diff options
Diffstat (limited to 'web/template/pkg_comment_form.php')
-rw-r--r-- | web/template/pkg_comment_form.php | 80 |
1 files changed, 18 insertions, 62 deletions
diff --git a/web/template/pkg_comment_form.php b/web/template/pkg_comment_form.php index 6081643..95d2cb0 100644 --- a/web/template/pkg_comment_form.php +++ b/web/template/pkg_comment_form.php @@ -1,69 +1,25 @@ +<div id="generic-form" class="box"> + <h2><?php echo __("Add Comment"); ?></h2> + <form call="general-form" action="<?php echo $_SERVER['REQUEST_URI'] ?>" method="post"> + <fieldset> <?php -# Add a comment to this package if (isset($_REQUEST['comment']) && check_token()) { - - # Insert the comment - $dbh = db_connect(); - $q = 'INSERT INTO PackageComments '; - $q.= '(PackageID, UsersID, Comments, CommentTS) VALUES ('; - $q.= intval($_REQUEST['ID']) . ', ' . uid_from_sid($_COOKIE['AURSID']) . ', '; - $q.= "'" . db_escape_string($_REQUEST['comment']) . "', "; - $q.= 'UNIX_TIMESTAMP())'; - db_query($q, $dbh); - - # Send email notifications - $q = 'SELECT CommentNotify.*, Users.Email '; - $q.= 'FROM CommentNotify, Users '; - $q.= 'WHERE Users.ID = CommentNotify.UserID '; - $q.= 'AND CommentNotify.UserID != ' . uid_from_sid($_COOKIE['AURSID']) . ' '; - $q.= 'AND CommentNotify.PkgID = ' . intval($_REQUEST['ID']); - $result = db_query($q, $dbh); - $bcc = array(); - - if (mysql_num_rows($result)) { - while ($row = mysql_fetch_assoc($result)) { - array_push($bcc, $row['Email']); - } - - $q = 'SELECT Packages.* '; - $q.= 'FROM Packages '; - $q.= 'WHERE Packages.ID = ' . intval($_REQUEST['ID']); - $result = db_query($q, $dbh); - $row = mysql_fetch_assoc($result); - - # TODO: native language emails for users, based on their prefs - # Simply making these strings translatable won't work, users would be - # getting emails in the language that the user who posted the comment was in - $body = - 'from https://aur.archlinux.org/packages.php?ID=' - . $_REQUEST['ID'] . "\n" - . username_from_sid($_COOKIE['AURSID']) . " wrote:\n\n" - . $_POST['comment'] - . "\n\n---\nIf you no longer wish to receive notifications about this package, please go the the above package page and click the UnNotify button."; - $body = wordwrap($body, 70); - $bcc = implode(', ', $bcc); - $headers = "Bcc: $bcc\nReply-to: nobody@archlinux.org\nFrom: aur-notify@archlinux.org\nX-Mailer: AUR\n"; - @mail(' ', "AUR Comment for " . $row['Name'], $body, $headers); - } -} - - # Prompt visitor for comment -?> -<div class="pgbox"> - <form action='<?php echo $_SERVER['REQUEST_URI'] ?>' method='post'> - <div style="padding: 1%"> -<?php -if (isset($_REQUEST['comment']) && check_token()) { - echo '<b>' . __('Comment has been added.') . '</b>'; + echo '<p>' . __('Comment has been added.') . '</p>'; } ?> - <input type='hidden' name='ID' value="<?php echo intval($_REQUEST['ID']) ?>" /> - <?php echo __('Enter your comment below.') ?><br /> - <textarea name='comment' cols='80' rows='10' style="width: 100%"></textarea><br /> - <input type='hidden' name='token' value='<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>' /> - <input type='submit' value="<?php echo __("Submit") ?>" /> - <input type='reset' value="<?php echo __("Reset") ?>" /> - </div> + <div> + <input type="hidden" name="ID" value="<?php echo intval($_REQUEST['ID']) ?>" /> + <input type="hidden" name="token" value="<?php echo htmlspecialchars($_COOKIE['AURSID']) ?>" /> + </div> + <p> + <label for="id_comment"><?php echo __("Comment") . ':' ?></label> + <textarea id="id_comment" name="comment" cols="80" rows="10"></textarea> + </p> + <p> + <label></label> + <input type="submit" value="<?php echo __("Add Comment") ?>" /> + </p> + </fieldset> </form> </div> |