modules/comment_og/comment.module.patched

<?php
// $Id: comment.module,v 1.1 2008/03/01 14:39:25 rapsli Exp $

/**
 * @file
 * Enables users to comment on published content.
 *
 * When enabled, the Drupal comment module creates a discussion
 * board for each Drupal node. Users can post comments to discuss
 * a forum topic, weblog post, story, collaborative book page, etc.
 */

/**
 * Comment is published.
 */
define('COMMENT_PUBLISHED', 0);

/**
 * Comment is awaiting approval.
 */
define('COMMENT_NOT_PUBLISHED', 1);

/**
 * Comments are displayed in a flat list - collapsed.
 */
define('COMMENT_MODE_FLAT_COLLAPSED', 1);

/**
 * Comments are displayed in a flat list - expanded.
 */
define('COMMENT_MODE_FLAT_EXPANDED', 2);

/**
 * Comments are displayed as a threaded list - collapsed.
 */
define('COMMENT_MODE_THREADED_COLLAPSED', 3);

/**
 * Comments are displayed as a threaded list - expanded.
 */
define('COMMENT_MODE_THREADED_EXPANDED', 4);

/**
 * Comments are ordered by date - newest first.
 */
define('COMMENT_ORDER_NEWEST_FIRST', 1);

/**
 * Comments are ordered by date - oldest first.
 */
define('COMMENT_ORDER_OLDEST_FIRST', 2);

/**
 * Comment controls should be shown above the comment list.
 */
define('COMMENT_CONTROLS_ABOVE', 0);

/**
 * Comment controls should be shown below the comment list.
 */
define('COMMENT_CONTROLS_BELOW', 1);

/**
 * Comment controls should be shown both above and below the comment list.
 */
define('COMMENT_CONTROLS_ABOVE_BELOW', 2);

/**
 * Comment controls are hidden.
 */
define('COMMENT_CONTROLS_HIDDEN', 3);

/**
 * Anonymous posters may not enter their contact information.
 */
define('COMMENT_ANONYMOUS_MAYNOT_CONTACT', 0);

/**
 * Anonymous posters may leave their contact information.
 */
define('COMMENT_ANONYMOUS_MAY_CONTACT', 1);

/**
 * Anonymous posters must leave their contact information.
 */
define('COMMENT_ANONYMOUS_MUST_CONTACT', 2);

/**
 * Comment form should be displayed on a separate page.
 */
define('COMMENT_FORM_SEPARATE_PAGE', 0);

/**
 * Comment form should be shown below post or list of comments.
 */
define('COMMENT_FORM_BELOW', 1);

/**
 * Comments for this node are disabled.
 */
define('COMMENT_NODE_DISABLED', 0);

/**
 * Comments for this node are locked.
 */
define('COMMENT_NODE_READ_ONLY', 1);

/**
 * Comments are enabled on this node.
 */
define('COMMENT_NODE_READ_WRITE', 2);

/**
 * Comment preview is optional.
 */
define('COMMENT_PREVIEW_OPTIONAL', 0);

/**
 * Comment preview is required.
 */
define('COMMENT_PREVIEW_REQUIRED', 1);

/**
 * Implementation of hook_help().
 */
function comment_help($section) {
  switch ($section) {
    case 'admin/help#comment':
      $output = '<p>'. t('The comment module creates a discussion board for each post. Users can post comments to discuss a forum topic, weblog post, story, collaborative book page, etc. The ability to comment is an important part of involving members in a community dialogue.') .'</p>';
      $output .= '<p>'. t('An administrator can give comment permissions to user groups, and users can (optionally) edit their last comment, assuming no others have been posted since. Attached to each comment board is a control panel for customizing the way that comments are displayed. Users can control the chronological ordering of posts (newest or oldest first) and the number of posts to display on each page. Comments behave like other user submissions. Filters, smileys and HTML that work in nodes will also work with comments. The comment module provides specific features to inform site members when new comments have been posted.') .'</p>';
      $output .= '<p>'. t('For more information please read the configuration and customization handbook <a href="@comment">Comment page</a>.', array('@comment' => 'http://drupal.org/handbook/modules/comment/')) .'</p>';
      return $output;
    case 'admin/content/comment':
    case 'admin/content/comment/new':
      return '<p>'. t("Below is a list of the latest comments posted to your site. Click on a subject to see the comment, the author's name to edit the author's user information , 'edit' to modify the text, and 'delete' to remove their submission.") .'</p>';
    case 'admin/content/comment/approval':
      return '<p>'. t("Below is a list of the comments posted to your site that need approval. To approve a comment, click on 'edit' and then change its 'moderation status' to Approved. Click on a subject to see the comment, the author's name to edit the author's user information, 'edit' to modify the text, and 'delete' to remove their submission.") .'</p>';
    case 'admin/content/comment/settings':
      return '<p>'. t("Comments can be attached to any node, and their settings are below. The display comes in two types: a 'flat list' where everything is flush to the left side, and comments come in chronological order, and a 'threaded list' where replies to other comments are placed immediately below and slightly indented, forming an outline. They also come in two styles: 'expanded', where you see both the title and the contents, and 'collapsed' where you only see the title. Preview comment forces a user to look at their comment by clicking on a 'Preview' button before they can actually add the comment.") .'</p>';
   }
}

/**
 * Implementation of hook_menu().
 */
function comment_menu($may_cache) {
  $items = array();

  if ($may_cache) {
    $access = user_access('administer comments');
    $items[] = array(
      'path' => 'admin/content/comment',
      'title' => t('Comments'),
      'description' => t('List and edit site comments and the comment moderation queue.'),
      'callback' => 'comment_admin',
      'access' => $access
    );

    // Tabs:
    $items[] = array('path' => 'admin/content/comment/list', 'title' => t('List'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);

    // Subtabs:
    $items[] = array('path' => 'admin/content/comment/list/new', 'title' => t('Published comments'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/content/comment/list/approval', 'title' => t('Approval queue'),
      'callback' => 'comment_admin',
      'callback arguments' => array('approval'),
      'access' => $access,
      'type' => MENU_LOCAL_TASK);

    $items[] = array(
      'path' => 'admin/content/comment/settings',
      'title' => t('Settings'),
      'callback' => 'drupal_get_form',
      'callback arguments' => array('comment_admin_settings'),
      'access' => $access,
      'weight' => 10,
      'type' => MENU_LOCAL_TASK);

    $items[] = array('path' => 'comment/delete', 'title' => t('Delete comment'),
      'callback' => 'comment_delete', 'access' => $access, 'type' => MENU_CALLBACK);

    $access = user_access('post comments');
    $items[] = array('path' => 'comment/edit', 'title' => t('Edit comment'),
      'callback' => 'comment_edit',
      'access' => $access, 'type' => MENU_CALLBACK);
  }
  else {
    if (arg(0) == 'comment' && arg(1) == 'reply' && is_numeric(arg(2))) {
      $node = node_load(arg(2));
      if ($node->nid) {
        $items[] = array('path' => 'comment/reply', 'title' => t('Reply to comment'),
          'callback' => 'comment_reply', 'access' => node_access('view', $node), 'type' => MENU_CALLBACK);
      }
    }
    if ((arg(0) == 'node') && is_numeric(arg(1)) && is_numeric(arg(2))) {
      $items[] = array(
        'path' => ('node/'. arg(1) .'/'. arg(2)),
        'title' => t('View'),
        'callback' => 'node_page_view',
        'callback arguments' => array(node_load(arg(1)), arg(2)),
        'type' => MENU_CALLBACK,
      );
    }
  }

  return $items;
}

/**
 * Implementation of hook_perm().
 */
function comment_perm() {
  return array('access comments', 'post comments', 'administer comments', 'post comments without approval');
}

/**
 * Implementation of hook_block().
 *
 * Generates a block with the most recent comments.
 */
function comment_block($op = 'list', $delta = 0) {
  if ($op == 'list') {
    $blocks[0]['info'] = t('Recent comments');
    return $blocks;
  }
  else if ($op == 'view' && user_access('access comments')) {
    $block['subject'] = t('Recent comments');
    $block['content'] = theme('comment_block');
    return $block;
  }
}

/**
 * Find a number of recent comments. This is done in two steps.
 *   1. Find the n (specified by $number) nodes that have the most recent
 *      comments.  This is done by querying node_comment_statistics which has
 *      an index on last_comment_timestamp, and is thus a fast query.
 *   2. Loading the information from the comments table based on the nids found
 *      in step 1.
 *
 * @param $number (optional) The maximum number of comments to find.
 * @return $comments An array of comment objects each containing a nid,
 *   subject, cid, and timstamp, or an empty array if there are no recent
 *   comments visible to the current user.
 */
function comment_get_recent($number = 10) {
  // Select the $number nodes (visible to the current user) with the most
  // recent comments. This is efficient due to the index on
  // last_comment_timestamp.
  $result = db_query_range(db_rewrite_sql("SELECT n.nid FROM {node_comment_statistics} n WHERE n.comment_count > 0 ORDER BY n.last_comment_timestamp DESC"), 0, $number);

  $nids = array();
  while ($row = db_fetch_object($result)) {
    $nids[] = $row->nid;
  }

  $comments = array();
  if (!empty($nids)) {
    // From among the comments on the nodes selected in the first query,
    // find the $number most recent comments.
    $result = db_query_range('SELECT c.nid, c.subject, c.cid, c.timestamp FROM {comments} c INNER JOIN {node} n ON n.nid = c.nid WHERE c.nid IN ('. implode(',', $nids) .') AND n.status = 1 AND c.status = %d ORDER BY c.timestamp DESC', COMMENT_PUBLISHED, 0, $number);
    while ($comment = db_fetch_object($result)) {
      $comments[] = $comment;
    }
  }

  return $comments;
}

/**
 * Returns a formatted list of recent comments to be displayed in the comment
 * block.
 *
 * @ingroup themeable
 */
function theme_comment_block() {
  $items = array();
  foreach (comment_get_recent() as $comment) {
    $items[] = l($comment->subject, 'node/'. $comment->nid, NULL, NULL, 'comment-'. $comment->cid) .'<br />'. t('@time ago', array('@time' => format_interval(time() - $comment->timestamp)));
  }
  if ($items) {
    return theme('item_list', $items);
  }
}

/**
 * Implementation of hook_link().
 */
function comment_link($type, $node = NULL, $teaser = FALSE) {
  $links = array();

  if ($type == 'node' && $node->comment) {

    if ($teaser) {
      // Main page: display the number of comments that have been posted.

      if (user_access('access comments')) {
        $all = comment_num_all($node->nid);

        if ($all) {
          $links['comment_comments'] = array(
            'title' => format_plural($all, '1 comment', '@count comments'),
            'href' => "node/$node->nid",
            'attributes' => array('title' => t('Jump to the first comment of this posting.')),
            'fragment' => 'comments'
          );

          $new = comment_num_new($node->nid);

          if ($new) {
            $links['comment_new_comments'] = array(
              'title' => format_plural($new, '1 new comment', '@count new comments'),
              'href' => "node/$node->nid",
              'attributes' => array('title' => t('Jump to the first new comment of this posting.')),
              'fragment' => 'new'
            );
          }
        }
        else {
          if ($node->comment == COMMENT_NODE_READ_WRITE) {
            if (user_access('post comments')) {
              $links['comment_add'] = array(
                'title' => t('Add new comment'),
                'href' => "comment/reply/$node->nid",
                'attributes' => array('title' => t('Add a new comment to this page.')),
                'fragment' => 'comment-form'
              );
            }
            else {
              $links['comment_forbidden']['title'] = theme('comment_post_forbidden', $node->nid);
            }
          }
        }
      }
    }
    else {
      // Node page: add a "post comment" link if the user is allowed to
      // post comments, if this node is not read-only, and if the comment form isn't already shown

      if ($node->comment == COMMENT_NODE_READ_WRITE) {
        if (user_access('post comments')) {
          if (variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_SEPARATE_PAGE) {
            $links['comment_add'] = array(
              'title' => t('Add new comment'),
              'href' => "comment/reply/$node->nid",
              'attributes' => array('title' => t('Share your thoughts and opinions related to this posting.')),
              'fragment' => 'comment-form',
            );
          }
        }
        else {
          $links['comment_forbidden']['title'] = theme('comment_post_forbidden', $node->nid);
        }
      }
    }
  }

  if ($type == 'comment') {
    $links = comment_links($node, $teaser);
  }
  if (isset($links['comment_forbidden'])) {
    $links['comment_forbidden']['html'] = TRUE;
  }

  return $links;
}

function comment_form_alter($form_id, &$form) {
  if ($form_id == 'node_type_form' && isset($form['identity']['type'])) {
    $form['workflow']['comment'] = array(
      '#type' => 'radios',
      '#title' => t('Default comment setting'),
      '#default_value' => variable_get('comment_'. $form['#node_type']->type, COMMENT_NODE_READ_WRITE),
      '#options' => array(t('Disabled'), t('Read only'), t('Read/Write')),
      '#description' => t('Users with the <em>administer comments</em> permission will be able to override this setting.'),
    );
  }
  elseif (isset($form['type'])) {
    if ($form['type']['#value'] .'_node_form' == $form_id) {
      $node = $form['#node'];
      $form['comment_settings'] = array(
        '#type' => 'fieldset',
        '#access' => user_access('administer comments'),
        '#title' => t('Comment settings'),
        '#collapsible' => TRUE,
        '#collapsed' => TRUE,
        '#weight' => 30,
      );
      $form['comment_settings']['comment'] = array(
        '#type' => 'radios',
        '#parents' => array('comment'),
        '#default_value' => $node->comment,
        '#options' => array(t('Disabled'), t('Read only'), t('Read/Write')),
      );
    }
  }
}

/**
 * Implementation of hook_nodeapi().
 *
 */
function comment_nodeapi(&$node, $op, $arg = 0) {
  switch ($op) {
    case 'load':
      return db_fetch_array(db_query("SELECT last_comment_timestamp, last_comment_name, comment_count FROM {node_comment_statistics} WHERE nid = %d", $node->nid));
      break;

    case 'prepare':
      if (!isset($node->comment)) {
        $node->comment = variable_get("comment_$node->type", COMMENT_NODE_READ_WRITE);
      }
      break;

    case 'insert':
      db_query('INSERT INTO {node_comment_statistics} (nid, last_comment_timestamp, last_comment_name, last_comment_uid, comment_count) VALUES (%d, %d, NULL, %d, 0)', $node->nid, $node->created, $node->uid);
      break;

    case 'delete':
      db_query('DELETE FROM {comments} WHERE nid = %d', $node->nid);
      db_query('DELETE FROM {node_comment_statistics} WHERE nid = %d', $node->nid);
      break;

    case 'update index':
      $text = '';
      $comments = db_query('SELECT subject, comment, format FROM {comments} WHERE nid = %d AND status = %d', $node->nid, COMMENT_PUBLISHED);
      while ($comment = db_fetch_object($comments)) {
        $text .= '<h2>'. check_plain($comment->subject) .'</h2>'. check_markup($comment->comment, $comment->format, FALSE);
      }
      return $text;

    case 'search result':
      $comments = db_result(db_query('SELECT comment_count FROM {node_comment_statistics} WHERE nid = %d', $node->nid));
      return format_plural($comments, '1 comment', '@count comments');

    case 'rss item':
      if ($node->comment != COMMENT_NODE_DISABLED) {
        return array(array('key' => 'comments', 'value' => url('node/'. $node->nid, NULL, 'comments', TRUE)));
      }
      else {
        return array();
      }
  }
}

/**
 * Implementation of hook_user().
 *
 * Provides signature customization for the user's comments.
 */
function comment_user($type, $edit, &$user, $category = NULL) {
  if ($type == 'form' && $category == 'account') {
    // when user tries to edit his own data
    $form['comment_settings'] = array(
      '#type' => 'fieldset',
      '#title' => t('Comment settings'),
      '#collapsible' => TRUE,
      '#weight' => 4);
    $form['comment_settings']['signature'] = array(
      '#type' => 'textarea',
      '#title' => t('Signature'),
      '#default_value' => $edit['signature'],
      '#description' => t('Your signature will be publicly displayed at the end of your comments.'));

    return $form;
  }
  elseif ($type == 'delete') {
    db_query('UPDATE {comments} SET uid = 0 WHERE uid = %d', $user->uid);
    db_query('UPDATE {node_comment_statistics} SET last_comment_uid = 0 WHERE last_comment_uid = %d', $user->uid);
  }
}

/**
 * Menu callback; presents the comment settings page.
 */
function comment_admin_settings() {
  $form['viewing_options'] = array(
    '#type' => 'fieldset',
    '#title' => t('Viewing options'),
    '#collapsible' => TRUE,
  );

  $form['viewing_options']['comment_default_mode'] = array(
    '#type' => 'radios',
    '#title' => t('Default display mode'),
    '#default_value' => variable_get('comment_default_mode', COMMENT_MODE_THREADED_EXPANDED),
    '#options' => _comment_get_modes(),
    '#description' => t('The default view for comments. Expanded views display the body of the comment. Threaded views keep replies together.'),
  );

  $form['viewing_options']['comment_default_order'] = array(
    '#type' => 'radios',
    '#title' => t('Default display order'),
    '#default_value' => variable_get('comment_default_order', COMMENT_ORDER_NEWEST_FIRST),
    '#options' => _comment_get_orders(),
    '#description' => t('The default sorting for new users and anonymous users while viewing comments. These users may change their view using the comment control panel. For registered users, this change is remembered as a persistent user preference.'),
  );

  $form['viewing_options']['comment_default_per_page'] = array(
    '#type' => 'select',
    '#title' => t('Default comments per page'),
    '#default_value' => variable_get('comment_default_per_page', 50),
    '#options' => _comment_per_page(),
    '#description' => t('Default number of comments for each page: more comments are distributed in several pages.'),
  );

  $form['viewing_options']['comment_controls'] = array(
    '#type' => 'radios',
    '#title' => t('Comment controls'),
    '#default_value' => variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN),
    '#options' => array(
      t('Display above the comments'),
      t('Display below the comments'),
      t('Display above and below the comments'),
      t('Do not display')),
    '#description' => t('Position of the comment controls box. The comment controls let the user change the default display mode and display order of comments.'),
  );

  $form['posting_settings'] = array(
    '#type' => 'fieldset',
    '#title' => t('Posting settings'),
    '#collapsible' => TRUE,
  );

  $form['posting_settings']['comment_anonymous'] = array(
    '#type' => 'radios',
    '#title' => t('Anonymous commenting'),
    '#default_value' => variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT),
    '#options' => array(
      COMMENT_ANONYMOUS_MAYNOT_CONTACT => t('Anonymous posters may not enter their contact information'),
      COMMENT_ANONYMOUS_MAY_CONTACT => t('Anonymous posters may leave their contact information'),
      COMMENT_ANONYMOUS_MUST_CONTACT => t('Anonymous posters must leave their contact information')),
    '#description' => t('This option is enabled when anonymous users have permission to post comments on the <a href="@url">permissions page</a>.', array('@url' => url('admin/user/access', NULL, 'module-comment'))),
  );
  if (!user_access('post comments', user_load(array('uid' => 0)))) {
    $form['posting_settings']['comment_anonymous']['#disabled'] = TRUE;
  }

  $form['posting_settings']['comment_subject_field'] = array(
    '#type' => 'radios',
    '#title' => t('Comment subject field'),
    '#default_value' => variable_get('comment_subject_field', 1),
    '#options' => array(t('Disabled'), t('Enabled')),
    '#description' => t('Can users provide a unique subject for their comments?'),
  );

  $form['posting_settings']['comment_preview'] = array(
    '#type' => 'radios',
    '#title' => t('Preview comment'),
    '#default_value' => variable_get('comment_preview', COMMENT_PREVIEW_REQUIRED),
    '#options' => array(t('Optional'), t('Required')),
  );

  $form['posting_settings']['comment_form_location'] = array(
    '#type' => 'radios',
    '#title' => t('Location of comment submission form'),
    '#default_value' => variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE),
    '#options' => array(t('Display on separate page'), t('Display below post or comments')),
  );

  return system_settings_form($form);
}

/**
 * This is *not* a hook_access() implementation. This function is called
 * to determine whether the current user has access to a particular comment.
 *
 * Authenticated users can edit their comments as long they have not been
 * replied to. This prevents people from changing or revising their
 * statements based on the replies to their posts.
 */
function comment_access($op, $comment) {
  global $user;

  if ($op == 'edit') {
    return ($user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0) || user_access('administer comments');
  }
}

function comment_node_url() {
  return arg(0) .'/'. arg(1);
}

function comment_edit($cid) {
  global $user;

  $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d', $cid));
  $comment = drupal_unpack($comment);
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
  if (comment_access('edit', $comment)) {
    return comment_form_box((array)$comment);
  }
  else {
    drupal_access_denied();
  }
}

/**
 * This function is responsible for generating a comment reply form.
 * There are several cases that have to be handled, including:
 *   - replies to comments
 *   - replies to nodes
 *   - attempts to reply to nodes that can no longer accept comments
 *   - respecting access permissions ('access comments', 'post comments', etc.)
 *
 * The node or comment that is being replied to must appear above the comment
 * form to provide the user context while authoring the comment.
 *
 * @param $nid
 *   Every comment belongs to a node. This is that node's id.
 * @param $pid
 *   Some comments are replies to other comments. In those cases, $pid is the parent
 *   comment's cid.
 *
 * @return $output
 *   The rendered parent node or comment plus the new comment form.
 */
function comment_reply($nid, $pid = NULL) {
  // Load the parent node.
  $node = node_load($nid);

  // Set the breadcrumb trail.
  menu_set_location(array(array('path' => "node/$nid", 'title' => $node->title), array('path' => "comment/reply/$nid")));

  $op = isset($_POST['op']) ? $_POST['op'] : '';

  $output = '';

  if (user_access('access comments')) {
    // The user is previewing a comment prior to submitting it.
    if ($op == t('Preview comment')) {
      if (user_access('post comments')) {
        $output .= comment_form_box(array('pid' => $pid, 'nid' => $nid), NULL);
      }
      else {
        drupal_set_message(t('You are not authorized to post comments.'), 'error');
        drupal_goto("node/$nid");
      }
    }
    else {
      // $pid indicates that this is a reply to a comment.
      if ($pid) {
        // load the comment whose cid = $pid
        if ($comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d', $pid, COMMENT_PUBLISHED))) {
          // If that comment exists, make sure that the current comment and the parent comment both
          // belong to the same parent node.
          if ($comment->nid != $nid) {
            // Attempting to reply to a comment not belonging to the current nid.
            drupal_set_message(t('The comment you are replying to does not exist.'), 'error');
            drupal_goto("node/$nid");
          }
          // Display the parent comment
          $comment = drupal_unpack($comment);
          $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
          $output .= theme('comment_view', $comment);
        }
        else {
          drupal_set_message(t('The comment you are replying to does not exist.'), 'error');
          drupal_goto("node/$nid");
        }
      }
      // This is the case where the comment is in response to a node. Display the node.
      else if (user_access('access content')) {
        $output .= node_view($node);
      }

      // Should we show the reply box?
      if (node_comment_mode($nid) != COMMENT_NODE_READ_WRITE) {
        drupal_set_message(t("This discussion is closed: you can't post new comments."), 'error');
        drupal_goto("node/$nid");
      }
      else if (user_access('post comments')) {
        $output .= comment_form_box(array('pid' => $pid, 'nid' => $nid), t('Reply'));
      }
      else {
        drupal_set_message(t('You are not authorized to post comments.'), 'error');
        drupal_goto("node/$nid");
      }
    }
  }
  else {
    drupal_set_message(t('You are not authorized to view comments.'), 'error');
    drupal_goto("node/$nid");
  }

  return $output;
}

/**
 * Accepts a submission of new or changed comment content.
 *
 * @param $edit
 *   A comment array.
 *
 * @return
 *   If the comment is successfully saved the comment ID is returned. If the comment
 *   is not saved, FALSE is returned.
 */
function comment_save($edit) {
  global $user;
  if (user_access('post comments') && (user_access('administer comments') || node_comment_mode($edit['nid']) == COMMENT_NODE_READ_WRITE)) {
    if (!form_get_errors()) {
      if ($edit['cid']) {
        // Update the comment in the database.
        db_query("UPDATE {comments} SET status = %d, timestamp = %d, subject = '%s', comment = '%s', format = %d, uid = %d, name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);

        _comment_update_node_statistics($edit['nid']);

        // Allow modules to respond to the updating of a comment.
        comment_invoke_comment($edit, 'update');

        // Add an entry to the watchdog log.
        watchdog('content', t('Comment: updated %subject.', array('%subject' => $edit['subject'])), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
      }
      else {
        // Check for duplicate comments. Note that we have to use the
        // validated/filtered data to perform such check.
        $duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit['pid'], $edit['nid'], $edit['subject'], $edit['comment']), 0);
        if ($duplicate != 0) {
          watchdog('content', t('Comment: duplicate %subject.', array('%subject' => $edit['subject'])), WATCHDOG_WARNING);
        }

        // Add the comment to database.
        $status = user_access('post comments without approval') ? COMMENT_PUBLISHED : COMMENT_NOT_PUBLISHED;
        $roles = variable_get('comment_roles', array());
        $score = 0;

        foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
          $score = max($roles[$rid], $score);
        }

        $users = serialize(array(0 => $score));

        // Here we are building the thread field. See the documentation for
        // comment_render().
        if ($edit['pid'] == 0) {
          // This is a comment with no parent comment (depth 0): we start
          // by retrieving the maximum thread level.
          $max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));

          // Strip the "/" from the end of the thread.
          $max = rtrim($max, '/');

          // Finally, build the thread field for this new comment.
          $thread = int2vancode(vancode2int($max) + 1) .'/';
        }
        else {
          // This is comment with a parent comment: we increase
          // the part of the thread value at the proper depth.

          // Get the parent comment:
          $parent = _comment_load($edit['pid']);

          // Strip the "/" from the end of the parent thread.
          $parent->thread = (string) rtrim((string) $parent->thread, '/');

          // Get the max value in _this_ thread.
          $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));

          if ($max == '') {
            // First child of this parent.
            $thread = $parent->thread .'.'. int2vancode(0) .'/';
          }
          else {
            // Strip the "/" at the end of the thread.
            $max = rtrim($max, '/');

            // We need to get the value at the correct depth.
            $parts = explode('.', $max);
            $parent_depth = count(explode('.', $parent->thread));
            $last = $parts[$parent_depth];

            // Finally, build the thread field for this new comment.
            $thread = $parent->thread .'.'. int2vancode(vancode2int($last) + 1) .'/';
          }
        }

        $edit['cid'] = db_next_id('{comments}_cid');
        $edit['timestamp'] = time();

        if ($edit['uid'] === $user->uid) { // '===' because we want to modify anonymous users too
          $edit['name'] = $user->name;
        }

        db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);

        _comment_update_node_statistics($edit['nid']);

        // Tell the other modules a new comment has been submitted.
        comment_invoke_comment($edit, 'insert');

        // Add an entry to the watchdog log.
        watchdog('content', t('Comment: added %subject.', array('%subject' => $edit['subject'])), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
      }

      // Clear the cache so an anonymous user can see his comment being added.
      cache_clear_all();

      // Explain the approval queue if necessary, and then
      // redirect the user to the node he's commenting on.
      if ($status == COMMENT_NOT_PUBLISHED) {
        drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
      }	      
      else 
	  {
        comment_invoke_comment($edit, 'publish');
	  }
      return $edit['cid'];
    }
    else {
      return FALSE;
    }
  }
  else {
    $txt = t('Comment: unauthorized comment submitted or comment submitted to a closed node %subject.', array('%subject' => $edit['subject']));
    watchdog('content', $txt, WATCHDOG_WARNING);
    drupal_set_message($txt, 'error');
    return FALSE;
  }
}

function comment_links($comment, $return = 1) {
  global $user;

  $links = array();

  // If we are viewing just this comment, we link back to the node.
  if ($return) {
    $links['comment_parent'] = array(
      'title' => t('parent'),
      'href' => comment_node_url(),
      'fragment' => "comment-$comment->cid"
    );
  }

  if (node_comment_mode($comment->nid) == COMMENT_NODE_READ_WRITE) {
    if (user_access('administer comments') && user_access('post comments')) {
      $links['comment_delete'] = array(
        'title' => t('delete'),
        'href' => "comment/delete/$comment->cid"
      );
      $links['comment_edit'] = array(
        'title' => t('edit'),
        'href' => "comment/edit/$comment->cid"
      );
      $links['comment_reply'] = array(
        'title' => t('reply'),
        'href' => "comment/reply/$comment->nid/$comment->cid"
      );
    }
    else if (user_access('post comments')) {
      if (comment_access('edit', $comment)) {
        $links['comment_edit'] = array(
          'title' => t('edit'),
          'href' => "comment/edit/$comment->cid"
        );
      }
      $links['comment_reply'] = array(
        'title' => t('reply'),
        'href' => "comment/reply/$comment->nid/$comment->cid"
      );
    }
    else {
      $links['comment_forbidden']['title'] = theme('comment_post_forbidden', $comment->nid);
    }
  }

  return $links;
}

/**
 * Renders comment(s).
 *
 * @param $node
 *   The node which comment(s) needs rendering.
 * @param $cid
 *   Optional, if given, only one comment is rendered.
 *
 * To display threaded comments in the correct order we keep a 'thread' field
 * and order by that value. This field keeps this data in
 * a way which is easy to update and convenient to use.
 *
 * A "thread" value starts at "1". If we add a child (A) to this comment,
 * we assign it a "thread" = "1.1". A child of (A) will have "1.1.1". Next
 * brother of (A) will get "1.2". Next brother of the parent of (A) will get
 * "2" and so on.
 *
 * First of all note that the thread field stores the depth of the comment:
 * depth 0 will be "X", depth 1 "X.X", depth 2 "X.X.X", etc.
 *
 * Now to get the ordering right, consider this example:
 *
 * 1
 * 1.1
 * 1.1.1
 * 1.2
 * 2
 *
 * If we "ORDER BY thread ASC" we get the above result, and this is the
 * natural order sorted by time. However, if we "ORDER BY thread DESC"
 * we get:
 *
 * 2
 * 1.2
 * 1.1.1
 * 1.1
 * 1
 *
 * Clearly, this is not a natural way to see a thread, and users will get
 * confused. The natural order to show a thread by time desc would be:
 *
 * 2
 * 1
 * 1.2
 * 1.1
 * 1.1.1
 *
 * which is what we already did before the standard pager patch. To achieve
 * this we simply add a "/" at the end of each "thread" value. This way out
 * thread fields will look like depicted below:
 *
 * 1/
 * 1.1/
 * 1.1.1/
 * 1.2/
 * 2/
 *
 * we add "/" since this char is, in ASCII, higher than every number, so if
 * now we "ORDER BY thread DESC" we get the correct order. However this would
 * spoil the reverse ordering, "ORDER BY thread ASC" -- here, we do not need
 * to consider the trailing "/" so we use a substring only.
 */
function comment_render($node, $cid = 0) {
  global $user;

  $output = '';

  if (user_access('access comments')) {
    // Pre-process variables.
    $nid = $node->nid;
    if (empty($nid)) {
      $nid = 0;
    }

    $mode = _comment_get_display_setting('mode');
    $order = _comment_get_display_setting('sort');
    $comments_per_page = _comment_get_display_setting('comments_per_page');

    if ($cid) {
      // Single comment view.
      $query = 'SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.status FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d';
      $query_args = array($cid);
      if (!user_access('administer comments')) {
        $query .= ' AND c.status = %d';
        $query_args[] = COMMENT_PUBLISHED;
      }

      $result = db_query($query, $query_args);

      if ($comment = db_fetch_object($result)) {
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $links = module_invoke_all('link', 'comment', $comment, 1);

        foreach (module_implements('link_alter') as $module) {
          $function = $module .'_link_alter';
          $function($node, $links);
        }

        $output .= theme('comment_view', $comment, $links);
      }
    }
    else {
      // Multiple comment view
      $query_count = 'SELECT COUNT(*) FROM {comments} WHERE nid = %d';
      $query = 'SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.thread, c.status FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.nid = %d';

      $query_args = array($nid);
      if (!user_access('administer comments')) {
        $query .= ' AND c.status = %d';
        $query_count .= ' AND status = %d';
        $query_args[] = COMMENT_PUBLISHED;
      }

      if ($order == COMMENT_ORDER_NEWEST_FIRST) {
        if ($mode == COMMENT_MODE_FLAT_COLLAPSED || $mode == COMMENT_MODE_FLAT_EXPANDED) {
          $query .= ' ORDER BY c.timestamp DESC';
        }
        else {
          $query .= ' ORDER BY c.thread DESC';
        }
      }
      else if ($order == COMMENT_ORDER_OLDEST_FIRST) {
        if ($mode == COMMENT_MODE_FLAT_COLLAPSED || $mode == COMMENT_MODE_FLAT_EXPANDED) {
          $query .= ' ORDER BY c.timestamp';
        }
        else {

          /*
          ** See comment above. Analysis learns that this doesn't cost
          ** too much. It scales much much better than having the whole
          ** comment structure.
          */

          $query .= ' ORDER BY SUBSTRING(c.thread, 1, (LENGTH(c.thread) - 1))';
        }
      }

      // Start a form, for use with comment control.
      $result = pager_query($query, $comments_per_page, 0, $query_count, $query_args);
      if (db_num_rows($result) && (variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE || variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE_BELOW)) {
        $output .= drupal_get_form('comment_controls', $mode, $order, $comments_per_page);
      }

      $divs = 0;
      $last_depth = 0;
      drupal_add_css(drupal_get_path('module', 'comment') .'/comment.css');
      while ($comment = db_fetch_object($result)) {
        $comment = drupal_unpack($comment);
        $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
        $comment->depth = count(explode('.', $comment->thread)) - 1;

        if ($mode == COMMENT_MODE_THREADED_COLLAPSED || $mode == COMMENT_MODE_THREADED_EXPANDED) {
          if ($comment->depth > $last_depth) {
            $divs++;
            $output .= '<div class="indented">';
            $last_depth++;
          }
          else {
            while ($comment->depth < $last_depth) {
              $divs--;
              $output .= '</div>';
              $last_depth--;
            }
          }
        }

        if ($mode == COMMENT_MODE_FLAT_COLLAPSED) {
          $output .= theme('comment_flat_collapsed', $comment);
        }
        else if ($mode == COMMENT_MODE_FLAT_EXPANDED) {
          $output .= theme('comment_flat_expanded', $comment);
        }
        else if ($mode == COMMENT_MODE_THREADED_COLLAPSED) {
          $output .= theme('comment_thread_collapsed', $comment);
        }
        else if ($mode == COMMENT_MODE_THREADED_EXPANDED) {
          $output .= theme('comment_thread_expanded', $comment);
        }
      }
      for ($i = 0; $i < $divs; $i++) {
        $output .= '</div>';
      }
      $output .= theme('pager', NULL, $comments_per_page, 0);

      if (db_num_rows($result) && (variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_BELOW || variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE_BELOW)) {
        $output .= drupal_get_form('comment_controls', $mode, $order, $comments_per_page);
      }
    }

    // If enabled, show new comment form.
    if (user_access('post comments') && node_comment_mode($nid) == COMMENT_NODE_READ_WRITE && (variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_BELOW)) {
      $output .= comment_form_box(array('nid' => $nid), t('Post new comment'));
    }

    $output = theme('comment_wrapper', $output);
  }

  return $output;
}

/**
 * Menu callback; delete a comment.
 */
function comment_delete($cid = NULL) {
  $comment = db_fetch_object(db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.cid = %d', $cid));
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;

  $output = '';

  // We'll only delete if the user has confirmed the
  // deletion using the form in our else clause below.
  if (is_object($comment) && is_numeric($comment->cid) && $_POST['confirm']) {
    drupal_set_message(t('The comment and all its replies have been deleted.'));

    // Delete comment and its replies.
    _comment_delete_thread($comment);

    _comment_update_node_statistics($comment->nid);

    // Clear the cache so an anonymous user sees that his comment was deleted.
    cache_clear_all();

    drupal_goto("node/$comment->nid");
  }
  else if (is_object($comment) && is_numeric($comment->cid)) {
    $output = drupal_get_form('comment_confirm_delete', $comment->subject, $comment->nid);
  }
  else {
    drupal_set_message(t('The comment no longer exists.'));
  }

  return $output;
}

function comment_confirm_delete($subject, $nid) {
  return confirm_form(
    array(),
    t('Are you sure you want to delete the comment %title?', array('%title' => $subject)),
    'node/'. $nid,
    t('Any replies to this comment will be lost. This action cannot be undone.'),
    t('Delete'),
    t('Cancel'));
}

/**
 * Comment operations. We offer different update operations depending on
 * which comment administration page we're on.
 */
function comment_operations($action = NULL) {
  if ($action == 'publish') {
    $operations = array(
      'publish' => array(t('Publish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_PUBLISHED .' WHERE cid = %d'),
      'delete' => array(t('Delete the selected comments'), '')
    );
  }
  else if ($action == 'unpublish') {
    $operations = array(
      'unpublish' => array(t('Unpublish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_NOT_PUBLISHED .' WHERE cid = %d'),
      'delete' => array(t('Delete the selected comments'), '')
    );
  }
  else {
    $operations = array(
      'publish' => array(t('Publish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_PUBLISHED .' WHERE cid = %d'),
      'unpublish' => array(t('Unpublish the selected comments'), 'UPDATE {comments} SET status = '. COMMENT_NOT_PUBLISHED .' WHERE cid = %d'),
      'delete' => array(t('Delete the selected comments'), '')
    );
  }
  return $operations;
}

/**
 * Menu callback; present an administrative comment listing.
 */
function comment_admin($type = 'new') {
  $edit = $_POST;

  if ($edit['operation'] == 'delete' && $edit['comments']) {
    return drupal_get_form('comment_multiple_delete_confirm');
  }
  else {
    return drupal_get_form('comment_admin_overview', $type, arg(4));
  }
}

function comment_admin_overview($type = 'new', $arg) {
  // build an 'Update options' form
  $form['options'] = array(
    '#type' => 'fieldset', '#title' => t('Update options'),
    '#prefix' => '<div class="container-inline">', '#suffix' => '</div>'
  );
  $options = array();
  foreach (comment_operations($arg == 'approval' ? 'publish' : 'unpublish') as $key => $value) {
    $options[$key] = $value[0];
  }
  $form['options']['operation'] = array('#type' => 'select', '#options' => $options, '#default_value' => 'publish');
  $form['options']['submit'] = array('#type' => 'submit', '#value' => t('Update'));

  // load the comments that we want to display
  $status = ($type == 'approval') ? COMMENT_NOT_PUBLISHED : COMMENT_PUBLISHED;
  $form['header'] = array('#type' => 'value', '#value' => array(
    theme('table_select_header_cell'),
    array('data' => t('Subject'), 'field' => 'subject'),
    array('data' => t('Author'), 'field' => 'name'),
    array('data' => t('Time'), 'field' => 'timestamp', 'sort' => 'desc'),
    array('data' => t('Operations'))
  ));
  $result = pager_query('SELECT c.subject, c.nid, c.cid, c.comment, c.timestamp, c.status, c.name, c.homepage, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.status = %d'. tablesort_sql($form['header']['#value']), 50, 0, NULL, $status);

  // build a table listing the appropriate comments
  $destination = drupal_get_destination();
  while ($comment = db_fetch_object($result)) {
    $comments[$comment->cid] = '';
    $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
    $form['subject'][$comment->cid] = array('#value' => l($comment->subject, 'node/'. $comment->nid, array('title' => truncate_utf8($comment->comment, 128)), NULL, 'comment-'. $comment->cid));
    $form['username'][$comment->cid] = array('#value' => theme('username', $comment));
    $form['timestamp'][$comment->cid] = array('#value' => format_date($comment->timestamp, 'small'));
    $form['operations'][$comment->cid] = array('#value' => l(t('edit'), 'comment/edit/'. $comment->cid, array(), $destination));
  }
  $form['comments'] = array('#type' => 'checkboxes', '#options' => $comments);
  $form['pager'] = array('#value' => theme('pager', NULL, 50, 0));
  return $form;
}

/**
 * We can't execute any 'Update options' if no comments were selected.
 */
function comment_admin_overview_validate($form_id, $form_values) {
  $form_values['comments'] = array_diff($form_values['comments'], array(0));
  if (count($form_values['comments']) == 0) {
    form_set_error('', t('Please select one or more comments to perform the update on.'));
    drupal_goto('admin/content/comment');
  }
}

/**
 * Execute the chosen 'Update option' on the selected comments, such as
 * publishing, unpublishing or deleting.
 */
function comment_admin_overview_submit($form_id, $form_values) {
  $operations = comment_operations();
  if ($operations[$form_values['operation']][1]) {
    // extract the appropriate database query operation
    $query = $operations[$form_values['operation']][1];
    foreach ($form_values['comments'] as $cid => $value) {
      if ($value) {
        // perform the update action, then refresh node statistics
        db_query($query, $cid);
        $comment = _comment_load($cid);
        _comment_update_node_statistics($comment->nid);
        // Allow modules to respond to the updating of a comment.
        comment_invoke_comment($comment, $form_values['operation']);
        // Add an entry to the watchdog log.
        watchdog('content', t('Comment: updated %subject.', array('%subject' => $comment->subject)), WATCHDOG_NOTICE, l(t('view'), 'node/'. $comment->nid, NULL, NULL, 'comment-'. $comment->cid));
      }
    }
    cache_clear_all();
    drupal_set_message(t('The update has been performed.'));
    drupal_goto('admin/content/comment');
  }
}

function theme_comment_admin_overview($form) {
  $output = drupal_render($form['options']);
  if (isset($form['subject']) && is_array($form['subject'])) {
    foreach (element_children($form['subject']) as $key) {
      $row = array();
      $row[] = drupal_render($form['comments'][$key]);
      $row[] = drupal_render($form['subject'][$key]);
      $row[] = drupal_render($form['username'][$key]);
      $row[] = drupal_render($form['timestamp'][$key]);
      $row[] = drupal_render($form['operations'][$key]);
      $rows[] = $row;
    }
  }
  else {
    $rows[] = array(array('data' => t('No comments available.'), 'colspan' => '6'));
  }

  $output .= theme('table', $form['header']['#value'], $rows);
  if ($form['pager']['#value']) {
    $output .= drupal_render($form['pager']);
  }

  $output .= drupal_render($form);

  return $output;
}

/**
 * List the selected comments and verify that the admin really wants to delete
 * them.
 */
function comment_multiple_delete_confirm() {
  $edit = $_POST;

  $form['comments'] = array('#prefix' => '<ul>', '#suffix' => '</ul>', '#tree' => TRUE);
  // array_filter() returns only elements with actual values
  $comment_counter = 0;
  foreach (array_filter($edit['comments']) as $cid => $value) {
    $comment = _comment_load($cid);
    if (is_object($comment) && is_numeric($comment->cid)) {
      $subject = db_result(db_query('SELECT subject FROM {comments} WHERE cid = %d', $cid));
      $form['comments'][$cid] = array('#type' => 'hidden', '#value' => $cid, '#prefix' => '<li>', '#suffix' => check_plain($subject) .'</li>');
      $comment_counter++;
    }
  }
  $form['operation'] = array('#type' => 'hidden', '#value' => 'delete');

  if (!$comment_counter) {
    drupal_set_message(t('There do not appear to be any comments to delete or your selected comment was deleted by another administrator.'));
    drupal_goto('admin/content/comment');
  }
  else {
    return confirm_form($form,
                        t('Are you sure you want to delete these comments and all their children?'),
                        'admin/content/comment', t('This action cannot be undone.'),
                        t('Delete comments'), t('Cancel'));
  }
}

/**
 * Perform the actual comment deletion.
 */
function comment_multiple_delete_confirm_submit($form_id, $form_values) {
  if ($form_values['confirm']) {
    foreach ($form_values['comments'] as $cid => $value) {
      $comment = _comment_load($cid);
      _comment_delete_thread($comment);
      _comment_update_node_statistics($comment->nid);
    }
    cache_clear_all();
    drupal_set_message(t('The comments have been deleted.'));
  }
  drupal_goto('admin/content/comment');
}

/**
*** misc functions: helpers, privates, history
**/

/**
 * Load the entire comment by cid.
 */
function _comment_load($cid) {
  return db_fetch_object(db_query('SELECT * FROM {comments} WHERE cid = %d', $cid));
}

function comment_num_all($nid) {
  static $cache;

  if (!isset($cache[$nid])) {
    $cache[$nid] = db_result(db_query('SELECT comment_count FROM {node_comment_statistics} WHERE nid = %d', $nid));
  }
  return $cache[$nid];
}

function comment_num_replies($pid) {
  static $cache;

  if (!isset($cache[$pid])) {
    $cache[$pid] = db_result(db_query('SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND status = %d', $pid, COMMENT_PUBLISHED));
  }

  return $cache[$pid];
}

/**
 * get number of new comments for current user and specified node
 *
 * @param $nid node-id to count comments for
 * @param $timestamp time to count from (defaults to time of last user access
 *   to node)
 */
function comment_num_new($nid, $timestamp = 0) {
  global $user;

  if ($user->uid) {
    // Retrieve the timestamp at which the current user last viewed the
    // specified node.
    if (!$timestamp) {
      $timestamp = node_last_viewed($nid);
    }
    $timestamp = ($timestamp > NODE_NEW_LIMIT ? $timestamp : NODE_NEW_LIMIT);

    // Use the timestamp to retrieve the number of new comments.
    $result = db_result(db_query('SELECT COUNT(c.cid) FROM {node} n INNER JOIN {comments} c ON n.nid = c.nid WHERE n.nid = %d AND timestamp > %d AND c.status = %d', $nid, $timestamp, COMMENT_PUBLISHED));

    return $result;
  }
  else {
    return 0;
  }

}

function comment_validate($edit) {
  global $user;

  // Invoke other validation handlers
  comment_invoke_comment($edit, 'validate');

  if (isset($edit['date'])) {
    // As of PHP 5.1.0, strtotime returns FALSE upon failure instead of -1.
    if (strtotime($edit['date']) <= 0) {
      form_set_error('date', t('You have to specify a valid date.'));
    }
  }
  if (isset($edit['author']) && !$account = user_load(array('name' => $edit['author']))) {
    form_set_error('author', t('You have to specify a valid author.'));
  }

  // Check validity of name, mail and homepage (if given)
  if (!$user->uid || isset($edit['is_anonymous'])) {
    if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) > COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
      if ($edit['name']) {
        $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", $edit['name']), 0);

        if ($taken != 0) {
          form_set_error('name', t('The name you used belongs to a registered user.'));
        }

      }
      else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
        form_set_error('name', t('You have to leave your name.'));
      }

      if ($edit['mail']) {
        if (!valid_email_address($edit['mail'])) {
          form_set_error('mail', t('The e-mail address you specified is not valid.'));
        }
      }
      else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
        form_set_error('mail', t('You have to leave an e-mail address.'));
      }

      if ($edit['homepage']) {
        if (!valid_url($edit['homepage'], TRUE)) {
          form_set_error('homepage', t('The URL of your homepage is not valid. Remember that it must be fully qualified, i.e. of the form <code>http://example.com/directory</code>.'));
        }
      }
    }
  }

  return $edit;
}

/*
** Generate the basic commenting form, for appending to a node or display on a separate page.
** This is rendered by theme_comment_form.
*/

function comment_form($edit, $title = NULL) {
  global $user;

  $op = isset($_POST['op']) ? $_POST['op'] : '';

  if ($user->uid) {
    if ($edit['cid'] && user_access('administer comments')) {
      if ($edit['author']) {
        $author = $edit['author'];
      }
      elseif ($edit['name']) {
        $author = $edit['name'];
      }
      else {
        $author = $edit['registered_name'];
      }

      if ($edit['status']) {
        $status = $edit['status'];
      }
      else {
        $status = 0;
      }

      if ($edit['date']) {
        $date = $edit['date'];
      }
      else {
        $date = format_date($edit['timestamp'], 'custom', 'Y-m-d H:i O');
      }

      $form['admin'] = array(
        '#type' => 'fieldset',
        '#title' => t('Administration'),
        '#collapsible' => TRUE,
        '#collapsed' => TRUE,
        '#weight' => -2,
      );

      if ($edit['registered_name'] != '') {
        // The comment is by a registered user
        $form['admin']['author'] = array(
          '#type' => 'textfield',
          '#title' => t('Authored by'),
          '#size' => 30,
          '#maxlength' => 60,
          '#autocomplete_path' => 'user/autocomplete',
          '#default_value' => $author,
          '#weight' => -1,
        );
      }
      else {
        // The comment is by an anonymous user
        $form['is_anonymous'] = array(
          '#type' => 'value',
          '#value' => TRUE,
        );
        $form['admin']['name'] = array(
          '#type' => 'textfield',
          '#title' => t('Authored by'),
          '#size' => 30,
          '#maxlength' => 60,
          '#default_value' => $author,
          '#weight' => -1,
        );
        $form['admin']['mail'] = array(
          '#type' => 'textfield',
          '#title' => t('E-mail'),
          '#maxlength' => 64,
          '#size' => 30,
          '#default_value' => $edit['mail'],
          '#description' => t('The content of this field is kept private and will not be shown publicly.'),
        );

        $form['admin']['homepage'] = array(
          '#type' => 'textfield',
          '#title' => t('Homepage'),
          '#maxlength' => 255,
          '#size' => 30,
          '#default_value' => $edit['homepage'],
        );
      }

      $form['admin']['date'] = array('#type' => 'textfield', '#parents' => array('date'), '#title' => t('Authored on'), '#size' => 20, '#maxlength' => 25, '#default_value' => $date, '#weight' => -1);

      $form['admin']['status'] = array('#type' => 'radios', '#parents' => array('status'), '#title' => t('Status'), '#default_value' =>  $status, '#options' => array(t('Published'), t('Not published')), '#weight' => -1);

    }
    else {
      $form['_author'] = array('#type' => 'item', '#title' => t('Your name'), '#value' => theme('username', $user)
      );
      $form['author'] = array('#type' => 'value', '#value' => $user->name);
    }
  }
  else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MAY_CONTACT) {
    $form['name'] = array('#type' => 'textfield', '#title' => t('Your name'), '#maxlength' => 60, '#size' => 30, '#default_value' => $edit['name'] ? $edit['name'] : variable_get('anonymous', t('Anonymous'))
    );

    $form['mail'] = array('#type' => 'textfield', '#title' => t('E-mail'), '#maxlength' => 64, '#size' => 30, '#default_value' => $edit['mail'], '#description' => t('The content of this field is kept private and will not be shown publicly.')
    );

    $form['homepage'] = array('#type' => 'textfield', '#title' => t('Homepage'), '#maxlength' => 255, '#size' => 30, '#default_value' => $edit['homepage']);
  }
  else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
    $form['name'] = array('#type' => 'textfield', '#title' => t('Your name'), '#maxlength' => 60, '#size' => 30, '#default_value' => $edit['name'] ? $edit['name'] : variable_get('anonymous', t('Anonymous')), '#required' => TRUE);

    $form['mail'] = array('#type' => 'textfield', '#title' => t('E-mail'), '#maxlength' => 64, '#size' => 30, '#default_value' => $edit['mail'], '#description' => t('The content of this field is kept private and will not be shown publicly.'), '#required' => TRUE);

    $form['homepage'] = array('#type' => 'textfield', '#title' => t('Homepage'), '#maxlength' => 255, '#size' => 30, '#default_value' => $edit['homepage']);
  }

  if (variable_get('comment_subject_field', 1) == 1) {
    $form['subject'] = array('#type' => 'textfield', '#title' => t('Subject'), '#maxlength' => 64, '#default_value' => $edit['subject']);
  }

  $form['comment_filter']['comment'] = array('#type' => 'textarea', '#title' => t('Comment'), '#rows' => 15, '#default_value' => $edit['comment'] ? $edit['comment'] : $user->signature, '#required' => TRUE);
  if (!isset($edit['format'])) {
    $edit['format'] = FILTER_FORMAT_DEFAULT;
  }
  $form['comment_filter']['format'] = filter_form($edit['format']);

  $form['cid'] = array('#type' => 'value', '#value' => $edit['cid']);
  $form['pid'] = array('#type' => 'value', '#value' => $edit['pid']);
  $form['nid'] = array('#type' => 'value', '#value' => $edit['nid']);
  $form['uid'] = array('#type' => 'value', '#value' => $edit['uid']);

  $form['preview'] = array('#type' => 'button', '#value' => t('Preview comment'), '#weight' => 19);
  $form['#token'] = 'comment'. $edit['nid'] . $edit['pid'];

  // Only show post button if preview is optional or if we are in preview mode.
  // We show the post button in preview mode even if there are form errors so that
  // optional form elements (e.g., captcha) can be updated in preview mode.
  if (!form_get_errors() && ((variable_get('comment_preview', COMMENT_PREVIEW_REQUIRED) == COMMENT_PREVIEW_OPTIONAL) || ($op == t('Preview comment')) || ($op == t('Post comment')))) {
    $form['submit'] = array('#type' => 'submit', '#value' => t('Post comment'), '#weight' => 20);
  }

  if ($op == t('Preview comment')) {
    $form['#after_build'] = array('comment_form_add_preview');
  }

  if ($_REQUEST['destination']) {
    $form['#attributes']['destination'] = $_REQUEST['destination'];
  }

  if (empty($edit['cid']) && empty($edit['pid'])) {
    $form['#action'] = url('comment/reply/'. $edit['nid']);
  }

  // Graft in extra form additions
  $form = array_merge($form, comment_invoke_comment($form, 'form'));
  return $form;
}

function comment_form_box($edit, $title = NULL) {
  return theme('box', $title, drupal_get_form('comment_form', $edit, $title));
}

function comment_form_add_preview($form, $edit) {
  global $user;

  drupal_set_title(t('Preview comment'));

  $output = '';

  // Invoke full validation for the form, to protect against cross site
  // request forgeries (CSRF) and setting arbitrary values for fields such as
  // the input format. Preview the comment only when form validation does not
  // set any errors.
  drupal_validate_form($form['form_id']['#value'], $form);
  if (!form_get_errors()) {
    $comment = (object)_comment_form_submit($edit);

    // Attach the user and time information.
    if ($edit['author']) {
      $account = user_load(array('name' => $edit['author']));
    }
    elseif ($user->uid && !isset($edit['is_anonymous'])) {
      $account = $user;
    }
    if ($account) {
      $comment->uid = $account->uid;
      $comment->name = check_plain($account->name);
    }
    $comment->timestamp = $edit['timestamp'] ? $edit['timestamp'] : time();
    $output .= theme('comment_view', $comment);
  }
  $form['comment_preview'] = array(
    '#value' => $output,
    '#weight' => -100,
    '#prefix' => '<div class="preview">',
    '#suffix' => '</div>',
  );

  $output = '';

  if ($edit['pid']) {
    $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d', $edit['pid'], COMMENT_PUBLISHED));
    $comment = drupal_unpack($comment);
    $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
    $output .= theme('comment_view', $comment);
  }
  else {
    $form['#suffix'] = node_view(node_load($edit['nid']));
    $edit['pid'] = 0;
  }

  $form['comment_preview_below'] = array('#value' => $output, '#weight' => 100);

  return $form;
}

function comment_form_validate($form_id, $form_values) {
  comment_validate($form_values);
}

function _comment_form_submit($form_values) {
  if (!isset($form_values['date'])) {
    $form_values['date'] = 'now';
  }
  $form_values['timestamp'] = strtotime($form_values['date']);
  if (isset($form_values['author'])) {
    $account = user_load(array('name' => $form_values['author']));
    $form_values['uid'] = $account->uid;
    $form_values['name'] = $form_values['author'];
  }
  // Validate the comment's subject. If not specified, extract
  // one from the comment's body.
  if (trim($form_values['subject']) == '') {
    // The body may be in any format, so we:
    // 1) Filter it into HTML
    // 2) Strip out all HTML tags
    // 3) Convert entities back to plain-text.
    // Note: format is checked by check_markup().
    $form_values['subject'] = trim(truncate_utf8(decode_entities(strip_tags(check_markup($form_values['comment'], $form_values['format']))), 29, TRUE));
    // Edge cases where the comment body is populated only by HTML tags will
    // require a default subject.
    if ($form_values['subject'] == '') {
      $form_values['subject'] = t('(No subject)');
    }
  }

  return $form_values;
}

function comment_form_submit($form_id, $form_values) {
  $form_values = _comment_form_submit($form_values);
  if ($cid = comment_save($form_values)) {
    return array('node/'. $form_values['nid'], NULL, "comment-$cid");
  }
}

/*
** Renderer or visualization functions this can be optionally
** overridden by themes.
*/

function theme_comment_preview($comment, $links = array(), $visible = 1) {
  $output = '<div class="preview">';
  $output .= theme('comment_view', $comment, $links, $visible);
  $output .= '</div>';
  return $output;
};

function theme_comment_view($comment, $links = array(), $visible = 1) {
  static $first_new = TRUE;

  $output = '';
  $comment->new = node_mark($comment->nid, $comment->timestamp);
  if ($first_new && $comment->new != MARK_READ) {
    // Assign the anchor only for the first new comment. This avoids duplicate
    // id attributes on a page.
    $first_new = FALSE;
    $output .= "<a id=\"new\"></a>\n";
  }

  $output .= "<a id=\"comment-$comment->cid\"></a>\n";

  // Switch to folded/unfolded view of the comment
  if ($visible) {
    $comment->comment = check_markup($comment->comment, $comment->format, FALSE);

    // Comment API hook
    comment_invoke_comment($comment, 'view');

    $output .= theme('comment', $comment, $links);
  }
  else {
    $output .= theme('comment_folded', $comment);
  }

  return $output;
}

function comment_controls($mode = COMMENT_MODE_THREADED_EXPANDED, $order = COMMENT_ORDER_NEWEST_FIRST, $comments_per_page = 50) {
  $form['mode'] = array('#type' => 'select',
    '#default_value' => $mode,
    '#options' => _comment_get_modes(),
    '#weight' => 1,
  );
  $form['order'] = array(
    '#type' => 'select',
    '#default_value' => $order,
    '#options' => _comment_get_orders(),
    '#weight' => 2,
  );
  foreach (_comment_per_page() as $i) {
    $options[$i] = t('!a comments per page', array('!a' => $i));
  }
  $form['comments_per_page'] = array('#type' => 'select',
    '#default_value' => $comments_per_page,
    '#options' => $options,
    '#weight' => 3,
  );

  $form['submit'] = array('#type' => 'submit',
    '#value' => t('Save settings'),
    '#weight' => 20,
  );

  return $form;
}

function theme_comment_controls($form) {
  $output .= '<div class="container-inline">';
  $output .=  drupal_render($form);
  $output .= '</div>';
  $output .= '<div class="description">'. t('Select your preferred way to display the comments and click "Save settings" to activate your changes.') .'</div>';
  return theme('box', t('Comment viewing options'), $output);
}

function comment_controls_submit($form_id, $form_values) {
  global $user;

  $mode = $form_values['mode'];
  $order = $form_values['order'];
  $comments_per_page = $form_values['comments_per_page'];

  if ($user->uid) {
    $user = user_save($user, array('mode' => $mode, 'sort' => $order, 'comments_per_page' => $comments_per_page));
  }
  else {
    $_SESSION['comment_mode'] = $mode;
    $_SESSION['comment_sort'] = $order;
    $_SESSION['comment_comments_per_page'] = $comments_per_page;
  }
}

function theme_comment($comment, $links = array()) {
  $output  = '<div class="comment'. ($comment->status == COMMENT_NOT_PUBLISHED ? ' comment-unpublished' : '') .'">';
  $output .= '<div class="subject">'. l($comment->subject, $_GET['q'], NULL, NULL, "comment-$comment->cid") .' '. theme('mark', $comment->new) ."</div>\n";
  $output .= '<div class="credit">'. t('by %a on %b', array('%a' => theme('username', $comment), '%b' => format_date($comment->timestamp))) ."</div>\n";
  $output .= '<div class="body">'. $comment->comment .'</div>';
  $output .= '<div class="links">'. theme('links', $links) .'</div>';
  $output .= '</div>';
  return $output;
}

function theme_comment_folded($comment) {
  $output  = "<div class=\"comment-folded\">\n";
  $output .= ' <span class="subject">'. l($comment->subject, comment_node_url() .'/'. $comment->cid, NULL, NULL, "comment-$comment->cid") .' '. theme('mark', $comment->new) .'</span> ';
  $output .= '<span class="credit">'. t('by') .' '. theme('username', $comment) ."</span>\n";
  $output .= "</div>\n";
  return $output;
}

function theme_comment_flat_collapsed($comment) {
  return theme('comment_view', $comment, '', 0);
}

function theme_comment_flat_expanded($comment) {
  return theme('comment_view', $comment, module_invoke_all('link', 'comment', $comment, 0));
}

function theme_comment_thread_collapsed($comment) {
  $output .= theme('comment_view', $comment, '', 0);
  return $output;
}

function theme_comment_thread_expanded($comment) {
  $output = '';
  $output .= theme('comment_view', $comment, module_invoke_all('link', 'comment', $comment, 0));
  return $output;
}

function theme_comment_post_forbidden($nid) {
  global $user;
  if ($user->uid) {
    return t("you can't post comments");
  }
  else {
    // we cannot use drupal_get_destination() because these links sometimes appear on /node and taxo listing pages
    if (variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_SEPARATE_PAGE) {
      $destination = "destination=". drupal_urlencode("comment/reply/$nid#comment_form");
    }
    else {
      $destination = "destination=". drupal_urlencode("node/$nid#comment_form");
    }

    if (variable_get('user_register', 1)) {
      return t('<a href="@login">Login</a> or <a href="@register">register</a> to post comments', array('@login' => url('user/login', $destination), '@register' => url('user/register', $destination)));
    }
    else {
      return t('<a href="@login">Login</a> to post comments', array('@login' => url('user/login', $destination)));
    }
  }
}

/**
 * Allow themable wrapping of all comments.
 */
function theme_comment_wrapper($content) {
  return '<div id="comments">'. $content .'</div>';
}

function _comment_delete_thread($comment) {
  if (!is_object($comment) || !is_numeric($comment->cid)) {
    watchdog('content', t('Can not delete non-existent comment.'), WATCHDOG_WARNING);
    return;
  }

  // Delete the comment:
  db_query('DELETE FROM {comments} WHERE cid = %d', $comment->cid);
  watchdog('content', t('Comment: deleted %subject.', array('%subject' => $comment->subject)));

  comment_invoke_comment($comment, 'delete');

  // Delete the comment's replies
  $result = db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE pid = %d', $comment->cid);
  while ($comment = db_fetch_object($result)) {
    $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
    _comment_delete_thread($comment);
  }
}

/**
 * Return an array of viewing modes for comment listings.
 *
 * We can't use a global variable array because the locale system
 * is not initialized yet when the comment module is loaded.
 */
function _comment_get_modes() {
  return array(
    COMMENT_MODE_FLAT_COLLAPSED => t('Flat list - collapsed'),
    COMMENT_MODE_FLAT_EXPANDED => t('Flat list - expanded'),
    COMMENT_MODE_THREADED_COLLAPSED => t('Threaded list - collapsed'),
    COMMENT_MODE_THREADED_EXPANDED => t('Threaded list - expanded')
  );
}

/**
 * Return an array of viewing orders for comment listings.
 *
 * We can't use a global variable array because the locale system
 * is not initialized yet when the comment module is loaded.
 */
function _comment_get_orders() {
  return array(
    COMMENT_ORDER_NEWEST_FIRST => t('Date - newest first'),
    COMMENT_ORDER_OLDEST_FIRST => t('Date - oldest first')
  );
}

/**
 * Return an array of "comments per page" settings from which the user
 * can choose.
 */
function _comment_per_page() {
  return drupal_map_assoc(array(10, 30, 50, 70, 90, 150, 200, 250, 300));
}

/**
 * Return a current comment display setting
 *
 * $setting can be one of these: 'mode', 'sort', 'comments_per_page'
 */
function _comment_get_display_setting($setting) {
  global $user;

  if (isset($_GET[$setting])) {
    $value = $_GET[$setting];
  }
  else {
    // get the setting's site default
    switch ($setting) {
      case 'mode':
        $default = variable_get('comment_default_mode', COMMENT_MODE_THREADED_EXPANDED);
        break;
      case 'sort':
        $default = variable_get('comment_default_order', COMMENT_ORDER_NEWEST_FIRST);
        break;
      case 'comments_per_page':
        $default = variable_get('comment_default_per_page', '50');
    }
    if (variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_HIDDEN) {
      // if comment controls are disabled use site default
      $value = $default;
    }
    else {
      // otherwise use the user's setting if set
      if ($user->$setting) {
        $value = $user->$setting;
      }
      else if ($_SESSION['comment_'. $setting]) {
        $value = $_SESSION['comment_'. $setting];
      }
      else {
        $value = $default;
      }
    }
  }
  return $value;
}

/**
 * Updates the comment statistics for a given node. This should be called any
 * time a comment is added, deleted, or updated.
 *
 * The following fields are contained in the node_comment_statistics table.
 * - last_comment_timestamp: the timestamp of the last comment for this node or the node create stamp if no comments exist for the node.
 * - last_comment_name: the name of the anonymous poster for the last comment
 * - last_comment_uid: the uid of the poster for the last comment for this node or the node authors uid if no comments exists for the node.
 * - comment_count: the total number of approved/published comments on this node.
 */
function _comment_update_node_statistics($nid) {
  $count = db_result(db_query('SELECT COUNT(cid) FROM {comments} WHERE nid = %d AND status = %d', $nid, COMMENT_PUBLISHED));

  // comments exist
  if ($count > 0) {
    $last_reply = db_fetch_object(db_query_range('SELECT cid, name, timestamp, uid FROM {comments} WHERE nid = %d AND status = %d ORDER BY cid DESC', $nid, COMMENT_PUBLISHED, 0, 1));
    db_query("UPDATE {node_comment_statistics} SET comment_count = %d, last_comment_timestamp = %d, last_comment_name = '%s', last_comment_uid = %d WHERE nid = %d", $count, $last_reply->timestamp, $last_reply->uid ? '' : $last_reply->name, $last_reply->uid, $nid);
  }

  // no comments
  else {
    $node = db_fetch_object(db_query("SELECT uid, created FROM {node} WHERE nid = %d", $nid));
    db_query("UPDATE {node_comment_statistics} SET comment_count = 0, last_comment_timestamp = %d, last_comment_name = '', last_comment_uid = %d WHERE nid = %d", $node->created, $node->uid, $nid);
  }
}

/**
 * Invoke a hook_comment() operation in all modules.
 *
 * @param &$comment
 *   A comment object.
 * @param $op
 *   A string containing the name of the comment operation.
 * @return
 *   The returned value of the invoked hooks.
 */
function comment_invoke_comment(&$comment, $op) {
  $return = array();
  foreach (module_implements('comment') as $name) {
    $function = $name .'_comment';
    $result = $function($comment, $op);
    if (isset($result) && is_array($result)) {
      $return = array_merge($return, $result);
    }
    else if (isset($result)) {
      $return[] = $result;
    }
  }
  return $return;
}

/**
 * Generate vancode.
 *
 * Consists of a leading character indicating length, followed by N digits
 * with a numerical value in base 36. Vancodes can be sorted as strings
 * without messing up numerical order.
 *
 * It goes:
 * 00, 01, 02, ..., 0y, 0z,
 * 110, 111, ... , 1zy, 1zz,
 * 2100, 2101, ..., 2zzy, 2zzz,
 * 31000, 31001, ...
 */
function int2vancode($i = 0) {
  $num = base_convert((int)$i, 10, 36);
  $length = strlen($num);
  return chr($length + ord('0') - 1) . $num;
}

/**
 * Decode vancode back to an integer.
 */
function vancode2int($c = '00') {
  return base_convert(substr($c, 1), 36, 10);
}
