> This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more details. You should have received a copy of the GNU Affero General Public License along with this program. If not, see . */ if(isset($_POST['asyncrequest'])) { session_start(); }else{ include_once('head.php'); } include_once('db.php'); include_once('nonce.php'); include_once('rpc.php'); $thing=explode('@',$path[2]); if(isset($_SESSION['id'])) { // Check if we're blocking the user (can't comment on things of people you're blocking) $by_esc=mysqli_real_escape_string($db, $thingobj['by']['name']); $res=mysqli_query($db, 'select user from userblocks where user='.(int)$_SESSION['id'].' and blocked="'.$by_esc.'" limit 1'); $blocked=mysqli_fetch_row($res); $info=''; $error=''; if(checknonce()) { if(isset($_POST['msg'])) { if($blocked){$error=_('Cannot send messages to blocked users');}else{ // Send it to thing's node $msg=Array('from'=>$_SESSION['name'], 'message'=>$_POST['msg'], 'replyto'=>$_POST['replyto']); $data=rpc_post($thing[1], 'comments/'.$thing[0], $msg); if(isset($data['error'])) { $error=$data['error']; if(isset($_POST['asyncrequest'])){exit($error);} }else{ rpc_cache($thing[1], 'comments/'.$thing[0], false); // Invalidate cache to show new comments if(isset($_POST['asyncrequest'])){exit('ok:'.$data['id']);} $info=_('Comment posted'); } } } if(isset($_POST['tag_optin'])) { $tag_name=mysqli_real_escape_string($db, $_POST['tag_optin']); $res=mysqli_query($db, 'select id from tags where optin!="" and name="'.$tag_name.'"'); if($res=mysqli_fetch_row($res)) { mysqli_query($db, 'insert into tag_optins(tag, user) values('.(int)$res[0].', '.(int)$_SESSION['id'].')'); } } } } if(isset($_POST['asyncrequest'])){exit();} $thingobj=rpc_get($thing[1], 'thing/'.$thing[0]); if(isset($thingobj['error'])) { print('

'.$thingobj['error'].'

'); include_once('foot.php'); exit(); } $name=htmlentities($thingobj['name']); $by=htmlentities($thingobj['by']['name']); $by=''.htmlentities($thingobj['by']['displayname']).''; $license=$thingobj['license']['name']; if($license=='other') { $license='Other, see description'; }else{ $simple=(isset($thingobj['license']['simple'])?' title="'.htmlentities($thingobj['license']['simple']).'"':''); $license=''.htmlentities($license).''; } include_once('parsedown/Parsedown.php'); $md=new Parsedown(); $description=$md->text(htmlentities($thingobj['description'])); if(isset($_SESSION['name'])) { if($thing[1]==DOMAIN && $thingobj['by']['name']==$_SESSION['name']) { $description.=''._('Edit').''; }else{ $description.=''._('Report').''; } } $files=''; foreach($thingobj['files'] as $file) { $type=(isset($file['type'])?$file['type']:'unknown'); $files.='
'; if(isset($file['preview3d'])){$files.='
3D view
';} $files.='
'.htmlentities($file['name']).'
'; } $tags=''; foreach($thingobj['tags'] as $tag) { if(!isset($_GET['show_'.strtolower($tag).'_content']) || $_GET['show_'.strtolower($tag).'_content']!='true') { // Check if tag requires optin $tagname=mysqli_real_escape_string($db, $tag); $res=mysqli_query($db, 'select id, optin from tags where name="'.$tagname.'"'); $optin=mysqli_fetch_assoc($res); if($optin['optin']!='' && isset($_SESSION['id'])) // Check if user is already opted in { $res=mysqli_query($db, 'select tag from tag_optins where tag='.(int)$optin['id'].' and user='.(int)$_SESSION['id']); if(mysqli_fetch_row($res)){$optin['optin']='';} // Just act like the optin doesn't exist } if($optin['optin']!='') { $showurl=$_SERVER['REQUEST_URI']; $showurl.=(substr_count($showurl, '?')?'&':'?').'show_'.strtolower($tag).'_content=true'; print('
'.$optin['optin'].'
'); print(''); if(isset($_SESSION['id'])) { print('
'.nonce()); print(''); print('
'); } print('
'); include_once('footer.php'); exit(); } } $tag=htmlentities($tag); $tags.=' '.$tag.''; } $comments=rpc_get($thing[1], 'comments/'.$thing[0]); include_once('parsedown/Parsedown.php'); $md=new Parsedown(); function commenthasreply($comment) // Search for undeleted replies { foreach($comment['replies'] as $reply) { if(substr_count($reply['sender'], '@')>0){return true;} if(commenthaschild($reply)){return true;} } return false; } function printcomments($comments, $level=0) { global $md; global $thing; foreach($comments as $comment) { $sender=htmlentities($comment['sender']); $senderhref='href="'.BASEURL.'/user/'.$sender.'"'; if(substr_count($sender, '@')>0) { $displayname=htmlentities(getdisplayname($comment['sender'])); }else{ if(!commenthasreply($comment)){continue;} // Don't print fully deleted chains $senderhref=''; $displayname=$sender; } $msg=$md->text(htmlentities($comment['message'])); $time=htmlentities($comment['sent']); $timeago=timeago($comment['sent']); print('
'.$displayname.' '.$timeago.'
'.$msg.'

'); if(substr_count($sender, '@')>0 && isset($_SESSION['id'])) { print(''._('Reply').''); print(' - Report'); } print('

'); printcomments($comment['replies'], $level+1); } } if($error!=''){$info=''.$error.'';} ?>

by

'.timeago($thingobj['date']).'', $license)?>