}
// only post if we have a message
if (strlen($_REQUEST['comment']) > 1) {
// Limit the message to 10k characters
$msg = trim(substr($_REQUEST['comment'], 0, 10000));
// Get the list of mentioned WebIDs from the message
preg_match_all("/<(.*)>/Ui", $msg, $out, PREG_PATTERN_ORDER);
$webids = $out[1];
// Save the time of the request
$time = time();
if (isset($_REQUEST['new'])) {
// Insert into databse
$query = "INSERT INTO pingback_messages SET ";
$query .= "date='" . $time . "', ";
$query .= "updated='" . $time . "', ";
$query .= "etag='" . compute_etag($time) . "', ";
$query .= "from_uri = '" . mysql_real_escape_string($_SESSION['webid']) . "', ";
$query .= "to_hash='" . $to_hash . "', ";
if ($owner_webid != 'local') {
$query .= "to_uri = '" . mysql_real_escape_string($owner_webid) . "', ";
}
$query .= "name = '" . mysql_real_escape_string($_SESSION['usr']) . "', ";
$query .= "pic = '" . mysql_real_escape_string($_SESSION['img']) . "', ";
$query .= "msg = '" . mysql_real_escape_string($msg) . "', ";
$query .= "wall='1'";
$result = mysql_query($query);
if (!$result) {
$ret .= error('Database error while trying to insert new message!');
} else {
mysql_free_result($result);
// update etags
function update_etags($time, $to_hash)
{
$query = "UPDATE pingback_messages SET etag='" . mysql_real_escape_string(compute_etag($time)) . "' " . "WHERE to_hash='" . mysql_real_escape_string($to_hash) . "'";
$result = mysql_query($query);
if (!$result) {
return error("Cannot update etags for user " . $to_hash . ".");
} else {
mysql_free_result($result);
return '';
// tbd
}
}