if ($commentTotals['hour'] >= $commentLimits['hour']) {
             $error = true;
             $errorMsg = 'You have exceeded your rate limit for commenting. Please try again in one hour.';
         } else {
             if ($commentTotals['nickel'] >= $commentLimits['nickel']) {
                 $error = true;
                 $errorMsg = 'You have exceeded your rate limit for commenting. Please try again in 5 mins.';
             }
         }
     }
 }
 // TODO: grab videoURL, validate it, stuff it in to the $comment structure
 if (isset($_POST['videoURL']) and $_POST['videoURL'] != '') {
     require_once PATH_CORE . '/classes/video.class.php';
     $videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($_POST['videoURL']));
     if (videos::validateVideoURL($videoURL)) {
         $vt = new VideoTable($db);
         $videoid = $vt->createVideoForComment($userid, $videoURL, "Video Comment on story {$cid}");
     } else {
         $error = true;
         $errorMsg = 'Unsupported or invalid video URL';
     }
 } else {
     if (isset($_POST['commentMsg']) and $_POST['commentMsg'] != '') {
         $commentMsg = preg_replace("/([\\w]+:\\/\\/[\\w-?&;#~=\\.\\/\\@]+[\\w\\/])/i", "<a target=\"_blank\" href=\"\$1\">\$1</a>", $_POST['commentMsg']);
         //$commentMsg = strip_tags($_POST['commentMsg'], '<a><i><b><p>');
         $commentMsg = strip_tags($commentMsg, '<a><i><b><p>');
         $commentMsg = nl2br($commentMsg);
         // TODO: GET THIS WORKING.
         //$comments = mysql_real_escape_string($_POST['commentMsg'], $db->handle);
     } else {
 function createStoryContent($userinfo = NULL, $info = NULL, $mode = 'link')
 {
     // post a story from the post story form
     // build source from domain - to do : improve this with source objects table
     $urlParts = parse_url($info->url);
     $info->source = $urlParts['host'];
     // create permalink
     $info->permalink = $this->buildPermalink($info->title);
     //$this->db->log($info->permalink);
     // serialize the content
     // mode = link for third party web site story link and blog for blog posts
     if ($mode == 'link') {
         $isBlogEntry = 0;
     } else {
         $isBlogEntry = 1;
     }
     $story = $this->serialize(0, $info->title, $info->caption, $info->source, $info->url, $info->permalink, $userinfo->ncUid, $userinfo->u->name, $userinfo->userid, '', $userinfo->votePower, 0, 0, $info->imageUrl, 0, $isBlogEntry, $info->isFeatureCandidate);
     // post wire story to content
     $siteContentId = $this->add($story);
     if ($info->videoEmbed != '') {
         // add video if it exists
         require_once PATH_CORE . '/classes/video.class.php';
         $videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($info->videoEmbed));
         if (videos::validateVideoURL($videoURL)) {
             $vt = new VideoTable($this->db);
             // create new video
             $videoid = $vt->createVideoForContent($userinfo->userid, $videoURL, "Video for story {$siteContentId}");
             if (is_numeric($videoid)) {
                 $this->db->update("Content", "videoid={$videoid}", "siteContentId={$siteContentId}");
             }
             // store video id in content table
         } else {
             // error on video, should have been picked up by validate
         }
     }
     return $siteContentId;
 }
 function processIdeaForm($userid = 0)
 {
     $resp = array();
     $resp['error'] = false;
     $idea = $_POST['idea'];
     $details = $_POST['details'];
     $tagid = $_POST['tagid'];
     if ($idea == '') {
         $resp['error'] = true;
         $resp['msg'] = 'Sorry, we did not get your idea. Please try again.';
     }
     if ($tagid == '' or $tagid == 0) {
         $resp['error'] = true;
         $resp['msg'] = 'Please specify a category. Please try again.';
     }
     if (isset($_POST['videoURL']) and $_POST['videoURL'] != '') {
         require_once PATH_CORE . '/classes/video.class.php';
         $videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($_POST['videoURL']));
         if (videos::validateVideoURL($videoURL)) {
             $vt = new VideoTable($db);
             $videoid = $vt->createVideoForIdea($userid, $videoURL, "Idea video by {$userid}");
         } else {
             $resp['error'] = true;
             $resp['msg'] = 'Unsupported or invalid video URL';
         }
     } else {
         $videoid = 0;
     }
     if (!$resp['error']) {
         $isDup = $this->isDup($idea);
         if ($isDup !== false) {
             // it is a duplicate
             $resp['error'] = true;
             $resp['msg'] = 'Sorry, <a href="?p=ideas&o=view&id=' . $isDup . '">that idea has already been added here</a>.';
         } else {
             $iTable = new ideasTable($this->db);
             $ir = $iTable->getRowObject();
             $ir->idea = $idea;
             $ir->details = $details;
             $ir->tagid = $tagid;
             $ir->userid = $userid;
             $ir->dt = date('Y-m-d H:i:s', time());
             $ir->numLikes = 1;
             $ir->videoid = $videoid;
             $ir->insert();
             // add like for this idea when user posts
             require_once PATH_CORE . '/classes/log.class.php';
             $logObj = new log($this->db);
             $logItem = $logObj->serialize(0, $userid, 'likeIdea', $ir->id);
             $inLog = $logObj->update($logItem);
             $resp['id'] = $ir->id;
         }
     }
     return $resp;
 }
 function validate($option = 'link')
 {
     $this->setupLibraries();
     $fData = new stdClass();
     $fData->result = true;
     $fData->state = 'validate';
     $fData->url = $_POST['url'];
     $fData->imageUrl = $_POST['imageUrl'];
     $fData->videoEmbed = $_POST['videoEmbed'];
     // Remove microsoft quotes
     $bad = array('`', '’', '„', '‘', '’', '´');
     $good = array('\'', '\'', ',', '\'', '\'', '\'');
     $title = str_replace($bad, $good, $_POST['title']);
     $fData->title = stripslashes(strip_tags($title));
     // took out mysql_real_escape
     $fData->tags = $_POST['tags'];
     $fData->mediatype = $_POST['mediatype'];
     if (isset($_POST['isFeatureCandidate']) and $_POST['isFeatureCandidate'] == 'on') {
         $fData->isFeatureCandidate = 1;
     } else {
         $fData->isFeatureCandidate = 0;
     }
     $fData->isBookmarklet = true;
     $fData->showPreview = false;
     $fData->alert = '';
     $fData->title = stripslashes(strip_tags($_POST['title']));
     $fData->caption = stripslashes($_POST['caption']);
     //$fData->title=mysql_real_escape_string(addslashes(stripslashes(strip_tags($_POST['title']))));
     //$fData->caption=mysql_real_escape_string(stripslashes($_POST['caption']), $this->db->handle);
     // begin option specific code and error checking
     switch ($option) {
         default:
             $fData->caption = stripslashes(strip_tags($_POST['caption']));
             if ($fData->url == '') {
                 $fData->alert = 'Please provide a Web address (URL) for your story.';
                 $fData->result = false;
             }
             if ($fData->caption == '') {
                 $fData->alert = 'Please provide a short caption for your entry.';
                 $fData->result = false;
             }
             if (strlen($fData->caption) > LENGTH_LONG_CAPTION + 5) {
                 $fData->alert = 'Please shorten your caption to ' . LENGTH_LONG_CAPTION . ' characters. Current length: ' . strlen($fData->caption);
                 $fData->result = false;
             }
             break;
         case 'blog':
             if (isset($_POST['blogid'])) {
                 $fData->blogid = $_POST['blogid'];
             }
             $fData->status = 'draft';
             // only allowable html, fbml
             $fData->entry = stripslashes(strip_tags($_POST['entry'], '<p><a><i><br><em><strong><img>'));
             // <fb:photo><fb:mp3><fb:swf><fb:flv><fb:silverlight>
             $fData->caption = stripslashes(strip_tags($_POST['caption']));
             if ($fData->entry == '' or strlen($fData->entry) < MIN_BLOG_LENGTH) {
                 $fData->alert = 'Please compose a blog post of at least ' . MIN_BLOG_LENGTH . ' characters (not counting HTML tags). Current length: ' . strlen($fData->entry);
                 $fData->result = false;
                 $lengthError = true;
             } else {
                 $lengthError = false;
             }
             if (strlen($fData->entry) > MAX_BLOG_LENGTH) {
                 $fData->alert = 'Please shorten your blog entry to ' . MAX_BLOG_LENGTH . ' characters. Current length: ' . strlen($fData->entry);
                 $fData->result = false;
             }
             if ($fData->caption != '') {
                 // if it exists already, then check that it meets the minimum length requirements
                 if (strlen($fData->caption) > LENGTH_LONG_CAPTION + 5) {
                     $temp = $utilObj->shorten($_POST['caption'], LENGTH_LONG_CAPTION);
                     $fData->caption = $temp;
                 }
             } else {
                 // if it doesn't exist, create
                 require_once PATH_CORE . '/classes/utilities.class.php';
                 $utilObj = new utilities($this->db);
                 $temp = $utilObj->shorten($fData->entry, CAPTION_LENGTH);
                 if (!$lengthError and strlen($temp) < 100) {
                     $fData->alert = 'Please compose a blog entry for a caption of at least ' . MIN_BLOG_LENGTH . ' characters (not counting HTML tags). Current length: ' . strlen($temp);
                     $fData->result = false;
                 }
                 $fData->caption = $temp;
             }
             break;
     }
     // tags
     /*
     		if ($fData->tags=='') {
     			$fData->alert='Please provide at least one tag.';
     			$fData->result=false;
     		}
     * 
     */
     // check user has minimum # of friends - to prevent spam
     if (isset($_POST['fb_sig_friends']) and count(explode(',', $_POST['fb_sig_friends'])) < MIN_FRIENDS) {
         // suspiciously low # of friends to be posting
         $fData->alert = 'Please add more friends to your Facebook profile before you post stories here. This helps us minimize spam. Sorry for the inconvenience.';
         $fData->result = false;
     }
     //title
     if (strcmp(strtoupper($fData->title), $fData->title) == 0) {
         $fData->title = $temp = ucwords(strtolower($fData->title));
         $fData->alert = 'We\'ve modified your headline so that it\'s not all uppercase. Please check it.';
         $fData->result = false;
     }
     if ($fData->title == '') {
         $fData->alert = 'Please provide a short headline for your entry.';
         $fData->result = false;
     }
     if (strlen($fData->title) > $this->titleLimit) {
         $fData->alert = 'Please shorten your title to ' . $this->titleLimit . ' characters. Current length: ' . strlen($fData->title);
         $fData->result = false;
     }
     /* We might want this later
     		if ($fData->imageUrl=='' ) {
     			$fData->alert='Please provide a Web address (IMAGE URL) for your story image.';
     			$fData->result=false;
     		}
     		*/
     // url
     if ($fData->url != '') {
         $urlParts = parse_url($fData->url);
         // make sure url has http:// or other scheme in front of it
         if ($urlParts['scheme'] == '') {
             $fData->url = 'http://' . $fData->url;
         }
         if (($urlParts['path'] == '' or $urlParts['path'] == '/') and $urlParts['query'] == '') {
             $fData->alert = 'You seem to be writing about a Web site, not a particular story on a Web site. Please do not submit links to Web sites. Please only submit stories from Web sites and blogs.';
             $fData->result = false;
         }
         if (preg_match('/^http:\\/\\/www.facebook.com\\/ext\\/share.php/', $fData->url)) {
             $fData->alert = 'You seem to be posting a shared story from facebook. Please go to the actual story page and post again from there.';
             $fData->result = false;
         }
     }
     // Check for rate limits on post story
     if (!($this->session->u->isAdmin || $this->session->u->isModerator || $this->session->u->isSponser)) {
         $resp = $this->logObj->checkLimits($this->session->userid, "(action = 'postStory' OR action = 'postBlog')", 'posting');
         if ($resp !== false) {
             $fData->alert = $resp['msg'];
             $fData->result = false;
         }
     }
     // validate the video
     if ($fData->videoEmbed != '') {
         require_once PATH_CORE . '/classes/video.class.php';
         $videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($fData->videoEmbed));
         if (!videos::validateVideoURL($fData->videoEmbed)) {
             $fData->alert = 'Your video URL or embedding code is invalid. We only support Facebook and YouTube videos at this time.';
             $fData->result = false;
         }
     }
     $this->fData =& $fData;
     return $fData;
 }