4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
5 * Copyright (C) 2002-2007 The Nucleus Group
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License
9 * as published by the Free Software Foundation; either version 2
10 * of the License, or (at your option) any later version.
11 * (see nucleus/documentation/index.html#license for more info)
14 * A class representing a single comment
16 * @license http://nucleuscms.org/license.txt GNU General Public License
17 * @copyright Copyright (C) 2002-2007 The Nucleus Group
19 * $NucleusJP: COMMENT.php,v 1.4 2006/07/17 20:03:44 kimitake Exp $
24 * Returns the requested comment
\r
28 function getComment($commentid) {
\r
29 $query = 'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cemail as email, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'
\r
30 . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'
\r
31 . ' WHERE cnumber=' . intval($commentid);
\r
32 $comments = sql_query($query);
\r
34 $aCommentInfo = mysql_fetch_assoc($comments);
\r
37 $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);
\r
39 return $aCommentInfo;
\r
43 * Prepares a comment to be saved
\r
47 function prepare($comment) {
\r
48 $comment['user'] = strip_tags($comment['user']);
\r
49 $comment['userid'] = strip_tags($comment['userid']);
\r
50 $comment['email'] = strip_tags($comment['email']);
\r
52 // remove quotes and newlines from user and userid
\r
53 $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');
\r
54 $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');
\r
55 $comment['email'] = strtr($comment['email'], "\'\"\n",'-- ');
\r
57 $comment['body'] = COMMENT::prepareBody($comment['body']);
\r
63 * Prepares the body of a comment
\r
67 function prepareBody($body) {
\r
69 // remove newlines when too many in a row
\r
70 $body = ereg_replace("\n.\n.\n","\n",$body);
\r
72 // encode special characters as entities
\r
73 $body = htmlspecialchars($body);
\r
75 // trim away whitespace and newlines at beginning and end
\r
76 $body = trim($body);
\r
79 $body = addBreaks($body);
\r
81 // create hyperlinks for http:// addresses
\r
82 // there's a testcase for this in /build/testcases/urllinking.txt
\r
83 $replaceFrom = array(
\r
84 '/([^:\/\/\w]|^)((https:\/\/)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
\r
85 '/([^:\/\/\w]|^)((http:\/\/|www\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
\r
86 '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([\w\.-]+)([\/\w+\.~%&?@=_:;#,-]+))/ie',
\r
87 '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'
\r
90 'COMMENT::createLinkCode("\\1", "\\2","https")',
\r
91 'COMMENT::createLinkCode("\\1", "\\2","http")',
\r
92 'COMMENT::createLinkCode("\\1", "\\2","ftp")',
\r
93 'COMMENT::createLinkCode("\\1", "\\3","mailto")'
\r
95 $body = preg_replace($replaceFrom, $replaceTo, $body);
\r
101 * Creates a link code for unlinked URLs with different protocols
\r
105 function createLinkCode($pre, $url, $protocol = 'http') {
\r
108 // it's possible that $url ends contains entities we don't want,
\r
109 // since htmlspecialchars is applied _before_ URL linking
\r
110 // move the part of URL, starting from the disallowed entity to the 'post' link part
\r
111 $aBadEntities = array('"', '>', '<');
\r
112 foreach ($aBadEntities as $entity)
\r
114 $pos = strpos($url, $entity);
\r
117 $post = substr($url, $pos) . $post;
\r
118 $url = substr($url, 0, $pos);
\r
123 // remove entities at end (&&&&)
\r
124 if (preg_match('/(&\w+;)+$/i', $url, $matches)) {
\r
125 $post = $matches[0] . $post; // found entities (1 or more)
\r
126 $url = substr($url, 0, strlen($url) - strlen($post));
\r
129 // move ending comma from url to 'post' part
\r
130 if (substr($url, strlen($url) - 1) == ',')
\r
132 $url = substr($url, 0, strlen($url) - 1);
\r
133 $post = ',' . $post;
\r
136 if (!ereg('^'.$protocol.'://',$url))
\r
137 $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;
\r
142 if ($protocol != 'mailto')
\r
143 $displayedUrl = $linkedUrl;
\r
145 $displayedUrl = $url;
\r
146 return $pre . '<a href="'.$linkedUrl.'" rel="nofollow">'.shorten($displayedUrl,30,'...').'</a>' . $post;
\r