function requireMembership()
{
$context = Model_Context::getInstance();
if (doesHaveMembership()) {
return true;
}
$_SESSION['refererURI'] = $context->getProperty('uri.host') . $_SERVER['REQUEST_URI'];
requireLogin();
}
<?php
/// Copyright (c) 2004-2015, Needlworks / Tatter Network Foundation
/// All rights reserved. Licensed under the GPL.
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('POST' => array('save' => array(array('on'), 'mandatory' => false)));
require ROOT . '/library/preprocessor.php';
if (false) {
doesHaveMembership();
doesHaveOwnership();
Session::authorize();
login();
fetchConfigVal();
}
function printIphoneLinksView($links)
{
global $blogURL, $skinSetting, $suri, $pathURL;
if (rtrim($suri['url'], '/') == $pathURL) {
$home = true;
} else {
$home = false;
}
foreach ($links as $link) {
if (!doesHaveOwnership() && $link['visibility'] == 0 || !doesHaveMembership() && $link['visibility'] < 2) {
continue;
}
$linkView .= '<li><a href="' . htmlspecialchars($link['url']) . '" class="link" target="_blank">' . htmlspecialchars(UTF8::lessenAsEm($link['name'], $skinSetting['linkLength'])) . '</a></li>' . CRLF;
}
return $linkView;
}
?>
");
//]]>
</script>
<?php
} else {
if (addComment($blogid, $comment) !== false) {
if (!$comment['secret']) {
$pool->init("Entries");
$pool->setQualifier("blogid", "eq", $blogid);
$pool->setQualifier("id", "eq", $comment['entry']);
$pool->setQualifier("draft", "eq", 0);
$pool->setQualifier("visibility", "eq", 3);
$pool->setQualifier("acceptcomment", "eq", 1);
if ($row = $pool->getRow()) {
sendCommentPing($comment['entry'], $context->getProperty('uri.default') . "/" . ($context->getProperty('blog.useSloganOnPost') ? "entry/{$row['slogan']}" : $comment['entry']), !doesHaveMembership() ? $comment['name'] : User::getName(), !doesHaveMembership() ? $comment['homepage'] : User::getHomepage());
}
}
$skin = new Skin($context->getProperty('skin.skin'));
printHtmlHeader();
?>
<script type="text/javascript">
//<![CDATA[
alert("<?php
echo _text('댓글이 등록되었습니다.');
?>
");
<?php
notifyComment();
$entry = array();
$entry['id'] = $comment['entry'];
function getLinkListView($links)
{
$context = Model_Context::getInstance();
if (rtrim($context->getProperty('suri.url'), '/') == $context->getProperty('uri.path')) {
$home = true;
} else {
$home = false;
}
$categoryName = null;
$buffer = '<ul>' . CRLF;
$showXfn = Setting::getBlogSettingGlobal('useMicroformat', 3) > 1;
foreach ($links as $link) {
if (!doesHaveOwnership() && $link['visibility'] == 0 || !doesHaveMembership() && $link['visibility'] < 2) {
continue;
}
if ($categoryName != $link['categoryName']) {
if (!empty($categoryName)) {
$buffer .= '</ul>' . CRLF . '</li>' . CRLF;
}
$categoryName = $link['categoryName'];
$buffer .= '<li><span class="link_ct">' . htmlspecialchars($link['categoryName']) . '</span>' . CRLF . '<ul>' . CRLF;
}
if ($showXfn && $home && $link['xfn']) {
addXfnAttrs(htmlspecialchars($link['url']), htmlspecialchars($link['xfn']), $link['url']);
}
$buffer .= '<li><a href="' . htmlspecialchars($link['url']) . '">' . fireEvent('ViewLink', htmlspecialchars(Utils_Unicode::lessenAsEm($link['name'], $context->getProperty('skin.linkLength')))) . '</a></li>' . CRLF;
}
if (!empty($categoryName)) {
$buffer .= '</ul>' . CRLF . '</li>' . CRLF;
}
$buffer .= '</ul>' . CRLF;
return $buffer;
}
/// Copyright (c) 2004-2012, Needlworks / Tatter Network Foundation
/// All rights reserved. Licensed under the GPL.
/// See the GNU General Public License for more details. (/documents/LICENSE, /documents/COPYRIGHT)
$IV = array('GET' => array('requestURI' => array('string', 'default' => null)), 'POST' => array('requestURI' => array('string', 'default' => null)));
define('__TEXTCUBE_LOGIN__', true);
require ROOT . '/library/preprocessor.php';
$ctx = Model_Context::getInstance();
$userURL = $ctx->getProperty('user.homepage');
if (substr($context->getProperty('uri.blog'), -1) != '/') {
$context->setProperty('uri.blog', $context->getProperty('uri.blog') . '/');
}
if (!isset($userURL)) {
$userURL = '/';
}
if (substr($userURL, -1) != '/') {
$userURL .= '/';
}
if (isset($_GET['requestURI'])) {
$_POST['requestURI'] = $_GET['requestURI'];
}
if (doesHaveMembership()) {
if (!empty($_POST['requestURI'])) {
$returnURL = $_POST['requestURI'];
} else {
$returnURL = $context->getProperty('uri.blog');
}
} else {
$returnURL = $context->getProperty('uri.blog');
}
logout();
header("Location: {$returnURL}");
Validator::addRule($customIV);
if (!Validator::isValid()) {
Respond::PrintResult(array('error' => 1, 'description' => 'Illegal parameters'));
}
requireStrictRoute();
header('Content-Type: text/xml; charset=utf-8');
if (!isset($_POST['key']) || $_POST['key'] != md5(filemtime(ROOT . '/config.php')) || !Setting::getBlogSettingGlobal('acceptComments', 0)) {
Respond::PrintResult(array('error' => 0, 'commentBlock' => '', 'recentCommentBlock' => ''));
exit;
}
$userName = isset($_POST["name"]) ? trim($_POST["name"]) : '';
$userPassword = isset($_POST["password"]) ? $_POST["password"] : '';
$userSecret = isset($_POST["secret"]) ? 1 : 0;
$userHomepage = isset($_POST["homepage"]) ? trim($_POST["homepage"]) : '';
$userComment = isset($_POST["comment"]) ? trim($_POST["comment"]) : '';
if (!doesHaveMembership() && !doesHaveOwnership() && $userName == '') {
Respond::PrintResult(array('error' => 2, 'description' => _text('이름을 입력해 주십시오.')));
exit;
} else {
if ($userComment == '') {
Respond::PrintResult(array('error' => 2, 'description' => _text('본문을 입력해 주십시오.')));
exit;
} else {
if (!empty($userName)) {
setcookie('guestName', $userName, time() + 2592000, $context->getProperty('uri.blog') . "/");
}
if (!empty($userHomepage) && $userHomepage != 'http://') {
if (strpos($userHomepage, 'http://') !== 0) {
$userHomepage = "http://{$userHomepage}";
}
setcookie('guestHomepage', $userHomepage, time() + 2592000, $context->getProperty('uri.blog') . "/");
function deleteComment($blogid, $id, $entry, $password)
{
global $database;
if (!is_numeric($id)) {
return false;
}
if (!is_numeric($entry)) {
return false;
}
$guestcomment = false;
if (POD::queryExistence("SELECT * FROM {$database['prefix']}Comments WHERE blogid = {$blogid} AND id = {$id} AND replier IS NULL")) {
$guestcomment = true;
}
$wherePassword = '';
$sql = "DELETE FROM {$database['prefix']}Comments\n\t\tWHERE blogid = {$blogid}\n\t\t\tAND id = {$id}\n\t\t\tAND entry = {$entry}";
if (!doesHaveOwnership()) {
if (Acl::getIdentity('openid') && empty($password)) {
$wherePassword = '******'' . Acl::getIdentity('openid') . '\'';
} else {
if ($guestcomment == false) {
if (!doesHaveMembership()) {
return false;
}
$wherePassword = '******' . getUserId();
} else {
$wherePassword = '******'' . md5($password) . '\'';
}
}
}
if (POD::queryCount($sql . $wherePassword)) {
CacheControl::flushCommentRSS($entry);
CacheControl::flushDBCache('comment');
updateCommentsOfEntry($blogid, $entry);
return true;
}
return false;
}
function deleteComment($blogid, $id, $entry, $password)
{
if (!is_numeric($id)) {
return false;
}
if (!is_numeric($entry)) {
return false;
}
$pool = DBModel::getInstance();
$guestcomment = false;
$pool->reset('Comments');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('id', 'eq', $id);
$pool->setQualifier('replier', 'eq', NULL);
if ($pool->doesExist()) {
$guestcomment = true;
}
$wherePassword = '';
$pool->reset('Comments');
$pool->setQualifier('blogid', 'eq', $blogid);
$pool->setQualifier('id', 'eq', $id);
$pool->setQualifier('entry', 'eq', $entry);
if (!doesHaveOwnership()) {
if (Acl::getIdentity('openid') && empty($password)) {
$pool->setQualifier('openid', Acl::getIdentity('openid'), true);
} else {
if ($guestcomment == false) {
if (!doesHaveMembership()) {
return false;
}
$pool->setQualifier('replier', 'eq', getUserId());
} else {
$pool->setQualifier('password', 'eq', md5($password), true);
}
}
}
if ($pool->getCount()) {
CacheControl::flushCommentRSS($entry);
CacheControl::flushDBCache('comment');
updateCommentsOfEntry($blogid, $entry);
return true;
}
return false;
}
function Recaptcha_AddingCommentHandler($target, $mother)
{
$context = Model_Context::getInstance();
$config = $context->getProperty('plugin.config');
if (doesHaveOwnership() || doesHaveMembership()) {
return true;
}
/* Skip validation if signed-in. */
if (!is_null($config) && isset($config['secretKey'])) {
$recaptcha_response = $_POST["g-recaptcha-response"];
$reqURL = "https://www.google.com/recaptcha/api/siteverify?secret={$config['secretKey']}&response={$recaptcha_response}";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $reqURL);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
curl_close($ch);
if ($output === false) {
Respond::PrintResult(array('error' => 2, 'description' => 'Cannot connect to the Google reCAPTCHA server.'));
return false;
} else {
$resp = json_decode($output, true);
if ($resp['success'] === true) {
/* Yay! The user is human. */
return true;
} else {
$err = implode(' ', $resp['error-codes']);
if (strpos($err, 'missing-input-secret') !== false) {
Respond::PrintResult(array('error' => 2, 'description' => 'Missing reCAPTCHA secret key!'));
} elseif (strpos($err, 'missing-input-response') !== false) {
Respond::PrintResult(array('error' => 2, 'description' => 'Missing reCAPTCHA response!'));
} elseif (strpos($err, 'invalid-input-secret') !== false) {
Respond::PrintResult(array('error' => 2, 'description' => 'Invalid reCAPTCHA secret key.'));
} elseif (strpos($err, 'invalid-input-response') !== false) {
Respond::PrintResult(array('error' => 2, 'description' => 'Invalid reCAPTCHA response.'));
}
}
}
/* It seems to be a robot! Silently fail. */
return false;
}
/* If the plugin is not configured yet, bypass validation. */
return true;
}
function getImageFileUpload($target)
{
global $database;
if (doesHaveOwnership() && doesHaveMembership()) {
$type = $_POST['type'];
$file = $_FILES['teamImageFile'];
$errcode = 0;
if ($type == "upload") {
$fileExt = Path::getExtension($file['name']);
if ($fileExt != '.gif' && $fileExt != '.jpg' && $fileExt != '.png') {
$errmsg = _t('잘못된 파일 형식입니다. 다시 시도하세요');
$errcode = 1;
} else {
$result = getAddAttachment($file);
$errmsg = _t('새로운 프로필 사진을 저장 했습니다.');
}
} else {
if ($type == "delete") {
$tmpImage = POD::queryCell("SELECT image FROM {$database['prefix']}TeamUserSettings WHERE blogid=" . getBlogId() . " and userid=" . getUserId());
if ($tmpImage) {
$result = getDeleteAttachment();
$errmsg = _t('등록된 프로필 사진을 삭제 하였습니다.');
} else {
$errmsg = _t('삭제할 파일이 없습니다. 다시 시도하세요');
$errcode = 1;
}
}
}
}
$script = '<script type="text/javascript">//<![CDATA' . CRLF;
if ($errcode != 1) {
$script .= ' window.parent.top.document.getElementById("teamImage").src = "' . $result . '";';
}
$script .= ' window.parent.top.PM.showMessage("' . $errmsg . '", "center", "bottom");';
$script .= '//]]></script>';
echo $script;
exit;
}
}
}
unset($listener);
}
if ($xmls->doesExist('/plugin/binding/tag')) {
foreach ($xmls->selectNodes('/plugin/binding/tag') as $tag) {
if (!empty($tag['.attributes']['name']) && !empty($tag['.attributes']['handler'])) {
if (!isset($tagMappings[$tag['.attributes']['name']])) {
$tagMappings[$tag['.attributes']['name']] = array();
}
array_push($tagMappings[$tag['.attributes']['name']], array('plugin' => $plugin, 'handler' => $tag['.attributes']['handler']));
}
}
unset($tag);
}
if (doesHaveMembership() && $xmls->doesExist('/plugin/binding/center')) {
$title = htmlspecialchars($xmls->getValue('/plugin/title[lang()]'));
foreach ($xmls->selectNodes('/plugin/binding/center') as $center) {
if (!empty($center['.attributes']['handler'])) {
if (isset($center['.attributes']['title'])) {
$title = $center['.attributes']['title'];
} else {
$title = htmlspecialchars($xmls->getValue('/plugin/title[lang()]'));
}
array_push($centerMappings, array('plugin' => $plugin, 'handler' => $center['.attributes']['handler'], 'title' => $title));
}
}
unset($title);
unset($center);
}
if ($xmls->doesExist('/plugin/binding/sidebar')) {
}
if (!$isLogin) {
$message = _text('아이디 또는 비밀번호가 틀렸습니다.');
if (!doesHaveMembership() && isLoginId(getBlogId(), $_POST['loginid'])) {
$showPasswordReset = true;
}
} else {
if (!doesHaveOwnership()) {
$message = _text('서비스의 회원이지만 이 블로그의 구성원이 아닙니다. 주소를 확인해 주시기 바랍니다.');
}
}
}
}
}
$authResult = fireEvent('LOGIN_try_auth', false);
if (doesHaveOwnership() || doesHaveMembership()) {
if (doesHaveOwnership() && !empty($_POST['requestURI'])) {
$url = parse_url($_POST['requestURI']);
if ($url && isset($url['host']) && !String::endsWith('.' . $url['host'], '.' . $context->getProperty('service.domain'))) {
$redirect = $context->getProperty('uri.blog') . "/login?requestURI=" . rawurlencode($_POST['requestURI']) . '&session=' . rawurlencode(session_id());
} else {
$redirect = $_POST['requestURI'];
}
} else {
$redirect = $_POST['refererURI'];
}
if (empty($_SESSION['lastloginRedirected']) || $_SESSION['lastloginRedirected'] != $redirect) {
$_SESSION['lastloginRedirected'] = $redirect;
} else {
unset($_SESSION['lastloginRedirected']);
}
function reCAPTCHAScript($target)
{
global $suri, $pluginURL;
$directive = array('archive', 'category', 'imageResizer', 'link', 'login', 'logout', 'pannels', 'protected', 'search', 'tag', 'trackback', 'rss', 'atom', 'ientry', 'sync', 'm');
if (in_array(str_replace('/', '', $suri['directive']), $directive)) {
return $target;
}
if (!doesHaveOwnership() && !doesHaveMembership()) {
$target .= '<script type="text/javascript" src="http://api.recaptcha.net/js/recaptcha_ajax.js"></script>
<script type="text/javascript">
//<![CDDA[
var reCAPTCHAentryIdWriteComment = 0;
if (typeof loadCommentCallback === "undefined") {
var loadCommentCallback = [];
}
if (typeof addCommentCallback === "undefined") {
var addCommentCallback = [];
}
var reCAPTCHAloadCommentCallback = function() {
reCAPTCHACommentVerify(arguments[0]);
return false;
};
var reCAPTCHAaddCommentCallback = function() {
reCAPTCHACommentVerify(arguments[1]);
return false;
};
var reCAPTCHACommentVerify = function(entryId) {
var entryId = entryId;
(function($) {
var options = {
beforeSubmit: showRecaptchaRequest,
success: showRecaptchaResponse,
url: "' . $pluginURL . '/verifycomment.php",
data: { \'entryId\': entryId },
forceSync: true
};
var form = $("#entry"+entryId+"WriteComment");
var commentType = $("input.commentTypeCheckbox:checked", form);
if (typeof commentType === "object")
{
$(\'<div id="recaptcha_entry\'+entryId+\'WriteComment"></div>\').insertAfter($("textarea", form));
Recaptcha.create("6LfJ7roSAAAAAO-z_EUw2kBOmm7Yyan-Qso5O8Q-", "recaptcha_entry"+entryId+"WriteComment", {
theme: "red",
tabindex: 0
});
$("input[type=submit]", form)
.attr("onclick","return false;")
.attr("id", "commentrebuildSubmit"+entryId.toString())
.click(function() {
reCAPTCHAentryIdWriteComment = entryId;
form.ajaxSubmit(options);
return false;
});
}
})(jQuery);
return false;
};
/*!
* $script.js v1.3
* https://github.com/ded/script.js
* Copyright: @ded & @fat - Dustin Diaz, Jacob Thornton 2011
* Follow our software http://twitter.com/dedfat
* License: MIT
*/
!function(a,b,c){function s(a,c){var e=b.createElement("script"),f=j;e.onload=e.onerror=e[o]=function(){e[m]&&!/^c|loade/.test(e[m])||f||(e.onload=e[o]=null,f=1,h[a]=2,c())},e.async=1,e.src=a,d.insertBefore(e,d.firstChild)}function q(a,b){p(a,function(a){return!b(a)})}var d=b.getElementsByTagName("head")[0],e={},f={},g={},h={},i="string",j=!1,k="push",l="DOMContentLoaded",m="readyState",n="addEventListener",o="onreadystatechange",p=function(a,b){for(var c=0,d=a.length;c<d;++c)if(!b(a[c]))return j;return 1};!b[m]&&b[n]&&(b[n](l,function u(){b.removeEventListener(l,u,j),b[m]="complete"},j),b[m]="loading");var r=function(a,b,d){function o(){if(!--m){e[l]=1,j&&j();for(var a in g)p(a.split("|"),n)&&!q(g[a],n)&&(g[a]=[])}}function n(a){return a.call?a():e[a]}a=a[k]?a:[a];var i=b&&b.call,j=i?b:d,l=i?a.join(""):b,m=a.length;c(function(){q(a,function(a){h[a]?(l&&(f[l]=1),h[a]==2&&o()):(h[a]=1,l&&(f[l]=1),s(r.path?r.path+a+".js":a,o))})},0);return r};r.get=s,r.ready=function(a,b,c){a=a[k]?a:[a];var d=[];!q(a,function(a){e[a]||d[k](a)})&&p(a,function(a){return e[a]})?b():!function(a){g[a]=g[a]||[],g[a][k](b),c&&c(d)}(a.join("|"));return r};var t=a.$script;r.noConflict=function(){a.$script=t;return this},typeof module!="undefined"&&module.exports?module.exports=r:a.$script=r}(this,document,setTimeout);
if(typeof jQuery === "undefined") {
$script("http://ajax.googleapis.com/ajax/libs/jquery/1.4.2/jquery.min.js", function() {
jQuery.noConflict();
finalreCAPTCHA();
});
} else {
finalreCAPTCHA();
}
function finalreCAPTCHA() {
$script(["' . $pluginURL . '/jquery.form.plugin.min.js","' . $pluginURL . '/jquery.expr.regex.js"], function() {
(function($) {
$(document).ready(function() {
var options = {
beforeSubmit: showRecaptchaRequest,
success: showRecaptchaResponse,
url: "' . $pluginURL . '/verifycomment.php",
forceSync: true
};
loadCommentCallback.push(reCAPTCHAloadCommentCallback);
addCommentCallback.push(reCAPTCHAaddCommentCallback);
if (typeof $("form:regex(id, entry[0-9]+WriteComment)") === "object") {
$("form:regex(id, entry[0-9]+WriteComment)").each(function(index, elem) {
var elem = $(elem), index = index;
var commentType = $("input.commentTypeCheckbox:checked", elem);
var entryId = parseInt(elem.attr("id").replace(/entry/,"").replace(/WriteComment/,""));
var options = {
beforeSubmit: showRecaptchaRequest,
success: showRecaptchaResponse,
url: "' . $pluginURL . '/verifycomment.php",
data: { \'entryId\': entryId },
forceSync: true
};
if (typeof commentType === "object")
{
$(\'<div id="recaptcha\'+entryId.toString()+\'"></div>\').insertAfter($("textarea", elem));
Recaptcha.create("6LfJ7roSAAAAAO-z_EUw2kBOmm7Yyan-Qso5O8Q-", "recaptcha"+entryId.toString(), {
theme: "red",
tabindex: 0
});
$("input[type=submit]", elem)
.attr("onclick","return false;")
.attr("id", "commentrebuildSubmit"+entryId.toString())
.click(function() {
elem.ajaxSubmit(options);
return false;
});
}
});
}
});
})(jQuery);
});
}
function showRecaptchaRequest(formData, jqForm, options)
{
(function($) {
var entryId = parseInt(options.data.entryId);
var form = $("form#entry"+entryId+"WriteComment");
var resp_field = $("input[name=recaptcha_response_field]", form).fieldValue();
if (!resp_field[0])
{
alert("' . _t("You need to enter the validation string.") . '");
return false;
}
})(jQuery);
}
function showRecaptchaResponse(responseText, statusText)
{
if (statusText == "success" && responseText != "")
{
(function($) {
var entryId = parseInt(responseText);
addComment(document.getElementById("commentrebuildSubmit"+entryId.toString()), entryId);
return true;
})(jQuery);
}
}
//]]>
</script>';
}
return $target;
}
function printMobileLinksView($links)
{
$context = Model_Context::getInstance();
if (rtrim($suri['url'], '/') == $context->getProperty('uri.path')) {
$home = true;
} else {
$home = false;
}
$categoryName = '';
foreach ($links as $link) {
if (!doesHaveOwnership() && $link['visibility'] == 0 || !doesHaveMembership() && $link['visibility'] < 2) {
continue;
}
if (!empty($link['categoryName']) && $link['categoryName'] != $categoryName) {
$linkView .= '<li data-theme="b">' . htmlspecialchars(Utils_Unicode::lessenAsEm($link['categoryName'], $skinSetting['linkLength'])) . '</li>' . CRLF;
$categoryName = $link['categoryName'];
}
$linkView .= '<li><a href="' . htmlspecialchars($link['url']) . '" class="link" target="_blank">' . htmlspecialchars(Utils_Unicode::lessenAsEm($link['name'], $context->getProperty('skin.linkLength'))) . '</a></li>' . CRLF;
}
return $linkView;
}
