|
1
|
|
|
<?php declare(strict_types=1); |
|
2
|
|
|
|
|
3
|
|
|
use Smr\Database; |
|
4
|
|
|
use Smr\Epoch; |
|
5
|
|
|
use Smr\Pages\Admin\AlbumModerate; |
|
6
|
|
|
use Smr\Request; |
|
7
|
|
|
|
|
8
|
|
|
try { |
|
9
|
|
|
require_once('../../bootstrap.php'); |
|
10
|
|
|
require_once(LIB . 'Album/album_functions.php'); |
|
11
|
|
|
|
|
12
|
|
|
$session = Smr\Session::getInstance(); |
|
13
|
|
|
|
|
14
|
|
|
if (!$session->hasAccount()) { |
|
15
|
|
|
create_error('You need to be logged in to post comments!'); |
|
16
|
|
|
} |
|
17
|
|
|
|
|
18
|
|
|
$album_id = Request::getInt('album_id', 0); |
|
19
|
|
|
if ($album_id <= 0) { |
|
20
|
|
|
create_error('Whose album do you want to comment on?'); |
|
21
|
|
|
} |
|
22
|
|
|
|
|
23
|
|
|
$account = $session->getAccount(); |
|
24
|
|
|
|
|
25
|
|
|
$action = Request::get('action'); |
|
26
|
|
|
if ($action == 'Moderate') { |
|
27
|
|
|
if (!$account->hasPermission(PERMISSION_MODERATE_PHOTO_ALBUM)) { |
|
28
|
|
|
create_error('You do not have permission to do that!'); |
|
29
|
|
|
} |
|
30
|
|
|
$container = new AlbumModerate($album_id); |
|
31
|
|
|
|
|
32
|
|
|
$href = $container->href(true); |
|
33
|
|
|
$session->update(); |
|
34
|
|
|
|
|
35
|
|
|
header('Location: ' . $href); |
|
36
|
|
|
exit; |
|
37
|
|
|
} |
|
38
|
|
|
|
|
39
|
|
|
$db = Database::getInstance(); |
|
40
|
|
|
|
|
41
|
|
|
$comment = Request::get('comment'); |
|
42
|
|
|
if (empty($comment)) { |
|
43
|
|
|
create_error('Please enter a comment.'); |
|
44
|
|
|
} |
|
45
|
|
|
|
|
46
|
|
|
// get current time |
|
47
|
|
|
$curr_time = Epoch::time(); |
|
48
|
|
|
|
|
49
|
|
|
$comment = word_filter($comment); |
|
50
|
|
|
$account->sendMessageToBox(BOX_ALBUM_COMMENTS, $comment); |
|
51
|
|
|
|
|
52
|
|
|
// check if we have comments for this album already |
|
53
|
|
|
$db->lockTable('album_has_comments'); |
|
54
|
|
|
|
|
55
|
|
|
$dbResult = $db->read('SELECT IFNULL(MAX(comment_id)+1, 0) AS next_comment_id FROM album_has_comments WHERE album_id = ' . $db->escapeNumber($album_id)); |
|
56
|
|
|
$comment_id = $dbResult->record()->getInt('next_comment_id'); |
|
57
|
|
|
|
|
58
|
|
|
$db->insert('album_has_comments', [ |
|
59
|
|
|
'album_id' => $db->escapeNumber($album_id), |
|
60
|
|
|
'comment_id' => $db->escapeNumber($comment_id), |
|
61
|
|
|
'time' => $db->escapeNumber($curr_time), |
|
62
|
|
|
'post_id' => $db->escapeNumber($account->getAccountID()), |
|
63
|
|
|
'msg' => $db->escapeString($comment), |
|
64
|
|
|
]); |
|
65
|
|
|
$db->unlock(); |
|
66
|
|
|
|
|
67
|
|
|
header('Location: /album/?nick=' . urlencode(get_album_nick($album_id))); |
|
68
|
|
|
} catch (Throwable $e) { |
|
69
|
|
|
handleException($e); |
|
|
|
|
|
|
70
|
|
|
} |
|
71
|
|
|
|
smrealms /
smr
page
Loading history...