if ($url_c == $next) { //echo "$state to url\n"; $state = 'url'; } $tmp .= $url_c; } else { if ($c == '}') { //echo "$state to out\n"; $state = 'out'; } } } break; case 'url': if ($c == '/') { if (!read_comment($file, $comment)) { $url_tmp .= $c . $comment; $c = ''; } } else { if ($c == ')') { //echo "$state to rules\n"; $state = 'rules'; //url end trim($url_tmp, " '\"\r\n\t"); if (strpos($url_tmp, 'http://') === 0 || strpos($url_tmp, 'data:') === 0) { $url_tmp .= $c; } else { if ($url_tmp[0] == '/') { $image = $_SERVER['DOCUMENT_ROOT'] . '/' . $url_tmp; } else {
(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. */ if (!(isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest')) { die("Call not allowed"); } // // Change this email to the real moderator's email // $moderator_email = "*****@*****.**"; $flag = processText($_POST["flag"]); if ($flag === "1") { add_comment($moderator_email); } if ($flag === "2") { read_comment(); } function strleft($s1, $s2) { return substr($s1, 0, strpos($s1, $s2)); } function add_comment($moderator_email) { $caller = strtolower($_POST["url"]); //$_SERVER['HTTP_REFERER']; $filename = md5($caller); $abs_comment_file = realpath('.') . '/' . $filename . '.xml'; $date_value = time(); $comment_id = $date_value . '-' . rand(1, 100000000); $author_value = processText($_POST["name"]); $subject_value = trim(processText($_POST["subject"]));