function store($updateNulls = false) { if ($this->userid != 0 && empty($this->email)) { $user = JCommentsFactory::getUser($this->userid); $this->email = $user->email; unset($user); } if (empty($this->lang)) { $this->lang = JCommentsMultilingual::getLanguage(); } $this->hash = $this->getHash(); return parent::store($updateNulls); }
/** * Subscribes user for new comments notifications for an object * * @param int $object_id The object identifier * @param string $object_group The object group (component name) * @param int $userid The registered user identifier * @param string $email The user email (for guests only) * @param string $name The user name (for guests only) * @param string $lang The user language * @return boolean True on success, false otherwise. */ function subscribe($object_id, $object_group, $userid, $email = '', $name = '', $lang = '') { $object_id = (int) $object_id; $object_group = trim($object_group); $userid = (int) $userid; $result = false; if ($lang == '') { $lang = JCommentsMultilingual::getLanguage(); } $db = JCommentsFactory::getDBO(); if ($userid != 0) { $user = JCommentsFactory::getUser($userid); $name = $user->name; $email = $user->email; unset($user); } $query = "SELECT * " . " FROM #__jcomments_subscriptions" . " WHERE object_id = " . (int) $object_id . " AND object_group = " . $db->Quote($object_group) . " AND email = " . $db->Quote($email) . (JCommentsMultilingual::isEnabled() ? " AND lang = " . $db->Quote($lang) : ""); $db->setQuery($query); $rows = $db->loadObjectList(); require_once JCOMMENTS_TABLES . '/subscription.php'; if (count($rows) == 0) { $subscription = new JCommentsTableSubscription($db); $subscription->object_id = $object_id; $subscription->object_group = $object_group; $subscription->name = $name; $subscription->email = $email; $subscription->userid = $userid; $subscription->lang = $lang; $subscription->published = 1; $subscription->store(); $result = true; } else { // if current user is registered, but already exists subscription // on same email by guest - update subscription data if ($userid > 0 && $rows[0]->userid == 0) { $subscription = new JCommentsTableSubscription($db); $subscription->id = $rows[0]->id; $subscription->userid = $userid; $subscription->lang = $lang; $subscription->store(); $result = true; } else { $this->_errors[] = JText::_('ERROR_ALREADY_SUBSCRIBED'); } } if ($result) { $cache = JCommentsFactory::getCache('com_jcomments_subscriptions_' . strtolower($object_group)); $cache->clean(); } return $result; }
function reportComment() { if (JCommentsSecurity::badRequest() == 1) { JCommentsSecurity::notAuth(); } $acl =& JCommentsFactory::getACL(); $db =& JCommentsFactory::getDBO(); $config =& JCommentsFactory::getConfig(); $response =& JCommentsFactory::getAjaxResponse(); $values = JCommentsAJAX::prepareValues($_POST); $id = (int) $values['commentid']; $reason = trim(strip_tags($values['reason'])); $name = trim(strip_tags($values['name'])); $ip = $acl->getUserIP(); if ($reason == '') { JCommentsAJAX::showErrorMessage(JText::_('Please enter the reason for your report!'), '', 'comments-report-form'); return $response; } $query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id; if ($acl->getUserId()) { $query .= ' AND userid = ' . $acl->getUserId(); } else { $query .= ' AND ip = "' . $ip . '"'; } $db->setQuery($query); $reported = $db->loadResult(); if (!$reported) { $query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id; $db->setQuery($query); $reported = $db->loadResult(); if (!$reported) { $comment = new JCommentsDB($db); if ($comment->load($id)) { if ($acl->canReport($comment)) { $allowed = true; if ($config->getInt('enable_mambots') == 1) { require_once JCOMMENTS_HELPERS . DS . 'plugin.php'; JCommentsPluginHelper::importPlugin('jcomments'); JCommentsPluginHelper::trigger('onReportComment', array(&$comment, &$response, &$allowed, &$value)); } if ($allowed !== false) { if ($acl->getUserId()) { $user = JCommentsFactory::getUser(); $name = $user->name; } else { if ($name == '') { $name = JText::_('Guest'); } } $query = "INSERT INTO `#__jcomments_reports`(`commentid`,`userid`, `name`,`ip`,`date`,`reason`)" . "VALUES('" . $comment->id . "', '" . $acl->getUserId() . "', '" . $db->getEscaped($name) . "', '" . $db->getEscaped($ip) . "', now(), '" . $db->getEscaped($reason) . "')"; $db->setQuery($query); $db->query(); if ($config->getInt('enable_notification') == 1) { if ($config->check('notification_type', 2)) { $comment->datetime = $comment->date; if (is_string($comment->datetime)) { $comment->datetime = strtotime($comment->datetime); } JComments::sendReport($comment, $name, $reason); } } $html = JText::_('Report successfully sent!'); $html = str_replace("\n", '\\n', $html); $html = str_replace('\\n', '<br />', $html); $html = JCommentsText::jsEscape($html); $response->addScript("jcomments.closeReport('{$html}');"); } } else { JCommentsAJAX::showErrorMessage(JText::_('You have no rights to report comment!'), '', 'comments-report-form'); } } else { $response->addAlert(JText::_('ERROR_NOT_FOUND')); } unset($comment); } else { JCommentsAJAX::showErrorMessage(JText::_('Comment already reported to the site administrator'), '', 'comments-report-form'); } } else { JCommentsAJAX::showErrorMessage(JText::_('You can\'t report the same comment more than once!'), '', 'comments-report-form'); } return $response; }
function replace($str) { ob_start(); $config = JCommentsFactory::getConfig(); $app = JCommentsFactory::getApplication('site'); $patterns = array(); $replacements = array(); // B $patterns[] = '/\\[b\\](.*?)\\[\\/b\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<strong>\\1</strong>'; // I $patterns[] = '/\\[i\\](.*?)\\[\\/i\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<em>\\1</em>'; // U $patterns[] = '/\\[u\\](.*?)\\[\\/u\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<u>\\1</u>'; // S $patterns[] = '/\\[s\\](.*?)\\[\\/s\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<del>\\1</del>'; // SUP $patterns[] = '/\\[sup\\](.*?)\\[\\/sup\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<sup>\\1</sup>'; // SUB $patterns[] = '/\\[sub\\](.*?)\\[\\/sub\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<sub>\\1</sub>'; // URL (local) $liveSite = $app->getCfg('live_site'); $patterns[] = '#\\[url\\](' . preg_quote($liveSite, '#') . '[^\\s<\\"\']*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<a href="\\1" target="_blank">\\1</a>'; $patterns[] = '#\\[url=(' . preg_quote($liveSite, '#') . '[^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<a href="\\1" target="_blank">\\2</a>'; $patterns[] = '/\\[url=(\\#|\\/)([^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<a href="\\1\\2" target="_blank">\\3</a>'; // URL (external) $patterns[] = '#\\[url\\](http:\\/\\/)?([^\\s<\\"\']*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<a href="http://\\2" rel="external nofollow" target="_blank">\\2</a>'; $patterns[] = '/\\[url=([a-z]*\\:\\/\\/)([^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<a href="\\1\\2" rel="external nofollow" target="_blank">\\3</a>'; $patterns[] = '/\\[url=([^\\s<\\"\'\\]]*?)\\](.*?)\\[\\/url\\]/i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<a href="http://\\1" rel="external nofollow" target="_blank">\\2</a>'; $patterns[] = '#\\[url\\](.*?)\\[\\/url\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '\\1'; // EMAIL $patterns[] = '#\\[email\\]([^\\s\\<\\>\\(\\)\\"\'\\[\\]]*?)\\[\\/email\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '\\1'; // IMG $patterns[] = '#\\[img\\](http:\\/\\/)?([^\\s\\<\\>\\(\\)\\"\']*?)\\[\\/img\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '<img class="img" src="http://\\2" alt="" border="0" />'; $patterns[] = '#\\[img\\](.*?)\\[\\/img\\]#i' . JCOMMENTS_PCRE_UTF8; $replacements[] = '\\1'; // HIDE $patterns[] = '/\\[hide\\](.*?)\\[\\/hide\\]/i' . JCOMMENTS_PCRE_UTF8; $user = JCommentsFactory::getUser(); if ($user->id) { $replacements[] = '\\1'; } else { $replacements[] = '<span class="hidden">' . JText::_('BBCODE_MESSAGE_HIDDEN_TEXT') . '</span>'; } // CODE $geshiEnabled = $config->getInt('enable_geshi', 0); $codePattern = '#\\[code\\=?([a-z0-9]*?)\\](.*?)\\[\\/code\\]#ism' . JCOMMENTS_PCRE_UTF8; $geshiLibrary = ''; if (JCOMMENTS_JVERSION == '1.0') { global $mainframe; $geshiLibrary = $mainframe->getCfg('absolute_path') . '/mambots/content/geshi/geshi.php'; } else { if (JCOMMENTS_JVERSION == '1.5') { $geshiLibrary = JPATH_SITE . '/libraries/geshi/geshi.php'; } else { if (JCOMMENTS_JVERSION == '1.7') { $geshiLibrary = JPATH_SITE . '/plugins/content/geshi/geshi/geshi.php'; } } } $geshiEnabled = $geshiEnabled && is_file($geshiLibrary); if ($geshiEnabled) { require_once $geshiLibrary; if (!function_exists('jcommentsProcessGeSHi')) { function jcommentsProcessGeSHi($matches) { $lang = $matches[1] != '' ? $matches[1] : 'php'; $text = $matches[2]; $html_entities_match = array('#\\<br \\/\\>#', "#<#", "#>#", "|'|", '#"#', '# #'); $html_entities_replace = array("\n", '<', '>', "'", '"', ' '); $text = preg_replace($html_entities_match, $html_entities_replace, $text); $text = preg_replace('#(\\r|\\n)*?$#ism', '', $text); $text = str_replace('<', '<', $text); $text = str_replace('>', '>', $text); $geshi = new GeSHi($text, $lang); $text = $geshi->parse_code(); return '[code]' . $text . '[/code]'; } } $patterns[] = $codePattern; $replacements[] = '<span class="code">' . JText::_('COMMENT_TEXT_CODE') . '</span>\\2'; $str = preg_replace_callback($codePattern, 'jcommentsProcessGeSHi', $str); } else { $patterns[] = $codePattern; $replacements[] = '<span class="code">' . JText::_('COMMENT_TEXT_CODE') . '</span><code>\\2</code>'; if (!function_exists('jcommentsProcessCode')) { function jcommentsProcessCode($matches) { $text = htmlspecialchars(trim($matches[0])); $text = str_replace("\r", '', $text); $text = str_replace("\n", '<br />', $text); return $text; } } $str = preg_replace_callback($codePattern, 'jcommentsProcessCode', $str); } $str = preg_replace($patterns, $replacements, $str); // QUOTE $quotePattern = '#\\[quote\\s?name=\\"([^\\"\'\\<\\>\\(\\)]*?)\\"\\](<br\\s?\\/?\\>)*?(.*?)(<br\\s?\\/?\\>)*\\[\\/quote\\](<br\\s?\\/?\\>)*?#ism' . JCOMMENTS_PCRE_UTF8; $quoteReplace = '<span class="quote">' . JText::sprintf('COMMENT_TEXT_QUOTE_EXTENDED', '\\1') . '</span><blockquote><div>\\3</div></blockquote>'; while (preg_match($quotePattern, $str)) { $str = preg_replace($quotePattern, $quoteReplace, $str); } $quotePattern = '#\\[quote[^\\]]*?\\](<br\\s?\\/?\\>)*([^\\[]+)(<br\\s?\\/?\\>)*\\[\\/quote\\](<br\\s?\\/?\\>)*?#ismU' . JCOMMENTS_PCRE_UTF8; $quoteReplace = '<span class="quote">' . JText::_('COMMENT_TEXT_QUOTE') . '</span><blockquote><div>\\2</div></blockquote>'; while (preg_match($quotePattern, $str)) { $str = preg_replace($quotePattern, $quoteReplace, $str); } // LIST $matches = array(); $matchCount = preg_match_all('#\\[list\\](<br\\s?\\/?\\>)*(.*?)(<br\\s?\\/?\\>)*\\[\\/list\\]#i' . JCOMMENTS_PCRE_UTF8, $str, $matches); for ($i = 0; $i < $matchCount; $i++) { $textBefore = preg_quote($matches[2][$i]); $textAfter = preg_replace('#(<br\\s?\\/?\\>)*\\[\\*\\](<br\\s?\\/?\\>)*#is' . JCOMMENTS_PCRE_UTF8, "</li><li>", $matches[2][$i]); $textAfter = preg_replace("#^</?li>#" . JCOMMENTS_PCRE_UTF8, "", $textAfter); $textAfter = str_replace("\n</li>", "</li>", $textAfter . "</li>"); $str = preg_replace('#\\[list\\](<br\\s?\\/?\\>)*' . $textBefore . '(<br\\s?\\/?\\>)*\\[/list\\]#is' . JCOMMENTS_PCRE_UTF8, "<ul>{$textAfter}</ul>", $str); } $matches = array(); $matchCount = preg_match_all('#\\[list=(a|A|i|I|1)\\](<br\\s?\\/?\\>)*(.*?)(<br\\s?\\/?\\>)*\\[\\/list\\]#is' . JCOMMENTS_PCRE_UTF8, $str, $matches); for ($i = 0; $i < $matchCount; $i++) { $textBefore = preg_quote($matches[3][$i]); $textAfter = preg_replace('#(<br\\s?\\/?\\>)*\\[\\*\\](<br\\s?\\/?\\>)*#is' . JCOMMENTS_PCRE_UTF8, "</li><li>", $matches[3][$i]); $textAfter = preg_replace("#^</?li>#" . JCOMMENTS_PCRE_UTF8, '', $textAfter); $textAfter = str_replace("\n</li>", "</li>", $textAfter . "</li>"); $str = preg_replace('#\\[list=(a|A|i|I|1)\\](<br\\s?\\/?\\>)*' . $textBefore . '(<br\\s?\\/?\\>)*\\[/list\\]#is' . JCOMMENTS_PCRE_UTF8, "<ol type=\\1>{$textAfter}</ol>", $str); } $str = preg_replace('#\\[\\/?(b|i|u|s|sup|sub|url|img|list|quote|code|hide)\\]#i' . JCOMMENTS_PCRE_UTF8, '', $str); unset($matches); ob_end_clean(); return $str; }
/** * Subscribes user for new comments notifications for an object * * @param int $object_id The object identifier * @param string $object_group The object group (component name) * @param int $userid The registered user identifier * @param string $email The user email (for guests only) * @param string $name The user name (for guests only) * @return boolean True on success, false otherwise. */ function subscribe($object_id, $object_group, $userid, $email = '', $name = '', $lang = '') { $object_id = (int) $object_id; $object_group = trim($object_group); $userid = (int) $userid; if ($lang == '') { $lang = JCommentsMultilingual::getLanguage(); } $dbo =& JCommentsFactory::getDBO(); if ($userid != 0) { $user = JCommentsFactory::getUser($userid); $name = $user->name; $email = $user->email; unset($user); } $query = "SELECT * " . "\nFROM #__jcomments_subscriptions" . "\nWHERE object_id = " . (int) $object_id . "\nAND object_group = '" . $dbo->getEscaped($object_group) . "'" . "\nAND email = '" . $dbo->getEscaped($email) . "'" . (JCommentsMultilingual::isEnabled() ? "\nAND lang = '" . $lang . "'" : ""); $dbo->setQuery($query); $rows = $dbo->loadObjectList(); if (count($rows) == 0) { $subscription = new JCommentsSubscriptionsDB($dbo); $subscription->object_id = $object_id; $subscription->object_group = $object_group; $subscription->name = $name; $subscription->email = $email; $subscription->userid = $userid; $subscription->hash = JCommentsSubscriptionManager::getHash($object_id, $object_group, $userid, $email, $lang); $subscription->lang = $lang; $subscription->published = 1; $subscription->store(); return true; } else { // if current user is registered, but already exists subscription // on same email by guest - update subscription data if ($userid > 0 && $rows[0]->userid == 0) { $subscription = new JCommentsSubscriptionsDB($dbo); $subscription->id = $rows[0]->id; $subscription->userid = $userid; $subscription->lang = $lang; $subscription->hash = JCommentsSubscriptionManager::getHash($object_id, $object_group, $userid, $email, $lang); $subscription->store(); return true; } else { $this->_errors[] = JText::_('Already subscribed'); } } return false; }
public static function save() { JCommentsSecurity::checkToken(); $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $db = JCommentsFactory::getDBO(); $row = new JCommentsTableBlacklist($db); if ($id) { $row->load($id); } else { $user = JCommentsFactory::getUser(); $row->created_by = $user->id; $row->created = JCommentsFactory::getDate(); } $row->ip = preg_replace('#[^0-9\\.\\*]#', '', trim(strip_tags(JCommentsInput::getVar('ip')))); $row->reason = trim(strip_tags(JCommentsInput::getVar('reason'))); $row->notes = trim(strip_tags(JCommentsInput::getVar('notes'))); if (empty($row->notes) && !empty($row->reason)) { $row->notes = $row->reason; } if ($row->ip == $_SERVER['REMOTE_ADDR']) { JError::raiseWarning(500, JText::_('A_BLACKLIST_ERROR_YOU_CAN_NOT_BAN_YOUR_IP')); } else { $row->store(); } $row->checkin(); switch ($task) { case 'blacklist.apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=blacklist.edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'blacklist.save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=blacklist'); break; } }
public static function sendReport(&$comment, $name, $reason = '') { $app = JCommentsFactory::getApplication('site'); $user = JCommentsFactory::getUser(); $config = JCommentsFactory::getConfig(); if ($config->get('notification_email') != '') { $objectInfo = JCommentsObjectHelper::getObjectInfo($comment->object_id, $comment->object_group, $comment->lang); $commentText = $comment->comment; $bbcode = JCommentsFactory::getBBCode(); $txt = JCommentsText::censor($comment->comment); $txt = $bbcode->replace($txt); if ($config->getInt('enable_custom_bbcode')) { $customBBCode = JCommentsFactory::getCustomBBCode(); // TODO: add control for replacement mode from CustomBBCode parameters $txt = $customBBCode->replace($txt, true); } $comment->comment = trim(preg_replace('/(\\s){2,}/i', '\\1', $txt)); $comment->author = JComments::getCommentAuthorName($comment); $tmpl = JCommentsFactory::getTemplate($comment->object_id, $comment->object_group); $tmpl->load('tpl_email_report'); $tmpl->addVar('tpl_email_report', 'comment-object_title', $objectInfo->title); $tmpl->addVar('tpl_email_report', 'comment-object_link', JCommentsFactory::getAbsLink($objectInfo->link)); $tmpl->addVar('tpl_email_report', 'report-name', $name); $tmpl->addVar('tpl_email_report', 'report-reason', $reason); $tmpl->addVar('tpl_email_report', 'quick-moderation', $config->getInt('enable_quick_moderation')); $tmpl->addVar('tpl_email_report', 'enable-blacklist', $config->getInt('enable_blacklist')); $tmpl->addObject('tpl_email_report', 'comment', $comment); $message = $tmpl->renderTemplate('tpl_email_report'); $tmpl->freeTemplate('tpl_email_report'); $subject = JText::sprintf('REPORT_NOTIFICATION_SUBJECT', $comment->author); if (isset($subject) && isset($message)) { $emails = explode(',', $config->get('notification_email')); $mailFrom = $app->getCfg('mailfrom'); $fromName = $app->getCfg('fromname'); foreach ($emails as $email) { $email = trim((string) $email); // don't send notification to message author if ($user->email != $email) { JCommentsMail::send($mailFrom, $fromName, $email, $subject, $message, true); } } } unset($emails, $objectInfo); $comment->comment = $commentText; } }
public static function save() { JCommentsSecurity::checkToken(); $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode = JCommentsFactory::getBBCode(); $db = JCommentsFactory::getDBO(); $row = new JCommentsTableComment($db); if ($row->load($id)) { $prevPublished = $row->published; $row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->title = trim(strip_tags(JCommentsInput::getVar('title'))); $row->comment = trim(strip_tags(JCommentsInput::getVar('comment'))); $row->published = (int) JCommentsInput::getVar('published'); if ($row->userid == 0) { $row->name = strip_tags(JCommentsInput::getVar('name')); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name); if ($row->username != $row->name) { $row->username = $row->name; } $row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username); } else { if ($row->name == '' || $row->username == '' || $row->email == '') { $user = JCommentsFactory::getUser($row->userid); $row->name = $row->name == '' ? $user->name : $row->name; $row->username = $row->username == '' ? $user->username : $row->username; $row->email = $row->email == '' ? $user->email : $row->email; } } // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $row->title = stripslashes($row->title); $row->comment = stripslashes($row->comment); } $row->comment = JCommentsText::nl2br($row->comment); $row->comment = $bbcode->filter($row->comment); $row->store(); $row->checkin(); // send notification to comment subscribers if ($row->published && $prevPublished != $row->published) { // TODO: add separate message for just published comments include_once JCOMMENTS_BASE . '/jcomments.php'; $language = JCommentsFactory::getLanguage(); $language->load('com_jcomments', JOOMLATUNE_JPATH_SITE, $row->lang); JComments::sendToSubscribers($row, true); } $cache = JCommentsFactory::getCache('com_jcomments'); $cache->clean(); $cache = JCommentsFactory::getCache($row->object_group); $cache->clean(); } switch ($task) { case 'comments.apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments.edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'comments.save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments'); break; } }
public static function reportComment() { if (JCommentsSecurity::badRequest() == 1) { JCommentsSecurity::notAuth(); } $acl = JCommentsFactory::getACL(); $db = JCommentsFactory::getDBO(); $config = JCommentsFactory::getConfig(); $response = JCommentsFactory::getAjaxResponse(); $values = self::prepareValues($_POST); $id = (int) $values['commentid']; $reason = trim(strip_tags($values['reason'])); $name = trim(strip_tags($values['name'])); $ip = $acl->getUserIP(); if (empty($reason)) { if ($config->getInt('report_reason_required') == 1) { self::showErrorMessage(JText::_('ERROR_NO_REASON_FOR_REPORT'), '', 'comments-report-form'); return $response; } else { $reason = JText::_('REPORT_REASON_UNKNOWN_REASON'); } } $query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id; if ($acl->getUserId()) { $query .= ' AND userid = ' . $acl->getUserId(); } else { $query .= ' AND userid = 0 AND ip = "' . $ip . '"'; } $db->setQuery($query); $reported = $db->loadResult(); if (!$reported) { $maxReportsPerComment = $config->getInt('reports_per_comment', 1); $maxReportsBeforeUnpublish = $config->getInt('reports_before_unpublish', 0); $db->setQuery('SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id); $reported = $db->loadResult(); if ($reported < $maxReportsPerComment || $maxReportsPerComment == 0) { $comment = new JCommentsTableComment($db); if ($comment->load($id)) { if ($acl->canReport($comment)) { if ($acl->getUserId()) { $user = JCommentsFactory::getUser(); $name = $user->name; } else { if (empty($name)) { $name = 'Guest'; // JText::_('Guest'); } } require_once JCOMMENTS_TABLES . '/report.php'; $report = new JCommentsTableReport($db); $report->commentid = $comment->id; $report->date = JCommentsFactory::getDate(); $report->userid = $acl->getUserId(); $report->ip = $ip; $report->name = $name; $report->reason = $reason; $html = ''; $result = JCommentsEvent::trigger('onJCommentsCommentBeforeReport', array(&$comment, &$report)); if (!in_array(false, $result, true)) { if ($report->store()) { JCommentsEvent::trigger('onJCommentsCommentAfterReport', array(&$comment, $report)); if ($config->getInt('enable_notification') == 1) { if ($config->check('notification_type', 2)) { JComments::sendReport($comment, $name, $reason); } } // unpublish comment if reports count is enough if ($maxReportsBeforeUnpublish > 0 && $reported >= $maxReportsBeforeUnpublish) { $comment->published = 0; $comment->store(); } $html = JText::_('REPORT_SUCCESSFULLY_SENT'); $html = str_replace("\n", '\\n', $html); $html = str_replace('\\n', '<br />', $html); $html = JCommentsText::jsEscape($html); } } $response->addScript("jcomments.closeReport('{$html}');"); } else { self::showErrorMessage(JText::_('ERROR_YOU_HAVE_NO_RIGHTS_TO_REPORT'), '', 'comments-report-form'); } } else { $response->addAlert(JText::_('ERROR_NOT_FOUND')); } } else { self::showErrorMessage(JText::_('ERROR_COMMENT_ALREADY_REPORTED'), '', 'comments-report-form'); } } else { self::showErrorMessage(JText::_('ERROR_YOU_CAN_NOT_REPORT_THE_SAME_COMMENT_MORE_THAN_ONCE'), '', 'comments-report-form'); } return $response; }
public static function showUserComments() { $config = JCommentsFactory::getConfig(); if ($config->get('enable_rss') == '1') { $app = JCommentsFactory::getApplication('site'); $acl = JCommentsFactory::getACL(); $userid = (int) JCommentsInput::getVar('userid', 0); $limit = (int) JCommentsInput::getVar('limit', $config->getInt('feed_limit', 100)); $user = JCommentsFactory::getUser($userid); if (!isset($user->id)) { self::showNotFound(); return; } if (JCOMMENTS_JVERSION == '1.0') { $offset = $app->getCfg('offset') + date('O') / 100; } else { $offset = $app->getCfg('offset'); } $lm = $limit != $config->getInt('feed_limit') ? '&limit=' . $limit : ''; if (JCommentsMultilingual::isEnabled()) { $language = JCommentsMultilingual::getLanguage(); $lp = '&lang=' . $language; } else { $language = null; $lp = ''; } if (JCOMMENTS_JVERSION == '1.0') { $syndicationURL = $app->getCfg('live_site') . '/index2.php?option=com_jcomments&task=rss_user&userid=' . $userid . $lm . $lp . '&no_html=1'; } else { $liveSite = str_replace(JURI::root(true), '', $app->getCfg('live_site')); $syndicationURL = $liveSite . JRoute::_('index.php?option=com_jcomments&task=rss_user&userid=' . $userid . $lm . $lp . '&tmpl=raw'); } $user->userid = $user->id; $username = JComments::getCommentAuthorName($user); $rss = new JoomlaTuneFeed(); $rss->setOffset($offset); $rss->encoding = JCOMMENTS_ENCODING; $rss->title = JText::sprintf('USER_FEED_TITLE', $username); $rss->link = $app->getCfg('live_site'); $rss->syndicationURL = $syndicationURL; $rss->description = JText::sprintf('USER_FEED_DESCRIPTION', $username); $options = array(); $options['lang'] = $language; $options['userid'] = $userid; $options['published'] = 1; $options['filter'] = 'c.deleted = 0'; $options['orderBy'] = 'c.date DESC'; $options['votes'] = false; $options['limit'] = $limit; $options['limitStart'] = 0; $options['objectinfo'] = true; $options['access'] = $acl->getUserAccess(); $rows = JCommentsModel::getCommentsList($options); $word_maxlength = $config->getInt('word_maxlength'); $lang = JCommentsMultilingual::isEnabled() ? JCommentsMultilingual::getLanguage() : null; foreach ($rows as $row) { $comment = JCommentsText::cleanText($row->comment); if ($comment != '') { // getting object's information (title and link) $object_title = empty($row->object_title) ? JCommentsObjectHelper::getTitle($row->object_id, $row->object_group, $lang) : $row->object_title; $object_link = empty($row->object_link) ? JCommentsObjectHelper::getLink($row->object_id, $row->object_group, $lang) : $row->object_link; $object_link = JCommentsFactory::getAbsLink(str_replace('amp;', '', $object_link)); // apply censor filter $object_title = JCommentsText::censor($object_title); $comment = JCommentsText::censor($comment); // fix long words problem if ($word_maxlength > 0) { $comment = JCommentsText::fixLongWords($comment, $word_maxlength, ' '); if ($object_title != '') { $object_title = JCommentsText::fixLongWords($object_title, $word_maxlength, ' '); } } $author = JComments::getCommentAuthorName($row); $item = new JoomlaTuneFeedItem(); $item->title = $object_title; $item->link = $object_link . '#comment-' . $row->id; $item->description = JText::sprintf('USER_FEED_ITEM_DESCRIPTION', $author, $comment); $item->source = $object_link; if (JCOMMENTS_JVERSION == '1.0') { $date = strtotime((string) $row->date) - $offset * 3600; $item->pubDate = date('Y-m-d H:i:s', $date); } else { $item->pubDate = $row->date; } $item->author = $author; $rss->addItem($item); } } $rss->display(); unset($rows, $rss); exit; } }
function getCommentsForm($object_id, $object_group, $showForm = true) { global $my; $object_id = (int) $object_id; $object_group = trim($object_group); $tmpl =& JCommentsFactory::getTemplate($object_id, $object_group); $tmpl->load('tpl_form'); $acl =& JCommentsFactory::getACL(); $config =& JCommentsFactory::getConfig(); if ($acl->canComment()) { if ($config->getInt('comments_locked', 0) == 1) { $message = $config->get('message_locked'); if ($message != '') { $message = preg_replace('/(\\n|\\r)+/', '<br />', stripslashes($message)); } else { $message = JText::_('ERROR_CANT_COMMENT'); } $tmpl->addVar('tpl_form', 'comments-form-message', 1); $tmpl->addVar('tpl_form', 'comments-form-message-header', JText::_('FORM_HEADER')); $tmpl->addVar('tpl_form', 'comments-form-message-text', $message); $result = $tmpl->renderTemplate('tpl_form'); return $result; } if ($acl->check('enable_captcha') == 1) { $captchaEngine = $config->get('captcha_engine', 'kcaptcha'); if ($captchaEngine != 'kcaptcha') { if ($config->getInt('enable_mambots') == 1) { require_once JCOMMENTS_HELPERS . DS . 'plugin.php'; JCommentsPluginHelper::importPlugin('jcomments'); JCommentsPluginHelper::trigger('onJCommentsCaptchaJavaScript'); } } } if (!$showForm) { $tmpl->addVar('tpl_form', 'comments-form-link', 1); $result = $tmpl->renderTemplate('tpl_form'); return $result; } else { if ($config->getInt('form_show') != 1) { $tmpl->addVar('tpl_form', 'comments-form-ajax', 1); } } if ($config->getInt('enable_mambots') == 1) { require_once JCOMMENTS_HELPERS . DS . 'plugin.php'; JCommentsPluginHelper::importPlugin('jcomments'); $htmlBeforeForm = JCommentsPluginHelper::trigger('onJCommentsBeforeFormDisplayed'); $htmlAfterForm = JCommentsPluginHelper::trigger('onJCommentsAfterFormDisplayed'); $tmpl->addVar('tpl_form', 'comments-form-html-before', implode("\n", $htmlBeforeForm)); $tmpl->addVar('tpl_form', 'comments-form-html-after', implode("\n", $htmlAfterForm)); } $policy = $config->get('message_policy_post'); if ($policy != '' && $acl->check('show_policy')) { $policy = preg_replace('/(\\n|\\r)+/', '<br />', stripslashes($policy)); $tmpl->addVar('tpl_form', 'comments-form-policy', 1); $tmpl->addVar('tpl_form', 'comments-policy', $policy); } if ($my->id) { $currentUser = JCommentsFactory::getUser($my->id); $my->name = $currentUser->name; unset($currentUser); } $tmpl->addObject('tpl_form', 'user', $my); if ($config->getInt('enable_smiles') == 1 && is_array($config->get('smiles'))) { $tmpl->addVar('tpl_form', 'comment-form-smiles', $config->get('smiles')); } $bbcode =& JCommentsFactory::getBBCode(); if ($bbcode->enabled()) { $tmpl->addVar('tpl_form', 'comments-form-bbcode', 1); foreach ($bbcode->getCodes() as $code) { $tmpl->addVar('tpl_form', 'comments-form-bbcode-' . $code, $bbcode->canUse($code)); } } if ($config->getInt('enable_custom_bbcode')) { $customBBCode =& JCommentsFactory::getCustomBBCode(); if ($customBBCode->enabled()) { $tmpl->addVar('tpl_form', 'comments-form-custombbcodes', $customBBCode->codes); } } $username_maxlength = $config->getInt('username_maxlength'); if ($username_maxlength <= 0 || $username_maxlength > 255) { $username_maxlength = 255; } $tmpl->addVar('tpl_form', 'comment-name-maxlength', $username_maxlength); if ($config->getInt('show_commentlength') == 1 && $acl->check('enable_comment_length_check')) { $tmpl->addVar('tpl_form', 'comments-form-showlength-counter', 1); $tmpl->addVar('tpl_form', 'comment-maxlength', $config->getInt('comment_maxlength')); } else { $tmpl->addVar('tpl_form', 'comment-maxlength', 0); } if ($acl->check('enable_captcha') == 1) { $tmpl->addVar('tpl_form', 'comments-form-captcha', 1); $captchaEngine = $config->get('captcha_engine', 'kcaptcha'); if ($captchaEngine == 'kcaptcha') { // TODO } else { if ($config->getInt('enable_mambots') == 1) { $captchaHTML = JCommentsPluginHelper::trigger('onJCommentsCaptchaDisplay'); $tmpl->addVar('tpl_form', 'comments-form-captcha-html', implode("\n", $captchaHTML)); } } } $canSubscribe = $acl->check('enable_subscribe'); if ($my->id && $acl->check('enable_subscribe')) { require_once JCOMMENTS_BASE . DS . 'jcomments.subscription.php'; $manager =& JCommentsSubscriptionManager::getInstance(); $canSubscribe = $canSubscribe && !$manager->isSubscribed($object_id, $object_group, $my->id); } $tmpl->addVar('tpl_form', 'comments-form-subscribe', (int) $canSubscribe); $tmpl->addVar('tpl_form', 'comments-form-user-name', $my->id ? 0 : 1); $tmpl->addVar('tpl_form', 'comments-form-email-required', 0); switch ($config->getInt('author_email')) { case 2: if (!$my->id) { $tmpl->addVar('tpl_form', 'comments-form-email-required', 1); $tmpl->addVar('tpl_form', 'comments-form-user-email', 1); } else { $tmpl->addVar('tpl_form', 'comments-form-user-email', 0); } break; case 1: if (!$my->id) { $tmpl->addVar('tpl_form', 'comments-form-user-email', 1); } else { $tmpl->addVar('tpl_form', 'comments-form-user-email', 0); } break; case 0: default: $tmpl->addVar('tpl_form', 'comments-form-user-email', 0); if (!$my->id) { $tmpl->addVar('tpl_form', 'comments-form-subscribe', 0); } break; } $tmpl->addVar('tpl_form', 'comments-form-homepage-required', 0); switch ($config->getInt('author_homepage')) { case 3: $tmpl->addVar('tpl_form', 'comments-form-homepage-required', 1); $tmpl->addVar('tpl_form', 'comments-form-user-homepage', 1); break; case 2: if (!$my->id) { $tmpl->addVar('tpl_form', 'comments-form-homepage-required', 1); } $tmpl->addVar('tpl_form', 'comments-form-user-homepage', 1); break; case 1: $tmpl->addVar('tpl_form', 'comments-form-user-homepage', 1); break; case 0: default: $tmpl->addVar('tpl_form', 'comments-form-user-homepage', 0); break; } $tmpl->addVar('tpl_form', 'comments-form-title-required', 0); switch ($config->getInt('comment_title')) { case 3: $tmpl->addVar('tpl_form', 'comments-form-title-required', 1); $tmpl->addVar('tpl_form', 'comments-form-title', 1); break; case 1: $tmpl->addVar('tpl_form', 'comments-form-title', 1); break; case 0: default: $tmpl->addVar('tpl_form', 'comments-form-title', 0); break; } $result = $tmpl->renderTemplate('tpl_form'); return $result; } else { $message = $config->get('message_policy_whocancomment'); if ($message != '') { $header = JText::_('FORM_HEADER'); $message = preg_replace('/(\\n|\\r)+/', '<br />', stripslashes($message)); } else { $header = ''; $message = ''; } $tmpl->addVar('tpl_form', 'comments-form-message', 1); $tmpl->addVar('tpl_form', 'comments-form-message-header', $header); $tmpl->addVar('tpl_form', 'comments-form-message-text', $message); return $tmpl->renderTemplate('tpl_form'); } }
function save() { $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode =& JCommentsFactory::getBBCode(); $db =& JCommentsFactory::getDBO(); $row = new JCommentsDB($db); if ($row->load($id)) { $row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->title = trim(strip_tags(JCommentsInput::getVar('title'))); $row->comment = JCommentsInput::getVar('comment'); $row->published = (int) JCommentsInput::getVar('published'); if ($row->userid == 0) { $row->name = strip_tags(JCommentsInput::getVar('name')); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name); if ($row->username != $row->name) { $row->username = $row->name; } $row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username); } else { if ($row->name == '' || $row->username == '' || $row->email == '') { $user = JCommentsFactory::getUser($row->userid); $row->name = $row->name == '' ? $user->name : $row->name; $row->username = $row->username == '' ? $user->username : $row->username; $row->email = $row->email == '' ? $user->email : $row->email; } } // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $row->title = stripslashes($row->title); $row->comment = stripslashes($row->comment); } $row->comment = JCommentsText::nl2br($row->comment); $row->comment = $bbcode->filter($row->comment); $row->store(); $row->checkin(); JCommentsCache::cleanCache('com_jcomments'); JCommentsCache::cleanCache($row->object_group); } switch ($task) { case 'apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments'); break; } }
function check($str) { global $my; if (isset($str)) { if (!isset($my)) { $my =& JCommentsFactory::getUser(); } $list = explode(',', $str); if (isset($my->groups)) { if (array_intersect($my->groups, $list)) { return 1; } } for ($i = 0, $n = count($list); $i < $n; $i++) { if ($my->id != 0 && $my->usertype == $list[$i]) { return 1; } else { if ($my->id == 0 && $list[$i] == 'Unregistered') { return 1; } } } } return 0; }