/**
* Validate the form
*/
private function validateForm()
{
// get settings
$commentsAllowed = isset($this->settings['allow_comments']) && $this->settings['allow_comments'];
// comments aren't allowed so we don't have to validate
if (!$commentsAllowed) {
return false;
}
// is the form submitted
if ($this->frm->isSubmitted()) {
// cleanup the submitted fields, ignore fields that were added by hackers
$this->frm->cleanupFields();
// does the key exists?
if (SpoonSession::exists('blog_comment_' . $this->record['id'])) {
// calculate difference
$diff = time() - (int) SpoonSession::get('blog_comment_' . $this->record['id']);
// calculate difference, it it isn't 10 seconds the we tell the user to slow down
if ($diff < 10 && $diff != 0) {
$this->frm->getField('message')->addError(FL::err('CommentTimeout'));
}
}
// validate required fields
$this->frm->getField('author')->isFilled(FL::err('AuthorIsRequired'));
$this->frm->getField('email')->isEmail(FL::err('EmailIsRequired'));
$this->frm->getField('message')->isFilled(FL::err('MessageIsRequired'));
// validate optional fields
if ($this->frm->getField('website')->isFilled() && $this->frm->getField('website')->getValue() != 'http://') {
$this->frm->getField('website')->isURL(FL::err('InvalidURL'));
}
// no errors?
if ($this->frm->isCorrect()) {
// get module setting
$spamFilterEnabled = isset($this->settings['spamfilter']) && $this->settings['spamfilter'];
$moderationEnabled = isset($this->settings['moderation']) && $this->settings['moderation'];
// reformat data
$author = $this->frm->getField('author')->getValue();
$email = $this->frm->getField('email')->getValue();
$website = $this->frm->getField('website')->getValue();
if (trim($website) == '' || $website == 'http://') {
$website = null;
}
$text = $this->frm->getField('message')->getValue();
// build array
$comment['post_id'] = $this->record['id'];
$comment['language'] = FRONTEND_LANGUAGE;
$comment['created_on'] = FrontendModel::getUTCDate();
$comment['author'] = $author;
$comment['email'] = $email;
$comment['website'] = $website;
$comment['text'] = $text;
$comment['status'] = 'published';
$comment['data'] = serialize(array('server' => $_SERVER));
// get URL for article
$permaLink = FrontendNavigation::getURLForBlock('blog', 'detail') . '/' . $this->record['url'];
$redirectLink = $permaLink;
// is moderation enabled
if ($moderationEnabled) {
// if the commenter isn't moderated before alter the comment status so it will appear in the moderation queue
if (!FrontendBlogModel::isModerated($author, $email)) {
$comment['status'] = 'moderation';
}
}
// should we check if the item is spam
if ($spamFilterEnabled) {
// check for spam
$result = FrontendModel::isSpam($text, SITE_URL . $permaLink, $author, $email, $website);
// if the comment is spam alter the comment status so it will appear in the spam queue
if ($result) {
$comment['status'] = 'spam';
} elseif ($result == 'unknown') {
$comment['status'] = 'moderation';
}
}
// insert comment
$comment['id'] = FrontendBlogModel::insertComment($comment);
// trigger event
FrontendModel::triggerEvent('blog', 'after_add_comment', array('comment' => $comment));
// append a parameter to the URL so we can show moderation
if (strpos($redirectLink, '?') === false) {
if ($comment['status'] == 'moderation') {
$redirectLink .= '?comment=moderation#' . FL::act('Comment');
}
if ($comment['status'] == 'spam') {
$redirectLink .= '?comment=spam#' . FL::act('Comment');
}
if ($comment['status'] == 'published') {
$redirectLink .= '?comment=true#comment-' . $comment['id'];
}
} else {
if ($comment['status'] == 'moderation') {
$redirectLink .= '&comment=moderation#' . FL::act('Comment');
}
if ($comment['status'] == 'spam') {
$redirectLink .= '&comment=spam#' . FL::act('Comment');
}
if ($comment['status'] == 'published') {
$redirectLink .= '&comment=true#comment-' . $comment['id'];
}
}
// set title
$comment['post_title'] = $this->record['title'];
$comment['post_url'] = $this->record['url'];
// notify the admin
FrontendBlogModel::notifyAdmin($comment);
// store timestamp in session so we can block excesive usage
SpoonSession::set('blog_comment_' . $this->record['id'], time());
// store author-data in cookies
try {
SpoonCookie::set('comment_author', $author, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
SpoonCookie::set('comment_email', $email, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
SpoonCookie::set('comment_website', $website, 30 * 24 * 60 * 60, '/', '.' . $this->URL->getDomain());
} catch (Exception $e) {
// settings cookies isn't allowed, but because this isn't a real problem we ignore the exception
}
// redirect
$this->redirect($redirectLink);
}
}
}
/**
* Process the querystring
*
* @return void
*/
private function processQueryString()
{
// store the querystring local, so we don't alter it.
$queryString = $this->getQueryString();
// fix GET-parameters
$getChunks = explode('?', $queryString);
// are there GET-parameters
if (isset($getChunks[1])) {
// get key-value pairs
$get = explode('&', $getChunks[1]);
// remove from querystring
$queryString = str_replace('?' . $getChunks[1], '', $this->getQueryString());
// loop pairs
foreach ($get as $getItem) {
// get key and value
$getChunks = explode('=', $getItem, 2);
// key available?
if (isset($getChunks[0])) {
// reset in $_GET
$_GET[$getChunks[0]] = isset($getChunks[1]) ? (string) $getChunks[1] : '';
// add into parameters
if (isset($getChunks[1])) {
$this->parameters[(string) $getChunks[0]] = (string) $getChunks[1];
}
}
}
}
// split into chunks
$chunks = (array) explode('/', $queryString);
// single language
if (!SITE_MULTILANGUAGE) {
// set language id
$language = FrontendModel::getModuleSetting('core', 'default_language', SITE_DEFAULT_LANGUAGE);
} else {
// default value
$mustRedirect = false;
// get possible languages
$possibleLanguages = (array) FrontendLanguage::getActiveLanguages();
$redirectLanguages = (array) FrontendLanguage::getRedirectLanguages();
// the language is present in the URL
if (isset($chunks[0]) && in_array($chunks[0], $possibleLanguages)) {
// define language
$language = (string) $chunks[0];
// try to set a cookie with the language
try {
// set cookie
SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain());
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// set sessions
SpoonSession::set('frontend_language', $language);
// remove the language part
array_shift($chunks);
} elseif (SpoonCookie::exists('frontend_language') && in_array(SpoonCookie::get('frontend_language'), $redirectLanguages)) {
// set languageId
$language = (string) SpoonCookie::get('frontend_language');
// redirect is needed
$mustRedirect = true;
} else {
// set languageId & abbreviation
$language = FrontendLanguage::getBrowserLanguage();
// try to set a cookie with the language
try {
// set cookie
SpoonCookie::set('frontend_language', $language, 7 * 24 * 60 * 60, '/', '.' . $this->getDomain());
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// redirect is needed
$mustRedirect = true;
}
// redirect is required
if ($mustRedirect) {
// build URL
$URL = rtrim('/' . $language . '/' . $this->getQueryString(), '/');
// set header & redirect
SpoonHTTP::redirect($URL, 301);
}
}
// define the language
define('FRONTEND_LANGUAGE', $language);
// sets the localefile
FrontendLanguage::setLocale($language);
// list of pageIds & their full URL
$keys = FrontendNavigation::getKeys();
// full URL
$URL = implode('/', $chunks);
$startURL = $URL;
// loop until we find the URL in the list of pages
while (!in_array($URL, $keys)) {
// remove the last chunk
array_pop($chunks);
// redefine the URL
$URL = implode('/', $chunks);
}
// remove language from querystring
if (SITE_MULTILANGUAGE) {
$queryString = trim(substr($queryString, strlen($language)), '/');
}
// if it's the homepage AND parameters were given (not allowed!)
if ($URL == '' && $queryString != '') {
// get 404 URL
$URL = FrontendNavigation::getURL(404);
// remove language
if (SITE_MULTILANGUAGE) {
$URL = str_replace('/' . $language, '', $URL);
}
}
// set pages
$URL = trim($URL, '/');
// currently not in the homepage
if ($URL != '') {
// explode in pages
$pages = explode('/', $URL);
// reset pages
$this->setPages($pages);
// reset parameters
$this->setParameters(array());
}
// set parameters
$parameters = trim(substr($startURL, strlen($URL)), '/');
// has at least one parameter
if ($parameters != '') {
// parameters will be separated by /
$parameters = explode('/', $parameters);
// set parameters
$this->setParameters($parameters);
}
// pageId, parentId & depth
$pageId = FrontendNavigation::getPageId(implode('/', $this->getPages()));
$pageInfo = FrontendNavigation::getPageInfo($pageId);
// invalid page, or parameters but no extra
if ($pageInfo === false || !empty($parameters) && !$pageInfo['has_extra']) {
// get 404 URL
$URL = FrontendNavigation::getURL(404);
// remove language
if (SITE_MULTILANGUAGE) {
$URL = trim(str_replace('/' . $language, '', $URL), '/');
}
// currently not in the homepage
if ($URL != '') {
// explode in pages
$pages = explode('/', $URL);
// reset pages
$this->setPages($pages);
// reset parameters
$this->setParameters(array());
}
}
// is this an internal redirect?
if (isset($pageInfo['redirect_page_id']) && $pageInfo['redirect_page_id'] != '') {
// get url for item
$newPageURL = FrontendNavigation::getURL((int) $pageInfo['redirect_page_id']);
$errorURL = FrontendNavigation::getURL(404);
// not an error?
if ($newPageURL != $errorURL) {
// redirect
SpoonHTTP::redirect($newPageURL, $pageInfo['redirect_code']);
}
}
// is this an external redirect?
if (isset($pageInfo['redirect_url']) && $pageInfo['redirect_url'] != '') {
// redirect
SpoonHTTP::redirect($pageInfo['redirect_url'], $pageInfo['redirect_code']);
}
}
/**
* Login a profile.
*
* @return bool
* @param int $profileId Login the profile with this id in.
* @param bool[optional] $remember Should we set a cookie for later?
*/
public static function login($profileId, $remember = false)
{
// redefine vars
$profileId = (int) $profileId;
$remember = (bool) $remember;
$secretKey = null;
// cleanup old sessions
self::cleanupOldSessions();
// set profile_logged_in to true
SpoonSession::set('frontend_profile_logged_in', true);
// should we remember the user?
if ($remember) {
// generate secret key
$secretKey = FrontendProfilesModel::getEncryptedString(SpoonSession::getSessionId(), FrontendProfilesModel::getRandomString());
// set cookie
SpoonCookie::set('frontend_profile_secret_key', $secretKey, 60 * 60 * 24 * 31);
}
// delete all records for this session to prevent duplicate keys (this should never happen)
FrontendModel::getDB(true)->delete('profiles_sessions', 'session_id = ?', SpoonSession::getSessionId());
// insert new session record
FrontendModel::getDB(true)->insert('profiles_sessions', array('profile_id' => $profileId, 'session_id' => SpoonSession::getSessionId(), 'secret_key' => $secretKey, 'date' => FrontendModel::getUTCDate()));
// update last login
FrontendProfilesModel::update($profileId, array('last_login' => FrontendModel::getUTCDate()));
// load the profile object
self::$profile = new FrontendProfilesProfile($profileId);
}
/**
* Set locale
* It will require the correct file and init the needed vars
*
* @return void
* @param string $language The language to load.
*/
public static function setLocale($language)
{
// redefine
$language = (string) $language;
// check if file exists
if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/' . $language . '.php')) {
// require the BackendLocaleModel
require_once BACKEND_MODULES_PATH . '/locale/engine/model.php';
// build locale file
BackendLocaleModel::buildCache($language, APPLICATION);
}
// store
self::$currentInterfaceLanguage = $language;
// attempt to set a cookie
try {
// store in cookie
SpoonCookie::set('interface_language', $language);
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// store in session for TinyMCE
SpoonSession::set('tiny_mce_language', $language);
SpoonSession::set('interface_language', $language);
// init vars
$err = array();
$lbl = array();
$msg = array();
// require file
require BACKEND_CACHE_PATH . '/locale/' . $language . '.php';
// set language specific labels
self::$err = (array) $err;
self::$lbl = (array) $lbl;
self::$msg = (array) $msg;
}
/**
* Set locale
* It will require the correct file and init the needed vars
*
* @param string $language The language to load.
*/
public static function setLocale($language)
{
$language = (string) $language;
// require the BackendLocaleModel
require_once BACKEND_MODULES_PATH . '/locale/engine/model.php';
// validate file, generate it if needed
if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/en.php')) {
BackendLocaleModel::buildCache('en', APPLICATION);
}
if (!SpoonFile::exists(BACKEND_CACHE_PATH . '/locale/' . $language . '.php')) {
BackendLocaleModel::buildCache($language, APPLICATION);
}
// store
self::$currentInterfaceLanguage = $language;
// attempt to set a cookie
try {
// store in cookie
SpoonCookie::set('interface_language', $language);
} catch (SpoonCookieException $e) {
// settings cookies isn't allowed, because this isn't a real problem we ignore the exception
}
// init vars
$err = array();
$lbl = array();
$msg = array();
// set English translations, they'll be the fallback
require BACKEND_CACHE_PATH . '/locale/en.php';
self::$err = (array) $err;
self::$lbl = (array) $lbl;
self::$msg = (array) $msg;
// overwrite with the requested language's translations
require BACKEND_CACHE_PATH . '/locale/' . $language . '.php';
foreach ($err as $module => $translations) {
if (!isset(self::$err[$module])) {
self::$err[$module] = array();
}
self::$err[$module] = array_merge(self::$err[$module], $translations);
}
foreach ($lbl as $module => $translations) {
if (!isset(self::$lbl[$module])) {
self::$lbl[$module] = array();
}
self::$lbl[$module] = array_merge(self::$lbl[$module], $translations);
}
foreach ($msg as $module => $translations) {
if (!isset(self::$msg[$module])) {
self::$msg[$module] = array();
}
self::$msg[$module] = array_merge(self::$msg[$module], $translations);
}
}
/**
* Get the visitor's id (using a tracking cookie)
*
* @return string
*/
public static function getVisitorId()
{
// check if tracking id is fetched already
if (self::$visitorId !== null) {
return self::$visitorId;
}
// get/init tracking identifier
self::$visitorId = SpoonCookie::exists('track') ? (string) SpoonCookie::get('track') : md5(uniqid() . SpoonSession::getSessionId());
// set/prolong tracking cookie
SpoonCookie::set('track', self::$visitorId, 86400 * 365);
return self::getVisitorId();
}