function prepareValues(&$values) { foreach ($values as $k => $v) { if ($k == 'comment') { // strip all HTML except [code] $m = array(); preg_match_all('#(\\[code\\=?([a-z0-9]*?)\\].*\\[\\/code\\])#isU' . JCOMMENTS_PCRE_UTF8, trim($v), $m); $tmp = array(); $key = ''; foreach ($m[1] as $code) { $key = '{' . md5($code . $key) . '}'; $tmp[$key] = $code; $v = preg_replace('#' . preg_quote($code, '#') . "#isU" . JCOMMENTS_PCRE_UTF8, $key, $v); } $v = trim(strip_tags($v)); // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $v = stripslashes($v); } $v = JCommentsText::nl2br($v); //$v = JCommentsText::nl2br(stripslashes($v)); foreach ($tmp as $key => $code) { if (get_magic_quotes_gpc() == 1) { $code = str_replace('\\"', '"', $code); $code = str_replace("\\'", "'", $code); } $v = preg_replace('#' . preg_quote($key, '#') . "#isU" . JCOMMENTS_PCRE_UTF8, $code, $v); } unset($tmp, $m); $values[$k] = $v; } else { $values[$k] = trim(strip_tags($v)); // handle magic quotes compatibility if (get_magic_quotes_gpc() == 1) { $values[$k] = stripslashes($values[$k]); } } } // for Joomla 1.5 change encoding is not needed if (JCOMMENTS_JVERSION != '1.5') { return JCommentsAJAX::convertEncoding($values); } else { return $values; } }
public static function saveSettingsAjax() { $response = JCommentsFactory::getAjaxResponse(); $jtx64 = JCommentsInput::getVar('jtx64', ''); if ($jtx64 != '') { $jtx64 = base64_decode(urldecode($jtx64)); $data = array(); parse_str($jtx64, $data); if (JCOMMENTS_JVERSION == '1.0') { require_once JCOMMENTS_BASE . '/jcomments.ajax.php'; $data = JCommentsAJAX::convertEncoding($data); } $_POST = array_merge($_POST, $data); $_REQUEST = array_merge($_REQUEST, $data); } $lang = JCommentsAdmin::loadSettingsByLanguage(JCommentsInput::getVar('lang', '')); $message = JCommentsAdmin::saveSettings($lang); $response->addScript("jcbackend.showMessage('{$message}', 'info', 'jcomments-message-holder', 1);"); return $response; }