function getLinks()
{
$res = $this->db->query("SELECT * FROM " . DB_PREFIX . "link ORDER BY taxis ASC");
$links = array();
while ($row = $this->db->fetch_array($res)) {
$row['sitename'] = htmlspecialchars($row['sitename']);
$row['description'] = subString(htmlClean($row['description'], false), 0, 80);
$row['siteurl'] = $row['siteurl'];
$links[] = $row;
}
return $links;
}
/**
* 获取回复
*
* @param int $tid
* @param string $hide
* @param int $page
* @return array
*/
function getReplys($tid, $hide = null)
{
$andQuery = '1=1';
$andQuery .= $tid ? " and tid={$tid}" : '';
$andQuery .= $hide ? " and hide='{$hide}'" : '';
$sql = "SELECT * FROM " . DB_PREFIX . "reply where {$andQuery} ORDER BY id";
$ret = $this->db->query($sql);
$replys = array();
while ($row = $this->db->fetch_array($ret)) {
$row['name'] = htmlspecialchars($row['name']);
$row['content'] = htmlClean($row['content']);
$row['date'] = smartDate($row['date']);
//$row['id'];
//$row['hide'];
//$row['tid'];
//$row['ip'];
$replys[] = $row;
}
return $replys;
}
function getOneComment($commentId, $nl2br = false)
{
$sql = "select * from " . DB_PREFIX . "comment where cid={$commentId}";
$res = $this->db->query($sql);
if ($this->db->affected_rows() < 1) {
return false;
}
$commentArray = $this->db->fetch_array($res);
$commentArray['comment'] = $nl2br ? htmlClean(trim($commentArray['comment'])) : htmlClean(trim($commentArray['comment']), FALSE);
$commentArray['poster'] = htmlspecialchars($commentArray['poster']);
$commentArray['date'] = date("Y-m-d H:i", $commentArray['date']);
return $commentArray;
}
/**
* Juser会员中心查看已有评论
* @param null
* @return mixed
*/
public function UserComment($UserInfo = null)
{
$page = isset($_GET['page']) && ctype_digit((string) $_GET['page']) ? intval($_GET['page']) : 1;
$JuserCommentModel = new JuserCommnet();
$Comment = $JuserCommentModel->page($page)->select($UserInfo['mail']);
$PageString = $JuserCommentModel->getPageString($UserInfo['mail']);
$leftBar = $this->__getAuthLeft('UserComment');
$CommentString = '<div class="JAuth_right">
<div class="JAuth_content">
<ul class="Juser_comment">';
if ($Comment) {
foreach ($Comment as $key => $value) {
$CommentString .= '<li class="Juser_comment_items"><p class="Juser_comment_time">' . date('Y-m-d H:i:s', $value['date']) . '</p>';
$CommentString .= '<div class="Juser_comment_list"><p class="Juser_comment_text">' . htmlClean($value['comment']) . '</p>';
$CommentString .= '<p class="Juser_comment_info">评论文章:<a href="' . $value['log_url'] . '" target=_blank>《' . $value['log_title'] . '》</a> 评论:' . $value['comnum'] . '</p>';
$CommentString .= '</div></li>';
}
} else {
$CommentString .= '<li class="Juser_comment_none">不给力,暂无评论!</li>';
}
$CommentString .= '</ul>' . $PageString . '
</div>
</div>';
$this->__show($leftBar, $CommentString, $UserInfo);
}
/**
* 最新评论缓存
*/
private function mc_comment()
{
$query = $this->db->query("SELECT option_value,option_name FROM " . DB_PREFIX . "options WHERE option_name IN('index_comnum','comment_subnum','comment_paging','comment_pnum','comment_order')");
while ($row = $this->db->fetch_array($query)) {
${$row}['option_name'] = $row['option_value'];
}
$query = $this->db->query("SELECT * FROM " . DB_PREFIX . "comment WHERE hide='n' ORDER BY date DESC LIMIT 0, {$index_comnum}");
$com_cache = array();
$com_cids = array();
while ($show_com = $this->db->fetch_array($query)) {
$com_page = '';
if ($comment_paging == 'y') {
$pid = $show_com['pid'];
$cid = $show_com['cid'];
$order = $comment_order == 'newer' ? 'DESC' : '';
while ($pid != 0) {
$show_pid = $this->db->once_fetch_array("SELECT cid,pid FROM " . DB_PREFIX . "comment WHERE cid={$pid}");
$pid = $show_pid['pid'];
$cid = $show_pid['cid'];
}
if (!isset($com_cids[$show_com['gid']])) {
$com_cids[$show_com['gid']] = array();
$query2 = $this->db->query("SELECT cid FROM " . DB_PREFIX . "comment WHERE gid=" . $show_com['gid'] . " AND pid=0 AND hide='n' ORDER BY date {$order}");
while ($show_cid = $this->db->fetch_array($query2)) {
$com_cids[$show_com['gid']][] = $show_cid['cid'];
}
}
$com_page = intval(floor(array_search($cid, $com_cids[$show_com['gid']]) / $comment_pnum)) + 1;
}
$com_cache[] = array('cid' => $show_com['cid'], 'gid' => $show_com['gid'], 'name' => htmlspecialchars($show_com['poster']), 'date' => $show_com['date'], 'page' => $com_page, 'mail' => $show_com['mail'], 'content' => htmlClean(subString($show_com['comment'], 0, $comment_subnum), false));
}
$cacheData = serialize($com_cache);
$this->cacheWrite($cacheData, 'comment');
}
foreach ($user_cache as $val) {
if (isset($val['name']) && $val['name'] == $rname) {
exit('err4');
}
}
$date = time();
$name = subString(ROLE == ROLE_VISITOR ? $rname : addslashes($user_cache[UID]['name']), 0, 16);
$rdata = array('tid' => $tid, 'content' => $r, 'name' => $name, 'date' => $date, 'hide' => ROLE == ROLE_VISITOR ? Option::get('ischkreply') : 'n');
$Twitter_Model = new Twitter_Model();
$Reply_Model = new Reply_Model();
$rid = $Reply_Model->addReply($rdata);
if ($rid === false) {
exit('err5');
}
doAction('reply_twitter', $r, $name, $date, $tid);
if (Option::get('ischkreply') == 'n' || ROLE != ROLE_VISITOR) {
$Twitter_Model->updateReplyNum($tid, '+1');
} else {
exit('succ1');
}
$CACHE->updateCache('sta');
$_SESSION['code'] = null;
$date = smartDate($date);
$r = htmlClean(stripslashes($r));
$response = "\n <li>\n <span class=\"name\">" . stripslashes(htmlspecialchars($name)) . "</span> {$r}<span class=\"time\">{$date}</span>\n <em><a href=\"javascript:re({$tid}, '@{$name}:');\">回复</a></em>\n </li>";
echo $response;
}
// 回复验证码
if ($action == 'ckcode') {
require_once EMLOG_ROOT . '/include/lib/checkcode.php';
}
<?php
#comment.php
ob_start();
require '../../init.php';
//利用ajax返回给page.php的数据
$content = htmlClean($_POST['comment_content']);
$name = trim($_POST['nickname']);
$post_id = $_POST['post_id'];
header('Content-type: text/html;charset=UTF-8');
echo "<p class='comment_author'>{$name}</p>" . "<div class='avatar'><img src='images/avatar.jpg' title='avatar'/></div>" . "<p class='comment_content'>{$content}</p><div class='spacer'></div>";
//将评论加入数据库
Comment_Model::getInstance()->updateComment($name, $content, $post_id);
function getOneComment($commentId)
{
$timezone = Option::get('timezone');
$sql = "select * from " . DB_PREFIX . "comment where cid={$commentId}";
$res = $this->db->query($sql);
if ($this->db->affected_rows() < 1) {
return false;
}
$commentArray = $this->db->fetch_array($res);
$commentArray['comment'] = htmlClean(trim($commentArray['comment']));
$commentArray['poster'] = htmlspecialchars($commentArray['poster']);
$commentArray['date'] = gmdate("Y-m-d H:i", $commentArray['date'] + $timezone * 3600);
return $commentArray;
}
function plugin_setting_view()
{
$DB = Database::getInstance();
?>
<div class="containertitle2">
<a class="navi<?php
echo isset($_GET['advance']) ? 1 : 3;
?>
" href="./plugin.php?plugin=anti_spam_comment">基本设置</a>
<a class="navi<?php
echo isset($_GET['advance']) ? 2 : 4;
?>
" href="./plugin.php?plugin=anti_spam_comment&advance=true">高级选项</a>
<?php
if (isset($_GET['setting'])) {
?>
<span class="actived">插件设置完成</span><?php
}
if (isset($_GET['error'])) {
?>
<span class="actived">插件设置失败</span><?php
}
?>
</div>
<?php
if (isset($_GET['advance'])) {
$act = isset($_GET['act']) ? trim($_GET['act']) : '';
if ($act) {
global $CACHE;
switch ($act) {
case 'shieldname':
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
$DB->query("UPDATE " . DB_PREFIX . "comment SET poster='该昵称已屏蔽' WHERE cid={$id}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'delurl':
$id = isset($_GET['id']) ? intval($_GET['id']) : '';
$DB->query("UPDATE " . DB_PREFIX . "comment SET url='' WHERE cid={$id}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'admin_all_coms':
$operate = isset($_POST['operate']) ? $_POST['operate'] : '';
$comments = isset($_POST['com']) ? array_map('intval', $_POST['com']) : array();
$commentsId = '(' . implode(',', $comments) . ')';
switch ($operate) {
case 'shieldname':
$DB->query("UPDATE " . DB_PREFIX . "comment SET poster='该昵称已屏蔽' WHERE cid IN{$commentsId}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'delurl':
$DB->query("UPDATE " . DB_PREFIX . "comment SET url='' WHERE cid IN{$commentsId}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
}
break;
case 'save':
$comname = isset($_POST['comname']) ? addslashes(trim($_POST['comname'])) : '';
$comment = isset($_POST['comment']) ? addslashes(trim($_POST['comment'])) : '';
$commail = isset($_POST['commail']) ? addslashes(trim($_POST['commail'])) : '';
$comurl = isset($_POST['comurl']) ? addslashes(trim($_POST['comurl'])) : '';
if ($comurl && strncasecmp($comurl, 'http://', 7)) {
$comurl = 'http://' . $comurl;
}
$cid = isset($_POST['cid']) ? intval($_POST['cid']) : '';
$DB->query("UPDATE " . DB_PREFIX . "comment SET poster='{$comname}',comment='{$comment}',mail='{$commail}',url='{$comurl}' WHERE cid={$cid}");
$CACHE->updateCache(array('sta', 'comment'));
header("Location: ./plugin.php?plugin=anti_spam_comment&advance=true&setting=true");
break;
case 'edit':
$Comment_Model = new Comment_Model();
$cid = isset($_GET['cid']) ? intval($_GET['cid']) : '';
extract($Comment_Model->getOneComment($cid));
?>
<form action="./plugin.php?plugin=anti_spam_comment&advance=true&act=save" method="post">
<div>
<li>昵称</li>
<li><input size="40" value="<?php
echo $poster;
?>
" name="comname" /></li>
<li>邮箱</li>
<li><input size="40" value="<?php
echo $mail;
?>
" name="commail" /></li>
<li>地址</li>
<li><input size="40" value="<?php
echo $url;
?>
" name="comurl" /></li>
<li>内容</li>
<li><textarea name="comment" rows="3" cols="45"><?php
echo $comment;
?>
</textarea></li>
<li>
<input type="hidden" value="<?php
echo $cid;
?>
" name="cid" />
<input type="submit" value="保 存" class="submit" />
<input type="button" value="取 消" class="submit" onclick="javascript: window.history.back();" /></li>
</div>
</form>
<?php
break;
}
} else {
$blogid = isset($_GET['gid']) ? intval($_GET['gid']) : null;
$hide = isset($_GET['hide']) ? addslashes($_GET['hide']) : '';
$page = isset($_GET['page']) ? intval($_GET['page']) : 1;
$ip = isset($_GET['ip']) ? addslashes($_GET['ip']) : '';
$poster = isset($_GET['poster']) ? addslashes($_GET['poster']) : '';
$addUrl_1 = $addUrl_2 = $addUrl_3 = $addUrl_4 = '';
if ($blogid) {
$addUrl_1 = "gid={$blogid}&";
$blogid = "AND a.gid={$blogid}";
}
if ($hide) {
$addUrl_2 = "hide={$hide}&";
$hide = "AND a.hide='{$hide}'";
}
if ($ip) {
$addUrl_3 = "ip={$ip}&";
$ip = "AND a.ip='{$ip}'";
}
if ($poster) {
$addUrl_4 = "poster={$poster}&";
$poster = "AND a.poster='{$poster}'";
}
$addUrl = $addUrl_1 . $addUrl_2 . $addUrl_3 . $addUrl_4;
$perpage_num = Option::get('admin_perpage_num');
if ($page) {
$startId = ($page - 1) * $perpage_num;
$limit = " LIMIT {$startId}, " . $perpage_num;
}
$sql = "SELECT a.cid,a.hide,a.date,a.comment,a.gid,a.poster,a.ip,a.mail,a.url,b.title FROM " . DB_PREFIX . "comment as a, " . DB_PREFIX . "blog as b where 1=1 {$blogid} {$hide} {$ip} {$poster} AND a.gid=b.gid ORDER BY a.cid DESC";
$query = $DB->query($sql);
$cmnum = $DB->num_rows($query);
$query = $DB->query($sql . $limit);
$pageurl = pagination($cmnum, $perpage_num, $page, "./plugin.php?plugin=anti_spam_comment&advance=true&{$addUrl}page=");
$sql = "SELECT a.cid,a.hide,a.date,a.comment,a.gid,a.poster,a.ip,a.mail,a.url,b.title FROM " . DB_PREFIX . "comment as a, " . DB_PREFIX . "blog as b where 1=1 {$blogid} AND a.hide='y' {$ip} AND a.gid=b.gid ORDER BY a.cid DESC";
$hideCommNum = $DB->num_rows($DB->query($sql));
if ($hideCommNum > 0) {
$hide_ = $hide_y = $hide_n = '';
$a = "hide_{$hide}";
${$a} = "class=\"filter\"";
?>
<div class="filters">
<span <?php
echo $hide_;
?>
><a href="./plugin.php?plugin=anti_spam_comment&advance=true&<?php
echo $addUrl_1 . $addUrl_3;
?>
">全部</a></span>
<span <?php
echo $hide_y;
?>
><a href="./plugin.php?plugin=anti_spam_comment&advance=true&hide=y&<?php
echo $addUrl_1 . $addUrl_3;
?>
">待审
<?php
$sta_cache = Cache::getInstance()->readCache('sta');
$hidecmnum = ROLE == 'admin' ? $sta_cache['hidecomnum'] : $sta_cache[UID]['hidecommentnum'];
if ($hidecmnum > 0) {
echo '(' . $hidecmnum . ')';
}
?>
</a></span>
<span <?php
echo $hide_n;
?>
><a href="./plugin.php?plugin=anti_spam_comment&advance=true&hide=n&<?php
echo $addUrl_1 . $addUrl_3;
?>
">已审</a></span>
</div>
<?php
} elseif ($addUrl) {
?>
<div class="filters">
<span><a href="./plugin.php?plugin=anti_spam_comment&advance=true">全部</a></span>
</div>
<?php
}
?>
<form action="./plugin.php?plugin=anti_spam_comment&advance=true&act=admin_all_coms" method="post" name="form_com" id="form_com">
<table width="100%" id="adm_comment_list" class="item_list">
<thead>
<tr>
<th width="19"><input onclick="CheckAll(this.form)" type="checkbox" value="on" name="chkall" /></th>
<th width="350"><b>内容</b></th>
<th width="300"><b>评论者</b></th>
<th width="250"><b>所属日志</b></th>
</tr>
</thead>
<tbody>
<?php
while ($res = $DB->fetch_array($query)) {
$ishide = $res['hide'] == 'y' ? '<font color="red">[待审]</font>' : '';
$mail = !empty($res['mail']) ? htmlspecialchars("({$res['mail']})") : '';
$ip = !empty($res['ip']) ? "<br />IP:<a href=\"./plugin.php?plugin=anti_spam_comment&advance=true&ip={$res['ip']}\">{$res['ip']}</a>" : '';
$url = !empty($res['url']) ? htmlspecialchars("({$res['url']})") : '';
$res['content'] = str_replace('<br>', ' ', htmlClean($res['comment']));
$sub_content = subString($res['content'], 0, 50);
$res['title'] = subString($res['title'], 0, 42);
?>
<tr>
<td><input type="checkbox" value="<?php
echo $res['cid'];
?>
" name="com[]" class="ids" /></td>
<td><a href="./plugin.php?plugin=anti_spam_comment&advance=true&act=edit&cid=<?php
echo $res['cid'];
?>
" title="<?php
echo $res['content'];
?>
"><?php
echo $sub_content;
?>
</a> <?php
echo $ishide;
?>
<br /><?php
echo smartDate($res['date']);
?>
<span style="display:none; margin-left:8px;">
<a href="javascript: asc_confirm(<?php
echo $res['cid'];
?>
, 'name');">屏蔽昵称</a>
<a href="javascript: asc_confirm(<?php
echo $res['cid'];
?>
, 'url');">删除地址</a>
</span>
</td>
<td><a href="./plugin.php?plugin=anti_spam_comment&advance=true&poster=<?php
echo urlencode($res['poster']);
?>
"><?php
echo htmlspecialchars($res['poster']);
?>
</a> <?php
echo $url;
?>
<?php
echo $ip;
?>
<?php
echo $mail;
?>
</td>
<td><a href="./plugin.php?plugin=anti_spam_comment&advance=true&gid=<?php
echo $res['gid'];
?>
"><?php
echo $res['title'];
?>
</a></td>
</tr>
<?php
}
?>
</tbody>
</table>
<div class="list_footer">
选中项:
<a href="javascript:asc_commentact('shieldname');">屏蔽昵称</a>
<a href="javascript:asc_commentact('delurl');">删除地址</a>
<input name="operate" id="operate" res="" type="hidden" />
</div>
<div class="page"><?php
echo $pageurl;
?>
(有<?php
echo $cmnum;
?>
条评论)</div>
</form>
<script>
$(document).ready(function(){
$("#adm_comment_list tbody tr:odd").addClass("tralt_b");
$("#adm_comment_list tbody tr")
.mouseover(function(){$(this).addClass("trover");$(this).find("span").show();})
.mouseout(function(){$(this).removeClass("trover");$(this).find("span").hide();})
});
setTimeout(hideActived,2600);
function asc_commentact(act){
if (getChecked('ids') == false) {
alert('请选择要操作的评论');
return;
}
if(act == 'shieldname' && !confirm('你确定要屏蔽所选评论的评论人昵称吗?')){return;}
if(act == 'delurl' && !confirm('你确定要删除所选评论的评论人地址吗?')){return;}
$("#operate").val(act);
$("#form_com").submit();
}
function asc_confirm (id, property) {
switch (property){
case 'name':
var urlreturn="./plugin.php?plugin=anti_spam_comment&advance=true&act=shieldname&id="+id;
var msg = "你确定要屏蔽该评论人昵称?";break;
case 'url':
var urlreturn="./plugin.php?plugin=anti_spam_comment&advance=true&act=delurl&id="+id;
var msg = "你确定要删除该评论人地址吗?";break;
}
if(confirm(msg)){window.location = urlreturn;}else {return;}
}
</script>
<?php
}
} else {
$data = asc_read();
extract($data);
$blacklist = implode("\n", $blacklist);
$url_keywords = implode("\n", $url_keywords);
$ex1 = $ex2 = '';
$vari = array(array('英文字母abc…ABC…<font color="red">*</font>:', 'asc_letter'), array('数字0-9:', 'asc_digit'), array('英文字符(包括英文字母、数字和其它英文符号)<font color="red">*</font>:', 'asc_char'), array('星号*:', 'asc_star'));
if ($auto_blacklist == 1) {
$ex1 = 'checked="checked"';
}
if ($need_chinese == 1) {
$ex2 = 'checked="checked"';
}
?>
<form action="plugin.php?plugin=anti_spam_comment&action=setting" method="post">
<table cellspacing="8" cellpadding="4" width="95%" align="center" border="0">
<tbody>
<tr nowrap="nowrap">
<td width="33%" align="right">评论时间间隔(秒):</td>
<td width="67%"><input size="10" name="time_limit" type="text" value="<?php
echo $time_limit;
?>
" /></td>
</tr>
<tr nowrap="nowrap">
<td width="33%" align="right">必须包含汉字:</td>
<td width="67%"><input size="10" name="need_chinese" type="checkbox" value="1" <?php
echo $ex2;
?>
/></td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">IP黑名单:<br/><br/>
可封IP段,填入IP开头地址,如162.204
</td>
<td><textarea name="blacklist" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $blacklist;
?>
</textarea></td>
</tr>
<tr nowrap="nowrap">
<td align="right">将频繁尝试发表评论的IP加入黑名单</td>
<td><input name="auto_blacklist" type="checkbox" value="1" <?php
echo $ex1;
?>
/></td>
</tr>
<tr nowrap="nowrap">
<td align="right">每分钟允许尝试评论次数:</td>
<td><input size="10" name="max_attempt" type="text" value="<?php
echo $max_attempt;
?>
" />(开启自动黑名单有效)</td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">屏蔽词汇(以 | 分割):<br />
可以使用通配符*或者系统<a href="#var">内置变量</a>
</td>
<td><textarea name="keywords" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $keywords;
?>
</textarea></td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">屏蔽昵称(以 | 分割):<br />
可以使用通配符*或者系统<a href="#var">内置变量</a>
</td>
<td><textarea name="name_keywords" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $name_keywords;
?>
</textarea></td>
</tr>
<tr nowrap="nowrap">
<td align="right" valign="top">屏蔽地址(每行一条):<br/>
可以使用通配符*或者系统<a href="#var">内置变量</a>
</td>
<td><textarea name="url_keywords" cols="" rows="4" style="width:300px;height:70px;"><?php
echo $url_keywords;
?>
</textarea></td>
</tr>
<tr>
<td align="center" colspan="2"><input type="submit" value="保存设置" class="button" /></td>
</tr>
</tbody>
</table>
</form>
<b><a name="var"></a>内置变量</b>
<table cellspacing="8" cellpadding="4" width="95%" align="center" border="0">
<tbody>
<?php
foreach ($vari as $value) {
?>
<tr nowrap="nowrap">
<td width="40%" align="right"><?php
echo $value[0];
?>
</td>
<td width="60%"><b><?php
echo $value[1];
?>
</b></td>
</tr>
<?php
}
?>
<tr>
<td align="center" colspan="2"><font color="red">*注</font>:该项仅当评论全文符合时过滤评论(例如关键字填入asc_letter时,仅过滤纯英文评论)</td>
</tr>
</tbody>
</table>
<?php
}
?>
<script>
$("#anti_spam_comment").addClass('sidebarsubmenu1');
</script>
<?php
}
