Пример #1
0
/**
* Display trackback comment submission form.
*
* @param    string  $target     URL to send the trackback comment to
* @param    string  $url        URL of our entry
* @param    string  $title      title of our entry
* @param    string  $excerpt    excerpt of our entry
* @param    string  $blog       name of our site
* @return   string              HTML for the trackback comment editor
*
*/
function trackback_editor($target = '', $url = '', $title = '', $excerpt = '', $blog = '')
{
    global $_CONF, $LANG_TRB;
    $retval = '';
    // show preview if we have at least the URL
    if (!empty($url)) {
        // filter them for the preview
        $p_title = TRB_filterTitle($title);
        $p_excerpt = TRB_filterExcerpt($excerpt);
        $p_blog = TRB_filterBlogname($blog);
        // MT and other weblogs will shorten the excerpt like this
        if (MBYTE_strlen($p_excerpt) > 255) {
            $p_excerpt = MBYTE_substr($p_excerpt, 0, 252) . '...';
        }
        $retval .= COM_startBlock($LANG_TRB['preview']);
        $preview = COM_newTemplate($_CONF['path_layout'] . 'trackback');
        $preview->set_file(array('comment' => 'trackbackcomment.thtml'));
        $comment = TRB_formatComment($url, $p_title, $p_blog, $p_excerpt);
        $preview->set_var('formatted_comment', $comment);
        $preview->parse('output', 'comment');
        $retval .= $preview->finish($preview->get_var('output'));
        $retval .= COM_endBlock();
    }
    if (empty($url) && empty($blog)) {
        $blog = htmlspecialchars($_CONF['site_name']);
    }
    $title = htmlspecialchars($title);
    $excerpt = htmlspecialchars($excerpt, ENT_NOQUOTES);
    $retval .= COM_startBlock($LANG_TRB['editor_title'], getHelpUrl() . '#trackback', COM_getBlockTemplate('_admin_block', 'header'));
    $template = COM_newTemplate($_CONF['path_layout'] . 'admin/trackback');
    $template->set_file(array('editor' => 'trackbackeditor.thtml'));
    $template->set_var('php_self', $_CONF['site_admin_url'] . '/trackback.php');
    if (empty($url) || empty($title)) {
        $template->set_var('lang_explain', $LANG_TRB['editor_intro_none']);
    } else {
        $template->set_var('lang_explain', sprintf($LANG_TRB['editor_intro'], $url, $title));
    }
    $template->set_var('lang_trackback_url', $LANG_TRB['trackback_url']);
    $template->set_var('lang_entry_url', $LANG_TRB['entry_url']);
    $template->set_var('lang_title', $LANG_TRB['entry_title']);
    $template->set_var('lang_blog_name', $LANG_TRB['blog_name']);
    $template->set_var('lang_excerpt', $LANG_TRB['excerpt']);
    $template->set_var('lang_excerpt_truncated', $LANG_TRB['truncate_warning']);
    $template->set_var('lang_send', $LANG_TRB['button_send']);
    $template->set_var('lang_preview', $LANG_TRB['button_preview']);
    $template->set_var('max_url_length', 255);
    $template->set_var('target_url', $target);
    $template->set_var('url', $url);
    $template->set_var('title', $title);
    $template->set_var('blog_name', $blog);
    $template->set_var('excerpt', $excerpt);
    $template->set_var('gltoken_name', CSRF_TOKEN);
    $template->set_var('gltoken', SEC_createToken());
    $template->parse('output', 'editor');
    $retval .= $template->finish($template->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}
Пример #2
0
/**
* Save a trackback (or pingback) comment.
*
* Also filters parameters and handles multiple trackbacks from the same source.
*
* Note: Spam check should have been done before calling this function.
*
* @param    string  $sid        entry id
* @param    string  $type       type of entry ('article' = story, etc.)
* @param    string  $url        URL of the trackback comment
* @param    string  $title      title of the comment (set to $url if empty)
* @param    string  $blog       name of the blog that sent the comment
* @param    string  $excerpt    excerpt from the comment
* @return   int                 < 0: error, > 0: ID of the trackback comment
*
*/
function TRB_saveTrackbackComment($sid, $type, $url, $title = '', $blog = '', $excerpt = '')
{
    global $_CONF, $_TABLES;
    $url = COM_applyFilter($url);
    $title = TRB_filterTitle($title);
    $blog = TRB_filterBlogname($blog);
    $excerpt = TRB_filterExcerpt($excerpt);
    // MT does that, so follow its example ...
    if (MBYTE_strlen($excerpt) > 255) {
        $excerpt = MBYTE_substr($excerpt, 0, 252) . '...';
    }
    $title = str_replace(array('$', '{', '}'), array('&#36;', '&#123;', '&#126;'), $title);
    $excerpt = str_replace(array('$', '{', '}'), array('&#36;', '&#123;', '&#126;'), $excerpt);
    $blog = str_replace(array('$', '{', '}'), array('&#36;', '&#123;', '&#126;'), $blog);
    $url = DB_escapeString($url);
    $title = DB_escapeString($title);
    $blog = DB_escapeString($blog);
    $excerpt = DB_escapeString($excerpt);
    if ($_CONF['multiple_trackbacks'] == 0) {
        // multiple trackbacks not allowed - check if we have this one already
        if (DB_count($_TABLES['trackback'], array('url', 'sid', 'type'), array($url, $sid, $type)) >= 1) {
            return TRB_SAVE_REJECT;
        }
    } else {
        if ($_CONF['multiple_trackbacks'] == 1) {
            // delete any earlier trackbacks from the same URL
            DB_delete($_TABLES['trackback'], array('url', 'sid', 'type'), array($url, $sid, $type));
        }
    }
    // else: multiple trackbacks allowed
    DB_save($_TABLES['trackback'], 'sid,url,title,blog,excerpt,date,type,ipaddress', "'{$sid}','{$url}','{$title}','{$blog}','{$excerpt}',NOW(),'{$type}','{$_SERVER['REMOTE_ADDR']}'");
    $comment_id = DB_insertId();
    if ($type == 'article') {
        DB_query("UPDATE {$_TABLES['stories']} SET trackbacks = trackbacks + 1 WHERE (sid = '{$sid}')");
    }
    return $comment_id;
}
Пример #3
0
/**
* Display trackback comment submission form.
*
* @param    string  $target     URL to send the trackback comment to
* @param    string  $url        URL of our entry
* @param    string  $title      title of our entry
* @param    string  $excerpt    excerpt of our entry
* @param    string  $blog       name of our site
* @return   string              HTML for the trackback comment editor
*
*/
function TRACKBACK_edit($target = '', $url = '', $title = '', $excerpt = '', $blog = '')
{
    global $_CONF, $LANG_TRB, $LANG_ADMIN, $_IMAGE_TYPE;
    USES_lib_admin();
    $retval = '';
    // show preview if we have at least the URL
    if (!empty($url)) {
        // filter them for the preview
        $p_title = TRB_filterTitle($title);
        $p_excerpt = TRB_filterExcerpt($excerpt);
        $p_blog = TRB_filterBlogname($blog);
        // MT and other weblogs will shorten the excerpt like this
        if (utf8_strlen($p_excerpt) > 255) {
            $p_excerpt = utf8_substr($p_excerpt, 0, 252) . '...';
        }
        $retval .= COM_startBlock($LANG_TRB['preview']);
        $preview = new Template($_CONF['path_layout'] . 'trackback');
        $preview->set_file(array('comment' => 'trackbackcomment.thtml'));
        $comment = TRB_formatComment($url, $p_title, $p_blog, $p_excerpt);
        $preview->set_var('formatted_comment', $comment);
        $preview->parse('output', 'comment');
        $retval .= $preview->finish($preview->get_var('output'));
        $retval .= COM_endBlock();
    }
    if (empty($url) && empty($blog)) {
        $blog = htmlspecialchars($_CONF['site_name'], ENT_COMPAT, COM_getEncodingt());
    }
    $title = htmlspecialchars($title, ENT_COMPAT, COM_getEncodingt());
    $excerpt = htmlspecialchars($excerpt, ENT_NOQUOTES, COM_getEncodingt());
    $retval .= COM_startBlock($LANG_TRB['editor_title'], $_CONF['site_url'] . '/docs/trackback.html#trackback', COM_getBlockTemplate('_admin_block', 'header'));
    $menu_arr = array(array('url' => $_CONF['site_admin_url'] . '/trackback.php', 'text' => $LANG_ADMIN['tb_list']), array('url' => $_CONF['site_admin_url'], 'text' => $LANG_ADMIN['admin_home']));
    $retval .= ADMIN_createMenu($menu_arr, $LANG_TRB['trb_explain'], $_CONF['layout_url'] . '/images/icons/trackback.' . $_IMAGE_TYPE);
    $template = new Template($_CONF['path_layout'] . 'admin/trackback');
    $template->set_file(array('editor' => 'trackbackeditor.thtml'));
    $template->set_var('php_self', $_CONF['site_admin_url'] . '/trackback.php');
    if (empty($url) || empty($title)) {
        $template->set_var('lang_explain', $LANG_TRB['editor_intro_none']);
    } else {
        $template->set_var('lang_explain', sprintf($LANG_TRB['editor_intro'], $url, $title));
    }
    $template->set_var('lang_trackback_url', $LANG_TRB['trackback_url']);
    $template->set_var('lang_entry_url', $LANG_TRB['entry_url']);
    $template->set_var('lang_title', $LANG_TRB['entry_title']);
    $template->set_var('lang_blog_name', $LANG_TRB['blog_name']);
    $template->set_var('lang_excerpt', $LANG_TRB['excerpt']);
    $template->set_var('lang_excerpt_truncated', $LANG_TRB['truncate_warning']);
    $template->set_var('lang_send', $LANG_TRB['button_send']);
    $template->set_var('lang_preview', $LANG_TRB['button_preview']);
    $template->set_var('max_url_length', 255);
    $template->set_var('target_url', $target);
    $template->set_var('url', $url);
    $template->set_var('title', $title);
    $template->set_var('blog_name', $blog);
    $template->set_var('excerpt', $excerpt);
    $template->set_var('gltoken_name', CSRF_TOKEN);
    $template->set_var('gltoken', SEC_createToken());
    $template->parse('output', 'editor');
    $retval .= $template->finish($template->get_var('output'));
    $retval .= COM_endBlock(COM_getBlockTemplate('_admin_block', 'footer'));
    return $retval;
}