comments-class
commentUser.class.php
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
<?php
class CommentUser {
private $id;
private $name;
private $email;
private $website;
private $anoniem;
private $userPage; //link die naar de gebruikers homepage wijst;
private $errors;
private $rechten;
//1 == admin (toevoegen, alle bewerken, alle verwijderen)
//2 == user (toevoegen, eigen bewerken, eigen verwijderen) (== ingelogd)
//3 == anonieme gebruiker (toevoegen)
function __construct($id = null, $name = "", $email = "", $website = "", $rechten = 3, $userPage = null) {
$this->id = $id;
$this->name = $name;
$this->email = $email;
$this->website = $website;
$this->userPage = $userPage;
if($rechten < 1 || $rechten > 3) $this->rechten = 3; else $this->rechten = $rechten;
if($this->rechten == 3) $this->anoniem = true; else $this->anoniem = false;
$this->errors = array();
}
function validate(){
unset($this->errors);
if(empty($this->name)) $this->errors["name"] = "Naam is verplicht.";
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $this->email))
$this->errors["email"] = "Emailadres: ".$this->email." is niet valid.";
if(empty($this->email)) $this->errors["email"] = "Email is verplicht.";
if(!preg_match("/^[a-zA-Z]+[:\/\/]+[A-Za-z0-9\-_]+\\.+[A-Za-z0-9\.\/%&=\?\-_]+$/i",$this->website) && !empty($this->website))
$this->errors["website"] = "Website: ".$this->website." is niet valid.";
return $this->errors;
}
public function getId() {
return $this->id;
}
public function getName() {
return $this->name;
}
public function getEmail() {
return $this->email;
}
public function getWebsite() {
return $this->website;
}
public function getRechten() {
return $this->rechten;
}
public function getanoniem() {
return $this->anoniem;
}
public function getUserPage() {
return $this->userPage;
}
public function setId($value) {
$this->id = $value;
}
public function setName($value) {
$this->name = $value;
}
public function setEmail($value) {
$this->email = $value;
}
public function setWebsite($value) {
$this->website = $value;
}
public function setRechten($value) {
$this->rechten = $value;
}
public function setanoniem($value) {
$this->anoniem = $value;
}
public function setUserPage($value) {
$this->userPage = $value;
}
}
?>
class CommentUser {
private $id;
private $name;
private $email;
private $website;
private $anoniem;
private $userPage; //link die naar de gebruikers homepage wijst;
private $errors;
private $rechten;
//1 == admin (toevoegen, alle bewerken, alle verwijderen)
//2 == user (toevoegen, eigen bewerken, eigen verwijderen) (== ingelogd)
//3 == anonieme gebruiker (toevoegen)
function __construct($id = null, $name = "", $email = "", $website = "", $rechten = 3, $userPage = null) {
$this->id = $id;
$this->name = $name;
$this->email = $email;
$this->website = $website;
$this->userPage = $userPage;
if($rechten < 1 || $rechten > 3) $this->rechten = 3; else $this->rechten = $rechten;
if($this->rechten == 3) $this->anoniem = true; else $this->anoniem = false;
$this->errors = array();
}
function validate(){
unset($this->errors);
if(empty($this->name)) $this->errors["name"] = "Naam is verplicht.";
if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $this->email))
$this->errors["email"] = "Emailadres: ".$this->email." is niet valid.";
if(empty($this->email)) $this->errors["email"] = "Email is verplicht.";
if(!preg_match("/^[a-zA-Z]+[:\/\/]+[A-Za-z0-9\-_]+\\.+[A-Za-z0-9\.\/%&=\?\-_]+$/i",$this->website) && !empty($this->website))
$this->errors["website"] = "Website: ".$this->website." is niet valid.";
return $this->errors;
}
public function getId() {
return $this->id;
}
public function getName() {
return $this->name;
}
public function getEmail() {
return $this->email;
}
public function getWebsite() {
return $this->website;
}
public function getRechten() {
return $this->rechten;
}
public function getanoniem() {
return $this->anoniem;
}
public function getUserPage() {
return $this->userPage;
}
public function setId($value) {
$this->id = $value;
}
public function setName($value) {
$this->name = $value;
}
public function setEmail($value) {
$this->email = $value;
}
public function setWebsite($value) {
$this->website = $value;
}
public function setRechten($value) {
$this->rechten = $value;
}
public function setanoniem($value) {
$this->anoniem = $value;
}
public function setUserPage($value) {
$this->userPage = $value;
}
}
?>
comment.class.php
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
<?php
Class Comment {
private $id;
private $parent_table; //tabelnaam waar deze comment bij hoort
private $parent_id;
private $user; //object van een Commentuser
private $comment;
private $timestamp;
private $errors;
private $ubb;
private $dbTable;
public $db;
function __construct() {
$this->dbTable = "comments";
require_once('db/db.class.php');
$this->db = new db_class;
if (!$this->db->connect()) $this->db->print_last_error(false);
require_once "UBB/class.ubb.php";
$this->ubb = new ubb();
$argv = func_get_args();
switch( func_num_args() )
{
case 1:
self::__construct1($argv[0]);
break;
case 4:
self::__construct4($argv[0], $argv[1], $argv[2], $argv[3]);
break;
default:
}
}
//Gebruik deze constructor als de comment uit de database gehaald moet worden.
function __construct1($id) {
$this->dbSelect($id);
}
//Gebruik deze constructor als de gebruiker bekent is (CommentUser).
function __construct4($p_table, $p_id, $user, $comment) {
$this->parent_table = $p_table;
$this->parent_id = $p_id;
$this->user = $user;
$this->comment = $comment;
$this->timestamp = time();
}
function validate(){
unset($this->errors);
$this->errors = $this->user->validate();
if(empty($this->comment)) $this->errors["comment"] = "comment is verplicht.";
return $this->errors;
}
function dbSelect($id) {
$this->id = $id;
if($this->id != ""){
$r = $this->db->select("SELECT * FROM ".$this->dbTable." where id='".$this->id."'");
$row = $this->db->get_row($r, 'MYSQL_ASSOC');
$this->user = unserialize($row['user']);
$this->parent_table = $row['parent_table'];
$this->parent_id = $row['parent_id'];
$this->comment = $row['comment'];
$this->timestamp = $row['timestamp'];
return $this->id;
}else{
return false;
}
}
function dbInsert() {
$data = array(
"parent_table" => $this->parent_table,
"parent_id" => $this->parent_id,
"user" => serialize($this->user),
"comment" => $this->comment,
"timestamp" => $this->timestamp
);
$this->id = $this->db->insert_array($this->dbTable, $data);
if (!$this->id) $this->db->print_last_error(false);
return $this->id;
}
function dbUpdate() {
$data = array(
"parent_table" => $this->parent_table,
"parent_id" => $this->parent_id,
"user" => serialize($this->user),
"comment" => $this->comment,
"timestamp" => $this->timestamp
);
$rows = $this->db->update_array($this->dbTable, $data, "id=".$this->id);
if (!$rows) $db->print_last_error(false);
return $rows;
}
function dbDelete() {
$this->db->select("DELETE FROM ".$this->dbTable." WHERE id=".$this->id);
}
function showComment($logdinUser){
$encodedComment = $this->ubb->parse_all($this->comment);
?>
<div class="comment" >
<a name="comment<?php echo $this->id ?>"></a> <div class="commentTitel"><?php echo "gepost door ".$this->user->getName()." op ".date("jS F Y", $this->timestamp)." om ".date("H:i a", $this->timestamp) ?></div>
<?php
if($logdinUser->getRechten() == 1 || ($logdinUser->getRechten() == 2 && $logdinUser->getId() == $this->user->getId()) ){
?>
<form class="commenteditForm" action="comments.class.php" method="post">
<?php
if(isset($_GET["commentEdit"]) && $_GET["commentId"] == $this->id){
?>
<textarea name="comment" rows="10" cols="60" ><?php echo $this->comment ?></textarea>
<?php
}else{
?>
<div class="commentText"><?php echo $encodedComment ?></div>
<?php
}
?>
<div class="buttons">
<?php
if(isset($_GET["commentEdit"]) && $_GET["commentId"] == $this->id){
?>
<input type="submit" value="save" name="editComment" />
<?php
}else{
?>
<input type="submit" value="delete" name="deleteComment" />
<input type="submit" value="edit" name="showEditComment" />
<?php
}
?>
<input type="hidden" name="id" value="<?php echo $this->id; ?>" />
<input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
</div>
</form>
<?php
}else{
?>
<div class="commentText"><?php echo $encodedComment ?></div>
<?php
}
?>
<div class="clearL"></div>
</div>
<?php
}
function toString() {
}
//getters
public function getParent_table() {
return $this->parent_table;
}
public function getParent_id() {
return $this->parent_id;
}
public function getUser() {
return $this->user;
}
public function getComment() {
return $this->comment;
}
public function getTimestamp() {
return $this->timestamp;
}
public function getAnonniem() {
return $this->anonniem;
}
public function getError() {
return $this->error;
}
//setters
public function setParent_table($value) {
$this->parent_table = $value;
}
public function setParent_id($value) {
$this->parent_id = $value;
}
public function setUser($value) {
$this->user = $value;
}
public function setComment($value) {
$this->comment = $value;
}
public function setTimestamp($value) {
$this->timestamp = $value;
}
public function setanoniem($value) {
$this->anoniem = $value;
}
public function setError($value) {
$this->error = $value;
}
}
?>
Class Comment {
private $id;
private $parent_table; //tabelnaam waar deze comment bij hoort
private $parent_id;
private $user; //object van een Commentuser
private $comment;
private $timestamp;
private $errors;
private $ubb;
private $dbTable;
public $db;
function __construct() {
$this->dbTable = "comments";
require_once('db/db.class.php');
$this->db = new db_class;
if (!$this->db->connect()) $this->db->print_last_error(false);
require_once "UBB/class.ubb.php";
$this->ubb = new ubb();
$argv = func_get_args();
switch( func_num_args() )
{
case 1:
self::__construct1($argv[0]);
break;
case 4:
self::__construct4($argv[0], $argv[1], $argv[2], $argv[3]);
break;
default:
}
}
//Gebruik deze constructor als de comment uit de database gehaald moet worden.
function __construct1($id) {
$this->dbSelect($id);
}
//Gebruik deze constructor als de gebruiker bekent is (CommentUser).
function __construct4($p_table, $p_id, $user, $comment) {
$this->parent_table = $p_table;
$this->parent_id = $p_id;
$this->user = $user;
$this->comment = $comment;
$this->timestamp = time();
}
function validate(){
unset($this->errors);
$this->errors = $this->user->validate();
if(empty($this->comment)) $this->errors["comment"] = "comment is verplicht.";
return $this->errors;
}
function dbSelect($id) {
$this->id = $id;
if($this->id != ""){
$r = $this->db->select("SELECT * FROM ".$this->dbTable." where id='".$this->id."'");
$row = $this->db->get_row($r, 'MYSQL_ASSOC');
$this->user = unserialize($row['user']);
$this->parent_table = $row['parent_table'];
$this->parent_id = $row['parent_id'];
$this->comment = $row['comment'];
$this->timestamp = $row['timestamp'];
return $this->id;
}else{
return false;
}
}
function dbInsert() {
$data = array(
"parent_table" => $this->parent_table,
"parent_id" => $this->parent_id,
"user" => serialize($this->user),
"comment" => $this->comment,
"timestamp" => $this->timestamp
);
$this->id = $this->db->insert_array($this->dbTable, $data);
if (!$this->id) $this->db->print_last_error(false);
return $this->id;
}
function dbUpdate() {
$data = array(
"parent_table" => $this->parent_table,
"parent_id" => $this->parent_id,
"user" => serialize($this->user),
"comment" => $this->comment,
"timestamp" => $this->timestamp
);
$rows = $this->db->update_array($this->dbTable, $data, "id=".$this->id);
if (!$rows) $db->print_last_error(false);
return $rows;
}
function dbDelete() {
$this->db->select("DELETE FROM ".$this->dbTable." WHERE id=".$this->id);
}
function showComment($logdinUser){
$encodedComment = $this->ubb->parse_all($this->comment);
?>
<div class="comment" >
<a name="comment<?php echo $this->id ?>"></a> <div class="commentTitel"><?php echo "gepost door ".$this->user->getName()." op ".date("jS F Y", $this->timestamp)." om ".date("H:i a", $this->timestamp) ?></div>
<?php
if($logdinUser->getRechten() == 1 || ($logdinUser->getRechten() == 2 && $logdinUser->getId() == $this->user->getId()) ){
?>
<form class="commenteditForm" action="comments.class.php" method="post">
<?php
if(isset($_GET["commentEdit"]) && $_GET["commentId"] == $this->id){
?>
<textarea name="comment" rows="10" cols="60" ><?php echo $this->comment ?></textarea>
<?php
}else{
?>
<div class="commentText"><?php echo $encodedComment ?></div>
<?php
}
?>
<div class="buttons">
<?php
if(isset($_GET["commentEdit"]) && $_GET["commentId"] == $this->id){
?>
<input type="submit" value="save" name="editComment" />
<?php
}else{
?>
<input type="submit" value="delete" name="deleteComment" />
<input type="submit" value="edit" name="showEditComment" />
<?php
}
?>
<input type="hidden" name="id" value="<?php echo $this->id; ?>" />
<input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
</div>
</form>
<?php
}else{
?>
<div class="commentText"><?php echo $encodedComment ?></div>
<?php
}
?>
<div class="clearL"></div>
</div>
<?php
}
function toString() {
}
//getters
public function getParent_table() {
return $this->parent_table;
}
public function getParent_id() {
return $this->parent_id;
}
public function getUser() {
return $this->user;
}
public function getComment() {
return $this->comment;
}
public function getTimestamp() {
return $this->timestamp;
}
public function getAnonniem() {
return $this->anonniem;
}
public function getError() {
return $this->error;
}
//setters
public function setParent_table($value) {
$this->parent_table = $value;
}
public function setParent_id($value) {
$this->parent_id = $value;
}
public function setUser($value) {
$this->user = $value;
}
public function setComment($value) {
$this->comment = $value;
}
public function setTimestamp($value) {
$this->timestamp = $value;
}
public function setanoniem($value) {
$this->anoniem = $value;
}
public function setError($value) {
$this->error = $value;
}
}
?>
comments.class.php
Code (php)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
<?php
//error_reporting(E_ALL);
class Comments {
private $parent_table; //tabel in database waar de comments bij horen
private $parent_id; //id in de parent_table waar de comments bijhoren
private $comments; //array met comments
private $cOnPage; //aantal comments per pagina
private $commentTable;
private $referer; //terug keer adres na het verwerken van het formulier
private $user;
private $db;
function __construct($parent_table, $parent_id, CommentUser $user = null, $cOnPage = 10) {
$this->parent_table = $parent_table;
$this->parent_id = $parent_id;
if($user == null) $this->user = new CommentUser(); else $this->user = $user;
$this->cOnPage = $cOnPage;
$this->comments = array();
$this->commentTable = "comments";
require_once('comment.class.php');
//require_once("commentUser.class.php");
require_once('db/db.class.php');
$this->db = new db_class;
if (!$this->db->connect()) $this->db->print_last_error(false);
//de comments ophalen
$r = $this->db->select("SELECT id FROM ".$this->commentTable." where parent_table='".$this->parent_table."' and parent_id=".$this->parent_id."");
while ($row=$this->db->get_row($r, 'MYSQL_ASSOC')) {
array_push( $this->comments, new comment($row['id']) );
}
}
function showComments(){
foreach($this->comments as $comment){
$comment->showComment($this->user);
}
}
function showForm(){
$commentErrors = unserialize($_GET["commentErrors"]);
if($this->user->getanoniem() == true){
?>
<form action="comments.class.php" method="post">
<a name="commentsForm"></a>
<?php
if(isset($commentErrors["name"]))
echo "<div class=\"error\">".$commentErrors["name"]."</div>";
?>
<p><label>Naam:</label>
<input class=".shortText" type="text" name="name" value="<?php if(isset($_GET["commentName"])) echo $_GET["commentName"]; ?>" /></p>
<?php
if(isset($commentErrors["email"]))
echo "<div class=\"error\">".$commentErrors["email"]."</div>";
?>
<p><label>Email:</label>
<input class=".shortText" type="text" name="email" value="<?php if(isset($_GET["commentEmail"])) echo $_GET["commentEmail"]; ?>" /></p>
<?php
if(isset($commentErrors["website"]))
echo "<div class=\"error\">".$commentErrors["website"]."</div>";
?>
<p><label>Website:</label>
<input class=".shortText" type="text" name="website" value="<?php if(isset($_GET["commentWebsite"])) echo $_GET["commentWebsite"]; ?>" /></p>
<?php
if(isset($commentErrors["comment"]))
echo "<div class=\"error\">".$commentErrors["comment"]."</div>";
?>
<p><label>Comment:</label>
<textarea name="comment" rows="10" cols="60"><?php if(isset($_GET["commentComment"])) echo $_GET["commentComment"]; ?></textarea></p>
<input type="hidden" name="parent_table" value="<?php echo $this->parent_table; ?>" />
<input type="hidden" name="parent_id" value="<?php echo $this->parent_id; ?>" />
<input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
<input type="hidden" name="user" value="<?php echo urlencode(serialize($this->user)); ?>" />
<p class="buttons"><input type="submit" value="submit" name="submitComment" /></p>
</form>
<?php
}else if(isset($this->user) && $this->isValidUser() ) {
?>
<form action="comments.class.php" method="POST">
<a name="commentsForm"></a>
<?php
if(isset($commentErrors["comment"]))
echo "<div class=\"error\">".$commentErrors["comment"]."</div>";
?>
<p><label>Comment:</label>
<textarea name="comment" rows="10" cols="60"></textarea></p>
<input type="hidden" name="parent_table" value="<?php echo $this->parent_table; ?>" />
<input type="hidden" name="parent_id" value="<?php echo $this->parent_id; ?>" />
<input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
<input type="hidden" name="user" value="<?php echo urlencode(serialize($this->user)); ?>" />
<input type="hidden" name="function" value="new" />
<p class="buttons"><input type="submit" value="submit" name="submitComment" /></p>
</form>
<?php
}else{
echo"<div class=\"comment\">Geen valid user.</div>";
}
}
static function proccesForm(){
require_once('comment.class.php');
require_once("commentUser.class.php");
$commentErrors = null;
$editRequest = ""; //URI als een comment geedit moet worden
$errorRequest = ""; //URI als er velden verkeerd zijn ingevuld
$goToComment = "";
if(isset($_POST["submitComment"])){
$parent_table = trim($_POST["parent_table"]);
$parent_id = (int)trim($_POST["parent_id"]);
$user = unserialize(urldecode($_POST["user"]));
$comment = trim($_POST["comment"]);
if($user->getanoniem() == true){
$user->setName(trim($_POST["name"]));
$user->setEmail(trim($_POST["email"]));
$user->setWebsite(trim($_POST["website"]));
}
$c = new Comment($parent_table, $parent_id, $user, $comment);
$commentErrors = $c->validate();
if(!isset($commentErrors)){
$id = $c->dbInsert();
$goToComment = "comment".$id;
}else{
if(empty($commentErrors["name"]))
$errorRequest = "&commentName=".$user->getName();
if(empty($commentErrors["email"]))
$errorRequest .= "&commentEmail=".$user->getEmail();
if(empty($commentErrors["website"]))
$errorRequest .= "&commentWebsite=".$user->getWebsite();
if(empty($commentErrors["comment"]))
$errorRequest .= "&commentComment=".$comment;
$goToComment = "commentsForm";
}
}else if(isset($_POST["editComment"])){
$c = new Comment((int)$_POST["id"]);
$c->setComment(trim($_POST["comment"]));
$commentErrors = $c->validate();
if(!isset($commentErrors))
$c->dbUpdate();
$goToComment = "comment".$_POST["id"];
}else if(isset($_POST["showEditComment"])){
$editRequest = "commentEdit=true&commentId=".$_POST["id"];
$goToComment = "comment".$_POST["id"];
}else if(isset($_POST["deleteComment"])){
$c = new Comment((int)$_POST["id"]);
$c->dbDelete();
}
//deze parameterers worden uit de Url gehaald
$parameters = array('commentErrors', 'commentEdit', 'commentId', 'commentName', 'commentEmail', 'commentWebsite', 'commentComment');
$page_url = $_POST["referer"];
foreach($parameters as $param){
$param_preg = preg_quote ($param);
// wis (&|?)parameters uit de url (voor extra veiligheid gebruik while)
while (preg_match ('|[?&]' . $param_preg . '=[^&]*|i', $page_url))
{
// als het matcht, vervang met niets
$page_url = preg_replace ('|[?&]' . $param_preg . '=[^&]*|i', '', $page_url);
}
// check of we een juiste URI hebben(als er geen ? in voor komt, vervang 1 & met ?
$page_url = (strpos ($page_url, '?') !== false) ? $page_url : preg_replace ('~&~', '?', $page_url, 1);
// check of we een '?' hebben, is dit zo, dan wordt de seperator een '&'
$seperator = (strpos ($page_url, '?') !== false) ? '&' : '?';
}
if($commentErrors == null){
if($editRequest != "")
$page_url = $page_url . $seperator . $editRequest;
}else{
if($editRequest != "")
$page_url = $page_url . $seperator . $parameters[0] . '=' .serialize($commentErrors)."&".$editRequest;
else
$page_url = $page_url . $seperator . $parameters[0] . '=' .serialize($commentErrors).$errorRequest;
}
if($goToComment != "")
$goToComment = "#".$goToComment;
header('Location: '.$page_url . $goToComment);
}
public function getComments() {
return $this->comments;
}
function isValidUser(){
$valid = $this->user->validate();
if(isset($valid)){
return false;
}else{
return true;
}
}
}
if(isset($_POST["submitComment"]) || isset($_POST["deleteComment"]) || isset($_POST["showEditComment"]) || isset($_POST["editComment"])){
Comments::proccesForm();
}
?>
//error_reporting(E_ALL);
class Comments {
private $parent_table; //tabel in database waar de comments bij horen
private $parent_id; //id in de parent_table waar de comments bijhoren
private $comments; //array met comments
private $cOnPage; //aantal comments per pagina
private $commentTable;
private $referer; //terug keer adres na het verwerken van het formulier
private $user;
private $db;
function __construct($parent_table, $parent_id, CommentUser $user = null, $cOnPage = 10) {
$this->parent_table = $parent_table;
$this->parent_id = $parent_id;
if($user == null) $this->user = new CommentUser(); else $this->user = $user;
$this->cOnPage = $cOnPage;
$this->comments = array();
$this->commentTable = "comments";
require_once('comment.class.php');
//require_once("commentUser.class.php");
require_once('db/db.class.php');
$this->db = new db_class;
if (!$this->db->connect()) $this->db->print_last_error(false);
//de comments ophalen
$r = $this->db->select("SELECT id FROM ".$this->commentTable." where parent_table='".$this->parent_table."' and parent_id=".$this->parent_id."");
while ($row=$this->db->get_row($r, 'MYSQL_ASSOC')) {
array_push( $this->comments, new comment($row['id']) );
}
}
function showComments(){
foreach($this->comments as $comment){
$comment->showComment($this->user);
}
}
function showForm(){
$commentErrors = unserialize($_GET["commentErrors"]);
if($this->user->getanoniem() == true){
?>
<form action="comments.class.php" method="post">
<a name="commentsForm"></a>
<?php
if(isset($commentErrors["name"]))
echo "<div class=\"error\">".$commentErrors["name"]."</div>";
?>
<p><label>Naam:</label>
<input class=".shortText" type="text" name="name" value="<?php if(isset($_GET["commentName"])) echo $_GET["commentName"]; ?>" /></p>
<?php
if(isset($commentErrors["email"]))
echo "<div class=\"error\">".$commentErrors["email"]."</div>";
?>
<p><label>Email:</label>
<input class=".shortText" type="text" name="email" value="<?php if(isset($_GET["commentEmail"])) echo $_GET["commentEmail"]; ?>" /></p>
<?php
if(isset($commentErrors["website"]))
echo "<div class=\"error\">".$commentErrors["website"]."</div>";
?>
<p><label>Website:</label>
<input class=".shortText" type="text" name="website" value="<?php if(isset($_GET["commentWebsite"])) echo $_GET["commentWebsite"]; ?>" /></p>
<?php
if(isset($commentErrors["comment"]))
echo "<div class=\"error\">".$commentErrors["comment"]."</div>";
?>
<p><label>Comment:</label>
<textarea name="comment" rows="10" cols="60"><?php if(isset($_GET["commentComment"])) echo $_GET["commentComment"]; ?></textarea></p>
<input type="hidden" name="parent_table" value="<?php echo $this->parent_table; ?>" />
<input type="hidden" name="parent_id" value="<?php echo $this->parent_id; ?>" />
<input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
<input type="hidden" name="user" value="<?php echo urlencode(serialize($this->user)); ?>" />
<p class="buttons"><input type="submit" value="submit" name="submitComment" /></p>
</form>
<?php
}else if(isset($this->user) && $this->isValidUser() ) {
?>
<form action="comments.class.php" method="POST">
<a name="commentsForm"></a>
<?php
if(isset($commentErrors["comment"]))
echo "<div class=\"error\">".$commentErrors["comment"]."</div>";
?>
<p><label>Comment:</label>
<textarea name="comment" rows="10" cols="60"></textarea></p>
<input type="hidden" name="parent_table" value="<?php echo $this->parent_table; ?>" />
<input type="hidden" name="parent_id" value="<?php echo $this->parent_id; ?>" />
<input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
<input type="hidden" name="user" value="<?php echo urlencode(serialize($this->user)); ?>" />
<input type="hidden" name="function" value="new" />
<p class="buttons"><input type="submit" value="submit" name="submitComment" /></p>
</form>
<?php
}else{
echo"<div class=\"comment\">Geen valid user.</div>";
}
}
static function proccesForm(){
require_once('comment.class.php');
require_once("commentUser.class.php");
$commentErrors = null;
$editRequest = ""; //URI als een comment geedit moet worden
$errorRequest = ""; //URI als er velden verkeerd zijn ingevuld
$goToComment = "";
if(isset($_POST["submitComment"])){
$parent_table = trim($_POST["parent_table"]);
$parent_id = (int)trim($_POST["parent_id"]);
$user = unserialize(urldecode($_POST["user"]));
$comment = trim($_POST["comment"]);
if($user->getanoniem() == true){
$user->setName(trim($_POST["name"]));
$user->setEmail(trim($_POST["email"]));
$user->setWebsite(trim($_POST["website"]));
}
$c = new Comment($parent_table, $parent_id, $user, $comment);
$commentErrors = $c->validate();
if(!isset($commentErrors)){
$id = $c->dbInsert();
$goToComment = "comment".$id;
}else{
if(empty($commentErrors["name"]))
$errorRequest = "&commentName=".$user->getName();
if(empty($commentErrors["email"]))
$errorRequest .= "&commentEmail=".$user->getEmail();
if(empty($commentErrors["website"]))
$errorRequest .= "&commentWebsite=".$user->getWebsite();
if(empty($commentErrors["comment"]))
$errorRequest .= "&commentComment=".$comment;
$goToComment = "commentsForm";
}
}else if(isset($_POST["editComment"])){
$c = new Comment((int)$_POST["id"]);
$c->setComment(trim($_POST["comment"]));
$commentErrors = $c->validate();
if(!isset($commentErrors))
$c->dbUpdate();
$goToComment = "comment".$_POST["id"];
}else if(isset($_POST["showEditComment"])){
$editRequest = "commentEdit=true&commentId=".$_POST["id"];
$goToComment = "comment".$_POST["id"];
}else if(isset($_POST["deleteComment"])){
$c = new Comment((int)$_POST["id"]);
$c->dbDelete();
}
//deze parameterers worden uit de Url gehaald
$parameters = array('commentErrors', 'commentEdit', 'commentId', 'commentName', 'commentEmail', 'commentWebsite', 'commentComment');
$page_url = $_POST["referer"];
foreach($parameters as $param){
$param_preg = preg_quote ($param);
// wis (&|?)parameters uit de url (voor extra veiligheid gebruik while)
while (preg_match ('|[?&]' . $param_preg . '=[^&]*|i', $page_url))
{
// als het matcht, vervang met niets
$page_url = preg_replace ('|[?&]' . $param_preg . '=[^&]*|i', '', $page_url);
}
// check of we een juiste URI hebben(als er geen ? in voor komt, vervang 1 & met ?
$page_url = (strpos ($page_url, '?') !== false) ? $page_url : preg_replace ('~&~', '?', $page_url, 1);
// check of we een '?' hebben, is dit zo, dan wordt de seperator een '&'
$seperator = (strpos ($page_url, '?') !== false) ? '&' : '?';
}
if($commentErrors == null){
if($editRequest != "")
$page_url = $page_url . $seperator . $editRequest;
}else{
if($editRequest != "")
$page_url = $page_url . $seperator . $parameters[0] . '=' .serialize($commentErrors)."&".$editRequest;
else
$page_url = $page_url . $seperator . $parameters[0] . '=' .serialize($commentErrors).$errorRequest;
}
if($goToComment != "")
$goToComment = "#".$goToComment;
header('Location: '.$page_url . $goToComment);
}
public function getComments() {
return $this->comments;
}
function isValidUser(){
$valid = $this->user->validate();
if(isset($valid)){
return false;
}else{
return true;
}
}
}
if(isset($_POST["submitComment"]) || isset($_POST["deleteComment"]) || isset($_POST["showEditComment"]) || isset($_POST["editComment"])){
Comments::proccesForm();
}
?>