function store($updateNulls = false)
{
if ($this->userid != 0 && empty($this->email)) {
$user = JCommentsFactory::getUser($this->userid);
$this->email = $user->email;
unset($user);
}
if (empty($this->lang)) {
$this->lang = JCommentsMultilingual::getLanguage();
}
$this->hash = $this->getHash();
return parent::store($updateNulls);
}
/**
* Subscribes user for new comments notifications for an object
*
* @param int $object_id The object identifier
* @param string $object_group The object group (component name)
* @param int $userid The registered user identifier
* @param string $email The user email (for guests only)
* @param string $name The user name (for guests only)
* @param string $lang The user language
* @return boolean True on success, false otherwise.
*/
function subscribe($object_id, $object_group, $userid, $email = '', $name = '', $lang = '')
{
$object_id = (int) $object_id;
$object_group = trim($object_group);
$userid = (int) $userid;
$result = false;
if ($lang == '') {
$lang = JCommentsMultilingual::getLanguage();
}
$db = JCommentsFactory::getDBO();
if ($userid != 0) {
$user = JCommentsFactory::getUser($userid);
$name = $user->name;
$email = $user->email;
unset($user);
}
$query = "SELECT * " . " FROM #__jcomments_subscriptions" . " WHERE object_id = " . (int) $object_id . " AND object_group = " . $db->Quote($object_group) . " AND email = " . $db->Quote($email) . (JCommentsMultilingual::isEnabled() ? " AND lang = " . $db->Quote($lang) : "");
$db->setQuery($query);
$rows = $db->loadObjectList();
require_once JCOMMENTS_TABLES . '/subscription.php';
if (count($rows) == 0) {
$subscription = new JCommentsTableSubscription($db);
$subscription->object_id = $object_id;
$subscription->object_group = $object_group;
$subscription->name = $name;
$subscription->email = $email;
$subscription->userid = $userid;
$subscription->lang = $lang;
$subscription->published = 1;
$subscription->store();
$result = true;
} else {
// if current user is registered, but already exists subscription
// on same email by guest - update subscription data
if ($userid > 0 && $rows[0]->userid == 0) {
$subscription = new JCommentsTableSubscription($db);
$subscription->id = $rows[0]->id;
$subscription->userid = $userid;
$subscription->lang = $lang;
$subscription->store();
$result = true;
} else {
$this->_errors[] = JText::_('ERROR_ALREADY_SUBSCRIBED');
}
}
if ($result) {
$cache = JCommentsFactory::getCache('com_jcomments_subscriptions_' . strtolower($object_group));
$cache->clean();
}
return $result;
}
function reportComment()
{
if (JCommentsSecurity::badRequest() == 1) {
JCommentsSecurity::notAuth();
}
$acl =& JCommentsFactory::getACL();
$db =& JCommentsFactory::getDBO();
$config =& JCommentsFactory::getConfig();
$response =& JCommentsFactory::getAjaxResponse();
$values = JCommentsAJAX::prepareValues($_POST);
$id = (int) $values['commentid'];
$reason = trim(strip_tags($values['reason']));
$name = trim(strip_tags($values['name']));
$ip = $acl->getUserIP();
if ($reason == '') {
JCommentsAJAX::showErrorMessage(JText::_('Please enter the reason for your report!'), '', 'comments-report-form');
return $response;
}
$query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id;
if ($acl->getUserId()) {
$query .= ' AND userid = ' . $acl->getUserId();
} else {
$query .= ' AND ip = "' . $ip . '"';
}
$db->setQuery($query);
$reported = $db->loadResult();
if (!$reported) {
$query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id;
$db->setQuery($query);
$reported = $db->loadResult();
if (!$reported) {
$comment = new JCommentsDB($db);
if ($comment->load($id)) {
if ($acl->canReport($comment)) {
$allowed = true;
if ($config->getInt('enable_mambots') == 1) {
require_once JCOMMENTS_HELPERS . DS . 'plugin.php';
JCommentsPluginHelper::importPlugin('jcomments');
JCommentsPluginHelper::trigger('onReportComment', array(&$comment, &$response, &$allowed, &$value));
}
if ($allowed !== false) {
if ($acl->getUserId()) {
$user = JCommentsFactory::getUser();
$name = $user->name;
} else {
if ($name == '') {
$name = JText::_('Guest');
}
}
$query = "INSERT INTO `#__jcomments_reports`(`commentid`,`userid`, `name`,`ip`,`date`,`reason`)" . "VALUES('" . $comment->id . "', '" . $acl->getUserId() . "', '" . $db->getEscaped($name) . "', '" . $db->getEscaped($ip) . "', now(), '" . $db->getEscaped($reason) . "')";
$db->setQuery($query);
$db->query();
if ($config->getInt('enable_notification') == 1) {
if ($config->check('notification_type', 2)) {
$comment->datetime = $comment->date;
if (is_string($comment->datetime)) {
$comment->datetime = strtotime($comment->datetime);
}
JComments::sendReport($comment, $name, $reason);
}
}
$html = JText::_('Report successfully sent!');
$html = str_replace("\n", '\\n', $html);
$html = str_replace('\\n', '<br />', $html);
$html = JCommentsText::jsEscape($html);
$response->addScript("jcomments.closeReport('{$html}');");
}
} else {
JCommentsAJAX::showErrorMessage(JText::_('You have no rights to report comment!'), '', 'comments-report-form');
}
} else {
$response->addAlert(JText::_('ERROR_NOT_FOUND'));
}
unset($comment);
} else {
JCommentsAJAX::showErrorMessage(JText::_('Comment already reported to the site administrator'), '', 'comments-report-form');
}
} else {
JCommentsAJAX::showErrorMessage(JText::_('You can\'t report the same comment more than once!'), '', 'comments-report-form');
}
return $response;
}
function replace($str)
{
ob_start();
$config = JCommentsFactory::getConfig();
$app = JCommentsFactory::getApplication('site');
$patterns = array();
$replacements = array();
// B
$patterns[] = '/\\[b\\](.*?)\\[\\/b\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<strong>\\1</strong>';
// I
$patterns[] = '/\\[i\\](.*?)\\[\\/i\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<em>\\1</em>';
// U
$patterns[] = '/\\[u\\](.*?)\\[\\/u\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<u>\\1</u>';
// S
$patterns[] = '/\\[s\\](.*?)\\[\\/s\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<del>\\1</del>';
// SUP
$patterns[] = '/\\[sup\\](.*?)\\[\\/sup\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<sup>\\1</sup>';
// SUB
$patterns[] = '/\\[sub\\](.*?)\\[\\/sub\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<sub>\\1</sub>';
// URL (local)
$liveSite = $app->getCfg('live_site');
$patterns[] = '#\\[url\\](' . preg_quote($liveSite, '#') . '[^\\s<\\"\']*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<a href="\\1" target="_blank">\\1</a>';
$patterns[] = '#\\[url=(' . preg_quote($liveSite, '#') . '[^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<a href="\\1" target="_blank">\\2</a>';
$patterns[] = '/\\[url=(\\#|\\/)([^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<a href="\\1\\2" target="_blank">\\3</a>';
// URL (external)
$patterns[] = '#\\[url\\](http:\\/\\/)?([^\\s<\\"\']*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<a href="http://\\2" rel="external nofollow" target="_blank">\\2</a>';
$patterns[] = '/\\[url=([a-z]*\\:\\/\\/)([^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<a href="\\1\\2" rel="external nofollow" target="_blank">\\3</a>';
$patterns[] = '/\\[url=([^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]/i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<a href="http://\\1" rel="external nofollow" target="_blank">\\2</a>';
$patterns[] = '#\\[url\\](.*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '\\1';
// EMAIL
$patterns[] = '#\\[email\\]([^\\s\\<\\>\\(\\)\\"\'\\[\\]]*?)\\[\\/email\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '\\1';
// IMG
$patterns[] = '#\\[img\\](http:\\/\\/)?([^\\s\\<\\>\\(\\)\\"\']*?)\\[\\/img\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '<img class="img" src="http://\\2" alt="" border="0" />';
$patterns[] = '#\\[img\\](.*?)\\[\\/img\\]#i' . JCOMMENTS_PCRE_UTF8;
$replacements[] = '\\1';
// HIDE
$patterns[] = '/\\[hide\\](.*?)\\[\\/hide\\]/i' . JCOMMENTS_PCRE_UTF8;
$user = JCommentsFactory::getUser();
if ($user->id) {
$replacements[] = '\\1';
} else {
$replacements[] = '<span class="hidden">' . JText::_('BBCODE_MESSAGE_HIDDEN_TEXT') . '</span>';
}
// CODE
$geshiEnabled = $config->getInt('enable_geshi', 0);
$codePattern = '#\\[code\\=?([a-z0-9]*?)\\](.*?)\\[\\/code\\]#ism' . JCOMMENTS_PCRE_UTF8;
$geshiLibrary = '';
if (JCOMMENTS_JVERSION == '1.0') {
global $mainframe;
$geshiLibrary = $mainframe->getCfg('absolute_path') . '/mambots/content/geshi/geshi.php';
} else {
if (JCOMMENTS_JVERSION == '1.5') {
$geshiLibrary = JPATH_SITE . '/libraries/geshi/geshi.php';
} else {
if (JCOMMENTS_JVERSION == '1.7') {
$geshiLibrary = JPATH_SITE . '/plugins/content/geshi/geshi/geshi.php';
}
}
}
$geshiEnabled = $geshiEnabled && is_file($geshiLibrary);
if ($geshiEnabled) {
require_once $geshiLibrary;
if (!function_exists('jcommentsProcessGeSHi')) {
function jcommentsProcessGeSHi($matches)
{
$lang = $matches[1] != '' ? $matches[1] : 'php';
$text = $matches[2];
$html_entities_match = array('#\\<br \\/\\>#', "#<#", "#>#", "|'|", '#"#', '# #');
$html_entities_replace = array("\n", '<', '>', "'", '"', ' ');
$text = preg_replace($html_entities_match, $html_entities_replace, $text);
$text = preg_replace('#(\\r|\\n)*?$#ism', '', $text);
$text = str_replace('<', '<', $text);
$text = str_replace('>', '>', $text);
$geshi = new GeSHi($text, $lang);
$text = $geshi->parse_code();
return '[code]' . $text . '[/code]';
}
}
$patterns[] = $codePattern;
$replacements[] = '<span class="code">' . JText::_('COMMENT_TEXT_CODE') . '</span>\\2';
$str = preg_replace_callback($codePattern, 'jcommentsProcessGeSHi', $str);
} else {
$patterns[] = $codePattern;
$replacements[] = '<span class="code">' . JText::_('COMMENT_TEXT_CODE') . '</span><code>\\2</code>';
if (!function_exists('jcommentsProcessCode')) {
function jcommentsProcessCode($matches)
{
$text = htmlspecialchars(trim($matches[0]));
$text = str_replace("\r", '', $text);
$text = str_replace("\n", '<br />', $text);
return $text;
}
}
$str = preg_replace_callback($codePattern, 'jcommentsProcessCode', $str);
}
$str = preg_replace($patterns, $replacements, $str);
// QUOTE
$quotePattern = '#\\[quote\\s?name=\\"([^\\"\'\\<\\>\\(\\)]*?)\\"\\](<br\\s?\\/?\\>)*?(.*?)(<br\\s?\\/?\\>)*\\[\\/quote\\](<br\\s?\\/?\\>)*?#ism' . JCOMMENTS_PCRE_UTF8;
$quoteReplace = '<span class="quote">' . JText::sprintf('COMMENT_TEXT_QUOTE_EXTENDED', '\\1') . '</span><blockquote><div>\\3</div></blockquote>';
while (preg_match($quotePattern, $str)) {
$str = preg_replace($quotePattern, $quoteReplace, $str);
}
$quotePattern = '#\\[quote[^\\]]*?\\](<br\\s?\\/?\\>)*([^\\[]+)(<br\\s?\\/?\\>)*\\[\\/quote\\](<br\\s?\\/?\\>)*?#ismU' . JCOMMENTS_PCRE_UTF8;
$quoteReplace = '<span class="quote">' . JText::_('COMMENT_TEXT_QUOTE') . '</span><blockquote><div>\\2</div></blockquote>';
while (preg_match($quotePattern, $str)) {
$str = preg_replace($quotePattern, $quoteReplace, $str);
}
// LIST
$matches = array();
$matchCount = preg_match_all('#\\[list\\](<br\\s?\\/?\\>)*(.*?)(<br\\s?\\/?\\>)*\\[\\/list\\]#i' . JCOMMENTS_PCRE_UTF8, $str, $matches);
for ($i = 0; $i < $matchCount; $i++) {
$textBefore = preg_quote($matches[2][$i]);
$textAfter = preg_replace('#(<br\\s?\\/?\\>)*\\[\\*\\](<br\\s?\\/?\\>)*#is' . JCOMMENTS_PCRE_UTF8, "</li><li>", $matches[2][$i]);
$textAfter = preg_replace("#^</?li>#" . JCOMMENTS_PCRE_UTF8, "", $textAfter);
$textAfter = str_replace("\n</li>", "</li>", $textAfter . "</li>");
$str = preg_replace('#\\[list\\](<br\\s?\\/?\\>)*' . $textBefore . '(<br\\s?\\/?\\>)*\\[/list\\]#is' . JCOMMENTS_PCRE_UTF8, "<ul>{$textAfter}</ul>", $str);
}
$matches = array();
$matchCount = preg_match_all('#\\[list=(a|A|i|I|1)\\](<br\\s?\\/?\\>)*(.*?)(<br\\s?\\/?\\>)*\\[\\/list\\]#is' . JCOMMENTS_PCRE_UTF8, $str, $matches);
for ($i = 0; $i < $matchCount; $i++) {
$textBefore = preg_quote($matches[3][$i]);
$textAfter = preg_replace('#(<br\\s?\\/?\\>)*\\[\\*\\](<br\\s?\\/?\\>)*#is' . JCOMMENTS_PCRE_UTF8, "</li><li>", $matches[3][$i]);
$textAfter = preg_replace("#^</?li>#" . JCOMMENTS_PCRE_UTF8, '', $textAfter);
$textAfter = str_replace("\n</li>", "</li>", $textAfter . "</li>");
$str = preg_replace('#\\[list=(a|A|i|I|1)\\](<br\\s?\\/?\\>)*' . $textBefore . '(<br\\s?\\/?\\>)*\\[/list\\]#is' . JCOMMENTS_PCRE_UTF8, "<ol type=\\1>{$textAfter}</ol>", $str);
}
$str = preg_replace('#\\[\\/?(b|i|u|s|sup|sub|url|img|list|quote|code|hide)\\]#i' . JCOMMENTS_PCRE_UTF8, '', $str);
unset($matches);
ob_end_clean();
return $str;
}
/**
* Subscribes user for new comments notifications for an object
*
* @param int $object_id The object identifier
* @param string $object_group The object group (component name)
* @param int $userid The registered user identifier
* @param string $email The user email (for guests only)
* @param string $name The user name (for guests only)
* @return boolean True on success, false otherwise.
*/
function subscribe($object_id, $object_group, $userid, $email = '', $name = '', $lang = '')
{
$object_id = (int) $object_id;
$object_group = trim($object_group);
$userid = (int) $userid;
if ($lang == '') {
$lang = JCommentsMultilingual::getLanguage();
}
$dbo =& JCommentsFactory::getDBO();
if ($userid != 0) {
$user = JCommentsFactory::getUser($userid);
$name = $user->name;
$email = $user->email;
unset($user);
}
$query = "SELECT * " . "\nFROM #__jcomments_subscriptions" . "\nWHERE object_id = " . (int) $object_id . "\nAND object_group = '" . $dbo->getEscaped($object_group) . "'" . "\nAND email = '" . $dbo->getEscaped($email) . "'" . (JCommentsMultilingual::isEnabled() ? "\nAND lang = '" . $lang . "'" : "");
$dbo->setQuery($query);
$rows = $dbo->loadObjectList();
if (count($rows) == 0) {
$subscription = new JCommentsSubscriptionsDB($dbo);
$subscription->object_id = $object_id;
$subscription->object_group = $object_group;
$subscription->name = $name;
$subscription->email = $email;
$subscription->userid = $userid;
$subscription->hash = JCommentsSubscriptionManager::getHash($object_id, $object_group, $userid, $email, $lang);
$subscription->lang = $lang;
$subscription->published = 1;
$subscription->store();
return true;
} else {
// if current user is registered, but already exists subscription
// on same email by guest - update subscription data
if ($userid > 0 && $rows[0]->userid == 0) {
$subscription = new JCommentsSubscriptionsDB($dbo);
$subscription->id = $rows[0]->id;
$subscription->userid = $userid;
$subscription->lang = $lang;
$subscription->hash = JCommentsSubscriptionManager::getHash($object_id, $object_group, $userid, $email, $lang);
$subscription->store();
return true;
} else {
$this->_errors[] = JText::_('Already subscribed');
}
}
return false;
}
public static function save()
{
JCommentsSecurity::checkToken();
$task = JCommentsInput::getVar('task');
$id = (int) JCommentsInput::getVar('id', 0);
$db = JCommentsFactory::getDBO();
$row = new JCommentsTableBlacklist($db);
if ($id) {
$row->load($id);
} else {
$user = JCommentsFactory::getUser();
$row->created_by = $user->id;
$row->created = JCommentsFactory::getDate();
}
$row->ip = preg_replace('#[^0-9\\.\\*]#', '', trim(strip_tags(JCommentsInput::getVar('ip'))));
$row->reason = trim(strip_tags(JCommentsInput::getVar('reason')));
$row->notes = trim(strip_tags(JCommentsInput::getVar('notes')));
if (empty($row->notes) && !empty($row->reason)) {
$row->notes = $row->reason;
}
if ($row->ip == $_SERVER['REMOTE_ADDR']) {
JError::raiseWarning(500, JText::_('A_BLACKLIST_ERROR_YOU_CAN_NOT_BAN_YOUR_IP'));
} else {
$row->store();
}
$row->checkin();
switch ($task) {
case 'blacklist.apply':
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=blacklist.edit&hidemainmenu=1&cid[]=' . $row->id);
break;
case 'blacklist.save':
default:
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=blacklist');
break;
}
}
public static function sendReport(&$comment, $name, $reason = '')
{
$app = JCommentsFactory::getApplication('site');
$user = JCommentsFactory::getUser();
$config = JCommentsFactory::getConfig();
if ($config->get('notification_email') != '') {
$objectInfo = JCommentsObjectHelper::getObjectInfo($comment->object_id, $comment->object_group, $comment->lang);
$commentText = $comment->comment;
$bbcode = JCommentsFactory::getBBCode();
$txt = JCommentsText::censor($comment->comment);
$txt = $bbcode->replace($txt);
if ($config->getInt('enable_custom_bbcode')) {
$customBBCode = JCommentsFactory::getCustomBBCode();
// TODO: add control for replacement mode from CustomBBCode parameters
$txt = $customBBCode->replace($txt, true);
}
$comment->comment = trim(preg_replace('/(\\s){2,}/i', '\\1', $txt));
$comment->author = JComments::getCommentAuthorName($comment);
$tmpl = JCommentsFactory::getTemplate($comment->object_id, $comment->object_group);
$tmpl->load('tpl_email_report');
$tmpl->addVar('tpl_email_report', 'comment-object_title', $objectInfo->title);
$tmpl->addVar('tpl_email_report', 'comment-object_link', JCommentsFactory::getAbsLink($objectInfo->link));
$tmpl->addVar('tpl_email_report', 'report-name', $name);
$tmpl->addVar('tpl_email_report', 'report-reason', $reason);
$tmpl->addVar('tpl_email_report', 'quick-moderation', $config->getInt('enable_quick_moderation'));
$tmpl->addVar('tpl_email_report', 'enable-blacklist', $config->getInt('enable_blacklist'));
$tmpl->addObject('tpl_email_report', 'comment', $comment);
$message = $tmpl->renderTemplate('tpl_email_report');
$tmpl->freeTemplate('tpl_email_report');
$subject = JText::sprintf('REPORT_NOTIFICATION_SUBJECT', $comment->author);
if (isset($subject) && isset($message)) {
$emails = explode(',', $config->get('notification_email'));
$mailFrom = $app->getCfg('mailfrom');
$fromName = $app->getCfg('fromname');
foreach ($emails as $email) {
$email = trim((string) $email);
// don't send notification to message author
if ($user->email != $email) {
JCommentsMail::send($mailFrom, $fromName, $email, $subject, $message, true);
}
}
}
unset($emails, $objectInfo);
$comment->comment = $commentText;
}
}
public static function save()
{
JCommentsSecurity::checkToken();
$task = JCommentsInput::getVar('task');
$id = (int) JCommentsInput::getVar('id', 0);
$bbcode = JCommentsFactory::getBBCode();
$db = JCommentsFactory::getDBO();
$row = new JCommentsTableComment($db);
if ($row->load($id)) {
$prevPublished = $row->published;
$row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage')));
$row->email = trim(strip_tags(JCommentsInput::getVar('email')));
$row->title = trim(strip_tags(JCommentsInput::getVar('title')));
$row->comment = trim(strip_tags(JCommentsInput::getVar('comment')));
$row->published = (int) JCommentsInput::getVar('published');
if ($row->userid == 0) {
$row->name = strip_tags(JCommentsInput::getVar('name'));
$row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name);
if ($row->username != $row->name) {
$row->username = $row->name;
}
$row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username);
} else {
if ($row->name == '' || $row->username == '' || $row->email == '') {
$user = JCommentsFactory::getUser($row->userid);
$row->name = $row->name == '' ? $user->name : $row->name;
$row->username = $row->username == '' ? $user->username : $row->username;
$row->email = $row->email == '' ? $user->email : $row->email;
}
}
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$row->title = stripslashes($row->title);
$row->comment = stripslashes($row->comment);
}
$row->comment = JCommentsText::nl2br($row->comment);
$row->comment = $bbcode->filter($row->comment);
$row->store();
$row->checkin();
// send notification to comment subscribers
if ($row->published && $prevPublished != $row->published) {
// TODO: add separate message for just published comments
include_once JCOMMENTS_BASE . '/jcomments.php';
$language = JCommentsFactory::getLanguage();
$language->load('com_jcomments', JOOMLATUNE_JPATH_SITE, $row->lang);
JComments::sendToSubscribers($row, true);
}
$cache = JCommentsFactory::getCache('com_jcomments');
$cache->clean();
$cache = JCommentsFactory::getCache($row->object_group);
$cache->clean();
}
switch ($task) {
case 'comments.apply':
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments.edit&hidemainmenu=1&cid[]=' . $row->id);
break;
case 'comments.save':
default:
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments');
break;
}
}
public static function reportComment()
{
if (JCommentsSecurity::badRequest() == 1) {
JCommentsSecurity::notAuth();
}
$acl = JCommentsFactory::getACL();
$db = JCommentsFactory::getDBO();
$config = JCommentsFactory::getConfig();
$response = JCommentsFactory::getAjaxResponse();
$values = self::prepareValues($_POST);
$id = (int) $values['commentid'];
$reason = trim(strip_tags($values['reason']));
$name = trim(strip_tags($values['name']));
$ip = $acl->getUserIP();
if (empty($reason)) {
if ($config->getInt('report_reason_required') == 1) {
self::showErrorMessage(JText::_('ERROR_NO_REASON_FOR_REPORT'), '', 'comments-report-form');
return $response;
} else {
$reason = JText::_('REPORT_REASON_UNKNOWN_REASON');
}
}
$query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id;
if ($acl->getUserId()) {
$query .= ' AND userid = ' . $acl->getUserId();
} else {
$query .= ' AND userid = 0 AND ip = "' . $ip . '"';
}
$db->setQuery($query);
$reported = $db->loadResult();
if (!$reported) {
$maxReportsPerComment = $config->getInt('reports_per_comment', 1);
$maxReportsBeforeUnpublish = $config->getInt('reports_before_unpublish', 0);
$db->setQuery('SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id);
$reported = $db->loadResult();
if ($reported < $maxReportsPerComment || $maxReportsPerComment == 0) {
$comment = new JCommentsTableComment($db);
if ($comment->load($id)) {
if ($acl->canReport($comment)) {
if ($acl->getUserId()) {
$user = JCommentsFactory::getUser();
$name = $user->name;
} else {
if (empty($name)) {
$name = 'Guest';
// JText::_('Guest');
}
}
require_once JCOMMENTS_TABLES . '/report.php';
$report = new JCommentsTableReport($db);
$report->commentid = $comment->id;
$report->date = JCommentsFactory::getDate();
$report->userid = $acl->getUserId();
$report->ip = $ip;
$report->name = $name;
$report->reason = $reason;
$html = '';
$result = JCommentsEvent::trigger('onJCommentsCommentBeforeReport', array(&$comment, &$report));
if (!in_array(false, $result, true)) {
if ($report->store()) {
JCommentsEvent::trigger('onJCommentsCommentAfterReport', array(&$comment, $report));
if ($config->getInt('enable_notification') == 1) {
if ($config->check('notification_type', 2)) {
JComments::sendReport($comment, $name, $reason);
}
}
// unpublish comment if reports count is enough
if ($maxReportsBeforeUnpublish > 0 && $reported >= $maxReportsBeforeUnpublish) {
$comment->published = 0;
$comment->store();
}
$html = JText::_('REPORT_SUCCESSFULLY_SENT');
$html = str_replace("\n", '\\n', $html);
$html = str_replace('\\n', '<br />', $html);
$html = JCommentsText::jsEscape($html);
}
}
$response->addScript("jcomments.closeReport('{$html}');");
} else {
self::showErrorMessage(JText::_('ERROR_YOU_HAVE_NO_RIGHTS_TO_REPORT'), '', 'comments-report-form');
}
} else {
$response->addAlert(JText::_('ERROR_NOT_FOUND'));
}
} else {
self::showErrorMessage(JText::_('ERROR_COMMENT_ALREADY_REPORTED'), '', 'comments-report-form');
}
} else {
self::showErrorMessage(JText::_('ERROR_YOU_CAN_NOT_REPORT_THE_SAME_COMMENT_MORE_THAN_ONCE'), '', 'comments-report-form');
}
return $response;
}
public static function showUserComments()
{
$config = JCommentsFactory::getConfig();
if ($config->get('enable_rss') == '1') {
$app = JCommentsFactory::getApplication('site');
$acl = JCommentsFactory::getACL();
$userid = (int) JCommentsInput::getVar('userid', 0);
$limit = (int) JCommentsInput::getVar('limit', $config->getInt('feed_limit', 100));
$user = JCommentsFactory::getUser($userid);
if (!isset($user->id)) {
self::showNotFound();
return;
}
if (JCOMMENTS_JVERSION == '1.0') {
$offset = $app->getCfg('offset') + date('O') / 100;
} else {
$offset = $app->getCfg('offset');
}
$lm = $limit != $config->getInt('feed_limit') ? '&limit=' . $limit : '';
if (JCommentsMultilingual::isEnabled()) {
$language = JCommentsMultilingual::getLanguage();
$lp = '&lang=' . $language;
} else {
$language = null;
$lp = '';
}
if (JCOMMENTS_JVERSION == '1.0') {
$syndicationURL = $app->getCfg('live_site') . '/index2.php?option=com_jcomments&task=rss_user&userid=' . $userid . $lm . $lp . '&no_html=1';
} else {
$liveSite = str_replace(JURI::root(true), '', $app->getCfg('live_site'));
$syndicationURL = $liveSite . JRoute::_('index.php?option=com_jcomments&task=rss_user&userid=' . $userid . $lm . $lp . '&tmpl=raw');
}
$user->userid = $user->id;
$username = JComments::getCommentAuthorName($user);
$rss = new JoomlaTuneFeed();
$rss->setOffset($offset);
$rss->encoding = JCOMMENTS_ENCODING;
$rss->title = JText::sprintf('USER_FEED_TITLE', $username);
$rss->link = $app->getCfg('live_site');
$rss->syndicationURL = $syndicationURL;
$rss->description = JText::sprintf('USER_FEED_DESCRIPTION', $username);
$options = array();
$options['lang'] = $language;
$options['userid'] = $userid;
$options['published'] = 1;
$options['filter'] = 'c.deleted = 0';
$options['orderBy'] = 'c.date DESC';
$options['votes'] = false;
$options['limit'] = $limit;
$options['limitStart'] = 0;
$options['objectinfo'] = true;
$options['access'] = $acl->getUserAccess();
$rows = JCommentsModel::getCommentsList($options);
$word_maxlength = $config->getInt('word_maxlength');
$lang = JCommentsMultilingual::isEnabled() ? JCommentsMultilingual::getLanguage() : null;
foreach ($rows as $row) {
$comment = JCommentsText::cleanText($row->comment);
if ($comment != '') {
// getting object's information (title and link)
$object_title = empty($row->object_title) ? JCommentsObjectHelper::getTitle($row->object_id, $row->object_group, $lang) : $row->object_title;
$object_link = empty($row->object_link) ? JCommentsObjectHelper::getLink($row->object_id, $row->object_group, $lang) : $row->object_link;
$object_link = JCommentsFactory::getAbsLink(str_replace('amp;', '', $object_link));
// apply censor filter
$object_title = JCommentsText::censor($object_title);
$comment = JCommentsText::censor($comment);
// fix long words problem
if ($word_maxlength > 0) {
$comment = JCommentsText::fixLongWords($comment, $word_maxlength, ' ');
if ($object_title != '') {
$object_title = JCommentsText::fixLongWords($object_title, $word_maxlength, ' ');
}
}
$author = JComments::getCommentAuthorName($row);
$item = new JoomlaTuneFeedItem();
$item->title = $object_title;
$item->link = $object_link . '#comment-' . $row->id;
$item->description = JText::sprintf('USER_FEED_ITEM_DESCRIPTION', $author, $comment);
$item->source = $object_link;
if (JCOMMENTS_JVERSION == '1.0') {
$date = strtotime((string) $row->date) - $offset * 3600;
$item->pubDate = date('Y-m-d H:i:s', $date);
} else {
$item->pubDate = $row->date;
}
$item->author = $author;
$rss->addItem($item);
}
}
$rss->display();
unset($rows, $rss);
exit;
}
}
function getCommentsForm($object_id, $object_group, $showForm = true)
{
global $my;
$object_id = (int) $object_id;
$object_group = trim($object_group);
$tmpl =& JCommentsFactory::getTemplate($object_id, $object_group);
$tmpl->load('tpl_form');
$acl =& JCommentsFactory::getACL();
$config =& JCommentsFactory::getConfig();
if ($acl->canComment()) {
if ($config->getInt('comments_locked', 0) == 1) {
$message = $config->get('message_locked');
if ($message != '') {
$message = preg_replace('/(\\n|\\r)+/', '<br />', stripslashes($message));
} else {
$message = JText::_('ERROR_CANT_COMMENT');
}
$tmpl->addVar('tpl_form', 'comments-form-message', 1);
$tmpl->addVar('tpl_form', 'comments-form-message-header', JText::_('FORM_HEADER'));
$tmpl->addVar('tpl_form', 'comments-form-message-text', $message);
$result = $tmpl->renderTemplate('tpl_form');
return $result;
}
if ($acl->check('enable_captcha') == 1) {
$captchaEngine = $config->get('captcha_engine', 'kcaptcha');
if ($captchaEngine != 'kcaptcha') {
if ($config->getInt('enable_mambots') == 1) {
require_once JCOMMENTS_HELPERS . DS . 'plugin.php';
JCommentsPluginHelper::importPlugin('jcomments');
JCommentsPluginHelper::trigger('onJCommentsCaptchaJavaScript');
}
}
}
if (!$showForm) {
$tmpl->addVar('tpl_form', 'comments-form-link', 1);
$result = $tmpl->renderTemplate('tpl_form');
return $result;
} else {
if ($config->getInt('form_show') != 1) {
$tmpl->addVar('tpl_form', 'comments-form-ajax', 1);
}
}
if ($config->getInt('enable_mambots') == 1) {
require_once JCOMMENTS_HELPERS . DS . 'plugin.php';
JCommentsPluginHelper::importPlugin('jcomments');
$htmlBeforeForm = JCommentsPluginHelper::trigger('onJCommentsBeforeFormDisplayed');
$htmlAfterForm = JCommentsPluginHelper::trigger('onJCommentsAfterFormDisplayed');
$tmpl->addVar('tpl_form', 'comments-form-html-before', implode("\n", $htmlBeforeForm));
$tmpl->addVar('tpl_form', 'comments-form-html-after', implode("\n", $htmlAfterForm));
}
$policy = $config->get('message_policy_post');
if ($policy != '' && $acl->check('show_policy')) {
$policy = preg_replace('/(\\n|\\r)+/', '<br />', stripslashes($policy));
$tmpl->addVar('tpl_form', 'comments-form-policy', 1);
$tmpl->addVar('tpl_form', 'comments-policy', $policy);
}
if ($my->id) {
$currentUser = JCommentsFactory::getUser($my->id);
$my->name = $currentUser->name;
unset($currentUser);
}
$tmpl->addObject('tpl_form', 'user', $my);
if ($config->getInt('enable_smiles') == 1 && is_array($config->get('smiles'))) {
$tmpl->addVar('tpl_form', 'comment-form-smiles', $config->get('smiles'));
}
$bbcode =& JCommentsFactory::getBBCode();
if ($bbcode->enabled()) {
$tmpl->addVar('tpl_form', 'comments-form-bbcode', 1);
foreach ($bbcode->getCodes() as $code) {
$tmpl->addVar('tpl_form', 'comments-form-bbcode-' . $code, $bbcode->canUse($code));
}
}
if ($config->getInt('enable_custom_bbcode')) {
$customBBCode =& JCommentsFactory::getCustomBBCode();
if ($customBBCode->enabled()) {
$tmpl->addVar('tpl_form', 'comments-form-custombbcodes', $customBBCode->codes);
}
}
$username_maxlength = $config->getInt('username_maxlength');
if ($username_maxlength <= 0 || $username_maxlength > 255) {
$username_maxlength = 255;
}
$tmpl->addVar('tpl_form', 'comment-name-maxlength', $username_maxlength);
if ($config->getInt('show_commentlength') == 1 && $acl->check('enable_comment_length_check')) {
$tmpl->addVar('tpl_form', 'comments-form-showlength-counter', 1);
$tmpl->addVar('tpl_form', 'comment-maxlength', $config->getInt('comment_maxlength'));
} else {
$tmpl->addVar('tpl_form', 'comment-maxlength', 0);
}
if ($acl->check('enable_captcha') == 1) {
$tmpl->addVar('tpl_form', 'comments-form-captcha', 1);
$captchaEngine = $config->get('captcha_engine', 'kcaptcha');
if ($captchaEngine == 'kcaptcha') {
// TODO
} else {
if ($config->getInt('enable_mambots') == 1) {
$captchaHTML = JCommentsPluginHelper::trigger('onJCommentsCaptchaDisplay');
$tmpl->addVar('tpl_form', 'comments-form-captcha-html', implode("\n", $captchaHTML));
}
}
}
$canSubscribe = $acl->check('enable_subscribe');
if ($my->id && $acl->check('enable_subscribe')) {
require_once JCOMMENTS_BASE . DS . 'jcomments.subscription.php';
$manager =& JCommentsSubscriptionManager::getInstance();
$canSubscribe = $canSubscribe && !$manager->isSubscribed($object_id, $object_group, $my->id);
}
$tmpl->addVar('tpl_form', 'comments-form-subscribe', (int) $canSubscribe);
$tmpl->addVar('tpl_form', 'comments-form-user-name', $my->id ? 0 : 1);
$tmpl->addVar('tpl_form', 'comments-form-email-required', 0);
switch ($config->getInt('author_email')) {
case 2:
if (!$my->id) {
$tmpl->addVar('tpl_form', 'comments-form-email-required', 1);
$tmpl->addVar('tpl_form', 'comments-form-user-email', 1);
} else {
$tmpl->addVar('tpl_form', 'comments-form-user-email', 0);
}
break;
case 1:
if (!$my->id) {
$tmpl->addVar('tpl_form', 'comments-form-user-email', 1);
} else {
$tmpl->addVar('tpl_form', 'comments-form-user-email', 0);
}
break;
case 0:
default:
$tmpl->addVar('tpl_form', 'comments-form-user-email', 0);
if (!$my->id) {
$tmpl->addVar('tpl_form', 'comments-form-subscribe', 0);
}
break;
}
$tmpl->addVar('tpl_form', 'comments-form-homepage-required', 0);
switch ($config->getInt('author_homepage')) {
case 3:
$tmpl->addVar('tpl_form', 'comments-form-homepage-required', 1);
$tmpl->addVar('tpl_form', 'comments-form-user-homepage', 1);
break;
case 2:
if (!$my->id) {
$tmpl->addVar('tpl_form', 'comments-form-homepage-required', 1);
}
$tmpl->addVar('tpl_form', 'comments-form-user-homepage', 1);
break;
case 1:
$tmpl->addVar('tpl_form', 'comments-form-user-homepage', 1);
break;
case 0:
default:
$tmpl->addVar('tpl_form', 'comments-form-user-homepage', 0);
break;
}
$tmpl->addVar('tpl_form', 'comments-form-title-required', 0);
switch ($config->getInt('comment_title')) {
case 3:
$tmpl->addVar('tpl_form', 'comments-form-title-required', 1);
$tmpl->addVar('tpl_form', 'comments-form-title', 1);
break;
case 1:
$tmpl->addVar('tpl_form', 'comments-form-title', 1);
break;
case 0:
default:
$tmpl->addVar('tpl_form', 'comments-form-title', 0);
break;
}
$result = $tmpl->renderTemplate('tpl_form');
return $result;
} else {
$message = $config->get('message_policy_whocancomment');
if ($message != '') {
$header = JText::_('FORM_HEADER');
$message = preg_replace('/(\\n|\\r)+/', '<br />', stripslashes($message));
} else {
$header = '';
$message = '';
}
$tmpl->addVar('tpl_form', 'comments-form-message', 1);
$tmpl->addVar('tpl_form', 'comments-form-message-header', $header);
$tmpl->addVar('tpl_form', 'comments-form-message-text', $message);
return $tmpl->renderTemplate('tpl_form');
}
}
function save()
{
$task = JCommentsInput::getVar('task');
$id = (int) JCommentsInput::getVar('id', 0);
$bbcode =& JCommentsFactory::getBBCode();
$db =& JCommentsFactory::getDBO();
$row = new JCommentsDB($db);
if ($row->load($id)) {
$row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage')));
$row->email = trim(strip_tags(JCommentsInput::getVar('email')));
$row->title = trim(strip_tags(JCommentsInput::getVar('title')));
$row->comment = JCommentsInput::getVar('comment');
$row->published = (int) JCommentsInput::getVar('published');
if ($row->userid == 0) {
$row->name = strip_tags(JCommentsInput::getVar('name'));
$row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name);
if ($row->username != $row->name) {
$row->username = $row->name;
}
$row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username);
} else {
if ($row->name == '' || $row->username == '' || $row->email == '') {
$user = JCommentsFactory::getUser($row->userid);
$row->name = $row->name == '' ? $user->name : $row->name;
$row->username = $row->username == '' ? $user->username : $row->username;
$row->email = $row->email == '' ? $user->email : $row->email;
}
}
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$row->title = stripslashes($row->title);
$row->comment = stripslashes($row->comment);
}
$row->comment = JCommentsText::nl2br($row->comment);
$row->comment = $bbcode->filter($row->comment);
$row->store();
$row->checkin();
JCommentsCache::cleanCache('com_jcomments');
JCommentsCache::cleanCache($row->object_group);
}
switch ($task) {
case 'apply':
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=edit&hidemainmenu=1&cid[]=' . $row->id);
break;
case 'save':
default:
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments');
break;
}
}
function check($str)
{
global $my;
if (isset($str)) {
if (!isset($my)) {
$my =& JCommentsFactory::getUser();
}
$list = explode(',', $str);
if (isset($my->groups)) {
if (array_intersect($my->groups, $list)) {
return 1;
}
}
for ($i = 0, $n = count($list); $i < $n; $i++) {
if ($my->id != 0 && $my->usertype == $list[$i]) {
return 1;
} else {
if ($my->id == 0 && $list[$i] == 'Unregistered') {
return 1;
}
}
}
}
return 0;
}
