function defensio_create_table()
{
global $database, $entry;
$name = "defensio";
$plugin = "Defensio";
$version = "0.1 beta";
$table_name = $database['prefix'] . $name;
$row = POD::queryRow("SHOW TABLES LIKE '{$table_name}'");
if (!$row) {
$sql = "CREATE TABLE IF NOT EXISTS " . $table_name . " (\n\t\t\tblog_ID int(11) NOT NULL, \n\t\t\tcomment_ID int(11) NOT NULL, \n\t\t\tcomment_TYPE char(1) NOT NULL DEFAULT 'C', \n\t\t\tspaminess FLOAT NOT NULL, \n\t\t\tsignature VARCHAR(55) NOT NULL, \n\t\t\tPRIMARY KEY (blog_ID,comment_ID, comment_TYPE)\n\t\t);";
if (POD::execute($sql)) {
$keyname = POD::escapeString(UTF8::lessenAsEncoding('Database_' . $name, 32));
$value = POD::escapeString(UTF8::lessenAsEncoding($plugin . '/' . $version, 255));
POD::execute("INSERT INTO {$database['prefix']}ServiceSettings SET name='{$keyname}', value ='{$value}'");
}
}
}
function sendTrackback($blogid, $entryId, $url)
{
global $defaultURL, $blog;
requireModel('blog.entry');
requireModel('blog.keyword');
$entry = getEntry($blogid, $entryId);
if (is_null($entry)) {
return false;
}
$link = "{$defaultURL}/{$entryId}";
$title = htmlspecialchars($entry['title']);
$entry['content'] = getEntryContentView($blogid, $entryId, $entry['content'], $entry['contentformatter'], getKeywordNames($blogid));
$excerpt = str_tag_on(UTF8::lessen(removeAllTags(stripHTML($entry['content'])), 255));
$blogTitle = $blog['title'];
$isNeedConvert = strpos($url, '/rserver.php?') !== false || strpos($url, 'blog.naver.com/tb') !== false || strpos($url, 'news.naver.com/tb/') !== false || strpos($url, 'blog.empas.com') !== false || strpos($url, 'blog.yahoo.com') !== false || strpos($url, 'www.blogin.com/tb/') !== false || strpos($url, 'cytb.cyworld.nate.com') !== false || strpos($url, 'www.cine21.com/Movies/tb.php') !== false;
if ($isNeedConvert) {
$title = UTF8::convert($title, 'EUC-KR');
$excerpt = UTF8::convert($excerpt, 'EUC-KR');
$blogTitle = UTF8::convert($blogTitle, 'EUC-KR');
$content = "url=" . rawurlencode($link) . "&title=" . rawurlencode($title) . "&blog_name=" . rawurlencode($blogTitle) . "&excerpt=" . rawurlencode($excerpt);
$request = new HTTPRequest('POST', $url);
$request->contentType = 'application/x-www-form-urlencoded; charset=euc-kr';
$isSuccess = $request->send($content);
} else {
$content = "url=" . rawurlencode($link) . "&title=" . rawurlencode($title) . "&blog_name=" . rawurlencode($blogTitle) . "&excerpt=" . rawurlencode($excerpt);
$request = new HTTPRequest('POST', $url);
$request->contentType = 'application/x-www-form-urlencoded; charset=utf-8';
$isSuccess = $request->send($content);
}
if ($isSuccess && checkResponseXML($request->responseText) === 0) {
// $url = POD::escapeString(UTF8::lessenAsEncoding($url, 255));
$trackbacklog = new TrackbackLog();
$trackbacklog->entry = $entryId;
$trackbacklog->url = POD::escapeString(UTF8::lessenAsEncoding($url, 255));
$trackbacklog->add();
// POD::query("INSERT INTO {$database['prefix']}TrackbackLogs VALUES ($blogid, '', $entryId, '$url', UNIX_TIMESTAMP())");
return true;
}
return false;
}
function getTagsWithEntryString($entryTag)
{
global $database;
$tags = explode(',', $entryTag);
$ret = array();
foreach ($tags as $tag) {
$tag = UTF8::lessenAsEncoding($tag, 255, '');
$tag = str_replace('"', '"', $tag);
$tag = str_replace(''', '\'', $tag);
$tag = preg_replace('/ +/', ' ', $tag);
$tag = preg_replace('/[\\x00-\\x1f]|[\\x7f]/', '', $tag);
$tag = preg_replace('/^(-|\\s)+/', '', $tag);
$tag = preg_replace('/(-|\\s)+$/', '', $tag);
$tag = trim($tag);
array_push($ret, $tag);
}
return $ret;
}
function receiveNotifiedComment($post)
{
if (empty($post['mode']) || $post['mode'] != 'fb') {
return 1;
}
global $database;
CacheControl::flushCommentNotifyRSS();
$post = fireEvent('ReceiveNotifiedComment', $post);
if ($post === false) {
return 7;
}
$blogid = getBlogId();
$title = POD::escapeString(UTF8::lessenAsEncoding($post['s_home_title'], 255));
$name = POD::escapeString(UTF8::lessenAsEncoding($post['s_name'], 255));
$entryId = POD::escapeString($post['s_no']);
$homepage = POD::escapeString(UTF8::lessenAsEncoding($post['url'], 255));
$entryurl = POD::escapeString($post['s_url']);
$entrytitle = POD::escapeString($post['s_post_title']);
$parent_id = $post['r1_no'];
$parent_name = POD::escapeString(UTF8::lessenAsEncoding($post['r1_name'], 80));
$parent_parent = $post['r1_rno'];
$parent_homepage = POD::escapeString(UTF8::lessenAsEncoding($post['r1_homepage'], 80));
$parent_written = $post['r1_regdate'];
$parent_comment = POD::escapeString($post['r1_body']);
$parent_url = POD::escapeString(UTF8::lessenAsEncoding($post['r1_url'], 255));
$child_id = $post['r2_no'];
$child_name = POD::escapeString(UTF8::lessenAsEncoding($post['r2_name'], 80));
$child_parent = $post['r2_rno'];
$child_homepage = POD::escapeString(UTF8::lessenAsEncoding($post['r2_homepage'], 80));
$child_written = $post['r2_regdate'];
$child_comment = POD::escapeString($post['r2_body']);
$child_url = POD::escapeString(UTF8::lessenAsEncoding($post['r2_url'], 255));
$siteid = POD::queryCell("SELECT id FROM {$database['prefix']}CommentsNotifiedSiteInfo WHERE url = '{$homepage}'");
if (empty($siteid)) {
$insertId = getCommentsNotifiedSiteInfoMaxId() + 1;
if (POD::execute("INSERT INTO {$database['prefix']}CommentsNotifiedSiteInfo\n\t\t\t( id, title, name, url, modified)\n\t\t\tVALUES ({$insertId}, '{$title}', '{$name}', '{$homepage}', UNIX_TIMESTAMP());")) {
$siteid = $insertId;
} else {
return 2;
}
}
$parentId = POD::queryCell("SELECT id\n\t\tFROM {$database['prefix']}CommentsNotified\n\t\tWHERE entry = {$entryId}\n\t\t\tAND siteid = {$siteid}\n\t\t\tAND blogid = {$blogid}\n\t\t\tAND remoteid = {$parent_id}");
if (empty($parentId)) {
$insertId = getCommentsNotifiedMaxId() + 1;
$sql = "INSERT INTO {$database['prefix']}CommentsNotified\n\t\t\t( blogid , replier , id , entry , parent , name , password , homepage , secret , comment , ip , written, modified , siteid , isnew , url , remoteid ,entrytitle , entryurl )\n\t\t\tVALUES (\n\t\t\t\t{$blogid}, NULL , {$insertId}, " . $entryId . ", " . (empty($parent_parent) ? 'null' : $parent_parent) . ", '" . $parent_name . "', '', '" . $parent_homepage . "', '', '" . $parent_comment . "', '', " . $parent_written . ",UNIX_TIMESTAMP(), " . $siteid . ", 1, '" . $parent_url . "'," . $parent_id . ", '" . $entrytitle . "', '" . $entryurl . "'\n)";
if (!POD::execute($sql)) {
return 3;
}
$parentId = $insertId;
}
if (POD::queryCell("SELECT count(*) FROM {$database['prefix']}CommentsNotified WHERE siteid={$siteid} AND remoteid={$child_id}") > 0) {
return 4;
}
$insertId = getCommentsNotifiedMaxId() + 1;
$sql = "INSERT INTO {$database['prefix']}CommentsNotified\n\t\t( blogid , replier , id , entry , parent , name , password , homepage , secret , comment , ip , written, modified , siteid , isnew , url , remoteid ,entrytitle , entryurl )\n\t\tVALUES (\n\t\t\t{$blogid}, NULL , {$insertId}, " . $entryId . ", {$parentId}, '{$child_name}', '', '{$child_homepage}', '', '{$child_comment}', '', {$child_written}, UNIX_TIMESTAMP(), {$siteid}, 1, '{$child_url}', {$child_id}, '{$entrytitle}', '{$entryurl}')";
if (!POD::execute($sql)) {
return 5;
}
$sql = "UPDATE {$database['prefix']}CommentsNotified SET modified = UNIX_TIMESTAMP() WHERE blogid = {$blogid} AND id = {$parentId}";
if (!POD::execute($sql)) {
return 6;
}
return 0;
}
function sendInvitationMail($blogid, $userid, $name, $comment, $senderName, $senderEmail)
{
global $database, $service, $hostURL, $serviceURL;
if (empty($blogid)) {
$blogid = POD::queryCell("SELECT max(blogid)\n\t\t\tFROM {$database['prefix']}BlogSettings");
// If no blogid, get the latest created blogid.
}
$email = getUserEmail($userid);
$password = POD::queryCell("SELECT password\n\t\tFROM {$database['prefix']}Users\n\t\tWHERE userid = " . $userid);
$authtoken = getAuthToken($userid);
$blogName = getBlogName($blogid);
if (empty($email)) {
return 1;
}
if (!preg_match('/^[^@]+@([-a-zA-Z0-9]+\\.)+[-a-zA-Z0-9]+$/', $email)) {
return 2;
}
if (empty($name)) {
$name = User::getName($userid);
}
if (strcmp($email, UTF8::lessenAsEncoding($email, 64)) != 0) {
return 11;
}
//$loginid = POD::escapeString(UTF8::lessenAsEncoding($email, 64));
$name = POD::escapeString(UTF8::lessenAsEncoding($name, 32));
//$headers = 'From: ' . encodeMail($senderName) . '<' . $senderEmail . ">\n" . 'X-Mailer: ' . TEXTCUBE_NAME . "\n" . "MIME-Version: 1.0\nContent-Type: text/html; charset=utf-8\n";
if (empty($name)) {
$subject = _textf('귀하를 %1님이 초대합니다', $senderName);
} else {
$subject = _textf('%1님을 %2님이 초대합니다', $name, $senderName);
}
$message = file_get_contents(ROOT . "/resources/style/letter/letter.html");
$message = str_replace('[##_title_##]', _text('초대장'), $message);
$message = str_replace('[##_content_##]', $comment, $message);
$message = str_replace('[##_images_##]', $serviceURL . "/resources/style/letter", $message);
$message = str_replace('[##_link_##]', getInvitationLink(getBlogURL($blogName), $email, $password, $authtoken), $message);
$message = str_replace('[##_go_blog_##]', getBlogURL($blogName), $message);
$message = str_replace('[##_link_title_##]', _text('블로그 바로가기'), $message);
if (empty($name)) {
$message = str_replace('[##_to_##]', '', $message);
} else {
$message = str_replace('[##_to_##]', _text('받는 사람') . ': ' . $name, $message);
}
$message = str_replace('[##_sender_##]', _text('보내는 사람') . ': ' . $senderName, $message);
$ret = sendEmail($senderName, $senderEmail, $name, $email, $subject, $message);
if ($ret !== true) {
return array(14, $ret[1]);
}
return true;
}
function updateEntriesOfCategory($blogid, $categoryId = -1)
{
global $database;
if ($categoryId == -1) {
$result = POD::queryAll("SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND parent IS NULL");
} else {
$parent = getParentCategoryId($blogid, $categoryId);
if (empty($parent)) {
// It is parent.
$lookup = $categoryId;
} else {
$lookup = $parent;
}
$result = POD::queryAll("SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND id = {$lookup}");
}
foreach ($result as $row) {
$parent = $row['id'];
$parentName = UTF8::lessenAsEncoding($row['name'], 127);
$row['name'] = POD::escapeString($parentName);
$countParent = POD::queryCell("SELECT COUNT(id) FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND draft = 0 AND visibility > 0 AND category = {$parent}");
$countInLoginParent = POD::queryCell("SELECT COUNT(id) FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND draft = 0 AND category = {$parent}");
$result2 = POD::queryAll("SELECT * FROM {$database['prefix']}Categories WHERE blogid = {$blogid} AND parent = {$parent}");
foreach ($result2 as $rowChild) {
$label = POD::escapeString(UTF8::lessenAsEncoding($parentName . '/' . $rowChild['name'], 255));
$rowChild['name'] = POD::escapeString(UTF8::lessenAsEncoding($rowChild['name'], 127));
$countChild = POD::queryCell("SELECT COUNT(id) FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND draft = 0 AND visibility > 0 AND category = {$rowChild['id']}");
$countInLogInChild = POD::queryCell("SELECT COUNT(id) FROM {$database['prefix']}Entries WHERE blogid = {$blogid} AND draft = 0 AND category = {$rowChild['id']}");
POD::query("UPDATE {$database['prefix']}Categories SET entries = {$countChild}, entriesinlogin = {$countInLogInChild}, label = '{$label}' WHERE blogid = {$blogid} AND id = {$rowChild['id']}");
$countParent += $countChild;
$countInLoginParent += $countInLogInChild;
}
POD::query("UPDATE {$database['prefix']}Categories SET entries = {$countParent}, entriesinlogin = {$countInLoginParent}, label = '{$row['name']}' WHERE blogid = {$blogid} AND id = {$parent}");
}
if ($categoryId >= 0) {
CacheControl::flushCategory($categoryId);
}
clearCategoryCache();
return true;
}
function updateLink($blogid, $link)
{
global $database;
$id = $link['id'];
$name = UTF8::lessenAsEncoding(trim($link['name']), 255);
$url = UTF8::lessenAsEncoding(trim($link['url']), 255);
if (empty($name) || empty($url)) {
return false;
}
$category = isset($link['category']) ? $link['category'] : 0;
$name = POD::escapeString($name);
$url = POD::escapeString($url);
if (isset($link['newCategory']) && !empty($link['newCategory'])) {
// Add new category information
$newCategoryTitle = UTF8::lessenAsEncoding(trim($link['newCategory']), 255);
$newCategoryId = addLinkCategory($blogid, $newCategoryTitle);
if (!empty($newCategoryId)) {
$category = $newCategoryId;
}
}
$rss = isset($link['rss']) ? POD::escapeString(UTF8::lessenAsEncoding(trim($link['rss']), 255)) : '';
$result = POD::execute("UPDATE {$database['prefix']}Links\n\t\t\t\tSET\n\t\t\t\t\tcategory = {$category},\n\t\t\t\t\tname = '{$name}',\n\t\t\t\t\turl = '{$url}',\n\t\t\t\t\trss = '{$rss}',\n\t\t\t\t\twritten = UNIX_TIMESTAMP()\n\t\t\t\tWHERE\n\t\t\t\t\tblogid = {$blogid} and id = {$link['id']}");
// Garbage correction
$existCategories = POD::queryColumn("SELECT DISTINCT category FROM {$database['prefix']}Links\n\t\t\tWHERE blogid = {$blogid}");
@POD::execute("DELETE FROM {$database['prefix']}LinkCategories\n\t\t\tWHERE blogid = {$blogid} AND id NOT IN (" . implode(",", $existCategories) . ")");
return $result;
}
function treatPluginTable($plugin, $name, $fields, $keys, $version)
{
global $database;
if (doesExistTable($database['prefix'] . $name)) {
$keyname = 'Database_' . $name;
$value = $plugin;
$result = getServiceSetting($keyname, null);
if (is_null($result)) {
$keyname = UTF8::lessenAsEncoding($keyname, 32);
$value = UTF8::lessenAsEncoding($plugin . '/' . $version, 255);
$query = DBModel::getInstance();
$query->reset('ServiceSettings');
$query->setAttribute('name', $keyname, true);
$query->setAttribute('value', $value, true);
$query->insert();
} else {
$keyname = UTF8::lessenAsEncoding($keyname, 32);
$value = UTF8::lessenAsEncoding($plugin . '/' . $version, 255);
$values = explode('/', $result, 2);
if (strcmp($plugin, $values[0]) != 0) {
// diff plugin
return false;
// nothing can be done
} else {
if (strcmp($version, $values[1]) != 0) {
$query = DBModel::getInstance();
$query->reset('ServiceSettings');
$query->setQualifier('name', 'equals', $keyname, true);
$query->setAttribute('value', $value, true);
$query->update();
$eventName = 'UpdateDB_' . $name;
fireEvent($eventName, $values[1]);
}
}
}
return true;
} else {
$query = "CREATE TABLE {$database['prefix']}{$name} (blogid int(11) NOT NULL default 0,";
$isaiExists = false;
$index = '';
foreach ($fields as $field) {
$ai = '';
if (strtolower($field['attribute']) == 'int' || strtolower($field['attribute']) == 'mediumint') {
if ($field['autoincrement'] == 1 && !$isaiExists) {
$ai = ' AUTO_INCREMENT ';
$isaiExists = true;
if (!in_array($field['name'], $keys)) {
$index = ", KEY({$field['name']})";
}
}
}
$isNull = $field['isnull'] == 0 ? ' NOT NULL ' : ' NULL ';
$defaultValue = is_null($field['default']) ? '' : " DEFAULT '" . POD::escapeString($field['default']) . "' ";
$fieldLength = $field['length'] >= 0 ? "(" . $field['length'] . ")" : '';
$sentence = $field['name'] . " " . $field['attribute'] . $fieldLength . $isNull . $defaultValue . $ai . ",";
$query .= $sentence;
}
array_unshift($keys, 'blogid');
$query .= " PRIMARY KEY (" . implode(',', $keys) . ")";
$query .= $index;
$query .= ") TYPE=MyISAM ";
$query .= POD::charset() == 'utf8' ? 'DEFAULT CHARSET=utf8' : '';
if (POD::execute($query)) {
$keyname = POD::escapeString(UTF8::lessenAsEncoding('Database_' . $name, 32));
$value = POD::escapeString(UTF8::lessenAsEncoding($plugin . '/' . $version, 255));
POD::execute("INSERT INTO {$database['prefix']}ServiceSettings SET name='{$keyname}', value ='{$value}'");
return true;
} else {
return false;
}
}
return true;
}
function saveFeedItem($feedId, $item)
{
global $database;
$item = fireEvent('SaveFeedItem', $item);
$item['permalink'] = POD::escapeString(UTF8::lessenAsEncoding(UTF8::correct($item['permalink'])));
$item['author'] = POD::escapeString(UTF8::lessenAsEncoding(UTF8::correct($item['author'])));
$item['title'] = POD::escapeString(UTF8::lessenAsEncoding(UTF8::correct($item['title'])));
$item['description'] = POD::escapeString(UTF8::lessenAsEncoding(UTF8::correct($item['description']), 65535));
$tagString = POD::escapeString(UTF8::lessenAsEncoding(UTF8::correct(implode(', ', $item['tags']))));
$enclosureString = POD::escapeString(UTF8::lessenAsEncoding(UTF8::correct(implode('|', $item['enclosures']))));
if ($item['written'] > gmmktime() + 86400) {
return false;
}
$deadLine = 0;
$feedlife = POD::queryCell("SELECT feedlife FROM {$database['prefix']}FeedSettings");
if ($feedlife > 0) {
$deadLine = gmmktime() - $feedlife * 86400;
}
if ($id = POD::queryCell("SELECT id FROM {$database['prefix']}FeedItems WHERE permalink='{$item['permalink']}'") && $item['written'] != 0) {
$result = POD::query("UPDATE {$database['prefix']}FeedItems SET author = '{$item['author']}', title = '{$item['title']}', description = '{$item['description']}', tags = '{$tagString}', enclosure = '{$enclosureString}', written = {$item['written']} WHERE id = {$id}");
/*
TODO : 읽은글이 읽지않은 글로 표시되는 문제 원인이 찾아질때 까지 막아둠
if (POD::num_rows($result) > 0)
POD::query("DELETE FROM {$database['prefix']}FeedReads WHERE item = $id");
*/
} else {
if ($id != null) {
return false;
} else {
if ($item['written'] == 0) {
$item['written'] = gmmktime();
}
if ($item['written'] > $deadLine) {
$id = POD::queryCell("SELECT max(id) FROM {$database['prefix']}FeedItems");
if (!$id) {
$id = 0;
}
$id++;
POD::query("INSERT INTO {$database['prefix']}FeedItems VALUES({$id}, {$feedId}, '{$item['author']}', '{$item['permalink']}', '{$item['title']}', '{$item['description']}', '{$tagString}', '{$enclosureString}', {$item['written']})");
}
}
}
return true;
}
function addAttachment($blogid, $parent, $file)
{
global $database;
if (empty($file['name']) || $file['error'] != 0) {
return false;
}
$filename = $file['name'];
$pool = DBModel::getInstance();
$pool->reset('Attachments');
$pool->setQualifier('blogid', 'equals', $blogid);
$pool->setQualifier('parent', 'equals', $parent);
$pool->setQualifier('label', 'equals', $filename, true);
if ($pool->getCell('count(*)') > 0) {
return false;
}
$attachment = array();
$attachment['parent'] = $parent ? $parent : 0;
$attachment['label'] = Path::getBaseName($file['name']);
$attachment['size'] = $file['size'];
$extension = Misc::getFileExtension($attachment['label']);
switch (strtolower($extension)) {
case 'exe':
case 'php':
case 'sh':
case 'com':
case 'bat':
$extension = 'xxx';
break;
}
if (strlen($extension) > 6 || $extension == '') {
$extension = 'xxx';
}
$path = ROOT . "/attach/{$blogid}";
if (!is_dir($path)) {
mkdir($path);
if (!is_dir($path)) {
return false;
}
@chmod($path, 0777);
}
do {
$attachment['name'] = rand(1000000000, 9999999999) . ".{$extension}";
$attachment['path'] = "{$path}/{$attachment['name']}";
} while (file_exists($attachment['path']));
if ($imageAttributes = @getimagesize($file['tmp_name'])) {
$attachment['mime'] = $imageAttributes['mime'];
$attachment['width'] = $imageAttributes[0];
$attachment['height'] = $imageAttributes[1];
} else {
$attachment['mime'] = Misc::getMIMEType($extension);
$attachment['width'] = 0;
$attachment['height'] = 0;
}
if (!move_uploaded_file($file['tmp_name'], $attachment['path'])) {
return false;
}
@chmod($attachment['path'], 0666);
$attachment['label'] = UTF8::lessenAsEncoding($attachment['label'], 64);
$attachment['mime'] = UTF8::lessenAsEncoding($attachment['mime'], 32);
$pool->reset('Attachments');
$pool->setAttribute('blogid', $blogid);
$pool->setAttribute('parent', $attachment['parent']);
$pool->setAttribute('name', $attachment['name'], true);
$pool->setAttribute('label', $attachment['label'], true);
$pool->setAttribute('mime', $attachment['mime'], true);
$pool->setAttribute('size', $attachment['size'], true);
$pool->setAttribute('width', $attachment['width']);
$pool->setAttribute('height', $attachment['height']);
$pool->setAttribute('attached', Timestamp::getUNIXtime());
$pool->setAttribute('downloads', 0);
$pool->setAttribute('enclosure', 0);
$result = $pool->insert();
if (!$result) {
@unlink($attachment['path']);
return false;
}
return $attachment;
}
function api_update_attaches_with_replace($entryId)
{
global $database;
$newFiles = POD::queryAll("SELECT name, label FROM {$database['prefix']}Attachments WHERE blogid=" . getBlogId() . " AND parent=0");
if ($newFiles) {
foreach ($newFiles as $newfile) {
$newfile['label'] = POD::escapeString(UTF8::lessenAsEncoding($newfile['label'], 64));
$oldFile = POD::queryCell("SELECT name FROM {$database['prefix']}Attachments WHERE blogid=" . getBlogId() . " AND parent={$entryId} AND label='{$newfile['label']}'");
if (!is_null($oldFile)) {
deleteAttachment(getBlogId(), $entryId, $oldFile);
}
}
}
api_update_attaches($entryId);
}
