Text to help preserve UTF-8 file encoding: 汉语漢語. */ if (!isset($cmtx_path)) { die('Access Denied.'); } if (isset($_POST['cmtx_submit']) || isset($_POST['cmtx_sub']) || isset($_POST['cmtx_preview']) || isset($_POST['cmtx_prev'])) { //if data submitted if (!cmtx_is_form_enabled(false)) { //if form is disabled return; //exit file } define('CMTX_PROCESSING', true); //define that the form was submitted $cmtx_ip_address = cmtx_get_ip_address(); //get user's IP address cmtx_check_if_banned(); //check if user is banned //initialise a few variables $cmtx_approve = false; $cmtx_approve_reason = ""; $cmtx_error = false; $cmtx_error_message = ""; $cmtx_error_total = 0; /* Security Key */ if (!isset($_POST['cmtx_security_key'])) { //no security key submitted cmtx_ban(CMTX_BAN_REASON_NO_SECURITY_KEY); //ban user for no security key } else {
function cmtx_has_rated_form() { //checks whether user has already rated global $cmtx_mysql_table_prefix, $cmtx_page_id; //globalise variables $ip_address = cmtx_get_ip_address(); $rated = false; //initialise flag as false if (cmtx_db_num_rows(cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `page_id` = '{$cmtx_page_id}' AND `ip_address` = '{$ip_address}' AND `rating` != '0'")) != 0) { $rated = true; } return $rated; }
} } } } else { if (isset($_SESSION['cmtx_username']) && isset($_SESSION['cmtx_password']) && cmtx_valid_account($_SESSION['cmtx_username'], $_SESSION['cmtx_password']) == '3') { //currently logged in, no action required. //verify user-agent if ($_SESSION['cmtx_user_agent'] != $_SERVER['HTTP_USER_AGENT']) { cmtx_log_out('exit'); } //verify user-language if ($_SESSION['cmtx_user_lang'] != $_SERVER['HTTP_ACCEPT_LANGUAGE']) { cmtx_log_out('exit'); } //verify ip-address if ($_SESSION['cmtx_ip_address'] != cmtx_get_ip_address()) { //cmtx_log_out('exit'); } } else { if (isset($_SESSION['cmtx_username']) && isset($_SESSION['cmtx_password']) && cmtx_valid_account($_SESSION['cmtx_username'], $_SESSION['cmtx_password']) != '3') { //logged in, but shouldn't be cmtx_log_out('exit'); } else { if (isset($_GET['page']) && $_GET['page'] == 'reset') { ?> <!DOCTYPE html> <html> <head> <title>Commentics: Reset</title> <meta name="robots" content="noindex"/> <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
function cmtx_unban_viewer() { //unban viewer if requested global $cmtx_mysql_table_prefix; //globalise variables $bans = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "bans` WHERE `unban` = '1'"); while ($ban = cmtx_db_fetch_assoc($bans)) { if (cmtx_get_ip_address() == $ban['ip_address']) { ?> <script type="text/javascript"> // <![CDATA[ jQuery.removeCookie('Commentics-Ban', { path: '/' }); // ]]> </script><?php cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "bans` WHERE `id` = '" . $ban['id'] . "'"); } } }
function cmtx_user_trusted() { //check if user has previously posted an approved comment global $cmtx_name, $cmtx_mysql_table_prefix; //globalise variables $ip_address = cmtx_get_ip_address(); //get user's IP address //if the user's name and IP address match and an approved comment is found if (cmtx_db_num_rows(cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "comments` WHERE `name` = '{$cmtx_name}' AND `ip_address` = '{$ip_address}' AND `is_approved` = '1'"))) { return true; //user is trusted } else { return false; //user is not trusted } }
<div style="clear: left;"></div> <?php } } ?> <?php $admin_id = cmtx_get_admin_id(); ?> <?php $detection = cmtx_db_query("SELECT * FROM `" . $cmtx_mysql_table_prefix . "admins` WHERE `id` = '{$admin_id}'"); $detection = cmtx_db_fetch_assoc($detection); $ip_address = $detection["ip_address"]; if ($ip_address != cmtx_get_ip_address() && !cmtx_setting('is_demo')) { cmtx_db_query("UPDATE `" . $cmtx_mysql_table_prefix . "admins` SET `ip_address` = '" . cmtx_get_ip_address() . "' WHERE `id` = '{$admin_id}'"); ?> <div class="info"><?php echo CMTX_MSG_IP_ADDRESS_UPDATED; ?> </div> <div style="clear: left;"></div> <?php } ?> <?php if (isset($_POST['submit']) && cmtx_setting('is_demo')) { ?> <div class="warning"><?php echo CMTX_MSG_DEMO;
function cmtx_delete_attempts() { //delete attempts on login page global $cmtx_mysql_table_prefix; $ip_address = cmtx_get_ip_address(); cmtx_db_query("DELETE FROM `" . $cmtx_mysql_table_prefix . "attempts` WHERE `ip_address` = '{$ip_address}'"); }