function transaction()
{
// viet luu but
header("Content-type: application/xml");
if (!User::is_login()) {
echo "<comments><content>no_login</content></comments>";
exit;
} else {
if (User::is_block()) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (AZLib::isBlackList(User::$current->data['id'], AZLib::getParam('user_id'))) {
echo "<comments><content>blacklist</content></comments>";
exit;
}
if (AZLib::checkBadWord(AZLib::getParam('content'))) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
$user_id = AZLib::getParam('user_id');
if (!($user = User::getUser($user_id))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
$content = preg_replace("/\n/", "<br />", Url::get('content'));
$content = str_replace('<br /><br />', ' ', $content);
$comment_content = $content;
$id = DB::insert('comment_user', array('content' => $comment_content, 'time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'sender_user_id' => User::id(), 'sender_user_name' => User::user_name(), 'receiver_user_id' => $user['id'], 'receiver_user_name' => $user['user_name'], 'is_read' => 0));
if ($id) {
DB::query('UPDATE user set total_comment_user=total_comment_user+1 WHERE id=' . $user['id']);
// so luu but
User::getUser($user['id'], 0, 1);
if ($user['email'] && $user['email_alert'] && $user['id'] != User::id()) {
//Add to cron job:
$link = WEB_ROOT . AZRewrite::formatUrl('?page=shop&user_name=' . $user['user_name'] . '&mode=comment');
AZLib::addCronJob('user_comment', AZLib::parseBBCode($comment_content, true), $user['id'], User::user_name(), '', 0, '', $link);
}
}
$time = $up_time = date('H:i | ');
$xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($comment_content) . "]]></content><post_time>{$time}</post_time></comments>";
echo $xml;
System::halt();
}
}
function feedback()
{
header("Content-type: application/xml");
$pattern = '/^xe360/i';
$content = trim(AZLib::getParam('content'));
$comment_id = (int) Url::get('comment_id', 0);
$sender_user_name = trim(AZLib::getParam('user_name'));
$sender_email = trim(AZLib::getParam('sender_email'));
$comment_row = array();
if (isset($_COOKIE['setTimeOutComment'])) {
if (time() - $_COOKIE['setTimeOutComment'] <= 30) {
// 30 giay
echo "<comments><content>time_out</content></comments>";
exit;
}
} else {
AZLib::my_setcookie("setTimeOutComment", time(), 30 + TIME_NOW);
// 30 giay
}
if (preg_match($pattern, $sender_user_name) || preg_match($pattern, $sender_email) || preg_match($pattern, $content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (User::is_login() && User::is_block()) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if ($comment_id) {
$comment_row = DB::select('comment', "id={$comment_id}");
if (!$comment_row) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (User::is_login() && $comment_row['sender_user_id'] == User::id()) {
//Không được trả lời cho chính mình!
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (!($item = Item::get_item($comment_row['item_id']))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
} else {
$item_id = (int) Url::get('item_id', 0);
if (!$item_id || !($item = Item::get_item($item_id))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
}
$item_memcache = $item;
if (AZLib::isBlackList(User::id(), $item['user_id'])) {
echo "<comments><content>blacklist</content></comments>";
exit;
}
if (!User::is_login() && AZLib::checkBadWord($sender_user_name)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if ($item["state"] == 1 && !User::have_permit(ADMIN_ITEM)) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
$username = strtolower($sender_user_name);
if (!User::is_login() && (strlen($username) < 3 || strlen($sender_email) < 3 || $username == 'admin' || $username == 'administrator' || $username == 'moderator' || $username == 'enbac')) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (AZLib::checkBadWord($content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (!User::is_login()) {
$captcha = AZLib::getParam('captcha');
if (!isset($_SESSION["enbac_validate"]) || $captcha == '' || $captcha != $_SESSION["enbac_validate"]) {
echo "<comments><content>false_captcha</content></comments>";
exit;
}
}
$content = preg_replace("/\n/", "<br />", $content);
$content = str_replace('<br /><br />', ' ', $content);
$receiver_user_id = 0;
$receiver_username = '';
if ($comment_id) {
if ($comment_row['parent_id']) {
$receiver_user_id = $comment_row['sender_user_id'];
$receiver_username = $comment_row['sender_user_name'];
if ($receiver_user_id) {
$content = '@<a href="' . WEB_DIR . $receiver_username . '" class="fast_reply_link" title="' . $receiver_username . '">' . $receiver_username . '</a>: ' . $content;
} else {
$content = '<font color="#999">@<span style="text-decoration:underline">' . $receiver_username . '</span> </font>: ' . $content;
}
$parent_id = $comment_row['parent_id'];
} else {
$parent_id = $comment_row['id'];
}
} else {
$parent_id = 0;
}
$user_item = User::getUser($item['user_id']);
if ($user_item) {
if (User::id()) {
$sender_user_name = User::user_name();
} else {
// set guest cookie
$week = 60 * 60 * 24 * 365 + TIME_NOW;
AZLib::my_setcookie("guest_name", $sender_user_name, $week);
AZLib::my_setcookie("guest_email", $sender_email, $week);
}
$up_up_count = '';
if ($content != '') {
$comment = array('content' => $content, 'item_id' => $item['id'], 'time' => TIME_NOW, 'order_time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'parent_id' => $parent_id, 'receiver_user_id' => $item['user_id'], 'receiver_user_name' => $item['user_name'], 'display' => 1);
if (User::id()) {
if ($item['user_id'] == User::id()) {
//Chuyển trạng thái đã trả lời khi comment chính topic của mình!
$comment['status'] = 1;
}
$comment['sender_user_id'] = User::id();
$comment['sender_user_name'] = User::user_name();
} else {
$comment['sender_user_id'] = 0;
$comment['sender_user_name'] = $sender_user_name;
$comment['sender_email'] = $sender_email;
}
if ($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id']) {
$comment['replied_user_id'] = $comment_row['sender_user_id'];
$comment['replied_user_name'] = $comment_row['sender_user_name'];
} elseif ($comment_row && $comment_row['sender_user_id'] == $item['user_id']) {
$comment['replied_status'] = 1;
}
$id = DB::insert('comment', $comment);
if ($id) {
if (!User::id()) {
AZLib::reload_captcha();
}
if ($parent_id) {
$re = DB::query("SELECT id FROM comment WHERE item_id = {$item['id']} AND parent_id = {$parent_id} AND display = 1 ORDER BY id DESC LIMIT 3,1");
if ($re) {
if ($row = mysql_fetch_assoc($re)) {
if ($row) {
DB::query("UPDATE comment SET display = 0 WHERE parent_id = {$parent_id} AND display = 1 AND id<={$row['id']}");
}
}
}
if ($comment_id == $parent_id) {
if (User::is_login() && $item['user_id'] == User::id()) {
DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . ", status=1 WHERE id = {$parent_id}");
} else {
DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
}
} else {
DB::query("UPDATE comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
if (User::is_login() && $item['user_id'] == User::id()) {
DB::query("UPDATE comment SET status=1 WHERE id = {$comment_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=1");
}
}
if (User::is_login()) {
//Nếu là thành viên
//Cập nhật lại replied_status nếu chưa được check!
if ($item['user_id'] != User::id() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0) {
DB::query("UPDATE comment SET replied_status=1 WHERE id = {$comment_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=2");
//Cập nhật comment mới cho chính mình
DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id=' . User::id() . ' AND total_new_comment>0');
User::getUser(User::id(), 0, 1);
}
if ($item['user_id'] != User::id()) {
//Nếu ko fải giao dịch của mình
//Cập nhật comment mới cho chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $item['user_id']);
User::getUser($item['user_id'], 0, 1);
} elseif ($comment_row && $comment_row['status'] == 0) {
//Cập nhật comment mới cho chính mình
DB::query('UPDATE user SET total_new_comment = total_new_comment - 1 WHERE id=' . User::id() . ' AND total_new_comment>0');
User::getUser(User::id(), 0, 1);
}
//Cập nhật comment mới cho người có comment được trả lời
if ($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != User::id() && $comment_row['sender_user_id'] != $item['user_id']) {
//Nếu trả lời comment cho 1 người nào đó ko fải chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $comment_row['sender_user_id']);
User::getUser($comment_row['sender_user_id'], 0, 1);
}
} else {
//Nếu là khách vãng lai
//Cập nhật comment mới cho chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $item['user_id']);
User::getUser($item['user_id'], 0, 1);
//Cập nhật comment mới cho người có comment được trả lời
if ($comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $item['user_id'] && $comment_row['sender_user_id'] != $item['user_id']) {
//Nếu trả lời comment cho 1 người nào đó ko fải chủ topic
DB::query('UPDATE user SET total_new_comment = total_new_comment + 1 WHERE id=' . $comment_row['sender_user_id']);
User::getUser($comment_row['sender_user_id'], 0, 1);
}
}
}
}
$total_feedback = DB::count('comment', "item_id={$item['id']}");
$up_up_count = '<up_count>';
$up_up_count .= $user_item['up_item'];
DB::update_id('item', array('reply_count' => $total_feedback), $item['id']);
if (MEMCACHE_ON) {
$item_memcache['reply_count'] = $total_feedback;
AZMemcache::do_put("item:{$item['id']}", $item_memcache);
}
$up_up_count .= '</up_count>';
//Cập nhật cron job
if ($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id'] != User::id()) {
if (User::id()) {
$sender_email = '';
}
$link = WEB_ROOT . AZRewrite::formatUrl('?page=item_detail&id=' . $item['id'] . '&ebname=' . AZLib::safe_title($item['name']));
$title = "<a href='{$link}' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$item['name']}</font></a>";
AZLib::addCronJob('item_comment', AZLib::parseBBCode($content, true), $user_item['id'], User::id() ? User::user_name() : $sender_user_name, $sender_email, $item['id'], $title, $link);
}
} else {
$id = 0;
}
$time = date('H:i - d/m');
$xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($content) . "]]></content><post_time>" . date('H:i') . "</post_time>";
$action = 'item_comment';
if (User::id() != $item['user_id']) {
require_once ROOT_PATH . 'includes/enbac/comment.php';
Comment::addNewComment($item['user_id']);
}
$xml .= $up_up_count . "<id>" . $id % 3 . "</id></comments>";
//del cache html
$caheFile = 'fb_' . $item['id'];
StaticCache::delCache($caheFile);
echo $xml;
System::halt();
}
}
function action_pm()
{
$act_ = Url::get('act_');
$pm_id = (int) Url::get('pm_id', 0);
$content = trim(AZLib::getParam('content'));
$title_pm = '';
$json = "";
if (!User::is_login()) {
$json = '({"msg":"no_login"})';
echo $json;
exit;
}
if (User::is_block()) {
$json = '({"msg":"no_perm"})';
echo $json;
exit;
}
if ($pm_id) {
$message_topic = DB::select('message_topics', "mt_id={$pm_id}");
if ($message_topic && User::id() == $message_topic['mt_owner_id']) {
$message_text = DB::select('message_text', "msg_id={$message_topic['mt_msg_id']}");
if (!$message_text) {
DB::delete('message_topics', "mt_id={$pm_id}");
$json = '({"msg":"no_perm"})';
echo $json;
exit;
}
} else {
$json = '({"msg":"no_perm"})';
echo $json;
exit;
}
if ($act_ == 'reply' && $content || $act_ == 'skip' || $act_ == 'delete') {
$json = '({"msg":"success"';
if ($act_ == 'reply' && $content) {
if (AZLib::checkBadWord($content)) {
$json = '({"msg":"bad_word"})';
echo $json;
exit;
}
$title_pm = $message_topic['mt_title'];
if ($message_topic['mt_ref_id']) {
$ref_id = $message_topic['mt_ref_id'];
} else {
$ref_id = $pm_id;
}
//if(strpos($title_pm,'Re:')!==0){
// $title_pm="Re: $title_pm";
//}
if (AZLib::isBlackList(User::id(), $message_topic['mt_from_id'])) {
if ($message_topic['mt_read'] == 0) {
DB::query("UPDATE message_topics SET mt_read=1 WHERE mt_id={$pm_id}");
}
$json = '({"msg":"blacklist"})';
echo $json;
exit;
}
$user = User::getUser($message_topic['mt_from_id']);
if ($user) {
$id_mess = AZLib::Send_pm(User::id(), User::user_name(), $user, $title_pm, $content, 0, $ref_id);
if (!$id_mess) {
$json = '({"msg":"unsuccess"})';
echo $json;
exit;
}
}
if ($message_topic['mt_read'] == 0) {
DB::query("UPDATE message_topics SET mt_read=1 WHERE mt_id={$pm_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$pm_id} AND type=4");
DB::query('UPDATE user SET total_pm = total_pm-1 WHERE id=' . User::id() . ' AND total_pm>0');
User::getUser(User::id(), 0, 1);
}
} elseif ($act_ == 'delete') {
AZLib::delete_messages($pm_id);
//Cập nhật đã đọc - trả lời cho feed
DB::query("DELETE FROM feed WHERE ref_id = {$pm_id} AND type=4");
} else {
if ($message_topic['mt_read'] == 0) {
DB::query("UPDATE message_topics SET mt_read=1 WHERE mt_id={$pm_id}");
DB::query('UPDATE user SET total_pm = total_pm-1 WHERE id=' . User::id() . ' AND total_pm>0');
User::getUser(User::id(), 0, 1);
}
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$pm_id} AND type=4");
}
DB::query('UPDATE user SET total_pm = total_pm-1 WHERE id=' . User::id() . ' AND total_pm>0');
User::getUser(User::id(), 0, 1);
$json .= "})";
echo $json;
exit;
} else {
$json = '({"msg":"short_content"})';
exit;
}
}
$json = "({'msg':'no_perm'})";
echo $json;
}
function fn_comment()
{
header("Content-type: application/xml");
$content = trim(AZLib::getParam('content'));
$comment_id = (int) Url::get('comment_id', 0);
$comment_row = array();
if ($content == '') {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (User::is_login()) {
if (User::is_block()) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
$sender_user_name = User::user_name();
$sender_email = '';
} else {
$sender_user_name = AZLib::getParam('user_name');
$sender_email = AZLib::getParam('sender_email', '');
$username_lower = strtolower($sender_user_name);
if (strlen($username_lower) < 3 || $username_lower == 'admin' || $username_lower == 'administrator' || $username_lower == 'moderator' || $username_lower == 'enbac') {
echo "<comments><content>bad_word</content></comments>";
exit;
}
}
if ($comment_id) {
$comment_row = DB::select("user_entry_comment", "id={$comment_id}");
if (!$comment_row || $comment_row && User::is_login() && $comment_row['sender_user_id'] == User::id()) {
//Không được trả lời cho chính mình!
echo "<comments><content>no_perm</content></comments>";
exit;
}
$entry_id = $comment_row['entry_id'];
} else {
$entry_id = (int) Url::get('entry_id', 0);
}
if (!$entry_id || !($user_entry = DB::select('user_entry', "id={$entry_id}"))) {
echo "<comments><content>no_perm</content></comments>";
exit;
}
if (User::is_login() && AZLib::isBlackList(User::id(), $user_entry['user_id'])) {
echo "<comments><content>blacklist</content></comments>";
exit;
}
if (!User::is_login() && AZLib::checkBadWord($sender_user_name) || AZLib::checkBadWord($content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (AZLib::checkBadWord($content)) {
echo "<comments><content>bad_word</content></comments>";
exit;
}
if (!User::is_login()) {
$captcha = AZLib::getParam('captcha');
if (!isset($_SESSION["enbac_validate"]) || $captcha == '' || $captcha != $_SESSION["enbac_validate"]) {
echo "<comments><content>false_captcha</content></comments>";
exit;
}
}
$content = preg_replace("/\n/", "<br />", $content);
$content = str_replace('<br /><br />', ' ', $content);
if ($comment_row) {
if ($comment_row['parent_id']) {
$parent_id = $comment_row['parent_id'];
//$sender_user_name = $comment_row['sender_user_name'];
$sender_user_name = User::user_name();
if ($comment_row['sender_user_id']) {
$content = '@<a href="' . WEB_DIR . $comment_row['sender_user_name'] . '" class="fast_reply_link" title="' . $sender_user_name . '">' . $comment_row['sender_user_name'] . '</a>: ' . $content;
} else {
$content = '<font color="#999">@<span style="text-decoration:underline">' . $sender_user_name . '</span> </font>: ' . $content;
}
} else {
$parent_id = $comment_row['id'];
}
} else {
$parent_id = 0;
}
// set guest cookie
if (!User::id()) {
$week = 60 * 60 * 24 * 365 + TIME_NOW;
AZLib::my_setcookie("guest_name", $sender_user_name, $week);
AZLib::my_setcookie("guest_email", $sender_email, $week);
}
$user_entry_comment = array('content' => $content, 'entry_id' => $user_entry['id'], 'time' => TIME_NOW, 'order_time' => TIME_NOW, 'post_ip' => AZLib::ip(), 'parent_id' => $parent_id, 'receiver_user_id' => $user_entry['user_id'], 'display' => 1, 'receiver_user_name' => $user_entry['user_name']);
if (User::id()) {
$user_entry_comment['sender_user_id'] = User::id();
} else {
$user_entry_comment['sender_user_id'] = 0;
$user_entry_comment['sender_email'] = $sender_email;
}
$user_entry_comment['sender_user_name'] = $sender_user_name;
if ($comment_row && $comment_row['sender_user_id'] && $comment_row['sender_user_id'] != $user_entry['user_id']) {
//Lưu lại người được trả lời
$user_entry_comment['replied_user_id'] = $comment_row['sender_user_id'];
$user_entry_comment['replied_user_name'] = $comment_row['sender_user_name'];
} elseif ($comment_row && $comment_row['sender_user_id'] == $user_entry['user_id']) {
$user_entry_comment['replied_status'] = 1;
}
$id = DB::insert('user_entry_comment', $user_entry_comment);
if ($id) {
if (!User::id()) {
AZLib::reload_captcha();
}
if ($parent_id) {
$re = DB::query("SELECT id FROM user_entry_comment WHERE parent_id = {$parent_id} AND display = 1 ORDER BY id DESC LIMIT 3,1");
if ($re) {
if ($row = mysql_fetch_assoc($re)) {
if ($row) {
DB::query("UPDATE user_entry_comment SET display = 0 WHERE parent_id = {$comment_id} AND display = 1 AND id<={$row['id']}");
}
}
}
if ($comment_id == $parent_id) {
if (User::is_login() && $user_entry['user_id'] == User::id()) {
DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . ", status=1 WHERE id = {$parent_id}");
} else {
DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
}
} else {
DB::query("UPDATE user_entry_comment SET have_child = have_child + 1, order_time = " . time() . " WHERE id = {$parent_id}");
if (User::is_login() && $user_entry['user_id'] == User::id()) {
DB::query("UPDATE user_entry_comment SET status=1 WHERE id = {$comment_id}");
}
}
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=5");
//Cập nhật lại replied_status nếu chưa được check!
if (User::is_login() && $comment_row['replied_user_id'] == User::id() && $comment_row['replied_status'] == 0) {
DB::query("UPDATE user_entry_comment SET replied_status=1 WHERE id = {$comment_id}");
//Cập nhật đã đọc - trả lời cho feed
DB::query("UPDATE feed SET status = 1 WHERE ref_id = {$comment_id} AND type=6");
}
}
}
$total_feedback = DB::count('user_entry_comment', 'entry_id="' . $user_entry['id'] . '"');
DB::update_id('user_entry', array('reply_count' => $total_feedback), $user_entry['id']);
$xml = "<comments><content><![CDATA[" . AZLib::parseBBCode($content) . "]]></content><post_time>vài giây trước</post_time>";
$xml .= "<id>" . $id % 3 . "</id><parent_id>{$parent_id}</parent_id></comments>";
echo $xml;
$user_item = User::getUser($user_entry['user_id']);
if ($user_item && $user_item['email'] && $user_item['email_alert'] && $user_item['id'] != User::id()) {
if (User::id()) {
$sender_email = '';
}
$link = WEB_ROOT . '?page=user_entry&user_name=' . $user_entry['user_name'] . '&cmd_entry=view&entry_id=' . $user_entry['id'] . '&ebname=' . AZLib::safe_title($user_entry['title']);
$link = AZRewrite::formatUrl($link);
$title = "<a href='{$link}' target='_blank' style='text-decoration:none;color:#003399;'><font color='#003399'>{$user_entry['title']}</font></a>";
AZLib::addCronJob('entry_comment', AZLib::parseBBCode($content, true), $user_item['id'], User::id() ? User::user_name() : $sender_user_name, $sender_email, $user_entry['id'], $title, $link);
}
System::halt();
}
