>
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU Affero General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see .
*/
if(isset($_POST['asyncrequest']))
{
session_start();
}else{
include_once('head.php');
}
include_once('db.php');
include_once('nonce.php');
include_once('rpc.php');
$thing=explode('@',$path[2]);
if(isset($_SESSION['id']))
{
// Check if we're blocking the user (can't comment on things of people you're blocking)
$by_esc=mysqli_real_escape_string($db, $thingobj['by']['name']);
$res=mysqli_query($db, 'select user from userblocks where user='.(int)$_SESSION['id'].' and blocked="'.$by_esc.'" limit 1');
$blocked=mysqli_fetch_row($res);
$info='';
$error='';
if(isset($_POST['msg']) && checknonce())
{
if($blocked){$error=_('Cannot send messages to blocked users');}else{
// Send it to thing's node
$msg=Array('from'=>$_SESSION['name'],
'message'=>$_POST['msg'],
'replyto'=>$_POST['replyto']);
$data=rpc_post($thing[1], 'comments/'.$thing[0], $msg);
if(isset($data['error']))
{
$error=$data['error'];
if(isset($_POST['asyncrequest'])){exit($error);}
}else{
rpc_cache($thing[1], 'comments/'.$thing[0], false); // Invalidate cache to show new comments
if(isset($_POST['asyncrequest'])){exit('ok:'.$data['id']);}
$info=_('Comment posted');
}
}
}
}
if(isset($_POST['asyncrequest'])){exit();}
$thingobj=rpc_get($thing[1], 'thing/'.$thing[0]);
if(isset($thingobj['error']))
{
print(''.$thingobj['error'].'
');
include_once('foot.php');
exit();
}
$name=htmlentities($thingobj['name']);
$by=htmlentities($thingobj['by']['name']);
$by=''.htmlentities($thingobj['by']['displayname']).'';
$license=$thingobj['license']['name'];
if($license=='other')
{
$license='Other, see description';
}else{
$simple=(isset($thingobj['license']['simple'])?' title="'.htmlentities($thingobj['license']['simple']).'"':'');
$license=''.htmlentities($license).'';
}
include_once('parsedown/Parsedown.php');
$md=new Parsedown();
$description=$md->text(htmlentities($thingobj['description']));
if(isset($_SESSION['name']))
{
if($thing[1]==DOMAIN && $thingobj['by']['name']==$_SESSION['name'])
{
$description.=''._('Edit').'';
}else{
$description.=''._('Report').'';
}
}
$files='';
foreach($thingobj['files'] as $file)
{
$type=(isset($file['type'])?$file['type']:'unknown');
$files.='';
}
$tags='';
foreach($thingobj['tags'] as $tag)
{
$tag=htmlentities($tag);
$tags.=' '.$tag.'';
}
$comments=rpc_get($thing[1], 'comments/'.$thing[0]);
include_once('parsedown/Parsedown.php');
$md=new Parsedown();
function commenthasreply($comment) // Search for undeleted replies
{
foreach($comment['replies'] as $reply)
{
if(substr_count($reply['sender'], '@')>0){return true;}
if(commenthaschild($reply)){return true;}
}
return false;
}
function printcomments($comments, $level=0)
{
global $md;
global $thing;
foreach($comments as $comment)
{
$sender=htmlentities($comment['sender']);
$senderhref='href="'.BASEURL.'/user/'.$sender.'"';
if(substr_count($sender, '@')>0)
{
$displayname=htmlentities(getdisplayname($comment['sender']));
}else{
if(!commenthasreply($comment)){continue;} // Don't print fully deleted chains
$senderhref='';
$displayname=$sender;
}
$msg=$md->text(htmlentities($comment['message']));
$time=htmlentities($comment['sent']);
print(''.$msg.'');
if(substr_count($sender, '@')>0 && isset($_SESSION['id']))
{
print(''._('Reply').'');
print(' - Report');
}
print('
');
printcomments($comment['replies'], $level+1);
}
}
if($error!=''){$info=''.$error.'';}
?>
'.htmlentities($thingobj['date']).'', $license)?>