$_GET = sanitize($_GET); } //NULLバイト除去// if (isset($_POST)) { $_POST = sanitize($_POST); } //NULLバイト除去// if (isset($_COOKIE)) { $_COOKIE = sanitize($_COOKIE); } //NULLバイト除去// if ($encode == 'SJIS') { $_POST = sjisReplace($_POST, $encode); } //Shift-JISの場合に誤変換文字の置換実行 $funcRefererCheck = refererCheck($Referer_check, $Referer_check_domain); //リファラチェック実行 //変数初期化 $sendmail = 0; $empty_flag = 0; $post_mail = ''; $errm = ''; $header = ''; if ($requireCheck == 1) { $requireResArray = requireCheck($require); //必須チェック実行し返り値を受け取る $errm = $requireResArray['errm']; $empty_flag = $requireResArray['empty_flag']; } //メールアドレスチェック if (empty($errm)) {
function commentAdd() { $db = JFactory::getDBO(); $user = JFactory::getUser(); $post = JRequest::get('post'); $post = array_map('addslashes', $post); $cmtip = getIpAddress(); jimport('joomla.mail.helper'); require JPATH_COMPONENT_ADMINISTRATOR . DS . 'config.datsogallery.php'; if ($post) { if (refererCheck()) { echo '<li class="dg_body_error_message"><div>' . refererCheck() . '</div></li>'; } elseif (blacklistCheck($cmtip)) { echo '<li class="dg_body_error_message"><div>' . blacklistCheck($cmtip) . '</div></li>'; } elseif (empty($post['cmtname'])) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_NAME') . '</div></li>'; } elseif (empty($post['cmtmail'])) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_EMAIL') . '</div></li>'; } elseif (JMailHelper::isEmailAddress($post['cmtmail']) == false) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_INVALID_EMAIL') . '</div></li>'; } elseif (empty($post['cmttext'])) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_COMMENT') . '</div></li>'; } elseif (empty($post['dgcaptchaval'])) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_ENTER_CODE') . '</div></li>'; } else { if (!$user->id && strlen($post['cmtname']) < 4) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_NAME_IS_TOO_SHORT') . '</div></li>'; } elseif (empty($_SESSION['CAPTCHA']) || strtolower($post['dgcaptchaval']) != $_SESSION['CAPTCHA']) { echo '<li class="dg_body_error_message"><div>' . JText::_('COM_DATSOGALLERY_SECURITY_NOT_VALUE') . '</div></li>'; } else { $db->setQuery("INSERT INTO #__datsogallery_comments SET cmtpic='" . $post['cmtpic'] . "', cmtip='" . $cmtip . "', cmtname='" . $post['cmtname'] . "', cmtmail='" . $post['cmtmail'] . "', cmttext='" . $post['cmttext'] . "', cmtdate ='" . time() . "', published = 1"); $db->query(); echo "<li class=\"pane\">\n"; echo "<div class=\"imgblock\">"; if ($ad_js || $ad_cb || $ad_kunena) { $avatar = $user->id ? getUserAvatar($user->id) : getUserAvatar(0); } else { $avatar = getGravatar($post['cmtmail']); } echo $avatar; echo "</div>"; echo '<div style="display:block;min-height:60px;margin-left:70px;padding-bottom:20px">' . stripslashes(nl2br($post['cmttext'])) . '</div>'; echo '<div class="date">' . sprintf(JText::_('COM_DATSOGALLERY_ON'), $post['cmtname'], strftime($ad_datef, time())) . '</div>'; echo "</li>\n"; $db->setQuery('SELECT notify' . ' FROM #__datsogallery' . ' WHERE id = ' . $post['cmtpic']); $unotify = $db->loadResult(); if ($ad_comment_notify && $unotify != 0) { commentNotify($post['cmtpic'], $post['cmtname'], $post['cmtmail'], stripslashes(dgwordlimiter($post['cmttext'], $ad_comment_wl))); } } } exit; } }