diff options
| -rwxr-xr-x | includes/comments.php | 6 | ||||
| -rwxr-xr-x | includes/footer.php | 12 | ||||
| -rwxr-xr-x | includes/session.php | 18 | ||||
| -rwxr-xr-x | pages/admin.php | 2 | ||||
| -rwxr-xr-x | pages/post.php | 4 |
5 files changed, 30 insertions, 12 deletions
| diff --git a/includes/comments.php b/includes/comments.php index f1b8228..3a64321 100755 --- a/includes/comments.php +++ b/includes/comments.php | |||
| @@ -45,7 +45,7 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | |||
| 45 | { | 45 | { |
| 46 | if ($getcomments3[$i]['is_anon'] == 0) | 46 | if ($getcomments3[$i]['is_anon'] == 0) |
| 47 | { | 47 | { |
| 48 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 48 | $getuser = "SELECT * FROM phpbb_users WHERE user_id = " . $getcomments3[$i]['user_id']; |
| 49 | $getuser2 = mysql_query($getuser); | 49 | $getuser2 = mysql_query($getuser); |
| 50 | $getuser3 = mysql_fetch_array($getuser2); | 50 | $getuser3 = mysql_fetch_array($getuser2); |
| 51 | 51 | ||
| @@ -54,11 +54,11 @@ while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) | |||
| 54 | $website = $getuser3['user_website']; | 54 | $website = $getuser3['user_website']; |
| 55 | } else if ($getcomments3[$i]['is_anon'] == 1) | 55 | } else if ($getcomments3[$i]['is_anon'] == 1) |
| 56 | { | 56 | { |
| 57 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 57 | $getanon = "SELECT * FROM anon_commenters WHERE id = " . $getcomments3[$i]['user_id']; |
| 58 | $getanon2 = mysql_query($getanon); | 58 | $getanon2 = mysql_query($getanon); |
| 59 | $getanon3 = mysql_fetch_array($getanon2); | 59 | $getanon3 = mysql_fetch_array($getanon2); |
| 60 | 60 | ||
| 61 | if ($getanon3['username'] == $getcomments3[$i]['username']) | 61 | if ($getanon3['id'] == $getcomments3[$i]['user_id']) |
| 62 | { | 62 | { |
| 63 | $username = $getanon3['username'] . ' (Guest)'; | 63 | $username = $getanon3['username'] . ' (Guest)'; |
| 64 | $email = $getanon3['email']; | 64 | $email = $getanon3['email']; |
| diff --git a/includes/footer.php b/includes/footer.php index 77d161b..a37b438 100755 --- a/includes/footer.php +++ b/includes/footer.php | |||
| @@ -95,7 +95,7 @@ if (!isset($noRightbar)) | |||
| 95 | { | 95 | { |
| 96 | if ($getcomments3[$i]['is_anon'] == 0) | 96 | if ($getcomments3[$i]['is_anon'] == 0) |
| 97 | { | 97 | { |
| 98 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 98 | $getuser = "SELECT * FROM phpbb_users WHERE user_id = " . $getcomments3[$i]['user_id']; |
| 99 | $getuser2 = mysql_query($getuser); | 99 | $getuser2 = mysql_query($getuser); |
| 100 | $getuser3 = mysql_fetch_array($getuser2); | 100 | $getuser3 = mysql_fetch_array($getuser2); |
| 101 | 101 | ||
| @@ -103,11 +103,11 @@ if (!isset($noRightbar)) | |||
| 103 | $website = $getuser3['user_website']; | 103 | $website = $getuser3['user_website']; |
| 104 | } else if ($getcomments3[$i]['is_anon'] == 1) | 104 | } else if ($getcomments3[$i]['is_anon'] == 1) |
| 105 | { | 105 | { |
| 106 | $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; | 106 | $getanon = "SELECT * FROM anon_commenters WHERE id = " . $getcomments3[$i]['user_id']; |
| 107 | $getanon2 = mysql_query($getanon); | 107 | $getanon2 = mysql_query($getanon); |
| 108 | $getanon3 = mysql_fetch_array($getanon2); | 108 | $getanon3 = mysql_fetch_array($getanon2); |
| 109 | 109 | ||
| 110 | if ($getanon3['username'] == $getcomments3[$i]['username']) | 110 | if ($getanon3['id'] == $getcomments3[$i]['user_id']) |
| 111 | { | 111 | { |
| 112 | $username = $getanon3['username'] . ' (Guest)'; | 112 | $username = $getanon3['username'] . ' (Guest)'; |
| 113 | $website = $getanon3['website']; | 113 | $website = $getanon3['website']; |
| @@ -142,16 +142,16 @@ if (!isset($noRightbar)) | |||
| 142 | } | 142 | } |
| 143 | 143 | ||
| 144 | $users = array(); | 144 | $users = array(); |
| 145 | $getusers = "SELECT DISTINCT username FROM comments WHERE is_anon = 0"; | 145 | $getusers = "SELECT DISTINCT user_id FROM comments WHERE is_anon = 0"; |
| 146 | $getusers2 = mysql_query($getusers); | 146 | $getusers2 = mysql_query($getusers); |
| 147 | $i=0; | 147 | $i=0; |
| 148 | while ($getusers3[$i] = mysql_fetch_array($getusers2)) | 148 | while ($getusers3[$i] = mysql_fetch_array($getusers2)) |
| 149 | { | 149 | { |
| 150 | $getcount = "SELECT COUNT(*) FROM comments WHERE username = \"" . $getusers3[$i]['username'] . "\""; | 150 | $getcount = "SELECT COUNT(*) FROM comments WHERE user_id = " . $getusers3[$i]['user_id']; |
| 151 | $getcount2 = mysql_query($getcount); | 151 | $getcount2 = mysql_query($getcount); |
| 152 | $getcount3 = mysql_fetch_array($getcount2); | 152 | $getcount3 = mysql_fetch_array($getcount2); |
| 153 | 153 | ||
| 154 | $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getusers3[$i]['username'] . "\""; | 154 | $getuser = "SELECT * FROM phpbb_users WHERE user_id = " . $getusers3[$i]['user_id']; |
| 155 | $getuser2 = mysql_query($getuser); | 155 | $getuser2 = mysql_query($getuser); |
| 156 | $getuser3 = mysql_fetch_array($getuser2); | 156 | $getuser3 = mysql_fetch_array($getuser2); |
| 157 | 157 | ||
| diff --git a/includes/session.php b/includes/session.php index 19ad24e..94c919a 100755 --- a/includes/session.php +++ b/includes/session.php | |||
| @@ -38,6 +38,24 @@ function getSessionID() | |||
| 38 | return false; | 38 | return false; |
| 39 | } | 39 | } |
| 40 | 40 | ||
| 41 | function getSessionUserID() | ||
| 42 | { | ||
| 43 | $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\""; | ||
| 44 | $getconfig2 = mysql_query($getconfig); | ||
| 45 | $getconfig3 = mysql_fetch_array($getconfig2); | ||
| 46 | |||
| 47 | if (isset($_COOKIE[$getconfig3['config_value'] . '_sid'])) | ||
| 48 | { | ||
| 49 | $getsession = "SELECT * FROM phpbb_sessions WHERE session_id LIKE \"" . mysql_real_escape_string($_COOKIE[$getconfig3['config_value'] . '_sid']) . "\""; | ||
| 50 | $getsession2 = mysql_query($getsession) or die($getsession); | ||
| 51 | $getsession3 = mysql_fetch_array($getsession2); | ||
| 52 | |||
| 53 | return $getsession3['session_user_id']; | ||
| 54 | } | ||
| 55 | |||
| 56 | return false; | ||
| 57 | } | ||
| 58 | |||
| 41 | function getSessionUsername() | 59 | function getSessionUsername() |
| 42 | { | 60 | { |
| 43 | $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\""; | 61 | $getconfig = "SELECT * FROM phpbb_config WHERE config_name LIKE \"cookie_name\""; |
| diff --git a/pages/admin.php b/pages/admin.php index fda03c3..12a2d01 100755 --- a/pages/admin.php +++ b/pages/admin.php | |||
| @@ -563,7 +563,7 @@ if (isLoggedIn()) | |||
| 563 | $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; | 563 | $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; |
| 564 | $insanon2 = mysql_query($insanon); | 564 | $insanon2 = mysql_query($insanon); |
| 565 | 565 | ||
| 566 | $inscomment = "INSERT INTO comments (page_id,username,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\",1)"; | 566 | $inscomment = "INSERT INTO comments (page_id,user_id,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\"," . mysql_insert_id() . ",\"" . $getcomment3['comment'] . "\",1)"; |
| 567 | $inscomment2 = mysql_query($inscomment); | 567 | $inscomment2 = mysql_query($inscomment); |
| 568 | 568 | ||
| 569 | $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; | 569 | $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; |
| diff --git a/pages/post.php b/pages/post.php index 7d6dd08..87413e8 100755 --- a/pages/post.php +++ b/pages/post.php | |||
| @@ -56,7 +56,7 @@ if (!isset($_GET['id'])) | |||
| 56 | { | 56 | { |
| 57 | if ($getanon3['email'] == $_POST['email']) | 57 | if ($getanon3['email'] == $_POST['email']) |
| 58 | { | 58 | { |
| 59 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . $_POST['username'] . "\", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; | 59 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . $getanon3['id'] . ", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; |
| 60 | $setcomment2 = mysql_query($setcomment); | 60 | $setcomment2 = mysql_query($setcomment); |
| 61 | 61 | ||
| 62 | $page_id = $_GET['id']; | 62 | $page_id = $_GET['id']; |
| @@ -84,7 +84,7 @@ if (!isset($_GET['id'])) | |||
| 84 | } | 84 | } |
| 85 | } | 85 | } |
| 86 | } else { | 86 | } else { |
| 87 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . getSessionUsername() . "\", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; | 87 | $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", user_id = " . getSessionUserID() . ", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; |
| 88 | $setcomment2 = mysql_query($setcomment); | 88 | $setcomment2 = mysql_query($setcomment); |
| 89 | 89 | ||
| 90 | mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); | 90 | mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); |