Project

General

Profile

1
<?php
2
/**
3
 *
4
 * @category        modules
5
 * @package         news
6
 * @author          WebsiteBaker Project
7
 * @copyright       Website Baker Org. e.V.
8
 * @link            http://websitebaker.org/
9
 * @license         http://www.gnu.org/licenses/gpl.html
10
 * @platform        WebsiteBaker 2.8.x
11
 * @requirements    PHP 5.3.6 and higher
12
 * @version         $Id: comment_page.php 2 2017-07-02 15:14:29Z Manuela $
13
 * @filesource      $HeadURL: svn://isteam.dynxs.de/wb/2.10.x/trunk/modules/news/comment_page.php $
14
 * @lastmodified    $Date: 2017-07-02 17:14:29 +0200 (Sun, 02 Jul 2017) $
15
 *
16
 */
17
/* -------------------------------------------------------- */
18
// Must include code to stop this file being accessed directly
19
if(!defined('WB_PATH')) {
20
    require_once(dirname(dirname(dirname(__FILE__))).'/framework/globalExceptionHandler.php');
21
    throw new IllegalFileException();
22
}
23
// check if module language file exists for the language set by the user (e.g. DE, EN)
24
$sAddonName = basename(__DIR__);
25
require(WB_PATH .'/modules/'.$sAddonName.'/languages/EN.php');
26
if(file_exists(WB_PATH .'/modules/'.$sAddonName.'/languages/'.LANGUAGE .'.php')) {
27
    require(WB_PATH .'/modules/'.$sAddonName.'/languages/'.LANGUAGE .'.php');
28
}
29

    
30
$sRecallAddress = WB_URL.PAGES_DIRECTORY.$GLOBALS['wb']->page['link'].PAGE_EXTENSION;
31

    
32
require_once(WB_PATH.'/include/captcha/captcha.php');
33
// Get comments page template details from db
34
$query_settings = $database->query(
35
"SELECT `comments_page`, `use_captcha`, `commenting` FROM `".TABLE_PREFIX."mod_news_settings` WHERE `section_id` = '".SECTION_ID."'"
36
);
37
if($query_settings->numRows() == 0)
38
{
39
    header("Location: ".$sRecallAddress."");
40
    exit( 0 );
41
}
42
else
43
{
44
    $settings = $query_settings->fetchRow( MYSQLI_ASSOC );
45

    
46
    // Print comments page
47
    $vars = array('[POST_TITLE]','[TEXT_COMMENT]');
48
    $values = array(POST_TITLE, $MOD_NEWS['TEXT_COMMENT']);
49
    echo str_replace($vars, $values, ($settings['comments_page']));
50
    if( isset($_SESSION['message']) ){
51
       echo '<p class="warning">'.implode('<br />',$_SESSION['message']).'</p>';
52
       unset($_SESSION['message']);
53
    }
54

    
55
?>
56
    <form id="news-wrapper" name="comment" action="<?php echo WB_URL.'/modules/'.basename(__DIR__).'/submit_comment.php' ?>" method="post">
57
      <input type="hidden" name="page_id" value="<?php echo PAGE_ID ;?>" />
58
      <input type="hidden" name="section_id" value="<?php echo SECTION_ID ;?>" />
59
      <input type="hidden" name="post_id" value="<?php echo POST_ID ;?>" />
60
      <input type="hidden" name="redirect" value="<?php echo $sRecallAddress ;?>" />
61
      <?php echo $wb->getFTAN(); ?>
62
    <?php if(ENABLED_ASP) { // add some honeypot-fields
63
    ?>
64
    <input type="hidden" name="submitted_when" value="<?php $t=time(); echo $t; $_SESSION['submitted_when']=$t; ?>" />
65
    <p class="nixhier">
66
    email address:
67
    <label for="email">Leave this field email blank:</label>
68
    <input id="email" name="email" size="60" value="" /><br />
69
    Homepage:
70
    <label for="homepage">Leave this field homepage blank:</label>
71
    <input id="homepage" name="homepage" size="60" value="" /><br />
72
    URL:
73
    <label for="url">Leave this field url blank:</label>
74
    <input id="url" name="url" size="60" value="" /><br />
75
    Comment:
76
    <label for="comment">Leave this field comment blank:</label>
77
    <input id="comment" name="comment" size="60" value="" /><br />
78
    </p>
79
    <?php }
80
    echo $TEXT['TITLE']; ?>:
81
    <br />
82
    <input type="text" name="title" maxlength="255" style="width: 90%;"<?php if(isset($_SESSION['comment_title'])) { echo ' value="'.$_SESSION['comment_title'].'"'; unset($_SESSION['comment_title']); } ?> />
83
    <br /><br />
84
    <?php echo $TEXT['COMMENT']; 
85
    ?>:
86
    <br />
87
    <?php if(ENABLED_ASP) { ?>
88
        <textarea name="comment_<?php echo date('W'); ?>" rows="10" cols="1" style="width: 90%; height: 150px;"><?php if(isset($_SESSION['comment_body'])) { echo $_SESSION['comment_body']; unset($_SESSION['comment_body']); } ?></textarea>
89
    <?php } else { ?>
90
        <textarea name="comment" rows="10" cols="1" style="width: 90%; height: 150px;"><?php if(isset($_SESSION['comment_body'])) { echo $_SESSION['comment_body']; unset($_SESSION['comment_body']); } ?></textarea>
91
    <?php } ?>
92
    <br /><br />
93
    <?php
94
    if(isset($_SESSION['captcha_error'])) {
95
        echo '<font color="#FF0000">'.$_SESSION['captcha_error'].'</font><br />';
96
        $_SESSION['captcha_retry_news'] = true;
97
    }
98
    // Captcha
99
    if($settings['use_captcha']) {
100
    ?>
101
    <table>
102
    <tr>
103
        <td><?php echo $TEXT['VERIFICATION']; ?>:</td>
104
        <td><?php call_captcha(); ?></td>
105
    </tr>
106
    </table>
107
    <?php
108
    if(isset($_SESSION['captcha_error'])) {
109
        unset($_SESSION['captcha_error']);
110
        ?><script>document.comment.captcha.focus();</script><?php
111
    }?>
112
    <?php
113
    }
114
    ?>
115
    <table class="news-table">
116
    <tr>
117
        <td>
118
            <input type="submit" name="submit" value="<?php echo $MOD_NEWS['TEXT_ADD_COMMENT']; ?>" />
119
        </td>
120
        <td>
121
            <input type="submit" value="<?php echo $TEXT['CANCEL']; ?>" name="cancel"  />
122
        </td>
123
    </tr>
124
    </table>
125
    </form>
126
    <?php
127
}
(8-8/36)