Файл: adultscript-2.0.3-pro/files/templates/defboot/extend/ajax/comment.plugin.php
Строк: 143
<?php
defined('_VALID') or die('Restricted Access!');
function ajax_plugin_comment()
{
$data = array('status' => 0, 'code' => '', 'msg' => '', 'debug' => '');
if (isset($_POST['user_id']) && isset($_POST['comment'])) {
$spam = false;
$time = time();
if (isset($_SESSION['comment_user_added'])) {
$expire = (int) ($_SESSION['comment_user_added']+VF::cfg_item('comment_delay'));
if ($time < $expire) {
$data['msg'] = 'Please dont spam!';
return json_encode($data);
}
}
VLanguage::load('frontend.profile');
if (!VAuth::loggedin()) {
$data['msg'] = __('comment-login', array('<a href="'.BASE_URL.'/user/login/">'.__('login').'</a>'));
return json_encode($data);
}
$user_id = (int) trim($_POST['user_id']);
$poster_id = (int) $_SESSION['user_id'];
$comment = VF::factory('filter')->get('comment');
$comment = str_replace(array("rn", "r"), "n", $comment);
if ($comment == '') {
$data['msg'] = __('comment-empty');
} elseif (strlen($comment) > 500) {
$data['msg'] = __('comment-length');
}
if ($data['msg'] != '') {
return json_encode($data);
}
$db = VF::factory('database');
$db->query("SELECT up.allow_comments, u.username
FROM #__user_preferences AS up
LEFT JOIN #__user AS u ON (up.user_id = u.user_id)
WHERE up.user_id = ".$user_id."
LIMIT 1");
if ($db->affected_rows()) {
$username = $db->fetch_field('username');
$allow_comments = $db->fetch_field('allow_comments');
if ($allow_comments == 'no') {
$data['msg'] = 'User does not allow comment posting!';
}
if ($allow_comments == 'friends') {
$db->query("SELECT request_id
FROM #__user_friends
WHERE user_id = ".$user_id."
AND friend_id = ".$poster_id."
AND status = 'approved'
LIMIT 1");
if (!$db->affected_rows()) {
$data['msg'] = __('comment-friend', array('<strong>'.$username.'</strong>'));
}
}
if ($data['msg'] != '') {
return json_encode($data);
} else {
$status = ($allow_comments == 'approve') ? 0 : 1;
$add_time = time();
$spam = 0;
if (VF::cfg_item('akismet_enabled')) {
VF::load('akismet.akismet');
$akismet = new Akismet(BASE_URL, VF::cfg_item('akismet_key'));
$akismet->setCommentAuthor($_SESSION['username']);
$akismet->setCommentAuthorEmail($_SESSION['email']);
$akismet->setCommentContent($comment);
$akismet->setPermalink(BASE_URL.'/'.$video_id.'/'.$video['slug'].'/');
if($akismet->isCommentSpam()) {
$spam = 1;
$status = 0;
}
}
$db->query("INSERT INTO #__user_comments
SET user_id = ".$user_id.",
poster_id = ".$poster_id.",
ip = ".VServer::ip(true).",
comment = '".$db->escape($comment)."',
add_time = '".$add_time."',
spam = ".$spam.",
status = '".$status."'");
if ($db->affected_rows()) {
$comment_id = $db->get_last_insert_id('#__user_comments');
if ($status === 0) {
$data['msg'] = __('comment-approve');
} else {
$db->query("UPDATE #__user_activity
SET total_profile_comments = total_profile_comments+1
WHERE user_id = ".$user_id."
LIMIT 1");
$output = array();
$output[] = '<div id="comment-'.$comment_id.'" class="media">';
$avatar = 'nopic-'.$_SESSION['gender'].'.gif';
if ($_SESSION['avatar'] != '') {
$avatar = $user_id.'.'.$_SESSION['avatar'];
}
$output[] = '<div class="media-left">';
$output[] = '<a href="'.REL_URL.'/users/'.$username.'/">';
$output[] = '<img src="'.USER_URL.'/'.$avatar.'" width="70" alt="'.__('alt-avatar', array(e($username))).'" class="img-rounded" />';
$output[] = '</a>';
$output[] = '</div>';
$output[] = '<div class="media-body">';
$output[] = '<div class="media-heading">';
$output[] = __('by').' <span>';
$output[] = '<a href="'.REL_URL.'/users/'.e($username).'/">'.e($username).'</a>';
$output[] = '</span> '.__('now');
$output[] = '<div class="buttons pull-right">';
$output[] = '<button id="comment-delete-'.$comment_id.'" type="button" class="btn btn-default btn-xs">'.__('delete').'</button>';
$output[] = '</div>';
$output[] = '<p>'.nl2br(e($comment)).'</p>';
$output[] = '<div class="media-footer-'.$comment_id.'">';
$output[] = '<small class="text-success">0</small>';
$output[] = '<button id="vote-up-'.$comment_id.'" class="btn btn-link btn-xs btn-thumb" data-toggle="tooltip" data-placement="top" title="'.__('vote-up').'"><i class="fa fa-thumbs-up"></i></button>';
$output[] = '<button id="vote-down-'.$comment_id.'" class="btn btn-link btn-xs btn-thumb" data-toggle="tooltip" data-placement="top" title="'.__('vote-down').'"><i class="fa fa-thumbs-down"></i></button>';
$output[] = '</div></div></div>';
$data['code'] = implode("n", $output);
$data['msg'] = __('comment-success');
}
$data['status'] = 1;
} else {
$data['msg'] = 'Application error!? Failed to add comment!';
}
}
} else {
$data['msg'] = 'Invalid user! Are you sure this user exists!?';
}
} else {
$data['msg'] = 'Invalid ajax request!';
}
return json_encode($data);
}
?>