Code: Select all
#
#---------------SQL----------------------------------------------------------------
#
ALTER TABLE `phpwcms_guestbook` ADD `guestbook_comment` TEXT AFTER `guestbook_url` ;
Code: Select all
#
#---------------FIND---------------------------------------------------------------
#
if(intval($_GET['del'])) {
$sql = "UPDATE ".DB_PREPEND."phpwcms_guestbook SET ";
$sql .= "guestbook_trashed=9 WHERE guestbook_cid=";
$sql .= intval($_GET['cid'])." AND guestbook_id=".intval($_GET['del']);
$sql .= " LIMIT 1;";
mysql_query($sql, $db);
}
#
#---------------ADD AFTER-------------------------------------------------------
#
if(isset($_POST["add_comment"])) {
$sql = "UPDATE ".DB_PREPEND."phpwcms_guestbook SET ";
$sql .= "guestbook_comment='".getpostvar($_POST['cguestbook_comment'])."' WHERE guestbook_cid=";
$sql .= intval($_POST['cid'])." AND guestbook_id=".intval($_POST['guestbook_id']);
mysql_query($sql, $db);
}
#
#---------------FIND---------------------------------------------------------------
#
$sql .= intval($_GET['cid'])." AND guestbook_trashed=0 ORDER BY guestbook_created DESC;";
#
#---------------REPLACE WITH---------------------------------------------------
#
$sql .= intval($_GET['cid'])." AND guestbook_trashed=0 OR guestbook_cid=".intval($_POST['cid'])." AND guestbook_trashed=0 ORDER BY guestbook_created DESC;";
#
#---------------FIND---------------------------------------------------------------
#
if($row['guestbook_msg']) {
echo '<br />'.htmlspecialchars($row['guestbook_msg']);
}
#
#---------------ADD AFTER-------------------------------------------------------
#
if($row['guestbook_comment']) {
echo '<br /><form action="act_guestbook.php" method="post"><input type="hidden" name="add_comment" value="10"><input type="hidden" name="cid" value="'.$row['guestbook_cid'].'"><input type="hidden" name="guestbook_id" value="'.$row['guestbook_id'].'"><textarea rows="2" cols="40" name="cguestbook_comment" wrap="VIRTUAL">'.htmlspecialchars($row['guestbook_comment']).'</textarea><input type="image" src="../../img/button/edit_22x11.gif" value="submit"></form>';
}
else{
echo '<br /><form action="act_guestbook.php" method="post"><input type="hidden" name="add_comment" value="1"><input type="hidden" name="cid" value="'.$row['guestbook_cid'].'"><input type="hidden" name="guestbook_id" value="'.$row['guestbook_id'].'"><textarea rows="2" cols="40" name="cguestbook_comment" wrap="VIRTUAL">'.htmlspecialchars($row['guestbook_comment']).'</textarea><input type="image" src="../../img/button/edit_22x11.gif" value="submit"></form>';
}
Code: Select all
#
#---------------FIND---------------------------------------------------------------
#
$guestbook['c'] = str_replace('###URL###', html_specialchars($guestbook['row']['guestbook_url']), $guestbook['c']);
#
#---------------ADD AFTER-------------------------------------------------------
#
$guestbook['c'] = str_replace('###COMMENT###', html_specialchars($guestbook['row']['guestbook_comment']), $guestbook['c']);
$guestbook['comment_replace'] = ($guestbook['row']['guestbook_comment']) ? '<p style="margin-left:20px"><b>$1:</b> '.html_specialchars($guestbook['row']['guestbook_comment']).'</p>' : '';
$guestbook['c'] = preg_replace('/###COMMENT:(.*)###/', $guestbook['comment_replace'], $guestbook['c']);