2007-04-16 11:58:25 +00:00
|
|
|
<?php
|
2010-01-04 12:41:04 +00:00
|
|
|
/**
|
|
|
|
* Name: Image Comments
|
|
|
|
* Author: Shish <webmaster@shishnet.org>
|
2010-01-04 12:44:20 +00:00
|
|
|
* Link: http://code.shishnet.org/shimmie2/
|
2010-01-04 12:41:04 +00:00
|
|
|
* License: GPLv2
|
|
|
|
* Description: Allow users to make comments on images
|
|
|
|
* Documentation:
|
2010-01-05 13:13:11 +00:00
|
|
|
* Formatting is done with the standard formatting API (normally BBCode)
|
2010-01-04 12:41:04 +00:00
|
|
|
*/
|
|
|
|
|
2016-05-12 15:25:30 +01:00
|
|
|
require_once "vendor/ifixit/php-akismet/akismet.class.php";
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2007-08-24 17:02:45 +00:00
|
|
|
class CommentPostingEvent extends Event {
|
2014-04-28 17:36:52 -04:00
|
|
|
/** @var int */
|
|
|
|
public $image_id;
|
|
|
|
/** @var \User */
|
|
|
|
public $user;
|
|
|
|
/** @var string */
|
|
|
|
public $comment;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param int $image_id
|
|
|
|
* @param \User $user
|
|
|
|
* @param string $comment
|
|
|
|
*/
|
2014-03-17 22:05:37 +00:00
|
|
|
public function __construct($image_id, $user, $comment) {
|
2015-08-09 12:14:28 +01:00
|
|
|
assert('is_numeric($image_id)');
|
2007-08-24 17:02:45 +00:00
|
|
|
$this->image_id = $image_id;
|
|
|
|
$this->user = $user;
|
|
|
|
$this->comment = $comment;
|
|
|
|
}
|
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
|
|
|
|
/**
|
2007-04-16 11:58:25 +00:00
|
|
|
* A comment is being deleted. Maybe used by spam
|
2010-01-04 12:41:04 +00:00
|
|
|
* detectors to get a feel for what should be deleted
|
2007-04-16 11:58:25 +00:00
|
|
|
* and what should be kept?
|
|
|
|
*/
|
|
|
|
class CommentDeletionEvent extends Event {
|
2014-04-28 17:36:52 -04:00
|
|
|
/** @var int */
|
|
|
|
public $comment_id;
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
|
|
|
* @param int $comment_id
|
|
|
|
*/
|
2014-03-17 22:05:37 +00:00
|
|
|
public function __construct($comment_id) {
|
2015-08-09 12:14:28 +01:00
|
|
|
assert('is_numeric($comment_id)');
|
2007-04-16 11:58:25 +00:00
|
|
|
$this->comment_id = $comment_id;
|
|
|
|
}
|
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
|
2009-01-04 06:01:59 -08:00
|
|
|
class CommentPostingException extends SCoreException {}
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2009-08-04 17:45:09 +01:00
|
|
|
class Comment {
|
2014-03-17 22:05:37 +00:00
|
|
|
var $owner, $owner_id, $owner_name, $owner_email, $owner_class;
|
|
|
|
var $comment, $comment_id;
|
|
|
|
var $image_id, $poster_ip, $posted;
|
|
|
|
|
|
|
|
public function __construct($row) {
|
2010-04-07 13:38:44 +01:00
|
|
|
$this->owner = null;
|
2007-04-16 11:58:25 +00:00
|
|
|
$this->owner_id = $row['user_id'];
|
|
|
|
$this->owner_name = $row['user_name'];
|
2010-04-07 13:38:44 +01:00
|
|
|
$this->owner_email = $row['user_email']; // deprecated
|
2013-09-09 13:41:08 +01:00
|
|
|
$this->owner_class = $row['user_class'];
|
2007-04-16 11:58:25 +00:00
|
|
|
$this->comment = $row['comment'];
|
|
|
|
$this->comment_id = $row['comment_id'];
|
|
|
|
$this->image_id = $row['image_id'];
|
|
|
|
$this->poster_ip = $row['poster_ip'];
|
2007-07-21 12:11:41 +00:00
|
|
|
$this->posted = $row['posted'];
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-01-20 03:24:35 -08:00
|
|
|
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
2015-09-27 02:17:44 +01:00
|
|
|
* @param User $user
|
2014-04-28 17:36:52 -04:00
|
|
|
* @return mixed
|
|
|
|
*/
|
2009-01-20 03:24:35 -08:00
|
|
|
public static function count_comments_by_user($user) {
|
|
|
|
global $database;
|
2015-09-26 19:14:11 +01:00
|
|
|
return $database->get_one("
|
|
|
|
SELECT COUNT(*) AS count
|
|
|
|
FROM comments
|
|
|
|
WHERE owner_id=:owner_id
|
|
|
|
", array("owner_id"=>$user->id));
|
2009-01-20 03:24:35 -08:00
|
|
|
}
|
2010-04-07 13:38:44 +01:00
|
|
|
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
|
|
|
* @return null|User
|
|
|
|
*/
|
2010-04-07 13:38:44 +01:00
|
|
|
public function get_owner() {
|
|
|
|
if(empty($this->owner)) $this->owner = User::by_id($this->owner_id);
|
|
|
|
return $this->owner;
|
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2009-05-11 07:04:33 -07:00
|
|
|
|
2012-02-08 12:07:01 +00:00
|
|
|
class CommentList extends Extension {
|
2015-09-26 19:14:11 +01:00
|
|
|
/** @var CommentListTheme $theme */
|
|
|
|
var $theme;
|
|
|
|
|
2012-02-02 08:07:57 +00:00
|
|
|
public function onInitExt(InitExtEvent $event) {
|
2009-08-04 17:45:09 +01:00
|
|
|
global $config, $database;
|
|
|
|
$config->set_default_int('comment_window', 5);
|
|
|
|
$config->set_default_int('comment_limit', 10);
|
2009-08-19 00:33:18 +01:00
|
|
|
$config->set_default_int('comment_list_count', 10);
|
2009-08-04 17:45:09 +01:00
|
|
|
$config->set_default_int('comment_count', 5);
|
2010-01-03 08:15:52 +00:00
|
|
|
$config->set_default_bool('comment_captcha', false);
|
2009-08-04 17:45:09 +01:00
|
|
|
|
2012-03-10 19:13:41 +00:00
|
|
|
if($config->get_int("ext_comments_version") < 3) {
|
2009-08-04 17:45:09 +01:00
|
|
|
// shortcut to latest
|
|
|
|
if($config->get_int("ext_comments_version") < 1) {
|
|
|
|
$database->create_table("comments", "
|
|
|
|
id SCORE_AIPK,
|
|
|
|
image_id INTEGER NOT NULL,
|
|
|
|
owner_id INTEGER NOT NULL,
|
|
|
|
owner_ip SCORE_INET NOT NULL,
|
2014-02-22 23:30:58 -05:00
|
|
|
posted SCORE_DATETIME DEFAULT NULL,
|
2009-08-04 17:45:09 +01:00
|
|
|
comment TEXT NOT NULL,
|
2012-03-11 01:52:25 +00:00
|
|
|
FOREIGN KEY (image_id) REFERENCES images(id) ON DELETE CASCADE,
|
|
|
|
FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE RESTRICT
|
2009-08-04 17:45:09 +01:00
|
|
|
");
|
2014-02-22 23:02:11 -05:00
|
|
|
$database->execute("CREATE INDEX comments_image_id_idx ON comments(image_id)", array());
|
|
|
|
$database->execute("CREATE INDEX comments_owner_id_idx ON comments(owner_id)", array());
|
2014-02-22 23:23:23 -05:00
|
|
|
$database->execute("CREATE INDEX comments_posted_idx ON comments(posted)", array());
|
2012-03-10 18:57:35 +00:00
|
|
|
$config->set_int("ext_comments_version", 3);
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2007-06-30 01:19:11 +00:00
|
|
|
|
2012-03-10 18:57:35 +00:00
|
|
|
// the whole history
|
2009-08-04 17:45:09 +01:00
|
|
|
if($config->get_int("ext_comments_version") < 1) {
|
2012-03-10 18:57:35 +00:00
|
|
|
$database->create_table("comments", "
|
2012-06-24 00:57:55 +01:00
|
|
|
id SCORE_AIPK,
|
2009-08-04 17:45:09 +01:00
|
|
|
image_id INTEGER NOT NULL,
|
|
|
|
owner_id INTEGER NOT NULL,
|
|
|
|
owner_ip CHAR(16) NOT NULL,
|
2014-02-22 23:30:58 -05:00
|
|
|
posted SCORE_DATETIME DEFAULT NULL,
|
2014-02-22 23:02:11 -05:00
|
|
|
comment TEXT NOT NULL
|
2012-03-10 18:57:35 +00:00
|
|
|
");
|
2014-02-22 23:02:11 -05:00
|
|
|
$database->execute("CREATE INDEX comments_image_id_idx ON comments(image_id)", array());
|
2009-08-04 17:45:09 +01:00
|
|
|
$config->set_int("ext_comments_version", 1);
|
|
|
|
}
|
2007-07-16 13:15:56 +00:00
|
|
|
|
2009-08-04 17:45:09 +01:00
|
|
|
if($config->get_int("ext_comments_version") == 1) {
|
|
|
|
$database->Execute("CREATE INDEX comments_owner_ip ON comments(owner_ip)");
|
|
|
|
$database->Execute("CREATE INDEX comments_posted ON comments(posted)");
|
|
|
|
$config->set_int("ext_comments_version", 2);
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2012-03-10 18:57:35 +00:00
|
|
|
|
2012-03-10 19:07:02 +00:00
|
|
|
if($config->get_int("ext_comments_version") == 2) {
|
|
|
|
$config->set_int("ext_comments_version", 3);
|
2012-03-11 01:52:25 +00:00
|
|
|
$database->Execute("ALTER TABLE comments ADD FOREIGN KEY (image_id) REFERENCES images(id) ON DELETE CASCADE");
|
|
|
|
$database->Execute("ALTER TABLE comments ADD FOREIGN KEY (owner_id) REFERENCES users(id) ON DELETE RESTRICT");
|
2012-03-10 19:07:02 +00:00
|
|
|
}
|
|
|
|
|
2012-03-10 18:57:35 +00:00
|
|
|
// FIXME: add foreign keys, bump to v3
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onPageRequest(PageRequestEvent $event) {
|
2009-08-04 17:45:09 +01:00
|
|
|
if($event->page_matches("comment")) {
|
2015-09-26 19:53:15 +01:00
|
|
|
switch($event->get_arg(0)) {
|
|
|
|
case "add": $this->onPageRequest_add(); break;
|
|
|
|
case "delete": $this->onPageRequest_delete($event); break;
|
|
|
|
case "bulk_delete": $this->onPageRequest_bulk_delete(); break;
|
|
|
|
case "list": $this->onPageRequest_list($event); break;
|
|
|
|
case "beta-search": $this->onPageRequest_beta_search($event); break;
|
2015-09-26 19:14:11 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
private function onPageRequest_add() {
|
|
|
|
global $user, $page;
|
|
|
|
if (isset($_POST['image_id']) && isset($_POST['comment'])) {
|
|
|
|
try {
|
|
|
|
$i_iid = int_escape($_POST['image_id']);
|
|
|
|
$cpe = new CommentPostingEvent($_POST['image_id'], $user, $_POST['comment']);
|
|
|
|
send_event($cpe);
|
|
|
|
$page->set_mode("redirect");
|
|
|
|
$page->set_redirect(make_link("post/view/$i_iid#comment_on_$i_iid"));
|
|
|
|
} catch (CommentPostingException $ex) {
|
|
|
|
$this->theme->display_error(403, "Comment Blocked", $ex->getMessage());
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
private function onPageRequest_delete(PageRequestEvent $event) {
|
|
|
|
global $user, $page;
|
|
|
|
if ($user->can("delete_comment")) {
|
|
|
|
// FIXME: post, not args
|
|
|
|
if ($event->count_args() === 3) {
|
|
|
|
send_event(new CommentDeletionEvent($event->get_arg(1)));
|
|
|
|
flash_message("Deleted comment");
|
|
|
|
$page->set_mode("redirect");
|
|
|
|
if (!empty($_SERVER['HTTP_REFERER'])) {
|
|
|
|
$page->set_redirect($_SERVER['HTTP_REFERER']);
|
|
|
|
} else {
|
|
|
|
$page->set_redirect(make_link("post/view/" . $event->get_arg(2)));
|
|
|
|
}
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
$this->theme->display_permission_denied();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
private function onPageRequest_bulk_delete() {
|
|
|
|
global $user, $database, $page;
|
|
|
|
if ($user->can("delete_comment") && !empty($_POST["ip"])) {
|
|
|
|
$ip = $_POST['ip'];
|
|
|
|
|
|
|
|
$comment_ids = $database->get_col("
|
|
|
|
SELECT id
|
|
|
|
FROM comments
|
|
|
|
WHERE owner_ip=:ip
|
|
|
|
", array("ip" => $ip));
|
|
|
|
$num = count($comment_ids);
|
|
|
|
log_warning("comment", "Deleting $num comments from $ip");
|
|
|
|
foreach($comment_ids as $cid) {
|
|
|
|
send_event(new CommentDeletionEvent($cid));
|
2012-10-15 21:48:55 +01:00
|
|
|
}
|
2015-09-26 19:14:11 +01:00
|
|
|
flash_message("Deleted $num comments");
|
|
|
|
|
|
|
|
$page->set_mode("redirect");
|
|
|
|
$page->set_redirect(make_link("admin"));
|
|
|
|
} else {
|
|
|
|
$this->theme->display_permission_denied();
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2007-07-17 18:07:18 +00:00
|
|
|
|
2015-09-26 19:14:11 +01:00
|
|
|
private function onPageRequest_list(PageRequestEvent $event) {
|
|
|
|
$page_num = int_escape($event->get_arg(1));
|
|
|
|
$this->build_page($page_num);
|
|
|
|
}
|
|
|
|
|
|
|
|
private function onPageRequest_beta_search(PageRequestEvent $event) {
|
|
|
|
$search = $event->get_arg(1);
|
|
|
|
$page_num = int_escape($event->get_arg(2));
|
|
|
|
$duser = User::by_name($search);
|
|
|
|
$i_comment_count = Comment::count_comments_by_user($duser);
|
|
|
|
$com_per_page = 50;
|
|
|
|
$total_pages = ceil($i_comment_count / $com_per_page);
|
2015-09-26 19:53:15 +01:00
|
|
|
$page_num = clamp($page_num, 1, $total_pages);
|
2015-09-26 19:14:11 +01:00
|
|
|
$comments = $this->get_user_comments($duser->id, $com_per_page, ($page_num - 1) * $com_per_page);
|
|
|
|
$this->theme->display_all_user_comments($comments, $page_num, $total_pages, $duser);
|
|
|
|
}
|
|
|
|
|
2012-06-09 16:08:29 +01:00
|
|
|
public function onAdminBuilding(AdminBuildingEvent $event) {
|
|
|
|
$this->theme->display_admin_block();
|
|
|
|
}
|
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onPostListBuilding(PostListBuildingEvent $event) {
|
2011-03-23 11:37:46 +00:00
|
|
|
global $config, $database;
|
2009-08-04 17:45:09 +01:00
|
|
|
$cc = $config->get_int("comment_count");
|
|
|
|
if($cc > 0) {
|
2011-03-23 11:37:46 +00:00
|
|
|
$recent = $database->cache->get("recent_comments");
|
|
|
|
if(empty($recent)) {
|
|
|
|
$recent = $this->get_recent_comments($cc);
|
2012-03-15 06:17:19 +00:00
|
|
|
$database->cache->set("recent_comments", $recent, 60);
|
2011-03-23 11:37:46 +00:00
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
if(count($recent) > 0) {
|
|
|
|
$this->theme->display_recent_comments($recent);
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onUserPageBuilding(UserPageBuildingEvent $event) {
|
2009-08-18 22:30:52 +01:00
|
|
|
$i_days_old = ((time() - strtotime($event->display_user->join_date)) / 86400) + 1;
|
|
|
|
$i_comment_count = Comment::count_comments_by_user($event->display_user);
|
|
|
|
$h_comment_rate = sprintf("%.1f", ($i_comment_count / $i_days_old));
|
|
|
|
$event->add_stats("Comments made: $i_comment_count, $h_comment_rate per day");
|
2011-12-31 13:54:32 +00:00
|
|
|
|
2012-10-15 21:48:55 +01:00
|
|
|
$recent = $this->get_user_comments($event->display_user->id, 10);
|
|
|
|
$this->theme->display_recent_user_comments($recent, $event->display_user);
|
2009-08-18 22:30:52 +01:00
|
|
|
}
|
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onDisplayingImage(DisplayingImageEvent $event) {
|
2012-03-19 13:17:47 +00:00
|
|
|
global $user;
|
2009-08-04 17:45:09 +01:00
|
|
|
$this->theme->display_image_comments(
|
|
|
|
$event->image,
|
|
|
|
$this->get_comments($event->image->id),
|
2012-03-19 13:17:47 +00:00
|
|
|
$user->can("create_comment")
|
2009-08-04 17:45:09 +01:00
|
|
|
);
|
|
|
|
}
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2009-08-04 17:45:09 +01:00
|
|
|
// TODO: split akismet into a separate class, which can veto the event
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onCommentPosting(CommentPostingEvent $event) {
|
2012-02-02 14:14:33 +00:00
|
|
|
$this->add_comment_wrapper($event->image_id, $event->user, $event->comment);
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2009-08-03 10:18:40 +01:00
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onCommentDeletion(CommentDeletionEvent $event) {
|
2009-08-04 17:45:09 +01:00
|
|
|
global $database;
|
2015-09-26 19:14:11 +01:00
|
|
|
$database->Execute("
|
|
|
|
DELETE FROM comments
|
|
|
|
WHERE id=:comment_id
|
|
|
|
", array("comment_id"=>$event->comment_id));
|
2009-08-12 15:40:13 +01:00
|
|
|
log_info("comment", "Deleting Comment #{$event->comment_id}");
|
2009-08-04 17:45:09 +01:00
|
|
|
}
|
2009-08-03 10:18:40 +01:00
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onSetupBuilding(SetupBuildingEvent $event) {
|
2009-08-04 17:45:09 +01:00
|
|
|
$sb = new SetupBlock("Comment Options");
|
2012-03-19 13:17:47 +00:00
|
|
|
$sb->add_bool_option("comment_captcha", "Require CAPTCHA for anonymous comments: ");
|
2009-08-04 17:45:09 +01:00
|
|
|
$sb->add_label("<br>Limit to ");
|
|
|
|
$sb->add_int_option("comment_limit");
|
|
|
|
$sb->add_label(" comments per ");
|
|
|
|
$sb->add_int_option("comment_window");
|
|
|
|
$sb->add_label(" minutes");
|
|
|
|
$sb->add_label("<br>Show ");
|
|
|
|
$sb->add_int_option("comment_count");
|
|
|
|
$sb->add_label(" recent comments on the index");
|
2009-08-19 00:33:18 +01:00
|
|
|
$sb->add_label("<br>Show ");
|
|
|
|
$sb->add_int_option("comment_list_count");
|
|
|
|
$sb->add_label(" comments per image on the list");
|
2012-10-03 21:28:29 +01:00
|
|
|
$sb->add_label("<br>Make samefags public ");
|
|
|
|
$sb->add_bool_option("comment_samefags_public");
|
2009-08-04 17:45:09 +01:00
|
|
|
$event->panel->add_block($sb);
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-01-04 11:18:37 -08:00
|
|
|
|
2010-05-15 12:17:32 +01:00
|
|
|
public function onSearchTermParse(SearchTermParseEvent $event) {
|
2009-08-04 17:45:09 +01:00
|
|
|
$matches = array();
|
2014-04-28 17:36:52 -04:00
|
|
|
|
2014-02-15 21:26:31 +00:00
|
|
|
if(preg_match("/^comments([:]?<|[:]?>|[:]?<=|[:]?>=|[:|=])(\d+)$/i", $event->term, $matches)) {
|
2014-01-13 09:13:56 +00:00
|
|
|
$cmp = ltrim($matches[1], ":") ?: "=";
|
2009-08-04 17:45:09 +01:00
|
|
|
$comments = $matches[2];
|
|
|
|
$event->add_querylet(new Querylet("images.id IN (SELECT DISTINCT image_id FROM comments GROUP BY image_id HAVING count(image_id) $cmp $comments)"));
|
2008-05-18 02:25:31 +00:00
|
|
|
}
|
2014-01-13 09:13:56 +00:00
|
|
|
else if(preg_match("/^commented_by[=|:](.*)$/i", $event->term, $matches)) {
|
2009-08-04 17:45:09 +01:00
|
|
|
$user = User::by_name($matches[1]);
|
|
|
|
if(!is_null($user)) {
|
|
|
|
$user_id = $user->id;
|
2014-04-28 17:36:52 -04:00
|
|
|
} else {
|
2009-08-04 17:45:09 +01:00
|
|
|
$user_id = -1;
|
|
|
|
}
|
2008-05-18 02:25:31 +00:00
|
|
|
|
2009-08-04 17:45:09 +01:00
|
|
|
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM comments WHERE owner_id = $user_id)"));
|
2008-05-18 02:25:31 +00:00
|
|
|
}
|
2014-01-13 09:13:56 +00:00
|
|
|
else if(preg_match("/^commented_by_userno[=|:]([0-9]+)$/i", $event->term, $matches)) {
|
2009-08-04 17:45:09 +01:00
|
|
|
$user_id = int_escape($matches[1]);
|
|
|
|
$event->add_querylet(new Querylet("images.id IN (SELECT image_id FROM comments WHERE owner_id = $user_id)"));
|
2007-12-14 01:00:53 +00:00
|
|
|
}
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
|
2007-04-16 11:58:25 +00:00
|
|
|
// page building {{{
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
|
|
|
* @param int $current_page
|
|
|
|
*/
|
2012-02-02 14:14:33 +00:00
|
|
|
private function build_page(/*int*/ $current_page) {
|
2014-04-28 17:36:52 -04:00
|
|
|
global $database, $user;
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2013-12-07 23:16:20 -05:00
|
|
|
$where = SPEED_HAX ? "WHERE posted > now() - interval '24 hours'" : "";
|
|
|
|
|
2012-11-24 20:28:49 +02:00
|
|
|
$total_pages = $database->cache->get("comment_pages");
|
2013-12-03 14:39:12 -05:00
|
|
|
if(empty($total_pages)) {
|
2015-09-20 18:37:36 +01:00
|
|
|
$total_pages = (int)($database->get_one("
|
|
|
|
SELECT COUNT(c1)
|
|
|
|
FROM (SELECT COUNT(image_id) AS c1 FROM comments $where GROUP BY image_id) AS s1
|
|
|
|
") / 10);
|
2013-12-03 14:39:12 -05:00
|
|
|
$database->cache->set("comment_pages", $total_pages, 600);
|
|
|
|
}
|
2015-09-26 20:03:30 +01:00
|
|
|
$total_pages = max($total_pages, 1);
|
|
|
|
|
2015-09-26 19:53:15 +01:00
|
|
|
$current_page = clamp($current_page, 1, $total_pages);
|
2013-12-03 14:39:12 -05:00
|
|
|
|
2007-04-16 11:58:25 +00:00
|
|
|
$threads_per_page = 10;
|
|
|
|
$start = $threads_per_page * ($current_page - 1);
|
|
|
|
|
2015-09-26 19:14:11 +01:00
|
|
|
$result = $database->Execute("
|
2007-04-16 11:58:25 +00:00
|
|
|
SELECT image_id,MAX(posted) AS latest
|
2015-09-20 18:37:36 +01:00
|
|
|
FROM comments
|
|
|
|
$where
|
2007-04-16 11:58:25 +00:00
|
|
|
GROUP BY image_id
|
|
|
|
ORDER BY latest DESC
|
2011-01-01 15:28:38 +00:00
|
|
|
LIMIT :limit OFFSET :offset
|
2015-09-26 19:14:11 +01:00
|
|
|
", array("limit"=>$threads_per_page, "offset"=>$start));
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2015-09-26 19:14:11 +01:00
|
|
|
$user_ratings = ext_is_live("Ratings") ? Ratings::get_user_privs($user) : "";
|
2015-09-20 18:37:36 +01:00
|
|
|
|
2009-08-04 17:45:09 +01:00
|
|
|
$images = array();
|
2011-01-01 15:58:09 +00:00
|
|
|
while($row = $result->fetch()) {
|
|
|
|
$image = Image::by_id($row["image_id"]);
|
2015-09-26 19:14:11 +01:00
|
|
|
if(
|
|
|
|
ext_is_live("Ratings") && !is_null($image) &&
|
|
|
|
strpos($user_ratings, $image->rating) === FALSE
|
|
|
|
) {
|
|
|
|
$image = null; // this is "clever", I may live to regret it
|
2015-09-20 18:37:36 +01:00
|
|
|
}
|
|
|
|
if(!is_null($image)) {
|
|
|
|
$comments = $this->get_comments($image->id);
|
|
|
|
$images[] = array($image, $comments);
|
2010-04-23 04:08:22 +01:00
|
|
|
}
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-08-04 17:45:09 +01:00
|
|
|
|
2012-03-19 13:17:47 +00:00
|
|
|
$this->theme->display_comment_list($images, $current_page, $total_pages, $user->can("create_comment"));
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2007-07-19 14:02:18 +00:00
|
|
|
// }}}
|
2013-12-03 14:39:12 -05:00
|
|
|
|
2007-07-19 14:02:18 +00:00
|
|
|
// get comments {{{
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
2015-09-26 19:14:11 +01:00
|
|
|
* @param string $query
|
|
|
|
* @param array $args
|
2015-09-27 02:17:44 +01:00
|
|
|
* @return Comment[]
|
2014-04-28 17:36:52 -04:00
|
|
|
*/
|
2015-09-26 19:14:11 +01:00
|
|
|
private function get_generic_comments($query, $args) {
|
2014-04-28 17:36:52 -04:00
|
|
|
global $database;
|
2015-09-26 19:14:11 +01:00
|
|
|
$rows = $database->get_all($query, $args);
|
2007-07-19 14:02:18 +00:00
|
|
|
$comments = array();
|
|
|
|
foreach($rows as $row) {
|
|
|
|
$comments[] = new Comment($row);
|
|
|
|
}
|
|
|
|
return $comments;
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-01-04 11:18:37 -08:00
|
|
|
|
2015-09-26 19:14:11 +01:00
|
|
|
/**
|
|
|
|
* @param int $count
|
2015-09-27 02:17:44 +01:00
|
|
|
* @return Comment[]
|
2015-09-26 19:14:11 +01:00
|
|
|
*/
|
|
|
|
private function get_recent_comments($count) {
|
|
|
|
return $this->get_generic_comments("
|
|
|
|
SELECT
|
|
|
|
users.id as user_id, users.name as user_name, users.email as user_email, users.class as user_class,
|
|
|
|
comments.comment as comment, comments.id as comment_id,
|
|
|
|
comments.image_id as image_id, comments.owner_ip as poster_ip,
|
|
|
|
comments.posted as posted
|
|
|
|
FROM comments
|
|
|
|
LEFT JOIN users ON comments.owner_id=users.id
|
|
|
|
ORDER BY comments.id DESC
|
|
|
|
LIMIT :limit
|
|
|
|
", array("limit"=>$count));
|
|
|
|
}
|
|
|
|
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
|
|
|
* @param int $user_id
|
|
|
|
* @param int $count
|
|
|
|
* @param int $offset
|
2015-09-27 02:17:44 +01:00
|
|
|
* @return Comment[]
|
2014-04-28 17:36:52 -04:00
|
|
|
*/
|
2012-10-15 21:48:55 +01:00
|
|
|
private function get_user_comments(/*int*/ $user_id, /*int*/ $count, /*int*/ $offset=0) {
|
2015-09-26 19:14:11 +01:00
|
|
|
return $this->get_generic_comments("
|
|
|
|
SELECT
|
2013-09-09 13:41:08 +01:00
|
|
|
users.id as user_id, users.name as user_name, users.email as user_email, users.class as user_class,
|
2011-12-31 13:54:32 +00:00
|
|
|
comments.comment as comment, comments.id as comment_id,
|
|
|
|
comments.image_id as image_id, comments.owner_ip as poster_ip,
|
|
|
|
comments.posted as posted
|
2015-09-26 19:14:11 +01:00
|
|
|
FROM comments
|
|
|
|
LEFT JOIN users ON comments.owner_id=users.id
|
|
|
|
WHERE users.id = :user_id
|
|
|
|
ORDER BY comments.id DESC
|
|
|
|
LIMIT :limit OFFSET :offset
|
|
|
|
", array("user_id"=>$user_id, "offset"=>$offset, "limit"=>$count));
|
2011-12-31 13:54:32 +00:00
|
|
|
}
|
|
|
|
|
2014-04-28 17:36:52 -04:00
|
|
|
/**
|
|
|
|
* @param int $image_id
|
2015-09-27 02:17:44 +01:00
|
|
|
* @return Comment[]
|
2014-04-28 17:36:52 -04:00
|
|
|
*/
|
2012-02-02 14:14:33 +00:00
|
|
|
private function get_comments(/*int*/ $image_id) {
|
2015-09-26 19:14:11 +01:00
|
|
|
return $this->get_generic_comments("
|
|
|
|
SELECT
|
2013-09-09 13:41:08 +01:00
|
|
|
users.id as user_id, users.name as user_name, users.email as user_email, users.class as user_class,
|
2007-04-29 02:43:41 +00:00
|
|
|
comments.comment as comment, comments.id as comment_id,
|
2007-07-21 12:11:41 +00:00
|
|
|
comments.image_id as image_id, comments.owner_ip as poster_ip,
|
|
|
|
comments.posted as posted
|
2015-09-26 19:14:11 +01:00
|
|
|
FROM comments
|
|
|
|
LEFT JOIN users ON comments.owner_id=users.id
|
|
|
|
WHERE comments.image_id=:image_id
|
|
|
|
ORDER BY comments.id ASC
|
|
|
|
", array("image_id"=>$image_id));
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
|
|
|
// }}}
|
2013-12-03 14:39:12 -05:00
|
|
|
|
2007-04-16 11:58:25 +00:00
|
|
|
// add / remove / edit comments {{{
|
2015-09-27 02:17:44 +01:00
|
|
|
/**
|
|
|
|
* @return bool
|
|
|
|
*/
|
2007-04-16 11:58:25 +00:00
|
|
|
private function is_comment_limit_hit() {
|
2015-09-12 11:43:28 +01:00
|
|
|
global $config, $database;
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2009-07-17 00:28:07 +01:00
|
|
|
// sqlite fails at intervals
|
2012-06-24 00:57:55 +01:00
|
|
|
if($database->get_driver_name() === "sqlite") return false;
|
2009-07-17 00:28:07 +01:00
|
|
|
|
2007-04-16 11:58:25 +00:00
|
|
|
$window = int_escape($config->get_int('comment_window'));
|
|
|
|
$max = int_escape($config->get_int('comment_limit'));
|
|
|
|
|
2012-06-24 00:57:55 +01:00
|
|
|
if($database->get_driver_name() == "mysql") $window_sql = "interval $window minute";
|
2012-01-31 12:15:25 +00:00
|
|
|
else $window_sql = "interval '$window minute'";
|
|
|
|
|
2012-01-22 14:54:03 +00:00
|
|
|
// window doesn't work as an SQL param because it's inside quotes >_<
|
2015-09-26 19:14:11 +01:00
|
|
|
$result = $database->get_all("
|
|
|
|
SELECT *
|
|
|
|
FROM comments
|
|
|
|
WHERE owner_ip = :remote_ip AND posted > now() - $window_sql
|
|
|
|
", array("remote_ip"=>$_SERVER['REMOTE_ADDR']));
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2011-02-13 13:16:49 +00:00
|
|
|
return (count($result) >= $max);
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
|
|
|
|
2014-04-27 15:33:57 -04:00
|
|
|
/**
|
|
|
|
* @return bool
|
|
|
|
*/
|
2008-12-30 14:20:42 -08:00
|
|
|
private function hash_match() {
|
|
|
|
return ($_POST['hash'] == $this->get_hash());
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* get a hash which semi-uniquely identifies a submission form,
|
|
|
|
* to stop spam bots which download the form once then submit
|
|
|
|
* many times.
|
|
|
|
*
|
|
|
|
* FIXME: assumes comments are posted via HTTP...
|
2015-09-27 02:17:44 +01:00
|
|
|
*
|
|
|
|
* @return string
|
2008-12-30 14:20:42 -08:00
|
|
|
*/
|
2011-03-06 12:44:38 +00:00
|
|
|
public static function get_hash() {
|
2008-12-30 14:20:42 -08:00
|
|
|
return md5($_SERVER['REMOTE_ADDR'] . date("%Y%m%d"));
|
|
|
|
}
|
|
|
|
|
2014-04-27 15:33:57 -04:00
|
|
|
/**
|
|
|
|
* @param string $text
|
|
|
|
* @return bool
|
|
|
|
*/
|
2012-02-02 14:14:33 +00:00
|
|
|
private function is_spam_akismet(/*string*/ $text) {
|
2009-11-10 03:01:20 +00:00
|
|
|
global $config, $user;
|
2009-11-10 03:55:17 +00:00
|
|
|
if(strlen($config->get_string('comment_wordpress_key')) > 0) {
|
2007-04-16 11:58:25 +00:00
|
|
|
$comment = array(
|
|
|
|
'author' => $user->name,
|
|
|
|
'email' => $user->email,
|
|
|
|
'website' => '',
|
|
|
|
'body' => $text,
|
|
|
|
'permalink' => '',
|
|
|
|
);
|
|
|
|
|
2012-01-19 15:20:32 +00:00
|
|
|
# akismet breaks if there's no referrer in the environment; so if there
|
|
|
|
# isn't, supply one manually
|
|
|
|
if(!isset($_SERVER['HTTP_REFERER'])) {
|
2012-01-19 15:28:55 +00:00
|
|
|
$comment['referrer'] = 'none';
|
2012-01-19 15:20:32 +00:00
|
|
|
log_warning("comment", "User '{$user->name}' commented with no referrer: $text");
|
|
|
|
}
|
2012-01-19 15:28:55 +00:00
|
|
|
if(!isset($_SERVER['HTTP_USER_AGENT'])) {
|
|
|
|
$comment['user_agent'] = 'none';
|
|
|
|
log_warning("comment", "User '{$user->name}' commented with no user-agent: $text");
|
|
|
|
}
|
2012-01-19 15:20:32 +00:00
|
|
|
|
2007-04-16 11:58:25 +00:00
|
|
|
$akismet = new Akismet(
|
2007-08-24 17:02:45 +00:00
|
|
|
$_SERVER['SERVER_NAME'],
|
2007-04-16 11:58:25 +00:00
|
|
|
$config->get_string('comment_wordpress_key'),
|
|
|
|
$comment);
|
|
|
|
|
|
|
|
if($akismet->errorsExist()) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
else {
|
|
|
|
return $akismet->isSpam();
|
|
|
|
}
|
|
|
|
}
|
2009-11-10 03:55:17 +00:00
|
|
|
|
|
|
|
return false;
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
|
|
|
|
2014-04-27 15:33:57 -04:00
|
|
|
/**
|
|
|
|
* @param int $image_id
|
|
|
|
* @param int $comment
|
|
|
|
* @return null
|
|
|
|
*/
|
2012-02-02 14:14:33 +00:00
|
|
|
private function is_dupe(/*int*/ $image_id, /*string*/ $comment) {
|
2007-11-03 05:23:01 +00:00
|
|
|
global $database;
|
2015-09-26 19:14:11 +01:00
|
|
|
return $database->get_row("
|
|
|
|
SELECT *
|
|
|
|
FROM comments
|
|
|
|
WHERE image_id=:image_id AND comment=:comment
|
|
|
|
", array("image_id"=>$image_id, "comment"=>$comment));
|
2007-11-03 05:23:01 +00:00
|
|
|
}
|
2012-11-24 20:28:49 +02:00
|
|
|
// do some checks
|
2014-04-27 15:33:57 -04:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @param int $image_id
|
|
|
|
* @param User $user
|
|
|
|
* @param string $comment
|
|
|
|
* @throws CommentPostingException
|
|
|
|
*/
|
2012-02-02 14:14:33 +00:00
|
|
|
private function add_comment_wrapper(/*int*/ $image_id, User $user, /*string*/ $comment) {
|
2015-09-12 11:43:28 +01:00
|
|
|
global $database, $page;
|
2007-04-16 11:58:25 +00:00
|
|
|
|
2014-11-30 13:07:42 +00:00
|
|
|
if(!$user->can("bypass_comment_checks")) {
|
|
|
|
// will raise an exception if anything is wrong
|
|
|
|
$this->comment_checks($image_id, $user, $comment);
|
|
|
|
}
|
|
|
|
|
|
|
|
// all checks passed
|
|
|
|
if($user->is_anonymous()) {
|
2015-08-03 14:32:46 +01:00
|
|
|
$page->add_cookie("nocache", "Anonymous Commenter", time()+60*60*24, "/");
|
2014-11-30 13:07:42 +00:00
|
|
|
}
|
|
|
|
$database->Execute(
|
|
|
|
"INSERT INTO comments(image_id, owner_id, owner_ip, posted, comment) ".
|
|
|
|
"VALUES(:image_id, :user_id, :remote_addr, now(), :comment)",
|
|
|
|
array("image_id"=>$image_id, "user_id"=>$user->id, "remote_addr"=>$_SERVER['REMOTE_ADDR'], "comment"=>$comment));
|
|
|
|
$cid = $database->get_last_insert_id('comments_id_seq');
|
|
|
|
$snippet = substr($comment, 0, 100);
|
|
|
|
$snippet = str_replace("\n", " ", $snippet);
|
|
|
|
$snippet = str_replace("\r", " ", $snippet);
|
|
|
|
log_info("comment", "Comment #$cid added to Image #$image_id: $snippet", false, array("image_id"=>$image_id, "comment_id"=>$cid));
|
|
|
|
}
|
|
|
|
|
2015-09-27 02:17:44 +01:00
|
|
|
/**
|
|
|
|
* @param int $image_id
|
|
|
|
* @param User $user
|
|
|
|
* @param string $comment
|
|
|
|
* @throws CommentPostingException
|
|
|
|
*/
|
2014-11-30 13:07:42 +00:00
|
|
|
private function comment_checks(/*int*/ $image_id, User $user, /*string*/ $comment) {
|
2015-08-03 14:32:46 +01:00
|
|
|
global $config, $page;
|
2014-11-30 13:07:42 +00:00
|
|
|
|
2008-12-30 14:20:42 -08:00
|
|
|
// basic sanity checks
|
2012-03-19 13:17:47 +00:00
|
|
|
if(!$user->can("create_comment")) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("Anonymous posting has been disabled");
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2009-05-11 07:04:33 -07:00
|
|
|
else if(is_null(Image::by_id($image_id))) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("The image does not exist");
|
2007-12-18 14:04:56 +00:00
|
|
|
}
|
2007-04-16 11:58:25 +00:00
|
|
|
else if(trim($comment) == "") {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("Comments need text...");
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
2008-07-29 19:43:34 +00:00
|
|
|
else if(strlen($comment) > 9000) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("Comment too long~");
|
2008-07-29 19:43:34 +00:00
|
|
|
}
|
2008-12-30 14:20:42 -08:00
|
|
|
|
|
|
|
// advanced sanity checks
|
2008-07-29 19:43:34 +00:00
|
|
|
else if(strlen($comment)/strlen(gzcompress($comment)) > 10) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("Comment too repetitive~");
|
2008-07-29 19:43:34 +00:00
|
|
|
}
|
2008-12-30 14:20:42 -08:00
|
|
|
else if($user->is_anonymous() && !$this->hash_match()) {
|
2015-08-03 14:32:46 +01:00
|
|
|
$page->add_cookie("nocache", "Anonymous Commenter", time()+60*60*24, "/");
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException(
|
|
|
|
"Comment submission form is out of date; refresh the ".
|
|
|
|
"comment form to show you aren't a spammer~");
|
2008-12-30 14:20:42 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
// database-querying checks
|
|
|
|
else if($this->is_comment_limit_hit()) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("You've posted several comments recently; wait a minute and try again...");
|
2008-12-30 14:20:42 -08:00
|
|
|
}
|
|
|
|
else if($this->is_dupe($image_id, $comment)) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("Someone already made that comment on that image -- try and be more original?");
|
2008-12-30 14:20:42 -08:00
|
|
|
}
|
|
|
|
|
|
|
|
// rate-limited external service checks last
|
2010-01-03 08:15:52 +00:00
|
|
|
else if($config->get_bool('comment_captcha') && !captcha_check()) {
|
2009-11-10 03:55:17 +00:00
|
|
|
throw new CommentPostingException("Error in captcha");
|
|
|
|
}
|
|
|
|
else if($user->is_anonymous() && $this->is_spam_akismet($comment)) {
|
2009-01-04 06:01:59 -08:00
|
|
|
throw new CommentPostingException("Akismet thinks that your comment is spam. Try rewriting the comment, or logging in.");
|
2007-04-16 11:58:25 +00:00
|
|
|
}
|
|
|
|
}
|
|
|
|
// }}}
|
|
|
|
}
|
2014-04-24 22:22:16 -04:00
|
|
|
|