-
Notifications
You must be signed in to change notification settings - Fork 7
/
comment.php
98 lines (87 loc) · 3.81 KB
/
comment.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
/////////////////////////////////////////////////////////////////////////////////////
// xbtit - Bittorrent tracker/frontend
//
// Copyright (C) 2004 - 2019 Btiteam
//
// This file is part of xbtit.
//
// Redistribution and use in source and binary forms, with or without modification,
// are permitted provided that the following conditions are met:
//
// 1. Redistributions of source code must retain the above copyright notice,
// this list of conditions and the following disclaimer.
// 2. Redistributions in binary form must reproduce the above copyright notice,
// this list of conditions and the following disclaimer in the documentation
// and/or other materials provided with the distribution.
// 3. The name of the author may not be used to endorse or promote products
// derived from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
// WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
// MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
// IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
// TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
// PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
// LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
// NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
// EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
//
////////////////////////////////////////////////////////////////////////////////////
if (!defined('IN_BTIT')) {
die('non direct access!');
}
if (!$CURUSER || $CURUSER['uid'] == 1) {
stderr($language['ERROR'], $language['ONLY_REG_COMMENT']);
}
$comment = $_POST['comment'];
$id = $_GET['id'];
if ($_GET['cid']) {
$cid = ((int) $_GET['cid']);
} else {
$cid = 0;
}
if ($_GET['action']) {
if ($CURUSER['delete_torrents'] === 'yes' && $_GET['action'] === 'delete') {
do_sqlquery("DELETE FROM {$TABLE_PREFIX}comments WHERE id=$cid", true);
redirect("index.php?page=torrent-details&id=$id#comments");
exit;
}
}
$tpl_comment = new bTemplate();
$tpl_comment->set('language', $language);
$tpl_comment->set('comment_id', $id);
$tpl_comment->set('comment_username', $CURUSER['username']);
$tpl_comment->set('comment_comment', textbbcode('comment', 'comment', htmlspecialchars(unesc($comment))));
if ($_POST['info_hash']) {
if ($_POST['confirm'] === $language['FRM_CONFIRM']) {
$comment = addslashes($_POST['comment']);
$user = addslashes($CURUSER['username']);
if ($user === '') {
$user = 'Anonymous';
}
if (empty($comment)) {
stderr($language['ERROR'], $language['ERR_COMMENT_EMPTY']);
exit();
} else {
do_sqlquery("INSERT INTO {$TABLE_PREFIX}comments (added,text,ori_text,user,info_hash) VALUES (NOW(),\"$comment\",\"$comment\",\"$user\",\"".mysqli_query($GLOBALS['conn'], stripslashes($_POST['info_hash'])).'")', true);
redirect('index.php?page=torrent-details&id='.stripslashes($_POST['info_hash']).'#comments');
die();
}
}
// Comment preview by miskotes
//############################
if ($_POST['confirm'] === $language['FRM_PREVIEW']) {
$tpl_comment->set('PREVIEW', true, true);
$tpl_comment->set('comment_preview', set_block($language['COMMENT_PREVIEW'], 'center', format_comment($comment), false));
//####################
// Comment preview end
} else {
redirect('index.php?page=torrent-details&id='.stripslashes($_POST['info_hash']).'#comments');
die();
}
} else {
$tpl_comment->set('PREVIEW', false, true);
}
?>