function introspect(&$propbag)
{
$this->title = $this->get_config('title', $this->title);
$propbag->add('name', PLUGIN_SIDEBAR_IMAGESIDEBAR_NAME);
$propbag->add('description', PLUGIN_SIDEBAR_IMAGESIDEBAR_DESC);
$propbag->add('stackable', true);
$propbag->add('author', 'Andrew Brown (Menalto code), Matthew Groeninger (Unified/Media Lib. Code), Stefan Lange-Hegermann (Zooomr Code), Matthew Maude (Coppermine code)');
$propbag->add('version', '0.98');
$propbag->add('license', 'BSD');
$propbag->add('requirements', array('serendipity' => '0.8', 'smarty' => '2.6.7', 'php' => '4.1.0'));
$propbag->add('groups', array('IMAGES'));
//And now, off the beaten path. Here we check to see if the configuration is being saved. If so, lets just 'borrow' display_source so we can get the configuration right.
if (isset($_POST['SAVECONF']) && serendipity_checkFormToken()) {
$this->set_config('display_source', $_POST['serendipity']['plugin']['display_source']);
}
//Ok, now let's set the sub_plugin to the right one/ create the sub_plugin object.
$this->object_extend = $this->create_sub_class(true);
//add an array generated by 'set_configuration_array' to the propbag configuration.
$config_array = $this->set_configuration_array($this->object_extend);
$propbag->add('configuration', $config_array);
}
echo "Backtrace:<br />\n" . implode("<br />\n", $serendipity['debug']['pluginload']) . "<br />";
}
$bag = new serendipity_property_bag();
$plugin->introspect($bag);
if ($bag->is_set('configuration')) {
/* Only play with the plugin if there is something to play with */
echo '<script type="text/javascript">location.href = \'' . $serendipity['baseurl'] . '?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $inst . '\';</script>';
die;
} else {
/* If no config is available, redirect to plugin overview, because we do not want that a user can install the plugin a second time via accidental browser refresh */
echo '<script type="text/javascript">location.href = \'' . $serendipity['baseurl'] . '?serendipity[adminModule]=plugins\';</script>';
die;
}
}
}
if (isset($_POST['REMOVE']) && serendipity_checkFormToken()) {
if (is_array($_POST['serendipity']['plugin_to_remove'])) {
foreach ($_POST['serendipity']['plugin_to_remove'] as $key) {
$plugin =& serendipity_plugin_api::load_plugin($key);
if ($plugin->serendipity_owner == '0' || $plugin->serendipity_owner == $serendipity['authorid'] || serendipity_checkPermission('adminPluginsMaintainOthers')) {
serendipity_plugin_api::remove_plugin_instance($key);
}
}
}
}
?>
<?php
if (isset($_POST['SAVE'])) {
?>
<div class="serendipityAdminMsgSuccess"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="<?php
/**
* Creates the necessary session data to be used by later iframe calls
*
* This function emits the actual <iframe> call.
*
* @access private
* @see serendipity_is_iframe()
* @param string Indicates whether an entry is previewed or saved. Save performs XML-RPC calls.
* @param mixed The entry array (comes from HTTP POST request)
* @return boolean Indicates whether iframe data was stored
*/
function serendipity_iframe_create($mode, &$entry)
{
global $serendipity;
if (!empty($serendipity['POST']['no_save'])) {
return true;
}
if (!serendipity_checkFormToken()) {
return false;
}
$_SESSION['save_entry'] = $entry;
$_SESSION['save_entry_POST'] = $serendipity['POST'];
$attr = '';
switch ($mode) {
case 'save':
$attr = ' height="100" ';
break;
case 'preview':
$attr = ' height="300" ';
break;
}
return '<iframe src="serendipity_admin.php?serendipity[is_iframe]=true&serendipity[iframe_mode]=' . $mode . '" id="serendipity_iframe" name="serendipity_iframe" ' . $attr . ' width="100%" frameborder="0" marginwidth="0" marginheight="0" scrolling="auto" title="Serendipity">' . IFRAME_WARNING . '</iframe>';
}
# $Id: configuration.inc.php 2366 2008-11-06 11:44:43Z garvinhicking $
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
if (IN_serendipity !== true) {
die("Don't hack!");
}
umask(00);
$umask = 0775;
@define('IN_installer', true);
if (!isset($_POST['installAction'])) {
$_POST['installAction'] = '';
}
if (!serendipity_checkPermission('siteConfiguration') && !serendipity_checkPermission('blogConfiguration')) {
return;
}
switch ($_POST['installAction'] && serendipity_checkFormToken()) {
case 'check':
$oldConfig = $serendipity;
$res = serendipity_updateConfiguration();
if (is_array($res)) {
echo DIAGNOSTIC_ERROR;
echo '<div class="serendipityAdminMsgError">- <img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . implode('<br />', $res) . '</div><br /><br />';
} else {
/* If we have new rewrite rules, then install them */
$permalinkOld = array($oldConfig['serendipityHTTPPath'], $oldConfig['serendipityPath'], $oldConfig['baseURL'], $oldConfig['indexFile'], $oldConfig['rewrite']);
$permalinkNew = array($serendipity['serendipityHTTPPath'], $serendipity['serendipityPath'], $serendipity['baseURL'], $serendipity['indexFile'], $serendipity['rewrite']);
// Compare all old permalink section values against new one. A change in any of those
// will force to update the .htaccess for rewrite rules.
$permconf = serendipity_parseTemplate(S9Y_CONFIG_TEMPLATE);
if (is_array($permconf) && is_array($permconf['permalinks']['items'])) {
foreach ($permconf['permalinks']['items'] as $permitem) {
/**
* Prints the content of the iframe.
*
* Called by serendipity_is_iframe, when preview is requested. Fetches data from session.
* An iframe is used so that a single s9y page must not timeout on intensive operations,
* and so that the frontend stylesheet can be embedded without screwing up the backend.
*
* @access private
* @see serendipity_is_iframe()
* @param mixed The entry array (comes from session variable)
* @param string Indicates whether an entry is previewed or saved. Save performs XML-RPC calls.
* @param boolean Use smarty templating?
* @return boolean Indicates whether iframe data was printed
*/
function serendipity_iframe(&$entry, $mode = null, $use_smarty = true)
{
global $serendipity;
if (empty($mode) || !is_array($entry)) {
return false;
}
if (!serendipity_checkFormToken()) {
return false;
}
if ($use_smarty) {
$serendipity['smarty_raw_mode'] = true;
// Force output of Smarty stuff in the backend
$serendipity['smarty_preview'] = true;
serendipity_smarty_init();
$serendipity['smarty']->assign('is_preview', true);
ob_start();
}
$show = false;
switch ($mode) {
case 'save':
echo '<div style="float: left; height: 75px"></div>';
$res = serendipity_updertEntry($entry);
if (is_string($res)) {
echo '<div class="serendipity_msg_error">' . ERROR . ': <b>' . $res . '</b></div>';
} else {
if (!empty($serendipity['lastSavedEntry'])) {
// Last saved entry must be propagated to entry form so that if the user re-edits it,
// it needs to be stored with the new ID.
echo '<script type="text/javascript">parent.document.forms[\'serendipityEntry\'][\'serendipity[id]\'].value = "' . $serendipity['lastSavedEntry'] . '";</script>';
}
$entrylink = serendipity_archiveURL($res, $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
echo '<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . ENTRY_SAVED . ' (<a href="' . $entrylink . '" target="_blank">' . VIEW . '</a>)</div>';
}
echo '<br style="clear: both" />';
$show = true;
break;
case 'preview':
echo '<div id="serendipity_preview_spacer" style="float: left; height: 225px"></div>';
serendipity_printEntries(array($entry), $entry['extended'] != '' ? 1 : 0, true);
echo '<br id="serendipity_preview_spacer2" style="clear: both" />';
$show = true;
break;
}
if ($use_smarty) {
$preview = ob_get_contents();
ob_end_clean();
$serendipity['smarty']->assign_by_ref('preview', $preview);
$serendipity['smarty']->display(serendipity_getTemplateFile('preview_iframe.tpl', 'serendipityPath'));
}
return $show;
}
$dbn = 'latin1';
break;
case 'UTF-8':
$dbn = 'utf8';
break;
}
if ($dbn && $serendipity['dbNames']) {
mysql_query("SET NAMES " . $dbn, $db);
}
$return =& mysql_query($query, $db);
mysql_select_db($serendipity['dbName'], $serendipity['dbConn']);
serendipity_db_reconnect();
return $return;
}
}
if (isset($serendipity['GET']['importFrom']) && serendipity_checkFormToken()) {
/* Include the importer */
$class = @(require_once S9Y_INCLUDE_PATH . 'include/admin/importers/' . basename($serendipity['GET']['importFrom']) . '.inc.php');
if (!class_exists($class)) {
die('FAILURE: Unable to require import module, possible syntax error?');
}
/* Init the importer with form data */
$importer = new $class($serendipity['POST']['import']);
/* Yes sir, we are importing if we have valid data */
if ($importer->validateData()) {
echo IMPORT_STARTING . '<br />';
/* import() MUST return (bool)true, otherwise we assume it failed */
if (($result = $importer->import()) !== true) {
echo IMPORT_FAILED . ': ' . $result . '<br />';
} else {
echo IMPORT_DONE . '<br />';
function insertevent(&$array)
{
global $serendipity;
if (!serendipity_checkFormToken()) {
return false;
}
return serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}mycalendar\n (eventname, eventurl, eventurltitle, eventdate, eventdate2)\n VALUES ('" . serendipity_db_escape_string($array['eventname']) . "','" . serendipity_db_escape_string($array['eventurl']) . "','" . serendipity_db_escape_string($array['eventurltitle']) . "','" . serendipity_db_escape_string($array['eventdate']) . "','" . serendipity_db_escape_string($array['eventdate2']) . "')");
}
global $serendipity;
$data = array();
switch ($serendipity['POST']['adminAction']) {
case 'publish':
if (!serendipity_checkFormToken()) {
break;
}
$success = serendipity_updertEntry(array('id' => serendipity_specialchars($serendipity['POST']['id']), 'timestamp' => time(), 'isdraft' => 0));
if (is_numeric($success)) {
$data['published'] = $success;
} else {
$data['error_publish'] = $success;
}
break;
case 'updateCheckDisable':
if (!serendipity_checkFormToken() || !serendipity_checkPermission('blogConfiguration')) {
break;
}
serendipity_set_config_var('updateCheck', false);
break;
}
$user = serendipity_fetchAuthor($serendipity['authorid']);
// chrome-compatible, from Oliver Gassner, adapted from TextPattern. Hi guys, keep it up. :-)
$bookmarklet = "javascript:var%20d=document,w=window,e=w.getSelection,k=d.getSelection,x=d.selection,s=(e?e():(k)?k():(x?x.createRange().text:0)),f='" . $serendipity['baseURL'] . "',l=d.location,e=encodeURIComponent,p='serendipity_admin.php?serendipity[adminModule]=entries&serendipity[adminAction]=new&serendipity[title]='+e(d.title)+'&serendipity[body]='+e(s)+'&serendipity[url]='+location.href,u=f+p;a=function(){%20%20if(!w.open(u,'t','toolbar=0,resizable=1,scrollbars=1,status=1,width=800,height=800'))%20%20%20%20l.href=u;};if(/Firefox/.test(navigator.userAgent))%20%20setTimeout(a,0);else%20%20a();void(0)";
$data['bookmarklet'] = $bookmarklet;
$data['username'] = $user[0]['realname'];
$data['js_failure_file'] = serendipity_getTemplateFile('admin/serendipity_editor.js');
$output = array();
serendipity_plugin_api::hook_event('backend_frontpage_display', $output);
$data['backend_frontpage_display'] = $output['more'];
$data['usedVersion'] = $serendipity['version'];
serendipity_approveComment((int) $serendipity['GET']['id'], (int) $rs['entry_id']);
$msg .= DONE . ': ' . sprintf(COMMENT_APPROVED, (int) $serendipity['GET']['id']);
}
}
if (isset($serendipity['GET']['adminAction']) && $serendipity['GET']['adminAction'] == 'pending' && serendipity_checkFormToken()) {
$sql = "SELECT c.*, e.title, a.email as authoremail, a.mail_comments\n FROM {$serendipity['dbPrefix']}comments c\n LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = c.entry_id)\n LEFT JOIN {$serendipity['dbPrefix']}authors a ON (e.authorid = a.authorid)\n WHERE c.id = " . (int) $serendipity['GET']['id'] . " AND status = 'approved'";
$rs = serendipity_db_query($sql, true);
if ($rs === false) {
$errormsg .= ERROR . ': ' . sprintf(COMMENT_ALREADY_APPROVED, (int) $serendipity['GET']['id']);
} else {
serendipity_approveComment((int) $serendipity['GET']['id'], (int) $rs['entry_id'], true, true);
$msg .= DONE . ': ' . sprintf(COMMENT_MODERATED, (int) $serendipity['GET']['id']);
}
}
/* We are asked to delete a comment */
if (isset($serendipity['GET']['adminAction']) && $serendipity['GET']['adminAction'] == 'delete' && serendipity_checkFormToken()) {
serendipity_deleteComment($serendipity['GET']['id'], $serendipity['GET']['entry_id']);
$msg .= DONE . ': ' . sprintf(COMMENT_DELETED, (int) $serendipity['GET']['id']);
}
/* We are either in edit mode, or preview mode */
if (isset($serendipity['GET']['adminAction']) && ($serendipity['GET']['adminAction'] == 'edit' || $serendipity['GET']['adminAction'] == 'reply') || isset($serendipity['POST']['preview'])) {
$serendipity['smarty_raw_mode'] = true;
// Force output of Smarty stuff in the backend
serendipity_smarty_init();
if ($serendipity['GET']['adminAction'] == 'reply' || $serendipity['GET']['adminAction'] == 'doReply') {
$c = serendipity_fetchComments($serendipity['GET']['entry_id'], 1, 'co.id', false, 'NORMAL', ' AND co.id=' . (int) $serendipity['GET']['id']);
if (isset($serendipity['POST']['preview'])) {
$c[] = array('email' => $serendipity['POST']['email'], 'author' => $serendipity['POST']['name'], 'body' => $serendipity['POST']['comment'], 'url' => $serendipity['POST']['url'], 'timestamp' => time(), 'parent_id' => $serendipity['GET']['id']);
}
$target_url = '?serendipity[action]=admin&serendipity[adminModule]=comments&serendipity[adminAction]=doReply&serendipity[id]=' . (int) $serendipity['GET']['id'] . '&serendipity[entry_id]=' . (int) $serendipity['GET']['entry_id'] . '&serendipity[noBanner]=true&serendipity[noSidebar]=true&' . serendipity_setFormToken('url');
$codata = $serendipity['POST'];
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
// Moved from above: only get image data if we're actually going to do something
$this->set_valid_image_data();
// Get dimensions of image, only if not text-only
if ($this->image_name) {
// Is this a single-image bar, or a single segment?
$ratio = $this->image_width / $this->image_height;
if ($ratio < $max_segment_ratio) {
// This is probably a single segment. Square segments
// will have a ratio of 0.3; long, flat segments won't
// get up to 1.0 unless they're 3 times as wide as they
// are tall; full-bar images with square segments will
// be 1.666; and full-bar images with tall, narrow
// segments will be greater than 1.0 unless they're
// nearly twice as high as they are wide.
$this->image_width = $this->image_width * 5;
}
}
switch ($event) {
// Early hook, before any page is displayed
case 'frontend_configure':
// Make sure the karmaVote cookie is set, even if empty <a name="#1" />
if (!isset($serendipity['COOKIE']['karmaVote'])) {
serendipity_setCookie('karmaVote', serialize(array()));
}
// If user didn't vote, we're done.
if (!isset($serendipity['GET']['karmaId']) || !isset($serendipity['GET']['karmaVote'])) {
return;
}
// Get URL vote data
$this->karmaId = (int) $serendipity['GET']['karmaId'];
$this->karmaVoting = (int) $serendipity['GET']['karmaVote'];
// karmaVote cookie was just set (see name="#1"); this boils down to
// "if check cookie isn't 1, there's no real cookie".
// The check cookie gets set when a rater is displayed,
// so you've got no business voting if you haven't even
// seen the rater yet.
if (!isset($serendipity['COOKIE']['karmaVote']) or $serendipity['COOKIE']['check'] != '1') {
$this->karmaVote = 'nocookie';
return;
}
// Everything is ready. Get the cookie vote data.
$karma = unserialize($serendipity['COOKIE']['karmaVote']);
// Stop on invalid votes (cookie invalid, or URL data incorrect)
if (!is_array($karma) || !is_numeric($this->karmaVoting) || !is_numeric($this->karmaId) || $this->karmaVoting > 2 || $this->karmaVoting < -2) {
$this->karmaVote = 'invalid1';
return;
}
// Stop if the cookie says we already voted
if (!empty($karma[$this->karmaId])) {
$this->karmaVote = 'alreadyvoted';
return;
}
// We don't want bots hitting the karma-voting
$agent = $_SERVER['HTTP_USER_AGENT'];
if (stristr($agent, 'google') || stristr($agent, 'LinkWalker') || stristr($agent, 'zermelo') || stristr($agent, 'NimbleCrawler')) {
$this->karmaVote = 'invalid1';
return;
}
// Voting takes place here.
//
// Get voting data from the database (keeps all entries,
// even if no karma match)
$q = 'SELECT *
FROM ' . $serendipity['dbPrefix'] . 'entries AS e
LEFT OUTER JOIN ' . $serendipity['dbPrefix'] . 'karma AS k
ON e.id = k.entryid
WHERE e.id = ' . serendipity_db_escape_string($this->karmaId) . ' LIMIT 1';
$row = serendipity_db_query($q, true);
// If there's no entry with this ID, we're done
//
// --TODO: Modify the plugin to allow arbitrary voting with generated IDs
if (!isset($row) || !is_array($row)) {
$this->karmaVote = 'invalid2';
return;
}
$now = time();
if ($row['votes'] === '0' || $row['votes'] > 0) {
// Votes for this entry already exist. Do some checking.
$max_entrytime = $this->get_config('max_entrytime', 1440) * 60;
$max_votetime = $this->get_config('max_votetime', 5) * 60;
$max_karmatime = $this->get_config('max_karmatime', 7) * 24 * 60 * 60;
// Allow infinite voting when 0 or negative
if ($max_karmatime <= 0) {
$max_karmatime = $now;
}
// If the entry's timestamp is too old for voting,
// we're done.
if ($row['timestamp'] < $now - $max_karmatime) {
$this->karmaVote = 'timeout2';
return;
}
// If the entry is in the grace period, or votes
// aren't too close together, record the vote.
if ($row['timestamp'] > $now - $max_entrytime || $row['lastvote'] + $max_votetime < $now || $row['lastvote'] == 0) {
// Update votes
$q = sprintf("UPDATE {$serendipity['dbPrefix']}karma\n SET points = %s,\n votes = %s,\n lastvote = %s\n WHERE entryid = %s", $row['points'] + $this->karmaVoting, $row['votes'] + 1, $now, $this->karmaId);
serendipity_db_query($q);
} else {
// Entry was too recently voted upon. Figure out
// how long until voting will be allowed (in minutes).
$this->karmaVote = 'timeout';
$this->karmaTimeOut = abs(ceil(($now - ($row['lastvote'] + $max_votetime)) / 60));
return;
}
} else {
// No row. Use INSERT instead of UPDATE.
$q = sprintf("INSERT INTO {$serendipity['dbPrefix']}karma\n (entryid, points, votes, lastvote, visits)\n VALUES (%s, %s, %s, %s, %s)", $this->karmaId, $this->karmaVoting, 1, $now, 0);
$sql = serendipity_db_query($q);
}
// Log the vote
if (serendipity_db_bool($this->get_config('logging', false))) {
$q = sprintf("INSERT INTO {$serendipity['dbPrefix']}karmalog\n (entryid, points, ip, user_agent, votetime)\n VALUES (%s, %s, '%s', '%s', %s)", $this->karmaId, $this->karmaVoting, serendipity_db_escape_string($_SERVER['REMOTE_ADDR']), substr(serendipity_db_escape_string($_SERVER['HTTP_USER_AGENT']), 0, 255), $now);
$sql = serendipity_db_query($q);
if (is_string($sql)) {
mail($serendipity['serendipityEmail'], 'KARMA ERROR', $q . '<br />' . $sql . '<br />');
}
}
// Set the cookie that we already voted for this entry
$karma[$this->karmaId] = $this->karmaVoting;
$this->karmaVote = 'voted';
serendipity_setCookie('karmaVote', serialize($karma));
return true;
break;
// CSS generation hooks
// CSS generation hooks
case 'backend_header':
// Generate the CSS for the graphical rating bar selector
//
// The CSS appears to be generated in a completely
// different instance of Serendipity, as if index.php gets
// called separately for the CSS.
//
// Note that the css_backend hook adds properties to the
// serendipity_admin.css, but that file is *always*
// cached. We use backend_header and add the CSS to the
// HEAD styles to make it dynamic.
// Get the CSS, set $this->image_name so we'll output the
// standard graphical CSS prologue if any images are found.
$this->createRatingSelector();
print "<style type='text/css'>\n";
$align = 'center';
$bg = $this->get_config('preview_bg', false);
if (!empty($bg)) {
if (strpos($bg, ';') !== false || strpos($bg, ',') !== false) {
$bg = 'red';
}
print "\n.serendipity_karmaVote_selectorTable {\n background: {$bg};\n}\n";
}
print "\n.serendipityAdminContent .serendipity_karmaVoting_links {\n margin: 5px;\n}\n";
case 'css':
// Some CSS notes:
//
// .serendipity_karmaVoting is the class for the karma wrapper/container,
// including the text explanations, messages, and rating bar.
// (currently a div)
// .serendipity_karmaVoting a specifies the links for the text-mode
// rating bar
// .serendipity_karmaError is the class for any text indicating an
// error condition
// .serendipity_karmaSuccess is the class for any text indicating
// successful operation
// .serendipity_karmaVoting_links is the container for the graphical
// rating bar (currently an ol)
// .serendipity_karmaVoting_links a indicates the various voting links in
// the graphical rating bar
// .serendipity_karmaVoting_current-rating is the class for the current
// rating in the graphical rating bar
// a.serendipity_karmaVoting_link1, _link2, etc are the classes applied
// to the individual voting links
// Note that there are two possible template types: early
// templates that only handle the text rating bars, and
// newer templates that understand the graphical raters.
// We check for both types and act appropriately.
/*--JAM: Let's just skip this whole hassle
if (!$align) {
$align = $this->get_config('alignment', 'detect');
}
if ($align == 'detect') {
*/
$align = $this->get_config('alignment', 'center');
// Try to let the template take care of it
if ($this->image_name == '0') {
// Text-only rating bar is used
if (strpos($eventData, '.serendipity_karmaVoting')) {
// Template is handling all our CSS
return true;
}
}
/* --JAM: else {
// Graphical rating bar is used
if (strpos($eventData, '.serendipity_karmaVoting_images')) {
// Template is handling all our CSS
return true;
}
// Check for old text-only templates
$pos = strpos($eventData, '.serendipity_karmaVoting');
while ($pos && ($align == 'detect')) {
// Find text-align: in the current block
$endpos = strpos($eventData, '}', $pos);
if (!$endpos) {
// Broken CSS
break;
}
$alignpos = strpos($eventData, 'text-align:', $pos);
// Can't check for comments, or I would. Hope
// the first is the correct one.
if ($alignpos && $alignpos < $endpos) {
$start = $alignpos + 11;
$alignend = strpos($eventData, ';', $alignpos);
if ($alignend)
{
// All valid. Pull out the alignment.
$len = $alignend - $start;
$align = trim(substr($eventData, $start, $len));
}
}
$pos = strpos($eventData, '.serendipity_karmaVoting', $endpos);
}
// I should have a valid alignment or 'detect' in $align now.
}
}
// If we couldn't detect the alignment, guess 'right'
if ($align == 'detect') {
$align = 'right';
}
--JAM: END COMMENT BLOCK */
// Since errors might be printed at any time, always
// output the text-mode CSS
print <<<EOS
.serendipity_karmaVoting {
text-align: {$align};
font-size: 7pt;
margin: 0px;
}
.serendipity_karmaVoting a {
font-size: 7pt;
text-decoration: none;
}
.serendipity_karmaVoting a:hover {
color: green;
}
.serendipity_karmaError {
color: #FF8000;
}
.serendipity_karmaSuccess {
color: green;
}
EOS;
// Only output the image CSS if it's needed
if ($this->image_name != '0') {
$img = $serendipity['baseURL'] . "plugins/serendipity_event_karma/img/" . $this->image_name;
$h = $this->image_height / 3;
$w = $this->image_width;
switch ($align) {
case 'left':
$margin = '0px auto 0px 0px';
break;
case 'center':
$margin = '0px auto';
break;
case 'right':
default:
$margin = '0px 0px 0px auto';
break;
}
// The CSS here is lifted largely from
// http://komodomedia.com/blog/index.php/2007/01/20/css-star-rating-redux/
//
// Note, however that margin has been changed for
// multiple cases and all unitless measurements have
// been specified in pixels. Additionally, measures
// have been taken to align the text.
print <<<END_IMG_CSS
.serendipity_karmaVoting_links,
.serendipity_karmaVoting_links a:hover,
.serendipity_karmaVoting_current-rating {
background: url({$img}) left;
font-size: 0;
}
.serendipity_karmaVoting_links {
position: relative;
width: {$w}px;
height: {$h}px;
overflow: hidden;
list-style: none;
margin: {$margin};
padding: 0px;
background-position: left top;
text-align: center;
}
.serendipity_karmaVoting_links li {
display: inline;
}
.serendipity_karmaVoting_links a ,
.serendipity_karmaVoting_current-rating {
position:absolute;
top: 0px;
left: 0px;
text-indent: -9000em;
height: {$h}px;
line-height: {$h}px;
outline: none;
overflow: hidden;
border: none;
}
.serendipity_karmaVoting_links a:hover {
background-position: left bottom;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link1 {
width: 20%;
z-index: 6;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link2 {
width: 40%;
z-index: 5;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link3 {
width: 60%;
z-index: 4;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link4 {
width: 80%;
z-index: 3;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link5 {
width: 100%;
z-index: 2;
}
.serendipity_karmaVoting_links .serendipity_karmaVoting_current-rating {
z-index: 1;
background-position: left center;
}
END_IMG_CSS;
// Add selector images CSS, if necessary
if (!empty($this->select_css)) {
print $this->select_css;
}
}
// End if image bar defined
if ($event == 'backend_header') {
print "\n</style>\n";
}
return true;
break;
//--TODO: Comment the functionality of this event hook.
//--TODO: Comment the functionality of this event hook.
case 'event_additional_statistics':
$sql = array();
$sql['visits_top'] = array('visits', 'DESC');
$sql['visits_bottom'] = array('visits', 'ASC');
$sql['votes_top'] = array('votes', 'DESC');
$sql['votes_bottom'] = array('votes', 'ASC');
$sql['points_top'] = array('points', 'DESC');
$sql['points_bottom'] = array('points', 'ASC');
foreach ($sql as $key => $rows) {
$q = "SELECT e.id,\n e.title,\n e.timestamp,\n SUM(k.{$rows[0]}) AS no\n FROM {$serendipity['dbPrefix']}karma\n AS k\n JOIN {$serendipity['dbPrefix']}entries\n AS e\n ON k.entryid = e.id\n WHERE k.{$rows[0]} IS NOT NULL AND k.{$rows[0]} != 0\n GROUP BY e.id, e.title, e.timestamp ORDER BY no {$rows[1]} LIMIT {$addData['maxitems']}";
$sql_rows = serendipity_db_query($q);
?>
<dt><strong><?php
echo constant('PLUGIN_KARMA_STATISTICS_' . strtoupper($key));
?>
</strong></dt>
<dl>
<?php
if (is_array($sql_rows)) {
foreach ($sql_rows as $id => $row) {
?>
<dt><strong><a href="<?php
echo serendipity_archiveURL($row['id'], $row['title'], 'serendipityHTTPPath', true, array('timestamp' => $row['timestamp']));
?>
"><?php
echo htmlspecialchars($row['title']);
?>
</a></strong></dt>
<dd><?php
echo $row['no'];
?>
<?php
echo constant('PLUGIN_KARMA_STATISTICS_' . strtoupper($rows[0]) . '_NO');
?>
</dd>
<?php
}
}
?>
</dl>
<?php
}
return true;
break;
// Add voting information to entries
// Add voting information to entries
case 'entry_display':
// Update database if necessary
if ($this->get_config('dbversion', 0) != PLUGIN_KARMA_DB_VERSION) {
$this->checkScheme();
}
// Find the ID of this entry
if (isset($serendipity['GET']['id'])) {
$entryid = (int) serendipity_db_escape_string($serendipity['GET']['id']);
} elseif (preg_match(PAT_COMMENTSUB, $_SERVER['REQUEST_URI'], $matches)) {
$entryid = (int) $matches[1];
} else {
$entryid = false;
}
// If we're actually reading the entry, not voting or editing it...
if ($entryid && empty($serendipity['GET']['adminAction']) && !$serendipity['GET']['karmaVote']) {
// Update the number of visits
// Are we supposed to track visits?
$track_clicks = serendipity_db_bool($this->get_config('visits_active', true)) && $this->track_clicks_allowed_by_user();
if ($track_clicks && $_SERVER['REQUEST_METHOD'] == 'GET') {
$sql = serendipity_db_query("UPDATE {$serendipity['dbPrefix']}karma \n SET visits = visits + 1 \n WHERE entryid = {$entryid}", true);
if (serendipity_db_affected_rows() < 1) {
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}karma (entryid, points, votes, lastvote, visits) \n VALUES ('{$entryid}', 0, 0, 0, 1)");
}
}
}
// Set a cookie to look for later, verifying that cookies are enabled
serendipity_setCookie('check', '1');
switch ($this->karmaVote) {
case 'nocookie':
// Users with no cookies won't be able to vote.
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_NOCOOKIE . '</div>';
// Continue until output
// Continue until output
case 'timeout2':
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_CLOSED . '</div>';
}
// Continue until output
// Continue until output
case 'timeout':
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . sprintf(PLUGIN_KARMA_TIMEOUT, $this->karmaTimeOut) . '</div>';
}
// Continue until output
// Continue until output
case 'alreadyvoted':
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_ALREADYVOTED . '</div>';
}
// Continue until output
// Continue until output
case 'invalid1':
case 'invalid2':
case 'invalid':
// Set message
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_INVALID . '</div>';
}
// Continue until output
/* OUTPUT MESSAGE */
//--TODO: Shouldn't this work with the cache plugin, too?
if ($addData['extended']) {
$eventData[0]['exflag'] = 1;
$eventData[0]['add_footer'] .= $msg;
} else {
$elements = count($eventData);
// Find the right container to store our message in.
for ($i = 0; $i < $elements; $i++) {
if ($eventData[$i]['id'] == $this->karmaId) {
$eventData[$i]['add_footer'] .= $msg;
}
}
}
break;
case 'voted':
default:
// If there's no data, there's no need to go on
if (!is_array($eventData)) {
return;
}
// Find out what the admin wants
$track_clicks = serendipity_db_bool($this->get_config('visits_active', true));
$track_karma = serendipity_db_bool($this->get_config('karma_active', true));
if (serendipity_db_bool($this->get_config('karma_active_registered', false))) {
if (!serendipity_userLoggedIn()) {
$track_karma = false;
}
}
$track_exits = serendipity_db_bool($this->get_config('exits_active', true));
// Get the limits
$now = time();
$karmatime = $this->get_config('max_karmatime', 7);
$max_karmatime = $karmatime * 24 * 60 * 60;
// Accept infinite voting
if ($max_karmatime <= 0) {
$max_karmatime = $now;
}
//--TODO: Ensure that this works with the Custom Permalinks plugin
// (We've seen trouble; it votes correctly, but redirects to the front page)
$url = serendipity_currentURL(true);
// Voting is only allowed on entries. Therefore voting URLs must be
// either single-entry URLs or summary URLs. serendipity_currentURL
// converts them to an "ErrorDocument-URI", so we can focus on the
// query portion of the URI.
//
// Single-entry URLs should be well-defined. They can be permalinks,
// of course; otherwise they're of the configured pattern.
//
// Summary URLs could be a little harder. The summary pages that
// include entries are: frontpage, category, author, and archives.
// It's possible a plugin would show entries, but if that's the case
// we don't need to allow the user to vote on them. Still, that's
// a lot of URLs to check for.
//
// Then there's the problem of the rest of the query. It could
// include stuff we really want to keep around, like template
// overrides or something. One can even add serendipity variables
// to the URL in extreme cases.
//
// It seems that canonicalizing the URL will be quite difficult.
// The only thing we can say for certain is that whatever the
// current URL is, it got us to this page, and we'd like to return
// to this page after we cast our vote.
// Remove any clutter from our previous voting activity
$url_parts = parse_url(serendipity_currentURL(true));
if (!empty($url_parts['query'])) {
$exclude = array('serendipity[karmaVote]', 'serendipity[karmaId]');
// I tried using parse_str, but it gave me very weird results
// with embedded arrays
//parse_str($url_parts['query'], $q_parts);
$q_parts = array();
// I don't know why this URL has been HTML encoded. Oh well.
$pairs = explode('&', $url_parts['query']);
foreach ($pairs as $pair) {
$parts = explode('=', $pair);
$q_parts[$parts[0]] = $parts[1];
}
foreach ($q_parts as $key => $value) {
if (in_array($key, $exclude)) {
$rm = preg_quote("{$key}={$value}");
$url = preg_replace("@(&|&)?{$rm}@", '', $url);
}
}
}
if (substr($url, -1) != '?') {
$url .= '&';
}
// Get the cookie data (past votes, etc)
$karma = isset($serendipity['COOKIE']['karmaVote']) ? unserialize($serendipity['COOKIE']['karmaVote']) : array();
// Get all required entry IDs, making keys match keys in eventData
$entries = array();
if ($addData['extended'] || $addData['preview']) {
// We're in extended or preview mode, we only need the current ID
$eventData[0]['exflag'] = 1;
$entries[0] = (int) $eventData[0]['id'];
} elseif (!serendipity_db_bool($this->get_config('extended_only', false))) {
// We're in overview mode, and we want rating bars for all the entry IDs
foreach (array_keys($eventData) as $key) {
if (isset($eventData[$key]['id'])) {
$entries[$key] = (int) $eventData[$key]['id'];
}
}
}
// Fetch votes for all entry IDs. Store them in an array for later usage.
$q = 'SELECT k.entryid, SUM(votes) AS votes, SUM(points) AS points, SUM(visits) AS visits
FROM ' . $serendipity['dbPrefix'] . 'karma AS k
WHERE k.entryid IN (' . implode(', ', $entries) . ') GROUP BY k.entryid';
$sql = serendipity_db_query($q);
$rows = array();
if ($sql && is_array($sql)) {
foreach ($sql as $row) {
$rows[$row['entryid']] = array('votes' => $row['votes'], 'points' => $row['points'], 'visits' => $row['visits']);
}
}
$this->prepareExits($entries);
// Add karma block to the footer of each entry
//
// The entries array was populated, above, so its keys match the eventData array,
// and overview entries are skipped if "extended only" is enabled
foreach (array_keys($entries) as $i) {
// Get the statistics
$entryid = $eventData[$i]['id'];
$votes = !empty($rows[$entryid]['votes']) ? $rows[$entryid]['votes'] : 0;
$points = !empty($rows[$entryid]['points']) ? $rows[$entryid]['points'] : 0;
$visits = !empty($rows[$entryid]['visits']) ? $rows[$entryid]['visits'] : 0;
$enough_votes = $track_karma && $votes >= $this->get_config('min_disp_votes', 0);
$enough_visits = $track_clicks && $visits >= $this->get_config('min_disp_visits', 0);
$textual_msg = true;
$textual_current = true;
$textual_visits = true;
if ($this->image_name != '0') {
$textual_msg = $this->get_config('textual_msg', 'true');
$textual_current = $this->get_config('textual_current', 'true');
$textual_visits = $this->get_config('textual_visits', 'true');
}
// Where's the footer? Normally it would be
// in eventData[n]['add_footer'] but if the
// cache plugin is used, it's in
// eventData[n]['properties']['ep_cache_add_footer'].
// This method retrieves it either way.
$footer =& $this->getFieldReference('add_footer', $eventData[$i]);
// Depending on what existed, $footer could
// be referencing the cached version, the
// uncached version, or even a new empty
// string. In particular, if $eventData[$i]
// has no properties, and no 'add_footer' key,
// $footer is referencing a new empty string,
// so adding a karma bar to $footer would do
// nothing.
//
// We could be referencing an empty uncached
// 'add_footer', but empty cache entries are
// never returned.
//
// Reference a footer that will be printed
if (empty($footer) && !isset($eventData[$i]['add_footer']) && is_array($eventData[$i])) {
$eventData[$i]['add_footer'] = '';
$footer =& $eventData[$i]['add_footer'];
// It's still empty, but it's referencing
// the right place.
}
if ($track_exits) {
$footer .= $this->getExits($entryid, true);
}
// Pick the appropriate intro msg and rating bar
// No msg or bar if karma is disabled
if ($track_karma) {
if (isset($karma[$entryid])) {
// We already voted for this one
$msg = '<div class="serendipity_karmaSuccess">' . PLUGIN_KARMA_VOTED . '</div>';
$myvote = $karma[$entryid];
if ($this->get_config('rate_with_words', false)) {
$myvote = $this->wordRating($myvote, 1);
} elseif ($this->image_name != '0') {
$myvote = $this->imageRating($myvote, 1);
}
// Just a current rating bar, if any
$bar = $this->createRatingBar(null, $points, $votes);
} elseif ($eventData[$i]['timestamp'] < $now - $max_karmatime) {
// Too late to vote for this one
$msg = '<div class="serendipity_karmaClosed">' . sprintf(PLUGIN_KARMA_CLOSED, $karmatime) . '</div>';
// Just a current rating bar, if any
$bar = $this->createRatingBar(null, $points, $votes);
} else {
// We can vote for this; make the whole voting block
$rate_msg = $this->get_config('rate_msg', PLUGIN_KARMA_VOTETEXT);
$msg = '<div class="serendipity_karmaVoting_text">' . $rate_msg . '</div>';
// Full voting bar
$bar = $this->createRatingBar($entryid, $points, $votes);
}
}
// Create the karma block
$image_class = '';
if ($this->image_name != '0') {
$image_class = ' serendipity_karmaVoting_images';
}
$karma_block = "<div class='serendipity_karmaVoting{$image_class}'><a id='karma_vote{$entryid}'></a>";
if ($textual_msg) {
$karma_block .= $msg;
}
$karma_block .= $bar;
if ($enough_votes && $textual_current) {
$curr_msg = $this->get_config('curr_msg', PLUGIN_KARMA_CURRENT);
$karma_block .= '<span class="serendipity_karmaVoting_current">' . $curr_msg . '</span>';
}
if ($enough_visits && $textual_visits) {
$karma_block .= '<span class="serendipity_karmaVoting_visits">' . PLUGIN_KARMA_VISITSCOUNT . '</span>';
}
$karma_block .= "\n</div>\n";
// Adjust rating points
if ($this->get_config('rate_with_words', false)) {
$points = $this->wordRating($points, $votes);
} elseif ($this->image_name != '0') {
$points = $this->imageRating($points, $votes);
}
/*
print("<h3>--DEBUG: Karma block code:</h3>\n<pre>\n");
print_r(htmlspecialchars($karma_block));
print("\n</pre>\n");
*/
// Substitute the % stuff and add it to the footer
$eventData[$i]['properties']['myvote'] = $myvote;
$eventData[$i]['properties']['points'] = $points;
$eventData[$i]['properties']['votes'] = $votes;
$eventData[$i]['properties']['visits'] = $visits;
$footer .= sprintf($karma_block, $myvote, $points, $votes, $visits, $url);
}
// foreach key in entries
}
// End switch on karma voting status
return true;
break;
// Display the Karma Log link on the sidebar
// Display the Karma Log link on the sidebar
case 'backend_sidebar_entries':
?>
<li class="serendipitySideBarMenuLink serendipitySideBarMenuEntryLinks">
<a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=karmalog">
<?php
echo PLUGIN_KARMA_DISPLAY_LOG;
?>
</a>
</li>
<?php
return true;
break;
// Display the Karma Log!
//case 'external_plugin':
// Display the Karma Log!
//case 'external_plugin':
case 'backend_sidebar_entries_event_display_karmalog':
// Print any stored messages
//foreach ($serendipity['karma_messages'] as $msg) {
// print("<div class='serendipityAdminInfo'>$msg</div>\n");
//}
// Was I asked to process any votes?
if (($serendipity['POST']['delete_button'] || $serendipity['POST']['approve_button']) && sizeof($serendipity['POST']['delete']) != 0 && serendipity_checkFormToken()) {
foreach ($serendipity['POST']['delete'] as $d => $i) {
$kdata = $serendipity['POST']['karmalog' . $i];
// validate posted variables
// posted points
$ppoints = $kdata['points'];
if (!is_numeric($ppoints) || (int) $ppoints < -2 || (int) $ppoints > 2) {
print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
return false;
}
// posted id
$pid = $kdata['entryid'];
if (!is_numeric($pid)) {
print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
return false;
}
// posted IP
$pip = long2ip(ip2long($kdata['ip']));
if ($pip == -1 || $pip === FALSE) {
print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
return false;
}
// posted user agent (need a better validator, I think)
$puser_agent = $kdata['user_agent'];
if (serendipity_db_escape_string($puser_agent) != $puser_agent) {
print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
return false;
}
// posted vote time
$pvotetime = $kdata['votetime'];
$unixsecs = date('U', $kdata['votetime']);
if ($pvotetime != $unixsecs) {
print "<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_INVALID_INPUT . "</div>\n";
return false;
}
// Remove karma from entry?
if ($serendipity['POST']['delete_button']) {
// Fetch vote total for the entry IDs
$q = 'SELECT k.*
FROM ' . $serendipity['dbPrefix'] . 'karma AS k
WHERE k.entryid IN (' . $pid . ') GROUP BY k.entryid';
$sql = serendipity_db_query($q);
if (is_array($sql)) {
$karma = $sql[0];
$update = sprintf("UPDATE {$serendipity['dbPrefix']}karma\n SET points = %s,\n votes = %s\n WHERE entryid = %s", serendipity_db_escape_string($karma['points'] - $ppoints), serendipity_db_escape_string($karma['votes'] - 1), serendipity_db_escape_string($pid));
$updated = serendipity_db_query($update);
if ($updated != 1) {
printf("<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_REMOVE_ERROR . "</div>\n", $pid);
// Don't delete from karma log if we couldn't take away the points
continue;
}
} else {
// This will only happen if someone is messing with the karma table or submit data
printf("<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_UPDATE_ERROR . "</div>", $pid);
continue;
}
}
// Remove vote from log (approved or deleted, doesn't matter)
$del = sprintf("DELETE FROM {$serendipity['dbPrefix']}karmalog\n WHERE entryid = %s AND ip = '%s' AND user_agent LIKE '%%%s%%' AND votetime = %s LIMIT 1", serendipity_db_escape_string($pid), serendipity_db_escape_string($pip), serendipity_db_escape_string($puser_agent), serendipity_db_escape_string($pvotetime));
$deleted = serendipity_db_query($del);
// User feedback
if ($deleted == 1) {
if ($serendipity['POST']['delete_button']) {
printf("<div class='serendipityAdminMsgSuccess'>" . PLUGIN_KARMA_REMOVED_POINTS . "</div>\n", $ppoints, $pid);
} else {
printf("<div class='serendipityAdminMsgSuccess'>" . PLUGIN_KARMA_APPROVED_POINTS . "</div>\n", $ppoints, $pid);
}
} else {
printf("<div class='serendipityAdminMsgError'>" . PLUGIN_KARMA_REMOVE_ERROR . "</div>\n", $pid);
}
}
}
// URL; expected to be event_display and karmalog, respectively
$url = '?serendipity[adminModule]=' . htmlspecialchars($serendipity['GET']['adminModule']) . '&serendipity[adminAction]=' . htmlspecialchars($serendipity['GET']['adminAction']);
// Filters
print "\n<form action='' method='get' name='karmafilters' id='karmafilters'>\n <input type='hidden' name='serendipity[adminModule]' value='{$serendipity['GET']['adminModule']}' />\n <input type='hidden' name='serendipity[adminAction]' value='{$serendipity['GET']['adminAction']}' />\n<table class='serendipity_admin_filters' width='100%'>\n<tr>\n <td colspan='4' class='serendipity_admin_filters_headline'><strong>" . FILTERS . "</strong></td>\n</tr>\n<tr>\n <td>User Agent:</td>\n <td><input class='input_textbox' type='text' name='serendipity[filter][user_agent]' size='15' value='" . htmlspecialchars($serendipity['GET']['filter']['user_agent']) . "' /></td>\n <td>" . IP . "</td>\n <td><input class='input_textbox' type='text' name='serendipity[filter][ip]' size='15' value='" . htmlspecialchars($serendipity['GET']['filter']['ip']) . "' /></td>\n</tr>\n<tr>\n <td>Entry ID:</td>\n <td><input class='input_textbox' type='text' name='serendipity[filter][entryid]' size='15' value='" . htmlspecialchars($serendipity['GET']['filter']['entryid']) . "' /></td>\n <td>Entry title:</td>\n <td><input class='input_textbox' type='text' name='serendipity[filter][title]' size='30' value='" . htmlspecialchars($serendipity['GET']['filter']['title']) . "' /></td>\n</tr>\n</table>\n";
// Set all filters into $and and $searchString
if (!empty($serendipity['GET']['filter']['entryid'])) {
$val = $serendipity['GET']['filter']['entryid'];
$and .= "AND l.entryid = '" . serendipity_db_escape_string($val) . "'";
$searchString .= "&serendipity['filter']['entryid']=" . htmlspecialchars($val);
}
if (!empty($serendipity['GET']['filter']['ip'])) {
$val = $serendipity['GET']['filter']['ip'];
$and .= "AND l.ip = '" . serendipity_db_escape_string($val) . "'";
$searchString .= "&serendipity['filter']['ip']=" . htmlspecialchars($val);
}
if (!empty($serendipity['GET']['filter']['user_agent'])) {
$val = $serendipity['GET']['filter']['user_agent'];
$and .= "AND l.user_agent LIKE '%" . serendipity_db_escape_string($val) . "%'";
$searchString .= "&serendipity['filter']['user_agent']=" . htmlspecialchars($val);
}
if (!empty($serendipity['GET']['filter']['title'])) {
$val = $serendipity['GET']['filter']['title'];
$and .= "AND e.title LIKE '%" . serendipity_db_escape_string($val) . "%'";
$searchString .= "&serendipity['filter']['title']=" . htmlspecialchars($val);
}
// Sorting (controls go after filtering controls in form above)
$sort_order = array('votetime' => DATE, 'user_agent' => USER_AGENT, 'title' => TITLE, 'entryid' => 'ID');
if (empty($serendipity['GET']['sort']['ordermode']) || $serendipity['GET']['sort']['ordermode'] != 'ASC') {
$desc = true;
$serendipity['GET']['sort']['ordermode'] = 'DESC';
}
if (!empty($serendipity['GET']['sort']['order']) && !empty($sort_order[$serendipity['GET']['sort']['order']])) {
$curr_order = $serendipity['GET']['sort']['order'];
$orderby = serendipity_db_escape_string($curr_order . ' ' . $serendipity['GET']['sort']['ordermode']);
} else {
$curr_order = 'votetime';
$orderby = 'votetime ' . serendipity_db_escape_string($serendipity['GET']['sort']['ordermode']);
}
print "\n<div>" . SORT_BY . "\n<select name='serendipity[sort][order]'>\n";
foreach ($sort_order as $order => $val) {
print "\n <option value='{$order}'" . ($curr_order == $order ? " selected='selected'" : '') . ">{$val}</option>\n";
}
print "\n</select>\n<select name='serendipity[sort][ordermode]'>\n <option value='DESC'" . ($desc ? "selected='selected'" : '') . ">" . SORT_ORDER_DESC . "</option>\n <option value='ASC'" . ($desc ? '' : "selected='selected'") . ">" . SORT_ORDER_ASC . "</option>\n</select>\n</div>\n<input type='submit' name='submit' value=' - " . GO . " - ' class='serendipityPrettyButton input_button' /> \n</form>\n";
// Paging (partly ripped from include/admin/comments.inc.php)
$commentsPerPage = (int) (!empty($serendipity['GET']['filter']['perpage']) ? $serendipity['GET']['filter']['perpage'] : 25);
$sql = serendipity_db_query("SELECT COUNT(*) AS total FROM {$serendipity['dbPrefix']}karmalog l WHERE 1 = 1 " . $and, true);
$totalVotes = $sql['total'];
$pages = $commentsPerPage == COMMENTS_FILTER_ALL ? 1 : ceil($totalVotes / (int) $commentsPerPage);
$page = (int) $serendipity['GET']['page'];
if ($page == 0 || $page > $pages) {
$page = 1;
}
if ($page > 1) {
$linkPrevious = $url . '&serendipity[page]=' . ($page - 1) . $searchString;
}
if ($pages > $page) {
$linkNext = $url . '&serendipity[page]=' . ($page + 1) . $searchString;
}
if ($commentsPerPage == COMMENTS_FILTER_ALL) {
$limit = '';
} else {
$limit = serendipity_db_limit_sql(serendipity_db_limit(($page - 1) * (int) $commentsPerPage, (int) $commentsPerPage));
}
// Variables for display
if ($linkPrevious) {
$linkPrevious = '<a href="' . $linkPrevious . '" class="serendipityIconLink"><img src="' . serendipity_getTemplateFile('admin/img/previous.png') . '" /></a>';
} else {
$linkPrevious = ' ';
}
if ($linkNext) {
$linkNext = '<a href="' . $linkNext . '" class="serendipityIconLinkRight"><img src="' . serendipity_getTemplateFile('admin/img/next.png') . '" /></a>';
} else {
$linkNext = ' ';
}
$paging = sprintf(PAGE_BROWSE_COMMENTS, $page, $pages, $totalVotes);
// Retrieve the next batch of karma votes
// [entryid, points, ip, user_agent, votetime]
$sql = serendipity_db_query("SELECT l.entryid AS entryid, l.points AS points, l.ip AS ip, l.user_agent AS user_agent, l.votetime AS votetime, e.title AS title FROM {$serendipity['dbPrefix']}karmalog l\n LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = l.entryid)\n WHERE 1 = 1 " . $and . "\n ORDER BY {$orderby} {$limit}");
// Start the form for display and deleting
if (is_array($sql)) {
print "<form action='' method='post' name='formMultiDelete' id='formMultiDelete'>\n" . serendipity_setFormToken() . "\n<script type='text/javascript'>\nfunction invertSelection() {\n var f = document.formMultiDelete;\n for (var i = 0; i < f.elements.length; i++) {\n if( f.elements[i].type == 'checkbox' ) {\n f.elements[i].checked = !(f.elements[i].checked);\n }\n }\n}\n</script>\n";
// Print the header paging table
print "\n<table width='100%' style='border-collapse: collapse;'>\n <tr>\n <td align='left'>{$linkPrevious}</td>\n <td align='center'>{$paging}</td>\n <td align='right'>{$linkNext}</td>\n </tr>\n</table>\n";
// Start the vote table
print "\n<table class='karmalog' width='100%'>\n";
// Print each vote
$i = 0;
foreach ($sql as $vote) {
$i++;
// entryid, title, points, ip, user_agent, votetime
$entrylink = serendipity_archiveURL($vote['entryid'], $vote['title'], 'serendipityHTTPPath', true);
$entryFilterHtml = "<a class='serendipityIconLink' href='{$url}&serendipity[filter][entryid]={$vote['entryid']}'><img src='" . serendipity_getTemplateFile('admin/img/zoom.png') . "' /></a>";
$ipFilterHtml = "<a class='serendipityIconLink' href='{$url}&serendipity[filter][ip]={$vote['ip']}'><img src='" . serendipity_getTemplateFile('admin/img/zoom.png') . "' /></a>";
$timestr = strftime('%H:%M:%S<br />%n%a %b %d %Y', $vote['votetime']);
$cssClass = 'serendipity_admin_list_item serendipity_admin_list_item_';
$cssClass .= $i % 2 == 0 ? 'even' : 'uneven';
$barClass = str_replace(array('.', ' '), array('_', '_'), $this->image_name);
$barHtml = $this->createRatingBar(null, $vote['points'], 1, $barClass);
$barHtml = sprintf($barHtml, 'what', $vote['points'], '1');
print "\n <tr class='{$cssClass}'>\n <td rowspan='2' width='20' align='center'>\n <input class='input_checkbox' type='checkbox' name='serendipity[delete][{$i}]' value='{$i}' tabindex='{$i}' />\n <input type='hidden' name='serendipity[karmalog{$i}][points]' value='{$vote['points']}' />\n <input type='hidden' name='serendipity[karmalog{$i}][entryid]' value='{$vote['entryid']}' />\n <input type='hidden' name='serendipity[karmalog{$i}][votetime]' value='{$vote['votetime']}' />\n <input type='hidden' name='serendipity[karmalog{$i}][ip]' value='{$vote['ip']}' />\n <input type='hidden' name='serendipity[karmalog{$i}][user_agent]' value='{$vote['user_agent']}' />\n </td>\n <td>{$barHtml}</td>\n <td colspan='2'><a href='{$entrylink}' title='{$vote['entryid']}' alt='{$vote['title']}'>{$vote['title']}</a> {$entryFilterHtml}</td>\n </tr>\n <tr class='{$cssClass}'>\n <td>{$timestr}</td>\n <td>{$vote['ip']} {$ipFilterHtml}</td>\n <td>{$vote['user_agent']}</td>\n </tr>\n";
}
// End the vote table
print "\n </table>\n ";
if (is_array($sql)) {
print "\n<input type='button' name='toggle' value='" . INVERT_SELECTIONS . "' onclick='invertSelection()' class='serendipityPrettyButton input_button' /> \n<input class='serendipityPrettyButton input_button' type='submit' value='" . PLUGIN_KARMA_DELETE_VOTES . "' name='serendipity[delete_button]' />\n<input class='serendipityPrettyButton input_button' type='submit' value='" . PLUGIN_KARMA_APPROVE_VOTES . "' name='serendipity[approve_button]' />\n</form>\n";
}
// Print the footer paging table
print "\n<table width='100%' style='border-collapse: collapse;'>\n <tr>\n <td align='left'>{$linkPrevious}</td>\n <td align='center'>{$paging}</td>\n <td align='right'>{$linkNext}</td>\n </tr>\n</table>\n";
} else {
print "\n<div class='serendipityAdminMsgNotice'>No entries to display.</div>\n";
}
return true;
break;
default:
return false;
}
// End switch on event hooks
} else {
return false;
}
}
// if entries end
break;
case 'delete':
if (!serendipity_checkFormToken()) {
break;
}
$newLoc = '?' . serendipity_setFormToken('url') . '&serendipity[action]=admin&serendipity[adminModule]=entries&serendipity[adminAction]=doDelete&serendipity[id]=' . (int) $serendipity['GET']['id'];
$entry = serendipity_fetchEntry('id', $serendipity['GET']['id'], 1, 1);
$data['switched_output'] = true;
$data['is_delete'] = true;
$data['newLoc'] = $newLoc;
// for smartification printf had to turn into sprintf!!
$data['rip_entry'] = sprintf(DELETE_SURE, $entry['id'] . ' - ' . serendipity_specialchars($entry['title']));
break;
case 'multidelete':
if (!serendipity_checkFormToken()) {
return;
// blank content page, but default token check parameter is presenting a XSRF message when false
}
if (!is_array($serendipity['POST']['multiDelete'])) {
echo '<div class="msg_notice"><span class="icon-attention-circled"></span> ' . sprintf(MULTICHECK_NO_ITEM, $_SERVER['HTTP_REFERER']) . '</div>' . "\n";
break;
}
$ids = '';
$data['rip_entry'] = array();
foreach ($serendipity['POST']['multiDelete'] as $idx => $id) {
$ids .= (int) $id . ',';
$entry = serendipity_fetchEntry('id', $id, 1, 1);
$data['is_multidelete'] = true;
$data['rip_entry'][] = sprintf(DELETE_SURE, $entry['id'] . ' - ' . serendipity_specialchars($entry['title']));
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
switch ($event) {
// called when admin sidebar is being "built"
case 'backend_sidebar_entries_images':
?>
<li class="serendipitySideBarMenuLink serendipitySideBarMenuMediaLinks"><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=flickr">
<?php
echo PLUGIN_EVENT_FLICKR_NAME;
?>
</a></li><?php
break;
// called when admin sidebar is been "drawn"
// called when admin sidebar is been "drawn"
case 'backend_sidebar_entries_event_display_flickr':
// he, is user allowed to import images ?!?
if (!serendipity_checkPermission('adminImagesAdd')) {
// TODO: add a message to the user ?!?
break;
}
// if method is POST, we must have a valid form token !
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !serendipity_checkFormToken()) {
// TODO: add a message to the user ?!?
break;
}
?>
<?php
echo PLUGIN_EVENT_FLICKR_IMPORT_BLAHBLAH;
?>
<script type="text/javascript">
function flickr_showPage(p) {
var f = document.getElementById('flickr_uploadform');
f.elements['serendipity[flickr_page]'].value = p;
f.submit();
}
function flickr_doImport(url) {
var f = document.getElementById('flickr_uploadform');
f.elements['serendipity[adminModule]'].value = 'images';
f.elements['serendipity[adminAction]'].value = 'add';
f.elements['serendipity[imageurl]'].value = url;
f.submit();
}
function flickr_toggleExtended() {
var d = document.getElementById('flickr_extendedCriteria');
d.style.display = (d.style.display != '') ? '' : 'none';
}
</script>
<h3><? echo PLUGIN_EVENT_FLICKR_IMPORT; ?></h3>
<form action="?" method="POST" id="flickr_uploadform" enctype="multipart/form-data" onsubmit="">
<?php
echo serendipity_setFormToken();
?>
<?php
// these two fields will only be used when an image has been chosen for dl
?>
<input type="hidden" name="serendipity[imageurl]" value="" />
<input type="hidden" name="serendipity[imageimporttype]" value="image" />
<input type="hidden" name="serendipity[action]" value="admin" />
<input type="hidden" name="serendipity[adminModule]" value="event_display" />
<input type="hidden" name="serendipity[adminAction]" value="flickr" />
<input type="hidden" name="serendipity[flickr_page]" value="1" />
Flickr username: <input class="input_textbox" name="serendipity[flickr_username]" value="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_username']) : htmlspecialchars($serendipity['POST']['flickr_username'], ENT_COMPAT, LANG_CHARSET);
?>
" />
<input type="submit" value="<?php
echo GO;
?>
" class="serendipityPrettyButton input_button" /><br /><br />
<a style="border: 0pt none ; text-decoration: none;" href="#" onclick="flickr_toggleExtended(); return false"
title="<?php
echo TOGGLE_OPTION;
?>
">
<img border="0" src="<?php
echo serendipity_getTemplateFile('img/plus.png');
?>
" /> <?php
echo TOGGLE_ALL;
?>
</a>
<div id="flickr_extendedCriteria" <?php
echo strlen($serendipity['POST']['flickr_username']) ? '' : 'style="display:none;"';
?>
>
<p><?php
echo PLUGIN_EVENT_FLICKR_TAGS;
?>
<input class="input_textbox" name="serendipity[flickr_tags]" value="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_tags']) : htmlspecialchars($serendipity['POST']['flickr_tags'], ENT_COMPAT, LANG_CHARSET);
?>
" />
<?php
echo PLUGIN_EVENT_FLICKR_KEYWORDS;
?>
<input class="input_textbox" name="serendipity[flickr_keywords]" value="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_keywords']) : htmlspecialchars($serendipity['POST']['flickr_keywords'], ENT_COMPAT, LANG_CHARSET);
?>
" size="30" /></p>
<?php
echo SORT_BY;
?>
<select id="flickr_sort" name="serendipity[flickr_sort]">
<option value=""></option>
<?
// See API for details (http://www.flickr.com/services/api/flickr.photos.search.html)
$flickr_goodSortOrders = array(
'date-posted-asc'=>'By date of post, ascending',
'date-posted-desc'=>'By date of post, descending',
'date-taken-asc'=>'By date of take, ascending',
'date-taken-desc'=>'By date of take, descending',
'interestingness-asc'=>'By interestingness, ascending',
'interestingness-desc'=>'By interestingness, ascending',
'relevance'=>'By revelance'
);
// compute sort order
$sortOrder = (isset($serendipity['POST']['flickr_keywords']) &&
array_key_exists($serendipity['POST']['flickr_keywords'], $flickr_goodSortOrders) ?
(function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_keywords']) : htmlspecialchars($serendipity['POST']['flickr_keywords'], ENT_COMPAT, LANG_CHARSET)) : '');
// display possible options for sort order
foreach($flickr_goodSortOrders as $value => $description) {
echo '<option value="'.$value.'"';
if($sortOrder == $value) echo(' selected="true"');
echo '>'.$description.'</option>';
}
?>
</select>
</div>
</form>
<?php
// in the second step, we show latest photos (thumbs) for given username
if ($serendipity['POST']['adminAction'] == 'flickr') {
// make use of phpFlikr lib (http://www.phpflickr.com/)
require_once dirname(__FILE__) . '/phpFlickr/phpFlickr.php';
$f = new phpFlickr($this->get_config('api_key'));
$i = 0;
if (!empty($serendipity['POST']['flickr_username'])) {
// Find the NSID of the username inputted via the form
$nsid = $f->people_findByUsername($serendipity['POST']['flickr_username']);
// Get the friendly URL of the user's photos
$photos_url = $f->urls_getUserPhotos($nsid);
echo '<h4 style="margin-bottom: 0; padding-bottom: 0;">Photos of <em>';
echo (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_username']) : htmlspecialchars($serendipity['POST']['flickr_username'], ENT_COMPAT, LANG_CHARSET)) . '</em> at ';
echo '<a href="' . $photos_url . '" target="_blank">' . $photos_url . '</a></h4>';
// default page is number one
if (empty($serendipity['POST']['flickr_page']) || !is_numeric($serendipity['POST']['flickr_page'])) {
$serendipity['POST']['flickr_page'] = 1;
}
// make sure page is a number between 1 and 500 (range allowed by flickr API)
$serendipity['POST']['flickr_page'] = min(500, max(1, (int) $serendipity['POST']['flickr_page']));
echo '<h5 style="margin-top: 0; padding-top: 0;">Displaying page ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_page']) : htmlspecialchars($serendipity['POST']['flickr_page'], ENT_COMPAT, LANG_CHARSET)) . '</h5>';
// Search is made depending on selected criterias
$searchCriteria = array();
// make sure sort order is non empty AND valid
if (isset($serendipity['POST']['flickr_sort']) && strlen(trim($serendipity['POST']['flickr_sort'])) && array_key_exists($serendipity['POST']['flickr_keywords'], $flickr_goodSortOrders)) {
$searchCriteria['sort'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_sort']) : htmlspecialchars($serendipity['POST']['flickr_sort'], ENT_COMPAT, LANG_CHARSET);
}
// TODO: clean up tags of unwanted characters (keep only [a-zA-Z0-9_-])
if (isset($serendipity['POST']['flickr_tags']) && strlen(trim($serendipity['POST']['flickr_tags']))) {
$searchCriteria['tags'] = implode(',', explode(' ', function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_tags']) : htmlspecialchars($serendipity['POST']['flickr_tags'], ENT_COMPAT, LANG_CHARSET)));
}
// TODO: cleanup keywords
if (isset($serendipity['POST']['flickr_keywords']) && strlen(trim($serendipity['POST']['flickr_keywords']))) {
$searchCriteria['text'] = function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['POST']['flickr_keywords']) : htmlspecialchars($serendipity['POST']['flickr_keywords'], ENT_COMPAT, LANG_CHARSET);
}
if (count($searchCriteria)) {
// It seems the user wants an advanced search
$searchCriteria['user_id'] = $nsid;
$photos = $f->photos_search($searchCriteria);
} else {
// No extra criteria, get the user's next 12 public photos (+1 to show > next or not !)
$photos = $f->people_getPublicPhotos($nsid, NULL, 13, $serendipity['POST']['flickr_page']);
// Get user's tags (if any)
/*$tags = $f->tags_getListUser($nsid);
if(is_array($tags['tags']['tag'])) {
echo implode(',', $tags['tags']['tag']);
echo "<br />\n";
}*/
}
// Loop through the photos and output the html
foreach ($photos['photo'] as $photo) {
echo '<a title="Add to library" href="javascript:flickr_doImport(\'' . $f->buildPhotoURL($photo, 'Original') . '\');" ';
echo 'onclick="return confirm(\'Import this photo into the media library ?\');">';
echo '<img border="0" alt="' . $photo['title'] . '" src=' . $f->buildPhotoURL($photo, 'Square') . ' />';
echo '</a>';
// break before the 13th photo (if any)
if (++$i == 12) {
break;
}
// If it reaches the sixth photo, insert a line break
if ($i % 6 == 0) {
echo "<br />\n";
}
}
// end foreach
echo "<br />\n";
// navigate through pages of photos
if ($serendipity['POST']['flickr_page'] > 1) {
echo '<a href="javascript:flickr_showPage(' . (int) ($serendipity['POST']['flickr_page'] - 1) . ');">Previous</a>';
}
echo ' ';
if (count($photos['photo']) > 12) {
echo '<a href="javascript:flickr_showPage(' . (int) ($serendipity['POST']['flickr_page'] + 1) . ');">Next</a>';
}
}
// end if
}
// end if
return true;
break;
default:
return false;
break;
}
} else {
return false;
}
}
}
/* Delete a group */
if (isset($_POST['DELETE_YES']) && serendipity_checkFormToken()) {
$group = serendipity_fetchGroup($serendipity['POST']['group']);
serendipity_deleteGroup($serendipity['POST']['group']);
printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DELETED_GROUP . '</div>', htmlspecialchars($serendipity['POST']['group']), htmlspecialchars($group['name']));
}
/* Save new group */
if (isset($_POST['SAVE_NEW']) && serendipity_checkFormToken()) {
$serendipity['POST']['group'] = serendipity_addGroup($serendipity['POST']['name']);
$perms = serendipity_getAllPermissionNames();
serendipity_updateGroupConfig($serendipity['POST']['group'], $perms, $serendipity['POST'], false, $serendipity['POST']['forbidden_plugins'], $serendipity['POST']['forbidden_hooks']);
printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . CREATED_GROUP . '</div>', '#' . htmlspecialchars($serendipity['POST']['group']) . ', ' . htmlspecialchars($serendipity['POST']['name']));
}
/* Edit a group */
if (isset($_POST['SAVE_EDIT']) && serendipity_checkFormToken()) {
$perms = serendipity_getAllPermissionNames();
serendipity_updateGroupConfig($serendipity['POST']['group'], $perms, $serendipity['POST'], false, $serendipity['POST']['forbidden_plugins'], $serendipity['POST']['forbidden_hooks']);
printf('<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . MODIFIED_GROUP . '</div>', htmlspecialchars($serendipity['POST']['name']));
}
if ($serendipity['GET']['adminAction'] != 'delete') {
?>
<table width="100%">
<tr>
<td><strong><?php
echo GROUP;
?>
</strong></td>
<td width="200"> </td>
</tr>
<tr>
$file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
if (!is_array($file) || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
return;
}
if (empty($serendipity['adminFile_redirect'])) {
$serendipity['adminFile_redirect'] = serendipity_specialchars($_SERVER['HTTP_REFERER']);
}
$data['case_rotateCCW'] = true;
if (serendipity_rotateImg($serendipity['GET']['fid'], 90)) {
$data['rotate_img_done'] = true;
$data['adminFile_redirect'] = $serendipity['adminFile_redirect'];
}
break;
case 'scale':
$file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
if (!is_array($file) || !serendipity_checkFormToken() || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
return;
}
$data['case_scale'] = true;
$data['print_SCALING_IMAGE'] = sprintf(SCALING_IMAGE, $file['path'] . $file['name'] . '.' . $file['extension'], (int) $serendipity['GET']['width'], (int) $serendipity['GET']['height']);
$data['extraParems'] = serendipity_generateImageSelectorParems();
$data['print_serendipity_scaleImg'] = serendipity_scaleImg($serendipity['GET']['fid'], $serendipity['GET']['width'], $serendipity['GET']['height']);
break;
case 'scaleSelect':
$file = serendipity_fetchImageFromDatabase($serendipity['GET']['fid']);
if (!is_array($file) || !serendipity_checkPermission('adminImagesDelete') || !serendipity_checkPermission('adminImagesMaintainOthers') && $file['authorid'] != '0' && $file['authorid'] != $serendipity['authorid']) {
return;
}
$data['extraParems'] = serendipity_generateImageSelectorParems("form");
$data['case_scaleSelect'] = true;
$s = getimagesize($serendipity['serendipityPath'] . $serendipity['uploadPath'] . $file['path'] . $file['name'] . ($file['extension'] ? '.' . $file['extension'] : ""));
function shownotes()
{
global $serendipity;
if ($serendipity['version'][0] < 2) {
echo '<h3>' . PLUGIN_ADMINNOTES_TITLE . '</h3>';
} else {
echo '<h2>' . PLUGIN_ADMINNOTES_TITLE . '</h2>';
}
if (!serendipity_db_bool($this->get_config('feedback')) && $serendipity['serendipityUserlevel'] < USERLEVEL_CHIEF) {
return false;
}
switch ($_REQUEST['action']) {
case 'edit':
$entry = $this->getMyNotes((int) $_REQUEST['note']);
$mode = 'update';
case 'new':
if (!isset($mode)) {
$mode = 'insert';
}
if (!is_array($entry)) {
$entry = array();
}
if ($_REQUEST['submit']) {
$valid_groups = serendipity_getAllGroups($serendipity['authorid']);
$targets = array();
if (is_array($_REQUEST['note_target'])) {
foreach ($_REQUEST['note_target'] as $groupid) {
$found = false;
foreach ($valid_groups as $group) {
if ($group['confkey'] == $groupid) {
$found = true;
break;
}
}
if ($found) {
$targets[] = (int) $groupid;
}
}
}
if ($mode == 'update') {
$noteid = (int) $_REQUEST['note'];
$q = serendipity_db_query("UPDATE {$serendipity['dbPrefix']}adminnotes\n SET authorid = {$serendipity['authorid']},\n subject = '" . serendipity_db_escape_string($_REQUEST['note_subject']) . "',\n body = '" . serendipity_db_escape_string($_REQUEST['note_body']) . "',\n notetype = '" . serendipity_db_escape_string($_REQUEST['note_notetype']) . "'\n WHERE noteid = {$noteid}");
$q = serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}adminnotes_to_groups WHERE noteid = {$noteid}");
foreach ($targets as $target) {
$q = serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}adminnotes_to_groups (noteid, groupid) VALUES ({$noteid}, {$target})");
}
if (is_string($q)) {
echo $q . "<br />\n";
}
} else {
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}adminnotes (authorid, notetime, subject, body, notetype) VALUES ('" . $serendipity['authorid'] . "', " . time() . ", '" . serendipity_db_escape_string($_REQUEST['note_subject']) . "', '" . serendipity_db_escape_string($_REQUEST['note_body']) . "', '" . serendipity_db_escape_string($_REQUEST['note_notetype']) . "')");
$noteid = serendipity_db_insert_id('adminnotes', 'noteid');
foreach ($targets as $target) {
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}adminnotes_to_groups (noteid, groupid) VALUES ({$noteid}, {$target})");
}
}
if ($serendipity['version'][0] < 2) {
echo '<div class="serendipityAdminMsgSuccess"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DONE . ': ' . sprintf(SETTINGS_SAVED_AT, serendipity_strftime('%H:%M:%S')) . '</div>';
} else {
echo '<span class="msg_success"><span class="icon-ok-circled"></span> ' . DONE . ': ' . sprintf(SETTINGS_SAVED_AT, serendipity_strftime('%H:%M:%S')) . '</span>';
}
}
echo '<p>' . PLUGIN_ADMINNOTES_FEEDBACK_INFO . '</p>';
echo '<form action="?" method="post">';
echo serendipity_setFormToken();
echo '<input type="hidden" name="serendipity[adminModule]" value="event_display" />';
echo '<input type="hidden" name="serendipity[adminAction]" value="adminnotes" />';
echo '<input type="hidden" name="action" value="' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($_REQUEST['action']) : htmlspecialchars($_REQUEST['action'], ENT_COMPAT, LANG_CHARSET)) . '" />';
echo '<input type="hidden" name="note" value="' . $entry['noteid'] . '" />';
echo '<input type="hidden" name="note_notetype" value="note" />';
if ($serendipity['version'][0] < 2) {
echo TITLE . '<br />';
echo '<input class="input_textbox" type="text" name="note_subject" value="' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['subject']) : htmlspecialchars($entry['subject'], ENT_COMPAT, LANG_CHARSET)) . '" /><br /><br />';
} else {
echo '<div class="form_field">';
echo '<label for="note_subject" class="block_level">' . TITLE . '</label>';
echo '<input id="note_subject" type="text" name="note_subject" value="' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['subject']) : htmlspecialchars($entry['subject'], ENT_COMPAT, LANG_CHARSET)) . '">';
echo '</div>';
}
if ($serendipity['version'][0] < 2) {
echo USERCONF_GROUPS . '<br />';
} else {
echo '<div class="form_multiselect">';
echo '<label for="note_target" class="block_level">' . USERCONF_GROUPS . '</label>';
}
$valid_groups = serendipity_getAllGroups($serendipity['authorid']);
if (isset($_REQUEST['note_target'])) {
$selected = $_REQUEST['note_target'];
} elseif ($mode == 'update') {
$sql = serendipity_db_query("SELECT * FROM {$serendipity['dbPrefix']}adminnotes_to_groups");
$selected = array();
foreach ($sql as $row) {
$selected[] = $row['groupid'];
}
}
echo '<select id="note_target" name="note_target[]" multiple="multiple" size="5">';
foreach ($valid_groups as $group) {
# PRESELECT!
if (in_array($group['confkey'], (array) $selected) || count($selected) == 0) {
$is_selected = 'selected="selected"';
} else {
$is_selected = '';
}
echo '<option ' . $is_selected . ' value="' . $group['confkey'] . '">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($group['confvalue']) : htmlspecialchars($group['confvalue'], ENT_COMPAT, LANG_CHARSET)) . '</option>' . "\n";
}
if ($serendipity['version'][0] < 2) {
echo '</select><br /><br />';
} else {
echo '</select></div>';
}
if ($serendipity['version'][0] < 2) {
echo ENTRY_BODY . '<br />';
} else {
echo '<div class="form_area">';
echo '<label for="note_body" class="block_level">' . ENTRY_BODY . '</label>';
}
echo '<textarea id="note_body" rows=10 cols=80 name="note_body">' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['body']) : htmlspecialchars($entry['body'], ENT_COMPAT, LANG_CHARSET)) . '</textarea>';
if ($serendipity['version'][0] < 2) {
echo '<br /><br />';
echo '<input type="submit" name="submit" value="' . SAVE . '" class="serendipityPrettyButton input_button" />';
} else {
echo '</div>';
echo '<div class="form_buttons"><input type="submit" name="submit" value="' . SAVE . '"></div>';
}
echo '</form>';
break;
case 'delete':
$newLoc = '?' . serendipity_setFormToken('url') . '&serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=isdelete&note=' . (int) $_REQUEST['note'];
$entry = $this->getMyNotes((int) $_REQUEST['note']);
if ($serendipity['version'][0] > 1) {
echo '<span class="msg_hint"><span class="icon-help-circled"></span> ';
}
printf(DELETE_SURE, $entry['noteid'] . ' - ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['subject']) : htmlspecialchars($entry['subject'], ENT_COMPAT, LANG_CHARSET)));
if ($serendipity['version'][0] > 1) {
echo '</span>';
}
if ($serendipity['version'][0] < 2) {
?>
<br />
<br />
<div>
<a href="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($_SERVER["HTTP_REFERER"]) : htmlspecialchars($_SERVER["HTTP_REFERER"], ENT_COMPAT, LANG_CHARSET);
?>
" class="serendipityPrettyButton"><?php
echo NOT_REALLY;
?>
</a>
<?php
echo str_repeat(' ', 10);
?>
<a href="<?php
echo $newLoc;
?>
" class="serendipityPrettyButton"><?php
echo DUMP_IT;
?>
</a>
</div>
<?php
} else {
?>
<div class="form_buttons">
<a class="button_link state_submit" href="<?php
echo $newLoc;
?>
"><?php
echo DUMP_IT;
?>
</a>
<a class="button_link state_cancel" href="<?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($_SERVER["HTTP_REFERER"]) : htmlspecialchars($_SERVER["HTTP_REFERER"], ENT_COMPAT, LANG_CHARSET);
?>
"><?php
echo NOT_REALLY;
?>
</a>
</div>
<?php
}
break;
case 'isdelete':
if (!serendipity_checkFormToken()) {
break;
}
$entry = $this->getMyNotes((int) $_REQUEST['note']);
if (isset($entry['noteid'])) {
serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}adminnotes WHERE noteid = " . (int) $_REQUEST['note']);
serendipity_db_query("DELETE FROM {$serendipity['dbPrefix']}adminnotes_to_groups WHERE noteid = " . (int) $_REQUEST['note']);
}
if ($serendipity['version'][0] > 1) {
echo '<span class="msg_success"><span class="icon-ok-circled"></span> ';
}
printf(RIP_ENTRY, $entry['noteid'] . ' - ' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($entry['subject']) : htmlspecialchars($entry['subject'], ENT_COMPAT, LANG_CHARSET)));
if ($serendipity['version'][0] > 1) {
echo '</span>';
}
break;
default:
$notes = $this->getMyNotes(false);
echo '<ol class="note_list plainList">';
if (is_array($notes)) {
foreach ($notes as $note) {
if ($serendipity['version'][0] < 2) {
echo '<li><strong>' . $note['subject'] . '</strong> ' . POSTED_BY . ' ' . $note['realname'] . ' ' . ON . ' ' . serendipity_strftime(DATE_FORMAT_SHORT, $note['notetime']) . '<br />';
echo '<a class="serendipityPrettyButton" href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=edit&note=' . $note['noteid'] . '">' . EDIT . '</a> ';
echo '<a class="serendipityPrettyButton" href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=delete&note=' . $note['noteid'] . '">' . DELETE . '</a> ';
echo '<br /><br /></li>';
} else {
echo '<li><h3>' . $note['subject'] . '</h3><p>' . POSTED_BY . ' ' . $note['realname'] . ' ' . ON . ' ' . serendipity_strftime(DATE_FORMAT_SHORT, $note['notetime']) . '</p>';
echo '<div class="form_buttons"><a class="button_link state_submit" href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=edit&note=' . $note['noteid'] . '">' . EDIT . '</a> ';
echo '<a class="button_link state_cancel" href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=delete&note=' . $note['noteid'] . '">' . DELETE . '</a></div></li>';
}
}
}
echo '</ol>';
if ($serendipity['version'][0] < 2) {
echo '<a class="serendipityPrettyButton" href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=new">' . NEW_ENTRY . '</a>';
} else {
echo '<div class="form_buttons"><a class="button_link state_submit" href="?serendipity[adminModule]=event_display&serendipity[adminAction]=adminnotes&action=new">' . NEW_ENTRY . '</a></div>';
}
break;
}
}
<?php
# $Id$
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
if (IN_serendipity !== true) {
die("Don't hack!");
}
if (!serendipity_checkPermission('personalConfiguration')) {
return;
}
$from = array();
if ($serendipity['GET']['adminAction'] == 'save' && serendipity_checkFormToken()) {
$config = serendipity_parseTemplate(S9Y_CONFIG_USERTEMPLATE);
if ((!serendipity_checkPermission('adminUsersEditUserlevel') || !serendipity_checkPermission('adminUsersMaintainOthers')) && (int) $_POST['userlevel'] > $serendipity['serendipityUserlevel']) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . CREATE_NOT_AUTHORIZED_USERLEVEL . '</div>';
} elseif (empty($_POST['username'])) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_USERNAME_ERROR . '</div>';
} elseif (!empty($_POST['password']) && $_POST['check_password'] != $_SESSION['serendipityPassword'] && serendipity_passwordhash($_POST['check_password']) != $_SESSION['serendipityPassword']) {
echo '<div class="serendipityAdminMsgError"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_error.png') . '" alt="" />' . USERCONF_CHECK_PASSWORD_ERROR . '</div>';
} else {
$valid_groups = serendipity_getGroups($serendipity['authorid'], true);
foreach ($config as $category) {
foreach ($category['items'] as $item) {
if (in_array('groups', $item['flags'])) {
if (serendipity_checkPermission('adminUsersMaintainOthers')) {
// Void, no fixing neccessarry
} elseif (serendipity_checkPermission('adminUsersMaintainSame')) {
if (!is_array($_POST[$item['var']])) {
continue;
}
echo '<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . sprintf(TEMPLATE_SET, htmlspecialchars($serendipity['GET']['theme'])) . '</div>';
}
?>
<?php
if (@file_exists($serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'] . '/layout.php')) {
echo '<div class="serendipityAdminMsgNote"><img style="width: 22px; height: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_note.png') . '" alt="" />' . WARNING_TEMPLATE_DEPRECATED . '</div>';
}
echo '<h3>' . STYLE_OPTIONS . ' (' . $serendipity['template'] . ')</h3>';
if (file_exists($serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'] . '/config.inc.php')) {
serendipity_smarty_init();
include_once $serendipity['serendipityPath'] . $serendipity['templatePath'] . $serendipity['template'] . '/config.inc.php';
}
if (is_array($template_config)) {
serendipity_plugin_api::hook_event('backend_templates_configuration_top', $template_config);
if ($serendipity['POST']['adminAction'] == 'configure' && serendipity_checkFormToken()) {
$storage = new template_option();
$storage->import($template_config);
foreach ($serendipity['POST']['template'] as $option => $value) {
$storage->set_config($option, $value);
}
echo '<div class="serendipityAdminMsgSuccess"><img style="height: 22px; width: 22px; border: 0px; padding-right: 4px; vertical-align: middle" src="' . serendipity_getTemplateFile('admin/img/admin_msg_success.png') . '" alt="" />' . DONE . ': ' . sprintf(SETTINGS_SAVED_AT, serendipity_strftime('%H:%M:%S')) . '</div>';
}
echo '<form method="post" action="serendipity_admin.php">';
echo '<input type="hidden" name="serendipity[adminModule]" value="templates" />';
echo '<input type="hidden" name="serendipity[adminAction]" value="configure" />';
echo serendipity_setFormToken();
include S9Y_INCLUDE_PATH . 'include/functions_plugins_admin.inc.php';
$template_vars =& serendipity_loadThemeOptions($template_config);
$template_options = new template_option();
$template_options->import($template_config);
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$debug = true;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
$captchas_ttl = $this->get_config('captchas_ttl', 7);
$_captchas = $this->get_config('captchas', 'yes');
$captchas = $_captchas !== 'no' && ($_captchas === 'yes' || $_captchas === 'scramble' || serendipity_db_bool($_captchas));
// Check if the entry is older than the allowed amount of time. Enforce kaptchas if that is true
// of if kaptchas are activated for every entry
$show_captcha = $captchas && isset($eventData['timestamp']) && ($captchas_ttl < 1 || $eventData['timestamp'] < time() - $captchas_ttl * 60 * 60 * 24) ? true : false;
// Plugins can override with custom captchas
if (isset($serendipity['plugins']['disable_internal_captcha'])) {
$show_captcha = false;
}
$forcemoderation = $this->get_config('forcemoderation', 60);
$forcemoderation_treat = $this->get_config('forcemoderation_treat', 'moderate');
$forcemoderationt = $this->get_config('forcemoderationt', 60);
$forcemoderationt_treat = $this->get_config('forcemoderationt_treat', 'moderate');
$links_moderate = $this->get_config('links_moderate', 10);
$links_reject = $this->get_config('links_reject', 20);
if (function_exists('imagettftext') && function_exists('imagejpeg')) {
$max_char = 5;
$min_char = 3;
$use_gd = true;
} else {
$max_char = $min_char = 5;
$use_gd = false;
}
switch ($event) {
case 'fetchcomments':
if (is_array($eventData) && !$_SESSION['serendipityAuthedUser'] && serendipity_db_bool($this->get_config('hide_email', false))) {
// Will force emails to be not displayed in comments and RSS feed for comments. Will not apply to logged in admins (so not in the backend as well)
@reset($eventData);
while (list($idx, $comment) = each($eventData)) {
$eventData[$idx]['no_email'] = true;
}
}
break;
case 'frontend_saveComment':
/*
$fp = fopen('/tmp/spamblock2.log', 'a');
fwrite($fp, date('Y-m-d H:i') . "\n" . print_r($eventData, true) . "\n" . print_r($addData, true) . "\n");
fclose($fp);
*/
if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) {
$this->checkScheme();
$serendipity['csuccess'] = 'true';
$logfile = $this->logfile = $this->get_config('logfile', $serendipity['serendipityPath'] . 'spamblock.log');
$required_fields = $this->get_config('required_fields', '');
$checkmail = $this->get_config('checkmail');
// Check CSRF [comments only, cannot be applied to trackbacks]
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('csrf', true))) {
if (!serendipity_checkFormToken(false)) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_CSRF_REASON, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_CSRF_REASON;
}
}
// Check required fields
if ($addData['type'] == 'NORMAL' && !empty($required_fields)) {
$required_field_list = explode(',', $required_fields);
foreach ($required_field_list as $required_field) {
$required_field = trim($required_field);
if (empty($addData[$required_field])) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_REQUIRED_FIELD, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_REQUIRED_FIELD, $required_field);
return false;
}
}
}
/*
if ($addData['type'] != 'NORMAL' && empty($addData['name'])) {
$eventData = array('allow_coments' => false);
$this->log($logfile, $eventData['id'], 'INVALIDGARV', 'INVALIDGARV', $addData);
return false;
}
*/
// Check whether to allow comments from registered authors
if (serendipity_userLoggedIn() && $this->inGroup()) {
return true;
}
// Check if the user has verified himself via email already.
if ($addData['type'] == 'NORMAL' && (string) $checkmail === 'verify_once') {
$auth = serendipity_db_query("SELECT *\n FROM {$serendipity['dbPrefix']}options\n WHERE okey = 'mail_confirm'\n AND name = '" . serendipity_db_escape_string($addData['email']) . "'\n AND value = '" . serendipity_db_escape_string($addData['name']) . "'", true);
if (!is_array($auth)) {
// Filter authors names, Filter URL, Filter Content, Filter Emails, Check for maximum number of links before rejecting
// moderate false
if (false === $this->wordfilter($logfile, $eventData, $wordmatch, $addData, true)) {
// already there #$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_FILTER_WORDS, $addData);
// already there #$eventData = array('allow_comments' => false);
// already there #$serendipity['messagestack']['emails'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
} elseif (serendipity_db_bool($this->get_config('killswitch', false)) === true) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_KILLSWITCH, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_KILLSWITCH;
return false;
} else {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
$eventData['moderate_comments'] = true;
$eventData['status'] = 'confirm1';
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
return false;
}
} else {
// User is allowed to post message, bypassing other checks as if he were logged in.
return true;
}
}
// Check if entry title is the same as comment body
if (serendipity_db_bool($this->get_config('entrytitle')) && trim($eventData['title']) == trim($addData['comment'])) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TITLE, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
// Check for global emergency moderation
if (serendipity_db_bool($this->get_config('killswitch', false)) === true) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_KILLSWITCH, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_KILLSWITCH;
return false;
}
// Check for not allowing trackbacks/pingbacks/wfwcomments
if (($addData['type'] != 'NORMAL' || $addData['source'] == 'API') && $this->get_config('disable_api_comments', 'none') != 'none') {
if ($this->get_config('disable_api_comments') == 'reject') {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_API, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_API;
return false;
} elseif ($this->get_config('disable_api_comments') == 'moderate') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_REASON_API, $addData);
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_API;
}
}
// Check if sender ip is matching trackback/pingback ip (ip validation)
$trackback_ipvalidation_option = $this->get_config('trackback_ipvalidation', 'moderate');
if (($addData['type'] == 'TRACKBACK' || $addData['type'] == 'PINGBACK') && $trackback_ipvalidation_option != 'no') {
$this->IsHardcoreSpammer();
$exclude_urls = explode(';', $this->get_config('trackback_ipvalidation_url_exclude', $this->get_default_exclude_urls()));
$found_exclude_url = false;
foreach ($exclude_urls as $exclude_url) {
$exclude_url = trim($exclude_url);
if (empty($exclude_url)) {
continue;
}
$found_exclude_url = preg_match('@' . $exclude_url . '@', $addData['url']);
if ($found_exclude_url) {
break;
}
}
if (!$found_exclude_url) {
$parts = @parse_url($addData['url']);
$tipval_method = $trackback_ipvalidation_option == 'reject' ? 'REJECTED' : 'MODERATE';
// Getting host from url successfully?
if (!is_array($parts)) {
// not a valid URL
$this->log($logfile, $eventData['id'], $tipval_method, sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url'], '', ''), $addData);
if ($trackback_ipvalidation_option == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url']);
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $addData['url']);
}
}
$trackback_ip = preg_replace('/[^0-9.]/', '', gethostbyname($parts['host']));
$sender_ip = preg_replace('/[^0-9.]/', '', $_SERVER['REMOTE_ADDR']);
$sender_ua = $debug ? ', ua="' . $_SERVER['HTTP_USER_AGENT'] . '"' : '';
// Is host ip and sender ip matching?
if ($trackback_ip != $sender_ip) {
$this->log($logfile, $eventData['id'], $tipval_method, sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua), $addData);
if ($trackback_ipvalidation_option == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua);
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_IPVALIDATION, $parts['host'], $trackback_ip, $sender_ip . $sender_ua);
}
}
}
}
// Filter Akismet Blacklist?
$akismet_apikey = $this->get_config('akismet');
$akismet = $this->get_config('akismet_filter');
if (!empty($akismet_apikey) && ($akismet == 'moderate' || $akismet == 'reject') && !isset($addData['skip_akismet'])) {
$spam = $this->getBlacklist('akismet.com', $akismet_apikey, $eventData, $addData);
if ($spam['is_spam'] !== false) {
$this->IsHardcoreSpammer();
if ($akismet == 'moderate') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_REASON_AKISMET_SPAMLIST . ': ' . $spam['message'], $addData);
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY . ' (Akismet)';
} else {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_AKISMET_SPAMLIST . ': ' . $spam['message'], $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
}
}
// Check Trackback URLs?
if (($addData['type'] == 'TRACKBACK' || $addData['type'] == 'PINGBACK') && serendipity_db_bool($this->get_config('trackback_check_url'))) {
require_once S9Y_PEAR_PATH . 'HTTP/Request.php';
if (function_exists('serendipity_request_start')) {
serendipity_request_start();
}
$req = new HTTP_Request($addData['url'], array('allowRedirects' => true, 'maxRedirects' => 5, 'readTimeout' => array(5, 0)));
$is_valid = false;
if (PEAR::isError($req->sendRequest()) || $req->getResponseCode() != '200') {
$is_valid = false;
} else {
$fdata = $req->getResponseBody();
// Check if the target page contains a link to our blog
if (preg_match('@' . preg_quote($serendipity['baseURL'], '@') . '@i', $fdata)) {
$is_valid = true;
} else {
$is_valid = false;
}
}
if (function_exists('serendipity_request_end')) {
serendipity_request_end();
}
if ($is_valid === false) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_TRACKBACKURL, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_TRACKBACKURL;
return false;
}
}
if (false === $this->wordfilter($logfile, $eventData, $wordmatch, $addData)) {
return false;
}
// Check for maximum number of links before rejecting
$link_count = substr_count(strtolower($addData['comment']), 'http://');
if ($links_reject > 0 && $link_count > $links_reject) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_REJECT, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
// Captcha checking
if ($show_captcha && $addData['type'] == 'NORMAL') {
if (!isset($_SESSION['spamblock']['captcha']) || !isset($serendipity['POST']['captcha']) || strtolower($serendipity['POST']['captcha']) != strtolower($_SESSION['spamblock']['captcha'])) {
$this->log($logfile, $eventData['id'], 'REJECTED', sprintf(PLUGIN_EVENT_SPAMBLOCK_REASON_CAPTCHAS, $serendipity['POST']['captcha'], $_SESSION['spamblock']['captcha']), $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_CAPTCHAS;
return false;
} else {
// DEBUG
// $this->log($logfile, $eventData['id'], 'REJECTED', 'Captcha passed: ' . $serendipity['POST']['captcha'] . ' / ' . $_SESSION['spamblock']['captcha'] . ' // Source: ' . $_SERVER['REQUEST_URI'], $addData);
}
} else {
// DEBUG
// $this->log($logfile, $eventData['id'], 'REJECTED', 'Captcha not needed: ' . $serendipity['POST']['captcha'] . ' / ' . $_SESSION['spamblock']['captcha'] . ' // Source: ' . $_SERVER['REQUEST_URI'], $addData);
}
// Check for forced comment moderation (X days)
if ($addData['type'] == 'NORMAL' && $forcemoderation > 0 && $eventData['timestamp'] < time() - $forcemoderation * 60 * 60 * 24) {
$this->log($logfile, $eventData['id'], $forcemoderation_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
if ($forcemoderation_treat == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
}
}
// Check for forced trackback moderation
if ($addData['type'] != 'NORMAL' && $forcemoderationt > 0 && $eventData['timestamp'] < time() - $forcemoderationt * 60 * 60 * 24) {
$this->log($logfile, $eventData['id'], $forcemoderationt_treat, PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION, $addData);
if ($forcemoderationt_treat == 'reject') {
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
return false;
} else {
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_FORCEMODERATION;
}
}
// Check for maximum number of links before forcing moderation
if ($links_moderate > 0 && $link_count > $links_moderate) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_MODERATE, $addData);
$eventData['moderate_comments'] = true;
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_REASON_LINKS_MODERATE;
}
// Check for identical comments. We allow to bypass trackbacks from our server to our own blog.
if ($this->get_config('bodyclone', true) === true && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR'] && $addData['type'] != 'PINGBACK') {
$query = "SELECT count(id) AS counter FROM {$serendipity['dbPrefix']}comments WHERE type = '" . $addData['type'] . "' AND body = '" . serendipity_db_escape_string($addData['comment']) . "'";
$row = serendipity_db_query($query, true);
if (is_array($row) && $row['counter'] > 0) {
$this->IsHardcoreSpammer();
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_BODYCLONE, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_BODY;
return false;
}
}
// Check last IP
if ($addData['type'] == 'NORMAL' && $this->get_config('ipflood', 2) != 0) {
$query = "SELECT max(timestamp) AS last_post FROM {$serendipity['dbPrefix']}comments WHERE ip = '" . serendipity_db_escape_string($_SERVER['REMOTE_ADDR']) . "'";
$row = serendipity_db_query($query, true);
if (is_array($row) && $row['last_post'] > time() - $this->get_config('ipflood', 2) * 60) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_IPFLOOD, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_IP;
return false;
}
}
if ($addData['type'] == 'NORMAL' && (string) $checkmail === 'verify_always') {
$this->log($logfile, $eventData['id'], 'MODERATE', PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL, $addData);
$eventData['moderate_comments'] = true;
$eventData['status'] = 'confirm';
$serendipity['csuccess'] = 'moderate';
$serendipity['moderate_reason'] = PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_MAIL;
return false;
}
// Check invalid email
if ($addData['type'] == 'NORMAL' && serendipity_db_bool($this->get_config('checkmail', false))) {
if (!empty($addData['email']) && strstr($addData['email'], '@') === false) {
$this->log($logfile, $eventData['id'], 'REJECTED', PLUGIN_EVENT_SPAMBLOCK_REASON_CHECKMAIL, $addData);
$eventData = array('allow_comments' => false);
$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_REASON_CHECKMAIL;
return false;
}
}
if ($eventData['moderate_comments'] == true) {
return false;
}
}
return true;
break;
case 'frontend_comment':
if (serendipity_db_bool($this->get_config('hide_email', false))) {
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_HIDE_EMAIL_NOTICE . '</div>';
}
if ((string) $this->get_config('checkmail') === 'verify_always' || (string) $this->get_config('checkmail') === 'verify_once') {
echo '<div class="serendipity_commentDirection serendipity_comment_spamblock">' . PLUGIN_EVENT_SPAMBLOCK_CHECKMAIL_VERIFICATION_INFO . '</div>';
}
if (serendipity_db_bool($this->get_config('csrf', true))) {
echo serendipity_setFormToken('form');
}
// Check whether to allow comments from registered authors
if (serendipity_userLoggedIn() && $this->inGroup()) {
return true;
}
if ($show_captcha) {
echo '<div class="serendipity_commentDirection serendipity_comment_captcha">';
if (!isset($serendipity['POST']['preview']) || strtolower($serendipity['POST']['captcha'] != strtolower($_SESSION['spamblock']['captcha']))) {
echo '<br />' . PLUGIN_EVENT_SPAMBLOCK_CAPTCHAS_USERDESC . '<br />';
echo $this->show_captcha($use_gd);
echo '<br />';
echo '<label for="captcha">' . PLUGIN_EVENT_SPAMBLOCK_CAPTCHAS_USERDESC3 . '</label><br /><input class="input_textbox" type="text" size="5" name="serendipity[captcha]" value="" id="captcha" />';
} elseif (isset($serendipity['POST']['captcha'])) {
echo '<input type="hidden" name="serendipity[captcha]" value="' . serendipity_specialchars($serendipity['POST']['captcha']) . '" />';
}
echo '</div>';
}
return true;
break;
case 'external_plugin':
$parts = explode('_', (string) $eventData);
if (!empty($parts[1])) {
$param = (int) $parts[1];
} else {
$param = null;
}
$methods = array('captcha');
if (!in_array($parts[0], $methods)) {
return;
}
list($musec, $msec) = explode(' ', microtime());
$srand = (double) $msec + (double) $musec * 100000;
srand($srand);
mt_srand($srand);
$width = 120;
$height = 40;
$bgcolors = explode(',', $this->get_config('captcha_color', '255,255,255'));
$fontfiles = array('Vera.ttf', 'VeraSe.ttf', 'chumbly.ttf', '36daysago.ttf');
if ($use_gd) {
$strings = $this->random_string($max_char, $min_char);
$fontname = $fontfiles[array_rand($fontfiles)];
$font = $serendipity['serendipityPath'] . 'plugins/serendipity_event_spamblock/' . $fontname;
if (!file_exists($font)) {
// Search in shared plugin directory
$font = S9Y_INCLUDE_PATH . 'plugins/serendipity_event_spamblock/' . $fontname;
}
if (!file_exists($font)) {
die(PLUGIN_EVENT_SPAMBLOCK_ERROR_NOTTF);
}
header('Content-Type: image/jpeg');
$image = imagecreate($width, $height);
// recommended use of imagecreatetruecolor() returns a black backgroundcolor
$bgcol = imagecolorallocate($image, trim($bgcolors[0]), trim($bgcolors[1]), trim($bgcolors[2]));
// imagettftext($image, 10, 1, 1, 15, imagecolorallocate($image, 255, 255, 255), $font, 'String: ' . $string);
$pos_x = 5;
foreach ($strings as $idx => $charidx) {
$color = imagecolorallocate($image, mt_rand(50, 235), mt_rand(50, 235), mt_rand(50, 235));
$size = mt_rand(15, 21);
$angle = mt_rand(-20, 20);
$pos_y = ceil($height - mt_rand($size / 3, $size / 2));
imagettftext($image, $size, $angle, $pos_x, $pos_y, $color, $font, $this->chars[$charidx]);
$pos_x = $pos_x + $size + 2;
}
if ($_captchas === 'scramble') {
$line_diff = mt_rand(5, 15);
$pixel_col = imagecolorallocate($image, trim($bgcolors[0]) - mt_rand(10, 50), trim($bgcolors[1]) - mt_rand(10, 50), trim($bgcolors[2]) - mt_rand(10, 50));
for ($y = $line_diff; $y < $height; $y += $line_diff) {
$row_diff = mt_rand(5, 15);
for ($x = $row_diff; $x < $width; $x += $row_diff) {
imagerectangle($image, $x, $y, $x + 1, $y + 1, $pixel_col);
}
}
}
imagejpeg($image, NULL, 90);
// NULL fixes https://bugs.php.net/bug.php?id=63920
imagedestroy($image);
} else {
header('Content-Type: image/png');
$output_char = strtolower($_SESSION['spamblock']['captcha'][$parts[1] - 1]);
$cap = $serendipity['serendipityPath'] . 'plugins/serendipity_event_spamblock/captcha_' . $output_char . '.png';
if (!file_exists($cap)) {
$cap = S9Y_INCLUDE_PATH . 'plugins/serendipity_event_spamblock/captcha_' . $output_char . '.png';
}
if (file_exists($cap)) {
echo file_get_contents($cap);
}
}
return true;
break;
case 'backend_comments_top':
// Tell Akismet about spam or not spam
$tell_id = null;
if (isset($serendipity['GET']['spamIsSpam'])) {
$tell_spam = true;
$tell_id = $serendipity['GET']['spamIsSpam'];
}
if (isset($serendipity['GET']['spamNotSpam'])) {
$tell_spam = false;
$tell_id = $serendipity['GET']['spamNotSpam'];
}
if ($tell_id !== null) {
$akismet_apikey = $this->get_config('akismet');
$akismet = $this->get_config('akismet_filter');
if (!empty($akismet_apikey)) {
$this->tellAboutComment('akismet.com', $akismet_apikey, $tell_id, $tell_spam);
}
}
// Add Author to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
if (isset($serendipity['GET']['spamBlockAuthor'])) {
$item = $this->getComment('author', $serendipity['GET']['spamBlockAuthor']);
$items =& $this->checkFilter('authors', $item, true);
$this->set_config('contentfilter_authors', implode(';', $items));
}
// Add URL to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
if (isset($serendipity['GET']['spamBlockURL'])) {
$item = $this->getComment('url', $serendipity['GET']['spamBlockURL']);
$items =& $this->checkFilter('urls', $item, true);
$this->set_config('contentfilter_urls', implode(';', $items));
}
// Add E-mail to blacklist. If already filtered, it will be removed from the filter. (AKA "Toggle")
if (isset($serendipity['GET']['spamBlockEmail'])) {
$item = $this->getComment('email', $serendipity['GET']['spamBlockEmail']);
$items =& $this->checkFilter('emails', $item, true);
$this->set_config('contentfilter_emails', implode(';', $items));
}
echo '<a class="button_link" title="' . PLUGIN_EVENT_SPAMBLOCK_CONFIG . '" href="serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $this->instance . '"><span class="icon-medkit"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_CONFIG . '</span></a>';
return true;
break;
case 'backend_view_comment':
$author_is_filtered = $this->checkFilter('authors', $eventData['author']);
$clink = 'comment_' . $eventData['id'];
$randomString = '&random=' . substr(sha1(rand()), 0, 10);
# the random string will force browser to reload the page,
# so the server knows who to block/unblock when clicking again on the same link,
# see http://stackoverflow.com/a/2573986/2508518, http://stackoverflow.com/a/14043346/2508518
$akismet_apikey = $this->get_config('akismet');
$akismet = $this->get_config('akismet_filter');
if (!empty($akismet_apikey)) {
$eventData['action_more'] .= ' <a class="button_link actions_extra" title="' . PLUGIN_EVENT_SPAMBLOCK_SPAM . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamIsSpam]=' . $eventData['id'] . $addData . '#' . $clink . '"><span class="icon-block"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_SPAM . '</span></a>';
$eventData['action_more'] .= ' <a class="button_link actions_extra" title="' . PLUGIN_EVENT_SPAMBLOCK_NOT_SPAM . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamNotSpam]=' . $eventData['id'] . $addData . '#' . $clink . '"><span class="icon-ok-circled"></span><span class="visuallyhidden"> ' . PLUGIN_EVENT_SPAMBLOCK_NOT_SPAM . '</span></a>';
}
$eventData['action_author'] .= ' <a class="button_link" title="' . ($author_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_AUTHOR : PLUGIN_EVENT_SPAMBLOCK_ADD_AUTHOR) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamBlockAuthor]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($author_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($author_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_AUTHOR : PLUGIN_EVENT_SPAMBLOCK_ADD_AUTHOR) . '</span></a>';
if (!empty($eventData['url'])) {
$url_is_filtered = $this->checkFilter('urls', $eventData['url']);
$eventData['action_url'] .= ' <a class="button_link" title="' . ($url_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_URL : PLUGIN_EVENT_SPAMBLOCK_ADD_URL) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamBlockURL]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($url_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($url_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_URL : PLUGIN_EVENT_SPAMBLOCK_ADD_URL) . '</span></a>';
}
if (!empty($eventData['email'])) {
$email_is_filtered = $this->checkFilter('emails', $eventData['email']);
$eventData['action_email'] .= ' <a class="button_link" title="' . ($email_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_EMAIL : PLUGIN_EVENT_SPAMBLOCK_ADD_EMAIL) . '" href="serendipity_admin.php?serendipity[adminModule]=comments&serendipity[spamBlockEmail]=' . $eventData['id'] . $addData . $randomString . '#' . $clink . '"><span class="icon-' . ($email_is_filtered ? 'ok-circled' : 'block') . '"></span><span class="visuallyhidden"> ' . ($email_is_filtered ? PLUGIN_EVENT_SPAMBLOCK_REMOVE_EMAIL : PLUGIN_EVENT_SPAMBLOCK_ADD_EMAIL) . '</span></a>';
}
return true;
break;
case 'backend_sidebar_admin_appearance':
echo '<li><a href="serendipity_admin.php?serendipity[adminModule]=plugins&serendipity[plugin_to_conf]=' . $this->instance . '">' . PLUGIN_EVENT_SPAMBLOCK_TITLE . '</a></li>';
return true;
break;
default:
return false;
break;
}
} else {
return false;
}
}
function event_hook($event, &$bag, &$eventData, $addData = null)
{
global $serendipity;
$hooks =& $bag->get('event_hooks');
if (isset($hooks[$event])) {
// Moved from above: only get image data if we're actually going to do something
$this->set_valid_image_data();
// Get dimensions of image, only if not text-only
if ($this->image_name) {
// Is this a single-image bar, or a single segment?
$ratio = $this->image_width / $this->image_height;
if ($ratio < $this->max_segment_ratio) {
// This is probably a single segment. Square segments
// will have a ratio of 0.3; long, flat segments won't
// get up to 1.0 unless they're 3 times as wide as they
// are tall; full-bar images with square segments will
// be 1.666; and full-bar images with tall, narrow
// segments will be greater than 1.0 unless they're
// nearly twice as high as they are wide.
$this->image_width = $this->image_width * 5;
}
}
switch ($event) {
//Javascript for ajax functionality
case 'frontend_footer':
if ($this->get_config('ajax') == true) {
?>
<script type="text/javascript">
/*<![CDATA[ */
ajaxloader = new Image();
ajaxloader.src = "<?php
echo $serendipity['baseURL'];
?>
plugins/serendipity_event_karma/img/ajax-loader.gif";
for (i=1;i<6;i++) {
jQuery('.serendipity_karmaVoting_link'+i).click(function(event) {
event.preventDefault();
karmaId = jQuery(this).attr('href').match(/\[karmaId\]=([0-9]+)/);
vote(jQuery(this).html(),karmaId[1]);
});
}
function vote(karmaVote,karmaId) {
// Send the data using post and put the results in place
jQuery('#karma_vote'+karmaId).parent().children('.serendipity_karmaVoting_links').replaceWith('<div class="serendipity_karmaVoting_links ajaxloader"><img src="<?php
echo $serendipity['baseURL'];
?>
plugins/serendipity_event_karma/img/ajax-loader.gif" border="0" alt="ajax-loader" /></div>');
jQuery.post("<?php
echo $serendipity['baseURL'] . $serendipity['permalinkPluginPath'];
?>
/karma-ajaxquery", { karmaVote: karmaVote, karmaId: karmaId }, function(data) {
jQuery('#karma_vote'+karmaId).parent().replaceWith(data);
});
}
/* ]]>*/
</script>
<?php
}
// Hook for ajax calls
// Hook for ajax calls
case 'external_plugin':
$theUri = (string) str_replace('&', '&', $eventData);
$uri_parts = explode('?', $theUri);
// Try to get request parameters from eventData name
if (!empty($uri_parts[1])) {
$reqs = explode('&', $uri_parts[1]);
foreach ($reqs as $id => $req) {
$val = explode('=', $req);
if (empty($_REQUEST[$val[0]])) {
$_REQUEST[$val[0]] = $val[1];
}
}
}
$parts = explode('_', $uri_parts[0]);
switch ($parts[0]) {
case 'karma-ajaxquery':
$this->performkarmaVote();
$q = "SELECT SUM(votes) AS votes, SUM(points) AS points, SUM(visits) AS visits\n FROM " . $serendipity['dbPrefix'] . "karma\n WHERE entryid = '" . (int) $_POST['karmaId'] . "';";
$sql = serendipity_db_query($q);
$track_clicks = serendipity_db_bool($this->get_config('visits_active', true));
$track_karma = serendipity_db_bool($this->get_config('karma_active', true));
$enough_votes = $track_karma && $sql[0]['votes'] >= $this->get_config('min_disp_votes', 0);
$enough_visits = $track_clicks && $sql[0]['visits'] >= $this->get_config('min_disp_visits', 0);
$textual_msg = true;
$textual_current = true;
$textual_visits = true;
if ($this->image_name != '0') {
$textual_msg = $this->get_config('textual_msg', 'true');
$textual_current = $this->get_config('textual_current', 'true');
$textual_visits = $this->get_config('textual_visits', 'true');
}
$temp = $this->karmaVoted((int) $_POST['karmaVote'], $sql[0]['points'], $sql[0]['votes']);
$myvote = $temp['myvote'];
$msg = $temp['msg'];
$bar = $temp['bar'];
$temp = $this->createkarmaBlock((int) $_POST['karmaId'], $textual_msg, $msg, $bar, $enough_votes, $textual_current, $enough_visits, $textual_visits, $sql[0]['points'], $sql[0]['votes']);
$karma_block = $temp['karma_block'];
$points = $temp['points'];
echo sprintf($karma_block, $myvote, $points, $sql[0]['votes'], $sql[0]['visits'], '');
break;
}
return true;
break;
// Early hook, before any page is displayed
// Early hook, before any page is displayed
case 'frontend_configure':
$this->performkarmaVote();
return true;
break;
// CSS generation hooks
// CSS generation hooks
case 'backend_header':
if ($serendipity['GET']['adminModule'] == 'event_display' && $serendipity['GET']['adminAction'] == 'karmalog' || $serendipity['GET']['adminModule'] == 'plugins') {
// Generate the CSS for the graphical rating bar selector
//
// The CSS appears to be generated in a completely
// different instance of Serendipity, as if index.php gets
// called separately for the CSS.
//
// Note that the css_backend hook adds properties to the
// serendipity_admin.css, but that file is *always*
// cached. We use backend_header and add the CSS to the
// HEAD styles to make it dynamic. (Edit: with 2.0 this has changed)
// Get the CSS, set $this->image_name so we'll output the
// standard graphical CSS prologue if any images are found.
$this->createRatingSelector();
print "<style type='text/css'>\n";
$align = 'center';
$bg = $this->get_config('preview_bg', false);
if (!empty($bg)) {
if (strpos($bg, ';') !== false || strpos($bg, ',') !== false) {
$bg = 'red';
}
print "\n.serendipity_karmaVote_selectorTable {\n background: {$bg};\n}\n";
}
print "\n.serendipityAdminContent .serendipity_karmaVoting_links {\n margin: 5px;\n}\n";
if ($serendipity['version'][0] > 1) {
print "\n</style>\n";
}
}
if ($serendipity['version'][0] > 1) {
break;
return true;
}
case 'css_backend':
case 'css':
// Some CSS notes:
//
// .serendipity_karmaVoting is the class for the karma wrapper/container,
// including the text explanations, messages, and rating bar.
// (currently a div)
// .serendipity_karmaVoting a specifies the links for the text-mode
// rating bar
// .serendipity_karmaError is the class for any text indicating an
// error condition
// .serendipity_karmaSuccess is the class for any text indicating
// successful operation
// .serendipity_karmaVoting_links is the container for the graphical
// rating bar (currently an ol)
// .serendipity_karmaVoting_links a indicates the various voting links in
// the graphical rating bar
// .serendipity_karmaVoting_current-rating is the class for the current
// rating in the graphical rating bar
// a.serendipity_karmaVoting_link1, _link2, etc are the classes applied
// to the individual voting links
// Note that there are two possible template types: early
// templates that only handle the text rating bars, and
// newer templates that understand the graphical raters.
// We check for both types and act appropriately.
/*--JAM: Let's just skip this whole hassle
if (!$align) {
$align = $this->get_config('alignment', 'detect');
}
if ($align == 'detect') {
*/
$align = $this->get_config('alignment');
// Try to let the template take care of it
if ($this->image_name == '0') {
// Text-only rating bar is used
if (strpos($eventData, '.serendipity_karmaVoting')) {
// Template is handling all our CSS
return true;
}
}
/* --JAM: else {
// Graphical rating bar is used
if (strpos($eventData, '.serendipity_karmaVoting_images')) {
// Template is handling all our CSS
return true;
}
// Check for old text-only templates
$pos = strpos($eventData, '.serendipity_karmaVoting');
while ($pos && ($align == 'detect')) {
// Find text-align: in the current block
$endpos = strpos($eventData, '}', $pos);
if (!$endpos) {
// Broken CSS
break;
}
$alignpos = strpos($eventData, 'text-align:', $pos);
// Can't check for comments, or I would. Hope
// the first is the correct one.
if ($alignpos && $alignpos < $endpos) {
$start = $alignpos + 11;
$alignend = strpos($eventData, ';', $alignpos);
if ($alignend)
{
// All valid. Pull out the alignment.
$len = $alignend - $start;
$align = trim(substr($eventData, $start, $len));
}
}
$pos = strpos($eventData, '.serendipity_karmaVoting', $endpos);
}
// I should have a valid alignment or 'detect' in $align now.
}
}
// If we couldn't detect the alignment, guess 'right'
if ($align == 'detect') {
$align = 'right';
}
--JAM: END COMMENT BLOCK */
if ($serendipity['version'][0] < 2 && $event == 'backend_header') {
print "<style type='text/css'>\n";
}
// Since errors might be printed at any time, always
// output the text-mode CSS
print <<<EOS
.serendipity_karmaVoting {
text-align: {$align};
font-size: 7pt;
margin: 0px;
}
.serendipity_karmaVoting a {
font-size: 7pt;
text-decoration: none;
}
.serendipity_karmaVoting a:hover {
color: green;
}
.serendipity_karmaError {
color: #FF8000;
}
.serendipity_karmaSuccess {
color: green;
}
EOS;
// Only output the image CSS if it's needed
if ($this->image_name != '0') {
$img = $serendipity['baseURL'] . "plugins/serendipity_event_karma/img/" . $this->image_name;
$h = $this->image_height / 3;
$w = $this->image_width;
switch ($align) {
case 'left':
$margin = '0px auto 0px 0px';
break;
case 'center':
$margin = '0px auto';
break;
case 'right':
default:
$margin = '0px 0px 0px auto';
break;
}
// The CSS here is lifted largely from
// http://komodomedia.com/blog/index.php/2007/01/20/css-star-rating-redux/
//
// Note, however that margin has been changed for
// multiple cases and all unitless measurements have
// been specified in pixels. Additionally, measures
// have been taken to align the text.
print <<<END_IMG_CSS
.serendipity_karmaVoting_links,
.serendipity_karmaVoting_links a:hover,
.serendipity_karmaVoting_current-rating {
background: url({$img}) left;
font-size: 0;
}
.ajaxloader {
background-image: none;
}
.serendipity_karmaVoting_links {
position: relative;
width: {$w}px;
height: {$h}px;
overflow: hidden;
list-style: none;
margin: {$margin};
padding: 0;
background-position: left top;
text-align: center;
}
.serendipity_karmaVoting_links li {
display: inline;
}
.serendipity_karmaVoting_links a ,
.serendipity_karmaVoting_current-rating {
position:absolute;
top: 0;
left: 0;
text-indent: -9000em;
height: {$h}px;
line-height: {$h}px;
outline: none;
overflow: hidden;
border: none;
}
.serendipity_karmaVoting_links a:hover {
background-position: left bottom;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link1 {
width: 20%;
z-index: 6;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link2 {
width: 40%;
z-index: 5;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link3 {
width: 60%;
z-index: 4;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link4 {
width: 80%;
z-index: 3;
}
.serendipity_karmaVoting_links a.serendipity_karmaVoting_link5 {
width: 100%;
z-index: 2;
}
.serendipity_karmaVoting_links .serendipity_karmaVoting_current-rating {
z-index: 1;
background-position: left center;
}
END_IMG_CSS;
// Add selector images CSS, if necessary
if (!empty($this->select_css)) {
print $this->select_css;
}
}
// End if image bar defined
if ($serendipity['version'][0] < 2 && $event == 'backend_header') {
print "\n</style>\n";
}
return true;
break;
//--TODO: Comment the functionality of this event hook.
//--TODO: Comment the functionality of this event hook.
case 'event_additional_statistics':
$sql = array();
$sql['visits_top'] = array('visits', 'DESC');
$sql['visits_bottom'] = array('visits', 'ASC');
$sql['votes_top'] = array('votes', 'DESC');
$sql['votes_bottom'] = array('votes', 'ASC');
$sql['points_top'] = array('points', 'DESC');
$sql['points_bottom'] = array('points', 'ASC');
foreach ($sql as $key => $rows) {
$q = "SELECT e.id,\n e.title,\n e.timestamp,\n SUM(k.{$rows[0]}) AS no\n FROM {$serendipity['dbPrefix']}karma\n AS k\n JOIN {$serendipity['dbPrefix']}entries\n AS e\n ON k.entryid = e.id\n WHERE k.{$rows[0]} IS NOT NULL AND k.{$rows[0]} != 0\n GROUP BY e.id, e.title, e.timestamp ORDER BY no {$rows[1]} LIMIT {$addData['maxitems']}";
$sql_rows = serendipity_db_query($q);
?>
<section>
<h3><?php
echo constant('PLUGIN_KARMA_STATISTICS_' . strtoupper($key));
?>
</h3>
<dl>
<?php
if (is_array($sql_rows)) {
foreach ($sql_rows as $id => $row) {
?>
<dt><a href="<?php
echo serendipity_archiveURL($row['id'], $row['title'], 'serendipityHTTPPath', true, array('timestamp' => $row['timestamp']));
?>
"><?php
echo function_exists('serendipity_specialchars') ? serendipity_specialchars($row['title']) : htmlspecialchars($row['title'], ENT_COMPAT, LANG_CHARSET);
?>
</a></dt>
<dd><?php
echo $row['no'];
?>
<?php
echo constant('PLUGIN_KARMA_STATISTICS_' . strtoupper($rows[0]) . '_NO');
?>
</dd>
<?php
}
}
?>
</dl>
</section>
<?php
}
return true;
break;
// Add voting information to entries
// Add voting information to entries
case 'entry_display':
// Update database if necessary
if ($this->get_config('dbversion', 0) != PLUGIN_KARMA_DB_VERSION) {
$this->checkScheme();
}
// Find the ID of this entry
if (isset($serendipity['GET']['id'])) {
$entryid = (int) serendipity_db_escape_string($serendipity['GET']['id']);
} elseif (preg_match(PAT_COMMENTSUB, $_SERVER['REQUEST_URI'], $matches)) {
$entryid = (int) $matches[1];
} else {
$entryid = false;
}
// If we're actually reading the entry, not voting or editing it...
if ($entryid && empty($serendipity['GET']['adminAction']) && !$serendipity['GET']['karmaVote']) {
// Update the number of visits
// Are we supposed to track visits?
$track_clicks = serendipity_db_bool($this->get_config('visits_active', true)) && $this->track_clicks_allowed_by_user();
if ($track_clicks && $_SERVER['REQUEST_METHOD'] == 'GET') {
$sql = serendipity_db_query("UPDATE {$serendipity['dbPrefix']}karma \n SET visits = visits + 1 \n WHERE entryid = {$entryid}", true);
if (serendipity_db_affected_rows() < 1) {
serendipity_db_query("INSERT INTO {$serendipity['dbPrefix']}karma (entryid, points, votes, lastvote, visits) \n VALUES ('{$entryid}', 0, 0, 0, 1)");
}
}
}
// Set a cookie to look for later, verifying that cookies are enabled
serendipity_setCookie('check', '1');
switch ($this->karmaVote) {
case 'nocookie':
// Users with no cookies won't be able to vote.
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_NOCOOKIE . '</div>';
// Continue until output
// Continue until output
case 'timeout2':
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_CLOSED . '</div>';
}
// Continue until output
// Continue until output
case 'timeout':
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . sprintf(PLUGIN_KARMA_TIMEOUT, $this->karmaTimeOut) . '</div>';
}
// Continue until output
// Continue until output
case 'alreadyvoted':
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_ALREADYVOTED . '</div>';
}
// Continue until output
// Continue until output
case 'invalid1':
case 'invalid2':
case 'invalid':
// Set message
if (!isset($msg)) {
$msg = '<div class="serendipity_karmaVoting serendipity_karmaError"><a id="karma_vote' . $this->karmaId . '"></a>' . PLUGIN_KARMA_INVALID . '</div>';
}
// Continue until output
/* OUTPUT MESSAGE */
//--TODO: Shouldn't this work with the cache plugin, too?
if ($addData['extended']) {
$eventData[0]['exflag'] = 1;
$eventData[0]['add_footer'] .= $msg;
} else {
$elements = count($eventData);
// Find the right container to store our message in.
for ($i = 0; $i < $elements; $i++) {
if ($eventData[$i]['id'] == $this->karmaId) {
$eventData[$i]['add_footer'] .= $msg;
}
}
}
break;
case 'voted':
default:
// If there's no data, there's no need to go on
if (!is_array($eventData)) {
return;
}
// Find out what the admin wants
$track_clicks = serendipity_db_bool($this->get_config('visits_active', true));
$track_karma = serendipity_db_bool($this->get_config('karma_active', true));
if (serendipity_db_bool($this->get_config('karma_active_registered', false))) {
if (!serendipity_userLoggedIn()) {
$track_karma = false;
}
}
$track_exits = serendipity_db_bool($this->get_config('exits_active', true));
// Get the limits
$now = time();
$karmatime = $this->get_config('max_karmatime', 7);
$max_karmatime = $karmatime * 24 * 60 * 60;
// Accept infinite voting
if ($max_karmatime <= 0) {
$max_karmatime = $now;
}
//--TODO: Ensure that this works with the Custom Permalinks plugin
// (We've seen trouble; it votes correctly, but redirects to the front page)
$url = serendipity_currentURL(true);
// Voting is only allowed on entries. Therefore voting URLs must be
// either single-entry URLs or summary URLs. serendipity_currentURL
// converts them to an "ErrorDocument-URI", so we can focus on the
// query portion of the URI.
//
// Single-entry URLs should be well-defined. They can be permalinks,
// of course; otherwise they're of the configured pattern.
//
// Summary URLs could be a little harder. The summary pages that
// include entries are: frontpage, category, author, and archives.
// It's possible a plugin would show entries, but if that's the case
// we don't need to allow the user to vote on them. Still, that's
// a lot of URLs to check for.
//
// Then there's the problem of the rest of the query. It could
// include stuff we really want to keep around, like template
// overrides or something. One can even add serendipity variables
// to the URL in extreme cases.
//
// It seems that canonicalizing the URL will be quite difficult.
// The only thing we can say for certain is that whatever the
// current URL is, it got us to this page, and we'd like to return
// to this page after we cast our vote.
// Remove any clutter from our previous voting activity
$url_parts = parse_url(serendipity_currentURL(true));
if (!empty($url_parts['query'])) {
$exclude = array('serendipity[karmaVote]', 'serendipity[karmaId]');
// I tried using parse_str, but it gave me very weird results
// with embedded arrays
//parse_str($url_parts['query'], $q_parts);
$q_parts = array();
// I don't know why this URL has been HTML encoded. Oh well.
$pairs = explode('&', $url_parts['query']);
foreach ($pairs as $pair) {
$parts = explode('=', $pair);
$q_parts[$parts[0]] = $parts[1];
}
foreach ($q_parts as $key => $value) {
if (in_array($key, $exclude)) {
$rm = preg_quote("{$key}={$value}");
$url = preg_replace("@(&|&)?{$rm}@", '', $url);
}
}
}
if (substr($url, -1) != '?') {
$url .= '&';
}
// Get the cookie data (past votes, etc)
$karma = isset($serendipity['COOKIE']['karmaVote']) ? unserialize($serendipity['COOKIE']['karmaVote']) : array();
// Get all required entry IDs, making keys match keys in eventData
$entries = array();
if ($addData['extended'] || $addData['preview']) {
// We're in extended or preview mode, we only need the current ID
$eventData[0]['exflag'] = 1;
$entries[0] = (int) $eventData[0]['id'];
} elseif (!serendipity_db_bool($this->get_config('extended_only', false))) {
// We're in overview mode, and we want rating bars for all the entry IDs
foreach (array_keys($eventData) as $key) {
if (isset($eventData[$key]['id'])) {
$entries[$key] = (int) $eventData[$key]['id'];
}
}
}
// Fetch votes for all entry IDs. Store them in an array for later usage.
$q = 'SELECT k.entryid, SUM(votes) AS votes, SUM(points) AS points, SUM(visits) AS visits
FROM ' . $serendipity['dbPrefix'] . 'karma AS k
WHERE k.entryid IN (' . implode(', ', $entries) . ') GROUP BY k.entryid';
$sql = serendipity_db_query($q);
$rows = array();
if ($sql && is_array($sql)) {
foreach ($sql as $row) {
$rows[$row['entryid']] = array('votes' => $row['votes'], 'points' => $row['points'], 'visits' => $row['visits']);
}
}
$this->prepareExits($entries);
// Add karma block to the footer of each entry
//
// The entries array was populated, above, so its keys match the eventData array,
// and overview entries are skipped if "extended only" is enabled
foreach (array_keys($entries) as $i) {
// Get the statistics
$entryid = $eventData[$i]['id'];
$votes = !empty($rows[$entryid]['votes']) ? $rows[$entryid]['votes'] : 0;
$points = !empty($rows[$entryid]['points']) ? $rows[$entryid]['points'] : 0;
$visits = !empty($rows[$entryid]['visits']) ? $rows[$entryid]['visits'] : 0;
$enough_votes = $track_karma && $votes >= $this->get_config('min_disp_votes', 0);
$enough_visits = $track_clicks && $visits >= $this->get_config('min_disp_visits', 0);
$textual_msg = true;
$textual_current = true;
$textual_visits = true;
if ($this->image_name != '0') {
$textual_msg = $this->get_config('textual_msg', 'true');
$textual_current = $this->get_config('textual_current', 'true');
$textual_visits = $this->get_config('textual_visits', 'true');
}
// Where's the footer? Normally it would be
// in eventData[n]['add_footer'] but if the
// cache plugin is used, it's in
// eventData[n]['properties']['ep_cache_add_footer'].
// This method retrieves it either way.
$footer =& $this->getFieldReference('add_footer', $eventData[$i]);
// Depending on what existed, $footer could
// be referencing the cached version, the
// uncached version, or even a new empty
// string. In particular, if $eventData[$i]
// has no properties, and no 'add_footer' key,
// $footer is referencing a new empty string,
// so adding a karma bar to $footer would do
// nothing.
//
// We could be referencing an empty uncached
// 'add_footer', but empty cache entries are
// never returned.
//
// Reference a footer that will be printed
if (empty($footer) && !isset($eventData[$i]['add_footer']) && is_array($eventData[$i])) {
$eventData[$i]['add_footer'] = '';
$footer =& $eventData[$i]['add_footer'];
// It's still empty, but it's referencing
// the right place.
}
if ($track_exits) {
$footer .= $this->getExits($entryid, true);
}
// Pick the appropriate intro msg and rating bar
// No msg or bar if karma is disabled
if ($track_karma) {
if (isset($karma[$entryid])) {
// We already voted for this one
$temp = $this->karmaVoted($karma[$entryid], $points, $votes);
$myvote = $temp['myvote'];
$msg = $temp['msg'];
$bar = $temp['bar'];
} elseif ($eventData[$i]['timestamp'] < $now - $max_karmatime) {
// Too late to vote for this one
$msg = '<div class="serendipity_karmaClosed">' . sprintf(PLUGIN_KARMA_CLOSED, $karmatime) . '</div>';
// Just a current rating bar, if any
$bar = $this->createRatingBar(null, $points, $votes);
} else {
// We can vote for this; make the whole voting block
$rate_msg = $this->get_config('rate_msg', PLUGIN_KARMA_VOTETEXT);
$msg = '<div class="serendipity_karmaVoting_text">' . $rate_msg . '</div>';
// Full voting bar
$bar = $this->createRatingBar($entryid, $points, $votes);
}
}
// Create the karma block
$temp = $this->createkarmaBlock($entryid, $textual_msg, $msg, $bar, $enough_votes, $textual_current, $enough_visits, $textual_visits, $points, $votes);
$karma_block = $temp['karma_block'];
$points = $temp['points'];
/*
print("<h3>--DEBUG: Karma block code:</h3>\n<pre>\n");
print_r(htmlspecialchars($karma_block));
print("\n</pre>\n");
*/
// Substitute the % stuff and add it to the footer
$eventData[$i]['properties']['myvote'] = $myvote;
$eventData[$i]['properties']['points'] = $points;
$eventData[$i]['properties']['votes'] = $votes;
$eventData[$i]['properties']['visits'] = $visits;
$footer .= sprintf($karma_block, $myvote, $points, $votes, $visits, $url);
}
// foreach key in entries
}
// End switch on karma voting status
return true;
break;
// Display the Karma Log link on the sidebar
// Display the Karma Log link on the sidebar
case 'backend_sidebar_admin_appearance':
?>
<li><a href="?serendipity[adminModule]=event_display&serendipity[adminAction]=karmalog"><?php
echo PLUGIN_KARMA_DISPLAY_LOG;
?>
</a></li>
<?php
return true;
break;
// Display the Karma Log!
//case 'external_plugin':
// Display the Karma Log!
//case 'external_plugin':
case 'backend_sidebar_entries_event_display_karmalog':
// Print any stored messages
//foreach ($serendipity['karma_messages'] as $msg) {
// print("<div class='serendipityAdminInfo'>$msg</div>\n");
//}
// Was I asked to process any votes?
if (($serendipity['POST']['delete_button'] || $serendipity['POST']['approve_button']) && sizeof($serendipity['POST']['delete']) != 0 && serendipity_checkFormToken()) {
foreach ($serendipity['POST']['delete'] as $d => $i) {
$kdata = $serendipity['POST']['karmalog' . $i];
// validate posted variables
// posted points
$ppoints = $kdata['points'];
if (!is_numeric($ppoints) || (int) $ppoints < -2 || (int) $ppoints > 2) {
print "<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_INVALID_INPUT . "</span>\n";
return false;
}
// posted id
$pid = $kdata['entryid'];
if (!is_numeric($pid)) {
print "<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_INVALID_INPUT . "</span>\n";
return false;
}
// posted IP
$pip = long2ip(ip2long($kdata['ip']));
if ($pip == -1 || $pip === FALSE) {
print "<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_INVALID_INPUT . "</span>\n";
return false;
}
// posted user agent (need a better validator, I think)
$puser_agent = $kdata['user_agent'];
if (serendipity_db_escape_string($puser_agent) != $puser_agent) {
print "<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_INVALID_INPUT . "</span>\n";
return false;
}
// posted vote time
$pvotetime = $kdata['votetime'];
$unixsecs = date('U', $kdata['votetime']);
if ($pvotetime != $unixsecs) {
print "<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_INVALID_INPUT . "</span>\n";
return false;
}
// Remove karma from entry?
if ($serendipity['POST']['delete_button']) {
// Fetch vote total for the entry IDs
$q = 'SELECT k.*
FROM ' . $serendipity['dbPrefix'] . 'karma AS k
WHERE k.entryid IN (' . $pid . ') GROUP BY k.entryid';
$sql = serendipity_db_query($q);
if (is_array($sql)) {
$karma = $sql[0];
$update = sprintf("UPDATE {$serendipity['dbPrefix']}karma\n SET points = %s,\n votes = %s\n WHERE entryid = %s", serendipity_db_escape_string($karma['points'] - $ppoints), serendipity_db_escape_string($karma['votes'] - 1), serendipity_db_escape_string($pid));
$updated = serendipity_db_query($update);
if ($updated != 1) {
printf("<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_REMOVE_ERROR . "</span>\n", $pid);
// Don't delete from karma log if we couldn't take away the points
continue;
}
} else {
// This will only happen if someone is messing with the karma table or submit data
printf("<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_UPDATE_ERROR . "</span>", $pid);
continue;
}
}
// Remove vote from log (approved or deleted, doesn't matter)
$del = sprintf("DELETE FROM {$serendipity['dbPrefix']}karmalog\n WHERE entryid = %s AND ip = '%s' AND user_agent LIKE '%%%s%%' AND votetime = %s LIMIT 1", serendipity_db_escape_string($pid), serendipity_db_escape_string($pip), serendipity_db_escape_string($puser_agent), serendipity_db_escape_string($pvotetime));
$deleted = serendipity_db_query($del);
// User feedback
if ($deleted == 1) {
if ($serendipity['POST']['delete_button']) {
printf("<span class='msg_success'><span class='icon-ok-circled'></span> " . PLUGIN_KARMA_REMOVED_POINTS . "</span>\n", $ppoints, $pid);
} else {
printf("<span class='msg_success'><span class='icon-ok-circled'></span> " . PLUGIN_KARMA_APPROVED_POINTS . "</span>\n", $ppoints, $pid);
}
} else {
printf("<span class='msg_error'><span class='icon-attention-circled'></span> " . PLUGIN_KARMA_REMOVE_ERROR . "</span>\n", $pid);
}
}
}
// URL; expected to be event_display and karmalog, respectively
$url = '?serendipity[adminModule]=' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['adminModule']) : htmlspecialchars($serendipity['GET']['adminModule'], ENT_COMPAT, LANG_CHARSET)) . '&serendipity[adminAction]=' . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['adminAction']) : htmlspecialchars($serendipity['GET']['adminAction'], ENT_COMPAT, LANG_CHARSET));
// Filters
print "\n<h2>" . PLUGIN_KARMA_DISPLAY_LOG . "</h2>\n<form id='karmafilters' name='karmafilters' action='' method='get'>\n <input name='serendipity[adminModule]' type='hidden' value='{$serendipity['GET']['adminModule']}'>\n <input name='serendipity[adminAction]' type='hidden' value='{$serendipity['GET']['adminAction']}'>\n\n <ul class='filters_toolbar clearfix plainList'>\n <li><a class='button_link' href='#serendipity_admin_filters' title='" . FILTERS . "'><span class='icon-filter'></span><span class='visuallyhidden'> " . FILTERS . "</span></a></li>\n <li><a class='button_link' href='#serendipity_admin_sort' title='" . SORT_ORDER . "'><span class='icon-sort'></span><span class='visuallyhidden'> " . SORT_ORDER . "</span></a></li>\n </ul>\n\n <fieldset id='serendipity_admin_filters' class='additional_info filter_pane'>\n <legend><span class='visuallyhidden'>" . FILTERS . "</span></legend>\n\n <div class='clearfix'>\n <div class='form_field'>\n <label for='serendipity_filter_useragent'>User Agent</label>\n <input id='serendipity_filter_useragent' name='serendipity[filter][user_agent]' type='text' value='" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['filter']['user_agent']) : htmlspecialchars($serendipity['GET']['filter']['user_agent'], ENT_COMPAT, LANG_CHARSET)) . "'>\n </div>\n\n <div class='form_field'>\n <label for='serendipity_filter_ip'>" . IP . "</label>\n <input id='serendipity_filter_ip' name='serendipity[filter][ip]' type='text' value='" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['filter']['ip']) : htmlspecialchars($serendipity['GET']['filter']['ip'], ENT_COMPAT, LANG_CHARSET)) . "'>\n </div>\n\n <div class='form_field'>\n <label for='serendipity_filter_entryid'>Entry ID</label>\n <input id='serendipity_filter_entryid' name='serendipity[filter][entryid]' type='text' value='" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['filter']['entryid']) : htmlspecialchars($serendipity['GET']['filter']['entryid'], ENT_COMPAT, LANG_CHARSET)) . "'>\n </div>\n\n <div class='form_field'>\n <label for='serendipity_filter_title'>Entry title</label>\n <input id='serendipity_filter_title' name='serendipity[filter][title]' type='text' value='" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($serendipity['GET']['filter']['title']) : htmlspecialchars($serendipity['GET']['filter']['title'], ENT_COMPAT, LANG_CHARSET)) . "'>\n </div>\n </div>\n\n <div class='form_buttons'>\n <input name='submit' type='submit' value='" . GO . "'>\n </div>\n </fieldset>\n";
// Set all filters into $and and $searchString
if (!empty($serendipity['GET']['filter']['entryid'])) {
$val = $serendipity['GET']['filter']['entryid'];
$and .= "AND l.entryid = '" . serendipity_db_escape_string($val) . "'";
$searchString .= "&serendipity['filter']['entryid']=" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($val) : htmlspecialchars($val, ENT_COMPAT, LANG_CHARSET));
}
if (!empty($serendipity['GET']['filter']['ip'])) {
$val = $serendipity['GET']['filter']['ip'];
$and .= "AND l.ip = '" . serendipity_db_escape_string($val) . "'";
$searchString .= "&serendipity['filter']['ip']=" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($val) : htmlspecialchars($val, ENT_COMPAT, LANG_CHARSET));
}
if (!empty($serendipity['GET']['filter']['user_agent'])) {
$val = $serendipity['GET']['filter']['user_agent'];
$and .= "AND l.user_agent LIKE '%" . serendipity_db_escape_string($val) . "%'";
$searchString .= "&serendipity['filter']['user_agent']=" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($val) : htmlspecialchars($val, ENT_COMPAT, LANG_CHARSET));
}
if (!empty($serendipity['GET']['filter']['title'])) {
$val = $serendipity['GET']['filter']['title'];
$and .= "AND e.title LIKE '%" . serendipity_db_escape_string($val) . "%'";
$searchString .= "&serendipity['filter']['title']=" . (function_exists('serendipity_specialchars') ? serendipity_specialchars($val) : htmlspecialchars($val, ENT_COMPAT, LANG_CHARSET));
}
// Sorting (controls go after filtering controls in form above)
$sort_order = array('votetime' => DATE, 'user_agent' => USER_AGENT, 'title' => TITLE, 'entryid' => 'ID');
if (empty($serendipity['GET']['sort']['ordermode']) || $serendipity['GET']['sort']['ordermode'] != 'ASC') {
$desc = true;
$serendipity['GET']['sort']['ordermode'] = 'DESC';
}
if (!empty($serendipity['GET']['sort']['order']) && !empty($sort_order[$serendipity['GET']['sort']['order']])) {
$curr_order = $serendipity['GET']['sort']['order'];
$orderby = serendipity_db_escape_string($curr_order . ' ' . $serendipity['GET']['sort']['ordermode']);
} else {
$curr_order = 'votetime';
$orderby = 'votetime ' . serendipity_db_escape_string($serendipity['GET']['sort']['ordermode']);
}
print "\n <fieldset id='serendipity_admin_sort' class='additional_info filter_pane'>\n <legend><span class='visuallyhidden'>" . SORT_ORDER . "</span></legend>\n\n <div class='clearfix'>\n <div class='form_select'>\n <label for='serendipity_sort_order'>" . SORT_BY . "</label>\n <select id='serendipity_sort_order' name='serendipity[sort][order]'>\n";
foreach ($sort_order as $order => $val) {
print "\n <option value='{$order}'" . ($curr_order == $order ? " selected='selected'" : '') . ">{$val}</option>\n";
}
print "\n </select>\n </div>\n <div class='form_select'>\n <label for='serendipity_sort_ordermode'>" . SORT_ORDER . "</label>\n <select id='serendipity_sort_ordermode' name='serendipity[sort][ordermode]'>\n <option value='DESC'" . ($desc ? " selected='selected'" : '') . ">" . SORT_ORDER_DESC . "</option>\n <option value='ASC'" . ($desc ? '' : " selected='selected'") . ">" . SORT_ORDER_ASC . "</option>\n </select>\n </div>\n </div>\n\n <div class='form_buttons'>\n <input name='submit' type='submit' value='" . GO . "'>\n </div>\n </fieldset>\n</form>\n";
// Paging (partly ripped from include/admin/comments.inc.php)
$commentsPerPage = (int) (!empty($serendipity['GET']['filter']['perpage']) ? $serendipity['GET']['filter']['perpage'] : 25);
$sql = serendipity_db_query("SELECT COUNT(*) AS total FROM {$serendipity['dbPrefix']}karmalog l WHERE 1 = 1 " . $and, true);
if (is_string($sql)) {
print "<span class='msg_error'><span class='icon-attention-circled'></span> " . $sql . "</span>\n";
}
$totalVotes = is_array($sql) && is_int($sql['total']) ? $sql['total'] : 0;
$pages = $commentsPerPage == COMMENTS_FILTER_ALL ? 1 : ceil($totalVotes / (int) $commentsPerPage);
$page = (int) $serendipity['GET']['page'];
if ($page == 0 || $page > $pages) {
$page = 1;
}
if ($page > 1) {
$linkPrevious = $url . '&serendipity[page]=' . ($page - 1) . $searchString;
}
if ($pages > $page) {
$linkNext = $url . '&serendipity[page]=' . ($page + 1) . $searchString;
}
if ($commentsPerPage == COMMENTS_FILTER_ALL) {
$limit = '';
} else {
$limit = serendipity_db_limit_sql(serendipity_db_limit(($page - 1) * (int) $commentsPerPage, (int) $commentsPerPage));
}
// Variables for display
if ($linkPrevious) {
$linkPrevious = '<a class="button_link" href="' . $linkPrevious . '" title="' . PREVIOUS . '"><span class="icon-left-dir"></span><span class="visuallyhidden"> ' . PREVIOUS . '</span></a>';
} else {
$linkPrevious = '<span class="visuallyhidden">' . NO_ENTRIES_TO_PRINT . '</span>';
}
if ($linkNext) {
$linkNext = '<a class="button_link" href="' . $linkNext . '" title="' . NEXT . '"><span class="visuallyhidden">' . NEXT . ' </span><span class="icon-right-dir"></span></a>';
} else {
$linkNext = '<span class="visuallyhidden">' . NO_ENTRIES_TO_PRINT . '</span>';
}
$paging = sprintf(PAGE_BROWSE_COMMENTS, $page, $pages, $totalVotes);
// Retrieve the next batch of karma votes
// [entryid, points, ip, user_agent, votetime]
$sql = serendipity_db_query("SELECT l.entryid AS entryid, l.points AS points, l.ip AS ip, l.user_agent AS user_agent, l.votetime AS votetime, e.title AS title FROM {$serendipity['dbPrefix']}karmalog l\n LEFT JOIN {$serendipity['dbPrefix']}entries e ON (e.id = l.entryid)\n WHERE 1 = 1 " . $and . "\n ORDER BY {$orderby} {$limit}");
// Start the form for display and deleting
if (is_array($sql)) {
print "<form action='' method='post' name='formMultiDelete' id='formMultiDelete'>\n" . serendipity_setFormToken();
// Start the vote table
print "\n<div class='clearfix karma_pane'>\n<ul id='karmalog' class='clearfix karmalog plainList zebra_list'>\n";
// Print each vote
$i = 0;
foreach ($sql as $vote) {
$i++;
// entryid, title, points, ip, user_agent, votetime
if (strlen($vote['title']) > 40) {
$votetitle = substr($vote['title'], 0, 40) . '…';
} else {
$votetitle = $vote['title'];
}
$entrylink = serendipity_archiveURL($vote['entryid'], $vote['title'], 'serendipityHTTPPath', true);
$entryFilterHtml = "<a class='button_link filter_karma' href='{$url}&serendipity[filter][entryid]={$vote['entryid']}' title='" . FILTERS . "'><span class='icon-filter'></span><span class='visuallyhidden'>" . FILTERS . "</span></a>";
$ipFilterHtml = "<a class='button_link filter_karma' href='{$url}&serendipity[filter][ip]={$vote['ip']}' title='" . FILTERS . "'><span class='icon-filter'></span><span class='visuallyhidden'>" . FILTERS . "</span></a>";
$timestr = strftime('%a %b %d %Y, %H:%M:%S', $vote['votetime']);
$cssClass = $i % 2 == 0 ? 'even' : 'odd';
$barClass = str_replace(array('.', ' '), array('_', '_'), $this->image_name);
$barHtml = $this->createRatingBar(null, $vote['points'], 1, $barClass);
$barHtml = sprintf($barHtml, 'what', $vote['points'], '1');
print "\n <li id='karma_{$i}' class='{$cssClass} clearfix'>\n <input type='hidden' name='serendipity[karmalog{$i}][points]' value='{$vote['points']}'>\n <input type='hidden' name='serendipity[karmalog{$i}][entryid]' value='{$vote['entryid']}'>\n <input type='hidden' name='serendipity[karmalog{$i}][votetime]' value='{$vote['votetime']}'>\n <input type='hidden' name='serendipity[karmalog{$i}][ip]' value='{$vote['ip']}'>\n <input type='hidden' name='serendipity[karmalog{$i}][user_agent]' value='{$vote['user_agent']}'>\n\n <div class='form_check'>\n <input id='multidelete_karma_{$i}' class='multidelete' type='checkbox' name='serendipity[delete][{$i}]' value='{$i}' data-multidelid='karma_{$i}'>\n <label for='multidelete_karma_{$i}' class='visuallyhidden'>" . TOGGLE_SELECT . "</label>\n </div>\n\n <h4><a href='{$entrylink}' title='ID: {$vote['entryid']}'>{$votetitle}</a>\n <button class='toggle_info button_link' type='button' data-href='#karma_data_{$i}'><span class='icon-info-circled'></span><span class='visuallyhidden'> " . MORE . "</span></button>\n {$entryFilterHtml}\n </h4>\n\n {$barHtml}\n\n <div id='karma_data_{$i}' class='additional_info'>\n <dl class='clearfix comment_data'>\n <dt>" . ON . "</dt>\n <dd>{$timestr}</dd>\n <dt>IP</dt>\n <dd>{$vote['ip']} {$ipFilterHtml}</dd>\n <dt><abbr title='User-Agent' lang='en'>UA</abbr></dt>\n <dd>{$vote['user_agent']}</dd>\n </dl>\n </div>\n </li>\n";
}
// End the vote table
print "\n </ul>\n ";
// Print the footer paging table
print "\n<nav class='pagination'>\n <h3>{$paging}</h3>\n <ul class='clearfix'>\n <li class='prev'>{$linkPrevious}</li>\n <li class='next'>{$linkNext}</li>\n </ul>\n</nav>\n</div>\n";
if (is_array($sql)) {
print "\n<div class='form_buttons'>\n<input class='invert_selection' name='toggle' type='button' value='" . INVERT_SELECTIONS . "'> \n<input class='state_cancel' name='serendipity[delete_button]' type='submit' title='" . PLUGIN_KARMA_DELETE_VOTES . "' value='" . DELETE . "'>\n</div>\n</form>\n";
}
} else {
print "\n<span class='msg_notice'><span class='icon-info-circled'></span> No logs to display. You need to enable karma logging, if you want to see single votes displayed here.</span>\n";
}
return true;
break;
default:
return false;
}
// End switch on event hooks
} else {
return false;
}
}
</a>
<?php
echo str_repeat(' ', 10);
?>
<a href="<?php
echo $newLoc;
?>
" class="serendipityPrettyButton input_button"><?php
echo DUMP_IT;
?>
</a>
</div>
<?php
break;
case 'multidelete':
if (!serendipity_checkFormToken() || !is_array($serendipity['POST']['multiDelete'])) {
break;
}
$ids = '';
foreach ($serendipity['POST']['multiDelete'] as $idx => $id) {
$ids .= (int) $id . ',';
$entry = serendipity_fetchEntry('id', $id, 1, 1);
printf(DELETE_SURE, $entry['id'] . ' - ' . htmlspecialchars($entry['title']));
echo '<br />';
}
$newLoc = '?' . serendipity_setFormToken('url') . '&serendipity[action]=admin&serendipity[adminModule]=entries&serendipity[adminAction]=doMultiDelete&serendipity[id]=' . $ids;
?>
<br />
<br />
<div>
<a href="<?php
# Copyright (c) 2003-2005, Jannis Hermanns (on behalf the Serendipity Developer Team)
# All rights reserved. See LICENSE file for licensing details
if (IN_serendipity !== true) {
die("Don't hack!");
}
umask(00);
$umask = 0775;
@define('IN_installer', true);
if (!isset($_POST['installAction'])) {
$_POST['installAction'] = '';
}
if (!serendipity_checkPermission('siteConfiguration') && !serendipity_checkPermission('blogConfiguration')) {
return;
}
$data = array();
if ($_POST['installAction'] == 'check' && serendipity_checkFormToken()) {
$data['installAction'] = 'check';
$oldConfig = $serendipity;
$res = serendipity_updateConfiguration();
$data['res'] = $res;
if (is_array($res)) {
$data['diagnosticError'] = true;
} else {
/* If we have new rewrite rules, then install them */
$permalinkOld = array($oldConfig['serendipityHTTPPath'], $oldConfig['serendipityPath'], $oldConfig['defaultBaseURL'], $oldConfig['indexFile'], $oldConfig['rewrite']);
$permalinkNew = array($serendipity['serendipityHTTPPath'], $serendipity['serendipityPath'], $serendipity['defaultBaseURL'], $serendipity['indexFile'], $serendipity['rewrite']);
// Compare all old permalink section values against new one. A change in any of those
// will force to update the .htaccess for rewrite rules.
$permconf = serendipity_parseTemplate(S9Y_CONFIG_TEMPLATE);
if (is_array($permconf) && is_array($permconf['permalinks']['items'])) {
foreach ($permconf['permalinks']['items'] as $permitem) {
