEREARE . " $numresults " . _REVIEWSINDB . "</center><br></td></tr>";
- echo "<form action=\"" . getlink("Search") . "\" method=\"post\"><input type=\"hidden\" name=\"type\" value=\"reviews\">";
- echo "<tr><td colspan=\"2\"><center>Query: <input type=\"text\" name=\"query\" size=\"15\"> <input type=\"submit\" value=\"Search\"></form></center></td></tr>";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='".$row0['cid']."'";
- $result4 = $db->sql_query($sql);
- $row4 = $db->sql_fetchrow($result4);
- echo "<tr><td colspan=\"2\"><center><a href=\"" . getlink("$module_name") . "\">" . _RBACK . "</a> | " . _BACKTO . " <a href=\"" . getlink("$module_name&op=list_sub_cats&cid=".$row0['cid']."") . "\">".$row4['title']."</a> Index</center></td></tr>";
- echo "</table name=MainTable>\n";
- CloseTable();
- echo "<br>";
- echo "<br>";
- OpenTable();
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE scid='$scid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- echo "<center><font class=\"title\"><a name=\"#AllReviews\"></a>" . _LISTINGALLREVIEWSIN . " <i>".$row['sub_title']."</i> " . _CATEGORY . "</font><br>";
- $orderbyText = "";
- if ($orderby == "titleA") $orderbyText = "" . _TITLEA2Z . "";
- if ($orderby == "titleD") $orderbyText = "" . _TITLEZ2A . "";
- if ($orderby == "HitsA") $orderbyText = "" . _POPULARITY1 . "";
- if ($orderby == "HitsD") $orderbyText = "" . _POPULARITY2 . "";
- if ($orderby == "DateA") $orderbyText = "" . _DATE1 . "";
- if ($orderby == "DateD") $orderbyText = "" . _DATE2 . "";
- if ($orderby == "ScoreA") $orderbyText = "" . _RATING1 . "";
- if ($orderby == "ScoreD") $orderbyText = "" . _RATING2 . "";
- echo "<font class=gensmall>
- " . _SORTREVIEWSBY . "
- Title (<a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=titleA#AllReviews") . "\">A</a>
- <a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=titleD#AllReviews") . "\">D</a>)
- Date (<a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=DateA#AllReviews") . "\">A</a>
- <a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=DateD#AllReviews") . "\">D</a>)
- Rating (<a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=ScoreA#AllReviews") . "\">A</a>
- <a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=ScoreD#AllReviews") . "\">D</a>)
- Popularity (<a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=HitsA#AllReviews") . "\">A</a>
- <a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=HitsD#AllReviews") . "\">D</a>)
- <br>";
- if ($orderby != "")
- echo "" . _REVIEWSCURSORTEDBY . "$orderbyText";
- echo "</font></center><br><br>";
- echo "<table bgcolor=\"$textcolor1\" name=TopReviews width=\"100%\" cellpadding=2 cellspacing=1>";
- echo "<tr>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=35%><b>" . _REVIEWSNAME . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=20%><b>" . _AUTHOR . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=23%><b>" . _DATE . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=8%><b>" . _SCORE . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=5%><b>" . _HITS . "</b></td>";
- if (is_admin($admin)) {
- echo "<td bgcolor=\"$bgcolor2\" width=10%><b>" . _ADMIN . "</b></td>\n";
- }
- echo "</tr>";
- $orderbySQL = "";
- if ($orderby == "titleA") $orderbySQL = "pagename ASC";
- if ($orderby == "titleD") $orderbySQL = "pagename DESC";
- if ($orderby == "HitsA") $orderbySQL = "counter ASC";
- if ($orderby == "HitsD") $orderbySQL = "counter DESC";
- if ($orderby == "DateA") $orderbySQL = "date ASC";
- if ($orderby == "DateD") $orderbySQL = "date DESC";
- if ($orderby == "ScoreA") $orderbySQL = "score ASC";
- if ($orderby == "ScoreD") $orderbySQL = "score DESC";
- if ($orderby == "") $orderbySQL = "pagename";
- $from = (($page * $max_results) - $max_results);
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE scid='".$row[scid]."' ORDER BY $orderbySQL LIMIT $from, $max_results";
- $result2 = $db->sql_query($sql);
- while ($row2 = $db->sql_fetchrow($result2)) {
- $date = $row2["date"];
- $year = substr($date, 0, 4);
- $month = substr($date, 5, 2);
- $day = substr($date, 8, 2);
- $fdate = date("F jS Y", mktime (0, 0, 0, $month, $day, $year));
- $arrow = "<img src='modules/Topics/images/arrow.gif' border='0' alt='' title=''> ";
- $score = "$row2[score]";
- echo "<tr>\n
- <td width=35% bgcolor=\"$bgcolor1\">$arrow<a href=\"" . getlink("$module_name&op=show&rid=".$row2['rid']."") . "\">".$row2['pagename']."</A></td>\n
- <td width=20% align=center bgcolor=\"$bgcolor1\"><a href=\"mailto:".$row2['author_email']."\">".$row2['author']."</A></td>\n
- <td width=17% align=center bgcolor=\"$bgcolor1\">$fdate</td>\n
- <td width=8% align=center bgcolor=\"$bgcolor1\">";
- display_score($score);
- echo "</td>\n
- <td align=center bgcolor=\"$bgcolor1\" width=5%>".$row2['counter']."</td>";
- if (is_admin($admin)) {
- echo "<td bgcolor=\"$bgcolor1\" width=10%><a href=\"admin.php?op=modMRevpage&rid=".$row2['rid']."\">E</a> | <a href=\"admin.php?op=delMRevconfirm&rid=".$row2['rid']."\">D</a></td>\n";
- }
- echo "</tr>";
- }
- echo "</td></tr></table><br>";
- // Figure out the total number of results in DB:
- $sql = "SELECT COUNT(*) AS Num FROM " . $prefix . "_MReviews WHERE scid='$scid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $total_results = $row['Num'];
- // Figure out the total number of pages. Always round up using ceil()
- $total_pages = ceil($total_results / $max_results);
- // Build Page Number Hyperlinks
- echo "<center>Select a Page<br />";
- // Build Previous Link
- if ($page > 1) {
- $prev = ($page - 1);
- echo "« <a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&page=$prev") . "\">Previous</a> | ";
- }
- for($i = 1; $i <= $total_pages; $i++) {
- if (($page) == $i) {
- echo "$i | ";
- } else {
- echo "<a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=$orderby&page=$i") . "\">$i</a> | ";
- }
- }
- // Build Next Link
- if ($page < $total_pages) {
- $next = ($page + 1);
- echo "<a href=\"" . getlink("$module_name&op=list_revs&scid=$scid&orderby=$orderby&page=$next") . "\">Next</a> »";
- }
- echo "</center>";
- $updatecounter = "UPDATE " . $prefix . "_MReviews_sub_cats SET counter=counter+1 WHERE scid='$scid'";
- $db->sql_query($updatecounter);
- CloseTable();
- }
- function show($rid, $cid, $page)
- {
- global $module_name, $prefix, $db, $admin, $prefix, $review_image_url;
- OpenTable();
- $rid = intval($rid);
- $cid = intval($cid);
- $page = intval($page);
- $sql = "SELECT * FROM " . $prefix . "_MReviews WHERE rid='$rid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $row['content'] = decode_bbcode($row['content']);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='".$row['cid']."'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE scid='".$row['scid']."'";
- $result3 = $db->sql_query($sql);
- $row3 = $db->sql_fetchrow($result3);
- $date = $row["date"];
- $year = substr($date, 0, 4);
- $month = substr($date, 5, 2);
- $day = substr($date, 8, 2);
- $fdate = date("F jS Y", mktime (0, 0, 0, $month, $day, $year));
- $score = $row["score"];
- $content = $row["content"];
- $content = decode_bbcode(nl2br($content));
- $contentpages = explode("<!--pagebreak-->", $content);
- $pageno = count($contentpages);
- if ($page == "" || $page < 1)
- $page = 1;
- if ($page > $pageno)
- $page = $pageno;
- $arrayelement = (int)$page;
- $arrayelement --;
- echo "<font class=title>
- <i>".$row['pagename']."</i><br>\n</font>";
- echo "<Br>";
- echo "<blockquote><p align=justify>";
- if ($row[cover] != "")
- echo "<img src=\"$review_image_url/".$row['cover']."\" align=\"right\" border=1 vspace=\"2\" alt=\"\">";
- echo $contentpages[$arrayelement];
- echo "</blockquote></p>";
- echo "<br><Br>";
- echo "<hr>";
- echo "<font class=gensmall>";
- if (is_admin($admin))
- echo "<b>Admin:</b> <a href=\"admin.php?op=modMRevpage&rid=$rid\">Edit</a> | <a href=\"admin.php?op=delMRevconfirm&rid=$rid\">Delete</a><br>";
- echo "<b>" . _SORTTITLE . ":</b> $row[pagename]<br>\n
- <b>" . _CATEGORY . ":</b> <a href=\"" . getlink("$module_name&op=list_revs&cid=".$row2['cid']."") . "\">".$row2['title']."</a></b><br>\n
- <b>" . _SUBCATEGORY . ":</b> <a href=\"" . getlink("$module_name&op=list_revs&cid=".$row2['cid']."&orderby=sub_catA") . "\">".$row3['sub_title']."</a></b><br>\n
- <b>" . _AUTHOR . ":</b> <a href=\"mailto:".$row['author_email']."\">".$row['author']."</a><br>\n";
- if ($row['r_link'] != "")
- echo "<b>" . _RELATEDLINK . ":</b> <a href=\"".$row['r_link']."\">".$row['r_link_title']."</a><br>\n";
- echo "<b>" . _ADDED . ":</b> $fdate<br>\n
- <b>" . _HITS . ":</b> ".$row['counter']." Times<br>\n
- <b>" . _SCORE . ":</b>";
- display_score($score);
- if ($pageno > 1) {
- echo "<br><b>" . _PAGE . ":</b> $page/$pageno<br>";
- }
- echo "<br><b>" . _OPTIONS . ":</b> <a href=\"" . getlink("$module_name&file=friend&op=FriendSend&rid=$rid") . "\"><img src=\"images/friend.gif\" border=\"0\" alt=\"" . _SENDTOFRIEND . "\" title=\"" . _SENDTOFRIEND . "\" width=\"16\" height=\"11\"></a>\n <a href=\"" . getlink("$module_name&file=print&op=PrintPage&rid=$rid") . "\"><img src=\"images/print.gif\" border=\"0\" alt=\"" . _PRINTREVIEW . "\" title=\"" . _PRINTREVIEW . "\" width=\"16\" height=\"11\"></a>";
- echo "<Br>";
- echo "<center>";
- if ($page >= $pageno) {
- $next_page = "";
- } else {
- $next_pagenumber = $page + 1;
- if ($page != 1) {
- $next_page .= "<img src=\"images/blackpixel.gif\" width=\"10\" height=\"2\" border=\"0\" alt=\"\"> ";
- }
- $next_page .= "<a href=\"" . getlink("$module_name&op=show&rid=$rid&page=$next_pagenumber") . "\">" . _NEXT . " ($next_pagenumber/$pageno)</a> <a href=\"" . getlink("$module_name&op=show&rid=$rid&page=$next_pagenumber") . "\"><img src=\"images/download/right.gif\" border=\"0\" alt=\"" . _NEXT . "\"></a>";
- }
- if ($page <= 1) {
- $previous_page = "";
- } else {
- $previous_pagenumber = $page - 1;
- $previous_page = "<a href=\"" . getlink("$module_name&op=show&rid=$rid&page=$previous_pagenumber") . "\"><img src=\"images/download/left.gif\" border=\"0\" alt=\"" . _PREVIOUS . "\"></a> <a href=\"" . getlink("$module_nameamp;op=show&rid=$rid&page=$previous_pagenumber") . "\">" . _PREVIOUS . " ($previous_pagenumber/$pageno)</a>";
- }
- echo "<center>"
- . "$previous_page $next_page<br><br>";
- echo "[ <a href=\"" . getlink("$module_name") . "\">" . _RBACK . "</a> | "
- . "<a href=\"" . getlink("$module_name&op=list_revs&cid=$row[cid]") . "\">" . _BACKTO . " $row2[title] " . _INDEX . "</a> | "
- . "<a href=\"" . getlink("$module_name&op=postcomment&rid=$rid") . "\">" . _REPLYMAIN . "</a> ]";
- echo "<br>";
- CloseTable();
- echo "<Br>";
- mr_comments($rid, $pagename);
- $updatecounter = "UPDATE " . $prefix . "_MReviews SET counter=counter+1 WHERE rid='$rid'";
- $db->sql_query($updatecounter);
- }
- function write_MReview($cid)
- {
- global $module_name, $prefix, $guests_to_post, $admin, $db, $sitename, $user, $userinfo, $user_prefix, $module_name;
- $cid = intval($cid);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $guests_result = $db->sql_query($sql);
- $guest_row = $db->sql_fetchrow($guests_result);
- $guests = $guest_row['guests'];
- if ($guests_to_post == 'yes') {
- write_MReview_guests($cid);
- } elseif (($guests == "no") && (!is_user($user))) {
- OpenTable();
- echo "" . _GUESTCANTPOST . "<br><br>" . _GOBACK . "";
- CloseTable();
- } else {
- write_MReview_guests($cid);
- }
- }
- function write_MReview_guests($cid)
- {
- global $module_name, $prefix, $guests_to_post, $admin, $db, $sitename, $user, $userinfo, $user_prefix, $module_name;
- $cid = intval($cid);
- OpenTable();
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- echo "<form action=\"" . getlink("$module_name") . "\" method=POST>";
- echo "<input type=\"hidden\" name=\"op\" value=\"preview_review\">";
- echo "<font class=\"title\">" . _WRITEREVIEWFOR . " $sitename in ";
- echo "<input type=\"hidden\" name=\"cid\" value=\"$cid\"><i>".$row['title']."</i></b> " . _CATEGORY . "</font>";
- echo "<br><i>" . _ENTERINFO . "</i><br><br>";
- echo "<b>" . _REVIEWNAME . ":</b><br> <input type=\"text\" name=\"pagename\"><br><i>" . _NAMEPRODUCT . "</i><br><br>";
- echo "<b>" . _SUBCATEGORY . ":</b><br> <select name=\"scid\">";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE cid='$cid'";
- $result2 = $db->sql_query($sql);
- while ($row2 = $db->sql_fetchrow($result2)) {
- echo "<option value=\"".$row2['scid']."\">".$row2['sub_title']."</option>";
- }
- echo "</select><br><i>" . _PRODUCTSUBCAT . "<Br><br>";
- echo " <b>" . _YOURNAME . ":</b><br>";
- if (is_user($user)) {
- $sql = "SELECT name, user_email FROM " . $user_prefix . "_users WHERE username='".$userinfo['username']."'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- }
- echo "<input type=\"text\" name=\"author\" size=\"41\" maxlength=\"40\" value=\"".$row2['name']."\"><br>
- <i>" . _FULLNAMEREQ . "</i><br><br>
- <b>" . _REMAIL . ":</b><br>
- <input type=\"text\" name=\"author_email\" size=\"40\" maxlength=\"80\" value=\"".$row2['user_email']."\"><br>
- <i>" . _REMAILREQ . "</i><br><br>";
- echo "<b>" . _REVIEW . ":</b><br> <textarea name=\"MReview_content\" rows=\"15\" cols=\"60\" class=\"post\"></textarea><br><i>" . _CHECKREVIEW . "</i><br><br>";
- echo"<b>" . _SCORE . ":</b>
- <select name=\"score\">
- <option name=\"score\" value=\"10\">10</option>
- <option name=\"score\" value=\"9\">9</option>
- <option name=\"score\" value=\"8\">8</option>
- <option name=\"score\" value=\"7\">7</option>
- <option name=\"score\" value=\"6\">6</option>
- <option name=\"score\" value=\"5\">5</option>
- <option name=\"score\" value=\"4\">4</option>
- <option name=\"score\" value=\"3\">3</option>
- <option name=\"score\" value=\"2\">2</option>
- <option name=\"score\" value=\"1\">1</option>
- </select><br>
- <i>" . _SELECTSCORE . "</i><br><br>";
- if (is_admin($admin)) {
- echo "<b>" . _COVERIMAGE . ":</b><br> <input type=\"text\" name=\"cover\"><br>";
- echo "<i>" . _RIMAGEFILEREQ . "</i><br><br>";
- }
- echo "<b>" . _RLINK . ":</b><br> <input type=\"text\" name=\"r_link\"><br>";
- echo "<i>" . _PRODUCTSITE . "</i><br><br>";
- echo "<b>" . _RLINKTITLE . "</b>:<br> <input type=\"text\" name=\"r_link_title\"><br>";
- echo "<i>" . _LINKTITLEREQ . "</i><br><br>";
- echo "<input type=\"submit\" value=\"" . _PREVIEW . "\">";
- echo "</form>";
- CloseTable();
- }
- function send_MReview($cid, $scid, $author, $author_email, $pagename, $MReview_content, $cover, $r_link, $r_link_title, $score)
- {
- global $module_name, $prefix, $admin, $db, $sitename, $EditedMessage, $module_name, $email_notify, $adminmail;
- $cid = intval($cid);
- $scid = intval($scid);
- if (eregi("<!--pagebreak-->", $MReview_content)) {
- $MReview_content = ereg_replace("<!--pagebreak-->", "<!--pagebreak-->;", $MReview_content);
- }
- $pagename = stripslashes(FixQuotes(check_html($pagename, "nohtml")));
- $MReview_content = stripslashes(Fixquotes(urldecode(check_html($MReview_content, ""))));
- if (eregi("<!--pagebreak-->", $MReview_content)) {
- $MReview_content = ereg_replace("<!--pagebreak-->", "<!--pagebreak-->", $MReview_content);
- }
- if (!is_admin($admin)) {
- $MReview_content = encode_bbcode($MReview_content, 1);
- $sql = "INSERT INTO " . $prefix . "_MReviews( date, pagename, content, cover, cid, scid, author, author_email, r_link, r_link_title, score)
- VALUES (now(), '$pagename', '$MReview_content', '$cover', '$cid', '$scid', '$author', '$author_email', '$r_link', '$r_link_title', '$score')";
- $result = $db->sql_query($sql);
- } else {
- $sql = "INSERT INTO " . $prefix . "_MReviews_pend( date, pagename, content, cid, scid, author, author_email, r_link, r_link_title, score)
- VALUES (now(), '$pagename', '$MReview_content', '$cid', '$scid', '$author', '$author_email', '$r_link', '$r_link_title', '$score')";
- $result = $db->sql_query($sql);
- }
- if (eregi("<!--pagebreak-->", $MReview_content)) {
- $MReview_content = ereg_replace("<!--pagebreak-->", "<!--pagebreak-->", $MReview_content);
- }
- OpenTable();
- // Code to check if statement executed properly and display message
- if ($result) {
- $sql = "SELECT * FROM " . $prefix . "_MReviews_cats WHERE cid='$cid'";
- $result2 = $db->sql_query($sql);
- $row2 = $db->sql_fetchrow($result2);
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE scid='$scid'";
- $result3 = $db->sql_query($sql);
- $row3 = $db->sql_fetchrow($result3);
- if (!is_admin($admin)) {
- echo("" . _RTHANKSADMIN . "");
- } else {
- echo("" . _RTHANKS . "");
- }
- if ($email_notify == "on") {
- $sitemail = "$adminmail";
- $Subject = "New Review Submitted";
- $mailheader = "From: $author <$author_email>\r\n";
- $mailheader .= "Reply-To: $author_email\r\n";
- $mailbody .= "$author has submitted a review\r\n======================================================\r\nReview Name: $pagename\r\nCategory: $row2[title]\r\nGenera: $row2[sub_title]\r\n\r\n $MReview_content";
- mail($sitemail, $subject, $mailbody, $mailheader);
- }
- } else {
- echo "An error has occured<Br>";
- echo mysql_error();
- }
- CloseTable();
- }
- function mr_comments($rid, $pagename)
- {
- global $module_name, $prefix, $admin, $db, $module_name;
- $rid = intval($rid);
- $result = $db->sql_query("SELECT com_id, userid, date, comments, score FROM " . $prefix . "_MReviews_comments WHERE rid='$rid' ORDER BY date DESC");
- while (list($com_id, $uname, $date, $comments, $score) = $db->sql_fetchrow($result)) {
- OpenTable();
- $pagename = urldecode($pagename);
- echo "
- <b>$pagename</b><br>";
- if ($uname == "Anonymous" OR $uname == "Stranger") {
- echo "Posted by: $uname on $date<br>";
- } else {
- echo "Posted by: <a href=\"" . getlink("Your_Account&op=userinfo&username=$uname") . "\">$uname</a> on $date<br>";
- }
- echo "My Score: ";
- display_score($score);
- if (is_admin($admin)) {
- echo "<br><b>Admin:</b> [ <a href=\"" . getlink("$module_name&op=del_comment&com_id=$com_id&rid=$rid") . "\">Delete</a> ]</font><hr noshade size=1>";
- } else {
- echo "</font><hr>";
- }
- $comments = FixQuotes(nl2br(filter_text($comments)));
- echo "
- $comments
- ";
- CloseTable();
- echo "<br>";
- }
- }
- function reviews($letter, $field, $order, $scid)
- {
- global $module_name, $bgcolor4, $textcolor1, $bgcolor3, $bgcolor2, $bgcolor1, $sitename, $prefix, $multilingual, $currentlang, $db, $module_name;
- OpenTable();
- $scid = intval($scid);
- $letter = $letter[0];
- $order = ($order[0] == "D") ? "DESC" : "ASC";
- $sql = "SELECT * FROM " . $prefix . "_MReviews_sub_cats WHERE scid='$scid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- echo "<center><b>$sitename <i>".$row['sub_title']."</i> " . _REVIEWS . " </b><br>";
- echo "<i>" . _REVIEWSLETTER . " \"$letter\"</i><br><br>";
- $result = $db->sql_query("SELECT scid, rid, pagename, counter, date, author, author_email, score FROM " . $prefix . "_MReviews WHERE scid='$scid' && UPPER(pagename) LIKE '$letter%' ORDER by pagename $order");
- $numresults = $db->sql_numrows($result);
- if ($numresults == 0) {
- echo "<i><b>" . _NOREVIEWS . " \"$letter\"</b></i><br><br>";
- } elseif ($numresults > 0) {
- echo "<table bgcolor=\"$textcolor1\" name=TopReviews width=\"100%\" cellpadding=2 cellspacing=1>";
- echo "<tr>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=35%><b>" . _REVIEWSNAME . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=20%><b>" . _AUTHOR . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=23%><b>" . _DATE . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=8%><b>" . _SCORE . "</b></td>
- <td bgcolor=\"$bgcolor2\" align=center valign=top width=5%><b>" . _HITS . "</b></td>";
- echo "</tr>";
- while ($myrow = $db->sql_fetchrow($result)) {
- $pagename = $myrow["pagename"];
- $rid = $myrow["rid"];
- $scid = $myrow["scid"];
- $author = $myrow["author"];
- $author_email = $myrow["author_email"];
- $score = $myrow["score"];
- $counter = $myrow["counter"];
- $date = $myrow["date"];
- $year = substr($date, 0, 4);
- $month = substr($date, 5, 2);
- $day = substr($date, 8, 2);
- $fdate = date("F jS Y", mktime (0, 0, 0, $month, $day, $year));
- echo "<tr>\n
- <td width=35% bgcolor=\"$bgcolor1\">$arrow<a href=\"" . getlink("$module_name&op=show&rid=$rid") . "\">$pagename</A></td>\n
- <td width=20% bgcolor=\"$bgcolor1\"><a href=\"mailto:$author_email\">$author</A></td>\n
- <td width=17% bgcolor=\"$bgcolor1\">$fdate</td>\n
- <td width=8% bgcolor=\"$bgcolor1\">";
- display_score($score);
- echo "</td>\n
- <td bgcolor=\"$bgcolor1\" width=5%>$counter</td>";
- echo "</tr>";
- }
- echo "</TABLE>";
- echo "<br>$numresults " . _TOTALREVIEWS . "<br><br>";
- }
- echo "[ <a href=\"" . getlink("$module_name") . "\">" . _RETURN2MAIN . "</a> | <a href=\"" . getlink("$module_name&op=list_revs&scid=$scid") . "\">" . _BACKTO . " $row[sub_title] index</a> ]";
- CloseTable();
- }
- function postcomment($rid, $pagename)
- {
- global $module_name, $prefix, $user, $userinfo, $AllowableHTML, $anonymous, $module_name, $db;
- cookiedecode($user);
- $sql = "SELECT pagename FROM " . $prefix . "_MReviews WHERE rid='$rid'";
- $result = $db->sql_query($sql);
- $row = $db->sql_fetchrow($result);
- $row[pagename] = urldecode($row[pagename]);
- OpenTable();
- echo "<center><font class=option><b>" . _REVIEWCOMMENT . " $row[pagename]</b><br><br></font></center>"
- . "<form action=" . getlink("$module_name") . " method=post>";
- if (!is_user($user)) {
- echo "<b>" . _YOURNICK . ":</b> $anonymous [ " . _RCREATEACCOUNT . " ]<br><br>";
- $uname = $anonymous;
- } else {
- echo "<b>" . _YOURNICK . ":</b> ".$userinfo['username']."<br>
- <input type=checkbox name=xanonpost> " . _POSTANON . "<br><br>";
- $uname = $userinfo['username'];
- }
- echo "
- <input type=hidden name=uname value=$uname>
- <input type=hidden name=rid value=$rid>
- <b>" . _SCORE . "</b>
- <select name=score>
- <option name=score value=10>10</option>
- <option name=score value=9>9</option>
- <option name=score value=8>8</option>
- <option name=score value=7>7</option>
- <option name=score value=6>6</option>
- <option name=score value=5>5</option>
- <option name=score value=4>4</option>
- <option name=score value=3>3</option>
- <option name=score value=2>2</option>
- <option name=score value=1>1</option>
- </select><br><br>
- <b>" . _YOURCOMMENT . ":</b><br>
- <textarea name=comments rows=10 cols=70></textarea><br>
- " . _ALLOWEDHTML . ":<br>";
- while (list($key,) = each($AllowableHTML)) echo " <" . $key . ">";
- echo "<br><br>
- <input type=hidden name=op value=savecomment>
- <input type=submit value=Submit>
- </form>
- ";
- CloseTable();
- }
- function savecomment($xanonpost, $uname, $rid, $score, $comments)
- {
- global $module_name, $prefix, $anonymous, $user, $userinfo, $db, $module_name;
- $rid = intval($rid);
- if ($xanonpost) {
- $uname = $anonymous;
- }
- $comments = stripslashes(FixQuotes(check_html($comments)));
- $db->sql_query("INSERT into " . $prefix . "_MReviews_comments values (NULL, '$rid', '$uname', now(), '$comments', '$score')");
- Header("Location: " . getlink("$module_name&op=show&rid=$rid"));
- }
- function del_comment($com_id, $rid)
- {
- global $module_name, $prefix, $admin, $db, $module_name;
- $com_id = intval($com_id);
- if (is_admin($admin)) {
- $db->sql_query("DELETE FROM " . $prefix . "_MReviews_comments WHERE com_id='$com_id'");
- Header("Location: " . getlink("$module_name&op=show&rid=$rid"));
- } else {
- echo "ACCESS DENIED";
- }
- }
- switch ($op) {
- case "A":
- reviews(A, $field, $order, $scid);
- break;
- case "B":
- reviews(B, $field, $order, $scid);
- break;
- case "C":
- reviews(C, $field, $order, $scid);
- break;
- case "D":
- reviews(D, $field, $order, $scid);
- break;
- case "E":
- reviews(E, $field, $order, $scid);
- break;
- case "F":
- reviews(F, $field, $order, $scid);
- break;
- case "G":
- reviews(G, $field, $order, $scid);
- break;
- case "H":
- reviews(H, $field, $order, $scid);
- break;
- case "I":
- reviews(I, $field, $order, $scid);
- break;
- case "J":
- reviews(J, $field, $order, $scid);
- break;
- case "K":
- reviews(K, $field, $order, $scid);
- break;
- case "L":
- reviews(L, $field, $order, $scid);
- break;
- case "M":
- reviews(M, $field, $order, $scid);
- break;
- case "N":
- reviews(N, $field, $order, $scid);
- break;
- case "O":
- reviews(O, $field, $order, $scid);
- break;
- case "P":
- reviews(P, $field, $order, $scid);
- break;
- case "Q":
- reviews(Q, $field, $order, $scid);
- break;
- case "R":
- reviews(R, $field, $order, $scid);
- break;
- case "S":
- reviews(S, $field, $order, $scid);
- break;
- case "T":
- reviews(T, $field, $order, $scid);
- break;
- case "U":
- reviews(U, $field, $order, $scid);
- break;
- case "V":
- reviews(V, $field, $order, $scid);
- break;
- case "W":
- reviews(W, $field, $order, $scid);
- break;
- case "X":
- reviews(X, $field, $order, $scid);
- break;
- case "Y":
- reviews(Y, $field, $order, $scid);
- break;
- case "Z":
- reviews(Z, $field, $order, $scid);
- break;
- case "1":
- reviews(1, $field, $order, $scid);
- break;
- case "2":
- reviews(2, $field, $order, $scid);
- break;
- case "3":
- reviews(3, $field, $order, $scid);
- break;
- case "4":
- reviews(4, $field, $order, $scid);
- break;
- case "5":
- reviews(5, $field, $order, $scid);
- break;
- case "6":
- reviews(6, $field, $order, $scid);
- break;
- case "7":
- reviews(7, $field, $order, $scid);
- break;
- case "8":
- reviews(8, $field, $order, $scid);
- break;
- case "9":
- reviews(9, $field, $order, $scid);
- break;
- case "show":
- show($rid, $cid, $page, $scid, $author, $author_email, $cover, $pagename, $content, $counter, $r_link, $r_link_title, $score);
- break;
- case "show_cats":
- show_cats();
- break;
- case "list_revs":
- list_revs($scid, $orderby, $page);
- break;
- case "list_sub_cats":
- list_sub_cats($cid);
- break;
- case "write_MReview":
- write_MReview($cid);
- break;
- case "preview_review":
- preview_review($date, $pagename, $MReview_content, $author, $author_email, $score, $cover, $r_link, $r_link_title, $counter, $rid, $cid, $scid);
- break;
- case "send_MReview":
- send_MReview($cid, $scid, $author, $author_email, $pagename, $MReview_content, $cover, $r_link, $r_link_title, $score);
- break;
- case "postcomment":
- postcomment($rid, $pagename);
- break;
- case "savecomment":
- savecomment($xanonpost, $uname, $rid, $score, $comments);
- break;
- case "del_comment":
- del_comment($com_id, $rid);
- break;
- default:
- show_cats();
- break;
- }
- include ("footer.php");
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement