source: extensions/CommentEditor/include/ce_functions.inc.php @ 3435

Last change on this file since 3435 was 3435, checked in by Criss, 15 years ago

Check existence of function update_user_comment()
  • Property svn:eol-style set to LF
File size: 4.4 KB
Line 
1<?php
2/* $Id: ce_functions.inc.php,v 1.3 2009/06/17 19:08:23 Criss Exp $ */
3if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
4
5/**
6 * Include class file
7 * @param $aClassName
8 * @return unknown_type
9 */
10function ce_require_class($aClassName) {
11    require_once CE_CLASSES .strtolower($aClassName) . '.class.php';
12}
13
14if (!function_exists('update_user_comment')) {
15
16/**
17 * Changed from Piwigo core function  insert_user_comment
18 */
19
20/**
21 * Tries to update a user comment in the database and returns one of :
22 * validate, moderate, reject
23 * @param array comm contains author, content, image_id
24 * @param string key secret key sent back to the browser
25 * @param array infos out array of messages
26 */
27function update_user_comment( &$comm, $key, &$infos )
28{
29  global $conf, $user;
30
31  $comm = array_merge( $comm,
32    array(
33      'ip' => $_SERVER['REMOTE_ADDR'],
34      'agent' => $_SERVER['HTTP_USER_AGENT']
35    )
36   );
37
38  $infos = array();
39  if (!$conf['comments_validation'] or is_admin())
40  {
41    $comment_action='validate'; //one of validate, moderate, reject
42  }
43  else
44  {
45    $comment_action='moderate'; //one of validate, moderate, reject
46  }
47
48  // display author field if the user status is guest or generic
49  if (!is_classic_user())
50  {
51    if ( empty($comm['author']) )
52    {
53      $comm['author'] = 'guest';
54    }
55    // if a guest try to use the name of an already existing user, he must be
56    // rejected
57    if ( $comm['author'] != 'guest' )
58    {
59      $query = '
60SELECT COUNT(*) AS user_exists
61  FROM '.USERS_TABLE.'
62  WHERE '.$conf['user_fields']['username']." = '".addslashes($comm['author'])."'";
63      $row = mysql_fetch_assoc( pwg_query( $query ) );
64      if ( $row['user_exists'] == 1 )
65      {
66        array_push($infos, l10n('comment_user_exists') );
67        $comment_action='reject';
68      }
69    }
70  }
71  else
72  {
73    if ( empty($comm['author'])) {
74        $comm['author'] = $user['username'];
75    }
76  }
77  if ( empty($comm['content']) )
78  { // empty comment content
79    $comment_action='reject';
80  }
81
82//  $key = explode( ':', @$key );
83//  if ( count($key)!=2
84//        or $key[0]>time()-2 // page must have been retrieved more than 2 sec ago
85//        or $key[0]<time()-3600 // 60 minutes expiration
86//        or hash_hmac(
87//              'md5', $key[0].':'.$comm['image_id'], $conf['secret_key']
88//            ) != $key[1]
89//      )
90//  {
91//    $comment_action='reject';
92//  }
93
94  if ($comment_action!='reject' and $conf['anti-flood_time']>0 )
95  { // anti-flood system
96    $reference_date = time() - $conf['anti-flood_time'];
97    $query = '
98SELECT id FROM '.COMMENTS_TABLE.'
99  WHERE date > FROM_UNIXTIME('.$reference_date.')
100    AND author = "'.addslashes($comm['author']).'"';
101    if ( mysql_num_rows( pwg_query( $query ) ) > 0 )
102    {
103      array_push( $infos, l10n('comment_anti-flood') );
104      $comment_action='reject';
105    }
106  }
107
108  // perform more spam check
109  $comment_action = trigger_event('user_comment_check',
110      $comment_action, $comm
111    );
112
113  if ( $comment_action!='reject' )
114  {
115
116    $query = 'UPDATE '.COMMENTS_TABLE;
117    $query.= ' SET author="'.addslashes($comm['author']).'"';
118    $query.= '    ,content="'.addslashes($comm['content']).'"';
119    if ('moderate' == $comment_action) {
120        $query.=',validated="false"';
121        $query.=', validation_date=NULL';
122    }
123    $query.=' WHERE (id='.$comm['comment_id'].' AND image_id='.$comm['image_id'].')';
124    pwg_query($query);
125
126    if
127      (
128        ($comment_action=='validate' and $conf['email_admin_on_comment'])
129        or
130        ($comment_action!='validate' and $conf['email_admin_on_comment_validation'])
131      )
132    {
133      include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');
134
135      $del_url =
136          get_absolute_root_url().'comments.php?delete='.$comm['comment_id'];
137
138      $keyargs_content = array
139      (
140        get_l10n_args('Author: %s', $comm['author']),
141        get_l10n_args('Comment: %s', $comm['content']),
142        get_l10n_args('', ''),
143        get_l10n_args('Delete: %s', $del_url)
144      );
145
146      if ($comment_action!='validate')
147      {
148        $keyargs_content[] =
149          get_l10n_args('', '');
150        $keyargs_content[] =
151          get_l10n_args('Validate: %s',
152            get_absolute_root_url().'comments.php?validate='.$comm['comment_id']);
153      }
154
155      pwg_mail_notification_admins
156      (
157        get_l10n_args('Comment by %s', $comm['author']),
158        $keyargs_content
159      );
160    }
161  }
162  return $comment_action;
163}
164
165} // function_exists
166
167?>
Note: See TracBrowser for help on using the repository browser.