/** * Store a new comment in the database. * * @param string $hash Unique hash value of the parent page. * @return Response */ public function create($hash) { // Retrieve the parent page $page = $this->findPageByHash($hash); // Create a comment from the post data $comment = comment::fromInput(); $comment->set('page_uri', $page->uri()); // Collect user information $comment->set('author_ip', visitor::ip()); $comment->set('author_agent', visitor::ua()); // Handle signed-in users if ($user = user::current()) { $fullname = trim($user->firstname() . ' ' . $user->lastname()); $fullname = empty($fullname) ? $user->username() : $fullname; $comment->set('author', $fullname); $comment->set('author_email', $user->email()); $comment->set('username', $user->username()); } // Ensure the required comment fields are set if (!$comment->validate()) { $msg = l('comments.error.incomplete', 'Missing required fields'); return $this->error($msg, 400, array('input' => $comment->toArray(), 'errors' => $comment->errors()->toArray())); } // Check the honeypot fields. Pretend everything went fine. if ($this->isBot()) { return $this->success(); } // Throttle comment posting if ($this->isPartOfFlood($comment)) { $msg = l('comments.error.throttle', 'Number of allowed comments per interval exceeded'); return $this->error($msg, 429, array('input' => $comment->toArray(), 'errors' => array('other' => $msg))); } // Check for duplicate contents if ($this->isDuplicate($comment)) { $msg = l('comments.error.duplicate', 'Duplicate content'); return $this->error($msg, 409, array('input' => $comment->toArray(), 'errors' => array('text' => $msg))); } // Classify comment as spam or ham using Akismet. In addition allow to // blacklist authors. $discard = false; if ($this->isSpam($comment, $discard) || $this->isBlocked($comment)) { $comment->set('status', Comment::STATUS_SPAM); } // Save the comment to the database. Pretend the comment was saved // successfully for comments containing `blatant spam`. if ($discard && $comment->isSpam() || $comment->save()) { $msg = l('comments.success.saved', 'Comment saved'); return $this->success($msg, 201, array('id' => $comment->id())); } else { $msg = l('comments.error.save', 'Could not save comment'); return $this->error($msg, 400, array('input' => $comment->toArray(), 'errors' => $comment->errors()->toArray())); } }
public function login($password) { static::logout(); if (!password::match($password, $this->password)) { return false; } $key = $this->generateKey(); $secret = $this->generateSecret($key); // http only cookie cookie::set('kirby', $key, 0, '/', null, false, true); s::set('auth.created', time()); s::set('auth.updated', time()); s::set('auth.key', $key); s::set('auth.secret', $secret); s::set('auth.username', $this->username()); s::set('auth.ip', visitor::ip()); s::set('auth.ua', visitor::ua()); return true; }
} if ($email->send()) { return array('success' => true, 'message' => l::get('uniform-email-success')); } else { return array('success' => false, 'message' => l::get('uniform-email-error') . ' ' . $email->error()); } }; /* * Action to log the form data to a file */ uniform::$actions['log'] = function ($form, $actionOptions) { $file = a::get($actionOptions, 'file', false); if ($file === false) { throw new Exception('Uniform log action: No logfile specified!'); } $data = '[' . date('c') . '] ' . visitor::ip() . ' ' . visitor::userAgent(); foreach ($form as $key => $value) { $data .= "\n" . $key . ": " . $value; } $data .= "\n\n"; $success = file_put_contents($file, $data, FILE_APPEND | LOCK_EX); if ($success === false) { return array('success' => false, 'message' => l::get('uniform-log-error')); } else { return array('success' => true, 'message' => l::get('uniform-log-success')); } }; /* * Action to log in to the Kirby frontend */ uniform::$actions['login'] = function ($form, $actionOptions) {
public function testIp() { $this->assertEquals(false, visitor::ip()); }
/** * Return a hashed version of the visitor ip * * @return string */ protected function visitorId() { return sha1(visitor::ip()); }
/** * Prepare the request data send to the Akismet API * * @param array $content Comment contents to send. * @param string $userIp IP address of the comment submitter. * @param string $userAgent User agent string of the web browser submitting the comment. * * @return array */ protected function prepareContent($content = array(), $userIp = null, $userAgent = null) { if (empty($content['comment_type'])) { $content['comment_type'] = 'comment'; } if (is_null($userIp)) { $content['user_ip'] = visitor::ip(); } else { if (!empty($userIp)) { $content['user_ip'] = $userIp; } } if (is_null($userAgent)) { $content['user_agent'] = visitor::ua(); } else { if (!empty($userAgent)) { $content['user_agent'] = $userAgent; } } return $content; }