File: //home/httpd/mech_ftp/baretube.com/admin/comments.php
<?php
require "header.php";
if (isset($_GET['type']) && !in_array($_GET['type'], array(0, 1, 2))) {
exit();
}
$commentType = (int) $_GET['type'];
if ($_POST['list']) {
foreach ($_POST['list'] as $i) {
if (is_numeric($i)) {
dbQuery("DELETE FROM `comments` WHERE `record_num` = $i");
}
}
}
$page = (isset($_GET['page']) && is_numeric($_GET['page'])) ? (int) $_GET['page'] : 1;
$max_results = (isset($_GET['setmax']) && $_GET['setmax'] > 0) ? (int) $_GET['setmax'] : 100;
$from = ($page * $max_results) - $max_results;
switch ($commentType) {
case 1:
$headerType = "Models";
$filterType = "Model";
$field_description = "Filter comments by model - insert model's name";
break;
case 2:
$headerType = "Users";
$filterType = "User";
$field_description = "Filter comments by user's wall - insert user's name";
break;
case 0:
default:
$headerType = "Content";
$filterType = "Content";
$field_description = "Filter comments by video/gallery - insert content's title";
break;
}
?>
<div class="content-page">
<div class="header-area">
<div class="breadcrumbs">
<a href="index.php">Admin Home</a>
<span><a href="comments.php?type=<?php echo $commentType; ?>">Comments</a></span>
</div>
</div>
<div class="content-outer">
<h2>Edit<strong><?php echo $headerType; ?>Comments</strong></h2>
<div class="content-inner">
<? echo getMessages(); ?>
<form method="POST" action="" class="form" novalidate autocomplete="off">
<table class="pagetable">
<thead>
<tr>
<th colspan="2">Search</th>
</tr>
</thead>
<tbody>
<tr>
<td>Username/Comment</td>
<td><input type="text" name="q" value="<?php echo htmlentities($_POST['q'], ENT_QUOTES, 'UTF-8'); ?>"/></td>
</tr>
<tr>
<td>Filter Content (<a href='#' title="<?php echo $field_description; ?>">?</a>)</td>
<td>
<input type="text" name="content" id="contentAutocomplete" value="<?php echo $_POST['content'] ? htmlentities($_POST['content'], ENT_QUOTES, 'UTF-8') : ""; ?>"/>
<script type="text/javascript">
$(document).ready(function () {
$("#contentAutocomplete").autocomplete({
source: "search_content.php?type=<?php echo $commentType; ?>",
minLength: 2
});
});
</script>
</td>
</tr>
<tr class="item submit">
<td colspan="2">
<button type="submit" class="btn action-search">Search</button>
</td>
</tr>
</tbody>
</table>
<table class="pagetable">
<thead>
<tr>
<th style="width:120px">User</th>
<th>Comment</th>
<th style="width:200px">Commented Content</th>
<th style="width:150px">Added</th>
<th style="width:80px" class="options"></th>
<th style="width:50px">
<label for="check-select-all-1" class="checkbox">
<input type="checkbox" name="select_all" value="1" data-items="list[]" id="check-select-all-1">
<i></i>
</label>
</th>
</tr>
</thead>
<?php
$querySearch = "";
if ($_POST['q']) {
$q = mysqli_real_escape_string($dblink, $_POST['q']);
$querySearch = "AND (name LIKE '%$q%' OR comment LIKE '%$q%')";
}
$filter = false;
$queryFilter = "";
if (!empty($_POST['content'])) {
$cnt = mysqli_real_escape_string($dblink, $_POST['content']);
switch ($commentType) {
case 0:
$contentTable = "content";
$contentCol = "title";
break;
case 1:
$contentTable = "pornstars";
$contentCol = "name";
break;
case 2:
$contentTable = "users";
$contentCol = "username";
break;
}
$getResult = dbRow("SELECT record_num FROM $contentTable WHERE $contentCol = '$cnt'", false);
if (!empty($getResult)) {
$result = $getResult;
$contentId = $result['record_num'];
} else {
$contentId = 0;
}
$queryFilter = "AND content = $contentId";
}
$result_count = dbQuery("SELECT record_num FROM comments WHERE type = $commentType $querySearch $queryFilter", false);
$result = dbQuery("SELECT * FROM comments WHERE type = $commentType $querySearch $queryFilter ORDER BY timestamp DESC LIMIT $from,$max_results", false);
$total_results = count($result_count);
$total_pages = ceil($total_results / $max_results);
?>
<?php if (count($result) == 0) { ?>
<tr><td colspan="6"><div class="notification alert">No comments found</div></td></tr>
<?php } else { ?>
<?php foreach ($result as $row) { ?>
<tr>
<td>
<a href="<?php echo $basehttp; ?>/admin/edit_user.php?id=<?php echo $row['userid']; ?>">
<?php echo $row['name']; ?>
</a>
</td>
<td><?php echo truncate($row['comment'], 100); ?></td>
<td>
<?php
$link = '';
switch ($row['type']) {
case 1:
$cnt = dbRow("SELECT name FROM pornstars WHERE record_num = '$row[content]'", false);
if (is_array($cnt)) {
$link = "<a href=\"$basehttp/admin/edit_model.php?id={$row['content']}\">" . truncate($cnt['name'], 56) . "</a>";
}
break;
case 2:
$cnt = dbRow("SELECT username FROM users WHERE record_num = '$row[content]'", false);
if (is_array($cnt)) {
$link = "<a href=\"$basehttp/admin/edit_user.php?id={$row['content']}\">" . truncate($cnt['username'], 56) . "</a>";
}
break;
case 0:
default:
$cnt = dbRow("SELECT title, photos FROM content WHERE record_num = '$row[content]'", false);
if (is_array($cnt)) {
if ($cnt['photos'] == 1) {
$link = "<a href=\"edit_photo_content.php?id={$row['content']}\" class=\"popEditPublish\" data=\"{$row['content']}\">" . ($cnt['title'] != "" ? truncate($cnt['title'], 56) : ' - no title - ') . "</a>";
} else {
$link = "<a href=\"edit_content.php?id={$row['content']}\" class=\"popEditPublish\" data=\"{$row['content']}\">" . ($cnt['title'] != "" ? truncate($cnt['title'], 56) : 'n/a') . "</a>";
}
}
break;
}
echo $link;
?>
</td>
<td><?php echo date("Y-m-d H:i:s", $row['timestamp']); ?></td>
<td class="options">
<a href="<?php echo $basehttp; ?>/admin/edit_comment.php?id=<?php echo $row['record_num']; ?>&type=<?php echo $commentType; ?>" class="btn btn-xs btn-orange" title="Edit Comment"><i class="ion ion-edit icon-edit"></i></a>
</td>
<td>
<label class="checkbox">
<input type="checkbox" name="list[]" value="<?php echo $row['record_num']; ?>" id="ids-<?php echo $row['record_num']; ?>"><i></i>
</label>
</td>
</tr>
<?php } ?>
<?php } ?>
<tr class="item submit">
<td colspan="6">
<?php if (count($result) > 0) { ?>
<button type="submit" class="btn action-delete">Delete Selected</button>
<?php } ?>
</td>
</tr>
</table>
</form>
<div id="adminPagination"><?php echo showAdminPagination($total_pages); ?></div>
</div>
</div>
</div>
<?php require "footer.php"; ?>