#!/usr/bin/perl
########################################################################
# COPYRIGHT NOTICE:
#
# Copyright 2008 FocalMedia.Net All Rights Reserved.
#
# Selling the code for this program without prior written consent
# from FocalMedia.Net is expressly forbidden. You may not
# redistribute this program in any shape or form.
#
# This program is distributed "as is" and without warranty of any
# kind, either express or implied. In no event shall the liability
# of FocalMedia.Net for any damages, losses and/or causes of action
# exceed the total amount paid by the user for this software.
#
########################################################################
#### EDIT HERE -- FOR WINDOWS/IIS BASED INSTALLATIONS ONLY #######
$config_cgi = "config.cgi"; ## <-- CHANGE THIS LINE TO THE FULL SERVER PATH TO config.cgi
# THE PATH ON A WINDOWS INSTALLATION WILL LOOK SOMETHING LIKE THIS:
# $config_cgi = "c:/inetpub/webpub/cgi-bin/pseek/config.cgi";
#### DO NOT CHANGE ANYTHING BELOW THIS LINE #################
#use FindBin;
#use lib $FindBin::Bin;
use CGI::Carp qw(fatalsToBrowser);
use CGI;
use DBI;
use pseek;
use fmspm;
#### REDIRECT URL
# Set a URL address below to redirect users if the rating link is not valid.
# The line below should look like this for example:
# $redirect_url = "http://www.somewhere.com";
$redirect_url = "";
&get_setup;
fmspm::check_spamb("reviews.cgi", "header", "$data_dir");
$q = CGI->new;
#################
print "Content-type: text/html\n\n";
if ($q->param('fct') eq ""){&review_display;}
if ($q->param('fct') eq "save_review"){&save_review;}
################
sub save_review
{
$gsettings = new_gsettings tseek;
if ($q->param('id') eq "") { print "Invalid Comment/Review Form - No hidden ID value specified."; exit;}
### CHECK IF REGISTRATION SYSTEM IS IN USE AND IF USER NEEDS TO BE LOGGED IN TO RATE LINKS
if (($gsettings->{addurl_reg_system} eq "Yes") and ($gsettings->{comments_reg_system} eq "Yes"))
{
### CHECK IF USER IS LOGGED IN
$query = new CGI;
$usercookie = $query->cookie('cpuser');
$passcookie = $query->cookie('cppass');
if (($usercookie ne "") and ($passcookie ne ""))
{
if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";}
$dbh = DBI->connect($dsn, $db_username, $db_password);
if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; }
#$sql = "SELECT * FROM lnkusers WHERE rgsuser = '$passed_user' AND rgspass = '$passed_pass' AND activated = 'Y'";
$sql = "SELECT * FROM lnkusers WHERE rgsuser = '$usercookie' AND rgspass = '$passcookie'";
$sth = $dbh->prepare($sql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $sql";}
$rows = $sth->rows();
$sth->finish;
$dbh->disconnect;
if ($rows < 1)
{
$cp_template = pseek::get_file_contents("$data_dir/rgs_rcomment.html");
$cp_template = pseek::ts_insert_template_includes($cp_template);
$cp_template = pseek::fill_vars($cp_template);
print $cp_template;
exit;
}
}
else
{
$cp_template = pseek::get_file_contents("$data_dir/rgs_rcomment.html");
$cp_template = pseek::ts_insert_template_includes($cp_template);
$cp_template = pseek::fill_vars($cp_template);
print $cp_template;
exit;
}
}
#### ERROR CHECKING
$rtext = pseek::get_file_contents("$data_dir/reviews2.txt");
@rtext = split (/\n/, $rtext);
$addurltext = pseek::get_file_contents("$data_dir/addurl2.txt");
@ctexts = split (/\n/, $addurltext);
if ($q->param('name') eq "")
{
# 0 Please supply a name.
$error_text = $rtext[0];
}
if ($q->param('review') eq "")
{
# 1 Please supply a review.
$error_text = $rtext[1];
}
$comment_max_chars = $gsettings->{comment_max_chars};
if ($comment_max_chars < 1) { $comment_max_chars = 256; }
if (length($q->param('review')) > $comment_max_chars)
{
# 1 Max characters allowed exceeded.
$error_text = $rtext[2];
}
### IMAGE AUTH
if ($gsettings->{c_image_auth} eq "Yes")
{
$img_auth_check = pseek::check_img_auth;
if ($img_auth_check eq "false") { $error_text = $ctexts[15]; }
}
### EXTRA FIELD ERROR CHECKING
if ($rtext[4] eq "") { $rtext[4] = "You need to enter a value for '!!field!!'"; }
if ($rtext[3] eq "") { $rtext[3] = "The details you entered for !!field!! exceeds the maximum number of characters allowed."; }
$ldata = &get_file_contents("$data_dir/keyscom.dat");
@allditems = split (/\n/, $ldata);
$itemcnt = 1;
foreach $item (@allditems)
{
($ename, $echar, $ereq) = split (/\t/, $item);
if ($ename ne "")
{
$extra = "extra" . $itemcnt;
if (($ereq eq "Y") and ($q->param($extra) eq ""))
{
$tmp = $rtext[4]; $rtext[4] =~ s/!!field!!/$ename/g;
$error_text = $rtext[4];
}
if (length($q->param($extra)) > $echar)
{
$tmp = $rtext[3]; $rtext[3] =~ s/!!field!!/$ename/g;
$error_text = $rtext[3];
}
}
$itemcnt++;
}
($lnkid, $cid) = split (/-/, $q->param('id'));
$lnkid =~ s/[^0-9]//g;
$cid =~ s/[^0-9]//g;
if ($error_text ne "")
{
$prb_template = pseek::get_file_contents("$data_dir/reviewproblem.html");
$prb_template =~ s/%%problem%%/$error_text/gi;
$prb_template =~ s/!!scripts_url!!/$script_url/gi;
if ($gsettings->{searchmeth} eq "fulltext")
{
$prb_template =~ s/!!tseeksearch!!/$script_url\/search2\.cgi/gi;
}
else
{
$prb_template =~ s/!!tseeksearch!!/$script_url\/search\.cgi/gi;
}
$prb_template =~ s/!build_url!/$web_url/gi;
$prb_template =~ s/!!build_url!!/$web_url/gi;
$prb_template = pseek::ts_insert_template_includes($prb_template);
$prb_template = pseek::fill_vars($prb_template);
$prb_template = pseek::insert_go_back_buttons($prb_template, $lnkid, $cid);
print $prb_template; exit;
}
if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";}
$dbh = DBI->connect($dsn, $db_username, $db_password);
if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; }
$sth = $dbh->prepare("SELECT cid FROM links WHERE lnkid = '$lnkid'");
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror \n From: $sql";}
$rows = $sth->rows();
while ( @row = $sth->fetchrow() )
{
$cid = $row[0];
}
if ($rows < 1)
{
if ($redirect_url ne "")
{
print qq[
FocalMedia.Net
];
exit;
}
else
{
print "Invalid Link";
exit;
}
}
if (($cid eq "") or ($lnkid eq "")) { print "Error: Invalid link"; exit; }
$name = $q->param('name');
$name =~ s/'/\\'/g;
$email = $q->param('email');
$email =~ s/'/\\'/g;
$review = $q->param('review');
$review =~ s/'/\\'/g;
$timep = time();
#### EXTRA FIELDS
for ($ms = 1; $ms < 11; $ms++)
{
$extraname = "extra" . $ms;
$extraval = $q->param($extraname);
$extraval =~ s/'/\\'/g;
$review = $review . "o-o:o-o" . $extraval;
}
#### CONNECT TO DB
$sth = $dbh->prepare("INSERT INTO reviews SET cid = '$cid',
lnkid = '$lnkid',
rname = '$name',
remail = '$email',
review = '$review',
approved = 'N',
date = '$timep'
");
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror \n From: $sql";}
$comment_template = pseek::get_file_contents("$data_dir/reviewadded.html");
$comment_template =~ s/!!scripts_url!!/$script_url/g;
if ($gsettings->{searchmeth} eq "fulltext")
{
$comment_template =~ s/!!tseeksearch!!/$script_url\/search2\.cgi/gi;
}
else
{
$comment_template =~ s/!!tseeksearch!!/$script_url\/search\.cgi/gi;
}
$comment_template =~ s/!build_url!/$web_url/g;
$comment_template =~ s/!!build_url!!/$web_url/g;
$wsql = "SELECT * FROM dirs WHERE cid = '$cid'";
$sth = $dbh->prepare($wsql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror \n From: $wsql";}
$lv = 0;
while ( @row = $sth->fetchrow() )
{
for ($ms = 2; $ms < 18; $ms++)
{
if ($row[$ms] ne "")
{
if ($gsettings->{dyn_stat} eq "Static")
{
$link_to_cat = $link_to_cat . pseek::encode_dir($row[$ms]) . "/";
}
else
{
$lv++;
$link_to_cat = $link_to_cat . pseek::encode_dir($row[$ms]) . "-";
}
$category = $category . $row[$ms] . "/";
}
}
}
$category = substr($category, 0, length($category) - 1);
if ($gsettings->{dyn_stat} eq "Static")
{
$category = "$category";
}
else
{
$link_to_cat = substr($link_to_cat, 0, length($link_to_cat) - 1);
$category = "$category";
}
$comment_template =~ s/%%category%%/$category/g;
$comment_template =~ s/!!category!!/$category/g;
##### GET LINK INFO
$wsql = "SELECT * FROM links WHERE lnkid = '$lnkid'";
$sth = $dbh->prepare($wsql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $wsql";}
while ( @row = $sth->fetchrow() )
{
$title_without_link = $row[2];
$title_with_link = $row[2];
$description = $row[3];
$url = $row[5];
$rating = $row[10];
$votes = $row[11];
$hits = $row[12];
$date = $row[17];
$owner_email = $row[9];
}
$date = pseek::decode_date($date);
if ($rating eq "") { $rating = 0; }
if ($votes eq "") { $votes = 0; }
if ($hits eq "") { $hits = 0; }
if (($url eq "http://") or ($url eq ""))
{
$title_with_link = "$title_with_link";
}
else
{
$title_with_link = "$title_with_link";
}
$comment_template =~ s/%%title_with_link%%/$title_with_link/gi;
$comment_template =~ s/!!title_with_link!!/$title_with_link/gi;
$comment_template =~ s/%%description%%/$description/gi;
$comment_template =~ s/!!description!!/$description/gi;
$comment_template =~ s/%%url%%/$url/gi;
$comment_template =~ s/!!url!!/$url/gi;
$comment_template =~ s/%%itemurl%%/$url/gi;
$comment_template =~ s/!!itemurl!!/$url/gi;
$comment_template =~ s/%%rating%%/$rating/gi;
$comment_template =~ s/!!rating!!/$rating/gi;
$comment_template =~ s/%%votes%%/$votes/gi;
$comment_template =~ s/!!votes!!/$votes/gi;
$comment_template =~ s/%%hits%%/$hits/gi;
$comment_template =~ s/!!hits!!/$hits/gi;
$comment_template =~ s/%%date%%/$date/gi;
$comment_template =~ s/!!date!!/$date/gi;
#####
$comment_template =~ s/!!id!!/$lnkid-$cid/gi;
$comment_template =~ s/!!rate_it!!/$script_url\/rateit2.cgi/gi;
$rating_image = pseek::get_rating_images($rating);
$comment_template =~ s/%%rating_image%%/$rating_image/gi;
$comment_template =~ s/!!rating_image!!/$rating_image/gi;
$sth->finish;
$dbh->disconnect;
$comment_template = pseek::insert_images($comment_template, "$script_url/go.cgi?id=$lnkid");
$comment_template = pseek::ts_insert_template_includes($comment_template);
$comment_template = pseek::fill_vars($comment_template);
$comment_template = pseek::insert_go_back_buttons($comment_template, $lnkid, $cid);
##### SEND NOTIFICATION OF COMMENTS IF NECESSARY
$eml_notification_settings = pseek::get_file_contents("$data_dir/emlcomnot.dat");
($elmnot, $emladm) = split (/\n/, $eml_notification_settings);
if ($emladm eq "Y")
{
if ($gsettings->{more_info_naming} eq "linktitles")
{
$more_info_fn1 = pseek::get_more_info_file_name($title_without_link);
$more_info_link = "$web_url/$link_to_cat" . $more_info_fn1 . "_" . "$lnkid" . $gsettings->{gen_file_ext};
}
else
{
$more_info_link = "$web_url/$link_to_cat" . "$lnkid" . $gsettings->{gen_file_ext};
}
$comment_link = "$script_url/reviews.cgi?id=$lnkid&cid=$cid";
$emailadm = pseek::get_file_contents("$data_dir/emladm.eml");
@elines = split (/\n/, $emailadm);
$from_name_admin = $elines[0];
$to_email_admin = $elines[1];
$from_email_admin = $elines[2];
$email_subject_admin = $elines[3];
$lnc = 0;
foreach $line (@elines)
{
if ($lnc > 3)
{
$email_message_admin = $email_message_admin . $line . "\n";
}
$lnc++;
}
$email_message_admin =~ s/%%more_info_link%%/$more_info_link/gi;
$email_message_admin =~ s/%%comment_link%%/$comment_link/gi;
$email_message_admin =~ s/!!link_title!!/$title_without_link/gi;
$email_message_admin =~ s/!!link_url!!/$url/gi;
$email_message_admin =~ s/!!link_description!!/$description/gi;
$email_message_admin =~ s/!!name!!/$name/gi;
$email_message_admin =~ s/!!email!!/$email/gi;
$email_message_admin =~ s/!!comment!!/$review/gi;
pseek::send_email ($from_name_admin, $from_email_admin, $to_email_admin, $email_subject_admin, $email_message_admin);
}
########
print $comment_template;
}
################
sub review_display
{
$gsettings = new_gsettings tseek;
$cid = $q->param('cid'); $cid =~ s/[^0-9]//g;
$lnkid = $q->param('id'); $lnkid =~ s/[^0-9]//g;
if (($cid eq "") or ($lnkid eq ""))
{
if ($redirect_url ne "")
{
print qq[
FocalMedia.Net
];
exit;
}
else
{
print "Invalid Link";
exit;
}
}
### CONNECT TO DB
if ($mysql_hostname eq ""){$dsn = "DBI:mysql:$db_name";}else{$dsn = "DBI:mysql:$db_name:$mysql_hostname:$mysql_port";}
$dbh = DBI->connect($dsn, $db_username, $db_password);
if ( !defined $dbh ) {die "Cannot connect to MySQL server: $DBI::errstr\n"; }
### GET CATEGORY
$wsql = "SELECT * FROM dirs WHERE cid = '$cid'";
$sth = $dbh->prepare($wsql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror \n From: $wsql";}
$rows = $sth->rows();
if ($rows < 1)
{
if ($redirect_url ne "")
{
print qq[
FocalMedia.Net
];
exit;
}
else
{
print "Invalid Link";
exit;
}
}
$lv = 0;
while ( @row = $sth->fetchrow() )
{
for ($ms = 2; $ms < 18; $ms++)
{
if ($row[$ms] ne "")
{
if ($gsettings->{dyn_stat} eq "Static")
{
$link_to_cat = $link_to_cat . pseek::encode_dir($row[$ms]) . "/";
}
else
{
$lv++;
$link_to_cat = $link_to_cat . pseek::encode_dir($row[$ms]) . "-";
}
$category = $category . $row[$ms] . "/";
}
}
}
$category = substr($category, 0, length($category) - 1);
$comment_template = pseek::get_file_contents("$data_dir/review_it.html");
$comment_template =~ s/!!scripts_url!!/$script_url/g;
if ($gsettings->{searchmeth} eq "fulltext")
{
$comment_template =~ s/!!tseeksearch!!/$script_url\/search2\.cgi/g;
}
else
{
$comment_template =~ s/!!tseeksearch!!/$script_url\/search\.cgi/g;
}
$comment_template =~ s/!build_url!/$web_url/g;
$comment_template =~ s/!!build_url!!/$web_url/g;
if ($gsettings->{dyn_stat} eq "Static")
{
$category = "$category";
}
else
{
$link_to_cat = substr($link_to_cat, 0, length($link_to_cat) - 1);
$category = "$category";
}
$comment_template =~ s/%%category%%/$category/g;
$comment_template =~ s/!!category!!/$category/g;
##### GET LINK INFO
$wsql = "SELECT * FROM links WHERE lnkid = '$lnkid'";
$sth = $dbh->prepare($wsql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror \n From: $wsql";}
$rows = $sth->rows();
if ($rows < 1)
{
if ($redirect_url ne "")
{
print qq[
FocalMedia.Net
];
exit;
}
else
{
print "Invalid Link";
exit;
}
}
### GET EXTRA KEYS/FIELDS
$keydata = pseek::get_file_contents("$data_dir/keys.dat");
@akeys = split (/\n/, $keydata);
$knr = @akeys;
$key_upload_data = pseek::get_file_contents("$data_dir/keysupl.dat");
@upl_items = split (/:-o_:/, $key_upload_data);
while ( @row = $sth->fetchrow() )
{
$title_with_link = $row[2];
$description = $row[3];
$url = $row[5];
$rating = $row[10];
$votes = $row[11];
$hits = $row[12];
$date = $row[17];
$rowcntr = 27;
foreach $keyitem(@akeys)
{
($keyname, $visible, $size, $searched, $descriptiont, $na, $imgk, $nmbr, $req, $allow_html, $carriage_pagebreak) = split (/\t/, $keyitem);
if ($nmbr eq "Upload")
{
if ($row[$rowcntr] eq "")
{
$comment_template =~ s/!!$keyname!!/$na/g;
}
else
{
$apreapp = ""; $aapend = "";
foreach $upload_item (@upl_items)
{
($fieldname_t, $filetypes_t, $preappend_t, $append_t, $uploadsize_t) = split (/:o:-:o:/, $upload_item);
if ($keyname eq $fieldname_t) { $apreapp = $preappend_t; $aapend = $append_t; }
}
$upcrit = $apreapp . "$web_url/imagefiles/$lnkid/$keyname" . "." . $row[$rowcntr] . $aapend;
$comment_template =~ s/!!$keyname!!/$upcrit/g;
}
}
elsif ($imgk eq "Yes")
{
if ($row[$rowcntr] ne ""){$imgcrit = "";} else { $imgcrit = $na; }
$comment_template =~ s/%%$keyname%%/$imgcrit/gi;
$comment_template =~ s/!!$keyname!!/$imgcrit/gi;
}
else
{
if ($allow_html eq "N") { $row[$rowcntr] =~ s/</g; $row[$rowcntr] =~ s/>/>/g; }
if ($carriage_pagebreak eq "Y") { $row[$rowcntr] =~ s/\n/
/gi; }
if ($row[$rowcntr] eq "") { $row[$rowcntr] = $na; }
$comment_template =~ s/%%$keyname%%/$row[$rowcntr]/gi;
$comment_template =~ s/!!$keyname!!/$row[$rowcntr]/gi;
}
$rowcntr++;
}
#### !!link_image!!
if ($comment_template =~ /!!link_image!!/i)
{
$img_fname = "$web_dir/imagefiles/" . $row[0] . "." . $row[6];
$image_width = $gsettings->{image_width};
$image_height = $gsettings->{image_height};
if ($image_width > 0) { $imgw = qq[ width="$image_width" ]; }
if ($image_height > 0) { $imgh = qq[ height="$image_height" ]; }
if (-e "$img_fname")
{
$the_image_url = "$web_url/imagefiles/$row[0]" . "." . $row[6];
$the_link_image = qq[];
$comment_template =~ s/!!link_image!!/$the_link_image/gi;
}
else
{
if ($gsettings->{default_image} =~ /http:/)
{
$the_image_url = $gsettings->{default_image};
$the_link_image = qq[];
$comment_template =~ s/!!link_image!!/$the_link_image/gi;
}
else
{
$comment_template =~ s/!!link_image!!//gi;
}
}
}
}
$date = pseek::decode_date($date);
if ($rating eq "") { $rating = 0; }
if ($votes eq "") { $votes = 0; }
if ($hits eq "") { $hits = 0; }
if (($url eq "http://") or ($url eq ""))
{
$title_with_link = "$title_with_link";
}
else
{
$title_with_link = "$title_with_link";
}
$comment_template =~ s/%%title_with_link%%/$title_with_link/gi;
$comment_template =~ s/!!title_with_link!!/$title_with_link/gi;
$comment_template =~ s/%%description%%/$description/gi;
$comment_template =~ s/!!description!!/$description/gi;
$comment_template =~ s/%%url%%/$url/gi;
$comment_template =~ s/!!url!!/$url/gi;
$comment_template =~ s/%%itemurl%%/$url/gi;
$comment_template =~ s/!!itemurl!!/$url/gi;
$comment_template =~ s/%%rating%%/$rating/gi;
$comment_template =~ s/!!rating!!/$rating/gi;
$comment_template =~ s/%%votes%%/$votes/gi;
$comment_template =~ s/!!votes!!/$votes/gi;
$comment_template =~ s/%%hits%%/$hits/gi;
$comment_template =~ s/!!hits!!/$hits/gi;
$comment_template =~ s/%%date%%/$date/gi;
$comment_template =~ s/!!date!!/$date/gi;
$comment_template =~ s/!!add_to_favorites!!/$script_url\/favad\.cgi?id=$lnkid/gi;
#####
$comment_template =~ s/!!id!!/$lnkid-$cid/gi;
$comment_template =~ s/!!rate_it!!/$script_url\/rateit2.cgi/gi;
$rating_image = pseek::get_rating_images($rating);
$comment_template =~ s/%%rating_image%%/$rating_image/gi;
$comment_template =~ s/!!rating_image!!/$rating_image/gi;
$dizbox = <
END_OF_DB
$comment_template =~ s/%%description_box%%/$dizbox/gi;
$comment_template =~ s/!!description_box!!/$dizbox/gi;
$comment_template =~ s/!!review_it!!/$script_url\/reviews.cgi/gi;
#### GET REVIEWS FOR THIS LINK IF ANY
if ($gsettings->{comment_sorting} eq "old") { $sortby = " ORDER by date ASC"; } else { $sortby = " ORDER by date DESC"; }
$wsql = "SELECT * FROM reviews WHERE lnkid = '$lnkid' AND approved = 'Y' $sortby";
$sth = $dbh->prepare($wsql);
$sth->execute;
$serror = ""; $serror = $sth->errstr; if ($serror ne "") {die "SQL Syntax Error: $serror - From: $wsql";}
$rows = $sth->rows();
$clisting_template = pseek::get_file_contents("$data_dir/reviewlinks.html");
$ldata = &get_file_contents("$data_dir/keyscom.dat");
@allditems = split (/\n/, $ldata);
if ($rows > 0)
{
while ( @row = $sth->fetchrow() )
{
$comments_listings = $clisting_template;
### EXTRAFIELDS
$all_extra = $row[5];
my @extra_items = split (/o-o:o-o/, $all_extra);
$comdisplay = $extra_items[0];
for ($ms = 1; $ms < 11; $ms++)
{
$extra_rep = "!!extra" . $ms . "!!";
$comments_listings =~ s/$extra_rep/$extra_items[$ms]/g;
}
$comments_listings =~ s/%%reviewer%%/$row[3]/g;
$row[5] =~ s/\n/
/gi;
$comments_listings =~ s/%%review%%/$comdisplay/g;
$date = pseek::decode_date($row[7]);
$comments_listings =~ s/%%date%%/$date/g;
$comments_listings =~ s/%%reviewer_email%%/$row[4]/g;
$cm_listings = $cm_listings . $comments_listings;
}
}
$sth->finish;
$dbh->disconnect;
if ($cm_listings eq "") { $cm_listings = $gsettings->{no_comments_text};}
$comment_template =~ s/%%review_listings%%/$cm_listings/g;
$comment_template = pseek::insert_images($comment_template, "$script_url/go.cgi?id=$lnkid");
$comment_template = pseek::ts_insert_template_includes($comment_template);
$comment_template = pseek::fill_vars($comment_template);
### IMAGE AUTHENTICATION
if ($gsettings->{c_image_auth} eq "Yes")
{
$imgbox = pseek::get_imgboxes;
($imdisp, $imgnames) = split (/:::/, $imgbox);
$imgnames =~ s/\.gif//gi;
$comment_template =~ s/!!ia!!/$imgnames/g;
$comment_template =~ s/%%imgbox%%/$imdisp/g;
}
$comment_template = pseek::insert_go_back_buttons($comment_template, $lnkid, $cid);
print $comment_template;
}
sub get_setup
{
$exists = (-e "$config_cgi");
if ($exists > 0)
{
open (STP, "$config_cgi");
while (defined($line=))
{
if ($line =~ m/#/g)
{
$r = pos($line);
$line = substr($line, 0, $r - 1);
}
$line =~ s/\n//g;
if ($line =~ /^DB_NAME/){$db_name = &get_setup_line($line, DB_NAME);}
if ($line =~ /^DB_USERNAME/){$db_username = &get_setup_line($line, DB_USERNAME);}
if ($line =~ /^DB_PASSWORD/){$db_password = &get_setup_line($line, DB_PASSWORD);}
if ($line =~ /^MYSQL_HOSTNAME/){$mysql_hostname = &get_setup_line($line, MYSQL_HOSTNAME);}
if ($line =~ /^MYSQL_PORT/){$mysql_port = &get_setup_line($line, MYSQL_PORT);}
if ($line =~ /^SCRIPT_URL/){$script_url = &get_setup_line($line, SCRIPT_URL);}
if ($line =~ /^ADMIN_URL/){$admin_url = &get_setup_line($line, ADMIN_URL);}
if ($line =~ /^WEB_URL/){$web_url = &get_setup_line($line, WEB_URL);}
if ($line =~ /^WEB_DIR/){$web_dir = &get_setup_line($line, WEB_DIR);}
if ($line =~ /^DATA_DIR/){$data_dir = &get_setup_line($line, DATA_DIR);}
if ($line =~ /^USERNAME/){$username = &get_setup_line($line, USERNAME);}
if ($line =~ /^PASSWORD/){$password = &get_setup_line($line, PASSWORD);}
}
close (STP);
}
}
sub get_setup_line
{
my ($setup_line, $setup_var) = @_;
$crit = "\"";
$setup_line =~ m/$crit/g;
$r1 = pos($setup_line);
$setup_line =~ m/$crit/g;
$r2 = pos($setup_line);
$setup_line = substr($setup_line, $r1, ($r2 - $r1 - 1));
$return_val = $setup_line;
return ($return_val);
}
#### END CONFIGURATION ########################################################