| [ Index ] | PHP Cross Reference of Mambo 4.6.5 |
|
| [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * @package Mambo 4 * @author Mambo Foundation Inc see README.php 5 * @copyright (C) 2000 - 2009 Mambo Foundation Inc. 6 * See COPYRIGHT.php for copyright notices and details. 7 * @license GNU/GPL Version 2, see LICENSE.php 8 * 9 * Redistributions of files must retain the above copyright notice. 10 * 11 * Mambo is free software; you can redistribute it and/or 12 * modify it under the terms of the GNU General Public License 13 * as published by the Free Software Foundation; version 2 of the License. 14 */ 15 16 /** ensure this file is being included by a parent file */ 17 defined( '_VALID_MOS' ) or die( 'Direct Access to this location is not allowed.' ); 18 19 global $mosConfig_absolute_path, $mosConfig_usecaptcha, $task, $acl, $mainframe, $mosConfig_offset; 20 // work-around for validating config.comment.php 21 require_once ($mosConfig_absolute_path."/administrator/components/com_comment/class.comment.php"); 22 $config = new mosCommentConfig(); 23 $auto_publish_comments = $config->auto_publish_comments; 24 $allow_anonymous_entries = $config->allow_anonymous_entries; 25 $notify_new_entries = $config->notify_new_entries; 26 $allow_comments_in_sections = $config->allow_comments_in_sections; 27 $comments_per_page = $config->comments_per_page; 28 $admin_comments_length = $config->admin_comments_length; 29 unset($config); 30 31 $option = mosGetParam($_POST, 'option', 'com_comment'); 32 $mcitemid = intval(mosGetParam($_POST, 'mcitemid', 0)); 33 $articleid = intval(mosGetParam($_POST, 'articleid', 0)); 34 $func = mosGetParam($_POST, 'func', ''); 35 $limit = intval(mosGetParam($_POST, 'limit', '')); 36 $limitstart = intval(mosGetParam($_POST, 'limitstart', '')); 37 $mcname = mosGetParam($_POST, 'mcname', ''); 38 $comments = mosGetParam($_POST, 'comments', ''); 39 $spamstop = mosGetParam($_POST, 'spamstop', ''); 40 41 # valid user check 42 $is_user = (strtolower($my->usertype) <> ''); 43 $captcha_success = 0; // captcha not required 44 45 if ($task == "captcha-audio"){ 46 @ob_end_clean(); 47 ob_start(); 48 include ($mosConfig_absolute_path."/includes/captcha-audio.php"); 49 ob_end_flush(); 50 exit(0); 51 52 } 53 54 if ($mosConfig_usecaptcha == '1') { 55 # spam protection 56 mos_session_start(); 57 58 if(isset($_SESSION['captcha_code']) && ($_SESSION['captcha_code'] != "") && ($_SESSION['captcha_code'] == $spamstop)) { 59 $captcha_success = 1; // success 60 } else { 61 $captcha_success = 2; // fail 62 } 63 } 64 65 if ($captcha_success != '2') { 66 67 # if registered users only 68 if (!$allow_anonymous_entries AND !$is_user) { 69 70 $link = sefRelToAbs("index.php?option=content&task=view&id=$articleid"); 71 echo "<SCRIPT>alert('".T_('Please register to add comments')."'); document.location.href='".$link."';</SCRIPT>"; 72 73 } else { 74 $noauth = !$mainframe->getCfg( 'shownoauth' ); 75 $viewAccess = ($gid >= $acl->get_group_id( 'Registered', 'ARO' ) ? 1 : 0) + ($gid >= $acl->get_group_id( 'Author', 'ARO' ) ? 1 : 0); 76 $now = date( "Y-m-d H:i:s", time()+$mosConfig_offset*60*60 ); 77 $query = "SELECT id, sectionid FROM #__content WHERE id = $articleid ". 78 "\n AND sectionid IN ($allow_comments_in_sections) ". 79 "\n AND (state = '1' OR state = '-1')". 80 "\n AND ( publish_up = '0000-00-00 00:00:00' OR publish_up <= '$now' )". 81 "\n AND ( publish_down = '0000-00-00 00:00:00' OR publish_down >= '$now' )". 82 "\n AND access <= ". $viewAccess; 83 84 $database->setQuery( $query ); 85 $database->loadObject( $row ); 86 if ( $row != NULL){ 87 $comments = strip_tags($comments); 88 $comments = mysql_escape_string(strip_tags($comments)); 89 $startdate = date( "Y-m-d H:i:s" ); 90 $ip = getenv('REMOTE_ADDR'); 91 92 $query = "INSERT INTO #__comment SET articleid='$articleid', ip='$ip', name='$mcname', comments='$comments', startdate='$startdate', published='$auto_publish_comments';"; 93 $database->setQuery($query); 94 $database->query(); 95 96 97 if ($notify_new_entries == "1") { 98 // messaging for new items 99 require_once ($mosConfig_absolute_path."/includes/mambofunc.php"); 100 $message = T_("A new comment has been added")."\n\n".$comments; 101 102 if ($auto_publish_comments == "0") { 103 $message = $message . "\n\n".T_("You have chosen not to auto publish new comments. Therefore you need to log in and publish new posts to make them visible."); 104 } 105 106 mosMail ( $mosConfig_mailfrom, $mosConfig_mailfrom, $mosConfig_mailfrom, T_("A new comment has been submitted"), $message); 107 } 108 109 $msg = T_('Thanks. Your comment has been successfully saved.'); 110 if ($auto_publish_comments == "0") { 111 $msg = $msg. T_("The Administrator will review and publish your comment shortly."); 112 } 113 114 mosRedirect( "index.php?option=com_content&task=view&id=".$articleid."&Itemid=".$mcitemid."&limit=".$limit."&limitstart=".$limitstart, $msg ); 115 }else{ 116 echo "<SCRIPT> alert('".T_("You are not allowed to leave comments on this item.")."'); document.location='index.php?option=com_content&task=view&id=$articleid&Itemid=$mcitemid&limit=$limit&limitstart=$limitstart&comments=$comments';</SCRIPT>"; 117 } 118 } 119 120 } else { 121 echo "<SCRIPT> alert('".T_("Incorrect Security Code")."'); document.location='index.php?option=com_content&task=view&id=$articleid&Itemid=$mcitemid&limit=$limit&limitstart=$limitstart&comments=$comments';</SCRIPT>"; 122 } 123 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Wed Feb 8 00:05:01 2012 | Cross-referenced by PHPXref 0.7 |
| Mambo API: Mambo is Free software released under the GNU/General Public License, Version 2 |