/** * Add a comment to the comment data for a post * */ public function AddComment() { global $langmessage; if ($this->comments_closed) { return; } //need a captcha? if (SimpleBlogCommon::$data['comment_captcha'] && gp_recaptcha::isActive()) { if (!isset($_POST['anti_spam_submitted'])) { return false; } elseif (!gp_recaptcha::Check()) { return false; } } $comment = $this->GetPostedComment(); if ($comment === false) { return false; } $data = SimpleBlogCommon::GetCommentData($this->post_id); $data[] = $comment; if (!SimpleBlogCommon::SaveCommentData($this->post_id, $data)) { message($langmessage['OOPS']); return false; } message($langmessage['SAVED']); $this->EmailComment($comment); $this->comment_saved = true; return true; }
/** * Add a comment to the comment data for a post * */ function AddComment() { global $langmessage; if ($this->comments_closed) { return; } $data = SimpleBlogCommon::GetCommentData($this->post_id); //need a captcha? if (SimpleBlogCommon::$data['comment_captcha'] && gp_recaptcha::isActive()) { if (!isset($_POST['anti_spam_submitted'])) { return false; } elseif (!gp_recaptcha::Check()) { return false; } } if (empty($_POST['name'])) { $field = gpOutput::SelectText('Name'); message($langmessage['OOPS_REQUIRED'], $field); return false; } if (empty($_POST['comment'])) { $field = gpOutput::SelectText('Comment'); message($langmessage['OOPS_REQUIRED'], $field); return false; } $temp = array(); $temp['name'] = htmlspecialchars($_POST['name']); $temp['comment'] = nl2br(strip_tags($_POST['comment'])); $temp['time'] = time(); if (!empty($_POST['website']) && $_POST['website'] !== 'http://') { $website = $_POST['website']; if (mb_strpos($website, '://') === false) { $website = false; } if ($website) { $temp['website'] = $website; } } $data[] = $temp; if (!SimpleBlogCommon::SaveCommentData($this->post_id, $data)) { message($langmessage['OOPS']); return false; } message($langmessage['SAVED']); //email new comments if (!empty(SimpleBlogCommon::$data['email_comments'])) { $subject = 'New Comment'; $body = ''; if (!empty($temp['name'])) { $body .= '<p>From: ' . $temp['name'] . '</p>'; } if (!empty($temp['website'])) { $body .= '<p>Website: ' . $temp['name'] . '</p>'; } $body .= '<p>' . $temp['comment'] . '</p>'; global $gp_mailer; includeFile('tool/email_mailer.php'); $gp_mailer->SendEmail(SimpleBlogCommon::$data['email_comments'], $subject, $body); } $this->comment_saved = true; return true; }
/** * Save a user submitted comment * */ function CommentAdd() { global $langmessage; // check the nonce // includes the comment count so resubmissions won't work if (!common::verify_nonce('easy_comments:' . count($this->comment_data), $_POST['nonce'], true)) { $message = gpOutput::GetAddonText('Sorry, your comment was not saved.'); message($message); return false; } //check captcha if ($this->config['comment_captcha'] && gp_recaptcha::isActive()) { if (!gp_recaptcha::Check()) { //recaptcha::check adds message on failure return false; } } if (empty($_POST['name'])) { $field = gpOutput::SelectText('Name'); message($langmessage['OOPS_REQUIRED'], $field); return false; } if (empty($_POST['comment'])) { $field = gpOutput::SelectText('Comment'); message($langmessage['OOPS_REQUIRED'], $field); return false; } $temp = array(); $temp['name'] = htmlspecialchars($_POST['name']); $temp['comment'] = nl2br(strip_tags($_POST['comment'])); $temp['time'] = time(); if (!empty($_POST['website']) && $_POST['website'] !== 'http://') { $website = $_POST['website']; if (strpos($website, '://') === false) { $website = false; } if ($website) { $temp['website'] = $website; } } $index = $this->NewIndex(); $this->comment_data[$index] = $temp; //save to index file first if (!$this->UpdateIndex()) { $message = gpOutput::GetAddonText('Sorry, your comment was not saved.'); message($message); return false; } //then save actual comment if ($this->SaveCommentData()) { $message = gpOutput::GetAddonText('Your comment has been saved.'); message($message); return true; } else { $message = gpOutput::GetAddonText('Sorry, your comment was not saved.'); message($message); return false; } }
function SendMessage() { global $langmessage, $config, $gp_mailer; includeFile('tool/email_mailer.php'); $headers = array(); $_POST += array('subject' => '', 'contact_nonce' => '', 'message' => ''); if (empty($_POST['message'])) { msg($langmessage['OOPS'] . '(Invalid Message)'); return; } //check nonce if (!common::verify_nonce('contact_post', $_POST['contact_nonce'], true)) { msg($langmessage['OOPS'] . '(Invalid Nonce)'); return; } if (!empty($_POST['contact_void'])) { msg($langmessage['OOPS'] . '(Robot Detected)'); return; } //captcha if (!gp_recaptcha::Check()) { return; } if (!gpPlugin::Filter('contact_form_check', array(true))) { return; } //subject $_POST['subject'] = strip_tags($_POST['subject']); //message $tags = '<p><div><span><font><b><i><tt><em><i><a><strong><blockquote>'; $message = nl2br(strip_tags($_POST['message'], $tags)); //reply name if (!empty($_POST['email'])) { //check format if (!$this->ValidEmail($_POST['email'])) { msg($langmessage['invalid_email']); return false; } $replyName = str_replace(array("\r", "\n"), array(' '), $_POST['name']); $replyName = strip_tags($replyName); $replyName = htmlspecialchars($replyName); $gp_mailer->AddReplyTo($_POST['email'], $replyName); if (common::ConfigValue('from_use_user', false)) { $gp_mailer->SetFrom($_POST['email'], $replyName); } } //check for required values $require_email =& $config['require_email']; if (strpos($require_email, 'email') !== false) { if (empty($_POST['email'])) { $field = gpOutput::SelectText('your_email'); msg($langmessage['OOPS_REQUIRED'], $field); return false; } } if (strpos($require_email, 'none') === false) { if (empty($_POST['subject'])) { $field = gpOutput::SelectText('subject'); msg($langmessage['OOPS_REQUIRED'], $field); return false; } if (empty($message)) { $field = gpOutput::SelectText('message'); msg($langmessage['OOPS_REQUIRED'], $field); return false; } } if ($gp_mailer->SendEmail($config['toemail'], $_POST['subject'], $message)) { msg($langmessage['message_sent']); return true; } msg($langmessage['OOPS'] . ' (Send Failed)'); return false; }