commentUser.class.php
[code]<?php
    class CommentUser {

        private $id;
        private $name;
        private $email;
        private $website;
        private $anoniem;
        private $userPage;  //link die naar de gebruikers homepage wijst;
        private $errors;
        private $rechten;
        //1 == admin (toevoegen, alle bewerken, alle verwijderen)
        //2 == user (toevoegen, eigen bewerken, eigen verwijderen) (== ingelogd)
        //3 == anonieme gebruiker (toevoegen)

        function __construct($id = null, $name = "", $email = "", $website = "", $rechten = 3, $userPage = null) {
            
            $this->id = $id;
            $this->name = $name;
            $this->email = $email;
            $this->website = $website;
            $this->userPage = $userPage;
            if($rechten < 1 || $rechten > 3) $this->rechten = 3; else $this->rechten = $rechten;
            if($this->rechten == 3) $this->anoniem = true; else $this->anoniem = false;
            $this->errors = array();
        }

        function validate(){

            unset($this->errors);

            if(empty($this->name)) $this->errors["name"] = "Naam is verplicht.";
            if(!eregi("^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,3})$", $this->email))
                $this->errors["email"] = "Emailadres: ".$this->email." is niet valid.";
            if(empty($this->email)) $this->errors["email"] = "Email is verplicht.";
            if(!preg_match("/^[a-zA-Z]+[:\/\/]+[A-Za-z0-9\-_]+\\.+[A-Za-z0-9\.\/%&=\?\-_]+$/i",$this->website) && !empty($this->website))
                $this->errors["website"] = "Website: ".$this->website." is niet valid.";

            return $this->errors;

        }

        public function getId() {
            return $this->id;
        }
        public function getName() {
            return $this->name;
        }
        public function getEmail() {
            return $this->email;
        }
        public function getWebsite() {
            return $this->website;
        }
        public function getRechten() {
            return $this->rechten;
        }
        public function getanoniem() {
            return $this->anoniem;
        }
        public function getUserPage() {
            return $this->userPage;
        }
        public function setId($value) {
            $this->id = $value;
        }
        public function setName($value) {
            $this->name = $value;
        }
        public function setEmail($value) {
            $this->email = $value;
        }
        public function setWebsite($value) {
            $this->website = $value;
        }
        public function setRechten($value) {
            $this->rechten = $value;
        }
        public function setanoniem($value) {
            $this->anoniem = $value;
        }
        public function setUserPage($value) {
            $this->userPage = $value;
        }

    }

?>[/code]


comment.class.php
[code]<?php
    Class Comment {
        private $id;
        private $parent_table; //tabelnaam waar deze comment bij hoort
        private $parent_id;
        private $user;        //object van een Commentuser
        private $comment;
        private $timestamp;
        private $errors;
        private $ubb;

        private $dbTable;
        public $db;

        function __construct() {

            $this->dbTable = "comments";

            require_once('db/db.class.php');
            $this->db = new db_class;
            if (!$this->db->connect()) $this->db->print_last_error(false);

            require_once "UBB/class.ubb.php";
            $this->ubb = new ubb();

            $argv = func_get_args();
            switch( func_num_args() )
            {
                case 1:
                self::__construct1($argv[0]);
                break;
                case 4:
                self::__construct4($argv[0], $argv[1], $argv[2], $argv[3]);
                break;
                default:
            }

        }

        //Gebruik deze constructor als de comment uit de database gehaald moet worden.
        function __construct1($id) {
            $this->dbSelect($id);
        }

        //Gebruik deze constructor als de gebruiker bekent is (CommentUser).
        function __construct4($p_table, $p_id, $user, $comment) {

            $this->parent_table = $p_table;
            $this->parent_id = $p_id;
            $this->user = $user;
            $this->comment = $comment;
            $this->timestamp = time();
        }

        function validate(){
            unset($this->errors);

            $this->errors = $this->user->validate();
            if(empty($this->comment)) $this->errors["comment"] = "comment is verplicht.";

            return $this->errors;
        }

        function dbSelect($id) {

            $this->id = $id;

            if($this->id != ""){
                $r = $this->db->select("SELECT * FROM ".$this->dbTable." where id='".$this->id."'");
                $row = $this->db->get_row($r, 'MYSQL_ASSOC');

                $this->user = unserialize($row['user']);
                $this->parent_table = $row['parent_table'];
                $this->parent_id = $row['parent_id'];
                $this->comment = $row['comment'];
                $this->timestamp = $row['timestamp'];


                return $this->id;
            }else{
                return false;
            }
        }

        function dbInsert() {

            $data = array(
                    "parent_table" => $this->parent_table,
                    "parent_id" => $this->parent_id,
                    "user" => serialize($this->user),
                    "comment" => $this->comment,
                    "timestamp" => $this->timestamp
            );

            $this->id = $this->db->insert_array($this->dbTable, $data);
            if (!$this->id) $this->db->print_last_error(false);

            return $this->id;
        }

        function dbUpdate() {

            $data = array(
                    "parent_table" => $this->parent_table,
                    "parent_id" => $this->parent_id,
                    "user" => serialize($this->user),
                    "comment" => $this->comment,
                    "timestamp" => $this->timestamp
            );

            $rows = $this->db->update_array($this->dbTable, $data, "id=".$this->id);
            if (!$rows) $db->print_last_error(false);

            return $rows;
        }

        function dbDelete() {
            $this->db->select("DELETE FROM ".$this->dbTable." WHERE id=".$this->id);
        }

        
        function showComment($logdinUser){

            $encodedComment = $this->ubb->parse_all($this->comment);

            ?>
            <div class="comment" >
                <a name="comment<?php echo $this->id ?>"></a> <div class="commentTitel"><?php echo "gepost door ".$this->user->getName()." op ".date("jS F Y", $this->timestamp)." om ".date("H:i a", $this->timestamp) ?></div>
                <?php                
                if($logdinUser->getRechten() == 1 || ($logdinUser->getRechten() == 2 && $logdinUser->getId() == $this->user->getId()) ){
                    ?>
                     <form class="commenteditForm" action="comments.class.php" method="post">
                <?php
                    if(isset($_GET["commentEdit"]) && $_GET["commentId"] == $this->id){
                    ?>
                        <textarea name="comment" rows="10" cols="60" ><?php echo $this->comment ?></textarea>
                    <?php
                    }else{
                    ?>
                        <div class="commentText"><?php echo $encodedComment ?></div>
                    <?php
                    }
                    ?>
                    <div class="buttons">
                    <?php
                        if(isset($_GET["commentEdit"]) && $_GET["commentId"] == $this->id){
                        ?>
                            <input type="submit" value="save" name="editComment" />
                        <?php
                        }else{
                        ?>
                            <input type="submit" value="delete" name="deleteComment" />
                            <input type="submit" value="edit" name="showEditComment" />
                        <?php
                        }
                    ?>
                    <input type="hidden" name="id" value="<?php echo $this->id; ?>" />
                    <input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
                    </div>
                    </form>
                    <?php
                }else{
                ?>
                    <div class="commentText"><?php echo $encodedComment ?></div>
                <?php
                }
                ?>
                
                <div class="clearL"></div>
            </div>
            <?php
        }

        function toString() {

        }

        //getters
        public function getParent_table() {
            return $this->parent_table;
        }
        public function getParent_id() {
            return $this->parent_id;
        }
        public function getUser() {
            return $this->user;
        }
        public function getComment() {
            return $this->comment;
        }
        public function getTimestamp() {
            return $this->timestamp;
        }
        public function getAnonniem() {
            return $this->anonniem;
        }
        public function getError() {
            return $this->error;
        }

        //setters
        public function setParent_table($value) {
            $this->parent_table = $value;
        }
        public function setParent_id($value) {
            $this->parent_id = $value;
        }
        public function setUser($value) {
            $this->user = $value;
        }
        public function setComment($value) {
            $this->comment = $value;
        }
        public function setTimestamp($value) {
            $this->timestamp = $value;
        }
        public function setanoniem($value) {
            $this->anoniem = $value;
        }
        public function setError($value) {
            $this->error = $value;
        }
}


?>[/code]


comments.class.php
[code]<?php
//error_reporting(E_ALL);
    class Comments {

        private $parent_table;  //tabel in database waar de comments bij horen
        private $parent_id;     //id in de parent_table waar de comments bijhoren
        private $comments;      //array met comments
        private $cOnPage;       //aantal comments per pagina
        private $commentTable;
        private $referer;       //terug keer adres na het verwerken van het formulier
        private $user;
        private $db;

        function __construct($parent_table, $parent_id, CommentUser $user = null, $cOnPage = 10) {
            $this->parent_table = $parent_table;
            $this->parent_id = $parent_id;
            if($user == null) $this->user = new CommentUser(); else $this->user = $user;
            $this->cOnPage = $cOnPage;
            $this->comments = array();

            $this->commentTable = "comments";
            require_once('comment.class.php');
            //require_once("commentUser.class.php");
            require_once('db/db.class.php');
            $this->db = new db_class;
            if (!$this->db->connect()) $this->db->print_last_error(false);

            //de comments ophalen
            $r = $this->db->select("SELECT id FROM ".$this->commentTable." where parent_table='".$this->parent_table."' and parent_id=".$this->parent_id."");
            while ($row=$this->db->get_row($r, 'MYSQL_ASSOC')) {
                array_push( $this->comments, new comment($row['id']) );
            }

        }

        function showComments(){
            foreach($this->comments as $comment){
                $comment->showComment($this->user);
            }
        }

        function showForm(){

            $commentErrors = unserialize($_GET["commentErrors"]);

            if($this->user->getanoniem() == true){
            ?>
            <form action="comments.class.php" method="post">
                <a name="commentsForm"></a>
                <?php
                 if(isset($commentErrors["name"]))
                     echo "<div class=\"error\">".$commentErrors["name"]."</div>";
                ?>
                <p><label>Naam:</label>
                <input class=".shortText" type="text" name="name" value="<?php if(isset($_GET["commentName"])) echo $_GET["commentName"]; ?>" /></p>
                <?php
                 if(isset($commentErrors["email"]))
                     echo "<div class=\"error\">".$commentErrors["email"]."</div>";
                ?>
                <p><label>Email:</label>
                <input class=".shortText" type="text" name="email" value="<?php if(isset($_GET["commentEmail"])) echo $_GET["commentEmail"]; ?>" /></p>
                <?php
                 if(isset($commentErrors["website"]))
                     echo "<div class=\"error\">".$commentErrors["website"]."</div>";
                ?>
                <p><label>Website:</label>
                <input class=".shortText" type="text" name="website" value="<?php if(isset($_GET["commentWebsite"])) echo $_GET["commentWebsite"]; ?>" /></p>
                <?php
                 if(isset($commentErrors["comment"]))
                     echo "<div class=\"error\">".$commentErrors["comment"]."</div>";
                ?>
                <p><label>Comment:</label>
                <textarea name="comment" rows="10" cols="60"><?php if(isset($_GET["commentComment"])) echo $_GET["commentComment"]; ?></textarea></p>
                <input type="hidden" name="parent_table" value="<?php echo $this->parent_table; ?>" />
                <input type="hidden" name="parent_id" value="<?php echo $this->parent_id; ?>" />
                <input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
                <input type="hidden" name="user" value="<?php echo urlencode(serialize($this->user)); ?>" />
                <p class="buttons"><input type="submit" value="submit" name="submitComment" /></p>
            </form>
            <?php
            }else if(isset($this->user) && $this->isValidUser() ) {
            ?>
            <form action="comments.class.php" method="POST">
                <a name="commentsForm"></a>
                <?php
                 if(isset($commentErrors["comment"]))
                     echo "<div class=\"error\">".$commentErrors["comment"]."</div>";
                ?>
                <p><label>Comment:</label>
                <textarea name="comment" rows="10" cols="60"></textarea></p>
                <input type="hidden" name="parent_table" value="<?php echo $this->parent_table; ?>" />
                <input type="hidden" name="parent_id" value="<?php echo $this->parent_id; ?>" />
                <input type="hidden" name="referer" value="<?php echo "http://".$_SERVER['SERVER_NAME'].$_SERVER['REQUEST_URI']; ?>" />
                <input type="hidden" name="user" value="<?php echo urlencode(serialize($this->user)); ?>" />
                <input type="hidden" name="function" value="new" />
                <p class="buttons"><input type="submit" value="submit" name="submitComment" /></p>
            </form>
            <?php               
            }else{
                echo"<div class=\"comment\">Geen valid user.</div>";
            }

        }

        static function proccesForm(){

              require_once('comment.class.php');
              require_once("commentUser.class.php");

              $commentErrors = null;
              $editRequest = ""; //URI als een comment geedit moet worden
              $errorRequest = ""; //URI als er velden verkeerd zijn ingevuld
              $goToComment = "";
              if(isset($_POST["submitComment"])){
                  $parent_table = trim($_POST["parent_table"]);
                  $parent_id = (int)trim($_POST["parent_id"]);
                  $user = unserialize(urldecode($_POST["user"]));
                  $comment = trim($_POST["comment"]);

                  if($user->getanoniem() == true){
                      $user->setName(trim($_POST["name"]));
                      $user->setEmail(trim($_POST["email"]));
                      $user->setWebsite(trim($_POST["website"]));
                  }

                  $c = new Comment($parent_table, $parent_id, $user, $comment);
                  $commentErrors = $c->validate();
                  if(!isset($commentErrors)){
                      $id = $c->dbInsert();
                      $goToComment = "comment".$id;
                  }else{
                      if(empty($commentErrors["name"]))
                          $errorRequest = "&commentName=".$user->getName();
                      if(empty($commentErrors["email"]))
                          $errorRequest .= "&commentEmail=".$user->getEmail();
                      if(empty($commentErrors["website"]))
                          $errorRequest .= "&commentWebsite=".$user->getWebsite();
                      if(empty($commentErrors["comment"]))
                          $errorRequest .= "&commentComment=".$comment;
                  
                      $goToComment = "commentsForm";
                  }
              }else if(isset($_POST["editComment"])){

                  $c = new Comment((int)$_POST["id"]);
                  $c->setComment(trim($_POST["comment"]));
                  $commentErrors = $c->validate();
                  if(!isset($commentErrors))
                      $c->dbUpdate();

                  $goToComment = "comment".$_POST["id"];

              }else if(isset($_POST["showEditComment"])){

                  $editRequest = "commentEdit=true&commentId=".$_POST["id"];
                  $goToComment = "comment".$_POST["id"];
              }else if(isset($_POST["deleteComment"])){

                  $c = new Comment((int)$_POST["id"]);
                  $c->dbDelete();                  
              }

              //deze parameterers worden uit de Url gehaald
              $parameters = array('commentErrors', 'commentEdit', 'commentId', 'commentName', 'commentEmail', 'commentWebsite', 'commentComment');
               
              $page_url = $_POST["referer"];

              foreach($parameters as $param){
                  $param_preg = preg_quote ($param);

                  // wis (&|?)parameters uit de url (voor extra veiligheid gebruik while)
                  while (preg_match ('|[?&]' . $param_preg . '=[^&]*|i', $page_url))
                  {
                          // als het matcht, vervang met niets
                          $page_url = preg_replace ('|[?&]' . $param_preg . '=[^&]*|i', '', $page_url);
                  }
                  // check of we een juiste URI hebben(als er geen ? in voor komt, vervang 1 & met ?
                  $page_url = (strpos ($page_url, '?') !== false) ? $page_url : preg_replace ('~&~', '?', $page_url, 1);
                  // check of we een '?' hebben, is dit zo, dan wordt de seperator een '&'
                  $seperator = (strpos ($page_url, '?') !== false) ? '&' : '?';
              }
              if($commentErrors == null){
                  if($editRequest != "")
                    $page_url = $page_url . $seperator . $editRequest;
              }else{
                  if($editRequest != "")
                    $page_url = $page_url . $seperator . $parameters[0] . '=' .serialize($commentErrors)."&".$editRequest;
                  else
                    $page_url = $page_url . $seperator . $parameters[0] . '=' .serialize($commentErrors).$errorRequest;
              }

              if($goToComment != "")
                  $goToComment = "#".$goToComment;
              header('Location: '.$page_url . $goToComment);

       }

        public function getComments() {
            return $this->comments;
        }

       function isValidUser(){
           $valid = $this->user->validate();

           if(isset($valid)){
               return false;
           }else{
               return true;
           }
       }

}

if(isset($_POST["submitComment"]) || isset($_POST["deleteComment"]) || isset($_POST["showEditComment"]) || isset($_POST["editComment"])){
    Comments::proccesForm();

}

?>[/code]