/**
* Process a trackback someone sent to us
*
* @param string $ip IP Address of the pinger
* @param array $ext_vars The trackback data, in the format:
* +================================================+
* | key | value |
* +-----------+------------------------------------+
* | url* | URL of the pinging site |
* +-----------+------------------------------------+
* | title | Title of the referring article |
* +-----------+------------------------------------+
* | excerpt | Excerpt from the referring article |
* +-----------+------------------------------------+
* | blog_name | Name of the referring blog |
* +===========+====================================+
* @param int $commentid If given, the ID of a comment in a blog
*/
function receiveTrackback($ip, $ext_vars, $commentid = null)
{
$this->_ip = $ip;
$this->_tbdata = $ext_vars;
$allow = $this->allowTrackback();
if (is_array($allow)) {
foreach ($allow['message'] as $msg) {
$err .= ' ' . $msg;
}
$this->userResponse(1, $msg);
} else {
$replyto = is_null($commentid) ? $commentid : 0;
/*
* According to the spec, only URL is required, all else is optional
*/
$vars['posterwebsite'] = my_addslashes($this->_tbdata['url']);
/**
* Policy:
* In the interests of spam-blocking, the only hypertext we allow is the
* URL of the poster. This is the only deviance from comment handling
*/
$vars['title'] = isset($this->_tbdata['title']) ? my_addslashes(StringHandling::removeTags($this->_tbdata['title'])) : '';
$vars['commenttext'] = isset($this->_tbdata['excerpt']) ? my_addslashes(StringHandling::removeTags($this->_tbdata['excerpt'])) : '';
$vars['postername'] = isset($this->_tbdata['blog_name']) ? my_addslashes(StringHandling::removeTags($this->_tbdata['blog_name'])) : '';
$vars['posttime'] = time();
$vars['ip'] = $this->_ip;
$vars['postid'] = $this->_post->postid;
if ($replyto > 0) {
$vars['parentid'] = $replyto;
}
/*
* Added check for moderation.
* Follow the same rules as for comments
*/
$vars['commenttext'] = StringHandling::removeTags(my_addslashes($vars['commenttext']));
$vars['onhold'] = $this->needsModeration($vars['commenttext']) ? 1 : 0;
$vars['type'] = 'trackback';
//Save the trackback
$id = $this->saveComment($vars);
if ($id > 0) {
// notify owner
if (C_NOTIFY == true) {
$this->notify($vars['postername'], $this->_post->permalink, $vars['onhold'], $vars['commenttext']);
}
$this->updateCommentCount($this->_db, $this->_post->postid);
$this->userResponse(0);
} else {
$this->userResponse(1, "Error adding trackback : " . mysql_error());
}
}
}
/**
* Performs various transformations on text. Hyperlinks have
* the redirector added and are wrapped in A tags (if not already wrapped).
* Special characters are transformed into HTML entities.
*
* @param string $comment Comment text
* @return string
*/
function processCommentText($comment)
{
//Policy: only a, b, i, strong, code, acrynom, blockquote, abbr are allowed
$comment = StringHandling::removeTags($comment, '<a><b><i><strong><code><acronym><blockquote><abbr>');
if (StringHandling::containsLinks($comment)) {
$comment = StringHandling::transformLinks($comment);
}
//Policy: translate HTML special characters to their HTML entities
$comment = Comments::encodeHTML($comment);
//Policy: line breaks converted automatically
return nl2br($comment);
}
