<?php
    function comments($link, $table)
    {
        $i = 0;    
        echo '<div class="header">Member Comments</div>';
        echo '<div class="content">';
        $comments = mysqli_query_logged("SELECT * FROM " . $table . "_comments WHERE link_id = '" . $link . "' ORDER BY id DESC");
        if (mysqli_num_rows($comments))
        {
            while ($comments_row = mysqli_fetch_array($comments))
            {
                if ($i)
                {
                    echo '<div style="padding: 5px 0px 0px 0px;"></div>';
                }
                $username = get_username($comments_row['user_id']);
                echo '<table width="100%" border="0" cellspacing="0" cellpadding="0" style="font-size: 12px;"><tr>';
                echo '<td width="86" valign="top"><a href="?s=image&i=' . get_main_image_id($comments_row['user_id']) . '"><img src="?g=thumb&i=' . get_main_image_id($comments_row['user_id']) . '" align="left" style="border: solid 2px black; margin-right: 10px;" width="80" height="60" alt=""></a></td>';
                echo '<td valign="top">';
                echo '<a href="?s=profile&u=' . $username . '"><b>' . $username . '</b></a> said @ ' . nice_date($comments_row['posted_on']) . ($GLOBALS['auth']['root'] || $GLOBALS['auth']['id'] == $comments_row['user_id'] ? ' [ <a href="?a=comment_delete&i=' . $comments_row['id'] . '&link=' . $comments_row['link_id'] . '&table=' . $table . '&b=' . str_replace('&', '@', $_SERVER['QUERY_STRING']) . '">Delete</a> ]' : '');
                echo '<div style="margin: 4px 20px 4px 20px;">' . $comments_row['comment'] . '</div>';
                echo '</td></tr></table>';
                $i++;
            }
        }
        if ($GLOBALS['auth']['id'])
        {
            if ($comments_row = mysqli_fetch_assoc(mysqli_query_logged("SELECT * FROM " . $table . "_comments WHERE link_id = '" . $link . "' AND user_id = '" . $GLOBALS['auth']['id'] . "' ORDER BY id DESC")))
            {
                if ($i++)
                {
                    echo '<div style="padding: 5px 0px 0px 0px;"></div>';
                }
                echo '<form action="?a=comment_edit&i=' . $comments_row['id'] . '&b=' . str_replace('&', '@', $_SERVER['QUERY_STRING']) . '" method="post" style="margin: 0px; display: inline;">';
                echo '<input type="hidden" name="link" value="' . $link . '">';
                echo '<input type="hidden" name="table" value="' . $table . '">';
                echo '<textarea name="comment" style="width: 400px; height: 50px; border: solid 2px black; margin: 0px; padding: 3px;">' . htmlentities($comments_row['comment']) . '</textarea>';
                echo '<div style="padding: 5px 0px 0px 0px;"></div>';
                echo '<input type="submit" value="Modify Last Comment" style="border: solid 1px green; background: black; color: green;">';
                echo '</form>';
            }
            if ($i++)
            {
                echo '<div style="padding: 5px 0px 0px 0px;"></div>';
            }
            echo '<form action="?a=comment_add&b=' . str_replace('&', '@', $_SERVER['QUERY_STRING']) . '" method="post" style="margin: 0px; display: inline;">';
            echo '<input type="hidden" name="link" value="' . $link . '">';
            echo '<input type="hidden" name="table" value="' . $table . '">';
            echo '<textarea name="comment" style="width: 400px; height: 50px; border: solid 2px black; margin: 0px; padding: 3px;"></textarea>';
            echo '<div style="padding: 5px 0px 0px 0px;"></div>';
            echo '<input type="submit" value="Post New Comment" style="border: solid 1px green; background: black; color: green;">';
            echo '</form>';
        }
        elseif (!mysqli_num_rows($comments))
        {
            echo 'No member comments available...';
        }
        echo '</div>';
    }
?>