require_once JPATH_COMPONENT . DS . 'helper' . DS . 'helper.php';
require_once JPATH_COMPONENT . DS . 'helper' . DS . 'settings.php';
// Require specific controller if requested
if ($controller = JRequest::getWord('controller')) {
$path = JPATH_COMPONENT . DS . 'controllers' . DS . $controller . '.php';
if (file_exists($path)) {
require_once $path;
} else {
$controller = '';
}
}
// Create the controller
$classname = 'FstController' . $controller;
$controller = new $classname();
$css = FSTRoute::x("index.php?option=com_fst&view=css&layout=default");
$document = JFactory::getDocument();
$document->addStyleSheet($css);
FST_Helper::IncludeJQuery();
// Perform the Request task
$task = JRequest::getVar('task');
if ($task == "captcha_image") {
ob_clean();
require_once JPATH_SITE . DS . 'components' . DS . 'com_fst' . DS . 'helper' . DS . 'captcha.php';
$cap = new FST_Captcha();
$cap->GetImage();
exit;
} else {
$controller->execute($task);
// Redirect if set by the controller
$controller->redirect();
}
function DoPost()
{
$this->post['name'] = JRequest::getVar('name', '', '', 'string');
$this->post['email'] = JRequest::getVar('email', '', '', 'string');
$this->post['website'] = JRequest::getVar('website', '', '', 'string');
$this->post['body'] = JRequest::getVar('body', '', '', 'string');
$this->post['itemid'] = JRequest::getVar('itemid', 0, '', 'int');
$this->post['ident'] = JRequest::getVar('ident', 0, '', 'int');
$published = 1;
if ($this->moderate) {
$published = 0;
}
$captcha = new FST_Captcha();
$this->valid = 1;
if ($this->post['name'] == "") {
$this->errors['name'] = JText::_("YOU_MUST_ENTER_A_NAME");
$this->valid = 0;
}
if ($this->use_email && $this->post['email'] != "" && !JMailHelper::isEmailAddress($this->post['email'])) {
$this->errors['email'] = JText::_("INVALID_EMAIL_ADDRESS_ENTERED");
$this->valid = 0;
}
if ($this->use_website && $this->post['website'] != "" && 0) {
$this->errors['website'] = JText::_("INVALID_WEBSITE_ADDRESS_ENTERED");
$this->valid = 0;
}
if ($this->post['body'] == "") {
$this->errors['body'] = JText::_("YOU_MUST_ENTER_A_COMMENT_TO_POST");
$this->valid = 0;
}
if ($this->handler->item_select_must_have) {
if ($this->post['itemid'] == 0) {
$this->errors['itemid'] = JText::_("YOU_MUST_SELECT_A") . $this->handler->email_article_type;
$this->valid = 0;
}
}
if (!$captcha->ValidateCaptcha()) {
$this->errors['captcha'] = JText::_("INVALID_SECURITY_CODE");
$this->valid = 0;
}
if (!FSTCF::ValidateFields($this->customfields, $this->errors)) {
$this->valid = 0;
}
$output['valid'] = $this->valid;
if ($this->valid == 1) {
$db = JFactory::getDBO();
$user = JFactory::getUser();
$userid = $user->id;
$custom = FSTCF::Comm_StoreFields($this->customfields);
$custom = serialize($custom);
$now = FST_Helper::CurDate();
$qry = "INSERT INTO " . $this->table . " (ident, itemid, name, email, website, body, published, created, userid, custom) VALUES (";
$qry .= $this->post['ident'];
$qry .= " , " . $this->post['itemid'];
$qry .= " , '" . FSTJ3Helper::getEscaped($db, $this->post['name']);
$qry .= "' , '" . FSTJ3Helper::getEscaped($db, $this->post['email']);
$qry .= "' , '" . FSTJ3Helper::getEscaped($db, $this->post['website']);
$qry .= "' , '" . FSTJ3Helper::getEscaped($db, $this->post['body']);
$qry .= "' , {$published}, '{$now}', '" . FSTJ3Helper::getEscaped($db, $userid) . "', '" . FSTJ3Helper::getEscaped($db, $custom) . "' )";
$db->SetQuery($qry);
$db->Query();
$this->comment = $this->post;
$this->comment['id'] = $db->insertid();
$this->comment['ident'] = $this->post['ident'];
foreach ($this->customfields as $id => $field) {
$this->comment["custom_{$id}"] = JRequest::getVar("custom_{$id}", "");
JRequest::setVar("custom_{$id}", '');
}
FST_EMail::Send_Comment($this);
ob_clean();
if ($this->moderate) {
$this->comment['published'] = 0;
include $this->tmplpath . DS . 'moderate.php';
} else {
if ($this->opt_show_posted_message_only) {
$this->comment['published'] = 0;
include $this->tmplpath . DS . 'thanks.php';
} else {
$this->comment['published'] = 1;
include $this->tmplpath . DS . 'thanks.php';
include $this->tmplpath . DS . 'comment.php';
}
}
$output['comment'] = ob_get_contents();
if ($this->opt_display) {
if ($this->opt_order == 0) {
$output['display'] = 'before';
} else {
$output['display'] = 'after';
}
} else {
$output['display'] = 'none';
}
if ($this->opt_show_posted_message_only) {
$output['display'] = "replace";
}
$this->post['name'] = $this->GetName();
$this->post['email'] = '';
$this->post['website'] = '';
$this->post['body'] = '';
$this->post['created'] = 'now';
if ($this->opt_show_form_after_post) {
ob_clean();
$this->captcha = $captcha->GetCaptcha();
include $this->tmplpath . DS . 'addcomment.php';
$output['form'] = ob_get_contents();
$output['form_display'] = "replace";
} else {
$output['form'] = '';
$output['form_display'] = "";
if ($this->opt_form_clear_comment) {
$output['form_display'] = "clear_comment";
}
}
ob_clean();
echo json_encode($output);
exit;
} else {
$output['display'] = 'none';
$output['form_display'] = "replace";
ob_clean();
$this->comment = $this->post;
include $this->tmplpath . DS . 'comment.php';
$output['comment'] = ob_get_contents();
ob_clean();
$this->captcha = $captcha->GetCaptcha();
include $this->tmplpath . DS . 'addcomment.php';
$output['form'] = ob_get_contents();
ob_clean();
echo json_encode($output);
exit;
}
return true;
}
