/**
* Add additional template variables to the template output.
*
* You can assign additional output values in the template here, instead of
* having the PHP execute directly in the template. The advantage is that
* you would easily be able to switch between template types (RawPHP/Smarty)
* without having to port code from one to the other.
*
* You could use this area to provide "recent comments" data to the template,
* for instance.
*
* Note that the variables added here should possibly *always* be added,
* especially 'user'.
*
* Also, this function gets executed *after* regular data is assigned to the
* template. So the values here, unless checked, will overwrite any existing
* values.
*/
public function add_template_vars()
{
//Theme Options
$this->assign('home_tab', 'Home');
//Set to whatever you want your first tab text to be.
$this->assign('show_author', false);
//Display author in posts
if (!$this->template_engine->assigned('pages')) {
$this->assign('pages', Posts::get(array('content_type' => 'page', 'status' => Post::status('published'), 'nolimit' => 1)));
}
if (!$this->template_engine->assigned('page')) {
$page = Controller::get_var('page');
$this->assign('page', isset($page) ? $page : 1);
}
parent::add_template_vars();
//from mzingi
//visiting page/2, /3 will offset to the next page of posts in the sidebar
$page = Controller::get_var('page');
$pagination = Options::get('pagination');
if ($page == '') {
$page = 1;
}
$this->assign('more_posts', Posts::get(array('status' => 'published', 'content_type' => 'entry', 'offset' => $pagination * $page, 'limit' => 5)));
//from mzingi
//for recent comments loop in sidebar.php
$this->assign('recent_comments', Comments::get(array('limit' => 5, 'status' => Comment::STATUS_APPROVED, 'orderby' => 'date DESC')));
}
function countStats()
{
$resultData = array();
$today = date('Y-m-d');
$loadData = Post::get(array('query' => "select count(postid)as totalcount from " . Database::getPrefix() . "post"));
$resultData['post']['total'] = $loadData[0]['totalcount'];
$loadData = Post::get(array('query' => "select count(postid)as totalcount from " . Database::getPrefix() . "post where DATE(date_added)='{$today}'"));
$resultData['post']['today'] = $loadData[0]['totalcount'];
$loadData = Post::get(array('query' => "select count(postid)as totalcount from " . Database::getPrefix() . "post where status='1'"));
$resultData['post']['published'] = $loadData[0]['totalcount'];
$loadData = Post::get(array('query' => "select count(postid)as totalcount from " . Database::getPrefix() . "post where status='0'"));
$resultData['post']['pending'] = $loadData[0]['totalcount'];
$loadData = Comments::get(array('query' => "select count(commentid)as totalcount from " . Database::getPrefix() . "comments"));
$resultData['comments']['total'] = $loadData[0]['totalcount'];
$loadData = Comments::get(array('query' => "select count(commentid)as totalcount from " . Database::getPrefix() . "comments where DATE(date_added)='{$today}'"));
$resultData['comments']['today'] = $loadData[0]['totalcount'];
$loadData = Comments::get(array('query' => "select count(commentid)as totalcount from " . Database::getPrefix() . "comments where status='1'"));
$resultData['comments']['approved'] = $loadData[0]['totalcount'];
$loadData = Comments::get(array('query' => "select count(commentid)as totalcount from " . Database::getPrefix() . "comments where status='0'"));
$resultData['comments']['pending'] = $loadData[0]['totalcount'];
$loadData = Contactus::get(array('query' => "select count(contactid)as totalcount from " . Database::getPrefix() . "contactus"));
$resultData['contactus']['total'] = $loadData[0]['totalcount'];
$loadData = Contactus::get(array('query' => "select count(contactid)as totalcount from " . Database::getPrefix() . "contactus where DATE(date_added)='{$today}'"));
$resultData['contactus']['today'] = $loadData[0]['totalcount'];
$loadData = Users::get(array('query' => "select count(userid)as totalcount from " . Database::getPrefix() . "users"));
$resultData['users']['total'] = $loadData[0]['totalcount'];
$loadData = Users::get(array('query' => "select count(userid)as totalcount from " . Database::getPrefix() . "users where DATE(date_added)='{$today}'"));
$resultData['users']['today'] = $loadData[0]['totalcount'];
return $resultData;
}
/**
* Recent Comments
*
* Handle recent comment block output
*
* @param Block $block The block instance to be configured
* @param Theme $theme The active theme
*/
public function action_block_content_recent_comments($block, $theme)
{
if (!($limit = $block->quantity)) {
$limit = 5;
}
$offset = 0;
$published_posts = 0;
$valid_comments = array();
// prevent endless looping if there are fewer comments than $limit
$comments_remain = true;
while ($published_posts < $limit && $comments_remain) {
$comments = Comments::get(array('limit' => $limit - $published_posts, 'status' => Comment::STATUS_APPROVED, 'type' => Comment::COMMENT, 'offset' => $offset, 'orderby' => 'date DESC'));
// check the posts
foreach ($comments as $key => $comment) {
if ($comment->post->status == Post::status('published')) {
$valid_comments[] = $comments[$key];
++$published_posts;
}
++$offset;
}
// stop looping if out of comments
if (count($comments) === 0) {
$comments_remain = false;
}
}
$block->recent_comments = $valid_comments;
}
public function add_template_vars()
{
//Theme Options
$this->assign('show_author', true);
//Display author in posts
// How many months should be displayed by the RN Archives plugin
$this->assign('rn_archives_months', 2);
// Links list
$this->assign('links_list', array('Follow me on Twitter' => 'http://twitter.com/sebastianp'));
if (!$this->template_engine->assigned('pages')) {
$this->assign('pages', Posts::get(array('content_type' => 'page', 'status' => Post::status('published'), 'nolimit' => 1)));
}
// Fetch the last 5 posts, for displaying in the quickbar
if (!$this->template_engine->assigned('latest_posts')) {
$this->assign('latest_posts', Posts::get(array('content_type' => 'entry', 'status' => Post::status('published'), 'limit' => 5)));
}
// Fetch the last 5 comments, for displaying in the quickbar
if (!$this->template_engine->assigned('latest_comments')) {
$this->assign('latest_comments', Comments::get(array('status' => Comment::STATUS_APPROVED)));
}
if (!$this->template_engine->assigned('taglist')) {
$this->assign('taglist', $this->theme_show_tags());
}
// Fetch all the posts
if (!$this->template_engine->assigned('archives')) {
$this->assign('archives', Posts::get(array('content_type' => 'entry', 'status' => Post::status('published'))));
}
parent::add_template_vars();
}
/**
* Display a listing of the resource.
*
* @return Response
*/
public function index()
{
$users = Users::get();
$comments = Comments::get();
$supports = Supports::get();
$notes = Notes::get();
$usersJson = array();
$commentsJson = array();
$supportsJson = array();
$notesJson = array();
// build users
foreach ($users as $user) {
array_push($usersJson, array('id' => $user->id, 'name' => $user->name));
}
// build comments
foreach ($comments as $comment) {
array_push($commentsJson, array('id' => $comment->id, 'article_id' => $comment->article_id, 'user_id' => $comment->user_id, 'comment' => $comment->comment, 'challenge' => $comment->challenge));
}
// build supports
foreach ($supports as $support) {
array_push($supportsJson, array('id' => $support->id, 'user_id' => $support->user_id, 'comment_id' => $support->comment_id));
}
// build notes
foreach ($notes as $note) {
array_push($notesJson, array('id' => $note->id, 'comment_id' => $note->comment_id, 'comment' => $note->comment));
}
// build json
$json = array('users' => $usersJson, 'comments' => $commentsJson, 'supports' => $supportsJson, 'notes' => $notesJson);
// display json
echo json_encode($json);
}
/**
* Add additional template variables to the template output.
*
* This function gets executed *after* regular data is assigned to the
* template. So the values here, unless checked, will overwrite any existing
* values.
*/
public function add_template_vars()
{
parent::add_template_vars();
if (!$this->template_engine->assigned('pages')) {
$this->assign('pages', Posts::get('page_list'));
}
if (!$this->template_engine->assigned('asides')) {
//For Asides loop in sidebar.php
$this->assign('asides', Posts::get('asides'));
}
if (!$this->template_engine->assigned('recent_comments')) {
//for recent comments loop in sidebar.php
$this->assign('recent_comments', Comments::get(array('limit' => 5, 'status' => Comment::STATUS_APPROVED, 'orderby' => 'date DESC')));
}
if (!$this->template_engine->assigned('more_posts')) {
//Recent posts in sidebar.php
//visiting page/2 will offset to the next page of posts in the footer /3 etc
$pagination = Options::get('pagination');
$this->assign('more_posts', Posts::get(array('content_type' => 'entry', 'status' => 'published', 'vocabulary' => array('tags:not:tag' => 'asides'), 'offset' => $pagination * $this->page, 'limit' => 5)));
}
if (!$this->template_engine->assigned('all_tags')) {
// List of all the tags
$this->assign('all_tags', Tags::vocabulary()->get_tree());
}
if (!$this->template_engine->assigned('all_entries')) {
// List of all the entries
$this->assign('all_entries', Posts::get(array('content_type' => 'entry', 'status' => 'published', 'nolimit' => 1)));
}
}
public function index()
{
Cache::loadPage('', 30);
$inputData = array();
$postid = 0;
Model::loadWithPath('post', System::getThemePath() . 'model/');
if (!($match = Uri::match('post\\/(.*?)\\.html$'))) {
Redirect::to('404page');
}
$friendly_url = addslashes($match[1]);
$loadData = Post::get(array('cacheTime' => 30, 'where' => "where friendly_url='{$friendly_url}'"));
if (!isset($loadData[0]['postid'])) {
Redirect::to('404page');
}
$inputData = $loadData[0];
if (Request::has('btnComment')) {
try {
sendComment($loadData[0]['postid']);
$inputData['commentAlert'] = '<div class="alert alert-success">Send comment success.</div>';
} catch (Exception $e) {
$inputData['commentAlert'] = '<div class="alert alert-warning">' . $e->getMessage() . '</div>';
}
}
$postid = $loadData[0]['postid'];
$listTag = PostTags::renderToLink($postid);
$inputData['listTag'] = $listTag;
$inputData['listComments'] = Comments::get(array('where' => "where postid='{$postid}' AND status='1'", 'orderby' => "order by postid desc"));
Post::upView($postid);
System::setTitle(ucfirst($loadData[0]['title']));
$keywords = isset($loadData[0]['keywords'][4]) ? $loadData[0]['keywords'] : System::getKeywords();
System::setKeywords($keywords);
self::makeContent('post', $inputData);
Cache::savePage();
}
public function onecommentAction()
{
$comm_id = $this->_getParam('comm_id');
$Comments = new Comments();
$this->view->comm = $Comments->get($comm_id);
//$this->_helper->viewRenderer->setNoRender();
$this->_helper->layout->disableLayout();
}
function action_comment_insert_before($comment)
{
// This plugin ignores non-comments and comments already marked as spam
if ($comment->type == Comment::COMMENT && $comment->status != Comment::STATUS_SPAM) {
if (Comments::get(array('email' => $comment->email, 'name' => $comment->name, 'url' => $comment->url, 'status' => Comment::STATUS_APPROVED))->count >= Options::get('preapproved__approved_count')) {
$comment->status = Comment::STATUS_APPROVED;
EventLog::log('Comment by ' . $comment->name . ' automatically approved.', 'info', 'PreApproved', 'PreApproved');
}
}
return $comment;
}
public function action_comment_insert_before($comment)
{
if ($comment->url != '') {
$lastcomment = Comments::get(array('url' => $comment->url, 'limit' => 1, 'orderby' => '`date` DESC', 'fetch_fn' => 'get_row'));
if ($lastcomment instanceof Comment) {
if (isset($lastcomment->info->redirecturl)) {
$comment->info->redirecturl = $lastcomment->info->redirecturl;
}
}
}
}
public function add_template_vars()
{
$this->add_template('formcontrol_text', dirname(__FILE__) . '/forms/formcontrol_text.php', true);
$this->add_template('formcontrol_textarea', dirname(__FILE__) . '/forms/formcontrol_textarea.php', true);
$this->recent_comments = Comments::get(array('limit' => 5, 'status' => Comment::STATUS_APPROVED, 'orderby' => 'date DESC'));
$this->recent_posts = Posts::get(array('limit' => 5, 'orderby' => 'pubdate DESC', 'content_type' => Post::type('entry'), 'status' => Post::status('published')));
if (!$this->template_engine->assigned('pages')) {
$this->pages = Posts::get(array('content_type' => 'page', 'status' => Post::status('published'), 'nolimit' => 1));
}
parent::add_template_vars();
}
private function delete_old_spam()
{
// The inline values are safe and used this way for a reason
$comments = Comments::get(array('where' => 'date < ' . strtotime('yesterday') . ' AND {comments}.status = ' . Comment::STATUS_SPAM));
if ($comments->count == 0) {
$message = _t('No old spam to delete.');
} else {
$total = $comments->count();
$comments->delete();
$message = _t('Deleted all %s spam comments.', array($total));
}
return $message;
}
public function view()
{
if (!($match = Uri::match('\\/view\\/(\\d+)'))) {
Redirect::to(ADMINCP_URL . 'comments/');
}
$commentid = $match[1];
$loadData = Comments::get(array('query' => "select p.title,c.* from " . Database::getPrefix() . "post p," . Database::getPrefix() . "comments c where p.postid=c.postid AND c.commentid='{$commentid}'"));
$post['edit'] = $loadData[0];
System::setTitle('View comment - ' . ADMINCP_TITLE);
View::make('admincp/head');
self::makeContents('commentView', $post);
View::make('admincp/footer');
}
function check_comment($comment)
{
// don't blacklist logged-in users: they can speak freely
if (User::identify()->loggedin) {
return true;
}
// and if the person has more than 5 comments approved,
// they're likely not a spammer, so don't blacklist them
$bypass = Options::get('simpleblacklist__frequency', false);
if ($bypass) {
$comments = Comments::get(array('email' => $comment->email, 'name' => $comment->name, 'url' => $comment->url, 'status' => Comment::STATUS_APPROVED));
if ($comments->count >= 5) {
return true;
}
}
$allow = true;
$reason = "";
$blacklist = explode("\n", Options::get('simpleblacklist__blacklist'));
foreach ($blacklist as $item) {
$item = trim(strtolower($item));
if ('' == $item) {
continue;
}
// check against the commenter name
if (false !== strpos(strtolower($comment->name), $item)) {
$allow = false;
}
// check against the commenter email
if (false !== strpos(strtolower($comment->email), $item)) {
$allow = false;
}
// check against the commenter URL
if (false !== strpos(strtolower($comment->url), $item)) {
$allow = false;
}
// check against the commenter IP address
if ((strpos($comment->ip, '.') > 0 ? $comment->ip : long2ip($comment->ip)) == $item) {
$allow = false;
}
// now check the body of the comment
if (false !== strpos(strtolower($comment->content), $item)) {
$allow = false;
}
if ($allow === false) {
break;
}
}
return $allow;
}
public function add_template_vars()
{
if (!$this->template_engine->assigned('pages')) {
$this->assign('pages', Posts::get(array('content_type' => 'page', 'status' => Post::status('published'))));
}
if (!$this->template_engine->assigned('user')) {
$this->assign('user', User::identify());
}
if (!$this->template_engine->assigned('page')) {
$this->assign('page', isset($page) ? $page : 1);
}
//for recent comments loop in sidebar.php
$this->assign('recent_comments', Comments::get(array('limit' => 8, 'status' => Comment::STATUS_APPROVED, 'orderby' => 'date DESC')));
parent::add_template_vars();
}
/**
* Add additional template variables to the template output.
*
* You can assign additional output values in the template here, instead of
* having the PHP execute directly in the template. The advantage is that
* you would easily be able to switch between template types (RawPHP/Smarty)
* without having to port code from one to the other.
*
* You could use this area to provide "recent comments" data to the template,
* for instance.
*
* Note that the variables added here should possibly *always* be added,
* especially 'user'.
*
* Also, this function gets executed *after* regular data is assigned to the
* template. So the values here, unless checked, will overwrite any existing
* values.
*/
public function add_template_vars()
{
if (!$this->template_engine->assigned('pages')) {
$this->assign('pages', Posts::get(array('content_type' => 'page', 'status' => Post::status('published'))));
}
//For Asides loop in sidebar.php
$this->assign('asides', Posts::get(array('tag' => 'aside', 'limit' => 5)));
//for recent comments loop in sidebar.php
$this->assign('recent_comments', Comments::get(array('limit' => 5, 'status' => Comment::STATUS_APPROVED, 'orderby' => 'date DESC')));
parent::add_template_vars();
//visiting page/2, /3 will offset to the next page of posts in the sidebar
$page = Controller::get_var('page');
$pagination = Options::get('pagination');
if ($page == '') {
$page = 1;
}
$this->assign('more_posts', Posts::get(array('status' => 'published', 'content_type' => 'entry', 'offset' => $pagination * $page, 'limit' => 5)));
}
public function add_template_vars()
{
//Theme Options
$this->assign('home_tab', 'Blog');
//Set to whatever you want your first tab text to be.
if (!$this->assigned('pages')) {
$this->assign('pages', Posts::get(array('content_type' => 'page', 'status' => Post::status('published'), 'nolimit' => 1)));
}
if (!$this->assigned('user')) {
$this->assign('user', User::identify());
}
if (!$this->assigned('recent_comments')) {
$this->assign('recent_comments', Comments::get(array('limit' => 10, 'status' => Comment::STATUS_APPROVED, 'type' => Comment::COMMENT, 'orderby' => 'date DESC')));
}
if (!$this->assigned('recent_entries')) {
$this->assign('recent_entries', Posts::get(array('limit' => 10, 'content_type' => 1, 'status' => 2, 'orderby' => 'pubdate DESC')));
}
parent::add_template_vars();
}
/**
* Output an Atom collection of comments based on the supplied parameters.
*
* @param array $params An array of parameters passed to Comments::get() to retrieve comments
*/
function get_comments( $params = array() )
{
$comments = null;
$comments_count = null;
// Assign self link.
$self = '';
// Assign alternate link.
$alternate = '';
$updated = HabariDateTime::date_create();
// Check if this is a feed for a single post
if ( isset( $params['slug'] ) || isset( $params['id'] ) ) {
if ( isset( $params['slug'] ) ) {
$post = Post::get( array( 'slug' => $params['slug'] ) );
}
elseif ( isset( $params['id'] ) ) {
$post = Post::get( array( 'id' => $params['id'] ) );
}
// If the post doesn't exist, send a 404
if ( !$post instanceOf Post ) {
header( 'HTTP/1.1 404 Not Found', true, 404 );
die('The post could not be found');
}
$comments = $post->comments->approved;
$comments_count = count( $comments );
$content_type = Post::type_name( $post->content_type );
$self = URL::get( "atom_feed_{$content_type}_comments", $post, false );
$alternate = URL::get( "display_{$content_type}", $post, false );
if ( $comments_count ) {
$updated = $comments[$comments_count - 1]->date;
}
}
else {
$self = URL::get( 'atom_feed_comments' );
$alternate = URL::get( 'display_home' );
$params['status'] = Comment::STATUS_APPROVED;
$comments = Comments::get( $params );
$comments_count = Comments::count_total( Comment::status( 'approved' ) );
if ( $comments_count ) {
$updated = $comments[0]->date;
}
}
$id = isset( $params['slug'] ) ? $params['slug'] : 'atom_comments';
$xml = $this->create_atom_wrapper( $alternate, $self, $id, $updated );
$xml = $this->add_pagination_links( $xml, $comments_count );
$xml = $this->add_comments( $xml, $comments );
Plugins::act( 'atom_get_comments', $xml, $params, $this->handler_vars );
$xml = $xml->asXML();
ob_clean();
header( 'Content-Type: application/atom+xml' );
print $xml;
}
* (Well, ofcourse they may try to... since routing is global. But they should not.)
*/
Route::get('admin', ['as' => 'admin.dashboard', 'before' => 'admin', 'uses' => 'App\\Modules\\Dashboard\\Http\\Controllers\\AdminDashboardController@getindex']);
/*
* Comment component
*/
Route::get('comments/paginate/{foreignType}/{foreignId}', function ($foreignType, $foreignId) {
return Comments::paginate($foreignType, $foreignId)->setPath(Request::url());
});
Route::post('comments/store', ['as' => 'comments.store', 'middleware' => 'csrf', 'uses' => function () {
$foreignType = Input::get('foreigntype');
$foreignId = Input::get('foreignid');
return Comments::store($foreignType, $foreignId);
}]);
Route::get('comments/{id}', function ($id) {
return Comments::get($id);
});
Route::get('comments/{id}/edit', ['as' => 'comments.edit', 'uses' => function ($id) {
return Comments::edit($id);
}]);
Route::put('comments/{id}/update', ['as' => 'comments.update', 'middleware' => 'csrf', 'uses' => function ($id) {
return Comments::update($id);
}]);
Route::delete('comments/{id}/delete', ['as' => 'comments.delete', 'middleware' => 'csrf', 'uses' => function ($id) {
return Comments::delete($id);
}]);
/*
* Ratings
*/
Route::post('ratings/store', ['as' => 'ratings.store', 'middleware' => 'csrf', 'uses' => function () {
$foreignType = Input::get('foreigntype');
/**
* Compiles and formats the recent comments list
*
* @return string An HTML unorderd list of the recent comments
*/
public function theme_show_recentcomments($theme)
{
//Get the plugin options
$limit = Options::get(strtolower(get_class($this)) . '__count');
$format = Options::get(strtolower(get_class($this)) . '__format');
$dateformat = Options::get(strtolower(get_class($this)) . '__dateformat');
$theme->recentcomments_title = Options::get(strtolower(get_class($this)) . '__title');
//Assign default values if options not set
if (empty($limit)) {
$limit = '5';
}
if (empty($format)) {
$format = '[[user]] on [[post]]';
}
if (empty($dateformat)) {
$dateformat = 'Mj n:ia';
}
$status = Comment::STATUS_APPROVED;
$commentarray = array('limit' => $limit, 'status' => $status, 'type' => Comment::COMMENT, 'orderby' => 'date DESC');
$comments = Comments::get($commentarray);
$list = array();
foreach ($comments as $comment) {
$name = '<a href="' . $comment->url . '" rel="external">' . $comment->name . '</a>';
$post = '<a href="' . $comment->post->permalink . '">' . $comment->post->title . '</a>';
$datearray = date_parse($comment->date);
$date = date($dateformat, mktime($datearray['hour'], $datearray['minute'], 0, $datearray['month'], $datearray['day'], $datearray['year']));
$list[] = "<li>" . str_replace('[[user]]', $name, str_replace('[[post]]', $post, str_replace('[[date]]', $date, $format))) . "</li>\n";
}
$theme->recentcomments_links = $list;
return $theme->fetch('recentcomments');
}
function validate_commenter($value, $control, $form)
{
if (Comments::get(array('email' => $form->cf_email, 'name' => $value, 'url' => $form->cf_url, 'status' => Comment::STATUS_APPROVED))->count) {
$_SESSION['recaptcha_commenter_validated'] = true;
return array();
} else {
$_SESSION['recaptcha_commenter_validated'] = false;
return array(_t("You have not been approved before and have to enter a Captcha. If you commented before, you will not have to enter a Captcha if you use the same combination of name, mail and URL.", __CLASS__));
}
}
* @reference
* @license http://www.gnu.org/copyleft/lesser.txt GNU Lesser General Public License
*/
// common definitions and initial processing
include_once '../shared/global.php';
include_once 'comments.php';
// look for the id
$id = NULL;
if (isset($_REQUEST['id'])) {
$id = $_REQUEST['id'];
} elseif (isset($context['arguments'][0])) {
$id = $context['arguments'][0];
}
$id = strip_tags($id);
// get the item from the database
$item = Comments::get($id);
// get the related anchor, if any
$anchor = NULL;
if (isset($item['anchor']) && $item['anchor']) {
$anchor = Anchors::get($item['anchor']);
$overlay = $anchor->overlay;
}
// load the skin, maybe with a variant
load_skin('comments', $anchor);
// clear the tab we are in, if any
if (is_object($anchor)) {
$context['current_focus'] = $anchor->get_focus();
}
// the path to this page
if (is_object($anchor) && $anchor->is_viewable()) {
$context['path_bar'] = $anchor->get_path_bar();
/**
* Handles AJAX requests to update comments, comment moderation
*/
public function ajax_update_comment( $handler_vars )
{
Utils::check_request_method( array( 'POST' ) );
// check WSSE authentication
$wsse = Utils::WSSE( $handler_vars['nonce'], $handler_vars['timestamp'] );
if ( $handler_vars['digest'] != $wsse['digest'] ) {
Session::error( _t( 'WSSE authentication failed.' ) );
echo Session::messages_get( true, array( 'Format', 'json_messages' ) );
return;
}
$ids = array();
foreach ( $_POST as $id => $update ) {
// skip POST elements which are not comment ids
if ( preg_match( '/^p\d+$/', $id ) && $update ) {
$ids[] = (int) substr( $id, 1 );
}
}
if ( ( ! isset( $ids ) || empty( $ids ) ) && $handler_vars['action'] == 'delete' ) {
Session::notice( _t( 'No comments selected.' ) );
echo Session::messages_get( true, array( 'Format', 'json_messages' ) );
return;
}
$comments = Comments::get( array( 'id' => $ids, 'nolimit' => true ) );
Plugins::act( 'admin_moderate_comments', $handler_vars['action'], $comments, $this );
$status_msg = _t( 'Unknown action "%s"', array( $handler_vars['action'] ) );
switch ( $handler_vars['action'] ) {
case 'delete_spam':
Comments::delete_by_status( Comment::STATUS_SPAM );
$status_msg = _t( 'Deleted all spam comments' );
break;
case 'delete_unapproved':
Comments::delete_by_status( Comment::STATUS_UNAPPROVED );
$status_msg = _t( 'Deleted all unapproved comments' );
break;
case 'delete':
// Comments marked for deletion
Comments::delete_these( $comments );
$status_msg = sprintf( _n( 'Deleted %d comment', 'Deleted %d comments', count( $ids ) ), count( $ids ) );
break;
case 'spam':
// Comments marked as spam
Comments::moderate_these( $comments, Comment::STATUS_SPAM );
$status_msg = sprintf( _n( 'Marked %d comment as spam', 'Marked %d comments as spam', count( $ids ) ), count( $ids ) );
break;
case 'approve':
case 'approved':
// Comments marked for approval
Comments::moderate_these( $comments, Comment::STATUS_APPROVED );
$status_msg = sprintf( _n( 'Approved %d comment', 'Approved %d comments', count( $ids ) ), count( $ids ) );
break;
case 'unapprove':
case 'unapproved':
// Comments marked for unapproval
Comments::moderate_these( $comments, Comment::STATUS_UNAPPROVED );
$status_msg = sprintf( _n( 'Unapproved %d comment', 'Unapproved %d comments', count( $ids ) ), count( $ids ) );
break;
default:
// Specific plugin-supplied action
$status_msg = Plugins::filter( 'admin_comments_action', $status_msg, $handler_vars['action'], $comments );
break;
}
Session::notice( $status_msg );
echo Session::messages_get( true, array( 'Format', 'json_messages' ) );
}
/**
* filter_dash_module_latest_spam
* Function used to set theme variables to the latest spam dashboard widget
* @param string $module_id
* @return string The contents of the module
*/
public function filter_dash_module_latest_spam($module, $module_id, $theme)
{
$comments = Comments::get(array('status' => array(Comment::status('spam'), Comment::status('unapproved')), 'limit' => 8));
$theme->latestspam_comments = $comments;
$theme->spambutton = Options::get('spamview__spambutton');
$theme->spamcount = Comments::count_total(Comment::STATUS_SPAM, FALSE);
$module['title'] = '<a href="' . Site::get_url('admin') . '/comments?status=' . Comment::status('spam') . '">' . _t('Latest Spam') . '</a>';
// $module['options'] = _t( 'You should not be here' );
$module['content'] = $theme->fetch('dash_spam');
return $module;
}
function get($p_id = 0, $count = false)
{
global $CFG;
if (empty($this->url) && !$this->show_all) {
Errors::add($CFG->comments_no_url_error);
return false;
}
if (!($this->record_id > 0) && !$this->show_all) {
Errors::add($CFG->comments_no_record_error);
return false;
}
$sql_filter = $this->sql_filter;
$sql = "SELECT comments.* FROM {$this->table} ";
if ($sql_filter) {
$matches = String::getSubstring($sql_filter, '[', ']');
foreach ($matches as $match) {
if (strstr($match, ',')) {
$join_path = explode(',', $match);
if (is_array($join_path)) {
foreach ($join_path as $join_field) {
$join_field_parts = explode('.', $join_field);
$join_table = $join_field_parts[0];
$j_field = $join_field_parts[1];
$join_tables[$join_table][] = $j_field;
}
$sql_filter = str_ireplace('[' . $match . ']', $join_field, $sql_filter);
}
} elseif (strstr($match, '.')) {
$join_field_parts = explode('.', $match);
$join_table = $join_field_parts[0];
$j_field = $join_field_parts[1];
$join_tables[$join_table][] = $j_field;
$sql_filter = str_replace('[', '', str_replace(']', '', $sql_filter));
}
}
}
if ($join_tables) {
foreach ($join_tables as $r_table => $r_field) {
$j_field = $prev_field == 'id' ? $r_field[0] : 'id';
$j_field = $r_table == $prev_table ? $prev_field : $r_field[0];
if ($r_table != $this->table) {
$sql .= " LEFT JOIN {$r_table} ON ({$prev_table}.{$prev_field} = {$r_table}.{$j_field}) ";
}
$prev_table = $r_table;
$prev_field = count($r_field) > 1 ? $r_field[1] : $r_field[0];
}
}
$sql .= " WHERE 1 ";
if ($sql_filter) {
$sql_filter = String::doFormulaReplacements($sql_filter);
$sql .= " AND (" . $sql_filter . ') ';
}
$sql .= (!$this->show_all ? "AND {$this->table}.url = '{$this->url}' AND {$this->table}.record_id = {$this->record_id}" : "") . " " . (!$count ? "AND {$this->table}.p_id = {$p_id}" : '') . " \n\t\tORDER BY {$this->table}.date DESC ";
if ($this->max_comments) {
$sql .= " LIMIT 0,{$this->max_comments}";
}
$result = db_query_array($sql);
if ($result) {
foreach ($result as $row) {
$this->count++;
$id = $row['id'];
$comments[$id] = $row;
$comments[$id]['children'] = Comments::get($id);
}
}
return $comments;
}
/**
* Activity Sparkline
*
* Handle activity sparkline block output
*
* @param Block $block The block instance to be configured
* @param Theme $theme The active theme
*/
public function action_block_content_activity_sparkline($block, $theme)
{
// Number of days to show; make this configurable
$n_days = $block->field_load('sparkline_days');
//
$i = 0;
$days = array();
while ($i < $n_days) {
$days[] = HabariDateTime::date_create()->modify('-' . $i . ' days');
$i++;
}
$days = array_reverse($days);
// Utils::debug( $days );
$day_stats = array();
foreach ($days as $day) {
// $posts = $theme->get_posts();
$posts = Posts::get(array('year' => $day->format('Y'), 'month' => $day->format('m'), 'day' => $day->format('d'), 'limit' => 5));
$posts = count($posts);
// $posts = 90;
$comments = Comments::get(array('year' => $day->format('Y'), 'month' => $day->format('m'), 'day' => $day->format('d'), 'status' => Comment::status('approved'), 'nolimit' => true));
$comments = count($comments);
// $comments = 5;
if ($posts > 0) {
$posts = 5;
}
$day_stats[] = array('posts' => $posts, 'comments' => $comments, 'date' => $day);
//
}
$block->days = $day_stats;
}
/**
* Receive a Pingback via XMLRPC
* @param array $params An array of XMLRPC parameters from the remote call
* @return string The success state of the pingback
*/
public function xmlrpc_pingback__ping( $params )
{
try {
list( $source_uri, $target_uri )= $params;
// This should really be done by an Habari core function
$target_parse = InputFilter::parse_url( $target_uri );
$target_stub = $target_parse['path'];
$base_url = Site::get_path( 'base', true );
if ( '/' != $base_url) {
$target_stub = str_replace( $base_url, '', $target_stub );
}
$target_stub = trim( $target_stub, '/' );
if ( strpos( $target_stub, '?' ) !== false ) {
list( $target_stub, $query_string )= explode( '?', $target_stub );
}
// Can this be used as a target?
$target_slug = URL::parse( $target_stub )->named_arg_values['slug'];
if ( $target_slug === false ) {
throw new XMLRPCException( 33 );
}
// Does the target exist?
$target_post = Post::get( array( 'slug' => $target_slug ) );
if ( $target_post === false ) {
throw new XMLRPCException( 32 );
}
// Is comment allowed?
if ( $target_post->info->comments_disabled ) {
throw new XMLRPCException( 33 );
}
// Is this Pingback already registered?
if ( Comments::get( array( 'post_id' => $target_post->id, 'url' => $source_uri, 'type' => Comment::PINGBACK ) )->count() > 0 ) {
throw new XMLRPCException( 48 );
}
// Retrieve source contents
try {
$rr = new RemoteRequest( $source_uri );
$rr->execute();
if ( ! $rr->executed() ) {
throw new XMLRPCException( 16 );
}
$source_contents = $rr->get_response_body();
$headers = $rr->get_response_headers();
}
catch ( XMLRPCException $e ) {
// catch our special type of exception and re-throw it
throw $e;
}
catch ( Exception $e ) {
throw new XMLRPCException( -32300 );
}
// Encoding is converted into internal encoding.
// First, detect the source string's encoding
$habari_encoding = strtoupper( MultiByte::hab_encoding() );
$source_encoding = 'Windows-1252';
// Is the charset in the headers?
if ( isset( $headers['Content-Type'] ) && strpos( $headers['Content-Type'], 'charset' ) !== false ) {
// This regex should be changed to meet the HTTP spec at some point
if ( preg_match("/charset[\x09\x0A\x0C\x0D\x20]*=[\x09\x0A\x0C\x0D\x20]*('?)([A-Za-z0-9\-\_]+)\1/i", $headers['Content-Type'], $matches ) ) {
$source_encoding = strtoupper( $matches[2] );
}
}
// Can we tell the charset from the stream itself?
else if ( ( $enc = MultiByte::detect_bom_encoding( $source_contents ) ) !== false ) {
$source_encoding = $enc;
}
// Is the charset in a meta tag?
else if ( preg_match( "/<meta[^>]+charset[\x09\x0A\x0C\x0D\x20]*=[\x09\x0A\x0C\x0D\x20]*([\"']?)([A-Za-z0-9\-\_]+)\1/i", $source_contents, $matches ) ) {
$source_encoding = strtoupper( $matches[2] );
if (in_array($source_encoding, array("UTF-16", "UTF-16BE", "UTF-16LE"))) {
$source_encoding = "UTF-8";
}
}
// Then, convert the string
$ret = MultiByte::convert_encoding( $source_contents, $habari_encoding, $source_encoding );
if ( $ret !== false ) {
$source_contents = $ret;
}
// Find the page's title
preg_match( '/<title>(.*)<\/title>/is', $source_contents, $matches );
$source_title = $matches[1];
// Find the reciprocal links and their context
preg_match( '/<body[^>]*>(.+)<\/body>/is', $source_contents, $matches );
$source_contents_filtered = preg_replace( '/\s{2,}/is', ' ', strip_tags( $matches[1], '<a>' ) );
// Get rid of all the non-recriprocal links
$ht = new HTMLTokenizer( trim( $source_contents_filtered ) );
$set = $ht->parse();
$all_links = $set->slice( 'a', array() );
$keep_links = $set->slice( 'a', array( 'href' => $target_uri ) );
$bad_links = array_diff( $all_links, $keep_links );
foreach( $bad_links as $link ) {
$link->tokenize_replace( '' );
$set->replace_slice( $link );
}
$source_contents_filtered = (string)$set;
// Get the excerpt
if ( !preg_match( '%.{0,100}?<a[^>]*?href\\s*=\\s*("|\'|)' . $target_uri . '\\1[^>]*?'.'>(.+?)</a>.{0,100}%s', $source_contents_filtered, $source_excerpt ) ) {
throw new XMLRPCException( 17 );
}
/** Sanitize Data */
$source_excerpt = '…' . InputFilter::filter( $source_excerpt[0] ) . '…';
$source_title = InputFilter::filter($source_title);
$source_uri = InputFilter::filter($source_uri);
/* Sanitize the URL */
if (!empty($source_uri)) {
$parsed = InputFilter::parse_url( $source_uri );
if ( $parsed['is_relative'] ) {
// guess if they meant to use an absolute link
$parsed = InputFilter::parse_url( 'http://' . $source_uri );
if ( ! $parsed['is_error'] ) {
$source_uri = InputFilter::glue_url( $parsed );
}
else {
// disallow relative URLs
$source_uri = '';
}
}
if ( $parsed['is_pseudo'] || ( $parsed['scheme'] !== 'http' && $parsed['scheme'] !== 'https' ) ) {
// allow only http(s) URLs
$source_uri = '';
}
else {
// reconstruct the URL from the error-tolerant parsing
// http:moeffju.net/blog/ -> http://moeffju.net/blog/
$source_uri = InputFilter::glue_url( $parsed );
}
}
// Add a new pingback comment
$pingback = new Comment( array(
'post_id' => $target_post->id,
'name' => $source_title,
'email' => '',
'url' => $source_uri,
'ip' => Utils::get_ip(),
'content' => $source_excerpt,
'status' => Comment::STATUS_UNAPPROVED,
'date' => HabariDateTime::date_create(),
'type' => Comment::PINGBACK,
) );
$pingback->insert();
// Respond to the Pingback
return 'The pingback has been registered';
}
catch ( XMLRPCException $e ) {
$e->output_fault_xml();
}
}
/**
* Receive a Pingback via XMLRPC
* @param array $params An array of XMLRPC parameters from the remote call
* @return string The success state of the pingback
*/
public function xmlrpc_pingback__ping($params)
{
try {
list($source_uri, $target_uri) = $params;
// This should really be done by an Habari core function
$target_parse = InputFilter::parse_url($target_uri);
$target_stub = $target_parse['path'];
$base_url = Site::get_path('base', TRUE);
if ('/' != $base_url) {
$target_stub = str_replace($base_url, '', $target_stub);
}
$target_stub = trim($target_stub, '/');
if (strpos($target_stub, '?') !== FALSE) {
list($target_stub, $query_string) = explode('?', $target_stub);
}
// Can this be used as a target?
$target_slug = URL::parse($target_stub)->named_arg_values['slug'];
if ($target_slug === FALSE) {
throw new XMLRPCException(33);
}
// Does the target exist?
$target_post = Post::get(array('slug' => $target_slug));
if ($target_post === FALSE) {
throw new XMLRPCException(32);
}
// Is comment allowed?
if ($target_post->info->comments_disabled) {
throw new XMLRPCException(33);
}
// Is this Pingback already registered?
if (Comments::get(array('post_id' => $target_post->id, 'url' => $source_uri, 'type' => Comment::PINGBACK))->count() > 0) {
throw new XMLRPCException(48);
}
// Retrieve source contents
$rr = new RemoteRequest($source_uri);
$rr->execute();
if (!$rr->executed()) {
throw new XMLRPCException(16);
}
$source_contents = $rr->get_response_body();
// encoding is converted into internal encoding.
// @todo check BOM at beginning of file before checking for a charset attribute
$habari_encoding = MultiByte::hab_encoding();
if (preg_match("/<meta[^>]+charset=([A-Za-z0-9\\-\\_]+)/i", $source_contents, $matches) !== FALSE && strtolower($habari_encoding) != strtolower($matches[1])) {
$ret = MultiByte::convert_encoding($source_contents, $habari_encoding, $matches[1]);
if ($ret !== FALSE) {
$source_contents = $ret;
}
}
// Find the page's title
preg_match('/<title>(.*)<\\/title>/is', $source_contents, $matches);
$source_title = $matches[1];
// Find the reciprocal links and their context
preg_match('/<body[^>]*>(.+)<\\/body>/is', $source_contents, $matches);
$source_contents_filtered = preg_replace('/\\s{2,}/is', ' ', strip_tags($matches[1], '<a>'));
if (!preg_match('%.{0,100}?<a[^>]*?href\\s*=\\s*("|\'|)' . $target_uri . '\\1[^>]*?' . '>(.+?)</a>.{0,100}%s', $source_contents_filtered, $source_excerpt)) {
throw new XMLRPCException(17);
}
/** Sanitize Data */
$source_excerpt = '...' . InputFilter::filter($source_excerpt[0]) . '...';
$source_title = InputFilter::filter($source_title);
$source_uri = InputFilter::filter($source_uri);
/* Sanitize the URL */
if (!empty($source_uri)) {
$parsed = InputFilter::parse_url($source_uri);
if ($parsed['is_relative']) {
// guess if they meant to use an absolute link
$parsed = InputFilter::parse_url('http://' . $source_uri);
if (!$parsed['is_error']) {
$source_uri = InputFilter::glue_url($parsed);
} else {
// disallow relative URLs
$source_uri = '';
}
}
if ($parsed['is_pseudo'] || $parsed['scheme'] !== 'http' && $parsed['scheme'] !== 'https') {
// allow only http(s) URLs
$source_uri = '';
} else {
// reconstruct the URL from the error-tolerant parsing
// http:moeffju.net/blog/ -> http://moeffju.net/blog/
$source_uri = InputFilter::glue_url($parsed);
}
}
// Add a new pingback comment
$pingback = new Comment(array('post_id' => $target_post->id, 'name' => $source_title, 'email' => '', 'url' => $source_uri, 'ip' => sprintf("%u", ip2long($_SERVER['REMOTE_ADDR'])), 'content' => $source_excerpt, 'status' => Comment::STATUS_UNAPPROVED, 'date' => HabariDateTime::date_create(), 'type' => Comment::PINGBACK));
$pingback->insert();
// Respond to the Pingback
return 'The pingback has been registered';
} catch (XMLRPCException $e) {
$e->output_fault_xml();
}
}
/**
* Save a user's comment to the database.
*
* @param object $user User whose comment is being saved.
*
* @return bool True for success, false for failure.
* @access public
*/
public static function saveComment($user)
{
// What record are we operating on?
if (!isset($_GET['id'])) {
return false;
}
if ($_REQUEST['commentId'] == 0) {
$searchObject = SearchObjectFactory::initSearchObject();
$query = 'local_ids_str_mv:"' . addcslashes($_GET['id'], '"') . '"';
$searchObject->disableLogging();
$searchObject->setQueryString($query);
$result = $searchObject->processSearch();
$searchObject->close();
if (PEAR::isError($result)) {
PEAR::raiseError($result->getMessage());
}
if ($result['response']['numFound'] == 0) {
$idArray = array($_GET['id']);
} else {
$idArray = $result['response']['docs'][0]["local_ids_str_mv"];
}
if ($_REQUEST['type'] == 1) {
$commentsByUser = new Comments();
$commentList = $commentsByUser->getComments($_REQUEST['recordId']);
foreach ($commentList as $comment) {
if ($comment->user_id == $user->id) {
return false;
}
}
}
$comments = new Comments();
$comments->user_id = $user->id;
$rating = isset($_REQUEST['rating']) ? (double) $_REQUEST['rating'] : 0;
$comments->rating = $rating > 0 && $rating <= 5 ? $rating : null;
$comments->comment = $_REQUEST['comment'];
$comments->type = $_REQUEST['type'];
$comments->created = date('Y-m-d H:i:s');
$comments->insert();
$comments->addLinks($idArray);
return true;
} else {
$comments = new Comments();
$comments->get($_REQUEST['commentId']);
if ($comments->user_id == $user->id) {
$comments->comment = $_REQUEST['comment'];
$comments->rating = $_REQUEST['rating'];
$comments->updated = date('Y-m-d H:i:s');
$comments->update();
return true;
}
return false;
}
}
public function add_template_vars()
{
$this->add_template('formcontrol_text', dirname(__FILE__) . '/forms/formcontrol_text.php', true);
$this->add_template('formcontrol_textarea', dirname(__FILE__) . '/forms/formcontrol_textarea.php', true);
$this->assign('recent_comments', Comments::get(array('limit' => 5, 'status' => Comment::STATUS_APPROVED, 'orderby' => 'date DESC')));
$this->assign('recent_posts', Posts::get(array('limit' => 5, 'orderby' => 'pubdate DESC', 'content_type' => 1, 'status' => 2)));
if ('' != Controller::get_var('tag')) {
$tag_text = DB::get_value('SELECT tag_text FROM {tags} WHERE tag_slug=?', array(Controller::get_var('tag')));
$this->assign('tag_text', $tag_text);
}
if (!$this->template_engine->assigned('pages')) {
$this->assign('pages', Posts::get(array('content_type' => 'page', 'status' => Post::status('published'), 'nolimit' => 1)));
}
if (!$this->template_engine->assigned('user')) {
$this->assign('user', User::identify());
}
if (!$this->template_engine->assigned('page')) {
$page = Controller::get_var('page');
$this->assign('page', isset($page) ? $page : 1);
}
parent::add_template_vars();
}
