function HandleGuestStore($pagename, $auth)
{
global $wpcom_api_key, $wpcom_home;
$akismet = new Akismet($wpcom_home, $wpcom_api_key);
$akismet->setCommentAuthor($_POST['name']);
$akismet->setCommentAuthorEmail($_POST['email']);
$akismet->setCommentAuthorURL($_POST['url']);
$akismet->setCommentContent($_POST['comment']);
$itemurl = $pagename . date("Ymd") . "-" . uniqid();
$akismet->setPermalink($itemurl);
$page['name'] = $itemurl;
$page['text'] = "----\n";
$page['text'] .= strlen($_POST['name']) > 0 ? $_POST['name'] : "Unbekannt";
if (strlen($_POST['email']) > 0) {
$page['text'] .= " [[✉->mailto:";
$page['text'] .= $_POST['email'];
$page['text'] .= "]]";
}
if (strlen($_POST['url']) > 0) {
$page['text'] .= " [[➚->";
$page['text'] .= substr($_POST['url'], 0, 4) == "http" ? $_POST['url'] : "http://" . $_POST['url'];
$page['text'] .= "]]";
}
$page['text'] .= " schrieb am ";
$page['text'] .= date("d.m.Y");
$page['text'] .= ":\n\n";
$page['text'] .= $_POST['comment'];
$page['text'] .= $akismet->isCommentSpam() ? "(:spam: true:)" : "(:spam: false:)";
$page['time'] = $Now;
$page['host'] = $_SERVER['REMOTE_ADDR'];
$page['agent'] = @$_SERVER['HTTP_USER_AGENT'];
UpdatePage($page['name'], $page, $page);
HandleBrowse($pagename);
}
public function commentValidate($comment)
{
$result = null;
if (!$comment['contact_id'] && ($api_key = $this->getSettingValue('api_key')) && class_exists('Akismet')) {
$url = wa()->getRouteUrl('blog', array(), true);
$post_url = null;
if (isset($comment['post_data'])) {
$post_url = blogPost::getUrl($comment['post_data']);
if (is_array($post_url)) {
$post_url = array_shift($post_url);
}
}
$akismet = new Akismet($url, $api_key);
$akismet->setCommentAuthor($comment['name']);
$akismet->setCommentAuthorEmail($comment['email']);
//$akismet->setCommentAuthorURL($comment['site']);
$akismet->setCommentContent($comment['text']);
if ($post_url) {
$akismet->setPermalink($post_url);
}
if ($akismet->isCommentSpam()) {
$result = array('text' => _wp('According to Akismet.com, your comment very much looks like spam, thus will not be published. Please rewrite your comment. Sorry for the inconvenience.'));
}
}
return $result;
}
/**
* Passes form content to the Akismet API. If spam is detected, sends an error message back to the user.
*/
public function detect_spam()
{
$form_contents = '';
foreach ($this->disco_form->get_values() as $k => $v) {
if (is_array($v)) {
$form_contents .= implode($v, ' ') . ' ';
} else {
// don't include hidden elements which contain objects as values
if (!(get_class($this->disco_form->get_element($k)) == 'hiddenType' && substr($v, 0, 3) == 'id_')) {
$form_contents .= $v . ' ';
}
}
}
$akismet_api_key = constant("AKISMET_API_KEY");
if (!empty($akismet_api_key)) {
$url = carl_construct_link();
//$akismet = new Akismet($url, $akismet_api_key, $is_test=1); // for testing
$akismet = new Akismet($url, $akismet_api_key);
$akismet->setCommentContent($form_contents);
//$akismet->setCommentAuthor('viagra-test-123'); // for testing
if ($akismet->isCommentSpam()) {
$this->disco_form->set_error(NULL, 'Spam detected in this submission. If this message was made in error, please contact an administrator.', $element_must_exist = false);
}
}
}
public function check_submission() {
if ($_POST['submit'] && $_POST['commentator_password'] !== $this->password || $this->preview = $_POST['preview']) {
list($this->input, $this->invalid) = $this->validate($_POST);
if (count($this->invalid) === 0 || (count($this->invalid) === 1 && isset($invalid['website']))) {
$this->review_input = false;
foreach ($this->input as $key => $value) $$key = trim($value);
if (!empty($this->akismet_file) && $email !== $this->owner_email && !empty($this->wpAPIkey) && @include_once($this->akismet_file)) {
if (class_exists('Akismet')) {
$akismet = new Akismet($this->domain, $this->wpAPIkey);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($website);
$akismet->setCommentContent($comment);
$akismet->setPermalink('http://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
$spam = $akismet->isCommentSpam();
}
}
if ($spam || strlen($POST['email_address']) > 0) $spam = 1;
if ($_POST['remember']) $this->remember = true;
if ($_POST['notify']) $this->notify = true;
if ($this->link && !$this->preview) {
foreach ($this->input as $key => $value) {
$value = trim($value);
if ($key !== 'comment') $value = strip_tags($value);
$$key = mysqli_real_escape_string($this->link, $value);
}
$q = "INSERT INTO commentator_comments SET page=\"{$this->page}\", name=\"$name\", email=\"$email\", timestamp=\"" . time() . "\", comment=\"$comment\"";
if ($website) $q .= ", uri=\"$website\"";
if (!empty($_SERVER['REMOTE_ADDR'])) $q .= ', ip="' . $_SERVER['REMOTE_ADDR'] . '"';
if ($this->notify) $q .= ', notify=1';
if ($spam) $q .= ', spam=1';
if (!mysqli_query($this->link, $q)) echo '<p>Error:' . mysqli_error($this->link) . '</p>';
else $this->posted = true;
// send notification
if (!$spam) {
$q = mysqli_query($this->link, "SELECT * FROM commentator_comments WHERE notify=1 AND spam=0 AND page=\"$this->page\"");
$title = $this->title;
$subject = "[{$_SERVER['HTTP_HOST']}] New comment on: $title";
$comment = stripslashes(str_replace(array('\r\n', '\r', '\n'), array("\r\n", "\r", "\n"), $this->format_comment($comment, true))); // fake whitespace turned into real whitespace before stripping slashes added by mysqli_real_escape_string
$message = "A new comment has been posted on \"$title\".\r\n\r\n{$this->here}\r\n\r\nAuthor: $name\r\n\r\n%sComment:\r\n\r\n$comment\r\n\r\n\r\nAll comments: {$this->here}#comments";
$headers = "From: {$this->from}\r\nX-Mailer: PHP/" . phpversion();
while ($row = mysqli_fetch_array($q)) {
$to = $row['email'];
if ($to === $this->email_owner) continue;
$mail_result = @mail($to, $subject, $message . "\r\n\r\nTo stop receiving further notifications of new comments: {$this->here}?unsubscribe=$to#comments", $headers);
}
if ($GLOBALS['send_email_on_new_comment'] && $this->email_owner !== $email && preg_match($this->email_regex, $this->email_owner)) @mail($this->email_owner, $subject, sprintf($message, "Email: $email\r\n\r\n"), $headers);
}
}
}
else $this->review_input = true;
}
}
/**
* check if a comment is spam through Akismet
*
* @param mixed $data Data passed to this action
* @return bool TRUE if comment is spam else FALSE
*/
public function perform($data = FALSE)
{
include_once JAPA_BASE_DIR . 'modules/common/includes/Akismet.class.php';
$akismet = new Akismet($data['url'], $data['key']);
$akismet->setCommentAuthor($data['user']['name']);
$akismet->setCommentAuthorEmail($data['user']['email']);
$akismet->setCommentAuthorURL($data['user']['url']);
$akismet->setCommentContent($data['user']['comment']);
$akismet->setPermalink($data['permaLink']);
return $akismet->isCommentSpam();
}
public function isSpam()
{
require APP . 'Plugin' . DS . 'Comment' . DS . 'Vendor' . DS . 'akismet.php';
App::uses('Akismet', 'Vendor');
$akismet = new Akismet(Configure::read('Plugin.Comment.akismet.site'), Configure::read('Plugin.Comment.akismet.key'));
$akismet->setCommentAuthor($this->data['Comment']['username']);
$akismet->setCommentAuthorEmail($this->data['Comment']['mail']);
$akismet->setCommentContent($this->data['Comment']["content"]);
$akismet->setUserIP($this->data['Comment']['ip']);
return $akismet->isCommentSpam();
}
function checkSpam($api, $blogUrl, $name, $email, $url, $comment, &$msgA)
{
require_once JPATH_COMPONENT . DS . 'assets' . DS . 'akismet' . DS . 'Akismet.class.php';
$akismet = new Akismet($blogUrl, $api);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($comment);
if ($akismet->isKeyValid()) {
} else {
$msgA = 'Akismet: Key is invalid';
}
//trigger_error("Akismet: ".$akismet->isCommentSpam(),E_USER_WARNING);
return $akismet->isCommentSpam();
}
function q_isspam($q)
{
if (get_option('q_filter_spam') == 'TRUE') {
global $current_user;
get_currentuserinfo();
$akismet = new Akismet(get_bloginfo('wpurl'), get_option('q_wpcomAPIkey'));
$akismet->setCommentAuthor($current_user->user_login);
$akismet->setCommentAuthorEmail($current_user->user_email);
$akismet->setCommentAuthorURL($current_user->user_url);
$akismet->setCommentContent($q);
if ($akismet->isCommentSpam()) {
return true;
} else {
return false;
}
}
}
public function queryAkismet($author, $textDiff, $permalink)
{
global $wgMWAkismetKey;
global $wgMWAkismetURL;
// First check to see if the config settings are set
if ($wgMWAkismetKey == '' || $wgMWAkismetURL == '') {
echo "Akismet key and url must be set. Instructions for getting a key are here: <a href=\"http://faq.wordpress.com/2005/10/19/api-key/\">API key FAQ on Wordpress.com</a>";
die;
}
$akismet = new Akismet($wgMWAkismetURL, $wgMWAkismetKey);
$akismet->setCommentAuthor($author);
$akismet->setCommentAuthorEmail("");
$akismet->setCommentAuthorURL("");
$akismet->setCommentContent($textDiff);
$akismet->setPermalink($permalink);
$isSpam = $akismet->isCommentSpam();
return $isSpam;
}
/**
* This event check spam in comments, posts and other contents for modules
*
* @param array All params to check (blogurl, name, email, url, text, permalink)
* @return bool
*/
public function eventRmcommonCheckPostSpam($params)
{
$config = RMFunctions::get()->plugin_settings('akismet', true);
if ($config['key'] == '') {
return;
}
extract($params);
$akismet = new Akismet($blogurl, $config['key']);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($text);
$akismet->setPermalink($permalink);
$akismet->setUserIP($_SERVER['REMOTE_ADDR']);
if ($akismet->isCommentSpam()) {
return false;
}
return true;
}
function akismet_scan($Data, $Setup, $Config)
{
if (empty($Setup['_APIKey'])) {
return false;
}
include_once WP_PLUGIN_DIR . '/db-toolkit/data_form/processors/akismet/Akismet.class.php';
$WordPressAPIKey = $Setup['_APIKey'];
$MyBlogURL = get_bloginfo('url');
$akismet = new Akismet($MyBlogURL, $WordPressAPIKey);
$akismet->setCommentAuthor($Data[$Setup['_Name']]);
$akismet->setCommentAuthorEmail($Data[$Setup['_Email']]);
$akismet->setCommentAuthorURL($Data[$Setup['_URL']]);
$akismet->setCommentContent($Data[$Setup['_Text']]);
$akismet->setUserIP($_SERVER['REMOTE_ADDR']);
if ($akismet->isCommentSpam()) {
return true;
} else {
return false;
}
return false;
}
function spamurai_content_verify($pObject, $pParamHash)
{
global $gBitUser, $gBitSystem;
// hardcode limit spamurai to BitBlogPost and BitUser. more enterprising person can write some cool admin config.
// for now, these are the limits cause doing everything is slow and produces many false positives for content with limited text
if ($gBitSystem->isPackageActive('spamurai') && !$gBitUser->hasPermission('p_spamurai_moderate') && (is_a($pObject, 'LibertyComment') || is_a($pObject, 'BitBlogPost') || is_a($pObject, 'BitUser'))) {
$akismet = new Akismet(BOARDS_PKG_URI, $gBitSystem->getConfig('spamurai_api_key'));
if (!empty($pParamHash) && !empty($akismet)) {
$userInfo = $gBitUser->getUserInfo(array('user_id' => $pParamHash['user_id']));
$akismet->setCommentAuthor($userInfo['real_name'] . $userInfo['login']);
$akismet->setCommentAuthorEmail($userInfo['email']);
$checkTitle = '';
if (!empty($pParamHash['title'])) {
$checkTitle .= $pParamHash['title'];
}
if (!empty($pParamHash['comment_title'])) {
$checkTitle .= $pParamHash['comment_title'];
}
$checkString = '';
if (!empty($pParamHash['edit'])) {
$checkString .= $pParamHash['edit'];
}
if (!empty($pParamHash['comment_data'])) {
$checkString .= $pParamHash['comment_data'];
}
if (!empty($checkString) || !empty($checkTitle)) {
$akismet->setCommentContent($checkTitle . $checkString);
if ($akismet->isCommentSpam()) {
if ($gBitUser->isRegistered()) {
bit_error_log('SPAM ' . $pObject->getContentType() . ' for user ' . $userInfo['user_id']);
}
$insertSql = "INSERT INTO " . BIT_DB_PREFIX . "spamurai_log (user_id, email, subject, data, posted_date, ip) VALUES ( ?, ?, ?, ?, ?, ? )";
$bindVars = array($pParamHash['user_id'], $userInfo['email'], substr($checkTitle, 0, 255), $checkString, time(), $_SERVER['REMOTE_ADDR']);
$gBitSystem->mDb->query($insertSql, $bindVars);
$pObject->mErrors['spam'] = "This comment has been blocked as spam";
}
}
}
}
}
public function action_comment_insert_before(Comment $comment)
{
$api_key = Options::get('habariakismet__api_key');
$provider = Options::get('habariakismet__provider');
if ($api_key == null || $provider == null) {
return;
}
$endpoint = $provider == 'Akismet' ? self::SERVER_AKISMET : self::SERVER_TYPEPAD;
$a = new Akismet(Site::get_url('habari'), $api_key);
$a->setAkismetServer($endpoint);
$a->setCommentAuthor($comment->name);
$a->setCommentAuthorEmail($comment->email);
$a->setCommentAuthorURL($comment->url);
$a->setCommentContent($comment->content);
$a->setPermalink($comment->post->permalink);
try {
$comment->status = $a->isCommentSpam() ? 'spam' : 'ham';
return;
} catch (Exception $e) {
EventLog::log($e->getMessage(), 'notice', 'comment', 'HabariAkismet');
}
}
/**
* Use Akismet to check comment data for spam
*
* @param array $data
* @return array Data with spam field set
*/
function isSpam(&$data)
{
$apiKey = Configure::read('AppSettings.wordpress_api_key');
if (empty($apiKey)) {
return false;
}
try {
App::import('Vendor', 'akismet');
$siteUrl = 'http://' . getenv('SERVER_NAME');
$akismet = new Akismet($siteUrl, $apiKey);
$akismet->setCommentAuthor($data[$this->name]['name']);
$akismet->setCommentAuthorEmail($data[$this->name]['email']);
$akismet->setCommentAuthorURL($data[$this->name]['url']);
$akismet->setCommentContent($data[$this->name]['content']);
$akismet->setPermalink($data['Post']['permalink']);
if ($akismet->isCommentSpam()) {
return true;
}
} catch (Exception $e) {
$this->log('Akismet not reachable!');
}
return false;
}
/**
* Use Akismet to check comment data for spam
*
* @param array $data
* @return bool
*/
function isSpam(&$data)
{
$apiKey = Configure::read('Wildflower.settings.wordpress_api_key');
if (empty($apiKey)) {
return false;
}
try {
App::import('Vendor', 'akismet');
$siteUrl = Configure::read('Wildflower.fullSiteUrl');
$akismet = new Akismet($siteUrl, $apiKey);
$akismet->setCommentAuthor($data[$this->name]['name']);
$akismet->setCommentAuthorEmail($data[$this->name]['email']);
$akismet->setCommentAuthorURL($data[$this->name]['url']);
$akismet->setCommentContent($data[$this->name]['content']);
$akismet->setPermalink($data['Post']['permalink']);
if ($akismet->isCommentSpam()) {
return true;
}
} catch (Exception $e) {
trigger_error('Akismet not reachable: ' . $e->message);
}
return false;
}
public static function check($input, &$model)
{
$application = JFactory::getApplication();
$params = JComponentHelper::getParams('com_k2');
$user = JFactory::getUser();
// Google reCAPTCHA
if ($params->get('antispam') == 'recaptcha' || $params->get('antispam') == 'both') {
if ($user->guest || $params->get('recaptchaForRegistered')) {
$data = array();
$data['secret'] = $params->get('recaptcha_private_key');
$data['remoteip'] = $_SERVER["REMOTE_ADDR"];
$data['response'] = $application->input->post->get('g-recaptcha-response', '', 'raw');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://www.google.com/recaptcha/api/siteverify?' . http_build_query($data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
$error = curl_error($ch);
curl_close($ch);
if ($response === false) {
$model->setError($error);
return false;
}
$json = json_decode($response);
if (!$json->success) {
$model->setError(JText::_('K2_WE_COULD_NOT_VERIFY_THAT_YOU_ARE_HUMAN'));
return false;
}
}
}
// Akismet
if ($params->get('antispam') == 'akismet' || $params->get('antispam') == 'both') {
if ($user->guest || $params->get('akismetForRegistered')) {
if ($params->get('akismetApiKey')) {
require_once JPATH_ADMINISTRATOR . 'components/com_k2/classes/akismet.class.php';
$akismetApiKey = $params->get('akismetApiKey');
$akismet = new Akismet(JURI::root(false), $akismetApiKey);
$akismet->setCommentAuthor($input['name']);
$akismet->setCommentAuthorEmail($input['email']);
$akismet->setCommentAuthorURL($input['url']);
$akismet->setCommentContent($input['text']);
$akismet->setPermalink(JURI::root(false) . 'index.php?option=com_k2&view=item&id=' . $input['itemId']);
try {
if ($akismet->isCommentSpam()) {
$model->setError(JText::_('K2_SPAM_ATTEMPT_HAS_BEEN_DETECTED_THE_COMMENT_HAS_BEEN_REJECTED'));
return false;
}
} catch (Exception $e) {
$model->setError($e->getMessage());
return false;
}
}
}
}
return true;
}
function comment()
{
$mainframe = JFactory::getApplication();
jimport('joomla.mail.helper');
JTable::addIncludePath(JPATH_COMPONENT_ADMINISTRATOR . DS . 'tables');
$params = K2HelperUtilities::getParams('com_k2');
$user = JFactory::getUser();
$config = JFactory::getConfig();
JLoader::register('Services_JSON', JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_k2' . DS . 'lib' . DS . 'JSON.php');
$json = new Services_JSON();
$response = new JObject();
//Get item
$item = JTable::getInstance('K2Item', 'Table');
$item->load(JRequest::getInt('itemID'));
//Get category
$category = JTable::getInstance('K2Category', 'Table');
$category->load($item->catid);
//Access check
if (K2_JVERSION != '15') {
if (!in_array($item->access, $user->getAuthorisedViewLevels()) || !in_array($category->access, $user->getAuthorisedViewLevels())) {
JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
}
} else {
if ($item->access > $user->get('aid', 0) || $category->access > $user->get('aid', 0)) {
JError::raiseError(403, JText::_('K2_ALERTNOTAUTH'));
}
}
//Published check
if (!$item->published || $item->trash) {
JError::raiseError(404, JText::_('K2_ITEM_NOT_FOUND'));
}
if (!$category->published || $category->trash) {
JError::raiseError(404, JText::_('K2_ITEM_NOT_FOUND'));
}
//Check permissions
if ($params->get('comments') == '2' && $user->id > 0 && K2HelperPermissions::canAddComment($item->catid) || $params->get('comments') == '1') {
// If new antispam settings are not saved, show a message to the comments form and stop the comment submission
$antispamProtection = $params->get('antispam', null);
if ($antispamProtection === null || ($antispamProtection == 'recaptcha' || $antispamProtection == 'both') && !$params->get('recaptcha_private_key') || ($antispamProtection == 'akismet' || $antispamProtection == 'both') && !$params->get('akismetApiKey')) {
$response->message = JText::_('K2_ANTISPAM_SETTINGS_ERROR');
echo $json->encode($response);
$mainframe->close();
}
$row = JTable::getInstance('K2Comment', 'Table');
if (!$row->bind(JRequest::get('post'))) {
$response->message = $row->getError();
echo $json->encode($response);
$mainframe->close();
}
$row->commentText = JRequest::getString('commentText', '', 'default');
$row->commentText = strip_tags($row->commentText);
//Strip a tags since all urls will be converted to links automatically on runtime.
//Additionaly strip tables to avoid layout issues.
//Also strip all attributes except src, alt and title.
//$filter = new JFilterInput(array('a', 'table'), array('src', 'alt', 'title'), 1);
//$row->commentText = $filter->clean( $row->commentText );
//Clean vars
$filter = JFilterInput::getInstance();
$row->userName = $filter->clean($row->userName, 'username');
if ($row->commentURL && preg_match('/^((http|https|ftp):\\/\\/)?[a-z0-9]+([\\-\\.]{1}[a-z0-9]+)*\\.[a-z]{2,6}((:[0-9]{1,5})?\\/.*)?$/i', $row->commentURL)) {
$url = preg_replace('|[^a-z0-9-~+_.?#=&;,/:]|i', '', $row->commentURL);
$url = str_replace(';//', '://', $url);
if ($url != '') {
$url = !strstr($url, '://') ? 'http://' . $url : $url;
$url = preg_replace('/&([^#])(?![a-z]{2,8};)/', '&$1', $url);
$row->commentURL = $url;
}
} else {
$row->commentURL = '';
}
$datenow = JFactory::getDate();
$row->commentDate = K2_JVERSION == '15' ? $datenow->toMySQL() : $datenow->toSql();
if (!$user->guest) {
$row->userID = $user->id;
$row->commentEmail = $user->email;
$row->userName = $user->name;
}
$userName = trim($row->userName);
$commentEmail = trim($row->commentEmail);
$commentText = trim($row->commentText);
$commentURL = trim($row->commentURL);
if (empty($userName) || $userName == JText::_('K2_ENTER_YOUR_NAME') || empty($commentText) || $commentText == JText::_('K2_ENTER_YOUR_MESSAGE_HERE') || empty($commentEmail) || $commentEmail == JText::_('K2_ENTER_YOUR_EMAIL_ADDRESS')) {
$response->message = JText::_('K2_YOU_NEED_TO_FILL_IN_ALL_REQUIRED_FIELDS');
echo $json->encode($response);
$mainframe->close();
}
if (!JMailHelper::isEmailAddress($commentEmail)) {
$response->message = JText::_('K2_INVALID_EMAIL_ADDRESS');
echo $json->encode($response);
$mainframe->close();
}
if ($user->guest) {
$db = JFactory::getDBO();
$query = "SELECT COUNT(*) FROM #__users WHERE name=" . $db->Quote($userName) . " OR email=" . $db->Quote($commentEmail);
$db->setQuery($query);
$result = $db->loadresult();
if ($result > 0) {
$response->message = JText::_('K2_THE_NAME_OR_EMAIL_ADDRESS_YOU_TYPED_IS_ALREADY_IN_USE');
echo $json->encode($response);
$mainframe->close();
}
}
// Google reCAPTCHA
if ($params->get('antispam') == 'recaptcha' || $params->get('antispam') == 'both') {
if ($user->guest || $params->get('recaptchaForRegistered', 1)) {
if (!function_exists('_recaptcha_qsencode')) {
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_k2' . DS . 'lib' . DS . 'recaptchalib.php';
}
$privatekey = $params->get('recaptcha_private_key');
$recaptcha_challenge_field = isset($_POST["recaptcha_challenge_field"]) ? $_POST["recaptcha_challenge_field"] : '';
$recaptcha_response_field = isset($_POST["recaptcha_response_field"]) ? $_POST["recaptcha_response_field"] : '';
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $recaptcha_challenge_field, $recaptcha_response_field);
if (!$resp->is_valid) {
$response->message = JText::_('K2_THE_WORDS_YOU_TYPED_DID_NOT_MATCH_THE_ONES_DISPLAYED_PLEASE_TRY_AGAIN');
echo $json->encode($response);
$mainframe->close();
}
}
}
// Akismet
if ($params->get('antispam') == 'akismet' || $params->get('antispam') == 'both') {
if ($user->guest || $params->get('akismetForRegistered', 1)) {
if ($params->get('akismetApiKey')) {
require_once JPATH_ADMINISTRATOR . DS . 'components' . DS . 'com_k2' . DS . 'lib' . DS . 'akismet.class.php';
$akismetApiKey = $params->get('akismetApiKey');
$akismet = new Akismet(JURI::root(false), $akismetApiKey);
$akismet->setCommentAuthor($userName);
$akismet->setCommentAuthorEmail($commentEmail);
$akismet->setCommentAuthorURL($commentURL);
$akismet->setCommentContent($commentText);
$akismet->setPermalink(JURI::root(false) . 'index.php?option=com_k2&view=item&id=' . JRequest::getInt('itemID'));
try {
if ($akismet->isCommentSpam()) {
$response->message = JText::_('K2_SPAM_ATTEMPT_HAS_BEEN_DETECTED_THE_COMMENT_HAS_BEEN_REJECTED');
echo $json->encode($response);
$mainframe->close();
}
} catch (Exception $e) {
$response->message = $e->getMessage();
echo $json->encode($response);
$mainframe->close();
}
}
}
}
if ($commentURL == JText::_('K2_ENTER_YOUR_SITE_URL') || $commentURL == "") {
$row->commentURL = NULL;
} else {
if (substr($commentURL, 0, 7) != 'http://') {
$row->commentURL = 'http://' . $commentURL;
}
}
if ($params->get('commentsPublishing')) {
$row->published = 1;
} else {
$row->published = 0;
// Auto publish comments for users with administrative permissions
if (K2_JVERSION != '15') {
if ($user->authorise('core.admin')) {
$row->published = 1;
}
} else {
if ($user->gid > 23) {
$row->published = 1;
}
}
}
if (!$row->store()) {
$response->message = $row->getError();
echo $json->encode($response);
$mainframe->close();
}
if ($row->published) {
$caching = K2_JVERSION == '30' ? $config->get('caching') : $config->getValue('config.caching');
if ($caching && $user->guest) {
$response->message = JText::_('K2_THANK_YOU_YOUR_COMMENT_WILL_BE_PUBLISHED_SHORTLY');
echo $json->encode($response);
} else {
$response->message = JText::_('K2_COMMENT_ADDED_REFRESHING_PAGE');
$response->refresh = 1;
echo $json->encode($response);
}
} else {
$response->message = JText::_('K2_COMMENT_ADDED_AND_WAITING_FOR_APPROVAL');
echo $json->encode($response);
}
}
$mainframe->close();
}
/**
* Function: create
* Attempts to create a comment using the passed information. If the Akismet API key is present, it will check it.
*
* Parameters:
* $body - The comment.
* $author - The name of the commenter.
* $url - The commenter's website.
* $email - The commenter's email.
* $post - The <Post> they're commenting on.
* $parent - The <Comment> they're replying to.
* $notify - Notification on follow-up comments.
* $type - The type of comment. Optional, used for trackbacks/pingbacks.
*/
static function create($body, $author, $url, $email, $post, $parent, $notify, $type = null)
{
if (!self::user_can($post->id) and !in_array($type, array("trackback", "pingback"))) {
return;
}
$config = Config::current();
$route = Route::current();
$visitor = Visitor::current();
if (!$type) {
$status = $post->user_id == $visitor->id ? "approved" : $config->default_comment_status;
$type = "comment";
} else {
$status = $type;
}
if (!empty($config->akismet_api_key)) {
$akismet = new Akismet($config->url, $config->akismet_api_key);
$akismet->setCommentContent($body);
$akismet->setCommentAuthor($author);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentAuthorEmail($email);
$akismet->setPermalink($post->url());
$akismet->setCommentType($type);
$akismet->setReferrer($_SERVER['HTTP_REFERER']);
$akismet->setUserIP($_SERVER['REMOTE_ADDR']);
if ($akismet->isCommentSpam()) {
self::add($body, $author, $url, $email, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], "spam", $post->id, $visitor->id, $parent, $notify);
error(__("Spam Comment"), __("Your comment has been marked as spam. It has to be reviewed and/or approved by an admin.", "comments"));
} else {
$comment = self::add($body, $author, $url, $email, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], $status, $post->id, $visitor->id, $parent, $notify);
fallback($_SESSION['comments'], array());
$_SESSION['comments'][] = $comment->id;
if (isset($_POST['ajax'])) {
exit("{ \"comment_id\": \"" . $comment->id . "\", \"comment_timestamp\": \"" . $comment->created_at . "\" }");
}
Flash::notice(__("Comment added."), $post->url() . "#comments");
}
} else {
$comment = self::add($body, $author, $url, $email, $_SERVER['REMOTE_ADDR'], $_SERVER['HTTP_USER_AGENT'], $status, $post->id, $visitor->id, $parent, $notify);
fallback($_SESSION['comments'], array());
$_SESSION['comments'][] = $comment->id;
if (isset($_POST['ajax'])) {
exit("{ \"comment_id\": \"" . $comment->id . "\", \"comment_timestamp\": \"" . $comment->created_at . "\" }");
}
Flash::notice(__("Comment added."), $post->url() . "#comment");
}
}
/**
* Akismet Operations
*
* Send a message to check for spam. If the message is flagged as spam, true is returned.
*
* @param string|array $data The message to check
*
* @return bool True if the message is flagged as spam, false if not
*/
public static function akismet($data)
{
global $cache, $config, $db, $user;
if (!$config['asacp_enable'] || !$config['asacp_akismet_enable'] || !$config['asacp_akismet_key']) {
return false;
}
if ($user->data['is_registered']) {
if ($user->data['user_posts'] > $config['asacp_akismet_post_limit'] && $config['asacp_akismet_post_limit'] > 0) {
return false;
}
}
// else the user is a guest
if (!class_exists('Akismet')) {
global $phpbb_root_path, $phpEx;
include $phpbb_root_path . 'antispam/Akismet.class.' . $phpEx;
}
$akismet = new Akismet($config['asacp_akismet_domain'], $config['asacp_akismet_key']);
$akismet->setUserIP($user->ip);
$akismet->setCommentType('comment');
$akismet->setCommentAuthor($user->data['username']);
$akismet->setCommentAuthorEmail($user->data['user_email']);
$akismet->setCommentContent((string) $data);
return $akismet->isCommentSpam() ? true : false;
}
/**
* Check if comment is spam using Akismet.
*
* @param Comment $comment The Comment object
* @param string $api_key The Akismet API key
*
* @return void
*
* @since 2.0
*/
public function akismet($comment, $api_key = '')
{
// load akismet class
$this->app->loader->register('Akismet', 'libraries:akismet/akismet.php');
// check comment
$akismet = new Akismet(JURI::root(), $api_key);
$akismet->setCommentAuthor($comment->author);
$akismet->setCommentAuthorEmail($comment->email);
$akismet->setCommentAuthorURL($comment->url);
$akismet->setCommentContent($comment->content);
// set state
if ($akismet->isCommentSpam()) {
$comment->state = Comment::STATE_SPAM;
}
}
private function performChecks()
{
$request = JRequest::get();
// Calc check
if ($this->params->get('type_calc')) {
if ($this->_session->get('rot13', null, 'easycalccheck') == 1) {
$spamcheckresult = base64_decode(str_rot13($this->_session->get('spamcheckresult', null, 'easycalccheck')));
} else {
$spamcheckresult = base64_decode($this->_session->get('spamcheckresult', null, 'easycalccheck'));
}
$spamcheck = JRequest::getInt($this->_session->get('spamcheck', null, 'easycalccheck'), '', 'post');
$this->_session->clear('rot13', 'easycalccheck');
$this->_session->clear('spamcheck', 'easycalccheck');
$this->_session->clear('spamcheckresult', 'easycalccheck');
if (!is_numeric($spamcheckresult) || $spamcheckresult != $spamcheck) {
return false;
// Failed
}
}
// Hidden field
if ($this->params->get('type_hidden')) {
$hidden_field = $this->_session->get('hidden_field', null, 'easycalccheck');
$this->_session->clear('hidden_field', 'easycalccheck');
if (JRequest::getVar($hidden_field, '', 'post')) {
return false;
// Hidden field was filled out - failed
}
}
// Time lock
if ($this->params->get('type_time')) {
$time = $this->_session->get('time', null, 'easycalccheck');
$this->_session->clear('time', 'easycalccheck');
if (time() - $this->params->get('type_time_sec') <= $time) {
return false;
// Submitted too fast - failed
}
}
// Own Question
// Conversion to lower case
if ($this->params->get('question')) {
$answer = strtolower(JRequest::getString($this->_session->get('question', null, 'easycalccheck'), '', 'post'));
$this->_session->clear('question', 'easycalccheck');
if ($answer != strtolower($this->params->get('question_a'))) {
return false;
// Question wasn't answered - failed
}
}
// StopForumSpam - Check the IP Address
// Further informations: http://www.stopforumspam.com
if ($this->params->get('stopforumspam')) {
$url = 'http://www.stopforumspam.com/api?ip=' . $this->_session->get('ip', null, 'easycalccheck');
// Function test - Comment out to test - Important: Enter a active Spam-IP
// $ip = '88.180.52.46';
// $url = 'http://www.stopforumspam.com/api?ip='.$ip;
$response = false;
$is_spam = false;
if (function_exists('curl_init')) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
}
if ($response) {
preg_match('#<appears>(.*)</appears>#', $response, $out);
$is_spam = $out[1];
} else {
$response = @fopen($url, 'r');
if ($response) {
while (!feof($response)) {
$line = fgets($response, 1024);
if (preg_match('#<appears>(.*)</appears>#', $line, $out)) {
$is_spam = $out[1];
break;
}
}
fclose($response);
}
}
if ($is_spam == 'yes' and $response == true) {
return false;
// Spam-IP - failed
}
}
// Honeypot Project
// Further informations: http://www.projecthoneypot.org/home.php
// BL ACCESS KEY - http://www.projecthoneypot.org/httpbl_configure.php
if ($this->params->get('honeypot')) {
require_once dirname(__FILE__) . DS . 'easycalccheckplus' . DS . 'honeypot.php';
$http_blKey = $this->params->get('honeypot_key');
if ($http_blKey) {
$http_bl = new http_bl($http_blKey);
$result = $http_bl->query($this->_session->get('ip', null, 'easycalccheck'));
// Function test - Comment out to test - Important: Enter a active Spam-IP
// $ip = '117.21.224.251';
// $result = $http_bl->query($ip);
if ($result == 2) {
return false;
}
}
}
// Akismet
// Further informations: http://akismet.com/
if ($this->params->get('akismet')) {
require_once dirname(__FILE__) . DS . 'easycalccheckplus' . DS . 'akismet.php';
$akismet_key = $this->params->get('akismet_key');
if ($akismet_key) {
$akismet_url = JURI::getInstance()->toString();
$name = '';
$email = '';
$url = '';
$comment = '';
if ($request['option'] == 'com_contact') {
$name = $request['jform']['contact_name'];
$email = $request['jform']['contact_email'];
$comment = $request['jform']['contact_message'];
} elseif ($request['option'] == 'com_users') {
$name = $request['jform']['name'];
$email = $request['jform']['email1'];
if (isset($request['jform']['email'])) {
$email = $request['jform']['email'];
}
} elseif ($request['option'] == 'com_comprofiler') {
$name = $request['name'];
$email = $request['email'];
if (isset($request['checkusername'])) {
$name = $request['checkusername'];
}
if (isset($request['checkemail'])) {
$email = $request['checkemail'];
}
} elseif ($request['option'] == 'com_easybookreloaded') {
$name = $request['gbname'];
$email = $request['gbmail'];
$comment = $request['gbtext'];
if (isset($request['gbpage'])) {
$url = $request['gbpage'];
}
} elseif ($request['option'] == 'com_phocaguestbook') {
$name = $request['pgusername'];
$email = $request['email'];
$comment = $request['pgbcontent'];
} elseif ($request['option'] == 'com_dfcontact') {
$name = $request['name'];
$email = $request['email'];
$comment = $request['message'];
} elseif ($request['option'] == 'com_flexicontact') {
$name = $request['from_name'];
$email = $request['from_email'];
$comment = $request['area_data'];
} elseif ($request['option'] == 'com_alfcontact') {
$name = $request['name'];
$email = $request['email'];
$comment = $request['message'];
} elseif ($request['option'] == 'com_community') {
$name = $request['usernamepass'];
$email = $request['emailpass'];
} elseif ($request['option'] == 'com_virtuemart') {
$name = $request['name'];
$email = $request['email'];
$comment = $request['comment'];
} elseif ($request['option'] == 'com_jshopping') {
$name = $request['f_name'];
$email = $request['email'];
}
$akismet = new Akismet($akismet_url, $akismet_key);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($comment);
if ($akismet->isCommentSpam()) {
return false;
}
}
}
// ReCaptcha
// Further informations: http://www.google.com/recaptcha
if ($this->params->get('recaptcha') and $this->params->get('recaptcha_publickey') and $this->params->get('recaptcha_privatekey')) {
require_once dirname(__FILE__) . DS . 'easycalccheckplus' . DS . 'recaptchalib.php';
$privatekey = $this->params->get('recaptcha_privatekey');
$resp = recaptcha_check_answer($privatekey, $this->_session->get('ip', null, 'easycalccheck'), $request['recaptcha_challenge_field'], $request['recaptcha_response_field']);
if (!$resp->is_valid) {
return false;
}
}
// Botscout - Check the IP Address
// Further informations: http://botscout.com/
if ($this->params->get('botscout') and $this->params->get('botscout_key')) {
$url = 'http://botscout.com/test/?ip=' . $this->_session->get('ip', null, 'easycalccheck') . '&key=' . $this->params->get('botscout_key');
// Function test - Comment out to test - Important: Enter a active Spam-IP
// $ip = '87.103.128.199';
// $url = 'http://botscout.com/test/?ip='.$ip.'&key='.$this->params->get('botscout_key');
$response = false;
$is_spam = false;
if (function_exists('curl_init')) {
$ch = curl_init($url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_POST, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
$response = curl_exec($ch);
curl_close($ch);
}
if ($response) {
$is_spam = substr($response, 0, 1);
} else {
$response = @fopen($url, 'r');
if ($response) {
while (!feof($response)) {
$line = fgets($response, 1024);
$is_spam = substr($line, 0, 1);
}
fclose($response);
}
}
if ($is_spam == 'Y' and $response == true) {
// Spam-IP - failed
return false;
}
}
// Mollom
// Further informations: http://mollom.com/
if ($this->params->get('mollom') and $this->params->get('mollom_publickey') and $this->params->get('mollom_privatekey')) {
require_once dirname(__FILE__) . DS . 'easycalccheckplus' . DS . 'mollom.php';
Mollom::setPublicKey($this->params->get('mollom_publickey'));
Mollom::setPrivateKey($this->params->get('mollom_privatekey'));
$servers = Mollom::getServerList();
$name = '';
$email = '';
$url = '';
$comment = '';
if ($request['option'] == 'com_contact') {
$name = $request['jform']['contact_name'];
$email = $request['jform']['contact_email'];
$comment = $request['jform']['contact_message'];
} elseif ($request['option'] == 'com_users') {
$name = $request['jform']['name'];
$email = $request['jform']['email1'];
if (isset($request['jform']['email'])) {
$email = $request['jform']['email'];
}
} elseif ($request['option'] == 'com_comprofiler') {
$name = $request['name'];
$email = $request['email'];
if (isset($request['checkusername'])) {
$name = $request['checkusername'];
}
if (isset($request['checkemail'])) {
$email = $request['checkemail'];
}
} elseif ($request['option'] == 'com_easybookreloaded') {
$name = $request['gbname'];
$email = $request['gbmail'];
$comment = $request['gbtext'];
if (isset($request['gbpage'])) {
$url = $request['gbpage'];
}
} elseif ($request['option'] == 'com_phocaguestbook') {
$name = $request['pgusername'];
$email = $request['email'];
$comment = $request['pgbcontent'];
} elseif ($request['option'] == 'com_dfcontact') {
$name = $request['name'];
$email = $request['email'];
$comment = $request['message'];
} elseif ($request['option'] == 'com_flexicontact') {
$name = $request['from_name'];
$email = $request['from_email'];
$comment = $request['area_data'];
} elseif ($request['option'] == 'com_alfcontact') {
$name = $request['name'];
$email = $request['email'];
$comment = $request['message'];
} elseif ($request['option'] == 'com_community') {
$name = $request['usernamepass'];
$email = $request['emailpass'];
} elseif ($request['option'] == 'com_virtuemart') {
$name = $request['name'];
$email = $request['email'];
$comment = $request['comment'];
} elseif ($request['option'] == 'com_jshopping') {
$name = $request['f_name'];
$email = $request['email'];
}
$feedback = Mollom::checkContent(null, null, $comment, $name, $url, $email);
if ($feedback['spam'] == 'spam') {
return false;
}
}
$this->_session->clear('ip', 'easycalccheck');
$this->_session->clear('saved_data', 'easycalccheck');
return true;
}
function cmtx_akismet($name, $email, $website, $comment)
{
//check Akismet test for spam
global $cmtx_path;
//globalise variables
$name = cmtx_strip_slashes(cmtx_decode($name));
$email = cmtx_strip_slashes(cmtx_decode($email));
$website = cmtx_strip_slashes(cmtx_decode($website));
if ($website == 'http://') {
$website = '';
}
$comment = cmtx_strip_slashes(cmtx_decode($comment));
if (!class_exists('Akismet')) {
require_once $cmtx_path . 'includes/external/akismet/akismet.php';
//load Akismet script
}
$WordPressAPIKey = cmtx_setting('akismet_key');
//set API key
$MyBlogURL = cmtx_setting('site_url');
$akismet = new Akismet($MyBlogURL, $WordPressAPIKey);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($website);
$akismet->setCommentContent($comment);
$akismet->setCommentType('comment');
$akismet->setPermalink(cmtx_current_page());
if ($akismet->isCommentSpam()) {
return true;
} else {
return false;
}
}
function addMonial()
{
jimport('joomla.filesystem.file');
jimport('joomla.utilities.utility');
JRequest::checkToken() or jexit('Invalid Token');
$app = JFactory::getApplication();
$db =& JFactory::getDBO();
$document =& JFactory::getDocument();
require_once JPATH_COMPONENT . DS . 'assets' . DS . '3rdparty' . DS . 'SimpleImage.php';
$myparams =& JComponentHelper::getParams('com_eztestimonial');
$imageSubFolder = $myparams->getValue('data.params.imagefolder');
$autoApprove = $myparams->getValue('data.params.autoapprove', 0);
$uploadSize = $myparams->getValue('data.params.imagesize', 400);
$spamfilter = $myparams->getValue('data.params.spamfilter');
$sendemailtouser = $myparams->getValue('data.params.sendemailtouser', 0);
$sendemailtoadmin = $myparams->getValue('data.params.sendemailtoadmin', 0);
$summerytxtlength = $myparams->getValue('data.params.summerytxtlength', 100);
$ImgUrl = JRoute::_(JURI::base() . 'images/' . $imageSubFolder . '/');
$returnUrl = JRoute::_("index.php?option=com_eztestimonial&view=testimonials");
$valid = true;
$fullname = strip_tags(JRequest::getVar('iname'));
$useremail = strip_tags(JRequest::getVar('iemail'));
$location = strip_tags(JRequest::getVar('iaddress'));
$website = strip_tags(JRequest::getVar('iwebsite'));
$message = strip_tags(JRequest::getVar('imessage'));
$aboutme = strip_tags(JRequest::getVar('iboutme'));
$rating = JRequest::getVar('rating');
$file = JRequest::getVar('iimage', null, 'files', 'array');
$filename = JFile::makeSafe($file['name']);
$src = $file['tmp_name'];
$extension_of_image = testimonialController::get_extension(strtolower($filename));
//get the extension of image
$FileSize = filesize($file['tmp_name']);
$AllowedSize = $uploadSize * 1048576;
if ($spamfilter == 1) {
$privatekey = $myparams->getValue('data.params.reprivatekey');
require_once JPATH_COMPONENT . DS . 'assets' . DS . '3rdparty' . DS . 'recaptchalib.php';
$resp = recaptcha_check_answer($privatekey, $_SERVER["REMOTE_ADDR"], $_POST["recaptcha_challenge_field"], $_POST["recaptcha_response_field"]);
if (!$resp->is_valid) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_WRONGRECAPTCHA'), 'error');
$valid = false;
}
} elseif ($spamfilter == 2) {
$akismetKey = $myparams->getValue('data.params.akismetKey');
require_once JPATH_COMPONENT . DS . 'assets' . DS . '3rdparty' . DS . 'Akismet.class.php';
$MyURL = JURI::base();
$akismet = new Akismet($MyURL, $akismetKey);
$akismet->setCommentAuthor($fullname);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthorURL($website);
$akismet->setCommentContent($message);
$akismet->setPermalink(JURI::current());
if ($akismet->isCommentSpam()) {
die("spam alert!");
$valid = false;
}
}
if ($FileSize > $AllowedSize) {
$exceededtxt = JText::sprintf(JText::_('COM_TESTIMONIALS_IMAGESIZETOOBIG'), testimonialController::format_bytes($AllowedSize), testimonialController::format_bytes($FileSize));
$app->enqueueMessage($exceededtxt, 'error');
$valid = false;
}
if (strlen($FileSize) <= 1 && strlen($filename) > 1) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_ERRUPLOADING'), 'error');
$valid = false;
}
if ($FileSize > 1 && $valid == true) {
// Import image
switch ($extension_of_image) {
case 'jpg':
case 'jpeg':
case 'png':
case 'gif':
break;
default:
// Unsupported format
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_FILENOTSUPPORTED'), 'error');
$valid = false;
break;
}
}
if ($FileSize > 1 && $valid == true) {
$random_str = testimonialController::random_str();
$photo_name = strtolower(str_replace(" ", "-", htmlspecialchars($fullname))) . "-" . $random_str . ".";
// cleaned photo name with random charactor
$newPhotoname = $photo_name . $extension_of_image;
$newPhotoPath = JPATH_BASE . DS . "images" . DS . $imageSubFolder . DS;
$thumb_dest = $newPhotoPath . 'thumb_' . $newPhotoname;
$thumb_dest50 = $newPhotoPath . 'thumb50_' . $newPhotoname;
$dest = $newPhotoPath . $newPhotoname;
$image = new SimpleImage();
$image->square_crop($file['tmp_name'], $thumb_dest, $thumb_size = 200, $jpg_quality = 90);
$image->square_crop($file['tmp_name'], $thumb_dest50, $thumb_size = 50, $jpg_quality = 90);
$image->load($file['tmp_name']);
//$image->resizeToWidth(600);
$image->save($dest);
} else {
$newPhotoname = '';
}
if (strlen($fullname) < 2) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_EMPTYNAME'), 'error');
$valid = false;
}
if (strlen($useremail) < 2) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_EMPTYEMAIL'), 'error');
$valid = false;
}
if (strlen($location) < 2) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_EMPTYLOCATION'), 'error');
$valid = false;
}
if (strlen($message) < 2) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_EMPTYMSSG'), 'error');
$valid = false;
}
if ($valid) {
$approved = $autoApprove == 1 ? 1 : 0;
$postdata = array('fullName' => $fullname, 'email' => $useremail, 'location' => $location, 'aboutauthor' => $aboutme, 'website' => $website, 'message_summary' => testimonialController::truncate($message, $summerytxtlength), 'message_long' => $message, 'image_name' => $newPhotoname, 'added_date' => date("Y-m-d H:i:s"), 'rating' => $rating, 'approved' => $approved);
$row =& $this->getTable();
if (!$row->bind($postdata)) {
$app->enqueueMessage($row->getError(), 'error');
}
if (!$row->store()) {
$app->enqueueMessage($row->getError(), 'error');
} else {
//send email to user
$sitename = $app->getCfg('sitename');
if ($sendemailtouser == 1) {
$useremailfromnametxt = $myparams->getValue('data.params.useremailfromnametxt', 'From A Company');
$useremailaddress = $myparams->getValue('data.params.useremailfromtxt', '*****@*****.**');
$useremailsubject = $myparams->getValue('data.params.useremailsubjecttxt', 'Email Subject');
$useremailbody = $myparams->getValue('data.params.useremailtxt', 'Email Body');
$useremailbody = JText::sprintf($useremailbody, $fullname);
$prasearray = array('{b}' => '<b>', '{/b}' => '</b>', '{br}' => '<br />', '{sitename}' => $sitename, '{siteurl}' => JURI::base(), '{name}' => $fullname);
$useremailbody = testimonialController::mail_body_phraser($useremailbody, $prasearray);
$SendUserEmail = JUtility::sendMail($useremailaddress, $useremailfromnametxt, $useremail, $useremailsubject, $useremailbody, true);
if (!$SendUserEmail) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_EMAILFAILDUSER'), 'error');
}
}
$adminemails = explode(",", $myparams->getValue('data.params.adminemails', '*****@*****.**'));
$adminmailtxt = $myparams->getValue('data.params.adminmailtxt');
$prasearray = array('{b}' => '<b>', '{/b}' => '</b>', '{br}' => '<br />', '{sitename}' => $sitename, '{siteurl}' => JURI::base());
$adminmailtxt = testimonialController::mail_body_phraser($adminmailtxt, $prasearray);
// send mail to all administrators
foreach ($adminemails as $adminemail) {
$adminmailtxt = JText::sprintf($adminmailtxt, $row->iname);
$SendAdminEmail = JUtility::sendMail($mailfrom, $fromname, $adminemail, $adminmailsubjecttxt, $adminmailtxt, true);
$app->enqueueMessage($adminemailstosend, 'error');
if (!$SendAdminEmail) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_EMAILFAILDADMIN'), 'error');
}
}
//display message accordingly
if ($autoApprove == 0) {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_WAITINGAPPROVAL'), 'message');
$app->redirect($returnUrl);
} else {
$app->enqueueMessage(JText::_('COM_TESTIMONIALS_PUBLISHEDMSG'), 'message');
$app->redirect($returnUrl);
}
}
}
}
/**
* Check to see if the content being passed is considered as SPAM.
*
* @return bool TRUE is spam, FALSE if it isn't.
*/
private function _isSpam()
{
if (Phpfox::getUserParam('core.is_spam_free')) {
return false;
}
if (!Phpfox::getParam('core.enable_spam_check')) {
return false;
}
if (Phpfox::isUser() && Phpfox::getUserBy('total_spam') > Phpfox::getParam('core.auto_deny_items')) {
$this->_aParams['is_spam'] = true;
return true;
}
$sUrl = Phpfox::getParam('core.akismet_url');
$sPassword = Phpfox::getParam('core.akismet_password');
if (empty($sUrl) || empty($sPassword)) {
return false;
}
$sAkismet = PHPFOX_DIR_LIB . 'akismet' . PHPFOX_DS . 'Akismet.class.php';
if (file_exists($sAkismet)) {
require_once $sAkismet;
$oAkismet = new Akismet($sUrl, $sPassword);
if (Phpfox::isUser()) {
$oAkismet->setCommentAuthor(Phpfox::getUserBy('full_name'));
$oAkismet->setCommentAuthorEmail(Phpfox::getUserBy('email'));
} else {
if (isset($this->_aParams['user'])) {
$oAkismet->setCommentAuthor($this->_aParams['user']);
}
if (isset($this->_aParams['email'])) {
$oAkismet->setCommentAuthorEmail($this->_aParams['email']);
}
}
if (isset($this->_aParams['url'])) {
$oAkismet->setCommentAuthorURL($this->_aParams['url']);
}
if (isset($this->_aParams['link'])) {
$oAkismet->setPermalink($this->_aParams['link']);
}
if (isset($this->_aParams['content'])) {
$oAkismet->setCommentContent($this->_aParams['content']);
}
if (($this->_aParams['is_spam'] = $oAkismet->isCommentSpam()) === true) {
Phpfox_Database::instance()->updateCounter('user', 'total_spam', 'user_id', Phpfox::getUserId());
}
return $this->_aParams['is_spam'];
}
return false;
}
public function add_comment()
{
if(!osc_comments_enabled()) {
return 7;
}
$aItem = $this->prepareDataForFunction('add_comment');
$authorName = trim(strip_tags($aItem['authorName']));
$authorEmail = trim(strip_tags($aItem['authorEmail']));
$body = trim(strip_tags($aItem['body']));
$title = trim(strip_tags($aItem['title']));
$itemId = $aItem['id'];
$userId = $aItem['userId'];
$status_num = -1;
$banned = osc_is_banned(trim(strip_tags($aItem['authorEmail'])));
if($banned==1 || $banned==2) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentTitle', $title);
Session::newInstance()->_setForm('commentBody', $body);
Session::newInstance()->_setForm('commentAuthorEmail', $authorEmail);
return 5;
}
$item = $this->manager->findByPrimaryKey($itemId);
View::newInstance()->_exportVariableToView('item', $item);
$itemURL = osc_item_url();
$itemURL = '<a href="'.$itemURL.'" >'.$itemURL.'</a>';
Params::setParam('itemURL', $itemURL);
if(osc_reg_user_post_comments() && !osc_is_web_user_logged_in()) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentTitle', $title);
Session::newInstance()->_setForm('commentBody', $body);
return 6;
}
if( !preg_match('|^.*?@.{2,}\..{2,3}$|', $authorEmail)) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentTitle', $title);
Session::newInstance()->_setForm('commentBody', $body);
return 3;
}
if( ($body == '') ) {
Session::newInstance()->_setForm('commentAuthorName', $authorName);
Session::newInstance()->_setForm('commentAuthorEmail', $authorEmail);
Session::newInstance()->_setForm('commentTitle', $title);
return 4;
}
$num_moderate_comments = osc_moderate_comments();
if($userId==null) {
$num_comments = 0;
} else {
$user = User::newInstance()->findByPrimaryKey($userId);
$num_comments = $user['i_comments'];
}
if ($num_moderate_comments == -1 || ($num_moderate_comments != 0 && $num_comments >= $num_moderate_comments)) {
$status = 'ACTIVE';
$status_num = 2;
} else {
$status = 'INACTIVE';
$status_num = 1;
}
if (osc_akismet_key()) {
require_once LIB_PATH . 'Akismet.class.php';
$akismet = new Akismet(osc_base_url(), osc_akismet_key());
$akismet->setCommentAuthor($authorName);
$akismet->setCommentAuthorEmail($authorEmail);
$akismet->setCommentContent($body);
$akismet->setPermalink($itemURL);
$status = $akismet->isCommentSpam() ? 'SPAM' : $status;
if($status == 'SPAM') {
$status_num = 5;
}
}
$mComments = ItemComment::newInstance();
$aComment = array('dt_pub_date' => date('Y-m-d H:i:s')
,'fk_i_item_id' => $itemId
,'s_author_name' => $authorName
,'s_author_email' => $authorEmail
,'s_title' => $title
,'s_body' => $body
,'b_active' => ($status=='ACTIVE' ? 1 : 0)
,'b_enabled' => 1
,'fk_i_user_id' => $userId);
osc_run_hook('before_add_comment', $aComment);
if( $mComments->insert($aComment) ) {
$commentID = $mComments->dao->insertedId();
if($status_num == 2 && $userId != null) { // COMMENT IS ACTIVE
$user = User::newInstance()->findByPrimaryKey($userId);
if( $user ) {
User::newInstance()->update( array( 'i_comments' => $user['i_comments'] + 1)
,array( 'pk_i_id' => $user['pk_i_id'] ) );
}
}
//Notify admin
if ( osc_notify_new_comment() ) {
osc_run_hook('hook_email_new_comment_admin', $aItem);
}
//Notify user
if ( osc_notify_new_comment_user() ) {
osc_run_hook('hook_email_new_comment_user', $aItem);
}
osc_run_hook( 'add_comment', $commentID );
return $status_num;
}
return -1;
}
/**
* Calculates comment's status using akismet.
*
* @param array $data Comment's data to be validated by Akismet
* @return string Filtered comment's status
*/
protected function _akismetStatus($data)
{
require_once Plugin::classPath('Comment') . 'Lib/Akismet.php';
try {
$akismet = new \Akismet(Router::url('/'), $this->config('settings.akismet_key'));
if (!empty($data['author_name'])) {
$akismet->setCommentAuthor($data['author_name']);
}
if (!empty($data['author_email'])) {
$akismet->setCommentAuthorEmail($data['author_email']);
}
if (!empty($data['author_web'])) {
$akismet->setCommentAuthorURL($data['author_web']);
}
if (!empty($data['body'])) {
$akismet->setCommentContent($data['body']);
}
if ($akismet->isCommentSpam()) {
return 'spam';
}
} catch (\Exception $ex) {
return 'pending';
}
return $data['status'];
}
function akismet_check_submit(&$vars)
{
if (phpnum() >= 5) {
include akismet_lib_path . 'Akismet.class_5.php';
$x = $x['linkres'];
$user = new User();
$user->id = $x->author;
$user->read();
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'));
$akismet->setCommentAuthor($user->username);
$akismet->setCommentAuthorEmail($user->email);
$akismet->setCommentAuthorURL($x->url);
$akismet->setCommentContent($x->content);
$akismet->setPermalink(getmyurl('story', $x->id));
if ($akismet->isCommentSpam()) {
// store the comment but mark it as spam (in case of a mis-diagnosis)
$spam_links = get_misc_data('spam_links');
if ($spam_links != '') {
$spam_links = unserialize(get_misc_data('spam_links'));
} else {
$spam_links = array();
}
$spam_links[] = $x->id;
misc_data_update('spam_links', serialize($spam_links));
totals_adjust_count($x->status, -1);
totals_adjust_count('discard', 1);
$x->status = 'discard';
} else {
// echo 'not spam';
}
} else {
include akismet_lib_path . 'Akismet.class_4.php';
$x = $vars['linkres'];
$user = new User();
$user->id = $x->author;
$user->read();
$story['author'] = $user->username;
$story['email'] = $user->email;
$story['website'] = $x->url;
$story['body'] = $x->content;
$story['permalink'] = getmyurl('story', $x->id);
$story['user_ip'] = $user->extra_field['user_lastip'];
$akismet = new Akismet(my_base_url . my_pligg_base, get_misc_data('wordpress_key'), $story);
// test for errors
if ($akismet->errorsExist()) {
// returns true if any errors exist
if ($akismet->isError('AKISMET_INVALID_KEY')) {
// echo 'invalid key';
} elseif ($akismet->isError('AKISMET_RESPONSE_FAILED')) {
// echo 'response failed';
} elseif ($akismet->isError('AKISMET_SERVER_NOT_FOUND')) {
// echo 'server not found';
}
} else {
// No errors, check for spam
if ($akismet->isSpam()) {
// returns true if Akismet thinks the comment is spam
$spam_links = get_misc_data('spam_links');
if ($spam_links != '') {
$spam_links = unserialize(get_misc_data('spam_links'));
} else {
$spam_links = array();
}
$spam_links[] = $x->id;
misc_data_update('spam_links', serialize($spam_links));
} else {
// echo 'not spam';
}
}
}
}
function sl_is_spam($email, $content = null, $optional = array())
{
$optargs = array('ip' => 'setUserIP', 'nickname' => 'setCommentAuthor', 'permalink' => 'setPermalink', 'referrer' => 'setReferrer', 'type' => 'setCommentType');
$akismet = new Akismet(AKISMET_URL, AKISMET_KEY);
$akismet->setCommentAuthorEmail($email);
if (!empty($content)) {
$akismet->setCommentContent($content);
}
// User-agent, IP, and referrer are automatically set by the Akismet class, but can be overriden
foreach ($optional as $optarg => $val) {
if (in_array($optarg, $optargs)) {
$akismet->{$optargs[$optarg]}($val);
}
}
try {
$isSpam = $akismet->isCommentSpam();
} catch (Exception $e) {
$isSpam = false;
error_log('Akismet exception: ', $e->getMessage(), "\n");
}
return $isSpam;
}
/**
* Akismet spam check. Invokes akismet class to get response is spam.
* @param name
* @param email
* @param comment
* @return bool
*/
public static function akismet($name, $email, $comment)
{
require_once Kohana::find_file('vendor', 'akismet/akismet', 'php');
if (core::config('general.akismet_key') != '') {
$akismet = new Akismet(core::config('general.base_url'), core::config('general.akismet_key'));
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentContent($comment);
return $akismet->isCommentSpam();
} else {
//we return is not spam since we do not have the api :(
return FALSE;
}
}
if ($j) {
$db = new SQL(0);
$w = array();
$w["txt"] = $_POST["text"];
$w["question"] = $params["id"] + 0;
$w["author"] = MyUser::isloggedin() ? MyUser::id() + 0 : 0 - rand(10, 999999);
$w["authorIP"] = $_SERVER["REMOTE_ADDR"];
$w["date_created"] = time();
$w["date_edited"] = time();
if (!MyUser::isloggedin() && SiteConfig::val("akismet/key") . "" != "") {
$akismet = new Akismet(SiteConfig::val("akismet/host"), SiteConfig::val("akismet/key"));
$akismet->setCommentContent($w["txt"]);
$akismet->setPermalink(Question::PermalinkByData($w["question"], "Frage"));
$akismet->setUserIP($_SERVER["REMOTE_ADDR"]);
try {
if ($akismet->isCommentSpam()) {
$w["isSPAM"] = 2;
} else {
$w["isSPAM"] = -2;
}
} catch (Exception $ex) {
}
}
$db->CreateUpdate(0, 'answers', $w);
$answerID = $db->LastInsertKey();
$db->cmd(0, 'UPDATE questions SET date_action={1},user_action="{2}", count_answers = (SELECT count(*) FROM answers WHERE question=questions.id) WHERE id={0} LIMIT 1', true, array($w["question"], time(), MyUser::id() + 0));
$_SESSION["myuser"]["lastwritten"]["answers"][$answerID] = true;
Karma::RuleAction("CREATE_ANSWER", array("user" => MyUser::id(), "question" => $w["question"], "answer" => $answerID));
Badges::add(4, MyUser::id(), array("question" => $w["question"]));
//Erste Antwort geschrieben
}
