/** * Store a new comment in the database. * * @param string $hash Unique hash value of the parent page. * @return Response */ public function create($hash) { // Retrieve the parent page $page = $this->findPageByHash($hash); // Create a comment from the post data $comment = comment::fromInput(); $comment->set('page_uri', $page->uri()); // Collect user information $comment->set('author_ip', visitor::ip()); $comment->set('author_agent', visitor::ua()); // Handle signed-in users if ($user = user::current()) { $fullname = trim($user->firstname() . ' ' . $user->lastname()); $fullname = empty($fullname) ? $user->username() : $fullname; $comment->set('author', $fullname); $comment->set('author_email', $user->email()); $comment->set('username', $user->username()); } // Ensure the required comment fields are set if (!$comment->validate()) { $msg = l('comments.error.incomplete', 'Missing required fields'); return $this->error($msg, 400, array('input' => $comment->toArray(), 'errors' => $comment->errors()->toArray())); } // Check the honeypot fields. Pretend everything went fine. if ($this->isBot()) { return $this->success(); } // Throttle comment posting if ($this->isPartOfFlood($comment)) { $msg = l('comments.error.throttle', 'Number of allowed comments per interval exceeded'); return $this->error($msg, 429, array('input' => $comment->toArray(), 'errors' => array('other' => $msg))); } // Check for duplicate contents if ($this->isDuplicate($comment)) { $msg = l('comments.error.duplicate', 'Duplicate content'); return $this->error($msg, 409, array('input' => $comment->toArray(), 'errors' => array('text' => $msg))); } // Classify comment as spam or ham using Akismet. In addition allow to // blacklist authors. $discard = false; if ($this->isSpam($comment, $discard) || $this->isBlocked($comment)) { $comment->set('status', Comment::STATUS_SPAM); } // Save the comment to the database. Pretend the comment was saved // successfully for comments containing `blatant spam`. if ($discard && $comment->isSpam() || $comment->save()) { $msg = l('comments.success.saved', 'Comment saved'); return $this->success($msg, 201, array('id' => $comment->id())); } else { $msg = l('comments.error.save', 'Could not save comment'); return $this->error($msg, 400, array('input' => $comment->toArray(), 'errors' => $comment->errors()->toArray())); } }
<!DOCTYPE html> <html lang="<?php echo site()->language()->code(); ?> "> <head> <meta charset="utf-8"> <?php if (strpos(visitor::ua(), 'MSIE') !== false) { header('X-UA-Compatible: IE=edge,chrome=1'); } ?> <meta http-equiv="cache-control" content="max-age=0" /> <meta http-equiv="cache-control" content="no-cache" /> <meta http-equiv="expires" content="0" /> <meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" /> <meta http-equiv="pragma" content="no-cache" /> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta name="description" content="Risky-B batteria per la valutazione della propensione al rischio"> <meta name="keywords" content="rischio propensione incertezza psicologia risk uncertainty psychology"> <title><?php echo html($site->title() . ' / ' . $page->title()); ?> </title> <!-- LOAD BOOTLINT -->
public static function current() { $cookey = cookie::get('kirby'); $username = s::get('auth.username'); if (empty($cookey) or $cookey !== s::get('auth.key')) { static::logout(); return false; } if (s::get('auth.secret') !== sha1($username . $cookey)) { static::logout(); return false; } if (s::get('auth.ua') !== visitor::ua()) { static::logout(); return false; } // keep logged in for one week max. if (s::get('auth.created') < time() - 60 * 60 * 24 * 7) { static::logout(); return false; } // find the logged in user by token if ($user = site()->user($username)) { return $user; } else { return false; } }
/** * Dirty browser sniffing for an ios device * * @return boolean */ public static function ios() { $ua = visitor::ua(); return str::contains($ua, 'iPod') or str::contains($ua, 'iPhone') or str::contains($ua, 'iPad'); }
/** * Prepare the request data send to the Akismet API * * @param array $content Comment contents to send. * @param string $userIp IP address of the comment submitter. * @param string $userAgent User agent string of the web browser submitting the comment. * * @return array */ protected function prepareContent($content = array(), $userIp = null, $userAgent = null) { if (empty($content['comment_type'])) { $content['comment_type'] = 'comment'; } if (is_null($userIp)) { $content['user_ip'] = visitor::ip(); } else { if (!empty($userIp)) { $content['user_ip'] = $userIp; } } if (is_null($userAgent)) { $content['user_agent'] = visitor::ua(); } else { if (!empty($userAgent)) { $content['user_agent'] = $userAgent; } } return $content; }