public static function getList($params) { $db = JFactory::getDBO(); $db->setQuery("SELECT * FROM #__jcomments ORDER BY date DESC", 0, $params->get('count')); $items = $db->loadObjectList(); if (!is_array($items)) { $items = array(); } if (count($items)) { $config = JCommentsFactory::getConfig(); $bbcode = JCommentsFactory::getBBCode(); $limit_comment_text = (int) $params->get('limit_comment_text', 0); foreach ($items as &$item) { $item->link = 'index.php?option=com_jcomments&&view=comment&layout=edit&id=' . $item->id; $item->author = JComments::getCommentAuthorName($item); $text = JCommentsText::censor($item->comment); $text = $bbcode->filter($text, true); $text = JCommentsText::cleanText($text); if ($limit_comment_text && JString::strlen($text) > $limit_comment_text) { $text = self::truncateText($text, $limit_comment_text - 1); } $item->comment = $text; } } return $items; }
public function save($data) { $table = $this->getTable(); $pkName = $table->getKeyName(); $pk = !empty($data[$pkName]) ? $data[$pkName] : (int) $this->getState($this->getName() . '.id'); try { if ($pk > 0) { $table->load($pk); } $prevPublished = $table->published; if (!$table->bind($data)) { $this->setError($table->getError()); return false; } if ($table->userid == 0) { $table->name = preg_replace('/[\'"\\>\\<\\(\\)\\[\\]]?+/i', '', $table->name); $table->username = $table->name; } else { $user = JFactory::getUser($table->userid); $table->name = $user->name; $table->username = $user->username; $table->email = $user->email; } if (get_magic_quotes_gpc() == 1) { $table->title = stripslashes($table->title); $table->comment = stripslashes($table->comment); } $table->comment = JCommentsText::nl2br($table->comment); $table->comment = JCommentsFactory::getBBCode()->filter($table->comment); if (!$table->check()) { $this->setError($table->getError()); return false; } if (!$table->store()) { $this->setError($table->getError()); return false; } if ($table->published && $prevPublished != $table->published) { JCommentsNotificationHelper::push(array('comment' => $table), 'comment-new'); } $this->cleanCache('com_jcomments'); } catch (Exception $e) { $this->setError($e->getMessage()); return false; } if (isset($table->{$pkName})) { $this->setState($this->getName() . '.id', $table->{$pkName}); } return true; }
function quoteComment($id, $loadForm = 0) { if (JCommentsSecurity::badRequest() == 1) { JCommentsSecurity::notAuth(); } $db =& JCommentsFactory::getDBO(); $acl =& JCommentsFactory::getACL(); $config =& JCommentsFactory::getConfig(); $response =& JCommentsFactory::getAjaxResponse(); $comment = new JCommentsDB($db); $id = (int) $id; if ($comment->load($id)) { $comment_name = JComments::getCommentAuthorName($comment); $comment_text = JCommentsText::br2nl($comment->comment); if ($config->getInt('enable_nested_quotes') == 0) { $bbcode =& JCommentsFactory::getBBCode(); $comment_text = $bbcode->removeQuotes($comment_text); } if ($config->getInt('enable_custom_bbcode')) { $customBBCode =& JCommentsFactory::getCustomBBCode(); $comment_text = $customBBCode->filter($comment_text, true); } if ($acl->getUserId() == 0) { $bbcode =& JCommentsFactory::getBBCode(); $comment_text = $bbcode->removeHidden($comment_text); } if ($comment_text != '') { if ($acl->check('enable_autocensor')) { $comment_text = JCommentsText::censor($comment_text); } if (intval($loadForm) == 1) { $form = JComments::getCommentsForm($comment->object_id, $comment->object_group, true); $response->addAssign('comments-form-link', 'innerHTML', $form); } $comment_text = JCommentsText::jsEscape($comment_text); $text = "[quote name=\"" . $comment_name . "\"]" . $comment_text . "[/quote]\\n"; $response->addScript("jcomments.insertText('" . $text . "');"); } else { $response->addAlert(JText::_('ERROR_NOTHING_TO_QUOTE')); } } unset($comment); return $response; }
public static function prepareComment(&$comment) { if (isset($comment->_skip_prepare) && $comment->_skip_prepare == 1) { return; } JCommentsEventHelper::trigger('onJCommentsCommentBeforePrepare', array(&$comment)); $config = JCommentsFactory::getConfig(); $acl = JCommentsFactory::getACL(); // run autocensor if ($acl->check('enable_autocensor')) { $comment->comment = JCommentsText::censor($comment->comment); if ($comment->title != '') { $comment->title = JCommentsText::censor($comment->title); } } // replace deleted comment text with predefined message if ($comment->deleted == 1) { $comment->comment = JText::_('COMMENT_TEXT_COMMENT_HAS_BEEN_DELETED'); $comment->username = ''; $comment->name = ''; $comment->email = ''; $comment->homepage = ''; $comment->userid = 0; $comment->isgood = 0; $comment->ispoor = 0; } // replace BBCode tags $comment->comment = JCommentsFactory::getBBCode()->replace($comment->comment); if ($config->getInt('enable_custom_bbcode')) { $comment->comment = JCommentsFactory::getCustomBBCode()->replace($comment->comment); } // fix long words problem $word_maxlength = $config->getInt('word_maxlength'); if ($word_maxlength > 0) { $comment->comment = JCommentsText::fixLongWords($comment->comment, $word_maxlength); if ($comment->title != '') { $comment->title = JCommentsText::fixLongWords($comment->title, $word_maxlength); } } if ($acl->check('emailprotection')) { $comment->comment = JComments::maskEmail($comment->id, $comment->comment); } // autolink urls if ($acl->check('autolinkurls')) { $comment->comment = preg_replace_callback(_JC_REGEXP_LINK, array('JComments', 'urlProcessor'), $comment->comment); if ($acl->check('emailprotection') != 1) { $comment->comment = preg_replace(_JC_REGEXP_EMAIL, '<a href="mailto:\\1@\\2">\\1@\\2</a>', $comment->comment); } } // replace smilies' codes with images if ($config->get('enable_smilies') == '1') { $comment->comment = JCommentsFactory::getSmilies()->replace($comment->comment); } $comment->author = JComments::getCommentAuthorName($comment); // Gravatar support $comment->gravatar = md5(strtolower($comment->email)); if (empty($comment->avatar)) { $comment->avatar = '<img src="http://www.gravatar.com/avatar/' . $comment->gravatar . '?d=' . urlencode(JCommentsFactory::getLink('noavatar')) . '" alt="' . htmlspecialchars($comment->author) . '" />'; } JCommentsEventHelper::trigger('onJCommentsCommentAfterPrepare', array(&$comment)); }
/** * Cleans text of all formatting and scripting code * * @param $text string The input string. * @return string Returns the altered string. */ public static function cleanText($text) { $bbcode = JCommentsFactory::getBBCode(); $config = JCommentsFactory::getConfig(); $text = $bbcode->filter($text, true); if ($config->getInt('enable_custom_bbcode')) { $customBBCode = JCommentsFactory::getCustomBBCode(); $text = $customBBCode->filter($text, true); } $text = str_replace('<br />', ' ', $text); $text = preg_replace('#(\\s){2,}#ism' . JCOMMENTS_PCRE_UTF8, '\\1', $text); $text = preg_replace('#<script[^>]*>.*?</script>#ism' . JCOMMENTS_PCRE_UTF8, '', $text); $text = preg_replace('#<a\\s+.*?href="([^"]+)"[^>]*>([^<]+)<\\/a>#ism' . JCOMMENTS_PCRE_UTF8, '\\2 (\\1)', $text); $text = preg_replace('#<!--.+?-->#ism' . JCOMMENTS_PCRE_UTF8, '', $text); $text = preg_replace('# #ism' . JCOMMENTS_PCRE_UTF8, ' ', $text); $text = preg_replace('#&#ism' . JCOMMENTS_PCRE_UTF8, ' ', $text); $text = preg_replace('#"#ism' . JCOMMENTS_PCRE_UTF8, ' ', $text); $text = strip_tags($text); $text = htmlspecialchars($text); $text = html_entity_decode($text); //$text = html_entity_decode($text, ENT_COMPAT, JCOMMENTS_ENCODING); return $text; }
public static function save() { JCommentsSecurity::checkToken(); $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode = JCommentsFactory::getBBCode(); $db = JCommentsFactory::getDBO(); $row = new JCommentsTableComment($db); if ($row->load($id)) { $prevPublished = $row->published; $row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->title = trim(strip_tags(JCommentsInput::getVar('title'))); $row->comment = trim(strip_tags(JCommentsInput::getVar('comment'))); $row->published = (int) JCommentsInput::getVar('published'); if ($row->userid == 0) { $row->name = strip_tags(JCommentsInput::getVar('name')); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name); if ($row->username != $row->name) { $row->username = $row->name; } $row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username); } else { if ($row->name == '' || $row->username == '' || $row->email == '') { $user = JCommentsFactory::getUser($row->userid); $row->name = $row->name == '' ? $user->name : $row->name; $row->username = $row->username == '' ? $user->username : $row->username; $row->email = $row->email == '' ? $user->email : $row->email; } } // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $row->title = stripslashes($row->title); $row->comment = stripslashes($row->comment); } $row->comment = JCommentsText::nl2br($row->comment); $row->comment = $bbcode->filter($row->comment); $row->store(); $row->checkin(); // send notification to comment subscribers if ($row->published && $prevPublished != $row->published) { // TODO: add separate message for just published comments include_once JCOMMENTS_BASE . '/jcomments.php'; $language = JCommentsFactory::getLanguage(); $language->load('com_jcomments', JOOMLATUNE_JPATH_SITE, $row->lang); JComments::sendToSubscribers($row, true); } $cache = JCommentsFactory::getCache('com_jcomments'); $cache->clean(); $cache = JCommentsFactory::getCache($row->object_group); $cache->clean(); } switch ($task) { case 'comments.apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments.edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'comments.save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments'); break; } }
function prepareComment(&$comment) { if (isset($comment->_skip_prepare) && $comment->_skip_prepare == 1) { return; } $config =& JCommentsFactory::getConfig(); $bbcode =& JCommentsFactory::getBBCode(); $acl =& JCommentsFactory::getACL(); // convert to datetime if variable contains string value if (is_string($comment->datetime)) { $comment->datetime = strtotime($comment->datetime); } // run autocensor if ($acl->check('enable_autocensor')) { $comment->comment = JCommentsText::censor($comment->comment); } // replace BBCode tags $comment->comment = $bbcode->replace($comment->comment); if ($config->getInt('enable_custom_bbcode')) { $customBBCode =& JCommentsFactory::getCustomBBCode(); $comment->comment = $customBBCode->replace($comment->comment); } // fix long words problem $word_maxlength = $config->getInt('word_maxlength'); if ($word_maxlength > 0) { $comment->comment = JCommentsText::fixLongWords($comment->comment, $word_maxlength); if ($comment->title != '') { $comment->title = JCommentsText::fixLongWords($comment->title, $word_maxlength); } } if ($acl->check('emailprotection')) { $comment->comment = JComments::maskEmail($comment->id, $comment->comment); } // autolink urls if ($acl->check('autolinkurls')) { $comment->comment = preg_replace_callback(_JC_REGEXP_LINK, array('JComments', 'urlProcessor'), $comment->comment); if ($acl->check('emailprotection') != 1) { $comment->comment = preg_replace(_JC_REGEXP_EMAIL, '<a href="mailto:\\1@\\2">\\1@\\2</a>', $comment->comment); } } // replace smile codes with images if ($config->get('enable_smiles') == '1') { $smiles =& JCommentsFactory::getSmiles(); $comment->comment = $smiles->replace($comment->comment); } // Gravatar support $comment->gravatar = md5(strtolower($comment->email)); if (empty($comment->avatar)) { $comment->avatar = '<img src="http://www.gravatar.com/avatar.php?gravatar_id=' . $comment->gravatar . '&default=' . urlencode(JCommentsFactory::getLink('noavatar')) . '" alt="" />'; } $comment->author = JComments::getCommentAuthorName($comment); if ($config->getInt('enable_mambots') == 1) { JCommentsPluginHelper::trigger('onAfterPrepareComment', array(&$comment)); } }
/** * Prepares data for notification * * @param array $data An associative array of notification data * @param string $type Type of notification * * @return mixed */ private static function prepareData($data, $type) { require_once JPATH_ROOT . '/components/com_jcomments/jcomments.php'; $object = JCommentsObjectHelper::getObjectInfo($data['comment']->object_id, $data['comment']->object_group, $data['comment']->lang); $data['notification-type'] = $type; $data['object_title'] = $object->title; $data['object_link'] = JCommentsFactory::getAbsLink($object->link); $data['comment']->author = JComments::getCommentAuthorName($data['comment']); $data['comment']->title = JCommentsText::censor($data['comment']->title); $data['comment']->comment = JCommentsText::censor($data['comment']->comment); $data['comment']->comment = JCommentsFactory::getBBCode()->replace($data['comment']->comment); if (JCommentsFactory::getConfig()->getInt('enable_custom_bbcode')) { $data['comment']->comment = JCommentsFactory::getCustomBBCode()->replace($data['comment']->comment, true); } $data['comment']->comment = trim(preg_replace('/(\\s){2,}/i', '\\1', $data['comment']->comment)); return $data; }
public static function getList(&$params) { $db = JFactory::getDBO(); $user = JFactory::getUser(); $source = $params->get('source', 'com_content'); if (!is_array($source)) { $source = explode(',', $source); } $date = JFactory::getDate(); if (version_compare(JVERSION, '1.6.0', 'ge')) { $now = $date->toSql(); $access = array_unique(JAccess::getAuthorisedViewLevels($user->get('id'))); $access[] = 0; // for backward compability } else { $now = $date->toMySQL(); $access = $user->get('aid', 0); } switch ($params->get('ordering', '')) { case 'vote': $orderBy = '(c.isgood-c.ispoor) DESC'; break; case 'date': default: $orderBy = 'c.date DESC'; break; } $where = array(); $interval = $params->get('interval', ''); if (!empty($interval)) { $timestamp = $date->toUnix(); switch ($interval) { case '1-day': $timestamp = strtotime('-1 day', $timestamp); break; case '1-week': $timestamp = strtotime('-1 week', $timestamp); break; case '2-week': $timestamp = strtotime('-2 week', $timestamp); break; case '1-month': $timestamp = strtotime('-1 month', $timestamp); break; case '3-month': $timestamp = strtotime('-3 month', $timestamp); break; case '6-month': $timestamp = strtotime('-6 month', $timestamp); break; case '1-year': $timestamp = strtotime('-1 year', $timestamp); break; default: $timestamp = NULL; break; } if ($timestamp !== NULL) { $dateFrom = JFactory::getDate($timestamp); $dateTo = $date; if (version_compare(JVERSION, '1.6.0', 'ge')) { $where[] = 'c.date BETWEEN ' . $db->Quote($dateFrom->toSQL()) . ' AND ' . $db->Quote($dateTo->toSQL()); } else { $where[] = 'c.date BETWEEN ' . $db->Quote($dateFrom->toMySQL()) . ' AND ' . $db->Quote($dateTo->toMySQL()); } } } $where[] = 'c.published = 1'; $where[] = 'c.deleted = 0'; $where[] = "o.link <> ''"; $where[] = is_array($access) ? "o.access IN (" . implode(',', $access) . ")" : " o.access <= " . (int) $access; if (JCommentsMultilingual::isEnabled()) { $where[] = 'c.lang = ' . $db->Quote(JCommentsMultilingual::getLanguage()); } $joins = array(); if (count($source) == 1 && $source[0] == 'com_content') { $joins[] = 'JOIN #__content AS cc ON cc.id = o.object_id'; $joins[] = 'LEFT JOIN #__categories AS ct ON ct.id = cc.catid'; $where[] = "c.object_group = " . $db->Quote($source[0]); $where[] = "(cc.publish_up = '0000-00-00 00:00:00' OR cc.publish_up <= '{$now}')"; $where[] = "(cc.publish_down = '0000-00-00 00:00:00' OR cc.publish_down >= '{$now}')"; $categories = $params->get('catid', array()); if (!is_array($categories)) { $categories = explode(',', $categories); } JArrayHelper::toInteger($categories); $categories = implode(',', $categories); if (!empty($categories)) { $where[] = "cc.catid IN (" . $categories . ")"; } } else { if (count($source)) { $where[] = "c.object_group in ('" . implode("','", $source) . "')"; } } $query = "SELECT c.id, c.userid, c.comment, c.title, c.name, c.username, c.email, c.date, c.object_id, c.object_group, '' as avatar" . ", o.title AS object_title, o.link AS object_link, o.access AS object_access, o.userid AS object_owner" . " FROM #__jcomments AS c" . " JOIN #__jcomments_objects AS o ON c.object_id = o.object_id AND c.object_group = o.object_group AND c.lang = o.lang" . (count($joins) ? ' ' . implode(' ', $joins) : '') . (count($where) ? ' WHERE ' . implode(' AND ', $where) : '') . " ORDER BY " . $orderBy; $db->setQuery($query, 0, $params->get('count')); $list = $db->loadObjectList(); if (!is_array($list)) { $list = array(); } if (count($list)) { $show_date = $params->get('show_comment_date', 0); $date_type = $params->get('date_type', ''); $date_format = $params->get('date_format', 'd.m.Y H:i'); $show_author = $params->get('show_comment_author', 0); $show_object_title = $params->get('show_object_title', 0); $show_comment_title = $params->get('show_comment_title', 0); $show_smiles = $params->get('show_smiles', 0); $show_avatar = $params->get('show_avatar', 0); $limit_comment_text = (int) $params->get('limit_comment_text', 0); $config = JCommentsFactory::getConfig(); $bbcode = JCommentsFactory::getBBCode(); $smiles = JCommentsFactory::getSmiles(); $acl = JCommentsFactory::getACL(); if ($show_avatar) { JPluginHelper::importPlugin('jcomments'); if (version_compare(JVERSION, '3.0', 'ge')) { $dispatcher = JEventDispatcher::getInstance(); } else { $dispatcher = JDispatcher::getInstance(); } $dispatcher->trigger('onPrepareAvatars', array(&$list)); } foreach ($list as &$item) { $item->displayDate = ''; if ($show_date) { if ($date_type == 'relative') { $item->displayDate = modJCommentsLatestHelper::getRelativeDate($item->date); } else { $item->displayDate = JHTML::_('date', $item->date, $date_format); } } $item->displayAuthorName = ''; if ($show_author) { $item->displayAuthorName = JComments::getCommentAuthorName($item); } $item->displayObjectTitle = ''; if ($show_object_title) { $item->displayObjectTitle = $item->object_title; } $item->displayCommentTitle = ''; if ($show_comment_title) { $item->displayCommentTitle = $item->title; } $item->displayCommentLink = $item->object_link . '#comment-' . $item->id; $text = JCommentsText::censor($item->comment); $text = preg_replace('#\\[quote[^\\]]*?\\](((?R)|.)*?)\\[\\/quote\\]#ismu', '', $text); $text = $bbcode->filter($text, true); $text = JCommentsText::fixLongWords($text, $config->getInt('word_maxlength'), ' '); if ($acl->check('autolinkurls')) { $text = preg_replace_callback(_JC_REGEXP_LINK, array('JComments', 'urlProcessor'), $text); } $text = JCommentsText::cleanText($text); if ($limit_comment_text && JString::strlen($text) > $limit_comment_text) { $text = self::truncateText($text, $limit_comment_text - 1); } switch ($show_smiles) { case 1: $text = $smiles->replace($text); break; case 2: $text = $smiles->strip($text); break; } $item->displayCommentText = $text; if ($show_avatar && empty($item->avatar)) { $gravatar = md5(strtolower($item->email)); $item->avatar = '<img src="http://www.gravatar.com/avatar.php?gravatar_id=' . $gravatar . '&default=' . urlencode(JCommentsFactory::getLink('noavatar')) . '" alt="' . htmlspecialchars(JComments::getCommentAuthorName($item)) . '" />'; } $item->readmoreText = JText::_('MOD_JCOMMENTS_LATEST_READMORE'); } } return $list; }
function save() { $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode =& JCommentsFactory::getBBCode(); $db =& JCommentsFactory::getDBO(); require_once JCOMMENTS_BASE . DS . 'jcomments.subscription.php'; $row = new JCommentsSubscriptionsDB($db); if ($id) { $row->load($id); } $row->object_id = (int) JCommentsInput::getVar('object_id'); $row->object_group = preg_replace('#[^0-9A-Za-z\\-\\_\\,\\.\\*]#is', '', trim(strip_tags(JCommentsInput::getVar('object_group')))); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', strip_tags(JCommentsInput::getVar('name'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->store(); JCommentsCache::cleanCache('com_jcomments'); switch ($task) { case 'subscription.apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=subscription.edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'subscription.save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=subscriptions'); break; } }
function save() { $task = JCommentsInput::getVar('task'); $id = (int) JCommentsInput::getVar('id', 0); $bbcode =& JCommentsFactory::getBBCode(); $db =& JCommentsFactory::getDBO(); $row = new JCommentsDB($db); if ($row->load($id)) { $row->homepage = trim(strip_tags(JCommentsInput::getVar('homepage'))); $row->email = trim(strip_tags(JCommentsInput::getVar('email'))); $row->title = trim(strip_tags(JCommentsInput::getVar('title'))); $row->comment = JCommentsInput::getVar('comment'); $row->published = (int) JCommentsInput::getVar('published'); if ($row->userid == 0) { $row->name = strip_tags(JCommentsInput::getVar('name')); $row->name = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->name); if ($row->username != $row->name) { $row->username = $row->name; } $row->username = preg_replace("/[\\'\"\\>\\<\\(\\)\\[\\]]?+/i", '', $row->username); } else { if ($row->name == '' || $row->username == '' || $row->email == '') { $user = JCommentsFactory::getUser($row->userid); $row->name = $row->name == '' ? $user->name : $row->name; $row->username = $row->username == '' ? $user->username : $row->username; $row->email = $row->email == '' ? $user->email : $row->email; } } // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $row->title = stripslashes($row->title); $row->comment = stripslashes($row->comment); } $row->comment = JCommentsText::nl2br($row->comment); $row->comment = $bbcode->filter($row->comment); $row->store(); $row->checkin(); JCommentsCache::cleanCache('com_jcomments'); JCommentsCache::cleanCache($row->object_group); } switch ($task) { case 'apply': JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=edit&hidemainmenu=1&cid[]=' . $row->id); break; case 'save': default: JCommentsRedirect(JCOMMENTS_INDEX . '?option=com_jcomments&task=comments'); break; } }