Advanced search  

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Pages: [1]   Go Down

Author Topic: my comment control mod;  (Read 13664 times)

0 Members and 1 Guest are viewing this topic.

mywedding

  • Coppermine novice
  • *
  • Offline Offline
  • Gender: Female
  • Posts: 42
  • MyWedding
    • Wedding
my comment control mod;
« on: October 01, 2008, 02:02:01 pm »

hi guys,

i fed up , bad comments and spams, for non-registered visitors comments,  and i find little hack for that..


first open

1-) include/themes.inc.php and find this ;
Code: [Select]
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' ORDER BY msg_id $comment_sort_order");
and change it to;
Code: [Select]
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' && active = 'y' ORDER BY msg_id $comment_sort_order");
and save it...

2-) open /reviewcom.php find this line;
Code: [Select]
include("include/smilies.inc.php"); well, below that, add this code ;
Code: [Select]
if (isset($_GET['approveit'])) {
 $z = cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} set active = 'y' WHERE msg_id = '".$_GET['approveit']."'");
}
if ($z > 0) {
    echo <<<EOT
        <tr>
                <td class="tableh2" colspan="5" align="center">
                        <br /><b>Comment Approved</b><br /><br />
                </td>
        </tr>

EOT;
}


i used this code ....



if this post wrong place , sorry..

thx.. 



ps:pls coppermine administator check this mod, if any wrong
Logged
Dreams are free, so free your dreams, "Astrid Alauda"

mywedding

  • Coppermine novice
  • *
  • Offline Offline
  • Gender: Female
  • Posts: 42
  • MyWedding
    • Wedding
Re: my comment control mod;
« Reply #1 on: October 01, 2008, 02:14:31 pm »

hi guys,

i fed up , bad comments and spams, for non-registered visitors comments,  and i find little hack for that..


first open

1-) include/themes.inc.php and find this ;
Code: [Select]
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' ORDER BY msg_id $comment_sort_order");
and change it to;
Code: [Select]
$result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' && active = 'y' ORDER BY msg_id $comment_sort_order");
and save it...

2-) open /reviewcom.php find this line;
Code: [Select]
include("include/smilies.inc.php"); well, below that, add this code ;
Code: [Select]
if (isset($_GET['approveit'])) {
 $z = cpg_db_query("UPDATE {$CONFIG['TABLE_COMMENTS']} set active = 'y' WHERE msg_id = '".$_GET['approveit']."'");
}
if ($z > 0) {
    echo <<<EOT
        <tr>
                <td class="tableh2" colspan="5" align="center">
                        <br /><b>Comment Approved</b><br /><br />
                </td>
        </tr>

EOT;
}


3- ) last one,
open /reviewcom.php find this line;
Code: [Select]
$profile_link_start{$row['msg_author']}$profile_link_end and change it to
Code: [Select]
$profile_link_start{$row['msg_author']}$profile_link_end<br /> <a href="?approveit={$row['msg_id']}">approve</a>

i used this code ....



if this post wrong place , sorry..

thx.. 



ps:pls coppermine administator check this mod, if any wrong
Logged
Dreams are free, so free your dreams, "Astrid Alauda"

Nibbler

  • Guest
Re: my comment control mod;
« Reply #2 on: October 01, 2008, 02:49:21 pm »

You should include the query needed to add the 'active' field into the database with the instructions.
Logged

mywedding

  • Coppermine novice
  • *
  • Offline Offline
  • Gender: Female
  • Posts: 42
  • MyWedding
    • Wedding
Re: my comment control mod;
« Reply #3 on: October 01, 2008, 02:53:19 pm »

yes , i added "`active` enum('n','y') NOT NULL," to "cpg149_comments" table , i forgot to write...

Logged
Dreams are free, so free your dreams, "Astrid Alauda"

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: my comment control mod;
« Reply #4 on: October 01, 2008, 05:27:30 pm »

1-) include/themes.inc.php and find this ;
You should not edit that file, but theme.php!
Logged

mywedding

  • Coppermine novice
  • *
  • Offline Offline
  • Gender: Female
  • Posts: 42
  • MyWedding
    • Wedding
Re: my comment control mod;
« Reply #5 on: October 01, 2008, 06:21:05 pm »

i have theme.php but it's emtpy one on "water drop" theme, which theme i use about 4years,  ???

You should not edit that file, but theme.php!
Logged
Dreams are free, so free your dreams, "Astrid Alauda"

Joachim Müller

  • Dev Team member
  • Coppermine addict
  • ****
  • Offline Offline
  • Gender: Male
  • Posts: 47844
  • aka "GauGau"
    • gaugau.de
Re: my comment control mod;
« Reply #6 on: October 02, 2008, 07:32:22 am »

That's the point: you need to copy the section that needs editing from themes/sample/theme.php to themes/yourtheme/theme.php and then you edit just that section. In your case, copy
Code: [Select]
// Displays comments for a specific picture
function theme_html_comments($pid)
{
    global $CONFIG, $USER, $CURRENT_ALBUM_DATA, $comment_date_fmt, $HTML_SUBST;
    global $template_image_comments, $template_add_your_comment, $lang_display_comments;

    $html = '';

    //report to moderator buttons
    if (!(($CONFIG['report_post']==1) && (USER_CAN_SEND_ECARDS))) {
        template_extract_block($template_image_comments, 'report_comment_button');
    }

    if (!$CONFIG['enable_smilies']) {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_no_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_smilies');
        template_extract_block($template_add_your_comment, 'input_box_smilies');
    } else {
        $tmpl_comment_edit_box = template_extract_block($template_image_comments, 'edit_box_smilies', '{EDIT}');
        template_extract_block($template_image_comments, 'edit_box_no_smilies');
        template_extract_block($template_add_your_comment, 'input_box_no_smilies');
    }

    $tmpl_comments_buttons = template_extract_block($template_image_comments, 'buttons', '{BUTTONS}');
    $tmpl_comments_ipinfo = template_extract_block($template_image_comments, 'ipinfo', '{IPINFO}');

    if ($CONFIG['comments_sort_descending'] == 1) {
        $comment_sort_order = 'DESC';
    } else {
        $comment_sort_order = 'ASC';
    }
    $result = cpg_db_query("SELECT msg_id, msg_author, msg_body, UNIX_TIMESTAMP(msg_date) AS msg_date, author_id, author_md5_id, msg_raw_ip, msg_hdr_ip, pid FROM {$CONFIG['TABLE_COMMENTS']} WHERE pid='$pid' ORDER BY msg_id $comment_sort_order");

    while ($row = mysql_fetch_array($result)) {
        $user_can_edit = (GALLERY_ADMIN_MODE) || (USER_ID && USER_ID == $row['author_id'] && USER_CAN_POST_COMMENTS) || (!USER_ID && USER_CAN_POST_COMMENTS && ($USER['ID'] == $row['author_md5_id']));
        $comment_buttons = $user_can_edit ? $tmpl_comments_buttons : '';
        $comment_edit_box = $user_can_edit ? $tmpl_comment_edit_box : '';
        $comment_ipinfo = ($row['msg_raw_ip'] && GALLERY_ADMIN_MODE)?$tmpl_comments_ipinfo : '';

        if ($CONFIG['enable_smilies']) {
            $comment_body = process_smilies(make_clickable($row['msg_body']));
            $smilies = generate_smilies("f{$row['msg_id']}", 'msg_body');
        } else {
            $comment_body = make_clickable($row['msg_body']);
            $smilies = '';
        }

        $ip = $row['msg_hdr_ip'];
        if ($row['msg_hdr_ip'] != $row['msg_raw_ip']) {
            $ip .= ' [' . $row['msg_raw_ip'] . ']';
        }

        $params = array('{EDIT}' => &$comment_edit_box,
            '{BUTTONS}' => &$comment_buttons,
            '{IPINFO}' => &$comment_ipinfo
            );

        $template = template_eval($template_image_comments, $params);

        $params = array('{MSG_AUTHOR}' => stripslashes($row['msg_author']),
            '{MSG_ID}' => $row['msg_id'],
            '{PID}' => $row['pid'],
            '{EDIT_TITLE}' => &$lang_display_comments['edit_title'],
            '{CONFIRM_DELETE}' => &$lang_display_comments['confirm_delete'],
            '{MSG_DATE}' => localised_date($row['msg_date'], $comment_date_fmt),
            '{MSG_BODY}' => bb_decode($comment_body),
            '{MSG_BODY_RAW}' => $row['msg_body'],
            '{OK}' => &$lang_display_comments['OK'],
            '{SMILIES}' => $smilies,
            '{IP}' => $ip,
            '{REPORT_COMMENT_TITLE}' => &$lang_display_comments['report_comment_title'],
            '{WIDTH}' => $CONFIG['picture_table_width']
            );

        $html .= template_eval($template, $params);
    }

    if (USER_CAN_POST_COMMENTS && $CURRENT_ALBUM_DATA['comments'] == 'YES') {
        if (USER_ID) {
            $user_name_input = '<tr><td><input type="hidden" name="msg_author" value="' . stripslashes(USER_NAME) . '" /></td>';
            template_extract_block($template_add_your_comment, 'user_name_input', $user_name_input);
            $user_name = '';
        } else {
            if (isset($USER['name'])) {
              $user_name = strtr($USER['name'], $HTML_SUBST);
            } else {
              $user_name = $lang_display_comments['your_name'];
            }

        }

        $params = array('{ADD_YOUR_COMMENT}' => $lang_display_comments['add_your_comment'],
            // Modified Name and comment field
            '{NAME}' => $lang_display_comments['name'],
            '{COMMENT}' => $lang_display_comments['comment'],
            '{PIC_ID}' => $pid,
            '{USER_NAME}' => $user_name,
            '{MAX_COM_LENGTH}' => $CONFIG['max_com_size'],
            '{OK}' => $lang_display_comments['OK'],
            '{SMILIES}' => '',
            '{WIDTH}' => $CONFIG['picture_table_width'],
            );

        if ($CONFIG['enable_smilies']){
                        $params['{SMILIES}'] = generate_smilies();
                } else {
                        template_extract_block($template_add_your_comment, 'smilies');
                }

        $html .= template_eval($template_add_your_comment, $params);
    }

    return $html;
}
from themes/sample/theme.php into a new line before
Code: [Select]
?>in the file themes/yourtheme/theme.php. Next, you apply the edit as you suggested. This will make sure that your mod is upgrade-proof.
Logged

erlantz

  • Coppermine newbie
  • Offline Offline
  • Posts: 1
Re: my comment control mod;
« Reply #7 on: July 12, 2009, 02:10:49 am »

Hello;
I put all this stuff in my gallery, and works fine.
But there is a problem: in the page "last comments" all the comments are shown, even if they are not "approved". There are some way to fix this?
Logged

Nibbler

  • Guest
Re: my comment control mod;
« Reply #8 on: July 12, 2009, 12:16:27 pm »

You will have this problem all over Coppermine. In this case, edit functions.inc.php, find

Code: [Select]
                $query = "SELECT COUNT(*) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']}  WHERE approved = 'YES' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid $TMP_SET $keyword)";

change to

Code: [Select]
                $query = "SELECT COUNT(*) from {$CONFIG['TABLE_COMMENTS']}, {$CONFIG['TABLE_PICTURES']}  WHERE approved = 'YES' AND active = 'y' AND {$CONFIG['TABLE_COMMENTS']}.pid = {$CONFIG['TABLE_PICTURES']}.pid $TMP_SET $keyword)";

find

Code: [Select]
                $query = "SELECT $select_columns FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND c.pid = p.pid $TMP_SET $keyword) ORDER by msg_id DESC $limit";

change to

Code: [Select]
                $query = "SELECT $select_columns FROM {$CONFIG['TABLE_COMMENTS']} as c, {$CONFIG['TABLE_PICTURES']} as p WHERE approved = 'YES' AND active = 'y' AND c.pid = p.pid $TMP_SET $keyword) ORDER by msg_id DESC $limit";
Logged
Pages: [1]   Go Up
 

Page created in 0.029 seconds with 21 queries.