PageRenderTime 60ms CodeModel.GetById 16ms RepoModel.GetById 0ms app.codeStats 1ms

/html/AppCode/expressionengine/modules/comment/mod.comment.php

https://github.com/w3bg/www.hsifin.com
PHP | 3324 lines | 2126 code | 623 blank | 575 comment | 544 complexity | b5f2cc077858179941b24ddac8141f17 MD5 | raw file
Possible License(s): AGPL-3.0 
    

  1. <?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. /**
    3. 

  3.  * ExpressionEngine - by EllisLab
    4. 

  4.  *
    5. 

  5.  * @package		ExpressionEngine
    6. 

  6.  * @author		ExpressionEngine Dev Team
    7. 

  7.  * @copyright	Copyright (c) 2003 - 2010, EllisLab, Inc.
    8. 

  8.  * @license		http://expressionengine.com/user_guide/license.html
    9. 

  9.  * @link		http://expressionengine.com
    10. 

  10.  * @since		Version 2.0
    11. 

  11.  * @filesource
    12. 

  12.  */
    13. 

  13. 

  14. // ------------------------------------------------------------------------
    15. 

  15. 

  16. /**
    17. 

  17.  * ExpressionEngine Comment Module
    18. 

  18.  *
    19. 

  19.  * @package		ExpressionEngine
    20. 

  20.  * @subpackage	Modules
    21. 

  21.  * @category	Modules
    22. 

  22.  * @author		ExpressionEngine Dev Team
    23. 

  23.  * @link		http://expressionengine.com
    24. 

  24.  */
    25. 

  25. class Comment {
    26. 

  26. 

  27. 	// Maximum number of comments.  This is a safety valve
    28. 

  28. 	// in case the user doesn't specify a maximum
    29. 

  29. 

  30. 	var $limit = 100;
    31. 

  31. 

  32. 

  33. 	// Show anchor?
    34. 

  34. 	// TRUE/FALSE
    35. 

  35. 	// Determines whether to show the <a name> anchor above each comment
    36. 

  36. 

  37. 	var $show_anchor = FALSE;
    38. 

  38. 	
    39. 

  39. 	// Comment Expiration Mode
    40. 

  40. 	// 0 -	Comments only expire if the comment expiration field in the PUBLISH page contains a value.
    41. 

  41. 	// 1 -	If the comment expiration field is blank, comments will still expire if the global preference
    42. 

  42. 	// 		is set in the Channel Preferences page.  Use this option only if you used EE prior to
    43. 

  43. 	//		version 1.1 and you want your old comments to expire.	
    44. 

  44. 

  45. 	var $comment_expiration_mode = 0;
    46. 

  46. 

  47. 

  48. 	/**
    49. 

  49. 	 * Constructor
    50. 

  50. 	 *
    51. 

  51. 	 * @access	public
    52. 

  52. 	 */
    53. 

  53. 	function Comment()
    54. 

  54. 	{
    55. 

  55. 		// Make a local reference to the ExpressionEngine super object
    56. 

  56. 		$this->EE =& get_instance();
    57. 

  57. 

  58. 		$fields = array('name', 'email', 'url', 'location', 'comment');
    59. 

  59. 

  60. 		foreach ($fields as $val)
    61. 

  61. 		{
    62. 

  62. 			if (isset($_POST[$val] ))
    63. 

  63. 			{
    64. 

  64. 				$_POST[$val] = $this->EE->functions->encode_ee_tags($_POST[$val], TRUE);
    65. 

  65. 

  66. 				if ($val == 'comment')
    67. 

  67. 				{
    68. 

  68. 					$_POST[$val] = $this->EE->security->xss_clean($_POST[$val]);
    69. 

  69. 				}
    70. 

  70. 			}
    71. 

  71. 		}
    72. 

  72. 	}
    73. 

  73. 

  74. 	// --------------------------------------------------------------------
    75. 

  75. 

  76. 	/**
    77. 

  77. 	 * Comment Entries
    78. 

  78. 	 *
    79. 

  79. 	 * @access	public
    80. 

  80. 	 * @return	string
    81. 

  81. 	 */
    82. 

  82. 	function entries()
    83. 

  83. 	{
    84. 

  84. 		$return 		= '';
    85. 

  85. 		$current_page	= '';
    86. 

  86. 		$qstring		= $this->EE->uri->query_string;
    87. 

  87. 		$uristr			= $this->EE->uri->uri_string;
    88. 

  88. 		$switch 		= array();
    89. 

  89. 		$search_link	= '';
    90. 

  90. 

  91. 		// Pagination variables
    92. 

  92. 

  93. 		$paginate			= FALSE;
    94. 

  94. 		$paginate_data		= '';
    95. 

  95. 		$pagination_links	= '';
    96. 

  96. 		$page_next			= '';
    97. 

  97. 		$page_previous		= '';
    98. 

  98. 		$current_page		= 0;
    99. 

  99. 		$t_current_page		= '';
    100. 

  100. 		$total_pages		= 1;
    101. 

  101. 

  102. 		if ($this->EE->TMPL->fetch_param('dynamic') == 'no')
    103. 

  103. 		{
    104. 

  104. 			$dynamic = FALSE;
    105. 

  105. 		}
    106. 

  106. 		else
    107. 

  107. 		{
    108. 

  108. 			$dynamic = TRUE;
    109. 

  109. 		}
    110. 

  110. 		
    111. 

  111. 		$force_entry = FALSE;
    112. 

  112. 		
    113. 

  113. 		if ($this->EE->TMPL->fetch_param('entry_id') !== FALSE OR $this->EE->TMPL->fetch_param('url_title') !== FALSE OR $this->EE->TMPL->fetch_param('comment_id') !== FALSE)
    114. 

  114. 		{
    115. 

  115. 			$force_entry = TRUE;
    116. 

  116. 		}			
    117. 

  117. 

  118. 		/** ----------------------------------------------
    119. 

  119. 		/**  Do we allow dynamic POST variables to set parameters?
    120. 

  120. 		/** ----------------------------------------------*/
    121. 

  121. 		if ($this->EE->TMPL->fetch_param('dynamic_parameters') !== FALSE AND isset($_POST) AND count($_POST) > 0)
    122. 

  122. 		{
    123. 

  123. 			foreach (explode('|', $this->EE->TMPL->fetch_param('dynamic_parameters')) as $var)
    124. 

  124. 			{
    125. 

  125. 				if (isset($_POST[$var]) AND in_array($var, array('channel', 'limit', 'sort', 'orderby')))
    126. 

  126. 				{
    127. 

  127. 					$this->EE->TMPL->tagparams[$var] = $_POST[$var];
    128. 

  128. 				}
    129. 

  129. 			}
    130. 

  130. 		}
    131. 

  131. 

  132. 		/** --------------------------------------
    133. 

  133. 		/**  Parse page number
    134. 

  134. 		/** --------------------------------------*/
    135. 

  135. 

  136. 		// We need to strip the page number from the URL for two reasons:
    137. 

  137. 		// 1. So we can create pagination links
    138. 

  138. 		// 2. So it won't confuse the query with an improper proper ID
    139. 

  139. 

  140. 		if ( ! $dynamic)
    141. 

  141. 		{
    142. 

  142. 			if (preg_match("#(^|/)N(\d+)(/|$)#i", $qstring, $match))
    143. 

  143. 			{				
    144. 

  144. 				$current_page = $match['2'];
    145. 

  145. 				$uristr  = trim($this->EE->functions->remove_double_slashes(str_replace($match['0'], '/', $uristr)), '/');
    146. 

  146. 			}
    147. 

  147. 		}
    148. 

  148. 		else
    149. 

  149. 		{
    150. 

  150. 			if (preg_match("#(^|/)P(\d+)(/|$)#", $qstring, $match))
    151. 

  151. 			{
    152. 

  152. 				$current_page = $match['2'];
    153. 

  153. 				$uristr  = $this->EE->functions->remove_double_slashes(str_replace($match['0'], '/', $uristr));
    154. 

  154. 				$qstring = trim($this->EE->functions->remove_double_slashes(str_replace($match['0'], '/', $qstring)), '/');
    155. 

  155. 			}
    156. 

  156. 		}
    157. 

  157. 		
    158. 

  158. 		if  ($dynamic == TRUE OR $force_entry == TRUE)
    159. 

  159. 		{
    160. 

  160. 			// Fetch channel_ids if appropriate
    161. 

  161. 			$channel_ids = array();
    162. 

  162. 

  163. 			if ($channel = $this->EE->TMPL->fetch_param('channel') OR $this->EE->TMPL->fetch_param('site'))
    164. 

  164. 			{
    165. 

  165. 				$this->EE->db->select('channel_id');
    166. 

  166. 				$this->EE->db->where_in('site_id', $this->EE->TMPL->site_ids);
    167. 

  167. 

  168. 				if ($channel !== FALSE)
    169. 

  169. 				{
    170. 

  170. 					$this->EE->functions->ar_andor_string($channel, 'channel_name');
    171. 

  171. 				}
    172. 

  172. 

  173. 				$channels = $this->EE->db->get('channels');
    174. 

  174. 				
    175. 

  175. 				if ($channels->num_rows() == 0)
    176. 

  176. 				{
    177. 

  177. 					return false;
    178. 

  178. 				}
    179. 

  179. 				else
    180. 

  180. 				{
    181. 

  181. 					foreach($channels->result_array() as $row)
    182. 

  182. 					{
    183. 

  183. 						$channel_ids[] = $row['channel_id'];
    184. 

  184. 					}
    185. 

  185. 				}
    186. 

  186. 			}
    187. 

  187. 

  188. 			// Check if an entry_id or url_title was specified
    189. 

  189. 			if ($entry_id = $this->EE->TMPL->fetch_param('entry_id'))
    190. 

  190. 			{
    191. 

  191. 				$sql = substr($this->EE->functions->sql_andor_string($entry_id, 'entry_id'), 4);
    192. 

  192. 				$this->EE->db->where($sql, NULL, FALSE);
    193. 

  193. 			}
    194. 

  194. 			elseif ($url_title = $this->EE->TMPL->fetch_param('url_title'))
    195. 

  195. 			{
    196. 

  196. 				$sql = substr($this->EE->functions->sql_andor_string($url_title, 'url_title'), 4);
    197. 

  197. 				$this->EE->db->where($sql, NULL, FALSE);
    198. 

  198. 				
    199. 

  199. 			}
    200. 

  200. 			else
    201. 

  201. 			{
    202. 

  202. 				// If there is a slash in the entry ID we'll kill everything after it.
    203. 

  203. 				$entry_id = trim($qstring); 
    204. 

  204. 				$entry_id = preg_replace("#/.+#", "", $entry_id);
    205. 

  205. 				
    206. 

  206. 				// Have to choose between id or url title
    207. 

  207. 				if ( ! is_numeric($entry_id))
    208. 

  208. 				{
    209. 

  209. 					$this->EE->db->where('url_title', $entry_id);
    210. 

  210. 				}
    211. 

  211. 				else
    212. 

  212. 				{
    213. 

  213. 					$this->EE->db->where('entry_id', $entry_id);
    214. 

  214. 				}
    215. 

  215. 			}
    216. 

  216. 

  217. 			/** ----------------------------------------
    218. 

  218. 			/**  Do we have a valid entry ID number?
    219. 

  219. 			/** ----------------------------------------*/
    220. 

  220. 

  221. 			$timestamp = ($this->EE->TMPL->cache_timestamp != '') ? $this->EE->localize->set_gmt($this->EE->TMPL->cache_timestamp) : $this->EE->localize->now;
    222. 

  222. 

  223. 			$this->EE->db->select('entry_id, channel_titles.channel_id');
    224. 

  224. 			$this->EE->db->where('channel_titles.channel_id = '.$this->EE->db->dbprefix('channels').'.channel_id');
    225. 

  225. 			$this->EE->db->where_in('channel_titles.site_id', $this->EE->TMPL->site_ids);
    226. 

  226. 

  227. 			if ($this->EE->TMPL->fetch_param('show_expired') !== 'yes')
    228. 

  228. 			{
    229. 

  229. 				$date_where = "(".$this->EE->db->protect_identifiers('expiration_date')." = 0 OR "
    230. 

  230. 				.$this->EE->db->protect_identifiers('expiration_date')." > {$timestamp})";
    231. 

  231. 				$this->EE->db->where($date_where);
    232. 

  232. 			}
    233. 

  233. 

  234. 			if ($author_id = $this->EE->TMPL->fetch_param('author_id'))
    235. 

  235. 			{
    236. 

  236. 				$this->EE->db->where('author_id', $author_id);
    237. 

  237. 			}
    238. 

  238. 

  239. 			if ($e_status = $this->EE->TMPL->fetch_param('entry_status'))
    240. 

  240. 			{
    241. 

  241. 				$e_status = str_replace('Open',	'open',	$e_status);
    242. 

  242. 				$e_status = str_replace('Closed', 'closed', $e_status);
    243. 

  243. 

  244. 				$sql = $this->EE->functions->sql_andor_string($e_status, 'status');
    245. 

  245. 

  246. 				if (stristr($sql, "'closed'") === FALSE)
    247. 

  247. 				{
    248. 

  248. 					$sql .= " AND status != 'closed' ";
    249. 

  249. 				}
    250. 

  250. 				
    251. 

  251. 				//  We need to drop the leading AND from the generated string 
    252. 

  252. 				$sql = substr($sql, 4);
    253. 

  253. 

  254. 				$this->EE->db->where($sql, NULL, FALSE);
    255. 

  255. 			}
    256. 

  256. 			else
    257. 

  257. 			{
    258. 

  258. 				$this->EE->db->where('status !=', 'closed');
    259. 

  259. 			}
    260. 

  260. 			
    261. 

  261. 			
    262. 

  262. 			/** ----------------------------------------------
    263. 

  263. 			/**  Limit to/exclude specific channels
    264. 

  264. 			/** ----------------------------------------------*/
    265. 

  265. 			if (count($channel_ids) == 1)
    266. 

  266. 			{
    267. 

  267. 				$this->EE->db->where('channel_titles.channel_id', $channel_ids['0']);
    268. 

  268. 			}
    269. 

  269. 			elseif (count($channel_ids) > 1)
    270. 

  270. 			{
    271. 

  271. 				$this->EE->db->where_in('channel_titles.channel_id', $channel_ids);
    272. 

  272. 			}
    273. 

  273. 

  274. 			$this->EE->db->from('channel_titles');
    275. 

  275. 			$this->EE->db->from('channels');
    276. 

  276. 			$query = $this->EE->db->get();
    277. 

  277. 

  278. 			// Bad ID?  See ya!
    279. 

  279. 			if ($query->num_rows() == 0)
    280. 

  280. 			{
    281. 

  281. 				return FALSE;
    282. 

  282. 			}
    283. 

  283. 

  284. 			// We'll reassign the entry IDs so they're the true numeric ID
    285. 

  285. 			foreach($query->result_array() as $row)
    286. 

  286. 			{
    287. 

  287. 				$entry_ids[] = $row['entry_id'];
    288. 

  288. 			}
    289. 

  289. 		}
    290. 

  290. 

  291. 

  292. 		// If the comment tag is being used in freeform mode
    293. 

  293. 		// we need to fetch the channel ID numbers
    294. 

  294. 		
    295. 

  295. 		if ( ! $dynamic)
    296. 

  296. 		{
    297. 

  297. 			if ($channel = $this->EE->TMPL->fetch_param('channel') OR $this->EE->TMPL->fetch_param('site'))
    298. 

  298. 			{
    299. 

  299. 				$this->EE->db->select('channel_id');
    300. 

  300. 				$this->EE->db->where_in('site_id', $this->EE->TMPL->site_ids);
    301. 

  301. 

  302. 				if ($channel !== FALSE)
    303. 

  303. 				{
    304. 

  304. 					$this->EE->functions->ar_andor_string($channel, 'channel_name');
    305. 

  305. 				}
    306. 

  306. 

  307. 				$query = $this->EE->db->get('channels');
    308. 

  308. 

  309. 				if ($query->num_rows() == 0)
    310. 

  310. 				{
    311. 

  311. 					return $this->EE->TMPL->no_results();
    312. 

  312. 				}
    313. 

  313. 				else
    314. 

  314. 				{
    315. 

  315. 					// Store the query components in the AR cache so we don't need to
    316. 

  316. 					// recompile them after we run count_all_results for pagination.
    317. 

  317. 					
    318. 

  318. 					$this->EE->db->start_cache();
    319. 

  319. 					
    320. 

  320. 					if ($query->num_rows() == 1)
    321. 

  321. 					{
    322. 

  322. 						$this->EE->db->where('channel_id', $query->row('channel_id'));
    323. 

  323. 					}
    324. 

  324. 					else
    325. 

  325. 					{
    326. 

  326. 						$ids = array();
    327. 

  327. 						
    328. 

  328. 						foreach ($query->result_array() as $row)
    329. 

  329. 						{
    330. 

  330. 							$ids[] = $row['channel_id'];
    331. 

  331. 						}
    332. 

  332. 						
    333. 

  333. 						$this->EE->db->where_in('channel_id', $ids);
    334. 

  334. 					}
    335. 

  335. 				}
    336. 

  336. 			}
    337. 

  337. 		}
    338. 

  338. 

  339. 		/** ----------------------------------------
    340. 

  340. 		/**  Set sorting and limiting
    341. 

  341. 		/** ----------------------------------------*/
    342. 

  342. 

  343. 		if ( ! $dynamic)
    344. 

  344. 		{
    345. 

  345. 			$limit = ( ! $this->EE->TMPL->fetch_param('limit')) ? 100 : $this->EE->TMPL->fetch_param('limit');
    346. 

  346. 			$sort  = ( ! $this->EE->TMPL->fetch_param('sort'))  ? 'desc' : $this->EE->TMPL->fetch_param('sort');
    347. 

  347. 		}
    348. 

  348. 		else
    349. 

  349. 		{
    350. 

  350. 			$limit = ( ! $this->EE->TMPL->fetch_param('limit')) ? $this->limit : $this->EE->TMPL->fetch_param('limit');
    351. 

  351. 			$sort  = ( ! $this->EE->TMPL->fetch_param('sort'))  ? 'asc' : $this->EE->TMPL->fetch_param('sort');
    352. 

  352. 		}
    353. 

  353. 

  354. 		$allowed_sorts = array('date', 'email', 'location', 'name', 'url');
    355. 

  355. 

  356. 

  357. 		/** ----------------------------------------
    358. 

  358. 		/**  Fetch comment ID numbers
    359. 

  359. 		/** ----------------------------------------*/
    360. 

  360. 

  361. 		$temp = array();
    362. 

  362. 		$i = 0;
    363. 

  363. 

  364. 		// Left this here for backward compatibility
    365. 

  365. 		// We need to deprecate the "order_by" parameter
    366. 

  366. 

  367. 		if ($this->EE->TMPL->fetch_param('orderby') != '')
    368. 

  368. 		{
    369. 

  369. 			$order_by = $this->EE->TMPL->fetch_param('orderby');
    370. 

  370. 		}
    371. 

  371. 		else
    372. 

  372. 		{
    373. 

  373. 			$order_by = $this->EE->TMPL->fetch_param('order_by');
    374. 

  374. 		}
    375. 

  375. 

  376. 		$random = ($order_by == 'random') ? TRUE : FALSE;
    377. 

  377. 		$order_by  = ($order_by == 'date' OR ! in_array($order_by, $allowed_sorts))  ? 'comment_date' : $order_by;
    378. 

  378. 

  379. 		$this->EE->db->select('comment_date, comment_id');
    380. 

  380. 		
    381. 

  381. 		$comment_sql = FALSE;
    382. 

  382. 		
    383. 

  383. 		if ($status = $this->EE->TMPL->fetch_param('status'))
    384. 

  384. 		{
    385. 

  385. 			$status = strtolower($status);
    386. 

  386. 			$status = str_replace('open',	'o', $status);
    387. 

  387. 			$status = str_replace('closed', 'c', $status);
    388. 

  388. 			$status = str_replace('pending', 'p', $status);
    389. 

  389. 

  390. 			$comment_sql = $this->EE->functions->sql_andor_string($status, 'status');
    391. 

  391. 

  392. 			if (stristr($comment_sql, "'c'") === FALSE)
    393. 

  393. 			{
    394. 

  394. 				$comment_sql .= " AND status != 'c' ";
    395. 

  395. 			}
    396. 

  396. 

  397. 			//  We need to drop the leading AND from the generated string 
    398. 

  398. 			$comment_sql = substr($comment_sql, 4);
    399. 

  399. 			$this->EE->db->where($comment_sql, NULL, FALSE);
    400. 

  400. 		}
    401. 

  401. 		else
    402. 

  402. 		{
    403. 

  403. 			$this->EE->db->where('status', 'o');
    404. 

  404. 		}
    405. 

  405. 		
    406. 

  406. 		if ( ! $dynamic)
    407. 

  407. 		{
    408. 

  408. 			// When we are only showing comments and it is not based on an entry id or url title
    409. 

  409. 			// in the URL, we can make the query much more efficient and save some work.
    410. 

  410. 

  411. 			if (isset($entry_ids) && count($entry_ids) > 0)
    412. 

  412. 			{
    413. 

  413. 				$this->EE->db->where_in('entry_id', $entry_ids);
    414. 

  414. 			}
    415. 

  415. 			
    416. 

  416. 			$total_rows = $this->EE->db->count_all_results('comments');
    417. 

  417. 

  418. 			// We lose these in the counting process
    419. 

  419. 			$this->EE->db->select('comment_date, comment_id');
    420. 

  420. 			
    421. 

  421. 			if ($comment_sql)
    422. 

  422. 			{
    423. 

  423. 				$this->EE->db->where($comment_sql, NULL, FALSE);
    424. 

  424. 			}
    425. 

  425. 			else
    426. 

  426. 			{
    427. 

  427. 				$this->EE->db->where('status', 'o');
    428. 

  428. 			}
    429. 

  429. 			
    430. 

  430. 			if (isset($entry_ids) && count($entry_ids) > 0)
    431. 

  431. 			{
    432. 

  432. 				$this->EE->db->where_in('entry_id', $entry_ids);
    433. 

  433. 			}						
    434. 

  434. 

  435. 			$this_sort = ($random) ? 'random' : strtolower($sort);
    436. 

  436. 			$this_page = ($current_page == '' OR ($limit > 1 AND $current_page == 1)) ? 0 : $current_page;
    437. 

  437. 

  438. 			$this->EE->db->order_by($order_by, $this_sort);
    439. 

  439. 			$this->EE->db->limit($limit, $this_page);
    440. 

  440. 		}
    441. 

  441. 		else
    442. 

  442. 		{
    443. 

  443. 			// Force entry may result in multiple entry ids
    444. 

  444. 			if (isset($entry_ids) && count($entry_ids) > 0)
    445. 

  445. 			{
    446. 

  446. 				$this->EE->db->where_in('entry_id', $entry_ids);
    447. 

  447. 			}
    448. 

  448. 			else
    449. 

  449. 			{
    450. 

  450. 				$this->EE->db->where('entry_id', $entry_id);
    451. 

  451. 			}
    452. 

  452. 			
    453. 

  453. 			$this_sort = ($random) ? 'random' : strtolower($sort);
    454. 

  454. 

  455. 			$this->EE->db->order_by($order_by, $this_sort);
    456. 

  456. 		}
    457. 

  457. 

  458. 		$query = $this->EE->db->get('comments');
    459. 

  459. 		$result_ids = array();
    460. 

  460. 

  461. 

  462. 		if ($query->num_rows() > 0)
    463. 

  463. 		{
    464. 

  464. 			foreach ($query->result_array() as $row)
    465. 

  465. 			{
    466. 

  466. 				$result_ids[] = $row['comment_id'];
    467. 

  467. 			}
    468. 

  468. 		}
    469. 

  469. 

  470. 		// We are done with this
    471. 

  471. 		$this->EE->db->flush_cache();
    472. 

  472. 		$this->EE->db->stop_cache();
    473. 

  473. 

  474. 		/** ------------------------------------
    475. 

  475. 		/**  No results?  No reason to continue...
    476. 

  476. 		/** ------------------------------------*/
    477. 

  477. 

  478. 		if (count($result_ids) == 0)
    479. 

  479. 		{
    480. 

  480. 			return $this->EE->TMPL->no_results();
    481. 

  481. 		}
    482. 

  482. 

  483. 

  484. 		/** ---------------------------------
    485. 

  485. 		/**  Do we need pagination?
    486. 

  486. 		/** ---------------------------------*/
    487. 

  487. 

  488. 		// When showing only comments and no using the URL, then we already have this value
    489. 

  489. 

  490. 		if ($dynamic)
    491. 

  491. 		{
    492. 

  492. 			$total_rows = count($result_ids);
    493. 

  493. 		}
    494. 

  494. 

  495. 		if (preg_match("/".LD."paginate(.*?)".RD."(.+?)".LD.'\/'."paginate".RD."/s", $this->EE->TMPL->tagdata, $match))
    496. 

  496. 		{
    497. 

  497. 			$paginate		= TRUE;
    498. 

  498. 			$paginate_data	= $match['2'];
    499. 

  499. 			$anchor = '';
    500. 

  500. 

  501. 			if ($match['1'] != '')
    502. 

  502. 			{
    503. 

  503. 				if (preg_match("/anchor.*?=[\"|\'](.+?)[\"|\']/", $match['1'], $amatch))
    504. 

  504. 				{
    505. 

  505. 					$anchor = '#'.$amatch['1'];
    506. 

  506. 				}
    507. 

  507. 			}
    508. 

  508. 

  509. 			$this->EE->TMPL->tagdata = preg_replace("/".LD."paginate.*?".RD.".+?".LD.'\/'."paginate".RD."/s", "", $this->EE->TMPL->tagdata);
    510. 

  510. 

  511. 			$current_page = ($current_page == '' OR ($limit > 1 AND $current_page == 1)) ? 0 : $current_page;
    512. 

  512. 

  513. 			if ($current_page > $total_rows)
    514. 

  514. 			{
    515. 

  515. 				$current_page = 0;
    516. 

  516. 			}
    517. 

  517. 

  518. 			$t_current_page = floor(($current_page / $limit) + 1);
    519. 

  519. 			$total_pages	= intval(floor($total_rows / $limit));
    520. 

  520. 

  521. 			if ($total_rows % $limit)
    522. 

  522. 				$total_pages++;
    523. 

  523. 

  524. 			if ($total_rows > $limit)
    525. 

  525. 			{
    526. 

  526. 				$this->EE->load->library('pagination');
    527. 

  527. 

  528. 				$deft_tmpl = '';
    529. 

  529. 

  530. 				if ($uristr == '')
    531. 

  531. 				{
    532. 

  532. 					if ($this->EE->config->item('template_group') == '')
    533. 

  533. 					{
    534. 

  534. 						$this->EE->db->select('group_name');
    535. 

  535. 						$query = $this->EE->db->get_where('template_groups', array('is_site_default' => 'y'));
    536. 

  536. 						
    537. 

  537. 						$deft_tmpl = $query->row('group_name') .'/index';
    538. 

  538. 					}
    539. 

  539. 					else
    540. 

  540. 					{
    541. 

  541. 						$deft_tmpl  = $this->EE->config->item('template_group').'/';
    542. 

  542. 						$deft_tmpl .= ($this->EE->config->item('template') == '') ? 'index' : $this->EE->config->item('template');
    543. 

  543. 					}
    544. 

  544. 				}
    545. 

  545. 

  546. 				$basepath = $this->EE->functions->remove_double_slashes($this->EE->functions->create_url($uristr, FALSE).'/'.$deft_tmpl);
    547. 

  547. 

  548. 				if ($this->EE->TMPL->fetch_param('paginate_base'))
    549. 

  549. 				{
    550. 

  550. 					// Load the string helper
    551. 

  551. 					$this->EE->load->helper('string');
    552. 

  552. 

  553. 					$pbase = trim_slashes($this->EE->TMPL->fetch_param('paginate_base'));
    554. 

  554. 

  555. 					$pbase = str_replace("/index", "/", $pbase);
    556. 

  556. 

  557. 					if ( ! strstr($basepath, $pbase))
    558. 

  558. 					{
    559. 

  559. 						$basepath = $this->EE->functions->remove_double_slashes($basepath.'/'.$pbase);
    560. 

  560. 					}
    561. 

  561. 				}
    562. 

  562. 

  563. 				$config['first_url'] 	= rtrim($basepath, '/').$anchor;
    564. 

  564. 				$config['base_url']		= $basepath;
    565. 

  565. 				$config['prefix']		= ( ! $dynamic) ? 'N' : 'P';
    566. 

  566. 				$config['total_rows'] 	= $total_rows;
    567. 

  567. 				$config['per_page']		= $limit;
    568. 

  568. 				$config['cur_page']		= $current_page;
    569. 

  569. 				$config['suffix']		= $anchor;
    570. 

  570. 				$config['first_link'] 	= $this->EE->lang->line('pag_first_link');
    571. 

  571. 				$config['last_link'] 	= $this->EE->lang->line('pag_last_link');
    572. 

  572. 				
    573. 

  573. 				// Allows $config['cur_page'] to override
    574. 

  574. 				$config['uri_segment'] = 0;
    575. 

  575. 

  576. 				$this->EE->pagination->initialize($config);
    577. 

  577. 				$pagination_links = $this->EE->pagination->create_links();
    578. 

  578. 

  579. 				if ((($total_pages * $limit) - $limit) > $current_page)
    580. 

  580. 				{
    581. 

  581. 					$page_next = $basepath.$config['prefix'].($current_page + $limit).'/';
    582. 

  582. 				}
    583. 

  583. 

  584. 				if (($current_page - $limit ) >= 0)
    585. 

  585. 				{
    586. 

  586. 					$page_previous = $basepath.$config['prefix'].($current_page - $limit).'/';
    587. 

  587. 				}
    588. 

  588. 			}
    589. 

  589. 			else
    590. 

  590. 			{
    591. 

  591. 				$current_page = '';
    592. 

  592. 			}
    593. 

  593. 		}
    594. 

  594. 

  595. 		// When only non-dynamic comments are shown, all results are valid as the
    596. 

  596. 		// query is restricted with a LIMIT clause
    597. 

  597. 		if ($dynamic)
    598. 

  598. 		{
    599. 

  599. 			if ($current_page == '')
    600. 

  600. 			{
    601. 

  601. 				$result_ids = array_slice($result_ids, 0, $limit);
    602. 

  602. 			}
    603. 

  603. 			else
    604. 

  604. 			{
    605. 

  605. 				$result_ids = array_slice($result_ids, $current_page, $limit);
    606. 

  606. 			}
    607. 

  607. 		}
    608. 

  608. 		
    609. 

  609. 		/** -----------------------------------
    610. 

  610. 		/**  Fetch Comments if necessary
    611. 

  611. 		/** -----------------------------------*/
    612. 

  612. 

  613. 		$results = $result_ids;
    614. 

  614. 		$mfields = array();
    615. 

  615. 

  616. 		/** ----------------------------------------
    617. 

  617. 		/**  "Search by Member" link
    618. 

  618. 		/** ----------------------------------------*/
    619. 

  619. 		// We use this with the {member_search_path} variable
    620. 

  620. 

  621. 		$result_path = (preg_match("/".LD."member_search_path\s*=(.*?)".RD."/s", $this->EE->TMPL->tagdata, $match)) ? $match['1'] : 'search/results';
    622. 

  622. 		$result_path = str_replace("\"", "", $result_path);
    623. 

  623. 		$result_path = str_replace("'",  "", $result_path);
    624. 

  624. 

  625. 		$search_link = $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$this->EE->functions->fetch_action_id('Search', 'do_search').'&amp;result_path='.$result_path.'&amp;mbr=';
    626. 

  626. 

  627. 		$this->EE->db->select('comments.comment_id, comments.entry_id, comments.channel_id, comments.author_id, comments.name, comments.email, comments.url, comments.location AS c_location, comments.ip_address, comments.comment_date, comments.edit_date, comments.comment, comments.site_id AS comment_site_id,
    628. 

  628. 										members.username, members.group_id, members.location, members.occupation, members.interests, members.aol_im, members.yahoo_im, members.msn_im, members.icq, members.group_id, members.member_id, members.signature, members.sig_img_filename, members.sig_img_width, members.sig_img_height, members.avatar_filename, members.avatar_width, members.avatar_height, members.photo_filename, members.photo_width, members.photo_height,
    629. 

  629. 										member_data.*,
    630. 

  630. 										channel_titles.title, channel_titles.url_title, channel_titles.author_id AS entry_author_id,
    631. 

  631. 										channels.comment_text_formatting, channels.comment_html_formatting, channels.comment_allow_img_urls, channels.comment_auto_link_urls, channels.channel_url, channels.comment_url, channels.channel_title'
    632. 

  632. 				);
    633. 

  633. 				
    634. 

  634. 		$this->EE->db->join('channels',			'comments.channel_id = channels.channel_id',	'left');
    635. 

  635. 		$this->EE->db->join('channel_titles',	'comments.entry_id = channel_titles.entry_id',	'left');
    636. 

  636. 		$this->EE->db->join('members',			'members.member_id = comments.author_id',		'left');
    637. 

  637. 		$this->EE->db->join('member_data',		'member_data.member_id = members.member_id',	'left');
    638. 

  638. 				
    639. 

  639. 		$this->EE->db->where_in('comments.comment_id', $result_ids);
    640. 

  640. 		$this->EE->db->order_by($order_by, $this_sort);
    641. 

  641. 				
    642. 

  642. 		$query = $this->EE->db->get('comments');
    643. 

  643. 				
    644. 

  644. 		$total_results = $query->num_rows();
    645. 

  645. 		
    646. 

  646. 		if ($query->num_rows() > 0)
    647. 

  647. 		{
    648. 

  648. 			$i = 0;
    649. 

  649. 			foreach ($query->result_array() as $row)
    650. 

  650. 			{
    651. 

  651. 				$results[$row['comment_id']] = $query->result_array[$i];
    652. 

  652. 				$i++;
    653. 

  653. 			}
    654. 

  654. 					
    655. 

  655. 		// Potentially a lot of information
    656. 

  656. 		$query->free_result();
    657. 

  657. 		}
    658. 

  658. 

  659. 		/** ----------------------------------------
    660. 

  660. 		/**  Fetch custom member field IDs
    661. 

  661. 		/** ----------------------------------------*/
    662. 

  662. 

  663. 		$this->EE->db->select('m_field_id, m_field_name');
    664. 

  664. 		$query = $this->EE->db->get('member_fields');
    665. 

  665. 

  666. 		if ($query->num_rows() > 0)
    667. 

  667. 		{
    668. 

  668. 			foreach ($query->result_array() as $row)
    669. 

  669. 			{
    670. 

  670. 				$mfields[$row['m_field_name']] = $row['m_field_id'];
    671. 

  671. 			}
    672. 

  672. 		}
    673. 

  673. 

  674. 		/** ----------------------------------------
    675. 

  675. 		/**  Instantiate Typography class
    676. 

  676. 		/** ----------------------------------------*/
    677. 

  677. 

  678. 		$config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
    679. 

  679. 		
    680. 

  680. 		$this->EE->load->library('typography');
    681. 

  681. 		$this->EE->typography->initialize($config);
    682. 

  682. 		
    683. 

  683. 		$this->EE->typography->parse_images = FALSE;
    684. 

  684. 		$this->EE->typography->allow_headings = FALSE;
    685. 

  685. 

  686. 		/** ----------------------------------------
    687. 

  687. 		/**  Fetch all the date-related variables
    688. 

  688. 		/** ----------------------------------------*/
    689. 

  689. 

  690. 		$gmt_comment_date	= array();
    691. 

  691. 		$comment_date		= array();
    692. 

  692. 		$edit_date			= array();
    693. 

  693. 

  694. 		// We do this here to avoid processing cycles in the foreach loop
    695. 

  695. 

  696. 		$date_vars = array('gmt_comment_date', 'comment_date', 'edit_date');
    697. 

  697. 

  698. 		foreach ($date_vars as $val)
    699. 

  699. 		{
    700. 

  700. 			if (preg_match_all("/".LD.$val."\s+format=[\"'](.*?)[\"']".RD."/s", $this->EE->TMPL->tagdata, $matches))
    701. 

  701. 			{
    702. 

  702. 				for ($j = 0; $j < count($matches['0']); $j++)
    703. 

  703. 				{
    704. 

  704. 					$matches['0'][$j] = str_replace(LD, '', $matches['0'][$j]);
    705. 

  705. 					$matches['0'][$j] = str_replace(RD, '', $matches['0'][$j]);
    706. 

  706. 

  707. 					switch ($val)
    708. 

  708. 					{
    709. 

  709. 						case 'comment_date' 	: $comment_date[$matches['0'][$j]] = $this->EE->localize->fetch_date_params($matches['1'][$j]);
    710. 

  710. 							break;
    711. 

  711. 						case 'gmt_comment_date' : $gmt_comment_date[$matches['0'][$j]] = $this->EE->localize->fetch_date_params($matches['1'][$j]);
    712. 

  712. 							break;
    713. 

  713. 						case 'edit_date'		: $edit_date[$matches['0'][$j]] = $this->EE->localize->fetch_date_params($matches['1'][$j]);
    714. 

  714. 							break;
    715. 

  715. 					}
    716. 

  716. 				}
    717. 

  717. 			}
    718. 

  718. 		}
    719. 

  719. 

  720. 		/** ----------------------------------------
    721. 

  721. 		/**  Protected Variables for Cleanup Routine
    722. 

  722. 		/** ----------------------------------------*/
    723. 

  723. 

  724. 		// Since comments do not necessarily require registration, and since
    725. 

  725. 		// you are allowed to put member variables in comments, we need to kill
    726. 

  726. 		// left-over unparsed junk.  The $member_vars array is all of those
    727. 

  727. 		// member related variables that should be removed.
    728. 

  728. 

  729. 		$member_vars = array('location', 'occupation', 'interests', 'aol_im', 'yahoo_im', 'msn_im', 'icq',
    730. 

  730. 							 'signature', 'sig_img_filename', 'sig_img_width', 'sig_img_height',
    731. 

  731. 							 'avatar_filename', 'avatar_width', 'avatar_height',
    732. 

  732. 							 'photo_filename', 'photo_width', 'photo_height');
    733. 

  733. 

  734. 		$member_cond_vars = array();
    735. 

  735. 

  736. 		foreach($member_vars as $var)
    737. 

  737. 		{
    738. 

  738. 			$member_cond_vars[$var] = '';
    739. 

  739. 		}
    740. 

  740. 

  741. 

  742. 		/** ----------------------------------------
    743. 

  743. 		/**  Start the processing loop
    744. 

  744. 		/** ----------------------------------------*/
    745. 

  745. 

  746. 		$item_count = 0;
    747. 

  747. 

  748. 		$relative_count = 0;
    749. 

  749. 		$absolute_count = ($current_page == '') ? 0 : $current_page;
    750. 

  750. 

  751. 		foreach ($results as $id => $row)
    752. 

  752. 		{
    753. 

  753. 			if ( ! is_array($row))
    754. 

  754. 				continue;
    755. 

  755. 

  756. 			$relative_count++;
    757. 

  757. 			$absolute_count++;
    758. 

  758. 

  759. 			$row['count']			= $relative_count;
    760. 

  760. 			$row['absolute_count']	= $absolute_count;
    761. 

  761. 			$row['total_comments']	= $total_rows;
    762. 

  762. 			$row['total_results']	= $total_results;
    763. 

  763. 

  764. 			// This lets the {if location} variable work
    765. 

  765. 

  766. 			if (isset($row['author_id']))
    767. 

  767. 			{
    768. 

  768. 				if ($row['author_id'] == 0)
    769. 

  769. 					$row['location'] = $row['c_location'];
    770. 

  770. 			}
    771. 

  771. 

  772. 			$tagdata = $this->EE->TMPL->tagdata;
    773. 

  773. 

  774. 			// -------------------------------------------
    775. 

  775. 			// 'comment_entries_tagdata' hook.
    776. 

  776. 			//  - Modify and play with the tagdata before everyone else
    777. 

  777. 			//
    778. 

  778. 				if ($this->EE->extensions->active_hook('comment_entries_tagdata') === TRUE)
    779. 

  779. 				{
    780. 

  780. 					$tagdata = $this->EE->extensions->call('comment_entries_tagdata', $tagdata, $row);
    781. 

  781. 					if ($this->EE->extensions->end_script === TRUE) return $tagdata;
    782. 

  782. 				}
    783. 

  783. 			//
    784. 

  784. 			// -------------------------------------------
    785. 

  785. 

  786. 			/** ----------------------------------------
    787. 

  787. 			/**  Conditionals
    788. 

  788. 			/** ----------------------------------------*/
    789. 

  789. 			$cond = array_merge($member_cond_vars, $row);
    790. 

  790. 			$cond['comments']			= (substr($id, 0, 1) == 't') ? 'FALSE' : 'TRUE';
    791. 

  791. 			$cond['logged_in']			= ($this->EE->session->userdata('member_id') == 0) ? 'FALSE' : 'TRUE';
    792. 

  792. 			$cond['logged_out']			= ($this->EE->session->userdata('member_id') != 0) ? 'FALSE' : 'TRUE';
    793. 

  793. 			$cond['allow_comments'] 	= (isset($row['allow_comments']) AND $row['allow_comments'] == 'n') ? 'FALSE' : 'TRUE';
    794. 

  794. 			$cond['signature_image']	= ( ! isset($row['sig_img_filename']) OR $row['sig_img_filename'] == '' OR $this->EE->config->item('enable_signatures') == 'n' OR $this->EE->session->userdata('display_signatures') == 'n') ? 'FALSE' : 'TRUE';
    795. 

  795. 			$cond['avatar']				= ( ! isset($row['avatar_filename']) OR $row['avatar_filename'] == '' OR $this->EE->config->item('enable_avatars') == 'n' OR $this->EE->session->userdata('display_avatars') == 'n') ? 'FALSE' : 'TRUE';
    796. 

  796. 			$cond['photo']				= ( ! isset($row['photo_filename']) OR $row['photo_filename'] == '' OR $this->EE->config->item('enable_photos') == 'n' OR $this->EE->session->userdata('display_photos') == 'n') ? 'FALSE' : 'TRUE';
    797. 

  797. 			$cond['is_ignored']			= ( ! isset($row['member_id']) OR ! in_array($row['member_id'], $this->EE->session->userdata['ignore_list'])) ? 'FALSE' : 'TRUE';
    798. 

  798. 			
    799. 

  799. 			$cond['editable'] = FALSE;
    800. 

  800. 			$cond['can_moderate_comment'] = FALSE;
    801. 

  801. 			
    802. 

  802. 		if ($this->EE->session->userdata['group_id'] == 1 OR 
    803. 

  803. 			$this->EE->session->userdata['can_edit_all_comments'] == 'y' OR 
    804. 

  804. 			($this->EE->session->userdata['can_edit_own_comments'] == 'y' && $row['entry_author_id'] == $this->EE->session->userdata['member_id']))
    805. 

  805. 			{
    806. 

  806. 				$cond['editable'] = TRUE;
    807. 

  807. 				$cond['can_moderate_comment'] = TRUE;								
    808. 

  808. 			}
    809. 

  809. 			elseif ($this->EE->session->userdata['member_id'] != '0'  && $author_id == $this->EE->session->userdata['member_id'])
    810. 

  810. 			{
    811. 

  811. 				$cond['editable'] = TRUE;
    812. 

  812. 			}			
    813. 

  813. 

  814. 			if ( isset($mfields) && is_array($mfields) && count($mfields) > 0)
    815. 

  815. 			{
    816. 

  816. 				foreach($mfields as $key => $value)
    817. 

  817. 				{
    818. 

  818. 					if (isset($row['m_field_id_'.$value]))
    819. 

  819. 						$cond[$key] = $row['m_field_id_'.$value];
    820. 

  820. 				}
    821. 

  821. 			}
    822. 

  822. 

  823. 			$tagdata = $this->EE->functions->prep_conditionals($tagdata, $cond);
    824. 

  824. 

  825. 			/** ----------------------------------------
    826. 

  826. 			/**  Parse "single" variables
    827. 

  827. 			/** ----------------------------------------*/
    828. 

  828. 			foreach ($this->EE->TMPL->var_single as $key => $val)
    829. 

  829. 			{
    830. 

  830. 

  831. 				/** ----------------------------------------
    832. 

  832. 				/**  parse {switch} variable
    833. 

  833. 				/** ----------------------------------------*/
    834. 

  834. 

  835. 				if (strncmp($key, 'switch', 6) == 0)
    836. 

  836. 				{
    837. 

  837. 					$sparam = $this->EE->functions->assign_parameters($key);
    838. 

  838. 

  839. 					$sw = '';
    840. 

  840. 

  841. 					if (isset($sparam['switch']))
    842. 

  842. 					{
    843. 

  843. 						$sopt = @explode("|", $sparam['switch']);
    844. 

  844. 

  845. 						$sw = $sopt[($relative_count + count($sopt) - 1) % count($sopt)];
    846. 

  846. 					}
    847. 

  847. 

  848. 					$tagdata = $this->EE->TMPL->swap_var_single($key, $sw, $tagdata);
    849. 

  849. 				}
    850. 

  850. 

  851. 

  852. 

  853. 				/** ----------------------------------------
    854. 

  854. 				/**  parse permalink
    855. 

  855. 				/** ----------------------------------------*/
    856. 

  856. 

  857. 				if ($key == 'permalink' && isset($row['comment_id']))
    858. 

  858. 				{
    859. 

  859. 						$tagdata = $this->EE->TMPL->swap_var_single(
    860. 

  860. 															$key,
    861. 

  861. 															$this->EE->functions->create_url($uristr.'#'.$row['comment_id'], FALSE),
    862. 

  862. 															$tagdata
    863. 

  863. 														 );
    864. 

  864. 				}
    865. 

  865. 

  866. 				/** ----------------------------------------
    867. 

  867. 				/**  parse comment_path
    868. 

  868. 				/** ----------------------------------------*/
    869. 

  869. 

  870. 				if (strncmp($key, 'comment_path', 12) == 0 OR strncmp($key, 'entry_id_path', 13) == 0)
    871. 

  871. 				{
    872. 

  872. 					$tagdata = $this->EE->TMPL->swap_var_single(
    873. 

  873. 														$key,
    874. 

  874. 														$this->EE->functions->create_url($this->EE->functions->extract_path($key).'/'.$row['entry_id']),
    875. 

  875. 														$tagdata
    876. 

  876. 													 );
    877. 

  877. 				}
    878. 

  878. 

  879. 

  880. 				/** ----------------------------------------
    881. 

  881. 				/**  parse title permalink
    882. 

  882. 				/** ----------------------------------------*/
    883. 

  883. 

  884. 				if (strncmp($key, 'title_permalink', 15) == 0 OR strncmp($key, 'url_title_path', 14) == 0)
    885. 

  885. 				{
    886. 

  886. 					$path = ($this->EE->functions->extract_path($key) != '' AND $this->EE->functions->extract_path($key) != 'SITE_INDEX') ? $this->EE->functions->extract_path($key).'/'.$row['url_title'] : $row['url_title'];
    887. 

  887. 

  888. 					$tagdata = $this->EE->TMPL->swap_var_single(
    889. 

  889. 														$key,
    890. 

  890. 														$this->EE->functions->create_url($path, FALSE),
    891. 

  891. 														$tagdata
    892. 

  892. 													 );
    893. 

  893. 				}
    894. 

  894. 

  895. 				/** ----------------------------------------
    896. 

  896. 				/**  parse comment date
    897. 

  897. 				/** ----------------------------------------*/
    898. 

  898. 

  899. 				if (isset($comment_date[$key]) && isset($row['comment_date']))
    900. 

  900. 				{
    901. 

  901. 					foreach ($comment_date[$key] as $dvar)
    902. 

  902. 					{
    903. 

  903. 						$val = str_replace($dvar, $this->EE->localize->convert_timestamp($dvar, $row['comment_date'], TRUE), $val);
    904. 

  904. 					}
    905. 

  905. 

  906. 					$tagdata = $this->EE->TMPL->swap_var_single($key, $val, $tagdata);
    907. 

  907. 				}
    908. 

  908. 

  909. 				/** ----------------------------------------
    910. 

  910. 				/**  parse GMT comment date
    911. 

  911. 				/** ----------------------------------------*/
    912. 

  912. 

  913. 				if (isset($gmt_comment_date[$key]) && isset($row['comment_date']))
    914. 

  914. 				{
    915. 

  915. 					foreach ($gmt_comment_date[$key] as $dvar)
    916. 

  916. 					{
    917. 

  917. 						$val = str_replace($dvar, $this->EE->localize->convert_timestamp($dvar, $row['comment_date'], FALSE), $val);
    918. 

  918. 					}
    919. 

  919. 

  920. 					$tagdata = $this->EE->TMPL->swap_var_single($key, $val, $tagdata);
    921. 

  921. 				}
    922. 

  922. 

  923. 				/** ----------------------------------------
    924. 

  924. 				/**  parse "last edit" date
    925. 

  925. 				/** ----------------------------------------*/
    926. 

  926. 

  927. 				if (isset($edit_date[$key]))
    928. 

  928. 				{
    929. 

  929. 					if (isset($row['edit_date']))
    930. 

  930. 					{
    931. 

  931. 						foreach ($edit_date[$key] as $dvar)
    932. 

  932. 							$val = str_replace($dvar, $this->EE->localize->convert_timestamp($dvar, $this->EE->localize->timestamp_to_gmt($row['edit_date']), TRUE), $val);
    933. 

  933. 

  934. 						$tagdata = $this->EE->TMPL->swap_var_single($key, $val, $tagdata);
    935. 

  935. 					}
    936. 

  936. 				}
    937. 

  937. 

  938. 

  939. 				/** ----------------------------------------
    940. 

  940. 				/**  {member_search_path}
    941. 

  941. 				/** ----------------------------------------*/
    942. 

  942. 

  943. 				if (strncmp($key, 'member_search_path', 18) == 0)
    944. 

  944. 				{
    945. 

  945. 					$tagdata = $this->EE->TMPL->swap_var_single($key, $search_link.$row['author_id'], $tagdata);
    946. 

  946. 				}
    947. 

  947. 

  948. 				// Prep the URL
    949. 

  949. 				if (isset($row['url']))
    950. 

  950. 				{
    951. 

  951. 					$this->EE->load->helper('url');
    952. 

  952. 					$row['url'] = prep_url($row['url']);
    953. 

  953. 				}
    954. 

  954. 

  955. 				/** ----------------------------------------
    956. 

  956. 				/**  {username}
    957. 

  957. 				/** ----------------------------------------*/
    958. 

  958. 				if ($key == "username")
    959. 

  959. 				{
    960. 

  960. 					$tagdata = $this->EE->TMPL->swap_var_single($val, (isset($row['username'])) ? $row['username'] : '', $tagdata);
    961. 

  961. 				}
    962. 

  962. 

  963. 				/** ----------------------------------------
    964. 

  964. 				/**  {author}
    965. 

  965. 				/** ----------------------------------------*/
    966. 

  966. 				if ($key == "author")
    967. 

  967. 				{
    968. 

  968. 					$tagdata = $this->EE->TMPL->swap_var_single($val, (isset($row['name'])) ? $row['name'] : '', $tagdata);
    969. 

  969. 				}
    970. 

  970. 

  971. 				/** ----------------------------------------
    972. 

  972. 				/**  {url_or_email} - Uses Raw Email Address, Like Channel Module
    973. 

  973. 				/** ----------------------------------------*/
    974. 

  974. 

  975. 				if ($key == "url_or_email" AND isset($row['url']))
    976. 

  976. 				{
    977. 

  977. 					$tagdata = $this->EE->TMPL->swap_var_single($val, ($row['url'] != '') ? $row['url'] : $row['email'], $tagdata);
    978. 

  978. 				}
    979. 

  979. 

  980. 

  981. 				/** ----------------------------------------
    982. 

  982. 				/**  {url_as_author}
    983. 

  983. 				/** ----------------------------------------*/
    984. 

  984. 				if ($key == "url_as_author" AND isset($row['url']))
    985. 

  985. 				{
    986. 

  986. 					if ($row['url'] != '')
    987. 

  987. 					{
    988. 

  988. 						$tagdata = $this->EE->TMPL->swap_var_single($val, "<a href=\"".$row['url']."\">".$row['name']."</a>", $tagdata);
    989. 

  989. 					}
    990. 

  990. 					else
    991. 

  991. 					{
    992. 

  992. 						$tagdata = $this->EE->TMPL->swap_var_single($val, $row['name'], $tagdata);
    993. 

  993. 					}
    994. 

  994. 				}
    995. 

  995. 

  996. 				/** ----------------------------------------
    997. 

  997. 				/**  {url_or_email_as_author}
    998. 

  998. 				/** ----------------------------------------*/
    999. 

  999. 

  1000. 				if ($key == "url_or_email_as_author" AND isset($row['url']))
    1001. 

  1001. 				{
    1002. 

  1002. 					if ($row['url'] != '')
    1003. 

  1003. 					{
    1004. 

  1004. 						$tagdata = $this->EE->TMPL->swap_var_single($val, "<a href=\"".$row['url']."\">".$row['name']."</a>", $tagdata);
    1005. 

  1005. 					}
    1006. 

  1006. 					else
    1007. 

  1007. 					{
    1008. 

  1008. 						if ($row['email'] != '')
    1009. 

  1009. 						{
    1010. 

  1010. 							$tagdata = $this->EE->TMPL->swap_var_single($val, $this->EE->typography->encode_email($row['email'], $row['name']), $tagdata);
    1011. 

  1011. 						}
    1012. 

  1012. 						else
    1013. 

  1013. 						{
    1014. 

  1014. 							$tagdata = $this->EE->TMPL->swap_var_single($val, $row['name'], $tagdata);
    1015. 

  1015. 						}
    1016. 

  1016. 					}
    1017. 

  1017. 				}
    1018. 

  1018. 

  1019. 				/** ----------------------------------------
    1020. 

  1020. 				/**  {url_or_email_as_link}
    1021. 

  1021. 				/** ----------------------------------------*/
    1022. 

  1022. 

  1023. 				if ($key == "url_or_email_as_link" AND isset($row['url']))
    1024. 

  1024. 				{
    1025. 

  1025. 					if ($row['url'] != '')
    1026. 

  1026. 					{
    1027. 

  1027. 						$tagdata = $this->EE->TMPL->swap_var_single($val, "<a href=\"".$row['url']."\">".$row['url']."</a>", $tagdata);
    1028. 

  1028. 					}
    1029. 

  1029. 					else
    1030. 

  1030. 					{
    1031. 

  1031. 						if ($row['email'] != '')
    1032. 

  1032. 						{
    1033. 

  1033. 							$tagdata = $this->EE->TMPL->swap_var_single($val, $this->EE->typography->encode_email($row['email']), $tagdata);
    1034. 

  1034. 						}
    1035. 

  1035. 						else
    1036. 

  1036. 						{
    1037. 

  1037. 							$tagdata = $this->EE->TMPL->swap_var_single($val, $row['name'], $tagdata);
    1038. 

  1038. 						}
    1039. 

  1039. 					}
    1040. 

  1040. 				}
    1041. 

  1041. 

  1042. 				/** ----------------------------------------
    1043. 

  1043. 				/**  {comment_auto_path}
    1044. 

  1044. 				/** ----------------------------------------*/
    1045. 

  1045. 

  1046. 				if ($key == "comment_auto_path")
    1047. 

  1047. 				{
    1048. 

  1048. 					$path = ($row['comment_url'] == '') ? $row['channel_url'] : $row['comment_url'];
    1049. 

  1049. 

  1050. 					$tagdata = $this->EE->TMPL->swap_var_single($key, $path, $tagdata);
    1051. 

  1051. 				}
    1052. 

  1052. 

  1053. 				/** ----------------------------------------
    1054. 

  1054. 				/**  {comment_url_title_auto_path}
    1055. 

  1055. 				/** ----------------------------------------*/
    1056. 

  1056. 

  1057. 				if ($key == "comment_url_title_auto_path")
    1058. 

  1058. 				{
    1059. 

  1059. 					$path = ($row['comment_url'] == '') ? $row['channel_url'] : $row['comment_url'];
    1060. 

  1060. 

  1061. 					$tagdata = $this->EE->TMPL->swap_var_single(
    1062. 

  1062. 															$key,
    1063. 

  1063. 															$path.'/'.$row['url_title'],
    1064. 

  1064. 															$tagdata
    1065. 

  1065. 														 );
    1066. 

  1066. 				}
    1067. 

  1067. 

  1068. 				/** ----------------------------------------
    1069. 

  1069. 				/**  {comment_entry_id_auto_path}
    1070. 

  1070. 				/** ----------------------------------------*/
    1071. 

  1071. 

  1072. 				if ($key == "comment_entry_id_auto_path")
    1073. 

  1073. 				{
    1074. 

  1074. 					$path = ($row['comment_url'] == '') ? $row['channel_url'] : $row['comment_url'];
    1075. 

  1075. 

  1076. 					$tagdata = $this->EE->TMPL->swap_var_single(
    1077. 

  1077. 															$key,
    1078. 

  1078. 															$path.'/'.$row['entry_id'],
    1079. 

  1079. 															$tagdata
    1080. 

  1080. 														 );
    1081. 

  1081. 				}
    1082. 

  1082. 

  1083. 

  1084. 				/** ----------------------------------------
    1085. 

  1085. 				/**  parse comment_stripped field
    1086. 

  1086. 				/** ----------------------------------------*/
    1087. 

  1087. 

  1088. 				if ($key == "comment_stripped" AND isset($row['comment']))
    1089. 

  1089. 				{
    1090. 

  1090. 

  1091. 					$tagdata = $this->EE->TMPL->swap_var_single(
    1092. 

  1092. 															$key,
    1093. 

  1093. 															$this->EE->functions->encode_ee_tags($row['comment'], TRUE),
    1094. 

  1094. 															$tagdata
    1095. 

  1095. 														 );
    1096. 

  1096. 				}
    1097. 

  1097. 

  1098. 				/** ----------------------------------------
    1099. 

  1099. 				/**  parse comment field
    1100. 

  1100. 				/** ----------------------------------------*/
    1101. 

  1101. 

  1102. 				if ($key == 'comment' AND isset($row['comment']))
    1103. 

  1103. 				{
    1104. 

  1104. 					// -------------------------------------------
    1105. 

  1105. 					// 'comment_entries_comment_format' hook.
    1106. 

  1106. 					//  - Play with the tagdata contents of the comment entries
    1107. 

  1107. 					//
    1108. 

  1108. 						if ($this->EE->extensions->active_hook('comment_entries_comment_format') === TRUE)
    1109. 

  1109. 						{
    1110. 

  1110. 							$comment = $this->EE->extensions->call('comment_entries_comment_format', $row);
    1111. 

  1111. 				
    1112. 

  1112. 							if ($this->EE->extensions->end_script === TRUE) return;
    1113. 

  1113. 						}
    1114. 

  1114. 						else
    1115. 

  1115. 						{
    1116. 

  1116. 							$comment = $this->EE->typography->parse_type( $row['comment'],
    1117. 

  1117. 															array(
    1118. 

  1118. 																	'text_format'	=> $row['comment_text_formatting'],
    1119. 

  1119. 																	'html_format'	=> $row['comment_html_formatting'],
    1120. 

  1120. 																	'auto_links'	=> $row['comment_auto_link_urls'],
    1121. 

  1121. 																	'allow_img_url' => $row['comment_allow_img_urls']
    1122. 

  1122. 																)
    1123. 

  1123. 														);
    1124. 

  1124. 						}
    1125. 

  1125. 

  1126. 					$tagdata = $this->EE->TMPL->swap_var_single($key, $comment, $tagdata);
    1127. 

  1127. 				}
    1128. 

  1128. 

  1129. 				//  {location}
    1130. 

  1130. 

  1131. 				if ($key == 'location' AND (isset($row['location']) OR isset($row['c_location'])))
    1132. 

  1132. 				{
    1133. 

  1133. 					$tagdata = $this->EE->TMPL->swap_var_single($key, (empty($row['location'])) ? $row['c_location'] : $row['location'], $tagdata);
    1134. 

  1134. 				}
    1135. 

  1135. 

  1136. 

  1137. 				/** ----------------------------------------
    1138. 

  1138. 				/**  {signature}
    1139. 

  1139. 				/** ----------------------------------------*/
    1140. 

  1140. 

  1141. 				if ($key == "signature")
    1142. 

  1142. 				{
    1143. 

  1143. 					if ($this->EE->session->userdata('display_signatures') == 'n' OR  ! isset($row['signature']) OR $row['signature'] == '' OR $this->EE->session->userdata('display_signatures') == 'n')
    1144. 

  1144. 					{
    1145. 

  1145. 						$tagdata = $this->EE->TMPL->swap_var_single($key, '', $tagdata);
    1146. 

  1146. 					}
    1147. 

  1147. 					else
    1148. 

  1148. 					{
    1149. 

  1149. 						$tagdata = $this->EE->TMPL->swap_var_single($key,
    1150. 

  1150. 														$this->EE->typography->parse_type($row['signature'], array(
    1151. 

  1151. 																					'text_format'	=> 'xhtml',
    1152. 

  1152. 																					'html_format'	=> 'safe',
    1153. 

  1153. 																					'auto_links'	=> 'y',
    1154. 

  1154. 																					'allow_img_url' => $this->EE->config->item('sig_allow_img_hotlink')
    1155. 

  1155. 																				)
    1156. 

  1156. 																			), $tagdata);
    1157. 

  1157. 					}
    1158. 

  1158. 				}
    1159. 

  1159. 

  1160. 

  1161. 				if ($key == "signature_image_url")
    1162. 

  1162. 				{
    1163. 

  1163. 					if ($this->EE->session->userdata('display_signatures') == 'n' OR $row['sig_img_filename'] == ''  OR $this->EE->session->userdata('display_signatures') == 'n')
    1164. 

  1164. 					{
    1165. 

  1165. 						$tagdata = $this->EE->TMPL->swap_var_single($key, '', $tagdata);
    1166. 

  1166. 						$tagdata = $this->EE->TMPL->swap_var_single('signature_image_width', '', $tagdata);
    1167. 

  1167. 						$tagdata = $this->EE->TMPL->swap_var_single('signature_image_height', '', $tagdata);
    1168. 

  1168. 					}
    1169. 

  1169. 					else
    1170. 

  1170. 					{
    1171. 

  1171. 						$tagdata = $this->EE->TMPL->swap_var_single($key, $this->EE->config->slash_item('sig_img_url').$row['sig_img_filename'], $tagdata);
    1172. 

  1172. 						$tagdata = $this->EE->TMPL->swap_var_single('signature_image_width', $row['sig_img_width'], $tagdata);
    1173. 

  1173. 						$tagdata = $this->EE->TMPL->swap_var_single('signature_image_height', $row['sig_img_height'], $tagdata);
    1174. 

  1174. 					}
    1175. 

  1175. 				}
    1176. 

  1176. 

  1177. 				if ($key == "avatar_url")
    1178. 

  1178. 				{
    1179. 

  1179. 					if ( ! isset($row['avatar_filename']))
    1180. 

  1180. 						$row['avatar_filename'] = '';
    1181. 

  1181. 

  1182. 					if ($this->EE->session->userdata('display_avatars') == 'n' OR $row['avatar_filename'] == ''  OR $this->EE->session->userdata('display_avatars') == 'n')
    1183. 

  1183. 					{
    1184. 

  1184. 						$tagdata = $this->EE->TMPL->swap_var_single($key, '', $tagdata);
    1185. 

  1185. 						$tagdata = $this->EE->TMPL->swap_var_single('avatar_image_width', '', $tagdata);
    1186. 

  1186. 						$tagdata = $this->EE->TMPL->swap_var_single('avatar_image_height', '', $tagdata);
    1187. 

  1187. 					}
    1188. 

  1188. 					else
    1189. 

  1189. 					{
    1190. 

  1190. 						$tagdata = $this->EE->TMPL->swap_var_single($key, $this->EE->config->slash_item('avatar_url').$row['avatar_filename'], $tagdata);
    1191. 

  1191. 						$tagdata = $this->EE->TMPL->swap_var_single('avatar_image_width', $row['avatar_width'], $tagdata);
    1192. 

  1192. 						$tagdata = $this->EE->TMPL->swap_var_single('avatar_image_height', $row['avatar_height'], $tagdata);
    1193. 

  1193. 					}
    1194. 

  1194. 				}
    1195. 

  1195. 

  1196. 				if ($key == "photo_url")
    1197. 

  1197. 				{
    1198. 

  1198. 					if ( ! isset($row['photo_filename']))
    1199. 

  1199. 						$row['photo_filename'] = '';
    1200. 

  1200. 

  1201. 					if ($this->EE->session->userdata('display_photos') == 'n' OR $row['photo_filename'] == ''  OR $this->EE->session->userdata('display_photos') == 'n')
    1202. 

  1202. 					{
    1203. 

  1203. 						$tagdata = $this->EE->TMPL->swap_var_single($key, '', $tagdata);
    1204. 

  1204. 						$tagdata = $this->EE->TMPL->swap_var_single('photo_image_width', '', $tagdata);
    1205. 

  1205. 						$tagdata = $this->EE->TMPL->swap_var_single('photo_image_height', '', $tagdata);
    1206. 

  1206. 					}
    1207. 

  1207. 					else
    1208. 

  1208. 					{
    1209. 

  1209. 						$tagdata = $this->EE->TMPL->swap_var_single($key, $this->EE->config->slash_item('photo_url').$row['photo_filename'], $tagdata);
    1210. 

  1210. 						$tagdata = $this->EE->TMPL->swap_var_single('photo_image_width', $row['photo_width'], $tagdata);
    1211. 

  1211. 						$tagdata = $this->EE->TMPL->swap_var_single('photo_image_height', $row['photo_height'], $tagdata);
    1212. 

  1212. 					}
    1213. 

  1213. 				}
    1214. 

  1214. 

  1215. 

  1216. 				/** ----------------------------------------
    1217. 

  1217. 				/**  parse basic fields
    1218. 

  1218. 				/** ----------------------------------------*/
    1219. 

  1219. 

  1220. 				if (isset($row[$val]) && $val != 'member_id')
    1221. 

  1221. 				{
    1222. 

  1222. 					$tagdata = $this->EE->TMPL->swap_var_single($val, $row[$val], $tagdata);
    1223. 

  1223. 				}
    1224. 

  1224. 

  1225. 				/** ----------------------------------------
    1226. 

  1226. 				/**  parse custom member fields
    1227. 

  1227. 				/** ----------------------------------------*/
    1228. 

  1228. 

  1229. 				if ( isset($mfields[$val]))
    1230. 

  1230. 				{
    1231. 

  1231. 					// Since comments do not necessarily require registration, and since
    1232. 

  1232. 					// you are allowed to put custom member variables in comments,
    1233. 

  1233. 					// we delete them if no such row exists
    1234. 

  1234. 

  1235. 					$return_val = (isset($row['m_field_id_'.$mfields[$val]])) ? $row['m_field_id_'.$mfields[$val]] : '';
    1236. 

  1236. 

  1237. 					$tagdata = $this->EE->TMPL->swap_var_single(
    1238. 

  1238. 														$val,
    1239. 

  1239. 														$return_val,
    1240. 

  1240. 														$tagdata
    1241. 

  1241. 													  );
    1242. 

  1242. 				}
    1243. 

  1243. 

  1244. 				/** ----------------------------------------
    1245. 

  1245. 				/**  Clean up left over member variables
    1246. 

  1246. 				/** ----------------------------------------*/
    1247. 

  1247. 

  1248. 				if (in_array($val, $member_vars))
    1249. 

  1249. 				{
    1250. 

  1250. 					$tagdata = str_replace(LD.$val.RD, '', $tagdata);
    1251. 

  1251. 				}
    1252. 

  1252. 			}
    1253. 

  1253. 

  1254. 			if ($this->show_anchor == TRUE)
    1255. 

  1255. 			{
    1256. 

  1256. 				$return .= "<a name=\"".$item_count."\"></a>\n";
    1257. 

  1257. 			}
    1258. 

  1258. 

  1259. 			$return .= $tagdata;
    1260. 

  1260. 

  1261. 			$item_count++;
    1262. 

  1262. 		}
    1263. 

  1263. 

  1264. 		/** ----------------------------------------
    1265. 

  1265. 		/**  Parse path variable
    1266. 

  1266. 		/** ----------------------------------------*/
    1267. 

  1267. 

  1268. 		$return = preg_replace_callback("/".LD."\s*path=(.+?)".RD."/", array(&$this->EE->functions, 'create_url'), $return);
    1269. 

  1269. 

  1270. 		/** ----------------------------------------
    1271. 

  1271. 		/**  Add pagination to result
    1272. 

  1272. 		/** ----------------------------------------*/
    1273. 

  1273. 		if ($paginate == TRUE)
    1274. 

  1274. 		{
    1275. 

  1275. 			$paginate_data = str_replace(LD.'current_page'.RD, 	$t_current_page, 	$paginate_data);
    1276. 

  1276. 			$paginate_data = str_replace(LD.'total_pages'.RD,		$total_pages,  		$paginate_data);
    1277. 

  1277. 			$paginate_data = str_replace(LD.'pagination_links'.RD,	$pagination_links,	$paginate_data);
    1278. 

  1278. 

  1279. 			if (preg_match("/".LD."if previous_page".RD."(.+?)".LD.'\/'."if".RD."/s", $paginate_data, $match))
    1280. 

  1280. 			{
    1281. 

  1281. 				if ($page_previous == '')
    1282. 

  1282. 				{
    1283. 

  1283. 					 $paginate_data = preg_replace("/".LD."if previous_page".RD.".+?".LD.'\/'."if".RD."/s", '', $paginate_data);
    1284. 

  1284. 				}
    1285. 

  1285. 				else
    1286. 

  1286. 				{
    1287. 

  1287. 					$match['1'] = str_replace(array(LD.'path'.RD, LD.'auto_path'.RD), $page_previous, $match['1']);
    1288. 

  1288. 

  1289. 					$paginate_data = str_replace($match['0'], $match['1'], $paginate_data);
    1290. 

  1290. 				}
    1291. 

  1291. 			}
    1292. 

  1292. 

  1293. 			if (preg_match("/".LD."if next_page".RD."(.+?)".LD.'\/'."if".RD."/s", $paginate_data, $match))
    1294. 

  1294. 			{
    1295. 

  1295. 				if ($page_next == '')
    1296. 

  1296. 				{
    1297. 

  1297. 					 $paginate_data = preg_replace("/".LD."if next_page".RD.".+?".LD.'\/'."if".RD."/s", '', $paginate_data);
    1298. 

  1298. 				}
    1299. 

  1299. 				else
    1300. 

  1300. 				{
    1301. 

  1301. 					$match['1'] = str_replace(array(LD.'path'.RD, LD.'auto_path'.RD), $page_next, $match['1']);
    1302. 

  1302. 

  1303. 					$paginate_data = str_replace($match['0'], $match['1'], $paginate_data);
    1304. 

  1304. 				}
    1305. 

  1305. 			}
    1306. 

  1306. 

  1307. 			$position = ( ! $this->EE->TMPL->fetch_param('paginate')) ? '' : $this->EE->TMPL->fetch_param('paginate');
    1308. 

  1308. 

  1309. 			switch ($position)
    1310. 

  1310. 			{
    1311. 

  1311. 				case "top"	: $return  = $paginate_data.$return;
    1312. 

  1312. 					break;
    1313. 

  1313. 				case "both"	: $return  = $paginate_data.$return.$paginate_data;
    1314. 

  1314. 					break;
    1315. 

  1315. 				default		: $return .= $paginate_data;
    1316. 

  1316. 					break;
    1317. 

  1317. 			}
    1318. 

  1318. 		}
    1319. 

  1319. 

  1320. 		return $return;
    1321. 

  1321. 	}
    1322. 

  1322. 

  1323. 	// --------------------------------------------------------------------
    1324. 

  1324. 

  1325. 	/**
    1326. 

  1326. 	 * Comment Submission Form
    1327. 

  1327. 	 *
    1328. 

  1328. 	 * @access	public
    1329. 

  1329. 	 * @return	string
    1330. 

  1330. 	 */
    1331. 

  1331. 	function form($return_form = FALSE, $captcha = '')
    1332. 

  1332. 	{
    1333. 

  1333. 		$qstring		 = $this->EE->uri->query_string;
    1334. 

  1334. 		$entry_where	 = array();
    1335. 

  1335. 		$halt_processing = FALSE;
    1336. 

  1336. 

  1337. 		/** --------------------------------------
    1338. 

  1338. 		/**  Remove page number
    1339. 

  1339. 		/** --------------------------------------*/
    1340. 

  1340. 		
    1341. 

  1341. 		if (preg_match("#(^|/)P(\d+)(/|$)#", $qstring, $match))
    1342. 

  1342. 		{
    1343. 

  1343. 			$qstring = trim($this->EE->functions->remove_double_slashes(str_replace($match['0'], '/', $qstring)), '/');
    1344. 

  1344. 		}		
    1345. 

  1345. 

  1346. 		// Figure out the right entry ID
    1347. 

  1347. 		// Order of precedence: POST, entry_id=, url_title=, $qstring
    1348. 

  1348. 		if (isset($_POST['entry_id']))
    1349. 

  1349. 		{
    1350. 

  1350. 			$entry_where = array('entry_id' => $_POST['entry_id']);
    1351. 

  1351. 		}
    1352. 

  1352. 		elseif ($entry_id = $this->EE->TMPL->fetch_param('entry_id'))
    1353. 

  1353. 		{
    1354. 

  1354. 			$entry_where = array('entry_id' => $entry_id);
    1355. 

  1355. 		}
    1356. 

  1356. 		elseif ($url_title = $this->EE->TMPL->fetch_param('url_title'))
    1357. 

  1357. 		{
    1358. 

  1358. 			$entry_where = array('url_title' => $url_title);
    1359. 

  1359. 		}
    1360. 

  1360. 		else
    1361. 

  1361. 		{
    1362. 

  1362. 			// If there is a slash in the entry ID we'll kill everything after it.
    1363. 

  1363. 			$entry_id = trim($qstring); 
    1364. 

  1364. 			$entry_id = preg_replace("#/.+#", "", $entry_id);
    1365. 

  1365. 

  1366. 			if ( ! is_numeric($entry_id))
    1367. 

  1367. 			{
    1368. 

  1368. 				$entry_where = array('url_title' => $entry_id);
    1369. 

  1369. 			}
    1370. 

  1370. 			else
    1371. 

  1371. 			{
    1372. 

  1372. 				$entry_where = array('entry_id' => $entry_id);
    1373. 

  1373. 			}
    1374. 

  1374. 		}
    1375. 

  1375. 		
    1376. 

  1376. 

  1377. 		/** ----------------------------------------
    1378. 

  1378. 		/**  Are comments allowed?
    1379. 

  1379. 		/** ----------------------------------------*/
    1380. 

  1380. 

  1381. 		if ($channel = $this->EE->TMPL->fetch_param('channel'))
    1382. 

  1382. 		{
    1383. 

  1383. 			$this->EE->db->select('channel_id');
    1384. 

  1384. 			$this->EE->functions->ar_andor_string($channel, 'channel_name');
    1385. 

  1385. 			$this->EE->db->where_in('site_id', $this->EE->TMPL->site_ids);
    1386. 

  1386. 			$query = $this->EE->db->get('channels');
    1387. 

  1387. 

  1388. 			if ($query->num_rows() == 0)
    1389. 

  1389. 			{
    1390. 

  1390. 				return FALSE;
    1391. 

  1391. 			}
    1392. 

  1392. 			elseif ($query->num_rows() == 1)
    1393. 

  1393. 			{
    1394. 

  1394. 				$this->EE->db->where('channel_titles.channel_id', $query->row('channel_id'));
    1395. 

  1395. 			}
    1396. 

  1396. 			else
    1397. 

  1397. 			{
    1398. 

  1398. 				$ids = array();
    1399. 

  1399. 				
    1400. 

  1400. 				foreach ($query->result_array() as $row)
    1401. 

  1401. 				{
    1402. 

  1402. 					$ids[] = $row['channel_id'];
    1403. 

  1403. 				}
    1404. 

  1404. 				
    1405. 

  1405. 				$this->EE->db->where_in('channel_titles.channel_id', $ids);
    1406. 

  1406. 			}
    1407. 

  1407. 		}
    1408. 

  1408. 

  1409. 		// The where clauses above will affect this query - it's below the conditional
    1410. 

  1410. 		// because AR cannot keep track of two queries at once
    1411. 

  1411. 

  1412. 		$this->EE->db->select('channel_titles.entry_id, channel_titles.entry_date, channel_titles.comment_expiration_date, channel_titles.allow_comments, channels.comment_system_enabled, channels.comment_use_captcha, channels.comment_expiration');
    1413. 

  1413. 		$this->EE->db->from(array('channel_titles', 'channels'));
    1414. 

  1414. 		
    1415. 

  1415. 		$this->EE->db->where_in('channel_titles.site_id', $this->EE->TMPL->site_ids);
    1416. 

  1416. 		$this->EE->db->where('channel_titles.channel_id = '.$this->EE->db->dbprefix('channels').'.channel_id');
    1417. 

  1417. 		
    1418. 

  1418. 		if ($e_status = $this->EE->TMPL->fetch_param('entry_status'))
    1419. 

  1419. 		{
    1420. 

  1420. 			$e_status = str_replace('Open',	'open',	$e_status);
    1421. 

  1421. 			$e_status = str_replace('Closed', 'closed', $e_status);
    1422. 

  1422. 

  1423. 			$sql = $this->EE->functions->sql_andor_string($e_status, 'status');
    1424. 

  1424. 

  1425. 			if (stristr($sql, "'closed'") === FALSE)
    1426. 

  1426. 			{
    1427. 

  1427. 				$sql .= " AND status != 'closed' ";
    1428. 

  1428. 			}
    1429. 

  1429. 			
    1430. 

  1430. 			//  We need to drop the leading AND from the generated string 
    1431. 

  1431. 			$sql = substr($sql, 4);
    1432. 

  1432. 

  1433. 			
    1434. 

  1434. 			$this->EE->db->where($sql, NULL, FALSE);
    1435. 

  1435. 		}
    1436. 

  1436. 		else
    1437. 

  1437. 		{
    1438. 

  1438. 			$this->EE->db->where('status !=', 'closed');
    1439. 

  1439. 		}
    1440. 

  1440. 		
    1441. 

  1441. 		
    1442. 

  1442. 		$this->EE->db->where($entry_where);
    1443. 

  1443. 	
    1444. 

  1444. 		$query = $this->EE->db->get();
    1445. 

  1445. 

  1446. 		if ($query->num_rows() == 0)
    1447. 

  1447. 		{
    1448. 

  1448. 			return FALSE;
    1449. 

  1449. 		}
    1450. 

  1450. 

  1451. 		if ($query->row('allow_comments')  == 'n' OR $query->row('comment_system_enabled')  == 'n')
    1452. 

  1452. 		{
    1453. 

  1453. 			$halt_processing = 'disabled';
    1454. 

  1454. 		}
    1455. 

  1455. 		
    1456. 

  1456. 		/** ----------------------------------------
    1457. 

  1457. 		/**  Smart Notifications? Mark comments as read.
    1458. 

  1458. 		/** ----------------------------------------*/
    1459. 

  1459. 		
    1460. 

  1460. 		if ($this->EE->session->userdata('smart_notifications') == 'y')
    1461. 

  1461. 		{
    1462. 

  1462. 			$this->EE->load->library('subscription');
    1463. 

  1463. 			$this->EE->subscription->init('comment', array('entry_id' => $query->row('entry_id')), TRUE);
    1464. 

  1464. 			$this->EE->subscription->mark_as_read();
    1465. 

  1465. 		}
    1466. 

  1466. 

  1467. 		/** ----------------------------------------
    1468. 

  1468. 		/**  Return the "no cache" version of the form
    1469. 

  1469. 		/** ----------------------------------------*/
    1470. 

  1470. 

  1471. 		if ($return_form == FALSE)
    1472. 

  1472. 		{
    1473. 

  1473. 			if ($query->row('comment_use_captcha')  == 'n')
    1474. 

  1474. 			{
    1475. 

  1475. 				$this->EE->TMPL->tagdata = str_replace(LD.'captcha'.RD, '', $this->EE->TMPL->tagdata);
    1476. 

  1476. 			}
    1477. 

  1477. 

  1478. 			$nc = '';
    1479. 

  1479. 

  1480. 			if (is_array($this->EE->TMPL->tagparams) AND count($this->EE->TMPL->tagparams) > 0)
    1481. 

  1481. 			{
    1482. 

  1482. 				foreach ($this->EE->TMPL->tagparams as $key => $val)
    1483. 

  1483. 				{
    1484. 

  1484. 					switch ($key)
    1485. 

  1485. 					{
    1486. 

  1486. 						case 'form_class':
    1487. 

  1487. 							$nc .= 'class="'.$val.'" ';
    1488. 

  1488. 							break;
    1489. 

  1489. 						case 'form_id':
    1490. 

  1490. 							$nc .= 'id="'.$val.'" ';
    1491. 

  1491. 							break;
    1492. 

  1492. 						default:
    1493. 

  1493. 							$nc .= ' '.$key.'="'.$val.'" ';
    1494. 

  1494. 					}
    1495. 

  1495. 				}
    1496. 

  1496. 			}
    1497. 

  1497. 			
    1498. 

  1498. 			return '{NOCACHE_COMMENT_FORM="'.$nc.'"}'.$this->EE->TMPL->tagdata.'{/NOCACHE_FORM}';
    1499. 

  1499. 		}
    1500. 

  1500. 

  1501. 		/** ----------------------------------------
    1502. 

  1502. 		/**  Has commenting expired?
    1503. 

  1503. 		/** ----------------------------------------*/
    1504. 

  1504. 

  1505. 		$mode = ( ! isset($this->comment_expiration_mode)) ? 0 : $this->comment_expiration_mode;
    1506. 

  1506. 

  1507. 		//  First check whether expiration is overriden
    1508. 

  1508. 		if ($this->EE->config->item('comment_moderation_override') !== 'y')
    1509. 

  1509. 		{
    1510. 

  1510. 			if ($mode == 0)
    1511. 

  1511. 			{
    1512. 

  1512. 				if ($query->row('comment_expiration_date')  > 0)
    1513. 

  1513. 				{
    1514. 

  1514. 					if ($this->EE->localize->now > $query->row('comment_expiration_date') )
    1515. 

  1515. 					{
    1516. 

  1516. 						$halt_processing = 'expired';
    1517. 

  1517. 					}
    1518. 

  1518. 				}
    1519. 

  1519. 			}
    1520. 

  1520. 			else
    1521. 

  1521. 			{
    1522. 

  1522. 				if ($query->row('comment_expiration')  > 0)
    1523. 

  1523. 				{
    1524. 

  1524. 				 	$days = $query->row('entry_date')  + ($query->row('comment_expiration')  * 86400);
    1525. 

  1525. 

  1526. 					if ($this->EE->localize->now > $days)
    1527. 

  1527. 					{
    1528. 

  1528. 						$halt_processing = 'expired';
    1529. 

  1529. 					}
    1530. 

  1530. 				}
    1531. 

  1531. 			}
    1532. 

  1532. 		}
    1533. 

  1533. 

  1534. 		$tagdata = $this->EE->TMPL->tagdata;
    1535. 

  1535. 

  1536. 		if ($halt_processing != FALSE)
    1537. 

  1537. 		{
    1538. 

  1538. 			foreach ($this->EE->TMPL->var_cond as $key => $val) 
    1539. 

  1539. 			{
    1540. 

  1540. 				if ($halt_processing == 'expired')
    1541. 

  1541. 				{
    1542. 

  1542. 					if (isset($val['3']) && $val['3'] == 'comments_expired')
    1543. 

  1543. 					{
    1544. 

  1544. 						return $val['2'];
    1545. 

  1545. 					}					
    1546. 

  1546. 				}
    1547. 

  1547. 				elseif ($halt_processing == 'disabled')
    1548. 

  1548. 				{
    1549. 

  1549. 					if (isset($val['3']) && $val['3'] == 'comments_disabled')
    1550. 

  1550. 					{
    1551. 

  1551. 						return $val['2'];
    1552. 

  1552. 					}					
    1553. 

  1553. 				}
    1554. 

  1554. 			}
    1555. 

  1555. 

  1556. 			// If there is no conditional- just return the message
    1557. 

  1557. 			$this->EE->lang->loadfile('comment');
    1558. 

  1558. 			return $this->EE->lang->line('cmt_commenting_has_expired');				
    1559. 

  1559. 		}
    1560. 

  1560. 

  1561. 

  1562. 		// -------------------------------------------
    1563. 

  1563. 		// 'comment_form_tagdata' hook.
    1564. 

  1564. 		//  - Modify, add, etc. something to the comment form
    1565. 

  1565. 		//
    1566. 

  1566. 			if ($this->EE->extensions->active_hook('comment_form_tagdata') === TRUE)
    1567. 

  1567. 			{
    1568. 

  1568. 				$tagdata = $this->EE->extensions->call('comment_form_tagdata', $tagdata);
    1569. 

  1569. 				if ($this->EE->extensions->end_script === TRUE) return;
    1570. 

  1570. 			}
    1571. 

  1571. 		//
    1572. 

  1572. 		// -------------------------------------------
    1573. 

  1573. 

  1574. 		/** ----------------------------------------
    1575. 

  1575. 		/**  Conditionals
    1576. 

  1576. 		/** ----------------------------------------*/
    1577. 

  1577. 

  1578. 		$cond = array();
    1579. 

  1579. 		$cond['logged_in']			= ($this->EE->session->userdata('member_id') == 0) ? 'FALSE' : 'TRUE';
    1580. 

  1580. 		$cond['logged_out']			= ($this->EE->session->userdata('member_id') != 0) ? 'FALSE' : 'TRUE';
    1581. 

  1581. 

  1582. 		if ($query->row('comment_use_captcha')  == 'n')
    1583. 

  1583. 		{
    1584. 

  1584. 			$cond['captcha'] = 'FALSE';
    1585. 

  1585. 		}
    1586. 

  1586. 		elseif ($query->row('comment_use_captcha')  == 'y')
    1587. 

  1587. 		{
    1588. 

  1588. 			$cond['captcha'] =  ($this->EE->config->item('captcha_require_members') == 'y'  OR
    1589. 

  1589. 								($this->EE->config->item('captcha_require_members') == 'n' AND $this->EE->session->userdata('member_id') == 0)) ? 'TRUE' : 'FALSE';
    1590. 

  1590. 		}
    1591. 

  1591. 

  1592. 		$tagdata = $this->EE->functions->prep_conditionals($tagdata, $cond);
    1593. 

  1593. 

  1594. 		/** ----------------------------------------
    1595. 

  1595. 		/**  Single Variables
    1596. 

  1596. 		/** ----------------------------------------*/
    1597. 

  1597. 

  1598. 		// Load the form helper
    1599. 

  1599. 		$this->EE->load->helper('form');
    1600. 

  1600. 

  1601. 		foreach ($this->EE->TMPL->var_single as $key => $val)
    1602. 

  1602. 		{
    1603. 

  1603. 			/** ----------------------------------------
    1604. 

  1604. 			/**  parse {name}
    1605. 

  1605. 			/** ----------------------------------------*/
    1606. 

  1606. 

  1607. 			if ($key == 'name')
    1608. 

  1608. 			{
    1609. 

  1609. 				$name = ($this->EE->session->userdata['screen_name'] != '') ? $this->EE->session->userdata['screen_name'] : $this->EE->session->userdata['username'];
    1610. 

  1610. 

  1611. 				$name = ( ! isset($_POST['name'])) ? $name : $_POST['name'];
    1612. 

  1612. 

  1613. 				$tagdata = $this->EE->TMPL->swap_var_single($key, form_prep($name), $tagdata);
    1614. 

  1614. 			}
    1615. 

  1615. 

  1616. 			/** ----------------------------------------
    1617. 

  1617. 			/**  parse {email}
    1618. 

  1618. 			/** ----------------------------------------*/
    1619. 

  1619. 

  1620. 			if ($key == 'email')
    1621. 

  1621. 			{
    1622. 

  1622. 				$email = ( ! isset($_POST['email'])) ? $this->EE->session->userdata['email'] : $_POST['email'];
    1623. 

  1623. 

  1624. 				$tagdata = $this->EE->TMPL->swap_var_single($key, form_prep($email), $tagdata);
    1625. 

  1625. 			}
    1626. 

  1626. 

  1627. 			/** ----------------------------------------
    1628. 

  1628. 			/**  parse {url}
    1629. 

  1629. 			/** ----------------------------------------*/
    1630. 

  1630. 

  1631. 			if ($key == 'url')
    1632. 

  1632. 			{
    1633. 

  1633. 				$url = ( ! isset($_POST['url'])) ? $this->EE->session->userdata['url'] : $_POST['url'];
    1634. 

  1634. 

  1635. 				if ($url == '')
    1636. 

  1636. 					$url = 'http://';
    1637. 

  1637. 

  1638. 				$tagdata = $this->EE->TMPL->swap_var_single($key, form_prep($url), $tagdata);
    1639. 

  1639. 			}
    1640. 

  1640. 

  1641. 			/** ----------------------------------------
    1642. 

  1642. 			/**  parse {location}
    1643. 

  1643. 			/** ----------------------------------------*/
    1644. 

  1644. 

  1645. 			if ($key == 'location')
    1646. 

  1646. 			{
    1647. 

  1647. 				$location = ( ! isset($_POST['location'])) ? $this->EE->session->userdata['location'] : $_POST['location'];
    1648. 

  1648. 

  1649. 				$tagdata = $this->EE->TMPL->swap_var_single($key, form_prep($location), $tagdata);
    1650. 

  1650. 			}
    1651. 

  1651. 

  1652. 			/** ----------------------------------------
    1653. 

  1653. 			/**  parse {comment}
    1654. 

  1654. 			/** ----------------------------------------*/
    1655. 

  1655. 

  1656. 			if ($key == 'comment')
    1657. 

  1657. 			{
    1658. 

  1658. 				$comment = ( ! isset($_POST['comment'])) ? '' : $_POST['comment'];
    1659. 

  1659. 

  1660. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $comment, $tagdata);
    1661. 

  1661. 			}
    1662. 

  1662. 

  1663. 			/** ----------------------------------------
    1664. 

  1664. 			/**  parse {captcha_word}
    1665. 

  1665. 			/** ----------------------------------------*/
    1666. 

  1666. 

  1667. 			if ($key == 'captcha_word')
    1668. 

  1668. 			{
    1669. 

  1669. 				$tagdata = $this->EE->TMPL->swap_var_single($key, '', $tagdata);
    1670. 

  1670. 			}
    1671. 

  1671. 

  1672. 			/** ----------------------------------------
    1673. 

  1673. 			/**  parse {save_info}
    1674. 

  1674. 			/** ----------------------------------------*/
    1675. 

  1675. 

  1676. 			if ($key == 'save_info')
    1677. 

  1677. 			{
    1678. 

  1678. 				$save_info = ( ! isset($_POST['save_info'])) ? '' : $_POST['save_info'];
    1679. 

  1679. 

  1680. 				$notify = ( ! isset($this->EE->session->userdata['notify_by_default'])) ? $this->EE->input->cookie('save_info') : $this->EE->session->userdata['notify_by_default'];
    1681. 

  1681. 

  1682. 				$checked	= ( ! isset($_POST['PRV'])) ? $notify : $save_info;
    1683. 

  1683. 

  1684. 				$tagdata = $this->EE->TMPL->swap_var_single($key, ($checked == 'yes') ? "checked=\"checked\"" : '', $tagdata);
    1685. 

  1685. 			}
    1686. 

  1686. 

  1687. 			/** ----------------------------------------
    1688. 

  1688. 			/**  parse {notify_me}
    1689. 

  1689. 			/** ----------------------------------------*/
    1690. 

  1690. 

  1691. 			if ($key == 'notify_me')
    1692. 

  1692. 			{
    1693. 

  1693. 				$checked = '';
    1694. 

  1694. 

  1695. 				if ( ! isset($_POST['PRV']))
    1696. 

  1696. 				{
    1697. 

  1697. 					if ($this->EE->input->cookie('notify_me'))
    1698. 

  1698. 					{
    1699. 

  1699. 						$checked = $this->EE->input->cookie('notify_me');
    1700. 

  1700. 					}
    1701. 

  1701. 

  1702. 					if (isset($this->EE->session->userdata['notify_by_default']))
    1703. 

  1703. 					{
    1704. 

  1704. 						$checked = ($this->EE->session->userdata['notify_by_default'] == 'y') ? 'yes' : '';
    1705. 

  1705. 					}
    1706. 

  1706. 				}
    1707. 

  1707. 

  1708. 				if (isset($_POST['notify_me']))
    1709. 

  1709. 				{
    1710. 

  1710. 					$checked = $_POST['notify_me'];
    1711. 

  1711. 				}
    1712. 

  1712. 

  1713. 				$tagdata = $this->EE->TMPL->swap_var_single($key, ($checked == 'yes') ? "checked=\"checked\"" : '', $tagdata);
    1714. 

  1714. 			}
    1715. 

  1715. 		}
    1716. 

  1716. 

  1717. 		/** ----------------------------------------
    1718. 

  1718. 		/**  Create form
    1719. 

  1719. 		/** ----------------------------------------*/
    1720. 

  1720. 		
    1721. 

  1721. 		$RET = $this->EE->functions->fetch_current_uri();
    1722. 

  1722. 		
    1723. 

  1723. 		if (isset($_POST['RET']))
    1724. 

  1724. 		{
    1725. 

  1725. 			$RET = $_POST['RET'];
    1726. 

  1726. 		}
    1727. 

  1727. 		elseif ($this->EE->TMPL->fetch_param('return') && $this->EE->TMPL->fetch_param('return') != "")
    1728. 

  1728. 		{
    1729. 

  1729. 			$RET =  $this->EE->TMPL->fetch_param('return');
    1730. 

  1730. 		}
    1731. 

  1731. 		
    1732. 

  1732. 		$PRV = (isset($_POST['PRV'])) ? $_POST['PRV'] : $this->EE->TMPL->fetch_param('preview');
    1733. 

  1733. 		$XID = (isset($_POST['XID'])) ? $_POST['XID'] : '';
    1734. 

  1734. 

  1735. 		$hidden_fields = array(
    1736. 

  1736. 								'ACT'	  	=> $this->EE->functions->fetch_action_id('Comment', 'insert_new_comment'),
    1737. 

  1737. 								'RET'	  	=> $RET,
    1738. 

  1738. 								'URI'	  	=> ($this->EE->uri->uri_string == '') ? 'index' : $this->EE->uri->uri_string,
    1739. 

  1739. 								'PRV'	  	=> $PRV,
    1740. 

  1740. 								'XID'	  	=> $XID,
    1741. 

  1741. 								'entry_id' 	=> $query->row('entry_id')
    1742. 

  1742. 							  );
    1743. 

  1743. 

  1744. 		if ($query->row('comment_use_captcha')  == 'y')
    1745. 

  1745. 		{
    1746. 

  1746. 			if (preg_match("/({captcha})/", $tagdata))
    1747. 

  1747. 			{
    1748. 

  1748. 				$tagdata = preg_replace("/{captcha}/", $this->EE->functions->create_captcha(), $tagdata);
    1749. 

  1749. 			}
    1750. 

  1750. 		}
    1751. 

  1751. 

  1752. 		// -------------------------------------------
    1753. 

  1753. 		// 'comment_form_hidden_fields' hook.
    1754. 

  1754. 		//  - Add/Remove Hidden Fields for Comment Form
    1755. 

  1755. 		//
    1756. 

  1756. 			if ($this->EE->extensions->active_hook('comment_form_hidden_fields') === TRUE)
    1757. 

  1757. 			{
    1758. 

  1758. 				$hidden_fields = $this->EE->extensions->call('comment_form_hidden_fields', $hidden_fields);
    1759. 

  1759. 				if ($this->EE->extensions->end_script === TRUE) return;
    1760. 

  1760. 			}
    1761. 

  1761. 		//
    1762. 

  1762. 		// -------------------------------------------
    1763. 

  1763. 

  1764. 		$data = array(
    1765. 

  1765. 						'hidden_fields'	=> $hidden_fields,
    1766. 

  1766. 						'id'			=> ( ! isset($this->EE->TMPL->tagparams['id'])) ? 'comment_form' : $this->EE->TMPL->tagparams['id'],
    1767. 

  1767. 						'class'			=> ( ! isset($this->EE->TMPL->tagparams['class'])) ? NULL : $this->EE->TMPL->tagparams['class']
    1768. 

  1768. 					);
    1769. 

  1769. 

  1770. 		if ($this->EE->TMPL->fetch_param('name') !== FALSE &&
    1771. 

  1771. 			preg_match("#^[a-zA-Z0-9_\-]+$#i", $this->EE->TMPL->fetch_param('name'), $match))
    1772. 

  1772. 		{
    1773. 

  1773. 			$data['name'] = $this->EE->TMPL->fetch_param('name');
    1774. 

  1774. 		}
    1775. 

  1775. 

  1776. 		$res  = $this->EE->functions->form_declaration($data);
    1777. 

  1777. 

  1778. 		$res .= stripslashes($tagdata);
    1779. 

  1779. 		$res .= "</form>";
    1780. 

  1780. 

  1781. 		// -------------------------------------------
    1782. 

  1782. 		// 'comment_form_end' hook.
    1783. 

  1783. 		//  - Modify, add, etc. something to the comment form at end of processing
    1784. 

  1784. 		//
    1785. 

  1785. 			if ($this->EE->extensions->active_hook('comment_form_end') === TRUE)
    1786. 

  1786. 			{
    1787. 

  1787. 				$res = $this->EE->extensions->call('comment_form_end', $res);
    1788. 

  1788. 				if ($this->EE->extensions->end_script === TRUE) return $res;
    1789. 

  1789. 			}
    1790. 

  1790. 		//
    1791. 

  1791. 		// -------------------------------------------
    1792. 

  1792. 

  1793. 

  1794. 		return $res;
    1795. 

  1795. 	}
    1796. 

  1796. 

  1797. 	// --------------------------------------------------------------------
    1798. 

  1798. 

  1799. 	/**
    1800. 

  1800. 	 * Preview
    1801. 

  1801. 	 *
    1802. 

  1802. 	 * @access	public
    1803. 

  1803. 	 * @return	void
    1804. 

  1804. 	 */
    1805. 

  1805. 	function preview()
    1806. 

  1806. 	{
    1807. 

  1807. 		$entry_id = (isset($_POST['entry_id'])) ? $_POST['entry_id'] : $this->EE->uri->query_string;
    1808. 

  1808. 

  1809. 		if ( ! is_numeric($entry_id) OR empty($_POST['comment']))
    1810. 

  1810. 		{
    1811. 

  1811. 			return FALSE;
    1812. 

  1812. 		}
    1813. 

  1813. 

  1814. 		/** ----------------------------------------
    1815. 

  1815. 		/**  Instantiate Typography class
    1816. 

  1816. 		/** ----------------------------------------*/
    1817. 

  1817. 

  1818. 		$config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
    1819. 

  1819. 		
    1820. 

  1820. 		$this->EE->load->library('typography');
    1821. 

  1821. 		$this->EE->typography->initialize($config);
    1822. 

  1822. 		
    1823. 

  1823. 		$this->EE->typography->parse_images = FALSE;
    1824. 

  1824. 		$this->EE->typography->allow_headings = FALSE;
    1825. 

  1825. 		$this->EE->typography->encode_email = FALSE;
    1826. 

  1826. 

  1827. 		$this->EE->db->select('channels.comment_text_formatting, channels.comment_html_formatting, channels.comment_allow_img_urls, channels.comment_auto_link_urls, channels.comment_max_chars');
    1828. 

  1828. 		$this->EE->db->where('channel_titles.channel_id = '.$this->EE->db->dbprefix('channels').'.channel_id');
    1829. 

  1829. 		$this->EE->db->where('channel_titles.entry_id', $entry_id);
    1830. 

  1830. 		$this->EE->db->from(array('channels', 'channel_titles'));
    1831. 

  1831. 		
    1832. 

  1832. 		$query = $this->EE->db->get();
    1833. 

  1833. 

  1834. 		if ($query->num_rows() == 0)
    1835. 

  1835. 		{
    1836. 

  1836. 			return '';
    1837. 

  1837. 		}
    1838. 

  1838. 

  1839. 		/** -------------------------------------
    1840. 

  1840. 		/**  Check size of comment
    1841. 

  1841. 		/** -------------------------------------*/
    1842. 

  1842. 

  1843. 		if ($query->row('comment_max_chars')  != '' AND $query->row('comment_max_chars')  != 0)
    1844. 

  1844. 		{
    1845. 

  1845. 			if (strlen($_POST['comment']) > $query->row('comment_max_chars') )
    1846. 

  1846. 			{
    1847. 

  1847. 				$str = str_replace("%n", strlen($_POST['comment']), $this->EE->lang->line('cmt_too_large'));
    1848. 

  1848. 

  1849. 				$str = str_replace("%x", $query->row('comment_max_chars') , $str);
    1850. 

  1850. 

  1851. 				return $this->EE->output->show_user_error('submission', $str);
    1852. 

  1852. 			}
    1853. 

  1853. 		}
    1854. 

  1854. 

  1855. 		if ($query->num_rows() == '')
    1856. 

  1856. 		{
    1857. 

  1857. 			$formatting = 'none';
    1858. 

  1858. 		}
    1859. 

  1859. 		else
    1860. 

  1860. 		{
    1861. 

  1861. 			$formatting = $query->row('comment_text_formatting') ;
    1862. 

  1862. 		}
    1863. 

  1863. 

  1864. 		$tagdata = $this->EE->TMPL->tagdata;
    1865. 

  1865. 

  1866. 		// -------------------------------------------
    1867. 

  1867. 		// 'comment_preview_tagdata' hook.
    1868. 

  1868. 		//  - Play with the tagdata contents of the comment preview
    1869. 

  1869. 		//
    1870. 

  1870. 			if ($this->EE->extensions->active_hook('comment_preview_tagdata') === TRUE)
    1871. 

  1871. 			{
    1872. 

  1872. 				$tagdata = $this->EE->extensions->call('comment_preview_tagdata', $tagdata);
    1873. 

  1873. 				if ($this->EE->extensions->end_script === TRUE) return;
    1874. 

  1874. 			}
    1875. 

  1875. 		//
    1876. 

  1876. 		// -------------------------------------------
    1877. 

  1877. 

  1878. 		/** ----------------------------------------
    1879. 

  1879. 		/**  Fetch all the date-related variables
    1880. 

  1880. 		/** ----------------------------------------*/
    1881. 

  1881. 

  1882. 		$comment_date = array();
    1883. 

  1883. 

  1884. 		if (preg_match_all("/".LD."comment_date\s+format=[\"'](.*?)[\"']".RD."/s", $tagdata, $matches))
    1885. 

  1885. 		{
    1886. 

  1886. 			for ($j = 0; $j < count($matches['0']); $j++)
    1887. 

  1887. 			{
    1888. 

  1888. 				$matches['0'][$j] = str_replace(LD, '', $matches['0'][$j]);
    1889. 

  1889. 				$matches['0'][$j] = str_replace(RD, '', $matches['0'][$j]);
    1890. 

  1890. 

  1891. 				$comment_date[$matches['0'][$j]] = $this->EE->localize->fetch_date_params($matches['1'][$j]);
    1892. 

  1892. 			}
    1893. 

  1893. 		}
    1894. 

  1894. 

  1895.         /** ----------------------------------------
    1896. 

  1896.         /**  Set defaults based on member data as needed
    1897. 

  1897.         /** ----------------------------------------*/		
    1898. 

  1898. 		
    1899. 

  1899. 		if (isset($_POST['name']) AND $_POST['name'] != '')
    1900. 

  1900. 		{
    1901. 

  1901. 			$name = stripslashes($this->EE->input->post('name'));
    1902. 

  1902. 		}
    1903. 

  1903. 		elseif ($this->EE->session->userdata['screen_name'] != '')
    1904. 

  1904. 		{
    1905. 

  1905. 			$name = $this->EE->session->userdata['screen_name'];
    1906. 

  1906. 		}
    1907. 

  1907. 		else
    1908. 

  1908. 		{
    1909. 

  1909. 			$name = '';
    1910. 

  1910. 		}
    1911. 

  1911. 

  1912. 		foreach (array('email', 'url', 'location') as $v)
    1913. 

  1913. 		{
    1914. 

  1914. 			if (isset($_POST[$v]) AND $_POST[$v] != '')
    1915. 

  1915. 			{
    1916. 

  1916. 				${$v} = stripslashes($this->EE->input->post($v));
    1917. 

  1917. 			}
    1918. 

  1918. 			elseif ($this->EE->session->userdata[$v] != '')
    1919. 

  1919. 			{
    1920. 

  1920. 				${$v} = $this->EE->session->userdata[$v];
    1921. 

  1921. 			}
    1922. 

  1922. 			else
    1923. 

  1923. 			{
    1924. 

  1924. 				${$v} = '';
    1925. 

  1925. 			}		
    1926. 

  1926. 		}
    1927. 

  1927. 		
    1928. 

  1928. 		/** ----------------------------------------
    1929. 

  1929. 		/**  Conditionals
    1930. 

  1930. 		/** ----------------------------------------*/
    1931. 

  1931. 

  1932. 		$cond = $_POST; // Sanitized on input and also in prep_conditionals, so no real worries here
    1933. 

  1933. 		$cond['logged_in']			= ($this->EE->session->userdata('member_id') == 0) ? 'FALSE' : 'TRUE';
    1934. 

  1934. 		$cond['logged_out']			= ($this->EE->session->userdata('member_id') != 0) ? 'FALSE' : 'TRUE';
    1935. 

  1935. 		$cond['name']				= $name;	
    1936. 

  1936. 		$cond['email']				= $email;		
    1937. 

  1937. 		$cond['url']				= ($url == 'http://') ? '' : $url;
    1938. 

  1938. 		$cond['location']			= $location;
    1939. 

  1939. 		
    1940. 

  1940. 		$tagdata = $this->EE->functions->prep_conditionals($tagdata, $cond);
    1941. 

  1941. 

  1942. 

  1943. 		/** ----------------------------------------
    1944. 

  1944. 		/**  Single Variables
    1945. 

  1945. 		/** ----------------------------------------*/
    1946. 

  1946. 

  1947. 		foreach ($this->EE->TMPL->var_single as $key => $val)
    1948. 

  1948. 		{
    1949. 

  1949. 

  1950. 			//  {name}
    1951. 

  1951. 			if ($key == 'name')
    1952. 

  1952. 			{
    1953. 

  1953. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $name, $tagdata);
    1954. 

  1954. 			}
    1955. 

  1955. 

  1956. 

  1957. 			//  {email}
    1958. 

  1958. 			if ($key == 'email')
    1959. 

  1959. 			{
    1960. 

  1960. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $email, $tagdata);
    1961. 

  1961. 			}
    1962. 

  1962. 

  1963. 

  1964. 			//  {url}
    1965. 

  1965. 			if ($key == 'url')
    1966. 

  1966. 			{
    1967. 

  1967. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $url, $tagdata);
    1968. 

  1968. 			}
    1969. 

  1969. 

  1970. 

  1971. 			//  {location}
    1972. 

  1972. 			if ($key == 'location')
    1973. 

  1973. 			{
    1974. 

  1974. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $location, $tagdata);
    1975. 

  1975. 			}
    1976. 

  1976. 

  1977. 			// Prep the URL
    1978. 

  1978. 

  1979. 			if ($url != '')
    1980. 

  1980. 			{
    1981. 

  1981. 				$this->EE->load->helper('url');
    1982. 

  1982. 

  1983. 				$url = prep_url($url);
    1984. 

  1984. 			}
    1985. 

  1985. 

  1986. 

  1987. 			//  {url_or_email}
    1988. 

  1988. 			if ($key == "url_or_email")
    1989. 

  1989. 			{
    1990. 

  1990. 				$temp = $url;
    1991. 

  1991. 

  1992. 				if ($temp == '' AND $email != '')
    1993. 

  1993. 				{
    1994. 

  1994. 					$temp = $this->EE->typography->encode_email($email, '', 0);
    1995. 

  1995. 				}
    1996. 

  1996. 

  1997. 				$tagdata = $this->EE->TMPL->swap_var_single($val, $temp, $tagdata);
    1998. 

  1998. 			}
    1999. 

  1999. 

  2000. 

  2001. 			//  {url_or_email_as_author}
    2002. 

  2002. 			if ($key == "url_or_email_as_author")
    2003. 

  2003. 			{
    2004. 

  2004. 				if ($url != '')
    2005. 

  2005. 				{
    2006. 

  2006. 					$tagdata = $this->EE->TMPL->swap_var_single($val, "<a href=\"".$url."\">".$name."</a>", $tagdata);
    2007. 

  2007. 				}
    2008. 

  2008. 				else
    2009. 

  2009. 				{
    2010. 

  2010. 					if ($email != '')
    2011. 

  2011. 					{
    2012. 

  2012. 						$tagdata = $this->EE->TMPL->swap_var_single($val, $this->EE->typography->encode_email($email, $name), $tagdata);
    2013. 

  2013. 					}
    2014. 

  2014. 					else
    2015. 

  2015. 					{
    2016. 

  2016. 						$tagdata = $this->EE->TMPL->swap_var_single($val, $name, $tagdata);
    2017. 

  2017. 					}
    2018. 

  2018. 				}
    2019. 

  2019. 			}
    2020. 

  2020. 

  2021. 			//  {url_or_email_as_link}
    2022. 

  2022. 

  2023. 			if ($key == "url_or_email_as_link")
    2024. 

  2024. 			{
    2025. 

  2025. 				if ($url != '')
    2026. 

  2026. 				{
    2027. 

  2027. 					$tagdata = $this->EE->TMPL->swap_var_single($val, "<a href=\"".$url."\">".$url."</a>", $tagdata);
    2028. 

  2028. 				}
    2029. 

  2029. 				else
    2030. 

  2030. 				{
    2031. 

  2031. 					if ($email != '')
    2032. 

  2032. 					{
    2033. 

  2033. 						$tagdata = $this->EE->TMPL->swap_var_single($val, $this->EE->typography->encode_email($email), $tagdata);
    2034. 

  2034. 					}
    2035. 

  2035. 					else
    2036. 

  2036. 					{
    2037. 

  2037. 						$tagdata = $this->EE->TMPL->swap_var_single($val, $name, $tagdata);
    2038. 

  2038. 					}
    2039. 

  2039. 				}
    2040. 

  2040. 			}
    2041. 

  2041. 

  2042. 			//  {url_as_author}
    2043. 

  2043. 

  2044.             if ($key == 'url_as_author')
    2045. 

  2045.             {
    2046. 

  2046.                 if ($url != '')
    2047. 

  2047.                 {
    2048. 

  2048.                     $tagdata = $this->EE->TMPL->swap_var_single($val, '<a href="'.$url.'">'.$name.'</a>', $tagdata);
    2049. 

  2049.                 }
    2050. 

  2050.                 else
    2051. 

  2051.                 {
    2052. 

  2052.                     $tagdata = $this->EE->TMPL->swap_var_single($val, $name, $tagdata);
    2053. 

  2053.                 }
    2054. 

  2054.             }
    2055. 

  2055. 

  2056. 			/** ----------------------------------------
    2057. 

  2057. 			/**  parse comment field
    2058. 

  2058. 			/** ----------------------------------------*/
    2059. 

  2059. 

  2060. 			if ($key == 'comment')
    2061. 

  2061. 			{
    2062. 

  2062. 				// -------------------------------------------
    2063. 

  2063. 				// 'comment_preview_comment_format' hook.
    2064. 

  2064. 				//  - Play with the tagdata contents of the comment preview
    2065. 

  2065. 				//
    2066. 

  2066. 					if ($this->EE->extensions->active_hook('comment_preview_comment_format') === TRUE)
    2067. 

  2067. 					{
    2068. 

  2068. 						$data = $this->EE->extensions->call('comment_preview_comment_format', $query->row());
    2069. 

  2069. 						if ($this->EE->extensions->end_script === TRUE) return;
    2070. 

  2070. 					}
    2071. 

  2071. 					else
    2072. 

  2072. 					{
    2073. 

  2073. 						$data = $this->EE->typography->parse_type( stripslashes($this->EE->input->post('comment')),
    2074. 

  2074. 												 array(
    2075. 

  2075. 														'text_format'	=> $query->row('comment_text_formatting') ,
    2076. 

  2076. 														'html_format'	=> $query->row('comment_html_formatting') ,
    2077. 

  2077. 														'auto_links'	=> $query->row('comment_auto_link_urls') ,
    2078. 

  2078. 														'allow_img_url' => $query->row('comment_allow_img_urls')
    2079. 

  2079. 														)
    2080. 

  2080. 												);
    2081. 

  2081. 					}
    2082. 

  2082. 

  2083. 				// -------------------------------------------
    2084. 

  2084. 

  2085. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $data, $tagdata);
    2086. 

  2086. 			}
    2087. 

  2087. 

  2088. 			/** ----------------------------------------
    2089. 

  2089. 			/**  parse comment date
    2090. 

  2090. 			/** ----------------------------------------*/
    2091. 

  2091. 

  2092. 			if (isset($comment_date[$key]))
    2093. 

  2093. 			{
    2094. 

  2094. 				foreach ($comment_date[$key] as $dvar)
    2095. 

  2095. 				{
    2096. 

  2096. 					$val = str_replace($dvar, $this->EE->localize->convert_timestamp($dvar, $this->EE->localize->now, TRUE), $val);
    2097. 

  2097. 				}
    2098. 

  2098. 

  2099. 				$tagdata = $this->EE->TMPL->swap_var_single($key, $val, $tagdata);
    2100. 

  2100. 			}
    2101. 

  2101. 

  2102. 		}
    2103. 

  2103. 

  2104. 		return $tagdata;
    2105. 

  2105. 	}
    2106. 

  2106. 

  2107. 	// --------------------------------------------------------------------
    2108. 

  2108. 

  2109. 	/**
    2110. 

  2110. 	 * Preview Handler
    2111. 

  2111. 	 *
    2112. 

  2112. 	 * @access	public
    2113. 

  2113. 	 * @return	void
    2114. 

  2114. 	 */
    2115. 

  2115. 	function preview_handler()
    2116. 

  2116. 	{
    2117. 

  2117. 		if ($this->EE->input->post('PRV') == '')
    2118. 

  2118. 		{
    2119. 

  2119. 			$error[] = $this->EE->lang->line('cmt_no_preview_template_specified');
    2120. 

  2120. 

  2121. 			return $this->EE->output->show_user_error('general', $error);
    2122. 

  2122. 		}
    2123. 

  2123. 

  2124. 		if ( ! isset($_POST['PRV']) or $_POST['PRV'] == '')
    2125. 

  2125. 		{
    2126. 

  2126. 			exit('Preview template not specified in your comment form tag');
    2127. 

  2127. 		}
    2128. 

  2128. 		
    2129. 

  2129. 		// Clean return value- segments only
    2130. 

  2130. 		$clean_return = str_replace($this->EE->functions->fetch_site_index(), '', $_POST['RET']);
    2131. 

  2131. 

  2132. 		// Load the string helper
    2133. 

  2133. 		$this->EE->load->helper('string');
    2134. 

  2134. 

  2135. 		$_POST['PRV'] = trim_slashes($this->EE->security->xss_clean($_POST['PRV']));
    2136. 

  2136. 

  2137. 		$this->EE->functions->clear_caching('all', $_POST['PRV']);
    2138. 

  2138. 		$this->EE->functions->clear_caching('all', $clean_return);
    2139. 

  2139. 

  2140. 		require APPPATH.'libraries/Template'.EXT;
    2141. 

  2141. 

  2142. 		$this->EE->TMPL = new EE_Template();
    2143. 

  2143. 

  2144. 		$preview = ( ! $this->EE->input->post('PRV')) ? '' : $this->EE->input->get_post('PRV');
    2145. 

  2145. 

  2146. 		if (strpos($preview, '/') === FALSE)
    2147. 

  2147. 		{
    2148. 

  2148. 			$preview = '';
    2149. 

  2149. 		}
    2150. 

  2150. 		else
    2151. 

  2151. 		{
    2152. 

  2152. 			$ex = explode("/", $preview);
    2153. 

  2153. 

  2154. 			if (count($ex) != 2)
    2155. 

  2155. 			{
    2156. 

  2156. 				$preview = '';
    2157. 

  2157. 			}
    2158. 

  2158. 		}
    2159. 

  2159. 

  2160. 		if ($preview == '')
    2161. 

  2161. 		{
    2162. 

  2162. 			$group = 'channel';
    2163. 

  2163. 			$templ = 'preview';
    2164. 

  2164. 		}
    2165. 

  2165. 		else
    2166. 

  2166. 		{
    2167. 

  2167. 			$group = $ex['0'];
    2168. 

  2168. 			$templ = $ex['1'];
    2169. 

  2169. 		}
    2170. 

  2170. 		
    2171. 

  2171. 		// this makes sure the query string is seen correctly by tags on the template
    2172. 

  2172. 		$this->EE->TMPL->parse_template_uri();
    2173. 

  2173. 		$this->EE->TMPL->run_template_engine($group, $templ);
    2174. 

  2174. 	}
    2175. 

  2175. 

  2176. 	// --------------------------------------------------------------------
    2177. 

  2177. 

  2178. 	/**
    2179. 

  2179. 	 * Insert New Comment
    2180. 

  2180. 	 *
    2181. 

  2181. 	 * @access	public
    2182. 

  2182. 	 * @return	string
    2183. 

  2183. 	 */
    2184. 

  2184. 	function insert_new_comment()
    2185. 

  2185. 	{
    2186. 

  2186. 		$default = array('name', 'email', 'url', 'comment', 'location', 'entry_id');
    2187. 

  2187. 

  2188. 		foreach ($default as $val)
    2189. 

  2189. 		{
    2190. 

  2190. 			if ( ! isset($_POST[$val]))
    2191. 

  2191. 			{
    2192. 

  2192. 				$_POST[$val] = '';
    2193. 

  2193. 			}
    2194. 

  2194. 		}
    2195. 

  2195. 

  2196. 		// No entry ID?  What the heck are they doing?
    2197. 

  2197. 		if ( ! is_numeric($_POST['entry_id']))
    2198. 

  2198. 		{
    2199. 

  2199. 			return FALSE;
    2200. 

  2200. 		}
    2201. 

  2201. 

  2202. 		/** ----------------------------------------
    2203. 

  2203. 		/**  Fetch the comment language pack
    2204. 

  2204. 		/** ----------------------------------------*/
    2205. 

  2205. 

  2206. 		$this->EE->lang->loadfile('comment');
    2207. 

  2207. 		
    2208. 

  2208. 		//  No comment- let's end it here
    2209. 

  2209. 		if ($_POST['comment'] == '')
    2210. 

  2210. 		{
    2211. 

  2211. 			$error = $this->EE->lang->line('cmt_missing_comment');
    2212. 

  2212. 			return $this->EE->output->show_user_error('submission', $error);
    2213. 

  2213. 		}		
    2214. 

  2214. 

  2215. 		/** ----------------------------------------
    2216. 

  2216. 		/**  Is the user banned?
    2217. 

  2217. 		/** ----------------------------------------*/
    2218. 

  2218. 

  2219. 		if ($this->EE->session->userdata['is_banned'] == TRUE)
    2220. 

  2220. 		{
    2221. 

  2221. 			return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
    2222. 

  2222. 		}
    2223. 

  2223. 

  2224. 		/** ----------------------------------------
    2225. 

  2225. 		/**  Is the IP address and User Agent required?
    2226. 

  2226. 		/** ----------------------------------------*/
    2227. 

  2227. 

  2228. 		if ($this->EE->config->item('require_ip_for_posting') == 'y')
    2229. 

  2229. 		{
    2230. 

  2230. 			if ($this->EE->input->ip_address() == '0.0.0.0' OR $this->EE->session->userdata['user_agent'] == "")
    2231. 

  2231. 			{
    2232. 

  2232. 				return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
    2233. 

  2233. 			}
    2234. 

  2234. 		}
    2235. 

  2235. 

  2236. 		/** ----------------------------------------
    2237. 

  2237. 		/**  Is the nation of the user banend?
    2238. 

  2238. 		/** ----------------------------------------*/
    2239. 

  2239. 		$this->EE->session->nation_ban_check();
    2240. 

  2240. 

  2241. 		/** ----------------------------------------
    2242. 

  2242. 		/**  Can the user post comments?
    2243. 

  2243. 		/** ----------------------------------------*/
    2244. 

  2244. 

  2245. 		if ($this->EE->session->userdata['can_post_comments'] == 'n')
    2246. 

  2246. 		{
    2247. 

  2247. 			$error[] = $this->EE->lang->line('cmt_no_authorized_for_comments');
    2248. 

  2248. 

  2249. 			return $this->EE->output->show_user_error('general', $error);
    2250. 

  2250. 		}
    2251. 

  2251. 

  2252. 		/** ----------------------------------------
    2253. 

  2253. 		/**  Blacklist/Whitelist Check
    2254. 

  2254. 		/** ----------------------------------------*/
    2255. 

  2255. 

  2256. 		if ($this->EE->blacklist->blacklisted == 'y' && $this->EE->blacklist->whitelisted == 'n')
    2257. 

  2257. 		{
    2258. 

  2258. 			return $this->EE->output->show_user_error('general', array($this->EE->lang->line('not_authorized')));
    2259. 

  2259. 		}
    2260. 

  2260. 

  2261. 		/** ----------------------------------------
    2262. 

  2262. 		/**  Is this a preview request?
    2263. 

  2263. 		/** ----------------------------------------*/
    2264. 

  2264. 

  2265. 		if (isset($_POST['preview']))
    2266. 

  2266. 		{
    2267. 

  2267. 			return $this->preview_handler();
    2268. 

  2268. 		}
    2269. 

  2269. 		
    2270. 

  2270. 		// -------------------------------------------
    2271. 

  2271. 		// 'insert_comment_start' hook.
    2272. 

  2272. 		//  - Allows complete rewrite of comment submission routine.
    2273. 

  2273. 		//  - Or could be used to modify the POST data before processing
    2274. 

  2274. 		//
    2275. 

  2275. 			$edata = $this->EE->extensions->call('insert_comment_start');
    2276. 

  2276. 			if ($this->EE->extensions->end_script === TRUE) return;
    2277. 

  2277. 		//
    2278. 

  2278. 		// -------------------------------------------
    2279. 

  2279. 

  2280. 		/** ----------------------------------------
    2281. 

  2281. 		/**  Fetch channel preferences
    2282. 

  2282. 		/** ----------------------------------------*/
    2283. 

  2283. 

  2284. // Bummer, saw the hook after converting the query
    2285. 

  2285. /*
    2286. 

  2286. 		$this->EE->db->select('channel_titles.title, channel_titles.url_title, channel_titles.channel_id, channel_titles.author_id,
    2287. 

  2287. 						channel_titles.comment_total, channel_titles.allow_comments, channel_titles.entry_date, channel_titles.comment_expiration_date,
    2288. 

  2288. 						channels.channel_title, channels.comment_system_enabled, channels.comment_max_chars, channels.comment_use_captcha,
    2289. 

  2289. 						channels.comment_timelock, channels.comment_require_membership, channels.comment_moderate, channels.comment_require_email,
    2290. 

  2290. 						channels.comment_notify, channels.comment_notify_authors, channels.comment_notify_emails, channels.comment_expiration'
    2291. 

  2291. 		);
    2292. 

  2292. 		
    2293. 

  2293. 		$this->EE->db->from(array('channel_titles', 'channels'));
    2294. 

  2294. 		$this->EE->db->where('channel_titles.channel_id = channels.channel_id');
    2295. 

  2295. 		$this->EE->db->where('channel_titles.entry_id', $_POST['entry_id']);
    2296. 

  2296. 		$this->EE->db->where('channel_titles.status', 'closed');
    2297. 

  2297. */
    2298. 

  2298. 		$sql = "SELECT exp_channel_titles.title,
    2299. 

  2299. 						exp_channel_titles.url_title,
    2300. 

  2300. 						exp_channel_titles.entry_id,
    2301. 

  2301. 						exp_channel_titles.channel_id,
    2302. 

  2302. 						exp_channel_titles.author_id,
    2303. 

  2303. 						exp_channel_titles.comment_total,
    2304. 

  2304. 						exp_channel_titles.allow_comments,
    2305. 

  2305. 						exp_channel_titles.entry_date,
    2306. 

  2306. 						exp_channel_titles.comment_expiration_date,
    2307. 

  2307. 						exp_channels.channel_title,
    2308. 

  2308. 						exp_channels.comment_system_enabled,
    2309. 

  2309. 						exp_channels.comment_max_chars,
    2310. 

  2310. 						exp_channels.comment_use_captcha,
    2311. 

  2311. 						exp_channels.comment_timelock,
    2312. 

  2312. 						exp_channels.comment_require_membership,
    2313. 

  2313. 						exp_channels.comment_moderate,
    2314. 

  2314. 						exp_channels.comment_require_email,
    2315. 

  2315. 						exp_channels.comment_notify,
    2316. 

  2316. 						exp_channels.comment_notify_authors,
    2317. 

  2317. 						exp_channels.comment_notify_emails,
    2318. 

  2318. 						exp_channels.comment_expiration, 
    2319. 

  2319. 						exp_channels.channel_url, 
    2320. 

  2320. 						exp_channels.comment_url 
    2321. 

  2321. 				FROM	exp_channel_titles, exp_channels
    2322. 

  2322. 				WHERE	exp_channel_titles.channel_id = exp_channels.channel_id
    2323. 

  2323. 				AND	exp_channel_titles.entry_id = '".$this->EE->db->escape_str($_POST['entry_id'])."'";
    2324. 

  2324. 				
    2325. 

  2325. 				//  Added entry_status param, so it is possible to post to closed title
    2326. 

  2326. 				//AND	exp_channel_titles.status != 'closed' ";
    2327. 

  2327. 

  2328. 		// -------------------------------------------
    2329. 

  2329. 		// 'insert_comment_preferences_sql' hook.
    2330. 

  2330. 		//  - Rewrite or add to the comment preference sql query
    2331. 

  2331. 		//  - Could be handy for comment/channel restrictions
    2332. 

  2332. 		//
    2333. 

  2333. 			if ($this->EE->extensions->active_hook('insert_comment_preferences_sql') === TRUE)
    2334. 

  2334. 			{
    2335. 

  2335. 				$sql = $this->EE->extensions->call('insert_comment_preferences_sql', $sql);
    2336. 

  2336. 				if ($this->EE->extensions->end_script === TRUE) return;
    2337. 

  2337. 			}
    2338. 

  2338. 		//
    2339. 

  2339. 		// -------------------------------------------
    2340. 

  2340. 

  2341. 		$query = $this->EE->db->query($sql);
    2342. 

  2342. 

  2343. 		unset($sql);
    2344. 

  2344. 

  2345. 

  2346. 		if ($query->num_rows() == 0)
    2347. 

  2347. 		{
    2348. 

  2348. 			return FALSE;
    2349. 

  2349. 		}
    2350. 

  2350. 

  2351. 		/** ----------------------------------------
    2352. 

  2352. 		/**  Are comments allowed?
    2353. 

  2353. 		/** ----------------------------------------*/
    2354. 

  2354. 		if ($query->row('allow_comments')  == 'n' OR $query->row('comment_system_enabled')  == 'n')
    2355. 

  2355. 		{
    2356. 

  2356. 			return $this->EE->output->show_user_error('submission', $this->EE->lang->line('cmt_comments_not_allowed'));
    2357. 

  2357. 		}
    2358. 

  2358. 

  2359. 		/** ----------------------------------------
    2360. 

  2360. 		/**  Has commenting expired?
    2361. 

  2361. 		/** ----------------------------------------*/
    2362. 

  2362. 

  2363. 		$force_moderation = $query->row('comment_moderate');
    2364. 

  2364. 

  2365. 		if ($this->comment_expiration_mode == 0)
    2366. 

  2366. 		{
    2367. 

  2367. 			if ($query->row('comment_expiration_date')  > 0)
    2368. 

  2368. 			{
    2369. 

  2369. 				if ($this->EE->localize->now > $query->row('comment_expiration_date') )
    2370. 

  2370. 				{
    2371. 

  2371. 					if ($this->EE->config->item('comment_moderation_override') == 'y')
    2372. 

  2372. 					{
    2373. 

  2373. 						$force_moderation = 'y';
    2374. 

  2374. 					}
    2375. 

  2375. 					else
    2376. 

  2376. 					{
    2377. 

  2377. 						return $this->EE->output->show_user_error('submission', $this->EE->lang->line('cmt_commenting_has_expired'));
    2378. 

  2378. 					}
    2379. 

  2379. 				}
    2380. 

  2380. 			}
    2381. 

  2381. 		}
    2382. 

  2382. 		else
    2383. 

  2383. 		{
    2384. 

  2384. 			if ($query->row('comment_expiration')  > 0)
    2385. 

  2385. 			{
    2386. 

  2386. 			 	$days = $query->row('entry_date')  + ($query->row('comment_expiration')  * 86400);
    2387. 

  2387. 

  2388. 				if ($this->EE->localize->now > $days)
    2389. 

  2389. 				{
    2390. 

  2390. 					if ($this->EE->config->item('comment_moderation_override') == 'y')
    2391. 

  2391. 					{
    2392. 

  2392. 						$force_moderation = 'y';
    2393. 

  2393. 					}
    2394. 

  2394. 					else
    2395. 

  2395. 					{
    2396. 

  2396. 						return $this->EE->output->show_user_error('submission', $this->EE->lang->line('cmt_commenting_has_expired'));
    2397. 

  2397. 					}
    2398. 

  2398. 				}
    2399. 

  2399. 			}
    2400. 

  2400. 		}
    2401. 

  2401. 

  2402. 

  2403. 		/** ----------------------------------------
    2404. 

  2404. 		/**  Is there a comment timelock?
    2405. 

  2405. 		/** ----------------------------------------*/
    2406. 

  2406. 		if ($query->row('comment_timelock')  != '' AND $query->row('comment_timelock')  > 0)
    2407. 

  2407. 		{
    2408. 

  2408. 			if ($this->EE->session->userdata['group_id'] != 1)
    2409. 

  2409. 			{
    2410. 

  2410. 				$time = $this->EE->localize->now - $query->row('comment_timelock') ;
    2411. 

  2411. 

  2412. 				$this->EE->db->where('comment_date >', $time);
    2413. 

  2413. 				$this->EE->db->where('ip_address', $this->EE->input->ip_address());
    2414. 

  2414. 				
    2415. 

  2415. 				$result = $this->EE->db->count_all_results('comments');
    2416. 

  2416. 

  2417. 				if ($result  > 0)
    2418. 

  2418. 				{
    2419. 

  2419. 					return $this->EE->output->show_user_error('submission', str_replace("%s", $query->row('comment_timelock') , $this->EE->lang->line('cmt_comments_timelock')));
    2420. 

  2420. 				}
    2421. 

  2421. 			}
    2422. 

  2422. 		}
    2423. 

  2423. 

  2424. 		/** ----------------------------------------
    2425. 

  2425. 		/**  Do we allow duplicate data?
    2426. 

  2426. 		/** ----------------------------------------*/
    2427. 

  2427. 		if ($this->EE->config->item('deny_duplicate_data') == 'y')
    2428. 

  2428. 		{
    2429. 

  2429. 			if ($this->EE->session->userdata['group_id'] != 1)
    2430. 

  2430. 			{
    2431. 

  2431. 				$this->EE->db->where('comment', $_POST['comment']);
    2432. 

  2432. 				$result = $this->EE->db->count_all_results('comments');
    2433. 

  2433. 

  2434. 				if ($result > 0)
    2435. 

  2435. 				{
    2436. 

  2436. 					return $this->EE->output->show_user_error('submission', $this->EE->lang->line('cmt_duplicate_comment_warning'));
    2437. 

  2437. 				}
    2438. 

  2438. 			}
    2439. 

  2439. 		}
    2440. 

  2440. 

  2441. 

  2442. 		/** ----------------------------------------
    2443. 

  2443. 		/**  Assign data
    2444. 

  2444. 		/** ----------------------------------------*/
    2445. 

  2445. 		$author_id				= $query->row('author_id') ;
    2446. 

  2446. 		$entry_title			= $query->row('title') ;
    2447. 

  2447. 		$url_title				= $query->row('url_title') ;
    2448. 

  2448. 		$channel_title		 	= $query->row('channel_title') ;
    2449. 

  2449. 		$channel_id			  	= $query->row('channel_id') ;
    2450. 

  2450. 		$comment_total	 	 	= $query->row('comment_total')  + 1;
    2451. 

  2451. 		$require_membership 	= $query->row('comment_require_membership') ;
    2452. 

  2452. 		$comment_moderate		= ($this->EE->session->userdata['group_id'] == 1 OR $this->EE->session->userdata['exclude_from_moderation'] == 'y') ? 'n' : $force_moderation;
    2453. 

  2453. 		$author_notify			= $query->row('comment_notify_authors') ;
    2454. 

  2454. 

  2455. 		$comment_url			= $query->row('comment_url');
    2456. 

  2456. 		$channel_url			= $query->row('channel_url');
    2457. 

  2457. 		$entry_id				= $query->row('entry_id');
    2458. 

  2458. 

  2459. 

  2460. 		$notify_address = ($query->row('comment_notify')  == 'y' AND $query->row('comment_notify_emails')  != '') ? $query->row('comment_notify_emails')  : '';
    2461. 

  2461. 	
    2462. 

  2462. 

  2463. 		/** ----------------------------------------
    2464. 

  2464. 		/**  Start error trapping
    2465. 

  2465. 		/** ----------------------------------------*/
    2466. 

  2466. 

  2467. 		$error = array();
    2468. 

  2468. 

  2469. 		if ($this->EE->session->userdata('member_id') != 0)
    2470. 

  2470. 		{
    2471. 

  2471. 			// If the user is logged in we'll reassign the POST variables with the user data
    2472. 

  2472. 

  2473. 			 $_POST['name']		= ($this->EE->session->userdata['screen_name'] != '') ? $this->EE->session->userdata['screen_name'] : $this->EE->session->userdata['username'];
    2474. 

  2474. 			 $_POST['email']	=  $this->EE->session->userdata['email'];
    2475. 

  2475. 			 $_POST['url']		=  $this->EE->session->userdata['url'];
    2476. 

  2476. 			 $_POST['location']	=  $this->EE->session->userdata['location'];
    2477. 

  2477. 		}
    2478. 

  2478. 

  2479. 

  2480. 		/** ----------------------------------------
    2481. 

  2481. 		/**  Is membership is required to post...
    2482. 

  2482. 		/** ----------------------------------------*/
    2483. 

  2483. 

  2484. 		if ($require_membership == 'y')
    2485. 

  2485. 		{
    2486. 

  2486. 			// Not logged in
    2487. 

  2487. 

  2488. 			if ($this->EE->session->userdata('member_id') == 0)
    2489. 

  2489. 			{
    2490. 

  2490. 				return $this->EE->output->show_user_error('submission', $this->EE->lang->line('cmt_must_be_member'));
    2491. 

  2491. 			}
    2492. 

  2492. 

  2493. 			// Membership is pending
    2494. 

  2494. 

  2495. 			if ($this->EE->session->userdata['group_id'] == 4)
    2496. 

  2496. 			{
    2497. 

  2497. 				return $this->EE->output->show_user_error('general', $this->EE->lang->line('cmt_account_not_active'));
    2498. 

  2498. 			}
    2499. 

  2499. 

  2500. 		}
    2501. 

  2501. 		else
    2502. 

  2502. 		{
    2503. 

  2503. 			/** ----------------------------------------
    2504. 

  2504. 			/**  Missing name?
    2505. 

  2505. 			/** ----------------------------------------*/
    2506. 

  2506. 

  2507. 			if ($_POST['name'] == '')
    2508. 

  2508. 			{
    2509. 

  2509. 				$error[] = $this->EE->lang->line('cmt_missing_name');
    2510. 

  2510. 			}
    2511. 

  2511. 

  2512. 			/** -------------------------------------
    2513. 

  2513. 			/**  Is name banned?
    2514. 

  2514. 			/** -------------------------------------*/
    2515. 

  2515. 

  2516. 			if ($this->EE->session->ban_check('screen_name', $_POST['name']))
    2517. 

  2517. 			{
    2518. 

  2518. 				$error[] = $this->EE->lang->line('cmt_name_not_allowed');
    2519. 

  2519. 			}
    2520. 

  2520. 

  2521. 			/** ----------------------------------------
    2522. 

  2522. 			/**  Missing or invalid email address
    2523. 

  2523. 			/** ----------------------------------------*/
    2524. 

  2524. 

  2525. 			if ($query->row('comment_require_email')  == 'y')
    2526. 

  2526. 			{
    2527. 

  2527. 				$this->EE->load->helper('email');
    2528. 

  2528. 

  2529. 				if ($_POST['email'] == '')
    2530. 

  2530. 				{
    2531. 

  2531. 					$error[] = $this->EE->lang->line('cmt_missing_email');
    2532. 

  2532. 				}
    2533. 

  2533. 				elseif ( ! valid_email($_POST['email']))
    2534. 

  2534. 				{
    2535. 

  2535. 					$error[] = $this->EE->lang->line('cmt_invalid_email');
    2536. 

  2536. 				}
    2537. 

  2537. 			}
    2538. 

  2538. 		}
    2539. 

  2539. 

  2540. 		/** -------------------------------------
    2541. 

  2541. 		/**  Is email banned?
    2542. 

  2542. 		/** -------------------------------------*/
    2543. 

  2543. 

  2544. 		if ($_POST['email'] != '')
    2545. 

  2545. 		{
    2546. 

  2546. 			if ($this->EE->session->ban_check('email', $_POST['email']))
    2547. 

  2547. 			{
    2548. 

  2548. 				$error[] = $this->EE->lang->line('cmt_banned_email');
    2549. 

  2549. 			}
    2550. 

  2550. 		}
    2551. 

  2551. 

  2552. 		/** ----------------------------------------
    2553. 

  2553. 		/**  Is comment too big?
    2554. 

  2554. 		/** ----------------------------------------*/
    2555. 

  2555. 

  2556. 		if ($query->row('comment_max_chars')  != '' AND $query->row('comment_max_chars')  != 0)
    2557. 

  2557. 		{
    2558. 

  2558. 			if (strlen($_POST['comment']) > $query->row('comment_max_chars') )
    2559. 

  2559. 			{
    2560. 

  2560. 				$str = str_replace("%n", strlen($_POST['comment']), $this->EE->lang->line('cmt_too_large'));
    2561. 

  2561. 

  2562. 				$str = str_replace("%x", $query->row('comment_max_chars') , $str);
    2563. 

  2563. 

  2564. 				$error[] = $str;
    2565. 

  2565. 			}
    2566. 

  2566. 		}
    2567. 

  2567. 

  2568. 		/** ----------------------------------------
    2569. 

  2569. 		/**  Do we have errors to display?
    2570. 

  2570. 		/** ----------------------------------------*/
    2571. 

  2571. 

  2572. 		if (count($error) > 0)
    2573. 

  2573. 		{
    2574. 

  2574. 			return $this->EE->output->show_user_error('submission', $error);
    2575. 

  2575. 		}
    2576. 

  2576. 

  2577. 		/** ----------------------------------------
    2578. 

  2578. 		/**  Do we require CAPTCHA?
    2579. 

  2579. 		/** ----------------------------------------*/
    2580. 

  2580. 

  2581. 		if ($query->row('comment_use_captcha')  == 'y')
    2582. 

  2582. 		{
    2583. 

  2583. 			if ($this->EE->config->item('captcha_require_members') == 'y'  OR  ($this->EE->config->item('captcha_require_members') == 'n' AND $this->EE->session->userdata('member_id') == 0))
    2584. 

  2584. 			{
    2585. 

  2585. 				if ( ! isset($_POST['captcha']) OR $_POST['captcha'] == '')
    2586. 

  2586. 				{
    2587. 

  2587. 					return $this->EE->output->show_user_error('submission', $this->EE->lang->line('captcha_required'));
    2588. 

  2588. 				}
    2589. 

  2589. 				else
    2590. 

  2590. 				{
    2591. 

  2591. 					$this->EE->db->where('word', $_POST['captcha']);
    2592. 

  2592. 					$this->EE->db->where('ip_address', $this->EE->input->ip_address());
    2593. 

  2593. 					$this->EE->db->where('date > UNIX_TIMESTAMP()-7200', NULL, FALSE);
    2594. 

  2594. 					
    2595. 

  2595. 					$result = $this->EE->db->count_all_results('captcha');
    2596. 

  2596. 

  2597. 					if ($result == 0)
    2598. 

  2598. 					{
    2599. 

  2599. 						return $this->EE->output->show_user_error('submission', $this->EE->lang->line('captcha_incorrect'));
    2600. 

  2600. 					}
    2601. 

  2601. 

  2602. 					// @TODO: AR
    2603. 

  2603. 					$this->EE->db->query("DELETE FROM exp_captcha WHERE (word='".$this->EE->db->escape_str($_POST['captcha'])."' AND ip_address = '".$this->EE->input->ip_address()."') OR date < UNIX_TIMESTAMP()-7200");
    2604. 

  2604. 				}
    2605. 

  2605. 			}
    2606. 

  2606. 		}
    2607. 

  2607. 

  2608. 		/** ----------------------------------------
    2609. 

  2609. 		/**  Build the data array
    2610. 

  2610. 		/** ----------------------------------------*/
    2611. 

  2611. 

  2612. 		$this->EE->load->helper('url');
    2613. 

  2613. 

  2614. 		$notify = ($this->EE->input->post('notify_me')) ? 'y' : 'n';
    2615. 

  2615. 

  2616.  		$cmtr_name	= $this->EE->input->post('name', TRUE);
    2617. 

  2617.  		$cmtr_email	= $this->EE->input->post('email');
    2618. 

  2618.  		$cmtr_loc	= $this->EE->input->post('location', TRUE);
    2619. 

  2619.  		$cmtr_url	= $this->EE->input->post('url', TRUE);
    2620. 

  2620. 		$cmtr_url	= prep_url($cmtr_url);
    2621. 

  2621. 

  2622. 		$data = array(
    2623. 

  2623. 						'channel_id'	=> $channel_id,
    2624. 

  2624. 						'entry_id'		=> $_POST['entry_id'],
    2625. 

  2625. 						'author_id'		=> $this->EE->session->userdata('member_id'),
    2626. 

  2626. 						'name'			=> $cmtr_name,
    2627. 

  2627. 						'email'			=> $cmtr_email,
    2628. 

  2628. 						'url'			=> $cmtr_url,
    2629. 

  2629. 						'location'		=> $cmtr_loc,
    2630. 

  2630. 						'comment'		=> $this->EE->security->xss_clean($_POST['comment']),
    2631. 

  2631. 						'comment_date'	=> $this->EE->localize->now,
    2632. 

  2632. 						'ip_address'	=> $this->EE->input->ip_address(),
    2633. 

  2633. 						'status'		=> ($comment_moderate == 'y') ? 'p' : 'o',
    2634. 

  2634. 						'site_id'		=> $this->EE->config->item('site_id')
    2635. 

  2635. 					 );
    2636. 

  2636. 

  2637. 		// -------------------------------------------
    2638. 

  2638. 		// 'insert_comment_insert_array' hook.
    2639. 

  2639. 		//  - Modify any of the soon to be inserted values
    2640. 

  2640. 		//
    2641. 

  2641. 			if ($this->EE->extensions->active_hook('insert_comment_insert_array') === TRUE)
    2642. 

  2642. 			{
    2643. 

  2643. 				$data = $this->EE->extensions->call('insert_comment_insert_array', $data);
    2644. 

  2644. 				if ($this->EE->extensions->end_script === TRUE) return;
    2645. 

  2645. 			}
    2646. 

  2646. 		//
    2647. 

  2647. 		// -------------------------------------------
    2648. 

  2648. 

  2649. 			$return_link = ( ! stristr($_POST['RET'],'http://') && ! stristr($_POST['RET'],'https://')) ? $this->EE->functions->create_url($_POST['RET']) : $_POST['RET'];
    2650. 

  2650. 

  2651. 		/** ----------------------------------------
    2652. 

  2652. 		/**  Insert data
    2653. 

  2653. 		/** ----------------------------------------*/
    2654. 

  2654. 

  2655. 		if ($this->EE->config->item('secure_forms') == 'y')
    2656. 

  2656. 		{
    2657. 

  2657. 			$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_security_hashes WHERE hash='".$this->EE->db->escape_str($_POST['XID'])."' AND ip_address = '".$this->EE->input->ip_address()."' AND date > UNIX_TIMESTAMP()-7200");
    2658. 

  2658. 

  2659. 			if ($query->row('count')  > 0)
    2660. 

  2660. 			{
    2661. 

  2661. 				$sql = $this->EE->db->insert_string('exp_comments', $data);
    2662. 

  2662. 

  2663. 				$this->EE->db->query($sql);
    2664. 

  2664. 

  2665. 				$comment_id = $this->EE->db->insert_id();
    2666. 

  2666. 

  2667. 				$this->EE->db->query("DELETE FROM exp_security_hashes WHERE (hash='".$this->EE->db->escape_str($_POST['XID'])."' AND ip_address = '".$this->EE->input->ip_address()."') OR date < UNIX_TIMESTAMP()-7200");
    2668. 

  2668. 			}
    2669. 

  2669. 			else
    2670. 

  2670. 			{
    2671. 

  2671. 				$this->EE->functions->redirect(stripslashes($return_link));
    2672. 

  2672. 			}
    2673. 

  2673. 		}
    2674. 

  2674. 		else
    2675. 

  2675. 		{
    2676. 

  2676. 			$sql = $this->EE->db->insert_string('exp_comments', $data);
    2677. 

  2677. 

  2678. 			$this->EE->db->query($sql);
    2679. 

  2679. 

  2680. 			$comment_id = $this->EE->db->insert_id();			
    2681. 

  2681. 		}
    2682. 

  2682. 		
    2683. 

  2683. 		if ($notify == 'y')
    2684. 

  2684. 		{
    2685. 

  2685. 			$this->EE->load->library('subscription');
    2686. 

  2686. 			$this->EE->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
    2687. 

  2687. 

  2688. 			if ($cmtr_id = $this->EE->session->userdata('member_id'))
    2689. 

  2689. 			{
    2690. 

  2690. 				$this->EE->subscription->subscribe($cmtr_id);
    2691. 

  2691. 			}
    2692. 

  2692. 			else
    2693. 

  2693. 			{
    2694. 

  2694. 				$this->EE->subscription->subscribe($cmtr_email);
    2695. 

  2695. 			}
    2696. 

  2696. 		}
    2697. 

  2697. 		
    2698. 

  2698. 

  2699. 		if ($comment_moderate == 'n')
    2700. 

  2700. 		{
    2701. 

  2701. 			/** ------------------------------------------------
    2702. 

  2702. 			/**  Update comment total and "recent comment" date
    2703. 

  2703. 			/** ------------------------------------------------*/
    2704. 

  2704. 

  2705. 			$this->EE->db->set('comment_total', $comment_total);
    2706. 

  2706. 			$this->EE->db->set('recent_comment_date', $this->EE->localize->now);
    2707. 

  2707. 			$this->EE->db->where('entry_id', $_POST['entry_id']);
    2708. 

  2708. 			
    2709. 

  2709. 			$this->EE->db->update('channel_titles');
    2710. 

  2710. 

  2711. 			/** ----------------------------------------
    2712. 

  2712. 			/**  Update member comment total and date
    2713. 

  2713. 			/** ----------------------------------------*/
    2714. 

  2714. 

  2715. 			if ($this->EE->session->userdata('member_id') != 0)
    2716. 

  2716. 			{
    2717. 

  2717. 				$this->EE->db->select('total_comments');
    2718. 

  2718. 				$this->EE->db->where('member_id', $this->EE->session->userdata('member_id'));
    2719. 

  2719. 				
    2720. 

  2720. 				$query = $this->EE->db->get('members');
    2721. 

  2721. 				
    2722. 

  2722. 				$this->EE->db->set('total_comments', $query->row('total_comments') + 1);
    2723. 

  2723. 				$this->EE->db->set('last_comment_date', $this->EE->localize->now);
    2724. 

  2724. 				$this->EE->db->where('member_id', $this->EE->session->userdata('member_id'));
    2725. 

  2725. 				
    2726. 

  2726. 				$this->EE->db->update('members');
    2727. 

  2727. 			}
    2728. 

  2728. 

  2729. 			/** ----------------------------------------
    2730. 

  2730. 			/**  Update comment stats
    2731. 

  2731. 			/** ----------------------------------------*/
    2732. 

  2732. 		
    2733. 

  2733. 			$this->EE->stats->update_comment_stats($channel_id, $this->EE->localize->now);
    2734. 

  2734. 

  2735. 			/** ----------------------------------------
    2736. 

  2736. 			/**  Fetch email notification addresses
    2737. 

  2737. 			/** ----------------------------------------*/
    2738. 

  2738. 			
    2739. 

  2739. 			$this->EE->load->library('subscription');
    2740. 

  2740. 			$this->EE->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
    2741. 

  2741. 			
    2742. 

  2742. 			// Remove the current user
    2743. 

  2743. 			$ignore = ($this->EE->session->userdata('member_id') != 0) ? $this->EE->session->userdata('member_id') : $this->EE->input->post('email');
    2744. 

  2744. 			
    2745. 

  2745. 			// Grab them all
    2746. 

  2746. 			$subscriptions = $this->EE->subscription->get_subscriptions($ignore);
    2747. 

  2747. 			$this->EE->load->model('comment_model');
    2748. 

  2748. 			$recipients = $this->EE->comment_model->fetch_email_recipients($_POST['entry_id'], $subscriptions);
    2749. 

  2749. 		}
    2750. 

  2750. 

  2751. 		/** ----------------------------------------
    2752. 

  2752. 		/**  Fetch Author Notification
    2753. 

  2753. 		/** ----------------------------------------*/
    2754. 

  2754. 

  2755. 		if ($author_notify == 'y')
    2756. 

  2756. 		{
    2757. 

  2757. 			$this->EE->db->select('email');
    2758. 

  2758. 			$this->EE->db->where('member_id', $author_id);
    2759. 

  2759. 

  2760. 			$result = $this->EE->db->get('members');
    2761. 

  2761. 

  2762. 			$notify_address	.= ','.$result->row('email');
    2763. 

  2763. 		}
    2764. 

  2764. 

  2765. 		/** ----------------------------------------
    2766. 

  2766. 		/**  Instantiate Typography class
    2767. 

  2767. 		/** ----------------------------------------*/
    2768. 

  2768. 

  2769. 		$config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
    2770. 

  2770. 		
    2771. 

  2771. 		$this->EE->load->library('typography');
    2772. 

  2772. 		$this->EE->typography->initialize($config);
    2773. 

  2773. 		
    2774. 

  2774. 		$this->EE->typography->parse_images = FALSE;
    2775. 

  2775. 		$this->EE->typography->allow_headings = FALSE;
    2776. 

  2776.  		$this->EE->typography->smileys = FALSE;
    2777. 

  2777. 

  2778. 		$comment = $this->EE->security->xss_clean($_POST['comment']);
    2779. 

  2779. 		$comment = $this->EE->typography->parse_type( $comment,
    2780. 

  2780. 										array(
    2781. 

  2781. 												'text_format'	=> 'none',
    2782. 

  2782. 												'html_format'	=> 'none',
    2783. 

  2783. 												'auto_links'	=> 'n',
    2784. 

  2784. 												'allow_img_url' => 'n'
    2785. 

  2785. 											)
    2786. 

  2786. 									);
    2787. 

  2787. 

  2788. 		$path = ($comment_url == '') ? $channel_url : $comment_url;
    2789. 

  2789. 		
    2790. 

  2790. 		$comment_url_title_auto_path = reduce_double_slashes($path.'/'.$url_title);
    2791. 

  2791. 

  2792. 		/** ----------------------------
    2793. 

  2793. 		/**  Send admin notification
    2794. 

  2794. 		/** ----------------------------*/
    2795. 

  2795. 

  2796. 		if ($notify_address != '')
    2797. 

  2797. 		{
    2798. 

  2798. 			$cp_url = $this->EE->config->item('cp_url').'?S=0&D=cp&C=addons_modules&M=show_module_cp&module=comment';
    2799. 

  2799. 

  2800. 

  2801. 			
    2802. 

  2802. 			$swap = array(
    2803. 

  2803. 							'name'				=> $cmtr_name,
    2804. 

  2804. 							'name_of_commenter'	=> $cmtr_name,
    2805. 

  2805. 							'email'				=> $cmtr_email,
    2806. 

  2806. 							'url'				=> $cmtr_url,
    2807. 

  2807. 							'location'			=> $cmtr_loc,
    2808. 

  2808. 							'channel_name'		=> $channel_title,
    2809. 

  2809. 							'entry_title'		=> $entry_title,
    2810. 

  2810. 							'comment_id'		=> $comment_id,
    2811. 

  2811. 							'comment'			=> $comment,
    2812. 

  2812. 							'comment_url'		=> $this->remove_session_id($this->EE->functions->fetch_site_index().$_POST['URI']),
    2813. 

  2813. 							'delete_link'		=> $cp_url.'&method=delete_comment_confirm&comment_id='.$comment_id, 
    2814. 

  2814. 							'approve_link'		=> $cp_url.'&method=change_comment_status&comment_id='.$comment_id.'&status=o', 
    2815. 

  2815. 							'close_link'		=> $cp_url.'&method=change_comment_status&comment_id='.$comment_id.'&status=c', 
    2816. 

  2816. 							'channel_id'		=> $channel_id,
    2817. 

  2817. 							'entry_id'			=> $entry_id,
    2818. 

  2818. 							'url_title'			=> $url_title,
    2819. 

  2819. 							'comment_url_title_auto_path' => $comment_url_title_auto_path
    2820. 

  2820. 						 );
    2821. 

  2821. 

  2822. 			$template = $this->EE->functions->fetch_email_template('admin_notify_comment');
    2823. 

  2823. 

  2824. 			$email_tit = $this->EE->functions->var_swap($template['title'], $swap);
    2825. 

  2825. 			$email_msg = $this->EE->functions->var_swap($template['data'], $swap);
    2826. 

  2826. 

  2827. 			// We don't want to send an admin notification if the person
    2828. 

  2828. 			// leaving the comment is an admin in the notification list
    2829. 

  2829. 

  2830. 			if ($_POST['email'] != '')
    2831. 

  2831. 			{
    2832. 

  2832. 				if (strpos($notify_address, $_POST['email']) !== FALSE)
    2833. 

  2833. 				{
    2834. 

  2834. 					$notify_address = str_replace($_POST['email'], '', $notify_address);
    2835. 

  2835. 				}
    2836. 

  2836. 			}
    2837. 

  2837. 

  2838. 			$this->EE->load->helper('string');
    2839. 

  2839. 			// Remove multiple commas
    2840. 

  2840. 			$notify_address = reduce_multiples($notify_address, ',', TRUE);
    2841. 

  2841. 

  2842. 			if ($notify_address != '')
    2843. 

  2843. 			{
    2844. 

  2844. 				/** ----------------------------
    2845. 

  2845. 				/**  Send email
    2846. 

  2846. 				/** ----------------------------*/
    2847. 

  2847. 

  2848. 				$this->EE->load->library('email');
    2849. 

  2849. 

  2850. 				$replyto = ($data['email'] == '') ? $this->EE->config->item('webmaster_email') : $data['email'];
    2851. 

  2851. 					 
    2852. 

  2852. 				$sent = array();
    2853. 

  2853. 

  2854. 				// Load the text helper
    2855. 

  2855. 				$this->EE->load->helper('text');
    2856. 

  2856. 

  2857. 				foreach (explode(',', $notify_address) as $addy)
    2858. 

  2858. 				{
    2859. 

  2859. 					if (in_array($addy, $sent)) continue;
    2860. 

  2860. 

  2861. 					$this->EE->email->EE_initialize();
    2862. 

  2862. 					$this->EE->email->wordwrap = false;
    2863. 

  2863. 					$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
    2864. 

  2864. 					$this->EE->email->to($addy);
    2865. 

  2865. 					$this->EE->email->reply_to($replyto);
    2866. 

  2866. 					$this->EE->email->subject($email_tit);
    2867. 

  2867. 					$this->EE->email->message(entities_to_ascii($email_msg));
    2868. 

  2868. 					$this->EE->email->send();
    2869. 

  2869. 

  2870. 					$sent[] = $addy;
    2871. 

  2871. 				}
    2872. 

  2872. 			}
    2873. 

  2873. 		}
    2874. 

  2874. 

  2875. 

  2876. 		/** ----------------------------------------
    2877. 

  2877. 		/**  Send user notifications
    2878. 

  2878. 		/** ----------------------------------------*/
    2879. 

  2879. 

  2880. 		if ($comment_moderate == 'n')
    2881. 

  2881. 		{
    2882. 

  2882. 			$email_msg = '';
    2883. 

  2883. 			
    2884. 

  2884. 			if (count($recipients) > 0)
    2885. 

  2885. 			{
    2886. 

  2886. 				$action_id  = $this->EE->functions->fetch_action_id('Comment_mcp', 'delete_comment_notification');
    2887. 

  2887. 

  2888. 				$swap = array(
    2889. 

  2889. 								'name_of_commenter'	=> $cmtr_name,
    2890. 

  2890. 								'channel_name'		=> $channel_title,
    2891. 

  2891. 								'entry_title'		=> $entry_title,
    2892. 

  2892. 								'site_name'			=> stripslashes($this->EE->config->item('site_name')),
    2893. 

  2893. 								'site_url'			=> $this->EE->config->item('site_url'),
    2894. 

  2894. 								'comment_url'		=> $this->remove_session_id($this->EE->functions->fetch_site_index().$_POST['URI']),
    2895. 

  2895. 								'comment_id'		=> $comment_id,
    2896. 

  2896. 								'comment'			=> $comment,
    2897. 

  2897. 								'channel_id'		=> $channel_id,
    2898. 

  2898. 								'entry_id'			=> $entry_id,
    2899. 

  2899. 								'url_title'			=> $url_title,
    2900. 

  2900. 								'comment_url_title_auto_path' => $comment_url_title_auto_path 
    2901. 

  2901. 							 );
    2902. 

  2902. 

  2903. 

  2904. 				$template = $this->EE->functions->fetch_email_template('comment_notification');
    2905. 

  2905. 				$email_tit = $this->EE->functions->var_swap($template['title'], $swap);
    2906. 

  2906. 				$email_msg = $this->EE->functions->var_swap($template['data'], $swap);
    2907. 

  2907. 

  2908. 				/** ----------------------------
    2909. 

  2909. 				/**  Send email
    2910. 

  2910. 				/** ----------------------------*/
    2911. 

  2911. 

  2912. 				$this->EE->load->library('email');
    2913. 

  2913. 				$this->EE->email->wordwrap = true;
    2914. 

  2914. 

  2915. 				$cur_email = ($_POST['email'] == '') ? FALSE : $_POST['email'];
    2916. 

  2916. 

  2917. 				if ( ! isset($sent)) $sent = array();
    2918. 

  2918. 

  2919. 				// Load the text helper
    2920. 

  2920. 				$this->EE->load->helper('text');
    2921. 

  2921. 

  2922. 				foreach ($recipients as $val)
    2923. 

  2923. 				{
    2924. 

  2924. 					// We don't notify the person currently commenting.  That would be silly.
    2925. 

  2925. 

  2926. 					if ( ! in_array($val['0'], $sent))
    2927. 

  2927. 					{
    2928. 

  2928. 						$title	 = $email_tit;
    2929. 

  2929. 						$message = $email_msg;
    2930. 

  2930. 						
    2931. 

  2931. 						$sub	= $subscriptions[$val['1']];
    2932. 

  2932. 						$sub_qs	= 'id='.$sub['subscription_id'].'&hash='.$sub['hash'];
    2933. 

  2933. 

  2934. 						// Deprecate the {name} variable at some point
    2935. 

  2935. 						$title	 = str_replace('{name}', $val['2'], $title);
    2936. 

  2936. 						$message = str_replace('{name}', $val['2'], $message);
    2937. 

  2937. 

  2938. 						$title	 = str_replace('{name_of_recipient}', $val['2'], $title);
    2939. 

  2939. 						$message = str_replace('{name_of_recipient}', $val['2'], $message);
    2940. 

  2940. 

  2941. 						$title	 = str_replace('{notification_removal_url}', $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&'.$sub_qs, $title);
    2942. 

  2942. 						$message = str_replace('{notification_removal_url}', $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&'.$sub_qs, $message);
    2943. 

  2943. 

  2944. 						$this->EE->email->EE_initialize();
    2945. 

  2945. 						$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
    2946. 

  2946. 						$this->EE->email->to($val['0']);
    2947. 

  2947. 						$this->EE->email->subject($title);
    2948. 

  2948. 						$this->EE->email->message(entities_to_ascii($message));
    2949. 

  2949. 						$this->EE->email->send();
    2950. 

  2950. 

  2951. 						$sent[] = $val['0'];
    2952. 

  2952. 					}
    2953. 

  2953. 				}
    2954. 

  2954. 			}
    2955. 

  2955. 

  2956. 			/** ----------------------------------------
    2957. 

  2957. 			/**  Clear cache files
    2958. 

  2958. 			/** ----------------------------------------*/
    2959. 

  2959. 

  2960. 			$this->EE->functions->clear_caching('all', $this->EE->functions->fetch_site_index().$_POST['URI']);
    2961. 

  2961. 

  2962. 			// clear out the entry_id version if the url_title is in the URI, and vice versa
    2963. 

  2963. 			if (preg_match("#\/".preg_quote($url_title)."\/#", $_POST['URI'], $matches))
    2964. 

  2964. 			{
    2965. 

  2965. 				$this->EE->functions->clear_caching('all', $this->EE->functions->fetch_site_index().preg_replace("#".preg_quote($matches['0'])."#", "/{$data['entry_id']}/", $_POST['URI']));
    2966. 

  2966. 			}
    2967. 

  2967. 			else
    2968. 

  2968. 			{
    2969. 

  2969. 				$this->EE->functions->clear_caching('all', $this->EE->functions->fetch_site_index().preg_replace("#{$data['entry_id']}#", $url_title, $_POST['URI']));
    2970. 

  2970. 			}
    2971. 

  2971. 		}
    2972. 

  2972. 

  2973. 		/** ----------------------------------------
    2974. 

  2974. 		/**  Set cookies
    2975. 

  2975. 		/** ----------------------------------------*/
    2976. 

  2976. 

  2977. 		if ($notify == 'y')
    2978. 

  2978. 		{
    2979. 

  2979. 			$this->EE->functions->set_cookie('notify_me', 'yes', 60*60*24*365);
    2980. 

  2980. 		}
    2981. 

  2981. 		else
    2982. 

  2982. 		{
    2983. 

  2983. 			$this->EE->functions->set_cookie('notify_me', 'no', 60*60*24*365);
    2984. 

  2984. 		}
    2985. 

  2985. 

  2986. 		if ($this->EE->input->post('save_info'))
    2987. 

  2987. 		{
    2988. 

  2988. 			$this->EE->functions->set_cookie('save_info',	'yes',				60*60*24*365);
    2989. 

  2989. 			$this->EE->functions->set_cookie('my_name',		$_POST['name'],		60*60*24*365);
    2990. 

  2990. 			$this->EE->functions->set_cookie('my_email',	$_POST['email'],	60*60*24*365);
    2991. 

  2991. 			$this->EE->functions->set_cookie('my_url',		$_POST['url'],		60*60*24*365);
    2992. 

  2992. 			$this->EE->functions->set_cookie('my_location',	$_POST['location'],	60*60*24*365);
    2993. 

  2993. 		}
    2994. 

  2994. 		else
    2995. 

  2995. 		{
    2996. 

  2996. 			$this->EE->functions->set_cookie('save_info',	'no', 60*60*24*365);
    2997. 

  2997. 			$this->EE->functions->set_cookie('my_name',		'');
    2998. 

  2998. 			$this->EE->functions->set_cookie('my_email',	'');
    2999. 

  2999. 			$this->EE->functions->set_cookie('my_url',		'');
    3000. 

  3000. 			$this->EE->functions->set_cookie('my_location',	'');
    3001. 

  3001. 		}
    3002. 

  3002. 

  3003. 		// -------------------------------------------
    3004. 

  3004. 		// 'insert_comment_end' hook.
    3005. 

  3005. 		//  - More emails, more processing, different redirect
    3006. 

  3006. 		//  - $comment_id added in 1.6.1
    3007. 

  3007. 		//
    3008. 

  3008. 			$edata = $this->EE->extensions->call('insert_comment_end', $data, $comment_moderate, $comment_id);
    3009. 

  3009. 			if ($this->EE->extensions->end_script === TRUE) return;
    3010. 

  3010. 		//
    3011. 

  3011. 		// -------------------------------------------
    3012. 

  3012. 

  3013. 		/** -------------------------------------------
    3014. 

  3014. 		/**  Bounce user back to the comment page
    3015. 

  3015. 		/** -------------------------------------------*/
    3016. 

  3016. 

  3017. 		if ($comment_moderate == 'y')
    3018. 

  3018. 		{
    3019. 

  3019. 			$data = array(	'title' 	=> $this->EE->lang->line('cmt_comment_accepted'),
    3020. 

  3020. 							'heading'	=> $this->EE->lang->line('thank_you'),
    3021. 

  3021. 							'content'	=> $this->EE->lang->line('cmt_will_be_reviewed'),
    3022. 

  3022. 							'redirect'	=> $return_link,
    3023. 

  3023. 							'link'		=> array($return_link, $this->EE->lang->line('cmt_return_to_comments')),
    3024. 

  3024. 							'rate'		=> 3
    3025. 

  3025. 						 );
    3026. 

  3026. 

  3027. 			$this->EE->output->show_message($data);
    3028. 

  3028. 		}
    3029. 

  3029. 		else
    3030. 

  3030. 		{
    3031. 

  3031. 			$this->EE->functions->redirect($return_link);
    3032. 

  3032. 		}
    3033. 

  3033. 	}
    3034. 

  3034. 

  3035. 

  3036. 	// --------------------------------------------------------------------
    3037. 

  3037. 

  3038. 	/**
    3039. 

  3039. 	 * Comment subscription tag
    3040. 

  3040. 	 *
    3041. 

  3041. 	 *
    3042. 

  3042. 	 * @access	public
    3043. 

  3043. 	 * @return	string
    3044. 

  3044. 	 */
    3045. 

  3045. 	function notification_links()
    3046. 

  3046. 	{
    3047. 

  3047. 		// Membership is required
    3048. 

  3048. 		if ($this->EE->session->userdata('member_id') == 0)
    3049. 

  3049. 		{
    3050. 

  3050. 			return;
    3051. 

  3051. 		}
    3052. 

  3052. 		
    3053. 

  3053. 		$entry_id = FALSE;
    3054. 

  3054. 		$qstring = $this->EE->uri->query_string;
    3055. 

  3055. 		
    3056. 

  3056. 		if (preg_match("#(^|/)P(\d+)(/|$)#", $qstring, $match))
    3057. 

  3057. 		{
    3058. 

  3058. 			$qstring = trim($this->EE->functions->remove_double_slashes(str_replace($match['0'], '/', $qstring)), '/');
    3059. 

  3059. 		}
    3060. 

  3060. 

  3061. 		// Figure out the right entry ID
    3062. 

  3062. 		// If there is a slash in the entry ID we'll kill everything after it.
    3063. 

  3063. 		$entry_seg = trim($qstring); 
    3064. 

  3064. 		$entry_seg= preg_replace("#/.+#", "", $entry_seg);
    3065. 

  3065. 

  3066. 		if (is_numeric($entry_seg))
    3067. 

  3067. 		{
    3068. 

  3068. 			$entry_id = $entry_seg;
    3069. 

  3069. 		}
    3070. 

  3070. 		else
    3071. 

  3071. 		{
    3072. 

  3072. 			$this->EE->db->select('entry_id');
    3073. 

  3073. 			$query = $this->EE->db->get_where('channel_titles', array('url_title' => $entry_seg));
    3074. 

  3074. 			
    3075. 

  3075. 			if ($query->num_rows() == 1)
    3076. 

  3076. 			{
    3077. 

  3077.    				$row = $query->row();
    3078. 

  3078.   				$entry_id = $row->entry_id;
    3079. 

  3079. 			}
    3080. 

  3080. 		}
    3081. 

  3081. 

  3082. 		// entry_id is required
    3083. 

  3083. 		if ( ! $entry_id)
    3084. 

  3084. 		{
    3085. 

  3085. 			return;
    3086. 

  3086. 		}
    3087. 

  3087. 		
    3088. 

  3088. 				
    3089. 

  3089. 		$this->EE->load->library('subscription');
    3090. 

  3090. 		$this->EE->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
    3091. 

  3091. 		$subscribed = $this->EE->subscription->is_subscribed(FALSE);
    3092. 

  3092. 

  3093. 

  3094. 		$action_id  = $this->EE->functions->fetch_action_id('Comment', 'comment_subscribe');
    3095. 

  3095. 

  3096. 		// Bleh- really need a conditional for if they are subscribed
    3097. 

  3097. 

  3098. 		$sub_link = $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&entry_id='.$entry_id.'&ret='.$this->EE->uri->uri_string();
    3099. 

  3099. 		$unsub_link = $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&entry_id='.$entry_id.'&type=unsubscribe'.'&ret='. $this->EE->uri->uri_string();
    3100. 

  3100.  		
    3101. 

  3101. 		$data[] = array('subscribe_link' => $sub_link, 'unsubscribe_link' => $unsub_link, 'subscribed' => $subscribed);
    3102. 

  3102. 		
    3103. 

  3103. 		$tagdata = $this->EE->TMPL->tagdata;
    3104. 

  3104. 		return $this->EE->TMPL->parse_variables($tagdata, $data); 		
    3105. 

  3105. 		
    3106. 

  3106. 	}
    3107. 

  3107. 

  3108. 	// --------------------------------------------------------------------
    3109. 

  3109. 

  3110. 	/**
    3111. 

  3111. 	 * Comment subscription w/out commenting
    3112. 

  3112. 	 *
    3113. 

  3113. 	 *
    3114. 

  3114. 	 * @access	public
    3115. 

  3115. 	 * @return	string
    3116. 

  3116. 	 */
    3117. 

  3117. 	function comment_subscribe()
    3118. 

  3118. 	{
    3119. 

  3119. 		// Membership is required
    3120. 

  3120. 		if ($this->EE->session->userdata('member_id') == 0)
    3121. 

  3121. 		{
    3122. 

  3122. 			return;
    3123. 

  3123. 		}
    3124. 

  3124. 

  3125. 		$id		= $this->EE->input->get('entry_id');
    3126. 

  3126. 		$type	= ($this->EE->input->get('type')) ? 'unsubscribe' : 'subscribe';
    3127. 

  3127. 		$ret	= $this->EE->input->get('ret');
    3128. 

  3128. 

  3129. 		if ( ! $id)
    3130. 

  3130. 		{
    3131. 

  3131. 			return;
    3132. 

  3132. 		}
    3133. 

  3133. 

  3134. 		$this->EE->lang->loadfile('comment');
    3135. 

  3135. 		
    3136. 

  3136. 		// Does entry exist?
    3137. 

  3137. 		
    3138. 

  3138. 		$this->EE->db->select('title');
    3139. 

  3139. 		$query = $this->EE->db->get_where('channel_titles', array('entry_id' => $id));
    3140. 

  3140. 			
    3141. 

  3141. 		if ($query->num_rows() != 1)
    3142. 

  3142. 		{
    3143. 

  3143.  			return $this->EE->output->show_user_error('submission', 'invalid_subscription');
    3144. 

  3144. 		}
    3145. 

  3145. 

  3146.   		$row = $query->row();
    3147. 

  3147.   		$entry_title = $row->title;
    3148. 

  3148. 

  3149. 		// Are they currently subscribed
    3150. 

  3150. 		
    3151. 

  3151. 		$this->EE->load->library('subscription');
    3152. 

  3152. 		$this->EE->subscription->init('comment', array('entry_id' => $id), TRUE);
    3153. 

  3153. 		$subscribed = $this->EE->subscription->is_subscribed(FALSE);	
    3154. 

  3154. 		
    3155. 

  3155. 		if ($type == 'subscribe' && $subscribed == TRUE)
    3156. 

  3156. 		{
    3157. 

  3157. 			return $this->EE->output->show_user_error('submission', $this->EE->lang->line('already_subscribed'));
    3158. 

  3158. 		}	
    3159. 

  3159. 		
    3160. 

  3160. 		if ($type == 'unsubscribe' && $subscribed == FALSE)
    3161. 

  3161. 		{
    3162. 

  3162. 			return $this->EE->output->show_user_error('submission', $this->EE->lang->line('not_currently_subscribed'));
    3163. 

  3163. 		}
    3164. 

  3164. 

  3165. 		// They check out- let them through
    3166. 

  3166. 		$this->EE->subscription->$type();
    3167. 

  3167. 

  3168. 		// Show success message
    3169. 

  3169. 		
    3170. 

  3170. 		$this->EE->lang->loadfile('comment');
    3171. 

  3171. 		
    3172. 

  3172. 		$title = ($type == 'unsubscribe') ? 'cmt_unsubscribe' : 'cmt_subscribe';
    3173. 

  3173. 		$content = ($type == 'unsubscribe') ? 'you_have_been_unsubscribed' : 'you_have_been_subscribed';
    3174. 

  3174. 		
    3175. 

  3175. 		
    3176. 

  3176. 		$return_link = $this->EE->functions->create_url($ret);
    3177. 

  3177. 		
    3178. 

  3178. 

  3179. 		$data = array(	'title' 	=> $this->EE->lang->line($title),
    3180. 

  3180. 						'heading'	=> $this->EE->lang->line('thank_you'),
    3181. 

  3181. 						'content'	=> $this->EE->lang->line($content).' '.$entry_title,
    3182. 

  3182. 						'redirect'	=> $return_link,
    3183. 

  3183. 						'link'		=> array($return_link, $this->EE->lang->line('cmt_return_to_comments')),
    3184. 

  3184. 						'rate'		=> 3
    3185. 

  3185. 					 );		
    3186. 

  3186. 

  3187. 			$this->EE->output->show_message($data);
    3188. 

  3188. 		
    3189. 

  3189. 	}
    3190. 

  3190. 

  3191. 	// --------------------------------------------------------------------
    3192. 

  3192. 

  3193. 	/**
    3194. 

  3194. 	 * Remove session ID from string
    3195. 

  3195. 	 *
    3196. 

  3196. 	 * This function is used mainly by the Input class to strip
    3197. 

  3197. 	 * session IDs if they are used in public pages.
    3198. 

  3198. 	 *
    3199. 

  3199. 	 * @access	public
    3200. 

  3200. 	 * @param	string
    3201. 

  3201. 	 * @return	string
    3202. 

  3202. 	 */
    3203. 

  3203. 	function remove_session_id($str)
    3204. 

  3204. 	{
    3205. 

  3205. 		return preg_replace("#S=.+?/#", "", $str);
    3206. 

  3206. 	}
    3207. 

  3207. 	
    3208. 

  3208. 	
    3209. 

  3209. 	// --------------------------------------------------------------------
    3210. 

  3210. 

  3211. 	/**
    3212. 

  3212. 	 * Frontend comment editing
    3213. 

  3213. 	 *
    3214. 

  3214. 	 *
    3215. 

  3215. 	 * @access	public
    3216. 

  3216. 	 * @param	string
    3217. 

  3217. 	 * @return	string
    3218. 

  3218. 	 */
    3219. 

  3219. 	function edit_comment($ajax_request = TRUE)
    3220. 

  3220. 	{
    3221. 

  3221. 		@header("Content-type: text/html; charset=UTF-8");
    3222. 

  3222. 		
    3223. 

  3223. 		if ($this->EE->input->get_post('comment_id') === FALSE OR (($this->EE->input->get_post('comment') === FALSE OR $this->EE->input->get_post('comment') == '') && $this->EE->input->get_post('status') != 'close'))
    3224. 

  3224. 		{
    3225. 

  3225. 			exit('null');
    3226. 

  3226. 		}
    3227. 

  3227. 		
    3228. 

  3228. 		// Not logged in member- eject
    3229. 

  3229. 		if ($this->EE->session->userdata['member_id'] == '0')
    3230. 

  3230. 		{
    3231. 

  3231. 			exit('null');
    3232. 

  3232. 		}
    3233. 

  3233. 

  3234. 		$edited_status = ($this->EE->input->get_post('status') != 'close') ? FALSE : 'c';
    3235. 

  3235. 		$edited_comment = $this->EE->input->get_post('comment');
    3236. 

  3236. 		$can_edit = FALSE;
    3237. 

  3237. 		$can_moderate = FALSE;
    3238. 

  3238. 				
    3239. 

  3239. 		$this->EE->db->from('comments');
    3240. 

  3240. 		$this->EE->db->from('channels');
    3241. 

  3241. 		$this->EE->db->from('channel_titles');
    3242. 

  3242. 		$this->EE->db->select('comments.author_id, comments.comment_date, channel_titles.author_id AS entry_author_id, channels.comment_text_formatting, channels.comment_html_formatting, channels.comment_allow_img_urls, channels.comment_auto_link_urls');
    3243. 

  3243. 		$this->EE->db->where('comment_id', $this->EE->input->get_post('comment_id'));
    3244. 

  3244. 		$this->EE->db->where('comments.channel_id = '.$this->EE->db->dbprefix('channels').'.channel_id');
    3245. 

  3245. 		$this->EE->db->where('comments.entry_id = '.$this->EE->db->dbprefix('channel_titles').'.entry_id');
    3246. 

  3246. 		$query = $this->EE->db->get();
    3247. 

  3247. 		
    3248. 

  3248. 		if ($query->num_rows() > 0)
    3249. 

  3249. 		{
    3250. 

  3250. 			if ($this->EE->session->userdata['group_id'] == 1 OR 
    3251. 

  3251. 				$this->EE->session->userdata['can_edit_all_comments'] == 'y' OR 
    3252. 

  3252. 				($this->EE->session->userdata['can_edit_own_comments'] == 'y' && $query->row('entry_author_id') == $this->EE->session->userdata['member_id']))
    3253. 

  3253. 				{
    3254. 

  3254. 					$can_edit = TRUE;
    3255. 

  3255. 					$can_moderate = TRUE;								
    3256. 

  3256. 				}
    3257. 

  3257. 				elseif ($this->EE->session->userdata['member_id'] != '0'  && $query->row('author_id') == $this->EE->session->userdata['member_id'])
    3258. 

  3258. 				{
    3259. 

  3259. 					// Check for time limit
    3260. 

  3260. 					if ($this->EE->config->item('comment_edit_time_limit') > 0)
    3261. 

  3261. 					{
    3262. 

  3262. 						if ($query->row('comment_date') > $this->EE->localize->now - 60*$this->EE->config->item('edit_time_limit'))
    3263. 

  3263. 						{
    3264. 

  3264. 							$can_edit = TRUE;
    3265. 

  3265. 						}
    3266. 

  3266. 					}
    3267. 

  3267. 					else
    3268. 

  3268. 					{
    3269. 

  3269. 						$can_edit = TRUE;
    3270. 

  3270. 					}
    3271. 

  3271. 				}
    3272. 

  3272. 

  3273. 			$data = array();
    3274. 

  3274. 

  3275. 			if ($edited_status != FALSE & $can_moderate != FALSE)
    3276. 

  3276. 			{
    3277. 

  3277. 				$data['status'] = 'c';
    3278. 

  3278. 			}
    3279. 

  3279. 				
    3280. 

  3280. 			if ($edited_comment != FALSE & $can_edit != FALSE)
    3281. 

  3281. 			{
    3282. 

  3282. 				$data['comment'] = $edited_comment;
    3283. 

  3283. 			}				
    3284. 

  3284. 			
    3285. 

  3285. 			if (count($data) > 0)
    3286. 

  3286. 			{
    3287. 

  3287. 				$this->EE->db->where('comment_id', $this->EE->input->get_post('comment_id'));
    3288. 

  3288. 				$this->EE->db->update('comments', $data); 
    3289. 

  3289. 					
    3290. 

  3290. 				if ($edited_status != FALSE & $can_moderate != FALSE)
    3291. 

  3291. 				{
    3292. 

  3292. 					exit('Comment Closed');
    3293. 

  3293. 				}				
    3294. 

  3294. 

  3295. 				$this->EE->load->library('typography'); 
    3296. 

  3296. 				
    3297. 

  3297. 				exit( $this->EE->typography->parse_type( stripslashes($this->EE->input->get_post('comment')), 
    3298. 

  3298. 										   array(
    3299. 

  3299. 													'text_format'   => $query->row('comment_text_formatting'),
    3300. 

  3300. 													'html_format'   => $query->row('comment_html_formatting'),
    3301. 

  3301. 													'auto_links'    => $query->row('comment_auto_link_urls'),
    3302. 

  3302. 													'allow_img_url' => $query->row('comment_allow_img_urls')
    3303. 

  3303. 												)
    3304. 

  3304. 										));
    3305. 

  3305. 			}
    3306. 

  3306. 		}
    3307. 

  3307. 

  3308. 		exit('null');    
    3309. 

  3309. 	}	
    3310. 

  3310. 	
    3311. 

  3311. 	function ajax_edit_url()
    3312. 

  3312. 	{
    3313. 

  3313. 

  3314. 		$url = $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$this->EE->functions->fetch_action_id('Comment', 'edit_comment');
    3315. 

  3315. 		
    3316. 

  3316. 		return $url;
    3317. 

  3317. 	}
    3318. 

  3318. 	
    3319. 

  3319. 

  3320. }
    3321. 

  3321. // END CLASS
    3322. 

  3322. 

  3323. /* End of file mod.comment.php */
    3324. 

  3324. /* Location: ./system/expressionengine/modules/comment/mod.comment.php */
    3325.