function do_submit1()
{
global $db, $dblang, $current_user, $globals;
do_navbar(_('enviar noticia ') . '»' . _(' paso 2: detalles'));
echo '<div id="genericform-contents">' . "\n";
if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links']) {
echo '<p class="error"><strong>' . _('no tienes el mínimo de karma para enviar una nueva historia') . '</strong></p> ';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// avoid spams, an extra security check
$from = time() - 7200;
$same_user = $db->get_var("select count(*) from links where link_date > from_unixtime({$from}) and link_author={$current_user->user_id}");
$same_ip = $db->get_var("select count(*) from links, votes where link_date > from_unixtime({$from}) and vote_type='links' and vote_link_id = link_id and vote_user_id = link_author and vote_ip_int = " . $globals['user_ip_int']);
echo "<!-- Same user: {$same_user} -->\n";
echo "<!-- Same IP: {$same_ip} -->\n";
if ($same_user > 4 || $same_ip > 4) {
echo '<p class="error"><strong>' . _('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP') . '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
$url = clean_input_url($_POST['url']);
$linkres = new Link();
$edit = false;
if ($found = $linkres->duplicates($url)) {
echo '<p class="error"><strong>' . _('noticia repetida!') . '</strong></p> ';
echo '<p class="error-text">' . _('lo sentimos') . '</p>';
echo '<p class="error-text"><a href="' . $globals['base_url'] . '?search=' . htmlspecialchars($found) . '">' . _('haz clic aquí para votar o comentar la noticia que enviaron antes') . '</a>';
echo '<br style="clear: both;" /><br style="clear: both;" />' . "\n";
echo '<form id="genericform">';
echo '<input class="genericsubmit" type=button onclick="window.history.go(-1)" value="' . _('« retroceder') . '" />';
echo '</form>' . "\n";
echo '</div>' . "\n";
return;
}
if (!$linkres->get($url)) {
echo '<p class="error"><strong>' . _('URL inválido') . ':</strong> ' . htmlspecialchars($url) . '</p>';
echo '<p>' . _('URL inválido, incompleto o no permitido') . '</p>';
// If the domain is banned, decrease user's karma
if ($linkres->banned) {
$db->query("update users set user_karma = user_karma - 0.1 where user_id = {$current_user->user_id}");
}
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
$trackback = $linkres->trackback;
$linkres->randkey = intval($_POST['randkey']);
if (!$linkres->valid) {
echo '<p class="error"><strong>' . _('error leyendo el url') . ':</strong> ' . htmlspecialchars($url) . '</p>';
// Dont allow new users with low karma to post wrong URLs
if ($current_user->user_karma < 7 && $current_user->user_level == 'normal') {
echo '<p>' . _('URL inválido, incompleto o no permitido') . '</p>';
print_empty_submit_form();
return;
}
echo '<p>' . _('no es válido, está fuera de línea, o tiene mecanismos antibots, <strong>continúa</strong>, pero asegúrate que sea correcto') . '</p>';
}
// check that the user also votes, not only sends links
if ($current_user->user_karma < 7) {
$from = time() - 3600 * 24;
$user_votes = $db->get_var("select count(*) from votes where vote_type='links' and vote_date > from_unixtime({$from}) and vote_user_id={$current_user->user_id}");
$user_links = 1 + $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > from_unixtime({$from}) and link_status != 'discard'");
$total_links = $db->get_var("select count(*) from links where link_date > from_unixtime({$from}) and link_status = 'queued'");
$min_votes = min(4, intval($total_links / 20)) * $user_links;
if ($user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
echo '<p class="error"><strong>' . _('no tienes el mínimo de votos necesarios para enviar una nueva historia') . '</strong></p> ';
echo '<p class="error-text">' . _('necesitas votar como mínimo a') . " {$needed} " . _('noticias') . ', ';
echo '<a href="' . $globals['base_url'] . 'shakeit.php" target="_blank">' . _('haz clic aquí para ir a votar') . '</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
$linkres->status = 'discard';
$linkres->author = $current_user->user_id;
/***** Currently commented out until we find if it makes sense here
// First delete last drafts, just in case to avoid triggering the anti spam measure
$from = time() - 1800;
$db->query("delete from links where link_date > from_unixtime($from) and link_author=$current_user->user_id and link_status='discard' and link_votes = 0");
*****/
$linkres->create_blog_entry();
// avoid auto-promotion (autobombo)
$hours = 2;
$from = time() - 3600 * $hours;
$same_blog = $db->get_var("select count(*) from links where link_date > from_unixtime({$from}) and link_author={$current_user->user_id} and link_blog={$linkres->blog} and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
echo '<p class="error"><strong>' . _('ya has enviado un enlace al mismo sitio hace poco tiempo') . '</strong></p> ';
echo '<p class="error-text">' . _('debes esperar') . " {$hours} " . _(' horas entre cada envío al mismo sitio. Es para evitar "spams" y "autobombo"') . ', ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('lee el FAQ') . '</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// Now stores new draft
$linkres->store();
echo '<h2>' . _('envío de una nueva noticia: paso 2 de 3') . '</h2>' . "\n";
echo '<div id="genericform">' . "\n";
echo '<form action="submit.php" method="post" id="thisform" name="thisform">' . "\n";
echo '<input type="hidden" name="url" id="url" value="' . htmlspecialchars($linkres->url) . '" />' . "\n";
echo '<input type="hidden" name="phase" value="2" />' . "\n";
echo '<input type="hidden" name="randkey" value="' . intval($_POST['randkey']) . '" />' . "\n";
echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n";
echo '<fieldset><legend><span class="sign">' . _('info de la noticia') . '</span></legend>' . "\n";
echo '<p class="genericformtxt"><label for="url_title" accesskey="1">' . _('título de la página') . ': </label> ' . "\n";
echo $linkres->url_title;
if ($linkres->type() === 'blog') {
echo '<br /> (' . _('parece ser un blog') . ')</p>' . "\n";
} else {
echo "</p>\n";
}
echo '</fieldset>' . "\n";
echo '<fieldset><legend><span class="sign">' . _('detalles de la noticia') . '</span></legend>' . "\n";
echo '<label for="title" accesskey="2">' . _('título de la noticia') . ':</label>' . "\n";
echo '<p><span class="genericformnote">' . _('título de la noticia. máximo: 120 caracteres') . '</span>' . "\n";
echo '<br/><input type="text" id="title" name="title" value="' . $link_title . '" size="80" maxlength="120" /></p>' . "\n";
echo '<label for="tags" accesskey="4">' . _('etiquetas') . ':</label>' . "\n";
echo '<p><span class="genericformnote"><strong>' . _('pocas palabras, genéricas, cortas y separadas por "," (coma)') . '</strong> Ejemplo: <em>web, programación, software libre</em></span>' . "\n";
echo '<br/><input type="text" id="tags" name="tags" value="' . $link_tags . '" size="70" maxlength="70" /></p>' . "\n";
echo '<div style="float: right;">';
print_simpleformat_buttons('bodytext');
echo '</div>';
echo '<p><label for="bodytext" accesskey="3">' . _('descripción de la noticia') . ':</label>' . "\n";
echo '<br /><span class="genericformnote">' . _('describe la noticia con tus palabras. entre dos y cinco frases es suficiente. sé cuidadoso.') . '</span>' . "\n";
echo '<br /><textarea name="bodytext" rows="10" cols="60" id="bodytext" onKeyDown="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)" onKeyUp="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)"></textarea>' . "\n";
echo '<br /><input readonly type="text" name="bodycounter" size="3" maxlength="3" value="550" /> <span class="genericformnote">' . _('caracteres libres') . '</span>';
echo '</p>' . "\n";
echo '<p><label accesskey="5">' . _('categoría') . ':</label><br />' . "\n";
echo '<span class="genericformnote">' . _('selecciona la categoría más apropiada') . '</span></p>' . "\n";
echo '<div class="column-list">' . "\n";
echo '<div class="categorylist">' . "\n";
echo '<ul>' . "\n";
$categories = $db->get_results("SELECT category_id, category_name FROM categories WHERE category_lang='{$dblang}' ORDER BY category_name ASC");
foreach ($categories as $category) {
echo '<li><input name="category" type="radio" value="' . $category->category_id . '"/>' . _($category->category_name) . '</li>' . "\n";
}
// TODO: no standard
echo '<br style="clear: both;" />' . "\n";
echo '</ul></div></div>' . "\n";
echo '<p><label for="trackback">' . _('trackback') . ':</label><br />' . "\n";
echo '<span class="genericformnote">' . _('puedes agregar o cambiar el trackback si ha sido detectado automáticamente') . '</span>' . "\n";
echo '<input type="text" name="trackback" id="trackback" value="' . $trackback . '" class="form-full" /></p>' . "\n";
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« retroceder') . '" /> ' . "\n";
echo '<input class="genericsubmit" type="submit" value="' . _('continuar »') . '" />' . "\n";
echo '</fieldset>' . "\n";
echo '</form>' . "\n";
echo '</div>' . "\n";
echo '</div>' . "\n";
}
function do_submit1() {
global $db, $dblang, $current_user, $globals;
$url = clean_input_url($_POST['url']);
$url = preg_replace('/^http:\/\/http:\/\//', 'http://', $url); // Some users forget to delete the foo http://
if (! preg_match('/^\w{3,6}:\/\//', $url)) { // http:// forgotten, add it
$url = 'http://'.$url;
}
$url = preg_replace('/#[^\/]*$/', '', $url); // Remove the "#", people just abuse
echo '<div>'."\n";
$new_user = false;
if (!check_link_key()) {
echo '<p class="error"><strong>'._('clave incorrecta').'</strong></p> ';
echo '</div>'. "\n";
return;
}
if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links'] ) {
echo '<p class="error"><strong>'._('no tienes el mínimo de karma para enviar una nueva historia').'</strong></p> ';
echo '</div>'. "\n";
return;
}
// Don't allow to send a link by a clone
$hours = intval($globals['user_links_clon_interval']);
$clones = $current_user->get_clones($hours+1);
if ($hours > 0 && $clones) {
$l = implode(',', $clones);
$c = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval $hours hour) and link_author in ($l)");
if ($c > 0) {
echo '<p class="error">'._('ya se envió con otro usuario «clon» en las últimas horas'). ", "._('disculpa las molestias'). ' </p>';
syslog(LOG_NOTICE, "Meneame, clon submit ($current_user->user_login): $_POST[url]");
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
// Check the number of links sent by a user
$queued_24_hours = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval 24 hour) and link_author=$current_user->user_id");
if (!$globals['development'])
if ($globals['limit_user_24_hours'] && $queued_24_hours > $globals['limit_user_24_hours']) {
echo '<p class="error">'._('debes esperar, tienes demasiados envíos en cola de las últimas 24 horas'). " ($queued_24_hours), "._('disculpa las molestias'). ' </p>';
syslog(LOG_NOTICE, "Meneame, too many queued in 24 hours ($current_user->user_login): $_POST[url]");
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
// check the URL is OK and that it resolves
$url_components = @parse_url($url);
if (!$url_components || ! $url_components['host'] || gethostbyname($url_components['host']) == $url_components['host']) {
echo '<p class="error"><strong>'._('URL o nombre de servidor erróneo').'</strong></p> ';
echo '<p>'._('el nombre del servidor es incorrecto o éste tiene problemas para resolver el nombre'). ' </p>';
syslog(LOG_NOTICE, "Meneame, hostname error ($current_user->user_login): $url");
print_empty_submit_form();
echo '</div>'. "\n";
return;
}
$enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)");
if ($current_user->user_karma > $globals['limit_3_minutes_karma']) $enqueued_limit = $globals['limit_3_minutes'] * 1.5;
else $enqueued_limit = $globals['limit_3_minutes'];
if ($enqueued_last_minutes > $enqueued_limit) {
echo '<p class="error"><strong>'._('exceso de envíos').':</strong></p>';
echo '<p>'._('se han enviado demasiadas historias en los últimos 3 minutos'). " ($enqueued_last_minutes > $enqueued_limit), "._('disculpa las molestias'). ' </p>';
syslog(LOG_NOTICE, "Meneame, too many queued ($current_user->user_login): $_POST[url]");
echo '</div>'. "\n";
return;
}
// Check the user does not have too many drafts
$minutes = intval($globals['draft_time'] / 60) + 10;
$drafts = (int) $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval $minutes minute) and link_status='discard' and link_votes = 0");
if (!$globals['development'])
if ($drafts > $globals['draft_limit']) {
echo '<p class="error"><strong>'._('demasiados borradores').':</strong></p>';
echo '<p>'._('has hecho demasiados intentos, debes esperar o continuar con ellos desde la'). ' <a href="shakeit.php?meta=_discarded">'. _('cola de descartadas').'</a></p>';
syslog(LOG_NOTICE, "Meneame, too many drafts ($current_user->user_login): $_POST[url]");
echo '</div>'. "\n";
return;
}
// Delete dangling drafts
if ($drafts > 0) {
$db->query("delete from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0");
}
// Check for banned IPs
if (!$globals['development'])
if(($ban = check_ban($globals['user_ip'], 'ip', true)) || ($ban = check_ban_proxy())) {
echo '<p class="error"><strong>'._('dirección IP no permitida para enviar').':</strong> '.$globals['user_ip'].'</p>';
echo '<p><strong>'._('Razón').'</strong>: '.$ban['comment'].'</p>';
if ($ban['expire'] > 0) {
echo '<p class="note"><strong>'._('caduca').'</strong>: '.get_date_time($ban['expire']).'</p>';
}
syslog(LOG_NOTICE, "Meneame, banned IP $globals[user_ip] ($current_user->user_login): $url");
print_empty_submit_form();
echo '</div>'. "\n";
return;
}
// Number of links sent by the user
$total_sents = (int) $db->get_var("select count(*) from links where link_author=$current_user->user_id") - $drafts;
if ($total_sents > 0) {
$sents = (int) $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day)") - $drafts;
} else {
$new_user = true;
$sents = 0;
}
$register_date = $current_user->Date();
if ($globals['now'] - $register_date < $globals['new_user_time'] ) {
$new_user = true;
}
// check that a new user also votes, not only sends links
// it requires $globals['min_user_votes'] votes
if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < $globals['new_user_karma']) {
$user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id=$current_user->user_id");
$user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id=$current_user->user_id");
$user_links = 1 + $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'");
$total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'");
echo "<!-- $user_votes_total, $user_links, $total_links -->\n";
if ($sents == 0) {
// If is a new user, requires more votes, to avoid spam
$min_votes = $globals['min_user_votes'];
} else {
$min_votes = min(4, intval($total_links/20)) * $user_links;
}
if (!$current_user->admin && $user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
echo '<p class="error">';
if ($new_user) {
echo '<strong>'._('¿es la primera vez que envías una noticia?').'</strong></p> ';
echo '<p class="error-text">'._('necesitas como mínimo'). " <strong>$needed " . _('votos') . '</strong><br/>';
} else {
echo '<strong>'._('no tienes el mínimo de votos necesarios para enviar una nueva historia').'</strong></p> ';
echo '<p class="error-text">'._('necesitas votar como mínimo a'). " <strong>$needed " . _('envíos') . '</strong><br/>';
}
echo '<strong>'._('no votes de forma apresurada, penaliza el karma').'</strong><br/>';
echo '<a href="'.$globals['base_url'].'shakeit.php" target="_blank">'._('haz clic aquí para ir a votar').'</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
// avoid spams, an extra security check
// it counts the numbers of links in the last hours
if ($new_user) {
$user_links_limit = $globals['new_user_links_limit'];
$user_links_interval = intval($globals['new_user_links_interval'] / 3600);
} else {
$user_links_limit = $globals['user_links_limit'];
$user_links_interval = intval($globals['user_links_interval'] / 3600);
}
$same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_author=$current_user->user_id") - $drafts;
$same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_ip = '".$globals['user_ip']."'") - $drafts;
if ($same_user > $user_links_limit || $same_ip > $user_links_limit ) {
echo '<p class="error"><strong>'._('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP'). '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
// avoid users sending continuous "rubbish" or "propaganda", specially new users
// it takes in account the number of positive votes in the last six hours
if ($same_user > 1 && $current_user->user_karma < $globals['karma_propaganda']) {
$positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_author = $current_user->user_id");
$negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval $user_links_interval hour) and link_author = $current_user->user_id");
if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) {
echo '<p class="error"><strong>'._('debes esperar, has tenido demasiados votos negativos en tus últimos envíos'). '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
$linkres=new Link;
$linkres->url = $url;
$edit = false;
if(report_dupe($url)) return;
if(!$linkres->check_url($url, true, true) || !$linkres->get($url)) {
echo '<p class="error"><strong>'._('URL erróneo o no permitido').'</strong>: ';
if ($linkres->ban && $linkres->ban['match']) {
echo $linkres->ban['match'];
} else {
echo $linkres->url;
}
echo '</p>';
echo '<p><strong>'._('Razón').':</strong> '. $linkres->ban['comment'].'</p>';
if ($linkres->ban['expire'] > 0) {
echo '<p class="note"><strong>'._('caduca').'</strong>: '.get_date_time($linkres->ban['expire']).'</p>';
}
print_empty_submit_form();
echo '</div>'. "\n";
return;
}
// If the URL has changed, check again is not dupe
if($linkres->url != $url && report_dupe($linkres->url)) return;
$linkres->randkey = intval($_POST['randkey']);
if(!$linkres->valid) {
echo '<p class="error"><strong>'._('error leyendo el url').':</strong> '.htmlspecialchars($url).'</p>';
// Dont allow new users with low karma to post wrong URLs
if ($current_user->user_karma < 8 && $current_user->user_level == 'normal') {
echo '<p>'._('URL inválido, incompleto o no permitido. Está fuera de línea, o tiene mecanismos antibots.').'</p>';
print_empty_submit_form();
return;
}
echo '<p>'._('no es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto').'</p>';
}
$linkres->status='discard';
$linkres->author=$current_user->user_id;
if (!$linkres->pingback()) {
$linkres->trackback();
}
$trackback=htmlspecialchars($linkres->trackback);
$linkres->create_blog_entry();
$blog = new Blog;
$blog->id = $linkres->blog;
$blog->read();
$blog_url_components = @parse_url($blog->url);
$blog_url = $blog_url_components['host'].$blog_url_components['path'];
// Now we check again against the blog table
// it's done because there could be banned blogs like http://lacotelera.com/something
if(($ban = check_ban($blog->url, 'hostname', false, true))) {
echo '<p class="error"><strong>'._('URL inválido').':</strong> '.htmlspecialchars($url).'</p>';
echo '<p>'._('el sitio').' '.$ban['match'].' '. _('está deshabilitado'). ' ('. $ban['comment'].') </p>';
if ($ban['expire'] > 0) {
echo '<p class="note"><strong>'._('caduca').'</strong>: '.get_date_time($ban['expire']).'</p>';
}
syslog(LOG_NOTICE, "Meneame, banned site ($current_user->user_login): $blog->url <- $_POST[url]");
print_empty_submit_form();
echo '</div>'. "\n";
/*
// If the domain is banned, decrease user's karma
if ($linkres->banned && $current_user->user_level == 'normal') {
$db->query("update users set user_karma = user_karma - 0.05 where user_id = $current_user->user_id");
}
*/
return;
}
// check for users spamming several sites and networks
// it does not allow a low "entropy"
// DISABLED BY MANEL: let the user send news from the same sources
/*
if ($sents > 30) {
$ratio = (float) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day)");
$threshold = 1/log($sents, 2);
if ($ratio < $threshold ) {
if ($db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day) and link_blog = $blog->id") > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: $ratio < $threshold ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya has enviado demasiados enlaces a los mismos sitios').'</strong></p> ';
echo '<p class="error-text">'._('varía las fuentes, podría ser considerado spam').'</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
}
*/
// Check the user does not send too many images or vídeos
// they think this is a fotolog
// DISABLED BY MANEL: this could be a fotolog
/*
if ($sents > 5 && ($linkres->content_type == 'image' || $linkres->content_type == 'video')) {
$image_links = intval($db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day) and link_content_type in ('image', 'video')"));
if ($image_links > $sents * 0.7) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya has enviado demasiadas imágenes o vídeos').'</strong></p> ';
//echo '<p class="error-text">'._('disculpa, no es un fotolog').'</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
*/
// Avoid users sending too many links to the same site in last hours
// DISABLED BY MANEL
/*
$hours = 24;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $hours hour) and link_author=$current_user->user_id and link_blog=$linkres->blog and link_votes > 0");
if ($same_blog > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many links to the same site in last $hours hours ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('demasiados enlaces al mismo sitio en las últimas horas').'</strong></p> ';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
*/
// avoid auto-promotion (autobombo)
// DISABLED BY MANEL: autobombo permitido
/*
$minutes = 30;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval $minutes minute) and link_author=$current_user->user_id and link_blog=$linkres->blog and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya has enviado un enlace al mismo sitio hace poco tiempo').'</strong></p> ';
echo '<p class="error-text">'._('debes esperar'). " $minutes " . _('minutos entre cada envío al mismo sitio.') . ', ';
echo '<a href="'.$globals['base_url'].'faq-'.$dblang.'.php">'._('lee el FAQ').'</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
*/
// Avoid spam (autobombo), count links in last two months
// DISABLED BY MANEL: autobombo permitido
/*
$same_blog = $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > date_sub(now(), interval 60 day) and link_blog=$linkres->blog");
$check_history = $sents > 3 && $same_blog > 0 && ($ratio = $same_blog/$sents) > 0.5;
if ($check_history) {
echo '<p class="error"><strong>'._('has enviado demasiados enlaces a')." $blog->url".'</strong></p> ';
if ($sents > 5 && $ratio > 0.75) {
echo '<p class="error-text">'._('has superado los límites de envíos de este sitio').'</p>';
// don't allow to continue
syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ($current_user->user_login): $linkres->url");
return;
} else {
echo '<p class="error-text">'._('continúa, pero ten en cuenta podría recibir votos negativos').', ';
echo '<a href="'.$globals['base_url'].'legal.php">'._('condiciones de uso').'</a>, ';
echo '<a href="'.$globals['base_url'].'faq-'.$dblang.'.php">'._('el FAQ').'</a></p>';
syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ($current_user->user_login): $linkres->url");
}
}
*/
$links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour)");
// check there is no an "overflow" from the same site
// DISABLED BY MANEL: could be an overflow
/*
$site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_blog=$linkres->blog and link_status in ('queued')"));
if ($site_links > 8 && $site_links > $links_12hs * 0.04) { // Only 4% from the same site
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya se han enviado demasiadas artículos del mismo sitio, espera unos minutos por favor').'</strong></p> ';
echo '<p class="error-text">'._('total en 12 horas').": $site_links , ". _('el máximo actual es'). ': ' . intval($links_12hs * 0.04). '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
*/
// check there is no an "overflow" of images
// DISABLED BY MANEL: let the overflow begin
/*
if ($linkres->content_type == 'image' || $linkres->content_type == 'video') {
$image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_content_type in ('image', 'video')"));
if ($image_links > 5 && $image_links > $links_12hs * 0.08) { // Only 8% images and videos
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ($current_user->user_login): $linkres->url");
echo '<p class="error"><strong>'._('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor').'</strong></p> ';
echo '<p class="error-text">'._('total en 12 horas').": $image_links , ". _('el máximo actual es'). ': ' . intval($links_12hs * 0.05). '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
*/
if(($ban = check_ban($linkres->url, 'punished_hostname', false, true))) {
echo '<p class="error"><strong>'._('Aviso').' '.$ban['match']. ':</strong> <em>'.$ban['comment'].'</em></p>';
echo '<p>'._('mejor enviar el enlace a la fuente original, sino será penalizado').'</p>';
}
// Now stores new draft
$linkres->ip = $globals['user_ip'];
$linkres->sent_date = $linkres->date=time();
$linkres->store();
echo '<h2>'._('envío de una nueva noticia: paso 2 de 3').'</h2>'."\n";
echo '<div class="genericform">'."\n";
echo '<form action="submit.php" method="post" id="thisform" name="thisform">'."\n";
echo '<input type="hidden" name="url" id="url" value="'.htmlspecialchars($linkres->url).'" />'."\n";
echo '<input type="hidden" name="phase" value="2" />'."\n";
echo '<input type="hidden" name="randkey" value="'.intval($_POST['randkey']).'" />'."\n";
echo '<input type="hidden" name="key" value="'.$_POST['key'].'" />'."\n";
echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n";
echo '<fieldset><legend><span class="sign">'._('información del enlace').'</span></legend>'."\n";
echo '<p class="genericformtxt"><strong>';
echo mb_substr($linkres->url_title, 0, 200);
echo '</strong><br/>';
echo htmlspecialchars($linkres->url);
echo '</p> '."\n";
echo '</fieldset>'."\n";
echo '<fieldset><legend><span class="sign">'._('detalles de la noticia').'</span></legend>'."\n";
echo '<label for="title" accesskey="1">'._('título de la noticia').':</label>'."\n";
echo '<p><span class="note">'._('título de la noticia. máximo: 120 caracteres').'</span>'."\n";
// Is it an image or video?
echo ' ';
$linkres->print_content_type_buttons();
echo '<br/><input type="text" id="title" name="title" value="'.$link_title.'" size="80" maxlength="120" />';
echo '</p>'."\n";
echo '<label for="tags" accesskey="2">'._('etiquetas').':</label>'."\n";
echo '<p><span class="note"><strong>'._('pocas palabras, genéricas, cortas y separadas por «,» (coma)').'</strong> Ejemplo: <em>web, programación, software libre</em></span>'."\n";
echo '<br/><input type="text" id="tags" name="tags" value="'.$link_tags.'" size="70" maxlength="70" /></p>'."\n";
echo '<link rel="stylesheet" type="text/css" media="all" href="'.$globals['base_static'].'css/ui-lightness/jquery-ui-1.8.16.custom.css"/>' . "\n";
echo '<script src="'.$globals['base_url'].'js/jquery-ui-1.8.16.custom.min.js" type="text/javascript" charset="utf-8"></script>' . "\n";
echo '<script type="text/javascript">
$(document).ready( function() {
';
echo "$.datepicker.regional['pt-BR'] = {
closeText: 'Fechar',
prevText: '<Anterior',
nextText: 'Próximo>',
currentText: 'Hoje',
monthNames: ['Janeiro','Fevereiro','Março','Abril','Maio','Junho',
'Julho','Agosto','Setembro','Outubro','Novembro','Dezembro'],
monthNamesShort: ['Jan','Fev','Mar','Abr','Mai','Jun',
'Jul','Ago','Set','Out','Nov','Dez'],
dayNames: ['Domingo','Segunda-feira','Terça-feira','Quarta-feira','Quinta-feira','Sexta-feira','Sabado'],
dayNamesShort: ['Dom','Seg','Ter','Qua','Qui','Sex','Sab'],
dayNamesMin: ['Dom','Seg','Ter','Qua','Qui','Sex','Sab'],
dateFormat: 'dd/mm/yy', firstDay: 0,
isRTL: false};
$.datepicker.setDefaults($.datepicker.regional['pt-BR']);
";
echo '
$("[name=datepicker1]").datepicker();
$("[name=datepicker2]").datepicker();
});
</script>';
echo '<label>'._('Datas do Evento').'</label> <span class="note">(opcional) desde </span> ';
echo '<input type="text" name="datepicker1" size="8"><span class="note"> '._('ata').'</span> <input type="text" name="datepicker2" size="8"></span>';
print_simpleformat_buttons('bodytext');
echo '<label for="bodytext" accesskey="3">'._('descripción de la noticia').':</label>'."\n";
echo '<p><span class="note"><strong>'._('describe la noticia en castellano. entre dos y cinco frases es suficiente. no deformes el contenido.').'</strong></span>'."\n";
echo '<br /><textarea name="bodytext" rows="10" cols="60" id="bodytext" onKeyDown="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)" onKeyUp="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)">';
if (mb_strlen($linkres->url_description) > 40) {
echo $linkres->url_description;
}
echo '</textarea>'."\n";
echo '<div style="margin-top:-7px"><input readonly type="text" name="bodycounter" size="3" maxlength="3" value="550" /> <span class="note">' . _('caracteres libres') . '</span></div>';
echo '</p>'."\n";
print_categories_form();
echo '<p><label for="trackback">'._('trackback').':</label><br />'."\n";
if (empty($trackback)) {
echo '<span class="note">'._('puedes agregar o cambiar el trackback si ha sido detectado automáticamente').'</span>'."\n";
echo '<input type="text" name="trackback" id="trackback" value="'.$trackback.'" class="form-full" /></p>'."\n";
} else {
echo '<span class="note">'.$trackback.'</span>'."\n";
echo '<input type="hidden" name="trackback" id="trackback" value="'.$trackback.'"/></p>'."\n";
}
echo '<input class="button" type="button" onclick="window.history.go(-1)" value="« '._('retroceder').'" /> '."\n";
echo '<input class="button" type="submit" value="'._('continuar').' »" />'."\n";
echo '</fieldset>'."\n";
echo '</form>'."\n";
echo '</div>'."\n";
echo '</div>'."\n";
}
function do_submit1() {
global $db, $dblang, $current_user;
do_navbar(_('enviar noticia ') . '»'. _(' paso 2: detalles'));
echo '<div id="genericform-contents">'."\n";
// avoid spams, an extra security check
$from = time() - 3600;
$same_user = $db->get_var("select count(*) from links where link_date > from_unixtime($from) and link_author=$current_user->user_id");
if ($same_user > 4) {
echo '<p class="error"><strong>'._('debes esperar'). '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
$url = trim(preg_replace('/ /', '+', $_POST['url']));
$linkres=new Link;
$edit = false;
$linkres->get($url);
$trackback=$linkres->trackback;
$linkres->randkey = intval($_POST['randkey']);
if(!$linkres->valid) {
echo '<p class="error"><strong>'._('url no válido').':</strong> ('.$url.')</p>';
echo '<p>'._('prueba con otra dirección').'</p>';
print_empty_submit_form();
return;
}
// avoid auto-promotion (autobombo)
$hours = 4;
$from = time() - 3600*$hours;
$same_blog = $db->get_var("select count(*) from links where link_date > from_unixtime($from) and link_author=$current_user->user_id and link_blog=$linkres->blog and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
echo '<p class="error"><strong>'._('ya has enviado un enlace al mismo sitio hace poco tiempo').'</strong></p> ';
echo '<p class="error-text">'._('debes esperar'). " $hours " . _(' horas entre cada envío al mismo sitio. Es para evitar "spams" y "autobombo"') . ', ';
echo '<a href="faq-'.$dblang.'.php">'._('lee el FAQ').'</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
// check that the user also votes, not only sends links
if ($current_user->user_karma < 10) {
$from = time() - 3600*24;
$user_votes = $db->get_var("select count(*) from votes where vote_type='links' and vote_date > from_unixtime($from) and vote_user_id=$current_user->user_id");
$user_links = 1 + $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > from_unixtime($from) and link_status != 'discard'");
$total_links = $db->get_var("select count(*) from links where link_date > from_unixtime($from) and link_status = 'queued'");
$min_votes = intval($total_links/20) * $user_links;
if ($user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
echo '<p class="error"><strong>'._('no tienes el mínimo de votos necesarios para enviar una nueva historia').'</strong></p> ';
echo '<p class="error-text">'._('necesitas votar como mínimo a'). " $needed " . _('noticias') . ', ';
echo '<a href="shakeit.php" target="_blank">'._('haz clic aquí para ir a votar').'</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>'. "\n";
return;
}
}
if($linkres->duplicates($url) > 0) {
echo '<p class="error"><strong>'._('noticia repetida!').'</strong></p> ';
echo '<p class="error-text">'._('lo sentimos').'</p>';
echo '<p class="error-text"><a href="index.php?search='.htmlentities($url).'">'._('haz clic aquí para votar o comentar la noticia que enviaron antes').'</a>';
echo '<br style="clear: both;" /><br style="clear: both;" />' . "\n";
echo '<form id="genericform">';
echo '<input class="genericsubmit" type=button onclick="window.history.go(-1)" value="'._('« retroceder').'" />';
echo '</form>'. "\n";
echo '</div>'. "\n";
return;
}
$linkres->status='discard';
$linkres->author=$current_user->user_id;
/***** Currently commented out until we find if it makes sense here
// First delete last drafts, just in case to avoid triggering the anti spam measure
$from = time() - 1800;
$db->query("delete from links where link_date > from_unixtime($from) and link_author=$current_user->user_id and link_status='discard' and link_votes = 0");
*****/
// Now stores new draft
$linkres->store();
echo '<h2>'._('envío de una nueva noticia: paso 2 de 3').'</h2>'."\n";
echo '<div id="genericform">'."\n";
echo '<form action="/submit.php" method="post" id="thisform">'."\n";
echo '<input type="hidden" name="url" id="url" value="'.$url.'" />'."\n";
echo '<input type="hidden" name="phase" value="2" />'."\n";
echo '<input type="hidden" name="randkey" value="'.intval($_POST['randkey']).'" />'."\n";
echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n";
echo '<fieldset><legend><span class="sign">'._('info de la noticia').'</span></legend>'."\n";
echo '<p class="genericformtxt"><label for="url_title" accesskey="1">'._('título de la página').': </label> '."\n";
echo $linkres->url_title;
if($linkres->type() === 'blog') {
echo '<br /> ('._('parece ser un blog').')</p>'."\n";
} else {
echo "</p>\n";
}
echo '</fieldset>'."\n";
echo '<fieldset><legend><span class="sign">'._('detalles de la noticia').'</span></legend>'."\n";
echo '<label for="title" accesskey="2">'._('título de la noticia').':</label>'."\n";
echo '<p><span class="genericformnote">'._('título de la noticia. máximo: 120 caracteres').'</span>'."\n";
echo '<br/><input type="text" id="title" name="title" value="'.$link_title.'" size="60" maxlength="120" /></p>'."\n";
echo '<label for="tags" accesskey="4">'._('etiquetas').':</label>'."\n";
echo '<p><span class="genericformnote"><strong>'._('pocas palabras, genéricas, cortas y separadas por "," (coma)').'</strong> Ejemplo: <em>web, programación, software libre</em></span>'."\n";
echo '<br/><input type="text" id="tags" name="tags" value="'.$link_tags.'" size="40" maxlength="40" /></p>'."\n";
echo '<p><label for="bodytext" accesskey="3">'._('descripción de la noticia').':</label>'."\n";
echo '<br /><span class="genericformnote">'._('describe la noticia con tus palabras. entre dos y cinco frases es suficiente. sé cuidadoso.').'</span>'."\n";
echo '<br/><textarea name="bodytext" rows="10" cols="60" id="bodytext" >'.$link_content.'</textarea></p>'."\n";
echo '<p><label accesskey="5">'._('categoría').':</label><br />'."\n";
echo '<span class="genericformnote">'._('selecciona la categoría más apropiada').'</span></p>'."\n";
echo '<div class="column-list">'."\n";
echo '<div class="categorylist">'."\n";
echo '<ul>'."\n";
$categories = $db->get_results("SELECT category_id, category_name FROM categories WHERE category_lang='$dblang' ORDER BY category_name ASC");
foreach ($categories as $category) {
echo '<li><input name="category" type="radio" value="'.$category->category_id.'"/>'._($category->category_name).'</li>'."\n";
}
// TODO: no standard
echo '<br style="clear: both;" />' . "\n";
echo '</ul></div></div>'."\n";
echo '<p><label for="trackback">'._('trackback').':</label><br />'."\n";
echo '<span class="genericformnote">'._('puedes agregar o cambiar el trackback si ha sido detectado automáticamente').'</span>'."\n";
echo '<input type="text" name="trackback" id="trackback" value="'.$trackback.'" class="form-full" /></p>'."\n";
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="'._('« retroceder').'"> '."\n";
echo '<input class="genericsubmit" type="submit" value="'._('continuar »').'" />'."\n";
echo '</fieldset>'."\n";
echo '</form>'."\n";
echo '</div>'."\n";
echo '</div>'."\n";
}
function do_submit1()
{
global $db, $dblang, $current_user, $globals;
$url = clean_input_url($_POST['url']);
$url = preg_replace('/^http:\\/\\/http:\\/\\//', 'http://', $url);
// Some users forget to delete the foo http://
$url = preg_replace('/#.*$/', '', $url);
// Remove the "#", people just abuse
do_banner_top();
echo '<div id="container-wide">' . "\n";
echo '<div id="genericform-contents">' . "\n";
$new_user = false;
if (!check_link_key()) {
echo '<p class="error"><strong>' . _('clave incorrecta') . '</strong></p> ';
echo '</div>' . "\n";
return;
}
if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links']) {
echo '<p class="error"><strong>' . _('no tienes el mínimo de karma para enviar una nueva historia') . '</strong></p> ';
echo '</div>' . "\n";
return;
}
$enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)");
if ($current_user->user_karma > 10) {
$enqueued_limit = $globals['limit_3_minutes'] * 1.5;
} else {
$enqueued_limit = $globals['limit_3_minutes'];
}
if ($enqueued_last_minutes > $enqueued_limit) {
echo '<p class="error"><strong>' . _('Exceso de envíos') . ':</strong></p>';
echo '<p>' . _('Se han enviado demasiadas noticias en los últimos 3 minutos') . " ({$enqueued_last_minutes} > {$enqueued_limit}), " . _('disculpa las molestias') . ' </p>';
syslog(LOG_NOTICE, "Meneame, too many queued ({$current_user->user_login}): {$_POST['url']}");
echo '</div>' . "\n";
return;
}
// Check the user does not have too many drafts
$drafts = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_status='discard' and link_votes = 0");
if ($drafts > 3) {
echo '<p class="error"><strong>' . _('Demasiados borradores') . ':</strong></p>';
echo '<p>' . _('Has hecho demasiados intentos, debes esperar o continuar con ellos desde la') . ' <a href="shakeit.php?meta=_discarded">' . _('cola de descartadas') . '</a></p>';
syslog(LOG_NOTICE, "Meneame, too many drafts ({$current_user->user_login}): {$_POST['url']}");
echo '</div>' . "\n";
return;
}
// Delete dangling drafts
if ($drafts > 0) {
$db->query("delete from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0");
}
// Check for banned IPs
if (check_ban($globals['user_ip'], 'ip', true) || check_ban_proxy()) {
echo '<p class="error"><strong>' . _('Dirección IP no permitida para enviar') . ':</strong> ' . $globals['user_ip'] . ' (' . $globals['ban_message'] . ')</p>';
syslog(LOG_NOTICE, "Meneame, banned IP {$globals['user_ip']} ({$current_user->user_login}): {$url}");
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
// Number of links sent by the user
$total_sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id}") - $drafts;
if ($total_sents > 0) {
$sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)") - $drafts;
} else {
$new_user = true;
$sents = 0;
}
$register_date = $current_user->Date();
if ($globals['now'] - $register_date < 86400 * 3) {
$new_user = true;
}
// check that a new user also votes, not only sends links
// it requires $globals['min_user_votes'] votes
if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < 6.1) {
$user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id={$current_user->user_id}");
$user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id={$current_user->user_id}");
$user_links = 1 + $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'");
$total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'");
echo "<!-- {$user_votes_total}, {$user_links}, {$total_links} -->\n";
if ($sents == 0) {
// If is a new user, requires more votes, to avoid spam
$min_votes = $globals['min_user_votes'];
} else {
$min_votes = min(4, intval($total_links / 20)) * $user_links;
}
if ($current_user->user_level != 'god' && $current_user->user_level != 'admin' && $user_votes < $min_votes) {
$needed = $min_votes - $user_votes;
echo '<p class="error">';
if ($new_user) {
echo '<strong>' . _('¿es la primera vez que envías una noticia?') . '</strong></p> ';
echo '<p class="error-text">' . _('necesitas como mínimo') . " <strong>{$needed} " . _('votos') . '</strong><br/>';
} else {
echo '<strong>' . _('no tienes el mínimo de votos necesarios para enviar una nueva historia') . '</strong></p> ';
echo '<p class="error-text">' . _('necesitas votar como mínimo a') . " <strong>{$needed} " . _('noticias') . '</strong><br/>';
}
echo '<strong>' . _('no votes de forma apresurada, penaliza el karma') . '</strong><br/>';
echo '<a href="' . $globals['base_url'] . 'shakeit.php" target="_blank">' . _('haz clic aquí para ir a votar') . '</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
// avoid spams, an extra security check
// it counts the numbers of links in the last hours
if ($new_user) {
$user_links_limit = 1;
$user_links_interval = 1;
} else {
$user_links_limit = 5;
$user_links_interval = 2;
}
$same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author={$current_user->user_id}") - $drafts;
$same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_ip = '" . $globals['user_ip'] . "'") - $drafts;
if ($same_user > $user_links_limit || $same_ip > $user_links_limit) {
echo '<p class="error"><strong>' . _('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP') . '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// avoid users sending continuous "rubbsih" or "propaganda", specially new users
// it takes in account the number of positive votes in the last six hours
if ($same_user > 1 && $current_user->user_karma < 12) {
$positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
$negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}");
echo "<!-- Positives: {$positives_received} -->\n";
echo "<!-- Negatives: {$negatives_received} -->\n";
if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) {
echo '<p class="error"><strong>' . _('debes esperar, has tenido demasiados votos negativos en tus últimos envíos') . '</strong></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
$linkres = new Link();
$linkres->url = $url;
$edit = false;
if (report_dupe($url)) {
return;
}
if (!$linkres->check_url($url, true, true) || !$linkres->get($url)) {
echo '<p class="error"><strong>' . _('URL erróneo o no permitido') . '</strong>: ';
if (!empty($globals['ban_match'])) {
echo $globals['ban_match'];
} else {
echo $linkres->url;
}
echo '</p>';
echo '<p><strong>' . _('Razón') . ':</strong> ' . $globals['ban_message'] . '</p>';
// If the domain is banned, decrease user's karma
if ($linkres->banned) {
$db->query("update users set user_karma = user_karma - 0.05 where user_id = {$current_user->user_id}");
}
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
// If the URL has changed, check again is not dupe
if ($linkres->url != $url && report_dupe($linkres->url)) {
return;
}
$linkres->randkey = intval($_POST['randkey']);
if (!$linkres->valid) {
echo '<p class="error"><strong>' . _('error leyendo el url') . ':</strong> ' . htmlspecialchars($url) . '</p>';
// Dont allow new users with low karma to post wrong URLs
if ($current_user->user_karma < 12 && $current_user->user_level == 'normal') {
echo '<p>' . _('URL inválido, incompleto o no permitido') . '</p>';
print_empty_submit_form();
return;
}
echo '<p>' . _('No es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto') . '</p>';
}
$linkres->status = 'discard';
$linkres->author = $current_user->user_id;
if (!$linkres->trackback()) {
$linkres->pingback();
}
$trackback = htmlspecialchars($linkres->trackback);
$linkres->create_blog_entry();
$blog = new Blog();
$blog->id = $linkres->blog;
$blog->read();
$blog_url_components = @parse_url($blog->url);
$blog_url = $blog_url_components[host] . $blog_url_components[path];
// Now we check again against the blog table
// it's done because there could be banned blogs like http://lacotelera.com/something
if (check_ban($blog->url, 'hostname', false, true)) {
echo '<p class="error"><strong>' . _('URL inválido') . ':</strong> ' . htmlspecialchars($url) . '</p>';
echo '<p>' . _('El sitio') . " {$globals['ban_match']} " . _('está deshabilitado') . ' (' . $globals['ban_message'] . ') </p>';
syslog(LOG_NOTICE, "Meneame, banned site ({$current_user->user_login}): {$blog->url} <- {$_POST['url']}");
print_empty_submit_form();
echo '</div>' . "\n";
return;
}
// check for users spamming several sites and networks
// it does not allow a low "entropy"
if ($sents > 30) {
$ratio = (double) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)");
$threshold = 1 / log($sents, 2);
if ($ratio < $threshold) {
if ($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog = {$blog->id}") > 2) {
syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: {$ratio} < {$threshold} ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a los mismos sitios') . '</strong></p> ';
echo '<p class="error-text">' . _('varía las fuentes, podría ser considerado spam') . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
}
// Check the user does not send too many images or vídeos
// they think this is a fotolog
if ($sents > 5 && ($linkres->content_type == 'image' || $linkres->content_type == 'video')) {
$image_links = intval($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_content_type in ('image', 'video')"));
if ($image_links > $sents * 0.3) {
syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya has enviado demasiadas imágenes o vídeos') . '</strong></p> ';
echo '<p class="error-text">' . _('disculpa, no es un fotolog') . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
// avoid auto-promotion (autobombo)
$minutes = 30;
$same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$minutes} minute) and link_author={$current_user->user_id} and link_blog={$linkres->blog} and link_votes > 0");
if ($same_blog > 0 && $current_user->user_karma < 12) {
syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya has enviado un enlace al mismo sitio hace poco tiempo') . '</strong></p> ';
echo '<p class="error-text">' . _('debes esperar') . " {$minutes} " . _(' minutos entre cada envío al mismo sitio.') . ', ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('lee el FAQ') . '</a></p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// Avoid spam, count links in last three months
$same_blog = $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog={$linkres->blog}");
// Check if the domain should be banned
$check_history = $sents > 2 && $same_blog > 0 && ($ratio = $same_blog / $sents) > 0.5;
// check clones also for new users
if ($sents == 0 || $check_history) {
// Count unique users
// TODO: we should discard users with the same IP (clones)
$unique_users = (int) $db->get_var("select count(distinct link_author) from links, users, votes where link_blog={$blog->id} and link_date > date_sub(now(), interval 30 day) and user_id = link_author and user_level != 'disabled' and vote_type='links' and vote_link_id = link_id and vote_user_id = link_author and vote_ip_int != " . $globals['user_ip_int']);
// Check for user clones
$clones = $db->get_var("select count(distinct link_author) from links, votes where link_author!={$current_user->user_id} and link_date > date_sub(now(), interval 20 day) and link_blog={$linkres->blog} link_votes > 0 and vote_type='links' and vote_link_id=link_id and link_author = vote_user_id and vote_ip_int = " . $globals['user_ip_int']);
if ($clones > 0 && $unique_users < 3) {
// we detected that another user has sent to the same URL from the same IP
echo '<p class="error"><strong>' . _('se han detectado usuarios clones que envían al sitio') . " {$blog->url}" . '</strong></p> ';
$ban_period_txt = _('un mes');
$ban = insert_ban('hostname', $blog_url, _('usuarios clones') . " {$current_user->user_login} ({$blog_url})", time() + 86400 * 30);
$banned_host = $ban->ban_text;
echo '<p class="error-text"><strong>' . _('el dominio') . " '{$banned_host}' " . _('ha sido baneado por') . " {$ban_period_txt}</strong>, ";
echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a></p>';
syslog(LOG_NOTICE, "Meneame, banned '{$ban_period_txt}' due to user clones ({$current_user->user_login}): {$banned_host} <- {$linkres->url}");
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
// end clones
}
if ($check_history) {
// Calculate ban period according to previous karma
$avg_karma = (int) $db->get_var("select avg(link_karma) from links where link_blog={$blog->id} and link_date > date_sub(now(), interval 30 day)");
// This is the case of unique/few users sending just their site and take care of choosing goog titles and text
// the condition is stricter, more links and higher ratio
if ($sents > 3 && $ratio > 0.9 || $sents > 6 && $ratio > 0.8 || $sents > 12 && $ratio > 0.6) {
if ($unique_users < 3) {
if ($avg_karma < -10) {
$ban_period = 86400 * 30;
$ban_period_txt = _('un mes');
} else {
$ban_period = 86400 * 7;
$ban_period_txt = _('una semana');
}
syslog(LOG_NOTICE, "Meneame, high ratio ({$ratio}) and few users ({$unique_users}), going to ban {$blog->url} ({$current_user->user_login})");
}
// Otherwise check previous karma
} elseif ($sents > 4 && $avg_karma < 30) {
if ($avg_karma < -40) {
$ban_period = 86400 * 30;
$ban_period_txt = _('un mes');
} elseif ($avg_karma < -10) {
$ban_period = 86400 * 7;
$ban_period_txt = _('una semana');
} elseif ($avg_karma < 10) {
$ban_period = 86400;
$ban_period_txt = _('un día');
} else {
$ban_period = 7200;
$ban_period_txt = _('dos horas');
}
syslog(LOG_NOTICE, "Meneame, high ratio ({$ratio}) and low karma ({$avg_karma}), going to ban {$blog->url} ({$current_user->user_login})");
}
if ($ban_period > 0) {
echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a') . " {$blog->url}" . '</strong></p> ';
echo '<p class="error-text">' . _('varía tus fuentes, es para evitar abusos y enfados por votos negativos') . ', ';
echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a>, ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('el FAQ') . '</a></p>';
if (!empty($blog_url)) {
$ban = insert_ban('hostname', $blog_url, _('envíos excesivos de') . " {$current_user->user_login}", time() + $ban_period);
$banned_host = $ban->ban_text;
echo '<p class="error-text"><strong>' . _('el dominio') . " '{$banned_host}' " . _('ha sido baneado por') . " {$ban_period_txt}</strong></p> ";
syslog(LOG_NOTICE, "Meneame, banned '{$ban_period_txt}' due to high ratio ({$current_user->user_login}): {$banned_host} <- {$linkres->url}");
} else {
syslog(LOG_NOTICE, "Meneame, error parsing during ban: {$blog->id}, {$blog->url} ({$current_user->user_login})");
}
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
} elseif ($sents > 0) {
// Just in case check again sent (paranoia setting)
echo '<p class="error"><strong>' . _('ya has enviado demasiados enlaces a') . " {$blog->url}" . '</strong></p> ';
echo '<p class="error-text">' . _('el sitio podría ser baneado automáticamente si continúas enviando') . ', ';
echo '<a href="' . $globals['base_url'] . 'libs/ads/legal-meneame.php">' . _('normas de uso del menáme') . '</a>, ';
echo '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('el FAQ') . '</a></p>';
if ($sents > 5 && $ratio > 0.75) {
// don't allow to continue
syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ({$current_user->user_login}): {$linkres->url}");
return;
} else {
syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ({$current_user->user_login}): {$linkres->url}");
}
}
}
$links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard')");
// check there is no an "overflow" from the same site
if ($current_user->user_karma < 18) {
$site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard') and link_blog={$linkres->blog}"));
if ($site_links > 5 && $site_links > $links_12hs * 0.04) {
// Only 4% from the same site
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya se han enviado demasiadas noticias del mismo sitio, espera unos minutos por favor') . '</strong></p> ';
echo '<p class="error-text">' . _('total en 12 horas') . ": {$site_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.04) . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
// check there is no an "overflow" of images
if ($linkres->content_type == 'image' || $linkres->content_type == 'video') {
$image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_status in ('published', 'queued', 'discard') and link_content_type in ('image', 'video')"));
if ($image_links > 5 && $image_links > $links_12hs * 0.08) {
// Only 8% images and videos
syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ({$current_user->user_login}): {$linkres->url}");
echo '<p class="error"><strong>' . _('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor') . '</strong></p> ';
echo '<p class="error-text">' . _('total en 12 horas') . ": {$image_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05) . '</p>';
echo '<br style="clear: both;" />' . "\n";
echo '</div>' . "\n";
return;
}
}
if (check_ban($linkres->url, 'punished_hostname', false, true)) {
echo '<p class="error"><strong>' . _('Aviso') . ' ' . $globals['ban_match'] . ':</strong> <em>' . $globals['ban_message'] . '</em></p>';
echo '<p>' . _('mejor enviar el enlace a la fuente original, sino será penalizado') . '</p>';
}
// Now stores new draft
$linkres->ip = $globals['user_ip'];
$linkres->sent_date = $linkres->date = time();
$linkres->store();
echo '<h2>' . _('envío de una nueva noticia: paso 2 de 3') . '</h2>' . "\n";
echo '<div id="genericform">' . "\n";
echo '<form action="submit.php" method="post" id="thisform" name="thisform">' . "\n";
echo '<input type="hidden" name="url" id="url" value="' . htmlspecialchars($linkres->url) . '" />' . "\n";
echo '<input type="hidden" name="phase" value="2" />' . "\n";
echo '<input type="hidden" name="randkey" value="' . intval($_POST['randkey']) . '" />' . "\n";
echo '<input type="hidden" name="key" value="' . $_POST['key'] . '" />' . "\n";
echo '<input type="hidden" name="id" value="' . $linkres->id . '" />' . "\n";
echo '<fieldset><legend><span class="sign">' . _('información del enlace') . '</span></legend>' . "\n";
echo '<p class="genericformtxt"><strong>';
echo mb_substr($linkres->url_title, 0, 200);
echo '</strong><br/>';
echo htmlspecialchars($linkres->url);
echo '</p> ' . "\n";
echo '</fieldset>' . "\n";
echo '<fieldset><legend><span class="sign">' . _('detalles de la noticia') . '</span></legend>' . "\n";
echo '<label for="title" accesskey="1">' . _('título de la noticia') . ':</label>' . "\n";
echo '<p><span class="genericformnote">' . _('título de la noticia. máximo: 120 caracteres') . '</span>' . "\n";
// Is it an image or video?
echo ' ';
$linkres->print_content_type_buttons();
echo '<br/><input type="text" id="title" name="title" value="' . $link_title . '" size="80" maxlength="120" />';
echo '</p>' . "\n";
echo '<label for="tags" accesskey="2">' . _('etiquetas') . ':</label>' . "\n";
echo '<p><span class="genericformnote"><strong>' . _('pocas palabras, genéricas, cortas y separadas por "," (coma)') . '</strong> Ejemplo: <em>web, programación, software libre</em></span>' . "\n";
echo '<br/><input type="text" id="tags" name="tags" value="' . $link_tags . '" size="70" maxlength="70" /></p>' . "\n";
print_simpleformat_buttons('bodytext');
echo '<p><label for="bodytext" accesskey="3">' . _('descripción de la noticia') . ':</label>' . "\n";
echo '<br /><span class="genericformnote">' . _('describe la noticia con tus palabras. entre dos y cinco frases es suficiente. sé cuidadoso.') . '</span>' . "\n";
echo '<br /><textarea name="bodytext" rows="10" cols="60" id="bodytext" onKeyDown="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)" onKeyUp="textCounter(document.thisform.bodytext,document.thisform.bodycounter,550)"></textarea>' . "\n";
echo '<br /><input readonly type="text" name="bodycounter" size="3" maxlength="3" value="550" /> <span class="genericformnote">' . _('caracteres libres') . '</span>';
echo '</p>' . "\n";
print_categories_form();
echo '<p><label for="trackback">' . _('trackback') . ':</label><br />' . "\n";
if (empty($trackback)) {
echo '<span class="genericformnote">' . _('puedes agregar o cambiar el trackback si ha sido detectado automáticamente') . '</span>' . "\n";
echo '<input type="text" name="trackback" id="trackback" value="' . $trackback . '" class="form-full" /></p>' . "\n";
} else {
echo '<span class="genericformnote">' . $trackback . '</span>' . "\n";
echo '<input type="hidden" name="trackback" id="trackback" value="' . $trackback . '"/></p>' . "\n";
}
echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="' . _('« retroceder') . '" /> ' . "\n";
echo '<input class="genericsubmit" type="submit" value="' . _('continuar »') . '" />' . "\n";
echo '</fieldset>' . "\n";
echo '</form>' . "\n";
echo '</div>' . "\n";
echo '</div>' . "\n";
}
