public function ajax()
{
//require_once('functions.php');
// GET actions
if (\Input::get('action')) {
switch (\Input::get('action')) {
case 'get-comments':
if (\Input::get('page')) {
$def = array('parent' => 0, 'email' => false, 'status' => 1, 'page' => urldecode(\Input::get('page')));
$input = array_merge($def, \Input::get());
$data = \Comments::get_comments($input);
return \Response::json(array('success' => true, 'data' => $data));
} else {
return 0;
}
break;
}
}
// POST actions
if (\Input::get('action')) {
//if (Comments::config('logged_only') && !com_is_logged())
//die('0');
switch (\Input::get('action')) {
case 'add-comment':
$def = array('page' => urldecode(\Input::get('page')));
$input = array_merge($def, \Input::get());
$data = \Comments::add_comment($input);
if (!empty(\Comments::$errors)) {
return \Response::json(array('success' => false, 'data' => \Comments::$errors));
} else {
return \Response::json(array('success' => true, 'data' => $data));
}
break;
}
}
}
echo json_encode(array('success' => true, 'data' => $data));
} else {
echo 0;
}
break;
}
}
// POST actions
if (isset($_POST['action'])) {
if (Comments::config('logged_only') && !com_is_logged()) {
die('0');
}
switch ($_POST['action']) {
case 'add-comment':
$_POST['page'] = urldecode($_POST['page']);
$data = Comments::add_comment($_POST);
if (!empty(Comments::errors)) {
echo json_encode(array('success' => false, 'data' => Comments::errors));
} else {
echo json_encode(array('success' => true, 'data' => $data));
}
break;
case 'comment-notification':
if (!empty($_POST['comment_id']) and is_numeric($_POST['comment_id']) and isset($_SESSION['com_email_notif']) and $_SESSION['com_email_notif'] + 6 > time()) {
$rows = 'id,page,author,author_email,author_url,date,comment,user_id,author_ip,status';
Comments::set_config(array('comment_reply' => false));
$comment = Comments::get_comments(array('id' => $_POST['comment_id'], 'rows' => $rows));
$templates = Comments::config('email_templates');
$notif_email = Comments::config('comment_notification');
if (!empty($notif_email) and !empty($comment)) {
if ($comment['status'] == 1) {
<?php
require_once "../include/comments.php";
require_once "../include/users.php";
require_once "../include/functions.php";
require_once "../include/pictures.php";
session_start();
require_login();
$error = False;
if (isset($_POST['previewid']) && isset($_POST['picid'])) {
$cur = Users::current_user();
if (!Comments::add_comment($_POST['previewid'], $cur['id'])) {
$error = True;
} else {
http_redirect(".." . Pictures::$VIEW_PIC_URL . "?picid=" . $_POST['picid']);
}
} else {
$error = True;
}
if ($error) {
if (isset($_POST['previewid'])) {
http_redirect(".." . Pictures::$VIEW_PIC_URL . "?picid=" . $_POST['picid']);
} else {
error_404();
}
}
if (strlen(@$_REQUEST['author_email']) > 0 && strpos(@$_REQUEST['author_email'], '@') === false) {
$invalid_fields['author_email'] = "Enter a valid email address";
}
if (strlen(@$_REQUEST['body']) < 4) {
$invalid_fields['body'] = "Enter a message";
}
if ($comment->is_spam()) {
$invalid_fields[''] = "Go away spammer!.";
}
if (!Captcha::is_answered()) {
$invalid_fields['captcha'] = "Go away spammer!.";
}
$ok = count($invalid_fields) == 0;
// store
if ($ok) {
$ok = Comments::add_comment($page->url, $comment);
}
// store and done
if ($ok) {
// send email to subscribers
$mail_subject = "Reply to blog post '{$page->title}'";
$mail_from = BLOG_TITLE . "<*****@*****.**>";
$mail_headers = "From: {$mail_from}\r\nReply-To: {$mail_from}";
$mail_body = "{$comment->author_name} has replied to a blog post *{$page->title}*, to which you are subscribed.\n\n";
$mail_body .= "Url: " . $page->full_url() . "#comment-" . $comment->id . "\n\n";
$mail_body .= "Message:\n" . $comment->body;
foreach (Comments::get_subscribers($page->url) as $to) {
if ($to == $comment->author_email) {
continue;
}
// don't send mail to self
