include_once"myconnect.php";
include_once"logincheck.php";
if(!isset($_REQUEST["rec_id"]) || ($_REQUEST["rec_id"] == 0 ) ||(!is_numeric($_REQUEST["rec_id"])))
{
header("Location: ". "index.php?msg=" .urlencode("Access Denied") );
die();
}
$rec_id=(int)$_REQUEST["rec_id"];
$user=$_SESSION['uid'];
$mem_comment=mysql_fetch_array(mysql_query("select * from sbrecipe_comments where recipe_id=$rec_id and mem_id=$user"));
if($mem_comment)
{
header("Location: ". "popup.php?sb_id=$rec_id&msg=" .urlencode("You can't comment a recipe twice") );
die();
}
$recipe=mysql_fetch_array(mysql_query("select *,DATE_FORMAT((sb_posted_on),'%d, %b %Y') as sb_date from sbrecipe_recipes where sb_approved='yes' and sb_id=$rec_id and sbuser_id<>$user"));
if(!$recipe)
{
header("Location: ". "popup.php?sb_id=$rec_id&msg=" .urlencode("You can't post comments to your own recipe") );
die();
}
$config=mysql_fetch_array(mysql_query("select * from sbrecipe_config where 1"));
$errcnt=0;
$errs='';
if(count($_POST)<>0) //IF SOME FORM WAS POSTED DO VALIDATION
{
if(!get_magic_quotes_gpc())
{
$comments=str_replace("$","\$",addslashes($_REQUEST["comments"]));
}
else
{
$comments=str_replace("$","\$",$_REQUEST["comments"]);
}
if ( !isset( $_REQUEST["comments"] ) || (strlen(trim($comments)) == 0))
{
$errs[$errcnt]="Please provide some comments";
$errcnt++;
}
if(strlen(trim($comments))>$config['comment_length'])
{
$errs[$errcnt]="Comments must be less than ".$config['comment_length']. " characters long";
$errcnt++;
}
if($errcnt==0)
{
if($config['approve_comments']=='admin')
{$approved='new';
$msg1='Your comments have been sent for admin approval';}
else
{$approved='yes';
$msg1='Comments have been posted';}
$sbsubmit_date=date("Ymdhis",time());
mysql_query("insert into sbrecipe_comments (recipe_id,mem_id,comments,sb_submitted_on,sb_approve) values ($rec_id,$user,'$comments','$sbsubmit_date','$approved')");
if(mysql_affected_rows()==1)
{ $sbq_plan="select max(sb_id) as max_id from sbrecipe_comments where 1";
//echo $sbq_plan;
$sbrow_plan=mysql_fetch_array(mysql_query($sbq_plan));
$max_id=$sbrow_plan["max_id"];
$max_id;
if ($config["approve_comments"]=="admin")
{
$row_emp=mysql_fetch_array(mysql_query ("select * from sbrecipe_members where sbuser_id=".$_SESSION["uid"]));
$sbq_mail= "SELECT * FROM sbrecipe_mails where sb_mailid=4" ;
$sbrs_mail=mysql_query($sbq_mail);
$sb_null_char=$config["null_char"];
//die($sbq_mail);
if ( $sbrow_mail=mysql_fetch_array($sbrs_mail) )// if mail
{
if($sbrow_mail["sb_status"]=="yes")
{
$from =$sbrow_mail["sb_fromid"];
$to = $config["sbadmin_email"];
$subject =$sbrow_mail["sb_subject"];
//echo $m_plan." --".$plantitle;
$body=str_replace("%recipe_id%", $rec_id,str_replace("%recipe_title%", $recipe['sb_title'],str_replace("%comment_id%",$max_id,str_replace("%password%", $row_emp["sbuser_pwd"],str_replace("%username%", $row_emp["sbuser_name"], $sbrow_mail["sb_mail"]) ))));
// die();
$header="From:" . $from . "\r\n" ."Reply-To:". $from ;
if(isset($sbrow_mail["sb_html_format"])&&($sbrow_mail["sb_html_format"]=="yes"))
{
$header .= "\r\nMIME-Version: 1.0\r\n";
$header .= "Content-type: text/html; charset=iso-8859-1\r\n";
//$body=str_replace("\n","
",$body);
}
//echo "--from:-$from----to:-$to---sub:-$subject----head:-$header----";
//echo "
$body
";
//die();
@mail($to,$subject,$body,$header);
}// end if status is on
}// end if mail
}
header("Location: popup.php?sb_id=$rec_id&msg=".urlencode("$msg1"));
die();
}else
{
header("Location: popup.php?sb_id=$rec_id&msg=".urlencode("Some error occurred, Please try again"));
die();
}
}
}
function main()
{ global $rec_id,$errs,$errcnt,$recipe,$config;
$comments='';
if(count($_POST)<>0) //IF SOME FORM WAS POSTED DO VALIDATION
{ $comments=$_REQUEST['comments'];
if( $errcnt != 0 )
{
// ob_end_flush();
?>
Your request cannot be processed due to following
reasons |
|
for ($i=0;$i<$errcnt;$i++)
{
?>
1 |
|
}
?>
} //end else-errcnt==0
} //end if count-post
?>
}
include "template.php";
?>