NP_EzComment2/trunk/NP_EzComment2.php

   1 <?php\r
   2 /**\r
   3  * SHOW Comment Form/List PLUG-IN FOR NucleusCMS\r
   4  * PHP versions 5\r
   5  *\r
   6  * This program is free software; you can redistribute it and/or\r
   7  * modify it under the terms of the GNU General Public License\r
   8  * as published by the Free Software Foundation; either version 2\r
   9  * of the License, or (at your option) any later version.\r
  10  * (see nucleus/documentation/index.html#license for more info)\r
  11  *\r
  12  * @author    shizuki\r
  13  * @copyright 2008 shizuki\r
  14  * @license   http://www.gnu.org/licenses/gpl.txt  GNU GENERAL PUBLIC LICENSE Version 2, June 1991\r
  15  * @version   $Date$ $Revision: 1.13 $\r
  16  * @link      http://japan.nucleuscms.org/wiki/plugins:ezcomment2\r
  17  * @since     File available since Release 1.0\r
  18  */\r
  19 \r
  20 /**\r
  21  * version history\r
  22  *\r
  23  * $Log: not supported by cvs2svn $\r
  24  * Revision 1.12  2008/07/09 03:54:07  shizuki\r
  25  * *** empty log message ***\r
  26  *\r
  27  * Revision 1.11  2008/07/09 03:54:04  shizuki\r
  28  * *Fix header info URL:showblogs -> ezcomment2\r
  29  *\r
  30  *  * Revision 1.10  2008/07/08 16:14:57  shizuki\r
  31  * *Bug fix event_PreComment\r
  32  * *Correspondence preparations of NP_LatestWritebacks\r
  33  *\r
  34  * Revision 1.9  2008/07/08 15:14:27  shizuki\r
  35  * * Corresponds to event_PreComment.\r
  36  * * Fix typo.\r
  37  * * RC2\r
  38  *\r
  39  * Revision 1.8  2008/07/07 15:42:54  shizuki\r
  40  * * The experimental society  PHP Version: 5.2.6/MySQL Server Version (client): (5.1.25-rc-log 5.1.25-rc).\r
  41  * * The normal movement is confirmed.\r
  42  * * The SQL correction/behavior when installing, is changed a little.\r
  43  * * event_PostDeleteCommnent addition * It's corrected when being off login time and secret mode-lessly, so as not to take out a check box.\r
  44  * * NP_OpenId is indispensable in the present.\r
  45  * * NP_znSpecialTemplateParts is indispensable.\r
  46  * * It's expected to add the setting which will establish a password at the time of contribution without NP_OpenId and make it hidden from now on.\r
  47  * * It's RC edition, so please cooperate in the one with the environment.\r
  48  *\r
  49  * Revision 1.7  2008/07/07 10:24:00  shizuki\r
  50  * * Still, the human sacrifice test version.\r
  51  * * A template was separated for for index pages and item page.\r
  52  * * Subdivision of the showComment() function.\r
  53  * * It's changed so as not to fly to an indication part for indication in case of and OpenID of anything but the first item of an index page.\r
  54  * * A profile change part besides the first item of an index page is being adjusted.\r
  55  */\r
  56 \r
  57 class NP_EzComment2 extends NucleusPlugin\r
  58 {\r
  59         // {{{ properties\r
  60 \r
  61         /**\r
  62          * The calling number of times by the index page.\r
  63          *\r
  64          * @var integer\r
  65          */\r
  66         var $numcalled;\r
  67 \r
  68         /**\r
  69          * OpenID authentication module.\r
  70          *\r
  71          * @var object\r
  72          */\r
  73         var $authOpenID;\r
  74 \r
  75         /**\r
  76          * Flag of the case that one is invoker.\r
  77          *\r
  78          * @var boolean\r
  79          */\r
  80         var $callFlg;\r
  81 \r
  82         // }}}\r
  83         // {{{ getName()\r
  84 \r
  85         /**\r
  86          * Plugin Name\r
  87          *\r
  88          * @return string\r
  89          */\r
  90         function getName()\r
  91         {\r
  92                 return 'Ez Comment II';\r
  93         }\r
  94 \r
  95         // }}}\r
  96         // {{{ getAuthor()\r
  97 \r
  98         /**\r
  99          * Author Name\r
 100          *\r
 101          * @return string\r
 102          */\r
 103         function getAuthor()\r
 104         {\r
 105                 return 'shizuki';\r
 106         }\r
 107 \r
 108         // }}}\r
 109         // {{{ getURL()\r
 110 \r
 111         /**\r
 112          * I get a plug-in, the address of the possible site or author's mail address.\r
 113          *\r
 114          * @return string\r
 115          */\r
 116         function getURL()\r
 117         {\r
 118                 return 'http://japan.nucleuscms.org/wiki/plugins:ezcomment2';\r
 119         }\r
 120 \r
 121         // }}}\r
 122         // {{{ getPluginDep()\r
 123 \r
 124         /**\r
 125          * Plugin Dependency.\r
 126          *\r
 127          * @return array\r
 128          */\r
 129         function getPluginDep()\r
 130         {\r
 131                 return array(\r
 132 //                      'NP_OpenId',\r
 133 //                      'NP_znSpecialTemplateParts',\r
 134                 );\r
 135         }\r
 136 \r
 137         // }}}\r
 138         // {{{ getVersion()\r
 139 \r
 140         /**\r
 141          * Plugin Version.\r
 142          *\r
 143          * @return string\r
 144          */\r
 145         function getVersion()\r
 146         {\r
 147                 return '$Date$ $Revision: 1.13 $';\r
 148         }\r
 149 \r
 150         // }}}\r
 151         // {{{ getDescription()\r
 152 \r
 153         /**\r
 154          * Plugin Description\r
 155          *\r
 156          * @return string\r
 157          */\r
 158         function getDescription()\r
 159         {\r
 160                 return  _NP_EZCOMMENT2_DESC;\r
 161         }\r
 162 \r
 163         // }}}\r
 164         // {{{ supportsFeature($what)\r
 165 \r
 166         /**\r
 167          * Supports Nucleus Feature\r
 168          *\r
 169          * @param  string\r
 170          * @return boolean\r
 171          */\r
 172         function supportsFeature($what)\r
 173         {\r
 174                 switch ($what) {\r
 175                         case 'SqlTablePrefix':\r
 176                                 return 1;\r
 177                         default:\r
 178                                 return 0;\r
 179                 }\r
 180         }\r
 181 \r
 182         // }}}\r
 183         // {{{ getEventList()\r
 184 \r
 185         /**\r
 186          * List of feature event\r
 187          *\r
 188          * @return array\r
 189          */\r
 190         function getEventList()\r
 191         {\r
 192                 global $manager;\r
 193                 return array(\r
 194                         'FormExtra',\r
 195                         'PostAddComment',\r
 196                         'PostDeleteComment',\r
 197                         'PreComment',\r
 198                         'TemplateExtraFields',\r
 199                 );\r
 200         }\r
 201 \r
 202         // }}}\r
 203         // {{{ getTableList()\r
 204 \r
 205         /**\r
 206           * Database tables for plugin used\r
 207           *\r
 208           * @return array\r
 209           **/\r
 210         function getTableList()\r
 211         {\r
 212                 return array(\r
 213                         sql_table('plug_ezcomment2'),\r
 214                 );\r
 215         }\r
 216 \r
 217         // }}}\r
 218         // {{{ install()\r
 219 \r
 220         /**\r
 221          * Install function\r
 222          *\r
 223          * @return void.\r
 224          */\r
 225         function install()\r
 226         {\r
 227                 if (!TEMPLATE::exists('EzCommentTemplate')) {\r
 228                         global $DIR_LIBS;\r
 229                         include_once($DIR_LIBS . 'skinie.php');\r
 230                         $importer = new SKINIMPORT();\r
 231                         $importer->reset();\r
 232                         $template = $this->getDirectory() . 'skinbackup.xml';\r
 233                         if (!@file_exists($template)) {\r
 234                                 $aErrors[] = 'Unable to import ' . $template . ' : file does not exist';\r
 235                                 continue;\r
 236                         }\r
 237                         $error = $importer->readFile($template);\r
 238                         if ($error) {\r
 239                                 $aErrors[] = 'Unable to import ' . $template . ' : ' . $error;\r
 240                                 continue;\r
 241                         }\r
 242                         $error = $importer->writeToDatabase(1);\r
 243                         if ($error) {\r
 244                                 $aErrors[] = 'Unable to import ' . $template . ' : ' . $error;\r
 245                                 continue;\r
 246                         }\r
 247                         if ($aErrors) {\r
 248                                 $message = implode("<br />\n", $aErrors);\r
 249                                 doError($message);\r
 250                         }\r
 251                 }\r
 252                 $this->createBlogOption('secret',     _NP_EZCOMMENT2_OP_SECRETMODE,  'yesno', 'yes');\r
 253                 $this->createBlogOption('secComment', _NP_EZCOMMENT2_OP_SUBSTIUTION, 'text',  _NP_EZCOMMENT2_OP_SUBSTIUTION_VAL);\r
 254                 $this->createBlogOption('secLabel',   _NP_EZCOMMENT2_OP_CHECKLABEL,  'text',  _NP_EZCOMMENT2_OP_CHECKLABEL_VAL);\r
 255                 $this->createOption('tabledel',       _NP_EZCOMMENT2_OP_DROPTABLE,   'yesno', 'yes');\r
 256                 $sql = 'CREATE TABLE IF NOT EXISTS %s ('\r
 257                          . '`comid`  int(11)  NOT NULL, '\r
 258                          . '`secflg` tinyint(1)   NULL, '\r
 259                          . '`module` varchar(15)  NULL, '\r
 260                          . '`userID` varchar(255) NULL, '\r
 261                          . 'PRIMARY KEY(`comid`) );';\r
 262                 sql_query(sprintf($sql, sql_table('plug_ezcomment2')));\r
 263                 $this->updateTable();\r
 264         }\r
 265 \r
 266         // }}}\r
 267         // {{{ uninstall()\r
 268 \r
 269         /**\r
 270          * Un Install function\r
 271          *\r
 272          * @return void.\r
 273          */\r
 274         function uninstall()\r
 275         {\r
 276                 if ($this->getOption('tabledel') == 'yes')\r
 277                         sql_query('DROP TABLE '.sql_table('plug_ezcomment2'));\r
 278         }\r
 279 \r
 280         // }}}\r
 281         // {{{ init()\r
 282 \r
 283         /**\r
 284          * Initialize\r
 285          *\r
 286          * @return void.\r
 287          */\r
 288         function init()\r
 289         {\r
 290                 $this->languageInclude();\r
 291                 $this->numcalled = 0;\r
 292                 $this->callFlg   = false;\r
 293                 global $manager;\r
 294                 if ($manager->pluginInstalled('NP_OpenId') && !$this->authOpenID) {\r
 295                         $this->authOpenID = $manager->getPlugin('NP_OpenId');\r
 296                 }\r
 297         }\r
 298 \r
 299         // }}}\r
 300         // {{{ event_TemplateExtraFields($data)\r
 301 \r
 302         /**\r
 303          * Extra template parts for plugin specified\r
 304          *\r
 305          * @param array\r
 306          *                      fields array\r
 307          *                                      'PLUGIN_NAME' array\r
 308          *                                                                      'TEMPLATE_PARTS_NAME'\r
 309          *                                                                      'TEMPLATE_PARTS_NAME'\r
 310          *                                                                      'TEMPLATE_PARTS_NAME'...\r
 311          * @return void\r
 312          */\r
 313         function event_TemplateExtraFields($data)\r
 314         {\r
 315                 $data['fields']['NP_EzComment2'] = array(\r
 316                         '_NP_EZCOMMENT2_FORM_LOGGEDIN_IDX'    => _NP_EZCOMMENT2_FORM_LOGGEDIN_IDX, \r
 317                         '_NP_EZCOMMENT2_FORM_NOTLOGGEDIN_IDX' => _NP_EZCOMMENT2_FORM_NOTLOGGEDIN_IDX, \r
 318                         '_NP_EZCOMMENT2_FORM_LOGGEDIN_ITM'    => _NP_EZCOMMENT2_FORM_LOGGEDIN_ITM,\r
 319                         '_NP_EZCOMMENT2_FORM_NOTLOGGEDIN_ITM' => _NP_EZCOMMENT2_FORM_NOTLOGGEDIN_ITM, \r
 320                         'COMMENTS_BODY_IDX'                   => _NP_EZCOMMENT2_COMMENTS_BODY_IDX, \r
 321                         'COMMENTS_FOOTER_IDX'                 => _NP_EZCOMMENT2_COMMENTS_FOOTER_IDX, \r
 322                         'COMMENTS_HEADER_IDX'                 => _NP_EZCOMMENT2_COMMENTS_HEADER_IDX,\r
 323                 );\r
 324         }\r
 325 \r
 326         // }}}\r
 327         // {{{ event_PostAddComment($data)\r
 328 \r
 329         /**\r
 330          * After adding a comment to the database.\r
 331          *\r
 332          * @param  array\r
 333          *                      commentid integer\r
 334          *                      comment   array\r
 335          *                      spamcheck array\r
 336          * @return void.\r
 337          */\r
 338         function event_PostAddComment($data)\r
 339         {\r
 340                 global $member;\r
 341                 switch (true) {\r
 342                         case $member->isLoggedin():\r
 343                                 $userID = '"' . $member->getID() . '"';\r
 344                                 $module = '"Nucleus"';\r
 345                                 break;\r
 346                         case ($this->authOpenID && $this->authOpenID->isLoggedin()):\r
 347                                 $userID = '"' . $this->authOpenID->loggedinUser['identity'] . '"';\r
 348                                 $module = '"OpenID"';\r
 349                                 break;\r
 350                         default:\r
 351                                 $userID = 'NULL';\r
 352                                 $module = 'NULL';\r
 353                                 break;\r
 354                 }\r
 355                 if (postVar('EzComment2_Secret')) {\r
 356                         $secCheck = 1;\r
 357                 } else {\r
 358                         $secCheck = 'NULL';\r
 359                 }\r
 360                 $sql = 'INSERT INTO ' . sql_table('plug_ezcomment2')\r
 361                          . ' (`comid`, `secflg`, `module`, `userID`) VALUES (%d, %d, %s, %s)';\r
 362                 sql_query(sprintf($sql, $data['commentid'], $secCheck, $module, $userID));\r
 363         }\r
 364 \r
 365         // }}}\r
 366         // {{{ event_PostDeleteComment($data)\r
 367 \r
 368         /**\r
 369          * After a comment has been deleted from the database.\r
 370          *\r
 371          * @param  array\r
 372          *                      commentid integer\r
 373          * @return void.\r
 374          */\r
 375         function event_PostDeleteComment($data)\r
 376         {\r
 377                 $sql = 'DELETE FROM ' . sql_table('plug_ezcomment2')\r
 378                          . ' WHERE `comid` = %d LIMIT 1';\r
 379                 sql_query(sprintf($sql, $data['commentid']));\r
 380         }\r
 381 \r
 382         // }}}\r
 383         // {{{ event_FormExtra(&$data)\r
 384 \r
 385         /**\r
 386          * Inside one of the comment, membermail or account activation forms.\r
 387          *\r
 388          * @param  array\r
 389          *                      type string\r
 390          * @return void.\r
 391          */\r
 392         function event_FormExtra(&$data)\r
 393         {\r
 394                 global $member, $blogid;\r
 395                 $this->numcalled++;\r
 396                 if ($blogid && $this->getBlogOption($blogid, 'secret') == 'yes' &&\r
 397                         ($member->isLoggedin() || ($this->authOpenID && $this->authOpenID->isLoggedin()))) {\r
 398                                 echo '<br /><input type="checkbox" value="1" name="EzComment2_Secret" id="EzComment2_Secret_' . $this->numcalled . '" />';\r
 399                                 echo '<label for="EzComment2_Secret_' . $this->numcalled . '">'.$this->getBlogOption($bid, 'secLabel').'</label><br />';\r
 400                 }\r
 401 //              if ($this->authOpenID) {\r
 402 //                      $this->plugOpenIDdoSkinVar($this->commentSkinType, $this->commentItemId);\r
 403 //              }\r
 404         }\r
 405 \r
 406         // }}}\r
 407         // {{{ event_PreComment(&$data)\r
 408 \r
 409         /**\r
 410          * Inside one of the comment, membermail or account activation forms.\r
 411          *\r
 412          * @param  array\r
 413          *                      comment array\r
 414          * @return void.\r
 415          */\r
 416         function event_PreComment(&$data)\r
 417         {\r
 418                 if ($this->callFlg) return;\r
 419                 $sql = 'SELECT secflg, userID FROM ' . sql_table('plug_ezcomment2')\r
 420                          . ' WHERE comid = ' . intval($data['comment']['commentid']);\r
 421                 $res = sql_query($sql);\r
 422                 $flg = mysql_fetch_assoc($res);\r
 423                 if (!$flg['secflg']) return;\r
 424                 $data['comment']['identity'] = $flg['userID'];\r
 425                 global $manager, $member;\r
 426                 $bid   = intval($data['comment']['blogid']);\r
 427                 $b     = $manager->getBlog($bid);\r
 428                 $judge = $this->setSecretJudge($bid, $member, $b);\r
 429                 $data['comment'] = $this->JudgementCommentSecrets($data['comment'], $judge);\r
 430 //              print_r($data);\r
 431         }\r
 432 \r
 433         // }}}\r
 434         // {{{ doTemplateVar()\r
 435 \r
 436         /**\r
 437          * Basically the same as doSkinVar,\r
 438          * but this time for calls of the <%plugin(...)%>-var in templates (item header/body/footer and dateheader/footer).\r
 439          *\r
 440          * @param  object item object(refarence)\r
 441          * @param  string\r
 442          * @param  string\r
 443          * @param  string\r
 444          * @param  string\r
 445          * @param  string\r
 446          * @return void.\r
 447          */\r
 448         function doTemplateVar(&$item,\r
 449                                                         $showType       = '',\r
 450                                                         $showMode       = '5/1/1',\r
 451                                                         $destinationurl = '',\r
 452                                                         $formTemplate   = 'EzCommentTemplate',\r
 453                                                         $listTemplate   = 'EzCommentTemplate')\r
 454         {\r
 455                 $this->doSkinVar('template', $showType, $showMode, $destinationurl, $formTemplate, $listTemplate, $item);\r
 456         }\r
 457 \r
 458         // }}}\r
 459         // {{{ doSkinVar()\r
 460 \r
 461         /**\r
 462          * When plugins are called using the <%plugin(...)%>-skinvar, this method will be called. \r
 463          *\r
 464          * @param  string\r
 465          * @param  string\r
 466          * @param  string\r
 467          * @param  string\r
 468          * @param  string\r
 469          * @param  string\r
 470          * @param  object item object(refarence)\r
 471          * @return void.\r
 472          */\r
 473         function doSkinVar($skinType,\r
 474                                            $showType       = '',\r
 475                                            $showMode       = '5/1/1',\r
 476                                            $destinationurl = '',\r
 477                                            $formTemplate   = 'EzCommentTemplate',\r
 478                                            $listTemplate   = 'EzCommentTemplate',\r
 479                                           &$commentItem    = '')\r
 480         {\r
 481                 if ($skinType != 'item' && $skinType != 'template') return;\r
 482                 global $manager, $member, $itemid;\r
 483                 if (!$commentItem && $itemid) {\r
 484                         $commentItem = $manager->getItem($itemid, 0, 0);\r
 485                         if (is_array($commentItem)) {\r
 486                                 $commentItem = (object)$commentItem;\r
 487                         }\r
 488                 }\r
 489                 if (!$commentItem || $commentItem->closed) {\r
 490                         echo _ERROR_ITEMCLOSED;\r
 491                         return 0;\r
 492                 }\r
 493 \r
 494                 if (is_numeric($showType) || strpos($showType, '/') !== false) $showMode = $showType;\r
 495                 if ($showType != 'list' && $showType != 'form') {\r
 496                         $showType = '';\r
 497                 }\r
 498                 if (!$showMode) {\r
 499                         $showMode = '5/1/1';\r
 500                 }\r
 501                 list($maxToShow, $sortOrder, $commentOrder) = explode('/', $showMode);\r
 502                 if (!$maxToShow) $maxToShow = 5;\r
 503                 if (!$sortOrder) $sortOrder = 1;\r
 504                 if ($commentOrder > 0) {\r
 505                         $commentOrder = true;\r
 506                 } else {\r
 507                         $commentOrder = false;\r
 508                 }\r
 509                 if (!$formTemplate) $formTemplate = 'EzCommentTemplate';\r
 510                 if (!$listTemplate) $listTemplate = 'EzCommentTemplate';\r
 511 \r
 512                 switch ($showType) {\r
 513                         case 'list':\r
 514                                 $listTemplate = TEMPLATE::read($listTemplate);\r
 515                                 $this->showComment($commentItem, $listTemplate, $maxToShow, $commentOrder, $skinType);\r
 516                                 break;\r
 517                         case 'form':\r
 518                                 $formTemplate = TEMPLATE::read($formTemplate);\r
 519                                 $this->showForm($commentItem, $formTemplate, $destinationurl, $skinType);\r
 520                                 break;\r
 521                         default:\r
 522                                 $listTemplate = TEMPLATE::read($listTemplate);\r
 523                                 $formTemplate = TEMPLATE::read($formTemplate);\r
 524                                 if ($sortOrder) {\r
 525                                         $this->showComment($commentItem, $listTemplate, $maxToShow, $commentOrder, $skinType);\r
 526                                         $this->showForm($commentItem, $formTemplate, $destinationurl, $skinType);\r
 527                                 } else {\r
 528                                         $this->showForm($commentItem, $formTemplate, $destinationurl, $skinType);\r
 529                                         $this->showComment($commentItem, $listTemplate, $maxToShow, $commentOrder, $skinType);\r
 530                                 }\r
 531                                 break;\r
 532                 }\r
 533         }\r
 534 \r
 535         // }}}\r
 536         // {{{ languageInclude()\r
 537 \r
 538         /**\r
 539          * Include language file\r
 540          *\r
 541          * @return void.\r
 542          */\r
 543         function languageInclude()\r
 544         {\r
 545                 $language = ereg_replace( '[\\|/]', '', getLanguageName());\r
 546                 if (file_exists($this->getDirectory() . 'language/' . $language . '.php')) {\r
 547                         include_once($this->getDirectory() . 'language/' . $language . '.php');\r
 548                 } else {\r
 549                         include_once($this->getDirectory() . 'language/english.php');\r
 550                 }\r
 551         }\r
 552 \r
 553         // }}}\r
 554         // {{{ updateTable()\r
 555 \r
 556         /**\r
 557          * Update database table\r
 558          *\r
 559          * @return void.\r
 560          */\r
 561         function updateTable()\r
 562         {\r
 563                 $sql = 'SELECT c.cnumber as cid FROM ' . sql_table('comment') . ' as c '\r
 564                          . 'LEFT JOIN ' . sql_table('plug_ezcomment2') . ' as s '\r
 565                          . 'ON c.cnumber=s.comid WHERE s.comid IS NULL';\r
 566                 $res = sql_query($sql);\r
 567                 $sql = 'INSERT INTO ' . sql_table('plug_ezcomment2') . '(`comid`) VALUES (%d)';\r
 568                 while ($cid = mysql_fetch_assoc($res)) {\r
 569                         sql_query(sprintf($sql, $cid['cid']));\r
 570                 }\r
 571         }\r
 572 \r
 573         // }}}\r
 574         // {{{ plugOpenIDdoSkinVar()\r
 575 \r
 576         /**\r
 577          * Overwride NP_OpenId's doSkinVar()\r
 578          * \r
 579          * @param  string\r
 580          * @param  integer\r
 581          * @return void.\r
 582          *\r
 583         function plugOpenIDdoSkinVar($skinType, $iid = 0)\r
 584         {\r
 585                 global $CONF, $manager, $member;\r
 586                 if ($member->isLoggedIn()) return;\r
 587                 $authOpenID   = $this->authOpenID;\r
 588                 if (!$authOpenID) return;\r
 589                 $externalauth = array ( 'source' => $authOpenID->getName() );\r
 590                 $manager->notify('ExternalAuth', array ('externalauth' => &$externalauth));\r
 591                 if (isset($externalauth['result']) && $externalauth['result'] == true) return;\r
 592                 $templateEngine     = $authOpenID->_getTemplateEngine();\r
 593                 $aVars              = array();\r
 594                 $aVars['PluginURL'] = $CONF['PluginURL'];\r
 595                 if ($authOpenID->isLoggedin()) {\r
 596                         // Loggedin\r
 597                         if ($skinType == 'template') {\r
 598                                 require_once 'cles/Template.php';\r
 599                                 $templateDirectory           =  rtrim($this->getDirectory(), '/');\r
 600                                 $templateEngine              =& new cles_Template($templateDirectory);\r
 601                                 $templateEngine->defaultLang =  'english';\r
 602                                 $aVars['itemid'] = intval($iid);\r
 603                         }\r
 604                         $nowURL             = 'http://' . serverVar("HTTP_HOST")\r
 605                                                                 . serverVar("REQUEST_URI");\r
 606                         $aVars['url']       = $authOpenID->getAdminURL() . 'rd.php?action=rd'\r
 607                                                                 . '&url=' . urlencode($nowURL);\r
 608                         $aVars['nick']      = $authOpenID->loggedinUser['nick'];\r
 609                         $aVars['email']     = $authOpenID->loggedinUser['email'];\r
 610                         $aVars['ts']        = $authOpenID->loggedinUser['ts'];\r
 611                         $aVars['identity']  = $authOpenID->loggedinUser['identity'];\r
 612                         $aVars['visible']   = $aVars['nick'] ? 'false' : 'true' ;\r
 613                         $actionUrl          = parse_url($CONF['ActionURL']);\r
 614                         $aVars['updateUrl'] = $actionUrl['path'];\r
 615                         if ($skinType == 'item' || ($skinType == 'template' && $this->numcalled == 0)) {\r
 616                                 echo $templateEngine->fetchAndFill('yui',         $aVars, 'np_openid');\r
 617                                 echo $templateEngine->fetchAndFill('form',        $aVars, 'np_openid');\r
 618                         }\r
 619                         echo $templateEngine->fetchAndFill('loggedin',    $aVars, 'np_openid');\r
 620                 } elseif (!$authOpenID->isLoggedin()) {\r
 621                         // Not loggedin\r
 622                         $aVars['url']       = $authOpenID->getAdminURL() . 'rd.php?action=doauth'\r
 623                                                             . '&return_url=' . urlencode(createItemLink(intval($iid)));\r
 624                         echo $templateEngine->fetchAndFill('notloggedin', $aVars, 'np_openid');\r
 625                 }\r
 626         }\r
 627 \r
 628         // }}}*/\r
 629         // {{{ checkDestinationurl($destinationurl)\r
 630 \r
 631         /**\r
 632          * Destinationurl check\r
 633          *\r
 634          * @param  string\r
 635          * @return string\r
 636          */\r
 637         function checkDestinationurl($destinationurl, $iid, $cid = 0, $scid = 0)\r
 638         {\r
 639                 if (stristr($destinationurl, 'action.php') || empty($destinationurl)) {\r
 640                         if (stristr($destinationurl, 'action.php')) {\r
 641                                 $logMessage = 'actionurl is not longer a parameter on commentform skinvars.'\r
 642                                                         . ' Moved to be a global setting instead.';\r
 643                                 ACTIONLOG::add(WARNING, $logMessage);\r
 644                         }\r
 645                         if ($cid) {\r
 646                                 $linkparams['catid'] = intval($cid);\r
 647                         }\r
 648                         global $manager;\r
 649                         if ($manager->pluginInstalled('NP_MultipleCategories') && $scid) {\r
 650                                 $linkparams['subcatid'] = intval($scid);\r
 651                         }\r
 652                         $destinationurl = createItemLink(intval($iid), $linkparams);\r
 653                 } else {\r
 654                         $destinationurl = preg_replace('|[^a-z0-9-~+_.?#=&;,/:@%]|i', '', $destinationurl);\r
 655                 }\r
 656                 return $destinationurl;\r
 657         }\r
 658 \r
 659         // }}}\r
 660         // {{{ getCommentatorInfo()\r
 661 \r
 662         /**\r
 663          * Get commentator info.\r
 664          *\r
 665          * @return array\r
 666          */\r
 667         function getCommentatorInfo()\r
 668         {\r
 669                 global $CONF;\r
 670                 $user = cookieVar($CONF['CookiePrefix'] .'comment_user');\r
 671                 if (!$user) {\r
 672                         $user = postVar('user');\r
 673                 }\r
 674                 $userid = cookieVar($CONF['CookiePrefix'] .'comment_userid');\r
 675                 if (!$userid) {\r
 676                         $userid = postVar('userid');\r
 677                 }\r
 678                 $email = cookieVar($CONF['CookiePrefix'] .'comment_email');\r
 679                 if (!$email) {\r
 680                         $email = postVar('email');\r
 681                 }\r
 682                 $body    = postVar('body');\r
 683                 return array(\r
 684                         $user,\r
 685                         $userid,\r
 686                         $email,\r
 687                         $body\r
 688                 );\r
 689         }\r
 690         // {{{ showForm()\r
 691 \r
 692         /**\r
 693          * Show comment form\r
 694          *\r
 695          * @param  object\r
 696          * @param  string\r
 697          * @param  string\r
 698          * @param  string\r
 699          * @return void.\r
 700          */\r
 701         function showForm($commentItem, $template, $destinationurl, $skinType)\r
 702         {\r
 703                 global $CONF, $manager, $member, $catid, $subcatid;\r
 704                 $bid =  getBlogIDFromItemID($commentItem->itemid);\r
 705                 $b   =& $manager->getBlog($bid);\r
 706                 $b->readSettings();\r
 707                 if (!$member->isLoggedIn() && !$b->commentsEnabled()) {\r
 708                         return;\r
 709                 }\r
 710                 $destinationurl = $this->checkDestinationurl($destinationurl, $commentItem->itemid, $catid, $subcatid);\r
 711                 list($user, $userid, $email, $body) = $this->getCommentatorInfo();\r
 712 \r
 713                 $checked = cookieVar($CONF['CookiePrefix'] .'comment_user') ? 'checked="checked" ' : '';\r
 714 \r
 715                 $formdata = array(\r
 716                         'self'            => $this->_hsc(serverVar('REQUEST_URI')),\r
 717                         'destinationurl'  => $this->_hsc($destinationurl),\r
 718                         'actionurl'       => $this->_hsc($CONF['ActionURL']),\r
 719                         'itemid'          => intval($commentItem->itemid),\r
 720                         'user'            => $this->_hsc($user),\r
 721                         'userid'          => $this->_hsc($userid),\r
 722                         'email'           => $this->_hsc($email),\r
 723                         'body'            => $this->_hsc($body),\r
 724 //                      'membername'      => $this->_hsc($membername),\r
 725                         'rememberchecked' => $checked\r
 726                 );\r
 727                 if ($skinType == 'item') {\r
 728                         $formFlg = '_ITM';\r
 729                 } else {\r
 730                         $formFlg = '_IDX';\r
 731                 }\r
 732                 if ($member && $member->isLoggedIn()) {\r
 733                         $formType = '_NP_EZCOMMENT2_FORM_LOGGEDIN' . $formFlg;\r
 734                         $loginMember = $member->createFromID($member->getID());\r
 735                         $formdata['membername'] = $this->_hsc($loginMember->getDisplayName());\r
 736                 } else {\r
 737                         $formType = '_NP_EZCOMMENT2_FORM_NOTLOGGEDIN' . $formFlg;\r
 738                 }\r
 739 //              if ($this->authOpenID && ($skinType == 'item' || $this->numcalled == 0)) {\r
 740 //                      $this->plugOpenIDdoSkinVar($skinType, intval($commentItem->itemid));\r
 741 //              }\r
 742                 $this->commentItemId   = intval($commentItem->itemid);\r
 743                 $this->commentSkinType = $skinType;\r
 744                 $contents   = $template[$formType];\r
 745                 include_once($this->getDirectory() . 'EzCommentActions.php');\r
 746                 $formAction =& new EzCommentFormActions($skinType, $commentItem, $formdata, $loginMember);\r
 747                 $parser     =& new PARSER($formAction->getAllowedActions(), $formAction);\r
 748                 $parser->parse(&$contents);\r
 749         }\r
 750 \r
 751         // }}}\r
 752         // {{{ showComment()\r
 753 \r
 754         /**\r
 755          * Show comments\r
 756          *\r
 757          * @param  object\r
 758          * @param  string\r
 759          * @param  string\r
 760          * @param  string\r
 761          * @param  string\r
 762          * @return void.\r
 763          */\r
 764         function showComment($commentItem, $template, $maxToShow, $commentOrder, $skinType)\r
 765         {\r
 766                 global $manager, $member;\r
 767                 $bid =  getBlogIDFromItemID($commentItem->itemid);\r
 768                 $b   =& $manager->getBlog($bid);\r
 769                 if (!$b->commentsEnabled()) return;\r
 770                 if (!$maxToShow) {\r
 771                         $maxToShow = $b->getMaxComments();\r
 772                 }\r
 773                 $itemActions =& new ITEMACTIONS($b);\r
 774                 $itemActions->setCurrentItem($commentItem);\r
 775                 $commentObj =& new COMMENTS($commentItem->itemid);\r
 776                 $commentObj->setItemActions($itemActions);\r
 777                 $commentObj->commentcount = $commentObj->amountComments();\r
 778                 // create parser object & action handler\r
 779                 include_once($this->getDirectory() . 'EzCommentActions.php');\r
 780                 $actions =& new EzCommentActions($commentObj);\r
 781                 $parser  =& new PARSER($actions->getAllowedActions(), $actions);\r
 782                 $actions->setTemplate($template);\r
 783                 $actions->setParser($parser);\r
 784                 if ($commentObj->commentcount == 0) {\r
 785                         $parser->parse($template['COMMENTS_NONE']);\r
 786                         return 0;\r
 787                 }\r
 788                 $actions->setPostnum($commentObj->commentcount);\r
 789                 if ($maxToShow && $maxToShow < $commentObj->commentcount && $commentOrder) {\r
 790                         $startnum = $commentObj->commentcount - $maxToShow;\r
 791                 } else {\r
 792                         $startnum = 0;\r
 793                 }\r
 794                 $comments = $this->getComments($commentOrder, intval($commentItem->itemid), $maxToShow, $startnum);\r
 795                 $viewnum  = mysql_num_rows($comments);\r
 796                 $actions->setViewnum($viewnum);\r
 797                 if ($this->getBlogOption($bid, 'secret') == 'yes') {\r
 798                         $judge = $this->setSecretJudge($bid, $member, $b);\r
 799                 }\r
 800 \r
 801                 $templateType = '';\r
 802                 if ($skinType == 'template') $templateType = '_IDX';\r
 803                 $blogURL       = $b->getURL();\r
 804                 $substitution  = $this->getBlogOption($bid, 'secComment');\r
 805                 $this->callFlg = true;\r
 806                 $parser->parse($template['COMMENTS_HEADER' . $templateType]);\r
 807 \r
 808                 while ($comment = mysql_fetch_assoc($comments)) {\r
 809                         $comment['timestamp'] = strtotime($comment['ctime']);\r
 810                         if ($judge && $comment['secret']) {\r
 811                                 $comment = $this->JudgementCommentSecrets($comment, $judge);\r
 812                         }\r
 813                         $actions->setCurrentComment($comment);\r
 814                         $manager->notify('PreComment', array('comment' => &$comment));\r
 815                         $parser->parse($template['COMMENTS_BODY' . $templateType]);\r
 816                         $manager->notify('PostComment', array('comment' => &$comment));\r
 817                 }\r
 818 \r
 819                 $parser->parse($template['COMMENTS_FOOTER' . $templateType]);\r
 820 \r
 821                 mysql_free_result($comments);\r
 822 \r
 823         }\r
 824 \r
 825         // }}}\r
 826         // {{{ setSecretJudge($bid)\r
 827 \r
 828         /**\r
 829          * Setting for judgment of whether it's a comment of a secret.\r
 830          *\r
 831          * @param  intgre\r
 832          * @param  object\r
 833          * @param  object\r
 834          * @return array\r
 835          */\r
 836         function setSecretJudge($bid, $member, $b)\r
 837         {\r
 838                 $memberLoggedin = $member->isLoggedin();\r
 839                 $loginUser      = $member->getID();\r
 840                 $blogAdmin      = $member->blogAdminRights($bid);\r
 841                 $blogURL        = $b->getURL();\r
 842                 $substitution   = $this->getBlogOption($bid, 'secComment');\r
 843                 if ($this->authOpenID) {\r
 844                         $openIDLoggedin = $this->authOpenID->isLoggedin();\r
 845                         $openIDUser     = $this->authOpenID->loggedinUser['identity'];\r
 846                 }\r
 847                 return array(\r
 848                         'memberLoggedin' => $memberLoggedin,\r
 849                         'loginUser'      => $loginUser,\r
 850                         'blogAdmin'      => $blogAdmin,\r
 851                         'blogURL'        => $blogURL,\r
 852                         'substitution'   => $substitution,\r
 853                         'openIDLoggedin' => $openIDLoggedin,\r
 854                         'openIDUser'     => $openIDUser,\r
 855                 );\r
 856         }\r
 857 \r
 858         // }}}\r
 859         // {{{ JudgementCommentSecrets($comment, $judge)\r
 860 \r
 861         /**\r
 862          * Comment is secret ?\r
 863          *\r
 864          * @param  array\r
 865          * @param  array\r
 866          * @param  string\r
 867          * @param  string\r
 868          * @return array\r
 869          */\r
 870         function JudgementCommentSecrets($comment, $judge)\r
 871         {\r
 872 /*              if ($judge['memberLoggedin']) {\r
 873                         echo 'member';\r
 874                         if ($judge['loginUser']  == intval($comment['identity'])) {\r
 875                                 echo 'commentator';\r
 876                         } elseif ($judge['blogAdmin']) {\r
 877                                 echo 'admin';\r
 878                         }\r
 879                 } elseif ($judge['openIDLoggedin']) {\r
 880 //                      echo 'openid / ';\r
 881                         echo $judge['openIDUser'].' / ';\r
 882                         echo $comment['identity'].' / ';\r
 883                                 echo "honnnin";\r
 884                 }*/\r
 885                 if (!(($judge['memberLoggedin'] && ($judge['loginUser']  == intval($comment['identity']) || $judge['blogAdmin'])) ||\r
 886                         ($judge['openIDLoggedin'] && $judge['openIDUser'] == $comment['identity']))) {\r
 887                                 $this->changeCommentSet($comment, $judge);\r
 888                         }\r
 889                 return $comment;\r
 890         }\r
 891 \r
 892         // }}}\r
 893         // {{{ changeCommentSet($comment, $blogURL, $substitution)\r
 894 \r
 895         /**\r
 896          * Change secret comment contents\r
 897          *\r
 898          * @param  array\r
 899          * @param  string\r
 900          * @param  string\r
 901          * @return array\r
 902          */\r
 903         function changeCommentSet(&$comment, $judge)\r
 904         {\r
 905                 global $manager;\r
 906                 $comment['body']        = $judge['substitution'];\r
 907                 $comment['short']       = $judge['substitution'];\r
 908                 $comment['excerpt']     = $judge['substitution'];\r
 909                 $comment['userid']      = $judge['blogURL'];\r
 910                 $comment['memberid']    = 0;\r
 911                 $comment['user']        = '#';\r
 912                 $comment['useremail']   = '#';\r
 913                 $comment['userwebsite'] = '#';\r
 914                 $comment['email']       = '#';\r
 915                 $comment['userlinkraw'] = '#';\r
 916                 $comment['userlink']    = '#';\r
 917                 $comment['host']        = '127.0.0.1';\r
 918                 $comment['ip']          = '127.0.0.1';\r
 919                 if ($manager->pluginInstalled('NP_LatestWritebacks')) {\r
 920                         $comment['commentbody'] = $judge['substitution'];\r
 921                         $comment['commentator'] = '#';\r
 922                 }\r
 923                 return $comment;\r
 924         }\r
 925         // {{{ getComments($comment, $judge)\r
 926 \r
 927         /**\r
 928          * Change in the comment contents.\r
 929          *\r
 930          * @param  boolean\r
 931          * @param  integre\r
 932          * @param  integre\r
 933          * @param  integre\r
 934          * @return resouce\r
 935          */\r
 936         function getComments($commentOrder, $iid, $maxToShow, $startnum)\r
 937         {\r
 938                 $order = ($commentOrder) ? "DESC" : "ASC";\r
 939                 $query = 'SELECT '\r
 940                            . 'c.citem   as itemid, '\r
 941                            . 'c.cnumber as commentid, '\r
 942                            . 'c.cbody   as body, '\r
 943                            . 'c.cuser   as user, '\r
 944                            . 'c.cmail   as userid, '\r
 945                            . 'c.cemail  as email, '\r
 946                            . 'c.cmember as memberid, '\r
 947                            . 'c.ctime, '\r
 948                            . 'c.chost   as host, '\r
 949                            . 'c.cip     as ip, '\r
 950                            . 'c.cblog   as blogid, '\r
 951                            . 's.comid   as cid, '\r
 952                            . 's.secflg  as secret, '\r
 953                            . 's.module  as modname, '\r
 954                            . 's.userID  as identity '\r
 955                            . ' FROM ' . sql_table('comment') . ' as c '\r
 956                            . ' LEFT OUTER JOIN ' . sql_table('plug_ezcomment2') . ' as s '\r
 957                            . ' ON c.cnumber = s.comid '\r
 958                            . ' WHERE c.citem = ' . intval($iid)\r
 959                            . ' ORDER BY c.ctime '\r
 960                            . $order;\r
 961                 if ($maxToShow) {\r
 962                         if ($order == "DESC") {\r
 963                                 $query .=' LIMIT ' . intval($maxToShow);\r
 964                         } else {\r
 965                                 $query .=' LIMIT ' . intval($startnum) . ',' . intval($maxToShow);\r
 966                         }\r
 967                 }\r
 968                 return sql_query($query);\r
 969                 \r
 970         }\r
 971 \r
 972         // }}}\r
 973         // {{{ getTemplateParts()\r
 974 \r
 975         /**\r
 976          * Comment form/list template via NP_znSpecialTemplateParts\r
 977          *\r
 978          * @return array\r
 979          *\r
 980         function getTemplateParts()\r
 981         {\r
 982                 $this->languageInclude();\r
 983                 return array(\r
 984                         'FORM_LOGGEDIN_IDX'    => _NP_EZCOMMENT2_FORM_LOGGEDIN_IDX, \r
 985                         'FORM_NOTLOGGEDIN_IDX' => _NP_EZCOMMENT2_FORM_NOTLOGGEDIN_IDX, \r
 986                         'FORM_LOGGEDIN_ITM'    => _NP_EZCOMMENT2_FORM_LOGGEDIN_ITM,\r
 987                         'FORM_NOTLOGGEDIN_ITM' => _NP_EZCOMMENT2_FORM_NOTLOGGEDIN_ITM, \r
 988                         'COMMENTS_BODY_IDX'    => _NP_EZCOMMENT2_COMMENTS_BODY_IDX, \r
 989                         'COMMENTS_FOOTER_IDX'  => _NP_EZCOMMENT2_COMMENTS_FOOTER_IDX, \r
 990                         'COMMENTS_HEADER_IDX'  => _NP_EZCOMMENT2_COMMENTS_HEADER_IDX,\r
 991                 );\r
 992         }\r
 993 \r
 994         // }}}\r
 995         // {{{ _hsc()\r
 996 \r
 997         /**\r
 998          * HTML entity\r
 999          *\r
1000          * @param  string\r
1001          * @return string\r
1002          */\r
1003         function _hsc($str)\r
1004         {\r
1005                 return htmlspecialchars($str, ENT_QUOTES, _CHARSET);\r
1006         }\r
1007         // }}}\r
1008         \r
1009 }\r
1010 \r
1011 \r
1012 \r