Mercurial Mercurial > repos > enano-1.1 / comparison
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
includes/comment.php
changeset 1085 3343a05e7e5b
parent 1081 745200a9cc2a
child 1163 1b90f6c41d9c
equal deleted inserted replaced
1084:742cb0f10766 1085:3343a05e7e5b 
   310           // Preprocess
 
   310           // Preprocess
 
   311           $name = ( $session->user_logged_in ) ? htmlspecialchars($session->username) : htmlspecialchars($data['name']);
 
   311           $name = ( $session->user_logged_in ) ? htmlspecialchars($session->username) : htmlspecialchars($data['name']);
 
   312           $subj = htmlspecialchars($data['subj']);
 
   312           $subj = htmlspecialchars($data['subj']);
 
   313           $text = RenderMan::preprocess_text($data['text'], true, false);
 
   313           $text = RenderMan::preprocess_text($data['text'], true, false);
 
   314           $src = $text;
 
   314           $src = $text;
 
       
   315           $sql_subj = $db->escape($subj);
 
   315           $sql_text = $db->escape($text);
 
   316           $sql_text = $db->escape($text);
 
   316           $text = RenderMan::render($text);
 
   317           $text = RenderMan::render($text);
 
   317           $appr = ( getConfig('approve_comments', '0') == '1' ) ? COMMENT_UNAPPROVED : COMMENT_APPROVED;
 
   318           $appr = ( getConfig('approve_comments', '0') == '1' ) ? COMMENT_UNAPPROVED : COMMENT_APPROVED;
 
   318           if ( $appr === COMMENT_APPROVED && $spam_policy === 'moderate' && !$spamcheck )
 
   319           if ( $appr === COMMENT_APPROVED && $spam_policy === 'moderate' && !$spamcheck )
 
   319             $appr = COMMENT_SPAM;
 
   320             $appr = COMMENT_SPAM;
 
   323           if ( !is_valid_ip($ip) )
 
   324           if ( !is_valid_ip($ip) )
 
   324             die('Hacking attempt');
 
   325             die('Hacking attempt');
 
   325           
   326           
   326           // Send it to the database
 
   327           // Send it to the database
 
   327           $q = $db->sql_query('INSERT INTO '.table_prefix.'comments(page_id,namespace,name,subject,comment_data,approved, time, user_id, ip_address) VALUES' . "\n  " .
 
   328           $q = $db->sql_query('INSERT INTO '.table_prefix.'comments(page_id,namespace,name,subject,comment_data,approved, time, user_id, ip_address) VALUES' . "\n  " .
 
   328                              "('$this->page_id', '$this->namespace', '$name', '$subj', '$sql_text', $appr, $time, {$session->user_id}, '$ip');");
 
   329                              "('$this->page_id', '$this->namespace', '$name', '$sql_subj', '$sql_text', $appr, $time, {$session->user_id}, '$ip');");
 
   329           if(!$q)
 
   330           if(!$q)
 
   330             $db->die_json();
 
   331             $db->die_json();
 
   331           
   332           
   332           // Re-fetch
 
   333           // Re-fetch
 
   333           $q = $db->sql_query('SELECT c.comment_id,c.name,c.subject,c.comment_data,c.time,c.approved,u.user_level,u.user_id,u.email,u.signature,u.user_has_avatar,u.avatar_type FROM '.table_prefix.'comments AS c
 
   334           $q = $db->sql_query('SELECT c.comment_id,c.name,c.subject,c.comment_data,c.time,c.approved,u.user_level,u.user_id,u.email,u.signature,u.user_has_avatar,u.avatar_type FROM '.table_prefix.'comments AS c
Enano CMS (1.1.x)