4 * Nucleus: PHP/MySQL Weblog CMS (http://nucleuscms.org/)
\r
5 * Copyright (C) 2002-2004 The Nucleus Group
\r
7 * This program is free software; you can redistribute it and/or
\r
8 * modify it under the terms of the GNU General Public License
\r
9 * as published by the Free Software Foundation; either version 2
\r
10 * of the License, or (at your option) any later version.
\r
11 * (see nucleus/documentation/index.html#license for more info)
\r
13 * A class representing a single comment
\r
18 * Returns the requested comment (static)
\r
20 function getComment($commentid) {
\r
21 $query = 'SELECT cnumber as commentid, cbody as body, cuser as user, cmail as userid, cmember as memberid, ctime, chost as host, mname as member, cip as ip, cblog as blogid'
\r
22 . ' FROM '.sql_table('comment').' left outer join '.sql_table('member').' on cmember=mnumber'
\r
23 . ' WHERE cnumber=' . intval($commentid);
\r
24 $comments = sql_query($query);
\r
26 $aCommentInfo = mysql_fetch_assoc($comments);
\r
29 $aCommentInfo['timestamp'] = strtotime($aCommentInfo['ctime']);
\r
31 return $aCommentInfo;
\r
35 * prepares a comment to be saved
\r
38 function prepare($comment) {
\r
39 $comment['user'] = strip_tags($comment['user']);
\r
40 $comment['userid'] = strip_tags($comment['userid']);
\r
42 // remove quotes and newlines from user and userid
\r
43 $comment['user'] = strtr($comment['user'], "\'\"\n",'-- ');
\r
44 $comment['userid'] = strtr($comment['userid'], "\'\"\n",'-- ');
\r
46 $comment['body'] = COMMENT::prepareBody($comment['body']);
\r
51 // prepares the body of a comment (static)
\r
52 function prepareBody($body) {
\r
54 // remove newlines when too many in a row
\r
55 $body = ereg_replace("\n.\n.\n","\n",$body);
\r
57 // encode special characters as entities
\r
58 $body = htmlspecialchars($body);
\r
60 // trim away whitespace and newlines at beginning and end
\r
61 $body = trim($body);
\r
64 $body = addBreaks($body);
\r
66 // create hyperlinks for http:// addresses
\r
67 // there's a testcase for this in /build/testcases/urllinking.txt
\r
68 $replaceFrom = array(
\r
69 '/([^:\/\/\w]|^)((https:\/\/)([a-z0-9_\.-]+)([\/a-z0-9_+\.~%&?@=_:;#,-]+))/ie',
\r
70 '/([^:\/\/\w]|^)((http:\/\/|www\.)([a-z0-9_\.-]+)([\/a-z0-9_+\.~%&?@=_:;#,-]+))/ie',
\r
71 '/([^:\/\/\w]|^)((ftp:\/\/|ftp\.)([a-z0-9_\.-]+)([\/a-z0-9_+\.~%&?@=_:;#,-]+))/ie',
\r
72 '/([^:\/\/\w]|^)(mailto:(([a-zA-Z\@\%\.\-\+_])+))/ie'
\r
75 'COMMENT::createLinkCode("\\1", "\\2","https")',
\r
76 'COMMENT::createLinkCode("\\1", "\\2","http")',
\r
77 'COMMENT::createLinkCode("\\1", "\\2","ftp")',
\r
78 'COMMENT::createLinkCode("\\1", "\\3","mailto")'
\r
80 $body = preg_replace($replaceFrom, $replaceTo, $body);
\r
85 function createLinkCode($pre, $url, $protocol = 'http') {
\r
88 // it's possible that $url ends contains entities we don't want,
\r
89 // since htmlspecialchars is applied _before_ URL linking
\r
90 // move the part of URL, starting from the disallowed entity to the 'post' link part
\r
91 $aBadEntities = array('"', '>', '<');
\r
92 foreach ($aBadEntities as $entity)
\r
94 $pos = strpos($url, $entity);
\r
97 $post = substr($url, $pos) . $post;
\r
98 $url = substr($url, 0, $pos);
\r
103 // remove entities at end (&&&&)
\r
104 if (preg_match('/(&\w+;)+$/i', $url, $matches)) {
\r
105 $post = $matches[0] . $post; // found entities (1 or more)
\r
106 $url = substr($url, 0, strlen($url) - strlen($post));
\r
109 // move ending comma from url to 'post' part
\r
110 if (substr($url, strlen($url) - 1) == ',')
\r
112 $url = substr($url, 0, strlen($url) - 1);
\r
113 $post = ',' . $post;
\r
116 if (!ereg('^'.$protocol.'://',$url))
\r
117 $linkedUrl = $protocol . (($protocol == 'mailto') ? ':' : '://') . $url;
\r
122 if ($protocol != 'mailto')
\r
123 $displayedUrl = $linkedUrl;
\r
125 $displayedUrl = $url;
\r
126 return $pre . '<a href="'.$linkedUrl.'">'.shorten($displayedUrl,30,'...').'</a>' . $post;
\r