?>
</p>
<?php
// comments
if ($withcomments or $c) {
$queryc = "SELECT * FROM {$tablecomments} WHERE comment_post_ID = {$id} ORDER BY comment_date";
$resultc = mysql_query($queryc);
if ($resultc) {
?>
<a name="comments"></a>
<p><b><font color="#ff3300">::</font> comments</b></p>
<?php
while ($rowc = mysql_fetch_object($resultc)) {
$commentdata = get_commentdata($rowc->comment_ID);
?>
<!-- comment -->
<p>
<b><?php
comment_author();
?>
( <?php
comment_author_email_link();
?>
/ <?php
comment_author_url_link();
?>
)</b> (IP: <?php
comment_author_IP();
wp_set_comment_status($comment, 'approve');
if (true == get_option('comments_notify')) {
wp_notify_postauthor($comment);
}
}
header('Location: ' . get_option('siteurl') . '/wp-admin/moderation.php?approved=1');
break;
case 'approvecomment':
$comment = (int) $_GET['comment'];
$p = (int) $_GET['p'];
if (isset($_GET['noredir'])) {
$noredir = true;
} else {
$noredir = false;
}
$commentdata = get_commentdata($comment) or die(sprintf(__('Oops, no comment with this ID. <a href="%s">Go back</a>!'), 'edit.php'));
if (!user_can_edit_post_comments($user_ID, $commentdata['comment_post_ID'])) {
die(__('You are not allowed to edit comments on this post, so you cannot approve this comment.'));
}
wp_set_comment_status($comment, "approve");
if (get_settings("comments_notify") == true) {
wp_notify_postauthor($comment);
}
if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: ' . get_settings('siteurl') . '/wp-admin/edit.php?p=' . $p . '&c=1#comments');
}
break;
case 'editedcomment':
$comment_ID = (int) $_POST['comment_ID'];
break;
case 'approvecomment':
$standalone = 1;
require_once './admin-header.php';
wp_refcheck("/wp-admin");
if ($user_level == 0) {
die('Cheatin’ uh?');
}
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
if (isset($HTTP_GET_VARS['noredir'])) {
$noredir = true;
} else {
$noredir = false;
}
$commentdata = get_commentdata($comment) or die('Oops, no comment with this ID. <a href="edit.php">Go back</a>!');
wp_set_comment_status($comment, "approve");
if (get_settings("comments_notify") == true) {
wp_notify_postauthor($comment);
}
if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) {
header('Location: ' . $_SERVER['HTTP_REFERER']);
} else {
header('Location: ' . $siteurl . '/wp-admin/edit.php?p=' . $p . '&c=1#comments');
}
break;
case 'editedcomment':
$standalone = 1;
require_once './admin-header.php';
wp_refcheck("/wp-admin");
if ($user_level == 0) {
function blacklist($commentID)
{
global $wpbl_options, $wbbl_comment, $tableblacklist, $approved;
$wpbl_comment = get_commentdata($commentID, 1, false);
// first check the comment status based on WP core moderation
$stat = wp_get_comment_status($commentID);
if ($stat == 'deleted') {
// no need to proceed since there is no comment
return;
} else {
if ($stat == 'unapproved') {
$held = True;
} else {
$held = False;
}
}
// are we supposed to delete comments held by the core?
if ($held && in_array('deletecore', $wpbl_options)) {
mail_and_del($commentID, "Mail held for moderation outside WPBlacklist");
return;
} else {
if ($held && !in_array('checkcore', $wpbl_options)) {
// comment held for moderation but option to check against blacklist not specified
return;
}
}
// IP check
$sites = $GLOBALS['wpdb']->get_results("SELECT regex FROM {$tableblacklist} WHERE regex_type='ip'");
if ($sites) {
foreach ($sites as $site) {
$regex = "/^{$site->regex}/";
if (preg_match($regex, $wpbl_comment['comment_author_IP'])) {
$held = True;
if (in_array('deleteip', $wpbl_options)) {
$approved = 'deleted';
mail_and_del($commentID, "Author IP: {$wpbl_comment['comment_author_IP']} matched {$regex}");
return;
}
break;
}
}
}
// RBL check
if (!$held || in_array('deleterbl', $wpbl_options)) {
$sites = $GLOBALS['wpdb']->get_results("SELECT regex FROM {$tableblacklist} WHERE regex_type='rbl'");
if ($sites) {
foreach ($sites as $site) {
$regex = $site->regex;
if (preg_match("/([0-9]+)\\.([0-9]+)\\.([0-9]+)\\.([0-9]+)/", $wpbl_comment['comment_author_IP'], $matches)) {
$rblhost = $matches[4] . "." . $matches[3] . "." . $matches[2] . "." . $matches[1] . "." . $regex;
$resolved = gethostbyname($rblhost);
if ($resolved != $rblhost) {
$held = True;
if (in_array('deleterbl', $wpbl_options)) {
mail_and_del($commentID, "Author IP: {$wpbl_comment['comment_author_IP']} blacklisted by RBL {$regex}");
return;
}
break;
}
}
}
}
}
// expression check
if (!$held || in_array('deletemail', $wpbl_options) || in_array('deleteurl', $wpbl_options) || in_array('delcommurl', $wpbl_options)) {
$sites = $GLOBALS['wpdb']->get_results("SELECT regex FROM {$tableblacklist} WHERE regex_type='url'");
if ($sites) {
foreach ($sites as $site) {
$regex = "/{$site->regex}/i";
// echo "Regex: $regex <br />";
if (preg_match($regex, $wpbl_comment['comment_author_url'])) {
$held = True;
if (in_array('deleteurl', $wpbl_options)) {
$approved = 'deleted';
mail_and_del($commentID, "Author URL: {$wpbl_comment['comment_author_url']} matched {$regex}");
return;
}
break;
}
if (preg_match($regex, $wpbl_comment['comment_author_email'])) {
$held = True;
if (in_array('deletemail', $wpbl_options)) {
mail_and_del($commentID, "Author e-mail: {$wpbl_comment['comment_author_email']} matched {$regex}");
return;
}
break;
}
if (preg_match($regex, $wpbl_comment['comment_content'])) {
$held = True;
if (in_array('delcommurl', $wpbl_options)) {
$approved = 'deleted';
mail_and_del($commentID, "Comment text contained {$regex}");
return;
}
break;
}
}
}
}
if ($wpbl_comment['comment_type'] == 'trackback' && (!$held || in_array('deltbsp', $wpbl_options))) {
// Let's check the remote site
require_once XOOPS_ROOT_PATH . '/class/snoopy.php';
$snoopy = new Snoopy();
if ($snoopy->fetch($wpbl_comment['comment_author_url'])) {
$orig_contents = $snoopy->results;
}
if (!strpos($orig_contents, $siteurl)) {
$approved = 'deleted';
mail_and_del($commentID, "TrackBack URL does not contain my site URL");
}
}
if ($held) {
$approved = 0;
wp_set_comment_status($commentID, 'hold');
} else {
$approved = 1;
wp_set_comment_status($commentID, 'approve');
}
// the following is essential not to break other plugins
return $commentID;
}
function wp_cache_get_postid_from_comment($comment_id)
{
$comment = get_commentdata($comment_id, 1, true);
$postid = $comment['comment_post_ID'];
// We must check it up again due to WP bugs calling two different actions
// for delete, for example both wp_set_comment_status and delete_comment
// are called whene deleting a comment
if ($postid > 0) {
return wp_cache_post_change($postid);
} else {
return wp_cache_post_change(wp_cache_post_id());
}
}
function flag_comment_link($comment_id = 0)
{
$comment_id = empty($comment_id) ? get_comment_ID() : $comment_id;
if (empty($comment_id)) {
return false;
}
$comment_data = get_commentdata($comment_id);
$user = wp_get_current_user();
// check that the user can vote
if (!empty($this->flag_cap) && !current_user_can($this->flag_cap)) {
return false;
}
$already = $this->get_user_flag_status($comment_id, $user->ID);
// if already flagged
if (!empty($already)) {
$link = $this->flag_comments_flagged_markup;
} else {
$link = add_query_arg(array('_wpnonce' => $this->nonce_key, 'flagged-comment' => 1, 'flagged-comment-id' => $comment_id), get_permalink($comment_data->comment_post_ID)) . '#comment-' . $comment_id;
$link = sprintf($this->flag_comments_flag_markup, $link);
}
echo '<div class="flag-comment">' . $link . '</div>';
}
function wp_cache_get_postid_from_comment($comment_id)
{
$comment = get_commentdata($comment_id, 1, true);
$postid = $comment['comment_post_ID'];
// Do nothing if comment is not moderated
// http://ocaoimh.ie/2006/12/05/caching-wordpress-with-wp-cache-in-a-spam-filled-world
if (!preg_match('/wp-admin\\//', $_SERVER['REQUEST_URI']) && $comment['comment_approved'] != 1) {
return $post_id;
}
// We must check it up again due to WP bugs calling two different actions
// for delete, for example both wp_set_comment_status and delete_comment
// are called when deleting a comment
if ($postid > 0) {
return wp_cache_post_change($postid);
} else {
return wp_cache_post_change(wp_cache_post_id());
}
}
exit;
}
param('comment', 'integer');
param('p', 'integer');
param('noredir', 'string');
if (isset($noredir)) {
$noredir = true;
} else {
$noredir = false;
}
if ($_SERVER['HTTP_REFERER'] != "" && false == $noredir) {
$location = $_SERVER['HTTP_REFERER'];
} else {
$location = $siteurl . '/wp-admin/edit.php?p=' . $p . '&c=1#comments';
}
if (!($commentdata = get_commentdata($comment, 1, true))) {
redirect_header($location, 5, _LANG_P_OOPS_IDPOS);
exit;
}
wp_set_comment_status($comment, "approve");
if (get_settings("comments_notify") == true) {
wp_notify_postauthor($comment);
}
header('Location: ' . $location);
break;
case 'editedcomment':
wp_refcheck("/wp-admin");
if ($user_level == 0) {
redirect_header($siteurl . '/wp-admin/', 5, _LANG_P_CHEATING_ERROR);
exit;
}
/**
* Send Comment to FF Function
*
* This function adds comment to FF entry if
* Send comments to FF option is true
*
* @param integer
*
* @return bool
*
*/
function send_admin_comment_to_ff($comment_ID)
{
global $wpdb, $ff_username, $ff_remote_key;
$ff = new FriendFeed($ff_username, $ff_remote_key);
if (!$ff) {
return false;
} else {
$ff_send_admin_comment = get_option('ff_send_admin_comment');
if (empty($ff_send_admin_comment)) {
return false;
} else {
// Eklenen yorumun bilgilerini al
$comment = get_commentdata($comment_ID, 1);
$comment_post_ID = $comment['comment_post_ID'];
$ff_item = $wpdb->get_row($wpdb->prepare('SELECT * FROM ' . TABLE_NAME . ' WHERE post_id = %d', $comment_post_ID));
if (!$ff_item) {
return false;
} else {
// Yorumu yapan kullanıcı sitede kayıtlı mı?
if (wp_ff_user_is_exists($comment['user_id'])) {
// Kullanıcının sitedeki rolü
$user_role = wp_ff_get_user_role($comment['user_id']);
// Eğer admin ise
if ($user_role['administrator'] == 1) {
// FF API @ sorunu için hack :)
$comment = str_replace('@', ' @', $comment['comment_content']);
// Eğer Karakter Sayısı 512'den az ise tek yorum gönder
if (mb_strlen($comment['comment_content']) < 512) {
$comment_id = $ff->add_comment($ff_item->friendfeed_id, $comment);
} else {
$link = get_permalink($comment['comment_post_ID']) . '#comment-' . $comment_ID;
$link_character_count = mb_strlen($link, 'UTF-8');
$limit = 500 - ($link_character_count + 5);
// Yorumu limitlemek lazım
$comment = mb_substr($comment, 0, $limit, 'UTF-8');
$comment_content = $comment . '... ' . $link;
$comment_id = $ff->add_comment($ff_item->friendfeed_id, $comment_content);
}
if ($comment_id) {
wp_ff_add_comment_to_blacklist($comment_id);
return true;
} else {
return false;
}
} else {
return false;
}
} else {
return false;
}
}
}
}
}
function android_mailtocommenter($cid)
{
global $wpdb;
$cid = (int) $cid;
$commentdata = get_commentdata($cid, 1, false);
$owner_email = $commentdata['comment_author_email'];
$post_id = (int) $commentdata['comment_post_ID'];
$comments = get_approved_comments($post_id);
$commentcontent = $commentdata['comment_content'];
$output = android_mailtocommenter_get_names($commentcontent);
if (!$output) {
return;
}
$mails = android_mailtocommente_get_email($comments);
$n = array();
$admin_email = get_option('admin_email');
$result = 0;
foreach ($output as $name) {
if (array_key_exists($name, $mails) and $mails["{$name}"] != $owner_email) {
$to = $mails["{$name}"];
$filter = android_mailtocommenter_filter($commentdata, $name);
$subject = $filter[0];
$message = $filter[1];
$message = apply_filters('comment_text', $message);
if (android_mailtocommenter_send_email($to, $subject, $message)) {
$result++;
}
$n["{$name}"] = $name;
}
}
if ($result > 0) {
$subject = "CC. {$subject}";
$n = implode(',', $n);
$n = "<br/>This comment has been sent to {$n}.<br/>";
$m = $n . 'Backup copy sent to admin<br/>' . $message;
$to = strtolower(get_option('admin_email'));
android_mailtocommenter_send_email($to, $subject, $m);
}
}
$comment = $HTTP_GET_VARS['comment'];
$commentdata = get_commentdata($comment, 1) or die("Oops, no comment with this ID. <a href=\"javascript:history.go(-1)\">Go back</a> !");
$content = $commentdata["comment_content"];
$content = format_to_edit($content);
echo $blankline;
include $b2inc . "/b2edit.form.php";
break;
case "deletecomment":
$standalone = 1;
require_once "./b2header.php";
if ($user_level == 0) {
die("Cheatin' uh ?");
}
$comment = $HTTP_GET_VARS['comment'];
$p = $HTTP_GET_VARS['p'];
$commentdata = get_commentdata($comment) or die("Oops, no comment with this ID. <a href=\"b2edit.php\">Go back</a> !");
$query = "DELETE FROM {$tablecomments} WHERE comment_ID={$comment}";
$result = mysql_query($query) or die("Oops, no comment with this ID. <a href=\"b2edit.php\">Go back</a> !");
header("Location: b2edit.php?p={$p}&c=1#comments");
//?a=dc");
break;
case "editedcomment":
$standalone = 1;
require_once "./b2header.php";
if ($user_level == 0) {
die("Cheatin' uh ?");
}
$comment_ID = $HTTP_POST_VARS['comment_ID'];
$comment_post_ID = $HTTP_POST_VARS['comment_post_ID'];
$newcomment_author = $HTTP_POST_VARS['newcomment_author'];
$newcomment_author_email = $HTTP_POST_VARS['newcomment_author_email'];
/**
* called by do_ajax
* receives cid and nonce and cl_prem as POST vars
* stores the click in the comment meta
*/
function do_click()
{
$cid = intval($_POST['cid']);
$nonce = $_POST['_ajax_nonce'];
$url = $_POST['url'];
if (!wp_verify_nonce($nonce, $cid)) {
exit;
}
$data = get_comment_meta($cid, 'cl_data', true);
if (is_array($data)) {
$data['clicks'] = $data['clicks'] + 1;
update_comment_meta($cid, 'cl_data', $data);
}
if ($_POST['cl_prem'] == 'true') {
$comment = get_commentdata($cid);
$refer = get_permalink($comment['comment_post_ID']);
// set blocking to false because no response required
$response = wp_remote_post($url, array('blocking' => false, 'body' => array('cl_request' => 'click', 'refer' => $refer, 'version' => $this->version)));
}
exit;
}
