function store() { // save the comment to the database global $db, $current_user, $the_template; if (!$this->date) { $this->date = time(); } $comment_id = $this->id; if (!is_numeric($comment_id)) { return false; } $comment_author = $this->author; $comment_link = $this->link; $comment_karma = $this->karma; $comment_date = $this->date; $comment_randkey = $this->randkey; $comment_content = $db->escape($this->content); $comment_votes = $this->votes; $comment_parent = $this->parent; if ($this->id === 0) { $this->canSave = true; // assume we can save $vars = array('comment' => &$this); check_actions('comment_save', $vars); if ($this->canSave == true) { // if this is a new comment $sql = "INSERT INTO " . table_comments . " (comment_parent, comment_user_id, comment_link_id, comment_karma, comment_date, comment_randkey, comment_content) VALUES ({$comment_parent}, {$comment_author}, {$comment_link}, {$comment_karma}, FROM_UNIXTIME({$comment_date}), {$comment_randkey}, '{$comment_content}')"; $db->query($sql); $this->id = $db->insert_id; $link = new Link(); $link->id = $this->link; $link->read(); $link->adjust_comment(1); $link->store(); $link = ''; $vars = array('comment' => &$this); check_actions('comment_post_save', $vars); } } else { // if we're editing an existing comment $sql = "UPDATE " . table_comments . " set comment_votes={$comment_votes}, comment_user_id={$comment_author}, comment_link_id={$comment_link}, comment_karma={$comment_karma}, comment_date=FROM_UNIXTIME({$comment_date}), comment_randkey={$comment_randkey}, comment_content='{$comment_content}' WHERE comment_id={$comment_id}"; $db->query($sql); } $vars = array('comment' => $this); check_actions('comment_store_post_sql', $vars); }
function insert_anonymous_comment(&$vars) { global $db; $link_id = $vars['link_id']; $user_id = $vars['user_id']; $randkey = $vars['randkey']; $comment_content = $vars['comment_content']; $a_username = $vars['a_username']; $a_email = $vars['a_email']; $a_website = $vars['a_website']; $sql = "INSERT INTO " . table_comments . " (comment_user_id, comment_link_id, comment_date, comment_randkey, comment_content,`comment_anonymous_username`, `comment_anonymous_email`, `comment_anonymous_website` ) VALUES ({$user_id}, {$link_id}, NOW(), {$randkey}, '{$comment_content}', '{$a_username}','{$a_email}', '{$a_website}')"; $result = $db->query($sql); // DB 12/17/08 $link = new Link(); $link->id = $link_id; $link->read(); $link->adjust_comment(1); $link->store(); ///// }
function delete_comment($key) { global $db; if (!is_numeric($key)) { return; } $link_id = $db->get_var("SELECT comment_link_id FROM `" . table_comments . "` WHERE `comment_id` = " . $key . ";"); $vars = array('comment_id' => $key); check_actions('comment_deleted', $vars); $comments = $db->get_results($sql = "SELECT comment_id FROM " . table_comments . " WHERE `comment_parent` = '{$key}'"); foreach ($comments as $comment) { $vars = array('comment_id' => $comment->comment_id); check_actions('comment_deleted', $vars); } $db->query('DELETE FROM `' . table_comments . '` WHERE `comment_parent` = "' . $key . '"'); $db->query('DELETE FROM `' . table_comments . '` WHERE `comment_id` = "' . $key . '"'); $link = new Link(); $link->id = $link_id; $link->read(); $link->recalc_comments(); $link->store(); }
function do_submit1() { global $db, $dblang, $current_user; do_navbar(_('enviar noticia ') . '»'. _(' paso 2: detalles')); echo '<div id="genericform-contents">'."\n"; // avoid spams, an extra security check $from = time() - 3600; $same_user = $db->get_var("select count(*) from links where link_date > from_unixtime($from) and link_author=$current_user->user_id"); if ($same_user > 4) { echo '<p class="error"><strong>'._('debes esperar'). '</strong></p>'; echo '<br style="clear: both;" />' . "\n"; echo '</div>'. "\n"; return; } $url = trim(preg_replace('/ /', '+', $_POST['url'])); $linkres=new Link; $edit = false; $linkres->get($url); $trackback=$linkres->trackback; $linkres->randkey = intval($_POST['randkey']); if(!$linkres->valid) { echo '<p class="error"><strong>'._('url no válido').':</strong> ('.$url.')</p>'; echo '<p>'._('prueba con otra dirección').'</p>'; print_empty_submit_form(); return; } // avoid auto-promotion (autobombo) $hours = 4; $from = time() - 3600*$hours; $same_blog = $db->get_var("select count(*) from links where link_date > from_unixtime($from) and link_author=$current_user->user_id and link_blog=$linkres->blog and link_votes > 0"); if ($same_blog > 0 && $current_user->user_karma < 12) { echo '<p class="error"><strong>'._('ya has enviado un enlace al mismo sitio hace poco tiempo').'</strong></p> '; echo '<p class="error-text">'._('debes esperar'). " $hours " . _(' horas entre cada envío al mismo sitio. Es para evitar "spams" y "autobombo"') . ', '; echo '<a href="faq-'.$dblang.'.php">'._('lee el FAQ').'</a></p>'; echo '<br style="clear: both;" />' . "\n"; echo '</div>'. "\n"; return; } // check that the user also votes, not only sends links if ($current_user->user_karma < 10) { $from = time() - 3600*24; $user_votes = $db->get_var("select count(*) from votes where vote_type='links' and vote_date > from_unixtime($from) and vote_user_id=$current_user->user_id"); $user_links = 1 + $db->get_var("select count(*) from links where link_author=$current_user->user_id and link_date > from_unixtime($from) and link_status != 'discard'"); $total_links = $db->get_var("select count(*) from links where link_date > from_unixtime($from) and link_status = 'queued'"); $min_votes = intval($total_links/20) * $user_links; if ($user_votes < $min_votes) { $needed = $min_votes - $user_votes; echo '<p class="error"><strong>'._('no tienes el mínimo de votos necesarios para enviar una nueva historia').'</strong></p> '; echo '<p class="error-text">'._('necesitas votar como mínimo a'). " $needed " . _('noticias') . ', '; echo '<a href="shakeit.php" target="_blank">'._('haz clic aquí para ir a votar').'</a></p>'; echo '<br style="clear: both;" />' . "\n"; echo '</div>'. "\n"; return; } } if($linkres->duplicates($url) > 0) { echo '<p class="error"><strong>'._('noticia repetida!').'</strong></p> '; echo '<p class="error-text">'._('lo sentimos').'</p>'; echo '<p class="error-text"><a href="index.php?search='.htmlentities($url).'">'._('haz clic aquí para votar o comentar la noticia que enviaron antes').'</a>'; echo '<br style="clear: both;" /><br style="clear: both;" />' . "\n"; echo '<form id="genericform">'; echo '<input class="genericsubmit" type=button onclick="window.history.go(-1)" value="'._('« retroceder').'" />'; echo '</form>'. "\n"; echo '</div>'. "\n"; return; } $linkres->status='discard'; $linkres->author=$current_user->user_id; /***** Currently commented out until we find if it makes sense here // First delete last drafts, just in case to avoid triggering the anti spam measure $from = time() - 1800; $db->query("delete from links where link_date > from_unixtime($from) and link_author=$current_user->user_id and link_status='discard' and link_votes = 0"); *****/ // Now stores new draft $linkres->store(); echo '<h2>'._('envío de una nueva noticia: paso 2 de 3').'</h2>'."\n"; echo '<div id="genericform">'."\n"; echo '<form action="/submit.php" method="post" id="thisform">'."\n"; echo '<input type="hidden" name="url" id="url" value="'.$url.'" />'."\n"; echo '<input type="hidden" name="phase" value="2" />'."\n"; echo '<input type="hidden" name="randkey" value="'.intval($_POST['randkey']).'" />'."\n"; echo '<input type="hidden" name="id" value="'.$linkres->id.'" />'."\n"; echo '<fieldset><legend><span class="sign">'._('info de la noticia').'</span></legend>'."\n"; echo '<p class="genericformtxt"><label for="url_title" accesskey="1">'._('título de la página').': </label> '."\n"; echo $linkres->url_title; if($linkres->type() === 'blog') { echo '<br /> ('._('parece ser un blog').')</p>'."\n"; } else { echo "</p>\n"; } echo '</fieldset>'."\n"; echo '<fieldset><legend><span class="sign">'._('detalles de la noticia').'</span></legend>'."\n"; echo '<label for="title" accesskey="2">'._('título de la noticia').':</label>'."\n"; echo '<p><span class="genericformnote">'._('título de la noticia. máximo: 120 caracteres').'</span>'."\n"; echo '<br/><input type="text" id="title" name="title" value="'.$link_title.'" size="60" maxlength="120" /></p>'."\n"; echo '<label for="tags" accesskey="4">'._('etiquetas').':</label>'."\n"; echo '<p><span class="genericformnote"><strong>'._('pocas palabras, genéricas, cortas y separadas por "," (coma)').'</strong> Ejemplo: <em>web, programación, software libre</em></span>'."\n"; echo '<br/><input type="text" id="tags" name="tags" value="'.$link_tags.'" size="40" maxlength="40" /></p>'."\n"; echo '<p><label for="bodytext" accesskey="3">'._('descripción de la noticia').':</label>'."\n"; echo '<br /><span class="genericformnote">'._('describe la noticia con tus palabras. entre dos y cinco frases es suficiente. sé cuidadoso.').'</span>'."\n"; echo '<br/><textarea name="bodytext" rows="10" cols="60" id="bodytext" >'.$link_content.'</textarea></p>'."\n"; echo '<p><label accesskey="5">'._('categoría').':</label><br />'."\n"; echo '<span class="genericformnote">'._('selecciona la categoría más apropiada').'</span></p>'."\n"; echo '<div class="column-list">'."\n"; echo '<div class="categorylist">'."\n"; echo '<ul>'."\n"; $categories = $db->get_results("SELECT category_id, category_name FROM categories WHERE category_lang='$dblang' ORDER BY category_name ASC"); foreach ($categories as $category) { echo '<li><input name="category" type="radio" value="'.$category->category_id.'"/>'._($category->category_name).'</li>'."\n"; } // TODO: no standard echo '<br style="clear: both;" />' . "\n"; echo '</ul></div></div>'."\n"; echo '<p><label for="trackback">'._('trackback').':</label><br />'."\n"; echo '<span class="genericformnote">'._('puedes agregar o cambiar el trackback si ha sido detectado automáticamente').'</span>'."\n"; echo '<input type="text" name="trackback" id="trackback" value="'.$trackback.'" class="form-full" /></p>'."\n"; echo '<input class="genericsubmit" type="button" onclick="window.history.go(-1)" value="'._('« retroceder').'"> '."\n"; echo '<input class="genericsubmit" type="submit" value="'._('continuar »').'" />'."\n"; echo '</fieldset>'."\n"; echo '</form>'."\n"; echo '</div>'."\n"; echo '</div>'."\n"; }
function do_submit1() { global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user, $Story_Content_Tags_To_Allow; $linkres = new Link(); $main_smarty->assign('auto_vote', auto_vote); $main_smarty->assign('Submit_Show_URL_Input', Submit_Show_URL_Input); $main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL); $main_smarty->assign('link_id', sanitize($_POST['id'], 3)); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); $linkres->store(); $linkres->id = sanitize($_POST['id'], 3); $thecat = get_cached_category_data('category_id', $linkres->category); $main_smarty->assign('request_category_name', $thecat->category_name); if (!isset($_POST['summarytext'])) { $linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1); $linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); } else { $linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow); $linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); if (utf8_strlen($linkres->link_summary) > StorySummary_ContentTruncate) { loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true); $linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1); $linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); } } $sid = $_POST["sid"]; tags_insert_string($sid, $dblang, $linkres->tags); //$main_smarty->assign('the_story', $linkres->print_summary('full', true)); $main_smarty->assign('tags', $linkres->tags); if (!empty($linkres->tags)) { $tags_words = str_replace(",", ", ", $linkres->tags); $tags_url = urlencode($linkres->tags); $main_smarty->assign('tags_words', $tags_words); $main_smarty->assign('tags_url', $tags_url); } $main_smarty->assign('submit_url_title', $linkres->url_title); $main_smarty->assign('submit_id', $linkres->id); $main_smarty->assign('submit_title', str_replace('"', """, $link_title)); $main_smarty->assign('submit_content', $link_content); include mnminclude . 'redirector.php'; $x = new redirector($_SERVER['REQUEST_URI']); //$Sid=$_SESSION['newSid']; header("Location:" . my_base_url . my_pligg_base . "/story.php?title={$sid}"); $vars = ''; check_actions('do_submit2', $vars); $_SESSION['step'] = 2; $main_smarty->display($the_template . '/pligg.tpl'); }
function do_submit3() { global $db, $current_user; $linkres=new Link; $linkres->id=$link_id = intval($_POST['id']); $linkres->read(); // Check it is not in the queue already if($linkres->votes == 0 && $linkres->status != 'queued') { $linkres->status='queued'; $linkres->date=time(); $linkres->get_uri(); $linkres->store(); $linkres->insert_vote($current_user->user_id, $current_user->user_karma); $db->query("delete from links where link_author = $linkres->author and link_status='discard' and link_votes=0"); if(!empty($_POST['trackback'])) { require_once(mnminclude.'trackback.php'); $trackres = new Trackback; $trackres->url=preg_replace('/ /', '+', trim($_POST['trackback'])); $trackres->link=$linkres->id; $trackres->title=$linkres->title; $trackres->author=$linkres->author; $trackres->content=$linkres->content; $res = $trackres->send($linkres); } } header("Location: shakeit.php"); die; }
function akismet_showpage() { global $main_smarty, $the_template, $current_user, $db; force_authentication(); $canIhaveAccess = 0; $canIhaveAccess = $canIhaveAccess + checklevel('god'); if ($canIhaveAccess == 1) { if (phpnum() >= 5) { include_once akismet_lib_path . 'Akismet.class_5.php'; } else { include_once akismet_lib_path . 'Akismet.class_4.php'; } $navwhere['text1'] = 'Akismet'; $navwhere['link1'] = URL_akismet; define('pagename', 'akismet'); $main_smarty->assign('pagename', pagename); define('modulename', 'akismet'); $main_smarty->assign('modulename', modulename); if (isset($_REQUEST['view'])) { $view = sanitize($_REQUEST['view'], 3); } else { $view = ''; } if ($view == '') { $wordpress_key = get_misc_data('wordpress_key'); if ($wordpress_key == '') { header('Location: ' . URL_akismet . '&view=manageKey'); } $spam_links = get_misc_data('spam_links'); if ($spam_links != '') { $spam_links = unserialize(get_misc_data('spam_links')); } else { $spam_links = array(); } $main_smarty->assign('spam_links', $spam_links); $main_smarty->assign('spam_links_count', count($spam_links)); $spam_comments = get_misc_data('spam_comments'); if ($spam_comments != '') { $spam_comments = unserialize(get_misc_data('spam_comments')); } else { $spam_comments = array(); } $main_smarty->assign('spam_comments', $spam_comments); $main_smarty->assign('spam_comments_count', count($spam_comments)); $main_smarty = do_sidebar($main_smarty, $navwhere); $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel')); $main_smarty->assign('tpl_center', akismet_tpl_path . 'main'); $main_smarty->display($template_dir . '/admin/admin.tpl'); } if ($view == 'manageKey') { $wordpress_key = get_misc_data('wordpress_key'); $main_smarty->assign('wordpress_key', $wordpress_key); $main_smarty = do_sidebar($main_smarty, $navwhere); $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel')); $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageKey'); $main_smarty->display($template_dir . '/admin/admin.tpl'); } if ($view == 'updateKey') { if (isset($_REQUEST['key'])) { $wordpress_key = sanitize($_REQUEST['key'], 3); } else { $wordpress_key = ''; } misc_data_update('wordpress_key', $wordpress_key); header('Location: ' . URL_akismet); } if ($view == 'manageSpam') { $spam_links = get_misc_data('spam_links'); if ($spam_links != '') { $spam_links = unserialize(get_misc_data('spam_links')); } else { $spam_links = array(); } if (count($spam_links) > 0) { $sql = "SELECT " . table_links . ".* FROM " . table_links . " WHERE "; $sql .= 'link_id IN (' . implode(',', $spam_links) . ')'; $link_data = $db->get_results($sql); $main_smarty->assign('link_data', object_2_array($link_data)); } else { header('Location: ' . URL_akismet); } $main_smarty = do_sidebar($main_smarty, $navwhere); $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel')); $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpam'); $main_smarty->display($template_dir . '/admin/admin.tpl'); } if ($view == 'manageSettings') { $main_smarty = do_sidebar($main_smarty, $navwhere); $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel')); $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSettings'); $main_smarty->display($template_dir . '/admin/admin.tpl'); } /* if($view == 'isSpam'){ if(isset($_REQUEST['link_id'])){$link_id = sanitize($_REQUEST['link_id'], 3);}else{$link_id='';} $spam_links = get_misc_data('spam_links'); $spam_links = unserialize(get_misc_data('spam_links')); unset($spam_links[$link_id]); misc_data_update('spam_links', serialize($spam_links)); $link = new Link; $link->id = $link_id; $link->read(FALSE); $link->status = 'discard'; $link->store(); header('Location: ' . URL_akismet . '&view=manageSpam'); } if($view == 'isNotSpam'){ if(isset($_REQUEST['link_id'])){$link_id = sanitize($_REQUEST['link_id'], 3);}else{$link_id='';} $spam_links = get_misc_data('spam_links'); $spam_links = unserialize(get_misc_data('spam_links')); unset($spam_links[$link_id]); misc_data_update('spam_links', serialize($spam_links)); $link = new Link; $link->id = $link_id; $link->read(FALSE); $link->status = 'queued'; $link->store(); header('Location: ' . URL_akismet . '&view=manageSpam'); } if($view == 'addSpam'){ $spam_links[1] = 1; misc_data_update('spam_links', serialize($spam_links)); header('Location: ' . URL_akismet . '&view=manageSpam'); } */ if ($view == 'manageSpamcomments') { $spam_comments = get_misc_data('spam_comments'); if ($spam_comments != '') { $spam_comments = unserialize(get_misc_data('spam_comments')); } else { $spam_comments = array(); } if (count($spam_comments) > 0) { $sql = "SELECT * FROM " . table_prefix . "spam_comments WHERE "; $sql .= 'linkid IN (' . implode(',', $spam_comments) . ')'; $link_data = $db->get_results($sql); $user_cmt = new User(); $user_cmt_link = new Link(); $spam_output .= ' <form name="bulk_moderate" action="' . URL_akismet_isSpamcomment . '&action=bulkmod" method="post">'; $spam_output .= "<table>"; $spam_output .= "<tr><th>Author</th><th>Body</th><th>this is spam</th><th>this is NOT spam</th></tr>"; if ($link_data) { foreach ($link_data as $spam_cmts) { $user_cmt->id = $spam_cmts->userid; $user_cmt->read(); $user_name = $user_cmt->username; $user_cmt_link->id = $spam_cmts->linkid; $user_cmt_link->read(); $spam_output .= "<tr>"; $spam_output .= "<td>" . $user_name . "</td>"; $spam_output .= "<td>" . save_text_to_html($spam_cmts->cmt_content) . "</td>"; $spam_output .= '<td><center><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="spamcomment"></center></td>'; $spam_output .= '<td><center><input type="radio" name="spamcomment[' . $spam_cmts->auto_id . ']" id="spamcomment-' . $spam_cmts->auto_id . '" value="notspamcomment"></center></td>'; $spam_output .= "</tr>"; } } $spam_output .= "</table>"; $spam_output .= '<p align="right"><input type="submit" name="submit" value="Change Status" class="log2" /></p>'; $spam_output .= "</form>"; $main_smarty->assign('spam_output', $spam_output); $main_smarty->assign('link_data', object_2_array($link_data)); } else { header('Location: ' . URL_akismet); } $main_smarty = do_sidebar($main_smarty, $navwhere); $main_smarty->assign('posttitle', " / " . $main_smarty->get_config_vars('PLIGG_Visual_Header_AdminPanel')); $main_smarty->assign('tpl_center', akismet_tpl_path . 'manageSpamcomments'); $main_smarty->display($the_template . '/pligg.tpl'); } if ($view == 'isSpam') { if ($_GET['action'] == "bulkmod") { if (isset($_POST['submit'])) { $spam = array(); foreach ($_POST["spam"] as $k => $v) { $spam[intval($k)] = $v; } foreach ($spam as $key => $value) { if ($value == "spam") { if (isset($key)) { $link_id = sanitize($key, 3); } else { $link_id = ''; } $spam_links = get_misc_data('spam_links'); $spam_links = unserialize(get_misc_data('spam_links')); $key = array_search($link_id, $spam_links); unset($spam_links[$key]); misc_data_update('spam_links', serialize($spam_links)); $link = new Link(); $link->id = $link_id; $link->read(); $link->status = 'discard'; $link->store(); $user = new User(); $user->id = $link->author; $user->read(); $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key')); $akismet->setCommentAuthor($user->username); $akismet->setCommentAuthorEmail($user->email); $akismet->setCommentAuthorURL($link->url); $akismet->setCommentContent($link->content); $akismet->setPermalink(getmyurl('story', $link->id)); $akismet->submitSpam(); } elseif ($value == "notspam") { if (isset($key)) { $link_id = sanitize($key, 3); } else { $link_id = ''; } $spam_links = get_misc_data('spam_links'); $spam_links = unserialize(get_misc_data('spam_links')); $key = array_search($link_id, $spam_links); unset($spam_links[$key]); misc_data_update('spam_links', serialize($spam_links)); $link = new Link(); $link->id = $link_id; $link->read(FALSE); $link->status = 'queued'; $link->store(); $user = new User(); $user->id = $link->author; $user->read(); $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key')); $akismet->setCommentAuthor($user->username); $akismet->setCommentAuthorEmail($user->email); $akismet->setCommentAuthorURL($link->url); $akismet->setCommentContent($link->content); $akismet->setPermalink(getmyurl('story', $link->id)); $akismet->submitHam(); } } } } header('Location: ' . URL_akismet . '&view=manageSpam'); } if ($view == 'isSpamcomment') { if ($_GET['action'] == "bulkmod") { if (isset($_POST['submit'])) { $spamcomment = array(); foreach ($_POST["spamcomment"] as $k => $v) { $spamcomment[intval($k)] = $v; } foreach ($spamcomment as $key => $value) { if ($value == "spamcomment") { if (isset($key)) { $link_id = sanitize($key, 3); } else { $link_id = ''; } global $db; $spam_comments = get_misc_data('spam_comments'); $spam_comments = unserialize(get_misc_data('spam_comments')); $key = array_search($link_id, $spam_comments); unset($spam_comments[$key]); $sql_result = "Select * from " . table_prefix . "spam_comments where auto_id=" . $link_id; $result_arr = $db->get_results($sql_result); if ($result_arr) { foreach ($result_arr as $result_arr_comments) { $link = new Link(); $link->id = $result_arr_comments->linkid; $link->read(); $user = new User(); $user->id = $result_arr_comments->userid; $user->read(); $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key')); $akismet->setCommentAuthor($user->username); $akismet->setCommentAuthorEmail($user->email); $akismet->setCommentAuthorURL($link->url); $akismet->setCommentContent($result_arr_comments->cmt_content); $akismet->setPermalink(getmyurl('story', $link->id)); $akismet->submitSpam(); } } misc_data_update('spam_comments', serialize($spam_comments)); $db->query(' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id); } elseif ($value == "notspamcomment") { if (isset($key)) { $link_id = sanitize($key, 3); } else { $link_id = ''; } global $db; $spam_comments = get_misc_data('spam_comments'); $spam_comments = unserialize(get_misc_data('spam_comments')); $key = array_search($link_id, $spam_comments); unset($spam_comments[$key]); $sql_result = " Select * from " . table_prefix . "spam_comments where auto_id={$link_id}"; $result_arr = $db->get_results($sql_result); if ($result_arr) { foreach ($result_arr as $result_arr_comments) { $link = new Link(); $link->id = $result_arr_comments->linkid; $link->read(); $user = new User(); $user->id = $result_arr_comments->userid; $user->read(); $akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key')); $akismet->setCommentAuthor($user->username); $akismet->setCommentAuthorEmail($user->email); $akismet->setCommentAuthorURL($link->url); $akismet->setCommentContent($result_arr_comments->cmt_content); $akismet->setPermalink(getmyurl('story', $link->id)); $akismet->submitHam(); $sql = "INSERT INTO " . table_comments . " (comment_parent, comment_user_id, comment_link_id , comment_date, comment_randkey, comment_content) VALUES ({$result_arr_comments->cmt_parent}, {$result_arr_comments->userid}, {$result_arr_comments->linkid}, now(), '{$result_arr_comments->cmt_rand}', '{$result_arr_comments->cmt_content}')"; $db->query($sql); } } misc_data_update('spam_comments', serialize($spam_comments)); $sql_delete = ' Delete from ' . table_prefix . 'spam_comments where auto_id=' . $link_id; $db->query($sql_delete); $link->adjust_comment(1); $link->store(); } } } header('Location: ' . URL_akismet . '&view=manageSpamcomments'); } } } }
function spam_trigger_killspam($id) { global $db, $current_user; # include_once(mnminclude.'link.php'); # include_once(mnminclude.'votes.php'); $oldlevel = $current_user->user_level; $current_user->user_level = 'admin'; killspam($id); $current_user->user_level = $oldlevel; return; $db->query('UPDATE `' . table_users . "` SET user_enabled=0, `user_pass` = '63205e60098a9758101eeff9df0912ccaaca6fca3e50cdce3', user_level='Spammer' WHERE `user_id` = {$id}"); $db->query('UPDATE `' . table_links . '` SET `link_status` = "discard" WHERE `link_author` = "' . $id . '"'); $results = $db->get_results("SELECT comment_id, comment_link_id FROM `" . table_comments . "` WHERE `comment_user_id` = {$id}"); if ($results) { foreach ($results as $result) { $comment_id = $result->comment_id; $db->query('DELETE FROM `' . table_comments . '` WHERE `comment_id` = "' . $comment_id . '"'); $db->query('DELETE FROM `' . table_comments . '` WHERE `comment_parent` = "' . $comment_id . '"'); $link = new Link(); $link->id = $result->comment_link_id; $link->read(); $link->recalc_comments(); $link->store(); } } $results = $db->get_results("SELECT vote_id,vote_link_id FROM `" . table_votes . "` WHERE `vote_user_id` = {$id}"); if ($results) { foreach ($results as $result) { $db->query('DELETE FROM `' . table_votes . '` WHERE `vote_id` = "' . $result->vote_id . '"'); $link = new Link(); $link->id = $result->vote_link_id; $link->read(); $vote = new Vote(); $vote->type = 'links'; $vote->link = $result->vote_link_id; if (Voting_Method == 1) { $link->votes = $vote->count(); $link->reports = $link->count_all_votes("<0"); } elseif (Voting_Method == 2) { $link->votes = $vote->rating(); $link->votecount = $vote->count(); $link->reports = $link->count_all_votes("<0"); } $link->store_basic(); $link->check_should_publish(); } } $db->query('DELETE FROM `' . table_saved_links . '` WHERE `saved_user_id` = "' . $id . '"'); $db->query('DELETE FROM `' . table_trackbacks . '` WHERE `trackback_user_id` = "' . $id . '"'); $db->query('DELETE FROM `' . table_friends . '` WHERE `friend_id` = "' . $id . '"'); $db->query('DELETE FROM `' . table_messages . "` WHERE `sender`={$id} OR `receiver`={$id}"); }
function killspam($id) { global $db; require_once mnminclude . 'link.php'; require_once mnminclude . 'votes.php'; require_once mnminclude . 'tags.php'; $user = $db->get_row('SELECT * FROM ' . table_users . " where user_id={$id}"); if (!$user->user_id) { return; } canIChangeUser($user->user_level); $db->query('UPDATE `' . table_users . "` SET user_enabled=0, `user_pass` = '63205e60098a9758101eeff9df0912ccaaca6fca3e50cdce3', user_level = 'Spammer' WHERE `user_id` = {$id}"); $results = $db->get_results($sql = "SELECT comment_id, comment_link_id FROM `" . table_comments . "` WHERE `comment_user_id` = {$id}"); if ($results) { foreach ($results as $result) { $db->query($sql = 'UPDATE `' . table_comments . '` SET `comment_status` = "spam" WHERE `comment_id` = "' . $result->comment_id . '"'); $vars = array('comment_id' => $result->comment_id); check_actions('comment_spam', $vars); $link = new Link(); $link->id = $result->comment_link_id; $link->read(); $link->recalc_comments(); $link->store(); } } ban_ip($user->user_ip, $user->user_lastip); $results = $db->get_results("SELECT * FROM `" . table_groups . "` WHERE group_creator = '{$id}'"); if ($results) { foreach ($results as $result) { $db->query('DELETE FROM `' . table_group_member . '` WHERE member_group_id = ' . $result->group_id); $db->query('DELETE FROM `' . table_group_shared . '` WHERE share_group_id = ' . $result->group_id); } } $db->query("DELETE FROM `" . table_groups . "` WHERE group_creator = '{$id}'"); $results = $db->get_results("SELECT vote_id,vote_link_id FROM `" . table_votes . "` WHERE `vote_user_id` = {$id}"); if ($results) { foreach ($results as $result) { $db->query('DELETE FROM `' . table_votes . '` WHERE `vote_id` = "' . $result->vote_id . '"'); $link = new Link(); $link->id = $result->vote_link_id; $link->read(); $vote = new Vote(); $vote->type = 'links'; $vote->link = $result->vote_link_id; if (Voting_Method == 1) { $link->votes = $vote->count(); $link->reports = $link->count_all_votes("<0"); } elseif (Voting_Method == 2) { $link->votes = $vote->rating(); $link->votecount = $vote->count(); $link->reports = $link->count_all_votes("<0"); } elseif (Voting_Method == 3) { $link->votes = $vote->count(); $link->karma = $vote->karma(); $link->reports = $link->count_all_votes("<0"); } $link->store_basic(); $link->check_should_publish(); } } $results = $db->get_results($sql = "SELECT link_id, link_url FROM `" . table_links . "` WHERE `link_author` = {$id}"); global $USER_SPAM_RULESET, $FRIENDLY_DOMAINS; $filename = mnmpath . $USER_SPAM_RULESET; $lines = file($filename, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $approved = file(mnmpath . $FRIENDLY_DOMAINS, FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); if ($results) { foreach ($results as $result) { if (preg_match('/:\\/\\/(www\\.)?([^\\/]+)(\\/|$)/', $result->link_url, $m)) { $domain = strtoupper($m[2]) . "\n"; if (!in_array($domain, $lines) && !in_array($domain, $approved)) { $lines[] = $domain; $changed = 1; } } $vars = array('link_id' => $result->link_id); check_actions('story_spam', $vars); } } if ($changed) { if (is_writable($filename)) { if ($handle = fopen($filename, 'w')) { fwrite($handle, join("\n", $lines)); fclose($handle); } } } $db->query($sql = 'UPDATE `' . table_links . '` SET `link_status` = "spam" WHERE `link_author` = "' . $id . '"'); $db->query('DELETE FROM `' . table_saved_links . '` WHERE `saved_user_id` = "' . $id . '"'); $db->query('DELETE FROM `' . table_trackbacks . '` WHERE `trackback_user_id` = "' . $id . '"'); $db->query('DELETE FROM `' . table_friends . '` WHERE `friend_id` = "' . $id . '"'); $db->query('DELETE FROM `' . table_messages . "` WHERE `sender`={$id} OR `receiver`={$id}"); }
function do_the_import_stuff($feed) { global $db, $dblang, $RSSImport; $RSSImport = new RSSImport(); $added_one = false; $url = $feed->feed_url; $rss = fetch_rss($url); if ($_GET['override'] == $feed->feed_id) { $canIhaveAccess = 0; $canIhaveAccess = $canIhaveAccess + checklevel('god'); if (!$canIhaveAccess == 1) { die('You are not authorized to override.'); } } $MyArray = array(); $Feed_Links = $RSSImport->get_feed_field_links($feed->feed_id); if (count($Feed_Links) > 0) { foreach ($Feed_Links as $link) { if ($link->pligg_field == 'link_title') { $MyArray['title'] = $link->feed_field; } if ($link->pligg_field == 'link_content') { $MyArray['content'] = $link->feed_field; } if ($link->pligg_field == 'link_url') { $MyArray['link_url'] = $link->feed_field; } if ($link->pligg_field == 'link_tags') { $MyArray['link_tags'] = $link->feed_field; } if ($link->pligg_field == 'link_field1') { $MyArray['link_field1'] = $link->feed_field; } if ($link->pligg_field == 'link_field2') { $MyArray['link_field2'] = $link->feed_field; } if ($link->pligg_field == 'link_field3') { $MyArray['link_field3'] = $link->feed_field; } if ($link->pligg_field == 'link_field4') { $MyArray['link_field4'] = $link->feed_field; } if ($link->pligg_field == 'link_field5') { $MyArray['link_field5'] = $link->feed_field; } if ($link->pligg_field == 'link_field6') { $MyArray['link_field6'] = $link->feed_field; } if ($link->pligg_field == 'link_field7') { $MyArray['link_field7'] = $link->feed_field; } if ($link->pligg_field == 'link_field8') { $MyArray['link_field8'] = $link->feed_field; } if ($link->pligg_field == 'link_field9') { $MyArray['link_field9'] = $link->feed_field; } if ($link->pligg_field == 'link_field10') { $MyArray['link_field10'] = $link->feed_field; } if ($link->pligg_field == 'link_field11') { $MyArray['link_field11'] = $link->feed_field; } if ($link->pligg_field == 'link_field12') { $MyArray['link_field12'] = $link->feed_field; } if ($link->pligg_field == 'link_field13') { $MyArray['link_field13'] = $link->feed_field; } if ($link->pligg_field == 'link_field14') { $MyArray['link_field14'] = $link->feed_field; } if ($link->pligg_field == 'link_field15') { $MyArray['link_field15'] = $link->feed_field; } } $thecount = 0; if ($feed->feed_last_item_first == 0) { $the_items = array_reverse($rss->items); } else { $the_items = $rss->items; } foreach ($the_items as $item) { echo "<strong>Title: " . get_val($item, $MyArray['title']) . "</strong><br/>"; echo "<strong>Content:</strong> " . strip_tags(substr(get_val($item, $MyArray['content']), 0, 256)) . "...<br>"; echo "<strong>URL:</strong> " . get_val($item, $MyArray['link_url']) . "<br/>"; $skipthis = 0; $linkres = new Link(); $linkres->randkey = rand(10000, 10000000); $linkres->status = $feed->feed_status; $linkres->author = $feed->feed_submitter; $linkres->title = get_val($item, $MyArray['title']); $linkres->title = strip_tags($linkres->title); $linkres->tags = get_val($item, $MyArray['link_tags']); // MJE: MOD to include title words as tags ---------------------------- if (trim($linkres->tags) == '') { $temp1 = strtolower($linkres->title); $stopwords = file(mnmpath . '/modules/rss_import/templates/stopwords.txt'); for ($zz = 0; $zz < count($stopwords); $zz++) { $pos = strpos($temp1, $stopwords[$zz] . ' '); if ($pos !== false && $pos == 0) { $temp1 = str_replace(trim($stopwords[$zz]) . ' ', ' ', $temp1); } $temp1 = str_replace(' ' . trim($stopwords[$zz]) . ' ', ' ', $temp1); } $pos = strpos($temp1, ' '); while ($pos !== false) { $temp1 = str_replace(' ', ' ', $temp1); $pos = strpos($temp1, ' '); } $temp1 = str_replace(' ', ", ", $temp1); // $out = ereg_replace("[^[:alpha:]]", "", $in); // strip all except letters and spaces and commas $linkres->tags = preg_replace('/[^a-z A-Z,]+/i', '', $temp1); } //---------------------------------------------------------------------- if (checklevel('god')) { $Story_Content_Tags_To_Allow = Story_Content_Tags_To_Allow_God; } elseif (checklevel('admin')) { $Story_Content_Tags_To_Allow = Story_Content_Tags_To_Allow_Admin; } else { $Story_Content_Tags_To_Allow = Story_Content_Tags_To_Allow_Normal; } $linkres->title_url = makeUrlFriendly($linkres->title); $linkres->url = get_val($item, $MyArray['link_url']); $linkres->url_title = $linkres->title; $linkres->content = get_val($item, $MyArray['content']); $linkres->content = strip_tags($linkres->content, $Story_Content_Tags_To_Allow); $linkres->content = str_replace("\n", "<br />", $linkres->content); $linkres->link_field1 = get_val($item, $MyArray['link_field1']); $linkres->link_field2 = get_val($item, $MyArray['link_field2']); $linkres->link_field3 = get_val($item, $MyArray['link_field3']); $linkres->link_field4 = get_val($item, $MyArray['link_field4']); $linkres->link_field5 = get_val($item, $MyArray['link_field5']); $linkres->link_field6 = get_val($item, $MyArray['link_field6']); $linkres->link_field7 = get_val($item, $MyArray['link_field7']); $linkres->link_field8 = get_val($item, $MyArray['link_field8']); $linkres->link_field9 = get_val($item, $MyArray['link_field9']); $linkres->link_field10 = get_val($item, $MyArray['link_field10']); $linkres->link_field11 = get_val($item, $MyArray['link_field11']); $linkres->link_field12 = get_val($item, $MyArray['link_field12']); $linkres->link_field13 = get_val($item, $MyArray['link_field13']); $linkres->link_field14 = get_val($item, $MyArray['link_field14']); $linkres->link_field15 = get_val($item, $MyArray['link_field15']); $linkres->category = $feed->feed_category; //MJE: MOD $linkres->link_summary = utf8_substr(strip_tags($linkres->content), 0, StorySummary_ContentTruncate - 1); //--------- if ($thecount >= $feed->feed_item_limit && $skipthis == 0) { echo "Reached import limit, skipping<HR>"; $skipthis = 1; } if ($feed->feed_title_dupe == 0 && $skipthis == 0) { // 0 means don't allow, 1 means allow if ($linkres->duplicates_title($linkres->title) > 0) { //echo "Title Match, skipping: " . $linkres->title . "<HR>"; echo '<span style="color:#fc0000;">Title Match, skipping</span> <hr>'; $skipthis = 1; } } if ($feed->feed_url_dupe == 0 && $linkres->url != "" && $skipthis == 0) { // 0 means don't allow, 1 means allow if ($linkres->duplicates($linkres->url) > 0) { //echo "URL Match, skipping: " . $linkres->title . "<HR>"; echo '<span style="color:#fc0000;">URL Match, skipping</span> <hr>'; $skipthis = 1; } } if ($skipthis == 0) { echo "Importing <hr>"; $added_one = true; $linkres->store(); totals_adjust_count($linkres->status, 1); tags_insert_string($linkres->id, $dblang, $linkres->tags); require_once mnminclude . 'votes.php'; if ($feed->feed_random_vote_enable == 1) { $feed->feed_votes = rand($feed->feed_random_vote_min, $feed->feed_random_vote_max); } $votes = 0; for ($i = 1; $i <= $feed->feed_votes; $i++) { $value = 1; $vote = new Vote(); $vote->type = 'links'; $vote->user = 0; $vote->link = $linkres->id; $vote->ip = '0.0.0.' . $i; $vote->value = $value; $vote->insert(); $vote = ""; $votes += $value; // $vote = new Vote; // $vote->type='links'; // $vote->link=$linkres->id; } $linkres->votes = $votes; $linkres->store_basic(); $linkres->check_should_publish(); $thecount = $thecount + 1; } } $sql = "UPDATE `" . table_feeds . "` SET `feed_last_check` = FROM_UNIXTIME(" . (time() - 300) . ") WHERE `feed_id` = {$feed->feed_id};"; //echo $sql; $db->query($sql); } else { echo "Feed not fully setup, skipping <hr>"; } if ($added_one) { return true; } else { return false; } }
// 0 means don't allow, 1 means allow if ($linkres->duplicates_title($linkres->title) > 0) { echo "Title Match, skipping: " . $linkres->title . "<HR>"; $skipthis = 1; } } if ($feed->feed_url_dupe == 0 && $linkres->url != "" && $skipthis == 0) { // 0 means don't allow, 1 means allow if ($linkres->duplicates($linkres->url) > 0) { echo "URL Match, skipping: " . $linkres->title . "<HR>"; $skipthis = 1; } } if ($skipthis == 0) { echo "Importing <hr>"; $linkres->store(); tags_insert_string($linkres->id, $dblang, $linkres->tags); require_once mnminclude . 'votes.php'; for ($i = 1; $i <= $feed->feed_votes; $i++) { $value = 10; $vote = new Vote(); $vote->type = 'links'; $vote->user = 0; $vote->link = $linkres->id; $vote->ip = '0.0.0.' . $i; $vote->value = $value; $vote->insert(); $vote = ""; $vote = new Vote(); $vote->type = 'links'; $vote->link = $linkres->id;
function do_submit1() { global $db, $dblang, $current_user, $globals, $errors; $url = clean_input_url(urldecode($_POST['url'])); $url = preg_replace('/#[^\\/]*$/', '', $url); // Remove the "#", people just abuse $url = preg_replace('/^http:\\/\\/http:\\/\\//', 'http://', $url); // Some users forget to delete the foo http:// if (!preg_match('/^\\w{3,6}:\\/\\//', $url)) { // http:// forgotten, add it $url = 'http://' . $url; } $new_user = false; if (!check_link_key()) { add_submit_error(_('clave incorrecta')); return false; } if ($globals['min_karma_for_links'] > 0 && $current_user->user_karma < $globals['min_karma_for_links']) { add_submit_error(_('no tienes el mínimo de karma para enviar una nueva historia')); return false; } // Don't allow to send a link by a clone $hours = intval($globals['user_links_clon_interval']); $clones = $current_user->get_clones($hours + 1); if ($hours > 0 && $clones) { $l = implode(',', $clones); $c = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval {$hours} hour) and link_author in ({$l})"); if ($c > 0) { add_submit_error(_('ya se envió con otro usuario «clon» en las últimas horas') . ", " . _('disculpa las molestias')); syslog(LOG_NOTICE, "Meneame, clon submit ({$current_user->user_login}): " . $_REQUEST['url']); return false; } } // Check the number of links sent by a user $queued_24_hours = (int) $db->get_var("select count(*) from links where link_status!='published' and link_date > date_sub(now(), interval 24 hour) and link_author={$current_user->user_id}"); if ($globals['limit_user_24_hours'] && $queued_24_hours > $globals['limit_user_24_hours']) { add_submit_error(_('debes esperar, tienes demasiados envíos en cola de las últimas 24 horas') . " ({$queued_24_hours}), " . _('disculpa las molestias')); syslog(LOG_NOTICE, "Meneame, too many queued in 24 hours ({$current_user->user_login}): " . $_REQUEST['url']); return false; } // check the URL is OK and that it resolves $url_components = @parse_url($url); if (!$url_components || !$url_components['host'] || gethostbyname($url_components['host']) == $url_components['host']) { add_submit_error(_('URL o nombre de servidor erróneo'), _('el nombre del servidor es incorrecto o éste tiene problemas para resolver el nombre')); syslog(LOG_NOTICE, "Meneame, hostname error ({$current_user->user_login}): {$url}"); return false; } $enqueued_last_minutes = (int) $db->get_var("select count(*) from links where link_status='queued' and link_date > date_sub(now(), interval 3 minute)"); if ($current_user->user_karma > $globals['limit_3_minutes_karma']) { $enqueued_limit = $globals['limit_3_minutes'] * 1.5; } else { $enqueued_limit = $globals['limit_3_minutes']; } if ($enqueued_last_minutes > $enqueued_limit) { //echo '<p class="error"><strong>'._('exceso de envíos').':</strong></p>'; //echo '<p>'._('se han enviado demasiadas historias en los últimos 3 minutos'). " ($enqueued_last_minutes > $enqueued_limit), "._('disculpa las molestias'). ' </p>'; //echo '</div>'. "\n"; add_submit_error(_('exceso de envíos'), _('se han enviado demasiadas historias en los últimos 3 minutos') . " ({$enqueued_last_minutes} > {$enqueued_limit}), " . _('disculpa las molestias')); syslog(LOG_NOTICE, "Meneame, too many queued ({$current_user->user_login}): " . $_REQUEST['url']); return false; } // Check the user does not have too many drafts $minutes = intval($globals['draft_time'] / 60) + 10; $drafts = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval {$minutes} minute) and link_status='discard' and link_votes = 0"); if ($drafts > $globals['draft_limit']) { add_submit_error(_('demasiados borradores'), _('has hecho demasiados intentos, debes esperar o continuar con ellos desde la') . ' <a href="shakeit.php?meta=_discarded">' . _('cola de descartadas') . '</a></p>'); syslog(LOG_NOTICE, "Meneame, too many drafts ({$current_user->user_login}): " . $_REQUEST['url']); return false; } // Delete dangling drafts if ($drafts > 0) { $db->query("delete from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 30 minute) and link_date < date_sub(now(), interval 10 minute) and link_status='discard' and link_votes = 0"); } // Check for banned IPs if (($ban = check_ban($globals['user_ip'], 'ip', true)) || ($ban = check_ban_proxy())) { if ($ban['expire'] > 0) { $expires = _('caduca') . ': ' . get_date_time($ban['expire']); } else { $expires = ''; } add_submit_error(_('dirección IP no permitida para enviar'), $expires); syslog(LOG_NOTICE, "Meneame, banned IP " . $globals['user_ip'] . " ({$current_user->user_login}): {$url}"); return false; } // Number of links sent by the user $total_sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id}") - $drafts; if ($total_sents > 0) { $sents = (int) $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)") - $drafts; } else { $new_user = true; $sents = 0; } $register_date = $current_user->Date(); if ($globals['now'] - $register_date < $globals['new_user_time']) { $new_user = true; } // check that a new user also votes, not only sends links // it requires $globals['min_user_votes'] votes if ($new_user && $globals['min_user_votes'] > 0 && $current_user->user_karma < $globals['new_user_karma']) { $user_votes_total = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_user_id={$current_user->user_id}"); $user_votes = (int) $db->get_var("select count(*) from votes where vote_type='links' and vote_date > date_sub(now(), interval 72 hour) and vote_user_id={$current_user->user_id}"); $user_links = 1 + $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 24 hour) and link_status != 'discard'"); $total_links = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 24 hour) and link_status = 'queued'"); if ($sents == 0) { // If is a new user, requires more votes, to avoid spam $min_votes = $globals['min_user_votes']; } else { $min_votes = min(4, intval($total_links / 20)) * $user_links; } if (!$current_user->admin && $user_votes < $min_votes) { $needed = $min_votes - $user_votes; if ($new_user) { add_submit_error(_('¿es la primera vez que envías una historia?'), _('necesitas como mínimo') . " {$needed} " . _('votos')); } else { add_submit_error(_('no tienes el mínimo de votos necesarios para enviar una nueva historia'), _('necesitas votar como mínimo a') . " {$needed} " . _('envíos')); } add_submit_error(_('no votes de forma apresurada, penaliza el karma'), '<a href="' . $globals['base_url'] . 'shakeit.php" target="_blank">' . _('haz clic aquí para ir a votar') . '</a>'); return false; } } // avoid spams, an extra security check // it counts the numbers of links in the last hours if ($new_user) { $user_links_limit = $globals['new_user_links_limit']; $user_links_interval = intval($globals['new_user_links_interval'] / 3600); } else { $user_links_limit = $globals['user_links_limit']; $user_links_interval = intval($globals['user_links_interval'] / 3600); } $same_user = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author={$current_user->user_id}") - $drafts; $same_ip = (int) $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_ip = '" . $globals['user_ip'] . "'") - $drafts; if ($same_user > $user_links_limit || $same_ip > $user_links_limit) { add_submit_error(_('debes esperar, ya se enviaron varias con el mismo usuario o dirección IP')); return false; } // avoid users sending continuous "rubbish" or "propaganda", specially new users // it takes in account the number of positive votes in the last six hours if ($same_user > 1 && $current_user->user_karma < $globals['karma_propaganda']) { $positives_received = $db->get_var("select sum(link_votes) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}"); $negatives_received = $db->get_var("select sum(link_negatives) from links where link_date > date_sub(now(), interval {$user_links_interval} hour) and link_author = {$current_user->user_id}"); if ($negatives_received > 10 && $negatives_received > $positives_received * 1.5) { add_submit_error(_('debes esperar, has tenido demasiados votos negativos en tus últimos envíos')); return false; } } $link = new Link(); $link->url = $url; $link->is_new = true; // Disable several options in the editing form $edit = false; if (report_duplicated($url)) { return true; } // Don't output error messages if (!$link->check_url($url, true, true) || !$link->get($url)) { $e = _('URL erróneo o no permitido') . ': '; if ($link->ban && $link->ban['match']) { $e .= $link->ban['match']; } else { $e .= $link->url; } add_submit_error($e, _('Razón') . ': ' . $link->ban['comment']); if ($link->ban['expire'] > 0) { add_submit_error($e, _('caduca') . ': ' . get_date_time($link->ban['expire'])); } return false; } // If the URL has changed, check again is not dupe if ($link->url != $url && report_duplicated($link->url)) { return; } $link->randkey = intval($_POST['randkey']); if (!$link->valid) { //echo '<p class="error"><strong>'._('error leyendo el url').':</strong> '.htmlspecialchars($url).'</p>'; $e = _('error leyendo el url') . ': ' . htmlspecialchars($url); // Dont allow new users with low karma to post wrong URLs if ($current_user->user_karma < 8 && $current_user->user_level == 'normal') { add_submit_error($e, _('URL inválido, incompleto o no permitido. Está fuera de línea, o tiene mecanismos antibots.')); return false; } add_submit_error($e, _('no es válido, está fuera de línea, o tiene mecanismos antibots. <strong>Continúa</strong>, pero asegúrate que sea correcto')); } $link->status = 'discard'; $link->author = $current_user->user_id; if (!$link->pingback()) { $link->trackback(); } $link->trackback = htmlspecialchars($link->trackback); $link->create_blog_entry(); $blog = new Blog(); $blog->id = $link->blog; $blog->read(); $blog_url_components = @parse_url($blog->url); $blog_url = $blog_url_components['host'] . $blog_url_components['path']; // Now we check again against the blog table // it's done because there could be banned blogs like http://lacotelera.com/something if ($ban = check_ban($blog->url, 'hostname', false, true)) { $e = _('URL inválido') . ': ' . htmlspecialchars($url); add_submit_error($e, _('el sitio') . ' ' . $ban['match'] . ' ' . _('está deshabilitado') . ' (' . $ban['comment'] . ')'); if ($ban['expire'] > 0) { add_submit_error($e, _('caduca') . ': ' . get_date_time($ban['expire'])); } syslog(LOG_NOTICE, "Meneame, banned site ({$current_user->user_login}): {$blog->url} <- " . $_REQUEST['url']); return false; } // check for users spamming several sites and networks // it does not allow a low "entropy" if ($sents > 30) { $ratio = (double) $db->get_var("select count(distinct link_blog)/count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day)"); $threshold = 1 / log($sents, 2); if ($ratio < $threshold) { if ($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog = {$blog->id}") > 2) { syslog(LOG_NOTICE, "Meneame, forbidden due to low entropy: {$ratio} < {$threshold} ({$current_user->user_login}): {$link->url}"); add_submit_error(_('ya has enviado demasiados enlaces a los mismos sitios'), _('varía las fuentes, podría ser considerado spam')); return false; } } } // Check the user does not send too many images or vídeos // they think this is a fotolog if ($sents > 5 && ($link->content_type == 'image' || $link->content_type == 'video')) { $image_links = intval($db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_content_type in ('image', 'video')")); if ($image_links > $sents * 0.8) { syslog(LOG_NOTICE, "Meneame, forbidden due to too many images or video sent by user ({$current_user->user_login}): {$link->url}"); add_submit_error(_('ya has enviado demasiadas imágenes o vídeos')); return false; } } // Avoid users sending too many links to the same site in last hours $hours = 24; $same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$hours} hour) and link_author={$current_user->user_id} and link_blog={$link->blog} and link_votes > 0"); if ($same_blog >= $globals['limit_same_site_24_hours']) { syslog(LOG_NOTICE, "Meneame, forbidden due to too many links to the same site in last {$hours} hours ({$current_user->user_login}): {$link->url}"); add_submit_error(_('demasiados enlaces al mismo sitio en las últimas horas')); return false; } // avoid auto-promotion (autobombo) $minutes = 30; $same_blog = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval {$minutes} minute) and link_author={$current_user->user_id} and link_blog={$link->blog} and link_votes > 0"); if ($same_blog > 0 && $current_user->user_karma < 12) { syslog(LOG_NOTICE, "Meneame, forbidden due to short period between links to same site ({$current_user->user_login}): {$link->url}"); add_submit_error(_('ya has enviado un enlace al mismo sitio hace poco tiempo'), _('debes esperar') . " {$minutes} " . _('minutos entre cada envío al mismo sitio.') . ', ' . '<a href="' . $globals['base_url'] . 'faq-' . $dblang . '.php">' . _('lee el FAQ') . '</a>'); return false; } // Avoid spam (autobombo), count links in last two months $same_blog = $db->get_var("select count(*) from links where link_author={$current_user->user_id} and link_date > date_sub(now(), interval 60 day) and link_blog={$link->blog}"); $check_history = $sents > 3 && $same_blog > 0 && ($ratio = $same_blog / $sents) > 0.5; if ($check_history) { $e = _('has enviado demasiados enlaces a') . " {$blog->url}"; if ($sents > 5 && $ratio > 0.75) { add_submit_error($e, _('has superado los límites de envíos de este sitio')); // don't allow to continue syslog(LOG_NOTICE, "Meneame, warn, high ratio, process interrumped ({$current_user->user_login}): {$link->url}"); return false; } else { add_submit_error($e, _('continúa, pero ten en cuenta podría recibir votos negativos') . ', ' . '<a href="' . $globals['base_url'] . $globals['legal'] . '">' . _('condiciones de uso') . '</a>'); syslog(LOG_NOTICE, "Meneame, warn, high ratio, continue ({$current_user->user_login}): {$link->url}"); } } $links_12hs = $db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour)"); // check there is no an "overflow" from the same site $site_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_blog={$link->blog} and link_status in ('queued')")); if ($site_links > 10 && $site_links > $links_12hs * 0.05) { // Only 5% from the same site syslog(LOG_NOTICE, "Meneame, forbidden due to overflow to the same site ({$current_user->user_login}): {$link->url}"); add_submit_error(_('ya se han enviado demasiadas artículos del mismo sitio, espera unos minutos por favor'), _('total en 12 horas') . ": {$site_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05)); return false; } // check there is no an "overflow" of images if ($link->content_type == 'image' || $link->content_type == 'video') { $image_links = intval($db->get_var("select count(*) from links where link_date > date_sub(now(), interval 12 hour) and link_content_type in ('image', 'video')")); if ($image_links > 5 && $image_links > $links_12hs * 0.15) { // Only 15% images and videos syslog(LOG_NOTICE, "Meneame, forbidden due to overflow images ({$current_user->user_login}): {$link->url}"); add_submit_error(_('ya se han enviado demasiadas imágenes o vídeos, espera unos minutos por favor'), _('total en 12 horas') . ": {$image_links} , " . _('el máximo actual es') . ': ' . intval($links_12hs * 0.05)); return false; } } if ($ban = check_ban($link->url, 'punished_hostname', false, true)) { add_submit_error(_('Aviso') . ' ' . $ban['match'] . ': <em>' . $ban['comment'] . '</em>', _('mejor enviar el enlace a la fuente original, si no, será penalizado')); } // Now stores new draft $link->sent_date = $link->date = time(); $link->key = $_POST['key']; $link->randkey = $_POST['randkey']; $link->store(); $link->url_title = mb_substr($link->url_title, 0, 200); if (mb_strlen($link->url_description) > 40) { $link->content = $link->url_description; } $link->chars_left = 550 - mb_strlen(html_entity_decode($link->content, ENT_COMPAT, 'UTF-8'), 'UTF-8'); Haanga::Load('link/submit1.html', compact('link', 'errors')); return true; }
function do_submit3() { global $db, $current_user; $linkres = new Link(); $linkres->id = $link_id = intval($_POST['id']); if (!check_link_key() || !$linkres->read()) { die; } // Check it is not in the queue already if ($linkres->votes == 0 && $linkres->status != 'queued') { $linkres->status = 'queued'; $linkres->sent_date = $linkres->date = time(); $linkres->get_uri(); $linkres->store(); $linkres->insert_vote($current_user->user_id, $current_user->user_karma); // Add the new link log/event require_once mnminclude . 'log.php'; log_conditional_insert('link_new', $linkres->id, $linkres->author); $db->query("delete from links where link_author = {$linkres->author} and link_date > date_sub(now(), interval 30 minute) and link_status='discard' and link_votes=0"); if (!empty($_POST['trackback'])) { require_once mnminclude . 'trackback.php'; $trackres = new Trackback(); $trackres->url = clean_input_url($_POST['trackback']); $trackres->link_id = $linkres->id; $trackres->link = $linkres->url; //$trackres->title=$linkres->title; $trackres->author = $linkres->author; //$trackres->content=$linkres->content; $res = $trackres->send($linkres); } fork("backend/send_pingbacks.php?id={$linkres->id}"); } header('Location: ' . $linkres->get_permalink()); die; }
function do_submit3() { global $db, $current_user; $linkres = new Link(); $linkres->id = $link_id = intval($_POST['id']); $linkres->read(); // Check it is not in the queue already if ($linkres->votes == 0 && $linkres->status != 'queued') { $linkres->status = 'queued'; $linkres->date = time(); $linkres->get_uri(); $linkres->store(); $linkres->insert_vote($current_user->user_id, $current_user->user_karma); // Add the new link log/event require_once mnminclude . 'log.php'; log_conditional_insert('link_new', $linkres->id, $linkres->author); $db->query("delete from links where link_author = {$linkres->author} and link_status='discard' and link_votes=0"); if (!empty($_POST['trackback'])) { require_once mnminclude . 'trackback.php'; $trackres = new Trackback(); $trackres->url = clean_input_url($_POST['trackback']); $trackres->link = $linkres->id; $trackres->title = $linkres->title; $trackres->author = $linkres->author; $trackres->content = $linkres->content; $res = $trackres->send($linkres); } } header("Location: shakeit.php"); die; }
function do_submit2() { global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user, $Story_Content_Tags_To_Allow; $main_smarty->assign('auto_vote', auto_vote); $main_smarty->assign('Submit_Show_URL_Input', Submit_Show_URL_Input); $main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL); $main_smarty->assign('link_id', sanitize($_POST['id'], 3)); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); if ($current_user->authenticated != TRUE) { $vars = array('username' => $current_user->user_login); check_actions('register_check_errors', $vars); } check_actions('submit2_check_errors', $vars); if ($vars['error'] == true) { // No action } $linkres = new Link(); $linkres->id = sanitize($_POST['id'], 3); if ($_SESSION['step'] != 1) { die('Wrong step'); } if (!is_numeric($linkres->id)) { die; } if (!$linkres->verify_ownership($current_user->user_id)) { die($main_smarty->get_config_vars('PLIGG_Visual_Submit2Errors_NoAccess')); } $linkres->read(FALSE); if ($linkres->votes($current_user->user_id) == 0 && auto_vote == true) { $linkres->insert_vote($current_user->user_id, '10'); $linkres->store_basic(); $linkres->read(FALSE); } if (is_array($_POST['category'])) { $linkres->category = sanitize($_POST['category'][0], 3); $linkres->additional_cats = array_slice($_POST['category'], 1); } else { $linkres->category = sanitize($_POST['category'], 3); } $thecat = get_cached_category_data('category_id', $linkres->category); $main_smarty->assign('request_category_name', $thecat->category_name); $linkres->title = stripslashes(sanitize($_POST['title'], 3)); $linkres->title_url = makeUrlFriendly($linkres->title, $linkres->id); $linkres->tags = tags_normalize_string(stripslashes(sanitize($_POST['tags'], 3))); $linkres->content = close_tags(stripslashes(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow))); //$linkres->content = str_replace("\n", "<br />", $linkres->content); if (isset($_POST['link_field1'])) { $linkres->link_field1 = sanitize($_POST['link_field1'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field2'])) { $linkres->link_field2 = sanitize($_POST['link_field2'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field3'])) { $linkres->link_field3 = sanitize($_POST['link_field3'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field4'])) { $linkres->link_field4 = sanitize($_POST['link_field4'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field5'])) { $linkres->link_field5 = sanitize($_POST['link_field5'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field6'])) { $linkres->link_field6 = sanitize($_POST['link_field6'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field7'])) { $linkres->link_field7 = sanitize($_POST['link_field7'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field8'])) { $linkres->link_field8 = sanitize($_POST['link_field8'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field9'])) { $linkres->link_field9 = sanitize($_POST['link_field9'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field10'])) { $linkres->link_field10 = sanitize($_POST['link_field10'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field11'])) { $linkres->link_field11 = sanitize($_POST['link_field11'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field12'])) { $linkres->link_field12 = sanitize($_POST['link_field12'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field13'])) { $linkres->link_field13 = sanitize($_POST['link_field13'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field14'])) { $linkres->link_field14 = sanitize($_POST['link_field14'], 4, $Story_Content_Tags_To_Allow); } if (isset($_POST['link_field15'])) { $linkres->link_field15 = sanitize($_POST['link_field15'], 4, $Story_Content_Tags_To_Allow); } if (!isset($_POST['summarytext'])) { $linkres->link_summary = utf8_substr(sanitize($_POST['bodytext'], 4, $Story_Content_Tags_To_Allow), 0, StorySummary_ContentTruncate - 1); //$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); } else { $linkres->link_summary = sanitize($_POST['summarytext'], 4, $Story_Content_Tags_To_Allow); //$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); if (utf8_strlen($linkres->link_summary) > StorySummary_ContentTruncate) { loghack('SubmitAStory-SummaryGreaterThanLimit', 'username: '******'|email: ' . sanitize($_POST["email"], 3), true); $linkres->link_summary = utf8_substr($linkres->link_summary, 0, StorySummary_ContentTruncate - 1); //$linkres->link_summary = close_tags(str_replace("\n", "<br />", $linkres->link_summary)); } } //get link_group_id if (isset($_REQUEST['link_group_id']) && $_REQUEST['link_group_id'] != '') { $linkres->link_group_id = intval($_REQUEST['link_group_id']); } else { $linkres->link_group_id = 0; } $linkres->store(); if (link_errors($linkres)) { return; } //comment subscription if (isset($_POST['comment_subscription'])) { $vars = array('link_id' => $linkres->id); check_actions('comment_subscription_insert_function', $vars); } //comment subscription if (isset($_POST['timestamp_date_day'])) { //open date $timestamp_date_day = $_POST['timestamp_date_day']; $timestamp_date_month = $_POST['timestamp_date_month']; $timestamp_date_year = $_POST['timestamp_date_year']; if (!is_numeric($timestamp_date_day) || !is_numeric($timestamp_date_month) || !is_numeric($timestamp_date_year)) { $timestamp_date = date("m-d-Y"); } else { $timestamp_date = $timestamp_date_month . "-" . $timestamp_date_day . "-" . $timestamp_date_year; } $vars = array('link_id' => $linkres->id); $vars = array('timestamp_date' => $timestamp_date, 'link_id' => $linkres->id); check_actions('comment_subscription_insert_function', $vars); } $vars = ''; check_actions('submit_step_3_after_first_store', $vars); if ($vars['error'] == true && link_catcha_errors('captcha_error')) { return; } $linkres->read(FALSE); $edit = true; $link_title = $linkres->title; $link_content = $linkres->content; $link_title = stripslashes(sanitize($_POST['title'], 3)); $main_smarty->assign('the_story', $linkres->print_summary('full', true)); $main_smarty->assign('tags', $linkres->tags); if (!empty($linkres->tags)) { $tags_words = str_replace(",", ", ", $linkres->tags); $tags_url = urlencode($linkres->tags); $main_smarty->assign('tags_words', $tags_words); $main_smarty->assign('tags_url', $tags_url); } if (isset($url)) { $main_smarty->assign('submit_url', $url); } else { $main_smarty->assign('submit_url', ''); } $data = parse_url($linkres->url); $main_smarty->assign('url_short', $data['host']); $main_smarty->assign('submit_url_title', $linkres->url_title); $main_smarty->assign('submit_id', $linkres->id); $main_smarty->assign('submit_type', $linkres->type()); $main_smarty->assign('submit_title', str_replace('"', """, $link_title)); $main_smarty->assign('submit_content', $link_content); if (isset($trackback)) { $main_smarty->assign('submit_trackback', $trackback); } else { $main_smarty->assign('submit_trackback', ''); } $main_smarty->assign('tpl_extra_fields', $the_template . '/submit_extra_fields'); $main_smarty->assign('tpl_center', $the_template . '/submit_step_3_center'); $vars = ''; check_actions('do_submit2', $vars); $_SESSION['step'] = 2; if (Submit_Complete_Step2) { do_submit3(); } else { $main_smarty->display($the_template . '/pligg.tpl'); } }
function do_submit2() { global $db, $main_smarty, $dblang, $the_template, $linkres, $current_user, $Story_Content_Tags_To_Allow; $linkres = new Link(); $main_smarty->assign('auto_vote', auto_vote); $main_smarty->assign('Submit_Show_URL_Input', Submit_Show_URL_Input); $main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL); $main_smarty->assign('link_id', sanitize($_POST['id'], 3)); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); $linkres->store(); $linkres->id = sanitize($_POST['id'], 3); $thecat = get_cached_category_data('category_id', $linkres->category); $main_smarty->assign('request_category_name', $thecat->category_name); tags_insert_string($_SESSION['newSid'], $dblang, $linkres->tags); $main_smarty->assign('tags', $linkres->tags); if (!empty($linkres->tags)) { $tags_words = str_replace(",", ", ", $linkres->tags); $tags_url = urlencode($linkres->tags); $main_smarty->assign('tags_words', $tags_words); $main_smarty->assign('tags_url', $tags_url); } $main_smarty->assign('submit_url_title', $linkres->url_title); $main_smarty->assign('submit_id', $linkres->id); $main_smarty->assign('submit_title', str_replace('"', """, $link_title)); $main_smarty->assign('submit_content', $link_content); include mnminclude . 'redirector.php'; $x = new redirector($_SERVER['REQUEST_URI']); $Sid = $_SESSION['newSid']; header("Location:/colfusion/story.php?title={$Sid}"); $vars = ''; check_actions('do_submit2', $vars); $_SESSION['step'] = 2; $main_smarty->display($the_template . '/pligg.tpl'); }
function do_submit3() { global $db, $current_user; $linkres=new Link; $linkres->id=$link_id = intval($_POST['id']); if(!check_link_key() || !$linkres->read()) die; // Check it is not in the queue already if ($linkres->duplicates($linkres->url)) { // Write headers, they were not printed yet do_header(_("enviar noticia"), "post"); echo '<div id="singlewrap">' . "\n"; report_dupe($linkres->url); return; } // Check this one was not already queued if($linkres->votes == 0 && $linkres->status != 'queued') { $db->transaction(); $linkres->status='queued'; $linkres->sent_date = $linkres->date=time(); $linkres->get_uri(); $linkres->store(); $linkres->insert_vote($current_user->user_karma); $db->commit(); // Add the new link log/event require_once(mnminclude.'log.php'); log_conditional_insert('link_new', $linkres->id, $linkres->author); $db->query("delete from links where link_author = $linkres->author and link_date > date_sub(now(), interval 30 minute) and link_status='discard' and link_votes=0"); if(!empty($_POST['trackback'])) { $trackres = new Trackback; $trackres->url=clean_input_url($_POST['trackback']); $trackres->link_id=$linkres->id; $trackres->link=$linkres->url; $trackres->author=$linkres->author; $trackres->status = 'pendent'; $trackres->store(); } fork("backend/send_pingbacks.php?id=$linkres->id"); } header('Location: '. $linkres->get_permalink()); die; }
function insert_vote($user = 0, $value = 10) { global $anon_karma; require_once mnminclude . 'votes.php'; if (!is_numeric($this->id)) { return false; } $vote = new Vote(); $vote->type = 'comments'; $vote->user = $user; $vote->link = $this->id; $vote->value = $value; if ($vote->insert()) { $vote = new Vote(); $vote->type = 'comments'; $vote->link = $this->id; $this->votes = $vote->count() - $vote->count('<0'); if (comment_buries_spam > 0 && $vote->count_all("<0") >= comment_buries_spam) { $this->status = 'discard'; $this->store(); $vars = array('comment_id' => $this->id); check_actions('comment_spam', $vars); require_once mnminclude . 'link.php'; $link = new Link(); $link->id = $this->link; $link->read(); $link->recalc_comments(); $link->store(); } $vars = array('vote' => $this); check_actions('comment_insert_vote_post', $vars); return $vote->sum(); } return false; }
function akismet_link_to_spam($link_id) { global $db; $link = new Link(); $link->id = $link_id; $link->read(); $link->status = 'spam'; $link->store(); $db->query("INSERT INTO " . table_prefix . "spam_links (`auto_id` , `userid` , `linkid`) VALUES (NULL, {$link->author}, {$link_id})"); }
header('Location: ' . $my_pligg_base . '/' . $redirectUrl); } } if (isset($_REQUEST['comment_id'])) { global $db; $comment_id = $_REQUEST['comment_id']; if (!is_numeric($comment_id)) { die; } $link_id = $db->get_var("SELECT comment_link_id FROM `" . table_comments . "` WHERE `comment_id` = {$comment_id}"); $vars = array('comment_id' => $comment_id); check_actions('comment_deleted', $vars); $db->query('DELETE FROM `' . table_comments . '` WHERE `comment_id` = "' . $comment_id . '"'); $comments = $db->get_results($sql = "SELECT comment_id FROM " . table_comments . " WHERE `comment_parent` = '{$comment_id}'"); foreach ($comments as $comment) { $vars = array('comment_id' => $comment->comment_id); check_actions('comment_deleted', $vars); } $db->query('DELETE FROM `' . table_comments . '` WHERE `comment_parent` = "' . $comment_id . '"'); $link = new Link(); $link->id = $link_id; $link->read(); $link->recalc_comments(); $link->store(); $link = ''; if ($_SERVER['HTTP_REFERER'] && strpos($_SERVER['HTTP_REFERER'], $my_base_url . $my_pligg_base) === 0) { header('Location: ' . $_SERVER['HTTP_REFERER']); } else { header('Location: ' . $my_base_url . $my_pligg_base); } }
function do_submit1() { global $main_smarty, $db, $dblang, $current_user, $the_template; $url = htmlspecialchars(strip_tags(trim($_POST['url']))); $url = html_entity_decode($url); // thanks czytom $linkres = new Link(); $linkres->randkey = strip_tags($_POST['randkey']); if (Submit_Show_URL_Input == false) { $url = "http://"; $linkres->randkey = rand(10000, 10000000); } $Submit_Show_URL_Input = Submit_Show_URL_Input; if ($url == "http://" || $url == "") { $Submit_Show_URL_Input = false; } $main_smarty->assign('randkey', $linkres->randkey); $main_smarty->assign('submit_url', $url); $main_smarty->assign('Submit_Show_URL_Input', $Submit_Show_URL_Input); $main_smarty->assign('Submit_Require_A_URL', Submit_Require_A_URL); $edit = false; $linkres->get($url); $trackback = $linkres->trackback; if ($url == "http://" || $url == "") { if (Submit_Require_A_URL == false) { $linkres->valid = true; } else { $linkres->valid = false; } } if (!$linkres->valid) { $main_smarty->assign('submit_error', 'invalidurl'); $main_smarty->assign('tpl_center', $the_template . '/submit_errors'); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); $main_smarty->display($the_template . '/pligg.tpl'); return; } if (Submit_Require_A_URL == true || $url != "http://" && $url != "") { if ($linkres->duplicates($url) > 0) { $main_smarty->assign('submit_search', getmyurl("search", htmlentities($url))); $main_smarty->assign('submit_error', 'dupeurl'); $main_smarty->assign('tpl_center', $the_template . '/submit_errors'); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); $main_smarty->display($the_template . '/pligg.tpl'); return; } } check_actions('submit_validating_url', array("url" => $url)); $linkres->status = 'discard'; $linkres->author = $current_user->user_id; $linkres->store(); $main_smarty->assign('StorySummary_ContentTruncate', StorySummary_ContentTruncate); $main_smarty->assign('SubmitSummary_Allow_Edit', SubmitSummary_Allow_Edit); $main_smarty->assign('enable_tags', Enable_Tags); $main_smarty->assign('submit_url_title', $linkres->url_title); $main_smarty->assign('submit_id', $linkres->id); $main_smarty->assign('submit_type', $linkres->type()); if (isset($link_title)) { $main_smarty->assign('submit_title', $link_title); } if (isset($link_content)) { $main_smarty->assign('submit_content', $link_content); } $main_smarty->assign('submit_trackback', $trackback); $main_smarty->assign('submit_link_field1', $linkres->link_field1); $main_smarty->assign('submit_link_field2', $linkres->link_field2); $main_smarty->assign('submit_link_field3', $linkres->link_field3); $main_smarty->assign('submit_link_field4', $linkres->link_field4); $main_smarty->assign('submit_link_field5', $linkres->link_field5); $main_smarty->assign('submit_link_field6', $linkres->link_field6); $main_smarty->assign('submit_link_field7', $linkres->link_field7); $main_smarty->assign('submit_link_field8', $linkres->link_field8); $main_smarty->assign('submit_link_field9', $linkres->link_field9); $main_smarty->assign('submit_link_field10', $linkres->link_field10); $main_smarty->assign('submit_link_field11', $linkres->link_field11); $main_smarty->assign('submit_link_field12', $linkres->link_field12); $main_smarty->assign('submit_link_field13', $linkres->link_field13); $main_smarty->assign('submit_link_field14', $linkres->link_field14); $main_smarty->assign('submit_link_field15', $linkres->link_field15); $catsql = mysql_query("SELECT category_id, category_name FROM " . table_categories . " WHERE category_lang='{$dblang}' ORDER BY category_name ASC"); $categories = array(); while ($rows = mysql_fetch_array($catsql, MYSQL_ASSOC)) { array_push($categories, $rows); } $main_smarty->assign('categories', $categories); include_once mnminclude . 'dbtree.php'; $array = tree_to_array(0, table_categories, FALSE); $main_smarty->assign('lastspacer', 0); $main_smarty->assign('cat_array', $array); //spellchecker $main_smarty->assign('Spell_Checker', Spell_Checker); $main_smarty->assign('tpl_extra_fields', $the_template . '/submit_extra_fields'); $main_smarty->assign('tpl_center', $the_template . '/submit_step_2'); define('pagename', 'submit'); $main_smarty->assign('pagename', pagename); $main_smarty->display($the_template . '/pligg.tpl'); }