function blog_trackback_receive()
{
global $database, $user, $setting;
$is_error = FALSE;
// Create trackback class instance
$trackback = new Trackback(NULL, NULL, "UTF-8");
// Prepare data
$trackback_eid = $trackback->e_id;
$trackback_url = trim($trackback->url);
$trackback_title = trim($trackback->title);
$trackback_excerpt = trim($trackback->excerpt);
$trackback_bname = trim($trackback->bname);
$trackback_ip = $_SERVER['REMOTE_ADDR'];
$trackback_time = time();
$trackback_excerpthash = md5($trackback_excerpt);
// Clean body
$trackback_excerpt = str_replace("\r\n", "<br />", cleanHTML(censor(htmlspecialchars_decode($trackback_excerpt)), $setting['setting_comment_html']));
// Trackbacks not allowed
if (!$user->level_info['level_blog_trackbacks_allow']) {
$is_error = 1500013;
}
// No ID specified
if (!$trackback_eid) {
$is_error = 1500008;
}
// Trackback URL is empty
if (!$trackback_url) {
$is_error = 1500009;
}
// Get entry info. TODO: switch to SELECT NULL?
if (!$is_error) {
$sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogentries\r\n WHERE\r\n se_blogentries.blogentry_id='{$trackback_eid}'\r\n LIMIT\r\n 1\r\n ";
$resource = $database->database_query($sql);
// Entry not found
if (!$database->database_num_rows($resource)) {
$is_error = 1500010;
}
}
// See if trackback has already been received
if (!$is_error) {
$sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogtrackbacks\r\n WHERE\r\n blogtrackback_blogentry_id='{$trackback_eid}' &&\r\n blogtrackback_name='{$trackback_bname}' &&\r\n blogtrackback_excerpthash='{$trackback_excerpthash}'\r\n LIMIT\r\n 1\r\n ";
$resource = $database->database_query($sql);
// Already tracked
if ($database->database_num_rows($resource)) {
$is_error = 1500011;
}
}
// Only 1/15 seconds
if (!$is_error) {
$trackback_timeout = 15;
$sql = "\r\n SELECT\r\n NULL\r\n FROM\r\n se_blogtrackbacks\r\n WHERE\r\n blogtrackback_ip='{$trackback_ip}' &&\r\n blogtrackback_date>" . ($trackback_time - $trackback_timeout) . "\r\n LIMIT\r\n 1\r\n ";
$resource = $database->database_query($sql);
if ($database->database_num_rows($resource)) {
$is_error = 1500012;
}
}
// TODO: antispam
// INSERT
if (!$is_error) {
$sql = "\r\n INSERT INTO se_blogtrackbacks\r\n (\r\n blogtrackback_blogentry_id,\r\n blogtrackback_name,\r\n blogtrackback_title,\r\n blogtrackback_excerpt,\r\n blogtrackback_excerpthash,\r\n blogtrackback_url,\r\n blogtrackback_ip,\r\n blogtrackback_date\r\n ) VALUES (\r\n '{$trackback_eid}',\r\n '{$trackback_bname}',\r\n '{$trackback_title}',\r\n '{$trackback_excerpt}',\r\n '{$trackback_excerpthash}',\r\n '{$trackback_url}',\r\n '{$trackback_ip}',\r\n '{$trackback_time}'\r\n )\r\n ";
$resource = $database->database_query($sql);
if (!$database->database_affected_rows($resource)) {
$is_error = 1500013;
}
// UPDATE TRACKBACK COUNT
$sql = "UPDATE se_blogentries SET blogentry_totaltrackbacks=blogentry_totaltrackbacks+1 WHERE blogentry_id='{$trackback_eid}' LIMIT 1";
$database->database_query($sql);
}
// LOG
if (empty($blogentry_url) && !empty($_SERVER['HTTP_REFERER'])) {
$blogentry_url = $_SERVER['HTTP_REFERER'];
}
if (empty($blogentry_url) && !empty($_SERVER['REMOTE_ADDR'])) {
$blogentry_url = $_SERVER['REMOTE_ADDR'];
}
$sql = "\r\n INSERT INTO se_blogpings\r\n (\r\n blogping_blogentry_id,\r\n blogping_target_url,\r\n blogping_source_url,\r\n blogping_status,\r\n blogping_type,\r\n blogping_ip\r\n ) VALUES (\r\n '{$trackback_eid}',\r\n '" . $database->database_real_escape_string($_SERVER['REQUEST_URI']) . "',\r\n '" . $database->database_real_escape_string($blogentry_url) . "',\r\n '1',\r\n '2',\r\n '{$_SERVER['REMOTE_ADDR']}'\r\n )\r\n ";
$resource = $database->database_query($sql);
// GET ERROR MESSAGE
SE_Language::_preload($is_error ? $is_error : 1500014);
SE_Language::load();
$message = SE_Language::_get($is_error ? $is_error : 1500014);
return $trackback->recieve(!$is_error, $message);
}
