/**
* Handle a pingback for an entry.
* Also takes care of the speedlimit and spam. Assumes that the caller of this
* function has already checked permissions!
*
* @param string $id ID of entry that got pinged
* @param string $type type of that entry ('article' for stories, etc.)
* @param string $url URL of the page that pinged us
* @param string $oururl URL that got pinged on our site
* @return object XML-RPC response
*/
function PNB_handlePingback($id, $type, $url, $oururl)
{
global $_CONF, $_TABLES, $PNB_ERROR;
require_once 'HTTP/Request.php';
if (!isset($_CONF['check_trackback_link'])) {
$_CONF['check_trackback_link'] = 2;
}
// handle pingbacks to articles on our own site
$skip_speedlimit = false;
if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR']) {
if (!isset($_CONF['pingback_self'])) {
$_CONF['pingback_self'] = 0;
// default: skip self-pingbacks
}
if ($_CONF['pingback_self'] == 0) {
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['skipped']));
} elseif ($_CONF['pingback_self'] == 2) {
$skip_speedlimit = true;
}
}
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'pingback');
if (!$skip_speedlimit) {
$last = COM_checkSpeedlimit('pingback');
if ($last > 0) {
return new XML_RPC_Response(0, 49, sprintf($PNB_ERROR['speedlimit'], $last, $_CONF['commentspeedlimit']));
}
}
// update speed limit in any case
COM_updateSpeedlimit('pingback');
if ($_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
if ($_CONF['check_trackback_link'] & 4) {
$parts = parse_url($url);
if (empty($parts['host'])) {
TRB_logRejected('Pingback: No valid URL', $url);
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
} else {
$ip = gethostbyname($parts['host']);
if ($ip != $_SERVER['REMOTE_ADDR']) {
TRB_logRejected('Pingback: IP address mismatch', $url);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
}
}
// See if we can read the page linking to us and extract at least
// the page's title out of it ...
$title = '';
$excerpt = '';
$http = new http_class();
$http->timeout = 0;
$http->data_timeout = 0;
$http->debug = 0;
$http->html_debug = 0;
$http->user_agent = 'glFusion/' . GVERSION;
$error = $http->GetRequestArguments($url, $arguments);
$error = $http->Open($arguments);
$error = $http->SendRequest($arguments);
if ($error == "") {
$http->ReadReplyHeaders($headers);
if ($http->response_status == 200) {
$error = $http->ReadWholeReplyBody($body);
if ($error == "" || strlen($body) > 0) {
if ($_CONF['check_trackback_link'] & 3) {
if (!TRB_containsBacklink($body, $oururl)) {
TRB_logRejected('Pingback: No link to us', $url);
$comment = TRB_formatComment($url);
PLG_spamAction($comment, $_CONF['spamx']);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
preg_match(':<title>(.*)</title>:i', $body, $content);
if (empty($content[1])) {
$title = '';
// no title found
} else {
$title = trim(COM_undoSpecialChars($content[1]));
}
if ($_CONF['pingback_excerpt']) {
// Check which character set the site that sent the Pingback
// is using
$charset = 'ISO-8859-1';
// default, see RFC 2616, 3.7.1
$ctype = $headers['content-type'];
$c = explode(';', $ctype);
foreach ($c as $ct) {
$ch = explode('=', trim($ct));
if (count($ch) === 2) {
if (trim($ch[0]) === 'charset') {
$charset = trim($ch[1]);
break;
}
}
}
if (!empty($charset) && strcasecmp($charset, COM_getCharset()) !== 0) {
if (function_exists('mb_convert_encoding')) {
$body = @mb_convert_encoding($body, COM_getCharset(), $charset);
} elseif (function_exists('iconv')) {
$body = @iconv($charset, COM_getCharset(), $body);
}
}
$excerpt = PNB_makeExcerpt($body, $oururl);
}
// we could also run the rest of the other site's page
// through the spam filter here ...
} else {
COM_errorLog("Pingback verification: unable to retrieve response body");
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
} else {
COM_errorLog("Pingback verification: Got HTTP response code " . $http->response_status . " when requesting {$url}");
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
} else {
COM_errorLog("Pingback verification: " . $error . " when requesting " . $url);
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
// check for spam first
$saved = TRB_checkForSpam($url, $title, '', $excerpt);
if ($saved == TRB_SAVE_SPAM) {
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
// save as a trackback comment
$saved = TRB_saveTrackbackComment($id, $type, $url, $title, '', $excerpt);
if ($saved == TRB_SAVE_REJECT) {
return new XML_RPC_Response(0, 49, $PNB_ERROR['multiple']);
}
if (isset($_CONF['notification']) && in_array('pingback', $_CONF['notification'])) {
TRB_sendNotificationEmail($saved, 'pingback');
}
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['success']));
}
/**
* Handle a pingback for an entry.
* Also takes care of the speedlimit and spam. Assumes that the caller of this
* function has already checked permissions!
*
* @param string $id ID of entry that got pinged
* @param string $type type of that entry ('article' for stories, etc.)
* @param string $url URL of the page that pinged us
* @param string $oururl URL that got pinged on our site
* @return object XML-RPC response
*/
function PNB_handlePingback($id, $type, $url, $oururl)
{
global $_CONF, $_TABLES, $PNB_ERROR;
require_once 'HTTP/Request.php';
if (!isset($_CONF['check_trackback_link'])) {
$_CONF['check_trackback_link'] = 2;
}
// handle pingbacks to articles on our own site
$skip_speedlimit = false;
if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR']) {
if (!isset($_CONF['pingback_self'])) {
$_CONF['pingback_self'] = 0;
// default: skip self-pingbacks
}
if ($_CONF['pingback_self'] == 0) {
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['skipped']));
} elseif ($_CONF['pingback_self'] == 2) {
$skip_speedlimit = true;
}
}
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'pingback');
if (!$skip_speedlimit) {
$last = COM_checkSpeedlimit('pingback');
if ($last > 0) {
return new XML_RPC_Response(0, 49, sprintf($PNB_ERROR['speedlimit'], $last, $_CONF['commentspeedlimit']));
}
}
// update speed limit in any case
COM_updateSpeedlimit('pingback');
if ($_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
if ($_CONF['check_trackback_link'] & 4) {
$parts = parse_url($url);
if (empty($parts['host'])) {
TRB_logRejected('Pingback: No valid URL', $url);
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
} else {
$ip = gethostbyname($parts['host']);
if ($ip != $_SERVER['REMOTE_ADDR']) {
TRB_logRejected('Pingback: IP address mismatch', $url);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
}
}
// See if we can read the page linking to us and extract at least
// the page's title out of it ...
$title = '';
$excerpt = '';
$req = new HTTP_Request2($url, HTTP_Request2::METHOD_GET);
$req->setHeader('User-Agent', 'Geeklog/' . VERSION);
try {
$response = $req->send();
$status = $response->getStatus();
if ($status == 200) {
$body = $response->getBody();
if ($_CONF['check_trackback_link'] & 3) {
if (!TRB_containsBacklink($body, $oururl)) {
TRB_logRejected('Pingback: No link to us', $url);
$comment = TRB_formatComment($url);
PLG_spamAction($comment, $_CONF['spamx']);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
preg_match(':<title>(.*)</title>:i', $body, $content);
if (empty($content[1])) {
$title = '';
// no title found
} else {
$title = trim(COM_undoSpecialChars($content[1]));
}
if ($_CONF['pingback_excerpt']) {
// Check which character set the site that sent the Pingback
// is using
$charset = 'ISO-8859-1';
// default, see RFC 2616, 3.7.1
$ctype = $response->getHeader('content-type');
$c = explode(';', $ctype);
foreach ($c as $ct) {
$ch = explode('=', trim($ct));
if (count($ch) === 2) {
if (trim($ch[0]) === 'charset') {
$charset = trim($ch[1]);
break;
}
}
}
if (!empty($charset) && strcasecmp($charset, COM_getCharset()) !== 0) {
if (function_exists('mb_convert_encoding')) {
$body = @mb_convert_encoding($body, COM_getCharset(), $charset);
} elseif (function_exists('iconv')) {
$body = @iconv($charset, COM_getCharset(), $body);
}
// else: tough luck ...
}
$excerpt = PNB_makeExcerpt($body, $oururl);
}
// we could also run the rest of the other site's page
// through the spam filter here ...
} elseif ($_CONF['check_trackback_link'] & 3) {
COM_errorLog("Pingback verification: Got HTTP response code " . $response->getStatus() . " when requesting {$url}");
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
} catch (HTTP_Request2_Exception $e) {
if ($_CONF['check_trackback_link'] & 3) {
// we were supposed to check for backlinks but didn't get the page
COM_errorLog("Pingback verification: " . $e->getMessage() . " when requesting {$url}");
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
}
// check for spam first
$saved = TRB_checkForSpam($url, $title, '', $excerpt);
if ($saved == TRB_SAVE_SPAM) {
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
// save as a trackback comment
$saved = TRB_saveTrackbackComment($id, $type, $url, $title, '', $excerpt);
if ($saved == TRB_SAVE_REJECT) {
return new XML_RPC_Response(0, 49, $PNB_ERROR['multiple']);
}
if (isset($_CONF['notification']) && in_array('pingback', $_CONF['notification'])) {
TRB_sendNotificationEmail($saved, 'pingback');
}
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['success']));
}
/**
* Handle a pingback for an entry.
*
* Also takes care of the speedlimit and spam. Assumes that the caller of this
* function has already checked permissions!
*
* @param string $id ID of entry that got pinged
* @param string $type type of that entry ('article' for stories, etc.)
* @param string $url URL of the page that pinged us
* @param string $oururl URL that got pinged on our site
* @return object XML-RPC response
*
*/
function PNB_handlePingback($id, $type, $url, $oururl)
{
global $_CONF, $_TABLES, $PNB_ERROR;
require_once 'HTTP/Request.php';
if (!isset($_CONF['check_trackback_link'])) {
$_CONF['check_trackback_link'] = 2;
}
// handle pingbacks to articles on our own site
$skip_speedlimit = false;
if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR']) {
if (!isset($_CONF['pingback_self'])) {
$_CONF['pingback_self'] = 0;
// default: skip self-pingbacks
}
if ($_CONF['pingback_self'] == 0) {
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['skipped']));
} else {
if ($_CONF['pingback_self'] == 2) {
$skip_speedlimit = true;
}
}
}
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'pingback');
if (!$skip_speedlimit) {
$last = COM_checkSpeedlimit('pingback');
if ($last > 0) {
return new XML_RPC_Response(0, 49, sprintf($PNB_ERROR['speedlimit'], $last, $_CONF['commentspeedlimit']));
}
}
// update speed limit in any case
COM_updateSpeedlimit('pingback');
if ($_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) {
if ($_CONF['check_trackback_link'] & 4) {
$parts = parse_url($url);
if (empty($parts['host'])) {
TRB_logRejected('Pingback: No valid URL', $url);
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
} else {
$ip = gethostbyname($parts['host']);
if ($ip != $_SERVER['REMOTE_ADDR']) {
TRB_logRejected('Pingback: IP address mismatch', $url);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
}
}
// See if we can read the page linking to us and extract at least
// the page's title out of it ...
$title = '';
$excerpt = '';
$req = new HTTP_Request($url);
$req->addHeader('User-Agent', 'glFusion/' . GVERSION);
$response = $req->sendRequest();
if (PEAR::isError($response)) {
if ($_CONF['check_trackback_link'] & 3) {
// we were supposed to check for backlinks but didn't get the page
COM_errorLog("Pingback verification: " . $response->getMessage() . " when requesting {$url}");
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
// else: silently ignore errors - we'll simply do without the title
} else {
if ($req->getResponseCode() == 200) {
$body = $req->getResponseBody();
if ($_CONF['check_trackback_link'] & 3) {
if (!TRB_containsBacklink($body, $oururl)) {
TRB_logRejected('Pingback: No link to us', $url);
$comment = TRB_formatComment($url);
PLG_spamAction($comment, $_CONF['spamx']);
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
}
preg_match(':<title>(.*)</title>:i', $body, $content);
if (empty($content[1])) {
$title = '';
// no title found
} else {
$title = trim(COM_undoSpecialChars($content[1]));
}
if (isset($_CONF['pingback_excerpt']) && $_CONF['pingback_excerpt']) {
$excerpt = PNB_makeExcerpt($body, $oururl);
}
// we could also run the rest of the other site's page
// through the spam filter here ...
} else {
if ($_CONF['check_trackback_link'] & 3) {
COM_errorLog("Pingback verification: Got HTTP response code " . $req->getResponseCode() . " when requesting {$url}");
return new XML_RPC_Response(0, 33, $PNB_ERROR['uri_invalid']);
}
}
// else: silently ignore errors - we'll simply do without the title
}
// check for spam first
$saved = TRB_checkForSpam($url, $title, '', $excerpt);
if ($saved == TRB_SAVE_SPAM) {
return new XML_RPC_Response(0, 49, $PNB_ERROR['spam']);
}
// save as a trackback comment
$saved = TRB_saveTrackbackComment($id, $type, $url, $title, '', $excerpt);
if ($saved == TRB_SAVE_REJECT) {
return new XML_RPC_Response(0, 49, $PNB_ERROR['multiple']);
}
if (isset($_CONF['notification']) && in_array('pingback', $_CONF['notification'])) {
TRB_sendNotificationEmail($saved, 'pingback');
}
return new XML_RPC_Response(new XML_RPC_Value($PNB_ERROR['success']));
}
