Hi wondered if someone could help me out.
im using nuke 7.9 which has been fully patched and running an up to date version of nuke sentinal.
up until recently i have been using the bog standard review module that came with phpnuke. however this module makes it very difficult for users to navigate and search through the stored reviews.
I have come accross a reviews catgory module for phpnuke called JReviews. It works in the same way as the old review module but adds categories to the reviews index page (making it much easier for navigation/searching)
I have uploaded the module and carried out the sql dump in phpmyadmin, activated the module and proceeded to add a new review. This is where the problem starts.
It appears that the actual review module is stripping away all the html coding used when you add a new review. This obviously means no bold/italic/centering of images/underlining and so on.
Is there a way to stop this module from doing this?
Im a bit of a noob when it comes to coding and so wouldn't have a clue what to add/remove from the module index.php file.
I have posted this problem elsewhere but to no avail and no replies.
I would be more than happy to place a banner/button on my site and allow and copywrites to be added to the review module for the person who could help me out with this problem.
Here is the module code:
Code:
<?php
/***********************************************************/
/*                                                                                                     */
/* Author: Rancov Nicolae          aikons@gmail.com                              */
/*                                                                                                     */
/* This program is free software. You can redistribute it and/or modify   */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License.           */
/***********************************************************/
if (!eregi("modules.php", $_SERVER['PHP_SELF'])) {
    die ("You can't access this file directly...");
}
if (stristr($_SERVER["QUERY_STRING"],'%25')) header("Location: index.php");
require_once("mainfile.php");
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
include("header.php");
    OpenTable();
 menu();
 CloseTable();
//configs
function breadcrb($id) {
global $db, $prefix, $module_name;
  $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories WHERE id='".intval($id)."'"));
  if ($row["parent"] <>0) {
   breadcrb($row["parent"]);
  echo '/<a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($row["id"]).'"><b>'.$row["name"].'</b></a>';
  } else {
   echo '<a href="modules.php?name='.$module_name.'"><b>'._REVIEWINDEX.'</b></a>/<a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($row["id"]).'"><b>'.$row["name"].'</b></a>';
  }
return $line;
}
function category_index($parent) {
 global $db, $prefix, $module_name;
OpenTable();
$nrcols=3;
$sql = "SELECT * FROM ".$prefix."_jreviews_categories WHERE parent='".$parent."' ORDER BY name ASC";
$result = $db->sql_query($sql);
echo '<table width="100%" border="0" cellspacing="0" cellpadding="5">
 <tr> ';
$k=1;
while ($row = $db->sql_fetchrow($result)) {
echo '<td align="center" width="'.floor(100/$nrcols).'%" valign="top"><strong>&raquo;</strong> <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.$row["id"].'"><b>'.$row["name"].'</b></a>';
categorynewreviewgraphic($row["id"]);
$sql1 = "SELECT * FROM ".$prefix."_jreviews_categories WHERE parent='".$row["id"]."' ORDER BY name ASC";
$result1 = $db->sql_query($sql1);
$t=1;
while ($subcat = $db->sql_fetchrow($result1)) {
 if ($t<>1) {
  echo ', <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.$subcat["id"].'">'.$subcat["name"].'</a>';
 } else {
  $t=0;
  echo '<br /><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.$subcat["id"].'">'.$subcat["name"].'</a>';
 }
categorynewreviewgraphic($subcat["id"]);
}
if (is_integer($k/$nrcols)) {
 echo '</td></tr>';
} else {
 echo '</td>';
}
$k++;
}
if (!is_integer($k/$nrcols)) {
echo '</tr>';
}
echo '</table><br/>';
CloseTable();
}
function display_score($score) {
    $image = "<img src=\"images/blue.gif\" alt=\"\">";
    $halfimage = "<img src=\"images/bluehalf.gif\" alt=\"\">";
    $full = "<img src=\"images/star.gif\" alt=\"\">";
if ($score==0) {
 echo '-';
} else {
    if ($score == 10) {
 for ($i=0; $i < 5; $i++)
     echo "$full";
    } else if ($score % 2) {
 $score -= 1;
 $score /= 2;
 for ($i=0; $i < $score; $i++)
     echo "$image";
     echo "$halfimage";
    } else {
 $score /= 2;
 for ($i=0; $i < $score; $i++)
     echo "$image";
    }
}
}
function write_review() {
    global $admin, $sitename, $user, $cookie, $prefix, $user_prefix, $currentlang, $multilingual, $db, $module_name;
    $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_config"));
    $anonpost=intval($row["anonpost"]);
    if (is_user($user) || $anonpost==1) {
    OpenTable();
    echo '<b>'._WRITEREVIEWFOR. $sitename.'</b><br><br>
    <i>'._ENTERINFO.'</i><br><br>
    <form method="post" action="modules.php?name='.$module_name.'">
    <b>'._PRODUCTTITLE.':</b><br>
    <input type="text" name="title" size="50" maxlength="150"><br>
    <i>'._NAMEPRODUCT.'</i><br>
    <b>Category:</b><select name="category">';
$sql = "SELECT * FROM ".$prefix."_jreviews_categories ORDER BY name ASC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
 echo '<option value="'.intval($row["id"]).'">'.stripslashes(check_html($row["name"], "nohtml")).'</option>';
}
echo '</select>';    
    if ($multilingual == 1) {
 echo "<br><b>"._LANGUAGE.": </b>"
     ."<select name=\"rlanguage\">";
 $handle=opendir('language');
 while ($file = readdir($handle)) {
     if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
         $langFound = $matches[1];
         $languageslist .= "$langFound ";
     }
 }
 closedir($handle);
 $languageslist = explode(" ", $languageslist);
 for ($i=0; $i < sizeof($languageslist); $i++) {
     if($languageslist[$i]!="") {
  echo "<option value=\"$languageslist[$i]\" ";
  if($languageslist[$i]==strtolower($currentlang)) echo "selected";
  echo ">$languageslist[$i]</option>\n";
     }
 }
 echo "</select><br><br>";
    } else {
 echo "<input type=\"hidden\" name=\"rlanguage\" value=\"$language\"><br><br>";
    }
    echo "<b>"._REVIEW.":</b><br>
    <textarea name=\"text\" rows=\"15\" wrap=\"virtual\" cols=\"60\"></textarea><br>";
    if (is_admin($admin)) {
 echo "<font class=\"content\">"._PAGEBREAK."</font><br>";
    }
    echo "
    <i>"._CHECKREVIEW."</i><br><br>
    <b>"._YOURNAME.":</b><br>";
    if (is_user($user)) {
        $result = $db->sql_query("select name, user_email from ".$user_prefix."_users where username='$cookie[1]'");
        list($rname, $email) = $db->sql_fetchrow($result);
        $rname = stripslashes(check_html($rname, "nohtml"));
        $email = stripslashes(check_html($email, "nohtml"));
 }
 echo "<input type=\"text\" name=\"reviewer\" size=\"41\" maxlength=\"40\" value=\"$rname\"><br>
     <i>"._FULLNAMEREQ."</i><br><br>
     <b>"._REMAIL.":</b><br>
     <input type=\"text\" name=\"email\" size=\"40\" maxlength=\"80\" value=\"$email\"><br>
     <i>"._REMAILREQ."</i><br><br>
     <b>"._SCORE."</b><br>
     <select name=\"score\">
     <option name=\"score\" value=\"10\">10</option>
     <option name=\"score\" value=\"9\">9</option>
     <option name=\"score\" value=\"8\">8</option>
     <option name=\"score\" value=\"7\">7</option>
     <option name=\"score\" value=\"6\">6</option>
     <option name=\"score\" value=\"5\">5</option>
     <option name=\"score\" value=\"4\">4</option>
     <option name=\"score\" value=\"3\">3</option>
     <option name=\"score\" value=\"2\">2</option>
     <option name=\"score\" value=\"1\">1</option>
     <option name=\"score\" value=\"0\">0</option>
     </select>
     <i>"._SELECTSCORE."</i><br><br>
     <b>"._RELATEDLINK.":</b><br>
     <input type=\"text\" name=\"url\" size=\"40\" maxlength=\"100\" value=\"<A href="http://\"><br">http://\"><br>
     <i>"._PRODUCTSITE."</i><br><br>
     <b>"._LINKTITLE.":</b><br>
     <input type=\"text\" name=\"url_title\" size=\"40\" maxlength=\"50\"><br>
     <i>"._LINKTITLEREQ."</i><br><br>
 ";
    if(is_admin($admin)) {
  echo "<b>"._RIMAGEFILE.":</b><br>
   <input type=\"text\" name=\"cover\" size=\"40\" maxlength=\"100\"><br>
   <i>"._RIMAGEFILEREQ."</i><br><br>
  ";
    }
    echo "<i>"._CHECKINFO."</i><br><br>
     <input type=\"hidden\" name=\"rop\" value=\"preview_review\">
     <input type=\"submit\" value=\""._PREVIEW."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._CANCEL."\"></form>
    ";
    CloseTable();
  } else {   
  $pagetitle = "- "._ACCESSDENIED."";
  title("$sitename: "._ACCESSDENIED."");
  OpenTable();
  echo "<center><b>"._RESTRICTEDAREA."</b><br><br>"
      .""._MODULEUSERS."";    
  echo "<br><br>"._GOBACK."";
  CloseTable();
 }
}
function preview_review($date, $title, $text, $reviewer, $email, $score, $cover, $url, $url_title, $hits, $id, $rlanguage, $category) {
    global $admin, $db, $multilingual, $module_name, $prefix;
    if (eregi("<!--pagebreak-->", $text)) {
  $text = ereg_replace("<!--pagebreak-->","&lt;!--pagebreak--&gt;",$text);
    }
    $title = stripslashes(check_html($title, "nohtml"));
    $text = stripslashes(check_html($text, ""));
    $category = intval($category);
    $reviewer = stripslashes(check_html($reviewer, "nohtml"));
    $url_title = stripslashes(check_html($url_title, "nohtml"));
    $email = stripslashes(check_html($email, "nohtml"));
    $score = intval($score);
    $cover = stripslashes(check_html($cover, "nohtml"));
    $url = stripslashes(check_html($url, "nohtml"));
    $url_title = stripslashes(check_html($url_title, "nohtml"));
    $hits = intval($hits);
    $id = intval($id);
    OpenTable();
    echo "<form method=\"post\" action=\"modules.php?name=$module_name\">";
    if ($title == "") {
     $error = 1;
 echo ""._INVALIDTITLE."<br>";
    }
    if ($text == "") {
     $error = 1;
 echo ""._INVALIDTEXT."<br>";
    }
    if (($score < 0) || ($score > 10)) {
 $error = 1;
 echo ""._INVALIDSCORE."<br>";
    }
    if (($hits < 0) && ($id != 0)) {
 $error = 1;
 echo ""._INVALIDHITS."<br>";
    }
    if ($reviewer == "" || $email == "") {
 $error = 1;
 echo ""._CHECKNAME."<br>";
    } else if ($reviewer != "" && $email != "")
 if (!(eregi("^[0-9a-z]([-_.]?[0-9a-z])*@[0-9a-z]([-.]?[0-9a-z])*\\.[a-z]{2,3}$",$email))) {
     $error = 1;
     /* eregi checks for a valid email! works nicely for me! */
     echo ""._INVALIDEMAIL."<br>";
 }
 if (($url_title != "" && $url =="") || ($url_title == "" && $url != "")) {
     $error = 1;
     echo ""._INVALIDLINK."<br>";
 } else if (($url != "") && (!(eregi('(^http[s]*:[/]+)(.*)', $url))))
     $url = "http://" . $url;
     /* If the user ommited the http, this nifty eregi will add it */
 if ($error == 1)
     echo "<br>"._GOBACK."";
 else
 {
 if ($date == "")
     $date = date("Y-m-d", time());
     $year2 = substr($date,0,4);
     $month = substr($date,5,2);
     $day = substr($date,8,2);
     $fdate = date("F jS Y",mktime (0,0,0,$month,$day,$year2));
         echo "<table border=\"0\" width=\"100%\"><tr><td colspan=\"2\">";
     echo "<p><font class=\"title\"><i><b>$title</b></i></font><br>";
     echo "<blockquote><p>";
     if ($cover != "")
      echo "<img src=\"images/reviews/$cover\" align=\"right\" border=\"1\" vspace=\"2\" alt=\"\">";
     echo "$text<p>";
  $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories WHERE id='".intval($category)."'"));
     echo "<b>Category</b> ".$row["name"]."<br>";     
     echo "<b>"._ADDED."</b> $fdate<br>";
     if ($multilingual == 1) {
  echo "<b>"._LANGUAGE."</b> $rlanguage<br>";
     }
     echo "<b>"._REVIEWER."</b> <a href=\"<A href="mailto:$email\">$reviewer</a><br">mailto:$email\">$reviewer</a><br>";
     echo "<b>"._SCORE."</b> ";
     display_score($score);
     if ($url != "")
  echo "<br><b>"._RELATEDLINK.":</b> <a href=\"$url\" target=\"new\">$url_title</a>";
      $id = intval($id);
     if ($id != 0) {
  echo "<br><b>"._REVIEWID.":</b> $id<br>";
  echo "<b>"._HITS.":</b> $hits<br>";
     }
     echo "</font></blockquote>";
     echo "</td></tr></table>";
     $text = urlencode($text);
     echo "<p><i>"._LOOKSRIGHT."</i> ";
     echo "<input type=\"hidden\" name=\"id\" value=$id>
    <input type=\"hidden\" name=\"hits\" value=\"$hits\">
    <input type=\"hidden\" name=\"rop\" value=send_review>
    <input type=\"hidden\" name=\"date\" value=\"$date\">
    <input type=\"hidden\" name=\"title\" value=\"$title\">
    <input type=\"hidden\" name=\"text\" value=\"$text\">
    <input type=\"hidden\" name=\"category\" value=\"$category\">
    <input type=\"hidden\" name=\"reviewer\" value=\"$reviewer\">
    <input type=\"hidden\" name=\"email\" value=\"$email\">
    <input type=\"hidden\" name=\"score\" value=\"$score\">
    <input type=\"hidden\" name=\"url\" value=\"$url\">
    <input type=\"hidden\" name=\"url_title\" value=\"$url_title\">
    <input type=\"hidden\" name=\"cover\" value=\"$cover\">";
    echo "<input type=\"hidden\" name=\"rlanguage\" value=\"$rlanguage\">";
  echo "<input type=\"submit\" name=\"rop\" value=\""._YES."\"> <input type=\"button\" onClick=\"history.go(-1)\" value=\""._NO."\">";
      $id = intval($id);
     if($id != 0)
      $word = ""._RMODIFIED."";
     else
      $word = ""._RADDED."";
     if(is_admin($admin))
      echo "<br><br><b>"._NOTE."</b> "._ADMINLOGGED." $word.";
 }
    CloseTable();
}
function send_review($date, $title, $text, $reviewer, $email, $score, $cover, $url, $url_title, $hits, $id, $rlanguage, $category) {
    global $admin, $EditedMessage, $prefix, $db, $module_name;
    if (eregi("<!--pagebreak-->", $text)) {
 $text = ereg_replace("<!--pagebreak-->","&lt;!--pagebreak--&gt;;",$text);
    }
    $id = intval($id);
    $title = stripslashes(FixQuotes(check_html($title, "nohtml")));
    $text = htmlspecialchars(stripslashes(Fixquotes(urldecode(check_html($text, "")))));
    $category = intval($category);
    $reviewer = stripslashes(check_html($reviewer, "nohtml"));
    $url_title = stripslashes(check_html($url_title, "nohtml"));
    $email = stripslashes(check_html($email, "nohtml"));
    $score = intval($score);
    $cover = stripslashes(check_html($cover, "nohtml"));
    $url = stripslashes(check_html($url, "nohtml"));
    $url_title = stripslashes(check_html($url_title, "nohtml"));
    $hits = intval($hits);
    if (eregi("&lt;!--pagebreak--&gt;", $text)) {
 $text = ereg_replace("&lt;!--pagebreak--&gt;","<!--pagebreak-->",$text);
    }
    OpenTable();
    echo "<br><center>"._RTHANKS."";
 $id = intval($id);
    if ($id != 0)
 echo " "._MODIFICATION."";
    else
 echo ", $reviewer";
    echo "!<br>";
    if ($score < 0 OR $score > 10) {
     $score = 0;
    }
    if ((is_admin($admin)) && ($id == 0)) {
 $db->sql_query("INSERT INTO ".$prefix."_jreviews VALUES (NULL, '$date', '$title', '$text', '$category', '$reviewer', '$email', '$score', '$cover', '$url', '$url_title', '1', '$rlanguage', '$score', '1')");
 echo ""._ISAVAILABLE."";
    } else if ((is_admin($admin)) && ($id != 0)) {
 $db->sql_query("UPDATE ".$prefix."_jreviews SET date='$date', title='$title', text='$text', category='$category', reviewer='$reviewer', email='$email', score='$score', cover='$cover', url='$url', url_title='$url_title', hits='$hits', rlanguage='$rlanguage', rating='$score' where id = '$id'");
 fix_rating($id);
 echo ""._ISAVAILABLE."";
    } else {
 $db->sql_query("INSERT INTO ".$prefix."_jreviews_add VALUES (NULL, '$date', '$title', '$text', '$category', '$reviewer', '$email', '$score', '$url', '$url_title', '$rlanguage', '$score')");
 echo ""._EDITORWILLLOOK."";
    }
    echo "<br><br>[ <a href=\"modules.php?name=$module_name\">"._RBACK."</a> ]<br></center>";
    CloseTable();
}
function reviews_index() {
 global $bgcolor3, $bgcolor2, $prefix, $multilingual, $currentlang, $db, $module_name, $id;
    if ($multilingual == 1) {
    $querylang = "WHERE rlanguage='$currentlang'";
    } else {
    $querylang = "";
    }
    OpenTable();
    echo "<table border=\"0\" width=\"95%\" CELLPADDING=\"2\" CELLSPACING=\"4\" align=\"center\">
    <tr><td colspan=\"2\"><center><font class=\"title\">"._RWELCOME."</font></center><br>";
    $result = $db->sql_query("select title, description from ".$prefix."_jreviews_main");
    list($title, $description) = $db->sql_fetchrow($result);
 $title = stripslashes(check_html($title, "nohtml"));
 $description = stripslashes($description);
    echo "<center><b>$title</b><br>$description</center>";
    echo "<br>";
    category_index(intval($id));
    echo "</td></tr>";
    echo "<tr><td width=\"50%\" bgcolor=\"$bgcolor2\"><b>"._10MOSTRATED."</b></td>";
    echo "<td width=\"50%\" bgcolor=\"$bgcolor2\"><b>"._10MOSTREC."</b></td></tr>";
 
 echo '<tr><td width="50%" bgcolor="'.$bgcolor3.'" valign="top">';
   $result_rec = $db->sql_query("SELECT * FROM ".$prefix."_jreviews $querylang ORDER BY rating DESC, totalvotes DESC, hits DESC limit 10");
    $y = 1;
 while ($myrow1 = $db->sql_fetchrow($result_rec)) {
  $id = intval($myrow1['id']);
  $title = stripslashes(check_html($myrow1['title'], "nohtml"));
  $hits = intval($myrow1['hits']);
  echo $y.') <a href="modules.php?name='.$module_name.'&amp;rop=showcontent&amp;id='.$id.'">'.$title.'</a> - ['._RATING11.$myrow1["rating"].']<br />';
  $y++;
}
    echo '</td>';
 echo '<td width="50%" bgcolor="'.$bgcolor3.'" valign="top">';
   $result_rec = $db->sql_query("SELECT * FROM ".$prefix."_jreviews $querylang order by date DESC limit 10");
    $y = 1;
 
 while ($myrow2 = $db->sql_fetchrow($result_rec)) {
  $id = intval($myrow2['id']);
  $title = stripslashes(check_html($myrow2['title'], "nohtml"));
  $hits = intval($myrow2['hits']);
  echo $y.') <a href="modules.php?name='.$module_name.'&amp;rop=showcontent&amp;id='.$id.'">'.$title.'</a> - ['.$myrow2["date"].']<br />';
  $y++;
}
    echo '</td></tr>';
    echo "<tr><td colspan=\"2\"><br></td></tr>";
    $result2 = $db->sql_query("SELECT * FROM ".$prefix."_jreviews $querylang");
    $numresults = $db->sql_numrows($result2);
    echo "<tr><td colspan=\"2\"><center>"._THEREARE." $numresults "._REVIEWSINDB."</center></td></tr></table>";
    CloseTable();
}
function reviews($id, $order, $field) {
    global $bgcolor4, $sitename, $prefix, $multilingual, $currentlang, $db, $module_name;
    if ($multilingual == 1) {
    $querylang = "AND rlanguage='$currentlang'";
    } else {
    $querylang = "";
    }
    $numcat = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories WHERE parent = '".intval($id)."'"));
    $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories WHERE id='".intval($id)."'"));
//    if ($numcat<>0) {
//     OpenTable();
//     echo '<center>Category: <a href="modules.php?name='.$module_name.'"><b>Main</b></a>/<a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.$row["id"].'"><b>'.$row["name"].'</b></a>';
//     echo 'Category: '.breadcrb($id);
//     CloseTable();
// }
    OpenTable();
    echo '<center><font class="title">'._CATEGORY.':</font> ';
    breadcrb($id);
    echo '</center>';
    CloseTable();
  if ($numcat<>0) {
     category_index($id);
    }
    OpenTable();
    echo '<center><b>'.$sitename.' - '._REVIEWS.' in category '.$row["name"].'</b><br>';
    switch ($field) {
 case "reviewer":
 $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE category=".intval($id)." $querylang ORDER by reviewer $order");
 break;
/*
 case "score":
 $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE category=".intval($id)." $querylang ORDER by score $order");
 break;
*/
 case "rating":
 $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE category=".intval($id)." $querylang ORDER by rating $order");
 break;
 case "hits":
 $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE category=".intval($id)." $querylang ORDER by hits $order");
 break;
 default:
 $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE category=".intval($id)." $querylang ORDER by title $order");
 break;
    }
    $numresults = $db->sql_numrows($result);
    if ($numresults == 0) {
 echo '<i><b>'._NOREVIEWS.'</b></i><br>';
    } elseif ($numresults > 0) {
 echo '<table border="0" width="100%" cellpadding="2" cellspacing="4">
  <tr>
  <td width="50%" bgcolor="'.$bgcolor4.'">
  <p align="left"><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=title&amp;order=ASC"><img src="images/up.gif" border="0" width="15" height="9" alt="'._SORTASC.'"></a><b>'._PRODUCTTITLE.'</b><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=title&amp;order=DESC"><img src="images/down.gif" border="0" width="15" height="9" alt="'._SORTDESC.'"></a>
  </td>
  <td width="18%" bgcolor="'.$bgcolor4.'">
  <p align="center"><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=reviewer&amp;order=ASC"><img src="images/up.gif" border="0" width="15" height="9" alt="'._SORTASC.'"></a><b>'._REVIEWER.'</b><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=reviewer&amp;order=desc"><img src="images/down.gif" border="0" width="15" height="9" alt="'._SORTDESC.'"></a>
  </td>
  <td width="22%" bgcolor="'.$bgcolor4.'">
  <p align="center"><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=rating&amp;order=ASC"><img src="images/up.gif" border="0" width="15" height="9" alt="'._SORTASC.'"></a><b>'._SCORE.'</b><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=rating&amp;order=DESC"><img src="images/down.gif" border="0" width="15" height="9" alt="'._SORTDESC.'"></a>
  </td>
  <td width="10%" bgcolor="'.$bgcolor4.'">
  <p align="center"><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=hits&amp;order=ASC"><img src="images/up.gif" border="0" width="15" height="9" alt="'._SORTASC.'"></a><b>'._HITS.'</b><a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($id).'&amp;field=hits&amp;order=DESC"><img src="images/down.gif" border="0" width="15" height="9" alt="'._SORTDESC.'"></a>
  </td>
  </tr>';
 while($myrow = $db->sql_fetchrow($result)) {
     $title = stripslashes(check_html($myrow["title"], "nohtml"));
     $id = intval($myrow['id']);
        $reviewer = stripslashes($myrow['reviewer']);
        $email = stripslashes($myrow['email']);
     $score = intval($myrow['score']);
     $hits = intval($myrow['hits']);
     $rating = floatval($myrow['rating']);
     $time = $myrow["date"];
     echo '<tr>
      <td width="50%" bgcolor="#EEEEEE"><a href="modules.php?name='.$module_name.'&amp;rop=showcontent&amp;id='.$id.'">'.$title.'</a>';
      newreviewgraphic($time);
      echo '</td>
      <td width="18%" bgcolor="#EEEEEE">';
     if ($reviewer != "")
  echo '<center>'.$reviewer.'</center>';
     echo '</td><td width="22%" bgcolor="#EEEEEE"><center>';
     //display_score($score);
     echo '<b>'.$rating.'</b>';
     echo '</center></td><td width="10%" bgcolor="#EEEEEE"><center>'.$hits.'</center></td>
    </tr>';
 }
 echo '</table>
 <br>'.$numresults._TOTALREVIEWS.'<br><br>';
    }
    CloseTable();
}
function postcomment($id, $title) {
    global $db, $prefix, $user, $cookie, $AllowableHTML, $anonymous, $module_name, $sitename;
    cookiedecode($user);
    $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_config"));
    $anonpost=intval($row["anonpost"]);
    if (is_user($user) || $anonpost==1) {
    $title = stripslashes(FixQuotes(check_html($title, nohtml)));
    $title = htmlspecialchars(urldecode($title));
    OpenTable();
    echo "<center><font class=option><b>"._REVIEWCOMMENT." $title</b><br><br></font></center>"
 ."<form action=modules.php?name=$module_name method=post>";
    if (!is_user($user)) {
 echo "<b>"._YOURNICK."</b> $anonymous [ "._RCREATEACCOUNT." ]<br><br>";
 $uname = $anonymous;
    } else {
 echo "<b>"._YOURNICK."</b> $cookie[1]<br>
 <input type=checkbox name=xanonpost> "._POSTANON."<br><br>";
 $uname = $cookie[1];
    }
    echo "
    <input type=hidden name=uname value=$uname>
    <input type=hidden name=id value=$id>
    <b>"._SELECTSCORE."</b>
    <select name=score>
    <option name=score value=10>10</option>
    <option name=score value=9>9</option>
    <option name=score value=8>8</option>
    <option name=score value=7>7</option>
    <option name=score value=6>6</option>
    <option name=score value=5>5</option>
    <option name=score value=4>4</option>
    <option name=score value=3>3</option>
    <option name=score value=2>2</option>
    <option name=score value=1>1</option>
    </select><br><br>
    <b>"._YOURCOMMENT."</b><br>
    <textarea name=comments rows=10 cols=70></textarea><br>
    "._ALLOWEDHTML."<br>";
    while (list($key,)= each($AllowableHTML)) echo " &lt;".$key."&gt;";
    echo "<br><br>
    <input type=hidden name=rop value=savecomment>
    <input type=submit value=Submit>
    </form>
    ";
    CloseTable();
    } else {   
  $pagetitle = "- "._ACCESSDENIED."";
  title("$sitename: "._ACCESSDENIED."");
  OpenTable();
  echo "<center><b>"._RESTRICTEDAREA."</b><br><br>"
      .""._MODULEUSERS."";    
  echo "<br><br>"._GOBACK."";
  CloseTable();
 }
}
function update_rating($id, $score) {
global $db, $prefix;
$row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE id='".$id."'"));
$numcomm = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews_comments WHERE rid='".$id."'"));
$sum=$row["score"]+$score;
$sql = "SELECT * FROM ".$prefix."_jreviews_comments WHERE rid='".$id."'";
$result = $db->sql_query($sql);
while ($row1 = $db->sql_fetchrow($result)) {
 $sum=$sum+$row1["score"];
}
$newrating = $sum/($numcomm+2);
$newrating=round($newrating, 3);
$db->sql_query("UPDATE ".$prefix."_jreviews SET rating = '".$newrating."' WHERE id='".$id."'");
$db->sql_query("UPDATE ".$prefix."_jreviews SET totalvotes=totalvotes+1 WHERE id='".$id."'");
}
function savecomment($xanonpost, $uname, $id, $score, $comments) {
    global $anonymous, $user, $cookie, $prefix, $db, $module_name;
    if ($xanonpost) {
 $uname = $anonymous;
    }
    $comments = stripslashes(FixQuotes(check_html($comments)));
    $id = intval($id);
    $score = intval($score);
    update_rating($id, $score);
    $db->sql_query("insert into ".$prefix."_jreviews_comments values (NULL, '$id', '$uname', now(), '$comments', '$score')");
    update_points(12);
    Header("Location: modules.php?name=$module_name&rop=showcontent&id=$id");
}
function r_comments($id, $title) {
    global $admin, $prefix, $db, $module_name;
    $id = intval($id);
    $result = $db->sql_query("SELECT cid, userid, date, comments, score from ".$prefix."_jreviews_comments where rid='$id' ORDER BY date DESC");
    while ($row = $db->sql_fetchrow($result)) {
 $cid = intval($row['cid']);
 $uname = stripslashes($row['userid']);
 $date = $row['date'];
 $comments = stripslashes($row['comments']);
 $score = intval($row['score']);
 OpenTable();
 $title = htmlspecialchars(urldecode(check_html($title, "nohtml")));
 echo "
 <b>$title</b><br>";
 if ($uname == "Anonymous") {
     echo ""._POSTEDBY." $uname "._ON." $date<br>";
 } else {
     echo ""._POSTEDBY." <a href=\"modules.php?name=Your_Account&amp;op=userinfo&amp;username=$uname\">$uname</a> "._ON." $date<br>";
 }
 echo ""._MYSCORE." ";
 display_score($score);
 if (is_admin($admin)) {
     echo "<br><b>"._ADMIN."</b> [ <a href=\"modules.php?name=$module_name&rop=del_comment&amp;cid=$cid&amp;id=$id\">"._DELETE."</a> ]</font><hr noshade size=1><br><br>";
 } else {
     echo "</font><hr noshade size=1><br><br>";
 }
 $comments = FixQuotes(nl2br(filter_text($comments)));
 echo "
 $comments
 ";
 CloseTable();
 echo "<br>";
    }
}
function showcontent($id, $page) {
    global $admin, $uimages, $prefix, $db, $module_name;
    $id = intval($id);
    $page = intval($page);
    OpenTable();
    if (($page == 1) OR ($page == "")) {
 $db->sql_query("UPDATE ".$prefix."_jreviews SET hits=hits+1 WHERE id='$id'");
    }
    $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE id='$id'");
    $myrow = $db->sql_fetchrow($result);
    $id = intval($myrow['id']);
    $date = $myrow['date'];
    $year = substr($date,0,4);
    $month = substr($date,5,2);
    $day = substr($date,8,2);
    $fdate = date("F jS Y",mktime (0,0,0,$month,$day,$year));
    $title = $myrow['title'];
    $title = stripslashes(FixQuotes(check_html($title, nohtml)));
    $text = $myrow['text'];
    $category = $myrow["category"];
    $cover = $myrow['cover'];
    $reviewer = $myrow['reviewer'];
    $email = $myrow['email'];
    $hits = intval($myrow['hits']);
    $url = $myrow['url'];
    $url_title = $myrow['url_title'];
    $score = intval($myrow['score']);
    $rating = $myrow["rating"];
    $rlanguage = $myrow['rlanguage'];
  $rating = $myrow["rating"];   
 $totalvotes = intval($myrow["totalvotes"]);
 if ($totalvotes == 1) {
  $votestring = _VOTE;
 } else {
  $votestring = _VOTES;
 }
    $contentpages = explode( "<!--pagebreak-->", $text );
    $pageno = count($contentpages);
    if ( $page=="" || $page < 1 )
 $page = 1;
    if ( $page > $pageno )
 $page = $pageno;
    $arrayelement = (int)$page;
    $arrayelement --;
    echo "<p><i><b><font class=\"title\">$title</b></i></font><br>";
    echo "<BLOCKQUOTE><p align=justify>";
    if ($cover != "")
    echo "<img src=\"images/reviews/$cover\" align=right border=1 vspace=2 alt=\"\">";
    echo "$contentpages[$arrayelement]
    </BLOCKQUOTE><p>";
    if (is_admin($admin))
  echo "<b>"._ADMIN."</b> [ <a href=\"modules.php?name=$module_name&rop=mod_review&amp;id=$id\">"._EDIT."</a> | <a href=modules.php?name=$module_name&rop=del_review&amp;id_del=$id>"._DELETE."</a> ]<br>";
    echo "<b>"._ADDED."</b> $fdate<br>";
 $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories WHERE id='".intval($category)."'"));   
 echo '<b>Category:</b> <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.$row["id"].'">'.$row["name"].'</a><br>';
    if ($reviewer != "")
 echo "<b>"._REVIEWER."</b> <a href=mailto:$email>$reviewer</a><br>";
 echo "<b>"._SCORE."</b> ";
    display_score($score);
 echo '<br /><b>'._ALLSCORE.'</b>: '.$rating.' ('.$totalvotes.' '.$votestring.')';    
    if ($url != "")
  echo "<br><b>"._RELATEDLINK.":</b> <a href=\"$url\" target=new>$url_title</a>";
 echo '<br />';
    if ($radminsuper == 1) {
     echo '<a href="modules.php?name='.$module_name.'&amp;rop=mod_review&amp;id='.$id.'">'._EDIT.'</a> | ';
    }
    $title = htmlspecialchars(urldecode($title));
 echo '<a href="modules.php?name='.$module_name.'&amp;rop=postcomment&amp;id='.$id.'&amp;title='.$title.'"><b>'._RATECOMMENT.'</b></a>';
    echo "<br><b>"._HITS.":</b> $hits";
    echo "<br><b>"._LANGUAGE.":</b> $rlanguage";
    if ($pageno > 1) {
 echo "<br><b>"._PAGE.":</b> $page/$pageno<br>";
    }
    echo "</font>";
    echo "</CENTER>";
    $title = urlencode($title);
    if($page >= $pageno) {
   $next_page = "";
    } else {
 $next_pagenumber = $page + 1;
 if ($page != 1) {
     $next_page .= "<img src=\"images/blackpixel.gif\" width=\"10\" height=\"2\" border=\"0\" alt=\"\"> &nbsp;&nbsp; ";
 }
 $next_page .= "<a href=\"modules.php?name=$module_name&rop=showcontent&amp;id=$id&amp;page=$next_pagenumber\">"._NEXT." ($next_pagenumber/$pageno)</a> <a href=\"modules.php?name=$module_name&rop=showcontent&amp;id=$id&amp;page=$next_pagenumber\"><img src=\"images/right.gif\" border=\"0\" alt=\""._NEXT."\"></a>";
    }
    if($page <= 1) {
 $previous_page = "";
    } else {
 $previous_pagenumber = $page - 1;
 $previous_page = "<a href=\"modules.php?name=$module_name&rop=showcontent&amp;id=$id&amp;page=$previous_pagenumber\"><img src=\"images/left.gif\" border=\"0\" alt=\""._PREVIOUS."\"></a> <a href=\"modules.php?name=$module_name&rop=showcontent&amp;id=$id&amp;page=$previous_pagenumber\">"._PREVIOUS." ($previous_pagenumber/$pageno)</a>";
    }
    echo "<center>"
 ."$previous_page &nbsp;&nbsp; $next_page<br><br>"
 ."[ <a href=\"modules.php?name=$module_name\">"._RBACK."</a> | "
 ."<a href=\"modules.php?name=$module_name&rop=postcomment&amp;id=$id&amp;title=$title\">"._REPLYMAIN."</a> ]";
    CloseTable();
    if (($page == 1) OR ($page == "")) {
 echo "<br>";
 r_comments($id, $title);
    }
}
function mod_review($id) {
 global $admin, $prefix, $db, $module_name;
 $id = intval($id);
 OpenTable();
 if (($id == 0) || (!is_admin($admin)))
     echo "This function must be passed argument id, or you are not admin.";
 else if (($id != 0) && (is_admin($admin)))
 {
    $result = $db->sql_query("SELECT * from ".$prefix."_jreviews where id = '$id'");
    while ($myrow = $db->sql_fetchrow($result)) {
   $id = intval($myrow['id']);
   $date = $myrow['date'];
   $title = $myrow['title'];
            $title = stripslashes(FixQuotes(check_html($title, nohtml)));
            $text = stripslashes($myrow['text']);
            $category = intval($myrow["category"]);
            $cover = stripslashes($myrow['cover']);
            $reviewer = stripslashes($myrow['reviewer']);
            $email = stripslashes($myrow['email']);
            $score = intval($myrow["score"]);
            $hits = intval($myrow['hits']);
            $url = stripslashes($myrow['url']);
            $url_title = stripslashes(check_html($myrow['url_title'], "nohtml"));
   $rlanguage = $myrow['rlanguage'];
  }
  echo "<center><b>"._REVIEWMOD."</b></center><br><br>";
  echo "<form method=POST action=modules.php?name=$module_name&rop=preview_review><input type=hidden name=id value=$id>";
  echo "<TABLE BORDER=0 width=100%>
   <tr>
    <td width=12%><b>"._RDATE."</b></td>
    <td><INPUT TYPE=text NAME=date SIZE=15 VALUE=\"$date\" MAXLENGTH=10></td>
   </tr>
   <tr>
    <td width=12%><b>"._RTITLE."</b></td>
    <td><INPUT TYPE=text NAME=title SIZE=50 MAXLENGTH=150 value=\"$title\"></td>
   </tr>
   <tr>
    <td width=12%><b>Category</b></td>
    <td><select name=\"category\">";
$sql = "SELECT * FROM ".$prefix."_jreviews_categories ORDER BY name ASC";
$result = $db->sql_query($sql);
while ($row = $db->sql_fetchrow($result)) {
 if ($row["id"]==$category) {
  echo '<option value="'.$row["id"].'" selected>'.$row["name"].'</option>';
 } else {
  echo '<option value="'.$row["id"].'">'.$row["name"].'</option>';
 }
}
echo "</select>
    </td>
   </tr>
   <tr>";
  echo "<td width=12%><b>"._LANGUAGE."</b></td>
    <td><select name=\"rlanguage\">";
       $handle=opendir('language');
        while ($file = readdir($handle)) {
     if (preg_match("/^lang\-(.+)\.php/", $file, $matches)) {
                $langFound = $matches[1];
                $languageslist .= "$langFound ";
            }
        }
        closedir($handle);
        $languageslist = explode(" ", $languageslist);
        for ($i=0; $i < sizeof($languageslist); $i++) {
     if($languageslist[$i]!="") {
         echo "<option value=\"$languageslist[$i]\" ";
      if($languageslist[$i]==$rlanguage) echo "selected";
      echo ">$languageslist[$i]</option>\n";
     }
       }
     echo "</select></td></tr>";
  echo "<tr>
    <td width=12%><b>"._RTEXT."</b></td>
    <td><TEXTAREA class=textbox name=text rows=20 wrap=virtual cols=60>$text</TEXTAREA></td>
   </tr>
   <tr>
    <td width=12%><b>"._REVIEWER."</b></td>
    <td><INPUT TYPE=text NAME=reviewer SIZE=41 MAXLENGTH=40 value=\"$reviewer\"></td>
   </tr>
   <tr>
    <td width=12%><b>"._REVEMAIL."</b></td>
    <td><INPUT TYPE=text NAME=email value=\"$email\" SIZE=30 MAXLENGTH=80></td>
   </tr>
   <tr>
    <td width=12%><b>"._SCORE."</b></td>
    <td><INPUT TYPE=text NAME=score value=\"$score\" size=3 maxlength=2></td>
   </tr>
   <tr>
    <td width=12%><b>"._RLINK."</b></td>
    <td><INPUT TYPE=text NAME=url value=\"$url\" size=30 maxlength=100></td>
   </tr>
   <tr>
    <td width=12%><b>"._RLINKTITLE."</b></td>
    <td><INPUT TYPE=text NAME=url_title value=\"$url_title\" size=30 maxlength=50></td>
   </tr>
   <tr>
    <td width=12%><b>"._COVERIMAGE."</b></td>
    <td><INPUT TYPE=text NAME=cover value=\"$cover\" size=30 maxlength=100></td>
   </tr>
   <tr>
    <td width=12%><b>"._HITS.":</b></td>
    <td><INPUT TYPE=text NAME=hits value=\"$hits\" size=5 maxlength=5></td>
   </tr>
  </TABLE>";
  echo "<input type=hidden name=rop value=preview_review><input type=submit value=\""._PREMODS."\">&nbsp;&nbsp;<input type=button onClick=history.go(-1) value="._CANCEL."></form>";
 }
 CloseTable();
}
function del_review($id_del) {
    global $admin, $prefix, $db, $module_name;
    $id_del = intval($id_del);
    if (is_admin($admin)) {
     $db->sql_query("DELETE FROM ".$prefix."_jreviews WHERE id = '$id_del'");
 $db->sql_query("DELETE FROM ".$prefix."_jreviews_comments WHERE rid='$id_del'");
 Header("Location: modules.php?name=$module_name");
    } else {
     echo "ACCESS DENIED";
    }
}
function fix_rating($id) {
global $db, $prefix;
$row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE id='".$id."'"));
$numcomm = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews_comments WHERE rid='".$id."'"));
if ($numcomm==0) {
 $newrating = $row["score"];
} else {
 $sum=$row["score"];
 $sql = "SELECT * FROM ".$prefix."_jreviews_comments WHERE rid='".$id."'";
 $result = $db->sql_query($sql);
 while ($row1 = $db->sql_fetchrow($result)) {
  $sum=$sum+$row1["score"];
 }
 $newrating = $sum/($numcomm+1);
 $newrating=round($newrating, 3);
}
$db->sql_query("UPDATE ".$prefix."_jreviews SET rating = '".$newrating."' WHERE id='".$id."'");
$newvotes=$numcomm+1;
$db->sql_query("UPDATE ".$prefix."_jreviews SET totalvotes = '".$newvotes."' WHERE id='".$id."'");
}
function del_comment($cid, $id) {
    global $admin, $prefix, $db, $module_name;
    $cid = intval($cid);
    if (is_admin($admin)) {
        $db->sql_query("delete from ".$prefix."_jreviews_comments where cid='$cid'");
        fix_rating($id);
        Header("Location: modules.php?name=$module_name&rop=showcontent&id=$id");
    } else {
        echo "ACCESS DENIED";
    }
}
function menu() {
    global $module_name, $rop;
    $ThemeSel = get_theme();
    if (file_exists("themes/$ThemeSel/images/jreview-logo.gif")) {
 echo '<br><center><a href="modules.php?name='.$module_name.'"><img src="themes/'.$ThemeSel.'/images/jreview-logo.gif" border="0" alt=""></a><br><br>';
    } else {
 echo '<br><center><a href="modules.php?name='.$module_name.'"><img src="modules/'.$module_name.'/images/jreview-logo.gif" border="0" alt=""></a><br><br>';
    }
    echo '<form action="modules.php?name='.$module_name.'&amp;rop=search&amp;query='.$query.'" method="post">
    <font class="content"><input type="text" size="25" name="query"> <input type="submit" value="'._SEARCH.'"></font>
    </form>';
    echo '<font class="content">[ ';
    if (!isset($rop) || $rop=='categ' || $rop=='search' || $rop=='TopRated' || $rop=='showcontent' || $rop=='preview_review' || $rop=='MostPopular' || $rop=='write_review' || $rop=='NewReviews' || $rop=='NewReviewsDate') {
  echo '<a href="modules.php?name='.$module_name.'">'._REVIEWINDEX.'</a> | ';
    }
    echo '<a href="modules.php?name='.$module_name.'&amp;rop=write_review">'._WRITEREVIEW.'</a>'
 .' | <a href="modules.php?name='.$module_name.'&amp;rop=NewReviews">'._NEW.'</a>'
 .' | <a href="modules.php?name='.$module_name.'&amp;rop=MostPopular">'._POPULAR.'</a>'
 .' | <a href="modules.php?name='.$module_name.'&amp;rop=TopRated">'._TOPRATED.'</a>'
 .' | <a href="modules.php?name='.$module_name.'&amp;rop=RandomReview">'._RANDOM.'</a> ]'
 .'</font></center>';
}
function convertorderbyin($orderby) {
    if ($orderby == "titleA") $orderby = "title ASC";
    if ($orderby == "dateA") $orderby = "date ASC";
    if ($orderby == "hitsA") $orderby = "hits ASC";
    if ($orderby == "ratingA") $orderby = "rating ASC";
    if ($orderby == "titleD") $orderby = "title DESC";
    if ($orderby == "dateD") $orderby = "date DESC";
    if ($orderby == "hitsD") $orderby = "hits DESC";
    if ($orderby == "ratingD") $orderby = "rating DESC";
    return $orderby;
}
function convertorderbytrans($orderby) {
    if ($orderby == "hits ASC")   $orderbyTrans = ""._POPULARITY1."";
    if ($orderby == "hits DESC")  $orderbyTrans = ""._POPULARITY2."";
    if ($orderby == "title ASC")  $orderbyTrans = ""._TITLEAZ."";
    if ($orderby == "title DESC")  $orderbyTrans = ""._TITLEZA."";
    if ($orderby == "date ASC")   $orderbyTrans = ""._DATE1."";
    if ($orderby == "date DESC")  $orderbyTrans = ""._DATE2."";
    if ($orderby == "rating ASC") $orderbyTrans = ""._RATING1."";
    if ($orderby == "rating DESC") $orderbyTrans = ""._RATING2."";
    return $orderbyTrans;
}
function convertorderbyout($orderby) {
    if ($orderby == "title ASC")  $orderby = "titleA";
    if ($orderby == "date ASC")   $orderby = "dateA";
    if ($orderby == "hits ASC")   $orderby = "hitsA";
    if ($orderby == "rating ASC") $orderby = "ratingA";
    if ($orderby == "title DESC")  $orderby = "titleD";
    if ($orderby == "date DESC")  $orderby = "dateD";
    if ($orderby == "hits DESC")  $orderby = "hitsD";
    if ($orderby == "rating DESC") $orderby = "ratingD";
    return $orderby;
}
function search($query, $min, $orderby, $show) {
    global $prefix, $db, $admin, $bgcolor2, $module_name;
// $admin = base64_decode($admin);
// $admin = addslashes($admin);
// $admin = explode(":", $admin);
// $aid = "$admin[0]";
 $aid =   stripslashes(FixQuotes(check_html($admin[0], nohtml)));
 $row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper FROM ".$prefix."_authors WHERE aid='$aid'"));
 $radminsuper = intval($row['radminsuper']);
    $reviewsresults = 10;
    if (!isset($min)) $min=0;
    if (!isset($max)) $max=$min+$reviewsresults;
    if(isset($orderby)) {
 $orderby = convertorderbyin($orderby);
    } else {
 $orderby = "title ASC";
    }
    if ($show!="") {
 $reviewsresults = $show;
    } else {
 $show=$reviewsresults;
    }
 $query = check_html($query, "nohtml");
    $query = addslashes($query);
    $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE title LIKE '%$query%' OR text LIKE '%$query%' ORDER BY $orderby LIMIT $min, $reviewsresults");
    $fullcountresult = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE title LIKE '%$query%' OR text LIKE '%$query%'");
    $totalselectedlinks = $db->sql_numrows($fullcountresult);
    $nrows = $db->sql_numrows($result);
    $x=0;
    $the_query = stripslashes($query);
    $the_query = str_replace("\'", "'", $the_query);
    echo "<br>";
    OpenTable();
    if ($query <> '') {
     if ($nrows>0) {
  echo "<font class=\"option\">"._SEARCHRESULTS4.": <b>$the_query</b></font><br><br>"
      ."<table width=\"100%\" bgcolor=\"$bgcolor2\"><tr><td><font class=\"option\"><b>"._USUBCATEGORIES."</b></font></td></tr></table>";
         $result2 = $db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories where title LIKE '%$query%' ORDER BY name DESC");
         while ($row2 = $db->sql_fetchrow($result2)) {
         $rid = intval($row2['id']);
         $stitle = stripslashes(check_html($row2['title'], "nohtml"));
         $res = $db->sql_query("SELECT * from ".$prefix."_jreviews where cid='$cid'");
         $numrows = $db->sql_numrows($res);
             $row3 = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories where id='$rid'"));
             $rid3 = intval($row3['id']);
             $title3 = stripslashes(check_html($row3['title'], "nohtml"));
             $parentid3 = intval($row3['parentid']);
      if ($parentid3>0) $title3 = getparent($parentid3,$title3);
      $title3 = ereg_replace($query, "<b>$query</b>", $title3);
      echo "<strong><big></big></strong>&nbsp;<a href=\"modules.php?name=$module_name&amp;rop=viewlink&amp;cid=$cid\">$title3</a> ($numrows)<br>";
  }
 echo "<br><table width=\"100%\" bgcolor=\"$bgcolor2\"><tr><td><font class=\"option\"><b>"._REVIEWS."</b></font></td></tr></table>";
     $orderbyTrans = convertorderbytrans($orderby);
     echo "<br><font class=\"content\">"._SORTREVIEWSBY.": "
         .""._TITLE." (<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=titleA\">A</a>\<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=titleD\">D</a>)"
         ." "._DATE." (<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=dateA\">A</a>\<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=dateD\">D</a>)"
         ." "._RATING." (<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=ratingA\">A</a>\<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=ratingD\">D</a>)"
         ." "._POPULARITY." (<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=hitsA\">A</a>\<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;orderby=hitsD\">D</a>)"
         ."<br>"._REVIEWSSORTED.": $orderbyTrans<br><br>";
     while($row = $db->sql_fetchrow($result)) {
                $rid = intval($row['id']);
                $cid = intval($row['category']);
                $sid = intval($row['sid']);
                $title = stripslashes(check_html($row['title'], "nohtml"));
                $url = stripslashes($row['url']);
                $description = stripslashes($row['text']);
                $time = $row['date'];
                $hits = intval($row['hits']);
    $rating = $row["rating"];
    $totalvotes = intval($row["totalvotes"]);
     $transfertitle = str_replace (" ", "_", $title);
     $title = ereg_replace($query, "<b>$query</b>", $title);
     echo '<a href="modules.php?name='.$module_name.'&amp;rop=showcontent&id='.$rid.'" target="_self">'.$title.'</a>';
     newreviewgraphic($time);
      popgraphic($hits);
     echo "<br>";
     $description = ereg_replace($query, "<b>$query</b>", $description);
     echo ""._DESCRIPTION.": $description<br>";
  setlocale (LC_TIME, $locale);
     $datetime=explode('-', $time);
     $datetime = strftime(_REVIEWSDATESTRING, mktime(0, 0, 0,$datetime[1],$datetime[2],$datetime[0]));
     $datetime = ucfirst($datetime);
     echo _ADDEDON.': '.$datetime.'<br />'._HITS.': '.$hits.'<br />';
       if ($rate["num_votes"] == 1) {
      $votestring = _VOTE;
       } else {
      $votestring = _VOTES;
  }
 echo _RATING.': <b>'.$rating.'</b> ('.$totalvotes.' '.$votestring.')<br />';
    if ($radminsuper == 1) {
     echo '<a href="modules.php?name='.$module_name.'&amp;rop=mod_review&amp;id='.$rid.'">'._EDIT.'</a> | ';
    }
    $title = stripslashes(FixQuotes(check_html($title, nohtml)));
    $title = htmlspecialchars(urldecode($title));
 echo '<a href="modules.php?name='.$module_name.'&amp;rop=postcomment&amp;id='.$rid.'&amp;title='.$title.'">'._RATECOMMENT.'</a>';
     echo "<br>";
  $row4 = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories where id='".$cid."'"));
  $cattitle = stripslashes(check_html($row4['name'], "nohtml"));
  echo _CATEGORY.': <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($row4["id"]).'">'.$cattitle.'</a><br><br>';       $x++;
 }
 echo "</font>";
     $orderby = convertorderbyout($orderby);
    } else {
 echo "<br><br><center><font class=\"option\"><b>"._NOMATCHES."</b></font><br><br>"._GOBACK."<br></center>";
    }
    /* Calculates how many pages exist.  Which page one should be on, etc... */
    $linkpagesint = ($totalselectedlinks / $reviewsresults);
    $linkpageremainder = ($totalselectedlinks % $reviewsresults);
    if ($linkpageremainder != 0) {
     $linkpages = ceil($linkpagesint);
        if ($totalselectedlinks < $reviewsresults) {
         $linkpageremainder = 0;
 }
    } else {
     $linkpages = $linkpagesint;
    }
    /* Page Numbering */
    if ($linkpages!=1 && $linkpages!=0) {
 echo "<br><br>"
     .""._SELECTPAGE.": ";
 $prev=$min-$reviewsresults;
 if ($prev>=0) {
         echo "&nbsp;&nbsp;<b>[ <a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;min=$prev&amp;orderby=$orderby&amp;show=$show\">"
      ." &lt;&lt; "._PREVIOUS."</a> ]</b> ";
       }
 $counter = 1;
        $currentpage = ($max / $reviewsresults);
        while ($counter<=$linkpages ) {
         $cpage = $counter;
            $mintemp = ($perpage * $counter) - $reviewsresults;
            if ($counter == $currentpage) {
  echo "<b>$counter</b>&nbsp;";
     } else {
  echo "<a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;min=$mintemp&amp;orderby=$orderby&amp;show=$show\">$counter</a> ";
     }
            $counter++;
        }
        $next=$min+$reviewsresults;
        if ($x>=$perpage) {
         echo "&nbsp;&nbsp;<b>[ <a href=\"modules.php?name=$module_name&amp;rop=search&amp;query=$the_query&amp;min=$max&amp;orderby=$orderby&amp;show=$show\">"
      ." "._NEXT." &gt;&gt;</a> ]</b>";
        }
    }
    echo "<br><br><center><font class=\"content\">"
 .""._TRY2SEARCH." \"<b><i>$the_query</i></b>\" "._INOTHERSENGINES."<br>"
 ."<a target=\"_blank\" href=\"<A href="http://www.altavista.com/cgi-bin/query?pg=q&amp;sc=on&amp;hl=on&amp;act=2006&amp;par=0&amp;q=$the_query&amp;kl=XX&amp;stype=stext\">Alta">http://www.altavista.com/cgi-bin/query?pg=q&amp;sc=on&amp;hl=on&amp;act=2006&amp;par=0&amp;q=$the_query&amp;kl=XX&amp;stype=stext\">Alta Vista</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.hotbot.com/?MT=$the_query&amp;DU=days&amp;SW=web\">HotBot</a">http://www.hotbot.com/?MT=$the_query&amp;DU=days&amp;SW=web\">HotBot</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.infoseek.com/Titles?qt=$the_query\">Infoseek</a">http://www.infoseek.com/Titles?qt=$the_query\">Infoseek</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.dejanews.com/dnquery.xp?QRY=$the_query\">Deja">http://www.dejanews.com/dnquery.xp?QRY=$the_query\">Deja News</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.lycos.com/cgi-bin/pursuit?query=$the_query&amp;maxhits=20\">Lycos</a">http://www.lycos.com/cgi-bin/pursuit?query=$the_query&amp;maxhits=20\">Lycos</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://search.yahoo.com/bin/search?p=$the_query\">Yahoo</a">http://search.yahoo.com/bin/search?p=$the_query\">Yahoo</a>"
 ."<br>"
 ."<a target=\"_blank\" href=\"<A href="http://es.linuxstart.com/cgi-bin/sqlsearch.cgi?pos=1&amp;query=$the_query&amp;language=&amp;advanced=&amp;urlonly=&amp;withid=\">LinuxStart</a">http://es.linuxstart.com/cgi-bin/sqlsearch.cgi?pos=1&amp;query=$the_query&amp;language=&amp;advanced=&amp;urlonly=&amp;withid=\">LinuxStart</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://search.1stlinuxsearch.com/compass?scope=$the_query&amp;ui=sr\">1stLinuxSearch</a">http://search.1stlinuxsearch.com/compass?scope=$the_query&amp;ui=sr\">1stLinuxSearch</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.google.com/search?q=$the_query\">Google</a">http://www.google.com/search?q=$the_query\">Google</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.linuxlinks.com/cgi-bin/search.cgi?query=$the_query&amp;engine=Links\">LinuxLinks</a">http://www.linuxlinks.com/cgi-bin/search.cgi?query=$the_query&amp;engine=Links\">LinuxLinks</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.freshmeat.net/search/?q=$the_query&amp;section=projects\">Freshmeat</a">http://www.freshmeat.net/search/?q=$the_query&amp;section=projects\">Freshmeat</a> - "
 ."<a target=\"_blank\" href=\"<A href="http://www.justlinux.com/bin/search.pl?key=$the_query\">JustLinux</a">http://www.justlinux.com/bin/search.pl?key=$the_query\">JustLinux</a>"
 ."</font>";
    } else {
 echo "<center><font class=\"option\"><b>"._NOMATCHES."</b></font></center><br><br>";
    }
    CloseTable();
}
function NewReviews($newreviewshowdays) {
    global $prefix, $db, $module_name;
    if (!isset($newreviewshowdays)) {
 $newreviewshowdays = 7;
    }
    echo '<br>';
    OpenTable();
    echo '<center><font class="option"><b>'._NEWREVIEWS.'</b></font></center><br>';
    $counter = 0;
    $allweekreviews = 0;
    while ($counter <= 7-1){
 $newreviewdayRaw = (time()-(86400 * $counter));
 $newreviewday = date("d-M-Y", $newreviewdayRaw);
 $newreviewView = date("F d, Y", $newreviewdayRaw);
 $newreviewDB = Date("Y-m-d", $newreviewdayRaw);
 $totalreviews = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE date LIKE '%$newreviewDB%'"));
 $counter++;
 $allweekreviews = $allweekreviews + $totalreviews;
    }
    $counter = 0;
    while ($counter <=30-1){
        $newreviewdayRaw = (time()-(86400 * $counter));
        $newreviewDB = Date("Y-m-d", $newreviewdayRaw);
        $totalreviews = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE date LIKE '%$newreviewDB%'"));
        $allmonthlinks = $allmonthlinks + $totalreviews;
        $counter++;
    }
    echo '<center><b>'._TOTALNEWREVIEWS.':</b> '._LASTWEEK.' - '. $allweekreviews .' '._LAST30DAYS.' - '.$allmonthlinks.'<br>'
 ._SHOW.': <a href="modules.php?name='.$module_name.'&amp;rop=NewReviews&amp;newreviewshowdays=7">'._1WEEK.'</a> - <a href="modules.php?name='.$module_name.'&amp;rop=NewReviews&amp;newreviewshowdays=14">'._2WEEKS.'</a> - <a href="modules.php?name='.$module_name.'&amp;rop=NewReviews&amp;newreviewshowdays=30">'._30DAYS.'</a>
 </center><br>';
    echo '<br><center><b>'._TOTALFORLAST. $newreviewshowdays.' '._DAYS.':</b><br />';
    $counter = 0;
    $allweekreviews = 0;
    while ($counter <= $newreviewshowdays-1) {
 $newreviewdayRaw = (time()-(86400 * $counter));
 $newreviewday = date("d-M-Y", $newreviewdayRaw);
 $newreviewView = date("F d, Y", $newreviewdayRaw);
 $newreviewDB = Date("Y-m-d", $newreviewdayRaw);
        $totalreviews = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE date LIKE '%$newreviewDB%'"));
 $counter++;
 $allweekreviews = $allweekreviews + $totalreviews;
 echo '<strong><big>&middot;</big></strong> <a href="modules.php?name='.$module_name.'&amp;rop=NewReviewsDate&amp;selectdate='.$newreviewdayRaw.'">'.$newreviewView.'</a>&nbsp;('.$totalreviews.')<br>';
    }
    $counter = 0;
    $allmonthlinks = 0;
    echo '</center>';
    CloseTable();
}
 
function categorynewreviewgraphic($cat) {
    global $prefix, $db, $module_name;
    $cat = intval(trim($cat));
    $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE category='".$cat."' ORDER BY date DESC LIMIT 0,1"));
    if ($row["title"]<>'') {
    $time = $row['date'];
    echo "&nbsp;";
    setlocale (LC_TIME, $locale);
    $datetime = explode('-', $time);
    $datetime = strftime(_REVIEWSDATESTRING, mktime(0, 0, 0, $datetime[1], $datetime[2], $datetime[0]));
    $datetime = ucfirst($datetime);
    $startdate = time();
    $count = 0;
    while ($count <= 7) {
 $daysold = date("d-M-Y", $startdate);
        if ("$daysold" == "$datetime") {
         if ($count<=1) {
  echo '<img src="modules/'.$module_name.'/images/newred.gif" alt="'._CATNEWTODAY.'">';
     }
            if ($count<=3 && $count>1) {
  echo '<img src="modules/'.$module_name.'/images/newgreen.gif" alt="'._CATLAST3DAYS.'">';
     }
            if ($count<=7 && $count>3) {
  echo '<img src="modules/'.$module_name.'/images/newblue.gif" alt="'._CATTHISWEEK.'">';
     }
 }
        $count++;
        $startdate = (time()-(86400 * $count));
    }
 
  }
}
 
function newreviewgraphic($time) {
    global $module_name;
    echo "&nbsp;";
    setlocale (LC_TIME, $locale);
    $datetime=explode('-', $time);
    $datetime = strftime(_REVIEWSDATESTRING, mktime(0, 0, 0,$datetime[1],$datetime[2],$datetime[0]));
    $datetime = ucfirst($datetime);
    $startdate = time();
    $count = 0;
    while ($count <= 7) {
 $daysold = date("d-M-Y", $startdate);
        if ("$daysold" == "$datetime") {
         if ($count<=1) {
  echo '<img src="modules/'.$module_name.'/images/newred.gif" alt="'._NEWTODAY.'">';
     }
            if ($count<=3 && $count>1) {
  echo '<img src="modules/'.$module_name.'/images/newgreen.gif" alt="'._NEWLAST3DAYS.'">';
     }
            if ($count<=7 && $count>3) {
  echo '<img src="modules/'.$module_name.'/images/newblue.gif" alt="'._NEWTHISWEEK.'">';
     }
 }
        $count++;
        $startdate = (time()-(86400 * $count));
    }
}
function popgraphic($hits) {
    global $module_name;
 $popular=5000;
    if ($hits>=$popular) {
  echo '&nbsp;<img src="modules/'.$module_name.'/images/pop.gif" alt="'._POPULAR.'">';
    }
}
function getparent($parentid,$title) {
    global $prefix, $db;
    $parentid = intval($parentid);
    $row = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_review_categories WHERE id='$parentid'"));
    $cid = intval($row['id']);
    $ptitle = stripslashes(check_html($row['title'], "nohtml"));
    $pparentid = intval($row['parentid']);
    if ($ptitle=="$title") $title=$title;
    elseif ($ptitle!="") $title=$ptitle."/".$title;
    if ($pparentid!=0) {
  $title=getparent($pparentid,$ptitle);
    }
    return $title;
}
function NewReviewsDate($selectdate) {
    global $prefix, $db, $module_name, $admin, $user, $admin_file;
//    $admin = base64_decode($admin);
//    $admin = addslashes($admin);
//    $admin = explode(":", $admin);
//    $aid = "$admin[0]";
 $aid =   stripslashes(FixQuotes(check_html($admin[0], nohtml)));
 $row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper from ".$prefix."_authors where aid='$aid'"));
 $radminsuper = intval($row['radminsuper']);
    $dateDB = (date("d-M-Y", $selectdate));
    $dateView = (date("F d, Y", $selectdate));
    echo "<br>";
    OpenTable();
    $newreviewDB = Date("Y-m-d", $selectdate);
    $totalreviews = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE date LIKE '%$newreviewDB%'"));
    echo '<font class="option"><b>'.$dateView.' - '.$totalreviews.' '._NEWREVIEWS.'</b></font>
 <table width="100%" cellspacing="0" cellpadding="10" border="0"><tr><td><font class="content">';
    $result2 = $db->sql_query("SELECT * FROM ".$prefix."_jreviews WHERE date LIKE '%$newreviewDB%' order by title ASC");
    while ($row2 = $db->sql_fetchrow($result2)) {
 $rid = intval($row2['id']);
 $cid = intval($row2['category']);
 $sid = intval($row2['sid']);
 $title = stripslashes(check_html($row2['title'], "nohtml"));
 $description = stripslashes($row2['text']);
 $time = $row2['date'];
 $hits = intval($row2['hits']);
 $rating=$row2["rating"];
 $totalvotes = $row2["totalvotes"];
        echo '<a href="modules.php?name='.$module_name.'&amp;rop=showcontent&amp;id='.$rid.'" target="_self">'.$title.'</a>';
 newreviewgraphic($time);
 popgraphic($hits);
 echo '<br>'._DESCRIPTION.': '.$description.'<br>';
 
 setlocale (LC_TIME, $locale);
    $datetime=explode('-', $time);
    $datetime = strftime(_REVIEWSDATESTRING, mktime(0, 0, 0,$datetime[1],$datetime[2],$datetime[0]));
    $datetime = ucfirst($datetime);
 echo _ADDEDON.': '.$datetime.'<br />'._HITS.': '.$hits.'<br />';
    $transfertitle = str_replace (" ", "_", $title);
        /* voting & comments stats */
        if ($totalvotes == 1) {
     $votestring = _VOTE;
        } else {
     $votestring = _VOTES;
 }
 echo _RATING.': <b>'.$rating.'</b> ('.$totalvotes.' '.$votestring.')<br />';
 if ($radminsuper == 1) {
  echo '<a href="modules.php?name='.$module_name.'&amp;rop=mod_review&amp;id='.$rid.'">'._EDIT.'</a> | ';
 }
  $title = stripslashes(FixQuotes(check_html($title, nohtml)));
    $title = htmlspecialchars(urldecode($title));
 echo '<a href="modules.php?name='.$module_name.'&amp;rop=postcomment&amp;id='.$rid.'&amp;title='.$title.'">'._RATECOMMENT.'</a><br>';
 $row3 = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories where id='".$cid."'"));
 $cattitle=$row3["name"];
 echo _CATEGORY.': <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($row3["id"]).'">'.$cattitle.'</a><br><br>';
    }
    echo '</font></td></tr></table>';
    CloseTable();
}
function MostPopular($ratenum, $ratetype) {
    global $prefix, $db, $admin, $module_name, $user, $admin_file;
 
    $mostpopreviews = 25;
    $mostpopreviewspercentrigger = 0;
 
// $admin = base64_decode($admin);
// $admin = addslashes($admin);
// $admin = explode(":", $admin);
//    $aid = "$admin[0]";
 $aid =   stripslashes(FixQuotes(check_html($admin[0], nohtml)));
    $row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper from ".$prefix."_authors where aid='$aid'"));
 $radminsuper = intval($row['radminsuper']);
    echo "<br>";
    OpenTable();
    echo '<table border="0" width="100%"><tr><td align="center">';
    if ($ratenum != "" && $ratetype != "") {
     $mostpopreviews = $ratenum;
     if ($ratetype == "percent") $mostpopreviewspercentrigger = 1;
    }
    if ($mostpopreviewspercentrigger == 1) {
     $topreviewspercent = $mostpopreviews;
     $result2 = $db->sql_query("SELECT * from ".$prefix."_jreviews");
     $totalmostpopreviews = $db->sql_numrows($result2);
     $mostpopreviews = $mostpopreviews / 100;
     $mostpopreviews = $totalmostpopreviews * $mostpopreviews;
     $mostpopreviews = round($mostpopreviews);
    }
    if ($mostpopreviewspercentrigger == 1) {
 echo '<center><font class="option"><b>'._MOSTPOPULAR.' '.$topreviewspercent.'% ('._OFALL.' '.$totalmostpopreviews.' '._REVS.')</b></font></center>';
    } else {
 echo '<center><font class="option"><b>'._MOSTPOPULAR.' '.$mostpopreviews.'</b></font></center>';
    }
    echo '<tr><td><center>'._SHOWTOP.': [ <a href="modules.php?name='.$module_name.'&amp;rop=MostPopular&amp;ratenum=10&amp;ratetype=num">10</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=MostPopular&amp;ratenum=25&amp;ratetype=num">25</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=MostPopular&amp;ratenum=50&amp;ratetype=num">50</a> | 
<a href="modules.php?name='.$module_name.'&amp;rop=MostPopular&amp;ratenum=1&amp;ratetype=percent">1%</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=MostPopular&amp;ratenum=5&amp;ratetype=percent">5%</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=MostPopular&amp;ratenum=10&amp;ratetype=percent">10%</a> ]</center><br><br></td></tr>';
    $result3 = $db->sql_query("SELECT * FROM ".$prefix."_jreviews order by hits DESC limit 0,$mostpopreviews");
    echo "<tr><td>";
    while($row3 = $db->sql_fetchrow($result3)) {
 $rid = intval($row3['id']);
 $cid = intval($row3['category']);
 $sid = intval($row3['sid']);
 $title = stripslashes(check_html($row3['title'], "nohtml"));
 $description = stripslashes($row3['text']);
 $time = $row3['date'];
 $hits = intval($row3['hits']);
 $rating = $row3["rating"];
 $totalvotes = $row["totalvotes"];
        echo '<font class="content"><a href="modules.php?name='.$module_name.'&amp;rop=showcontent&amp;id='.$rid.'" target="_self"><b>'.$title.'</b></a>';
 newreviewgraphic($time);
 popgraphic($hits);
 echo "<br>";
 echo '<b>'._DESCRIPTION.'</b>: '.$description.'<br>';
 setlocale (LC_TIME, $locale);
    $datetime=explode('-', $time);
    $datetime = strftime(_REVIEWSDATESTRING, mktime(0, 0, 0,$datetime[1],$datetime[2],$datetime[0]));
    $datetime = ucfirst($datetime);
 echo _ADDEDON.': '.$datetime.'<br />'._HITS.': '.$hits.'<br />';
 $transfertitle = str_replace (" ", "_", $title);
 /* voting & comments stats */
        if ($totalvotes == 1) {
     $votestring = _VOTE;
        } else {
     $votestring = _VOTES;
 }
 echo _RATING.': <b>'.$rating.'</b> ('.$totalvotes.' '.$votestring.')<br />';
    if ($radminsuper == 1) {
     echo '<a href="modules.php?name='.$module_name.'&amp;rop=mod_review&amp;id='.$rid.'">'._EDIT.'</a> | ';
    }
    $title = stripslashes(FixQuotes(check_html($title, nohtml)));
    $title = htmlspecialchars(urldecode($title));
 echo '<a href="modules.php?name='.$module_name.'&amp;rop=postcomment&amp;id='.$rid.'&amp;title='.$title.'">'._RATECOMMENT.'</a><br>';
 $row4 = $db->sql_fetchrow($db->sql_query("SELECT * from ".$prefix."_jreviews_categories WHERE id='".$cid."'"));
 $cattitle = stripslashes(check_html($row4['name'], "nohtml"));
 echo _CATEGORY.': <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($row4["id"]).'">'.$cattitle.'</a><br><br>';
 echo "</font>";
    }
    echo "</font></td></tr></table>";
    CloseTable();
}
function TopRated($ratenum, $ratetype) {
    global $prefix, $db, $admin, $module_name, $user;
 
 //$admin = base64_decode($admin);
 //$admin = addslashes($admin);
 //$admin = explode(":", $admin);
    //$aid = "$admin[0]";
    $aid =   stripslashes(FixQuotes(check_html($admin[0], nohtml)));
    $row = $db->sql_fetchrow($db->sql_query("SELECT radminsuper from ".$prefix."_authors where aid='$aid'"));
 $radminsuper = intval($row['radminsuper']);
 $topreviews = 25;
 $reviewvotemin = 5;
    echo "<br>";
    OpenTable();
    echo '<table border="0" width="100%"><tr><td align="center">';
    if ($ratenum != "" && $ratetype != "") {
     $topreviews = $ratenum;
     if ($ratetype == "percent") {
     $topreviewspercentrigger = 1;
 }
    }
    if ($topreviewspercentrigger == 1) {
     $topreviewspercent = $topreviews;
     $totalratedpreviews = $db->sql_numrows($db->sql_query("SELECT * FROM ".$prefix."_jreviews"));
     $topreviews = $topreviews / 100;
     $topreviews = $totalratedpreviews * $topreviews;
     $topreviews = round($topreviews);
    }
    if ($topreviewspercentrigger == 1) {
 echo '<center><font class="option"><b>'._BESTRATED.' '.$topreviewspercent.'% ('._OF.' '.$totalratedpreviews._TRATEDREVIEWS.')</b></font></center><br>';
    } else {
 echo '<center><font class="option"><b>'._BESTRATED.' '.$topreviews.'</b></font></center><br>';
    }
    echo '</td></tr>
 <tr><td><center>'._NOTE.' '.$reviewvotemin.' '._TVOTESREQ.'<br>'._SHOWTOP.':  [ <a href="modules.php?name='.$module_name.'&amp;rop=TopRated&amp;ratenum=10&amp;ratetype=num">10</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=TopRated&amp;ratenum=25&amp;ratetype=num">25</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=TopRated&amp;ratenum=50&amp;ratetype=num">50</a> | 
<a href="modules.php?name='.$module_name.'&amp;rop=TopRated&amp;ratenum=1&amp;ratetype=percent">1%</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=TopRated&amp;ratenum=5&amp;ratetype=percent">5%</a> - 
<a href="modules.php?name='.$module_name.'&amp;rop=TopRated&amp;ratenum=10&amp;ratetype=percent">10%</a> ]</center><br><br></td></tr>';
     $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews ORDER BY rating DESC, totalvotes DESC limit 0,$topreviews");
    echo "<tr><td>";
    while ($row = $db->sql_fetchrow($result)) {
 $rid = intval($row['id']);
 $cid = intval($row['category']);
 $sid = intval($row['sid']);
 $title = stripslashes(check_html($row['title'], "nohtml"));
 $description = stripslashes($row['text']);
 $time = $row['date'];
 $hits = intval($row['hits']);
 $rating = $row["rating"];
 $totalvotes = intval($row["totalvotes"]);
        echo '<a href="modules.php?name='.$module_name.'&amp;rop=showcontent&amp;id='.$rid.'" target="_self"><b>'.$title.'</b></a>';
 newreviewgraphic($time);
 popgraphic($hits);
 echo '<br><b>'._DESCRIPTION.'</b>: '.$description.'<br>';
 setlocale (LC_TIME, $locale);
    $datetime=explode('-', $time);
    $datetime = strftime(_REVIEWSDATESTRING, mktime(0, 0, 0,$datetime[1],$datetime[2],$datetime[0]));
    $datetime = ucfirst($datetime);
 echo '<b>'._ADDEDON.'</b>: '.$datetime.'<br /><b>'._HITS.'</b>: '.$hits.'<br />';
 $transfertitle = str_replace (" ", "_", $title);
 /* voting & comments stats */
 if ($totalvotes == 1) {
  $votestring = _VOTE;
 } else {
  $votestring = _VOTES;
 }
 echo '<b>'._RATING.'</b>: <b>'.$rating.'</b> ('.$totalvotes.' '.$votestring.')<br />';
    if ($radminsuper == 1) {
     echo '<a href="modules.php?name='.$module_name.'&amp;rop=mod_review&amp;id='.$rid.'">'._EDIT.'</a> | ';
    }
 echo '<a href="modules.php?name='.$module_name.'&amp;rop=postcomment&amp;id='.$rid.'&amp;title='.$transfertitle.'"><b>'._RATECOMMENT.'</b></a><br>';
 $row2 = $db->sql_fetchrow($db->sql_query("SELECT * FROM ".$prefix."_jreviews_categories WHERE id='".$cid."'"));
 $ctitle = $row2['name'];
 echo '<b>'._CATEGORY.'</b>: <a href="modules.php?name='.$module_name.'&amp;rop=categ&amp;id='.intval($row2["id"]).'">'.$ctitle.'</a><br><br>';
    }
    echo '</font></td></tr></table>';
    CloseTable();
}
function RandomReview() {
    global $prefix, $db, $module_name;;
    $result = $db->sql_query("SELECT * FROM ".$prefix."_jreviews");
    $numrows = $db->sql_numrows($result);
    if ($numrows == 1) {
  $random = 1;
    } else {
  srand((double)microtime()*1000000);
  $random = rand(1,$numrows);
  $random = intval($random);
    }
 $row2 = $db->sql_fetchrow($db->sql_query("SELECT * from ".$prefix."_jreviews WHERE id='".$random."'"));
 $url = 'modules.php?name='.$module_name.'&rop=showcontent&id='.intval($row2["id"]);
 $db->sql_query("update ".$prefix."_jreviews set hits=hits+1 where id='".$random."'");
    Header('Location: '.$url);
}
 
switch($rop) {
    case "RandomReview":
    RandomReview();
    break;
 
    case "TopRated":
    TopRated($ratenum, $ratetype);
    break;
 
 case "MostPopular":
 MostPopular($ratenum, $ratetype);
 break;
 
 case "NewReviewsDate":
 NewReviewsDate($selectdate);
 break;
 case "NewReviews":
 NewReviews($newreviewshowdays);
 break;
 case "categ":
 reviews($id, $order, $field);
 break;
 case "showcontent":
 showcontent($id, $page);
 break;
 case "write_review":
 write_review();
 break;
 case "preview_review":
 preview_review($date, $title, $text, $reviewer, $email, $score, $cover, $url, $url_title, $hits, $id, $rlanguage, $category);
 break;
 case ""._YES."":
 send_review($date, $title, $text, $reviewer, $email, $score, $cover, $url, $url_title, $hits, $id, $rlanguage, $category);
 break;
 case "del_review":
 del_review($id_del);
 break;
 case "mod_review":
 mod_review($id);
 break;
 case "postcomment":
 postcomment($id, $title);
 break;
 case "savecomment":
 savecomment($xanonpost, $uname, $id, $score, $comments);
 break;
 case "del_comment":
 del_comment($cid, $id);
 break;
 case "search":
    search($query, $min, $orderby, $show);
 break;
 default:
 reviews_index();
 break;
}
include("footer.php");
?>
any help is greatly apreciated
thanks
darren