function smarty_modifier_simple($body)
{
//Replaced all code with methods in StringHandler class
$parts = explode(" ", $body);
foreach ($parts as $ind => $line) {
$parts[$ind] = StringHandling::transformLinks($line);
}
$body = join(" ", $parts);
return nl2br($body);
}
/**
* Process a trackback someone sent to us
*
* @param string $ip IP Address of the pinger
* @param array $ext_vars The trackback data, in the format:
* +================================================+
* | key | value |
* +-----------+------------------------------------+
* | url* | URL of the pinging site |
* +-----------+------------------------------------+
* | title | Title of the referring article |
* +-----------+------------------------------------+
* | excerpt | Excerpt from the referring article |
* +-----------+------------------------------------+
* | blog_name | Name of the referring blog |
* +===========+====================================+
* @param int $commentid If given, the ID of a comment in a blog
*/
function receiveTrackback($ip, $ext_vars, $commentid = null)
{
$this->_ip = $ip;
$this->_tbdata = $ext_vars;
$allow = $this->allowTrackback();
if (is_array($allow)) {
foreach ($allow['message'] as $msg) {
$err .= ' ' . $msg;
}
$this->userResponse(1, $msg);
} else {
$replyto = is_null($commentid) ? $commentid : 0;
/*
* According to the spec, only URL is required, all else is optional
*/
$vars['posterwebsite'] = my_addslashes($this->_tbdata['url']);
/**
* Policy:
* In the interests of spam-blocking, the only hypertext we allow is the
* URL of the poster. This is the only deviance from comment handling
*/
$vars['title'] = isset($this->_tbdata['title']) ? my_addslashes(StringHandling::removeTags($this->_tbdata['title'])) : '';
$vars['commenttext'] = isset($this->_tbdata['excerpt']) ? my_addslashes(StringHandling::removeTags($this->_tbdata['excerpt'])) : '';
$vars['postername'] = isset($this->_tbdata['blog_name']) ? my_addslashes(StringHandling::removeTags($this->_tbdata['blog_name'])) : '';
$vars['posttime'] = time();
$vars['ip'] = $this->_ip;
$vars['postid'] = $this->_post->postid;
if ($replyto > 0) {
$vars['parentid'] = $replyto;
}
/*
* Added check for moderation.
* Follow the same rules as for comments
*/
$vars['commenttext'] = StringHandling::removeTags(my_addslashes($vars['commenttext']));
$vars['onhold'] = $this->needsModeration($vars['commenttext']) ? 1 : 0;
$vars['type'] = 'trackback';
//Save the trackback
$id = $this->saveComment($vars);
if ($id > 0) {
// notify owner
if (C_NOTIFY == true) {
$this->notify($vars['postername'], $this->_post->permalink, $vars['onhold'], $vars['commenttext']);
}
$this->updateCommentCount($this->_db, $this->_post->postid);
$this->userResponse(0);
} else {
$this->userResponse(1, "Error adding trackback : " . mysql_error());
}
}
}
function save_configuration(&$mc)
{
$curr['CAPTCHA_ENABLE'] = isset($_POST['enable_captcha']) ? 'true' : 'false';
$curr['CAPTCHA_WIDTH'] = isset($_POST['captcha_width']) ? intval($_POST['captcha_width']) : 200;
$curr['CAPTCHA_HEIGHT'] = isset($_POST['captcha_height']) ? intval($_POST['captcha_height']) : 50;
$curr['CAPTCHA_CHARACTERS'] = isset($_POST['captcha_characters']) ? intval($_POST['captcha_characters']) : 5;
$curr['CAPTCHA_LINES'] = isset($_POST['captcha_lines']) ? intval($_POST['captcha_lines']) : 70;
$curr['CAPTCHA_ENABLE_SHADOWS'] = isset($_POST['captcha_enable_shadows']) ? 'true' : 'false';
$curr['CAPTCHA_OWNER_TEXT'] = isset($_POST['captcha_owner_text']) ? 'true' : 'false';
$curr['CAPTCHA_CHARACTER_SET'] = isset($_POST['captcha_character_set']) ? StringHandling::clean($_POST['captcha_character_set']) : '';
$curr['CAPTCHA_CASE_INSENSITIVE'] = isset($_POST['captcha_case_insensitive']) ? 'true' : 'false';
$curr['CAPTCHA_BACKGROUND'] = isset($_POST['captcha_background']) ? $_POST['captcha_background'] : '';
$curr['CAPTCHA_MIN_FONT'] = isset($_POST['captcha_min_font']) ? intval($_POST['captcha_min_font']) : 16;
$curr['CAPTCHA_MAX_FONT'] = isset($_POST['captcha_max_font']) ? intval($_POST['captcha_max_font']) : 25;
$curr['CAPTCHA_USE_COLOR'] = isset($_POST['captcha_use_color']) ? 'true' : 'false';
$curr['CAPTCHA_GRAPHIC_TYPE'] = isset($_POST['captcha_graphic_type']) ? $_POST['captcha_graphic_type'] : 'jpg';
$mc->saveConfiguration($curr);
}
function removeJs($var)
{
if (isset($var)) {
if (!is_array($var)) {
$search = "/<script[^>]*?>.*?<\\/script\\s*>/i";
$replace = '';
$clean = preg_replace($search, $replace, $var);
} else {
$clean = array_map(array('StringHandling', 'removeJs'), $var);
}
}
return StringHandling::trimWhitespace($clean);
}
/**
* Performs various transformations on text. Hyperlinks have
* the redirector added and are wrapped in A tags (if not already wrapped).
* Special characters are transformed into HTML entities.
*
* @param string $comment Comment text
* @return string
*/
function processCommentText($comment)
{
//Policy: only a, b, i, strong, code, acrynom, blockquote, abbr are allowed
$comment = StringHandling::removeTags($comment, '<a><b><i><strong><code><acronym><blockquote><abbr>');
if (StringHandling::containsLinks($comment)) {
$comment = StringHandling::transformLinks($comment);
}
//Policy: translate HTML special characters to their HTML entities
$comment = Comments::encodeHTML($comment);
//Policy: line breaks converted automatically
return nl2br($comment);
}
/**
* Authenticate the user
*
* @param string $user Username
* @param string $pass Password
* @param bool $setcookie If true, set a cookie
*/
function userauth($user, $pass, $setcookie = FALSE)
{
$query = "SELECT `id` FROM `" . T_AUTHORS . "` WHERE `nickname`='" . StringHandling::removeMagicQuotes(&$user) . "' AND `password`='" . StringHandling::removeMagicQuotes(&$pass) . "'";
$rs = $this->_adb->GetRow($query);
if ($rs) {
$_SESSION['user_id'] = $rs[0];
return true;
} else {
return false;
}
}
function prepFieldsForDisplay($vars, $replyto = 0)
{
$rval['id'] = $vars['id'];
$rval['postername'] = htmlspecialchars($vars["postername"]);
if (empty($rval['postername'])) {
$rval['postername'] = "Anonymous";
}
$rval['posteremail'] = htmlspecialchars(stripslashes($vars["posteremail"]));
$rval['title'] = htmlspecialchars($vars["title"]);
$rval['posterwebsite'] = StringHandling::transformLinks(htmlspecialchars(stripslashes($vars["posterwebsite"])));
$rval['commenttext'] = $this->processCommentText(stripslashes($vars["commenttext"]));
$rval['pubemail'] = $vars["pubemail"] == 1 ? true : false;
$rval['pubwebsite'] = $vars["pubwebsite"] == 1 ? true : false;
$rval['posternotify'] = $vars["posternotify"] == 1 ? true : false;
$rval['posttime'] = $vars['posttime'];
$rval['ip'] = $vars['ip'];
$rval['onhold'] = $this->needsModeration($rval['commenttext']) ? true : false;
$rval['postid'] = $this->_post;
$rval['parent'] = $vars['parentid'] > 0 ? $vars['parentid'] : false;
$rval['type'] = $vars['type'];
$rval['deleted'] = $vars['deleted'] == 1 ? true : false;
$rval['link'] = BBLOGURL . 'trackback.php/' . $this->_post . '/' . $vars['id'];
return $rval;
}
function admin_plugin_sections_run(&$bBlog)
{
// Again, the plugin API needs work.
if (isset($_GET['sectdo'])) {
$sectdo = $_GET['sectdo'];
} elseif (isset($_POST['sectdo'])) {
$sectdo = $_POST['sectdo'];
} else {
$sectdo = '';
}
switch ($sectdo) {
case 'new':
// sections are being editied
$nicename = StringHandling::removeMagicQuotes($_POST['nicename']);
$urlname = StringHandling::removeMagicQuotes($_POST['urlname']);
$bBlog->_adb->Execute("insert into " . T_SECTIONS . " set nicename=" . $bBlog->_adb->quote($nicename) . ", name=" . $bBlog->_adb->quote($urlname));
$insid = $bBlog->_adb->insert_id();
break;
case "Delete":
// delete section
// have to remove all references to the section in the posts
$sname = StringHandling::removeMagicQuotes($_POST['sname']);
$sect_id = $bBlog->section_ids_by_name[$sname];
if ($sect_id > 0) {
$ph = $bBlog->_ph;
$posts_in_section_q = $ph->make_post_query(array("sectionid" => $sect_id));
$posts_in_section = $ph->get_posts($posts_in_section_q, TRUE);
if ($posts_in_section) {
foreach ($posts_in_section as $post) {
unset($tmpr);
$tmpr = array();
$tmpsections = explode(":", $post->sections);
foreach ($tmpsections as $tmpsection) {
if ($tmpsection != $sect_id) {
$tmpr[] = $tmpsection;
}
}
$newsects = implode(":", $tmpr);
// update the posts to remove the section
$bBlog->_adb->Execute("update " . T_POSTS . " set sections='{$newsects}' where postid={$post->postid}");
}
// end foreach ($post_in_section as $post)
}
// end if($posts_in_section)
// delete the section
$bBlog->_adb->Execute("delete from " . T_SECTIONS . " where sectionid={$sect_id}");
}
// else show error
// else show error
case "Save":
$sect_id = $bBlog->sect_by_name[$_POST['sname']];
if ($sect_id < 1) {
break;
}
$sql = "update " . T_SECTIONS . " set nicename='" . my_addslashes($_POST['nicename']) . "' where sectionid='{$sect_id}'";
$bBlog->_adb->Execute($sql);
break;
default:
// show form
break;
}
$bBlog->get_sections();
$bBlog->assign('esections', $bBlog->sections);
}