} else {
if ($commentTotals['hour'] >= $commentLimits['hour']) {
$error = true;
$errorMsg = 'You have exceeded your rate limit for commenting. Please try again in one hour.';
} else {
if ($commentTotals['nickel'] >= $commentLimits['nickel']) {
$error = true;
$errorMsg = 'You have exceeded your rate limit for commenting. Please try again in 5 mins.';
}
}
}
}
// TODO: grab videoURL, validate it, stuff it in to the $comment structure
if (isset($_POST['videoURL']) and $_POST['videoURL'] != '') {
require_once PATH_CORE . '/classes/video.class.php';
$videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($_POST['videoURL']));
if (videos::validateVideoURL($videoURL)) {
$vt = new VideoTable($db);
$videoid = $vt->createVideoForComment($userid, $videoURL, "Video Comment on story {$cid}");
} else {
$error = true;
$errorMsg = 'Unsupported or invalid video URL';
}
} else {
if (isset($_POST['commentMsg']) and $_POST['commentMsg'] != '') {
$commentMsg = preg_replace("/([\\w]+:\\/\\/[\\w-?&;#~=\\.\\/\\@]+[\\w\\/])/i", "<a target=\"_blank\" href=\"\$1\">\$1</a>", $_POST['commentMsg']);
//$commentMsg = strip_tags($_POST['commentMsg'], '<a><i><b><p>');
$commentMsg = strip_tags($commentMsg, '<a><i><b><p>');
$commentMsg = nl2br($commentMsg);
// TODO: GET THIS WORKING.
//$comments = mysql_real_escape_string($_POST['commentMsg'], $db->handle);
function createStoryContent($userinfo = NULL, $info = NULL, $mode = 'link')
{
// post a story from the post story form
// build source from domain - to do : improve this with source objects table
$urlParts = parse_url($info->url);
$info->source = $urlParts['host'];
// create permalink
$info->permalink = $this->buildPermalink($info->title);
//$this->db->log($info->permalink);
// serialize the content
// mode = link for third party web site story link and blog for blog posts
if ($mode == 'link') {
$isBlogEntry = 0;
} else {
$isBlogEntry = 1;
}
$story = $this->serialize(0, $info->title, $info->caption, $info->source, $info->url, $info->permalink, $userinfo->ncUid, $userinfo->u->name, $userinfo->userid, '', $userinfo->votePower, 0, 0, $info->imageUrl, 0, $isBlogEntry, $info->isFeatureCandidate);
// post wire story to content
$siteContentId = $this->add($story);
if ($info->videoEmbed != '') {
// add video if it exists
require_once PATH_CORE . '/classes/video.class.php';
$videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($info->videoEmbed));
if (videos::validateVideoURL($videoURL)) {
$vt = new VideoTable($this->db);
// create new video
$videoid = $vt->createVideoForContent($userinfo->userid, $videoURL, "Video for story {$siteContentId}");
if (is_numeric($videoid)) {
$this->db->update("Content", "videoid={$videoid}", "siteContentId={$siteContentId}");
}
// store video id in content table
} else {
// error on video, should have been picked up by validate
}
}
return $siteContentId;
}
function processIdeaForm($userid = 0)
{
$resp = array();
$resp['error'] = false;
$idea = $_POST['idea'];
$details = $_POST['details'];
$tagid = $_POST['tagid'];
if ($idea == '') {
$resp['error'] = true;
$resp['msg'] = 'Sorry, we did not get your idea. Please try again.';
}
if ($tagid == '' or $tagid == 0) {
$resp['error'] = true;
$resp['msg'] = 'Please specify a category. Please try again.';
}
if (isset($_POST['videoURL']) and $_POST['videoURL'] != '') {
require_once PATH_CORE . '/classes/video.class.php';
$videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($_POST['videoURL']));
if (videos::validateVideoURL($videoURL)) {
$vt = new VideoTable($db);
$videoid = $vt->createVideoForIdea($userid, $videoURL, "Idea video by {$userid}");
} else {
$resp['error'] = true;
$resp['msg'] = 'Unsupported or invalid video URL';
}
} else {
$videoid = 0;
}
if (!$resp['error']) {
$isDup = $this->isDup($idea);
if ($isDup !== false) {
// it is a duplicate
$resp['error'] = true;
$resp['msg'] = 'Sorry, <a href="?p=ideas&o=view&id=' . $isDup . '">that idea has already been added here</a>.';
} else {
$iTable = new ideasTable($this->db);
$ir = $iTable->getRowObject();
$ir->idea = $idea;
$ir->details = $details;
$ir->tagid = $tagid;
$ir->userid = $userid;
$ir->dt = date('Y-m-d H:i:s', time());
$ir->numLikes = 1;
$ir->videoid = $videoid;
$ir->insert();
// add like for this idea when user posts
require_once PATH_CORE . '/classes/log.class.php';
$logObj = new log($this->db);
$logItem = $logObj->serialize(0, $userid, 'likeIdea', $ir->id);
$inLog = $logObj->update($logItem);
$resp['id'] = $ir->id;
}
}
return $resp;
}
function validate($option = 'link')
{
$this->setupLibraries();
$fData = new stdClass();
$fData->result = true;
$fData->state = 'validate';
$fData->url = $_POST['url'];
$fData->imageUrl = $_POST['imageUrl'];
$fData->videoEmbed = $_POST['videoEmbed'];
// Remove microsoft quotes
$bad = array('`', '’', '„', '‘', '’', '´');
$good = array('\'', '\'', ',', '\'', '\'', '\'');
$title = str_replace($bad, $good, $_POST['title']);
$fData->title = stripslashes(strip_tags($title));
// took out mysql_real_escape
$fData->tags = $_POST['tags'];
$fData->mediatype = $_POST['mediatype'];
if (isset($_POST['isFeatureCandidate']) and $_POST['isFeatureCandidate'] == 'on') {
$fData->isFeatureCandidate = 1;
} else {
$fData->isFeatureCandidate = 0;
}
$fData->isBookmarklet = true;
$fData->showPreview = false;
$fData->alert = '';
$fData->title = stripslashes(strip_tags($_POST['title']));
$fData->caption = stripslashes($_POST['caption']);
//$fData->title=mysql_real_escape_string(addslashes(stripslashes(strip_tags($_POST['title']))));
//$fData->caption=mysql_real_escape_string(stripslashes($_POST['caption']), $this->db->handle);
// begin option specific code and error checking
switch ($option) {
default:
$fData->caption = stripslashes(strip_tags($_POST['caption']));
if ($fData->url == '') {
$fData->alert = 'Please provide a Web address (URL) for your story.';
$fData->result = false;
}
if ($fData->caption == '') {
$fData->alert = 'Please provide a short caption for your entry.';
$fData->result = false;
}
if (strlen($fData->caption) > LENGTH_LONG_CAPTION + 5) {
$fData->alert = 'Please shorten your caption to ' . LENGTH_LONG_CAPTION . ' characters. Current length: ' . strlen($fData->caption);
$fData->result = false;
}
break;
case 'blog':
if (isset($_POST['blogid'])) {
$fData->blogid = $_POST['blogid'];
}
$fData->status = 'draft';
// only allowable html, fbml
$fData->entry = stripslashes(strip_tags($_POST['entry'], '<p><a><i><br><em><strong><img>'));
// <fb:photo><fb:mp3><fb:swf><fb:flv><fb:silverlight>
$fData->caption = stripslashes(strip_tags($_POST['caption']));
if ($fData->entry == '' or strlen($fData->entry) < MIN_BLOG_LENGTH) {
$fData->alert = 'Please compose a blog post of at least ' . MIN_BLOG_LENGTH . ' characters (not counting HTML tags). Current length: ' . strlen($fData->entry);
$fData->result = false;
$lengthError = true;
} else {
$lengthError = false;
}
if (strlen($fData->entry) > MAX_BLOG_LENGTH) {
$fData->alert = 'Please shorten your blog entry to ' . MAX_BLOG_LENGTH . ' characters. Current length: ' . strlen($fData->entry);
$fData->result = false;
}
if ($fData->caption != '') {
// if it exists already, then check that it meets the minimum length requirements
if (strlen($fData->caption) > LENGTH_LONG_CAPTION + 5) {
$temp = $utilObj->shorten($_POST['caption'], LENGTH_LONG_CAPTION);
$fData->caption = $temp;
}
} else {
// if it doesn't exist, create
require_once PATH_CORE . '/classes/utilities.class.php';
$utilObj = new utilities($this->db);
$temp = $utilObj->shorten($fData->entry, CAPTION_LENGTH);
if (!$lengthError and strlen($temp) < 100) {
$fData->alert = 'Please compose a blog entry for a caption of at least ' . MIN_BLOG_LENGTH . ' characters (not counting HTML tags). Current length: ' . strlen($temp);
$fData->result = false;
}
$fData->caption = $temp;
}
break;
}
// tags
/*
if ($fData->tags=='') {
$fData->alert='Please provide at least one tag.';
$fData->result=false;
}
*
*/
// check user has minimum # of friends - to prevent spam
if (isset($_POST['fb_sig_friends']) and count(explode(',', $_POST['fb_sig_friends'])) < MIN_FRIENDS) {
// suspiciously low # of friends to be posting
$fData->alert = 'Please add more friends to your Facebook profile before you post stories here. This helps us minimize spam. Sorry for the inconvenience.';
$fData->result = false;
}
//title
if (strcmp(strtoupper($fData->title), $fData->title) == 0) {
$fData->title = $temp = ucwords(strtolower($fData->title));
$fData->alert = 'We\'ve modified your headline so that it\'s not all uppercase. Please check it.';
$fData->result = false;
}
if ($fData->title == '') {
$fData->alert = 'Please provide a short headline for your entry.';
$fData->result = false;
}
if (strlen($fData->title) > $this->titleLimit) {
$fData->alert = 'Please shorten your title to ' . $this->titleLimit . ' characters. Current length: ' . strlen($fData->title);
$fData->result = false;
}
/* We might want this later
if ($fData->imageUrl=='' ) {
$fData->alert='Please provide a Web address (IMAGE URL) for your story image.';
$fData->result=false;
}
*/
// url
if ($fData->url != '') {
$urlParts = parse_url($fData->url);
// make sure url has http:// or other scheme in front of it
if ($urlParts['scheme'] == '') {
$fData->url = 'http://' . $fData->url;
}
if (($urlParts['path'] == '' or $urlParts['path'] == '/') and $urlParts['query'] == '') {
$fData->alert = 'You seem to be writing about a Web site, not a particular story on a Web site. Please do not submit links to Web sites. Please only submit stories from Web sites and blogs.';
$fData->result = false;
}
if (preg_match('/^http:\\/\\/www.facebook.com\\/ext\\/share.php/', $fData->url)) {
$fData->alert = 'You seem to be posting a shared story from facebook. Please go to the actual story page and post again from there.';
$fData->result = false;
}
}
// Check for rate limits on post story
if (!($this->session->u->isAdmin || $this->session->u->isModerator || $this->session->u->isSponser)) {
$resp = $this->logObj->checkLimits($this->session->userid, "(action = 'postStory' OR action = 'postBlog')", 'posting');
if ($resp !== false) {
$fData->alert = $resp['msg'];
$fData->result = false;
}
}
// validate the video
if ($fData->videoEmbed != '') {
require_once PATH_CORE . '/classes/video.class.php';
$videoURL = videos::getVideoURLFromEmbedCodeOrURL(stripslashes($fData->videoEmbed));
if (!videos::validateVideoURL($fData->videoEmbed)) {
$fData->alert = 'Your video URL or embedding code is invalid. We only support Facebook and YouTube videos at this time.';
$fData->result = false;
}
}
$this->fData =& $fData;
return $fData;
}
