function gf_replacesmilie($str)
{
global $_CONF, $_TABLES, $CONF_FORUM;
if ($CONF_FORUM['allow_smilies']) {
if (function_exists('msg_showsmilies') and $CONF_FORUM['use_smilies_plugin']) {
$str = msg_replaceEmoticons($str);
} else {
$str = forum_xchsmilies($str);
}
}
return $str;
}
} else {
$view_sentmsg = '';
}
// Set Broadcast Display flag
$broadcast_flag = $target == 0 ? '<IMG SRC="' . $CONF_MSG['imgset'] . '/pm_broadcast.gif" border="0" align="absmiddle" alt="' . $LANG_MSG['BROADCAST_MSG'] . '">' : '';
if ($source != $_USER['uid']) {
if (DB_COUNT($_TABLES['messenger_buddies'], array('uid', 'buddy_id'), array($_USER['uid'], $source)) > 0) {
$LANG_buddy = $LANG_MSG['DELBUDDY'];
$buddylink = '<a href="' . $phpself . '?action=delbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/del_buddy.gif" border="0" ALT="' . $LANG_buddy . '">';
} else {
$LANG_buddy = $LANG_MSG['ADDBUDDY'];
$buddylink = '<a href="' . $phpself . '?action=addbuddy&buddy=' . $source . '&sortoption=' . $sortoption . '"><img align="absmiddle" src="' . $CONF_MSG['imgset'] . '/add_buddy.gif" border="0" ALT="' . $LANG_buddy . '">';
}
}
if ($CONF_MSG['smiliesEnabled']) {
$message = msg_replaceEmoticons($message);
}
if ($folder == "INBOX" or $folder == "ARCHIVE") {
$msg_row->set_var('LANG_whom', $LANG_MSG['FROM']);
} else {
$msg_row->set_var('LANG_whom', $LANG_MSG['TO']);
}
$msg_row->set_var('new', $newmsg_flag);
$msg_row->set_var('broadcast', $broadcast_flag);
$msg_row->set_var('name', $name);
$msg_row->set_var('viewlink', $view_sentmsg);
$msg_row->set_var('message', $message);
$msg_row->set_var('LANG_subject', $LANG_MSG['SUBJECT']);
$msg_row->set_var('subject', $subject);
$msg_row->set_var('LANG_buddy', $LANG_buddy);
$msg_row->set_var('buddylink', $buddylink);
/**
* This function prints &$comments (db results set of comments) in comment format
* -For previews, &$comments is assumed to be an associative array containing
* data for a single comment.
*
* @param array &$comments Database result set of comments to be printed
* @param string $mode 'flat', 'threaded', etc
* @param string $type Type of item (article, polls, etc.)
* @param string $order How to order the comments 'ASC' or 'DESC'
* @param boolean $delete_option if current user can delete comments
* @param boolean $preview Preview display (for edit) or not
* @param int $ccode Comment code: -1=no comments, 0=allowed, 1=closed
* @return string HTML Formated Comment
*
*/
function CMT_getComment(&$comments, $mode, $type, $order, $delete_option = false, $preview = false, $ccode = 0, $sid_author_id = '')
{
global $_CONF, $_TABLES, $_USER, $LANG01, $LANG03, $MESSAGE, $_IMAGE_TYPE;
$indent = 0;
// begin with 0 indent
$retval = '';
// initialize return value
$filter = sanitizer::getInstance();
$AllowedElements = $filter->makeAllowedElements($_CONF['htmlfilter_comment']);
$filter->setAllowedelements($AllowedElements);
$filter->setNamespace('glfusion', 'comment');
if ($mode == 'threaded') {
$mode = 'nested';
}
$template = new Template($_CONF['path_layout'] . 'comment');
$template->set_file(array('comment' => 'comment.thtml', 'thread' => 'thread.thtml'));
// generic template variables
$template->set_var('lang_authoredby', $LANG01[42]);
$template->set_var('lang_on', $LANG01[36]);
$template->set_var('lang_permlink', $LANG01[120]);
$template->set_var('order', $order);
if ($ccode == 0 && ($_CONF['commentsloginrequired'] == 0 || !COM_isAnonUser())) {
$template->set_var('lang_replytothis', $LANG01[43]);
$template->set_var('lang_reply', $LANG01[25]);
} else {
$template->set_var('lang_replytothis', '');
$template->set_var('lang_reply', '');
}
// Make sure we have a default value for comment indentation
if (!isset($_CONF['comment_indent'])) {
$_CONF['comment_indent'] = 25;
}
if ($preview) {
$A = $comments;
if (empty($A['nice_date'])) {
$A['nice_date'] = time();
}
if (!isset($A['cid'])) {
$A['cid'] = 0;
}
if (!isset($A['photo'])) {
if (isset($_USER['photo'])) {
$A['photo'] = $_USER['photo'];
} else {
$A['photo'] = '';
}
}
if (!isset($A['email'])) {
if (isset($_USER['email'])) {
$A['email'] = $_USER['email'];
} else {
$A['email'] = '';
}
}
$A['name'] = $A['username'];
$mode = 'flat';
$template->set_var('preview_mode', true);
} else {
$A = DB_fetchArray($comments);
$template->unset_var('preview_mode');
}
if (empty($A)) {
return '';
}
$token = '';
if ($delete_option && !$preview) {
$token = SEC_createToken();
}
$row = 1;
do {
$template->unset_var('delete_link');
$template->unset_var('ipaddress');
$template->unset_var('reply_link');
$template->unset_var('edit_link');
//check for comment edit
$commentedit = DB_query("SELECT cid,uid,UNIX_TIMESTAMP(time) as time FROM {$_TABLES['commentedits']} WHERE cid = " . (int) $A['cid']);
$B = DB_fetchArray($commentedit);
if ($B) {
//comment edit present
//get correct editor name
if ($A['uid'] == $B['uid']) {
$editname = $A['username'];
} else {
$editname = DB_getItem($_TABLES['users'], 'username', "uid=" . (int) $B['uid']);
}
//add edit info to text
$dtObject = new Date($B['time'], $_USER['tzid']);
$A['comment'] .= LB . '<div class="comment-edit">' . $LANG03[30] . ' ' . $dtObject->format($_CONF['date'], true) . ' ' . $LANG03[31] . ' ' . $editname . '</div><!-- /COMMENTEDIT -->';
}
// determines indentation for current comment
if ($mode == 'threaded' || $mode == 'nested') {
$indent = ($A['indent'] - $A['pindent']) * $_CONF['comment_indent'];
}
// comment variables
if (!isset($A['uid']) || $A['uid'] == '') {
$A['uid'] = 1;
}
$template->set_var('indent', $indent);
$template->set_var('author_name', $filter->sanitizeUsername($A['username']));
$template->set_var('author_id', $A['uid']);
$template->set_var('cid', $A['cid']);
$template->set_var('cssid', $row % 2);
if ($sid_author_id != '' && $sid_author_id != 1 && $sid_author_id == $A['uid']) {
$template->set_var('author_match', '1');
} else {
$template->set_var('author_match', '');
}
if ($A['uid'] > 1) {
$fullname = COM_getDisplayName($A['uid'], $A['username'], isset($A['fullname']) ? $A['fullname'] : '');
$template->set_var('author_fullname', $fullname);
$template->set_var('author', $fullname);
$alttext = $fullname;
$photo = '';
if ($_CONF['allow_user_photo']) {
if (isset($A['photo']) && empty($A['photo'])) {
$A['photo'] = '';
}
$photo = USER_getPhoto($A['uid'], $A['photo'], $A['email']);
$photo_raw = USER_getPhoto($A['uid'], $A['photo'], $A['email'], 64, 0);
if (!empty($photo)) {
$template->set_var('author_photo', $photo);
$template->set_var('author_photo_raw', $photo_raw);
$camera_icon = '<img src="' . $_CONF['layout_url'] . '/images/smallcamera.' . $_IMAGE_TYPE . '" alt=""/>';
$template->set_var('camera_icon', COM_createLink($camera_icon, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']));
} else {
$template->set_var('author_photo', '<img src="' . $_CONF['default_photo'] . '" alt="" class="userphoto"/>');
$template->set_var('author_photo_raw', $_CONF['default_photo']);
$template->set_var('camera_icon', '');
}
} else {
$template->set_var('author_photo_raw', '');
$template->set_var('author_photo', '');
$template->set_var('camera_icon', '');
}
$template->set_var('start_author_anchortag', '<a href="' . $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid'] . '">');
$template->set_var('end_author_anchortag', '</a>');
$template->set_var('author_link', COM_createLink($fullname, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']));
} else {
$username = $filter->sanitizeUsername($A['name']);
if ($username == '') {
$username = $LANG01[24];
}
$template->set_var('author', $username);
$template->set_var('author_fullname', $username);
$template->set_var('author_link', @htmlspecialchars($username, ENT_COMPAT, COM_getEncodingt()));
if ($_CONF['allow_user_photo']) {
$template->set_var('author_photo_raw', $_CONF['default_photo']);
$template->set_var('author_photo', '<img src="' . $_CONF['default_photo'] . '" alt="" class="userphoto"/>');
$template->set_var('camera_icon', '');
} else {
$template->set_var('author_photo_raw', '');
$template->set_var('author_photo', '');
$template->set_var('camera_icon', '');
}
$template->set_var('start_author_anchortag', '');
$template->set_var('end_author_anchortag', '');
}
// hide reply link from anonymous users if they can't post replies
$hidefromanon = false;
if (COM_isAnonUser() && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
$hidefromanon = true;
}
// this will hide HTML that should not be viewed in preview mode
if ($preview || $hidefromanon) {
$template->set_var('hide_if_preview', 'style="display:none"');
} else {
$template->set_var('hide_if_preview', '');
}
$dtObject = new Date($A['nice_date'], $_USER['tzid']);
$template->set_var('date', $dtObject->format($_CONF['date'], true));
$template->set_var('sid', $A['sid']);
$template->set_var('type', $A['type']);
//COMMENT edit rights
if (!COM_isAnonUser()) {
if ($_USER['uid'] == $A['uid'] && $_CONF['comment_edit'] == 1 && ($_CONF['comment_edittime'] == 0 || time() - $A['nice_date'] < $_CONF['comment_edittime']) && $ccode == 0 && DB_getItem($_TABLES['comments'], 'COUNT(*)', "pid = " . (int) $A['cid']) == 0) {
$edit_option = true;
} else {
if (SEC_inGroup('Root')) {
$edit_option = true;
} else {
$edit_option = false;
}
}
} else {
$edit_option = false;
}
//edit link
if ($edit_option) {
if (empty($token)) {
$token = SEC_createToken();
}
$editlink = $_CONF['site_url'] . '/comment.php?mode=edit&cid=' . $A['cid'] . '&sid=' . $A['sid'] . '&type=' . $type . '&' . CSRF_TOKEN . '=' . $token . '#comment_entry';
$template->set_var('edit_link', $editlink);
$template->set_var('lang_edit', $LANG01[4]);
$edit = COM_createLink($LANG01[4], $editlink) . ' | ';
} else {
$editlink = '';
$edit = '';
}
// If deletion is allowed, displays delete link
if ($delete_option) {
$deloption = '';
if (SEC_inGroup('Root')) {
if (!empty($A['ipaddress'])) {
if (empty($_CONF['ip_lookup'])) {
$deloption = $A['ipaddress'] . ' | ';
$template->set_var('ipaddress', $A['ipaddress']);
} else {
$iplookup = str_replace('*', $A['ipaddress'], $_CONF['ip_lookup']);
$template->set_var('iplookup_link', $iplookup);
$template->set_var('ipaddress', $A['ipaddress']);
$deloption = COM_createLink($A['ipaddress'], $iplookup) . ' | ';
}
//insert re-que link here
}
}
$dellink = $_CONF['site_url'] . '/comment.php?mode=delete&cid=' . $A['cid'] . '&sid=' . $A['sid'] . '&type=' . $type . '&' . CSRF_TOKEN . '=' . $token;
$delattr = array('onclick' => "return confirm('{$MESSAGE[76]}');");
$delete_link = $dellink;
$template->set_var('delete_link', $delete_link);
$template->set_var('lang_delete_link_confirm', $MESSAGE[76]);
$template->set_var('lang_delete', $LANG01[28]);
$deloption .= COM_createLink($LANG01[28], $dellink, $delattr) . ' | ';
$template->set_var('delete_option', $deloption . $edit);
} else {
if ($edit_option) {
$template->set_var('delete_option', $edit);
} elseif (!COM_isAnonUser()) {
$reportthis = '';
if ($A['uid'] != $_USER['uid']) {
$reportthis_link = $_CONF['site_url'] . '/comment.php?mode=report&cid=' . $A['cid'] . '&type=' . $type;
$report_attr = array('title' => $LANG01[110]);
$template->set_var('report_link', $reportthis_link);
$template->set_var('lang_report', $LANG01[109]);
$reportthis = COM_createLink($LANG01[109], $reportthis_link, $report_attr) . ' | ';
}
$template->set_var('delete_option', $reportthis);
} else {
$template->set_var('delete_option', '');
}
}
//and finally: format the actual text of the comment, but check only the text, not sig or edit
$text = str_replace('<!-- COMMENTSIG --><div class="comment-sig">', '', $A['comment']);
$text = str_replace('</div><!-- /COMMENTSIG -->', '', $text);
$text = str_replace('<div class="comment-edit">', '', $text);
$text = str_replace('</div><!-- /COMMENTEDIT -->', '', $text);
$filter->setReplaceTags(true);
$filter->setCensorData(true);
if (preg_match('/<.*>/', $text) == 0) {
$A['comment'] = nl2br($A['comment']);
}
$filter->setPostmode('html');
$A['comment'] = $filter->displayText($A['comment']);
// highlight search terms if specified
if (!empty($_REQUEST['query'])) {
$A['comment'] = COM_highlightQuery($A['comment'], strip_tags($_REQUEST['query']));
}
if (function_exists('msg_replaceEmoticons')) {
$A['comment'] = msg_replaceEmoticons($A['comment']);
}
// create a reply to link
$reply_link = '';
if ($ccode == 0 && ($_CONF['commentsloginrequired'] == 0 || !COM_isAnonUser())) {
$reply_link = $_CONF['site_url'] . '/comment.php?sid=' . $A['sid'] . '&pid=' . $A['cid'] . '&title=' . urlencode($A['title']) . '&type=' . $A['type'] . '#comment_entry';
$template->set_var('reply_link', $reply_link);
$template->set_var('lang_reply', $LANG01[43]);
$reply_option = COM_createLink($LANG01[43], $reply_link, array('rel' => 'nofollow')) . ' | ';
$template->set_var('reply_option', $reply_option);
} else {
$template->set_var('reply_option', '');
}
$template->set_var('reply_link', $reply_link);
// format title for display, must happen after reply_link is created
$A['title'] = @htmlspecialchars($A['title'], ENT_COMPAT, COM_getEncodingt());
$template->set_var('title', $A['title']);
$template->set_var('comments', $A['comment']);
// parse the templates
if ($mode == 'threaded' && $indent > 0) {
$template->set_var('pid', $A['pid']);
$retval .= $template->parse('output', 'thread');
} else {
$template->set_var('pid', $A['cid']);
$retval .= $template->parse('output', 'comment');
}
if ($preview) {
return $retval;
}
$row++;
} while ($A = DB_fetchArray($comments));
return $retval;
}
