/** * Notifies blog author of new comment * * @param string $name Commentors name * @param string $link Link to comment entry * @param int $onhold Whether or not comment requires moderation * @param string $comment Text of the comment * @return void */ function notify($name, $link, $onhold, $comment) { include_once BBLOGROOT . "inc/mail.php"; $message = $name . " has posted a comment in reply to your blog entry at " . $link . "\n\nComment: " . $comment . "\n\n"; if ($onhold == 1) { $message .= "You have selected comment moderation and this comment will not appear until you approve it, so please visit your blog and log in to approve or reject any comments\n"; } notify_owner("New comment on your blog", $message); }
function new_comment($postid, $replyto = 0) { $post = $this->get_post($postid, FALSE, TRUE); if (!$post) { // this needs to be fixed... $this->standalone_message("Error adding comment", "couldn't find post id {$postid}"); } elseif ($post->allowcomments == 'disallow' or $post->allowcomments == 'timed' and $post->autodisabledate < time()) { $this->standalone_message("Error adding comment", "Comments have been turned off for this post"); } else { $postername = my_addslashes(htmlspecialchars($_POST["name"])); if ($postername == '') { $postername = "Anonymous"; } $posteremail = my_addslashes(htmlspecialchars($_POST["email"])); $title = my_addslashes(htmlspecialchars($_POST["title"])); $posterwebsite = my_addslashes(htmlspecialchars($_POST["website"])); if (substr(strtolower($posterwebsite), 0, 7) != 'http://' && $posterwebsite != '') { $posterwebsite = 'http://' . $posterwebsite; } $comment = my_addslashes($_POST["comment"]); if ($_POST["public_email"] == 1) { $pubemail = 1; } else { $pubemail = 0; } if ($_POST["public_website"] == 1) { $pubwebsite = 1; } else { $pubwebsite = 0; } if ($_POST["notify"] == 1) { $notify = 1; } else { $notify = 0; } $now = time(); $remaddr = $_SERVER['REMOTE_ADDR']; if ($_POST['set_cookie']) { $value = base64_encode(serialize(array('web' => $posterwebsite, 'mail' => $posteremail, 'name' => $postername))); setcookie("bBcomment", $value, time() + 86400 * 360); } $moderated = FALSE; $onhold = '0'; if (C_COMMENT_MODERATION == 'all') { $moderated = TRUE; } elseif (C_COMMENT_MODERATION == 'urlonly') { if ($comment != preg_replace('!<[^>]*?>!', ' ', $comment)) { // found html tags $moderated = TRUE; } if ($comment != preg_replace("#([\t\r\n ])([a-z0-9]+?){1}://([\\w\\-]+\\.([\\w\\-]+\\.)*[\\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)#i", '\\1<a href="\\2://\\3" target="_blank">\\2://\\3</a>', $comment)) { $moderated = TRUE; } if ($comment != preg_replace("#([\t\r\n ])(www|ftp)\\.(([\\w\\-]+\\.)*[\\w]+(:[0-9]+)?(/[^ \"\n\r\t<]*)?)#i", '\\1<a href="http://\\2.\\3" target="_blank">\\2.\\3</a>', $comment)) { $moderated = TRUE; } } if ($moderated == TRUE) { $onhold = '1'; } if (C_COMMENT_TIME_LIMIT > 0) { $fromtime = $now - C_COMMENT_TIME_LIMIT * 60; $this->query("select * from " . T_COMMENTS . " where ip='{$remaddr}' and posttime > {$fromtime}"); if ($this->num_rows > 0) { $this->standalone_message("Comment Flood Protection", "Error adding comment. You have tried to make a comment too soon after your last one. Please try again later. This is a bBlog spam prevention mesaure"); } } if ($replyto > 0 && is_numeric($replyto)) { $parentidq = " parentid='{$replyto}', "; } $q = "insert into " . T_COMMENTS . "\n\t\t\tset {$parentidq}\n\t\t\tpostid='{$postid}',\n\t\t\ttitle='{$title}',\n\t\t\tposttime='{$now}',\n\t\t\tpostername='{$postername}',\n\t\t\tposteremail='{$posteremail}',\n\t\t\tposterwebsite='{$posterwebsite}',\n\t\t\tposternotify='{$notify}',\n\t\t\tpubemail='{$pubemail}',\n\t\t\tpubwebsite='{$pubwebsite}',\n\t\t\tip='{$remaddr}',\n\t\t\tcommenttext='{$comment}',\n\t\t\tonhold='{$onhold}',\n\t\t\ttype='comment'"; $this->query($q); $insid = $this->insert_id; if ($insid < 1) { $this->standalone_message("Error", "Error inserting comment : " . mysql_error()); } else { // notify include_once BBLOGROOT . "inc/mail.php"; $message = htmlspecialchars($postername) . " has posted a comment in reply to your blog entry at " . $this->_get_entry_permalink($postid) . "\n"; if ($onhold == 1) { $message .= "You have selected comment moderation and this comment will not appear until you approve it, so please visit your blog and log in to approve or reject any comments\n"; } notify_owner("New comment on your blog", $message); $newnumcomments = $this->get_var("SELECT count(*) as c FROM " . T_COMMENTS . " WHERE postid='{$postid}' and deleted='false' group by postid"); $this->query("update " . T_POSTS . " set commentcount='{$newnumcomments}' where postid='{$postid}'"); $this->modifiednow(); // This is used when an alternate location is desired as the result of a successful post. if (isset($_POST['return_url'])) { $ru = str_replace('%commentid%', $insid, $_POST['return_url']); header("Location: " . $ru); } else { header("Location: " . $this->_get_entry_permalink($postid) . "#comment" . $insid); } ob_end_clean(); // or here.. hmm. exit; } } }
// according to MT, only url is _required_. So we'll set some useful defaults. // if we got this far, we can assume that this file is not included // as part of bBlog but is being called seperatly. // so we include the config file and therefore have access to the // bBlog object. $now = time(); $remaddr = $_SERVER['REMOTE_ADDR']; $q = "insert into " . T_COMMENTS . "\n\t\t\tset \n\t\t\tpostid='{$tbpost}',\n\t\t\tparentid='{$replyto}',\n\t\t\tposttime='{$now}',\n\t\t\tpostername='{$blog_name}',\n\t\t\tposteremail='',\n\t\t\tposterwebsite='{$tb_url}',\n\t\t\tposternotify='0',\n\t\t\tpubemail='0',\n\t\t\tpubwebsite='1',\n\t\t\tip='{$remaddr}',\n\t\t\ttitle='{$title}',\n\t\t\tcommenttext='{$excerpt}',\n\t\t\ttype='trackback'"; $bBlog->_adb->Execute($q); $insid = $bBlog->insert_id; if ($insid < 1) { trackback_response(1, "Error adding trackback : " . mysql_error()); } else { // notify owner include_once BBLOGROOT . 'inc/mail.php'; notify_owner("New trackback on your blog", "{$blog_name} ( {$tb_url} ) has sent a trackback to your post at " . $bBlog->_get_entry_permalink($tbpost) . "\n"); // update the commentcount. // now I thought about having a seperate count for trackbacks and comments ( like b2 ) // , but trackbacks are really comments, so I decided against this. $newnumcomments = $bBlog->get_var("SELECT count(*) as c FROM " . T_COMMENTS . " WHERE postid='{$tbpost}' and deleted='false' group by postid"); $bBlog->_adb->Execute("update " . T_POSTS . " set commentcount='{$newnumcomments}' where postid='{$tbpost}'"); $bBlog->modifiednow(); trackback_response(0, ""); } } // Send a trackback-ping. function send_trackback($url, $title = "", $excerpt = "", $t) { //parse the target-url $target = parse_url($t); if ($target["query"] != "") {