PHP FilterComment示例

示例#1

文件： c_system_event.php 项目： jdjjdkdkdm/zblogphp

function PostComment()
{
    global $zbp;
    $_POST['LogID'] = $_GET['postid'];
    if ($zbp->VerifyCmtKey($_GET['postid'], $_GET['key']) == false) {
        $zbp->ShowError(43);
    }
    if ($zbp->option['ZC_COMMENT_VERIFY_ENABLE']) {
        if ($zbp->user->ID == 0) {
            if ($zbp->CheckValidCode($_POST['verify'], 'cmt') == false) {
                $zbp->ShowError(38);
            }
        }
    }
    $replyid = (int) GetVars('replyid', 'POST');
    if ($replyid == 0) {
        $_POST['RootID'] = 0;
        $_POST['ParentID'] = 0;
    } else {
        $_POST['ParentID'] = $replyid;
        $c = $zbp->GetCommentByID($replyid);
        if ($c->Level == 3) {
            $zbp->ShowError(52);
        }
        $_POST['RootID'] = Comment::GetRootID($c->ID);
    }
    $_POST['AuthorID'] = $zbp->user->ID;
    $_POST['Name'] = $_POST['name'];
    $_POST['Email'] = $_POST['email'];
    $_POST['HomePage'] = $_POST['homepage'];
    $_POST['Content'] = $_POST['content'];
    $_POST['PostTime'] = Time();
    $_POST['IP'] = GetGuestIP();
    $_POST['Agent'] = GetGuestAgent();
    $cmt = new Comment();
    foreach ($zbp->datainfo['Comment'] as $key => $value) {
        if ($key == 'ID') {
            continue;
        }
        if ($key == 'Meta') {
            continue;
        }
        if ($key == 'IsChecking') {
            continue;
        }
        if (isset($_POST[$key])) {
            $cmt->{$key} = GetVars($key, 'POST');
        }
    }
    foreach ($GLOBALS['Filter_Plugin_PostComment_Core'] as $fpname => &$fpsignal) {
        $fpname($cmt);
    }
    FilterComment($cmt);
    if ($cmt->IsThrow == false) {
        $cmt->Save();
        if ($cmt->IsChecking == false) {
            CountPostArray(array($cmt->LogID));
            $zbp->AddBuildModule('comments');
            $zbp->comments[$cmt->ID] = $cmt;
            if (GetVars('isajax', 'POST')) {
                ViewComment($cmt->ID);
            }
            foreach ($GLOBALS['Filter_Plugin_PostComment_Succeed'] as $fpname => &$fpsignal) {
                $fpname($cmt);
            }
            return true;
        } else {
            $zbp->ShowError(53);
        }
    } else {
        $zbp->ShowError(14);
    }
}

示例#2

文件： c_system_event.php 项目： zblogcn/zblogphp

/**
 * 提交评论
 * @return bool
 */
function PostComment()
{
    global $zbp;
    $isAjax = GetVars('isajax', 'POST');
    $returnJson = GetVars('format', 'POST') == 'json';
    $returnCommentWhiteList = array('ID' => null, 'Content' => null, 'LogId' => null, 'Name' => null, 'ParentID' => null, 'PostTime' => null, 'HomePage' => null, 'Email' => null, 'AuthorID' => null);
    $_POST['LogID'] = $_GET['postid'];
    if ($zbp->ValidCmtKey($_GET['postid'], $_GET['key']) == false) {
        $zbp->ShowError(43, __FILE__, __LINE__);
    }
    if ($zbp->option['ZC_COMMENT_VERIFY_ENABLE']) {
        if (!$zbp->CheckRights('NoValidCode')) {
            if ($zbp->CheckValidCode($_POST['verify'], 'cmt') == false) {
                $zbp->ShowError(38, __FILE__, __LINE__);
            }
        }
    }
    //判断是不是有同名（别名）的用户
    $m = $zbp->GetMemberByNameOrAlias($_POST['name']);
    if ($m->ID > 0) {
        if ($m->ID != $zbp->user->ID) {
            $zbp->ShowError(31, __FILE__, __LINE__);
        }
    }
    $replyid = (int) GetVars('replyid', 'POST');
    if ($replyid == 0) {
        $_POST['RootID'] = 0;
        $_POST['ParentID'] = 0;
    } else {
        $_POST['ParentID'] = $replyid;
        $c = $zbp->GetCommentByID($replyid);
        if ($c->Level == 3) {
            $zbp->ShowError(52, __FILE__, __LINE__);
        }
        $_POST['RootID'] = Comment::GetRootID($c->ID);
    }
    $_POST['AuthorID'] = $zbp->user->ID;
    $_POST['Name'] = GetVars('name', 'POST');
    if ($zbp->user->ID > 0) {
        $_POST['Name'] = $zbp->user->Name;
    }
    $_POST['Email'] = GetVars('email', 'POST');
    $_POST['HomePage'] = GetVars('homepage', 'POST');
    $_POST['Content'] = GetVars('content', 'POST');
    $_POST['PostTime'] = Time();
    $_POST['IP'] = GetGuestIP();
    $_POST['Agent'] = GetGuestAgent();
    $cmt = new Comment();
    foreach ($zbp->datainfo['Comment'] as $key => $value) {
        if ($key == 'ID' || $key == 'Meta') {
            continue;
        }
        if ($key == 'IsChecking') {
            continue;
        }
        if (isset($_POST[$key])) {
            $cmt->{$key} = GetVars($key, 'POST');
        }
    }
    if ($zbp->option['ZC_COMMENT_AUDIT'] && !$zbp->CheckRights('root')) {
        $cmt->IsChecking = true;
    }
    foreach ($GLOBALS['hooks']['Filter_Plugin_PostComment_Core'] as $fpname => &$fpsignal) {
        $fpname($cmt);
    }
    FilterComment($cmt);
    if ($cmt->IsThrow) {
        $zbp->ShowError(14, __FILE__, __LINE__);
        return false;
    }
    $cmt->Save();
    if ($cmt->IsChecking) {
        CountCommentNums(0, +1);
        $zbp->ShowError(53, __FILE__, __LINE__);
        return false;
    }
    CountPostArray(array($cmt->LogID), +1);
    CountCommentNums(+1, 0);
    $zbp->AddBuildModule('comments');
    $zbp->comments[$cmt->ID] = $cmt;
    if ($isAjax) {
        ViewComment($cmt->ID);
    } elseif ($returnJson) {
        ob_clean();
        ViewComment($cmt->ID);
        $commentHtml = ob_get_clean();
        JsonReturn(array_merge_recursive(array("html" => $commentHtml), array_intersect_key($cmt->GetData(), $returnCommentWhiteList)));
    }
    foreach ($GLOBALS['hooks']['Filter_Plugin_PostComment_Succeed'] as $fpname => &$fpsignal) {
        $fpname($cmt);
    }
    return true;
}