Файл: adultscript-2.0.3-pro/files/templates/defboot/extend/ajax/video_comment.plugin.php
Строк: 163
<?php
defined('_VALID') or die('Restricted Access!');
function ajax_plugin_video_comment()
{
$data = array('status' => 0, 'code' => '', 'msg' => '', 'debug' => '');
if (isset($_POST['video_id']) && isset($_POST['comment'])) {
VLanguage::load('frontend.video');
$spam = false;
$time = time();
if (isset($_SESSION['comment_added'])) {
$expire = (int) ($_SESSION['comment_added']+VF::cfg_item('comment_delay'));
if ($time < $expire) {
$data['msg'] = __('dont-spam');
return json_encode($data);
}
}
$allow_comment = VCfg::get('video.allow_comment');
if (!$allow_comment) {
$data['msg'] = __('comments-disabled');
return json_encode($data);
}
if ($allow_comment == '1' && !VAuth::loggedin()) {
$data['msg'] = __('comments-login', array('<a href="'.BASE_URL.'/user/login/">', '</a>'));
return json_encode($data);
}
$filter = VF::factory('filter');
$video_id = (int) trim($_POST['video_id']);
$user_id = (VAuth::loggedin()) ? (int) $_SESSION['user_id'] : 0;
$nickname = (isset($_POST['nickname']) && $_POST['nickname'] != '')
? $filter->get('nickname') : 'Anonymous';
$comment = $filter->get('comment');
$comment = str_replace(array("rn", "r"), "n", $comment);
if ($comment == '') {
$data['msg'] = __('comment-empty');
} elseif (strlen($comment) > 500) {
$data['msg'] = __('comment-length');
}
if ($data['msg'] != '') {
return json_encode($data);
}
$db = VF::factory('database');
$db->query("SELECT v.user_id, v.title, v.slug, v.allow_comment, u.username, u.email, un.video_comment
FROM #__video AS v
LEFT JOIN #__user AS u ON (u.user_id = v.user_id)
LEFT JOIN #__user_notifications AS un ON (un.user_id = v.user_id)
WHERE v.video_id = ".$video_id."
LIMIT 1");
if ($db->affected_rows()) {
$video = $db->fetch_assoc();
if ($video['allow_comment'] == '0') {
$data['msg'] = __('comment-allow-no');
return json_encode($data);
}
$add_time = time();
$status = (VCfg::get('video.approve_comments')) ? 0 : 1;
$spam = 0;
if (VF::cfg_item('akismet_enabled')) {
VF::load('akismet.akismet');
$akismet = new Akismet(BASE_URL, VF::cfg_item('akismet_key'));
if ($user_id) {
$akismet->setCommentAuthor($_SESSION['username']);
$akismet->setCommentAuthorEmail($_SESSION['email']);
} else {
$akismet->setCommentAuthor($nickname);
}
$akismet->setCommentContent($comment);
$akismet->setPermalink(BASE_URL.'/'.$video_id.'/'.$video['slug'].'/');
if($akismet->isCommentSpam()) {
$spam = 1;
$status = 0;
}
}
$db->query("INSERT INTO #__video_comments
SET video_id = ".$video_id.",
user_id = ".$user_id.",
ip = ".VServer::ip(true).",
comment = '".$db->escape($comment)."',
nickname = '".$db->escape($nickname)."',
add_time = '".$add_time."',
spam = ".$spam.",
status = '".$status."'");
$comment_id = $db->get_last_insert_id('#__video_comments');
$db->query("UPDATE #__video
SET total_comments = total_comments+1
WHERE video_id = ".$video_id."
LIMIT 1");
if ($user_id !== 0) {
$db->query("UPDATE #__user_activity
SET total_video_comments = total_video_comments+1
WHERE user_id = ".$user_id."
LIMIT 1");
}
$username = ($user_id !== 0) ? htmlspecialchars($_SESSION['username'], ENT_QUOTES, 'UTF-8') : $nickname;
if ($status === 0) {
$data['msg'] = __('comment-approve');
} else {
$data['msg'] = __('comment-success');
$output = array();
$output[] = '<div id="comment-'.$comment_id.'" class="media thumbnail">';
if ($user_id) {
$avatar = 'nopic-'.$_SESSION['gender'].'.gif';
if ($_SESSION['avatar'] != '') {
$avatar = $user_id.'.'.$_SESSION['avatar'];
}
$output[] = '<a href="'.REL_URL.'/users/'.$username.'/" class="media-left media-middle">';
$output[] = '<img src="'.USER_URL.'/'.$avatar.'" width="70" alt="'.e($username).' Avatar" class="img-rounded" />';
$output[] = '</a>';
} else {
$output[] = '<div class="media-left media-middle">';
$output[] = '<img src="'.USER_URL.'/nopic-hidden.gif" width="70" alt="" class="img-rounded" />';
$output[] = '</div>';
}
$output[] = '<div class="media-body">';
$output[] = '<div class="media-heading">';
$output[] = __('by').' <span>';
if ($user_id) {
$output[] = '<a href="'.REL_URL.'/users/'.e($username).'/">'.e($username).'</a>';
} else {
$output[] = e($nickname);
}
$output[] = '</span> '.VDate::nice($add_time).'</div>';
$output[] = '<p>'.nl2br(e($comment)).'</p>';
$output[] = '<div class="media-footer">';
if ($user_id == $video['user_id'] or VAuth::group('Moderator')) {
$output[] = '<button id="comment-delete-'.$comment_id.'" type="button" class="btn btn-default btn-xs">'.__('delete').'</button>';
}
$output[] = '<span id="spam-video-'.$comment_id.'">';
$output[] = '<button id="spam-video-'.$comment_id.'-'.$video_id.'" type="button" class="btn btn-default btn-xs">'.__('spam').'</button>';
$output[] = '</span></div></div></div>';
$data['code'] = implode("n", $output);
}
$search = array(
'[#USERNAME#]', '[#OWNER#]', '[#VIDEO_URL#]', '[#DASHBOARD_URL#]',
'[#BASE_URL#]', '[#SITE_NAME#]', '[#NOTIFS_URL#]');
$replace = array(
$username, $video['username'], BASE_URL.'/'.$video_id.'/'.$video['slug'].'/',
BASE_URL.'/user/dashboard/', BASE_URL, VF::cfg_item('site_name'), BASE_URL.'/user/notifications/');
$mail = VF::factory('email');
$mail->predefined('video-comment', $video['email'], $search, $replace, 'noreply');
$data['status'] = 1;
$_SESSION['comment_added'] = $time;
} else {
$data['msg'] = 'Failed to fetch video data!';
}
} else {
$data['msg'] = 'Invalid ajax request!';
}
return json_encode($data);
}
?>