} else {
//if security key submitted
if (cmtx_setting('security_key') != $_POST['cmtx_security_key']) {
//security key incorrect
cmtx_ban(CMTX_BAN_REASON_INCORRECT_SECURITY_KEY);
//ban user for incorrect security key
}
}
/* Resubmit Key */
if (!isset($_POST['cmtx_resubmit_key'])) {
//no resubmit key submitted
cmtx_ban(CMTX_BAN_REASON_NO_RESUBMIT_KEY);
//ban user for no resubmit key
} else {
//if resubmit key submitted
if (!ctype_alnum($_POST['cmtx_resubmit_key']) || cmtx_strlen($_POST['cmtx_resubmit_key']) != 20) {
//if resubmit key invalid
cmtx_ban(CMTX_BAN_REASON_INVALID_RESUBMIT_KEY);
//ban user for invalid resubmit key
}
}
/* Check Honeypot */
if (cmtx_setting('check_honeypot')) {
//if honeypot-check enabled
if (!isset($_POST['cmtx_honeypot'])) {
//if honeypot not submitted
cmtx_error(CMTX_ERROR_MESSAGE_MISSING_DATA);
//reject user for no honeypot
} else {
//if honeypot submitted
if (!empty($_POST['cmtx_honeypot'])) {
function cmtx_load_form_cookie()
{
//load cookie form field values
global $cmtx_default_name, $cmtx_default_email, $cmtx_default_website, $cmtx_default_town, $cmtx_default_country;
//globalise variables
if (isset($_COOKIE['Commentics-Form']) && cmtx_strlen($_COOKIE['Commentics-Form']) < 500) {
$values = explode('|', $_COOKIE['Commentics-Form']);
if (count($values) == 5) {
$cmtx_default_name = $values[0];
$cmtx_default_email = $values[1];
$cmtx_default_website = $values[2];
$cmtx_default_town = $values[3];
$cmtx_default_country = $values[4];
}
}
}
function cmtx_get_random_key($length)
{
//generates a random key
$characters = '0123456789abcdefghijklmnopqrstuvwxyz';
//allowed characters
$key = '';
for ($i = 0; $i < $length; $i++) {
$key .= $characters[mt_rand(0, cmtx_strlen($characters) - 1)];
}
return $key;
}
function cmtx_generate_comment($is_preview, $alternate, $id, $name, $email, $website, $town, $country, $rating, $reply_to, $comment, $reply, $is_admin, $likes, $dislikes, $is_sticky, $is_locked, $dated)
{
//generate comment
$cmtx_box = '';
//initialise box
for ($i = 1; $i <= cmtx_get_reply_depth($id); $i++) {
if (cmtx_setting('reply_arrow') && $i == cmtx_get_reply_depth($id)) {
$cmtx_box .= '<div class="cmtx_reply_arrow">';
//add the reply arrow
}
$cmtx_box .= '<div class="cmtx_reply_indent">';
//indent the reply
}
$perm = '';
if (isset($_GET['cmtx_perm']) && ctype_digit($_GET['cmtx_perm'])) {
$cmtx_perm = (int) $_GET['cmtx_perm'];
if ($cmtx_perm == $id) {
$perm = ' cmtx_permalink_box';
}
}
if ($alternate == 1) {
//if it's the first box
if (!$reply_to && !$is_admin) {
$cmtx_box .= '<div class="cmtx_comment_box_1' . $perm . '" id="cmtx_perm_' . $id . '">';
//comment and not admin
} else {
if ($reply_to && !$is_admin) {
$cmtx_box .= '<div class="cmtx_reply_box_1' . $perm . '" id="cmtx_perm_' . $id . '">';
//reply and not admin
} else {
if (!$reply_to && $is_admin) {
$cmtx_box .= '<div class="cmtx_admin_comment_box_1' . $perm . '" id="cmtx_perm_' . $id . '">';
//comment and is admin
} else {
if ($reply_to && $is_admin) {
$cmtx_box .= '<div class="cmtx_admin_reply_box_1' . $perm . '" id="cmtx_perm_' . $id . '">';
//reply and is admin
}
}
}
}
} else {
//if it's the second box
if (!$reply_to && !$is_admin) {
$cmtx_box .= '<div class="cmtx_comment_box_2' . $perm . '" id="cmtx_perm_' . $id . '">';
//comment and not admin
} else {
if ($reply_to && !$is_admin) {
$cmtx_box .= '<div class="cmtx_reply_box_2' . $perm . '" id="cmtx_perm_' . $id . '">';
//reply and not admin
} else {
if (!$reply_to && $is_admin) {
$cmtx_box .= '<div class="cmtx_admin_comment_box_2' . $perm . '" id="cmtx_perm_' . $id . '">';
//comment and is admin
} else {
if ($reply_to && $is_admin) {
$cmtx_box .= '<div class="cmtx_admin_reply_box_2' . $perm . '" id="cmtx_perm_' . $id . '">';
//reply and is admin
}
}
}
}
}
//Sticky (1/2)
if ($is_sticky) {
$cmtx_box .= '<div class="cmtx_sticky_image">';
}
//Gravatar (1/2)
if (cmtx_setting('show_gravatar')) {
$cmtx_box .= '<div class="cmtx_gravatar_block">';
$gravatar_parameter = '&r=' . cmtx_setting('gravatar_rating');
if (cmtx_setting('gravatar_default') != 'default') {
if (cmtx_setting('gravatar_default') == 'custom') {
$gravatar_parameter .= '&d=' . cmtx_url_encode(cmtx_setting('gravatar_custom'));
} else {
$gravatar_parameter .= '&d=' . cmtx_setting('gravatar_default');
}
}
$cmtx_box .= '<img src="http://www.gravatar.com/avatar/' . md5(strtolower(trim($email))) . '.png?s=' . cmtx_setting('gravatar_size') . $gravatar_parameter . '" alt="Gravatar" title="Gravatar"/>';
$cmtx_box .= '</div>';
$cmtx_box .= '<div style="clear: right;"></div>';
$cmtx_box .= '<div style="margin-left:' . (cmtx_setting('gravatar_size') + 5) . 'px;">';
}
//Rating
if (cmtx_setting('show_rating') && $rating != 0) {
$cmtx_box .= '<div class="cmtx_rating_block">';
if ($rating == 1) {
$cmtx_box .= cmtx_star_full(1, CMTX_RATING_ONE);
$cmtx_box .= cmtx_star_empty(4, CMTX_RATING_ONE);
} else {
if ($rating == 2) {
$cmtx_box .= cmtx_star_full(2, CMTX_RATING_TWO);
$cmtx_box .= cmtx_star_empty(3, CMTX_RATING_TWO);
} else {
if ($rating == 3) {
$cmtx_box .= cmtx_star_full(3, CMTX_RATING_THREE);
$cmtx_box .= cmtx_star_empty(2, CMTX_RATING_THREE);
} else {
if ($rating == 4) {
$cmtx_box .= cmtx_star_full(4, CMTX_RATING_FOUR);
$cmtx_box .= cmtx_star_empty(1, CMTX_RATING_FOUR);
} else {
if ($rating == 5) {
$cmtx_box .= cmtx_star_full(5, CMTX_RATING_FIVE);
}
}
}
}
}
$cmtx_box .= '</div>';
}
//Name and Website
if (cmtx_setting('show_website') && !empty($website) && $website != 'http://') {
$cmtx_website_attribute = '';
//initialize variable
if (cmtx_setting('website_new_window')) {
$cmtx_website_attribute = ' target="_blank"';
}
//if website should open in new window
if (cmtx_setting('website_nofollow')) {
$cmtx_website_attribute .= ' rel="nofollow"';
}
//if website should contain nofollow tag
if ($is_admin) {
$cmtx_box .= '<a class="cmtx_admin_name_with_website_text" href="' . $website . '"' . $cmtx_website_attribute . '>' . $name . '</a>';
} else {
$cmtx_box .= '<a class="cmtx_name_with_website_text" href="' . $website . '"' . $cmtx_website_attribute . '>' . $name . '</a>';
}
} else {
if ($is_admin) {
$cmtx_box .= '<span class="cmtx_admin_name_without_website_text">';
$cmtx_box .= $name;
$cmtx_box .= '</span>';
} else {
$cmtx_box .= '<span class="cmtx_name_without_website_text">';
$cmtx_box .= $name;
$cmtx_box .= '</span>';
}
}
//Town and Country
if (cmtx_setting('show_town') && !empty($town) && cmtx_setting('show_country') && !empty($country)) {
$cmtx_box .= '<span class="cmtx_town_country_text">';
$cmtx_box .= ' (' . $town . ', ' . $country . ')';
$cmtx_box .= '</span>';
} else {
if (cmtx_setting('show_town') && !empty($town)) {
$cmtx_box .= '<span class="cmtx_town_country_text">';
$cmtx_box .= ' (' . $town . ')';
$cmtx_box .= '</span>';
} else {
if (cmtx_setting('show_country') && !empty($country)) {
$cmtx_box .= '<span class="cmtx_town_country_text">';
$cmtx_box .= ' (' . $country . ')';
$cmtx_box .= '</span>';
}
}
}
//Says...
if (cmtx_setting('show_says')) {
$cmtx_box .= '<span class="cmtx_says_text">';
$cmtx_box .= ' ' . CMTX_SAYS;
$cmtx_box .= '</span>';
}
$cmtx_box .= '<div class="cmtx_height_above_comment_text"></div>';
//Comment
$cmtx_box .= '<div class="cmtx_comment_text">';
if (cmtx_setting('show_read_more') && !$is_preview && cmtx_strlen(strip_tags($comment)) > cmtx_setting('read_more_limit')) {
$comment_less = str_ireplace('<br />', ' ', $comment);
$comment_less = str_ireplace('<br/>', ' ', $comment_less);
$comment_less = str_ireplace('<br>', ' ', $comment_less);
$comment_less = str_ireplace('<p></p>', ' ', $comment_less);
$comment_less = str_ireplace('<p />', ' ', $comment_less);
$comment_less = str_ireplace('<p/>', ' ', $comment_less);
$comment_less = strip_tags($comment_less);
$comment_cut = substr($comment_less, 0, cmtx_setting('read_more_limit'));
$comment_less = substr($comment_cut, 0, strrpos($comment_cut, ' '));
$cmtx_box .= '<div id="cmtx_comment_less_' . $id . '">';
$cmtx_box .= $comment_less;
$cmtx_box .= ' <a href="' . cmtx_url_encode(cmtx_current_page()) . '" class="cmtx_read_more_link" title="' . CMTX_TITLE_READ_MORE . '" rel="nofollow" onclick="cmtx_read_more(' . $id . ');return false;">' . CMTX_READ_MORE . '</a>';
$cmtx_box .= '</div>';
$cmtx_box .= '<div id="cmtx_comment_more_' . $id . '" style="display:none;">';
$cmtx_box .= $comment;
$cmtx_box .= '</div>';
} else {
$cmtx_box .= $comment;
}
$cmtx_box .= '</div>';
//Admin Reply
if (!empty($reply)) {
$cmtx_box .= '<div class="cmtx_height_above_reply_text"></div>';
$cmtx_box .= '<div class="cmtx_reply_area">';
$cmtx_box .= '<div class="cmtx_reply_intro">';
$cmtx_box .= CMTX_REPLY_INTRO;
$cmtx_box .= '</div>';
$cmtx_box .= ' ';
$cmtx_box .= '<div class="cmtx_reply_text">';
$cmtx_box .= $reply;
$cmtx_box .= '</div>';
$cmtx_box .= '</div>';
}
$cmtx_box .= '<div class="cmtx_height_below_comment_text"></div>';
//Preview Message
if ($is_preview) {
$cmtx_box .= '<div class="cmtx_preview_text">';
$cmtx_box .= CMTX_PREVIEW_TEXT;
$cmtx_box .= '</div>';
}
$cmtx_box .= '<div class="cmtx_buttons_block">';
//Reply
if (cmtx_setting('show_reply') && !$is_preview) {
$cmtx_box .= '<div class="cmtx_reply_block">';
$cmtx_box .= '<div class="cmtx_buttons">';
if (cmtx_get_reply_depth($id) < cmtx_setting('reply_depth') && !$is_locked) {
$cmtx_box .= '<a href="' . cmtx_url_encode(cmtx_current_page() . CMTX_ANCHOR_FORM) . '" id="cmtx_reply_' . $id . '" class="cmtx_reply_enabled" title="' . CMTX_TITLE_REPLY . '" rel="nofollow" onclick="';
if (cmtx_setting('hide_form')) {
$cmtx_box .= 'cmtx_open_form();';
}
$cmtx_box .= 'document.getElementById(\'cmtx_hide_reply\').style.display=\'block\';';
$cmtx_box .= 'document.getElementById(\'cmtx_reply_id\').value=\'' . $id . '\';';
$cmtx_box .= 'document.getElementById(\'cmtx_reply_message\').innerHTML=\'' . CMTX_REPLY_MESSAGE . ' ' . $name . '. ' . '\';';
$cmtx_box .= 'document.getElementById(\'cmtx_reset_reply\').style.display=\'inline\'">';
$cmtx_box .= '<img src="' . cmtx_commentics_url() . 'images/buttons/reply.png" alt="Reply" title="' . CMTX_TITLE_REPLY . '"/>' . CMTX_REPLY . '</a>';
} else {
$cmtx_box .= '<a href="' . cmtx_url_encode(cmtx_current_page()) . '" id="cmtx_reply_' . $id . '" class="cmtx_reply_disabled" title="" rel="nofollow" onclick="return false;">';
$cmtx_box .= '<img src="' . cmtx_commentics_url() . 'images/buttons/reply.png" alt="Reply" title=""/>' . CMTX_REPLY . '</a>';
}
$cmtx_box .= '</div>';
$cmtx_box .= '</div>';
}
//Permalink
if (cmtx_setting('show_permalink') && !$is_preview) {
$cmtx_box .= '<div class="cmtx_permalink_block">';
$cmtx_box .= '<div class="cmtx_buttons">';
$cmtx_box .= '<a class="cmtx_permalink" href="' . cmtx_get_permalink($id, cmtx_get_page_url()) . '" id="cmtx_permalink_' . $id . '" title="' . CMTX_TITLE_PERMALINK . '" rel="nofollow"><img src="' . cmtx_commentics_url() . 'images/buttons/permalink.png" alt="Permalink" title="' . CMTX_TITLE_PERMALINK . '"/>' . CMTX_PERMALINK . '</a>';
$cmtx_box .= '</div>';
$cmtx_box .= '</div>';
}
//Flag
if (cmtx_setting('show_flag') && !$is_preview) {
$cmtx_box .= '<div class="cmtx_flag_block">';
$cmtx_box .= '<div class="cmtx_buttons">';
$cmtx_box .= '<a class="cmtx_flag" href="' . cmtx_url_encode(cmtx_current_page()) . '" id="cmtx_flag_' . $id . '" title="' . CMTX_TITLE_FLAG . '" rel="nofollow"><img src="' . cmtx_commentics_url() . 'images/buttons/flag.png" alt="Flag" title="' . CMTX_TITLE_FLAG . '"/>' . CMTX_FLAG . '</a>';
$cmtx_box .= '</div>';
$cmtx_box .= '</div>';
}
//Like/Dislike
if ((cmtx_setting('show_like') || cmtx_setting('show_dislike')) && !$is_preview) {
$cmtx_box .= '<div class="cmtx_like_block">';
$cmtx_box .= '<div class="cmtx_buttons">';
if (cmtx_setting('show_like')) {
$cmtx_box .= '<a class="cmtx_vote cmtx_like" href="' . cmtx_url_encode(cmtx_current_page()) . '" id="cmtx_like_' . $id . '" title="' . CMTX_TITLE_LIKE . '" rel="nofollow"><img src="' . cmtx_commentics_url() . 'images/buttons/like.png" alt="Like" title="' . CMTX_TITLE_LIKE . '"/>' . $likes . '</a>';
}
if (cmtx_setting('show_dislike')) {
$cmtx_box .= '<a class="cmtx_vote cmtx_dislike" href="' . cmtx_url_encode(cmtx_current_page()) . '" id="cmtx_dislike_' . $id . '" title="' . CMTX_TITLE_DISLIKE . '" rel="nofollow"><img src="' . cmtx_commentics_url() . 'images/buttons/dislike.png" alt="Dislike" title="' . CMTX_TITLE_DISLIKE . '"/>' . $dislikes . '</a>';
}
$cmtx_box .= '</div>';
$cmtx_box .= '</div>';
}
$cmtx_box .= '</div>';
//Date
if (cmtx_setting('show_date')) {
$cmtx_box .= '<div class="cmtx_date_text">';
if (date('Y-m-d', strtotime($dated)) == date('Y-m-d')) {
//if comment's date is today
$cmtx_box .= CMTX_TODAY . ' ' . cmtx_format_date(date(CMTX_TIME_FORMAT, strtotime($dated)));
} else {
if (date('Y-m-d', strtotime($dated)) == date('Y-m-d', mktime(date('H'), date('i'), date('s'), date('m'), date('d') - 1, date('Y')))) {
//if comment's date is yesterday
$cmtx_box .= CMTX_YESTERDAY . ' ' . cmtx_format_date(date(CMTX_TIME_FORMAT, strtotime($dated)));
} else {
$cmtx_box .= cmtx_format_date(date(CMTX_DATE_FORMAT, strtotime($dated))) . ' ' . cmtx_format_date(date(CMTX_TIME_FORMAT, strtotime($dated)));
}
}
$cmtx_box .= '</div>';
}
//Sticky (2/2)
if ($is_sticky) {
$cmtx_box .= '</div>';
}
//Gravatar (2/2)
if (cmtx_setting('show_gravatar')) {
$cmtx_box .= '</div>';
}
$cmtx_box .= '</div>';
//end div
for ($i = 1; $i <= cmtx_get_reply_depth($id); $i++) {
if (cmtx_setting('reply_arrow') && $i == cmtx_get_reply_depth($id)) {
$cmtx_box .= '</div>';
}
$cmtx_box .= '</div>';
}
if ($is_preview) {
$cmtx_box .= '<div class="cmtx_height_below_preview_box"></div>';
}
return $cmtx_box;
}
function cmtx_comment_check_capitals($comment)
{
//checks comment for too many capital letters
if (cmtx_is_encoding_iso($comment)) {
//if encoding is ISO-8859-1
$comment = preg_replace('/[^a-z]/i', '', $comment);
//remove non-letters
$number_of_letters = cmtx_strlen($comment);
//number of letters
$number_of_capitals = cmtx_strlen(preg_replace('/[^A-Z]/', '', $comment));
//number of capitals
if ($number_of_letters != 0 && $number_of_letters > 3 && $number_of_capitals != 0) {
//if check is appropriate
$percentage_of_capitals = $number_of_capitals / $number_of_letters * 100;
//percentage of capitals
if ($percentage_of_capitals >= cmtx_setting('check_capitals_percentage')) {
//if too many capitals
if (cmtx_setting('check_capitals_action') == 'approve') {
//if entering too many capitals should require approval
cmtx_approve(CMTX_APPROVE_REASON_CAPITALS);
//approve user for too many capitals
} else {
if (cmtx_setting('check_capitals_action') == 'reject') {
//if entering too many capitals should be rejected
cmtx_error(CMTX_ERROR_MESSAGE_CAPITALS);
//reject user for too many capitals
} else {
if (cmtx_setting('check_capitals_action') == 'ban') {
//if entering too many capitals should result in a ban
cmtx_ban(CMTX_BAN_REASON_CAPITALS);
//ban user for too many capitals
}
}
}
}
//end of if-too-many-capitals
}
}
}
if (!cmtx_setting('show_rss')) {
die(CMTX_RSS_FEATURE_DISABLED);
}
if (!cmtx_is_administrator()) {
//if not administrator
if (cmtx_in_maintenance()) {
//check if under maintenance
die;
}
}
header('Content-Type:text/xml; charset=utf-8');
/* Error Reporting */
cmtx_error_reporting('includes/logs/errors.log');
/* Time Zone */
cmtx_set_time_zone(cmtx_setting('time_zone'));
if (isset($_GET['id']) && ctype_digit($_GET['id']) && cmtx_strlen($_GET['id']) < 10) {
//if page ID is in URL and it validates
$id = (int) $_GET['id'];
$id = cmtx_sanitize($id, true, true);
$query = "SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `is_approved` = '1' AND `page_id` = '{$id}' ORDER BY `dated` DESC";
//get page's items
} else {
$query = "SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `is_approved` = '1' ORDER BY `dated` DESC";
//get all items
}
/* Last Build Date */
$lbd_query = $query . " LIMIT 1";
$lbd_query = cmtx_db_query($lbd_query);
if (cmtx_db_num_rows($lbd_query)) {
$lbd_result = cmtx_db_fetch_assoc($lbd_query);
$last_build_date = date("r", strtotime($lbd_result["dated"]));
/* Error Reporting */
cmtx_error_reporting('includes/logs/errors.log');
/* Time Zone */
cmtx_set_time_zone(cmtx_setting('time_zone'));
?>
<h1><?php
echo CMTX_SUB_HEADING;
?>
</h1>
<?php
if (isset($_GET['id'])) {
//get subscriber
$token = $_GET['id'];
if (cmtx_strlen($token) != 20 || !ctype_alnum($token)) {
?>
<div class="error"><?php
echo CMTX_SUB_MSG_INVALID;
?>
</div><?php
die;
}
$token = cmtx_sanitize($token, true, true);
if (cmtx_db_num_rows(cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "subscribers` WHERE `token` = '{$token}'"))) {
$subscriber = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "subscribers` WHERE `token` = '{$token}'");
$subscriber = cmtx_db_fetch_assoc($subscriber);
} else {
?>
<div class="error"><?php
echo CMTX_SUB_MSG_NO_SUBSCRIPTION;
