Файл: adultscript-2.0.3-pro/files/templates/defboot/extend/ajax/photo_comment.plugin.php
Строк: 174
<?php
defined('_VALID') or die('Restricted Access!');
function ajax_plugin_photo_comment()
{
$data = array('status' => 0, 'code' => '', 'msg' => '', 'debug' => '', 'total' => 1);
if (isset($_POST['photo_id']) && isset($_POST['comment'])) {
VLanguage::load('frontend.photo');
$spam = false;
$time = time();
if (isset($_SESSION['comment_added'])) {
$expire = (int) ($_SESSION['comment_added']+VF::cfg_item('comment_delay'));
if ($time < $expire) {
$data['msg'] = __('dont-spam');
return json_encode($data);
}
}
$allow_comment = VCfg::get('photo.allow_comment');
if (!$allow_comment) {
$data['msg'] = __('comments-disabled');
return json_encode($data);
}
if ($allow_comment == '1' && !VAuth::loggedin()) {
$data['msg'] = __('comments-login', array('<a href="'.BASE_URL.'/user/login/">', '</a>'));
return json_encode($data);
}
$filter = VF::factory('filter');
$photo_id = (int) trim($_POST['photo_id']);
$user_id = (VAuth::loggedin()) ? (int) $_SESSION['user_id'] : 0;
$nickname = (isset($_POST['nickname']) && $_POST['nickname'] != '')
? $filter->get('nickname') : 'Anonymous';
$comment = $filter->get('comment');
$comment = str_replace(array("rn", "r"), "n", $comment);
if ($comment == '') {
$data['msg'] = __('comment-empty');
} elseif (strlen($comment) > 500) {
$data['msg'] = __('comment-length');
}
if ($data['msg'] != '') {
return json_encode($data);
}
$db = VF::factory('database');
$db->query("SELECT p.album_id, p.allow_comment, a.user_id, a.title, a.slug,
p.total_comments, u.username, u.email
FROM #__photo AS p
LEFT JOIN #__photo_albums AS a ON (a.album_id = p.photo_id)
LEFT JOIN #__user AS u ON (u.user_id = a.user_id)
WHERE p.photo_id = ".$photo_id."
AND p.status = '1'
LIMIT 1");
if ($db->affected_rows()) {
$photo = $db->fetch_assoc();
if ($photo['allow_comment'] == '0') {
$data['msg'] = __('comment-allow-no');
return json_encode($data);
}
$add_time = time();
$status = (VCfg::get('photo.approve_comments')) ? 0 : 1;
$spam = 0;
if (VF::cfg_item('akismet_enabled')) {
VF::load('akismet.akismet');
$akismet = new Akismet(BASE_URL, VF::cfg_item('akismet_key'));
if ($user_id) {
$akismet->setCommentAuthor($_SESSION['username']);
$akismet->setCommentAuthorEmail($_SESSION['email']);
} else {
$akismet->setCommentAuthor($nickname);
}
$akismet->setCommentContent($comment);
$akismet->setPermalink(BASE_URL.'/'.$photo_id.'/'.$photo['slug'].'/');
if($akismet->isCommentSpam()) {
$spam = 1;
$status = 0;
}
}
$db->query("INSERT INTO #__photo_comments
SET photo_id = ".$photo_id.",
user_id = ".$user_id.",
ip = ".VServer::ip(true).",
comment = '".$db->escape($comment)."',
nickname = '".$db->escape($nickname)."',
add_time = '".$add_time."',
spam = ".$spam.",
status = '".$status."'");
$comment_id = $db->get_last_insert_id('#__photo_comments');
$db->query("UPDATE #__photo
SET total_comments = total_comments+1
WHERE photo_id = ".$photo_id."
LIMIT 1");
if ($user_id !== 0) {
$db->query("UPDATE #__user_activity
SET total_photo_comments = total_photo_comments+1
WHERE user_id = ".$user_id."
LIMIT 1");
}
$username = ($user_id !== 0) ? htmlspecialchars($_SESSION['username'], ENT_QUOTES, 'UTF-8') : $nickname;
if ($status === 0) {
$data['msg'] = __('comment-approve');
} else {
$data['msg'] = __('comment-success');
$output = array();
$output[] = '<div id="comment-'.$comment_id.'" class="media">';
$gender = (isset($_SESSION['gender'])) ? 'nopic-'.$_SESSION['gender'].'.gif' : 'nopic-hidden.gif';
$avatar = 'nopic-'.$_SESSION['gender'].'.gif';
if ($_SESSION['avatar'] != '') {
$avatar = $user_id.'.'.$_SESSION['avatar'];
}
$output[] = '<div class="media-left">';
$output[] = '<a href="'.REL_URL.'/users/'.$username.'/">';
$output[] = '<img src="'.USER_URL.'/'.$avatar.'" width="70" alt="'.__('alt-avatar', array(e($username))).'" class="img-rounded" />';
$output[] = '</a>';
$output[] = '</div>';
$output[] = '<div class="media-body">';
$output[] = '<div class="media-heading">';
$output[] = __('by').' <span>';
if ($user_id) {
$output[] = '<a href="'.REL_URL.'/users/'.e($username).'/">'.e($username).'</a>';
} else {
$output[] = $nickname;
}
$output[] = '</span> '.__('now');
$output[] = '<div class="buttons pull-right">';
$output[] = '<button id="comment-delete-'.$comment_id.'" type="button" class="btn btn-default btn-xs">'.__('delete').'</button>';
$output[] = '</div>';
$output[] = '<p>'.nl2br(e($comment)).'</p>';
$output[] = '<div class="media-footer-'.$comment_id.'">';
$output[] = '<small class="text-success">0</small>';
$output[] = '<button id="vote-up-'.$comment_id.'" class="btn btn-link btn-xs btn-thumb" data-toggle="tooltip" data-placement="top" title="'.__('vote-up').'"><iclass="fa fa-thumbs-up"></i></button>';
$output[] = '<button id="vote-down-'.$comment_id.'" class="btn btn-link btn-xs btn-thumb" data-toggle="tooltip" data-placement="top" title="'.__('vote-down').'"><i class="fa fa-thumbs-down"></i></button>';
$output[] = '</div></div></div>';
$data['code'] = implode("n", $output);
}
$search = array(
'[#USERNAME#]', '[#OWNER#]', '[#photo_URL#]', '[#DASHBOARD_URL#]',
'[#BASE_URL#]', '[#SITE_NAME#]', '[#NOTIFS_URL#]');
$replace = array(
$username, $photo['username'], BASE_URL.'/'.$photo_id.'/'.$photo['slug'].'/',
BASE_URL.'/user/dashboard/', BASE_URL, VF::cfg_item('site_name'), BASE_URL.'/user/notifications/');
$mail = VF::factory('email');
$mail->predefined('photo-comment', $photo['email'], $search, $replace, 'noreply');
$data['status'] = 1;
$data['total'] = $photo['total_comments']+1;
$_SESSION['comment_added'] = $time;
} else {
$data['msg'] = 'Failed to fetch photo data!';
}
} else {
$data['msg'] = 'Invalid ajax request!';
}
return json_encode($data);
}
?>