my $action = $query->{action} || 'index';
my $id = $query->{id} || '';
my $title = $query->{title} || 'Comments';
my $showTitle = $query->{showtitle} || 'yes';
if ($action eq 'index') {
if ($showTitle ne 'no') {
$root->{content} = "$title
\n\n";
}
else {
$root->{content} = "";
}
# Get the comments on this.
my @comments = &getPageComments($id);
if (scalar(@comments)) {
my $ln = 0;
foreach my $line (@comments) {
my ($ip,$time,$name,$msg) = split(/<>/, $line, 4);
my $stamp = &timeFormat('Weekday, Month dd yyyy @ H:mm:ss AM', $time);
# Get an avatar.
my $avatar = "{conf}->{site}->{public}/avatars/user_guest.png\" "
. "width=\"100\" height=\"100\" alt=\"Guest\">
\n"
. "guest\n";
my $intro = "Posted by somebody\n\n";
if ($name =~ /^guest:/i) {
$name =~ s/^guest://i;
$intro = "Posted by $name (Guest)
\n\n";
}
else {
&readUser($name) unless exists $root->{users}->{$name};
my $nick = $name;
my $pos = $root->{conf}->{powers}->{$root->{users}->{$name}->{power}};
if (&userExists($name)) {
$nick = &getNickname($name);
}
$intro = "Posted by "
. "$nick ($pos)
\n\n";
# Do they have an avatar?
if (length $root->{users}->{$name}->{avatar} > 0) {
$avatar = ""
. "{users}->{$name}->{avatar}\" width=\"100\" "
. "height=\"100\" alt=\"$nick\">
\n"
. "$name\n";
}
else {
$avatar = ""
. "{conf}->{site}->{public}/avatars/"
. "user_guest.png\" width=\"100\" "
. "height=\"100\" alt=\"$nick\">
\n"
. "$name\n";
}
}
$root->{content} .= "
\n"
. "
\n"
. "$avatar"
. "
\n"
. "
$stamp\n"
. "$intro"
. "$msg\n";
if ($root->{auth}) {
if (&isAdmin($root->{me})) {
$root->{content} .= "
\n"
. "
["
. "delete]\n";
}
}
$root->{content} .= "
\n
\n";
$ln++;
}
}
else {
$root->{content} .= "Nobody has commented on this page yet. Why not "
. "be the first?\n\n";
}
$root->{content} .= "Leave a Comment
\n\n"
. "\n";
}
elsif ($action eq 'save') {
my $name = $query->{name} || 'Anonymous';
my $msg = $query->{message} || '';
my $trap1 = $query->{email} || '';
my $trap2 = $query->{url} || '';
my $trap3 = $query->{comment} || '';
my $denied = 0;
if ($trap1 ne '') {
$denied++;
}
if ($trap2 ne 'http://') {
$denied++;
}
if ($trap3 ne '') {
$denied++;
}
if (length $msg == 0) {
$denied++;
}
if ($denied) {
$root->{content} = "Comment Denied
\n\n"
. "Your comment wasn't acceptible. Please try again.";
return 1;
}
# Filter the message.
$msg =~ s~&~&~ig;
$msg =~ s~<~<~ig;
$msg =~ s~>~>~ig;
$name =~ s~&~&~ig;
$name =~ s~<~<~ig;
$name =~ s~>~>~ig;
# Handle newlines.
$msg =~ s~\x0a~
~ig;
$msg =~ s~\x0d~~ig;
$name =~ s~[\x0d\x0a]~~ig;
# Logged in?
if ($root->{auth} == 1) {
$name = $root->{me};
}
else {
$name = "guest:$name";
}
# Add the comment.
&addPageComment($id,
name => $name,
message => $msg,
);
# Attempt to get us a link back to where we came.
my $link = "\$link:page.comments;id=$id";
if ($id =~ /^photos/i) {
my ($page,$album,$pic) = split(/\-/, $id, 3);
$link = "\$link:photos;album=$album;pic=$pic";
}
elsif ($id =~ /^guestbook/i) {
$link = "\$link:guestbook";
}
$root->{content} = "Comment Posted
\n\n"
. "Your comment has been posted. "
. "Go back to the page you were on.";
# Send an e-mail to the site administrator.
use Mail::Sendmail;
$msg =~ s/
/\n/g;
my %smtp = (
Smtp => $root->{conf}->{mail}->{server},
From => "Starburst Comments <$root->{conf}->{mail}->{from}>",
To => $root->{conf}->{site}->{webmaster},
Subject => "New Page Comment: $id",
Message => "Dear $root->{conf}->{site}->{title} Administrator:\n\n"
. "A new comment, written by $name, has been posted to your "
. "page or picture.\n\n"
. "---\n"
. "$msg\n"
. "---\n\n"
. "Click the link below to view this entry and the new comment:\n"
. "http://$ENV{SERVER_NAME}/?p=page.comments;id=$id\n\n"
. "Note: this message was automatically generated. Do not reply "
. "to this e-mail.",
);
sendEmail(%smtp);
}
elsif ($action eq 'delete') {
$root->{content} = "Delete Comments
\n\n";
my $line = (defined $query->{line} ? $query->{line} : '');
# Make sure we have permission.
if ($root->{auth} && &isAdmin($root->{me})) {
if (length $line > 0) {
# Request this line to be deleted.
&deletePageComment($id,$line);
$root->{content} = "Comment Deleted
\n\n"
. "DO NOT REFRESH THIS PAGE. The comment on line $line "
. "has been deleted. "
. "Back to Entry.";
}
else {
$root->{content} = "Unknown Line
\n\n"
. "No valid comment entry was given.";
}
}
else {
$root->{content} = "Access Denied
\n\n"
. "You do not have permission to delete this comment.";
}
}