<?php
//v1.0.4 www.bcoos.net 2006/10 GPL
// www.bcoos.net 2006-09 1.0.2 GPL
//v1.5 www.exoops.info 2006/08 GPL 
// $Id: postcomment.php,v 1.4 2003/03/19 07:01:24 half-dead Exp $
// ------------------------------------------------------------------------- //
//               E-Xoops: Content Management for the Masses                  //
//                       < http://www.e-xoops.com >                          //
// ------------------------------------------------------------------------- //
// Original Author: The Xoops Project
// Author Website : http://www.xoops.org
// License Type   : GPL: See /manual/LICENSES/GPL.txt
// ------------------------------------------------------------------------- //
include_once("../../mainfile.php");
include_once(XOOPS_ROOT_PATH."/class/xoopscomments.php");
if ( isset($_POST['op']) ) {
switch($_POST['op']) {
case "preview":
	include_once(XOOPS_ROOT_PATH."/header.php");
	( empty($bcoosConfig['allow_html']) || empty($_POST['allow_html']) ) ? $html = 0 : $html = intval($_POST['allow_html']);
	$p_subject = $myts->makeTboxData4Preview($_POST['subject']);
	if ($xoopsUser && $xoopsUser->isAdmin($xoopsModule->mid())) {
		$myts->setType('admin');
		} else {
			$myts->setType('user');
		}
	$p_comment = $myts->makeTareaData4Preview($_POST['message'], $html, intval($_POST['allow_smileys']), intval($_POST['allow_bbcode']));
	themecenterposts($p_subject, $p_comment);
	$icon          = $_POST['icon'];
	$noname        = intval($_POST['noname']);
	$allow_html    = intval($_POST['allow_html']);
	$allow_smileys = intval($_POST['allow_smileys']);
	$allow_bbcode  = intval($_POST['allow_bbcode']);
	$pid           = intval($_POST['pid']);
	$item_id       = intval($_POST['item_id']);
	$comment_id    = intval($_POST['comment_id']);
	$order         = $_POST['order'];
	$subject       = $myts->makeTboxData4PreviewInForm($_POST['subject']);
	$message       = $myts->makeTboxData4PreviewInForm($_POST['message']);
	$anonuser = $myts->makeTboxData4PreviewInForm($_POST['anonuser']);
	OpenTable();
	include_once(XOOPS_ROOT_PATH."/include/commentform.inc.php");
	CloseTable();
	break;
case "post":
	if ( !empty($_POST['comment_id']) ) {
		$arccomment = new XoopsComments($db->prefix("arcade_comments"), $_POST['comment_id']);
		$accesserror = 0;
		if ( $xoopsUser ) {
			if ( !$xoopsUser->isAdmin($xoopsModule->mid()) ) {
				if ( $arccomment->getVar("user_id") != $xoopsUser->getVar("uid") ) { $accesserror = 1; }
			}
		} else { $accesserror = 1; }
		if ( $accesserror == 1 ) {
			redirect_header("index.php?act=show_stats&gid=".intval($_POST['item_id'])."&comment_id=".intval($_POST['comment_id'])."&order=".intval($_POST['order']),1,_NW_EDITNOTALLOWED);
			exit();
		}
	
	} else {
		$arccomment = new XoopsComments($db->prefix("arcade_comments"));
		$arccomment->setVar("pid", $_POST['pid']);
		$arccomment->setVar("item_id", $_POST['item_id']);
		$arccomment->setVar("ip", _REMOTE_ADDR);
		
		if ($xoopsUser && $xoopsUser->isAdmin($xoopsModule->mid())) { $arccomment->setVar('type', 'admin'); }
		else { $arccomment->setVar('type', 'user'); }
		
		if ( $xoopsUser ) {
			$uid = $xoopsUser->getVar("uid");
		} else {
			if ( $bcoosConfig['anonpost'] == 1 ) { $uid = 0;
			} else {
				redirect_header("index.php?act=show_stats&gid=".$_POST['itemid']."&comment_id=".$_POST['comment_id']."&order=".$_POST['order'],1,_NW_ANONNOTALLOWED);
				exit();
			}
		}
		$arccomment->setVar("user_id", $uid);
		
		if (!$xoopsUser && $bcoosConfig['anonpost'] && $bcoosConfig['captcha_comments'] && function_exists('imagecreate')) {
			include_once(XOOPS_ROOT_PATH."/class/rc4.crypt.php");
			$rc4 = new rc4_crypt();
			$rc4->key(strtoupper($verify_text));
			$verify_crc = base64_decode($verify_crc);
			$rc4->decrypt($verify_crc);
			if ( empty($verify_text) || $verify_crc != "verified" ) {
				
				include_once(XOOPS_ROOT_PATH."/header.php");//content
				( empty($bcoosConfig['allow_html']) || empty($_POST['allow_html']) ) ? $html = 0 : $html = intval($_POST['allow_html']);
				$p_subject = $myts->makeTboxData4Preview($_POST['subject']);
				if ($xoopsUser && $xoopsUser->isAdmin($xoopsModule->mid())) { $myts->setType('admin'); }
				else { $myts->setType('user');}
				$p_comment = $myts->makeTareaData4Preview($_POST['message'], $html, intval($_POST['allow_smileys']), intval($_POST['allow_bbcode']));
				echo "<b>"._US_BADVERIF."</b>";
				themecenterposts($p_subject, $p_comment);//content
				$icon          = $_POST['icon'];
				$noname        = intval($_POST['noname']);
				$allow_html    = intval($_POST['allow_html']);
				$allow_smileys = intval($_POST['allow_smileys']);
				$allow_bbcode  = intval($_POST['allow_bbcode']);
				$pid           = intval($_POST['pid']);
				$item_id       = intval($_POST['item_id']);
				$comment_id    = intval($_POST['comment_id']);
				$order         = $_POST['order'];
				$subject       = $myts->makeTboxData4PreviewInForm($_POST['subject']);
				$message       = $myts->makeTboxData4PreviewInForm($_POST['message']);
				$anonuser       = $myts->makeTboxData4PreviewInForm($_POST['anonuser']);
		
				OpenTable();
				include_once(XOOPS_ROOT_PATH."/include/commentform.inc.php");//content
				CloseTable();
				include_once(XOOPS_ROOT_PATH."/footer.php");//content
				exit();
			}
		}
	}
	$arccomment->setVar("subject", $_POST['subject']);
	$arccomment->setVar("comment", $_POST['message']);
	$arccomment->setVar("allow_html", intval($_POST['allow_html']));
	$arccomment->setVar("allow_smileys", intval($_POST['allow_smileys']));
	$arccomment->setVar("allow_bbcode", intval($_POST['allow_bbcode']));
	$arccomment->setVar("icon", $_POST['icon']);
	$arccomment->setVar("anonuser", $_POST['anonuser']);
	$newtid = $arccomment->store();
	redirect_header("index.php?act=show_stats&gid=".intval($_POST['item_id'])."&comment_id=".$newtid."&order=".intval($_POST['order'])."#".$newtid."",2,_THANKSSUBMIT);
	exit();
	break;
}
	} else {
		redirect_header("index.php?act=show_stats&gid=".intval($_POST['item_id']),2);
		exit();
	}
include_once(XOOPS_ROOT_PATH."/footer.php");
?>