From b650b0736a2d7345cb83399d4a0f27535768db54 Mon Sep 17 00:00:00 2001 From: saxmatt Date: Tue, 7 Sep 2004 02:34:12 +0000 Subject: [PATCH] Move trackbacks to new comment function. git-svn-id: http://svn.automattic.com/wordpress/trunk@1616 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-includes/functions-post.php | 50 ++++++++++++++++ wp-includes/functions.php | 17 ------ wp-trackback.php | 104 +++++++++++++++------------------ 3 files changed, 96 insertions(+), 75 deletions(-) diff --git a/wp-includes/functions-post.php b/wp-includes/functions-post.php index e46a83806d..eabd870020 100644 --- a/wp-includes/functions-post.php +++ b/wp-includes/functions-post.php @@ -343,4 +343,54 @@ function user_can_delete_post($user_id, $post_id, $blog_id = 1) { return user_can_edit_post($user_id, $post_id, $blog_id); } +function wp_new_comment($commentdata) { + global $wpdb; + extract($commentdata); + + $comment_post_id = (int) $comment_post_id; + + $comment_author = strip_tags($comment_author); + $comment_author = htmlspecialchars($comment_author); + $comment_author = $wpdb->escape($comment_author); + + $comment_author_email = preg_replace('/[^a-z+_.@-]/i', '', $comment_author_email); + + $comment_author_url = strip_tags($comment_author_url); + $comment_author_url = htmlspecialchars($comment_author_url); + $comment_author_url = $wpdb->escape($comment_author_url); + + $comment_content = apply_filters('comment_content_presave', $comment_content); + $comment_content = $wpdb->escape($comment_content); + + $user_ip = addslashes($_SERVER['REMOTE_ADDR']); + $user_domain = addslashes( gethostbyaddr($user_ip) ); + $now = current_time('mysql'); + $now_gmt = current_time('mysql', 1); + $user_agent = addslashes($_SERVER['HTTP_USER_AGENT']); + + // Simple flood-protection + if ( $lasttime = $wpdb->get_var("SELECT comment_date FROM $wpdb->comments WHERE comment_author_IP = '$user_ip' ORDER BY comment_date DESC LIMIT 1") ) { + $time_lastcomment= mysql2date('U', $lasttime); + $time_newcomment= mysql2date('U', $now); + if ( ($time_newcomment - $time_lastcomment) < 15 ) + die( __('Sorry, you can only post a new comment once every 15 seconds. Slow down cowboy.') ); + } + + if( check_comment($author, $email, $url, $comment, $user_ip, $user_agent) ) + $approved = 1; + else + $approved = 0; + + $result = $wpdb->query("INSERT INTO $wpdb->comments + (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent) + VALUES + ('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent') + "); + + if ( get_option('comments_notify') ) + wp_notify_postauthor($wpdb->insert_id, $comment_type); + + return $result; +} + ?> \ No newline at end of file diff --git a/wp-includes/functions.php b/wp-includes/functions.php index b811078883..09a2ac95bb 100644 --- a/wp-includes/functions.php +++ b/wp-includes/functions.php @@ -578,23 +578,6 @@ function trackback($trackback_url, $title, $excerpt, $ID) { return $result; } -// trackback - reply -function trackback_response($error = 0, $error_message = '') { - if ($error) { - echo '\n"; - echo "\n"; - echo "1\n"; - echo "$error_message\n"; - echo ""; - } else { - echo '\n"; - echo "\n"; - echo "0\n"; - echo ""; - } - die(); -} - function make_url_footnote($content) { preg_match_all('/(.+?)<\/a>/', $content, $matches); $j = 0; diff --git a/wp-trackback.php b/wp-trackback.php index d5e0a5ae96..5f9d6a38cf 100644 --- a/wp-trackback.php +++ b/wp-trackback.php @@ -1,93 +1,81 @@ \n"; + echo "\n"; + echo "1\n"; + echo "$error_message\n"; + echo ""; + } else { + echo '\n"; + echo "\n"; + echo "0\n"; + echo ""; + } + die(); +} // trackback is done by a POST $request_array = 'HTTP_POST_VARS'; -$tb_id = explode('/', $_SERVER['REQUEST_URI']); -$tb_id = intval($tb_id[count($tb_id)-1]); +if (!$tb_id) { + $tb_id = explode('/', $_SERVER['REQUEST_URI']); + $tb_id = intval($tb_id[count($tb_id)-1]); +} $tb_url = $_POST['url']; $title = $_POST['title']; $excerpt = $_POST['excerpt']; $blog_name = $_POST['blog_name']; -if (! $doing_trackback) { +if ( !$doing_trackback) { $doing_trackback = 1; - require('wp-blog-header.php'); + require('./wp-blog-header.php'); } -if (is_single()) { +if ( is_single() ) $tb_id = $posts[0]->ID; -} + +if ( !$tb_id) + trackback_response(1, 'I really need an ID for this to work.'); if (empty($title) && empty($tb_url) && empty($blog_name)) { // If it doesn't look like a trackback at all... header('Location: ' . get_permalink($tb_id)); + exit; } -if ((strlen(''.$tb_id)) && (empty($_GET['__mode'])) && (strlen(''.$tb_url))) { - - @header('Content-Type: text/xml; charset=' . get_settings('blog_charset')); +if ( !empty($tb_url) && !empty($title) && !empty($tb_url) ) { + header('Content-Type: text/xml; charset=' . get_option('blog_charset') ); $pingstatus = $wpdb->get_var("SELECT ping_status FROM $wpdb->posts WHERE ID = $tb_id"); if ('closed' == $pingstatus) trackback_response(1, 'Sorry, trackbacks are closed for this item.'); - $tb_url = addslashes($tb_url); - $title = strip_tags($title); - $title = (strlen($title) > 255) ? substr($title, 0, 252).'...' : $title; + $title = strip_tags( htmlspecialchars( $title ) ); + $title = (strlen($title) > 250) ? substr($title, 0, 250) . '...' : $title; $excerpt = strip_tags($excerpt); - $excerpt = (strlen($excerpt) > 255) ? substr($excerpt, 0, 252).'...' : $excerpt; + $excerpt = (strlen($excerpt) > 255) ? substr($excerpt, 0, 252) . '...' : $excerpt; $blog_name = htmlspecialchars($blog_name); - $blog_name = (strlen($blog_name) > 255) ? substr($blog_name, 0, 252).'...' : $blog_name; + $blog_name = (strlen($blog_name) > 250) ? substr($blog_name, 0, 250) . '...' : $blog_name; - $comment = ''; - $comment .= "$title\n$excerpt"; - - $author = addslashes(stripslashes(stripslashes($blog_name))); - $email = ''; - $original_comment = $comment; - $comment_post_ID = $tb_id; - - $user_ip = $_SERVER['REMOTE_ADDR']; - $user_domain = gethostbyaddr($user_ip); - $now = current_time('mysql'); - $now_gmt = current_time('mysql', 1); - - $user_agent = addslashes($_SERVER['HTTP_USER_AGENT']); - - $comment = convert_chars($comment); - $comment = format_to_post($comment); - - $comment_author = $author; - $comment_author_email = $email; + $comment_post_id = $tb_id; + $commment_author = $blog_name; + $comment_author_email = ''; $comment_author_url = $tb_url; + $comment_content = "$title\n\n$excerpt"; + $comment_type = 'trackback'; - $author = addslashes($author); + $commentdata = compact('comment_post_id', 'comment_author', 'comment_author_email', 'comment_author_url', 'comment_content', 'comment_type'); - $comment_moderation = get_settings('comment_moderation'); - $moderation_notify = get_settings('moderation_notify'); + wp_new_comment($commentdata); - if(check_comment($author, $email, $url, $comment, $user_ip, $user_agent)) { - $approved = 1; - } else { - $approved = 0; - } + trackback_response(0); + do_action('trackback_post', $wpdb->insert_id); - $result = $wpdb->query("INSERT INTO $wpdb->comments - (comment_post_ID, comment_author, comment_author_email, comment_author_url, comment_author_IP, comment_date, comment_date_gmt, comment_content, comment_approved, comment_agent) - VALUES - ('$comment_post_ID', '$author', '$email', '$tb_url', '$user_ip', '$now', '$now_gmt', '$comment', '$approved', '$user_agent') - "); - - if (!$result) { - die ("There is an error with the database, it can't store your comment...
Please contact the webmaster."); - } else { - $comment_ID = $wpdb->get_var('SELECT last_insert_id()'); - if (get_settings('comments_notify')) - wp_notify_postauthor($comment_ID, 'trackback'); - trackback_response(0); - do_action('trackback_post', $comment_ID); - } } ?> \ No newline at end of file