if ($url_c == $next) {
//echo "$state to url\n";
$state = 'url';
}
$tmp .= $url_c;
} else {
if ($c == '}') {
//echo "$state to out\n";
$state = 'out';
}
}
}
break;
case 'url':
if ($c == '/') {
if (!read_comment($file, $comment)) {
$url_tmp .= $c . $comment;
$c = '';
}
} else {
if ($c == ')') {
//echo "$state to rules\n";
$state = 'rules';
//url end
trim($url_tmp, " '\"\r\n\t");
if (strpos($url_tmp, 'http://') === 0 || strpos($url_tmp, 'data:') === 0) {
$url_tmp .= $c;
} else {
if ($url_tmp[0] == '/') {
$image = $_SERVER['DOCUMENT_ROOT'] . '/' . $url_tmp;
} else {
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
if (!(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest')) {
die("Call not allowed");
}
//
// Change this email to the real moderator's email
//
$moderator_email = "*****@*****.**";
$flag = processText($_POST["flag"]);
if ($flag === "1") {
add_comment($moderator_email);
}
if ($flag === "2") {
read_comment();
}
function strleft($s1, $s2)
{
return substr($s1, 0, strpos($s1, $s2));
}
function add_comment($moderator_email)
{
$caller = strtolower($_POST["url"]);
//$_SERVER['HTTP_REFERER'];
$filename = md5($caller);
$abs_comment_file = realpath('.') . '/' . $filename . '.xml';
$date_value = time();
$comment_id = $date_value . '-' . rand(1, 100000000);
$author_value = processText($_POST["name"]);
$subject_value = trim(processText($_POST["subject"]));
