Context Navigation

blog.comment.php @ 4654

Revision 4654, 32.9 KB (checked in by inureyes, 3 years ago)

#708

Eliminate mysql_ functions from comment model.
Delete auto_increment extra property from comment tables.
- Is not compatible with other DBMS.

Line
1	<?php
2	/// Copyright (c) 2004-2007, Needlworks / Tatter Network Foundation
3	/// All rights reserved. Licensed under the GPL.
4	/// See the GNU General Public License for more details. (/doc/LICENSE, /doc/COPYRIGHT)
5
6	function decorateComment( & $comment )
7	{
8	$authorized = doesHaveOwnership();
9	$comment['hidden'] = false;
10	$comment['name'] = htmlspecialchars($comment['name']);
11	$comment['comment'] = htmlspecialchars($comment['comment']);
12	if ($comment['secret'] == 1) {
13	if($authorized) {
14	$comment['comment'] = '<span class="hiddenCommentTag_content">' . _text('[비밀댓글]') . '</span> ' . $comment['comment'];
15	} else {
16	if( !fireEvent('ShowSecretComment', false, $comment) ) {
17	$comment['hidden'] = true;
18	$comment['name'] = '<span class="hiddenCommentTag_name">' . _text('비밀방문자') . '</span>';
19	$comment['homepage'] = '';
20	$comment['comment'] = _text('관리자만 볼 수 있는 댓글입니다.');
21	} else {
22	$comment['name'] = '<span class="hiddenCommentTag_name">' . _text('비밀방문자') . '</span>'. $comment['name'];
23	}
24	}
25	}
26	}
27
28	function getCommentsWithPagingForOwner($blogid, $category, $name, $ip, $search, $page, $count) {
29	global $database;
30
31	$postfix = '';
32
33	$sql = "SELECT c.*, e.title, c2.name parentName
34	FROM {$database['prefix']}Comments c
35	LEFT JOIN {$database['prefix']}Entries e ON c.blogid = e.blogid AND c.entry = e.id AND e.draft = 0
36	LEFT JOIN {$database['prefix']}Comments c2 ON c.parent = c2.id AND c.blogid = c2.blogid
37	WHERE c.blogid = $blogid AND c.isFiltered = 0";
38	if ($category > 0) {
39	$categories = DBQuery::queryColumn("SELECT id FROM {$database['prefix']}Categories WHERE parent = $category");
40	array_push($categories, $category);
41	$sql .= ' AND e.category IN (' . implode(', ', $categories) . ')';
42	$postfix .= '&category=' . rawurlencode($category);
43	} else
44	$sql .= ' AND e.category >= 0';
45	if (!empty($name)) {
46	$sql .= ' AND c.name = \'' . tc_escape_string($name) . '\'';
47	$postfix .= '&name=' . rawurlencode($name);
48	}
49	if (!empty($ip)) {
50	$sql .= ' AND c.ip = \'' . tc_escape_string($ip) . '\'';
51	$postfix .= '&ip=' . rawurlencode($ip);
52	}
53	if (!empty($search)) {
54	$search = escapeSearchString($search);
55	$sql .= " AND (c.name LIKE '%$search%' OR c.homepage LIKE '%$search%' OR c.comment LIKE '%$search%')";
56	$postfix .= '&search=' . rawurlencode($search);
57	}
58
59	$sql .= ' ORDER BY c.written DESC';
60	list($comments, $paging) = fetchWithPaging($sql, $page, $count);
61	if (strlen($postfix) > 0) {
62	$postfix .= '&withSearch=on';
63	$paging['postfix'] .= $postfix;
64	}
65
66	return array($comments, $paging);
67	}
68
69	function getCommentsNotifiedWithPagingForOwner($blogid, $category, $name, $ip, $search, $page, $count) {
70	global $database;
71	if (empty($name) && empty($ip) && empty($search)) {
72	$sql = "SELECT
73	c.*,
74	csiteinfo.title AS siteTitle,
75	csiteinfo.name AS nickname,
76	csiteinfo.url AS siteUrl,
77	csiteinfo.modified AS siteModified
78	FROM
79	{$database['prefix']}CommentsNotified c
80	LEFT JOIN
81	{$database['prefix']}CommentsNotifiedSiteInfo csiteinfo ON c.siteId = csiteinfo.id
82	WHERE c.blogid = $blogid AND (c.parent is null)";
83	$sql .= ' ORDER BY c.modified DESC';
84	} else {
85	if (!empty($search)) {
86	$search = escapeSearchString($search);
87	}
88
89	$preQuery = "SELECT parent FROM {$database['prefix']}CommentsNotified WHERE blogid = $blogid AND parent is NOT NULL";
90	if (!empty($name))
91	$preQuery .= ' AND name = \''. tc_escape_string($name) . '\' ';
92	if (!empty($ip))
93	$preQuery .= ' AND ip = \''. tc_escape_string($ip) . '\' ';
94	if (!empty($search)) {
95	$preQuery .= " AND ((name LIKE '%$search%') OR (homepage LIKE '%$search%') OR (comment LIKE '%$search%'))";
96	}
97
98	$childListTemp = array_unique(DBQuery::queryColumn($preQuery));
99	$childList = array();
100	foreach ($childListTemp as $item)
101	if(!is_null($item)) array_push($childList, $item);
102	$childListStr = (count($childList) == 0) ? '' : ('OR c.id IN ( ' . implode(', ',$childList) . ' ) ') ;
103
104	$sql = "SELECT
105	c.*,
106	csiteinfo.title AS siteTitle,
107	csiteinfo.name AS nickname,
108	csiteinfo.url AS siteUrl,
109	csiteinfo.modified AS siteModified
110	FROM
111	{$database['prefix']}CommentsNotified c
112	LEFT JOIN
113	{$database['prefix']}CommentsNotifiedSiteInfo csiteinfo ON c.siteId = csiteinfo.id
114	WHERE c.blogid = $blogid AND (c.parent is null) ";
115	if (!empty($name))
116	$sql .= ' AND ( c.name = \'' . tc_escape_string($name) . '\') ' ;
117	if (!empty($ip))
118	$sql .= ' AND ( c.ip = \'' . tc_escape_string($ip) . '\') ';
119	if (!empty($search)) {
120	$sql .= " AND ((c.name LIKE '%$search%') OR (c.homepage LIKE '%$search%') OR (c.comment LIKE '%$search%')) ";
121	}
122	$sql .= $childListStr . ' ORDER BY c.modified DESC ';
123	}
124	return fetchWithPaging($sql, $page, $count);
125	}
126
127	function getCommentCommentsNotified($parent) {
128	global $database;
129	$comments = array();
130	$authorized = doesHaveOwnership();
131	$sql = "SELECT
132	c.*,
133	csiteinfo.title AS siteTitle,
134	csiteinfo.name AS nickname,
135	csiteinfo.url AS siteUrl,
136	csiteinfo.modified AS siteModified
137	FROM
138	{$database['prefix']}CommentsNotified c
139	LEFT JOIN
140	{$database['prefix']}CommentsNotifiedSiteInfo csiteinfo ON c.siteId = csiteinfo.id
141	WHERE c.blogid = ".getBlogId()." AND c.parent=$parent";
142	$sql .= ' ORDER BY c.written ASC';
143	if ($result = DBQuery::queryAll($sql)) {
144	foreach($result as $comment) {
145	if (($comment['secret'] == 1) && !$authorized) {
146	if( !fireEvent('ShowSecretComment', false, $comment) ) {
147	$comment['name'] = '';
148	$comment['homepage'] = '';
149	$comment['comment'] = _text('관리자만 볼 수 있는 댓글입니다.');
150	}
151	}
152	array_push($comments, $comment);
153	}
154	}
155	return $comments;
156	}
157
158	function getCommentsWithPagingForGuestbook($blogid, $page, $count) {
159	global $database;
160	$sql = "SELECT * FROM {$database['prefix']}Comments WHERE blogid = $blogid";
161	$sql .= ' AND entry = 0 AND parent is null AND isFiltered = 0';
162	$sql .= ' ORDER BY written DESC';
163	return fetchWithPaging($sql, $page, $count);
164	}
165
166	function getCommentAttributes($blogid, $id, $attributeNames) {
167	global $database;
168	return DBQuery::queryRow("select $attributeNames from {$database['prefix']}Comments where blogid = $blogid and id = $id");
169	}
170
171	function getComments($entry) {
172	global $database;
173	$comments = array();
174	$authorized = doesHaveOwnership();
175	$aux = ($entry == 0 ? 'ORDER BY written DESC' : 'order by id ASC');
176	$sql = "SELECT *
177	FROM {$database['prefix']}Comments
178	WHERE blogid = ".getBlogId()."
179	AND entry = $entry
180	AND parent IS NULL
181	AND isFiltered = 0 $aux";
182	if ($result = DBQuery::queryAll($sql)) {
183	foreach ($result as $comment) {
184	if (($comment['secret'] == 1) && !$authorized) {
185	if( !fireEvent('ShowSecretComment', false, $comment) ) {
186	$comment['name'] = '';
187	$comment['homepage'] = '';
188	$comment['comment'] = _text('관리자만 볼 수 있는 댓글입니다.');
189	}
190	}
191	array_push($comments, $comment);
192	}
193	}
194	return $comments;
195	}
196
197	function getCommentComments($parent) {
198	global $database;
199	$comments = array();
200	$authorized = doesHaveOwnership();
201	if ($result = DBQuery::queryAll("SELECT *
202	FROM {$database['prefix']}Comments
203	WHERE blogid = ".getBlogId()."
204	AND parent = $parent
205	AND isFiltered = 0
206	ORDER BY id")) {
207	foreach ($result as $comment) {
208	if (($comment['secret'] == 1) && !$authorized) {
209	if( !fireEvent('ShowSecretComment', false, $comment) ) {
210	$comment['name'] = '';
211	$comment['homepage'] = '';
212	$comment['comment'] = _text('관리자만 볼 수 있는 댓글입니다.');
213	}
214	}
215	array_push($comments, $comment);
216	}
217	}
218	return $comments;
219	}
220
221	function isCommentWriter($blogid, $commentId) {
222	global $database;
223	if (!doesHaveMembership())
224	return false;
225	return DBQuery::queryExistence("SELECT replier
226	FROM {$database['prefix']}Comments
227	WHERE blogid = $blogid
228	AND id = $commentId
229	AND replier = " . getUserId());
230	}
231
232	function getComment($blogid, $id, $password) {
233	global $database;
234	$sql = "SELECT *
235	FROM {$database['prefix']}Comments
236	WHERE blogid = $blogid
237	AND id = $id";
238	if (!doesHaveOwnership()) {
239	if (doesHaveMembership())
240	$sql .= ' AND replier = ' . getUserId();
241	else
242	$sql .= ' AND password = \'' . md5($password) . '\'';
243	}
244	if ($result = DBQuery::queryRow($sql))
245	return $result;
246	return false;
247	}
248
249	function getCommentList($blogid, $search) {
250	global $database;
251	$list = array('title' => "$search", 'items' => array());
252	$search = escapeSearchString($search);
253	$authorized = doesHaveOwnership() ? '' : 'AND c.secret = 0 AND e.category NOT IN ('.getCategoryVisibilityList($blogid,'private').')';
254	if ($result = DBQuery::queryAll("SELECT c.id, c.entry, c.parent, c.name, c.comment, c.written, e.slogan
255	FROM {$database['prefix']}Comments c
256	INNER JOIN {$database['prefix']}Entries e ON c.entry = e.id AND c.blogid = e.blogid
257	WHERE c.entry > 0
258	AND c.blogid = $blogid $authorized
259	and c.isFiltered = 0
260	and (c.comment like '%$search%' OR c.name like '%$search%')")) {
261	foreach ($result as $comment)
262	array_push($list['items'], $comment);
263	}
264	return $list;
265	}
266
267	function updateCommentsOfEntry($blogid, $entryId) {
268	global $database;
269	requireComponent('Needlworks.Cache.PageCache');
270	$commentCount = DBQuery::queryCell("SELECT COUNT(*)
271	FROM {$database['prefix']}Comments
272	WHERE blogid = $blogid
273	AND entry = $entryId
274	AND isFiltered = 0");
275	DBQuery::query("UPDATE {$database['prefix']}Entries
276	SET comments = $commentCount
277	WHERE blogid = $blogid
278	AND id = $entryId");
279	if($entryId >=0) CacheControl::flushEntry($entryId);
280	return $commentCount;
281	}
282
283	function sendCommentPing($entryId, $permalink, $name, $homepage) {
284	global $database, $blog;
285	$blogid = getBlogId();
286	if($slogan = DBQuery::queryCell("SELECT slogan
287	FROM {$database['prefix']}Entries
288	WHERE blogid = $blogid
289	AND id = $entryId
290	AND draft = 0
291	AND visibility = 3
292	AND acceptComment = 1")) {
293	requireComponent('Eolin.PHP.Core');
294	requireComponent('Eolin.PHP.XMLRPC');
295	$rpc = new XMLRPC();
296	$rpc->url = TEXTCUBE_SYNC_URL;
297	$summary = array(
298	'permalink' => $permalink,
299	'name' => $name,
300	'homepage' => $homepage
301	);
302	$rpc->async = true;
303	$rpc->call('sync.comment', $summary);
304	}
305	}
306
307	function addComment($blogid, & $comment) {
308	global $database, $user, $blog, $defaultURL;
309
310	$filtered = 0;
311
312	if (!doesHaveOwnership()) {
313	requireComponent('Textcube.Data.Filter');
314	if (Filter::isFiltered('ip', $comment['ip'])) {
315	$blockType = "ip";
316	$filtered = 1;
317	} else if (Filter::isFiltered('name', $comment['name'])) {
318	$blockType = "name";
319	$filtered = 1;
320	} else if (Filter::isFiltered('url', $comment['homepage'])) {
321	$blockType = "homepage";
322	$filtered = 1;
323	} elseif (Filter::isFiltered('content', $comment['comment'])) {
324	$blockType = "comment";
325	$filtered = 1;
326	} else if (!fireEvent('AddingComment', true, $comment)) {
327	$blockType = "etc";
328	$filtered = 1;
329	}
330	}
331
332	$comment['homepage'] = stripHTML($comment['homepage']);
333	$comment['name'] = UTF8::lessenAsEncoding($comment['name'], 80);
334	$comment['homepage'] = UTF8::lessenAsEncoding($comment['homepage'], 80);
335	$comment['comment'] = UTF8::lessenAsEncoding($comment['comment'], 65535);
336
337	if (!doesHaveOwnership() && $comment['entry'] != 0) {
338	$result = DBQuery::queryCount("SELECT *
339	FROM {$database['prefix']}Entries
340	WHERE blogid = $blogid
341	AND id = {$comment['entry']}
342	AND draft = 0
343	AND visibility > 0
344	AND acceptComment = 1");
345	if (!$result \|\| $result == 0)
346	return false;
347	}
348	$parent = $comment['parent'] == null ? 'null' : "'{$comment['parent']}'";
349	if ($user !== null) {
350	$comment['replier'] = getUserId();
351	$name = tc_escape_string($user['name']);
352	$password = '';
353	$homepage = tc_escape_string($user['homepage']);
354	} else {
355	$comment['replier'] = 'null';
356	$name = tc_escape_string($comment['name']);
357	$password = empty($comment['password']) ? '' : md5($comment['password']);
358	$homepage = tc_escape_string($comment['homepage']);
359	}
360	$comment0 = tc_escape_string($comment['comment']);
361	$filteredAux = ($filtered == 1 ? "UNIX_TIMESTAMP()" : 0);
362	$maxId = getCommentsMaxId();
363	$insertId = $maxId + 1;
364	$result = DBQuery::queryCount("INSERT INTO {$database['prefix']}Comments
365	(blogid,replier,id,entry,parent,name,password,homepage,secret,comment,ip,written,isFiltered)
366	VALUES (
367	$blogid,
368	{$comment['replier']},
369	$insertId,
370	{$comment['entry']},
371	$parent,
372	'$name',
373	'$password',
374	'$homepage',
375	{$comment['secret']},
376	'$comment0',
377	'{$comment['ip']}',
378	UNIX_TIMESTAMP(),
379	$filteredAux
380	)");
381	if ($result && $result > 0) {
382	$id = $insertId;
383	if ($parent != 'null' && $comment['secret'] < 1) {
384	$insertId = getCommentsNotifiedQueueMaxId();
385	DBQuery::execute("
386	INSERT INTO
387	`{$database['prefix']}CommentsNotifiedQueue`
388	( `blogid` , `id`, `commentId` , `sendStatus` , `checkDate` , `written` )
389	VALUES
390	($blogid , $insertId, '" . $id . "', '0', '0', UNIX_TIMESTAMP());");
391	}
392	updateCommentsOfEntry($blogid, $comment['entry']);
393	fireEvent($comment['entry'] ? 'AddComment' : 'AddGuestComment', $id, $comment);
394	if ($filtered == 1)
395	return $blockType;
396	else
397	return $id;
398	}
399	return false;
400	}
401
402	function updateComment($blogid, $comment, $password) {
403	global $database, $user;
404
405	if (!doesHaveOwnership()) {
406	// if filtered, only block and not send to trash
407	requireComponent('Textcube.Data.Filter');
408	if (Filter::isFiltered('ip', $comment['ip']))
409	return 'blocked';
410	if (Filter::isFiltered('name', $comment['name']))
411	return 'blocked';
412	if (Filter::isFiltered('url', $comment['homepage']))
413	return 'blocked';
414	if (Filter::isFiltered('content', $comment['comment']))
415	return 'blocked';
416	if (!fireEvent('ModifyingComment', true, $comment))
417	return 'blocked';
418	}
419
420	$comment['homepage'] = stripHTML($comment['homepage']);
421	$comment['name'] = UTF8::lessenAsEncoding($comment['name'], 80);
422	$comment['homepage'] = UTF8::lessenAsEncoding($comment['homepage'], 80);
423	$comment['comment'] = UTF8::lessenAsEncoding($comment['comment'], 65535);
424
425	$setPassword = '';
426	if ($user !== null) {
427	$comment['replier'] = getUserId();
428	$name = tc_escape_string($user['name']);
429	$setPassword = 'password = \'\',';
430	$homepage = tc_escape_string($user['homepage']);
431	} else {
432	$name = tc_escape_string($comment['name']);
433	if ($comment['password'] !== true)
434	$setPassword = 'password = \'' . (empty($comment['password']) ? '' : md5($comment['password'])) . '\', ';
435	$homepage = tc_escape_string($comment['homepage']);
436	}
437	$comment0 = tc_escape_string($comment['comment']);
438
439	$guestcomment = false;
440	if (DBQuery::queryExistence("SELECT *
441	FROM {$database['prefix']}Comments
442	WHERE blogid = $blogid
443	AND id = {$comment['id']}
444	AND replier IS NULL")) {
445	$guestcomment = true;
446	}
447
448	$wherePassword = '';
449	if (!doesHaveOwnership()) {
450	if ($guestcomment == false) {
451	if (!doesHaveMembership())
452	return false;
453	$wherePassword = ' AND replier = ' . getUserId();
454	}
455	else
456	{
457	$wherePassword = ' AND password = \'' . md5($password) . '\'';
458	}
459	}
460
461	$replier = is_null($comment['replier']) ? 'NULL' : "'{$comment['replier']}'";
462
463	$result = DBQuery::query("UPDATE {$database['prefix']}Comments
464	SET
465	name = '$name',
466	$setPassword
467	homepage = '$homepage',
468	secret = {$comment['secret']},
469	comment = '$comment0',
470	ip = '{$comment['ip']}',
471	written = UNIX_TIMESTAMP(),
472	isFiltered = {$comment['isFiltered']},
473	replier = {$replier}
474	WHERE blogid = $blogid
475	AND id = {$comment['id']} $wherePassword");
476	return $result ? true : false;
477	}
478
479	function deleteComment($blogid, $id, $entry, $password) {
480	global $database;
481
482	if (!is_numeric($id)) return false;
483	if (!is_numeric($entry)) return false;
484
485	$guestcomment = false;
486	if (DBQuery::queryExistence("SELECT * FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = $id AND replier IS NULL")) {
487	$guestcomment = true;
488	}
489
490	$wherePassword = '';
491
492	$sql = "DELETE FROM {$database['prefix']}Comments
493	WHERE blogid = $blogid
494	AND id = $id
495	AND entry = $entry";
496	if (!doesHaveOwnership()) {
497	if ($guestcomment == false) {
498	if (!doesHaveMembership()) {
499	return false;
500	}
501	$wherePassword = ' AND replier = ' . getUserId();
502	}
503	else
504	{
505	$wherePassword = ' AND password = \'' . md5($password) . '\'';
506	}
507	}
508	if(DBQuery::query($sql . $wherePassword)) {
509	updateCommentsOfEntry($blogid, $entry);
510	return true;
511	}
512	return false;
513	}
514
515	function trashComment($blogid, $id, $entry, $password) {
516	global $database;
517	if (!doesHaveOwnership()) {
518	return false;
519	}
520	if (!is_numeric($id)) return false;
521	if (!is_numeric($entry)) return false;
522	$sql = "UPDATE {$database['prefix']}Comments
523	SET isFiltered = UNIX_TIMESTAMP()
524	WHERE blogid = $blogid
525	AND id = $id
526	AND entry = $entry";
527	$affected = DBQuery::queryCount($sql);
528	$sql = "UPDATE {$database['prefix']}Comments
529	SET isFiltered = UNIX_TIMESTAMP()
530	WHERE blogid = $blogid
531	AND parent = $id
532	AND entry = $entry";
533	$affectedChildren = DBQuery::queryCount($sql);
534	if ($affected + $affectedChildren > 0) {
535	updateCommentsOfEntry($blogid, $entry);
536	return true;
537	}
538	return false;
539	}
540
541	function revertComment($blogid, $id, $entry, $password) {
542	// not used, so
543	return false;
544	global $database;
545	if (!doesHaveOwnership()) {
546	return false;
547	}
548	if (!is_numeric($id)) return false;
549	if (!is_numeric($entry)) return false;
550	$sql = "UPDATE {$database['prefix']}Comments
551	SET isFiltered = 0
552	WHERE blogid = $blogid
553	AND id = $id
554	AND entry = $entry";
555	if(DBQuery::query($sql)) {
556	updateCommentsOfEntry($blogid, $entry);
557	return true;
558	}
559	return false;
560	}
561
562	function getRecentComments($blogid,$count = false,$isGuestbook = false) {
563	global $skinSetting, $database;
564	$comments = array();
565	$sql = doesHaveOwnership() ? "SELECT r.*, e.slogan
566	FROM
567	{$database['prefix']}Comments r
568	INNER JOIN {$database['prefix']}Entries e ON r.blogid = e.blogid AND r.entry = e.id
569	WHERE
570	r.blogid = $blogid".($isGuestbook != false ? " AND r.entry=0" : " AND r.entry>0")." AND r.isFiltered = 0
571	ORDER BY
572	r.written
573	DESC LIMIT ".($count != false ? $count : $skinSetting['commentsOnRecent']) :
574	"SELECT r.*, e.slogan
575	FROM
576	{$database['prefix']}Comments r
577	INNER JOIN {$database['prefix']}Entries e ON r.blogid = e.blogid AND r.entry = e.id
578	INNER JOIN {$database['prefix']}Categories c ON e.blogid = c.blogid AND e.category = c.id
579	WHERE
580	r.blogid = $blogid AND e.draft = 0 AND e.visibility >= 2".getPrivateCategoryExclusionQuery($blogid)
581	.($isGuestbook != false ? " AND r.entry = 0" : " AND r.entry > 0")." AND r.isFiltered = 0
582	ORDER BY
583	r.written
584	DESC LIMIT
585	".($count != false ? $count : $skinSetting['commentsOnRecent']);
586	if ($result = DBQuery::queryAll($sql)) {
587	foreach($result as $comment) {
588	if (($comment['secret'] == 1) && !doesHaveOwnership()) {
589	if( !fireEvent('ShowSecretComment', false, $comment) ) {
590	$comment['name'] = '';
591	$comment['homepage'] = '';
592	$comment['comment'] = _text('관리자만 볼 수 있는 댓글입니다.');
593	}
594	}
595	array_push($comments, $comment);
596	}
597	}
598	return $comments;
599	}
600
601	function getRecentGuestbook($blogid,$count = false) {
602	global $skinSetting, $database;
603	$comments = array();
604	$sql = "SELECT r.*
605	FROM
606	{$database['prefix']}Comments r
607	WHERE
608	r.blogid = $blogid AND r.entry = 0 AND r.isFiltered = 0
609	ORDER BY
610	r.written
611	DESC LIMIT ".($count != false ? $count : $skinSetting['commentsOnRecent']);
612
613	if ($result = DBQuery::queryAll($sql)) {
614	foreach($result as $comment) {
615	if (($comment['secret'] == 1) && !doesHaveOwnership()) {
616	if( !fireEvent('ShowSecretComment', false, $comment) ) {
617	$comment['name'] = '';
618	$comment['homepage'] = '';
619	$comment['comment'] = _text('관리자만 볼 수 있는 댓글입니다.');
620	}
621	}
622	array_push($comments, $comment);
623	}
624	}
625	return $comments;
626	}
627
628	function getGuestbookPageById($blogid, $id) {
629	global $database, $skinSetting;
630	$totalGuestbookId = DBQuery::queryColumn("SELECT id
631	FROM {$database['prefix']}Comments
632	WHERE
633	blogid = $blogid AND entry = 0 AND isFiltered = 0 AND parent is null
634	ORDER BY
635	written DESC");
636	$order = array_search($id, $totalGuestbookId);
637	if($order == false) {
638	$parentCommentId = DBQuery::queryCell("SELECT parent
639	FROM {$database['prefix']}Comments
640	WHERE
641	blogid = $blogid AND entry = 0 AND isFiltered = 0 AND id = $id");
642	if($parentCommentId != false) {
643	$order = array_search($parentCommentId, $totalGuestbookId);
644	} else {
645	return false;
646	}
647	}
648	return intval($order / $skinSetting['commentsOnGuestbook'])+1;
649	}
650
651	function deleteCommentInOwner($blogid, $id) {
652	global $database;
653	if (!is_numeric($id)) return false;
654	$entryId = DBQuery::queryCell("SELECT entry FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = $id");
655	if(DBQuery::queryCount("DELETE FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = $id") == 1) {
656	if (DBQuery::query("DELETE FROM {$database['prefix']}Comments WHERE blogid = $blogid AND parent = $id")) {
657	updateCommentsOfEntry($blogid, $entryId);
658	return true;
659	}
660	}
661	return false;
662	}
663
664	function trashCommentInOwner($blogid, $id) {
665	global $database;
666	if (!is_numeric($id)) return false;
667	$entryId = DBQuery::queryCell("SELECT entry FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = $id");
668	$result = DBQuery::queryCount("UPDATE {$database['prefix']}Comments SET isFiltered = UNIX_TIMESTAMP() WHERE blogid = $blogid AND id = $id");
669	if ($result && $result == 1) {
670	if (DBQuery::query("UPDATE {$database['prefix']}Comments SET isFiltered = UNIX_TIMESTAMP() WHERE blogid = $blogid AND parent = $id")) {
671	updateCommentsOfEntry($blogid, $entryId);
672	return true;
673	}
674	}
675	return false;
676	}
677
678	function revertCommentInOwner($blogid, $id) {
679	global $database;
680	if (!is_numeric($id)) return false;
681	$entryId = DBQuery::queryCell("SELECT entry FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = $id");
682	$parent = DBQuery::queryCell("SELECT parent FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = $id");
683	if(DBQuery::queryCount("UPDATE {$database['prefix']}Comments SET isFiltered = 0 WHERE blogid = $blogid AND id = $id") == 1) {
684	if (is_null($parent) \|\| DBQuery::query("UPDATE {$database['prefix']}Comments SET isFiltered = 0 WHERE blogid = $blogid AND id = $parent")) {
685	updateCommentsOfEntry($blogid, $entryId);
686	return true;
687	}
688	}
689	return false;
690	}
691
692	function deleteCommentNotifiedInOwner($blogid, $id) {
693	global $database;
694	if (!is_numeric($id)) return false;
695
696	fireEvent('DeleteCommentNotified', $id);
697
698	$entryId = DBQuery::queryCell("SELECT entry FROM {$database['prefix']}CommentsNotified WHERE blogid = $blogid AND id = $id");
699	if(DBQuery::queryCount("DELETE FROM {$database['prefix']}CommentsNotified WHERE blogid = $blogid AND id = $id") == 1) {
700	if (DBQuery::query("DELETE FROM {$database['prefix']}CommentsNotified WHERE blogid = $blogid AND parent = $id")) {
701	updateCommentsOfEntry($blogid, $entryId);
702	return true;
703	}
704	}
705	return false;
706	}
707
708	function notifyComment() {
709	global $database, $service, $blog, $defaultURL;
710	$blogid = getBlogId();
711	$sql = "
712	select
713	CN.*,
714	CNQ.id AS queueId,
715	CNQ.commentId AS commentId,
716	CNQ.sendStatus AS sendStatus,
717	CNQ.checkDate AS checkDate,
718	CNQ.written AS queueWritten
719	from
720	{$database['prefix']}CommentsNotifiedQueue AS CNQ
721	LEFT JOIN
722	{$database['prefix']}Comments AS CN ON CNQ.commentId = CN.id
723	where
724	CNQ.sendStatus = '0'
725	and CN.parent is not null
726	ORDER BY CNQ.id ASC
727	limit 0, 1
728	";
729	$queue = DBQuery::queryRow($sql);
730	if (empty($queue) && empty($queue['queueId'])) {
731	//DBQuery::execute("DELETE FROM {$database['prefix']}CommentsNotifiedQueue WHERE id={$queue['queueId']}");
732	return false;
733	}
734	$comments = (DBQuery::queryRow("SELECT * FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = {$queue['commentId']}"));
735	if (empty($comments['parent']) \|\| $comments['secret'] == 1) {
736	DBQuery::execute("DELETE FROM {$database['prefix']}CommentsNotifiedQueue WHERE id={$queue['queueId']}");
737	return false;
738	}
739	$parentComments = (DBQuery::queryRow("SELECT * FROM {$database['prefix']}Comments WHERE blogid = $blogid AND id = {$comments['parent']}"));
740	if (empty($parentComments['homepage'])) {
741	DBQuery::execute("DELETE FROM {$database['prefix']}CommentsNotifiedQueue WHERE id={$queue['queueId']}");
742	return false;
743	}
744	$entry = (DBQuery::queryRow("SELECT * FROM {$database['prefix']}Entries WHERE blogid = $blogid AND id={$comments['entry']}"));
745	if( $entry['id'] == 0) {
746	$r1_comment_check_url = rawurlencode("$defaultURL/guestbook#comment" . $parentComments['id']);
747	$r2_comment_check_url = rawurlencode("$defaultURL/guestbook#comment" . $comments['id']);
748	}else{
749	$r1_comment_check_url = rawurlencode("$defaultURL/" . ($blog['useSlogan'] ? "entry/{$entry['slogan']}" : $entry['id']) . "#comment" . $parentComments['id']);
750	$r2_comment_check_url = rawurlencode("$defaultURL/" . ($blog['useSlogan'] ? "entry/{$entry['slogan']}" : $entry['id']) . "#comment" . $comments['id']);
751	}
752
753	$data = "url=" . rawurlencode($defaultURL) . "&mode=fb" . "&s_home_title=" . rawurlencode($blog['title']) . "&s_post_title=" . rawurlencode($entry['title']) . "&s_name=" . rawurlencode($comments['name']) . "&s_no=" . rawurlencode($comments['entry']) . "&s_url=" . rawurlencode("$defaultURL/" . ($blog['useSlogan'] ? "entry/{$entry['slogan']}" : $entry['id'])) . "&r1_name=" . rawurlencode($parentComments['name']) . "&r1_no=" . rawurlencode($parentComments['id']) . "&r1_pno=" . rawurlencode($comments['entry']) . "&r1_rno=0" . "&r1_homepage=" . rawurlencode($parentComments['homepage']) . "&r1_regdate=" . rawurlencode($parentComments['written']) . "&r1_url=" . $r1_comment_check_url. "&r2_name=" . rawurlencode($comments['name']) . "&r2_no=" . rawurlencode($comments['id']) . "&r2_pno=" . rawurlencode($comments['entry']) . "&r2_rno=" . rawurlencode($comments['parent']) . "&r2_homepage=" . rawurlencode($comments['homepage']) . "&r2_regdate=" . rawurlencode($comments['written']) . "&r2_url=" . $r2_comment_check_url . "&r1_body=" . rawurlencode($parentComments['comment']) . "&r2_body=" . rawurlencode($comments['comment']);
754	requireComponent('Eolin.PHP.HTTPRequest');
755	if (strpos($parentComments['homepage'], "http://") === false) {
756	$homepage = 'http://' . $parentComments['homepage'];
757	} else {
758	$homepage = $parentComments['homepage'];
759	}
760	$request = new HTTPRequest('POST', $homepage);
761	$request->contentType = 'application/x-www-form-urlencoded; charset=utf-8';
762	$request->content = $data;
763	if ($request->send()) {
764	$xmls = new XMLStruct();
765	if ($xmls->open($request->responseText)) {
766	$result = $xmls->selectNode('/response/error/');
767	if ($result['.value'] != '1' && $result['.value'] != '0') {
768	$homepage = rtrim($homepage, '/') . '/index.php';
769	$request = new HTTPRequest('POST', $homepage);
770	$request->contentType = 'application/x-www-form-urlencoded; charset=utf-8';
771	$request->content = $data;
772	if ($request->send()) {
773	}
774	}
775	}
776	} else {
777	}
778	DBQuery::execute("DELETE FROM {$database['prefix']}CommentsNotifiedQueue WHERE id={$queue['queueId']}");
779	}
780
781	function receiveNotifiedComment($post) {
782	if (empty($post['mode']) \|\| $post['mode'] != 'fb')
783	return 1;
784	global $database;
785
786	$post = fireEvent('ReceiveNotifiedComment', $post);
787	if ($post === false) return 7;
788
789	$blogid = getBlogId();
790	$title = tc_escape_string(UTF8::lessenAsEncoding($post['s_home_title'], 255));
791	$name = tc_escape_string(UTF8::lessenAsEncoding($post['s_name'], 255));
792	$entryId = tc_escape_string($post['s_no']);
793	$homepage = tc_escape_string(UTF8::lessenAsEncoding($post['url'], 255));
794	$entryUrl = tc_escape_string($post['s_url']);
795	$entryTitle = tc_escape_string($post['s_post_title']);
796	$parent_id = $post['r1_no'];
797	$parent_name = tc_escape_string(UTF8::lessenAsEncoding($post['r1_name'], 80));
798	$parent_parent = $post['r1_rno'];
799	$parent_homepage = tc_escape_string(UTF8::lessenAsEncoding($post['r1_homepage'], 80));
800	$parent_written = $post['r1_regdate'];
801	$parent_comment = tc_escape_string(UTF8::lessenAsEncoding($post['r1_body'], 255));
802	$parent_url = tc_escape_string(UTF8::lessenAsEncoding($post['r1_url'], 255));
803	$child_id = $post['r2_no'];
804	$child_name = tc_escape_string(UTF8::lessenAsEncoding($post['r2_name'], 80));
805	$child_parent = $post['r2_rno'];
806	$child_homepage = tc_escape_string(UTF8::lessenAsEncoding($post['r2_homepage'], 80));
807	$child_written = $post['r2_regdate'];
808	$child_comment = tc_escape_string(UTF8::lessenAsEncoding($post['r2_body'], 255));
809	$child_url = tc_escape_string(UTF8::lessenAsEncoding($post['r2_url'], 255));
810	$sql = "SELECT id FROM {$database['prefix']}CommentsNotifiedSiteInfo WHERE url = '$homepage'";
811	$siteId = DBQuery::queryCell($sql);
812	$insertId = getCommentsNotifiedSiteInfoMaxId() + 1;
813	if (empty($siteId)) {
814	if (DBQuery::execute("INSERT INTO {$database['prefix']}CommentsNotifiedSiteInfo VALUES ($insertId, '$title', '$name', '$homepage', UNIX_TIMESTAMP());"))
815	$siteId = $insertId;
816	else
817	return 2;
818	}
819	$parentId = DBQuery::queryCell("SELECT id FROM {$database['prefix']}CommentsNotified WHERE entry = $entryId AND siteId = $siteId AND blogid = $blogid AND remoteId = $parent_id");
820	if (empty($parentId)) {
821	$insertId = getCommentsNotifiedMaxId() + 1;
822	$sql = "INSERT INTO {$database['prefix']}CommentsNotified ( blogid , replier , id , entry , parent , name , password , homepage , secret , comment , ip , written, modified , siteId , isNew , url , remoteId ,entryTitle , entryUrl )
823	VALUES (
824	$blogid, NULL , $insertId, " . $entryId . ", " . (empty($parent_parent) ? 'null' : $parent_parent) . ", '" . $parent_name . "', '', '" . $parent_homepage . "', '', '" . $parent_comment . "', '', " . $parent_written . ",UNIX_TIMESTAMP(), " . $siteId . ", 1, '" . $parent_url . "'," . $parent_id . ", '" . $entryTitle . "', '" . $entryUrl . "'
825	);";
826	if (!DBQuery::execute($sql))
827	return 3;
828	$parentId = $insertId;
829	}
830	if (DBQuery::queryCell("SELECT count(*) FROM {$database['prefix']}CommentsNotified WHERE siteId=$siteId AND remoteId=$child_id") > 0)
831	return 4;
832	$insertId = getCommentsNotifiedMaxId() + 1;
833	$sql = "INSERT INTO {$database['prefix']}CommentsNotified ( blogid , replier , id , entry , parent , name , password , homepage , secret , comment , ip , written, modified , siteId , isNew , url , remoteId ,entryTitle , entryUrl )
834	VALUES (
835	$blogid, NULL , $insertId, " . $entryId . ", $parentId, '$child_name', '', '$child_homepage', '', '$child_comment', '', $child_written, UNIX_TIMESTAMP(), $siteId, 1, '$child_url',$child_id, '$entryTitle', '$entryUrl');";
836	if (!DBQuery::execute($sql))
837	return 5;
838	$sql = "UPDATE {$database['prefix']}CommentsNotified SET modified = UNIX_TIMESTAMP() WHERE id=$parentId";
839	if (!DBQuery::execute($sql))
840	return 6;
841	return 0;
842	}
843
844	function getCommentCount($blogid, $entryId = null) {
845	global $database;
846	if (is_null($entryId))
847	return DBQuery::queryCell("SELECT SUM(comments) FROM {$database['prefix']}Entries WHERE blogid = $blogid AND draft= 0 ");
848	return DBQuery::queryCell("SELECT comments FROM {$database['prefix']}Entries WHERE blogid = $blogid AND id = $entryId AND draft = 0");
849	}
850
851	function getCommentCountPart($commentCount, &$skin) {
852	$noneCommentMessage = $skin->noneCommentMessage;
853	$singleCommentMessage = $skin->singleCommentMessage;
854
855	if ($commentCount == 0 && !empty($noneCommentMessage)) {
856	dress('article_rep_rp_cnt', 0, $noneCommentMessage);
857	$commentView = $noneCommentMessage;
858	} else if ($commentCount == 1 && !empty($singleCommentMessage)) {
859	dress('article_rep_rp_cnt', 1, $singleCommentMessage);
860	$commentView = $singleCommentMessage;
861	} else {
862	$commentPart = $skin->commentCount;
863	dress('article_rep_rp_cnt', $commentCount, $commentPart);
864	$commentView = $commentPart;
865	}
866
867	return array("rp_count", $commentView);
868	}
869
870	function getCommentsMaxId() {
871	$maxId = DBQuery::queryCell("SELECT max(id)
872	FROM {$database['prefix']}Comments
873	WHERE blogid = ".getBlogId());
874	return empty($maxId) ? 0 : $maxId;
875	}
876
877	function getCommentsNotifiedMaxId() {
878	$maxId = DBQuery::queryCell("SELECT max(id)
879	FROM {$database['prefix']}CommentsNotified
880	WHERE blogid = ".getBlogId());
881	return empty($maxId) ? 0 : $maxId;
882	}
883
884	function getCommentsNotifiedQueueMaxId() {
885	$maxId = DBQuery::queryCell("SELECT max(id)
886	FROM {$database['prefix']}CommentsNotifiedQueue
887	WHERE blogid = ".getBlogId());
888	return empty($maxId) ? 0 : $maxId;
889	}
890
891	function getCommentsNotifiedSiteInfoMaxId() {
892	$maxId = DBQuery::queryCell("SELECT max(id)
893	FROM {$database['prefix']}CommentsNotifiedSiteInfo
894	WHERE blogid = ".getBlogId());
895	return empty($maxId) ? 0 : $maxId;
896	}
897
898	?>

Note: See TracBrowser for help on using the browser.

Development Center

메인메뉴

Context Navigation

root/trunk/lib/model/blog.comment.php @ 4654

Download in other formats: