function process_comment_form() { // processing of the user comment data global $comments, $root, $gallery_dir, $galerie, $snimek; if ($comments && @$_POST["commentdata"]) { $username = @$_COOKIE["username"]; $comment_name = @$_POST["commentname"]; $save_comment_name = @$_POST["savecommentname"]; $comment_data = @$_POST["commentdata"]; $comment_kolacek = @$_POST["commentkolacek"]; $comment_spamcheck = @$_POST["commentspamcheck"]; #check for HTML tags $comment_name = stripslashes(strip_tags($comment_name)); $allowedTags = '<a><b><i><ul><li><blockquote><br>'; $comment_data = stripslashes(strip_tags($comment_data, $allowedTags)); // thanks google: // http://www.google.com/googleblog/2005/01/preventing-comment-spam.html $comment_data = eregi_replace("<a ", "<a rel=\"nofollow\" ", $comment_data); #further comment spam $comment_blacklist = array("pharmacy", "poker", "Viagra"); foreach ($comment_blacklist as $blackword) { $check = addslashes($blackword); if (eregi($check, $comment_data)) { #write error message $this->error(__('No comment spam'), __('Your comment includes blacklisted word') . __('No comment spam')); $this->footer(); exit; //stop everything } } if ($comment_kolacek != md5($comment_spamcheck)) { $this->error(__('No comment spam'), __('You ve written the check number wrong')); $this->footer(); exit; //stop everything } if (!$comment_name) { $comment_name = $_COOKIE["username"]; } // ok so we got a comment if ($comment_name && $save_comment_name) { // save out name in a cookie if (!setcookie("username", "{$comment_name}", mktime(0, 0, 0, 12, 30, 2030))) { print __('Could not set name cookie!'); exit; } } // create a user_comment file if not existant or append to it if (!$picture) { require_once "{$root}/inc/photo.class.inc.php"; $path = "{$gallery_dir}/{$galerie}/lq"; $file = "{$path}/img-{$snimek}.jpg"; $picture = new C_photo($file, $snimek); } $picture->addcomment($comment_name, $comment_data); } }
print "</a>\n > Photo"; print " {$snimek}</div>"; $path = "{$gallery_dir}/{$galerie}/thumbs"; $imgfiles = new SortDir("{$path}"); check($galerie); $path = "{$gallery_dir}/{$galerie}/lq"; $file = "{$path}/img-{$snimek}.jpg"; if (!file_exists($file)) { print __('No such image'); $page->footer(); exit; } if (!$picture) { //picture may have been created if commentform submitted require_once "{$root}/inc/photo.class.inc.php"; $picture = new C_photo($file, $snimek); } // mini thumbnail roll if ($show_thumbs) { print "\n<!--mini thumbnail roll-->\n<div class=\"thumbroll\">"; print "<a id=\"minus\" href=\"{$ThisScript}?galerie={$galerie}&photo={$snimek}"; print "\">"; print "</a>\n"; print " : \n"; while ($thumbfile = $imgfiles->read()) { if (eregi("^img-([0-9]+)\\.(png|jpe?g)", $thumbfile, $x)) { $thumb = "{$gallery_dir}/{$galerie}/thumbs/img-{$x[1]}.{$x[2]}"; print " <a href=\"{$ThisScript}?galerie={$galerie}&photo={$x[1]}"; print "&show_thumbs={$show_thumbs}\""; print " title=" . get_photo_title($galerie, $x[1]) . ">"; print "<img class=\"thumb\" ";