query_first("SELECT * FROM iworks_news WHERE date='$_REQUEST[a]'"); $comment = $sql->query_first("SELECT * FROM iworks_news_comments WHERE rowid='$_REQUEST[replyto]'"); if($_REQUEST['send'] == "send") { if($username!="Guest") { $reply = addslashes($reply); $thistime = time(); $newnestid = $comment[nestid]; $nestswitch = $_REQUEST[level]-1; switch ($nestswitch) { case 0: $nimax = $newnestid + 999000000000000000000000000; $nimin = $newnestid + 1000000000000000000000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000000000000000000000 * $multiplier); break; case 1: $nimax = $newnestid + 999000000000000000000000; $nimin = $newnestid + 1000000000000000000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000000000000000000 * $multiplier); break; case 2: $nimax = $newnestid + 999000000000000000000; $nimin = $newnestid + 1000000000000000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000000000000000 * $multiplier); break; case 3: $nimax = $newnestid + 999000000000000000; $nimin = $newnestid + 1000000000000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000000000000 * $multiplier); break; case 4: $nimax = $newnestid + 999000000000000; $nimin = $newnestid + 1000000000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000000000 * $multiplier); break; case 5: $nimax = $newnestid + 999000000000; $nimin = $newnestid + 1000000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000000 * $multiplier); break; case 6: $nimax = $newnestid + 999000000; $nimin = $newnestid + 1000000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000000 * $multiplier); break; case 7: $nimax = $newnestid + 999000; $nimin = $newnestid + 1000; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1000 * $multiplier); break; case 8: $nimax = $newnestid + 999; $nimin = $newnestid + 1; $multiplier = mysql_num_rows($sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND nestid >= '$nimin' AND nestid <= '$nimax' ")) +1; $newnestid = $newnestid + (1 * $multiplier); break; } $sql->query("INSERT INTO iworks_news_comments (date,user,article,subject,strlower,username,message,level,commentid,nestid) VALUES ('".$thistime."','$user_info[userid]','$articleinfo[rowid]','".addslashes($subject)."','".strlower($username)."','$username','".addslashes($reply)."','$_REQUEST[level]','$_REQUEST[replyto]','$newnestid') "); //allow the user to make a reply, but do not bump up stats or send himself/herself a message about it. if($comment['user'] != $user_info['userid']) { send_message($comment['user'],$comment['username'],$user_info['username'],"Comments",$comment['subject'],$_REQUEST['a'],"news.fpd",$thistime); $sql->query("UPDATE iworks_users SET commentcount=commentcount+1, commentsrecieved=commentsrecieved+1 WHERE userid='$comment[user]'"); $sql->query("UPDATE iworks_users SET commentsgiven=commentsgiven+1 WHERE userid='$user_info[userid]'"); } $sql->query("UPDATE iworks_news SET comments=comments+1 WHERE date='$_REQUEST[a]'"); $output="Your reply was made!"; $link="news.fpd?a=$_REQUEST[a]"; header("LOCATION: $link"); exit(); } else { $output="You must be registered to post comments."; $link="news.fpd?a=$_REQUEST[a]"; require ("my.query.fpd"); eval("dooutput(\"".gettemplate("redirect")."\");"); exit(); } } $newlevel = $comment['level']+1; eval("dooutput(\"".gettemplate("replyto_news")."\");"); exit(); } //Check for valid news articles... if($_REQUEST['a']) { if($_REQUEST['a'] == "Null") { header("LOCATION: news.fpd"); } else { $articleinfo = $sql->query_first("SELECT * FROM iworks_news WHERE date='$_REQUEST[a]'"); $articleinfo['message'] = nl2br($articleinfo['message']); $articleinfo['message'] = docode($articleinfo['message']); $date = XBdate($config['longdateformat'],$articleinfo['date'],1); if($_REQUEST['action'] == "reply") { $_REQUEST['reply'] = addslashes($_REQUEST['reply']); $nestinfo = $sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' AND level=0"); if(mysql_num_rows($nestinfo)) { $nestid = mysql_num_rows($nestinfo) + 1; } else if(!mysql_num_rows($nestinfo)) { $nestid = 1; } $nestid = $nestid * 1000000000000000000000000000; $sql->query("INSERT INTO iworks_news_comments (date,user,article,subject,username,strlower,message,nestid) VALUES ('".time()."','$user_info[userid]','$articleinfo[rowid]','$_REQUEST[subject]','$user_info[username]','$user_info[strlower]','$_REQUEST[reply]','$nestid')"); $qcount = $sql->get_count("date","iworks_news_comments","article='$articleinfo[rowid]'"); $sql->query("UPDATE iworks_news SET comments = '$qcount' WHERE rowid = '$articleinfo[rowid]'"); $output="Your reply has been made."; $link="news.fpd?a=$_REQUEST[a]"; header("LOCATION: $link"); exit(); } if($adminstatus == true) $admindelete = "[Delete]"; $result = $sql->query("SELECT * FROM iworks_news_comments WHERE article='$articleinfo[rowid]' ORDER BY nestid ASC"); while ($row = $sql->fetch_array($result)) { $row['fromname'] = $row['username']; $row['message'] = nohtml($row['message']); //$row['message'] = htmlspecialchars($row['message']); $row['message'] = nl2br($row['message']); $row['message'] = docode($row['message']); $row['message'] = stripslashes($row['message']); $row['subject'] = htmlspecialchars($row['subject']); $thisdate = XBdate($config['longdateformat'],$row['date'],1); $levwidth = levpercent($row['level']); eval ("\$comments .= \"".gettemplate("news_comments")."\";"); } $sql->free_result($result); //Smilie data... if(is_array($smilies)) { while(list($key,$val)=each($smilies)) { $smilielist .= " "; } } require ("my.query.fpd"); eval("dooutput(\"".gettemplate("news_article")."\");"); } exit(); } $result = $sql->query("SELECT * FROM iworks_news ORDER BY rowid DESC"); while ($row = $sql->fetch_array($result)) { $row['message'] = nl2br($row['message']); $row['message'] = docode($row['message']); eval ("\$news .= \"".gettemplate("newsbit")."\";"); } $sql->free_result($result); if(!$news) { $subject = "No news available..."; $row['date'] = "Null"; $row['strlower'] = "Null"; $row['username'] = "Administrator"; $date = "No post date on record!"; $comment = "There is no news available at this point in time."; $row['comments'] = "0"; eval ("\$news = \"".gettemplate("newsbit")."\";"); } require ("my.query.fpd"); eval("dooutput(\"".gettemplate("news")."\");"); ?>