$post_comment1$post_comment2 $post_comment3"; } elseif(($weblog_info[who_comments] == "2" | $weblog_info[show_comments] == "2") & $is_logged_in == "no" & $is_admin_logged_in != "yes") { $is_error = "yes"; $error = "

$post_comment1

$post_comment4 $post_comment5."; } elseif($entry_info[comments] == "0") { $is_error = "yes"; $error = "

$post_comment6

$post_comment7"; } elseif($owner_group_info[allow_comments] == "0" | $weblog_info[show_comments] == "0" | $weblog_info[who_comments] == "0") { $is_error = "yes"; $error = "

$post_comment6

$post_comment8"; } if($task == "cancel") { $url = url("entry", "$weblog_info[weblog]", "", "$e_id"); header("Location: $url"); exit(); } if($task == "dopost") { $is_error = "no"; $error = ""; $from = $_POST['from']; $nickname = str_replace("&", "&", $_POST['nickname']); $title = str_replace("&", "&", $_POST['title']); $contents = str_replace("&", "&", str_replace("\n", "
", $_POST['contents'])); // CHECK FOR VALID IMAGE CODE IF ALLOWED BY ADMIN AND GD IS ENABLED if($admin_info[comment_image] == 1 AND function_exists('gd_info')) { if($is_error != "yes") { session_start(); $code = $_SESSION['code']; if($code == "") { $code = randomcode(); } $code_sent = $_POST['code_sent']; if($code_sent != $code) { $is_error = "yes"; $error = "$post_comment24"; }}} if(str_replace(" ", "", $title) == "") { $title = "$post_comment9"; } if(str_replace(" ", "", $contents) == "") { $is_error = "yes"; $error = "$post_comment10"; } if($from == 0) { $username = $nickname; $author_u_id = 0; } elseif($from == 1) { if($is_logged_in == "yes" & $is_admin_logged_in != "yes") { $username = $user_info[username]; $author_u_id = $user_info[u_id]; } else { $username = $nickname; $author_u_id = 0; } } $date = time(); $comment_limit = mysql_fetch_assoc(mysql_query("SELECT date, username from bhost_comments where w_id='$weblog_info[w_id]' order by c_id DESC LIMIT 1")); $post_time_diff = $date - $comment_limit[date]; if(($post_time_diff < 30) & ($username == $comment_limit[username])) { $is_error = "yes"; $error = "$post_comment25"; } // IF THERE WAS NO ERROR if($is_error != "yes") { if($weblog_info[logip_comments] == "1") { $IP = $_POST['IP']; } else { $IP = ""; } // CENSOR BAD WORDS $bad_words = explode(",", trim($admin_info[banned_badwords])); $bad_words_replace = explode(",", trim($admin_info[banned_badwords_replace])); $contents = str_replace($bad_words, $bad_words_replace, $contents); $title = str_replace($bad_words, $bad_words_replace, $title); // SAVE COMMENT TO DATABASE //alanic //Bisogna fare in modo che i commenti NON siano visibili subito da CHIUNQUE //ma che vengano approvati da ADMIN. //0 in attesa //1 approvato dal padrone blog //2 approvato da admin e visibile sul blog //-1 cancellato (da chiunque) mysql_query("INSERT INTO bhost_comments (w_id, e_id, author_u_id, username, IP, title, contents, date) VALUES ('$weblog_info[w_id]', '$e_id', '$author_u_id', '$username', '$IP', '$title', '$contents', '$date')"); //alanic, record in tabella stati commento mysql_query("INSERT INTO bhost_comments_status (c_id, status) VALUES (".mysql_insert_id().",0)"); $comment = mysql_fetch_assoc(mysql_query("SELECT max(c_id) AS c_id FROM bhost_comments WHERE w_id='$weblog_info[w_id]' AND e_id='$e_id' AND username='$username' AND title='$title' AND contents='$contents' AND date='$date' LIMIT 1")); if($weblog_info[notify_comments] == "1" & $author_u_id != $owner_info[u_id]) { $link = url("entry", "$weblog_info[weblog]", "", "$e_id", "", "", "#c$comment[c_id]"); $subject = htmlspecialchars_decode($admin_info[comment_subject], ENT_QUOTES); $subject = str_replace("", "$owner_info[fname]", $subject); $subject = str_replace("", "$owner_info[lname]", $subject); $subject = str_replace("", $link, $subject); $subject = str_replace("", "$username", $subject); $message = htmlspecialchars_decode($admin_info[comment_message], ENT_QUOTES); $message = str_replace("", "$owner_info[fname]", $message); $message = str_replace("", "$owner_info[lname]", $message); $message = str_replace("", $link, $message); $message = str_replace("", $username, $message); $from_name = "Rivblog.com - Support"; //mail($owner_info[email], $subject, $message, "MIME-Version: 1.0\nContent-type: text/html; charset=iso-8859-1\nFrom: $admin_info[email]\nReturn-Path: $admin_info[email]\nReply-To: $admin_info[email]"); $message_headers = "MIME-Version: 1.0\n" . "From: \"Rivblog.com - support\" <{$admin_info[email]}>\n" . "Content-Type: text/plain; charset=\"utf-8\"\n"; // TODO: Don't hard code activation link. $subject = '[' . $from_name . '] ' . $subject; wp_mail($owner_info[email], $subject, $message, $message_headers); } $url = url("entry", "$weblog_info[weblog]", "", "$e_id", "", "", "#c$comment[c_id]"); header("Location: $url"); exit(); // IF THERE WAS AN ERROR, CONTINUE TO MAIN } if($title == "$post_comment9") { $title = ""; } $task = "main"; } if($task == "main") { // RETRIEVE TEMPLATE $template = $weblog_info[template]; $template = bh_engine($template); // REMOVE ANYTHING BETWEEN CONTAINERS $ifentrypagecount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifentrypagecount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $ifentrypagecount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifentrypagecount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $ifarchivepagecount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifarchivepagecount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $ifPhotoAlbumPageCount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifPhotoAlbumPageCount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $iffriendspagecount = occurrencecount("", "", $template, "0"); for($a=0;$a<$iffriendspagecount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $ifpagescount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifpagescount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ENTRY CATEGORIES $ifcategoriesallowedcount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifcategoriesallowedcount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } $template = str_replace("<%EntryCategory%>", "", $template); // REMOVE ANYTHING BETWEEN AND CONTAINERS $ifcommentsallowedcount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifcommentsallowedcount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } $commentcontcount = occurrencecount("", "", $template, "0"); for($a=0;$a<$commentcontcount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $ifpostcommentsallowedcount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifpostcommentsallowedcount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN AND CONTAINERS $iftrackbacksallowedcount = occurrencecount("", "", $template, "0"); for($a=0;$a<$iftrackbacksallowedcount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } $trackbackcontcount = occurrencecount("", "", $template, "0"); for($a=0;$a<$trackbackcontcount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $entrycount = occurrencecount("", "", $template, "0"); for($i=0;$i<$entrycount;$i++) { $template = str_replace("".between("", "", $template)."", "", $template); } // REMOVE ANYTHING BETWEEN CONTAINERS $ifprofilepagecount = occurrencecount("", "", $template, "0"); for($a=0;$a<$ifprofilepagecount;$a++) { $template = str_replace("".between("", "", $template)."", "", $template); } //$strPostComments .= $head; $strPostComments .= "

$post_comment11

"; if($error != "") { $strPostComments .= return_error($error); } $strPostComments .= "
"; // SHOW IMAGE CODE VERIFICATION ROW IF ENABLED AND GD IS INSTALLED if($admin_info[comment_image] AND function_exists('gd_info')) { $strPostComments .= " "; } $strPostComments .= "
$post_comment12 "; if($weblog_info[who_comments] == 3) { $strPostComments .= "
", "\n", $contents); $strPostComments .= "
$post_comment18
$post_comment19
$post_comment23
". tip2("17", "18",true); $strPostComments .= " 

$post_comment11a

 
 
"; $template = str_replace("<%WindowTitle%>", "Post Comment", $template); $template = str_replace("<%PostCommentPage%>", "$strPostComments", $template); $search_vars = Array("", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "", "","",""); $template = str_replace($search_vars, "", $template); // OUTPUT WEBLOG $template.="