public function strip($str)
{
if (count($this->_replacements) > 0) {
$str = JCommentsText::br2nl($str);
$str = preg_replace($this->_replacements['code'], '\\1\\3', $str);
$str = JCommentsText::nl2br($str);
}
return $str;
}
public static function prepareValues(&$values)
{
foreach ($values as $k => $v) {
if ($k == 'comment') {
// strip all HTML except [code]
$m = array();
preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isU' . JCOMMENTS_PCRE_UTF8, trim($v), $m);
$tmp = array();
$key = '';
foreach ($m[1] as $code) {
$key = '{' . md5($code . $key) . '}';
$tmp[$key] = $code;
$v = preg_replace('#' . preg_quote($code, '#') . "#isU" . JCOMMENTS_PCRE_UTF8, $key, $v);
}
$v = trim(strip_tags($v));
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$v = stripslashes($v);
}
$v = JCommentsText::nl2br($v);
foreach ($tmp as $key => $code) {
if (get_magic_quotes_gpc() == 1) {
$code = str_replace('\\"', '"', $code);
$code = str_replace("\\'", "'", $code);
}
$v = preg_replace('#' . preg_quote($key, '#') . "#isU" . JCOMMENTS_PCRE_UTF8, $code, $v);
}
unset($tmp, $m);
$values[$k] = $v;
} else {
$values[$k] = trim(strip_tags($v));
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$values[$k] = stripslashes($values[$k]);
}
}
}
// for Joomla 1.5 change encoding is not needed
if (JCOMMENTS_JVERSION == '1.0') {
return self::convertEncoding($values);
} else {
return $values;
}
}
public static function prepareValues(&$values)
{
foreach ($values as $k => $v) {
if ($k == 'comment') {
// strip all HTML except [code]
$m = array();
preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isUu', trim($v), $m);
$tmp = array();
$key = '';
foreach ($m[1] as $code) {
$key = '{' . md5($code . $key) . '}';
$tmp[$key] = $code;
$v = preg_replace('#' . preg_quote($code, '#') . '#isUu', $key, $v);
}
$v = trim(strip_tags($v));
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$v = stripslashes($v);
}
$v = JCommentsText::nl2br($v);
foreach ($tmp as $key => $code) {
if (get_magic_quotes_gpc() == 1) {
$code = str_replace('\\"', '"', $code);
$code = str_replace('\'', "'", $code);
}
$v = preg_replace('#' . preg_quote($key, '#') . '#isUu', $code, $v);
}
unset($tmp, $m);
$values[$k] = $v;
} else {
$values[$k] = trim(strip_tags($v));
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$values[$k] = stripslashes($values[$k]);
}
}
}
return $values;
}
public function save($data)
{
$table = $this->getTable();
$pkName = $table->getKeyName();
$pk = !empty($data[$pkName]) ? $data[$pkName] : (int) $this->getState($this->getName() . '.id');
try {
if ($pk > 0) {
$table->load($pk);
}
$prevPublished = $table->published;
if (!$table->bind($data)) {
$this->setError($table->getError());
return false;
}
if ($table->userid == 0) {
$table->name = preg_replace('/[\'"\\>\\<\\(\\)\\[\\]]?+/i', '', $table->name);
$table->username = $table->name;
} else {
$user = JFactory::getUser($table->userid);
$table->name = $user->name;
$table->username = $user->username;
$table->email = $user->email;
}
if (get_magic_quotes_gpc() == 1) {
$table->title = stripslashes($table->title);
$table->comment = stripslashes($table->comment);
}
$table->comment = JCommentsText::nl2br($table->comment);
$table->comment = JCommentsFactory::getBBCode()->filter($table->comment);
if (!$table->check()) {
$this->setError($table->getError());
return false;
}
if (!$table->store()) {
$this->setError($table->getError());
return false;
}
if ($table->published && $prevPublished != $table->published) {
JCommentsNotificationHelper::push(array('comment' => $table), 'comment-new');
}
$this->cleanCache('com_jcomments');
} catch (Exception $e) {
$this->setError($e->getMessage());
return false;
}
if (isset($table->{$pkName})) {
$this->setState($this->getName() . '.id', $table->{$pkName});
}
return true;
}
protected function clearComment($value)
{
// change \n to <br />
$matches = array();
preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isUu', trim($value), $matches);
$map = array();
$key = '';
foreach ($matches[1] as $code) {
$key = '{' . md5($code . $key) . '}';
$map[$key] = $code;
$value = preg_replace('#' . preg_quote($code, '#') . '#isUu', $key, $value);
}
$value = JCommentsText::nl2br($value);
foreach ($map as $key => $code) {
$value = preg_replace('#' . preg_quote($key, '#') . '#isUu', $code, $value);
}
// strip bbcodes
$patterns = array('/\\[font=(.*?)\\](.*?)\\[\\/font\\]/i', '/\\[size=(.*?)\\](.*?)\\[\\/size\\]/i', '/\\[color=(.*?)\\](.*?)\\[\\/color\\]/i', '/\\[b\\](null|)\\[\\/b\\]/i', '/\\[i\\](null|)\\[\\/i\\]/i', '/\\[u\\](null|)\\[\\/u\\]/i', '/\\[s\\](null|)\\[\\/s\\]/i', '/\\[url=null\\]null\\[\\/url\\]/i', '/\\[img\\](null|)\\[\\/img\\]/i', '/\\[url=(.*?)\\](.*?)\\[\\/url\\]/i', '/\\[email](.*?)\\[\\/email\\]/i', '/\\[quote=\\"?([^\\:\\]]+)(\\:[0-9]+)?\\"?\\]/ism', '/\\[link=\\"?([^\\]]+)\\"?\\]/ism', '/\\[\\/link\\]/ism', '/\\[youtube ([^\\s]+) youtube\\]/ism');
$replacements = array('\\2', '\\2', '\\2', '', '', '', '', '', '', '\\2 ([url]\\1[/url])', '\\1', '[quote name="\\1"]', '[url=\\1]', '[/url]', '[youtube]\\1[/youtube]');
$value = preg_replace($patterns, $replacements, $value);
return $value;
}
public static function save()
{
JCommentsSecurity::checkToken();
$task = JCommentsInput::getVar('task');
$id = (int) JCommentsInput::getVar('id', 0);
$bbcode = JCommentsFactory::getBBCode();
$db = JCommentsFactory::getDBO();
$row = new JCommentsTableComment($db);
if ($row->load($id)) {
$prevPublished = $row->published;
$row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage')));
$row->email = trim(strip_tags(JCommentsInput::getVar('email')));
$row->title = trim(strip_tags(JCommentsInput::getVar('title')));
$row->comment = trim(strip_tags(JCommentsInput::getVar('comment')));
$row->published = (int) JCommentsInput::getVar('published');
if ($row->userid == 0) {
$row->name = strip_tags(JCommentsInput::getVar('name'));
$row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name);
if ($row->username != $row->name) {
$row->username = $row->name;
}
$row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username);
} else {
if ($row->name == '' || $row->username == '' || $row->email == '') {
$user = JCommentsFactory::getUser($row->userid);
$row->name = $row->name == '' ? $user->name : $row->name;
$row->username = $row->username == '' ? $user->username : $row->username;
$row->email = $row->email == '' ? $user->email : $row->email;
}
}
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$row->title = stripslashes($row->title);
$row->comment = stripslashes($row->comment);
}
$row->comment = JCommentsText::nl2br($row->comment);
$row->comment = $bbcode->filter($row->comment);
$row->store();
$row->checkin();
// send notification to comment subscribers
if ($row->published && $prevPublished != $row->published) {
// TODO: add separate message for just published comments
include_once JCOMMENTS_BASE . '/jcomments.php';
$language = JCommentsFactory::getLanguage();
$language->load('com_jcomments', JOOMLATUNE_JPATH_SITE, $row->lang);
JComments::sendToSubscribers($row, true);
}
$cache = JCommentsFactory::getCache('com_jcomments');
$cache->clean();
$cache = JCommentsFactory::getCache($row->object_group);
$cache->clean();
}
switch ($task) {
case 'comments.apply':
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments.edit&hidemainmenu=1&cid[]=' . $row->id);
break;
case 'comments.save':
default:
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments');
break;
}
}
function save()
{
$task = JCommentsInput::getVar('task');
$id = (int) JCommentsInput::getVar('id', 0);
$bbcode =& JCommentsFactory::getBBCode();
$db =& JCommentsFactory::getDBO();
$row = new JCommentsDB($db);
if ($row->load($id)) {
$row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage')));
$row->email = trim(strip_tags(JCommentsInput::getVar('email')));
$row->title = trim(strip_tags(JCommentsInput::getVar('title')));
$row->comment = JCommentsInput::getVar('comment');
$row->published = (int) JCommentsInput::getVar('published');
if ($row->userid == 0) {
$row->name = strip_tags(JCommentsInput::getVar('name'));
$row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name);
if ($row->username != $row->name) {
$row->username = $row->name;
}
$row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username);
} else {
if ($row->name == '' || $row->username == '' || $row->email == '') {
$user = JCommentsFactory::getUser($row->userid);
$row->name = $row->name == '' ? $user->name : $row->name;
$row->username = $row->username == '' ? $user->username : $row->username;
$row->email = $row->email == '' ? $user->email : $row->email;
}
}
// handle magic quotes compatibility
if (get_magic_quotes_gpc() == 1) {
$row->title = stripslashes($row->title);
$row->comment = stripslashes($row->comment);
}
$row->comment = JCommentsText::nl2br($row->comment);
$row->comment = $bbcode->filter($row->comment);
$row->store();
$row->checkin();
JCommentsCache::cleanCache('com_jcomments');
JCommentsCache::cleanCache($row->object_group);
}
switch ($task) {
case 'apply':
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=edit&hidemainmenu=1&cid[]=' . $row->id);
break;
case 'save':
default:
JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments');
break;
}
}
function strip($str)
{
if (count($this->_smiles) == 0) {
return $str;
}
$str = JCommentsText::br2nl($str);
$str = preg_replace($this->_smiles['code'], '\\1\\3', $str);
$str = JCommentsText::nl2br($str);
return $str;
}
