"
. "\n";
$SQL = "SELECT `news_comments_id`, `name`, `email`, `comment`, `date_posted` "
. " FROM `" . DB_TABLE_NEWS_COMMENTS . "` "
. " WHERE `news_id` = $view_details "
. " AND `is_active` = 1 AND `is_deleted` = 0 "
. " ORDER BY `news_comments_id` ASC ";
$all_comments = db_data_multi_hash( $SQL );
$all_comments_html = "\n";
return $all_comments_html
.= "
\n"
. "$new_comment_form\n";
} # end get_all_news_comments
$view_details = 0; # display detail?
if( $_GET['vd'] ) $view_details = (int)$_GET['vd'];
if( is_int( $view_details ) && 0 != $view_details ) { # news item detail
$SQL = "SELECT `date`, `title`, `content`, DATE_FORMAT( `date`, '%M %e, %Y' ) `date_explained`, `meta_keywords`, `meta_description` "
. " FROM `" . DB_TABLE_NEWS . "` "
. " WHERE `active` = 1 AND `ID` = '$view_details' AND `type` = 2 ";
$n = db_data_single_hash( $SQL );
if( is_array( $n ) ) {
$meta_keywords = str_replace( '"', '', $n['meta_keywords'] );
$meta_description = str_replace( '"', '', $n['meta_description'] );
$all_comments_html = get_all_news_comments( $view_details );
$r = "{$n['title']}
\n"
. "{$n['date_explained']}
\n"
. "{$n['content']}
\n"
. "\n"
. "\n";
} else
$r = "No such news item found.
\n";
} else { # news list
# time range
$days_past = 60; # hard-coded default
if( $options['archive'] ) {
$archive_title = ' Archive';
$archive_link = '';
$date_direction = '<=';
} else {
$archive_title = '';
$archive_link = "\n";
$date_direction = '>=';
}
$r = $archive_link
. "News$archive_title
\n"; # title
if( $_GET['dp'] ) $days_past = (int)$_GET['dp'];
$SQL = "SELECT `ID`, `date`, `title`, `type`, `url`, `content` "
. " FROM `" . DB_TABLE_NEWS . "` "
. " WHERE `active` = 1 "
. " AND `date` $date_direction DATE_SUB( NOW(), INTERVAL '$days_past' DAY ) "
. " ORDER BY `date` DESC, `created` DESC ";
$news = db_data_multi_hash( $SQL );
if( is_array( $news ) && $news ) {
foreach( $news as $n ) {
$r .= "{$n['date']}: "; # the date
if( 1 == $n['type'] ) # url
$r .= "{$n['title']}";
elseif( 2 == $n['type'] ) { # content
$title_url_encoded = urlencode( $n['title'] );
$r .= "{$n['title']}";
}
$r .= "
\n";
}
} else $r .= "No news found.
\n";
$r .= $archive_link;
}
return array( 'html_content' => $r,
'meta_keywords' => $meta_keywords,
'meta_description' => $meta_description );
} # end the_news
# comment_html
function comment_html( $comment_data ) {
$comment_formatted_for_html = htmlentities( $comment_data['comment'] );
return "{$comment_data['name']}
\n"
. "{$comment_data['date_posted']}
\n"
#. "{$comment_data['email']}
\n"
. "\n"
. "
\n";
} # end comment_html
# insert_new_comment
function insert_new_comment( $data ) {
$SQL = "INSERT INTO `" . DB_TABLE_NEWS_COMMENTS . "` "
. " ( `name`, `email`, `comment`, `date_posted`, `news_id` ) "
. "VALUES ( '{$data['name']}', '{$data['email']}', '{$data['comment']}', NOW(), '{$data['news_id']}' ) ";
if( mysql_query( $SQL ) )
return mysql_insert_id();
else
return mysql_error();
} # end insert_new_comment
# get_news_info
function get_news_info( $id ) {
$SQL = "SELECT `date`, `title`, `content`, DATE_FORMAT( `date`, '%M %e, %Y' ) `date_explained` "
. " FROM `" . DB_TABLE_NEWS . "` "
. " WHERE `active` = 1 AND `ID` = '$id' AND `type` = 2 ";
return db_data_single_hash( $SQL );
} # end get_news_info
# send_comment_notification
function send_comment_notification( $data ) {
$news_info = get_news_info( $data['news_id'] );
#$to = 'jedihawk@gmail.com';
$to = 'swagner@cchr.org';
$from = 'do_not_reply@psychcrime.org';
$subject = "New comment posted to {$news_info['title']} ({$news_info['date']})";
$headers = "From: $from\r\n"
. "X-Priority: Low";
$message = "Dear PsychCrime.org Administrator,
A new comment was posted to news item #{$data['news_id']}:
News Item Title: {$news_info['title']}
News Item Date: {$news_info['date_explained']}
Comment Name: {$data['name']}
Comment Email: {$data['email']}
Date Posted: {$data['date_posted']}
Comment:
{$data['comment']}
- - -
Admin link:
http://www.psychcrime.org/news/admin.php
";
mail( $to, $subject, $message, $headers );
} # end send_comment_notification
# post_new_comment
function post_new_comment() {
header('Content-type: text/html');
$data = array(
'name' => mysql_escape_string( $_POST['name'] ),
'email' => mysql_escape_string( $_POST['email'] ),
'comment' => mysql_escape_string( $_POST['comment'] ),
'news_id' => mysql_escape_string( $_POST['news_id'] ),
);
$comment_data = array(
'name' => htmlentities( $_POST['name'] ),
'email' => htmlentities( $_POST['email'] ),
'comment' => $_POST['comment'],
'date_posted' => date('Y-m-d H:i:s'),
'news_id' => $_POST['news_id'],
);
$insert_result = insert_new_comment( $data );
if( is_int( $insert_result ) ) {
send_comment_notification( $comment_data );
#echo comment_html( $comment_data ); # this gives the user back their comment and makes it appear like it's live on the webpage now
# but this is not true any more, comments are 'hidden' by default now (2010-06-13)
echo "Thank you, your comment is pending.
\n";
} else
echo "ERROR: $insert_result
\n";
} # end post_new_comment
# start
require '../libs/lib.php';
require '../libs/db.php';
$scriptname = $_SERVER['PHP_SELF'];
#
# actions
#
if( $_POST['new_comment'] ) { # a new comment was posted via AJAX
post_new_comment();
}
else { # standard / default
if( 'archive' == $_GET['news'] ) { # archive, older than 30 days
$the_news = the_news( array( 'archive' => true ) );
}
else { # standard, last 30 days
$the_news = the_news();
}
if( $the_news['meta_keywords'] ) { # keywords
$meta_keywords = $the_news['meta_keywords'];
} else {
$meta_keywords = 'database, criminal database, criminal psychiatrist database, psychiatry, psychiatrist, psychiatric crime, human rights';
}
if( $the_news['meta_description'] ) { # description
$meta_description = $the_news['meta_description'];
} else {
$meta_description = 'PsychCrime.org, look up criminal psychiatrists in our database';
}
echo include_ssi( '/html_top.html' );
echo <<The PsychCrime Database - PsychCrime.org
HTML_HEADER;
echo include_ssi( '/master_content_table1.html' );
echo $the_news['html_content'];
echo include_ssi( '/master_content_table2.html' );
}
?>
