/** * Adds an item to the XML feeds for the given entry ID. * * The function uses the global array $items_added to avoid * adding the same entry twice. * * @uses feedtemplate loads the item template for XML feeds. * * @param int $uid * @param string $orgdate * @param string $title * @param string $introduction * @param string $body * @param string $user * @param string $category */ function add_rss($uid, $orgdate, $title, $introduction, $body, $user, $category) { global $db, $rss_items, $atom_items, $items_added, $Cfg, $Weblogs, $Current_weblog, $Allow_RSS, $Paths, $Users; if (!$Allow_RSS) { return; } // Checking if the item is already added to avoid duplication if (in_array($uid, $items_added)) { return; } else { $items_added[] = $uid; } $link = make_fileurl($uid, "", ""); if (!siteurl_isset()) { $weblog = gethost() . $Paths['pivot_url']; // we strip off the 'www.' part. It may not always result in a valid URL, but the // guid isn't supposed to be one anyhow. This prevents problems in readers, when // the feed is sometimes generated from www.example.org, and sometimes from example.org. $weblog = str_replace("www.", "", $weblog); } else { $weblog = $Weblogs[$Current_weblog]['siteurl']; } $title = trim(unentify($db->entry['title'])); $subtitle = trim(unentify($db->entry['subtitle'])); // parse fields and remove scripting from the feed. Script in feed is bad.. $introduction = parse_intro_or_body($db->entry['introduction']); $introduction = clean_rss_text($introduction); $body = parse_intro_or_body($db->entry['body']); $body = clean_rss_text($body); $tag = str_replace("_", "", strtolower(safe_string($Cfg['sitename'], TRUE))) . "," . date("Y") . ":" . str_replace("_", "", safe_string($Weblogs[$Current_weblog]['name'], TRUE)) . "." . $uid; $lang = str_replace("_utf8", "", snippet_lang()); $date = format_date($orgdate, "%year%-%month%-%day%T%hour24%:%minute%:00") . rss_offset(); $date_rfc = format_date($orgdate, "%english_dname%, %day% %english_monname% %year% %hour24%:%minute%:00 ") . rss_offset("rfc822"); if ($db->entry['edit_date'] != "") { $edit_date = format_date($db->entry['edit_date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . rss_offset(); } else { // if the entry was never edited, use the entrydate $edit_date = $date; } $summary = unentify(strip_tags($introduction)); $summary = trim(str_replace("&", "&", str_replace(" ", " ", $summary))); // Set content (Atom 1.0) and description (RSS 2.0) according to completeness settings if (isset($Weblogs[$Current_weblog]['rss_full']) && $Weblogs[$Current_weblog]['rss_full'] == 0) { // don't put anything in the content. $content = ""; $description = trim($introduction); if (strlen($body) > 5) { $description .= snippet_more(); $summary .= ' ...'; } } else { // put the introduction and body in the content.. $content = trim(str_replace(" ", " ", $introduction . $body)); $description = trim($introduction . $body); } $rss_item = feedtemplate('feed_rss_template.xml', 'item'); $atom_item = feedtemplate('feed_atom_template.xml', 'item'); // Handling viatitle special to avoid validation errors if (!empty($db->entry['viatitle'])) { $viatitle = 'title="' . $db->entry['viatitle'] . '"'; } else { $viatitle = ""; } $from = array("%title%", "%subtitle%", "%link%", "%description%", "%summary%", "%author%", "%author-email%", "%author-nick%", "%guid%", "%date%", "%edit_date%", "%date_rfc%", "%category%", "%content%", "%tag%", "%lang%", "%vialink%", "%viatitle%"); $to = array(htmlspecialchars(strip_tags($title)), htmlspecialchars(strip_tags($subtitle)), $link, RelativeToAbsoluteURLS($description), RelativeToAbsoluteURLS($summary), $user, $Users[$user]['email'], $Users[$user]['nick'], $uid . "@" . $weblog, $date, $edit_date, $date_rfc, htmlspecialchars(implode(", ", $category)), RelativeToAbsoluteURLS($content), $tag, $lang, $db->entry['vialink'], $viatitle); $rss_item = str_replace($from, $to, $rss_item); $atom_item = str_replace($from, $to, $atom_item); // We add the count($rss_items), because otherwise we can't have two items // that are posted at the same minute. $rss_items[$orgdate . "." . count($rss_items)] = $rss_item; $atom_items[$orgdate . "." . count($rss_items)] = $atom_item; }
function trimtext($str, $length, $nbsp = FALSE) { $str = strip_tags($str); if (strlen($str) > $length) { $str = unentify($str); $str = substr($str, 0, $length + 1); $str = entify($str) . "…"; } if ($nbsp == TRUE) { $str = str_replace(" ", " ", $str); } $str = str_replace("http://", "", $str); return $str; }
/** * Normalize tag to avoid duplicate noise. * * Currently we trim spaces, lowercase, remove quotes and HTML entities, and * treat 'star wars', 'star-wars', 'star+wars' and 'star_wars' as similar * (with the underscore version as the base case). * * @todo Since tag is used as filename not all characters should be allowed. * * @param string $tag * @return string */ function normalizeTag($tag) { $tag = trim($tag); $tag = decode_text($tag, 'special'); // Decode the rest of the HTML enities if possible. $tag = unentify($tag); $tag = trim(strtolower($tag)); $tag = str_replace(array("'", '"'), "", $tag); $tag = str_replace(array(" ", "-", "+"), "_", $tag); // Replacing character(s) not allowed in filenames. $tag = str_replace("/", "_", $tag); // Remove HTML enities we didn't manage to decode. $tag = preg_replace("/&([a-z\\d]{2,7}|#\\d{2,5});/i", "", $tag); if (empty($tag)) { $tag = "__empty__"; } return $tag; }
/** * Parse the input, strip stop/non-words, remove accents, lower case and * add to the index. * * @uses filter_words The function that strips the stop/non-words * @uses add_to_index The function that adds the filtered words to the index * @return void */ function strip_words($arr) { global $allowed_chars; $words = $arr['title'] . " " . $arr['subtitle'] . " " . $arr['introduction'] . " " . $arr['body'] . " " . $arr['keywords']; $words = unentify(strip_tags(str_replace(">", "> ", str_replace("<", " <", $words)))); $words = transliterate_accents($words); $words = strtolower($words); $result = preg_split('/[^' . preg_quote($allowed_chars) . ']/', $words); $filter = filter_words($result); add_to_index($filter, $arr['code']); }
function sendMailTrackback($my_trackback) { global $PIVOTX; $cat_weblogs = $PIVOTX['weblogs']->getWeblogsWithCat($PIVOTX['db']->entry['category']); $addr_arr = array(); // Using the same settings as for comments foreach ($cat_weblogs as $this_weblog) { if ($PIVOTX['weblogs']->get($this_weblog, 'comment_sendmail') == 1) { $addr_arr = array_merge($addr_arr, explode(",", $PIVOTX['weblogs']->get($this_weblog, 'comment_emailto'))); } } // make a nice title for the mail.. if (strlen($PIVOTX['db']->entry['title']) > 2) { $title = $PIVOTX['db']->entry['title']; $title = strip_tags($title); } else { $title = substr($PIVOTX['db']->entry['introduction'], 0, 300); $title = strip_tags($title); $title = str_replace("\n", "", $title); $title = str_replace("\r", "", $title); $title = substr($title, 0, 60); } $title = i18n_str_to_utf8($title); // maybe send some mail to authors.. if (count($addr_arr) > 0) { $adminurl = $PIVOTX['paths']['host'] . makeAdminPageLink(); $id = formatDate($my_trackback["date"], "%ye%%month%%day%%hour24%%minute%"); $editlink = $adminurl . "?page=trackbacks&uid=" . $PIVOTX['db']->entry['code']; /* $blocklink = $adminurl."menu=entries&func=edittracks&id=". $PIVOTX['db']->entry['code']. "&blocksingle=".$my_trackback['ip']; */ $body = sprintf(__('"%s" posted the following trackback') . ":", unentify($my_trackback['name'])); $body .= sprintf("\n\n-------------\n"); $body .= sprintf(__('Title') . ": %s\n", $my_trackback['title']); $body .= sprintf(__('URL') . ": %s\n", $my_trackback['url']); $body .= sprintf(__('Excerpt') . ":\n%s", unentify($my_trackback['excerpt'])); $body .= sprintf("\n-------------\n"); $body .= sprintf(__('IP-address') . ": %s\n", $my_trackback['ip']); $body .= sprintf(__('Date') . ": %s\n", $my_trackback['date']); $body .= sprintf("\n" . __('This is a trackback on entry "%s"') . "\n", $title); $body .= sprintf("-------------\n"); $body .= sprintf("%s:\n%s%s\n", __('View this entry'), $PIVOTX['paths']['host'], makeFileLink($PIVOTX['db']->entry, "", "")); $body .= sprintf("\n%s:\n%s\n", __('Edit this trackback'), $editlink); //$body.=sprintf("\n%s:\n%s\n", __('Block this IP'), $blocklink ); $body = i18n_str_to_utf8($body); // pivotxMail encodes the subject and adds the needed headers for UTF-8 $subject = sprintf(__('New trackback on entry "%s"'), $title); $addr_arr = array_unique($addr_arr); foreach ($addr_arr as $addr) { $addr = trim($addr); if (pivotxMail($addr, $subject, $body, $add_header)) { debug("Sent Mail to {$addr} for '" . $my_trackback['name'] . "'"); } else { debug("Failed sending mail to {$addr} for '" . $my_trackback['name'] . "'"); break; } } } }
function add_comment_feeditem($item) { global $db, $rss_items, $atom_items, $Cfg, $Weblogs, $Current_weblog, $Allow_RSS, $Paths; if (!siteurl_isset()) { $weblog = $Paths['host'] . $Paths['pivot_url']; } else { $weblog = $Weblogs[$Current_weblog]['siteurl']; } $entry = $db->read_entry($item['code']); $link = make_fileurl($item['uid'], "", ""); $title = $db->entry['title']; $date = format_date($item['date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . rss_offset(); $description = htmlspecialchars(strip_tags($item['comment'])); $description = str_replace(" ", " ", $description); $id = safe_string($item["name"], TRUE) . "-" . format_date($item["date"], "%ye%%month%%day%%hour24%%minute%"); $tag = str_replace("_", "", strtolower(safe_string($Cfg['sitename'], TRUE))) . "," . date("Y") . ":" . $id; // make sure description is not too long.. if (isset($Weblogs[$Current_weblog]['rss_full']) && $Weblogs[$Current_weblog]['rss_full'] == 0) { // don't put anything in the content. $content = ""; } else { // put the introduction and body in the content.. $content = str_replace(" ", " ", $introduction . $body); } if (isemail($item['email'])) { $email = "\n<email>" . $item['email'] . "</email>"; } else { $email = ""; } if (isurl($item['url'])) { if (strpos($item["url"], "ttp://") < 1) { $item["url"] = "http://" . $item["url"]; } $url = "\n<uri>" . $item['url'] . "</uri>"; } else { $url = ""; } $atom_item = ' <entry> <title>%author% on %title%</title> <link rel="alternate" type="text/html" href="%link%#%id%"/> <updated>%date%</updated> <published>%date%</published> <id>tag:%tag%</id> <summary type="text">%description%</summary> <content type="html" xml:lang="%lang%" xml:base="%link%"> <![CDATA[ %content% ]]> </content> <author> <name>%author%</name>%url%%email% </author> </entry> '; $from = array("%title%", "%link%", "%id%", "%description%", "%content%", "%author%", "%guid%", "%date%", "%tag%", "%lang%", "%url%", "%email%"); $to = array(htmlspecialchars(strip_tags($entry['title'])), $link, $id, RelativeToAbsoluteURLS($description), trim(comment_format($item['comment'])), htmlspecialchars(unentify($item['name'])), $item['uid'] . "@" . $weblog, $date, $tag, snippet_lang(), $url, $email); $atom_item = str_replace($from, $to, $atom_item); $atom_items[$date] = $atom_item; }
function sendMailComment($temp_comment, $notifications = '') { global $PIVOTX; $cat_weblogs = $PIVOTX['weblogs']->getWeblogsWithCat($PIVOTX['db']->entry['category']); $addr_arr = array(); foreach ($cat_weblogs as $this_weblog) { if ($PIVOTX['weblogs']->get($this_weblog, 'comment_sendmail') == 1) { $addr_arr = array_merge($addr_arr, explode(",", $PIVOTX['weblogs']->get($this_weblog, 'comment_emailto'))); } } // make a nice title for the mail.. if (strlen($PIVOTX['db']->entry['title']) > 2) { $title = $PIVOTX['db']->entry['title']; $title = strip_tags($title); } else { $title = substr($PIVOTX['db']->entry['introduction'], 0, 300); $title = strip_tags($title); $title = str_replace("\n", "", $title); $title = str_replace("\r", "", $title); $title = substr($title, 0, 60); } $title = i18n_str_to_utf8($title); // maybe send some mail to authors.. if (count($addr_arr) > 0) { $adminurl = $PIVOTX['paths']['host'] . makeAdminPageLink(); $id = safeString($temp_comment["name"], TRUE) . "-" . formatDate($temp_comment["date"], "%ye%%month%%day%%hour24%%minute%"); $editlink = $adminurl . "?page=comments&uid=" . $PIVOTX['db']->entry['code']; $approvelink = $adminurl . "?page=comments"; //$deletelink = $adminurl."menu=moderate_comments&".urlencode($id)."=2"; //$blocklink = $adminurl."menu=entries&func=editcomments&id=". $PIVOTX['db']->entry['code']."&blocksingle=".$temp_comment['ip']; $comment = $temp_comment['comment']; // $comment = unentify($comment); $body = sprintf(__('"%s" posted the following comment') . ":\n\n", unentify($temp_comment['name'])); $body .= sprintf("%s", $comment); $body .= sprintf("\n\n-------------\n\n"); $body .= sprintf(__('Name') . ": %s\n", unentify($temp_comment['name'])); $body .= sprintf(__('IP-address') . ": %s\n", $temp_comment['ip']); $body .= sprintf(__('Date') . ": %s\n", $temp_comment['date']); $body .= trim(sprintf(__('Email') . ": %s", $temp_comment['email'])) . "\n"; $body .= trim(sprintf(__('URL') . ": %s\n", $temp_comment['url'])) . "\n"; $body .= sprintf("\n" . __('This is a comment on entry "%s"') . "\n", $title); $body .= $notifications; $body .= sprintf("\n-------------\n\n"); if ($PIVOTX['config']->get('moderate_comments') == 1) { $body .= sprintf(__('Moderate this comment') . ":\n%s\n", $approvelink); // $body.=sprintf("\n".__('Delete this comment').":\n%s\n", $deletelink); } $body .= sprintf("\n%s:\n%s%s\n", __('View this entry'), $PIVOTX['paths']['host'], makeFileLink($PIVOTX['db']->entry, "", "")); $body .= sprintf("\n%s:\n%s%s\n", __('View this comment'), $PIVOTX['paths']['host'], makeFileLink($PIVOTX['db']->entry, "", $id)); $body .= sprintf("\n%s:\n%s\n", __('Edit this comment'), $editlink); //$body.=sprintf("\n%s:\n%s\n", __('Block this IP'), $blocklink ); $body = i18n_str_to_utf8($body); // pivotxMail encodes the subject and adds the needed headers for UTF-8 $subject = sprintf(__('New comment on entry "%s"'), $title); $addr_arr = array_unique($addr_arr); foreach ($addr_arr as $addr) { $addr = trim($addr); if (pivotxMail($addr, $subject, $body, $add_header)) { debug("Sent Mail to {$addr} for '" . $temp_comment['name'] . "'"); } else { debug("Failed sending mail to {$addr} for '" . $temp_comment['name'] . "'"); break; } } } }
/** * Displays the screen to edit and delete trackbacks. * * @param string $msg * @see submit_trackback() */ function edit_trackbacks($msg = "") { global $Cfg, $Pivot_Vars, $Users; PageHeader(lang('userbar', 'trackbacks'), 1); PageAnkeiler(lang('userbar', 'trackbacks') . ' » ' . lang('userbar', 'trackbacks_title')); $id = $Pivot_Vars['id']; $db = new db(); // read entry if it's not in memory yet. $db->read_entry($id, true); printf("<p><strong>%s</strong>: %s<br />", lang('entries', 'title'), $db->entry['title']); printf("<strong>%s</strong>: %s<br />", lang('entries', 'author'), $db->entry['user']); printf("<strong>%s</strong>: %s</p><br />", lang('entries', 'date'), $db->entry['date']); if ($Pivot_Vars['user'] == $db->entry['user']) { // allowed to edit own trackbacks MinLevel(2); } else { // allowed to edit trackbacks on other people's entries MinLevel(3); } if (!$db->entry['trackbacks'] || count($db->entry['trackbacks']) < 1) { // print if there are no trackbacks echo "<p><B>" . lang('notice', 'trackback_none') . "</b><br /><br /></p>"; } else { // print the trackbacks.. // perhaps delete a trackback. if (isset($Pivot_Vars['del'])) { $del_track = $db->entry['trackbacks'][$Pivot_Vars['del']]; //remove the trackback from last_trackbacks if it's in there.. if (file_exists("db/ser_lasttrack.php")) { $last_tracks = load_serialize("db/ser_lasttrack.php", true, true); } else { $last_tracks = array(); } if ($last_tracks !== false && count($last_tracks) > 0) { foreach ($last_tracks as $key => $last_track) { if ($last_track['code'] == $db->entry['code'] && $last_track['name'] == $del_track['name'] && $last_track['date'] == $del_track['date']) { unset($last_tracks[$key]); save_serialize("db/ser_lasttrack.php", $last_tracks); } } } // *argh* evil hack to directly delete trackbacks.. I should write a // proper wrapper unset($db->entry['trackbacks'][$Pivot_Vars['del']]); unset($db->db_lowlevel->entry['trackbacks'][$Pivot_Vars['del']]); $db->save_entry(); $msg = lang('notice', 'trackback_deleted'); } // perhaps add an ip-block for single ip. if (isset($Pivot_Vars['blocksingle'])) { $msg = "Added block for IP " . $Pivot_Vars['blocksingle']; add_block($Pivot_Vars['blocksingle']); } // perhaps add an ip-block for single ip. if (isset($Pivot_Vars['blockrange'])) { $iprange = make_mask($Pivot_Vars['blockrange']); $msg = "Added block for IP-range " . $iprange; add_block($iprange); } // perhaps remove an ip-block for single ip. if (isset($Pivot_Vars['unblocksingle'])) { $msg = "Removed block for IP " . $Pivot_Vars['unblocksingle']; rem_block($Pivot_Vars['unblocksingle']); } // perhaps remove an ip-block for single ip. if (isset($Pivot_Vars['unblockrange'])) { $iprange = make_mask($Pivot_Vars['unblockrange']); $msg = "Removed block for IP-range " . $iprange; rem_block($iprange); } // print a message, if there is one. if ($msg != "") { echo "<p><B>{$msg}</b><br /><br /></p>"; } // show the edit form, to edit a trackback.. if (isset($Pivot_Vars['edit'])) { StartForm('submittrackback', 0); StartTable(); $mytrack = $db->entry['trackbacks'][$Pivot_Vars['edit']]; $settings = array(); $settings[] = array('heading', lang('weblog_config', 'shortentry_template'), '', 8, '', 2, ''); $settings[] = array('id', '', '', 7, $id, '', ''); $settings[] = array('count', '', '', 7, $Pivot_Vars['edit'], '', ''); $settings[] = array('name', lang('weblog_text', 'blog_name'), '', 0, unentify($mytrack['name']), 60, ''); $settings[] = array('title', lang('weblog_text', 'title'), '', 0, unentify($mytrack['title']), 60, ''); $settings[] = array('excerpt', lang('weblog_text', 'excerpt'), '', 5, unentify($mytrack['excerpt']), '60', 'rows=5'); $settings[] = array('url', lang('weblog_text', 'url'), '', 0, $mytrack['url'], 60, ''); $settings[] = array('ip', lang('weblog_text', 'ip'), '', 0, $mytrack['ip'], 30, ''); $settings[] = array('date', lang('weblog_text', 'date'), '', 0, $mytrack['date'], 30, ''); DisplaySettings($settings, 'blog_settings'); EndForm(lang('weblog_config', 'save_trackback'), 1); } // print out all the trackbacks.. foreach ($db->entry['trackbacks'] as $key => $trackback) { $myblock = block_type($trackback['ip']); if ($myblock == "single" || $myblock == "range") { $strike = "style='text-decoration: line-through;'"; } else { $strike = ""; } // strip stuff from lamers' trackbacks.. $trackback['url'] = strip_tags($trackback['url']); printf("<table border=0 cellpadding=2 cellspacing=2 width='95%%' style='border-bottom:" . " 2px solid #999;'><tr><td width='40%%' valign='top'>" . lang('weblog_text', 'title') . ": <b %s>%s</b><br />", $strike, stripslashes($trackback['title'])); printf(lang('weblog_text', 'blog_name') . ": %s<br />", $trackback['name']); printf(lang('weblog_text', 'url') . ": %s<br />", $trackback['url']); printf(lang('weblog_text', 'ip') . ": %s<br />", $trackback['ip']); printf(lang('weblog_text', 'date') . ": %s<br />", $trackback['date']); printf("<td valign='top'><span %s>%s</span></td>", $strike, nl2br(htmlspecialchars($trackback['excerpt']))); // only show the option to edit and delete links if the user is an advanced user. if ($Users[$Pivot_Vars['user']]['userlevel'] >= 2) { $link = sprintf("index.php?session=%s&menu=entries&func=edittrackbacks&", $Pivot_Vars['session']); $editlink = sprintf("%sid=%s&edit=%s", $link, $db->entry['code'], $key); $dellink = sprintf("%sid=%s&del=%s", $link, $db->entry['code'], $key); $reportpopup = sprintf("openReportTrackback('%s', '%s','%s','%s');", $Pivot_Vars['session'], $db->entry['code'], $key, $dellink); printf("</tr><tr class='tabular_line_odd'><td><a href='%s'>%s</a> /", $editlink, lang('entries', 'edit_trackback')); printf(" <a href='%s'>%s</a> / ", $dellink, lang('entries', 'delete_trackback')); // only ping. // printf(" <a href='#' onclick=\"%s\">%s</a> ", $reportpopup, lang('entries', 'report_trackback') ); // ping and delete printf(" <a href='#' onclick=\"%s\">%s</a> ", $reportpopup, lang('entries', 'report_trackback')); } else { printf("<td> </td>"); } // only show the option to add or remove ip-blocks if the user is an administrator. if ($Users[$Pivot_Vars['user']]['userlevel'] >= 3) { if ($myblock == "none") { $blocktext1 = str_replace("%s", $trackback['ip'], lang('entries', 'block_single')); $blocklink1 = sprintf("%sid=%s&blocksingle=%s", $link, $db->entry['code'], $trackback['ip']); $blocktext2 = str_replace("%s", make_mask($trackback['ip']), lang('entries', 'block_range')); $blocklink2 = sprintf("%sid=%s&blockrange=%s", $link, $db->entry['code'], $trackback['ip']); printf("<td><a href='%s'>%s</a> / ", $blocklink1, $blocktext1); printf("<a href='%s'>%s</a></td>", $blocklink2, $blocktext2); } else { if ($myblock == "single") { $blocktext1 = str_replace("%s", $trackback['ip'], lang('entries', 'unblock_single')); $blocklink1 = sprintf("%sid=%s&unblocksingle=%s", $link, $db->entry['code'], $trackback['ip']); printf("<td><a href='%s'>%s</a></td>", $blocklink1, $blocktext1); } else { $blocktext1 = str_replace("%s", make_mask($trackback['ip']), lang('entries', 'unblock_range')); $blocklink1 = sprintf("%sid=%s&unblockrange=%s", $link, $db->entry['code'], $trackback['ip']); printf("<td><a href='%s'>%s</a></td>", $blocklink1, $blocktext1); } } } else { printf("<td> </td>"); } printf("</td></tr></table><br />"); } // end of printing trackbacks } // Table for editing the entry / trackbacks (this will be replaced after 1.30, // When we put the form-builder in place. echo '<table width="95%" border="0" cellpadding="5" cellspacing="0">'; $link = sprintf("index.php?session=%s&menu=entries&func=modify&id=%s", $Pivot_Vars['session'], $db->entry['code']); printf('<!-- edit entry --><tr><td width="32" valign="top">'); print_icon('overview', 'new_entry', "<a href=\"" . $link . "\">"); printf('</td><td><h3><a href="%s">%s</a></h3><p class="dim">%s</p></td></tr>', $link, lang('entries', 'edit_entry'), lang('entries', 'edit_entry_desc')); $link = sprintf("index.php?session=%s&menu=entries&func=editcomments&id=%s", $Pivot_Vars['session'], $db->entry['code']); printf('<!-- edit comments --><tr><td width="32" valign="top">'); print_icon('entry', 'edit_comments', "<a href=\"" . $link . "\">"); printf('</td><td><h3><a href="%s">%s</a></h3><p class="dim">%s</p></td></tr>', $link, lang('entries', 'edit_comments'), lang('entries', 'edit_comments_desc')); $link = sprintf("index.php?session=%s&menu=entries&doaction=1&action=delete&check[%s]=1", $Pivot_Vars['session'], $db->entry['code']); printf('<!-- delete entry --><tr><td width="32" valign="top">'); print_icon('entry', 'del_entry', "<a href=\"" . $link . "\">"); printf('</td><td><h3><a href="%s">%s</a></h3><p class="dim">%s</p></td></tr>', $link, lang('entries', 'delete_entry'), lang('entries', 'delete_entry_desc')); echo "</table>"; // End of table for editing the entry / trackbacks PageFooter(); echo "<br /><br /><br /><br />"; }
function send_mail_comm() { global $Cfg, $db, $my_comment, $ip, $date, $Weblogs, $Current_weblog, $Paths, $Users, $i18n_use; $cat_weblogs = find_weblogs_with_cat($db->entry['category']); $addr_arr = array(); foreach ($cat_weblogs as $this_weblog) { if ($Weblogs[$this_weblog]['comment_sendmail'] == 1) { $addr_arr = array_merge($addr_arr, explode(",", $Weblogs[$this_weblog]['comment_emailto'])); } } // make a nice title for the mail.. if (strlen($db->entry['title']) > 2) { $title = $db->entry['title']; $title = strip_tags($title); } else { $title = substr($db->entry['introduction'], 0, 300); $title = strip_tags($title); $title = str_replace("\n", "", $title); $title = str_replace("\r", "", $title); $title = substr($title, 0, 60); } if (!$i18n_use) { $title = utf8_encode($title); } // maybe send some mail to authors.. if (count($addr_arr) > 0) { $adminurl = $Paths['host'] . $Paths['pivot_url'] . "index.php?"; $id = safe_string($my_comment["name"], TRUE) . "-" . format_date($my_comment["date"], "%ye%%month%%day%%hour24%%minute%"); $editlink = $adminurl . "menu=entries&func=editcomments&id=" . $db->entry['code']; $approvelink = $adminurl . "menu=moderate_comments&" . urlencode($id) . "=1"; $deletelink = $adminurl . "menu=moderate_comments&" . urlencode($id) . "=2"; $blocklink = $adminurl . "menu=entries&func=editcomments&id=" . $db->entry['code'] . "&blocksingle=" . $my_comment['ip']; $comment = $my_comment['comment']; // $comment = unentify($comment); $body = sprintf(lang('comment', 'email_posted_comm') . ":\n\n", unentify($my_comment['name'])); $body .= sprintf("%s", $comment); $body .= sprintf("\n\n-------------\n"); $body .= sprintf(lang('weblog_text', 'name') . ": %s\n", unentify($my_comment['name'])); $body .= sprintf(lang('weblog_text', 'ip') . ": %s\n", $my_comment['ip']); $body .= sprintf(lang('weblog_text', 'date') . ": %s\n", $my_comment['date']); $body .= trim(sprintf(lang('weblog_text', 'email') . ": %s", $my_comment['email'])) . "\n"; $body .= trim(sprintf(lang('weblog_text', 'url') . ": %s\n", $my_comment['url'])) . "\n"; $body .= sprintf("\n" . lang('comment', 'email_comm_on') . "\n", $title); if (count($notify_arr) > 0) { $body .= sprintf(lang('comment', 'notifications') . ": %s\n", implode(", ", array_keys($notify_arr))); } $body .= sprintf("-------------\n"); if ($Cfg['moderate_comments'] == 1) { $body .= sprintf(lang('comment', 'email_allow_comm') . ":\n%s\n", $approvelink); $body .= sprintf("\n" . lang('comment', 'email_delete_comm') . ":\n%s\n", $deletelink); } $body .= sprintf("\n%s:\n%s%s\n", lang('comment', 'email_view_entry'), $Paths['host'], make_filelink("", "", "")); $body .= sprintf("\n%s:\n%s%s\n", lang('comment', 'email_view_comm'), $Paths['host'], make_filelink("", "", $id)); $body .= sprintf("\n%s:\n%s\n", lang('comment', 'email_edit_comm'), $editlink); $body .= sprintf("\n%s:\n%s\n", lang('comment', 'email_block_ip'), $blocklink); if (!$i18n_use) { $body = utf8_encode($body); } $name = $my_comment['name']; if (!$i18n_use) { $name = utf8_encode($name); } $comment_name = '=?UTF-8?B?' . base64_encode($name) . '?='; if (isemail($my_comment['email'])) { $add_header = sprintf("From: \"%s\" <%s>\n", $comment_name, $my_comment['email']); } else { $add_header = sprintf("From: \"'%s'\" <%s>\n", $comment_name, $addr_arr[0]); } $add_header .= "MIME-Version: 1.0\n"; $add_header .= "Content-Type: text/plain; charset=UTF-8; format=flowed\n"; $add_header .= "Content-Transfer-Encoding: 8bit\n"; $subject = lang('comment', 'email_subject_comm') . " Re: {$title}"; $subject = '=?UTF-8?B?' . base64_encode($subject) . '?='; $addr_arr = array_unique($addr_arr); foreach ($addr_arr as $addr) { $addr = trim($addr); @mail($addr, $subject, $body, $add_header); debug("Send Mail to {$addr} for '" . $my_comment['name'] . "'"); } } // Handle the users that want to be notified via email.. notify_new('comment', array($db->entry, $my_comment, $Cfg['moderate_comments'])); }
/** * Creates a feed of comments. * * @todo Do not display comments that haven't been moderated/approved. * @param string $feed_template * @param array $comment * @return string */ function _renderFeedComments($feed_template, $amount = 10, $comments) { global $PIVOTX; $i = 0; $feed_items = ""; // Loop through the comments.. foreach ($comments as $comment) { $tag = safeString($PIVOTX['config']->get('sitename'), TRUE) . "," . date("Y") . ":" . safeString($PIVOTX['weblogs']->get('', 'name'), TRUE); $tag .= '.entry%uid%.comment' . $i; $tag = str_replace("_", "", strtolower($tag)); $date = formatDate($comment['date'], "%year%-%month%-%day%T%hour24%:%minute%:00") . $this->_rssOffset(); $date_rfc = formatDate($comment['date'], "%english_dname%, %day% %english_monname% %year% %hour24%:%minute%:00 ") . $this->_rssOffset("rfc822"); $summary = unentify(strip_tags($comment['comment'])); $summary = trim(str_replace("&", "&", str_replace(" ", " ", $summary))); $summary = relativeToAbsoluteURLS($summary); if (strlen($summary) > 32) { $title = substr($summary, 0, 35) . '...'; } else { $title = $summary; } // Make the link.. $id = makeURI(html_entity_decode($comment['name'], ENT_COMPAT, 'UTF-8')) . "-" . formatDate($comment['date'], "%ye%%month%%day%%hour24%%minute%"); $url = makeFileURL($comment['entry_uid'], '', $id); $replace = array("%title%" => htmlspecialchars(strip_tags($title)), "%link%" => $url, "%summary%" => $summary, "%content%" => $summary, "%description%" => $summary, "%author%" => $comment['name'], "%guid%" => $url, "%date%" => $date, "%date_rfc%" => $date_rfc, "%tag%" => $tag, "%lang%" => smarty_lang()); // Execute the 'feed_comment' hook, if present. $PIVOTX['extensions']->executeHook('feed_comment', $replace); // Replace all items in $replace, unless it's an empty array. This way the feed_comment // hook can set $replace to an empty array, in order to skip it entirely. if (!empty($replace)) { $item = str_replace(array_keys($replace), array_values($replace), $feed_template); // Handling email and url separately. if (isEmail($comment['email'])) { $item = str_replace('%author-email%', $comment['email'], $item); } else { $item = str_replace('<email>%author-email%</email>', '', $item); } if (isUrl($comment['url'])) { if (strpos($comment["url"], "ttp://") < 1) { $comment["url"] = "http://" . $comment["url"]; } $item = str_replace('%author-link%', $comment['url'], $item); } else { $item = str_replace('<uri>%author-link%</uri>', '', $item); } $feed_items .= $item; } } return $feed_items; }
/** * Sends notification for any type - currently only entries/comments. * * @param string $type * @param array $data * @return void */ function notify_new($type, $data) { global $Paths, $Current_weblog, $Users, $Weblogs, $i18n_use; // FIXME: // $contact_addr used below is not set because there is really no // good setting for that - the comment_emailto setting for each e-mail // isn't meant for the from header... if ($type == 'comment') { // splitting up input data $entry = $data[0]; $comment = $data[1]; if (isset($data[2]) && $data[2]) { debug("Notification of new comment surpressed."); return; } // make a nice title for the mail.. if (strlen($entry['title']) > 2) { $title = $entry['title']; $title = strip_tags($title); } else { $title = substr($entry['introduction'], 0, 300); $title = strip_tags($title); $title = str_replace("\n", "", $title); $title = str_replace("\r", "", $title); $title = substr($title, 0, 60); } $id = safe_string($comment["name"], TRUE) . "-" . format_date($comment["date"], "%ye%%month%%day%%hour24%%minute%"); // Make the array of users that want to be notified via email.. $notify_arr = array(); foreach ($entry['comments'] as $temp_comm) { if ($temp_comm['notify'] == 1 && isemail($temp_comm['email'])) { $notify_arr[$temp_comm['email']] = 1; } if ($temp_comm['notify'] == 0 && isemail($temp_comm['email'])) { unset($notify_arr[$temp_comm['email']]); } } // don't send to the user that did the comment... if (isset($notify_arr[$comment['email']])) { unset($notify_arr[$comment['email']]); } // send mail to those on the 'notify me' list.. if (count($notify_arr) > 0) { $contact_addr = $Users[$entry['user']]['email']; $user = $Users[$entry['user']]['nick']; if (empty($user)) { $user = $entry['user']; } if (!$i18n_use) { $user = utf8_encode($user); } $body = sprintf(lang('comment', 'email_posted_comm') . ":\n\n", unentify($comment['name'])); $body .= sprintf("%s", unentify($comment['comment'])); $body .= sprintf("\n\n-------------\n"); $body .= sprintf(lang('weblog_text', 'name') . ": %s\n", unentify($comment['name'])); $body .= sprintf(lang('comment', 'email_comm_on') . "\n", $title); $body .= sprintf("\n%s:\n%s%s\n", lang('comment', 'email_view_entry'), $Paths['host'], make_filelink($entry['code'], "", "")); $body .= sprintf("%s:\n%s%s\n", lang('comment', 'email_view_comm'), $Paths['host'], make_filelink($entry['code'], "", $id)); if (!$i18n_use) { $body = utf8_encode($body); } $body = decode_text($body, 'special'); $contact_name = '=?UTF-8?B?' . base64_encode($user) . '?='; $add_header = sprintf("From: \"'%s'\" <%s>\n", $contact_name, $contact_addr); $add_header .= "MIME-Version: 1.0\n"; $add_header .= "Content-Type: text/plain; charset=UTF-8; format=flowed\n"; $add_header .= "Content-Transfer-Encoding: 8bit\n"; $subject = lang('comment', 'email_subject_notify') . " Re: {$title}"; if (!$i18n_use) { $subject = utf8_encode($subject); } $subject = '=?UTF-8?B?' . base64_encode($subject) . '?='; foreach ($notify_arr as $addr => $val) { $addr = trim($addr); @mail($addr, $subject, $body, $add_header); debug("Sent Notify to {$addr} from '" . $comment['name'] . "'"); } } } else { if ($type == 'entry') { $entry = $data; // We need to determine the current weblog.. $weblogs = find_weblogs_with_cat($entry['category']); $Current_weblog = current($weblogs); // make a nice title for the mail.. if (strlen($entry['title']) > 2) { $title = $entry['title']; $title = strip_tags($title); } else { $title = substr($entry['introduction'], 0, 300); $title = strip_tags($title); $title = str_replace("\n", "", $title); $title = str_replace("\r", "", $title); $title = substr($title, 0, 60); } $title = unentify($title); // Make the array of users that want to be notified via email.. $comment_users = get_registered_visitors(); $notify_arr = array(); foreach ($comment_users as $commuserdata) { if ($commuserdata['verified'] && !$commuserdata['disabled'] && $commuserdata['notify_entries']) { $notify_arr[$commuserdata['email']] = $commuserdata['name']; } } // send mail to those on the 'notify me' list.. if (count($notify_arr) > 0) { $contact_addr = $Users[$entry['user']]['email']; // Get the user's nickname (or username if nickname // isn't set), and the weblog's name. $user = $Users[$entry['user']]['nick']; if (empty($user)) { $user = $entry['user']; } if (!$i18n_use) { $user = utf8_encode($user); } $weblog = find_weblogs_with_cat($entry['category']); $weblog = $Weblogs[$weblog[0]]['name']; $defaultbody = sprintf(lang('comment', 'email_posted_entry') . ":\n\n", $user); $defaultbody .= sprintf("%s\n\n%s\n", $title, unentify(strip_tags($entry['introduction']))); $defaultbody .= sprintf("\n\n-------------\n"); $defaultbody .= sprintf("\n%s:\n%s%s\n", lang('comment', 'email_view_fullentry'), $Paths['host'], make_filelink($entry, "", "")); $defaultbody .= sprintf("\n%s:\n%s%suser.php%s\n", lang('comment', 'email_view_settings'), $Paths['host'], $Paths['pivot_url'], "?w=" . para_weblog($Current_weblog)); $defaultbody .= sprintf("\n%s: %%name%% (%%addr%%)\n", lang('comment', 'email_sent_to'), $Paths['host'], $Paths['pivot_url']); $defaultbody = decode_text($defaultbody, 'special'); if (!$i18n_use) { $defaultbody = utf8_encode($defaultbody); } $contact_name = '=?UTF-8?B?' . base64_encode($user) . '?='; $add_header = sprintf("From: \"'%s'\" <%s>\n", $contact_name, $contact_addr); $add_header .= "MIME-Version: 1.0\n"; $add_header .= "Content-Type: text/plain; charset=UTF-8; format=flowed\n"; $add_header .= "Content-Transfer-Encoding: 8bit\n"; $subject = lang('comment', 'email_subject_notify') . " {$title} - {$weblog}"; if (!$i18n_use) { $subject = utf8_encode($subject); } $subject = '=?UTF-8?B?' . base64_encode($subject) . '?='; $notified = array(); foreach ($notify_arr as $addr => $name) { $addr = trim($addr); $body = $defaultbody; $body = str_replace("%name%", $name, $body); $body = str_replace("%addr%", $addr, $body); @mail($addr, $subject, $body, $add_header); debug("Sent Notify to {$addr} from '" . $entry['user'] . "'"); $notified[] = sprintf("%s (%s)", $name, $addr); } $notified = sprintf("%s: %s", lang('comment', 'email_notified'), implode(", ", $notified)); return $notified; } } else { if ($type == 'visitor_registration') { $type = $data[0]; $name = $data[1]; // Only sending notification to superadmin foreach ($Users as $key => $value) { if ($value['userlevel'] == 4) { $user = $key; break; } } $contact_addr = $Users[$user]['email']; $contact_name = $Users[$user]['nick']; if (empty($contact_name)) { $contact_name = $user; } if ($type == 'add') { $subject = "New visitor registration - {$name}"; } else { $subject = "New visitor confirmed - {$name}"; } $body = $subject; $body .= sprintf("\n\nView visitor information:\n%s%s?menu=admin&func=admin&do=seecommusers\n", $Paths['host'], $Paths['pivot_url']); if (!$i18n_use) { $contact_name = utf8_encode($contact_name); $subject = utf8_encode($subject); $body = utf8_encode($body); } $contact_name = '=?UTF-8?B?' . base64_encode($contact_name) . '?='; $add_header = sprintf("From: \"'%s'\" <%s>\n", $contact_name, $contact_addr); $add_header .= "MIME-Version: 1.0\n"; $add_header .= "Content-Type: text/plain; charset=UTF-8; format=flowed\n"; $add_header .= "Content-Transfer-Encoding: 8bit\n"; $subject = '=?UTF-8?B?' . base64_encode($subject) . '?='; @mail($contact_addr, $subject, $body, $add_header); debug("Sent registered visitor notification for {$name}"); return; } else { debug("Unknown notify type '{$type}'"); } } } }
function send_mail_tb() { global $Cfg, $entry, $PIV_PARA, $my_trackback, $Weblogs, $Current_weblog, $Paths, $Users, $i18n_use; $cat_weblogs = find_weblogs_with_cat($entry['category']); $addr_arr = array(); foreach ($cat_weblogs as $this_weblog) { $Current_weblog = $this_weblog; // Using the same settings as for comments if ($Weblogs[$this_weblog]['comment_sendmail'] == 1) { $addr_arr = array_merge($addr_arr, explode(",", $Weblogs[$this_weblog]['comment_emailto'])); } } // Make the array of user that want to be notified.. $notify_arr = array(); $title = $entry['title']; if (!$i18n_use) { $title = utf8_encode($title); } // maybe send some mail to authors.. if (count($addr_arr) > 0 && !isset($PIV_PARA['f_comm_ip'])) { $adminurl = $Paths['host'] . $Paths['pivot_url'] . "index.php?"; $id = format_date($my_trackback["date"], "%ye%%month%%day%%hour24%%minute%"); $editlink = $adminurl . "menu=entries&func=edittrackbacks&id=" . $entry['code']; $blocklink = $adminurl . "menu=entries&func=edittrackbacks&id=" . $entry['code'] . "&blocksingle=" . $my_trackback['ip']; $body = sprintf(lang('comment', 'email_posted_tb') . ":", unentify($my_trackback['name'])); $body .= sprintf("\n\n-------------\n"); $body .= sprintf(lang('weblog_text', 'title') . ": %s\n", $my_trackback['title']); $body .= sprintf("%s", unentify($my_trackback['excerpt'])); $body .= sprintf("\n-------------\n"); $body .= sprintf(lang('weblog_text', 'ip') . ": %s\n", $my_trackback['ip']); $body .= sprintf(lang('weblog_text', 'date') . ": %s\n", $my_trackback['date']); $body .= sprintf(lang('weblog_text', 'url') . ": %s\n", $my_trackback['url']); $body .= sprintf("\n" . lang('comment', 'email_tb_on') . "\n", $title); if (count($notify_arr) > 0) { $body .= sprintf(lang('comment', 'notifications') . ": %s\n", implode(", ", $notify_arr)); } $body .= sprintf("-------------\n"); $body .= sprintf("%s:\n%s%s\n", lang('comment', 'email_view_entry'), $Paths['host'], make_filelink($PIV_PARA['f_comm_code'], "", $id)); $body .= sprintf("\n%s:\n%s\n", lang('comment', 'email_edit_tb'), $editlink); $body .= sprintf("\n%s:\n%s\n", lang('comment', 'email_block_ip'), $blocklink); if (!$i18n_use) { $body = utf8_encode($body); } $contact_addr = $Users[$entry['user']]['email']; $user = $Users[$entry['user']]['nick']; if (empty($user)) { $user = $entry['user']; } $contact_name = '=?UTF-8?B?' . base64_encode($user) . '?='; $add_header = sprintf("From: \"'%s'\" <%s>\n", $contact_name, $contact_addr); $add_header .= "MIME-Version: 1.0\n"; $add_header .= "Content-Type: text/plain; charset=UTF-8; format=flowed\n"; $add_header .= "Content-Transfer-Encoding: 8bit\n"; $subject = lang('trackback', 'email_subject') . " " . $title; $subject = '=?UTF-8?B?' . base64_encode($subject) . '?='; foreach ($addr_arr as $addr) { $addr = trim($addr); @mail($addr, $subject, $body, $add_header); debug("Sent Mail to {$addr} for '" . $my_trackback['name'] . "'"); } } }