<?php
die;
} elseif (isset($admin_tmpl['comment_delete']) && $admin_tmpl['comment_delete'] && MN_LOGGED) {
?>
<form action="./mn-comments.php" method="post" id="comment-delete" class="item-delete">
<fieldset>
<?php
echo $lang['comm_q_really_delete'];
?>
<strong><?php
echo $var['author_name'];
?>
</strong>?
<div class="preview round"><?php
echo comment_format($var['comment_text']);
?>
</div>
<p>
<span class="warn"><img src="./stuff/img/icons/warning.png" alt="!" /> <?php
echo $lang['uni_no_go_back'];
?>
<img src="./stuff/img/icons/warning.png" alt="!" /></span>
<input type="hidden" name="action" value="delete" />
<input type="hidden" name="id" value="<?php
echo $var['comment_id'];
?>
" />
<input type="hidden" name="post" value="<?php
echo $var['post_id'];
?>
.star {color: crimson;}
.backlink {padding: 0 0 0 300px;}
.c {text-align: center;}
a {color: blue;}
a:hover {color: crimson;}
</style>
<title><?php
echo $conf['web_title'] . ' | ' . $lang['comm_comment_addition'];
?>
</title>
</head>
<body>
<?php
if (isset($_POST['preview']) && !empty($_POST['comment_text'])) {
echo '<div id="preview"><span id="simlegend">' . $lang['comm_preview'] . '</span>' . comment_format(check_comment_text($_POST['comment_text'])) . '</div>';
} else {
echo '<div class="info-red"><img src="./stuff/img/icons/exclamation.png" alt="" /> ' . $error_msg . '</div>';
}
?>
<form action="./mn-comments.php" method="post">
<fieldset>
<legend><?php
echo $lang['comm_comment_addition'];
?>
</legend>
<?php
$xfields_rows = '';
if (file_exists(MN_ROOT . $file['xfields'])) {
$xfields = get_unserialized_array('xfields');
/**
* Process CMS tags into HTML for comments.
*/
function cms_tag_trackbacks($tag_attr, $tag_default)
{
global $db, $row, $block, $Current_weblog, $Weblogs, $Paths;
if (strlen($Weblogs[$Current_weblog]['trackback_format']) > 1) {
$format = $Weblogs[$Current_weblog]['trackback_format'];
} else {
$format = "%anchor%<p><strong>%title%</strong><br />%excerpt%<br /><small>Sent on %date%, via %url%</small></p>";
}
// If %editlink% is not present, insert it right after %date%..
if (strpos($format, "%editlink%") == 0) {
$format = str_replace("%date%", "%date% %editlink%", $format);
}
$content_code = get_attr_value('content_code', $tag_attr);
$entrydate = $Weblogs[$Current_weblog]['fulldate_format'];
if ($content_code == "") {
$content_code = $row["code"];
}
$output = '<a id="track"></a>';
$last_trackback = "";
if (isset($db->entry['trackbacks']) && count($db->entry['trackbacks']) > 0) {
foreach ($db->entry['trackbacks'] as $count => $temp_row) {
/**
* this is a record we have to output in some form..
*/
$temp_row['url'] = strip_tags($temp_row['url']);
if (!ip_check_block($temp_row["ip"])) {
/**
* Make 'edit' and 'delete' links..
*/
$editlink = get_edittrackbacklink($db->entry['code'], $count);
/**
* make link achnor
*/
$anchor = "<a id=\"" . safe_string($temp_row["name"], TRUE) . "-" . format_date($temp_row["date"], "%ye%%month%%day%%hour24%%minute%") . "\"></a>";
/**
* substite all of the parameters into the comment, and add it to the output.
*/
$this_tag = $format;
$this_tag = str_replace("%count%", $count + 1, $this_tag);
$this_tag = str_replace("%even-odd%", $count % 2 ? 'even' : 'odd', $this_tag);
$this_tag = str_replace("%ip%", $temp_row["ip"], $this_tag);
$this_tag = str_replace("%date%", format_date($temp_row["date"], $entrydate), $this_tag);
$this_tag = str_replace("%excerpt%", comment_format($temp_row["excerpt"]), $this_tag);
$this_tag = str_replace("%title%", $temp_row["title"], $this_tag);
$url = '<a href="' . $temp_row["url"] . '">' . stripslashes($temp_row["name"]) . '</a>';
$this_tag = str_replace("%url%", $url, $this_tag);
$this_tag = str_replace("%anchor%", $anchor, $this_tag);
$this_tag = str_replace("%editlink%", $editlink, $this_tag);
$output .= $this_tag;
}
}
}
// make an array of strings with the notices to print
$text = array($Weblogs[$Current_weblog]['trackbacks_text_0'], $Weblogs[$Current_weblog]['trackbacks_text_1'], $Weblogs[$Current_weblog]['trackbacks_text_2']);
// $track_ind = sprintf("<p><b>%s:</b></p>", $text[min(2,count($db->entry['trackbacks']))]);
// $track_ind = str_replace("%num%", lang('numbers', count($db->entry['trackbacks'])), $track_ind);
// $track_ind = str_replace("%n%", count($db->entry['trackbacks']), $track_ind);
$output = $output;
return $output;
}
for ($j = 0; $j < $j_max; $j++) {
$c = get_values('comments', $comments[$j], false);
$cp = get_post_data($c['post_id']);
$c['timestamp'] = $c['timestamp'] + $conf['time_adj'] * 3600;
if (mb_strlen($cp['title']) > 16) {
$tooltip = ' title="' . $cp['title'] . '"';
$cp['title'] = mb_substr($cp['title'], 0, 15, 'utf-8') . '…';
} else {
$cp['title'];
$tooltip = '';
}
if (isset($widget_counts[1]) && $widget_counts[1] == 'new' && ($c['timestamp'] < $_SESSION['mn_last_login'] || empty($_SESSION['mn_last_login']))) {
continue;
} else {
$ua_info = get_useragent_info($c['user_agent']);
$comments_result .= '<tr id="c' . $c['comment_id'] . '"><td class="c_author"><a href="./?p=' . $c['post_id'] . '#c-' . $c['comment_id'] . '">#</a> <strong>' . $c['author_name'] . '</strong><br /> <span class="info hide comment_status"><a href="./?p=' . $c['post_id'] . '"' . $tooltip . '>' . $cp['title'] . '</a></span></td><td class="edit"><img src="./stuff/img/icons/information-gray.png" alt="" class="tooltip" title="<strong>' . $lang['uni_date'] . ':</strong> ' . date('d.m.Y H:i', $c['timestamp']) . '<br /><strong>' . $lang['comm_ip_address'] . ':</strong> ' . $c['ip_address'] . '<br /><strong>' . $lang['comm_host'] . ':</strong> ' . $c['host'] . '<br /><strong>' . $lang['comm_user_browser'] . ':</strong> ' . $ua_info['browser'] . '<br /><strong>' . $lang['comm_user_os'] . ':</strong> ' . $ua_info['os'] . '" /><p><a href="./mn-comments.php?action=edit&post=' . $c['post_id'] . '&id=' . $c['comment_id'] . '" class="tooltip" title="' . $lang['uni_edit'] . '"><img src="./stuff/img/icons/edit-gray.png" alt="" /></a></p></td><td class="edit"><a href="./mn-comments.php?action=reply&post=' . $c['post_id'] . '&id=' . $c['comment_id'] . '" class="fancy tooltip" title="' . $lang['comm_reply'] . '"><img src="./stuff/img/icons/reply-gray.png" alt="" /></a><p><a href="./mn-comments.php?a=m&s=0&f=' . $c['post_id'] . '&c=' . $c['comment_id'] . '&t=' . $_SESSION['mn_token'] . '&from=index" class="ajaxcall tooltip" title="' . $lang['uni_delete'] . '"><img src="./stuff/img/icons/cross-gray.png" alt="" /></a></p></td><td><div class="comment-text">' . comment_format($c['comment_text']) . '</div></td></tr>';
}
}
}
} else {
$posts_count = 0;
$posts_result = '<tr><td colspan="4" class="c"><em>' . $lang['index_msg_no_posts'] . '</em></td></tr>';
}
if (isset($widget_counts[1]) && $widget_counts[1] == 'new' && empty($comments_result)) {
$comments_result = '<tr><td colspan="5" class="c"><em>' . $lang['index_msg_no_new_comments'] . '</em></td></tr>';
} elseif (empty($comments_result)) {
$comments_result = '<tr><td colspan="5" class="c"><em>' . $lang['index_msg_no_comments'] . '</em></td></tr>';
}
if (empty($comments_count)) {
$comments_count = 0;
}
function add_comment_feeditem($item)
{
global $db, $rss_items, $atom_items, $Cfg, $Weblogs, $Current_weblog, $Allow_RSS, $Paths;
if (!siteurl_isset()) {
$weblog = $Paths['host'] . $Paths['pivot_url'];
} else {
$weblog = $Weblogs[$Current_weblog]['siteurl'];
}
$entry = $db->read_entry($item['code']);
$link = make_fileurl($item['uid'], "", "");
$title = $db->entry['title'];
$date = format_date($item['date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . rss_offset();
$description = htmlspecialchars(strip_tags($item['comment']));
$description = str_replace(" ", " ", $description);
$id = safe_string($item["name"], TRUE) . "-" . format_date($item["date"], "%ye%%month%%day%%hour24%%minute%");
$tag = str_replace("_", "", strtolower(safe_string($Cfg['sitename'], TRUE))) . "," . date("Y") . ":" . $id;
// make sure description is not too long..
if (isset($Weblogs[$Current_weblog]['rss_full']) && $Weblogs[$Current_weblog]['rss_full'] == 0) {
// don't put anything in the content.
$content = "";
} else {
// put the introduction and body in the content..
$content = str_replace(" ", " ", $introduction . $body);
}
if (isemail($item['email'])) {
$email = "\n<email>" . $item['email'] . "</email>";
} else {
$email = "";
}
if (isurl($item['url'])) {
if (strpos($item["url"], "ttp://") < 1) {
$item["url"] = "http://" . $item["url"];
}
$url = "\n<uri>" . $item['url'] . "</uri>";
} else {
$url = "";
}
$atom_item = '
<entry>
<title>%author% on %title%</title>
<link rel="alternate" type="text/html" href="%link%#%id%"/>
<updated>%date%</updated>
<published>%date%</published>
<id>tag:%tag%</id>
<summary type="text">%description%</summary>
<content type="html" xml:lang="%lang%" xml:base="%link%">
<![CDATA[
%content%
]]>
</content>
<author>
<name>%author%</name>%url%%email%
</author>
</entry>
';
$from = array("%title%", "%link%", "%id%", "%description%", "%content%", "%author%", "%guid%", "%date%", "%tag%", "%lang%", "%url%", "%email%");
$to = array(htmlspecialchars(strip_tags($entry['title'])), $link, $id, RelativeToAbsoluteURLS($description), trim(comment_format($item['comment'])), htmlspecialchars(unentify($item['name'])), $item['uid'] . "@" . $weblog, $date, $tag, snippet_lang(), $url, $email);
$atom_item = str_replace($from, $to, $atom_item);
$atom_items[$date] = $atom_item;
}
}
// if comment or name is missing, give a notice, and show the form again..
if (!isset($Pivot_Vars['vote']) && strlen($my_comment['name']) < 2) {
$Pivot_Vars['message'] = lang('comment', 'no_name');
unset($Pivot_Vars['post']);
$Pivot_Vars['preview'] = TRUE;
}
if (!isset($Pivot_Vars['vote']) && strlen($my_comment['comment']) < 3) {
$Pivot_Vars['message'] = lang('comment', 'no_comment');
unset($Pivot_Vars['post']);
$Pivot_Vars['preview'] = TRUE;
}
// check num of hyperlinks by loweblog.com
if (isset($Cfg['maxhrefs']) && $Cfg['maxhrefs'] > 0) {
$low_comment = strtolower($my_comment['comment']);
$low_comment_formatted = strtolower(comment_format($my_comment['comment']));
if (substr_count($low_comment, "href=") > $Cfg['maxhrefs'] || substr_count($low_comment_formatted, "href=") > $Cfg['maxhrefs']) {
$Pivot_Vars['message'] = lang('comment', 'too_many_hrefs');
unset($Pivot_Vars['post']);
$Pivot_Vars['preview'] = TRUE;
}
}
if (isset($Pivot_Vars['post'])) {
$db->set_entry($entry);
// switch to weblog's language (it might be changed in the meantime)
LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
$db->save_entry(FALSE);
// do not update the index.
//update the 'last comments' file
if (isset($my_comment)) {
if ($Cfg['moderate_comments'] != 1) {
function snippet_last_comments()
{
global $Cfg, $db, $Weblogs, $Current_weblog, $Paths;
if (isset($Weblogs[$Current_weblog]['lastcomm_format']) && strlen($Weblogs[$Current_weblog]['lastcomm_format']) > 2) {
$last_comments_format = $Weblogs[$Current_weblog]['lastcomm_format'];
} else {
$last_comments_format = "<a href='%url%' title='%date%' %popup%><b>%name%</b></a> (%title%): %comm%<br />";
}
if (isset($Weblogs[$Current_weblog]['lastcomm_length']) && $Weblogs[$Current_weblog]['lastcomm_length'] > 0) {
$last_comments_length = $Weblogs[$Current_weblog]['lastcomm_length'];
} else {
$last_comments_length = 100;
}
if (isset($Weblogs[$Current_weblog]['lastcomm_trim']) && $Weblogs[$Current_weblog]['lastcomm_trim'] > 0) {
$last_comments_trim = $Weblogs[$Current_weblog]['lastcomm_trim'];
} else {
$last_comments_trim = 16;
}
if (isset($Weblogs[$Current_weblog]['lastcomm_amount']) && $Weblogs[$Current_weblog]['lastcomm_amount'] > 0) {
$last_comments_count = $Weblogs[$Current_weblog]['lastcomm_amount'];
} else {
$last_comments_count = 10;
}
if (file_exists($Paths['pivot_path'] . "db/ser_lastcomm.php")) {
$file = array_reverse(load_serialize($Paths['pivot_path'] . "db/ser_lastcomm.php", true, true));
} else {
$file = array();
}
$cats = find_cats_in_weblog($Current_weblog);
$output = "";
$count = 0;
if (count($file) > 0) {
foreach ($file as $comment) {
// if it's in a category that published n the frontpage, and the user is not blocked, we display it.
if (count(array_intersect($comment['category'], $cats)) > 0 && !ip_check_block(trim($comment['ip'])) && $db->entry_exists($comment['code'])) {
$id = safe_string($comment["name"], TRUE) . "-" . format_date($comment["date"], "%ye%%month%%day%%hour24%%minute%");
$url = make_filelink($comment['code'], "", $id);
$comment['name'] = trimtext(stripslashes($comment['name']), $last_comments_trim);
$comment['title'] = trimtext(stripslashes($comment['title']), $last_comments_trim);
// Commenting out mywordwrap since it currently breaks textile commands (and maybe more).
// $comment['comment'] = mywordwrap($comment['comment'], 18, " ", 1);
$comment['comment'] = comment_format($comment["comment"]);
// Remove the [name:1] part in the 'last comments..
$comment['comment'] = preg_replace("/\\[(.*):([0-9]+)\\]/iU", '', $comment['comment']);
$comment['comment'] = trimtext(stripslashes($comment['comment']), $last_comments_length);
// $comment['comment'] = unentify($comment['comment']);
if ($Weblogs[$Current_weblog]['comment_pop'] == 1) {
$popup = sprintf("onclick=\"window.open('%s', 'popuplink', 'width=%s,height=%s,directories=no,location=no,scrollbars=yes,menubar=no,status=yes,toolbar=no,resizable=yes'); return false\"", $url, $Weblogs[$Current_weblog]['comment_width'], $Weblogs[$Current_weblog]['comment_height']);
} else {
$popup = "";
}
$thisline = $last_comments_format;
$thisline = str_replace("%name%", $comment['name'], $thisline);
$thisline = str_replace("%date%", $comment['date'], $thisline);
$thisline = str_replace("%title%", $comment['title'], $thisline);
$thisline = str_replace("%url%", $url, $thisline);
$thisline = str_replace("%popup%", $popup, $thisline);
$thisline = str_replace("%comm%", $comment['comment'], $thisline);
$thisline = format_date($comment["date"], $thisline);
$output .= "\n" . $thisline;
$count++;
if ($count >= $last_comments_count) {
return $output;
}
}
}
}
return $output;
}
function comment_tmpl($template, $url, $num)
{
global $comment, $dir, $conf, $lang, $mn_comm_users;
$tmpl_file = file_exists(MN_ROOT . $dir['templates'] . $template . '.html') ? file_get_contents(MN_ROOT . $dir['templates'] . $template . '.html') : file_get_contents(MN_ROOT . $dir['templates'] . DEFAULT_TMPL . '_12.html');
$target = $conf['comments_links_target'] ? ' target="_blank"' : '';
$rel = $conf['comments_links_nofollow'] ? ' rel="nofollow"' : '';
if (!empty($comment['author_id'])) {
$author = '<a href="' . $url . 'mn_user='******'author_id'] . '">' . $comment['author_name'] . '</a>';
$profile = '<a href="' . $url . 'mn_user='******'author_id'] . '">$1</a>';
} else {
$author = $comment['author_name'];
$profile = '';
}
$text = $comment['status'] == 3 ? '<em>*** ' . $lang['web_msg_comment_hidden'] . ' ***</em>' : comment_format($comment['comment_text']);
$email = !empty($comment['author_email']) ? '<a href="mailto:' . $comment['author_email'] . '">$1</a>' : '';
$www = !empty($comment['author_www']) ? '<a href="' . $comment['author_www'] . '"' . $target . $rel . '>$1</a>' : '';
if (isset($mn_comm_users[$comment['author_id']]['avatar']) && !empty($mn_comm_users[$comment['author_id']]['avatar'])) {
list($avatar_file, $avatar_ext, $avatar_width, $avatar_height) = explode(';', $mn_comm_users[$comment['author_id']]['avatar']);
$avatar = '<img src="' . $conf['admin_url'] . '/' . $dir['avatars'] . $avatar_file . '.' . $avatar_ext . '" class="mn-avatar" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_standard'] . '" height="' . @$conf['users_avatar_standard'] . '" />';
$avatar_small = '<img src="' . $conf['admin_url'] . '/' . $dir['avatars'] . $avatar_file . '-small.' . $avatar_ext . '" class="mn-avatar-small" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_small'] . '" height="' . @$conf['users_avatar_small'] . '" />';
$avatar_mini = '<img src="' . $conf['admin_url'] . '/' . $dir['avatars'] . $avatar_file . '-mini.' . $avatar_ext . '" class="mn-avatar-mini" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_mini'] . '" height="' . @$conf['users_avatar_mini'] . '" />';
} else {
$avatar = '<img src="' . $conf['admin_url'] . '/stuff/img/default-avatar.jpg" class="mn-avatar mn-avatar-anonymous" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_standard'] . '" height="' . @$conf['users_avatar_standard'] . '" />';
$avatar_small = '<img src="' . $conf['admin_url'] . '/stuff/img/default-avatar-small.jpg" class="mn-avatar-small mn-avatar-anonymous" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_small'] . '" height="' . @$conf['users_avatar_small'] . '" />';
$avatar_mini = '<img src="' . $conf['admin_url'] . '/stuff/img/default-avatar-mini.jpg" class="mn-avatar-mini mn-avatar-anonymous" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_mini'] . '" height="' . @$conf['users_avatar_mini'] . '" />';
}
$ua_info = get_useragent_info($comment['user_agent']);
$tmpl_search = array('{AUTHOR}', '{AUTHOR_ID}', '{AUTHOR_NAME}', '{AVATAR}', '{AVATAR_SMALL}', '{AVATAR_MINI}', '{BROWSER}', '{BROWSER_ICON}', '{BROWSER_VERSION}', '{COMMENT_ID}', '{COMMENT_NUM}', '{IP_ADDRESS}', '{OS}', '{PLATFORM}', '{TEXT}');
$tmpl_replace = array($author, $comment['author_id'], $comment['author_name'], $avatar, $avatar_small, $avatar_mini, $ua_info['browser_name'], '<img src="' . $conf['admin_url'] . '/stuff/img/icons/' . $ua_info['browser_icon'] . '" class="mn-browser-icon" alt="' . $ua_info['browser'] . '" title="' . $ua_info['browser'] . '" width="16" height="16" />', $ua_info['browser_version'], $comment['comment_id'], $num, $comment['ip_address'], $ua_info['os'], $ua_info['platform'], $text);
$tmpl_preg_search = array('/\\[EMAIL\\](.*?)\\[\\/EMAIL\\]/is', '/\\[PROFILE\\](.*?)\\[\\/PROFILE\\]/is', '/\\[WWW\\](.*?)\\[\\/WWW\\]/is');
$tmpl_preg_replace = array($email, $profile, $www);
$result = str_ireplace($tmpl_search, $tmpl_replace, $tmpl_file);
$result = preg_replace($tmpl_preg_search, $tmpl_preg_replace, $result);
$result = common_tmpl($comment['timestamp'], $result);
$result = xfields_tmpl('comments', $comment['xfields'], $result);
return $result;
}