Пример #1
0
/**
 * Handles a comment submission
 *
 * @copyright Vincent Furia 2005
 * @author Vincent Furia, vinny01 AT users DOT sourceforge DOT net
 * @return string HTML (possibly a refresh)
 */
function handleCancel()
{
    global $_CONF;
    $display = '';
    $type = COM_applyFilter($_POST['type']);
    $sid = COM_applyFilter($_POST['sid']);
    switch ($type) {
        case 'article':
            $display = COM_refresh(COM_buildUrl($_CONF['site_url'] . "/article.php?story={$sid}"));
            break;
        default:
            // assume plugin
            // Need a way to go back to initial page for plugins.
            $url = PLG_getItemInfo($type, $sid, 'url');
            if ($url == '') {
                // Then plugin doesn't support PLG_getItemInfo
                $url = $_CONF['site_url'] . '/index.php';
            }
            $display = COM_refresh($url);
            break;
    }
    return $display;
}
Пример #2
0
/**
* Send a notification email when a new trackback comment has been posted
*
* @param    int     $cid    ID of the trackback comment
* @param    string  $what   type of notification: 'trackback' or 'pingback'
* @return   void
*
*/
function TRB_sendNotificationEmail($cid, $what = 'trackback')
{
    global $_CONF, $_TABLES, $LANG03, $LANG08, $LANG09, $LANG29, $LANG_TRB;
    $cid = DB_escapeString($cid);
    $result = DB_query("SELECT sid,type,title,excerpt,url,blog,ipaddress FROM {$_TABLES['trackback']} WHERE (cid = '{$cid}')");
    $A = DB_fetchArray($result);
    $type = $A['type'];
    $id = $A['sid'];
    $mailbody = '';
    if (!empty($A['title'])) {
        $mailbody .= $LANG03[16] . ': ' . $A['title'] . "\n";
    }
    $mailbody .= $LANG_TRB['blog_name'] . ': ';
    if (!empty($A['blog'])) {
        $mailbody .= $A['blog'] . ' ';
    }
    $mailbody .= '(' . $A['ipaddress'] . ")\n";
    $mailbody .= $LANG29[12] . ': ' . $A['url'] . "\n";
    if ($type != 'article') {
        $mailbody .= $LANG09[5] . ': ' . $type . "\n";
    }
    if (!empty($A['excerpt'])) {
        // the excerpt is max. 255 characters long anyway, so we add it
        // in its entirety
        $mailbody .= $A['excerpt'] . "\n\n";
    }
    // assume that plugins follow the convention and have a 'trackback' anchor
    $trackbackurl = PLG_getItemInfo($type, $id, 'url') . '#trackback';
    $mailbody .= $LANG08[33] . ' <' . $trackbackurl . ">\n\n";
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    if ($what == 'pingback') {
        $mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['pingback'];
    } else {
        $mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['trackback'];
    }
    COM_mail($_CONF['site_mail'], $mailsubject, $mailbody);
}
Пример #3
0
/**
 * used for the lists of submissions and draft stories in admin/moderation.php
 *
 * @param  string $fieldName
 * @param  string $fieldValue
 * @param  array  $A
 * @param  array  $icon_arr
 * @return string
 */
function ADMIN_getListField_moderation($fieldName, $fieldValue, $A, $icon_arr)
{
    global $_CONF, $_TABLES, $LANG_ADMIN;
    $type = '';
    if (isset($A['_moderation_type'])) {
        $type = $A['_moderation_type'];
    }
    switch ($fieldName) {
        case 'edit':
            $retval = COM_createLink($icon_arr['edit'], $A['edit']);
            break;
        case 'delete':
            $retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">";
            break;
        case 'approve':
            $retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">" . "<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">";
            break;
        case 'day':
            $retval = strftime($_CONF['daytime'], $A['day']);
            break;
        case 'tid':
            $retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$A['tid']}'");
            break;
        case 'uid':
            $name = '';
            if ($A['uid'] == 1) {
                $name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'")));
            }
            if (empty($name)) {
                $name = COM_getDisplayName($A['uid']);
            }
            if ($A['uid'] == 1) {
                $retval = $name;
            } else {
                $retval = COM_createLink($name, $_CONF['site_url'] . '/users.php?mode=profile&amp;uid=' . $A['uid']);
            }
            break;
        case 'publishfuture':
            if (!SEC_inGroup('Comment Submitters', $A['uid']) && $A['uid'] > 1) {
                $retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">";
            } else {
                $retval = $LANG_ADMIN['na'];
            }
            break;
        default:
            if ($fieldName == 4 && ($type === 'story' || $type === 'story_draft')) {
                $retval = TOPIC_getTopicAdminColumn('article', $A[0]);
            } elseif ($fieldName == 2 && $type === 'comment') {
                $commentText = COM_getTextContent($A['comment']);
                $excerpt = htmlspecialchars(COM_truncate($commentText, 140, '...'));
                // try to provide a link to the parent item (e.g. article, poll)
                $info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url');
                if (empty($info) || empty($info[0]) || empty($info[1])) {
                    // if not available, display excerpt from the comment
                    $retval = htmlspecialchars(COM_truncate($commentText, 40, '...'));
                    if (strlen($commentText) > 40) {
                        $retval = '<span title="' . $excerpt . '">' . $retval . '</span>';
                    }
                } else {
                    $retval = COM_createLink($info[0], $info[1], array('title' => $excerpt));
                }
            } else {
                $retval = COM_makeClickableLinks(stripslashes($fieldValue));
            }
            break;
    }
    return $retval;
}
Пример #4
0
 /**
  * Create the sitemap and save it as a file
  *
  * @access  public
  * @return  boolean  TRUE = success, FALSE = otherwise
  */
 function create()
 {
     global $_CONF;
     $this->_num_entries = 0;
     $sitemap = '';
     $types = $this->getTypes();
     $what = 'url,date-modified';
     $options = array();
     if (count($types) == 0) {
         COM_errorLog(__CLASS__ . ': No content type is specified.');
         return FALSE;
     }
     foreach ($types as $type) {
         $result = PLG_getItemInfo($type, '*', $what, 1, $options);
         if (is_array($result) and count($result) > 0) {
             foreach ($result as $entry) {
                 if (isset($entry['url'])) {
                     $url = $this->_normalizeURL($entry['url']);
                     $sitemap .= '  <url>' . LB . '    <loc>' . $url . '</loc>' . LB;
                 } else {
                     /**
                      * <loc> element is mandatory for the sitemap.  So,
                      * when no url is provided, we simply have to skip
                      * the item silently.
                      */
                     continue;
                 }
                 // The items below are all optional.
                 // Frequency of change
                 $change_freq = $this->getChangeFreq($type);
                 if ($change_freq != '') {
                     $sitemap .= '    <changefreq>' . $change_freq . '</changefreq>' . LB;
                 }
                 // Time stamp
                 if (isset($entry['date-modified'])) {
                     $date = date('Y-m-d', $entry['date-modified']);
                     // Add the time part for frequently changed items
                     if (in_array($change_freq, array('always', 'hourly', 'daily'))) {
                         $timezone = $this->_getTimezoneStr();
                         if ($timezone !== FALSE) {
                             $date .= 'T' . date('H:i:s', $entry['date-modified']) . $timezone;
                         }
                     }
                     $sitemap .= '    <lastmod>' . $date . '</lastmod>' . LB;
                 }
                 // Priority
                 $priority = $this->getPriority($type);
                 if ($priority != 0.5) {
                     $sitemap .= '    <priority>' . (string) $priority . '</priority>' . LB;
                 }
                 $sitemap .= '  </url>' . LB;
                 $this->_num_entries++;
             }
         }
     }
     // Append the header and footer to the sitemap body
     if ($sitemap != '') {
         $sitemap = '<?xml version="1.0" encoding="UTF-8" ?>' . LB . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">' . LB . $sitemap . '</urlset>' . LB;
     } else {
         return TRUE;
     }
     // Check the number of items and the size of the sitemap file
     if ($this->_num_entries > 50000) {
         COM_errorLog(__CLASS__ . ': The number of items in the sitemap file must be 50,000 or smaller.');
         return FALSE;
     } else {
         if (strlen($sitemap) > 10485760) {
             COM_errorLog(__CLASS__ . ': The size of the sitemap file must be 1048,5760 bytes (= 1MB) or smaller.');
             return FALSE;
         }
     }
     // Write the sitemap into file(s)
     list($filename, $mobile_filename) = $this->getFileNames();
     if ($filename != '') {
         if (!$this->_write($filename, $sitemap)) {
             return FALSE;
         }
     }
     if ($mobile_filename != '') {
         // Modify the sitemap as Google Mobile Sitemap
         $sitemap = str_replace('<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:mobile="http://www.google.com/schemas/sitemap-mobile/1.0">', $sitemap);
         $sitemap = str_replace('  </url>', '    <mobile:mobile>' . LB . '  </url>', $sitemap);
         if (!$this->_write($mobile_filename, $sitemap)) {
             return FALSE;
         }
     }
     return TRUE;
 }
Пример #5
0
/**
* Shows any new information in a block
*
* Return the HTML that shows any new stories, comments, etc
*
* @param    string  $help     Help file for block
* @param    string  $title    Title used in block header
* @param    string  $position Position in which block is being rendered 'left', 'right' or blank (for centre)
* @return   string  Return the HTML that shows any new stories, comments, etc
*
*/
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
    global $_CONF, $_TABLES, $LANG01, $LANG_WHATSNEW, $page, $newstories;
    $retval = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position));
    $topicsql = '';
    if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $topicsql = COM_getTopicSql('AND', 0, $_TABLES['stories']);
    }
    if ($_CONF['hidenewstories'] == 0) {
        $archsql = '';
        $archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
        if (!empty($archivetid)) {
            $archsql = " AND (tid <> '" . addslashes($archivetid) . "')";
        }
        // Find the newest stories
        $sql['mssql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $sql['mysql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $sql['pgsql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (NOW() - INTERVAL '{$_CONF['newstoriesinterval']} SECOND')) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
        $result = DB_query($sql);
        $A = DB_fetchArray($result);
        $nrows = $A['count'];
        if (empty($title)) {
            $title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
        }
        // Any late breaking news stories?
        $retval .= '<h3>' . $LANG01[99] . '</h3>';
        if ($nrows > 0) {
            $newmsg = COM_formatTimeString($LANG_WHATSNEW['new_string'], $_CONF['newstoriesinterval'], $LANG01[11], $nrows);
            if ($newstories && $page < 2) {
                $retval .= $newmsg . '<br' . XHTML . '>';
            } else {
                $retval .= COM_createLink($newmsg, $_CONF['site_url'] . '/index.php?display=new') . '<br' . XHTML . '>';
            }
        } else {
            $retval .= $LANG01[100] . '<br' . XHTML . '>';
        }
        if ($_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0 || $_CONF['hidenewplugins'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['hidenewcomments'] == 0) {
        // Go get the newest comments
        $retval .= '<h3>' . $LANG01[83] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']) . '</small></h3>';
        $new_plugin_comments = array();
        $new_plugin_comments = PLG_getWhatsNewComment();
        if (!empty($new_plugin_comments)) {
            // Sort array by element lastdate newest to oldest
            foreach ($new_plugin_comments as $k => $v) {
                $b[$k] = strtolower($v['lastdate']);
            }
            arsort($b);
            foreach ($b as $key => $val) {
                $temp[] = $new_plugin_comments[$key];
            }
            $new_plugin_comments = $temp;
            $newcomments = array();
            $count = 0;
            foreach ($new_plugin_comments as $A) {
                $count .= +1;
                $url = '';
                $info = PLG_getItemInfo($A['type'], $A['sid'], 'url');
                if (!empty($info)) {
                    $url = $info . '#comments';
                }
                // Check to see if url (plugin may not support PLG_getItemInfo
                if (!empty($url)) {
                    $title = COM_undoSpecialChars(stripslashes($A['title']));
                    $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                    if ($title != $titletouse) {
                        $attr = array('title' => htmlspecialchars($title));
                    } else {
                        $attr = array();
                    }
                    $acomment = str_replace('$', '&#36;', $titletouse);
                    $acomment = str_replace(' ', '&nbsp;', $acomment);
                    if ($A['dups'] > 1) {
                        $acomment .= ' [+' . $A['dups'] . ']';
                    }
                    $newcomments[] = COM_createLink($acomment, $url, $attr);
                    if ($count == 15) {
                        break;
                    }
                }
            }
            $retval .= COM_makeList($newcomments, 'list-new-comments');
        } else {
            $retval .= $LANG01[86] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $retval .= '<h3>' . $LANG01[114] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']) . '</small></h3>';
        $sql['mssql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $sql['mysql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $sql['pgsql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (NOW()+ INTERVAL '{$_CONF['newtrackbackinterval']} SECOND'))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
        $result = DB_query($sql);
        $nrows = DB_numRows($result);
        if ($nrows > 0) {
            $newcomments = array();
            for ($i = 0; $i < $nrows; $i++) {
                $A = DB_fetchArray($result);
                $url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
                $title = COM_undoSpecialChars(stripslashes($A['title']));
                $titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                if ($title != $titletouse) {
                    $attr = array('title' => htmlspecialchars($title));
                } else {
                    $attr = array();
                }
                $acomment = str_replace('$', '&#36;', $titletouse);
                $acomment = str_replace(' ', '&nbsp;', $acomment);
                if ($A['count'] > 1) {
                    $acomment .= ' [+' . $A['count'] . ']';
                }
                $newcomments[] = COM_createLink($acomment, $url, $attr);
            }
            $retval .= COM_makeList($newcomments, 'list-new-trackbacks');
        } else {
            $retval .= $LANG01[115] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0) {
            $retval .= '<br' . XHTML . '>';
        }
    }
    if ($_CONF['hidenewplugins'] == 0) {
        list($headlines, $smallheadlines, $content) = PLG_getWhatsNew();
        $plugins = count($headlines);
        if ($plugins > 0) {
            for ($i = 0; $i < $plugins; $i++) {
                $retval .= '<h3>' . $headlines[$i] . ' <small>' . $smallheadlines[$i] . '</small></h3>';
                if (is_array($content[$i])) {
                    $retval .= COM_makeList($content[$i], 'list-new-plugins');
                } else {
                    $retval .= $content[$i];
                }
                if ($i + 1 < $plugins) {
                    $retval .= '<br' . XHTML . '>';
                }
            }
        }
    }
    $retval .= COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position));
    return $retval;
}
Пример #6
0
/**
* Ping weblog directory services
*
* @param    string  $type   type of entry we're advertising ('article' = story)
* @param    string  $id     ID of that entry
* @return   string          result of the pings
*
*/
function sendPings($type, $id)
{
    global $_CONF, $_TABLES, $LANG_TRB;
    $retval = '';
    list($itemurl, $feedurl) = PLG_getItemInfo($type, $id, 'url,feed');
    $template = COM_newTemplate($_CONF['path_layout'] . 'admin/trackback');
    $template->set_file(array('list' => 'pinglist.thtml', 'item' => 'pingitem.thtml'));
    $template->set_var('lang_resend', $LANG_TRB['resend']);
    $template->set_var('lang_results', $LANG_TRB['ping_results']);
    $result = DB_query("SELECT ping_url,method,name,site_url FROM {$_TABLES['pingservice']} WHERE is_enabled = 1");
    $services = DB_numRows($result);
    if ($services > 0) {
        for ($i = 0; $i < $services; $i++) {
            $A = DB_fetchArray($result);
            $resend = '';
            if ($A['method'] == 'weblogUpdates.ping') {
                $pinged = PNB_sendPing($A['ping_url'], $_CONF['site_name'], $_CONF['site_url'], $itemurl);
            } else {
                if ($A['method'] == 'weblogUpdates.extendedPing') {
                    $pinged = PNB_sendExtendedPing($A['ping_url'], $_CONF['site_name'], $_CONF['site_url'], $itemurl, $feedurl);
                } else {
                    $pinged = $LANG_TRB['unknown_method'] . ': ' . $A['method'];
                }
            }
            if (empty($pinged)) {
                $pinged = '<b>' . $LANG_TRB['ping_success'] . '</b>';
            } else {
                $pinged = '<span class="warningsmall">' . $pinged . '</span>';
            }
            $template->set_var('service_name', $A['name']);
            $template->set_var('service_url', $A['site_url']);
            $template->set_var('service_ping_url', $A['ping_url']);
            $template->set_var('ping_result', $pinged);
            $template->set_var('resend', $resend);
            $template->set_var('alternate_row', ($i + 1) % 2 == 0 ? 'row-even' : 'row-odd');
            $template->set_var('cssid', $i % 2 + 1);
            $template->parse('ping_results', 'item', true);
        }
    } else {
        $template->set_var('ping_results', '<tr><td colspan="2">' . $LANG_TRB['no_services'] . '</td></tr>');
    }
    $template->set_var('gltoken_name', CSRF_TOKEN);
    $template->set_var('gltoken', SEC_createToken());
    $template->parse('output', 'list');
    $retval .= $template->finish($template->get_var('output'));
    return $retval;
}
Пример #7
0
    case 'msg':
        if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'id') == $_CONTACT_CONF['contact_page']) {
            $display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'excerpt');
        }
        $display .= '<div id="contactform" class="contactform">' . CONTACT_message($_GET['msg']) . '</div>';
        if ($_CONTACT_CONF['contact_page_footer'] != '') {
            if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'id') == $_CONTACT_CONF['contact_page_footer']) {
                $display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'excerpt');
            }
        }
        break;
    default:
        if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'id') == $_CONTACT_CONF['contact_page']) {
            $display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'excerpt');
        }
        if ($_CONTACT_CONF['use_contact_form'] == 1) {
            $display .= CONTACT_contactform($uid, true, $subject);
        }
        if ($_CONTACT_CONF['contact_page_footer'] != '') {
            if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'id') == $_CONTACT_CONF['contact_page_footer']) {
                $display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'excerpt');
            }
        }
        break;
}
if (!defined("CONTACT_TITLE")) {
    define("CONTACT_TITLE", $LANG_CONTACT_1['plugin_name']);
}
$information = array('what' => CONTACT_MENU, 'pagetitle' => CONTACT_TITLE, 'breadcrumbs' => '', 'headercode' => '', 'rightblock' => CONTACT_FOOTER);
$display = COM_createHTMLDocument($display, $information);
COM_output($display);
Пример #8
0
/**
 * Handles comment processing
 *
 * @param    string   $mode    Mode of comment processing
 * @param    string   $type    Type of item (article, polls, etc.)
 * @param    string   $title   Title of item
 * @param    string   $sid     ID for item to show comments for
 * @param    string   $format  'threaded', 'nested', or 'flat'
 * @return   string            HTML formated
 */
function CMT_handleComment($mode = '', $type = '', $title = '', $sid = '', $format = '')
{
    global $_CONF, $_TABLES, $_USER, $LANG03, $LANG_ADMIN, $topic, $_PLUGINS;
    $commentmode = '';
    if (!empty($_REQUEST[CMT_MODE])) {
        $commentmode = COM_applyFilter($_REQUEST[CMT_MODE]);
    }
    if (empty($mode)) {
        $mode = COM_applyFilter(COM_getArgument(CMT_MODE));
    }
    if (empty($commentmode) && !empty($mode)) {
        $commentmode = $mode;
    }
    if (empty($sid) && !empty($_REQUEST[CMT_SID])) {
        $sid = COM_applyFilter($_REQUEST[CMT_SID]);
    }
    $pid = 0;
    if (!empty($_REQUEST[CMT_PID])) {
        $pid = COM_applyFilter($_REQUEST[CMT_PID], true);
    }
    if (empty($type) && !empty($_REQUEST[CMT_TYPE])) {
        $type = COM_applyFilter($_REQUEST[CMT_TYPE]);
    }
    if (!empty($_REQUEST['title'])) {
        $title = $_REQUEST['title'];
        // apply filters later in CMT_commentForm or CMT_saveComment
    }
    if (!empty($_REQUEST[CMT_UID])) {
        $uid = COM_applyFilter($_REQUEST[CMT_UID]);
    } else {
        $uid = 1;
        if (!empty($_USER['uid'])) {
            $uid = $_USER['uid'];
        }
    }
    $postmode = $_CONF['postmode'];
    if (isset($_REQUEST['postmode'])) {
        $postmode = COM_applyFilter($_REQUEST['postmode']);
    }
    $formtype = '';
    if (!empty($_REQUEST['formtype'])) {
        $formtype = COM_applyFilter($_REQUEST['formtype']);
    }
    // Get comment id, may not be there...will handle in function
    $cid = 0;
    if (isset($_REQUEST[CMT_CID])) {
        $cid = COM_applyFilter($_REQUEST[CMT_CID], true);
    }
    TOPIC_getTopic('comment', $cid);
    if (empty($format) && isset($_REQUEST['format'])) {
        $format = COM_applyFilter($_REQUEST['format']);
    }
    if (!in_array($format, array('threaded', 'nested', 'flat', 'nocomment'))) {
        if (COM_isAnonUser()) {
            $format = $_CONF['comment_mode'];
        } else {
            $format = DB_getItem($_TABLES['usercomment'], 'commentmode', "uid = {$_USER['uid']}");
        }
    }
    $order = '';
    if (isset($_REQUEST['order'])) {
        $order = COM_applyFilter($_REQUEST['order']);
    }
    $cpage = 1;
    if (!empty($_REQUEST['cpage'])) {
        $cpage = COM_applyFilter($_REQUEST['cpage'], true);
        if (empty($cpage)) {
            $cpage = 1;
        }
    }
    $is_comment_page = CMT_isCommentPage();
    $retval = '';
    if ($_CONF['show_comments_at_replying'] && $is_comment_page && !empty($sid) && !empty($type) && in_array($commentmode, array('', $LANG03[28], $LANG03[34], $LANG03[14], 'edit'))) {
        if ($commentmode == 'edit') {
            $cid = 0;
            if (isset($_REQUEST[CMT_CID])) {
                $cid = COM_applyFilter($_REQUEST[CMT_CID], true);
            }
            if ($cid <= 0) {
                COM_errorLog("CMT_handleComment(): {$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to edit a comment with one or more missing/bad values.');
                return COM_refresh($_CONF['site_url'] . '/index.php');
            }
            $pid = $cid;
        }
        if ($pid > 0 && empty($title)) {
            $atype = DB_escapeString($type);
            $title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')");
        }
        if (empty($title)) {
            $title = PLG_getItemInfo($type, $sid, 'title');
            $title = str_replace('$', '&#36;', $title);
            // CMT_userComments expects non-htmlspecial chars for title...
            $title = str_replace('&amp;', '&', $title);
            $title = str_replace('&quot;', '"', $title);
            $title = str_replace('&lt;', '<', $title);
            $title = str_replace('&gt;', '>', $title);
        }
        $retval .= CMT_userComments($sid, $title, $type, $order, $format, $pid, $cpage, $pid > 0, false, 0);
    }
    switch ($commentmode) {
        case $LANG03[28]:
            // Preview Changes (for edit)
        // Preview Changes (for edit)
        case $LANG03[34]:
            // Preview Submission changes (for edit)
        // Preview Submission changes (for edit)
        case $LANG03[14]:
            // Preview
            $retval .= CMT_commentForm($title, $_POST['comment'], $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage);
            if ($is_comment_page) {
                $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[14]));
            }
            break;
        case $LANG03[35]:
            // Submit Changes to Moderation table
        // Submit Changes to Moderation table
        case $LANG03[29]:
            // Submit Changes
            if (SEC_checkToken()) {
                $retval .= CMT_handleEditSubmit($commentmode);
            } else {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
                exit;
            }
            break;
        case $LANG03[11]:
            // Submit comment
            $retval .= CMT_handleSubmit($title, $sid, $pid, $type, $postmode, $uid);
            break;
        case $LANG_ADMIN['delete']:
        case 'delete':
            // Delete comment
            if (SEC_checkToken()) {
                $retval .= CMT_handleDelete($sid, $type, $formtype);
            } else {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
                exit;
            }
            break;
        case 'view':
            // View comment by $cid
            $retval .= CMT_handleView($format, $order, $cpage, true);
            break;
        case 'display':
            // View comment by $pid
            $retval .= CMT_handleView($format, $order, $cpage, false);
            break;
        case 'report':
            if ($is_comment_page) {
                $cid = 0;
                if (isset($_GET[CMT_CID])) {
                    $cid = COM_applyFilter($_GET[CMT_CID], true);
                }
                $type = '';
                if (isset($_GET[CMT_TYPE])) {
                    $type = COM_applyFilter($_GET[CMT_TYPE]);
                }
                if ($cid <= 0 || empty($type)) {
                    echo COM_refresh($_CONF['site_url'] . '/index.php');
                    exit;
                }
                $retval .= CMT_reportAbusiveComment($cid, $type);
                $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[27]));
            }
            break;
        case 'sendreport':
            if (SEC_checkToken()) {
                $cid = 0;
                if (isset($_POST[CMT_CID])) {
                    $cid = COM_applyFilter($_POST[CMT_CID], true);
                }
                $type = '';
                if (isset($_POST[CMT_TYPE])) {
                    $type = COM_applyFilter($_POST[CMT_TYPE]);
                }
                if ($cid <= 0 || empty($type)) {
                    echo COM_refresh($_CONF['site_url'] . '/index.php');
                    exit;
                }
                $retval .= CMT_sendReport($cid, $type);
            } else {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
                exit;
            }
            break;
        case 'editsubmission':
            if (!SEC_hasRights('comment.moderate')) {
                echo COM_refresh($_CONF['site_url'] . '/index.php');
                exit;
            }
            // deliberate fall-through
        // deliberate fall-through
        case 'edit':
            $retval .= CMT_handleEdit($commentmode, $postmode, $format, $order, $cpage);
            if ($is_comment_page) {
                $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1]));
            }
            break;
        case 'unsubscribe':
            $cid = 0;
            $key = COM_applyFilter($_GET['key']);
            if (!empty($key)) {
                $key = DB_escapeString($key);
                $cid = DB_getItem($_TABLES['commentnotifications'], 'cid', "deletehash = '{$key}'");
                if (!empty($cid)) {
                    $redirecturl = $_CONF['site_url'] . '/comment.php?mode=view&amp;cid=' . $cid . '&amp;format=nested&amp;msg=16';
                    DB_delete($_TABLES['commentnotifications'], 'deletehash', $key, $redirecturl);
                    exit;
                }
            }
            echo COM_refresh($_CONF['site_url'] . '/index.php');
            exit;
            break;
        case $LANG_ADMIN['cancel']:
            if ($formtype == 'editsubmission') {
                echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
                exit;
            } else {
                $retval .= CMT_handleCancel();
                // moved to function for readibility
            }
            break;
        default:
            // New Comment or Reply Comment
            $abort = false;
            // Check to make sure comment type exists
            if ($type != 'article' && !in_array($type, $_PLUGINS)) {
                $abort = true;
            }
            // Check article permissions
            if (!$abort && $type == 'article' && !empty($sid)) {
                $dbTitle = DB_getItem($_TABLES['stories'], 'title', "(sid = '{$sid}') AND (draft_flag = 0) AND (date <= NOW()) AND (commentcode = 0)" . COM_getPermSQL('AND'));
                // if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid) < 2) { // Make sure have at least read access to topics to post comment
                if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid, $topic) < 2) {
                    // Make sure have at least read access to current topic of article to post comment
                    // no permissions, or no story of that title
                    $abort = true;
                }
            }
            if (!$abort && !empty($sid) && !empty($type)) {
                if ($pid > 0 && empty($title)) {
                    $atype = DB_escapeString($type);
                    $title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')");
                }
                if (empty($title)) {
                    $title = PLG_getItemInfo($type, $sid, 'title');
                    // Check title, if for some reason blank assume no access allowed to plugin item (therefore cannot add comment) so return to homepage
                    if (is_array($title) || empty($title) || $title == false) {
                        echo COM_refresh($_CONF['site_url'] . '/index.php');
                        exit;
                    }
                    $title = str_replace('$', '&#36;', $title);
                    // CMT_commentForm expects non-htmlspecial chars for title...
                    $title = str_replace('&amp;', '&', $title);
                    $title = str_replace('&quot;', '"', $title);
                    $title = str_replace('&lt;', '<', $title);
                    $title = str_replace('&gt;', '>', $title);
                }
                $retval .= CMT_commentForm($title, '', $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage);
            } else {
                if (COMMENT_ON_SAME_PAGE) {
                    // Do nothing and do not show comment form (happens most likely when admin viewing draft article)
                } else {
                    // For comments not displayed on same page (probably owner pushed the post comment button on a draft article)
                    echo COM_refresh($_CONF['site_url'] . '/index.php');
                    exit;
                }
            }
            if ($is_comment_page) {
                $noindex = '<meta name="robots" content="noindex"' . XHTML . '>';
                $retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1], 'headercode' => $noindex));
            }
            break;
    }
    return $retval;
}
Пример #9
0
 /**
  * Create the sitemap and save it as a file
  *
  * @return  boolean  true = success, false = otherwise
  */
 public function create()
 {
     global $_XMLSMAP_CONF;
     $this->num_entries = 0;
     $sitemap = '';
     $types = $this->getTypes();
     $what = 'url,date-modified';
     $uid = 1;
     // anonymous user
     $limit = 0;
     // the max number of items to be returned (0 = no limit)
     $options = array();
     if (count($types) === 0) {
         COM_errorLog(__METHOD__ . ': No content type is specified.');
         return false;
     }
     foreach ($types as $type) {
         $result = array();
         if (is_callable('PLG_collectSitemapItems')) {
             // New API since GL-2.1.1
             $result = PLG_collectSitemapItems($type, $uid, $limit);
         }
         if (!is_array($result) || count($result) === 0) {
             $result = PLG_getItemInfo($type, '*', $what, $uid, $options);
         }
         if (is_array($result) && count($result) > 0) {
             foreach ($result as $entry) {
                 if (isset($entry['url'])) {
                     $url = $this->normalizeURL($entry['url']);
                     $sitemap .= '  <url>' . self::LB . '    <loc>' . $url . '</loc>' . self::LB;
                 } else {
                     /**
                      * <loc> element is mandatory for the sitemap.  So,
                      * when no url is provided, we simply have to skip
                      * the item silently.
                      */
                     continue;
                 }
                 // The items below are all optional.
                 // Frequency of change
                 $change_freq = isset($entry['change-freq']) ? $entry['change-freq'] : $this->getChangeFreq($type);
                 if ($change_freq != '') {
                     $sitemap .= '    <changefreq>' . $change_freq . '</changefreq>' . self::LB;
                 }
                 // Time stamp
                 if (isset($entry['date-modified'])) {
                     $date = date('Y-m-d', $entry['date-modified']);
                     // Add the time part for frequently changed items
                     if (in_array($change_freq, array('always', 'hourly', 'daily'))) {
                         $timezone = $this->getTimezoneStr();
                         if ($timezone !== false) {
                             $date .= 'T' . date('H:i:s', $entry['date-modified']) . $timezone;
                         }
                     }
                     if (in_array($type, $_XMLSMAP_CONF['lastmod'])) {
                         $sitemap .= '    <lastmod>' . $date . '</lastmod>' . self::LB;
                     }
                 }
                 // Priority
                 $priority = isset($entry['priority']) ? $entry['priority'] : $this->getPriority($type);
                 if ($priority != 0.5) {
                     $sitemap .= '    <priority>' . (string) $priority . '</priority>' . self::LB;
                 }
                 $sitemap .= '  </url>' . self::LB;
                 $this->num_entries++;
             }
         }
     }
     // Append the header and footer to the sitemap body
     if ($sitemap != '') {
         $sitemap = '<?xml version="1.0" encoding="UTF-8" ?>' . self::LB . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">' . self::LB . $sitemap . '</urlset>' . self::LB;
     } else {
         return true;
     }
     // Check the number of items and the size of the sitemap file
     if ($this->num_entries > self::MAX_NUM_ENTRIES) {
         COM_errorLog(__METHOD__ . ': The number of items in the sitemap file must be ' . self::MAX_NUM_ENTRIES . ' or smaller.');
         return false;
     } else {
         if (strlen($sitemap) > self::MAX_FILE_SIZE) {
             COM_errorLog(__METHOD__ . ': The size of the sitemap file must be ' . self::MAX_FILE_SIZE . ' bytes or smaller.');
             return false;
         }
     }
     // Write the sitemap into file(s)
     list($filename, $mobile_filename) = $this->getFileNames();
     if ($filename != '') {
         if (!$this->write($filename, $sitemap)) {
             return false;
         }
     }
     if ($mobile_filename != '') {
         // Modify the sitemap as Google Mobile Sitemap
         $sitemap = str_replace('<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:mobile="http://www.google.com/schemas/sitemap-mobile/1.0">', $sitemap);
         $sitemap = str_replace('  </url>', '    <mobile:mobile />' . self::LB . '  </url>', $sitemap);
         if (!$this->write($mobile_filename, $sitemap)) {
             return false;
         }
     }
     return true;
 }
Пример #10
0
function handleSubscribe($sid, $type)
{
    global $_CONF, $_TABLES, $_USER;
    $dirty_referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $_CONF['site_url'];
    if ($dirty_referer == '') {
        $dirty_referer = $_CONF['site_url'];
    }
    $referer = COM_sanitizeUrl($dirty_referer);
    $sLength = strlen($_CONF['site_url']);
    if (substr($referer, 0, $sLength) != $_CONF['site_url']) {
        $referer = $_CONF['site_url'];
    }
    $hasargs = strstr($referer, '?');
    if ($hasargs) {
        $sep = '&amp;';
    } else {
        $sep = '?';
    }
    if (COM_isAnonUser()) {
        echo COM_refresh($referer . $sep . 'msg=518');
        exit;
    }
    $uid = $_USER['uid'];
    $itemInfo = PLG_getItemInfo($type, $sid, 'url,title');
    if (isset($itemInfo['title'])) {
        $id_desc = $itemInfo['title'];
    } else {
        $id_desc = 'not defined';
    }
    $rc = PLG_subscribe('comment', $type, $sid, $uid, $type, $id_desc);
    if ($rc === false) {
        echo COM_refresh($referer . $sep . 'msg=519' . '#comments');
        exit;
    }
    echo COM_refresh($referer . $sep . 'msg=520' . '#comments');
    exit;
}
Пример #11
0
/**
 * Save a comment
 *
 * @author   Vincent Furia, vinny01 AT users DOT sourceforge DOT net
 * @param    string      $title      Title of comment
 * @param    string      $comment    Text of comment
 * @param    string      $sid        ID of object receiving comment
 * @param    int         $pid        ID of parent comment
 * @param    string      $type       Type of comment this is (article, polls, etc)
 * @param    string      $postmode   Indicates if text is HTML or plain text
 * @return   int         0 for success, > 0 indicates error
 *
 */
function CMT_saveComment($title, $comment, $sid, $pid, $type, $postmode)
{
    global $_CONF, $_TABLES, $_USER, $LANG03;
    $ret = 0;
    // Get a valid uid
    if (empty($_USER['uid'])) {
        $uid = 1;
    } else {
        $uid = $_USER['uid'];
    }
    // Sanity check
    if (empty($sid) || empty($title) || empty($comment) || empty($type)) {
        COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment with one or more missing values.');
        if (SESS_isSet('glfusion.commentpresave.error')) {
            $msg = SESS_getVar('glfusion.commentpresave.error') . '<br/>' . $LANG03[12];
        } else {
            $msg = $LANG03[12];
        }
        SESS_setVar('glfusion.commentpresave.error', $msg);
        return $ret = 1;
    }
    // Check that anonymous comments are allowed
    if ($uid == 1 && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
        COM_errorLog("CMT_saveComment: IP address {$_SERVER['REMOTE_ADDR']} " . 'attempted to save a comment with anonymous comments disabled for site.');
        return $ret = 2;
    }
    // Check for people breaking the speed limit
    COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
    $last = COM_checkSpeedlimit('comment');
    if ($last > 0) {
        COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment before the speed limit expired');
        return $ret = 3;
    }
    // Let plugins have a chance to check for spam
    $spamcheck = '<h1>' . $title . '</h1><p>' . $comment . '</p>';
    $result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
    // Now check the result and display message if spam action was taken
    if ($result > 0) {
        // update speed limit nonetheless
        COM_updateSpeedlimit('comment');
        // then tell them to get lost ...
        COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
    }
    // Let plugins have a chance to decide what to do before saving the comment, return errors.
    if ($someError = PLG_commentPreSave($uid, $title, $comment, $sid, $pid, $type, $postmode)) {
        return $someError;
    }
    $title = COM_checkWords(strip_tags($title));
    $comment = CMT_prepareText($comment, $postmode);
    // check for non-int pid's
    // this should just create a top level comment that is a reply to the original item
    if (!is_numeric($pid) || $pid < 0) {
        $pid = 0;
    }
    if (!empty($title) && !empty($comment)) {
        COM_updateSpeedlimit('comment');
        $title = DB_escapeString($title);
        $comment = DB_escapeString($comment);
        $type = DB_escapeString($type);
        // Insert the comment into the comment table
        DB_lockTable($_TABLES['comments']);
        if ($pid > 0) {
            $result = DB_query("SELECT rht, indent FROM {$_TABLES['comments']} WHERE cid = " . (int) $pid . " AND sid = '" . DB_escapeString($sid) . "'");
            list($rht, $indent) = DB_fetchArray($result);
            if (!DB_error()) {
                DB_query("UPDATE {$_TABLES['comments']} SET lft = lft + 2 " . "WHERE sid = '" . DB_escapeString($sid) . "' AND type = '{$type}' AND lft >= {$rht}");
                DB_query("UPDATE {$_TABLES['comments']} SET rht = rht + 2 " . "WHERE sid = '" . DB_escapeString($sid) . "' AND type = '{$type}' AND rht >= {$rht}");
                DB_save($_TABLES['comments'], 'sid,uid,comment,date,title,pid,lft,rht,indent,type,ipaddress', "'" . DB_escapeString($sid) . "',{$uid},'{$comment}',now(),'{$title}'," . (int) $pid . ",{$rht},{$rht}+1,{$indent}+1,'{$type}','" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "'");
            } else {
                //replying to non-existent comment or comment in wrong article
                COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to reply to a non-existent comment or the pid/sid did not match');
                $ret = 4;
                // Cannot return here, tables locked!
            }
        } else {
            $rht = DB_getItem($_TABLES['comments'], 'MAX(rht)', "sid = '" . DB_escapeString($sid) . "'");
            if (DB_error()) {
                $rht = 0;
            }
            DB_save($_TABLES['comments'], 'sid,uid,comment,date,title,pid,lft,rht,indent,type,ipaddress', "'" . DB_escapeString($sid) . "'," . (int) $uid . ",'{$comment}',now(),'{$title}'," . (int) $pid . ",{$rht}+1,{$rht}+2,0,'{$type}','" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "'");
        }
        $cid = DB_insertId();
        //set Anonymous user name if present
        if (isset($_POST['username'])) {
            $name = strip_tags(USER_sanitizeName($_POST['username']));
            DB_change($_TABLES['comments'], 'name', DB_escapeString($name), 'cid', (int) $cid);
        }
        DB_unlockTable($_TABLES['comments']);
        CACHE_remove_instance('whatsnew');
        if ($type == 'article') {
            CACHE_remove_instance('story_' . $sid);
        }
        // check to see if user has subscribed....
        if (!COM_isAnonUser()) {
            if (isset($_POST['subscribe']) && $_POST['subscribe'] == 1) {
                $itemInfo = PLG_getItemInfo($type, $sid, 'url,title');
                if (isset($itemInfo['title'])) {
                    $id_desc = $itemInfo['title'];
                } else {
                    $id_desc = 'not defined';
                }
                $rc = PLG_subscribe('comment', $type, $sid, $uid, $type, $id_desc);
            } else {
                PLG_unsubscribe('comment', $type, $sid);
            }
        }
        // Send notification of comment if no errors and notications enabled for comments
        if ($ret == 0 && isset($_CONF['notification']) && in_array('comment', $_CONF['notification'])) {
            CMT_sendNotification($title, $comment, $uid, $_SERVER['REMOTE_ADDR'], $type, $cid);
        }
        if ($ret == 0) {
            PLG_sendSubscriptionNotification('comment', $type, $sid, $cid, $uid);
        }
    } else {
        COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment with invalid $title and/or $comment.');
        return $ret = 5;
    }
    return $ret;
}
Пример #12
0
/**
* Send a notification email when a new trackback comment has been posted
*
* @param    int     $cid    ID of the trackback comment
* @param    string  $what   type of notification: 'trackback' or 'pingback'
* @return   void
*
*/
function TRB_sendNotificationEmail($cid, $what = 'trackback')
{
    global $_CONF, $_TABLES, $LANG03, $LANG08, $LANG09, $LANG29, $LANG_TRB;
    $cid = DB_escapeString($cid);
    $result = DB_query("SELECT sid,type,title,excerpt,url,blog,ipaddress FROM {$_TABLES['trackback']} WHERE (cid = '" . DB_escapeString($cid) . "')");
    $A = DB_fetchArray($result);
    $type = $A['type'];
    $id = $A['sid'];
    $mailbody = '';
    if (!empty($A['title'])) {
        $mailbody .= $LANG03[16] . ': ' . $A['title'] . "\n";
    }
    $mailbody .= $LANG_TRB['blog_name'] . ': ';
    if (!empty($A['blog'])) {
        $mailbody .= $A['blog'] . ' ';
    }
    $mailbody .= '(' . $A['ipaddress'] . ")\n";
    $mailbody .= $LANG29[12] . ': ' . $A['url'] . "\n";
    if ($type != 'article') {
        $mailbody .= $LANG09[5] . ': ' . $type . "\n";
    }
    if (!empty($A['excerpt'])) {
        // the excerpt is max. 255 characters long anyway, so we add it
        // in its entirety
        $mailbody .= $A['excerpt'] . "\n\n";
    }
    if ($type == 'article') {
        $commenturl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $id) . '#trackback';
    } else {
        $commenturl = PLG_getItemInfo($type, $id, 'url');
    }
    $mailbody .= $LANG08[33] . ' <' . $commenturl . ">\n\n";
    $mailbody .= "\n------------------------------\n";
    $mailbody .= "\n{$LANG08['34']}\n";
    $mailbody .= "\n------------------------------\n";
    if ($what == 'pingback') {
        $mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['pingback'];
    } else {
        $mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['trackback'];
    }
    $to = array();
    $to = COM_formatEmailAddress('', $_CONF['site_mail']);
    COM_mail($to, $mailsubject, $mailbody);
}
Пример #13
0
/**
 * Shows any new information in a block
 * Return the HTML that shows any new stories, comments, etc
 *
 * @param    string $help     Help file for block
 * @param    string $title    Title used in block header
 * @param    string $position Position in which block is being rendered 'left', 'right' or blank (for centre)
 * @return   string           Return the HTML that shows any new stories, comments, etc
 */
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
    global $_CONF, $_TABLES, $LANG01, $LANG_WHATSNEW;
    if ($_CONF['whatsnew_cache_time'] > 0) {
        $cacheInstance = 'whatsnew__' . CACHE_security_hash() . '__' . $_CONF['theme'];
        $retval = CACHE_check_instance($cacheInstance);
        if ($retval) {
            $lu = CACHE_get_instance_update($cacheInstance);
            $now = time();
            if ($now - $lu < $_CONF['whatsnew_cache_time']) {
                return $retval;
            }
        }
    }
    $retval = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position));
    $topicSql = '';
    if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $topicSql = COM_getTopicSQL('AND', 0, 'ta');
    }
    if ($_CONF['hidenewstories'] == 0) {
        $where_sql = " AND ta.type = 'article' AND ta.id = sid";
        $archiveTid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
        if (!empty($archiveTid)) {
            $where_sql .= " AND (ta.tid <> '{$archiveTid}')";
        }
        // Find the newest stories
        $sql['mysql'] = "SELECT sid, title FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n            WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $where_sql . COM_getPermSQL('AND') . $topicSql . COM_getLangSQL('sid', 'AND') . "\n            GROUP BY sid, title, date ORDER BY date DESC";
        $sql['pgsql'] = "SELECT sid, title FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n            WHERE (date >= (NOW() - INTERVAL '{$_CONF['newstoriesinterval']} SECOND')) AND (date <= NOW()) AND (draft_flag = 0)" . $where_sql . COM_getPermSQL('AND') . $topicSql . COM_getLangSQL('sid', 'AND') . "\n            GROUP BY sid, title, date ORDER BY date DESC";
        $result = DB_query($sql);
        $numRows = DB_numRows($result);
        if (empty($title)) {
            $title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
        }
        // Any late breaking news stories?
        $retval .= '<h3>' . $LANG01[99] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newstoriesinterval']) . '</small></h3>';
        if ($numRows > 0) {
            $newArticles = array();
            for ($x = 0; $x < $numRows; $x++) {
                $A = DB_fetchArray($result);
                $url = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
                $title = COM_undoSpecialChars(stripslashes($A['title']));
                $titleToUse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                if ($title != $titleToUse) {
                    $attr = array('title' => htmlspecialchars($title));
                } else {
                    $attr = array();
                }
                $anchorText = str_replace('$', '&#36;', $titleToUse);
                $anchorText = str_replace(' ', '&nbsp;', $anchorText);
                $newArticles[] = COM_createLink($anchorText, $url, $attr);
            }
            $retval .= COM_makeList($newArticles, 'list-new-plugins');
        } else {
            $retval .= $LANG01[100] . '<br' . XHTML . '>' . LB;
            // No new stories
        }
        if ($_CONF['hidenewcomments'] == 0 || $_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
            $retval .= '<div class="divider-whats-new"></div>';
        }
    }
    if ($_CONF['hidenewcomments'] == 0) {
        // Go get the newest comments
        $retval .= '<h3>' . $LANG01[83] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']) . '</small></h3>';
        $new_plugin_comments = PLG_getWhatsNewComment();
        if (!empty($new_plugin_comments)) {
            // Sort array by element lastdate newest to oldest
            foreach ($new_plugin_comments as $k => $v) {
                $b[$k] = strtolower($v['lastdate']);
            }
            arsort($b);
            $temp = array();
            foreach ($b as $key => $val) {
                $temp[] = $new_plugin_comments[$key];
            }
            $new_plugin_comments = $temp;
            $newComments = array();
            $count = 0;
            foreach ($new_plugin_comments as $A) {
                $count .= +1;
                $url = '';
                $info = PLG_getItemInfo($A['type'], $A['sid'], 'url');
                if (!empty($info)) {
                    $url = $info . '#comments';
                }
                // Check to see if url (plugin may not support PLG_getItemInfo
                if (!empty($url)) {
                    $title = COM_undoSpecialChars(stripslashes($A['title']));
                    $titleToUse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                    if ($title != $titleToUse) {
                        $attr = array('title' => htmlspecialchars($title));
                    } else {
                        $attr = array();
                    }
                    $anchorComment = str_replace('$', '&#36;', $titleToUse);
                    $anchorComment = str_replace(' ', '&nbsp;', $anchorComment);
                    if ($A['dups'] > 1) {
                        $anchorComment .= ' [+' . $A['dups'] . ']';
                    }
                    $newComments[] = COM_createLink($anchorComment, $url, $attr);
                    if ($count == 15) {
                        break;
                    }
                }
            }
            $retval .= COM_makeList($newComments, 'list-new-comments');
        } else {
            $retval .= $LANG01[86] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
            $retval .= '<div class="divider-whats-new"></div>';
        }
    }
    if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
        $retval .= '<h3>' . $LANG01[114] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']) . '</small></h3>';
        $sql['mysql'] = "SELECT DISTINCT COUNT(*) AS count,s.title,t.sid,max(t.date) AS lastdate\n            FROM {$_TABLES['trackback']} AS t, {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n            WHERE ta.type = 'article' AND ta.id = s.sid AND (t.type = 'article') AND (t.sid = s.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, 's') . " AND (s.draft_flag = 0) AND (s.trackbackcode = 0)" . $topicSql . COM_getLangSQL('sid', 'AND', 's') . "\n            GROUP BY t.sid, s.title\n            ORDER BY lastdate DESC LIMIT 15";
        $sql['pgsql'] = "SELECT DISTINCT COUNT(*) AS count,s.title,t.sid,max(t.date) AS lastdate\n            FROM {$_TABLES['trackback']} AS t, {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n            WHERE ta.type = 'article' AND ta.id = s.sid AND (t.type = 'article') AND (t.sid = s.sid) AND (t.date >= (NOW()+ INTERVAL '{$_CONF['newtrackbackinterval']} SECOND'))" . COM_getPermSQL('AND', 0, 2, 's') . " AND (s.draft_flag = 0) AND (s.trackbackcode = 0)" . $topicSql . COM_getLangSQL('sid', 'AND', 's') . "\n            GROUP BY t.sid, s.title\n            ORDER BY lastdate DESC LIMIT 15";
        $result = DB_query($sql);
        $numRows = DB_numRows($result);
        if ($numRows > 0) {
            $newComments = array();
            for ($i = 0; $i < $numRows; $i++) {
                $A = DB_fetchArray($result);
                $url = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
                $title = COM_undoSpecialChars(stripslashes($A['title']));
                $titleToUse = COM_truncate($title, $_CONF['title_trim_length'], '...');
                if ($title != $titleToUse) {
                    $attr = array('title' => htmlspecialchars($title));
                } else {
                    $attr = array();
                }
                $anchorComment = str_replace('$', '&#36;', $titleToUse);
                $anchorComment = str_replace(' ', '&nbsp;', $anchorComment);
                if ($A['count'] > 1) {
                    $anchorComment .= ' [+' . $A['count'] . ']';
                }
                $newComments[] = COM_createLink($anchorComment, $url, $attr);
            }
            $retval .= COM_makeList($newComments, 'list-new-trackbacks');
        } else {
            $retval .= $LANG01[115] . '<br' . XHTML . '>' . LB;
        }
        if ($_CONF['hidenewplugins'] == 0) {
            $retval .= '<div class="divider-whats-new"></div>';
        }
    }
    if ($_CONF['hidenewplugins'] == 0) {
        list($headlines, $smallHeadlines, $content) = PLG_getWhatsNew();
        $plugins = count($headlines);
        if ($plugins > 0) {
            for ($i = 0; $i < $plugins; $i++) {
                $retval .= '<h3>' . $headlines[$i] . ' <small>' . $smallHeadlines[$i] . '</small></h3>';
                if (is_array($content[$i])) {
                    $retval .= COM_makeList($content[$i], 'list-new-plugins');
                } else {
                    $retval .= $content[$i];
                }
                if ($i + 1 < $plugins) {
                    $retval .= '<div class="divider-whats-new"></div>';
                }
            }
        }
    }
    $retval .= COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position));
    if ($_CONF['whatsnew_cache_time'] > 0) {
        CACHE_create_instance($cacheInstance, $retval);
    }
    return $retval;
}
Пример #14
0
/**
* Wrapper for STORY_getItemInfo / PLG_getItemInfo to keep things readable
*
* @param    string  $type   type of entry ('article' = story, else plugin)
* @param    string  $id     ID of that entry
* @param    string  $what   info requested
* @return   mixed           requested info, as a string or array of strings
*
*/
function TRACKBACK_getItemInfo($type, $id, $what)
{
    if ($type == 'article') {
        return STORY_getItemInfo($id, $what);
    } else {
        return PLG_getItemInfo($type, $id, $what);
    }
}