Beispiel #1
0
<?php 
    die;
} elseif (isset($admin_tmpl['comment_delete']) && $admin_tmpl['comment_delete'] && MN_LOGGED) {
    ?>

  <form action="./mn-comments.php" method="post" id="comment-delete" class="item-delete">
    <fieldset>
      <?php 
    echo $lang['comm_q_really_delete'];
    ?>
 <strong><?php 
    echo $var['author_name'];
    ?>
</strong>?
      <div class="preview round"><?php 
    echo comment_format($var['comment_text']);
    ?>
</div>
      <p>
        <span class="warn"><img src="./stuff/img/icons/warning.png" alt="!" /> <?php 
    echo $lang['uni_no_go_back'];
    ?>
 <img src="./stuff/img/icons/warning.png" alt="!" /></span>
        <input type="hidden" name="action" value="delete" />
        <input type="hidden" name="id" value="<?php 
    echo $var['comment_id'];
    ?>
" />
        <input type="hidden" name="post" value="<?php 
    echo $var['post_id'];
    ?>
    .star {color: crimson;}
    .backlink {padding: 0 0 0 300px;}
    .c {text-align: center;}
    a {color: blue;}
    a:hover {color: crimson;}
  </style>
  <title><?php 
echo $conf['web_title'] . ' | ' . $lang['comm_comment_addition'];
?>
</title>
  </head>
  <body>

  <?php 
if (isset($_POST['preview']) && !empty($_POST['comment_text'])) {
    echo '<div id="preview"><span id="simlegend">' . $lang['comm_preview'] . '</span>' . comment_format(check_comment_text($_POST['comment_text'])) . '</div>';
} else {
    echo '<div class="info-red"><img src="./stuff/img/icons/exclamation.png" alt="" /> ' . $error_msg . '</div>';
}
?>

    <form action="./mn-comments.php" method="post">
      <fieldset>
        <legend><?php 
echo $lang['comm_comment_addition'];
?>
</legend>
        <?php 
$xfields_rows = '';
if (file_exists(MN_ROOT . $file['xfields'])) {
    $xfields = get_unserialized_array('xfields');
/**
 * Process CMS tags into HTML for comments.
 */
function cms_tag_trackbacks($tag_attr, $tag_default)
{
    global $db, $row, $block, $Current_weblog, $Weblogs, $Paths;
    if (strlen($Weblogs[$Current_weblog]['trackback_format']) > 1) {
        $format = $Weblogs[$Current_weblog]['trackback_format'];
    } else {
        $format = "%anchor%<p><strong>%title%</strong><br />%excerpt%<br /><small>Sent on %date%, via %url%</small></p>";
    }
    // If %editlink% is not present, insert it right after %date%..
    if (strpos($format, "%editlink%") == 0) {
        $format = str_replace("%date%", "%date% %editlink%", $format);
    }
    $content_code = get_attr_value('content_code', $tag_attr);
    $entrydate = $Weblogs[$Current_weblog]['fulldate_format'];
    if ($content_code == "") {
        $content_code = $row["code"];
    }
    $output = '<a id="track"></a>';
    $last_trackback = "";
    if (isset($db->entry['trackbacks']) && count($db->entry['trackbacks']) > 0) {
        foreach ($db->entry['trackbacks'] as $count => $temp_row) {
            /**
             * this is a record we have to output in some form..
             */
            $temp_row['url'] = strip_tags($temp_row['url']);
            if (!ip_check_block($temp_row["ip"])) {
                /**
                 * Make 'edit' and 'delete' links..
                 */
                $editlink = get_edittrackbacklink($db->entry['code'], $count);
                /**
                 * make link achnor
                 */
                $anchor = "<a id=\"" . safe_string($temp_row["name"], TRUE) . "-" . format_date($temp_row["date"], "%ye%%month%%day%%hour24%%minute%") . "\"></a>";
                /**
                 * substite all of the parameters into the comment, and add it to the output.
                 */
                $this_tag = $format;
                $this_tag = str_replace("%count%", $count + 1, $this_tag);
                $this_tag = str_replace("%even-odd%", $count % 2 ? 'even' : 'odd', $this_tag);
                $this_tag = str_replace("%ip%", $temp_row["ip"], $this_tag);
                $this_tag = str_replace("%date%", format_date($temp_row["date"], $entrydate), $this_tag);
                $this_tag = str_replace("%excerpt%", comment_format($temp_row["excerpt"]), $this_tag);
                $this_tag = str_replace("%title%", $temp_row["title"], $this_tag);
                $url = '<a href="' . $temp_row["url"] . '">' . stripslashes($temp_row["name"]) . '</a>';
                $this_tag = str_replace("%url%", $url, $this_tag);
                $this_tag = str_replace("%anchor%", $anchor, $this_tag);
                $this_tag = str_replace("%editlink%", $editlink, $this_tag);
                $output .= $this_tag;
            }
        }
    }
    // make an array of strings with the notices to print
    $text = array($Weblogs[$Current_weblog]['trackbacks_text_0'], $Weblogs[$Current_weblog]['trackbacks_text_1'], $Weblogs[$Current_weblog]['trackbacks_text_2']);
    //   $track_ind = sprintf("<p><b>%s:</b></p>", $text[min(2,count($db->entry['trackbacks']))]);
    //   $track_ind = str_replace("%num%", lang('numbers', count($db->entry['trackbacks'])), $track_ind);
    //   $track_ind = str_replace("%n%", count($db->entry['trackbacks']), $track_ind);
    $output = $output;
    return $output;
}
Beispiel #4
0
         for ($j = 0; $j < $j_max; $j++) {
             $c = get_values('comments', $comments[$j], false);
             $cp = get_post_data($c['post_id']);
             $c['timestamp'] = $c['timestamp'] + $conf['time_adj'] * 3600;
             if (mb_strlen($cp['title']) > 16) {
                 $tooltip = ' title="' . $cp['title'] . '"';
                 $cp['title'] = mb_substr($cp['title'], 0, 15, 'utf-8') . '&hellip;';
             } else {
                 $cp['title'];
                 $tooltip = '';
             }
             if (isset($widget_counts[1]) && $widget_counts[1] == 'new' && ($c['timestamp'] < $_SESSION['mn_last_login'] || empty($_SESSION['mn_last_login']))) {
                 continue;
             } else {
                 $ua_info = get_useragent_info($c['user_agent']);
                 $comments_result .= '<tr id="c' . $c['comment_id'] . '"><td class="c_author"><a href="./?p=' . $c['post_id'] . '#c-' . $c['comment_id'] . '">#</a> <strong>' . $c['author_name'] . '</strong><br />&nbsp;<span class="info hide comment_status"><a href="./?p=' . $c['post_id'] . '"' . $tooltip . '>' . $cp['title'] . '</a></span></td><td class="edit"><img src="./stuff/img/icons/information-gray.png" alt="" class="tooltip" title="<strong>' . $lang['uni_date'] . ':</strong> ' . date('d.m.Y H:i', $c['timestamp']) . '<br /><strong>' . $lang['comm_ip_address'] . ':</strong> ' . $c['ip_address'] . '<br /><strong>' . $lang['comm_host'] . ':</strong> ' . $c['host'] . '<br /><strong>' . $lang['comm_user_browser'] . ':</strong> ' . $ua_info['browser'] . '<br /><strong>' . $lang['comm_user_os'] . ':</strong> ' . $ua_info['os'] . '" /><p><a href="./mn-comments.php?action=edit&amp;post=' . $c['post_id'] . '&amp;id=' . $c['comment_id'] . '" class="tooltip" title="' . $lang['uni_edit'] . '"><img src="./stuff/img/icons/edit-gray.png" alt="" /></a></p></td><td class="edit"><a href="./mn-comments.php?action=reply&amp;post=' . $c['post_id'] . '&amp;id=' . $c['comment_id'] . '" class="fancy tooltip" title="' . $lang['comm_reply'] . '"><img src="./stuff/img/icons/reply-gray.png" alt="" /></a><p><a href="./mn-comments.php?a=m&amp;s=0&amp;f=' . $c['post_id'] . '&amp;c=' . $c['comment_id'] . '&amp;t=' . $_SESSION['mn_token'] . '&amp;from=index" class="ajaxcall tooltip" title="' . $lang['uni_delete'] . '"><img src="./stuff/img/icons/cross-gray.png" alt="" /></a></p></td><td><div class="comment-text">' . comment_format($c['comment_text']) . '</div></td></tr>';
             }
         }
     }
 } else {
     $posts_count = 0;
     $posts_result = '<tr><td colspan="4" class="c"><em>' . $lang['index_msg_no_posts'] . '</em></td></tr>';
 }
 if (isset($widget_counts[1]) && $widget_counts[1] == 'new' && empty($comments_result)) {
     $comments_result = '<tr><td colspan="5" class="c"><em>' . $lang['index_msg_no_new_comments'] . '</em></td></tr>';
 } elseif (empty($comments_result)) {
     $comments_result = '<tr><td colspan="5" class="c"><em>' . $lang['index_msg_no_comments'] . '</em></td></tr>';
 }
 if (empty($comments_count)) {
     $comments_count = 0;
 }
Beispiel #5
0
function add_comment_feeditem($item)
{
    global $db, $rss_items, $atom_items, $Cfg, $Weblogs, $Current_weblog, $Allow_RSS, $Paths;
    if (!siteurl_isset()) {
        $weblog = $Paths['host'] . $Paths['pivot_url'];
    } else {
        $weblog = $Weblogs[$Current_weblog]['siteurl'];
    }
    $entry = $db->read_entry($item['code']);
    $link = make_fileurl($item['uid'], "", "");
    $title = $db->entry['title'];
    $date = format_date($item['date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . rss_offset();
    $description = htmlspecialchars(strip_tags($item['comment']));
    $description = str_replace("&nbsp;", " ", $description);
    $id = safe_string($item["name"], TRUE) . "-" . format_date($item["date"], "%ye%%month%%day%%hour24%%minute%");
    $tag = str_replace("_", "", strtolower(safe_string($Cfg['sitename'], TRUE))) . "," . date("Y") . ":" . $id;
    // make sure description is not too long..
    if (isset($Weblogs[$Current_weblog]['rss_full']) && $Weblogs[$Current_weblog]['rss_full'] == 0) {
        // don't put anything in the content.
        $content = "";
    } else {
        // put the introduction and body in the content..
        $content = str_replace("&nbsp;", " ", $introduction . $body);
    }
    if (isemail($item['email'])) {
        $email = "\n<email>" . $item['email'] . "</email>";
    } else {
        $email = "";
    }
    if (isurl($item['url'])) {
        if (strpos($item["url"], "ttp://") < 1) {
            $item["url"] = "http://" . $item["url"];
        }
        $url = "\n<uri>" . $item['url'] . "</uri>";
    } else {
        $url = "";
    }
    $atom_item = '
	<entry>
	    <title>%author% on %title%</title>
	    <link rel="alternate" type="text/html" href="%link%#%id%"/>
	    <updated>%date%</updated>
	    <published>%date%</published>
	    <id>tag:%tag%</id>
	    <summary type="text">%description%</summary>
	    <content type="html" xml:lang="%lang%" xml:base="%link%">
		<![CDATA[ 
			%content%
		]]>
	    </content>
	    <author>
		<name>%author%</name>%url%%email%
	    </author>
	</entry>
';
    $from = array("%title%", "%link%", "%id%", "%description%", "%content%", "%author%", "%guid%", "%date%", "%tag%", "%lang%", "%url%", "%email%");
    $to = array(htmlspecialchars(strip_tags($entry['title'])), $link, $id, RelativeToAbsoluteURLS($description), trim(comment_format($item['comment'])), htmlspecialchars(unentify($item['name'])), $item['uid'] . "@" . $weblog, $date, $tag, snippet_lang(), $url, $email);
    $atom_item = str_replace($from, $to, $atom_item);
    $atom_items[$date] = $atom_item;
}
Beispiel #6
0
 }
 // if comment or name is missing, give a notice, and show the form again..
 if (!isset($Pivot_Vars['vote']) && strlen($my_comment['name']) < 2) {
     $Pivot_Vars['message'] = lang('comment', 'no_name');
     unset($Pivot_Vars['post']);
     $Pivot_Vars['preview'] = TRUE;
 }
 if (!isset($Pivot_Vars['vote']) && strlen($my_comment['comment']) < 3) {
     $Pivot_Vars['message'] = lang('comment', 'no_comment');
     unset($Pivot_Vars['post']);
     $Pivot_Vars['preview'] = TRUE;
 }
 // check num of hyperlinks by loweblog.com
 if (isset($Cfg['maxhrefs']) && $Cfg['maxhrefs'] > 0) {
     $low_comment = strtolower($my_comment['comment']);
     $low_comment_formatted = strtolower(comment_format($my_comment['comment']));
     if (substr_count($low_comment, "href=") > $Cfg['maxhrefs'] || substr_count($low_comment_formatted, "href=") > $Cfg['maxhrefs']) {
         $Pivot_Vars['message'] = lang('comment', 'too_many_hrefs');
         unset($Pivot_Vars['post']);
         $Pivot_Vars['preview'] = TRUE;
     }
 }
 if (isset($Pivot_Vars['post'])) {
     $db->set_entry($entry);
     // switch to weblog's language (it might be changed in the meantime)
     LoadWeblogLanguage($Weblogs[$Current_weblog]['language']);
     $db->save_entry(FALSE);
     // do not update the index.
     //update the 'last comments' file
     if (isset($my_comment)) {
         if ($Cfg['moderate_comments'] != 1) {
function snippet_last_comments()
{
    global $Cfg, $db, $Weblogs, $Current_weblog, $Paths;
    if (isset($Weblogs[$Current_weblog]['lastcomm_format']) && strlen($Weblogs[$Current_weblog]['lastcomm_format']) > 2) {
        $last_comments_format = $Weblogs[$Current_weblog]['lastcomm_format'];
    } else {
        $last_comments_format = "<a href='%url%' title='%date%' %popup%><b>%name%</b></a> (%title%): %comm%<br />";
    }
    if (isset($Weblogs[$Current_weblog]['lastcomm_length']) && $Weblogs[$Current_weblog]['lastcomm_length'] > 0) {
        $last_comments_length = $Weblogs[$Current_weblog]['lastcomm_length'];
    } else {
        $last_comments_length = 100;
    }
    if (isset($Weblogs[$Current_weblog]['lastcomm_trim']) && $Weblogs[$Current_weblog]['lastcomm_trim'] > 0) {
        $last_comments_trim = $Weblogs[$Current_weblog]['lastcomm_trim'];
    } else {
        $last_comments_trim = 16;
    }
    if (isset($Weblogs[$Current_weblog]['lastcomm_amount']) && $Weblogs[$Current_weblog]['lastcomm_amount'] > 0) {
        $last_comments_count = $Weblogs[$Current_weblog]['lastcomm_amount'];
    } else {
        $last_comments_count = 10;
    }
    if (file_exists($Paths['pivot_path'] . "db/ser_lastcomm.php")) {
        $file = array_reverse(load_serialize($Paths['pivot_path'] . "db/ser_lastcomm.php", true, true));
    } else {
        $file = array();
    }
    $cats = find_cats_in_weblog($Current_weblog);
    $output = "";
    $count = 0;
    if (count($file) > 0) {
        foreach ($file as $comment) {
            // if it's in a category that published n the frontpage, and the user is not blocked, we display it.
            if (count(array_intersect($comment['category'], $cats)) > 0 && !ip_check_block(trim($comment['ip'])) && $db->entry_exists($comment['code'])) {
                $id = safe_string($comment["name"], TRUE) . "-" . format_date($comment["date"], "%ye%%month%%day%%hour24%%minute%");
                $url = make_filelink($comment['code'], "", $id);
                $comment['name'] = trimtext(stripslashes($comment['name']), $last_comments_trim);
                $comment['title'] = trimtext(stripslashes($comment['title']), $last_comments_trim);
                // Commenting out mywordwrap since it currently breaks textile commands (and maybe more).
                // $comment['comment'] = mywordwrap($comment['comment'], 18, " ", 1);
                $comment['comment'] = comment_format($comment["comment"]);
                // Remove the [name:1] part in the 'last comments..
                $comment['comment'] = preg_replace("/\\[(.*):([0-9]+)\\]/iU", '', $comment['comment']);
                $comment['comment'] = trimtext(stripslashes($comment['comment']), $last_comments_length);
                // $comment['comment'] = unentify($comment['comment']);
                if ($Weblogs[$Current_weblog]['comment_pop'] == 1) {
                    $popup = sprintf("onclick=\"window.open('%s', 'popuplink', 'width=%s,height=%s,directories=no,location=no,scrollbars=yes,menubar=no,status=yes,toolbar=no,resizable=yes'); return false\"", $url, $Weblogs[$Current_weblog]['comment_width'], $Weblogs[$Current_weblog]['comment_height']);
                } else {
                    $popup = "";
                }
                $thisline = $last_comments_format;
                $thisline = str_replace("%name%", $comment['name'], $thisline);
                $thisline = str_replace("%date%", $comment['date'], $thisline);
                $thisline = str_replace("%title%", $comment['title'], $thisline);
                $thisline = str_replace("%url%", $url, $thisline);
                $thisline = str_replace("%popup%", $popup, $thisline);
                $thisline = str_replace("%comm%", $comment['comment'], $thisline);
                $thisline = format_date($comment["date"], $thisline);
                $output .= "\n" . $thisline;
                $count++;
                if ($count >= $last_comments_count) {
                    return $output;
                }
            }
        }
    }
    return $output;
}
function comment_tmpl($template, $url, $num)
{
    global $comment, $dir, $conf, $lang, $mn_comm_users;
    $tmpl_file = file_exists(MN_ROOT . $dir['templates'] . $template . '.html') ? file_get_contents(MN_ROOT . $dir['templates'] . $template . '.html') : file_get_contents(MN_ROOT . $dir['templates'] . DEFAULT_TMPL . '_12.html');
    $target = $conf['comments_links_target'] ? ' target="_blank"' : '';
    $rel = $conf['comments_links_nofollow'] ? ' rel="nofollow"' : '';
    if (!empty($comment['author_id'])) {
        $author = '<a href="' . $url . 'mn_user='******'author_id'] . '">' . $comment['author_name'] . '</a>';
        $profile = '<a href="' . $url . 'mn_user='******'author_id'] . '">$1</a>';
    } else {
        $author = $comment['author_name'];
        $profile = '';
    }
    $text = $comment['status'] == 3 ? '<em>*** ' . $lang['web_msg_comment_hidden'] . ' ***</em>' : comment_format($comment['comment_text']);
    $email = !empty($comment['author_email']) ? '<a href="mailto:' . $comment['author_email'] . '">$1</a>' : '';
    $www = !empty($comment['author_www']) ? '<a href="' . $comment['author_www'] . '"' . $target . $rel . '>$1</a>' : '';
    if (isset($mn_comm_users[$comment['author_id']]['avatar']) && !empty($mn_comm_users[$comment['author_id']]['avatar'])) {
        list($avatar_file, $avatar_ext, $avatar_width, $avatar_height) = explode(';', $mn_comm_users[$comment['author_id']]['avatar']);
        $avatar = '<img src="' . $conf['admin_url'] . '/' . $dir['avatars'] . $avatar_file . '.' . $avatar_ext . '" class="mn-avatar"  alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_standard'] . '" height="' . @$conf['users_avatar_standard'] . '" />';
        $avatar_small = '<img src="' . $conf['admin_url'] . '/' . $dir['avatars'] . $avatar_file . '-small.' . $avatar_ext . '" class="mn-avatar-small"  alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_small'] . '" height="' . @$conf['users_avatar_small'] . '" />';
        $avatar_mini = '<img src="' . $conf['admin_url'] . '/' . $dir['avatars'] . $avatar_file . '-mini.' . $avatar_ext . '" class="mn-avatar-mini"  alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_mini'] . '" height="' . @$conf['users_avatar_mini'] . '" />';
    } else {
        $avatar = '<img src="' . $conf['admin_url'] . '/stuff/img/default-avatar.jpg" class="mn-avatar mn-avatar-anonymous" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_standard'] . '" height="' . @$conf['users_avatar_standard'] . '" />';
        $avatar_small = '<img src="' . $conf['admin_url'] . '/stuff/img/default-avatar-small.jpg" class="mn-avatar-small mn-avatar-anonymous" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_small'] . '" height="' . @$conf['users_avatar_small'] . '" />';
        $avatar_mini = '<img src="' . $conf['admin_url'] . '/stuff/img/default-avatar-mini.jpg" class="mn-avatar-mini mn-avatar-anonymous" alt="' . $comment['author_name'] . ' ' . $lang['users_avatar'] . '" width="' . @$conf['users_avatar_mini'] . '" height="' . @$conf['users_avatar_mini'] . '" />';
    }
    $ua_info = get_useragent_info($comment['user_agent']);
    $tmpl_search = array('{AUTHOR}', '{AUTHOR_ID}', '{AUTHOR_NAME}', '{AVATAR}', '{AVATAR_SMALL}', '{AVATAR_MINI}', '{BROWSER}', '{BROWSER_ICON}', '{BROWSER_VERSION}', '{COMMENT_ID}', '{COMMENT_NUM}', '{IP_ADDRESS}', '{OS}', '{PLATFORM}', '{TEXT}');
    $tmpl_replace = array($author, $comment['author_id'], $comment['author_name'], $avatar, $avatar_small, $avatar_mini, $ua_info['browser_name'], '<img src="' . $conf['admin_url'] . '/stuff/img/icons/' . $ua_info['browser_icon'] . '" class="mn-browser-icon" alt="' . $ua_info['browser'] . '" title="' . $ua_info['browser'] . '" width="16" height="16" />', $ua_info['browser_version'], $comment['comment_id'], $num, $comment['ip_address'], $ua_info['os'], $ua_info['platform'], $text);
    $tmpl_preg_search = array('/\\[EMAIL\\](.*?)\\[\\/EMAIL\\]/is', '/\\[PROFILE\\](.*?)\\[\\/PROFILE\\]/is', '/\\[WWW\\](.*?)\\[\\/WWW\\]/is');
    $tmpl_preg_replace = array($email, $profile, $www);
    $result = str_ireplace($tmpl_search, $tmpl_replace, $tmpl_file);
    $result = preg_replace($tmpl_preg_search, $tmpl_preg_replace, $result);
    $result = common_tmpl($comment['timestamp'], $result);
    $result = xfields_tmpl('comments', $comment['xfields'], $result);
    return $result;
}