4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
5 * Copyright (C) 2002-2007 The Nucleus Group
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * (see nucleus/documentation/index.html#license for more info)
14 * A class representing a single comment
16 * @license http://nucleuscms.org/license.txt GNU General Public License
17 * @copyright Copyright (C) 2002-2007 The Nucleus Group
19 * $NucleusJP: COMMENT.php,v 1.4 2006/07/17 20:03:44 kimitake Exp $
24 * Returns the requested comment
28 function getComment($commentid) {
29 $query = 'SELECT `cnumber` AS commentid, `cbody` AS body, `cuser` AS user, `cmail` AS userid, `cemail` AS email, `cmember` AS memberid, `ctime`, `chost` AS host, `mname` AS member, `cip` AS ip, `cblog` AS blogid'
30 . ' FROM ' . sql_table('comment') . ' LEFT OUTER JOIN ' . sql_table('member') . ' ON `cmember` = `mnumber`'
31 . ' WHERE `cnumber` = ' . intval($commentid);
32 $comments = sql_query($query);
34 $aCommentInfo = sql_fetch_assoc($comments);
37 $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);
44 * Prepares a comment to be saved
48 function prepare($comment)
\r
50 $comment['user'] = strip_tags($comment['user']);
51 $comment['userid'] = strip_tags($comment['userid']);
52 $comment['email'] = strip_tags($comment['email']);
54 // remove newlines from user; remove quotes and newlines from userid and email; trim whitespace from beginning and end
55 $comment['user'] = trim(strtr($comment['user'], "\n", ' ') );
56 $comment['userid'] = trim(strtr($comment['userid'], "\'\"\n", '-- ') );
57 $comment['email'] = trim(strtr($comment['email'], "\'\"\n", '-- ') );
59 // begin if: a comment userid is supplied, but does not have an "http://" or "https://" at the beginning - prepend an "http://"
60 if ( !empty($comment['userid']) && (strpos($comment['userid'], 'http://') !== 0) && (strpos($comment['userid'], 'https://') !== 0) )
\r
62 $comment['userid'] = 'http://' . $comment['userid'];
65 $comment['body'] = COMMENT::prepareBody($comment['body']);
71 * Prepares the body of a comment
75 function prepareBody($body) {
77 # replaced ereg_replace() below with preg_replace(). ereg* functions are deprecated in PHP 5.3.0
78 # original ereg_replace: ereg_replace("\n.\n.\n", "\n", $body);
80 // convert Windows and Mac style 'returns' to *nix newlines
81 $body = preg_replace("/\r\n/", "\n", $body);
82 $body = preg_replace("/\r/", "\n", $body);
84 // then remove newlines when too many in a row (3 or more newlines get converted to 1 newline)
85 $body = preg_replace("/\n{3,}/", "\n\n", $body);
87 // encode special characters as entities
88 $body = htmlspecialchars($body);
90 // trim away whitespace and newlines at beginning and end
94 $body = addBreaks($body);
96 // create hyperlinks for http:// addresses
97 // there's a testcase for this in /build/testcases/urllinking.txt
99 $replace_from = array(
\r
100 '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/i',
\r
101 '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/i',
\r
102 '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/i',
\r
103 '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/i'
\r
106 $body = preg_replace_callback($replace_from, array('self', 'prepareBody_cb'), $body);
114 * Creates a link code for unlinked URLs with different protocols
118 function createLinkCode($pre, $url, $protocol = 'http') {
121 // it's possible that $url ends contains entities we don't want,
122 // since htmlspecialchars is applied _before_ URL linking
123 // move the part of URL, starting from the disallowed entity to the 'post' link part
124 $aBadEntities = array('"', '>', '<');
125 foreach ($aBadEntities as $entity) {
127 $pos = strpos($url, $entity);
130 $post = substr($url, $pos) . $post;
131 $url = substr($url, 0, $pos);
136 // remove entities at end (&&&&)
137 if (preg_match('/(&\w+;)+$/i', $url, $matches) ) {
138 $post = $matches[0] . $post; // found entities (1 or more)
139 $url = substr($url, 0, strlen($url) - strlen($post) );
142 // move ending comma from url to 'post' part
143 if (substr($url, strlen($url) - 1) == ',') {
144 $url = substr($url, 0, strlen($url) - 1);
148 # replaced ereg() below with preg_match(). ereg* functions are deprecated in PHP 5.3.0
149 # original ereg: ereg('^' . $protocol . '://', $url)
151 if (!preg_match('#^' . $protocol . '://#', $url) )
153 $linkedUrl = $protocol . ( ($protocol == 'mailto') ? ':' : '://') . $url;
160 if ($protocol != 'mailto') {
161 $displayedUrl = $linkedUrl;
163 $displayedUrl = $url;
166 return $pre . '<a href="' . $linkedUrl . '" rel="nofollow">' . shorten($displayedUrl,30,'...') . '</a>' . $post;
171 * This method is a callback for creating link codes
\r
172 * @param array $match
\r
175 function prepareBody_cb($match)
\r
177 if ( !preg_match('/^[a-z]+/i', $match[2], $protocol) )
\r
182 switch( strtolower($protocol[0]) )
\r
185 return self::createLinkCode($match[1], $match[2], 'https');
\r
189 return self::createLinkCode($match[1], $match[2], 'ftp');
\r
193 return self::createLinkCode($match[1], $match[3], 'mailto');
\r
197 return self::createLinkCode($match[1], $match[2], 'http');
\r