hi Nibbler,
thank tou you for the answer, i've tried it, but nothing works.
this is a piece of the code, starting at "//comment"
// Comment
case 'comment':
if (!(USER_CAN_POST_COMMENTS)) cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
check_comment($HTTP_POST_VARS['msg_body']);
check_comment($HTTP_POST_VARS['msg_author']);
$msg_author = addslashes(trim($HTTP_POST_VARS['msg_author']));
$msg_body = addslashes(trim($HTTP_POST_VARS['msg_body']));
$pid = (int)$HTTP_POST_VARS['pid'];
if ($msg_author == '' || $msg_body == '') cpg_die(ERROR, $lang_db_input_php['empty_name_or_com'], __FILE__, __LINE__);
$result = db_query("SELECT comments FROM {$CONFIG['TABLE_PICTURES']}, {$CONFIG['TABLE_ALBUMS']} WHERE {$CONFIG['TABLE_PICTURES']}.aid = {$CONFIG['TABLE_ALBUMS']}.aid AND pid='$pid'");
if (!mysql_num_rows($result)) cpg_die(ERROR, $lang_errors['non_exist_ap'], __FILE__, __LINE__);
$album_data = mysql_fetch_array($result);
mysql_free_result($result);
if ($album_data['comments'] != 'YES') cpg_die(ERROR, $lang_errors['perm_denied'], __FILE__, __LINE__);
if (!$CONFIG['disable_comment_flood_protect']){
$result = db_query("SELECT author_md5_id, author_id FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid = '$pid' ORDER BY msg_id DESC LIMIT 1");
if (mysql_num_rows($result)) {
$last_com_data = mysql_fetch_array($result);
if ((USER_ID && $last_com_data['author_id'] == USER_ID) || (!USER_ID && $last_com_data['author_md5_id'] == $USER['ID'])) {
cpg_die(ERROR, $lang_db_input_php['no_flood'], __FILE__, __LINE__);
}
}
}
if (!USER_ID) { // Anonymous users, we need to use META refresh to save the cookie
$insert = db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('$pid', '$msg_author', '$msg_body', NOW(), '{$USER['ID']}', '0', '$raw_ip', '$hdr_ip')");
$USER['name'] = $HTTP_POST_VARS['msg_author'];
$redirect = "displayimage.php?pos=" . (- $pid);
if ($CONFIG['email_comment_notification']) {
$mail_body = $msg_body . "\n\r ".$lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . $redirect;
cpg_mail($CONFIG['gallery_admin_email'], $lang_db_input_php['email_comment_subject'], $mail_body);
if (defined('UDB_INTEGRATION')){
$result = db_query("SELECT owner_id FROM {$CONFIG['TABLE_PICTURES']} WHERE pid=".$pid);
list($uid) = mysql_fetch_row($result);
$picture_owner_data = udb_get_user_infos($uid);
} else {
// send an email to the owner of the picture
$result = db_query("SELECT user_name,user_email FROM {$CONFIG['TABLE_PICTURES']} AS p, {$CONFIG['TABLE_USERS']} AS u WHERE u.user_id=p.owner_id and p.pid=".$pid);
$picture_owner_data = mysql_fetch_array($result);
}
$subject = "New GJPix Comment by ".USER_NAME;
$mail_body = "Hi ".$picture_owner_data['user_name']."!\n\n".USER_NAME." just wrote a comment on one of your photos, click the link below to read and reply to it.\n";
$mail_body .= "http://gallery.greatestjournal.com/displayimage.php?pos=-".$pid;
cpg_mail($picture_owner_data['user_email'], $subject, $mail_body, 'text/plain', "GJPix", 'webmaster@snaplife.ch');
}
pageheader($lang_db_input_php['com_added'], "<META http-equiv=\"refresh\" content=\"1;url=$redirect\">");
msg_box($lang_db_input_php['info'], $lang_db_input_php['com_added'], $lang_continue, $redirect);
pagefooter();
ob_end_flush();
exit;
} else { // Registered users, we can use Location to redirect
$insert = db_query("INSERT INTO {$CONFIG['TABLE_COMMENTS']} (pid, msg_author, msg_body, msg_date, author_md5_id, author_id, msg_raw_ip, msg_hdr_ip) VALUES ('$pid', '" . addslashes(USER_NAME) . "', '$msg_body', NOW(), '', '" . USER_ID . "', '$raw_ip', '$hdr_ip')");
$redirect = "displayimage.php?pos=" . (- $pid);
if ($CONFIG['email_comment_notification']) {
$mail_body = $msg_body . "\n\r ".$lang_db_input_php['email_comment_body'] . " " . $CONFIG['ecards_more_pic_target'] . $redirect;
cpg_mail($CONFIG['gallery_admin_email'], $lang_db_input_php['email_comment_subject'], $mail_body);
}
$header_location = (@preg_match('/Microsoft|WebSTAR|Xitami/', getenv('SERVER_SOFTWARE'))) ? 'Refresh: 0; URL=' : 'Location: ';
header($header_location . $redirect);
pageheader($lang_db_input_php['com_added'], "<META http-equiv=\"refresh\" content=\"1;url=$redirect\">");
msg_box($lang_db_input_php['info'], $lang_db_input_php['com_added'], $lang_continue, $redirect);
pagefooter();
ob_end_flush();
exit;
}
break;
Can you please tell me, where I make the fault?
greetz n thx
chrigi