0) {
$error_message.=$COM_LANG['not_allowed'] . "
";
}
if ($_REQUEST['disc_name'] == '') {
$error_message.=$_REQUEST['r_disc_name'] . "
";
}
if ($_REQUEST['disc_body'] == '') {
$error_message.=$_REQUEST['r_disc_body'] . "
";
}
if ($_REQUEST['disc_email'] != '') {
if (!smcom_is_email($_REQUEST['disc_email'])) {
$error_message.="Invalid email address" . "
";
}
}
return $error_message;
}
function smcom_flood_protection($INPUT) {
global $comments_db_link, $COM_CONF, $COM_LANG;
$result = mysql_query("select time from {$COM_CONF['dbmaintable']} where ip='{$_SERVER['REMOTE_ADDR']}' AND (UNIX_TIMESTAMP( NOW( ) ) - UNIX_TIMESTAMP( time )) < {$COM_CONF['anti_flood_pause']}", $comments_db_link);
if (mysql_num_rows($result)>0) {
$error_message="Flood detected";
return $error_message;
}
$result = mysql_query("select ID from {$COM_CONF['dbmaintable']} where text='{$INPUT['disc_body']}' AND author='{$INPUT['disc_name']}' AND href='{$INPUT['href']}'", $comments_db_link);
if (mysql_num_rows($result)>0) {
$error_message="Flood detected";
return $error_message;
}
return "";
}
function smcom_spam_check($email, $name, $url, $text, $path_to_page, $ip) {
global $COM_CONF, $comments_db_link;
$try = 0;
while (!$valid && $try <= 3) {
// Initialize and verify API key
$akismet = new Akismet($COM_CONF['site_url'], $COM_CONF['akismet_apikey']);
$result = $akismet->isKeyValid();
// Possible values: 'valid', 'invalid', 'no connect'
if ($result != 'valid') {
if (($result == 'invalid')) {
// Invalid key
return 2;
} else {
// Could not connect to the Akismet server
$try++;
}
}
else {
$valid = 1;
}
}
if (!$valid) {
return 3; // Could not connect to the Akismet server
}
// Pass comment info to the class
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($text);
$akismet->setUserIP($ip);
$akismet->setPermalink($COM_CONF['site_url'] . $path_to_page);
$akismet->setCommentType('Comment');
$try = 0;
while ($try <= 3) {
// Check the comment for spam
$result = $akismet->isCommentSpam();
// Possible values: 'false' (not spam), 'true' (spam), 'no connect'
if ($result != 'false') {
if ($result == 'true') {
// The comment is spam
return 1;
} else {
// Could not connect to the Akismet server
$try++;
}
} else {
return 0;
}
}
return 3; // Could not connect to the Akismet server
}
function smcom_add()
{
global $comments_db_link, $COM_CONF, $COM_LANG;
foreach ($_REQUEST as $key => $value) {
if ($key == 'disc_body') {
$comment_text=stripslashes($value);
}
$_REQUEST[$key] = str_replace('<', '<', $_REQUEST[$key]);
$_REQUEST[$key] = str_replace('>', '>', $_REQUEST[$key]);
if (get_magic_quotes_gpc()) {
$_REQUEST[$key] = stripslashes($_REQUEST[$key]);
}
$_REQUEST[$key] = mysql_escape_string($_REQUEST[$key]);
}
$_REQUEST['href'] = str_replace('%2F', '/', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%3F', '?', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%26', '&', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%3D', '=', $_REQUEST['href']);
if ($_REQUEST['dont_show_email'] != '') { $dont_show="1"; }
else { $dont_show="0"; }
$error_message = smcom_check_for_errors();
$error_message .= smcom_flood_protection($_REQUEST);
if ($COM_CONF['ckeck_for_spam']) {
if (!$error_message) {
$spam_check_result = smcom_spam_check($_REQUEST['disc_email'], $_REQUEST['disc_name'], "", $comment_text, $_REQUEST['href'], "");
if ($spam_check_result == 1) {
$error_message .= "
Your comment suspected as spam.";
mysql_query("INSERT INTO {$COM_CONF['dbjunktable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link);
}
if ($spam_check_result == 2) {
$error_message .= "
Invalid WordPress API key";
}
if ($spam_check_result == 3) {
$error_message .= "
Could not connect to the Akismet server";
}
}
}
if ($error_message) {
print "The following errors occured:
$error_message
Please get back and try again.";
return 0;
}
mysql_query("INSERT INTO {$COM_CONF['dbmaintable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link);
if ($_REQUEST['email_me'] != '' && $_REQUEST['disc_email'] != '') {
$result = mysql_query("select COUNT(*) from {$COM_CONF['dbemailstable']} where href='{$_REQUEST['href']}' AND email='{$_REQUEST['disc_email']}'", $comments_db_link);
list ($count) = mysql_fetch_row($result);
if ($count == 0) {
$hash=md5($email . $COM_CONF['copy_random_seed']);
mysql_query("INSERT INTO {$COM_CONF['dbemailstable']} VALUES (NULL, '{$_REQUEST['disc_email']}', '{$_REQUEST['href']}', '$hash')", $comments_db_link);
}
}
if ($COM_CONF['email_admin']) {
smcom_notify_admin($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email'], $comment_text, "{$_SERVER['REMOTE_ADDR']}, {$_SERVER['HTTP_USER_AGENT']}");
}
smcom_notify_users($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email']);
header("HTTP/1.1 302");
header("Location: {$COM_CONF['site_url']}{$_REQUEST['href']}");
print "Click here to get back.";
}
function smcom_notify_admin($href, $name, $email, $text, $ip)
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$headers = "From: Comments <{$COM_CONF['email_from']}>\r\n";
$text_of_message="
{$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href
{$COM_LANG['email_from']}: $name <$email>
$text
$ip
";
mail($COM_CONF['email_admin'], "{$COM_LANG['email_new_comment']} $href", $text_of_message, $headers);
}
function smcom_notify_users($href, $name, $email_from)
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$headers = "From: Comments <{$COM_CONF['email_from']}>\n";
$result=mysql_query("select email, hash from {$COM_CONF['dbemailstable']} where href='$href'", $comments_db_link);
while (list($email, $hash) = mysql_fetch_row($result)) {
if ($email != $email_from) {
$text_of_message="
{$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href
{$COM_LANG['email_from']}: $name
{$COM_LANG['email_to_unsubscribe']}
{$COM_CONF['site_url']}{$COM_CONF['script_url']}?action=unsub&page=$href&id=$hash
";
mail($email, "{$COM_LANG['email_new_comment']} $href",$text_of_message, $headers);
}
}
}
function smcom_unsub()
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$id=mysql_escape_string($_REQUEST['id']);
$href=mysql_escape_string($_REQUEST['page']);
mysql_query("delete from {$COM_CONF['dbemailstable']} where href='$href' AND hash='$id'", $comments_db_link);
if (mysql_affected_rows() > 0) {
print "{$COM_LANG['unsubscribed']}";
}
else {
print "{$COM_LANG['not_unsubscribed']}";
}
}
function smcom_view()
{
global $comments_db_link, $COM_CONF, $COM_LANG;
$request_uri = mysql_escape_string($_SERVER['REQUEST_URI']);
$result = mysql_query("select time, text, author, email, dont_show_email from {$COM_CONF['dbmaintable']} where href='$request_uri' order by time {$COM_CONF['sort_order']}", $comments_db_link);
$comments_count=0;
$time=$text=$author=$email=$dont_show_email=array();
while (list($time[$comments_count], $text[$comments_count], $author[$comments_count], $email[$comments_count], $dont_show_email[$comments_count])=mysql_fetch_array($result)) {
$text[$comments_count] = wordwrap($text[$comments_count], 75, "\n", 1);
$time[$comments_count] = smcom_format_date($time[$comments_count]);
$comments_count++;
}
require("{$COM_CONF['full_path']}/templates/{$COM_CONF['template']}.php");
}
function smcom_format_date($date)
{
global $COM_LANG;
$year = substr($date, 0, 4);
$month = intval(substr($date, 5, 2)) - 1;
$day = substr($date, 8, 2);
$hour = substr($date, 11, 2);
$min = substr($date, 14, 2);
return "$day {$COM_LANG['months'][$month]} $year, $hour:$min";
}
function smcom_is_email($Addr)
{
$p = '/^[a-z0-9!#$%&*+-=?^_`{|}~]+(\.[a-z0-9!#$%&*+-=?^_`{|}~]+)*';
$p.= '@([-a-z0-9]+\.)+([a-z]{2,3}';
$p.= '|info|arpa|aero|coop|name|museum)$/ix';
return preg_match($p, $Addr);
}
?>
|
|
For an
idea of the scale, find the two men in this image. Now, try to find them again in the full size image
above. They are visible in the print, though you'll have to look closely.