/**
* Handles a comment submission
*
* @copyright Vincent Furia 2005
* @author Vincent Furia, vinny01 AT users DOT sourceforge DOT net
* @return string HTML (possibly a refresh)
*/
function handleCancel()
{
global $_CONF;
$display = '';
$type = COM_applyFilter($_POST['type']);
$sid = COM_applyFilter($_POST['sid']);
switch ($type) {
case 'article':
$display = COM_refresh(COM_buildUrl($_CONF['site_url'] . "/article.php?story={$sid}"));
break;
default:
// assume plugin
// Need a way to go back to initial page for plugins.
$url = PLG_getItemInfo($type, $sid, 'url');
if ($url == '') {
// Then plugin doesn't support PLG_getItemInfo
$url = $_CONF['site_url'] . '/index.php';
}
$display = COM_refresh($url);
break;
}
return $display;
}
/**
* Send a notification email when a new trackback comment has been posted
*
* @param int $cid ID of the trackback comment
* @param string $what type of notification: 'trackback' or 'pingback'
* @return void
*
*/
function TRB_sendNotificationEmail($cid, $what = 'trackback')
{
global $_CONF, $_TABLES, $LANG03, $LANG08, $LANG09, $LANG29, $LANG_TRB;
$cid = DB_escapeString($cid);
$result = DB_query("SELECT sid,type,title,excerpt,url,blog,ipaddress FROM {$_TABLES['trackback']} WHERE (cid = '{$cid}')");
$A = DB_fetchArray($result);
$type = $A['type'];
$id = $A['sid'];
$mailbody = '';
if (!empty($A['title'])) {
$mailbody .= $LANG03[16] . ': ' . $A['title'] . "\n";
}
$mailbody .= $LANG_TRB['blog_name'] . ': ';
if (!empty($A['blog'])) {
$mailbody .= $A['blog'] . ' ';
}
$mailbody .= '(' . $A['ipaddress'] . ")\n";
$mailbody .= $LANG29[12] . ': ' . $A['url'] . "\n";
if ($type != 'article') {
$mailbody .= $LANG09[5] . ': ' . $type . "\n";
}
if (!empty($A['excerpt'])) {
// the excerpt is max. 255 characters long anyway, so we add it
// in its entirety
$mailbody .= $A['excerpt'] . "\n\n";
}
// assume that plugins follow the convention and have a 'trackback' anchor
$trackbackurl = PLG_getItemInfo($type, $id, 'url') . '#trackback';
$mailbody .= $LANG08[33] . ' <' . $trackbackurl . ">\n\n";
$mailbody .= "\n------------------------------\n";
$mailbody .= "\n{$LANG08['34']}\n";
$mailbody .= "\n------------------------------\n";
if ($what == 'pingback') {
$mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['pingback'];
} else {
$mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['trackback'];
}
COM_mail($_CONF['site_mail'], $mailsubject, $mailbody);
}
/**
* used for the lists of submissions and draft stories in admin/moderation.php
*
* @param string $fieldName
* @param string $fieldValue
* @param array $A
* @param array $icon_arr
* @return string
*/
function ADMIN_getListField_moderation($fieldName, $fieldValue, $A, $icon_arr)
{
global $_CONF, $_TABLES, $LANG_ADMIN;
$type = '';
if (isset($A['_moderation_type'])) {
$type = $A['_moderation_type'];
}
switch ($fieldName) {
case 'edit':
$retval = COM_createLink($icon_arr['edit'], $A['edit']);
break;
case 'delete':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"delete\"" . XHTML . ">";
break;
case 'approve':
$retval = "<input type=\"radio\" name=\"action[{$A['row']}]\" value=\"approve\"" . XHTML . ">" . "<input type=\"hidden\" name=\"id[{$A['row']}]\" value=\"{$A[0]}\"" . XHTML . ">";
break;
case 'day':
$retval = strftime($_CONF['daytime'], $A['day']);
break;
case 'tid':
$retval = DB_getItem($_TABLES['topics'], 'topic', "tid = '{$A['tid']}'");
break;
case 'uid':
$name = '';
if ($A['uid'] == 1) {
$name = htmlspecialchars(COM_stripslashes(DB_getItem($_TABLES['commentsubmissions'], 'name', "cid = '{$A['id']}'")));
}
if (empty($name)) {
$name = COM_getDisplayName($A['uid']);
}
if ($A['uid'] == 1) {
$retval = $name;
} else {
$retval = COM_createLink($name, $_CONF['site_url'] . '/users.php?mode=profile&uid=' . $A['uid']);
}
break;
case 'publishfuture':
if (!SEC_inGroup('Comment Submitters', $A['uid']) && $A['uid'] > 1) {
$retval = "<input type=\"checkbox\" name=\"publishfuture[]\" value=\"{$A['uid']}\"" . XHTML . ">";
} else {
$retval = $LANG_ADMIN['na'];
}
break;
default:
if ($fieldName == 4 && ($type === 'story' || $type === 'story_draft')) {
$retval = TOPIC_getTopicAdminColumn('article', $A[0]);
} elseif ($fieldName == 2 && $type === 'comment') {
$commentText = COM_getTextContent($A['comment']);
$excerpt = htmlspecialchars(COM_truncate($commentText, 140, '...'));
// try to provide a link to the parent item (e.g. article, poll)
$info = PLG_getItemInfo($A['type'], $A['sid'], 'title,url');
if (empty($info) || empty($info[0]) || empty($info[1])) {
// if not available, display excerpt from the comment
$retval = htmlspecialchars(COM_truncate($commentText, 40, '...'));
if (strlen($commentText) > 40) {
$retval = '<span title="' . $excerpt . '">' . $retval . '</span>';
}
} else {
$retval = COM_createLink($info[0], $info[1], array('title' => $excerpt));
}
} else {
$retval = COM_makeClickableLinks(stripslashes($fieldValue));
}
break;
}
return $retval;
}
/**
* Create the sitemap and save it as a file
*
* @access public
* @return boolean TRUE = success, FALSE = otherwise
*/
function create()
{
global $_CONF;
$this->_num_entries = 0;
$sitemap = '';
$types = $this->getTypes();
$what = 'url,date-modified';
$options = array();
if (count($types) == 0) {
COM_errorLog(__CLASS__ . ': No content type is specified.');
return FALSE;
}
foreach ($types as $type) {
$result = PLG_getItemInfo($type, '*', $what, 1, $options);
if (is_array($result) and count($result) > 0) {
foreach ($result as $entry) {
if (isset($entry['url'])) {
$url = $this->_normalizeURL($entry['url']);
$sitemap .= ' <url>' . LB . ' <loc>' . $url . '</loc>' . LB;
} else {
/**
* <loc> element is mandatory for the sitemap. So,
* when no url is provided, we simply have to skip
* the item silently.
*/
continue;
}
// The items below are all optional.
// Frequency of change
$change_freq = $this->getChangeFreq($type);
if ($change_freq != '') {
$sitemap .= ' <changefreq>' . $change_freq . '</changefreq>' . LB;
}
// Time stamp
if (isset($entry['date-modified'])) {
$date = date('Y-m-d', $entry['date-modified']);
// Add the time part for frequently changed items
if (in_array($change_freq, array('always', 'hourly', 'daily'))) {
$timezone = $this->_getTimezoneStr();
if ($timezone !== FALSE) {
$date .= 'T' . date('H:i:s', $entry['date-modified']) . $timezone;
}
}
$sitemap .= ' <lastmod>' . $date . '</lastmod>' . LB;
}
// Priority
$priority = $this->getPriority($type);
if ($priority != 0.5) {
$sitemap .= ' <priority>' . (string) $priority . '</priority>' . LB;
}
$sitemap .= ' </url>' . LB;
$this->_num_entries++;
}
}
}
// Append the header and footer to the sitemap body
if ($sitemap != '') {
$sitemap = '<?xml version="1.0" encoding="UTF-8" ?>' . LB . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">' . LB . $sitemap . '</urlset>' . LB;
} else {
return TRUE;
}
// Check the number of items and the size of the sitemap file
if ($this->_num_entries > 50000) {
COM_errorLog(__CLASS__ . ': The number of items in the sitemap file must be 50,000 or smaller.');
return FALSE;
} else {
if (strlen($sitemap) > 10485760) {
COM_errorLog(__CLASS__ . ': The size of the sitemap file must be 1048,5760 bytes (= 1MB) or smaller.');
return FALSE;
}
}
// Write the sitemap into file(s)
list($filename, $mobile_filename) = $this->getFileNames();
if ($filename != '') {
if (!$this->_write($filename, $sitemap)) {
return FALSE;
}
}
if ($mobile_filename != '') {
// Modify the sitemap as Google Mobile Sitemap
$sitemap = str_replace('<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:mobile="http://www.google.com/schemas/sitemap-mobile/1.0">', $sitemap);
$sitemap = str_replace(' </url>', ' <mobile:mobile>' . LB . ' </url>', $sitemap);
if (!$this->_write($mobile_filename, $sitemap)) {
return FALSE;
}
}
return TRUE;
}
/**
* Shows any new information in a block
*
* Return the HTML that shows any new stories, comments, etc
*
* @param string $help Help file for block
* @param string $title Title used in block header
* @param string $position Position in which block is being rendered 'left', 'right' or blank (for centre)
* @return string Return the HTML that shows any new stories, comments, etc
*
*/
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
global $_CONF, $_TABLES, $LANG01, $LANG_WHATSNEW, $page, $newstories;
$retval = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position));
$topicsql = '';
if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$topicsql = COM_getTopicSql('AND', 0, $_TABLES['stories']);
}
if ($_CONF['hidenewstories'] == 0) {
$archsql = '';
$archivetid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
if (!empty($archivetid)) {
$archsql = " AND (tid <> '" . addslashes($archivetid) . "')";
}
// Find the newest stories
$sql['mssql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
$sql['mysql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
$sql['pgsql'] = "SELECT COUNT(*) AS count FROM {$_TABLES['stories']} WHERE (date >= (NOW() - INTERVAL '{$_CONF['newstoriesinterval']} SECOND')) AND (date <= NOW()) AND (draft_flag = 0)" . $archsql . COM_getPermSQL('AND') . $topicsql . COM_getLangSQL('sid', 'AND');
$result = DB_query($sql);
$A = DB_fetchArray($result);
$nrows = $A['count'];
if (empty($title)) {
$title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
}
// Any late breaking news stories?
$retval .= '<h3>' . $LANG01[99] . '</h3>';
if ($nrows > 0) {
$newmsg = COM_formatTimeString($LANG_WHATSNEW['new_string'], $_CONF['newstoriesinterval'], $LANG01[11], $nrows);
if ($newstories && $page < 2) {
$retval .= $newmsg . '<br' . XHTML . '>';
} else {
$retval .= COM_createLink($newmsg, $_CONF['site_url'] . '/index.php?display=new') . '<br' . XHTML . '>';
}
} else {
$retval .= $LANG01[100] . '<br' . XHTML . '>';
}
if ($_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0 || $_CONF['hidenewplugins'] == 0) {
$retval .= '<br' . XHTML . '>';
}
}
if ($_CONF['hidenewcomments'] == 0) {
// Go get the newest comments
$retval .= '<h3>' . $LANG01[83] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']) . '</small></h3>';
$new_plugin_comments = array();
$new_plugin_comments = PLG_getWhatsNewComment();
if (!empty($new_plugin_comments)) {
// Sort array by element lastdate newest to oldest
foreach ($new_plugin_comments as $k => $v) {
$b[$k] = strtolower($v['lastdate']);
}
arsort($b);
foreach ($b as $key => $val) {
$temp[] = $new_plugin_comments[$key];
}
$new_plugin_comments = $temp;
$newcomments = array();
$count = 0;
foreach ($new_plugin_comments as $A) {
$count .= +1;
$url = '';
$info = PLG_getItemInfo($A['type'], $A['sid'], 'url');
if (!empty($info)) {
$url = $info . '#comments';
}
// Check to see if url (plugin may not support PLG_getItemInfo
if (!empty($url)) {
$title = COM_undoSpecialChars(stripslashes($A['title']));
$titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
if ($title != $titletouse) {
$attr = array('title' => htmlspecialchars($title));
} else {
$attr = array();
}
$acomment = str_replace('$', '$', $titletouse);
$acomment = str_replace(' ', ' ', $acomment);
if ($A['dups'] > 1) {
$acomment .= ' [+' . $A['dups'] . ']';
}
$newcomments[] = COM_createLink($acomment, $url, $attr);
if ($count == 15) {
break;
}
}
}
$retval .= COM_makeList($newcomments, 'list-new-comments');
} else {
$retval .= $LANG01[86] . '<br' . XHTML . '>' . LB;
}
if ($_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$retval .= '<br' . XHTML . '>';
}
}
if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$retval .= '<h3>' . $LANG01[114] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']) . '</small></h3>';
$sql['mssql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
$sql['mysql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
$sql['pgsql'] = "SELECT DISTINCT COUNT(*) AS count,{$_TABLES['stories']}.title,t.sid,max(t.date) AS lastdate FROM {$_TABLES['trackback']} AS t,{$_TABLES['stories']} WHERE (t.type = 'article') AND (t.sid = {$_TABLES['stories']}.sid) AND (t.date >= (NOW()+ INTERVAL '{$_CONF['newtrackbackinterval']} SECOND'))" . COM_getPermSQL('AND', 0, 2, $_TABLES['stories']) . " AND ({$_TABLES['stories']}.draft_flag = 0) AND ({$_TABLES['stories']}.trackbackcode = 0)" . $topicsql . COM_getLangSQL('sid', 'AND', $_TABLES['stories']) . " GROUP BY t.sid, {$_TABLES['stories']}.title ORDER BY lastdate DESC LIMIT 15";
$result = DB_query($sql);
$nrows = DB_numRows($result);
if ($nrows > 0) {
$newcomments = array();
for ($i = 0; $i < $nrows; $i++) {
$A = DB_fetchArray($result);
$url = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
$title = COM_undoSpecialChars(stripslashes($A['title']));
$titletouse = COM_truncate($title, $_CONF['title_trim_length'], '...');
if ($title != $titletouse) {
$attr = array('title' => htmlspecialchars($title));
} else {
$attr = array();
}
$acomment = str_replace('$', '$', $titletouse);
$acomment = str_replace(' ', ' ', $acomment);
if ($A['count'] > 1) {
$acomment .= ' [+' . $A['count'] . ']';
}
$newcomments[] = COM_createLink($acomment, $url, $attr);
}
$retval .= COM_makeList($newcomments, 'list-new-trackbacks');
} else {
$retval .= $LANG01[115] . '<br' . XHTML . '>' . LB;
}
if ($_CONF['hidenewplugins'] == 0) {
$retval .= '<br' . XHTML . '>';
}
}
if ($_CONF['hidenewplugins'] == 0) {
list($headlines, $smallheadlines, $content) = PLG_getWhatsNew();
$plugins = count($headlines);
if ($plugins > 0) {
for ($i = 0; $i < $plugins; $i++) {
$retval .= '<h3>' . $headlines[$i] . ' <small>' . $smallheadlines[$i] . '</small></h3>';
if (is_array($content[$i])) {
$retval .= COM_makeList($content[$i], 'list-new-plugins');
} else {
$retval .= $content[$i];
}
if ($i + 1 < $plugins) {
$retval .= '<br' . XHTML . '>';
}
}
}
}
$retval .= COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position));
return $retval;
}
/**
* Ping weblog directory services
*
* @param string $type type of entry we're advertising ('article' = story)
* @param string $id ID of that entry
* @return string result of the pings
*
*/
function sendPings($type, $id)
{
global $_CONF, $_TABLES, $LANG_TRB;
$retval = '';
list($itemurl, $feedurl) = PLG_getItemInfo($type, $id, 'url,feed');
$template = COM_newTemplate($_CONF['path_layout'] . 'admin/trackback');
$template->set_file(array('list' => 'pinglist.thtml', 'item' => 'pingitem.thtml'));
$template->set_var('lang_resend', $LANG_TRB['resend']);
$template->set_var('lang_results', $LANG_TRB['ping_results']);
$result = DB_query("SELECT ping_url,method,name,site_url FROM {$_TABLES['pingservice']} WHERE is_enabled = 1");
$services = DB_numRows($result);
if ($services > 0) {
for ($i = 0; $i < $services; $i++) {
$A = DB_fetchArray($result);
$resend = '';
if ($A['method'] == 'weblogUpdates.ping') {
$pinged = PNB_sendPing($A['ping_url'], $_CONF['site_name'], $_CONF['site_url'], $itemurl);
} else {
if ($A['method'] == 'weblogUpdates.extendedPing') {
$pinged = PNB_sendExtendedPing($A['ping_url'], $_CONF['site_name'], $_CONF['site_url'], $itemurl, $feedurl);
} else {
$pinged = $LANG_TRB['unknown_method'] . ': ' . $A['method'];
}
}
if (empty($pinged)) {
$pinged = '<b>' . $LANG_TRB['ping_success'] . '</b>';
} else {
$pinged = '<span class="warningsmall">' . $pinged . '</span>';
}
$template->set_var('service_name', $A['name']);
$template->set_var('service_url', $A['site_url']);
$template->set_var('service_ping_url', $A['ping_url']);
$template->set_var('ping_result', $pinged);
$template->set_var('resend', $resend);
$template->set_var('alternate_row', ($i + 1) % 2 == 0 ? 'row-even' : 'row-odd');
$template->set_var('cssid', $i % 2 + 1);
$template->parse('ping_results', 'item', true);
}
} else {
$template->set_var('ping_results', '<tr><td colspan="2">' . $LANG_TRB['no_services'] . '</td></tr>');
}
$template->set_var('gltoken_name', CSRF_TOKEN);
$template->set_var('gltoken', SEC_createToken());
$template->parse('output', 'list');
$retval .= $template->finish($template->get_var('output'));
return $retval;
}
case 'msg':
if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'id') == $_CONTACT_CONF['contact_page']) {
$display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'excerpt');
}
$display .= '<div id="contactform" class="contactform">' . CONTACT_message($_GET['msg']) . '</div>';
if ($_CONTACT_CONF['contact_page_footer'] != '') {
if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'id') == $_CONTACT_CONF['contact_page_footer']) {
$display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'excerpt');
}
}
break;
default:
if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'id') == $_CONTACT_CONF['contact_page']) {
$display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page'], 'excerpt');
}
if ($_CONTACT_CONF['use_contact_form'] == 1) {
$display .= CONTACT_contactform($uid, true, $subject);
}
if ($_CONTACT_CONF['contact_page_footer'] != '') {
if (PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'id') == $_CONTACT_CONF['contact_page_footer']) {
$display .= PLG_getItemInfo('staticpages', $_CONTACT_CONF['contact_page_footer'], 'excerpt');
}
}
break;
}
if (!defined("CONTACT_TITLE")) {
define("CONTACT_TITLE", $LANG_CONTACT_1['plugin_name']);
}
$information = array('what' => CONTACT_MENU, 'pagetitle' => CONTACT_TITLE, 'breadcrumbs' => '', 'headercode' => '', 'rightblock' => CONTACT_FOOTER);
$display = COM_createHTMLDocument($display, $information);
COM_output($display);
/**
* Handles comment processing
*
* @param string $mode Mode of comment processing
* @param string $type Type of item (article, polls, etc.)
* @param string $title Title of item
* @param string $sid ID for item to show comments for
* @param string $format 'threaded', 'nested', or 'flat'
* @return string HTML formated
*/
function CMT_handleComment($mode = '', $type = '', $title = '', $sid = '', $format = '')
{
global $_CONF, $_TABLES, $_USER, $LANG03, $LANG_ADMIN, $topic, $_PLUGINS;
$commentmode = '';
if (!empty($_REQUEST[CMT_MODE])) {
$commentmode = COM_applyFilter($_REQUEST[CMT_MODE]);
}
if (empty($mode)) {
$mode = COM_applyFilter(COM_getArgument(CMT_MODE));
}
if (empty($commentmode) && !empty($mode)) {
$commentmode = $mode;
}
if (empty($sid) && !empty($_REQUEST[CMT_SID])) {
$sid = COM_applyFilter($_REQUEST[CMT_SID]);
}
$pid = 0;
if (!empty($_REQUEST[CMT_PID])) {
$pid = COM_applyFilter($_REQUEST[CMT_PID], true);
}
if (empty($type) && !empty($_REQUEST[CMT_TYPE])) {
$type = COM_applyFilter($_REQUEST[CMT_TYPE]);
}
if (!empty($_REQUEST['title'])) {
$title = $_REQUEST['title'];
// apply filters later in CMT_commentForm or CMT_saveComment
}
if (!empty($_REQUEST[CMT_UID])) {
$uid = COM_applyFilter($_REQUEST[CMT_UID]);
} else {
$uid = 1;
if (!empty($_USER['uid'])) {
$uid = $_USER['uid'];
}
}
$postmode = $_CONF['postmode'];
if (isset($_REQUEST['postmode'])) {
$postmode = COM_applyFilter($_REQUEST['postmode']);
}
$formtype = '';
if (!empty($_REQUEST['formtype'])) {
$formtype = COM_applyFilter($_REQUEST['formtype']);
}
// Get comment id, may not be there...will handle in function
$cid = 0;
if (isset($_REQUEST[CMT_CID])) {
$cid = COM_applyFilter($_REQUEST[CMT_CID], true);
}
TOPIC_getTopic('comment', $cid);
if (empty($format) && isset($_REQUEST['format'])) {
$format = COM_applyFilter($_REQUEST['format']);
}
if (!in_array($format, array('threaded', 'nested', 'flat', 'nocomment'))) {
if (COM_isAnonUser()) {
$format = $_CONF['comment_mode'];
} else {
$format = DB_getItem($_TABLES['usercomment'], 'commentmode', "uid = {$_USER['uid']}");
}
}
$order = '';
if (isset($_REQUEST['order'])) {
$order = COM_applyFilter($_REQUEST['order']);
}
$cpage = 1;
if (!empty($_REQUEST['cpage'])) {
$cpage = COM_applyFilter($_REQUEST['cpage'], true);
if (empty($cpage)) {
$cpage = 1;
}
}
$is_comment_page = CMT_isCommentPage();
$retval = '';
if ($_CONF['show_comments_at_replying'] && $is_comment_page && !empty($sid) && !empty($type) && in_array($commentmode, array('', $LANG03[28], $LANG03[34], $LANG03[14], 'edit'))) {
if ($commentmode == 'edit') {
$cid = 0;
if (isset($_REQUEST[CMT_CID])) {
$cid = COM_applyFilter($_REQUEST[CMT_CID], true);
}
if ($cid <= 0) {
COM_errorLog("CMT_handleComment(): {$_USER['uid']} from {$_SERVER['REMOTE_ADDR']} tried " . 'to edit a comment with one or more missing/bad values.');
return COM_refresh($_CONF['site_url'] . '/index.php');
}
$pid = $cid;
}
if ($pid > 0 && empty($title)) {
$atype = DB_escapeString($type);
$title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')");
}
if (empty($title)) {
$title = PLG_getItemInfo($type, $sid, 'title');
$title = str_replace('$', '$', $title);
// CMT_userComments expects non-htmlspecial chars for title...
$title = str_replace('&', '&', $title);
$title = str_replace('"', '"', $title);
$title = str_replace('<', '<', $title);
$title = str_replace('>', '>', $title);
}
$retval .= CMT_userComments($sid, $title, $type, $order, $format, $pid, $cpage, $pid > 0, false, 0);
}
switch ($commentmode) {
case $LANG03[28]:
// Preview Changes (for edit)
// Preview Changes (for edit)
case $LANG03[34]:
// Preview Submission changes (for edit)
// Preview Submission changes (for edit)
case $LANG03[14]:
// Preview
$retval .= CMT_commentForm($title, $_POST['comment'], $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage);
if ($is_comment_page) {
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[14]));
}
break;
case $LANG03[35]:
// Submit Changes to Moderation table
// Submit Changes to Moderation table
case $LANG03[29]:
// Submit Changes
if (SEC_checkToken()) {
$retval .= CMT_handleEditSubmit($commentmode);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case $LANG03[11]:
// Submit comment
$retval .= CMT_handleSubmit($title, $sid, $pid, $type, $postmode, $uid);
break;
case $LANG_ADMIN['delete']:
case 'delete':
// Delete comment
if (SEC_checkToken()) {
$retval .= CMT_handleDelete($sid, $type, $formtype);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case 'view':
// View comment by $cid
$retval .= CMT_handleView($format, $order, $cpage, true);
break;
case 'display':
// View comment by $pid
$retval .= CMT_handleView($format, $order, $cpage, false);
break;
case 'report':
if ($is_comment_page) {
$cid = 0;
if (isset($_GET[CMT_CID])) {
$cid = COM_applyFilter($_GET[CMT_CID], true);
}
$type = '';
if (isset($_GET[CMT_TYPE])) {
$type = COM_applyFilter($_GET[CMT_TYPE]);
}
if ($cid <= 0 || empty($type)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
$retval .= CMT_reportAbusiveComment($cid, $type);
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[27]));
}
break;
case 'sendreport':
if (SEC_checkToken()) {
$cid = 0;
if (isset($_POST[CMT_CID])) {
$cid = COM_applyFilter($_POST[CMT_CID], true);
}
$type = '';
if (isset($_POST[CMT_TYPE])) {
$type = COM_applyFilter($_POST[CMT_TYPE]);
}
if ($cid <= 0 || empty($type)) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
$retval .= CMT_sendReport($cid, $type);
} else {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
break;
case 'editsubmission':
if (!SEC_hasRights('comment.moderate')) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
// deliberate fall-through
// deliberate fall-through
case 'edit':
$retval .= CMT_handleEdit($commentmode, $postmode, $format, $order, $cpage);
if ($is_comment_page) {
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1]));
}
break;
case 'unsubscribe':
$cid = 0;
$key = COM_applyFilter($_GET['key']);
if (!empty($key)) {
$key = DB_escapeString($key);
$cid = DB_getItem($_TABLES['commentnotifications'], 'cid', "deletehash = '{$key}'");
if (!empty($cid)) {
$redirecturl = $_CONF['site_url'] . '/comment.php?mode=view&cid=' . $cid . '&format=nested&msg=16';
DB_delete($_TABLES['commentnotifications'], 'deletehash', $key, $redirecturl);
exit;
}
}
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
break;
case $LANG_ADMIN['cancel']:
if ($formtype == 'editsubmission') {
echo COM_refresh($_CONF['site_admin_url'] . '/moderation.php');
exit;
} else {
$retval .= CMT_handleCancel();
// moved to function for readibility
}
break;
default:
// New Comment or Reply Comment
$abort = false;
// Check to make sure comment type exists
if ($type != 'article' && !in_array($type, $_PLUGINS)) {
$abort = true;
}
// Check article permissions
if (!$abort && $type == 'article' && !empty($sid)) {
$dbTitle = DB_getItem($_TABLES['stories'], 'title', "(sid = '{$sid}') AND (draft_flag = 0) AND (date <= NOW()) AND (commentcode = 0)" . COM_getPermSQL('AND'));
// if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid) < 2) { // Make sure have at least read access to topics to post comment
if ($dbTitle === null || TOPIC_hasMultiTopicAccess('article', $sid, $topic) < 2) {
// Make sure have at least read access to current topic of article to post comment
// no permissions, or no story of that title
$abort = true;
}
}
if (!$abort && !empty($sid) && !empty($type)) {
if ($pid > 0 && empty($title)) {
$atype = DB_escapeString($type);
$title = DB_getItem($_TABLES['comments'], 'title', "(cid = {$pid}) AND (type = '{$atype}')");
}
if (empty($title)) {
$title = PLG_getItemInfo($type, $sid, 'title');
// Check title, if for some reason blank assume no access allowed to plugin item (therefore cannot add comment) so return to homepage
if (is_array($title) || empty($title) || $title == false) {
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
$title = str_replace('$', '$', $title);
// CMT_commentForm expects non-htmlspecial chars for title...
$title = str_replace('&', '&', $title);
$title = str_replace('"', '"', $title);
$title = str_replace('<', '<', $title);
$title = str_replace('>', '>', $title);
}
$retval .= CMT_commentForm($title, '', $sid, $pid, $type, $commentmode, $postmode, $format, $order, $cpage);
} else {
if (COMMENT_ON_SAME_PAGE) {
// Do nothing and do not show comment form (happens most likely when admin viewing draft article)
} else {
// For comments not displayed on same page (probably owner pushed the post comment button on a draft article)
echo COM_refresh($_CONF['site_url'] . '/index.php');
exit;
}
}
if ($is_comment_page) {
$noindex = '<meta name="robots" content="noindex"' . XHTML . '>';
$retval = COM_createHTMLDocument($retval, array('pagetitle' => $LANG03[1], 'headercode' => $noindex));
}
break;
}
return $retval;
}
/**
* Create the sitemap and save it as a file
*
* @return boolean true = success, false = otherwise
*/
public function create()
{
global $_XMLSMAP_CONF;
$this->num_entries = 0;
$sitemap = '';
$types = $this->getTypes();
$what = 'url,date-modified';
$uid = 1;
// anonymous user
$limit = 0;
// the max number of items to be returned (0 = no limit)
$options = array();
if (count($types) === 0) {
COM_errorLog(__METHOD__ . ': No content type is specified.');
return false;
}
foreach ($types as $type) {
$result = array();
if (is_callable('PLG_collectSitemapItems')) {
// New API since GL-2.1.1
$result = PLG_collectSitemapItems($type, $uid, $limit);
}
if (!is_array($result) || count($result) === 0) {
$result = PLG_getItemInfo($type, '*', $what, $uid, $options);
}
if (is_array($result) && count($result) > 0) {
foreach ($result as $entry) {
if (isset($entry['url'])) {
$url = $this->normalizeURL($entry['url']);
$sitemap .= ' <url>' . self::LB . ' <loc>' . $url . '</loc>' . self::LB;
} else {
/**
* <loc> element is mandatory for the sitemap. So,
* when no url is provided, we simply have to skip
* the item silently.
*/
continue;
}
// The items below are all optional.
// Frequency of change
$change_freq = isset($entry['change-freq']) ? $entry['change-freq'] : $this->getChangeFreq($type);
if ($change_freq != '') {
$sitemap .= ' <changefreq>' . $change_freq . '</changefreq>' . self::LB;
}
// Time stamp
if (isset($entry['date-modified'])) {
$date = date('Y-m-d', $entry['date-modified']);
// Add the time part for frequently changed items
if (in_array($change_freq, array('always', 'hourly', 'daily'))) {
$timezone = $this->getTimezoneStr();
if ($timezone !== false) {
$date .= 'T' . date('H:i:s', $entry['date-modified']) . $timezone;
}
}
if (in_array($type, $_XMLSMAP_CONF['lastmod'])) {
$sitemap .= ' <lastmod>' . $date . '</lastmod>' . self::LB;
}
}
// Priority
$priority = isset($entry['priority']) ? $entry['priority'] : $this->getPriority($type);
if ($priority != 0.5) {
$sitemap .= ' <priority>' . (string) $priority . '</priority>' . self::LB;
}
$sitemap .= ' </url>' . self::LB;
$this->num_entries++;
}
}
}
// Append the header and footer to the sitemap body
if ($sitemap != '') {
$sitemap = '<?xml version="1.0" encoding="UTF-8" ?>' . self::LB . '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">' . self::LB . $sitemap . '</urlset>' . self::LB;
} else {
return true;
}
// Check the number of items and the size of the sitemap file
if ($this->num_entries > self::MAX_NUM_ENTRIES) {
COM_errorLog(__METHOD__ . ': The number of items in the sitemap file must be ' . self::MAX_NUM_ENTRIES . ' or smaller.');
return false;
} else {
if (strlen($sitemap) > self::MAX_FILE_SIZE) {
COM_errorLog(__METHOD__ . ': The size of the sitemap file must be ' . self::MAX_FILE_SIZE . ' bytes or smaller.');
return false;
}
}
// Write the sitemap into file(s)
list($filename, $mobile_filename) = $this->getFileNames();
if ($filename != '') {
if (!$this->write($filename, $sitemap)) {
return false;
}
}
if ($mobile_filename != '') {
// Modify the sitemap as Google Mobile Sitemap
$sitemap = str_replace('<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9">', '<urlset xmlns="http://www.sitemaps.org/schemas/sitemap/0.9" xmlns:mobile="http://www.google.com/schemas/sitemap-mobile/1.0">', $sitemap);
$sitemap = str_replace(' </url>', ' <mobile:mobile />' . self::LB . ' </url>', $sitemap);
if (!$this->write($mobile_filename, $sitemap)) {
return false;
}
}
return true;
}
function handleSubscribe($sid, $type)
{
global $_CONF, $_TABLES, $_USER;
$dirty_referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : $_CONF['site_url'];
if ($dirty_referer == '') {
$dirty_referer = $_CONF['site_url'];
}
$referer = COM_sanitizeUrl($dirty_referer);
$sLength = strlen($_CONF['site_url']);
if (substr($referer, 0, $sLength) != $_CONF['site_url']) {
$referer = $_CONF['site_url'];
}
$hasargs = strstr($referer, '?');
if ($hasargs) {
$sep = '&';
} else {
$sep = '?';
}
if (COM_isAnonUser()) {
echo COM_refresh($referer . $sep . 'msg=518');
exit;
}
$uid = $_USER['uid'];
$itemInfo = PLG_getItemInfo($type, $sid, 'url,title');
if (isset($itemInfo['title'])) {
$id_desc = $itemInfo['title'];
} else {
$id_desc = 'not defined';
}
$rc = PLG_subscribe('comment', $type, $sid, $uid, $type, $id_desc);
if ($rc === false) {
echo COM_refresh($referer . $sep . 'msg=519' . '#comments');
exit;
}
echo COM_refresh($referer . $sep . 'msg=520' . '#comments');
exit;
}
/**
* Save a comment
*
* @author Vincent Furia, vinny01 AT users DOT sourceforge DOT net
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object receiving comment
* @param int $pid ID of parent comment
* @param string $type Type of comment this is (article, polls, etc)
* @param string $postmode Indicates if text is HTML or plain text
* @return int 0 for success, > 0 indicates error
*
*/
function CMT_saveComment($title, $comment, $sid, $pid, $type, $postmode)
{
global $_CONF, $_TABLES, $_USER, $LANG03;
$ret = 0;
// Get a valid uid
if (empty($_USER['uid'])) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
// Sanity check
if (empty($sid) || empty($title) || empty($comment) || empty($type)) {
COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment with one or more missing values.');
if (SESS_isSet('glfusion.commentpresave.error')) {
$msg = SESS_getVar('glfusion.commentpresave.error') . '<br/>' . $LANG03[12];
} else {
$msg = $LANG03[12];
}
SESS_setVar('glfusion.commentpresave.error', $msg);
return $ret = 1;
}
// Check that anonymous comments are allowed
if ($uid == 1 && ($_CONF['loginrequired'] == 1 || $_CONF['commentsloginrequired'] == 1)) {
COM_errorLog("CMT_saveComment: IP address {$_SERVER['REMOTE_ADDR']} " . 'attempted to save a comment with anonymous comments disabled for site.');
return $ret = 2;
}
// Check for people breaking the speed limit
COM_clearSpeedlimit($_CONF['commentspeedlimit'], 'comment');
$last = COM_checkSpeedlimit('comment');
if ($last > 0) {
COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment before the speed limit expired');
return $ret = 3;
}
// Let plugins have a chance to check for spam
$spamcheck = '<h1>' . $title . '</h1><p>' . $comment . '</p>';
$result = PLG_checkforSpam($spamcheck, $_CONF['spamx']);
// Now check the result and display message if spam action was taken
if ($result > 0) {
// update speed limit nonetheless
COM_updateSpeedlimit('comment');
// then tell them to get lost ...
COM_displayMessageAndAbort($result, 'spamx', 403, 'Forbidden');
}
// Let plugins have a chance to decide what to do before saving the comment, return errors.
if ($someError = PLG_commentPreSave($uid, $title, $comment, $sid, $pid, $type, $postmode)) {
return $someError;
}
$title = COM_checkWords(strip_tags($title));
$comment = CMT_prepareText($comment, $postmode);
// check for non-int pid's
// this should just create a top level comment that is a reply to the original item
if (!is_numeric($pid) || $pid < 0) {
$pid = 0;
}
if (!empty($title) && !empty($comment)) {
COM_updateSpeedlimit('comment');
$title = DB_escapeString($title);
$comment = DB_escapeString($comment);
$type = DB_escapeString($type);
// Insert the comment into the comment table
DB_lockTable($_TABLES['comments']);
if ($pid > 0) {
$result = DB_query("SELECT rht, indent FROM {$_TABLES['comments']} WHERE cid = " . (int) $pid . " AND sid = '" . DB_escapeString($sid) . "'");
list($rht, $indent) = DB_fetchArray($result);
if (!DB_error()) {
DB_query("UPDATE {$_TABLES['comments']} SET lft = lft + 2 " . "WHERE sid = '" . DB_escapeString($sid) . "' AND type = '{$type}' AND lft >= {$rht}");
DB_query("UPDATE {$_TABLES['comments']} SET rht = rht + 2 " . "WHERE sid = '" . DB_escapeString($sid) . "' AND type = '{$type}' AND rht >= {$rht}");
DB_save($_TABLES['comments'], 'sid,uid,comment,date,title,pid,lft,rht,indent,type,ipaddress', "'" . DB_escapeString($sid) . "',{$uid},'{$comment}',now(),'{$title}'," . (int) $pid . ",{$rht},{$rht}+1,{$indent}+1,'{$type}','" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "'");
} else {
//replying to non-existent comment or comment in wrong article
COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to reply to a non-existent comment or the pid/sid did not match');
$ret = 4;
// Cannot return here, tables locked!
}
} else {
$rht = DB_getItem($_TABLES['comments'], 'MAX(rht)', "sid = '" . DB_escapeString($sid) . "'");
if (DB_error()) {
$rht = 0;
}
DB_save($_TABLES['comments'], 'sid,uid,comment,date,title,pid,lft,rht,indent,type,ipaddress', "'" . DB_escapeString($sid) . "'," . (int) $uid . ",'{$comment}',now(),'{$title}'," . (int) $pid . ",{$rht}+1,{$rht}+2,0,'{$type}','" . DB_escapeString($_SERVER['REMOTE_ADDR']) . "'");
}
$cid = DB_insertId();
//set Anonymous user name if present
if (isset($_POST['username'])) {
$name = strip_tags(USER_sanitizeName($_POST['username']));
DB_change($_TABLES['comments'], 'name', DB_escapeString($name), 'cid', (int) $cid);
}
DB_unlockTable($_TABLES['comments']);
CACHE_remove_instance('whatsnew');
if ($type == 'article') {
CACHE_remove_instance('story_' . $sid);
}
// check to see if user has subscribed....
if (!COM_isAnonUser()) {
if (isset($_POST['subscribe']) && $_POST['subscribe'] == 1) {
$itemInfo = PLG_getItemInfo($type, $sid, 'url,title');
if (isset($itemInfo['title'])) {
$id_desc = $itemInfo['title'];
} else {
$id_desc = 'not defined';
}
$rc = PLG_subscribe('comment', $type, $sid, $uid, $type, $id_desc);
} else {
PLG_unsubscribe('comment', $type, $sid);
}
}
// Send notification of comment if no errors and notications enabled for comments
if ($ret == 0 && isset($_CONF['notification']) && in_array('comment', $_CONF['notification'])) {
CMT_sendNotification($title, $comment, $uid, $_SERVER['REMOTE_ADDR'], $type, $cid);
}
if ($ret == 0) {
PLG_sendSubscriptionNotification('comment', $type, $sid, $cid, $uid);
}
} else {
COM_errorLog("CMT_saveComment: {$uid} from {$_SERVER['REMOTE_ADDR']} tried " . 'to submit a comment with invalid $title and/or $comment.');
return $ret = 5;
}
return $ret;
}
/**
* Send a notification email when a new trackback comment has been posted
*
* @param int $cid ID of the trackback comment
* @param string $what type of notification: 'trackback' or 'pingback'
* @return void
*
*/
function TRB_sendNotificationEmail($cid, $what = 'trackback')
{
global $_CONF, $_TABLES, $LANG03, $LANG08, $LANG09, $LANG29, $LANG_TRB;
$cid = DB_escapeString($cid);
$result = DB_query("SELECT sid,type,title,excerpt,url,blog,ipaddress FROM {$_TABLES['trackback']} WHERE (cid = '" . DB_escapeString($cid) . "')");
$A = DB_fetchArray($result);
$type = $A['type'];
$id = $A['sid'];
$mailbody = '';
if (!empty($A['title'])) {
$mailbody .= $LANG03[16] . ': ' . $A['title'] . "\n";
}
$mailbody .= $LANG_TRB['blog_name'] . ': ';
if (!empty($A['blog'])) {
$mailbody .= $A['blog'] . ' ';
}
$mailbody .= '(' . $A['ipaddress'] . ")\n";
$mailbody .= $LANG29[12] . ': ' . $A['url'] . "\n";
if ($type != 'article') {
$mailbody .= $LANG09[5] . ': ' . $type . "\n";
}
if (!empty($A['excerpt'])) {
// the excerpt is max. 255 characters long anyway, so we add it
// in its entirety
$mailbody .= $A['excerpt'] . "\n\n";
}
if ($type == 'article') {
$commenturl = COM_buildUrl($_CONF['site_url'] . '/article.php?story=' . $id) . '#trackback';
} else {
$commenturl = PLG_getItemInfo($type, $id, 'url');
}
$mailbody .= $LANG08[33] . ' <' . $commenturl . ">\n\n";
$mailbody .= "\n------------------------------\n";
$mailbody .= "\n{$LANG08['34']}\n";
$mailbody .= "\n------------------------------\n";
if ($what == 'pingback') {
$mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['pingback'];
} else {
$mailsubject = $_CONF['site_name'] . ' ' . $LANG_TRB['trackback'];
}
$to = array();
$to = COM_formatEmailAddress('', $_CONF['site_mail']);
COM_mail($to, $mailsubject, $mailbody);
}
/**
* Shows any new information in a block
* Return the HTML that shows any new stories, comments, etc
*
* @param string $help Help file for block
* @param string $title Title used in block header
* @param string $position Position in which block is being rendered 'left', 'right' or blank (for centre)
* @return string Return the HTML that shows any new stories, comments, etc
*/
function COM_whatsNewBlock($help = '', $title = '', $position = '')
{
global $_CONF, $_TABLES, $LANG01, $LANG_WHATSNEW;
if ($_CONF['whatsnew_cache_time'] > 0) {
$cacheInstance = 'whatsnew__' . CACHE_security_hash() . '__' . $_CONF['theme'];
$retval = CACHE_check_instance($cacheInstance);
if ($retval) {
$lu = CACHE_get_instance_update($cacheInstance);
$now = time();
if ($now - $lu < $_CONF['whatsnew_cache_time']) {
return $retval;
}
}
}
$retval = COM_startBlock($title, $help, COM_getBlockTemplate('whats_new_block', 'header', $position));
$topicSql = '';
if ($_CONF['hidenewstories'] == 0 || $_CONF['hidenewcomments'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$topicSql = COM_getTopicSQL('AND', 0, 'ta');
}
if ($_CONF['hidenewstories'] == 0) {
$where_sql = " AND ta.type = 'article' AND ta.id = sid";
$archiveTid = DB_getItem($_TABLES['topics'], 'tid', "archive_flag=1");
if (!empty($archiveTid)) {
$where_sql .= " AND (ta.tid <> '{$archiveTid}')";
}
// Find the newest stories
$sql['mysql'] = "SELECT sid, title FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (date >= (date_sub(NOW(), INTERVAL {$_CONF['newstoriesinterval']} SECOND))) AND (date <= NOW()) AND (draft_flag = 0)" . $where_sql . COM_getPermSQL('AND') . $topicSql . COM_getLangSQL('sid', 'AND') . "\n GROUP BY sid, title, date ORDER BY date DESC";
$sql['pgsql'] = "SELECT sid, title FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta\n WHERE (date >= (NOW() - INTERVAL '{$_CONF['newstoriesinterval']} SECOND')) AND (date <= NOW()) AND (draft_flag = 0)" . $where_sql . COM_getPermSQL('AND') . $topicSql . COM_getLangSQL('sid', 'AND') . "\n GROUP BY sid, title, date ORDER BY date DESC";
$result = DB_query($sql);
$numRows = DB_numRows($result);
if (empty($title)) {
$title = DB_getItem($_TABLES['blocks'], 'title', "name='whats_new_block'");
}
// Any late breaking news stories?
$retval .= '<h3>' . $LANG01[99] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newstoriesinterval']) . '</small></h3>';
if ($numRows > 0) {
$newArticles = array();
for ($x = 0; $x < $numRows; $x++) {
$A = DB_fetchArray($result);
$url = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $A['sid']);
$title = COM_undoSpecialChars(stripslashes($A['title']));
$titleToUse = COM_truncate($title, $_CONF['title_trim_length'], '...');
if ($title != $titleToUse) {
$attr = array('title' => htmlspecialchars($title));
} else {
$attr = array();
}
$anchorText = str_replace('$', '$', $titleToUse);
$anchorText = str_replace(' ', ' ', $anchorText);
$newArticles[] = COM_createLink($anchorText, $url, $attr);
}
$retval .= COM_makeList($newArticles, 'list-new-plugins');
} else {
$retval .= $LANG01[100] . '<br' . XHTML . '>' . LB;
// No new stories
}
if ($_CONF['hidenewcomments'] == 0 || $_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$retval .= '<div class="divider-whats-new"></div>';
}
}
if ($_CONF['hidenewcomments'] == 0) {
// Go get the newest comments
$retval .= '<h3>' . $LANG01[83] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newcommentsinterval']) . '</small></h3>';
$new_plugin_comments = PLG_getWhatsNewComment();
if (!empty($new_plugin_comments)) {
// Sort array by element lastdate newest to oldest
foreach ($new_plugin_comments as $k => $v) {
$b[$k] = strtolower($v['lastdate']);
}
arsort($b);
$temp = array();
foreach ($b as $key => $val) {
$temp[] = $new_plugin_comments[$key];
}
$new_plugin_comments = $temp;
$newComments = array();
$count = 0;
foreach ($new_plugin_comments as $A) {
$count .= +1;
$url = '';
$info = PLG_getItemInfo($A['type'], $A['sid'], 'url');
if (!empty($info)) {
$url = $info . '#comments';
}
// Check to see if url (plugin may not support PLG_getItemInfo
if (!empty($url)) {
$title = COM_undoSpecialChars(stripslashes($A['title']));
$titleToUse = COM_truncate($title, $_CONF['title_trim_length'], '...');
if ($title != $titleToUse) {
$attr = array('title' => htmlspecialchars($title));
} else {
$attr = array();
}
$anchorComment = str_replace('$', '$', $titleToUse);
$anchorComment = str_replace(' ', ' ', $anchorComment);
if ($A['dups'] > 1) {
$anchorComment .= ' [+' . $A['dups'] . ']';
}
$newComments[] = COM_createLink($anchorComment, $url, $attr);
if ($count == 15) {
break;
}
}
}
$retval .= COM_makeList($newComments, 'list-new-comments');
} else {
$retval .= $LANG01[86] . '<br' . XHTML . '>' . LB;
}
if ($_CONF['hidenewplugins'] == 0 || $_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$retval .= '<div class="divider-whats-new"></div>';
}
}
if ($_CONF['trackback_enabled'] && $_CONF['hidenewtrackbacks'] == 0) {
$retval .= '<h3>' . $LANG01[114] . ' <small>' . COM_formatTimeString($LANG_WHATSNEW['new_last'], $_CONF['newtrackbackinterval']) . '</small></h3>';
$sql['mysql'] = "SELECT DISTINCT COUNT(*) AS count,s.title,t.sid,max(t.date) AS lastdate\n FROM {$_TABLES['trackback']} AS t, {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n WHERE ta.type = 'article' AND ta.id = s.sid AND (t.type = 'article') AND (t.sid = s.sid) AND (t.date >= (DATE_SUB(NOW(), INTERVAL {$_CONF['newtrackbackinterval']} SECOND)))" . COM_getPermSQL('AND', 0, 2, 's') . " AND (s.draft_flag = 0) AND (s.trackbackcode = 0)" . $topicSql . COM_getLangSQL('sid', 'AND', 's') . "\n GROUP BY t.sid, s.title\n ORDER BY lastdate DESC LIMIT 15";
$sql['pgsql'] = "SELECT DISTINCT COUNT(*) AS count,s.title,t.sid,max(t.date) AS lastdate\n FROM {$_TABLES['trackback']} AS t, {$_TABLES['stories']} s, {$_TABLES['topic_assignments']} ta\n WHERE ta.type = 'article' AND ta.id = s.sid AND (t.type = 'article') AND (t.sid = s.sid) AND (t.date >= (NOW()+ INTERVAL '{$_CONF['newtrackbackinterval']} SECOND'))" . COM_getPermSQL('AND', 0, 2, 's') . " AND (s.draft_flag = 0) AND (s.trackbackcode = 0)" . $topicSql . COM_getLangSQL('sid', 'AND', 's') . "\n GROUP BY t.sid, s.title\n ORDER BY lastdate DESC LIMIT 15";
$result = DB_query($sql);
$numRows = DB_numRows($result);
if ($numRows > 0) {
$newComments = array();
for ($i = 0; $i < $numRows; $i++) {
$A = DB_fetchArray($result);
$url = COM_buildURL($_CONF['site_url'] . '/article.php?story=' . $A['sid']) . '#trackback';
$title = COM_undoSpecialChars(stripslashes($A['title']));
$titleToUse = COM_truncate($title, $_CONF['title_trim_length'], '...');
if ($title != $titleToUse) {
$attr = array('title' => htmlspecialchars($title));
} else {
$attr = array();
}
$anchorComment = str_replace('$', '$', $titleToUse);
$anchorComment = str_replace(' ', ' ', $anchorComment);
if ($A['count'] > 1) {
$anchorComment .= ' [+' . $A['count'] . ']';
}
$newComments[] = COM_createLink($anchorComment, $url, $attr);
}
$retval .= COM_makeList($newComments, 'list-new-trackbacks');
} else {
$retval .= $LANG01[115] . '<br' . XHTML . '>' . LB;
}
if ($_CONF['hidenewplugins'] == 0) {
$retval .= '<div class="divider-whats-new"></div>';
}
}
if ($_CONF['hidenewplugins'] == 0) {
list($headlines, $smallHeadlines, $content) = PLG_getWhatsNew();
$plugins = count($headlines);
if ($plugins > 0) {
for ($i = 0; $i < $plugins; $i++) {
$retval .= '<h3>' . $headlines[$i] . ' <small>' . $smallHeadlines[$i] . '</small></h3>';
if (is_array($content[$i])) {
$retval .= COM_makeList($content[$i], 'list-new-plugins');
} else {
$retval .= $content[$i];
}
if ($i + 1 < $plugins) {
$retval .= '<div class="divider-whats-new"></div>';
}
}
}
}
$retval .= COM_endBlock(COM_getBlockTemplate('whats_new_block', 'footer', $position));
if ($_CONF['whatsnew_cache_time'] > 0) {
CACHE_create_instance($cacheInstance, $retval);
}
return $retval;
}
/**
* Wrapper for STORY_getItemInfo / PLG_getItemInfo to keep things readable
*
* @param string $type type of entry ('article' = story, else plugin)
* @param string $id ID of that entry
* @param string $what info requested
* @return mixed requested info, as a string or array of strings
*
*/
function TRACKBACK_getItemInfo($type, $id, $what)
{
if ($type == 'article') {
return STORY_getItemInfo($id, $what);
} else {
return PLG_getItemInfo($type, $id, $what);
}
}