NP_EzComment2/trunk/NP_EzComment2.php

   1 <?php\r
   2 /**\r
   3  * SHOW Comment Form/List PLUG-IN FOR NucleusCMS\r
   4  * PHP versions 5\r
   5  *\r
   6  * This program is free software; you can redistribute it and/or\r
   7  * modify it under the terms of the GNU General Public License\r
   8  * as published by the Free Software Foundation; either version 2\r
   9  * of the License, or (at your option) any later version.\r
  10  * (see nucleus/documentation/index.html#license for more info)\r
  11  *\r
  12  * @author    shizuki\r
  13  * @copyright 2008 shizuki\r
  14  * @license   http://www.gnu.org/licenses/gpl.txt  GNU GENERAL PUBLIC LICENSE Version 2, June 1991\r
  15  * @version   $Date$ $Revision: 1.13 $\r
  16  * @link      http://japan.nucleuscms.org/wiki/plugins:ezcomment2\r
  17  * @since     File available since Release 1.0\r
  18  */\r
  19 \r
  20 /**\r
  21  * version history\r
  22  *\r
  23  * $Log: not supported by cvs2svn $\r
  24  * Revision 1.12  2008/07/09 03:54:07  shizuki\r
  25  * *** empty log message ***\r
  26  *\r
  27  * Revision 1.11  2008/07/09 03:54:04  shizuki\r
  28  * *Fix header info URL:showblogs -> ezcomment2\r
  29  *\r
  30  *  * Revision 1.10  2008/07/08 16:14:57  shizuki\r
  31  * *Bug fix event_PreComment\r
  32  * *Correspondence preparations of NP_LatestWritebacks\r
  33  *\r
  34  * Revision 1.9  2008/07/08 15:14:27  shizuki\r
  35  * * Corresponds to event_PreComment.\r
  36  * * Fix typo.\r
  37  * * RC2\r
  38  *\r
  39  * Revision 1.8  2008/07/07 15:42:54  shizuki\r
  40  * * The experimental society  PHP Version: 5.2.6/MySQL Server Version (client): (5.1.25-rc-log 5.1.25-rc).\r
  41  * * The normal movement is confirmed.\r
  42  * * The SQL correction/behavior when installing, is changed a little.\r
  43  * * event_PostDeleteCommnent addition * It's corrected when being off login time and secret mode-lessly, so as not to take out a check box.\r
  44  * * NP_OpenId is indispensable in the present.\r
  45  * * NP_znSpecialTemplateParts is indispensable.\r
  46  * * It's expected to add the setting which will establish a password at the time of contribution without NP_OpenId and make it hidden from now on.\r
  47  * * It's RC edition, so please cooperate in the one with the environment.\r
  48  *\r
  49  * Revision 1.7  2008/07/07 10:24:00  shizuki\r
  50  * * Still, the human sacrifice test version.\r
  51  * * A template was separated for for index pages and item page.\r
  52  * * Subdivision of the showComment() function.\r
  53  * * It's changed so as not to fly to an indication part for indication in case of and OpenID of anything but the first item of an index page.\r
  54  * * A profile change part besides the first item of an index page is being adjusted.\r
  55  */\r
  56 \r
  57 class NP_EzComment2 extends NucleusPlugin\r
  58 {\r
  59         // {{{ properties\r
  60 \r
  61         /**\r
  62          * The calling number of times by the index page.\r
  63          *\r
  64          * @var integer\r
  65          */\r
  66         var $numcalled;\r
  67 \r
  68         /**\r
  69          * OpenID authentication module.\r
  70          *\r
  71          * @var object\r
  72          */\r
  73         var $authOpenID;\r
  74 \r
  75         /**\r
  76          * Flag of the case that one is invoker.\r
  77          *\r
  78          * @var boolean\r
  79          */\r
  80         var $callFlg;\r
  81 \r
  82         // }}}\r
  83         // {{{ getName()\r
  84 \r
  85         /**\r
  86          * Plugin Name\r
  87          *\r
  88          * @return string\r
  89          */\r
  90         function getName()\r
  91         {\r
  92                 return 'Ez Comment II';\r
  93         }\r
  94 \r
  95         // }}}\r
  96         // {{{ getAuthor()\r
  97 \r
  98         /**\r
  99          * Author Name\r
 100          *\r
 101          * @return string\r
 102          */\r
 103         function getAuthor()\r
 104         {\r
 105                 return 'shizuki';\r
 106         }\r
 107 \r
 108         // }}}\r
 109         // {{{ getURL()\r
 110 \r
 111         /**\r
 112          * I get a plug-in, the address of the possible site or author's mail address.\r
 113          *\r
 114          * @return string\r
 115          */\r
 116         function getURL()\r
 117         {\r
 118                 return 'http://japan.nucleuscms.org/wiki/plugins:ezcomment2';\r
 119         }\r
 120 \r
 121         // }}}\r
 122         // {{{ getPluginDep()\r
 123 \r
 124         /**\r
 125          * Plugin Dependency.\r
 126          *\r
 127          * @return array\r
 128          */\r
 129         function getPluginDep()\r
 130         {\r
 131                 return array(\r
 132                         'NP_OpenId',\r
 133                         'NP_znSpecialTemplateParts',\r
 134                 );\r
 135         }\r
 136 \r
 137         // }}}\r
 138         // {{{ getVersion()\r
 139 \r
 140         /**\r
 141          * Plugin Version.\r
 142          *\r
 143          * @return string\r
 144          */\r
 145         function getVersion()\r
 146         {\r
 147                 return '$Date$ $Revision: 1.13 $';\r
 148         }\r
 149 \r
 150         // }}}\r
 151         // {{{ getDescription()\r
 152 \r
 153         /**\r
 154          * Plugin Description\r
 155          *\r
 156          * @return string\r
 157          */\r
 158         function getDescription()\r
 159         {\r
 160                 return  _NP_EZCOMMENT2_DESC;\r
 161         }\r
 162 \r
 163         // }}}\r
 164         // {{{ supportsFeature($what)\r
 165 \r
 166         /**\r
 167          * Supports Nucleus Feature\r
 168          *\r
 169          * @param  string\r
 170          * @return boolean\r
 171          */\r
 172         function supportsFeature($what)\r
 173         {\r
 174                 switch ($what) {\r
 175                         case 'SqlTablePrefix':\r
 176                                 return 1;\r
 177                         default:\r
 178                                 return 0;\r
 179                 }\r
 180         }\r
 181 \r
 182         // }}}\r
 183         // {{{ getEventList()\r
 184 \r
 185         /**\r
 186          * List of feature event\r
 187          *\r
 188          * @return array\r
 189          */\r
 190         function getEventList()\r
 191         {\r
 192                 global $manager;\r
 193                 return array(\r
 194                         'FormExtra',\r
 195                         'PostAddComment',\r
 196                         'PostDeleteComment',\r
 197                         'PreComment',\r
 198                 );\r
 199         }\r
 200 \r
 201         // }}}\r
 202         // {{{ getTableList()\r
 203 \r
 204         /**\r
 205           * Database tables for plugin used\r
 206           *\r
 207           * @return array\r
 208           **/\r
 209         function getTableList()\r
 210         {\r
 211                 return array(\r
 212                         sql_table('plug_ezcomment2'),\r
 213                 );\r
 214         }\r
 215 \r
 216         // }}}\r
 217         // {{{ install()\r
 218 \r
 219         /**\r
 220          * Install function\r
 221          *\r
 222          * @return void.\r
 223          */\r
 224         function install()\r
 225         {\r
 226                 if (!TEMPLATE::exists('EzCommentTemplate')) {\r
 227                         global $DIR_LIBS;\r
 228                         include_once($DIR_LIBS . 'skinie.php');\r
 229                         $importer = new SKINIMPORT();\r
 230                         $importer->reset();\r
 231                         $template = $this->getDirectory() . 'skinbackup.xml';\r
 232                         if (!@file_exists($template)) {\r
 233                                 $aErrors[] = 'Unable to import ' . $template . ' : file does not exist';\r
 234                                 continue;\r
 235                         }\r
 236                         $error = $importer->readFile($template);\r
 237                         if ($error) {\r
 238                                 $aErrors[] = 'Unable to import ' . $template . ' : ' . $error;\r
 239                                 continue;\r
 240                         }\r
 241                         $error = $importer->writeToDatabase(1);\r
 242                         if ($error) {\r
 243                                 $aErrors[] = 'Unable to import ' . $template . ' : ' . $error;\r
 244                                 continue;\r
 245                         }\r
 246                         if ($aErrors) {\r
 247                                 $message = implode("<br />\n", $aErrors);\r
 248                                 doError($message);\r
 249                         }\r
 250                 }\r
 251                 $this->createBlogOption('secret',     _NP_EZCOMMENT2_OP_SECRETMODE,  'yesno', 'yes');\r
 252                 $this->createBlogOption('secComment', _NP_EZCOMMENT2_OP_SUBSTIUTION, 'text',  _NP_EZCOMMENT2_OP_SUBSTIUTION_VAL);\r
 253                 $this->createBlogOption('secLabel',   _NP_EZCOMMENT2_OP_CHECKLABEL,  'text',  _NP_EZCOMMENT2_OP_CHECKLABEL_VAL);\r
 254                 $this->createOption('tabledel',       _NP_EZCOMMENT2_OP_DROPTABLE,   'yesno', 'yes');\r
 255                 $sql = 'CREATE TABLE IF NOT EXISTS %s ('\r
 256                          . '`comid`  int(11)  NOT NULL, '\r
 257                          . '`secflg` tinyint(1)   NULL, '\r
 258                          . '`module` varchar(15)  NULL, '\r
 259                          . '`userID` varchar(255) NULL, '\r
 260                          . 'PRIMARY KEY(`comid`) );';\r
 261                 sql_query(sprintf($sql, sql_table('plug_ezcomment2')));\r
 262                 $this->updateTable();\r
 263         }\r
 264 \r
 265         // }}}\r
 266         // {{{ uninstall()\r
 267 \r
 268         /**\r
 269          * Un Install function\r
 270          *\r
 271          * @return void.\r
 272          */\r
 273         function uninstall()\r
 274         {\r
 275                 if ($this->getOption('tabledel') == 'yes')\r
 276                         sql_query('DROP TABLE '.sql_table('plug_ezcomment2'));\r
 277         }\r
 278 \r
 279         // }}}\r
 280         // {{{ init()\r
 281 \r
 282         /**\r
 283          * Initialize\r
 284          *\r
 285          * @return void.\r
 286          */\r
 287         function init()\r
 288         {\r
 289                 $this->languageInclude();\r
 290                 $this->numcalled = 0;\r
 291                 $this->callFlg   = false;\r
 292                 global $manager;\r
 293                 if ($manager->pluginInstalled('NP_OpenId') && !$this->authOpenID) {\r
 294                         $this->authOpenID = $manager->getPlugin('NP_OpenId');\r
 295                 }\r
 296         }\r
 297 \r
 298         // }}}\r
 299         // {{{ event_PostAddComment($data)\r
 300 \r
 301         /**\r
 302          * After adding a comment to the database.\r
 303          *\r
 304          * @param  array\r
 305          *                      commentid integer\r
 306          *                      comment   array\r
 307          *                      spamcheck array\r
 308          * @return void.\r
 309          */\r
 310         function event_PostAddComment($data)\r
 311         {\r
 312                 global $member;\r
 313                 switch (true) {\r
 314                         case $member->isLoggedin():\r
 315                                 $userID = '"' . $member->getID() . '"';\r
 316                                 $module = '"Nucleus"';\r
 317                                 break;\r
 318                         case ($this->authOpenID && $this->authOpenID->isLoggedin()):\r
 319                                 $userID = '"' . $this->authOpenID->loggedinUser['identity'] . '"';\r
 320                                 $module = '"OpenID"';\r
 321                                 break;\r
 322                         default:\r
 323                                 $userID = 'NULL';\r
 324                                 $module = 'NULL';\r
 325                                 break;\r
 326                 }\r
 327                 if (postVar('EzComment2_Secret')) {\r
 328                         $secCheck = 1;\r
 329                 } else {\r
 330                         $secCheck = 'NULL';\r
 331                 }\r
 332                 $sql = 'INSERT INTO ' . sql_table('plug_ezcomment2')\r
 333                          . ' (`comid`, `secflg`, `module`, `userID`) VALUES (%d, %d, %s, %s)';\r
 334                 sql_query(sprintf($sql, $data['commentid'], $secCheck, $module, $userID));\r
 335         }\r
 336 \r
 337         // }}}\r
 338         // {{{ event_PostDeleteComment($data)\r
 339 \r
 340         /**\r
 341          * After a comment has been deleted from the database.\r
 342          *\r
 343          * @param  array\r
 344          *                      commentid integer\r
 345          * @return void.\r
 346          */\r
 347         function event_PostDeleteComment($data)\r
 348         {\r
 349                 $sql = 'DELETE FROM ' . sql_table('plug_ezcomment2')\r
 350                          . ' WHERE `comid` = %d LIMIT 1';\r
 351                 sql_query(sprintf($sql, $data['commentid']));\r
 352         }\r
 353 \r
 354         // }}}\r
 355         // {{{ event_FormExtra(&$data)\r
 356 \r
 357         /**\r
 358          * Inside one of the comment, membermail or account activation forms.\r
 359          *\r
 360          * @param  array\r
 361          *                      type string\r
 362          * @return void.\r
 363          */\r
 364         function event_FormExtra(&$data)\r
 365         {\r
 366                 global $member, $blogid;\r
 367                 $this->numcalled++;\r
 368                 if ($blogid && $this->getBlogOption($blogid, 'secret') == 'yes' &&\r
 369                         ($member->isLoggedin() || ($this->authOpenID && $this->authOpenID->isLoggedin()))) {\r
 370                                 echo '<br /><input type="checkbox" value="1" name="EzComment2_Secret" id="EzComment2_Secret_' . $this->numcalled . '" />';\r
 371                                 echo '<label for="EzComment2_Secret_' . $this->numcalled . '">'.$this->getBlogOption($bid, 'secLabel').'</label><br />';\r
 372                 }\r
 373                 if ($this->authOpenID) {\r
 374                         $this->plugOpenIDdoSkinVar($this->commentSkinType, $this->commentItemId);\r
 375                 }\r
 376         }\r
 377 \r
 378         // }}}\r
 379         // {{{ event_PreComment(&$data)\r
 380 \r
 381         /**\r
 382          * Inside one of the comment, membermail or account activation forms.\r
 383          *\r
 384          * @param  array\r
 385          *                      comment array\r
 386          * @return void.\r
 387          */\r
 388         function event_PreComment(&$data)\r
 389         {\r
 390                 if ($this->callFlg) return;\r
 391                 $sql = 'SELECT secflg, userID FROM ' . sql_table('plug_ezcomment2')\r
 392                          . ' WHERE comid = ' . intval($data['comment']['commentid']);\r
 393                 $res = sql_query($sql);\r
 394                 $flg = mysql_fetch_assoc($res);\r
 395                 if (!$flg['secflg']) return;\r
 396                 $data['comment']['identity'] = $flg['userID'];\r
 397                 global $manager, $member;\r
 398                 $bid   = intval($data['comment']['blogid']);\r
 399                 $b     = $manager->getBlog($bid);\r
 400                 $judge = $this->setSecretJudge($bid, $member, $b);\r
 401                 $data['comment'] = $this->JudgementCommentSecrets($data['comment'], $judge);\r
 402 //              print_r($data);\r
 403         }\r
 404 \r
 405         // }}}\r
 406         // {{{ doTemplateVar()\r
 407 \r
 408         /**\r
 409          * Basically the same as doSkinVar,\r
 410          * but this time for calls of the <%plugin(...)%>-var in templates (item header/body/footer and dateheader/footer).\r
 411          *\r
 412          * @param  object item object(refarence)\r
 413          * @param  string\r
 414          * @param  string\r
 415          * @param  string\r
 416          * @param  string\r
 417          * @param  string\r
 418          * @return void.\r
 419          */\r
 420         function doTemplateVar(&$item,\r
 421                                                         $showType       = '',\r
 422                                                         $showMode       = '5/1/1',\r
 423                                                         $destinationurl = '',\r
 424                                                         $formTemplate   = 'EzCommentTemplate',\r
 425                                                         $listTemplate   = 'EzCommentTemplate')\r
 426         {\r
 427                 $this->doSkinVar('template', $showType, $showMode, $destinationurl, $formTemplate, $listTemplate, $item);\r
 428         }\r
 429 \r
 430         // }}}\r
 431         // {{{ doSkinVar()\r
 432 \r
 433         /**\r
 434          * When plugins are called using the <%plugin(...)%>-skinvar, this method will be called. \r
 435          *\r
 436          * @param  string\r
 437          * @param  string\r
 438          * @param  string\r
 439          * @param  string\r
 440          * @param  string\r
 441          * @param  string\r
 442          * @param  object item object(refarence)\r
 443          * @return void.\r
 444          */\r
 445         function doSkinVar($skinType,\r
 446                                            $showType       = '',\r
 447                                            $showMode       = '5/1/1',\r
 448                                            $destinationurl = '',\r
 449                                            $formTemplate   = 'EzCommentTemplate',\r
 450                                            $listTemplate   = 'EzCommentTemplate',\r
 451                                           &$commentItem    = '')\r
 452         {\r
 453                 if ($skinType != 'item' && $skinType != 'template') return;\r
 454                 global $manager, $member, $itemid;\r
 455                 if (!$commentItem && $itemid) {\r
 456                         $commentItem = $manager->getItem($itemid, 0, 0);\r
 457                         if (is_array($commentItem)) {\r
 458                                 $commentItem = (object)$commentItem;\r
 459                         }\r
 460                 }\r
 461                 if (!$commentItem || $commentItem->closed) {\r
 462                         echo _ERROR_ITEMCLOSED;\r
 463                         return 0;\r
 464                 }\r
 465 \r
 466                 if (is_numeric($showType) || strpos($showType, '/') !== false) $showMode = $showType;\r
 467                 if ($showType != 'list' && $showType != 'form') {\r
 468                         $showType = '';\r
 469                 }\r
 470                 if (!$showMode) {\r
 471                         $showMode = '5/1/1';\r
 472                 }\r
 473                 list($maxToShow, $sortOrder, $commentOrder) = explode('/', $showMode);\r
 474                 if (!$maxToShow) $maxToShow = 5;\r
 475                 if (!$sortOrder) $sortOrder = 1;\r
 476                 if ($commentOrder > 0) {\r
 477                         $commentOrder = true;\r
 478                 } else {\r
 479                         $commentOrder = false;\r
 480                 }\r
 481                 if (!$formTemplate) $formTemplate = 'EzCommentTemplate';\r
 482                 if (!$listTemplate) $listTemplate = 'EzCommentTemplate';\r
 483 \r
 484                 switch ($showType) {\r
 485                         case 'list':\r
 486                                 $listTemplate = TEMPLATE::read($listTemplate);\r
 487                                 $this->showComment($commentItem, $listTemplate, $maxToShow, $commentOrder, $skinType);\r
 488                                 break;\r
 489                         case 'form':\r
 490                                 $formTemplate = TEMPLATE::read($formTemplate);\r
 491                                 $this->showForm($commentItem, $formTemplate, $destinationurl, $skinType);\r
 492                                 break;\r
 493                         default:\r
 494                                 $listTemplate = TEMPLATE::read($listTemplate);\r
 495                                 $formTemplate = TEMPLATE::read($formTemplate);\r
 496                                 if ($sortOrder) {\r
 497                                         $this->showComment($commentItem, $listTemplate, $maxToShow, $commentOrder, $skinType);\r
 498                                         $this->showForm($commentItem, $formTemplate, $destinationurl, $skinType);\r
 499                                 } else {\r
 500                                         $this->showForm($commentItem, $formTemplate, $destinationurl, $skinType);\r
 501                                         $this->showComment($commentItem, $listTemplate, $maxToShow, $commentOrder, $skinType);\r
 502                                 }\r
 503                                 break;\r
 504                 }\r
 505         }\r
 506 \r
 507         // }}}\r
 508         // {{{ languageInclude()\r
 509 \r
 510         /**\r
 511          * Include language file\r
 512          *\r
 513          * @return void.\r
 514          */\r
 515         function languageInclude()\r
 516         {\r
 517                 $language = ereg_replace( '[\\|/]', '', getLanguageName());\r
 518                 if (file_exists($this->getDirectory() . 'language/' . $language . '.php')) {\r
 519                         include_once($this->getDirectory() . 'language/' . $language . '.php');\r
 520                 } else {\r
 521                         include_once($this->getDirectory() . 'language/english.php');\r
 522                 }\r
 523         }\r
 524 \r
 525         // }}}\r
 526         // {{{ updateTable()\r
 527 \r
 528         /**\r
 529          * Update database table\r
 530          *\r
 531          * @return void.\r
 532          */\r
 533         function updateTable()\r
 534         {\r
 535                 $sql = 'SELECT c.cnumber as cid FROM ' . sql_table('comment') . ' as c '\r
 536                          . 'LEFT JOIN ' . sql_table('plug_ezcomment2') . ' as s '\r
 537                          . 'ON c.cnumber=s.comid WHERE s.comid IS NULL';\r
 538                 $res = sql_query($sql);\r
 539                 $sql = 'INSERT INTO ' . sql_table('plug_ezcomment2') . '(`comid`) VALUES (%d)';\r
 540                 while ($cid = mysql_fetch_assoc($res)) {\r
 541                         sql_query(sprintf($sql, $cid['cid']));\r
 542                 }\r
 543         }\r
 544 \r
 545         // }}}\r
 546         // {{{ plugOpenIDdoSkinVar()\r
 547 \r
 548         /**\r
 549          * Overwride NP_OpenId's doSkinVar()\r
 550          * \r
 551          * @param  string\r
 552          * @param  integer\r
 553          * @return void.\r
 554          */\r
 555         function plugOpenIDdoSkinVar($skinType, $iid = 0)\r
 556         {\r
 557                 global $CONF, $manager, $member;\r
 558                 if ($member->isLoggedIn()) return;\r
 559                 $authOpenID   = $this->authOpenID;\r
 560                 if (!$authOpenID) return;\r
 561                 $externalauth = array ( 'source' => $authOpenID->getName() );\r
 562                 $manager->notify('ExternalAuth', array ('externalauth' => &$externalauth));\r
 563                 if (isset($externalauth['result']) && $externalauth['result'] == true) return;\r
 564                 $templateEngine     = $authOpenID->_getTemplateEngine();\r
 565                 $aVars              = array();\r
 566                 $aVars['PluginURL'] = $CONF['PluginURL'];\r
 567                 if ($authOpenID->isLoggedin()) {\r
 568                         // Loggedin\r
 569                         if ($skinType == 'template') {\r
 570                                 require_once 'cles/Template.php';\r
 571                                 $templateDirectory           =  rtrim($this->getDirectory(), '/');\r
 572                                 $templateEngine              =& new cles_Template($templateDirectory);\r
 573                                 $templateEngine->defaultLang =  'english';\r
 574                                 $aVars['itemid'] = intval($iid);\r
 575                         }\r
 576                         $nowURL             = 'http://' . serverVar("HTTP_HOST")\r
 577                                                                 . serverVar("REQUEST_URI");\r
 578                         $aVars['url']       = $authOpenID->getAdminURL() . 'rd.php?action=rd'\r
 579                                                                 . '&url=' . urlencode($nowURL);\r
 580                         $aVars['nick']      = $authOpenID->loggedinUser['nick'];\r
 581                         $aVars['email']     = $authOpenID->loggedinUser['email'];\r
 582                         $aVars['ts']        = $authOpenID->loggedinUser['ts'];\r
 583                         $aVars['identity']  = $authOpenID->loggedinUser['identity'];\r
 584                         $aVars['visible']   = $aVars['nick'] ? 'false' : 'true' ;\r
 585                         $actionUrl          = parse_url($CONF['ActionURL']);\r
 586                         $aVars['updateUrl'] = $actionUrl['path'];\r
 587                         if ($skinType == 'item' || ($skinType == 'template' && $this->numcalled == 0)) {\r
 588                                 echo $templateEngine->fetchAndFill('yui',         $aVars, 'np_openid');\r
 589                                 echo $templateEngine->fetchAndFill('form',        $aVars, 'np_openid');\r
 590                         }\r
 591                         echo $templateEngine->fetchAndFill('loggedin',    $aVars, 'np_openid');\r
 592                 } elseif (!$authOpenID->isLoggedin()) {\r
 593                         // Not loggedin\r
 594                         $aVars['url']       = $authOpenID->getAdminURL() . 'rd.php?action=doauth'\r
 595                                                             . '&return_url=' . urlencode(createItemLink(intval($iid)));\r
 596                         echo $templateEngine->fetchAndFill('notloggedin', $aVars, 'np_openid');\r
 597                 }\r
 598         }\r
 599 \r
 600         // }}}\r
 601         // {{{ checkDestinationurl($destinationurl)\r
 602 \r
 603         /**\r
 604          * Destinationurl check\r
 605          *\r
 606          * @param  string\r
 607          * @return string\r
 608          */\r
 609         function checkDestinationurl($destinationurl, $iid, $cid = 0, $scid = 0)\r
 610         {\r
 611                 if (stristr($destinationurl, 'action.php') || empty($destinationurl)) {\r
 612                         if (stristr($destinationurl, 'action.php')) {\r
 613                                 $logMessage = 'actionurl is not longer a parameter on commentform skinvars.'\r
 614                                                         . ' Moved to be a global setting instead.';\r
 615                                 ACTIONLOG::add(WARNING, $logMessage);\r
 616                         }\r
 617                         if ($cid) {\r
 618                                 $linkparams['catid'] = intval($cid);\r
 619                         }\r
 620                         global $manager;\r
 621                         if ($manager->pluginInstalled('NP_MultipleCategories') && $scid) {\r
 622                                 $linkparams['subcatid'] = intval($scid);\r
 623                         }\r
 624                         $destinationurl = createItemLink(intval($iid), $linkparams);\r
 625                 } else {\r
 626                         $destinationurl = preg_replace('|[^a-z0-9-~+_.?#=&;,/:@%]|i', '', $destinationurl);\r
 627                 }\r
 628                 return $destinationurl;\r
 629         }\r
 630 \r
 631         // }}}\r
 632         // {{{ getCommentatorInfo()\r
 633 \r
 634         /**\r
 635          * Get commentator info.\r
 636          *\r
 637          * @return array\r
 638          */\r
 639         function getCommentatorInfo()\r
 640         {\r
 641                 global $CONF;\r
 642                 $user = cookieVar($CONF['CookiePrefix'] .'comment_user');\r
 643                 if (!$user) {\r
 644                         $user = postVar('user');\r
 645                 }\r
 646                 $userid = cookieVar($CONF['CookiePrefix'] .'comment_userid');\r
 647                 if (!$userid) {\r
 648                         $userid = postVar('userid');\r
 649                 }\r
 650                 $email = cookieVar($CONF['CookiePrefix'] .'comment_email');\r
 651                 if (!$email) {\r
 652                         $email = postVar('email');\r
 653                 }\r
 654                 $body    = postVar('body');\r
 655                 return array(\r
 656                         $user,\r
 657                         $userid,\r
 658                         $email,\r
 659                         $body\r
 660                 );\r
 661         }\r
 662         // {{{ showForm()\r
 663 \r
 664         /**\r
 665          * Show comment form\r
 666          *\r
 667          * @param  object\r
 668          * @param  string\r
 669          * @param  string\r
 670          * @param  string\r
 671          * @return void.\r
 672          */\r
 673         function showForm($commentItem, $template, $destinationurl, $skinType)\r
 674         {\r
 675                 global $CONF, $manager, $member, $catid, $subcatid;\r
 676                 $bid =  getBlogIDFromItemID($commentItem->itemid);\r
 677                 $b   =& $manager->getBlog($bid);\r
 678                 $b->readSettings();\r
 679                 if (!$member->isLoggedIn() && !$b->commentsEnabled()) {\r
 680                         return;\r
 681                 }\r
 682                 $destinationurl = $this->checkDestinationurl($destinationurl, $commentItem->itemid, $catid, $subcatid);\r
 683                 list($user, $userid, $email, $body) = $this->getCommentatorInfo();\r
 684 \r
 685                 $checked = cookieVar($CONF['CookiePrefix'] .'comment_user') ? 'checked="checked" ' : '';\r
 686 \r
 687                 $formdata = array(\r
 688                         'self'            => $this->_hsc(serverVar('REQUEST_URI')),\r
 689                         'destinationurl'  => $this->_hsc($destinationurl),\r
 690                         'actionurl'       => $this->_hsc($CONF['ActionURL']),\r
 691                         'itemid'          => intval($commentItem->itemid),\r
 692                         'user'            => $this->_hsc($user),\r
 693                         'userid'          => $this->_hsc($userid),\r
 694                         'email'           => $this->_hsc($email),\r
 695                         'body'            => $this->_hsc($body),\r
 696 //                      'membername'      => $this->_hsc($membername),\r
 697                         'rememberchecked' => $checked\r
 698                 );\r
 699                 if ($skinType == 'item') {\r
 700                         $formFlg = '_ITM';\r
 701                 } else {\r
 702                         $formFlg = '_IDX';\r
 703                 }\r
 704                 if ($member && $member->isLoggedIn()) {\r
 705                         $formType = 'FORM_LOGGEDIN' . $formFlg;\r
 706                         $loginMember = $member->createFromID($member->getID());\r
 707                         $formdata['membername'] = $this->_hsc($loginMember->getDisplayName());\r
 708                 } else {\r
 709                         $formType = 'FORM_NOTLOGGEDIN' . $formFlg;\r
 710                 }\r
 711                 if ($this->authOpenID && ($skinType == 'item' || $this->numcalled == 0)) {\r
 712                         $this->plugOpenIDdoSkinVar($skinType, intval($commentItem->itemid));\r
 713                 }\r
 714                 $this->commentItemId   = intval($commentItem->itemid);\r
 715                 $this->commentSkinType = $skinType;\r
 716                 $contents   = $template[$formType];\r
 717                 include_once($this->getDirectory() . 'EzCommentActions.php');\r
 718                 $formAction =& new EzCommentFormActions($commentItem, $formdata, $loginMember);\r
 719                 $parser     =& new PARSER($formAction->getAllowedActions(), $formAction);\r
 720                 $parser->parse(&$contents);\r
 721         }\r
 722 \r
 723         // }}}\r
 724         // {{{ showComment()\r
 725 \r
 726         /**\r
 727          * Show comments\r
 728          *\r
 729          * @param  object\r
 730          * @param  string\r
 731          * @param  string\r
 732          * @param  string\r
 733          * @param  string\r
 734          * @return void.\r
 735          */\r
 736         function showComment($commentItem, $template, $maxToShow, $commentOrder, $skinType)\r
 737         {\r
 738                 global $manager, $member;\r
 739                 $bid =  getBlogIDFromItemID($commentItem->itemid);\r
 740                 $b   =& $manager->getBlog($bid);\r
 741                 if (!$b->commentsEnabled()) return;\r
 742                 if (!$maxToShow) {\r
 743                         $maxToShow = $b->getMaxComments();\r
 744                 }\r
 745                 $itemActions =& new ITEMACTIONS($b);\r
 746                 $itemActions->setCurrentItem($commentItem);\r
 747                 $commentObj =& new COMMENTS($commentItem->itemid);\r
 748                 $commentObj->setItemActions($itemActions);\r
 749                 $commentObj->commentcount = $commentObj->amountComments();\r
 750                 // create parser object & action handler\r
 751                 include_once($this->getDirectory() . 'EzCommentActions.php');\r
 752                 $actions =& new EzCommentActions($commentObj);\r
 753                 $parser  =& new PARSER($actions->getAllowedActions(), $actions);\r
 754                 $actions->setTemplate($template);\r
 755                 $actions->setParser($parser);\r
 756                 if ($commentObj->commentcount == 0) {\r
 757                         $parser->parse($template['COMMENTS_NONE']);\r
 758                         return 0;\r
 759                 }\r
 760                 $actions->setPostnum($commentObj->commentcount);\r
 761                 if ($maxToShow && $maxToShow < $commentObj->commentcount && $commentOrder) {\r
 762                         $startnum = $commentObj->commentcount - $maxToShow;\r
 763                 } else {\r
 764                         $startnum = 0;\r
 765                 }\r
 766                 $comments = $this->getComments($commentOrder, intval($commentItem->itemid), $maxToShow, $startnum);\r
 767                 $viewnum  = mysql_num_rows($comments);\r
 768                 $actions->setViewnum($viewnum);\r
 769                 if ($this->getBlogOption($bid, 'secret') == 'yes') {\r
 770                         $judge = $this->setSecretJudge($bid, $member, $b);\r
 771                 }\r
 772 \r
 773                 $templateType = '';\r
 774                 if ($skinType == 'template') $templateType = '_IDX';\r
 775                 $blogURL       = $b->getURL();\r
 776                 $substitution  = $this->getBlogOption($bid, 'secComment');\r
 777                 $this->callFlg = true;\r
 778                 $parser->parse($template['COMMENTS_HEADER' . $templateType]);\r
 779 \r
 780                 while ($comment = mysql_fetch_assoc($comments)) {\r
 781                         $comment['timestamp'] = strtotime($comment['ctime']);\r
 782                         if ($judge && $comment['secret']) {\r
 783                                 $comment = $this->JudgementCommentSecrets($comment, $judge);\r
 784                         }\r
 785                         $actions->setCurrentComment($comment);\r
 786                         $manager->notify('PreComment', array('comment' => &$comment));\r
 787                         $parser->parse($template['COMMENTS_BODY' . $templateType]);\r
 788                         $manager->notify('PostComment', array('comment' => &$comment));\r
 789                 }\r
 790 \r
 791                 $parser->parse($template['COMMENTS_FOOTER' . $templateType]);\r
 792 \r
 793                 mysql_free_result($comments);\r
 794 \r
 795         }\r
 796 \r
 797         // }}}\r
 798         // {{{ setSecretJudge($bid)\r
 799 \r
 800         /**\r
 801          * Setting for judgment of whether it's a comment of a secret.\r
 802          *\r
 803          * @param  intgre\r
 804          * @param  object\r
 805          * @param  object\r
 806          * @return array\r
 807          */\r
 808         function setSecretJudge($bid, $member, $b)\r
 809         {\r
 810                 $memberLoggedin = $member->isLoggedin();\r
 811                 $loginUser      = $member->getID();\r
 812                 $blogAdmin      = $member->blogAdminRights($bid);\r
 813                 $blogURL        = $b->getURL();\r
 814                 $substitution   = $this->getBlogOption($bid, 'secComment');\r
 815                 if ($this->authOpenID) {\r
 816                         $openIDLoggedin = $this->authOpenID->isLoggedin();\r
 817                         $openIDUser     = $this->authOpenID->loggedinUser['identity'];\r
 818                 }\r
 819                 return array(\r
 820                         'memberLoggedin' => $memberLoggedin,\r
 821                         'loginUser'      => $loginUser,\r
 822                         'blogAdmin'      => $blogAdmin,\r
 823                         'blogURL'        => $blogURL,\r
 824                         'substitution'   => $substitution,\r
 825                         'openIDLoggedin' => $openIDLoggedin,\r
 826                         'openIDUser'     => $openIDUser,\r
 827                 );\r
 828         }\r
 829 \r
 830         // }}}\r
 831         // {{{ JudgementCommentSecrets($comment, $judge)\r
 832 \r
 833         /**\r
 834          * Comment is secret ?\r
 835          *\r
 836          * @param  array\r
 837          * @param  array\r
 838          * @param  string\r
 839          * @param  string\r
 840          * @return array\r
 841          */\r
 842         function JudgementCommentSecrets($comment, $judge)\r
 843         {\r
 844 /*              if ($judge['memberLoggedin']) {\r
 845                         echo 'member';\r
 846                         if ($judge['loginUser']  == intval($comment['identity'])) {\r
 847                                 echo 'commentator';\r
 848                         } elseif ($judge['blogAdmin']) {\r
 849                                 echo 'admin';\r
 850                         }\r
 851                 } elseif ($judge['openIDLoggedin']) {\r
 852 //                      echo 'openid / ';\r
 853                         echo $judge['openIDUser'].' / ';\r
 854                         echo $comment['identity'].' / ';\r
 855                                 echo "honnnin";\r
 856                 }*/\r
 857                 if (!(($judge['memberLoggedin'] && ($judge['loginUser']  == intval($comment['identity']) || $judge['blogAdmin'])) ||\r
 858                         ($judge['openIDLoggedin'] && $judge['openIDUser'] == $comment['identity']))) {\r
 859                                 $this->changeCommentSet($comment, $judge);\r
 860                         }\r
 861                 return $comment;\r
 862         }\r
 863 \r
 864         // }}}\r
 865         // {{{ changeCommentSet($comment, $blogURL, $substitution)\r
 866 \r
 867         /**\r
 868          * Change secret comment contents\r
 869          *\r
 870          * @param  array\r
 871          * @param  string\r
 872          * @param  string\r
 873          * @return array\r
 874          */\r
 875         function changeCommentSet(&$comment, $judge)\r
 876         {\r
 877                 global $manager;\r
 878                 $comment['body']        = $judge['substitution'];\r
 879                 $comment['short']       = $judge['substitution'];\r
 880                 $comment['excerpt']     = $judge['substitution'];\r
 881                 $comment['userid']      = $judge['blogURL'];\r
 882                 $comment['memberid']    = 0;\r
 883                 $comment['user']        = '#';\r
 884                 $comment['useremail']   = '#';\r
 885                 $comment['userwebsite'] = '#';\r
 886                 $comment['email']       = '#';\r
 887                 $comment['userlinkraw'] = '#';\r
 888                 $comment['userlink']    = '#';\r
 889                 $comment['host']        = '127.0.0.1';\r
 890                 $comment['ip']          = '127.0.0.1';\r
 891                 if ($manager->pluginInstalled('NP_LatestWritebacks')) {\r
 892                         $comment['commentbody'] = $judge['substitution'];\r
 893                         $comment['commentator'] = '#';\r
 894                 }\r
 895                 return $comment;\r
 896         }\r
 897         // {{{ getComments($comment, $judge)\r
 898 \r
 899         /**\r
 900          * Change in the comment contents.\r
 901          *\r
 902          * @param  boolean\r
 903          * @param  integre\r
 904          * @param  integre\r
 905          * @param  integre\r
 906          * @return resouce\r
 907          */\r
 908         function getComments($commentOrder, $iid, $maxToShow, $startnum)\r
 909         {\r
 910                 $order = ($commentOrder) ? "DESC" : "ASC";\r
 911                 $query = 'SELECT '\r
 912                            . 'c.citem   as itemid, '\r
 913                            . 'c.cnumber as commentid, '\r
 914                            . 'c.cbody   as body, '\r
 915                            . 'c.cuser   as user, '\r
 916                            . 'c.cmail   as userid, '\r
 917                            . 'c.cemail  as email, '\r
 918                            . 'c.cmember as memberid, '\r
 919                            . 'c.ctime, '\r
 920                            . 'c.chost   as host, '\r
 921                            . 'c.cip     as ip, '\r
 922                            . 'c.cblog   as blogid, '\r
 923                            . 's.comid   as cid, '\r
 924                            . 's.secflg  as secret, '\r
 925                            . 's.module  as modname, '\r
 926                            . 's.userID  as identity '\r
 927                            . ' FROM ' . sql_table('comment') . ' as c '\r
 928                            . ' LEFT OUTER JOIN ' . sql_table('plug_ezcomment2') . ' as s '\r
 929                            . ' ON c.cnumber = s.comid '\r
 930                            . ' WHERE c.citem = ' . intval($iid)\r
 931                            . ' ORDER BY c.ctime '\r
 932                            . $order;\r
 933                 if ($maxToShow) {\r
 934                         if ($order == "DESC") {\r
 935                                 $query .=' LIMIT ' . intval($maxToShow);\r
 936                         } else {\r
 937                                 $query .=' LIMIT ' . intval($startnum) . ',' . intval($maxToShow);\r
 938                         }\r
 939                 }\r
 940                 return sql_query($query);\r
 941                 \r
 942         }\r
 943 \r
 944         // }}}\r
 945         // {{{ getTemplateParts()\r
 946 \r
 947         /**\r
 948          * Comment form/list template via NP_znSpecialTemplateParts\r
 949          *\r
 950          * @return array\r
 951          */\r
 952         function getTemplateParts()\r
 953         {\r
 954                 $this->languageInclude();\r
 955                 return array(\r
 956                         'FORM_LOGGEDIN_IDX'    => _NP_EZCOMMENT2_FORM_LOGGEDIN_IDX, \r
 957                         'FORM_NOTLOGGEDIN_IDX' => _NP_EZCOMMENT2_FORM_NOTLOGGEDIN_IDX, \r
 958                         'FORM_LOGGEDIN_ITM'    => _NP_EZCOMMENT2_FORM_LOGGEDIN_ITM,\r
 959                         'FORM_NOTLOGGEDIN_ITM' => _NP_EZCOMMENT2_FORM_NOTLOGGEDIN_ITM, \r
 960                         'COMMENTS_BODY_IDX'    => _NP_EZCOMMENT2_COMMENTS_BODY_IDX, \r
 961                         'COMMENTS_FOOTER_IDX'  => _NP_EZCOMMENT2_COMMENTS_FOOTER_IDX, \r
 962                         'COMMENTS_HEADER_IDX'  => _NP_EZCOMMENT2_COMMENTS_HEADER_IDX,\r
 963                 );\r
 964         }\r
 965 \r
 966         // }}}\r
 967         // {{{ _hsc()\r
 968 \r
 969         /**\r
 970          * HTML entity\r
 971          *\r
 972          * @param  string\r
 973          * @return string\r
 974          */\r
 975         function _hsc($str)\r
 976         {\r
 977                 return htmlspecialchars($str, ENT_QUOTES, _CHARSET);\r
 978         }\r
 979         // }}}\r
 980         \r
 981 }\r
 982 \r
 983 \r
 984 \r