From 9ba37f4643f825052c002bda16884ccc73f57ebc Mon Sep 17 00:00:00 2001 From: Starla Insigna Date: Mon, 5 Jan 2009 18:33:23 -0500 Subject: Improved anonymous commenting There was a bug where, if an anonymous commenter used a username that was being used by an actual member, Four Island would think the anonymous commentor was actually the member. --- includes/comments.php | 13 ++++++----- includes/footer.php | 65 +++++++++++++++++++++------------------------------ pages/admin.php | 8 ++----- pages/post.php | 4 ++-- 4 files changed, 37 insertions(+), 53 deletions(-) diff --git a/includes/comments.php b/includes/comments.php index d405279..f1b8228 100755 --- a/includes/comments.php +++ b/includes/comments.php @@ -43,16 +43,17 @@ $getcomments2 = mysql_query($getcomments) or die($getcomments); $i=0; while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) { - $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - - if ($getuser3['username'] == $getcomments3[$i]['username']) + if ($getcomments3[$i]['is_anon'] == 0) { + $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + $username = $getuser3['username']; $email = $getuser3['user_email']; $website = $getuser3['user_website']; - } else { + } else if ($getcomments3[$i]['is_anon'] == 1) + { $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; $getanon2 = mysql_query($getanon); $getanon3 = mysql_fetch_array($getanon2); diff --git a/includes/footer.php b/includes/footer.php index 0a93ae9..77d161b 100755 --- a/includes/footer.php +++ b/includes/footer.php @@ -93,26 +93,26 @@ if (!isset($noRightbar)) $i=0; while ($getcomments3[$i] = mysql_fetch_array($getcomments2)) { - $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - - if ($getuser3['username'] == $getcomments3[$i]['username']) - { - $username = $getuser3['username']; - $website = $getuser3['user_website']; - } else { - $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; - $getanon2 = mysql_query($getanon); - $getanon3 = mysql_fetch_array($getanon2); - - if ($getanon3['username'] == $getcomments3[$i]['username']) - { - $username = $getanon3['username'] . ' (Guest)'; - $website = $getanon3['website']; - } - } - + if ($getcomments3[$i]['is_anon'] == 0) + { + $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomments3[$i]['username'] . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); + + $username = $getuser3['username']; + $website = $getuser3['user_website']; + } else if ($getcomments3[$i]['is_anon'] == 1) + { + $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getcomments3[$i]['username'] . "\""; + $getanon2 = mysql_query($getanon); + $getanon3 = mysql_fetch_array($getanon2); + + if ($getanon3['username'] == $getcomments3[$i]['username']) + { + $username = $getanon3['username'] . ' (Guest)'; + $website = $getanon3['website']; + } + } if (strpos($getcomments3[$i]['page_id'], 'updates') !== FALSE) { @@ -142,7 +142,7 @@ if (!isset($noRightbar)) } $users = array(); - $getusers = "SELECT DISTINCT username FROM comments"; + $getusers = "SELECT DISTINCT username FROM comments WHERE is_anon = 0"; $getusers2 = mysql_query($getusers); $i=0; while ($getusers3[$i] = mysql_fetch_array($getusers2)) @@ -151,25 +151,12 @@ if (!isset($noRightbar)) $getcount2 = mysql_query($getcount); $getcount3 = mysql_fetch_array($getcount2); - $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getusers3[$i]['username'] . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - - if ($getuser3['username'] == $getusers3[$i]['username']) - { - $username = $getuser3['username']; - $website = $getuser3['user_website']; - } else { - $getanon = "SELECT * FROM anon_commenters WHERE username = \"" . $getusers3[$i]['username'] . "\""; - $getanon2 = mysql_query($getanon); - $getanon3 = mysql_fetch_array($getanon2); + $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getusers3[$i]['username'] . "\""; + $getuser2 = mysql_query($getuser); + $getuser3 = mysql_fetch_array($getuser2); - if ($getanon3['username'] == $getusers3[$i]['username']) - { - $username = $getanon3['username'] . ' (Guest)'; - $website = $getanon3['website']; - } - } + $username = $getuser3['username']; + $website = $getuser3['user_website']; $name = (($website != '') ? '' . $username . '' : $username); $users[] = array('name' => $name, 'count' => $getcount3['COUNT(*)']); diff --git a/pages/admin.php b/pages/admin.php index 60bc73d..fda03c3 100755 --- a/pages/admin.php +++ b/pages/admin.php @@ -539,14 +539,10 @@ if (isLoggedIn()) if ($getcomment3['id'] == $_GET['id']) { - $getuser = "SELECT * FROM phpbb_users WHERE username = \"" . $getcomment3['author'] . "\""; - $getuser2 = mysql_query($getuser); - $getuser3 = mysql_fetch_array($getuser2); - $template = new FITemplate('admin/viewComment'); $template->add('ID', $_GET['id']); $template->add('USERNAME', $getcomment3['author']); - $template->add('CODEDEMAIL', md5(strtolower($getuser3['user_email']))); + $template->add('CODEDEMAIL', md5(strtolower($getcomment3['email']))); $template->add('TEXT', parseText($getcomment3['comment'])); $template->add('DATE', date("F dS Y \a\\t g:i:s a",strtotime($getcomment3['pubDate']))); } else { @@ -567,7 +563,7 @@ if (isLoggedIn()) $insanon = "INSERT INTO anon_commenters (username,email,website) VALUES (\"" . $getcomment3['author'] . "\",\"" . $getcomment3['email'] . "\",\"" . $getcomment3['website'] . "\")"; $insanon2 = mysql_query($insanon); - $inscomment = "INSERT INTO comments (page_id,username,comment) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\")"; + $inscomment = "INSERT INTO comments (page_id,username,comment,is_anon) VALUES (\"" . $getcomment3['page_id'] . "\",\"" . $getcomment3['author'] . "\",\"" . $getcomment3['comment'] . "\",1)"; $inscomment2 = mysql_query($inscomment); $delcomment = "DELETE FROM moderation WHERE id = " . $getcomment3['id']; diff --git a/pages/post.php b/pages/post.php index 48239cf..7d6dd08 100755 --- a/pages/post.php +++ b/pages/post.php @@ -56,7 +56,7 @@ if (!isset($_GET['id'])) { if ($getanon3['email'] == $_POST['email']) { - $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . $_POST['username'] . "\", comment = \"" . $_POST['comment'] . "\""; + $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . $_POST['username'] . "\", comment = \"" . $_POST['comment'] . "\", is_anon = 1"; $setcomment2 = mysql_query($setcomment); $page_id = $_GET['id']; @@ -84,7 +84,7 @@ if (!isset($_GET['id'])) } } } else { - $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . getSessionUsername() . "\", comment = \"" . $_POST['comment'] . "\""; + $setcomment = "INSERT INTO comments SET page_id = \"" . $_GET['id'] . "\", username = \"" . getSessionUsername() . "\", comment = \"" . $_POST['comment'] . "\", is_anon = 0"; $setcomment2 = mysql_query($setcomment); mail('hatkirby@fourisland.com', 'New comment on Four Island!', getSessionUsername() . ' has posted a comment on Four Island under the "page id" ' . $_GET['id']); -- cgit 1.4.1