$excerpt = strip_tags($excerpt);
 $excerpt = strlen($excerpt) > 255 ? substr($excerpt, 0, 252) . '...' : $excerpt;
 $blog_name = htmlspecialchars($blog_name);
 $blog_name = strlen($blog_name) > 255 ? substr($blog_name, 0, 252) . '...' : $blog_name;
 $comment = '<trackback />';
 $comment .= "<strong>{$title}</strong>\n{$excerpt}";
 $author = addslashes(stripslashes(stripslashes($blog_name)));
 $email = '';
 $original_comment = $comment;
 $comment_post_ID = $tb_id;
 $user_ip = $HTTP_SERVER_VARS['REMOTE_ADDR'];
 $user_domain = gethostbyaddr($user_ip);
 $time_difference = get_settings('time_difference');
 $now = current_time('mysql');
 $comment = convert_chars($comment);
 $comment = format_to_post($comment);
 $comment_author = $author;
 $comment_author_email = $email;
 $comment_author_url = $tb_url;
 $author = addslashes($author);
 $comment_moderation = get_settings('comment_moderation');
 $moderation_notify = get_settings('moderation_notify');
 if ('manual' == $comment_moderation) {
     $approved = 0;
 } else {
     if ('auto' == $comment_moderation) {
         $approved = 0;
     } else {
         // none
         $approved = 1;
     }
Exemple #2
0
}
$title = strip_tags($title);
$title = strlen($title) > 255 ? substr($title, 0, 252) . '...' : $title;
$excerpt = strip_tags($excerpt);
$excerpt = strlen($excerpt) > 255 ? substr($excerpt, 0, 252) . '...' : $excerpt;
$blog_name = htmlspecialchars($blog_name);
$blog_name = strlen($blog_name) > 255 ? substr($blog_name, 0, 252) . '...' : $blog_name;
$comment = '';
if (!empty($title)) {
    $comment .= '<strong>' . $title . '</strong>';
    if (!empty($excerpt)) {
        $comment .= '<br />';
    }
}
$comment .= $excerpt;
$comment = format_to_post($comment, 1, 1);
// includes antispam
if (empty($comment)) {
    // comment should not be empty!
    $Messages->add(T_('Please do not send empty comment'), 'error');
}
/**
 * @global Comment Trackback object
 */
$Comment =& new Comment();
$Comment->set('type', 'trackback');
$Comment->set_Item($commented_Item);
$Comment->set('author', $blog_name);
$Comment->set('author_url', $url);
$Comment->set('author_IP', $Hit->IP);
$Comment->set('date', date('Y-m-d H:i:s', $localtimenow));
function pingback_ping($m)
{
    // original code by Mort
    // (http://mort.mine.nu:8080)
    global $tableposts, $tablecomments, $comments_notify, $wpdb;
    global $siteurl, $blogfilename, $wp_version, $use_pingback;
    global $HTTP_SERVER_VARS, $wpdb;
    if (!$use_pingback) {
        return new xmlrpcresp(new xmlrpcval('Sorry, this weblog does not allow you to pingback its posts.'));
    }
    //$log = debug_fopen('./xmlrpc.log', 'w');
    $title = '';
    $pagelinkedfrom = $m->getParam(0);
    $pagelinkedfrom = $pagelinkedfrom->scalarval();
    $pagelinkedto = $m->getParam(1);
    $pagelinkedto = $pagelinkedto->scalarval();
    $pagelinkedfrom = str_replace('&amp;', '&', $pagelinkedfrom);
    $pagelinkedto = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedto);
    //debug_fwrite($log, 'BEGIN '.time().' - '.date('Y-m-d H:i:s')."\n\n");
    //debug_fwrite($log, 'Page linked from: '.$pagelinkedfrom."\n");
    //debug_fwrite($log, 'Page linked to: '.$pagelinkedto."\n");
    $messages = array(htmlentities("Pingback from " . $pagelinkedfrom . " to " . $pagelinkedto . " registered. Keep the web talking! :-)"), htmlentities("We can't find the URL to the post you are trying to " . "link to in your entry. Please check how you wrote the post's permalink in your entry."), htmlentities("We can't find the post you are trying to link to." . " Please check the post's permalink."));
    $message = $messages[0];
    // Check if the page linked to is in our site
    $pos1 = strpos($pagelinkedto, str_replace('http://', '', str_replace('www.', '', $siteurl)));
    if ($pos1) {
        // let's find which post is linked to
        $urltest = parse_url($pagelinkedto);
        if ($post_ID = url_to_postid($pagelinkedto)) {
            $way = 'url_to_postid()';
        } elseif (preg_match('#p/[0-9]{1,}#', $urltest['path'], $match)) {
            // the path defines the post_ID (archives/p/XXXX)
            $blah = explode('/', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the path';
        } elseif (preg_match('#p=[0-9]{1,}#', $urltest['query'], $match)) {
            // the querystring defines the post_ID (?p=XXXX)
            $blah = explode('=', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the querystring';
        } elseif (isset($urltest['fragment'])) {
            // an #anchor is there, it's either...
            if (intval($urltest['fragment'])) {
                // ...an integer #XXXX (simpliest case)
                $post_ID = $urltest['fragment'];
                $way = 'from the fragment (numeric)';
            } elseif (preg_match('/post-[0-9]+/', $urltest['fragment'])) {
                // ...a post id in the form 'post-###'
                $post_ID = preg_replace('/[^0-9]+/', '', $urltest['fragment']);
                $way = 'from the fragment (post-###)';
            } elseif (is_string($urltest['fragment'])) {
                // ...or a string #title, a little more complicated
                $title = preg_replace('/[^a-zA-Z0-9]/', '.', $urltest['fragment']);
                $sql = "SELECT ID FROM {$tableposts} WHERE post_title RLIKE '{$title}'";
                $post_ID = $wpdb->get_var($sql) or die("Query: {$sql}\n\nError: ");
                $way = 'from the fragment (title)';
            }
        } else {
            // TODO: Attempt to extract a post ID from the given URL
            $post_ID = -1;
            $way = 'no match';
        }
        logIO("O", "(PB) URI='{$pagelinkedto}' ID='{$post_ID}' Found='{$way}'");
        //debug_fwrite($log, "Found post ID $way: $post_ID\n");
        $sql = 'SELECT post_author FROM ' . $tableposts . ' WHERE ID = ' . $post_ID;
        $result = $wpdb->get_results($sql);
        if ($wpdb->num_rows) {
            //debug_fwrite($log, 'Post exists'."\n");
            // Let's check that the remote site didn't already pingback this entry
            $sql = 'SELECT * FROM ' . $tablecomments . ' 
				WHERE comment_post_ID = ' . $post_ID . ' 
					AND comment_author_url = \'' . $pagelinkedfrom . '\' 
					AND comment_content LIKE \'%<pingback />%\'';
            $result = $wpdb->get_results($sql);
            if ($wpdb->num_rows || 1 == 1) {
                // very stupid, but gives time to the 'from' server to publish !
                sleep(1);
                // Let's check the remote site
                $fp = @fopen($pagelinkedfrom, 'r');
                $puntero = 4096;
                while ($remote_read = fread($fp, $puntero)) {
                    $linea .= $remote_read;
                }
                // Work around bug in strip_tags():
                $linea = str_replace('<!DOCTYPE', '<DOCTYPE', $linea);
                $linea = strip_tags($linea, '<title><a>');
                $linea = strip_all_but_one_link($linea, $pagelinkedto);
                // I don't think we need this? -- emc3
                //$linea = preg_replace('#&([^amp\;])#is', '&amp;$1', $linea);
                if (empty($matchtitle)) {
                    preg_match('|<title>([^<]*?)</title>|is', $linea, $matchtitle);
                }
                $pos2 = strpos($linea, $pagelinkedto);
                $pos3 = strpos($linea, str_replace('http://www.', 'http://', $pagelinkedto));
                if (is_integer($pos2) || is_integer($pos3)) {
                    //debug_fwrite($log, 'The page really links to us :)'."\n");
                    $pos4 = is_integer($pos2) ? $pos2 : $pos3;
                    $start = $pos4 - 100;
                    $context = substr($linea, $start, 250);
                    $context = str_replace("\n", ' ', $context);
                    $context = str_replace('&amp;', '&', $context);
                } else {
                    //debug_fwrite($log, 'The page doesn\'t link to us, here\'s an excerpt :'."\n\n".$linea."\n\n");
                }
                //}
                //debug_fwrite($log, '*****'."\n\n");
                fclose($fp);
                if (!empty($context)) {
                    // Check if pings are on, inelegant exit
                    $pingstatus = $wpdb->get_var("SELECT ping_status FROM {$tableposts} WHERE ID = {$post_ID}");
                    if ('closed' == $pingstatus) {
                        die('Sorry, pings are turned off for this post.');
                    }
                    $pagelinkedfrom = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedfrom);
                    $title = !strlen($matchtitle[1]) ? $pagelinkedfrom : $matchtitle[1];
                    $original_context = $context;
                    $context = '<pingback />[...] ' . addslashes(trim($context)) . ' [...]';
                    $context = format_to_post($context);
                    $original_pagelinkedfrom = $pagelinkedfrom;
                    $pagelinkedfrom = addslashes($pagelinkedfrom);
                    $original_title = $title;
                    $title = addslashes(strip_tags(trim($title)));
                    $now = current_time('mysql');
                    $consulta = $wpdb->query("INSERT INTO {$tablecomments} \n\t\t\t\t\t\t(comment_post_ID, comment_author, comment_author_url, comment_date, comment_content) \n\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t({$post_ID}, '{$title}', '{$pagelinkedfrom}', '{$now}', '{$context}')\n\t\t\t\t\t\t");
                    $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
                    if ($comments_notify) {
                        wp_notify_postauthor($comment_ID, 'pingback');
                    }
                } else {
                    // URL pattern not found
                    $message = "Page linked to: {$pagelinkedto}\nPage linked from:" . " {$pagelinkedfrom}\nTitle: {$title}\nContext: {$context}\n\n" . $messages[1];
                }
            } else {
                // We already have a Pingback from this URL
                $message = "Sorry, you already did a pingback to {$pagelinkedto}" . " from {$pagelinkedfrom}.";
            }
        } else {
            // Post_ID not found
            $message = $messages[2];
            //debug_fwrite($log, 'Post doesn\'t exist'."\n");
        }
    }
    return new xmlrpcresp(new xmlrpcval($message));
}
         $aa = $HTTP_POST_VARS['aa'];
         $mm = $HTTP_POST_VARS['mm'];
         $jj = $HTTP_POST_VARS['jj'];
         $hh = $HTTP_POST_VARS['hh'];
         $mn = $HTTP_POST_VARS['mn'];
         $ss = $HTTP_POST_VARS['ss'];
         $jj = $jj > 31 ? 31 : $jj;
         $hh = $hh > 23 ? $hh - 24 : $hh;
         $mn = $mn > 59 ? $mn - 60 : $mn;
         $ss = $ss > 59 ? $ss - 60 : $ss;
         $datemodif = ", comment_date = '{$aa}-{$mm}-{$jj} {$hh}:{$mn}:{$ss}'";
     } else {
         $datemodif = '';
     }
     $content = balanceTags($HTTP_POST_VARS['wp_content']);
     $content = format_to_post($content);
     $result = $wpdb->query("\n\t\t\tUPDATE {$wpdb->comments[$wp_id]} SET\n\t\t\t\tcomment_content = '{$content}',\n\t\t\t\tcomment_author = '{$newcomment_author}',\n\t\t\t\tcomment_author_email = '{$newcomment_author_email}',\n\t\t\t\tcomment_author_url = '{$newcomment_author_url}'" . $datemodif . "\n\t\t\tWHERE comment_ID = {$comment_ID}");
     $referredby = $HTTP_POST_VARS['referredby'];
     if (!empty($referredby)) {
         header('Location: ' . $referredby);
     } else {
         header("Location: edit.php?p={$comment_post_ID}&c=1#comments");
     }
     break;
 default:
     $title = 'Create New Post';
     $standalone = 0;
     require_once './admin-header.php';
     if ($user_level > 0) {
         if (!$withcomments && !$c) {
             $action = 'post';
function pingback_ping($m)
{
    // original code by Mort
    // (http://mort.mine.nu:8080)
    global $wpdb;
    global $wp_version;
    if (!get_settings('use_pingback')) {
        return new xmlrpcresp(new xmlrpcval('Sorry, this weblog does not allow you to pingback its posts.'));
    }
    $title = '';
    $pagelinkedfrom = $m->getParam(0);
    $pagelinkedfrom = $pagelinkedfrom->scalarval();
    $pagelinkedto = $m->getParam(1);
    $pagelinkedto = $pagelinkedto->scalarval();
    $pagelinkedfrom = addslashes(str_replace('&amp;', '&', $pagelinkedfrom));
    $pagelinkedto = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedto);
    $messages = array(htmlentities('Pingback from ' . $pagelinkedfrom . ' to ' . $pagelinkedto . ' registered. Keep the web talking! :-)'), htmlentities("We can't find the URL to the post you are trying to " . "link to in your entry. Please check how you wrote the post's permalink in your entry."), htmlentities("We can't find the post you are trying to link to." . " Please check the post's permalink."));
    $message = $messages[0];
    // Check if the page linked to is in our site
    $pos1 = strpos($pagelinkedto, str_replace('http://', '', str_replace('www.', '', wp_siteurl())));
    if ($pos1) {
        // let's find which post is linked to
        $urltest = parse_url($pagelinkedto);
        if ($post_ID = url_to_postid($pagelinkedto)) {
            $way = 'url_to_postid()';
        } elseif (preg_match('#p/[0-9]{1,}#', $urltest['path'], $match)) {
            // the path defines the post_ID (archives/p/XXXX)
            $blah = explode('/', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the path';
        } elseif (preg_match('#p=[0-9]{1,}#', $urltest['query'], $match)) {
            // the querystring defines the post_ID (?p=XXXX)
            $blah = explode('=', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the querystring';
        } elseif (isset($urltest['fragment'])) {
            // an #anchor is there, it's either...
            if (intval($urltest['fragment'])) {
                // ...an integer #XXXX (simpliest case)
                $post_ID = $urltest['fragment'];
                $way = 'from the fragment (numeric)';
            } elseif (preg_match('/post-[0-9]+/', $urltest['fragment'])) {
                // ...a post id in the form 'post-###'
                $post_ID = preg_replace('/[^0-9]+/', '', $urltest['fragment']);
                $way = 'from the fragment (post-###)';
            } elseif (is_string($urltest['fragment'])) {
                // ...or a string #title, a little more complicated
                $title = preg_replace('/[^a-zA-Z0-9]/', '.', $urltest['fragment']);
                $sql = "SELECT ID FROM " . wp_table('posts') . " WHERE post_title RLIKE '" . addslashes($title) . "'";
                $post_ID = $wpdb->get_var($sql) or die("Query: {$sql}\n\nError: ");
                $way = 'from the fragment (title)';
            }
        } else {
            // TODO: Attempt to extract a post ID from the given URL
            $post_ID = -1;
            $way = 'no match';
        }
        logIO('O', "(PB) URI='{$pagelinkedto}' ID='{$post_ID}' Found='{$way}'");
        $sql = "SELECT post_author FROM " . wp_table('posts') . " WHERE ID = {$post_ID}";
        $result = $wpdb->get_results($sql);
        if ($wpdb->num_rows) {
            // Let's check that the remote site didn't already pingback this entry
            $sql = 'SELECT * FROM ' . wp_table('comments') . ' 
				WHERE comment_post_ID = ' . $post_ID . ' 
					AND comment_author_url = \'' . $pagelinkedfrom . '\' 
					AND comment_content LIKE \'%<pingback />%\'';
            $result = $wpdb->get_results($sql);
            if ($wpdb->num_rows || 1 == 1) {
                // very stupid, but gives time to the 'from' server to publish !
                sleep(1);
                // Let's check the remote site
                require_once XOOPS_ROOT_PATH . '/class/snoopy.php';
                $snoopy = new Snoopy();
                if ($snoopy->fetch($pagelinkedfrom)) {
                    $linea = $snoopy->results;
                } else {
                    $linea = '';
                }
                logIO('O', "(PB) CHARSET='" . $GLOBALS['blog_charset']);
                $linea = mb_conv($linea, $GLOBALS['blog_charset'], 'auto');
                // Work around bug in strip_tags():
                $linea = str_replace('<!DOCTYPE', '<DOCTYPE', $linea);
                $linea = strip_tags($linea, '<title><a>');
                $linea = strip_all_but_one_link($linea, $pagelinkedto);
                // I don't think we need this? -- emc3
                if (empty($matchtitle)) {
                    preg_match('|<title>([^<]*?)</title>|is', $linea, $matchtitle);
                }
                $pos2 = strpos($linea, $pagelinkedto);
                $pos3 = strpos($linea, str_replace('http://www.', 'http://', $pagelinkedto));
                logIO('O', "(PB) POS='{$pos2}, {$pos3}'");
                if (is_integer($pos2) || is_integer($pos3)) {
                    //debug_fwrite($log, 'The page really links to us :)'."\n");
                    $pos4 = is_integer($pos2) ? $pos2 : $pos3;
                    $start = $pos4 - 50;
                    if (function_exists('mb_convert_encoding')) {
                        $tmp1 = mb_strcut($linea, 0, $start, $GLOBALS['blog_charset']);
                    } else {
                        $tmp1 = substr($linea, 0, $start);
                    }
                    if (preg_match('/<[^>]*?$/', $tmp1, $match)) {
                        logIO('O', "(PB) MATCH='{$match[0]}");
                        $offset = strlen($match[0]);
                    } else {
                        $offset = 0;
                    }
                    if (function_exists('mb_convert_encoding')) {
                        $context = mb_strcut($linea, $start - $offset, 150 + $offset, $GLOBALS['blog_charset']);
                    } else {
                        $context = substr($linea, $star - $offsett, 150 + $offset);
                    }
                    $context = str_replace("\n", ' ', $context);
                    $context = str_replace('&amp;', '&', $context);
                    logIO('O', "(PB) CONTENT='{$context}");
                } else {
                    logIO('O', "(PB) CONTEXT=The page doesn't link to us, here's an excerpt");
                    exit;
                }
                //				fclose($fp);
                if (!empty($context)) {
                    // Check if pings are on, inelegant exit
                    $pingstatus = $wpdb->get_var("SELECT ping_status FROM " . wp_table('posts') . " WHERE ID = {$post_ID}");
                    if ('closed' == $pingstatus) {
                        logIO('O', '(PB) Sorry, pings are turned off for this post.');
                        exit;
                    }
                    $pagelinkedfrom = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedfrom);
                    $title = !strlen($matchtitle[1]) ? $pagelinkedfrom : $matchtitle[1];
                    $context = strip_tags($context);
                    $context = '<pingback />[...] ' . htmlspecialchars(trim($context)) . ' [...]';
                    $context = format_to_post($context);
                    $original_pagelinkedfrom = $pagelinkedfrom;
                    $pagelinkedfrom = addslashes($pagelinkedfrom);
                    $original_title = $title;
                    $title = addslashes(strip_tags(trim($title)));
                    $now = current_time('mysql', 0);
                    if (get_settings('comment_moderation') == 'manual') {
                        $approved = 0;
                    } else {
                        if (get_settings('comment_moderation') == 'auto') {
                            $approved = 0;
                        } else {
                            // none
                            $approved = 1;
                        }
                    }
                    $consulta = $wpdb->query("INSERT INTO " . wp_table('comments') . " \n\t\t\t\t\t\t(comment_post_ID, comment_author, comment_author_url, comment_date, comment_content,comment_approved, comment_type) \n\t\t\t\t\t\tVALUES \n\t\t\t\t\t\t({$post_ID}, '{$title}', '{$pagelinkedfrom}', '{$now}', '{$context}', '{$approved}', 'pingback')\n\t\t\t\t\t\t");
                    $comment_ID = $wpdb->get_var('SELECT last_insert_id()');
                    do_action('pingback_post', $comment_ID);
                    if (get_settings('moderation_notify') && !$approved) {
                        wp_notify_moderator($comment_ID, 'pingback');
                    }
                    if (get_settings('comments_notify') && $approved) {
                        wp_notify_postauthor($comment_ID, 'pingback');
                    }
                } else {
                    // URL pattern not found
                    $message = "Page linked to: {$pagelinkedto}\nPage linked from:" . " {$pagelinkedfrom}\nTitle: {$title}\nContext: {$context}\n\n" . $messages[1];
                }
            } else {
                // We already have a Pingback from this URL
                $message = "Sorry, you already did a pingback to {$pagelinkedto} from {$pagelinkedfrom}.";
            }
        } else {
            // Post_ID not found
            $message = $messages[2];
            //debug_fwrite($log, 'Post doesn\'t exist'."\n");
        }
    }
    return new xmlrpcresp(new xmlrpcval($message));
}
function mpdf_filter($wp_content = '', $do_pdf = false, $convert = false)
{
    $delimiter1 = 'screen';
    $delimiter2 = 'print';
    if ($do_pdf === false) {
        $d1a = '[' . $delimiter1 . ']';
        $d1b = '[/' . $delimiter1 . ']';
        $d2a = '\\[' . $delimiter2 . '\\]';
        $d2b = '\\[\\/' . $delimiter2 . '\\]';
    } else {
        $d1a = '[' . $delimiter2 . ']';
        $d1b = '[/' . $delimiter2 . ']';
        $d2a = '\\[' . $delimiter1 . '\\]';
        $d2b = '\\[\\/' . $delimiter1 . '\\]';
    }
    format_to_post('the_content');
    $wp_content = str_replace($d1a, '', $wp_content);
    $wp_content = str_replace($d1b, '', $wp_content);
    $ctpdf_wp_content = preg_replace("/{$d2a}(.*?){$d2b}/s", '', $wp_content);
    if ($convert == true) {
        $wp_content = mb_convert_encoding($wp_content, "ISO-8859-1", "UTF-8");
    }
    return $wp_content;
}
 /**
  * We want to preview a single post, we are going to fake a lot of things...
  */
 function preview_from_request()
 {
     global $current_User;
     if (empty($current_User)) {
         // dh> only logged in user's can preview. Alternatively we need those checks where $current_User gets used below.
         return;
     }
     global $DB, $localtimenow, $Messages, $BlogCache;
     global $Plugins;
     if ($this->Blog->get_setting('allow_html_post')) {
         // HTML is allowed for this post
         $text_format = 'html';
     } else {
         // HTML is disallowed for this post
         $text_format = 'htmlspecialchars';
     }
     $preview_userid = param('preview_userid', 'integer', true);
     $post_status = param('post_status', 'string', true);
     $post_locale = param('post_locale', 'string', $current_User->locale);
     $content = param('content', $text_format, true);
     $post_title = param('post_title', $text_format, true);
     $post_titletag = param('titletag', 'string', true);
     $post_excerpt = param('post_excerpt', 'string', true);
     $post_url = param('post_url', 'string', '');
     check_categories_nosave($post_category, $post_extracats);
     $post_views = param('post_views', 'integer', 0);
     $renderers = param('renderers', 'array/string', array('default'));
     if (!is_array($renderers)) {
         // dh> workaround for param() bug. See rev 1.93 of /inc/_misc/_misc.funcs.php
         $renderers = array('default');
     }
     if ($post_category == 0) {
         $post_category = $this->Blog->get_default_cat_ID();
     }
     $comment_Blog =& $BlogCache->get_by_ID(get_catblog($post_category));
     if ($comment_Blog->get_setting('allow_comments') != 'never' && $comment_Blog->get_setting('disable_comments_bypost')) {
         // param is required
         $post_comment_status = param('post_comment_status', 'string', true);
     } else {
         $post_comment_status = $comment_Blog->get_setting('allow_comments');
     }
     // Get issue date, using the user's locale (because it's entered like this in the form):
     locale_temp_switch($current_User->locale);
     param_date('item_issue_date', T_('Please enter a valid issue date.'), false);
     // TODO: dh> get_param() is always true here, also on invalid dates:
     if (strlen(get_param('item_issue_date'))) {
         // only set it, if a date was given:
         param_time('item_issue_time');
         $item_issue_date = form_date(get_param('item_issue_date'), get_param('item_issue_time'));
         // TODO: cleanup...
     } else {
         $item_issue_date = date('Y-m-d H:i:s', $localtimenow);
     }
     locale_restore_previous();
     $item_typ_ID = param('item_typ_ID', 'integer', NULL);
     $item_st_ID = param('item_st_ID', 'integer', NULL);
     $item_assigned_user_ID = param('item_assigned_user_ID', 'integer', NULL);
     $item_deadline = param('item_deadline', 'string', NULL);
     $item_priority = param('item_priority', 'integer', NULL);
     // QUESTION: can this be also empty/NULL?
     // Do some optional filtering on the content
     // Typically stuff that will help the content to validate
     // Useful for code display.
     // Will probably be used for validation also.
     $Plugins_admin =& get_Plugins_admin();
     $params = array('object_type' => 'Item', 'object_Blog' => &$comment_Blog);
     $Plugins_admin->filter_contents($post_title, $content, $renderers, $params);
     $post_title = format_to_post($post_title);
     $content = format_to_post($content);
     $post_ID = param('post_ID', 'integer', 0);
     $this->sql = "SELECT\n\t\t\t{$post_ID} AS post_ID,\n\t\t\t{$preview_userid} AS post_creator_user_ID,\n\t\t\t{$preview_userid} AS post_lastedit_user_ID,\n\t\t\t'{$item_issue_date}' AS post_datestart,\n\t\t\t'{$item_issue_date}' AS post_datecreated,\n\t\t\t'{$item_issue_date}' AS post_datemodified,\n\t\t\t'{$item_issue_date}' AS post_last_touched_ts,\n\t\t\t0 AS post_dateset,\n\t\t\t'" . $DB->escape($post_status) . "' AS post_status,\n\t\t\t'" . $DB->escape($post_locale) . "' AS post_locale,\n\t\t\t'" . $DB->escape($content) . "' AS post_content,\n\t\t\t'" . $DB->escape($post_title) . "' AS post_title,\n\t\t\t'" . $DB->escape($post_titletag) . "' AS post_titletag,\n\t\t\t'" . $DB->escape($post_excerpt) . "' AS post_excerpt,\n\t\t\tNULL AS post_excerpt_autogenerated,\n\t\t\tNULL AS post_urltitle,\n\t\t\tNULL AS post_canonical_slug_ID,\n\t\t\tNULL AS post_tiny_slug_ID,\n\t\t\t'" . $DB->escape($post_url) . "' AS post_url,\n\t\t\t{$post_category} AS post_main_cat_ID,\n\t\t\t{$post_views} AS post_views,\n\t\t\t'' AS post_flags,\n\t\t\t'noreq' AS post_notifications_status,\n\t\t\tNULL AS post_notifications_ctsk_ID,\n\t\t\t" . bpost_count_words($content) . " AS post_wordcount,\n\t\t\t" . $DB->quote($post_comment_status) . " AS post_comment_status,\n\t\t\t'" . $DB->escape(implode('.', $renderers)) . "' AS post_renderers,\n\t\t\t" . $DB->quote($item_assigned_user_ID) . " AS post_assigned_user_ID,\n\t\t\t" . $DB->quote($item_typ_ID) . " AS post_ptyp_ID,\n\t\t\t" . $DB->quote($item_st_ID) . " AS post_pst_ID,\n\t\t\t" . $DB->quote($item_deadline) . " AS post_datedeadline,\n\t\t\t" . $DB->quote($item_priority) . " AS post_priority,";
     $this->sql .= $DB->quote(param('item_order', 'double', NULL)) . ' AS post_order' . ",\n" . $DB->quote(param('item_featured', 'integer', NULL)) . ' AS post_featured' . "\n";
     $this->total_rows = 1;
     $this->total_pages = 1;
     $this->page = 1;
     // ATTENTION: we skip the parent on purpose here!! fp> refactor
     DataObjectList2::query(false, false, false, 'PREVIEW QUERY');
     $Item =& $this->Cache->instantiate($this->rows[0]);
     // set Item settings
     $Item->set_setting('hide_teaser', param('item_hideteaser', 'integer', 0));
     $Item->set_setting('post_metadesc', param('metadesc', 'string', true));
     $Item->set_setting('post_custom_headers', param('custom_headers', 'string', true));
     // set custom Item settings
     foreach (array('double', 'varchar') as $type) {
         $count_custom_field = $comment_Blog->get_setting('count_custom_' . $type);
         $param_type = $type == 'varchar' ? 'string' : $type;
         for ($i = 1; $i <= $count_custom_field; $i++) {
             // For each custom double field:
             $field_guid = $comment_Blog->get_setting('custom_' . $type . $i);
             $Item->set_setting('custom_' . $type . '_' . $field_guid, param('item_' . $type . '_' . $field_guid, $param_type, NULL));
         }
     }
     // Trigger plugin event, allowing to manipulate or validate the item before it gets previewed
     $Plugins->trigger_event('AppendItemPreviewTransact', array('Item' => &$Item));
     if ($Messages->has_errors()) {
         $errcontent = $Messages->display(T_('Invalid post, please correct these errors:'), '', false);
         $Item->content = $errcontent . "\n<hr />\n" . $content;
     }
     // little funky fix for IEwin, rawk on that code
     global $Hit;
     if ($Hit->is_winIE() && !isset($IEWin_bookmarklet_fix)) {
         // QUESTION: Is this still needed? What about $IEWin_bookmarklet_fix? (blueyed)
         $Item->content = preg_replace('/\\%u([0-9A-F]{4,4})/e', "'&#'.base_convert('\\1',16,10). ';'", $Item->content);
     }
 }
Exemple #8
0
function pingback_ping($m)
{
    // original code by Mort (http://mort.mine.nu:8080)
    global $tableposts, $tablecomments, $comments_notify;
    global $siteurl, $blogfilename, $b2_version, $use_pingback;
    global $HTTP_SERVER_VARS;
    if (!$use_pingback) {
        return new xmlrpcresp(new xmlrpcval('Sorry, this weblog does not allow you to pingback its posts.'));
    }
    dbconnect();
    $log = debug_fopen('./xmlrpc.log', 'w');
    $title = '';
    $pagelinkedfrom = $m->getParam(0);
    $pagelinkedfrom = $pagelinkedfrom->scalarval();
    $pagelinkedto = $m->getParam(1);
    $pagelinkedto = $pagelinkedto->scalarval();
    $pagelinkedfrom = str_replace('&amp;', '&', $pagelinkedfrom);
    $pagelinkedto = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedto);
    debug_fwrite($log, 'BEGIN ' . time() . ' - ' . date('Y-m-d H:i:s') . "\n\n");
    debug_fwrite($log, 'Page linked from: ' . $pagelinkedfrom . "\n");
    debug_fwrite($log, 'Page linked to: ' . $pagelinkedto . "\n");
    $messages = array(htmlentities("Pingback from " . $pagelinkedfrom . " to " . $pagelinkedto . " registered. Keep the web talking! :-)"), htmlentities("We can't find the URL to the post you are trying to link to in your entry. Please check how you wrote the post's permalink in your entry."), htmlentities("We can't find the post you are trying to link to. Please check the post's permalink."));
    $message = $messages[0];
    // Check if the page linked to is in our site
    $pos1 = strpos($pagelinkedto, str_replace('http://', '', str_replace('www.', '', $siteurl)));
    if ($pos1) {
        // let's find which post is linked to
        $urltest = parse_url($pagelinkedto);
        if (preg_match('#p/[0-9]{1,}#', $urltest['path'], $match)) {
            // the path defines the post_ID (archives/p/XXXX)
            $blah = explode('/', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the path';
        } elseif (preg_match('#p=[0-9]{1,}#', $urltest['query'], $match)) {
            // the querystring defines the post_ID (?p=XXXX)
            $blah = explode('=', $match[0]);
            $post_ID = $blah[1];
            $way = 'from the querystring';
        } elseif (isset($urltest['fragment'])) {
            // an #anchor is there, it's either...
            if (intval($urltest['fragment'])) {
                // ...an integer #XXXX (simpliest case)
                $post_ID = $urltest['fragment'];
                $way = 'from the fragment (numeric)';
            } elseif (is_string($urltest['fragment'])) {
                // ...or a string #title, a little more complicated
                $title = preg_replace('/[^a-zA-Z0-9]/', '.', $urltest['fragment']);
                $sql = "SELECT ID FROM {$tableposts} WHERE post_title RLIKE '{$title}'";
                $result = mysql_query($sql) or die("Query: {$sql}\n\nError: " . mysql_error());
                $blah = mysql_fetch_array($result);
                $post_ID = $blah['ID'];
                $way = 'from the fragment (title)';
            }
        } else {
            $post_ID = -1;
        }
        debug_fwrite($log, "Found post ID {$way}: {$post_ID}\n");
        $sql = 'SELECT post_author FROM ' . $tableposts . ' WHERE ID = ' . $post_ID;
        $result = mysql_query($sql);
        if (mysql_num_rows($result)) {
            debug_fwrite($log, 'Post exists' . "\n");
            // Let's check that the remote site didn't already pingback this entry
            $sql = 'SELECT * FROM ' . $tablecomments . ' WHERE comment_post_ID = ' . $post_ID . ' AND comment_author_url = \'' . $pagelinkedfrom . '\' AND comment_content LIKE \'%<pingback />%\'';
            $result = mysql_query($sql);
            if (mysql_num_rows($result) || 1 == 1) {
                // very stupid, but gives time to the 'from' server to publish !
                sleep(1);
                // Let's check the remote site
                $fp = @fopen($pagelinkedfrom, 'r');
                $puntero = 4096;
                while ($linea = fread($fp, $puntero)) {
                    $linea = strip_tags($linea, '<title><a>');
                    $linea = strip_all_but_one_link($linea, $pagelinkedto);
                    $linea = preg_replace('#&([^amp\\;])#is', '&amp;$1', $linea);
                    if (empty($matchtitle)) {
                        preg_match('|<title>([^<]*?)</title>|is', $linea, $matchtitle);
                    }
                    $pos2 = strpos($linea, $pagelinkedto);
                    $pos3 = strpos($linea, str_replace('http://www.', 'http://', $pagelinkedto));
                    if (is_integer($pos2) || is_integer($pos3)) {
                        debug_fwrite($log, 'The page really links to us :)' . "\n");
                        $pos4 = is_integer($pos2) ? $pos2 : $pos3;
                        $start = $pos4 - 100;
                        $context = substr($linea, $start, 250);
                        $context = str_replace("\n", ' ', $context);
                        $context = str_replace('&amp;', '&', $context);
                    } else {
                        debug_fwrite($log, 'The page doesn\'t link to us, here\'s an excerpt :' . "\n\n" . $linea . "\n\n");
                    }
                }
                debug_fwrite($log, '*****' . "\n\n");
                fclose($fp);
                if (!empty($context)) {
                    $pagelinkedfrom = preg_replace('#&([^amp\\;])#is', '&amp;$1', $pagelinkedfrom);
                    $title = !strlen($matchtitle[1]) ? $pagelinkedfrom : $matchtitle[1];
                    $original_context = $context;
                    $context = '<pingback />[...] ' . addslashes(trim($context)) . ' [...]';
                    $context = format_to_post($context);
                    $original_pagelinkedfrom = $pagelinkedfrom;
                    $pagelinkedfrom = addslashes($pagelinkedfrom);
                    $original_title = $title;
                    $title = addslashes(strip_tags(trim($title)));
                    $sql = "INSERT INTO {$tablecomments} (comment_post_ID, comment_author, comment_author_url, comment_date, comment_content) VALUES ({$post_ID}, '{$title}', '{$pagelinkedfrom}', NOW(), '{$context}')";
                    $consulta = mysql_query($sql);
                    if ($comments_notify) {
                        $notify_message = "New pingback on your post #{$post_ID}.\r\n\r\n";
                        $notify_message .= "website: {$original_title}\r\n";
                        $notify_message .= "url    : {$original_pagelinkedfrom}\r\n";
                        $notify_message .= "excerpt: \n[...] {$original_context} [...]\r\n\r\n";
                        $notify_message .= "You can see all pingbacks on this post there: \r\n";
                        $notify_message .= "{$siteurl}/{$blogfilename}?p={$post_ID}&pb=1\r\n\r\n";
                        $postdata = get_postdata($post_ID);
                        $authordata = get_userdata($postdata['Author_ID']);
                        $recipient = $authordata['user_email'];
                        $subject = "pingback on post #{$post_ID} \"" . $postdata['Title'] . '"';
                        @mail($recipient, $subject, $notify_message, "From: b2@" . $HTTP_SERVER_VARS['SERVER_NAME'] . "\r\n" . "X-Mailer: b2 {$b2_version} - PHP/" . phpversion());
                    }
                } else {
                    // URL pattern not found
                    $message = "Page linked to: {$pagelinkedto}\nPage linked from: {$pagelinkedfrom}\nTitle: {$title}\nContext: {$context}\n\n" . $messages[1];
                }
            } else {
                // We already have a Pingback from this URL
                $message = "Sorry, you already did a pingback to {$pagelinkedto} from {$pagelinkedfrom}.";
            }
        } else {
            // Post_ID not found
            $message = $messages[2];
            debug_fwrite($log, 'Post doesn\'t exist' . "\n");
        }
    }
    return new xmlrpcresp(new xmlrpcval($message));
}
Exemple #9
0
 $blog_ID = get_catblog($post_category);
 // TODO: should not die, if cat does not exist!
 echo_message('&bull;<b>' . T_('Blog ID') . ':</b> ' . $blog_ID . '<br />', '', 3);
 // Check permission:
 echo_message('&bull;' . sprintf(T_('Checking permissions for user &laquo;%s&raquo; to post to Blog #%d'), $user_login, $blog_ID) . ' ');
 if (!$loop_User->check_perm('blog_post!published', 'edit', false, $blog_ID)) {
     echo_message('[ ' . T_('Permission denied') . ' ]', 'red');
     continue;
 } else {
     echo_message('[ ' . T_('Pass') . ' ]<br />', 'green');
 }
 // todo: finish this last section
 if (!$test_type > 0) {
     // CHECK and FORMAT content
     $post_title = format_to_post(trim($post_title), 0, 0);
     $content = format_to_post(trim($content), $Settings->get('AutoBR'), 0);
     if ($Messages->display(T_('Cannot post, please correct these errors:'), '', true, 'error')) {
         $Messages->reset();
         continue;
     }
     // INSERT NEW POST INTO DB:
     $edited_Item =& new Item();
     $post_ID = $edited_Item->insert($loop_User->ID, $post_title, $content, $post_date, $post_category, array(), 'published', $loop_User->locale);
     // Execute or schedule notifications & pings:
     $edited_Item->handle_post_processing();
 }
 echo_message('&bull;<b>' . T_('Post title') . ":</b> {$post_title}<br/>", '', 3);
 echo_message('&bull;<b>' . T_('Post content') . ":</b> {$content}<br/>", '', 3);
 echo_message('&bull;<b>' . T_('Blog by Email') . ':</b> ');
 echo_message('<b>[ ' . T_('Success') . ' ]</b><br/>', 'green');
 if (!$pop3->delete($iCount)) {
Exemple #10
0
 /**
  * Validate the settings defined on the admin settings page.
  *
  * @param array $inputs List of settings passed from the settings upon saved.
  * @return array Valid settings that should be saves.
  */
 function settings_validate($inputs)
 {
     if (is_array($inputs)) {
         foreach ($inputs as $key => $input) {
             if (empty($inputs[$key])) {
                 unset($inputs[$key]);
             } else {
                 $inputs[$key] = format_to_post($inputs[$key]);
             }
         }
         return $inputs;
     }
 }
 * @license GPL v2.0
 * @author Steven Raynham
 * @version 0.7
 * @link http://www.businessxpand.com/
 * @since File available since Release 0.5
 */
require dirname(__FILE__) . '/../../../wp-config.php';
wp_cache_init();
$authorised = current_user_can('edit_posts') && current_user_can('edit_pages');
if ($authorised) {
    if (isset($_POST['id']) && isset($_POST['content']) && !empty($_POST['id']) && !empty($_POST['content'])) {
        $opePost['ID'] = $_POST['id'];
        $opePost['post_content'] = rawurldecode($_POST['content']);
        $search = array('<!--ile-->&lt;', '&gt;<!--ile-->', '&lt;!--', '--&gt;');
        $replace = array('[ilelt]', '[ilegt]', '<!--', '-->');
        $opePost['post_content'] = str_replace($search, $replace, $opePost['post_content']);
        $search = array('[ilelt]', '[ilegt]');
        $replace = array('&lt;', '&gt;');
        $opePost['post_content'] = str_replace($search, $replace, $opePost['post_content']);
        $opePost['post_content'] = format_to_post($opePost['post_content']);
        if (wp_update_post($opePost) === 0) {
            die('{"response":"0","message":"' . __('Unable to save, database error generated.') . '"}');
        } else {
            die('{"response":"1","message":"' . __('Content updated.') . '"}');
        }
    } else {
        die('{"response":"1","message":"' . __('No id or content.') . '"}');
    }
} else {
    die('{"response":"1","message":"' . __('You are not authorised to edit.') . '"}');
}
Exemple #12
0
function includePosts($content = '')
{
    // Get the Post IDs to include. Post IDs are in the form [nnn].
    preg_match_all('/(?<=\\[\\[)\\d+?(?=\\]\\])/', $content, $matches, PREG_PATTERN_ORDER);
    // Create a table of contents for the top of the page.
    $tableOfContents = '<ul>';
    $numMatches = count($matches[0]);
    for ($i = 0; $i < $numMatches; $i++) {
        $titleTag = get_option('inlineposts_title_tag');
        $postId = $matches[0][$i];
        $post = get_post($postId);
        $anchorTag = '<a name="' . $postId . '" />';
        $linkToPost = '<a href="' . get_permalink($postId) . '">';
        $linkToComments = '<a href="' . get_permalink($postId) . '#comments">';
        $numComments = get_comments_number($postId);
        $commentsPluralization = $numComments == 1 ? '' : 's';
        $lastModifiedText = 'Last modified on ' . $post->post_modified_gmt . ' GMT.';
        $commentsText = $linkToComments . $numComments . ' comment' . $commentsPluralization . '</a>';
        $topLink = '<a href="#top">Top</a>';
        $postTitle = $post->post_title;
        // Update the table of contents
        $tableOfContents .= '<li><a href="#' . $postId . '">' . $postTitle . '</a></li>';
        $postTitleText = "<{$titleTag}>{$linkToPost}{$postTitle}</a>{$anchorTag}</{$titleTag}>";
        $postBodyText = '<p>' . format_to_post($post->post_content) . '</p>';
        // Display the edit link next to topic headers if user has edit permissions.
        $canEdit = false;
        $editLink = '';
        if (current_user_can('edit_page', $postId)) {
            $file = 'page';
            $canEdit = true;
        }
        if (current_user_can('edit_post', $postId)) {
            $file = 'post';
        }
        if (!is_attachment() && $canEdit) {
            $location = get_option('siteurl') . "/wp-admin/{$file}.php?action=edit&amp;post={$postId}";
            $editLink = "<a href=\"{$location}\">Edit topic.</a>";
        }
        $text = $postTitleText . '<small>' . $lastModifiedText . ' ' . $commentsText . '. ' . $topLink . '. ' . $editLink . "</small>" . $postBodyText;
        // Remove comments and any line breaks before the tags
        // so that these don't cause Wordpress to insert extra
        // <br /> tags.
        $content = preg_replace('/<!--.*?-->/', '', $content);
        $content = str_replace("\r\n[[", '[[', $content);
        // Replace the post placeholder with the actual post.
        $content = str_replace("[[{$postId}]]", $text, $content);
    }
    $tableOfContents .= '</ul>';
    // Add top anchor
    $content = '<p id="top" />' . $content;
    // Add the TOC if user requested it
    $content = str_replace("[[TOC]]", $tableOfContents, $content);
    error_log($tableOfContents);
    return $content;
}
Exemple #13
0
 /**
  * We want to preview a single post, we are going to fake a lot of things...
  */
 function preview_from_request()
 {
     global $current_User;
     if (empty($current_User)) {
         // dh> only logged in user's can preview. Alternatively we need those checks where $current_User gets used below.
         return;
     }
     global $DB, $localtimenow, $Messages, $BlogCache;
     global $Plugins;
     $preview_userid = param('preview_userid', 'integer', true);
     $post_status = param('post_status', 'string', true);
     $post_locale = param('post_locale', 'string', $current_User->locale);
     $content = param('content', 'html', true);
     $post_title = param('post_title', 'html', true);
     $post_excerpt = param('post_excerpt', 'string', true);
     $post_url = param('post_url', 'string', '');
     $post_category = param('post_category', 'integer', true);
     $post_views = param('post_views', 'integer', 0);
     $renderers = param('renderers', 'array', array('default'));
     if (!is_array($renderers)) {
         // dh> workaround for param() bug. See rev 1.93 of /inc/_misc/_misc.funcs.php
         $renderers = array('default');
     }
     $comment_Blog =& $BlogCache->get_by_ID(get_catblog($post_category));
     if ($comment_Blog->allowcomments == 'post_by_post') {
         // param is required
         $post_comment_status = param('post_comment_status', 'string', true);
     } else {
         $post_comment_status = $comment_Blog->allowcomments;
     }
     // Get issue date, using the user's locale (because it's entered like this in the form):
     locale_temp_switch($current_User->locale);
     param_date('item_issue_date', T_('Please enter a valid issue date.'), false);
     // TODO: dh> get_param() is always true here, also on invalid dates:
     if (strlen(get_param('item_issue_date'))) {
         // only set it, if a date was given:
         param_time('item_issue_time');
         $item_issue_date = form_date(get_param('item_issue_date'), get_param('item_issue_time'));
         // TODO: cleanup...
     } else {
         $item_issue_date = date('Y-m-d H:i:s', $localtimenow);
     }
     locale_restore_previous();
     if (!($item_typ_ID = param('item_typ_ID', 'integer', NULL))) {
         $item_typ_ID = NULL;
     }
     if (!($item_st_ID = param('item_st_ID', 'integer', NULL))) {
         $item_st_ID = NULL;
     }
     if (!($item_assigned_user_ID = param('item_assigned_user_ID', 'integer', NULL))) {
         $item_assigned_user_ID = NULL;
     }
     if (!($item_deadline = param('item_deadline', 'string', NULL))) {
         $item_deadline = NULL;
     }
     $item_priority = param('item_priority', 'integer', NULL);
     // QUESTION: can this be also empty/NULL?
     // Do some optional filtering on the content
     // Typically stuff that will help the content to validate
     // Useful for code display.
     // Will probably be used for validation also.
     $Plugins_admin =& get_Cache('Plugins_admin');
     $Plugins_admin->filter_contents($post_title, $content, $renderers);
     $post_title = format_to_post($post_title);
     $content = format_to_post($content);
     $this->sql = "SELECT\r\n\t\t\t0 AS post_ID,\r\n\t\t\t{$preview_userid} AS post_creator_user_ID,\r\n\t\t\t{$preview_userid} AS post_lastedit_user_ID,\r\n\t\t\t'{$item_issue_date}' AS post_datestart,\r\n\t\t\t'{$item_issue_date}' AS post_datecreated,\r\n\t\t\t'{$item_issue_date}' AS post_datemodified,\r\n\t\t\t'" . $DB->escape($post_status) . "' AS post_status,\r\n\t\t\t'" . $DB->escape($post_locale) . "' AS post_locale,\r\n\t\t\t'" . $DB->escape($content) . "' AS post_content,\r\n\t\t\t'" . $DB->escape($post_title) . "' AS post_title,\r\n\t\t\t'" . $DB->escape($post_excerpt) . "' AS post_excerpt,\r\n\t\t\tNULL AS post_urltitle,\r\n\t\t\t'" . $DB->escape($post_url) . "' AS post_url,\r\n\t\t\t{$post_category} AS post_main_cat_ID,\r\n\t\t\t{$post_views} AS post_views,\r\n\t\t\t'' AS post_flags,\r\n\t\t\t'noreq' AS post_notifications_status,\r\n\t\t\tNULL AS post_notifications_ctsk_ID,\r\n\t\t\t" . bpost_count_words($content) . " AS post_wordcount,\r\n\t\t\t" . $DB->quote($post_comment_status) . " AS post_comment_status,\r\n\t\t\t'" . $DB->escape(implode('.', $renderers)) . "' AS post_renderers,\r\n\t\t\t" . $DB->quote($item_assigned_user_ID) . " AS post_assigned_user_ID,\r\n\t\t\t" . $DB->quote($item_typ_ID) . " AS post_ptyp_ID,\r\n\t\t\t" . $DB->quote($item_st_ID) . " AS post_pst_ID,\r\n\t\t\t" . $DB->quote($item_deadline) . " AS post_datedeadline,\r\n\t\t\t" . $DB->quote($item_priority) . " AS post_priority";
     $this->total_rows = 1;
     $this->total_pages = 1;
     $this->page = 1;
     // ATTENTION: we skip the parent on purpose here!! fp> refactor
     DataObjectList2::query(false, false, false, 'PREVIEW QUERY');
     $Item =& $this->Cache->instantiate($this->rows[0]);
     // Trigger plugin event, allowing to manipulate or validate the item before it gets previewed
     $Plugins->trigger_event('AppendItemPreviewTransact', array('Item' => &$Item));
     if ($errcontent = $Messages->display(T_('Invalid post, please correct these errors:'), '', false, 'error')) {
         $Item->content = $errcontent . "\n<hr />\n" . $content;
     }
     // little funky fix for IEwin, rawk on that code
     global $Hit;
     if ($Hit->is_winIE && !isset($IEWin_bookmarklet_fix)) {
         // QUESTION: Is this still needed? What about $IEWin_bookmarklet_fix? (blueyed)
         $Item->content = preg_replace('/\\%u([0-9A-F]{4,4})/e', "'&#'.base_convert('\\1',16,10). ';'", $Item->content);
     }
 }
Exemple #14
0
    $url = param('o', 'string');
    param('comment_cookies', 'integer', 0);
    param('comment_allow_msgform', 'integer', 0);
    // checkbox
}
param('comment_rating', 'integer', NULL);
$now = date('Y-m-d H:i:s', $localtimenow);
// VALIDATION:
$original_comment = $comment;
// Trigger event: a Plugin could add a $category="error" message here..
// This must get triggered before any internal validation and must pass all relevant params.
// openID plugin will validate a given OpenID here
$Plugins->trigger_event('CommentFormSent', array('comment_post_ID' => $comment_post_ID, 'comment' => &$comment, 'original_comment' => &$original_comment, 'comment_autobr' => &$comment_autobr, 'action' => &$action, 'anon_name' => &$author, 'anon_email' => &$email, 'anon_url' => &$url, 'rating' => &$comment_rating, 'anon_allow_msgform' => &$comment_allow_msgform, 'anon_cookies' => &$comment_cookies, 'User' => &$User, 'redirect_to' => &$redirect_to));
// CHECK and FORMAT content
// TODO: AutoBR should really be a "comment renderer" (like with Items)
$comment = format_to_post($comment, $comment_autobr, 1);
// includes antispam
if (!$User) {
    // User is still not logged in, we need some id info from him:
    if ($require_name_email) {
        // We want Name and EMail with comments
        if (empty($author)) {
            $Messages->add(T_('Please fill in your name.'), 'error');
        }
        if (empty($email)) {
            $Messages->add(T_('Please fill in your email.'), 'error');
        }
    }
    if (!empty($author) && antispam_check($author)) {
        $Messages->add(T_('Supplied name is invalid.'), 'error');
    }
Exemple #15
0
 function the_content_filter_callback($matches, $attrs = FALSE)
 {
     // GET AND SET VARIABLES
     global $ggis_inlined_post_ids;
     $post = NULL;
     $postout = '';
     $toprule = '';
     $bottomrule = '';
     $default_params = unserialize(get_option('ggis-Inlinepost'));
     // Changed in 1.1 to handle the new shortcode convention
     //$my_params = $this->parseAttributes($matches[1]);
     if ($attrs === FALSE) {
         $my_params = $this->parseAttributes($matches[1]);
     } else {
         $my_params = $attrs;
     }
     if (!isset($my_params['id'])) {
         return '';
     }
     if (!isset($my_params['titletag'])) {
         $my_params['titletag'] = $default_params['titletag'];
     }
     if (!isset($my_params['topseparator'])) {
         $my_params['topseparator'] = $default_params['topseparator'];
     }
     if (!isset($my_params['botseparator'])) {
         $my_params['botseparator'] = $default_params['botseparator'];
     }
     if (!isset($my_params['showtitle'])) {
         $my_params['showtitle'] = $default_params['showtitle'];
     }
     if (!isset($my_params['showmeta'])) {
         $my_params['showmeta'] = $default_params['showmeta'];
     }
     if (!isset($my_params['showcontent'])) {
         $my_params['showcontent'] = 1;
     }
     // added 1.1
     if ($my_params['topseparator']) {
         $toprule = '<hr />';
     }
     if ($my_params['botseparator']) {
         $bottomrule = '<hr />';
     }
     // GET AND FORMAT POST
     $this->unit_count += 1;
     $unit_tag = 'ggis-inlinepost-f' . $my_params['id'] . '-' . $this->processing_within;
     $this->processing_unit_tag = $unit_tag;
     // PREVENT DUPLICATED INLINING
     if (isset($ggis_inlined_post_ids)) {
         if (in_array($my_params['id'], $ggis_inlined_post_ids)) {
             $postout = '<!-- ggis-InlinePost already included postID = ';
             $postout .= $my_params['id'];
             $postout .= '. Inifinite inlined loop avoided.  -->';
             return $postout;
         }
     }
     // GET POST
     $ggis_inlined_post_ids[] = $my_params['id'];
     $post = get_post($my_params['id']);
     $postout .= '<div class="ggis-inlinepost" id="' . $unit_tag . '">';
     $postout .= $toprule;
     // Post title
     if ($my_params['showtitle']) {
         $postout .= strlen($my_params['titletag']) > 0 ? '<' . $my_params['titletag'] . '>' : '';
         // open title tag
         $postout .= '<a href="' . get_permalink($my_params['id']) . '">';
         // open link to post
         $postout .= $post->post_title;
         // title
         $postout .= '</a>';
         // close link tag
         $postout .= strlen($my_params['titletag']) > 0 ? '</' . $my_params['titletag'] . '>' : '<br />';
         // close title tag
     }
     // Post metadata
     if ($my_params['showmeta']) {
         $postout .= '<div class="entry-meta">';
         $postout .= $this->ggis_format_author($post->post_author);
         $postout .= '<span class="meta-sep"> | </span>';
         $postout .= $this->ggis_format_time($post->post_modified);
         $postout .= '<span class="meta-sep"> | </span>';
         $postout .= $this->ggis_format_comments($post->ID);
         $postout .= '</div>';
     }
     // Post content
     if ($my_params['showcontent']) {
         // added in 1.1
         $post_content = $this->ggis_format_post_content($post);
         //$postout .= '<p>'.format_to_post($post_content).'</p>';
         $postout .= format_to_post($post_content);
     }
     $postout .= $bottomrule;
     $postout .= '</div>';
     $this->processing_unit_tag = null;
     return $postout;
 }
Exemple #16
0
            if ($dt != $df) {
                echo '<br />' . $dt;
            }
            ?>
					</td>
					<td>
						<?php 
            if ($e->allday == true) {
                _e('All day event', fsCalendar::$plugin_textdom);
            } else {
                echo $e->getStart('', 3) . '<br />' . $e->getEnd('', 3);
            }
            ?>
					</td>
					<td><?php 
            echo format_to_post($e->location);
            ?>
</td>
					<td><?php 
            $first = true;
            foreach ($e->categories_t as $k => $c) {
                if ($first == false) {
                    echo ', ';
                } else {
                    $first = false;
                }
                echo '<a href="' . $bl . '&amp;event_category=' . esc_attr($k) . '">' . esc_attr($c) . '</a>';
            }
            ?>
</td>
					<td class="num">