source: extensions/CommentEditor/include/ce_functions.inc.php @ 3426

Last change on this file since 3426 was 3426, checked in by Criss, 15 years ago

CommentEditor plugin creation
  • Property svn:eol-style set to LF
File size: 4.3 KB
Line 
1<?php
2/* $Id: ce_functions.inc.php,v 1.3 2009/06/17 19:08:23 Criss Exp $ */
3if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
4
5/**
6 * Include class file
7 * @param $aClassName
8 * @return unknown_type
9 */
10function ce_require_class($aClassName) {
11    require_once CE_CLASSES .strtolower($aClassName) . '.class.php';
12}
13
14/**
15 * Changed from Piwigo core function  insert_user_comment
16 */
17
18/**
19 * Tries to update a user comment in the database and returns one of :
20 * validate, moderate, reject
21 * @param array comm contains author, content, image_id
22 * @param string key secret key sent back to the browser
23 * @param array infos out array of messages
24 */
25function update_user_comment( &$comm, $key, &$infos )
26{
27  global $conf, $user;
28
29  $comm = array_merge( $comm,
30    array(
31      'ip' => $_SERVER['REMOTE_ADDR'],
32      'agent' => $_SERVER['HTTP_USER_AGENT']
33    )
34   );
35
36  $infos = array();
37  if (!$conf['comments_validation'] or is_admin())
38  {
39    $comment_action='validate'; //one of validate, moderate, reject
40  }
41  else
42  {
43    $comment_action='moderate'; //one of validate, moderate, reject
44  }
45
46  // display author field if the user status is guest or generic
47  if (!is_classic_user())
48  {
49    if ( empty($comm['author']) )
50    {
51      $comm['author'] = 'guest';
52    }
53    // if a guest try to use the name of an already existing user, he must be
54    // rejected
55    if ( $comm['author'] != 'guest' )
56    {
57      $query = '
58SELECT COUNT(*) AS user_exists
59  FROM '.USERS_TABLE.'
60  WHERE '.$conf['user_fields']['username']." = '".addslashes($comm['author'])."'";
61      $row = mysql_fetch_assoc( pwg_query( $query ) );
62      if ( $row['user_exists'] == 1 )
63      {
64        array_push($infos, l10n('comment_user_exists') );
65        $comment_action='reject';
66      }
67    }
68  }
69  else
70  {
71    if ( empty($comm['author'])) {
72        $comm['author'] = $user['username'];
73    }
74  }
75  if ( empty($comm['content']) )
76  { // empty comment content
77    $comment_action='reject';
78  }
79
80//  $key = explode( ':', @$key );
81//  if ( count($key)!=2
82//        or $key[0]>time()-2 // page must have been retrieved more than 2 sec ago
83//        or $key[0]<time()-3600 // 60 minutes expiration
84//        or hash_hmac(
85//              'md5', $key[0].':'.$comm['image_id'], $conf['secret_key']
86//            ) != $key[1]
87//      )
88//  {
89//    $comment_action='reject';
90//  }
91
92  if ($comment_action!='reject' and $conf['anti-flood_time']>0 )
93  { // anti-flood system
94    $reference_date = time() - $conf['anti-flood_time'];
95    $query = '
96SELECT id FROM '.COMMENTS_TABLE.'
97  WHERE date > FROM_UNIXTIME('.$reference_date.')
98    AND author = "'.addslashes($comm['author']).'"';
99    if ( mysql_num_rows( pwg_query( $query ) ) > 0 )
100    {
101      array_push( $infos, l10n('comment_anti-flood') );
102      $comment_action='reject';
103    }
104  }
105
106  // perform more spam check
107  $comment_action = trigger_event('user_comment_check',
108      $comment_action, $comm
109    );
110
111  if ( $comment_action!='reject' )
112  {
113
114    $query = 'UPDATE '.COMMENTS_TABLE;
115    $query.= ' SET author="'.addslashes($comm['author']).'"';
116    $query.= '    ,content="'.addslashes($comm['content']).'"';
117    if ('moderate' == $comment_action) {
118        $query.=',validated="false"';
119        $query.=', validation_date=NULL';
120    }
121    $query.=' WHERE (id='.$comm['comment_id'].' AND image_id='.$comm['image_id'].')';
122    pwg_query($query);
123
124    if
125      (
126        ($comment_action=='validate' and $conf['email_admin_on_comment'])
127        or
128        ($comment_action!='validate' and $conf['email_admin_on_comment_validation'])
129      )
130    {
131      include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
132
133      $del_url =
134          get_absolute_root_url().'comments.php?delete='.$comm['comment_id'];
135
136      $keyargs_content = array
137      (
138        get_l10n_args('Author: %s', $comm['author']),
139        get_l10n_args('Comment: %s', $comm['content']),
140        get_l10n_args('', ''),
141        get_l10n_args('Delete: %s', $del_url)
142      );
143
144      if ($comment_action!='validate')
145      {
146        $keyargs_content[] =
147          get_l10n_args('', '');
148        $keyargs_content[] =
149          get_l10n_args('Validate: %s',
150            get_absolute_root_url().'comments.php?validate='.$comm['comment_id']);
151      }
152
153      pwg_mail_notification_admins
154      (
155        get_l10n_args('Comment by %s', $comm['author']),
156        $keyargs_content
157      );
158    }
159  }
160  return $comment_action;
161}
162
163?>
Note: See TracBrowser for help on using the repository browser.