forked from Geeklog-jp/geeklog-japan
/
trackback.php
98 lines (85 loc) · 4.29 KB
/
trackback.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
/* Reminder: always indent with 4 spaces (no tabs). */
// +---------------------------------------------------------------------------+
// | Geeklog 1.3 |
// +---------------------------------------------------------------------------+
// | trackback.php |
// | |
// | Handle trackback pings for stories and plugins. |
// +---------------------------------------------------------------------------+
// | Copyright (C) 2005 by the following authors: |
// | |
// | Author: Dirk Haun - dirk AT haun-online DOT de |
// +---------------------------------------------------------------------------+
// | |
// | This program is free software; you can redistribute it and/or |
// | modify it under the terms of the GNU General Public License |
// | as published by the Free Software Foundation; either version 2 |
// | of the License, or (at your option) any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
// | |
// +---------------------------------------------------------------------------+
//
// $Id: trackback.php,v 1.9 2005/12/17 16:34:28 dhaun Exp $
require_once ('lib-common.php');
require_once ($_CONF['path_system'] . 'lib-trackback.php');
// Note: Error messages are hard-coded in English since there is no way of
// knowing which language the sender of the trackback ping may prefer.
$TRB_ERROR = array (
'not_enabled' => 'Trackback not enabled.',
'illegal_request' => 'Illegal request.',
'no_access' => 'You do not have access to this entry.'
);
if (!$_CONF['trackback_enabled']) {
TRB_sendTrackbackResponse (1, $TRB_ERROR['not_enabled']);
exit;
}
if (isset ($_SERVER['REQUEST_METHOD'])) {
// Trackbacks are only allowed as POST requests
if ($_SERVER['REQUEST_METHOD'] != 'POST') {
header ('Allow: POST');
COM_displayMessageAndAbort (75, '', 405, 'Method Not Allowed');
}
}
COM_setArgNames (array ('id', 'type'));
$id = COM_applyFilter (COM_getArgument ('id'));
$type = COM_applyFilter (COM_getArgument ('type'));
if (empty ($id)) {
TRB_sendTrackbackResponse (1, $TRB_ERROR['illegal_request']);
exit;
}
if (empty ($type)) {
$type = 'article';
}
if ($type == 'article') {
// check if they have access to this story
$sid = DB_escapeString($id);
$sql = "SELECT trackbackcode FROM {$_TABLES['stories']}, {$_TABLES['topic_assignments']} ta
WHERE (sid = '$sid') AND (date <= NOW()) AND (draft_flag = 0)"
. COM_getPermSql('AND') . " AND ta.type = 'article' AND ta.id = sid AND ta.tdefault = 1 " . COM_getTopicSql('AND', 0 , 'ta');
$result = DB_query($sql);
if (DB_numRows ($result) == 1) {
$A = DB_fetchArray ($result);
if ($A['trackbackcode'] == 0) {
TRB_handleTrackbackPing ($id, $type);
} else {
TRB_sendTrackbackResponse (1, $TRB_ERROR['no_access']);
}
} else {
TRB_sendTrackbackResponse (1, $TRB_ERROR['no_access']);
}
} else if (PLG_handlePingComment ($type, $id, 'acceptByID') === true) {
TRB_handleTrackbackPing ($id, $type);
} else {
TRB_sendTrackbackResponse (1, $TRB_ERROR['no_access']);
}
// no output here
?>