Exemplo n.º 1
0
/**
 * Enter description here...
 *
 */
function handlePostTrackback($uri, $date)
{
    global $PIVOTX;
    $message = "";
    // Using our integrated Trackback Spam Killer
    killtrackbackspam();
    // Initialise the IP blocklist.
    $blocklist = new IPBlock();
    // checking if IP address of trackbacking site is blocked
    if ($blocklist->isBlocked($_SERVER['REMOTE_ADDR'])) {
        debug("Blocked user from " . $_SERVER['REMOTE_ADDR'] . " tried to trackback");
        respondExit("Your IP-address has been blocked, so you are not" . " allowed to leave trackbacks on this site. We know IP-adresses can easily be faked," . " but it helps.", 1);
    }
    // Get the entry from the DB..
    $entry = $PIVOTX['db']->read_entry($uri, $date);
    // Exit if non-existing ID supplied
    if (empty($entry['code'])) {
        respondExit('Entry not found', 1);
    }
    // Keep original excerpt for spam checks ...
    $orig_excerpt = $_POST['excerpt'];
    // Strip out HTML from input and convert to utf-8.
    $_POST['blog_name'] = i18n_str_to_utf8(strip_tags($_POST['blog_name']));
    $_POST['title'] = i18n_str_to_utf8(strip_tags($_POST['title']));
    $_POST['url'] = strip_tags($_POST['url']);
    if ($PIVOTX['config']->get('allow_html_in_comments') == 1) {
        $_POST['excerpt'] = stripTagsAttributes($_POST['excerpt'], "*");
    } else {
        $_POST['excerpt'] = stripTagsAttributes($_POST['excerpt'], "<b><em><i><strong>");
    }
    $_POST['excerpt'] = i18n_str_to_utf8($_POST['excerpt']);
    $my_trackback = array('entry_uid' => intval($entry['code']), 'name' => $_POST['blog_name'], 'title' => $_POST['title'], 'url' => trim($_POST['url']), 'ip' => $_SERVER['REMOTE_ADDR'], 'date' => formatDate("", "%year%-%month%-%day%-%hour24%-%minute%"), 'excerpt' => trimText($_POST['excerpt'], 255, false, true, false));
    // Exit if no URL is given - need to know URL to foreign entry that
    // trackbacked us.
    if (empty($my_trackback['url'])) {
        respondExit('No URL (url) parameter given', 1);
    }
    //here we do a check to prevent double entries...
    $duplicate = FALSE;
    if (isset($entry['trackbacks']) && count($entry['trackbacks']) > 0) {
        foreach ($entry['trackbacks'] as $loop_trackback) {
            $diff = 1 / (min(strlen($loop_trackback['excerpt']), 200) / (levenshtein(substr($loop_trackback['excerpt'], 0, 200), substr($my_trackback['excerpt'], 0, 200)) + 1));
            if ($diff < 0.25 && $loop_trackback['ip'] == $my_trackback['ip']) {
                $duplicate = TRUE;
                break;
            }
        }
    }
    if (!$duplicate) {
        // update the current entry
        $entry['trackbacks'][] = $my_trackback;
        $post = TRUE;
    } else {
        $message = 'Your trackback has not been stored, because it seems to be a duplicate';
        $post = FALSE;
    }
    if ($PIVOTX['config']->get('maxhrefs') > 0) {
        $low_excerpt = strtolower(trackbackFormat($orig_excerpt));
        if (substr_count($low_excerpt, "href=") > $PIVOTX['config']->get('maxhrefs')) {
            $message = 'The maximum number of hyperlinks was exceeded. Are you spamming us?';
            $post = FALSE;
        }
    }
    if ($post) {
        $PIVOTX['db']->set_entry($entry);
        $PIVOTX['db']->save_entry(FALSE);
        // do not update the index.
        // Remove the compiled/parsed pages from the cache.
        if ($PIVOTX['config']->get('smarty_cache')) {
            $PIVOTX['template']->clear_cache();
        }
        // send mail..
        sendMailTrackback($my_trackback);
        debug("A trackback from '" . $my_trackback['name'] . "' added.");
        //update the 'last trackbacks' file
        if (isset($my_trackback)) {
            generateLastTrackbacks($my_trackback);
        }
        // Clean the simple cache..
        $PIVOTX['cache']->clear();
        // Remove the compiled/parsed pages from the cache.
        if ($PIVOTX['config']->get('smarty_cache')) {
            $PIVOTX['template']->clear_cache();
        }
        // After messing about with the trackbacks, clear the cache.
        $PIVOTX['cache']->cache['entries'] = array();
        respondExit();
    } else {
        respondExit($message, 1);
    }
}
Exemplo n.º 2
0
/**
 * Inserts the trackback URL for the current entry.
 *
 * The classes "pivotx-tracklink-text" and "pivotx-tracklink-url" can be used to style
 * the output.
 */
function smarty_tracklink($params, &$smarty)
{
    global $PIVOTX;
    $vars = $smarty->get_template_vars();
    if (isset($vars['entry'])) {
        $entry = $vars['entry'];
    } else {
        debug("The tracklink tag only works for entries");
        return "";
    }
    // Initialise the IP blocklist.
    $blocklist = new IPBlock();
    // check for entry's allow_comments, blocked IP address ...
    if (isset($entry['allow_comments']) && $entry['allow_comments'] == 0 || $blocklist->isBlocked($_SERVER['REMOTE_ADDR'])) {
        return "";
    }
    $params = cleanParams($params);
    $format = getDefault($params['format'], '<p><span class="pivotx-tracklink-text">' . __('Trackback link') . ': </span>' . '<span class="pivotx-tracklink-url">%url%</span></p>');
    $tb_url = $PIVOTX['paths']['host'] . makeFileLink($entry['code'], '', '');
    $trackback = getDefault($PIVOTX['config']->get('localised_trackback_name'), "trackback");
    if ($PIVOTX['config']->get('mod_rewrite') == 0) {
        $tb_url .= "&amp;{$trackback}";
        $tb_getkey_url = $tb_url . "&amp;getkey";
    } else {
        $tb_url .= "/{$trackback}/";
        $tb_getkey_url = $tb_url . "?getkey";
    }
    if ($PIVOTX['config']->get('hardened_trackback') != 1) {
        $output = str_replace("%url%", $tb_url, $format);
    } else {
        $tb_url = "<span id=\"tbgetter_%n%\">" . __('Please enable javascript to generate a trackback url') . "</span>";
        $tb_url .= "<script type=\"text/javascript\" src=\"{$tb_getkey_url}\"></script>\n";
        $tburl_gen = "<a href=\"#\"" . " title=\"" . __('Note: The url is valid for only 15 minutes after you opened this page!') . "\"" . " onclick=\"showTBURL_%n%(\\'tbgetter_%n%\\'); return false;\">" . __('Click to view the trackback url') . "</a>";
        $tb_url .= "\n<script type=\"text/javascript\">/*<![CDATA[*/\n" . "showTBURLgen_%n%('tbgetter_%n%', '{$tburl_gen}');\n/*]]>*/</script>\n";
        $tb_url = str_replace("%n%", $entry['code'], $tb_url);
        $output = str_replace("%url%", $tb_url, $format);
    }
    return $output;
}
Exemplo n.º 3
0
 function update_index($update = TRUE)
 {
     global $PIVOTX;
     $this->check_current_index();
     if (strlen($this->entry['title']) > 1) {
         $title = $this->entry['title'];
         $title = strip_tags($title);
     } else {
         $title = substr($this->entry['introduction'], 0, 300);
         $title = strip_tags($title);
         $title = str_replace("\n", "", $title);
         $title = str_replace("\r", "", $title);
         $title = substr($title, 0, 60);
     }
     // Make sure we have an URI. Old (converted from 1.x) entries don't have them, so we make them.
     if (empty($this->entry['uri'])) {
         $this->entry['uri'] = makeURI($this->entry['title']);
     }
     $size = strlen($this->entry['introduction']) + strlen($this->entry['body']);
     unset($commnames);
     if (isset($this->entry['comments'])) {
         // Initialise the IP blocklist.
         $blocklist = new IPBlock();
         foreach ($this->entry['comments'] as $comment) {
             if (!$blocklist->isBlocked($comment['ip'])) {
                 if ($comment['moderate'] != 1) {
                     $commnames[] = stripslashes($comment['name']);
                 } else {
                     // if moderation is on, we add the name as '-'..
                     $commnames[] = '-';
                 }
             }
         }
         if (isset($commnames) && count($commnames) > 0) {
             $this->entry['commnames'] = implode(", ", array_unique($commnames));
             $commcount = count($commnames);
         } else {
             $this->entry['commnames'] = "";
             $commcount = 0;
         }
     } else {
         unset($this->entry['comments']);
         $commcount = 0;
         $this->entry['commnames'] = "";
     }
     $this->entry['commcount'] = $commcount;
     if ($commcount == 0) {
         $commcount_str = __('No comments');
     } else {
         if ($commcount == 1) {
             $commcount_str = __('%num% comment');
         } else {
             $commcount_str = __('%num% comments');
         }
     }
     $this->entry['commcount_str'] = str_replace("%num%", $PIVOTX['locale']->getNumber($commcount), $commcount_str);
     $this->entry['commcount_str'] = str_replace("%n%", $commcount, $commcount_str);
     unset($tracknames);
     if (isset($this->entry['trackbacks'])) {
         foreach ($this->entry['trackbacks'] as $trackback) {
             $tracknames[] = stripslashes($trackback['name']);
         }
         if (isset($tracknames) && count($tracknames) > 0) {
             $this->entry['tracknames'] = implode(", ", array_unique($tracknames));
             $trackcount = count($tracknames);
         } else {
             $this->entry['tracknames'] = "";
             $trackcount = 0;
         }
     } else {
         unset($this->entry['trackbacks']);
         $trackcount = 0;
         $this->entry['tracknames'] = "";
     }
     $this->entry['trackcount'] = $trackcount;
     if ($trackcount == 0) {
         $trackcount_str = __('No trackbacks');
     } else {
         if ($trackcount == 1) {
             $trackcount_str = __('%num% trackback');
         } else {
             $trackcount_str = __('%num% trackbacks');
         }
     }
     $this->entry['trackcount_str'] = str_replace("%num%", $PIVOTX['locale']->getNumber($trackcount), $trackcount_str);
     $this->entry['trackcount_str'] = str_replace("%n%", $trackcount, $trackcount_str);
     if (!isset($this->entry['status'])) {
         $this->entry['status'] = 'publish';
     }
     $this->entry['excerpt'] = makeExcerpt($this->entry['introduction']);
     // Remove non-existing categories from entry before indexing
     if (count($this->all_cats) > 0) {
         $category = array_values(array_intersect($this->all_cats, $this->entry['category']));
     } else {
         $category = $this->entry['category'];
     }
     if (is_array($this->entry['extrafields'])) {
         $extrafields = array_keys($this->entry['extrafields']);
     } else {
         $extrafields = array();
     }
     $index_line = array('code' => $this->entry['code'], 'date' => addslashes($this->entry['date']), 'user' => $this->entry['user'], 'title' => addslashes($title), 'uri' => $this->entry['uri'], 'size' => $size, 'commcount' => $this->entry['commcount'], 'cnames' => $this->entry['commnames'], 'trackcount' => $this->entry['trackcount'], 'tnames' => $this->entry['tracknames'], 'category' => $category, 'extrafields' => $extrafields, 'status' => $this->entry['status'], 'excerpt' => $this->entry['excerpt']);
     if ($this->entry['code'] != "") {
         $this->entry_index[$this->entry['code']] = $index_line;
         $this->date_index[$this->entry['code']] = $this->entry['date'];
         $this->cat_index[$this->entry['code']] = $category;
         $this->uri_index[$this->entry['code']] = $this->entry['uri'];
     }
     if ($update) {
         $this->updated = TRUE;
     }
 }
Exemplo n.º 4
0
function pagem_comments()
{
    global $PIVOTX;
    $PIVOTX['session']->minLevel(PIVOTX_UL_NORMAL);
    // Get the 6 latest comments.. (non-moderated get priority)
    require_once dirname(__FILE__) . '/modules/module_comments.php';
    $modcomments = getModerationQueue();
    $comments = $PIVOTX['db']->read_latestcomments(array('amount' => 30, 'cats' => '', 'count' => 30, 'moderated' => 1));
    $comments = array_merge($modcomments, $comments);
    $comments = array_slice($comments, 0, 20);
    // Check for blocked IPs
    $blocklist = new IPBlock();
    foreach ($comments as $key => $comment) {
        $comments[$key]['blocked'] = $blocklist->isBlocked($comment["ip"]);
    }
    $PIVOTX['template']->assign('comments', $comments);
    $PIVOTX['template']->assign("title", __('Comments'));
    $PIVOTX['template']->assign("active", "comments");
    renderTemplate('mobile/comments.tpl');
}
Exemplo n.º 5
0
 /**
  * Saves the current entry - sql implementation.
  *
  * Returns true if successfully saved. Current implementation
  * seems to return true no matter what...
  *
  * @param boolean $update_index Whether to update the date index.
  * @return boolean
  */
 function save_entry($update_index = TRUE)
 {
     // Set the 'commcount', 'commnames'..
     unset($commnames);
     if (isset($this->entry['comments'])) {
         // Initialise the IP blocklist.
         $blocklist = new IPBlock();
         foreach ($this->entry['comments'] as $comment) {
             if (!$blocklist->isBlocked($comment['ip'])) {
                 if ($comment[moderate] != 1) {
                     $commnames[] = stripslashes($comment['name']);
                 } else {
                     // if moderation is on, we add the name as '-'..
                     $commnames[] = '-';
                 }
             }
         }
         if (isset($commnames) && count($commnames) > 0) {
             $this->entry['comment_names'] = implode(", ", array_unique($commnames));
             $this->entry['comment_count'] = count($commnames);
         } else {
             $this->entry['comment_names'] = "";
             $this->entry['comment_count'] = 0;
         }
     } else {
         unset($this->entry['comments']);
         $this->entry['comment_names'] = "";
         $this->entry['comment_count'] = 0;
     }
     // Set the 'trackcount', 'tracknames'..
     unset($tracknames);
     if (isset($this->entry['trackbacks'])) {
         foreach ($this->entry['trackbacks'] as $trackback) {
             $tracknames[] = stripslashes($trackback['name']);
         }
         if (isset($tracknames) && count($tracknames) > 0) {
             $this->entry['trackback_names'] = implode(", ", array_unique($tracknames));
             $this->entry['trackback_count'] = count($tracknames);
         } else {
             $this->entry['trackback_names'] = "";
             $this->entry['trackback_count'] = 0;
         }
     } else {
         unset($this->entry['trackbacks']);
         $this->entry['trackback_names'] = "";
         $this->entry['trackback_count'] = 0;
     }
     // Make sure we have an URI
     if (empty($this->entry['uri'])) {
         $this->entry['uri'] = makeURI($this->entry['title']);
     }
     $values = array('title' => $this->entry['title'], 'uri' => $this->entry['uri'], 'subtitle' => $this->entry['subtitle'], 'introduction' => $this->entry['introduction'], 'body' => $this->entry['body'], 'convert_lb' => intval($this->entry['convert_lb']), 'status' => $this->entry['status'], 'date' => $this->entry['date'], 'publish_date' => $this->entry['publish_date'], 'edit_date' => date("Y-m-d H:i:s", getCurrentDate()), 'user' => $this->entry['user'], 'allow_comments' => $this->entry['allow_comments'], 'keywords' => $this->entry['keywords'], 'via_link' => $this->entry['vialink'], 'via_title' => $this->entry['viatitle'], 'comment_count' => $this->entry['comment_count'], 'comment_names' => $this->entry['comment_names'], 'trackback_count' => $this->entry['trackback_count'], 'trackback_names' => $this->entry['trackback_names'], 'extrafields' => $this->entry['extrafields']);
     // Check if the entry exists
     $this->sql->query("SELECT uid FROM " . $this->entriestable . " WHERE uid=" . intval($this->entry['uid']));
     if (is_array($this->sql->fetch_row())) {
         // It exists, we do an update..
         $qry = array();
         $qry['update'] = $this->entriestable;
         $qry['value'] = $values;
         $qry['where'] = "uid=" . intval($this->entry['uid']);
         $this->sql->build_update($qry);
         $this->sql->query();
     } else {
         // New entry.
         // Add the UID to the values array if it is already set (for
         // example when importing entries).
         if ($this->entry['uid'] != '') {
             $values['uid'] = $this->entry['uid'];
         }
         $qry = array();
         $qry['into'] = $this->entriestable;
         $qry['value'] = $values;
         $this->sql->build_insert($qry);
         $this->sql->query();
         // Set the UID to the last inserted ID if it isn't already set
         // (which is normally the case for new entries).
         if ($this->entry['uid'] == '') {
             $this->entry['uid'] = $this->sql->get_last_id();
         }
         // A bit of a nasty hack, but needed when we have to insert tags for a new entry,
         // and $db is not yet aware of the new $uid.
         $GLOBALS['db']->entry['uid'] = $this->entry['uid'];
     }
     // We will also need to save the comments and trackbacks.. We should
     // try to prevent doing unneeded queries, so we only insert comments
     // and trackbacks which have no ['uid'] yet. (because these are either
     // new, or are being converted from flat files)
     if (!empty($this->entry['comments'])) {
         foreach ($this->entry['comments'] as $comment) {
             if ($comment['uid'] == "") {
                 // Ah, let's insert it.
                 $comment['entry_uid'] = $this->entry['uid'];
                 $comment['contenttype'] = 'entry';
                 // make sure we don't try to add the 'remember info' or 'allowedit' fields..
                 if (isset($comment['rememberinfo'])) {
                     unset($comment['rememberinfo']);
                 }
                 if (isset($comment['allowedit'])) {
                     unset($comment['allowedit']);
                 }
                 // Registered, Notify, etc. have to be integer values.
                 $comment['registered'] = intval($comment['registered']);
                 $comment['notify'] = intval($comment['notify']);
                 $comment['discreet'] = intval($comment['discreet']);
                 $comment['moderate'] = intval($comment['moderate']);
                 $comment['entry_uid'] = intval($comment['entry_uid']);
                 $qry = array();
                 $qry['into'] = $this->commentstable;
                 $qry['value'] = $comment;
                 $this->sql->build_insert($qry);
                 $this->sql->query();
             }
         }
     }
     if (!empty($this->entry['comments'])) {
         foreach ($this->entry['trackbacks'] as $trackback) {
             if ($trackback['uid'] == "") {
                 // Ah, let's insert it.
                 $trackback['entry_uid'] = $this->entry['uid'];
                 $qry = array();
                 $qry['into'] = $this->trackbackstable;
                 $qry['value'] = $trackback;
                 $this->sql->build_insert($qry);
                 $this->sql->query();
             }
         }
     }
     // Delete the keywords / tags..
     $qry = array();
     $qry['delete'] = $this->tagstable;
     $qry['where'] = "contenttype='entry' AND target_uid=" . intval($this->entry['uid']);
     $this->sql->build_delete($qry);
     $this->sql->query();
     $tags = getTags(false, $this->entry['introduction'] . $this->entry['body'], $this->entry['keywords']);
     // Add the keywords / tags..
     foreach ($tags as $tag) {
         $qry = array();
         $qry['into'] = $this->tagstable;
         $qry['value'] = array('tag' => $tag, 'contenttype' => 'entry', 'target_uid' => $this->entry['uid']);
         $this->sql->build_insert($qry);
         $this->sql->query();
     }
     // Delete the categories..
     $qry = array();
     $qry['delete'] = $this->categoriestable;
     $qry['where'][] = "contenttype='entry'";
     $qry['where'][] = "target_uid=" . intval($this->entry['uid']);
     $this->sql->build_delete($qry);
     $this->sql->query();
     // Add the Categories..
     foreach ($this->entry['category'] as $cat) {
         $qry = array();
         $qry['into'] = $this->categoriestable;
         $qry['value'] = array('category' => safeString($cat, true), 'contenttype' => 'entry', 'target_uid' => $this->entry['uid']);
         $this->sql->build_insert($qry);
         $this->sql->query();
     }
     // Store the 'extra fields'
     if (!is_array($this->entry['extrafields'])) {
         $this->entry['extrafields'] = array();
     }
     $extrakeys = array();
     foreach ($this->entry['extrafields'] as $key => $value) {
         $extrakeys[] = $this->sql->quote($key);
         // No need to store empty values
         if (empty($value)) {
             unset($this->entry['extrafields'][$key]);
         }
         // Serialize any arrays..
         if (is_array($value)) {
             $this->entry['extrafields'][$key] = serialize($value);
         }
     }
     if (count($extrakeys) > 0) {
         $qry = array();
         $qry['delete'] = $this->extrafieldstable;
         $qry['where'][] = "target_uid=" . intval($this->entry['uid']);
         $qry['where'][] = "contenttype='entry'";
         $qry['where'][] = "fieldkey IN (" . implode(", ", $extrakeys) . ")";
         $this->sql->build_delete($qry);
         $this->sql->query();
     }
     foreach ($this->entry['extrafields'] as $key => $value) {
         $qry = array();
         $qry['into'] = $this->extrafieldstable;
         $qry['value'] = array('fieldkey' => safeString($key, true), 'value' => $value, 'contenttype' => 'entry', 'target_uid' => $this->entry['uid']);
         $this->sql->build_insert($qry);
         $this->sql->query();
     }
     //echo "<pre>\n"; print_r($extrakeys); echo "</pre>\n";
     //echo "<pre>\n"; print_r($this->entry['extrafields']); echo "</pre>\n";
     return TRUE;
 }