} $item = $app->setMenuItems($sessionState); $smileyButton = new Loggix_View($pathToIndex . '/theme/smiley-button.html'); $item['smiley_button'] = $smileyButton->render(); $editFormViewFile = $pathToIndex . Loggix_Module_Comment::COMMENT_THEME_PATH . 'edit-form.html'; $contentsView = new Loggix_View($editFormViewFile); $templateVars = array('item' => $item, 'lang' => $lang, 'config' => $config); $contentsView->assign($templateVars); $item['contents'] = $contentsView->render(); // Apply plugin filter $item['contents'] = $app->plugin->applyFilters('comment-text', $item['contents']); } } else { $item['contents'] = 'Error!'; } $item['title'] = $app->setTitle(array($lang['edit'], $lang['comments'] . ' No.' . $item['comments']['id'])); // Pager $item['pager'] = ''; $item['result'] = ''; $app->display($item, $sessionState); // Edit Action } elseif (isset($_POST['user_name'], $_POST['user_pass'], $_POST['title'], $_POST['comment'], $_POST['id'], $_POST['refer_id'], $_POST['mod_del'])) { $userName = $_POST['user_name']; $userPass = $_POST['user_pass']; $title = $_POST['title']; $comment = $_POST['comment']; $id = intval($_POST['id']); $referId = intval($_POST['refer_id']); $modifyOrDelete = intval($_POST['mod_del']); $userUri = isset($_POST['user_uri']) ? $_POST['user_uri'] : ''; $item = array('user_name' => $userName, 'user_pass' => $userPass, 'title' => $title, 'comment' => $comment, 'id' => $id, 'refer_id' => $referId, 'trash' => $modifyOrDelete, 'user_uri' => $userUri);
} // Plugin Filter before receiving comment $app->plugin->doAction('before-receive-comment', $referId); // Spam Blocking if (preg_match('/.*<\\/?(?: ' . $config['block_tags'] . ')/i', $_POST['comment']) || preg_match('/.*(' . $config['block_keywords'] . ')/i', $_POST['comment']) || $config['block_ascii_only_text'] == 'yes' && !preg_match('/.*[\\x80-\\xff]/', $_POST['comment']) || preg_match('/.*<\\/?(?:' . $config['block_tags'] . ')/i', $_POST['title']) || $receiveComment == 'not_allowed') { header('Location: ' . $pathToIndex . '/index.php?id=' . $referId . '#comments'); } else { if ($title == '') { $title = 'Re:'; } // Get user's remote host info $remoteHost = !isset($_SERVER['REMOTE_HOST']) ? @gethostbyaddr($_SERVER['REMOTE_ADDR']) : $_SERVER['REMOTE_HOST']; $userUri = isset($_POST['user_uri']) ? $_POST['user_uri'] : ''; $app->db->beginTransaction(); $fdate = gmdate('Y-m-d H:i:s', time() + $config['tz'] * 3600); $cmod = gmdate('Y-m-d H:i:s', time() + $config['tz'] * 3600); $sql = 'INSERT INTO ' . COMMENT_TABLE . ' ' . '(' . '`parent_key`, ' . '`title`, ' . '`comment`, ' . '`user_name`, ' . '`user_pass`, ' . '`user_uri`, ' . '`date`, ' . '`mod`, ' . '`user_ip`, ' . '`refer_id`' . ') ' . 'VALUES' . '(' . ':parent_key, ' . ':title, ' . ':comment, ' . ':user_name, ' . ':user_pass, ' . ':user_uri, ' . ':date, ' . ':mod, ' . ':user_ip, ' . ':refer_id' . ')'; $sql = $app->setDelimitedIdentifier($sql); $stmt = $app->db->prepare($sql); $res = $stmt->execute(array(':parent_key' => $parentKey, ':title' => $title, ':comment' => $comment, ':user_name' => $userName, ':user_pass' => $userPass, ':user_uri' => $userUri, ':date' => $fdate, ':mod' => $cmod, ':user_ip' => $remoteHost, ':refer_id' => $referId)); $app->db->commit(); header('Location: ' . $pathToIndex . '/index.php?id=' . $referId . '#comments'); } } else { $sessionState = $app->getSessionState(); $additionalTitle = 'Not Allowed'; $content = "<h2>Request Not Allowed</h2>\n"; $item = array('title' => $app->setTitle($additionalTitle), 'contents' => $content, 'result' => '', 'pager' => ''); $app->display($item, $sessionState); exit; }
$result = ''; } else { $contents = $app->getArchives($sql); $pager = $app->getPager($totalItemsCount, $pageNumberToShow, $date, $expand); $templateFile = $pathToIndex . '/theme/' . $resultTemplateFile; $resultView = new Loggix_View($templateFile); $item = $app->setSearchItems($res, $totalItemsCount, $previousItemNumber, $date); $resultView->assign('item', $item); $resultView->assign('lang', $lang); $result = $resultView->render(); } // Contents, Pager, and Results $item['contents'] = $contents; $item['pager'] = $pager; $item['result'] = $result; $item['title'] = !empty($_GET['c']) ? $app->setTitle(array($item['keyword'], $lang['archive'])) : $app->setTitle($lang['archive']); } // (2) Index View (Show Recent Entries) } else { $sql = 'SELECT ' . '* ' . 'FROM ' . COMMENT_TABLE . ' ' . 'WHERE ' . "trash = '0' " . 'GROUP BY ' . 'refer_id ' . 'ORDER BY ' . 'date DESC ' . 'LIMIT ' . $config['page_max']; $countTotalItemsSql = 'SELECT ' . 'COUNT(id) ' . 'FROM ' . COMMENT_TABLE . ' ' . 'WHERE ' . "trash = '0' " . 'GROUP BY ' . 'refer_id'; $countRes = $app->db->query($countTotalItemsSql); $totalItemsCount = count($countRes->fetchAll()); $item = array('title' => $app->setTitle('Comments'), 'contents' => $app->getArchives($sql), 'pager' => $app->getPager($totalItemsCount, $pageNumberToShow = '1', $date = '', $expand = '0'), 'result' => ''); } } catch (Exception $e) { $templateFile = $pathToIndex . '/theme/errors/data-not-found.html'; $contentsView = new Loggix_View($templateFile); $item = array('title' => $app->setTitle('404 Not Found'), 'contents' => $contentsView->render(), 'pager' => '', 'result' => ''); } $app->display($item, $sessionState);