set_noindex(true); if (!USERID) { $smarty->assign("error","You must be logged in as a registered user to comment on a Bike."); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt"); die(); } $bike_id = nBase::get_value("bike_id", $_GET, $_POST, 0, 1); $comment_id = nBase::get_value("comment_id", $_GET, $_POST, 0, 1); $type = nBase::get_value("type", $_GET, NULL, 'new'); if ($comment_id) { $comment = db_get_comment($comment_id); if (!$comment) { $smarty->assign("error","Comment cannot be edited"); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt"); die(); } } else { $comment->comment_id = 0; $comment->bike_id = $bike_id; $comment->user_id = USERID; } if ($type == 'report') { $message = "Reporting on Comment id $comment->comment_id
BY ".USERNAME."
COMMENT URL: " . URL . "/gallery/bikes.php?bike_id=$comment->bike_id
$comment->comment"; mail("webmaster@oppracing.com","OPP Gallery Comment Report",$message,"From: \"OPP Mailer\" "); $smarty->assign("message","A report has been sent to the administrator on that comment.
Thank you for bringing it to our attention.
Return to bike"); } else if ($type == 'remove') { if ($comment->user_id != USERID || !ISADMIN) { $smarty->assign("error","You can not remove a comment that does not belong to you."); } else { $submit = nBase::get_value("submit", $_GET, NULL, false); if ($submit) { db_remove_comment($comment_id); $smarty->assign("message","Comment was removed from the system
Return to bike"); } else { // CONFIRMATION $smarty->assign("comment",$comment); $smarty->assign("page_tpl",TEMPLATE_DIR . "gallery/comment_delete_conf.tpl.smrt"); } } } else { if (!ISADMIN && $comment->comment_id && $comment->user_id != USERID) { $smarty->assign("error","You can not update a comment that does not belong to you."); } else { $submit = nBase::get_value("submit", $_POST, NULL, false); if ($submit) { $comment->comment = nBase::get_value("mycomment", $_POST, NULL, "", false, false, 'xss'); $banned_word_list = db_get_banned_words(); $error = validate_words($comment->comment, "Comment",$banned_word_list); if (!$error) { db_save_comment($comment); $smarty->assign("message","Comment has been updated/added. All comments must go under review before being displayed.
Return to bike"); $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt"); die(); } else { $comment->comment = stripslashes($comment->comment); $smarty->assign("error",$error); } } $smarty->assign("comment",$comment); $smarty->assign("page_tpl",TEMPLATE_DIR . "gallery/comment.tpl.smrt"); } } $smarty->display(TEMPLATE_DIR . "gallery_template.tpl.smrt");