if (isset($_GET['success']) && $_GET['success'] == 'true') {
$serendipity['smarty']->assign(array('is_comment_added' => true, 'comment_url' => serendipity_specialchars($_GET['url']) . '&serendipity[entry_id]=' . $id, 'comment_string' => explode('%s', COMMENT_ADDED_CLICK)));
} else {
if (!isset($serendipity['POST']['submit'])) {
if ($serendipity['GET']['type'] == 'trackbacks') {
$query = "SELECT title, timestamp FROM {$serendipity['dbPrefix']}entries WHERE id = '" . $id . "'";
$entry = serendipity_db_query($query);
$entry = serendipity_archiveURL($id, $entry[0]['title'], 'baseURL', true, array('timestamp' => $entry[0]['timestamp']));
$serendipity['smarty']->assign(array('is_showtrackbacks' => true, 'comment_url' => $serendipity['baseURL'] . 'comment.php?type=trackback&entry_id=' . $id, 'comment_entryurl' => $entry));
} else {
$query = "SELECT id, last_modified, timestamp, allow_comments, moderate_comments FROM {$serendipity['dbPrefix']}entries WHERE id = '" . $id . "'";
$ca = serendipity_db_query($query, true);
$comment_allowed = serendipity_db_bool($ca['allow_comments']) || !is_array($ca) ? true : false;
$serendipity['smarty']->assign(array('is_showcomments' => true, 'is_comment_allowed' => $comment_allowed));
if ($comment_allowed) {
serendipity_displayCommentForm($id, '?', NULL, $serendipity['POST'], true, serendipity_db_bool($ca['moderate_comments']), $ca);
}
}
} else {
$comment['url'] = $serendipity['POST']['url'];
$comment['comment'] = trim($serendipity['POST']['comment']);
$comment['name'] = $serendipity['POST']['name'];
$comment['email'] = $serendipity['POST']['email'];
$comment['subscribe'] = $serendipity['POST']['subscribe'];
$comment['parent_id'] = $serendipity['POST']['replyTo'];
if (!empty($comment['comment'])) {
if (serendipity_saveComment($id, $comment, 'NORMAL')) {
$sc_url = $serendipity['baseURL'] . 'comment.php?serendipity[entry_id]=' . $id . '&success=true&url=' . urlencode($_SERVER['HTTP_REFERER']);
if (serendipity_isResponseClean($sc_url)) {
header('Status: 302 Found');
header('Location: ' . $sc_url);
/**
* Smarty Function: Shows a commentform
*
* @access public
* @param array Smarty parameter input array:
* id: An entryid to show the commentform for
* url: an optional HTML target link for the form
* comments: Optional array of containing comments
* data: possible pre-submitted values to the input values
* showToolbar: Toggle whether to show extended options of the comment form
* moderate_comments: Toggle whether comments to this entry are allowed
* @param object Smarty object
* @return void
*/
function serendipity_smarty_showCommentForm($params, &$smarty)
{
global $serendipity;
if (!isset($params['id']) || !isset($params['entry'])) {
trigger_error("Smarty Error: " . __FUNCTION__ . ": missing 'id' or 'entry' parameter", E_USER_WARNING);
return;
}
if (empty($params['url'])) {
$params['url'] = $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?url=' . $params['entry']['commURL'];
}
if (!isset($params['comments'])) {
$params['comments'] = NULL;
}
if (!isset($params['data'])) {
$params['data'] = $serendipity['POST'];
}
if (!isset($params['showToolbar'])) {
$params['showToolbar'] = true;
}
if (!isset($params['moderate_comments'])) {
$params['moderate_comments'] = serendipity_db_bool($params['entry']['moderate_comments']);
}
$comment_add_data = array('comments_messagestack' => isset($serendipity['messagestack']['comments']) ? (array) $serendipity['messagestack']['comments'] : array(), 'is_comment_added' => isset($serendipity['GET']['csuccess']) && $serendipity['GET']['csuccess'] == 'true' ? true : false, 'is_comment_moderate' => isset($serendipity['GET']['csuccess']) && $serendipity['GET']['csuccess'] == 'moderate' ? true : false);
$smarty->assign($comment_add_data);
serendipity_displayCommentForm($params['id'], $params['url'], $params['comments'], $params['data'], $params['showToolbar'], $params['moderate_comments'], $params['entry']);
return true;
}
/**
* Passes the list of fetched entries from serendipity_fetchEntries() on to the Smarty layer
*
* This function contains all the core logic to group and prepare entries to be shown in your
* $entries.tpl template. It groups them by date, so that you can easily loop on the set of
* entries.
* This function is not only used for printing all entries, but also for printing individual
* entries.
* Several central Event hooks are executed here for the whole page flow, like header+footer data.
*
* @see serendipity_fetchEntries()
* @see serendipity_searchEntries()
* @access public
* @param array The array of entries with all of its data
* @param boolean Toggle whether the extended portion of an entry is requested (via $serendipity['GET']['id'] single entry view)
* @param boolean Indicates if this is a preview
* @param string The name of the SMARTY block that this gets parsed into
* @param boolean Indicates whether the assigned smarty variables should be parsed. When set to "return", no smarty parsing is done.
* @param boolean Indicates whether to apply footer/header event hooks
* @param boolean Indicates whether the pagination footer should be displayed
* @param mixed Indicates whether the input $entries array is already grouped in preparation for the smarty $entries output array [TRUE], or if it shall be grouped by date [FALSE] or if a plugin hook shall be executed to modify data ['plugin']. This setting can also be superseded by a 'entry_display' hook.
* @return
*/
function serendipity_printEntries($entries, $extended = 0, $preview = false, $smarty_block = 'ENTRIES', $smarty_fetch = true, $use_hooks = true, $use_footer = true, $use_grouped_array = false)
{
global $serendipity;
if ($use_hooks) {
$addData = array('extended' => $extended, 'preview' => $preview);
serendipity_plugin_api::hook_event('entry_display', $entries, $addData);
if (isset($entries['clean_page']) && $entries['clean_page'] === true) {
if ($serendipity['view'] == '404') {
$serendipity['view'] = 'plugin';
}
$serendipity['smarty']->assign(array('plugin_clean_page' => true, 'view' => $serendipity['view']));
serendipity_smarty_fetch($smarty_block, 'entries.tpl', true);
return;
// no display of this item
}
}
// We shouldn't return here, because we want Smarty to handle the output
if (!is_array($entries) || $entries[0] == false || !isset($entries[0]['timestamp'])) {
$entries = array();
}
// A plugin executed in entry_display should be able to change the way of ordering entries. Forward-Thinking. ;)
if (isset($entries['use_grouped_array'])) {
$use_grouped_array = $entries['use_grouped_array'];
}
if ($use_grouped_array === false) {
// Use grouping by date (default)
$dategroup = array();
for ($x = 0, $num_entries = count($entries); $x < $num_entries; $x++) {
if (!empty($entries[$x]['properties']['ep_is_sticky']) && serendipity_db_bool($entries[$x]['properties']['ep_is_sticky'])) {
$entries[$x]['is_sticky'] = true;
$key = 'sticky';
} else {
$key = date('Ymd', serendipity_serverOffsetHour($entries[$x]['timestamp']));
}
$dategroup[$key]['date'] = $entries[$x]['timestamp'];
$dategroup[$key]['is_sticky'] = isset($entries[$x]['is_sticky']) && serendipity_db_bool($entries[$x]['is_sticky']) ? true : false;
$dategroup[$key]['entries'][] =& $entries[$x];
}
} elseif ($use_grouped_array === 'plugin') {
// Let a plugin do the grouping
serendipity_plugin_api::hook_event('entry_groupdata', $entries);
$dategroup =& $entries;
} else {
$dategroup =& $entries;
}
foreach ($dategroup as $dategroup_idx => $properties) {
foreach ($properties['entries'] as $x => $_entry) {
if ($smarty_fetch === 'return') {
$entry =& $dategroup[$dategroup_idx]['entries'][$x];
// PHP4 Compat
} else {
// DISABLED - made problems with custom plugins
// $entry = &$properties['entries'][$x]; // PHP4 Compat
$entry =& $dategroup[$dategroup_idx]['entries'][$x];
// PHP4 Compat
}
if (!empty($entry['properties']['ep_cache_body'])) {
$entry['body'] =& $entry['properties']['ep_cache_body'];
$entry['is_cached'] = true;
}
//--JAM: Highlight-span search terms
if ($serendipity['action'] == 'search') {
$searchterms = str_replace('"', '', $serendipity['GET']['searchterms']);
$searchterms = explode($searchterms, ' ');
foreach ($searchterms as $searchdx => $searchterm) {
$searchclass = "foundterm foundterm" . $searchdx;
$entry['body'] = str_replace($searchterm, '<span class="' . $searchclass . '">' . $searchterm . '</span>', $entry['body']);
}
}
if (!empty($entry['properties']['ep_cache_extended'])) {
$entry['extended'] =& $entry['properties']['ep_cache_extended'];
$entry['is_cached'] = true;
}
if ($preview) {
$entry['author'] = $entry['realname'];
$entry['authorid'] = $serendipity['authorid'];
}
$addData = array('from' => 'functions_entries:printEntries');
if ($entry['is_cached']) {
$addData['no_scramble'] = true;
}
serendipity_plugin_api::hook_event('frontend_display', $entry, $addData);
if ($preview) {
$entry['author'] = $entry['realname'];
$entry['authorid'] = $serendipity['authorid'];
}
$entry['author'] = htmlspecialchars($entry['author']);
$authorData = array('authorid' => $entry['authorid'], 'username' => $entry['loginname'], 'email' => $entry['email'], 'realname' => $entry['author']);
$entry['link'] = serendipity_archiveURL($entry['id'], $entry['title'], 'serendipityHTTPPath', true, array('timestamp' => $entry['timestamp']));
$entry['commURL'] = serendipity_archiveURL($entry['id'], $entry['title'], 'baseURL', false, array('timestamp' => $entry['timestamp']));
$entry['html_title'] = $entry['title'];
$entry['title'] = htmlspecialchars($entry['title']);
$entry['title_rdf'] = preg_replace('@-{2,}@', '-', $entry['html_title']);
$entry['rdf_ident'] = serendipity_archiveURL($entry['id'], $entry['title_rdf'], 'baseURL', true, array('timestamp' => $entry['timestamp']));
$entry['link_rdf'] = serendipity_rewriteURL(PATH_FEEDS . '/ei_' . $entry['id'] . '.rdf');
$entry['title_rdf'] = htmlspecialchars($entry['title_rdf']);
$entry['link_allow_comments'] = $serendipity['baseURL'] . 'comment.php?serendipity[switch]=enable&serendipity[entry]=' . $entry['id'];
$entry['link_deny_comments'] = $serendipity['baseURL'] . 'comment.php?serendipity[switch]=disable&serendipity[entry]=' . $entry['id'];
$entry['allow_comments'] = serendipity_db_bool($entry['allow_comments']);
$entry['moderate_comments'] = serendipity_db_bool($entry['moderate_comments']);
$entry['viewmode'] = $serendipity['GET']['cview'] == VIEWMODE_LINEAR ? VIEWMODE_LINEAR : VIEWMODE_THREADED;
$entry['link_popup_comments'] = $serendipity['serendipityHTTPPath'] . 'comment.php?serendipity[entry_id]=' . $entry['id'] . '&serendipity[type]=comments';
$entry['link_popup_trackbacks'] = $serendipity['serendipityHTTPPath'] . 'comment.php?serendipity[entry_id]=' . $entry['id'] . '&serendipity[type]=trackbacks';
$entry['link_edit'] = $serendipity['baseURL'] . 'serendipity_admin.php?serendipity[action]=admin&serendipity[adminModule]=entries&serendipity[adminAction]=edit&serendipity[id]=' . $entry['id'];
$entry['link_trackback'] = $serendipity['baseURL'] . 'comment.php?type=trackback&entry_id=' . $entry['id'];
$entry['link_viewmode_threaded'] = $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?url=' . $entry['commURL'] . '&serendipity[cview]=' . VIEWMODE_THREADED;
$entry['link_viewmode_linear'] = $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?url=' . $entry['commURL'] . '&serendipity[cview]=' . VIEWMODE_LINEAR;
$entry['link_author'] = serendipity_authorURL($authorData);
if (is_array($entry['categories'])) {
foreach ($entry['categories'] as $k => $v) {
if (!isset($entry['categories'][$k]['category_link'])) {
$entry['categories'][$k]['category_link'] = serendipity_categoryURL($entry['categories'][$k]);
}
}
}
if (strlen($entry['extended'])) {
$entry['has_extended'] = true;
}
if (isset($entry['exflag']) && $entry['exflag'] && ($extended || $preview)) {
$entry['is_extended'] = true;
}
if (serendipity_db_bool($entry['allow_comments']) || !isset($entry['allow_comments']) || $entry['comments'] > 0) {
$entry['has_comments'] = true;
$entry['label_comments'] = $entry['comments'] == 1 ? COMMENT : COMMENTS;
}
if (serendipity_db_bool($entry['allow_comments']) || !isset($entry['allow_comments']) || $entry['trackbacks'] > 0) {
$entry['has_trackbacks'] = true;
$entry['label_trackbacks'] = $entry['trackbacks'] == 1 ? TRACKBACK : TRACKBACKS;
}
if ($_SESSION['serendipityAuthedUser'] === true && ($_SESSION['serendipityAuthorid'] == $entry['authorid'] || serendipity_checkPermission('adminEntriesMaintainOthers'))) {
$entry['is_entry_owner'] = true;
}
$entry['display_dat'] = '';
serendipity_plugin_api::hook_event('frontend_display:html:per_entry', $entry);
$entry['plugin_display_dat'] =& $entry['display_dat'];
if ($preview) {
ob_start();
serendipity_plugin_api::hook_event('backend_preview', $entry);
$entry['backend_preview'] = ob_get_contents();
ob_end_clean();
}
/* IF WE ARE DISPLAYING A FULL ENTRY */
if (isset($serendipity['GET']['id'])) {
$comment_add_data = array('comments_messagestack' => isset($serendipity['messagestack']['comments']) ? (array) $serendipity['messagestack']['comments'] : array(), 'is_comment_added' => isset($serendipity['GET']['csuccess']) && $serendipity['GET']['csuccess'] == 'true' ? true : false, 'is_comment_moderate' => isset($serendipity['GET']['csuccess']) && $serendipity['GET']['csuccess'] == 'moderate' ? true : false);
$serendipity['smarty']->assign($comment_add_data);
serendipity_displayCommentForm($entry['id'], $serendipity['serendipityHTTPPath'] . $serendipity['indexFile'] . '?url=' . $entry['commURL'], true, $serendipity['POST'], true, serendipity_db_bool($entry['moderate_comments']), $entry);
}
// END FULL ENTRY LOGIC
}
// end foreach-loop (entries)
}
// end foreach-loop (dates)
if (!isset($serendipity['GET']['id']) && (!isset($serendipity['hidefooter']) || $serendipity['hidefooter'] == false) && $num_entries <= $serendipity['fetchLimit'] && $use_footer) {
serendipity_printEntryFooter();
}
if ($smarty_fetch === 'return') {
return $dategroup;
}
$serendipity['smarty']->assign_by_ref('entries', $dategroup);
unset($entries, $dategroup);
if (isset($serendipity['short_archives']) && $serendipity['short_archives']) {
serendipity_smarty_fetch($smarty_block, 'entries_summary.tpl', true);
} elseif ($smarty_fetch == true) {
serendipity_smarty_fetch($smarty_block, 'entries.tpl', true);
}
}
/* If we are in preview, we get comment data from our form */
} elseif (isset($serendipity['POST']['preview'])) {
$codata['name'] = $serendipity['POST']['name'];
$codata['email'] = $serendipity['POST']['email'];
$codata['url'] = $serendipity['POST']['url'];
$codata['replyTo'] = $serendipity['POST']['replyTo'];
$codata['comment'] = $serendipity['POST']['comment'];
$pc_data = array(array('email' => $serendipity['POST']['email'], 'author' => $serendipity['POST']['name'], 'body' => $serendipity['POST']['comment'], 'url' => $serendipity['POST']['url'], 'timestamp' => time()));
serendipity_printComments($pc_data);
$serendipity['smarty']->display(serendipity_getTemplateFile('comments.tpl', 'serendipityPath'));
}
}
if (!empty($codata['url']) && substr($codata['url'], 0, 7) != 'http://' && substr($codata['url'], 0, 8) != 'https://') {
$codata['url'] = 'http://' . $codata['url'];
}
serendipity_displayCommentForm($serendipity['GET']['entry_id'], $target_url, NULL, $codata, false, false);
$serendipity['smarty']->display(serendipity_getTemplateFile('commentform.tpl', 'serendipityPath'));
return true;
}
/* Searchable fields */
$filters = array('author', 'email', 'ip', 'url', 'body', 'referer');
/* Compress the filters into an "AND" SQL query, and a querystring */
foreach ($filters as $filter) {
$and .= !empty($serendipity['GET']['filter'][$filter]) ? "AND c." . $filter . " LIKE '%" . serendipity_db_escape_string($serendipity['GET']['filter'][$filter]) . "%'" : "";
$searchString .= !empty($serendipity['GET']['filter'][$filter]) ? "&serendipity[filter][" . $filter . "]=" . serendipity_specialchars($serendipity['GET']['filter'][$filter]) : "";
}
if ($serendipity['GET']['filter']['show'] == 'approved') {
$and .= "AND status = 'approved'";
$searchString .= "&serendipity[filter][show]=approved";
} elseif ($serendipity['GET']['filter']['show'] == 'pending') {
$and .= "AND status = 'pending'";
