function updateComment($blogid, $comment, $password)
{
global $database, $user;
$openid = Acl::getIdentity('openid');
if (!doesHaveOwnership()) {
// if filtered, only block and not send to trash
if (!Filter::isAllowed($comment['homepage'])) {
if (Filter::isFiltered('ip', $comment['ip'])) {
return 'blocked';
}
if (Filter::isFiltered('name', $comment['name'])) {
return 'blocked';
}
if (Filter::isFiltered('url', $comment['homepage'])) {
return 'blocked';
}
if (Filter::isFiltered('content', $comment['comment'])) {
return 'blocked';
}
if (!fireEvent('ModifyingComment', true, $comment)) {
return 'blocked';
}
}
}
$comment['homepage'] = stripHTML($comment['homepage']);
$comment['name'] = UTF8::lessenAsEncoding($comment['name'], 80);
$comment['homepage'] = UTF8::lessenAsEncoding($comment['homepage'], 80);
$comment['comment'] = UTF8::lessenAsEncoding($comment['comment'], 65535);
$setPassword = '';
if ($user !== null) {
$comment['replier'] = getUserId();
$name = POD::escapeString($user['name']);
$setPassword = '******'\',';
$homepage = POD::escapeString($user['homepage']);
if (empty($homepage) && $openid) {
$homepage = POD::escapeString($openid);
}
} else {
$name = POD::escapeString($comment['name']);
if ($comment['password'] !== true) {
$setPassword = '******'' . (empty($comment['password']) ? '' : md5($comment['password'])) . '\', ';
}
$homepage = POD::escapeString($comment['homepage']);
}
$comment0 = POD::escapeString($comment['comment']);
$guestcomment = false;
if (POD::queryExistence("SELECT *\n\t\tFROM {$database['prefix']}Comments\n\t\tWHERE blogid = {$blogid}\n\t\t\tAND id = {$comment['id']}\n\t\t\tAND replier IS NULL")) {
$guestcomment = true;
}
$wherePassword = '';
if (!doesHaveOwnership()) {
if ($guestcomment == false) {
if (!doesHaveMembership()) {
return false;
}
$wherePassword = '******' . getUserId();
} else {
if (empty($password) && $openid) {
$wherePassword = '******'' . $openid . '\'';
} else {
$wherePassword = '******'' . md5($password) . '\'';
}
}
}
$replier = is_null($comment['replier']) ? 'NULL' : "'{$comment['replier']}'";
$result = POD::query("UPDATE {$database['prefix']}Comments\n\t\t\t\tSET\n\t\t\t\t\tname = '{$name}',\n\t\t\t\t\t{$setPassword}\n\t\t\t\t\thomepage = '{$homepage}',\n\t\t\t\t\tsecret = {$comment['secret']},\n\t\t\t\t\tcomment = '{$comment0}',\n\t\t\t\t\tip = '{$comment['ip']}',\n\t\t\t\t\twritten = UNIX_TIMESTAMP(),\n\t\t\t\t\tisfiltered = {$comment['isfiltered']},\n\t\t\t\t\treplier = {$replier}\n\t\t\t\tWHERE blogid = {$blogid}\n\t\t\t\t\tAND id = {$comment['id']} {$wherePassword}");
if ($result) {
CacheControl::flushCommentRSS($comment['entry']);
// Assume blogid = current blogid.
CacheControl::flushDBCache('comment');
return true;
} else {
return false;
}
}
function receiveTrackback($blogid, $entry, $title, $url, $excerpt, $site)
{
global $database, $blog, $defaultURL;
if (empty($url)) {
return 5;
}
$post = new Post();
if (!$post->doesAcceptTrackback($entry)) {
return 3;
}
$filtered = 0;
if (!Filter::isAllowed($url)) {
if (Filter::isFiltered('ip', $_SERVER['REMOTE_ADDR']) || Filter::isFiltered('url', $url)) {
$filtered = 1;
} else {
if (Filter::isFiltered('content', $excerpt)) {
$filtered = 1;
} else {
if (!fireEvent('AddingTrackback', true, array('entry' => $entry, 'url' => $url, 'site' => $site, 'title' => $title, 'excerpt' => $excerpt))) {
$filtered = 1;
}
}
}
}
$title = correctTTForXmlText($title);
$excerpt = correctTTForXmlText($excerpt);
$url = UTF8::lessenAsEncoding($url);
$site = UTF8::lessenAsEncoding($site);
$title = UTF8::lessenAsEncoding($title);
$excerpt = UTF8::lessenAsEncoding($excerpt);
$trackback = new Trackback();
$trackback->entry = $entry;
$trackback->url = $url;
$trackback->site = $site;
$trackback->title = $title;
$trackback->excerpt = $excerpt;
if ($filtered > 0) {
$trackback->isfiltered = true;
}
if ($trackback->add()) {
if ($filtered == 0) {
CacheControl::flushDBCache('trackback');
}
return $filtered == 0 ? 0 : 3;
} else {
return 4;
}
return 0;
}
function updateComment($blogid, $comment, $password)
{
$openid = Acl::getIdentity('openid');
if (!doesHaveOwnership()) {
// if filtered, only block and not send to trash
if (!Filter::isAllowed($comment['homepage'])) {
if (Filter::isFiltered('ip', $comment['ip'])) {
return 'blocked';
}
if (Filter::isFiltered('name', $comment['name'])) {
return 'blocked';
}
if (Filter::isFiltered('url', $comment['homepage'])) {
return 'blocked';
}
if (Filter::isFiltered('content', $comment['comment'])) {
return 'blocked';
}
if (!fireEvent('ModifyingComment', true, $comment)) {
return 'blocked';
}
}
}
$pool = DBModel::getInstance();
$comment['homepage'] = stripHTML($comment['homepage']);
$comment['name'] = Utils_Unicode::lessenAsEncoding($comment['name'], 80);
$comment['homepage'] = Utils_Unicode::lessenAsEncoding($comment['homepage'], 80);
$comment['comment'] = Utils_Unicode::lessenAsEncoding($comment['comment'], 65535);
$guestcomment = false;
$pool->reset('Comments');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('id', 'eq', $comment['id']);
$pool->setQualifier('replier', 'eq', NULL);
if ($pool->doesExist()) {
$guestcomment = true;
}
$pool->reset('Comments');
$setPassword = '';
$userid = getUserId();
if (!empty($userid)) {
$comment['replier'] = $userid;
$name = User::getName($userid);
$homepage = User::getHomepage($userid);
$pool->setAttribute('password', '', true);
if (empty($homepage) && $openid) {
$homepage = $openid;
}
} else {
$name = $comment['name'];
if ($comment['password'] !== true) {
$pool->setAttribute('password', empty($comment['password']) ? '' : md5($comment['password']), true);
}
$homepage = $comment['homepage'];
}
$comment0 = $comment['comment'];
$wherePassword = '';
if (!doesHaveOwnership()) {
if ($guestcomment == false) {
if (!doesHaveMembership()) {
return false;
}
$pool->setQualifier('replier', 'eq', $userid);
} else {
if (empty($password) && $openid) {
$pool->setQualifier('openid', 'eq', $openid, true);
} else {
$pool->setQualifier('password', 'eq', md5($password), true);
}
}
}
$replier = is_null($comment['replier']) ? NULL : $comment['replier'];
$pool->setAttribute('name', $name, true);
$pool->setAttribute('homepage', $homepage, true);
$pool->setAttribute('secret', $comment['secret']);
$pool->setAttribute('comment', $comment0, true);
$pool->setAttribute('ip', $comment['ip'], true);
$pool->setAttribute('written', Timestamp::getUNIXtime());
$pool->setAttribute('isfiltered', $comment['isfiltered']);
$pool->setAttribute('replier', $replier);
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('id', 'eq', $comment['id']);
$result = $pool->update();
if ($result) {
CacheControl::flushCommentRSS($comment['entry']);
// Assume blogid = current blogid.
CacheControl::flushDBCache('comment');
return true;
} else {
return false;
}
}
