$ca = serendipity_db_query($query, true); $comment_allowed = serendipity_db_bool($ca['allow_comments']) || !is_array($ca) ? true : false; $serendipity['smarty']->assign(array('is_showcomments' => true, 'is_comment_allowed' => $comment_allowed)); if ($comment_allowed) { serendipity_displayCommentForm($id, '?', NULL, $serendipity['POST'], true, serendipity_db_bool($ca['moderate_comments']), $ca); } } } else { $comment['url'] = $serendipity['POST']['url']; $comment['comment'] = trim($serendipity['POST']['comment']); $comment['name'] = $serendipity['POST']['name']; $comment['email'] = $serendipity['POST']['email']; $comment['subscribe'] = $serendipity['POST']['subscribe']; $comment['parent_id'] = $serendipity['POST']['replyTo']; if (!empty($comment['comment'])) { if (serendipity_saveComment($id, $comment, 'NORMAL')) { $sc_url = $serendipity['baseURL'] . 'comment.php?serendipity[entry_id]=' . $id . '&success=true&url=' . urlencode($_SERVER['HTTP_REFERER']); if (serendipity_isResponseClean($sc_url)) { header('Status: 302 Found'); header('Location: ' . $sc_url); } exit; } else { $serendipity['smarty']->assign(array('is_comment_notadded' => true, 'comment_url' => serendipity_specialchars($_SERVER['HTTP_REFERER']), 'comment_string' => explode('%s', COMMENT_NOT_ADDED_CLICK))); } } else { $serendipity['smarty']->assign(array('is_comment_empty' => true, 'comment_url' => serendipity_specialchars($_SERVER['HTTP_REFERER']), 'comment_string' => explode('%s', EMPTY_COMMENT))); } } } $serendipity['smarty']->display(serendipity_getTemplateFile($serendipity['smarty_file'], 'serendipityPath'));
function serveEntry($matches) { global $serendipity; $serendipity['view'] = 'entry'; $uri = $_SERVER['REQUEST_URI']; if (isset($serendipity['GET']['id'])) { $matches[1] = (int) $serendipity['GET']['id']; } elseif (isset($_GET['p'])) { $matches[1] = $_GET['p']; } else { $matches[1] = serendipity_searchPermalink($serendipity['permalinkStructure'], $uri, !empty($matches[2]) ? $matches[2] : $matches[1], 'entry'); } serendipity_rememberComment(); if (!empty($serendipity['POST']['submit']) && !isset($_REQUEST['serendipity']['csuccess'])) { $comment['url'] = $serendipity['POST']['url']; $comment['comment'] = trim($serendipity['POST']['comment']); $comment['name'] = $serendipity['POST']['name']; $comment['email'] = $serendipity['POST']['email']; $comment['subscribe'] = $serendipity['POST']['subscribe']; $comment['parent_id'] = $serendipity['POST']['replyTo']; if (!empty($comment['comment'])) { if (serendipity_saveComment($serendipity['POST']['entry_id'], $comment, 'NORMAL')) { $sc_url = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . (strstr($_SERVER['REQUEST_URI'], '?') ? '&' : '?') . 'serendipity[csuccess]=' . (isset($serendipity['csuccess']) ? $serendipity['csuccess'] : 'true'); if (serendipity_isResponseClean($sc_url)) { header('Status: 302 Found'); header('Location: ' . $sc_url); } exit; } else { $serendipity['messagestack']['comments'][] = COMMENT_NOT_ADDED; } } else { $serendipity['messagestack']['comments'][] = sprintf(EMPTY_COMMENT, '', ''); } } $id = (int) $matches[1]; if ($id === 0) { $id = false; } $_GET['serendipity']['action'] = 'read'; $_GET['serendipity']['id'] = $id; $title = serendipity_db_query("SELECT title FROM {$serendipity['dbPrefix']}entries WHERE id={$id} AND isdraft = 'false' " . (!serendipity_db_bool($serendipity['showFutureEntries']) ? " AND timestamp <= " . serendipity_db_time() : ''), true); if (is_array($title)) { $serendipity['head_title'] = serendipity_specialchars($title[0]); $serendipity['head_subtitle'] = serendipity_specialchars($serendipity['blogTitle']); } else { $serendipity['view'] = '404'; $serendipity['viewtype'] = '404_1'; header('HTTP/1.0 404 Not found'); header('Status: 404 Not found'); } include S9Y_INCLUDE_PATH . 'include/genpage.inc.php'; }
/** * Receive a pingback * * @access public * @param int The entryid to receive a pingback for * @param string The foreign postdata to add * @return boolean */ function add_pingback($id, $postdata) { global $serendipity; log_pingback("Reached add_pingback. ID:[{$id}]"); // XML-RPC Method call without named parameter. This seems to be the default way using XML-RPC if (preg_match('@<methodCall>\\s*<methodName>\\s*pingback.ping\\s*</methodName>\\s*<params>\\s*<param>\\s*<value>\\s*<string>([^<]*)</string>\\s*</value>\\s*</param>\\s*<param>\\s*<value>\\s*<string>([^<]*)</string>\\s*</value>\\s*</param>\\s*</params>\\s*</methodCall>@is', $postdata, $matches)) { log_pingback("Pingback wp structure."); $remote = $matches[1]; $local = $matches[2]; log_pingback("remote={$remote}, local={$local}"); $path = parse_url($remote); $comment['title'] = 'PingBack'; $comment['url'] = $remote; $comment['comment'] = ''; $comment['name'] = $path['host']; fetchPingbackData($comment); // if no ID parameter was given, try to get one from targetURI if (!isset($id) || $id == 0) { log_pingback("ID not found"); $id = evaluateIdByLocalUrl($local); log_pingback("ID set to {$id}"); } if ($id > 0) { // first check, if we already have this pingback $comments = serendipity_fetchComments($id, 1, 'co.id', true, 'PINGBACK', " AND co.url='" . serendipity_db_escape_string($remote) . "'"); if (is_array($comments) && sizeof($comments) == 1) { log_pingback("We already have that PINGBACK!"); return 0; // We already have it! } // We don't have it, so save the pingback serendipity_saveComment($id, $comment, 'PINGBACK'); return 1; } else { return 0; } } // XML-RPC Method call with named parameter. I'm not sure, if XML-RPC supports this, but just to be sure $sourceURI = getPingbackParam('sourceURI', $postdata); $targetURI = getPingbackParam('targetURI', $postdata); if (isset($sourceURI) && isset($targetURI)) { log_pingback("Pingback spec structure."); $path = parse_url($sourceURI); $local = $targetURI; $comment['title'] = 'PingBack'; $comment['url'] = $sourceURI; $comment['comment'] = ''; $comment['name'] = $path['host']; fetchPingbackData($comment); // if no ID parameter was given, try to get one from targetURI if (!isset($id) || $id == 0) { log_pingback("ID not found"); $id = evaluateIdByLocalUrl($local); log_pingback("ID set to {$id}"); } if ($id > 0) { serendipity_saveComment($id, $comment, 'PINGBACK'); return 1; } else { return 0; } } return 0; }
$matches[1] = (int) $serendipity['GET']['id']; } elseif (isset($_GET['p'])) { $matches[1] = $_GET['p']; } else { $matches[1] = serendipity_searchPermalink($serendipity['permalinkStructure'], $uri, !empty($matches[2]) ? $matches[2] : $matches[1], 'entry'); } serendipity_rememberComment(); if (!empty($serendipity['POST']['submit']) && !isset($_REQUEST['serendipity']['csuccess'])) { $comment['url'] = $serendipity['POST']['url']; $comment['comment'] = trim($serendipity['POST']['comment']); $comment['name'] = $serendipity['POST']['name']; $comment['email'] = $serendipity['POST']['email']; $comment['subscribe'] = $serendipity['POST']['subscribe']; $comment['parent_id'] = $serendipity['POST']['replyTo']; if (!empty($comment['comment'])) { if (serendipity_saveComment($serendipity['POST']['entry_id'], $comment, 'NORMAL')) { $sc_url = ($_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'] . (strstr($_SERVER['REQUEST_URI'], '?') ? '&' : '?') . 'serendipity[csuccess]=' . (isset($serendipity['csuccess']) ? $serendipity['csuccess'] : 'true'); if (serendipity_isResponseClean($sc_url)) { header('Status: 302 Found'); header('Location: ' . $sc_url); } exit; } else { $serendipity['messagestack']['comments'][] = COMMENT_NOT_ADDED; } } else { $serendipity['messagestack']['comments'][] = sprintf(EMPTY_COMMENT, '', ''); } } $id = (int) $matches[1]; if ($id === 0) {
# $Id$ # Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team) # All rights reserved. See LICENSE file for licensing details include 'serendipity_config.inc.php'; if ($_REQUEST['cid'] != '' && $HTTP_RAW_POST_DATA != '') { $comment = array(); if (!preg_match('@<author[^>]*>(.*)</author[^>]*>@i', $HTTP_RAW_POST_DATA, $name)) { preg_match('@<dc:creator[^>]*>(.*)</dc:creator[^>]*>@i', $HTTP_RAW_POST_DATA, $name); } if (isset($name[1]) && !empty($name[1])) { if (preg_match('@^(.*)\\((.*)\\)@i', $name[1], $names)) { $comment['name'] = utf8_decode($names[2]); $comment['email'] = utf8_decode($names[1]); } else { $comment['name'] = utf8_decode($name[1]); } } if (preg_match('@<link[^>]*>(.*)</link[^>]*>@i', $HTTP_RAW_POST_DATA, $link)) { $comment['url'] = utf8_decode($link[1]); } if (preg_match('@<description[^>]*>(.*)</description[^>]*>@ims', $HTTP_RAW_POST_DATA, $description)) { if (preg_match('@^<!\\[CDATA\\[(.*)\\]\\]>@ims', $description[1], $cdata)) { $comment['comment'] = utf8_decode($cdata[1]); } else { $comment['comment'] = utf8_decode($description[1]); } if (!empty($comment['comment'])) { serendipity_saveComment($_REQUEST['cid'], $comment, 'NORMAL', 'API'); } } }
function addcomment($entry_id, $user, $post_id, &$comment) { global $serendipity; $oldses = $_SESSION['HTTP_REFERER']; $_SESSION['HTTP_REFERER'] = 'facebook'; // Circumvent captchas here so that comments can be saved. $_SESSION['spamblock']['captcha'] = $serendipity['POST']['captcha'] = 'abc'; $serendipity['POST']['token'] = md5(session_id()); $commentInfo = array(); $commentInfo['name'] = $comment->from->name . $this->get_config('via'); $commentInfo['url'] = 'http://www.facebook.com/' . $user . '?v=wall&story_fbid=' . $post_id; $commentInfo['email'] = $comment->from->id . '@example.com'; $tcomment = $comment->message; if ($strip_tags) { $tcomment = strip_tags($tcomment); } $commentInfo['comment'] = $tcomment; $commentInfo['time'] = strtotime($comment->created_time); $commentInfo['source'] = 'facebook'; $commentInfo['title'] = 'facebook_' . $comment->id; if (serendipity_db_bool($this->get_config('facebook_moderate'))) { $status = 'pending'; } else { $status = 'approved'; } foreach ($commentInfo as $key => $val) { $commentInfo[$key] = $this->decode($val); } serendipity_saveComment($entry_id, $commentInfo, 'NORMAL', 'facebook'); $_SESSION['HTTP_REFERER'] = $oldses; }
function check_tweetbacks_save_comment($article_id, $entry, $comment_type, $strip_tags = false) { $commentInfo = array(); $commentInfo['title'] = $entry[TWITTER_SEARCHRESULT_REALNAME] . " via Twitter"; $commentInfo['name'] = $entry[TWITTER_SEARCHRESULT_REALNAME]; $commentInfo['url'] = $this->comment_url($entry); $commentInfo['email'] = $entry[TWITTER_SEARCHRESULT_EMAIL]; $comment = $entry[TWITTER_SEARCHRESULT_TWEET]; if ($strip_tags) { $comment = strip_tags($comment); } if (LANG_CHARSET != 'UTF-8' && function_exists("mb_convert_encoding")) { $comment = mb_convert_encoding($comment, LANG_CHARSET); } $commentInfo['comment'] = $comment; $commentInfo['time'] = strtotime($entry[TWITTER_SEARCHRESULT_PUBDATE]); $commentInfo['source'] = 'tweetback'; $this->log("Tweetback save: title=[" . $commentInfo['title'] . "], comment=[" . $commentInfo['comment'] . "] articleid=[{$article_id}]"); // patch old config if ('default' == $this->get_config('tweetback_moderate')) { $this->set_config('tweetback_moderate', 'approved'); } $comment_moderation = $this->get_config('tweetback_moderate', 'approved'); if ('save' == $comment_moderation) { // save comment starts spam plugin. This might intervent the saving, but we don't want that here. // If we have more than 1 tweetback, at least the min posting freq for one IP will hit. return serendipity_saveComment($article_id, $commentInfo, $comment_type, 'tweetback'); } else { $ca = array(); $this->hook_saveComment($ca, $commentInfo); return serendipity_insertComment($article_id, $commentInfo, $comment_type, 'tweetback', $ca); } }