+<<<<<<< HEAD
+<?php\r
+\r
+/*\r
+ * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)\r
+ * Copyright (C) 2002-2007 The Nucleus Group\r
+ *\r
+ * This program is free software; you can redistribute it and/or\r
+ * modify it under the terms of the GNU General Public License\r
+ * as published by the Free Software Foundation; either version 2\r
+ * of the License, or (at your option) any later version.\r
+ * (see nucleus/documentation/index.html#license for more info)\r
+ */\r
+/**\r
+ * A class representing a single comment\r
+ *\r
+ * @license http://nucleuscms.org/license.txt GNU General Public License\r
+ * @copyright Copyright (C) 2002-2007 The Nucleus Group\r
+ * @version $Id: COMMENT.php 1844 2012-05-13 11:14:38Z sakamocchi $\r
+ */\r
+class Comment\r
+{\r
+ /**\r
+ * Comment::getComment()\r
+ * Returns the requested comment\r
+ *\r
+ * @static\r
+ * @param integer $commentid id for comment\r
+ * @return array comment information\r
+ * \r
+ */\r
+ static function getComment($commentid)\r
+ {\r
+ $query = 'SELECT cnumber AS commentid,'\r
+ . ' cbody AS body,'\r
+ . ' cuser AS user,'\r
+ . ' cmail AS userid,'\r
+ . ' cemail AS email,'\r
+ . ' cmember AS memberid,'\r
+ . ' ctime,'\r
+ . ' chost AS host,'\r
+ . ' mname AS member,'\r
+ . ' cip AS ip,'\r
+ . ' cblog AS blogid'\r
+ . ' FROM %s LEFT OUTER JOIN %s ON cmember = mnumber'\r
+ . ' WHERE cnumber = %d;';\r
+ \r
+ $query = sprintf($query, sql_table('comment'), sql_table('member'), (integer) $commentid);\r
+ $aCommentInfo = DB::getRow($query);\r
+ \r
+ if ( $aCommentInfo )\r
+ {\r
+ $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);\r
+ }\r
+ \r
+ return $aCommentInfo;\r
+ }\r
+ \r
+ /**\r
+ * Comment::prepare()\r
+ * Prepares a comment to be saved\r
+ *\r
+ * @static\r
+ * @param array $comment comment data\r
+ * @return array comment date\r
+ * \r
+ */\r
+ static function prepare($comment)\r
+ {\r
+ $comment['user'] = strip_tags($comment['user']);\r
+ $comment['userid'] = strip_tags($comment['userid']);\r
+ $comment['email'] = strip_tags($comment['email']);\r
+ \r
+ // remove newlines from user; remove quotes and newlines from userid and email; trim whitespace from beginning and end\r
+ $comment['user'] = trim(strtr($comment['user'], "\n", ' ') );\r
+ $comment['userid'] = trim(strtr($comment['userid'], "\'\"\n", '-- ') );\r
+ $comment['email'] = trim(strtr($comment['email'], "\'\"\n", '-- ') );\r
+ \r
+ // begin if: a comment userid is supplied, but does not have an "http://" or "https://" at the beginning - prepend an "http://"\r
+ if ( array_key_exists('userid', $comment)\r
+ && !empty($comment['userid'])\r
+ && (i18n::strpos($comment['userid'], 'http://') !== 0)\r
+ && (i18n::strpos($comment['userid'], 'https://') !== 0) )\r
+ {\r
+ $comment['userid'] = 'http://' . $comment['userid'];\r
+ }\r
+ \r
+ $comment['body'] = Comment::prepareBody($comment['body']);\r
+ \r
+ return $comment;\r
+ }\r
+ \r
+ /**\r
+ * Comment::prepareBody()\r
+ * Prepares the body of a comment\r
+ *\r
+ * @static\r
+ * @param string $body string for comment body\r
+ * @return string validate string for comment body\r
+ */\r
+ static public function prepareBody($body)\r
+ {\r
+ // convert Windows and Mac style 'returns' to *nix newlines\r
+ $body = preg_replace("/\r\n/", "\n", $body);\r
+ $body = preg_replace("/\r/", "\n", $body);\r
+ \r
+ // then remove newlines when too many in a row (3 or more newlines get converted to 1 newline)\r
+ $body = preg_replace("/\n{3,}/", "\n\n", $body);\r
+ \r
+ // encode special characters as entities\r
+ $body = Entity::hsc($body);\r
+ \r
+ // trim away whitespace and newlines at beginning and end\r
+ $body = trim($body);\r
+ \r
+ // add <br /> tags\r
+ $body = addBreaks($body);\r
+ \r
+ // create hyperlinks for http:// addresses\r
+ // there's a testcase for this in /build/testcases/urllinking.txt\r
+ $replace_from = array(\r
+ '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/i',\r
+ '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/i',\r
+ '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/i',\r
+ '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/i'\r
+ );\r
+ \r
+ return preg_replace_callback($replace_from, array(__CLASS__, 'prepareBody_cb'), $body);\r
+ }\r
+ \r
+ /**\r
+ * Comment::createLinkCode()\r
+ * Creates a link code for unlinked URLs with different protocols\r
+ *\r
+ * @static\r
+ * @param string $pre Prefix of comment\r
+ * @param string $url URL\r
+ * @param string $protocol http, mailto and so on\r
+ * @return string string including anchor element and child text\r
+ */\r
+ static private function createLinkCode($pre, $url, $protocol = 'http')\r
+ {\r
+ $post = '';\r
+ \r
+ // it's possible that $url ends contains entities we don't want,\r
+ // since htmlspecialchars is applied _before_ URL linking\r
+ // move the part of URL, starting from the disallowed entity to the 'post' link part\r
+ $aBadEntities = array('"', '>', '<');\r
+ foreach ( $aBadEntities as $entity )\r
+ {\r
+ $pos = i18n::strpos($url, $entity);\r
+ \r
+ if ( $pos )\r
+ {\r
+ $post = i18n::substr($url, $pos) . $post;\r
+ $url = i18n::substr($url, 0, $pos);\r
+ }\r
+ }\r
+ \r
+ // remove entities at end (&&&&)\r
+ if ( preg_match('/(&\w+;)+$/i', $url, $matches) )\r
+ {\r
+ $post = $matches[0] . $post; // found entities (1 or more)\r
+ $url = i18n::substr($url, 0, i18n::strlen($url) - i18n::strlen($post) );\r
+ }\r
+ \r
+ // move ending comma from url to 'post' part\r
+ if ( i18n::substr($url, i18n::strlen($url) - 1) == ',' )\r
+ {\r
+ $url = i18n::substr($url, 0, i18n::strlen($url) - 1);\r
+ $post = ',' . $post;\r
+ }\r
+ \r
+ if ( !preg_match('#^' . $protocol . '://#', $url) )\r
+ {\r
+ $linkedUrl = $protocol . ( ($protocol == 'mailto') ? ':' : '://') . $url;\r
+ }\r
+ else\r
+ {\r
+ $linkedUrl = $url;\r
+ }\r
+ \r
+ if ( $protocol != 'mailto' )\r
+ {\r
+ $displayedUrl = $linkedUrl;\r
+ }\r
+ else\r
+ {\r
+ $displayedUrl = $url;\r
+ }\r
+ \r
+ return $pre . '<a href="' . $linkedUrl . '" rel="nofollow">' . Entity::hsc(Entity::shorten($displayedUrl,30,'...')) . '</a>' . $post;\r
+ }\r
+ \r
+ /**\r
+ * Comment::prepareBody_cb()\r
+ * This method is a callback for creating link codes\r
+ * \r
+ * @param array $match elements for achor\r
+ * @return string including anchor element and child text\r
+ * \r
+ */\r
+ static public function prepareBody_cb($match)\r
+ {\r
+ if ( !preg_match('/^[a-z]+/i', $match[2], $protocol) )\r
+ {\r
+ return $match[0];\r
+ }\r
+ \r
+ switch( strtolower($protocol[0]) )\r
+ {\r
+ case 'https':\r
+ return self::createLinkCode($match[1], $match[2], 'https');\r
+ break;\r
+ \r
+ case 'ftp':\r
+ return self::createLinkCode($match[1], $match[2], 'ftp');\r
+ break;\r
+ \r
+ case 'mailto':\r
+ return self::createLinkCode($match[1], $match[3], 'mailto');\r
+ break;\r
+ \r
+ default:\r
+ return self::createLinkCode($match[1], $match[2], 'http');\r
+ break;\r
+ }\r
+ return;\r
+ }\r
+}\r
+=======
<?php
/*
return;
}
}
+>>>>>>> skinnable-master