4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
5 * Copyright (C) 2002-2007 The Nucleus Group
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * (see nucleus/documentation/index.html#license for more info)
14 * A class representing a single comment
16 * @license http://nucleuscms.org/license.txt GNU General Public License
17 * @copyright Copyright (C) 2002-2007 The Nucleus Group
18 * @version $Id: COMMENT.php,v 1.5 2007-02-04 06:28:46 kimitake Exp $
19 * $NucleusJP: COMMENT.php,v 1.4 2006/07/17 20:03:44 kimitake Exp $
24 * Returns the requested comment (static)
26 function getComment($commentid) {
27 $query = 'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cemail as email, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'
28 . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'
29 . ' WHERE cnumber=' . intval($commentid);
30 $comments = sql_query($query);
32 $aCommentInfo = mysql_fetch_assoc($comments);
35 $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);
41 * prepares a comment to be saved
44 function prepare($comment) {
45 $comment['user'] = strip_tags($comment['user']);
46 $comment['userid'] = strip_tags($comment['userid']);
47 $comment['email'] = strip_tags($comment['email']);
49 // remove quotes and newlines from user and userid
50 $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');
51 $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');
52 $comment['email'] = strtr($comment['email'], "\'\"\n",'-- ');
54 $comment['body'] = COMMENT::prepareBody($comment['body']);
59 // prepares the body of a comment (static)
60 function prepareBody($body) {
62 // remove newlines when too many in a row
63 $body = ereg_replace("\n.\n.\n","\n",$body);
65 // encode special characters as entities
66 $body = htmlspecialchars($body);
68 // trim away whitespace and newlines at beginning and end
72 $body = addBreaks($body);
74 // create hyperlinks for http:// addresses
75 // there's a testcase for this in /build/testcases/urllinking.txt
77 '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
78 '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
79 '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
80 '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'
83 'COMMENT::createLinkCode("\\1", "\\2","https")',
84 'COMMENT::createLinkCode("\\1", "\\2","http")',
85 'COMMENT::createLinkCode("\\1", "\\2","ftp")',
86 'COMMENT::createLinkCode("\\1", "\\3","mailto")'
88 $body = preg_replace($replaceFrom, $replaceTo, $body);
93 function createLinkCode($pre, $url, $protocol = 'http') {
96 // it's possible that $url ends contains entities we don't want,
97 // since htmlspecialchars is applied _before_ URL linking
98 // move the part of URL, starting from the disallowed entity to the 'post' link part
99 $aBadEntities = array('"', '>', '<');
100 foreach ($aBadEntities as $entity)
102 $pos = strpos($url, $entity);
105 $post = substr($url, $pos) . $post;
106 $url = substr($url, 0, $pos);
111 // remove entities at end (&&&&)
112 if (preg_match('/(&\w+;)+$/i', $url, $matches)) {
113 $post = $matches[0] . $post; // found entities (1 or more)
114 $url = substr($url, 0, strlen($url) - strlen($post));
117 // move ending comma from url to 'post' part
118 if (substr($url, strlen($url) - 1) == ',')
120 $url = substr($url, 0, strlen($url) - 1);
124 if (!ereg('^'.$protocol.'://',$url))
125 $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;
130 if ($protocol != 'mailto')
131 $displayedUrl = $linkedUrl;
133 $displayedUrl = $url;
134 return $pre . '<a href="'.$linkedUrl.'" rel="nofollow">'.shorten($displayedUrl,30,'...').'</a>' . $post;