Beispiel #1
0
             $ca = serendipity_db_query($query, true);
             $comment_allowed = serendipity_db_bool($ca['allow_comments']) || !is_array($ca) ? true : false;
             $serendipity['smarty']->assign(array('is_showcomments' => true, 'is_comment_allowed' => $comment_allowed));
             if ($comment_allowed) {
                 serendipity_displayCommentForm($id, '?', NULL, $serendipity['POST'], true, serendipity_db_bool($ca['moderate_comments']), $ca);
             }
         }
     } else {
         $comment['url'] = $serendipity['POST']['url'];
         $comment['comment'] = trim($serendipity['POST']['comment']);
         $comment['name'] = $serendipity['POST']['name'];
         $comment['email'] = $serendipity['POST']['email'];
         $comment['subscribe'] = $serendipity['POST']['subscribe'];
         $comment['parent_id'] = $serendipity['POST']['replyTo'];
         if (!empty($comment['comment'])) {
             if (serendipity_saveComment($id, $comment, 'NORMAL')) {
                 $sc_url = $serendipity['baseURL'] . 'comment.php?serendipity[entry_id]=' . $id . '&success=true&url=' . urlencode($_SERVER['HTTP_REFERER']);
                 if (serendipity_isResponseClean($sc_url)) {
                     header('Status: 302 Found');
                     header('Location: ' . $sc_url);
                 }
                 exit;
             } else {
                 $serendipity['smarty']->assign(array('is_comment_notadded' => true, 'comment_url' => serendipity_specialchars($_SERVER['HTTP_REFERER']), 'comment_string' => explode('%s', COMMENT_NOT_ADDED_CLICK)));
             }
         } else {
             $serendipity['smarty']->assign(array('is_comment_empty' => true, 'comment_url' => serendipity_specialchars($_SERVER['HTTP_REFERER']), 'comment_string' => explode('%s', EMPTY_COMMENT)));
         }
     }
 }
 $serendipity['smarty']->display(serendipity_getTemplateFile($serendipity['smarty_file'], 'serendipityPath'));
function serveEntry($matches)
{
    global $serendipity;
    $serendipity['view'] = 'entry';
    $uri = $_SERVER['REQUEST_URI'];
    if (isset($serendipity['GET']['id'])) {
        $matches[1] = (int) $serendipity['GET']['id'];
    } elseif (isset($_GET['p'])) {
        $matches[1] = $_GET['p'];
    } else {
        $matches[1] = serendipity_searchPermalink($serendipity['permalinkStructure'], $uri, !empty($matches[2]) ? $matches[2] : $matches[1], 'entry');
    }
    serendipity_rememberComment();
    if (!empty($serendipity['POST']['submit']) && !isset($_REQUEST['serendipity']['csuccess'])) {
        $comment['url'] = $serendipity['POST']['url'];
        $comment['comment'] = trim($serendipity['POST']['comment']);
        $comment['name'] = $serendipity['POST']['name'];
        $comment['email'] = $serendipity['POST']['email'];
        $comment['subscribe'] = $serendipity['POST']['subscribe'];
        $comment['parent_id'] = $serendipity['POST']['replyTo'];
        if (!empty($comment['comment'])) {
            if (serendipity_saveComment($serendipity['POST']['entry_id'], $comment, 'NORMAL')) {
                $sc_url = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . (strstr($_SERVER['REQUEST_URI'], '?') ? '&' : '?') . 'serendipity[csuccess]=' . (isset($serendipity['csuccess']) ? $serendipity['csuccess'] : 'true');
                if (serendipity_isResponseClean($sc_url)) {
                    header('Status: 302 Found');
                    header('Location: ' . $sc_url);
                }
                exit;
            } else {
                $serendipity['messagestack']['comments'][] = COMMENT_NOT_ADDED;
            }
        } else {
            $serendipity['messagestack']['comments'][] = sprintf(EMPTY_COMMENT, '', '');
        }
    }
    $id = (int) $matches[1];
    if ($id === 0) {
        $id = false;
    }
    $_GET['serendipity']['action'] = 'read';
    $_GET['serendipity']['id'] = $id;
    $title = serendipity_db_query("SELECT title FROM {$serendipity['dbPrefix']}entries WHERE id={$id} AND isdraft = 'false' " . (!serendipity_db_bool($serendipity['showFutureEntries']) ? " AND timestamp <= " . serendipity_db_time() : ''), true);
    if (is_array($title)) {
        $serendipity['head_title'] = serendipity_specialchars($title[0]);
        $serendipity['head_subtitle'] = serendipity_specialchars($serendipity['blogTitle']);
    } else {
        $serendipity['view'] = '404';
        $serendipity['viewtype'] = '404_1';
        header('HTTP/1.0 404 Not found');
        header('Status: 404 Not found');
    }
    include S9Y_INCLUDE_PATH . 'include/genpage.inc.php';
}
/**
 * Receive a pingback
 *
 * @access public
 * @param   int     The entryid to receive a pingback for
 * @param   string  The foreign postdata to add
 * @return boolean
 */
function add_pingback($id, $postdata)
{
    global $serendipity;
    log_pingback("Reached add_pingback. ID:[{$id}]");
    // XML-RPC Method call without named parameter. This seems to be the default way using XML-RPC
    if (preg_match('@<methodCall>\\s*<methodName>\\s*pingback.ping\\s*</methodName>\\s*<params>\\s*<param>\\s*<value>\\s*<string>([^<]*)</string>\\s*</value>\\s*</param>\\s*<param>\\s*<value>\\s*<string>([^<]*)</string>\\s*</value>\\s*</param>\\s*</params>\\s*</methodCall>@is', $postdata, $matches)) {
        log_pingback("Pingback wp structure.");
        $remote = $matches[1];
        $local = $matches[2];
        log_pingback("remote={$remote}, local={$local}");
        $path = parse_url($remote);
        $comment['title'] = 'PingBack';
        $comment['url'] = $remote;
        $comment['comment'] = '';
        $comment['name'] = $path['host'];
        fetchPingbackData($comment);
        // if no ID parameter was given, try to get one from targetURI
        if (!isset($id) || $id == 0) {
            log_pingback("ID not found");
            $id = evaluateIdByLocalUrl($local);
            log_pingback("ID set to {$id}");
        }
        if ($id > 0) {
            // first check, if we already have this pingback
            $comments = serendipity_fetchComments($id, 1, 'co.id', true, 'PINGBACK', " AND co.url='" . serendipity_db_escape_string($remote) . "'");
            if (is_array($comments) && sizeof($comments) == 1) {
                log_pingback("We already have that PINGBACK!");
                return 0;
                // We already have it!
            }
            // We don't have it, so save the pingback
            serendipity_saveComment($id, $comment, 'PINGBACK');
            return 1;
        } else {
            return 0;
        }
    }
    // XML-RPC Method call with named parameter. I'm not sure, if XML-RPC supports this, but just to be sure
    $sourceURI = getPingbackParam('sourceURI', $postdata);
    $targetURI = getPingbackParam('targetURI', $postdata);
    if (isset($sourceURI) && isset($targetURI)) {
        log_pingback("Pingback spec structure.");
        $path = parse_url($sourceURI);
        $local = $targetURI;
        $comment['title'] = 'PingBack';
        $comment['url'] = $sourceURI;
        $comment['comment'] = '';
        $comment['name'] = $path['host'];
        fetchPingbackData($comment);
        // if no ID parameter was given, try to get one from targetURI
        if (!isset($id) || $id == 0) {
            log_pingback("ID not found");
            $id = evaluateIdByLocalUrl($local);
            log_pingback("ID set to {$id}");
        }
        if ($id > 0) {
            serendipity_saveComment($id, $comment, 'PINGBACK');
            return 1;
        } else {
            return 0;
        }
    }
    return 0;
}
Beispiel #4
0
     $matches[1] = (int) $serendipity['GET']['id'];
 } elseif (isset($_GET['p'])) {
     $matches[1] = $_GET['p'];
 } else {
     $matches[1] = serendipity_searchPermalink($serendipity['permalinkStructure'], $uri, !empty($matches[2]) ? $matches[2] : $matches[1], 'entry');
 }
 serendipity_rememberComment();
 if (!empty($serendipity['POST']['submit']) && !isset($_REQUEST['serendipity']['csuccess'])) {
     $comment['url'] = $serendipity['POST']['url'];
     $comment['comment'] = trim($serendipity['POST']['comment']);
     $comment['name'] = $serendipity['POST']['name'];
     $comment['email'] = $serendipity['POST']['email'];
     $comment['subscribe'] = $serendipity['POST']['subscribe'];
     $comment['parent_id'] = $serendipity['POST']['replyTo'];
     if (!empty($comment['comment'])) {
         if (serendipity_saveComment($serendipity['POST']['entry_id'], $comment, 'NORMAL')) {
             $sc_url = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . (strstr($_SERVER['REQUEST_URI'], '?') ? '&' : '?') . 'serendipity[csuccess]=' . (isset($serendipity['csuccess']) ? $serendipity['csuccess'] : 'true');
             if (serendipity_isResponseClean($sc_url)) {
                 header('Status: 302 Found');
                 header('Location: ' . $sc_url);
             }
             exit;
         } else {
             $serendipity['messagestack']['comments'][] = COMMENT_NOT_ADDED;
         }
     } else {
         $serendipity['messagestack']['comments'][] = sprintf(EMPTY_COMMENT, '', '');
     }
 }
 $id = (int) $matches[1];
 if ($id === 0) {
Beispiel #5
0
# $Id$
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved.  See LICENSE file for licensing details
include 'serendipity_config.inc.php';
if ($_REQUEST['cid'] != '' && $HTTP_RAW_POST_DATA != '') {
    $comment = array();
    if (!preg_match('@<author[^>]*>(.*)</author[^>]*>@i', $HTTP_RAW_POST_DATA, $name)) {
        preg_match('@<dc:creator[^>]*>(.*)</dc:creator[^>]*>@i', $HTTP_RAW_POST_DATA, $name);
    }
    if (isset($name[1]) && !empty($name[1])) {
        if (preg_match('@^(.*)\\((.*)\\)@i', $name[1], $names)) {
            $comment['name'] = utf8_decode($names[2]);
            $comment['email'] = utf8_decode($names[1]);
        } else {
            $comment['name'] = utf8_decode($name[1]);
        }
    }
    if (preg_match('@<link[^>]*>(.*)</link[^>]*>@i', $HTTP_RAW_POST_DATA, $link)) {
        $comment['url'] = utf8_decode($link[1]);
    }
    if (preg_match('@<description[^>]*>(.*)</description[^>]*>@ims', $HTTP_RAW_POST_DATA, $description)) {
        if (preg_match('@^<!\\[CDATA\\[(.*)\\]\\]>@ims', $description[1], $cdata)) {
            $comment['comment'] = utf8_decode($cdata[1]);
        } else {
            $comment['comment'] = utf8_decode($description[1]);
        }
        if (!empty($comment['comment'])) {
            serendipity_saveComment($_REQUEST['cid'], $comment, 'NORMAL', 'API');
        }
    }
}
 function addcomment($entry_id, $user, $post_id, &$comment)
 {
     global $serendipity;
     $oldses = $_SESSION['HTTP_REFERER'];
     $_SESSION['HTTP_REFERER'] = 'facebook';
     // Circumvent captchas here so that comments can be saved.
     $_SESSION['spamblock']['captcha'] = $serendipity['POST']['captcha'] = 'abc';
     $serendipity['POST']['token'] = md5(session_id());
     $commentInfo = array();
     $commentInfo['name'] = $comment->from->name . $this->get_config('via');
     $commentInfo['url'] = 'http://www.facebook.com/' . $user . '?v=wall&story_fbid=' . $post_id;
     $commentInfo['email'] = $comment->from->id . '@example.com';
     $tcomment = $comment->message;
     if ($strip_tags) {
         $tcomment = strip_tags($tcomment);
     }
     $commentInfo['comment'] = $tcomment;
     $commentInfo['time'] = strtotime($comment->created_time);
     $commentInfo['source'] = 'facebook';
     $commentInfo['title'] = 'facebook_' . $comment->id;
     if (serendipity_db_bool($this->get_config('facebook_moderate'))) {
         $status = 'pending';
     } else {
         $status = 'approved';
     }
     foreach ($commentInfo as $key => $val) {
         $commentInfo[$key] = $this->decode($val);
     }
     serendipity_saveComment($entry_id, $commentInfo, 'NORMAL', 'facebook');
     $_SESSION['HTTP_REFERER'] = $oldses;
 }
 function check_tweetbacks_save_comment($article_id, $entry, $comment_type, $strip_tags = false)
 {
     $commentInfo = array();
     $commentInfo['title'] = $entry[TWITTER_SEARCHRESULT_REALNAME] . " via Twitter";
     $commentInfo['name'] = $entry[TWITTER_SEARCHRESULT_REALNAME];
     $commentInfo['url'] = $this->comment_url($entry);
     $commentInfo['email'] = $entry[TWITTER_SEARCHRESULT_EMAIL];
     $comment = $entry[TWITTER_SEARCHRESULT_TWEET];
     if ($strip_tags) {
         $comment = strip_tags($comment);
     }
     if (LANG_CHARSET != 'UTF-8' && function_exists("mb_convert_encoding")) {
         $comment = mb_convert_encoding($comment, LANG_CHARSET);
     }
     $commentInfo['comment'] = $comment;
     $commentInfo['time'] = strtotime($entry[TWITTER_SEARCHRESULT_PUBDATE]);
     $commentInfo['source'] = 'tweetback';
     $this->log("Tweetback save: title=[" . $commentInfo['title'] . "], comment=[" . $commentInfo['comment'] . "] articleid=[{$article_id}]");
     // patch old config
     if ('default' == $this->get_config('tweetback_moderate')) {
         $this->set_config('tweetback_moderate', 'approved');
     }
     $comment_moderation = $this->get_config('tweetback_moderate', 'approved');
     if ('save' == $comment_moderation) {
         // save comment starts spam plugin. This might intervent the saving, but we don't want that here.
         // If we have more than 1 tweetback, at least the min posting freq for one IP will hit.
         return serendipity_saveComment($article_id, $commentInfo, $comment_type, 'tweetback');
     } else {
         $ca = array();
         $this->hook_saveComment($ca, $commentInfo);
         return serendipity_insertComment($article_id, $commentInfo, $comment_type, 'tweetback', $ca);
     }
 }