b2evolution PHP Cross Reference Blogging Systems

Source: /htsrv/trackback.php - 225 lines - 6808 bytes - Summary - Text - Print

Description: This file handles trackback requests This file is part of the evoCore framework - {@link http://evocore.net/} See also {@link http://sourceforge.net/projects/evocms/}.

   1  <?php
   2  /**
   3   * This file handles trackback requests
   4   *
   5   * This file is part of the evoCore framework - {@link http://evocore.net/}
   6   * See also {@link http://sourceforge.net/projects/evocms/}.
   7   *
   8   * @copyright (c)2003-2014 by Francois Planque - {@link http://fplanque.com/}
   9   * Parts of this file are copyright (c)2004-2006 by Daniel HAHLER - {@link http://thequod.de/contact}.
  10   *
  11   * {@internal License choice
  12   * - If you have received this file as part of a package, please find the license.txt file in
  13   *   the same folder or the closest folder above for complete license terms.
  14   * - If you have received this file individually (e-g: from http://evocms.cvs.sourceforge.net/)
  15   *   then you must choose one of the following licenses before using the file:
  16   *   - GNU General Public License 2 (GPL) - http://www.opensource.org/licenses/gpl-license.php
  17   *   - Mozilla Public License 1.1 (MPL) - http://www.opensource.org/licenses/mozilla1.1.php
  18   * }}
  19   *
  20   * {@internal Open Source relicensing agreement:
  21   * Daniel HAHLER grants Francois PLANQUE the right to license
  22   * Daniel HAHLER's contributions to this file and the b2evolution project
  23   * under any OSI approved OSS license (http://www.opensource.org/licenses/).
  24   * }}
  25   *
  26   * @package htsrv
  27   *
  28   * {@internal Below is a list of authors who have contributed to design/coding of this file: }}
  29   * @author blueyed: Daniel HAHLER
  30   * @author fplanque: Francois PLANQUE
  31   *
  32   * @version $Id: trackback.php 6136 2014-03-08 07:59:48Z manuel $
  33   */
  34  
  35  
  36  /**
  37   * Initialize everything:
  38   */
  39  require_once dirname(__FILE__).'/../conf/_config.php';
  40  
  41  require_once $inc_path.'_main.inc.php';
  42  
  43  if( $Settings->get('system_lock') )
  44  { // System is locked for maintenance, trackbacks are not allowed
  45      $Messages->add( T_('You cannot leave a comment at this time because the system is under maintenance. Please try again in a few moments.'), 'error' );
  46      header_redirect(); // Will save $Messages into Session
  47  }
  48  
  49  // Do not append Debuglog to response!
  50  $debug = false;
  51  
  52  // Do not append Debug JSlog to response!
  53  $debug_jslog = false;
  54  
  55  /**
  56   * Send a trackback response and exits.
  57   *
  58   * @param integer Error code
  59   * @param string Error message
  60   */
  61  function trackback_response( $error = 0, $error_message = '' )
  62  { // trackback - reply
  63      global $io_charset;
  64  
  65      echo '<?xml version="1.0" encoding="'.$io_charset.'"?'.">\n";
  66      echo "<response>\n";
  67      echo "<error>$error</error>\n";
  68      echo "<message>$error_message</message>\n";
  69      echo "</response>";
  70      exit(0);
  71  }
  72  
  73  // statuses allowed for acting on:
  74  $show_statuses = array( 'published', 'protected', 'private' );
  75  
  76  param( 'tb_id', 'integer' );
  77  param( 'url', 'string' );
  78  param( 'title', 'string' );
  79  param( 'excerpt', 'html' );
  80  param( 'blog_name', 'string' );
  81  
  82  
  83  if( empty($tb_id) )
  84  { // No parameter for ID, get if from URL:
  85      $path_elements = explode( '/', $ReqPath, 30 );
  86      $tb_id = intval( $path_elements[count($path_elements)-1] );
  87  }
  88  
  89  
  90  if( ! empty($_GET['__mode']) )
  91  { // some MT extension (AFAIK), that we do not support
  92      return;
  93  }
  94  
  95  if( empty($tb_id) )
  96  {
  97      trackback_response( 1, 'No trackback post ID given.' ); // exits
  98  }
  99  if( empty($url) )
 100  {
 101      trackback_response( 1, 'No url to your permanent entry given.' ); // exits
 102  }
 103  
 104  @header('Content-Type: text/xml');
 105  
 106  $ItemCache = & get_ItemCache();
 107  if( !( $commented_Item = & $ItemCache->get_by_ID( $tb_id, false ) ) )
 108  {
 109      trackback_response( 1, 'Sorry, the requested post doesn\'t exist.' ); // exits
 110  }
 111  
 112  if( !( $Blog = & $commented_Item->get_Blog() ) )
 113  {
 114      trackback_response( 1, 'Sorry, could not get the post\'s weblog.' ); // exits
 115  }
 116  
 117  if( ! $commented_Item->can_receive_pings() )
 118  {
 119      trackback_response( 1, 'Sorry, this weblog does not allow you to trackback its posts.' ); // exits
 120  }
 121  
 122  // Commented out again, because it's comment specific: if( ! $commented_Item->can_comment( NULL ) )
 123  // "BeforeTrackbackInsert" should be hooked instead!
 124  if( $commented_Item->comment_status != 'open' )
 125  {
 126      trackback_response( 1, 'Sorry, this item does not accept trackbacks.' ); // exits
 127  }
 128  
 129  
 130  // CHECK content
 131  if( $error = validate_url( $url, 'commenting' ) )
 132  {
 133      $Messages->add( T_('Supplied URL is invalid: ').$error, 'error' );
 134  }
 135  
 136  if( $Messages->has_errors() )
 137  {
 138      trackback_response( 1, $Messages->get_string( '', '', "\n" ) ); // exits
 139  }
 140  
 141  // TODO: dh> title and excerpt should be htmlbody, too, no?
 142  $title = strmaxlen(strip_tags($title), 255, '...', 'raw');
 143  $excerpt = strmaxlen(strip_tags($excerpt), 255, '...', 'raw');
 144  $blog_name = strmaxlen($blog_name, 255, '...', 'htmlbody');
 145  
 146  $comment = '';
 147  if( ! empty($title) )
 148  {
 149      $comment .= '<strong>'.$title.'</strong>';
 150  
 151      if( ! empty($excerpt) )
 152      {
 153          $comment .= '<br />';
 154      }
 155  }
 156  $comment .= $excerpt;
 157  
 158  $comment = format_to_post( $comment, 1 ); // includes antispam
 159  if( empty($comment) )
 160  { // comment should not be empty!
 161      $Messages->add( T_('Please do not send empty comment'), 'error' );
 162  }
 163  
 164  
 165  /**
 166   * @global Comment Trackback object
 167   */
 168  $Comment = new Comment();
 169  $Comment->set( 'type', 'trackback' );
 170  $Comment->set_Item( $commented_Item );
 171  $Comment->set( 'author', $blog_name );
 172  $Comment->set( 'author_url', $url );
 173  $Comment->set( 'author_IP', $Hit->IP );
 174  $Comment->set( 'date', date('Y-m-d H:i:s', $localtimenow ) );
 175  $Comment->set( 'content', $comment );
 176  // Assign default status for new comments:
 177  $Comment->set( 'status', $commented_Item->Blog->get_setting('new_feedback_status') );
 178  
 179  
 180  // Trigger event, which may add a message of category "error":
 181  $Plugins->trigger_event( 'BeforeTrackbackInsert', array( 'Comment' => & $Comment ) );
 182  
 183  
 184  // Display errors:
 185  if( $errstring = $Messages->get_string( 'Cannot insert trackback, please correct these errors:', '' ) )
 186  {
 187      trackback_response(1, $errstring);
 188      // tblue> Note: the spec at <http://www.sixapart.com/pronet/docs/trackback_spec>
 189      //    only shows error code 1 in the example response
 190      //    and we also only check for code 1 in TB answers.
 191  }
 192  
 193  
 194  // Record trackback into DB:
 195  $Comment->dbinsert();
 196  
 197  
 198  if( $Comment->ID == 0 )
 199  {
 200      // Exit silently! Wz don't want to give an easy tool to try and pass the filters.
 201      trackback_response( 0, 'ok' );
 202  }
 203  
 204  
 205  /*
 206   * ----------------------------
 207   * New trackback notification:
 208   * ----------------------------
 209   */
 210  // TODO: dh> this should only send published feedback probably and should also use "outbound_notifications_mode"
 211  // asimo> this handles moderators and general users as well and use "outbound_notifications_mode" in case of general users
 212  // Moderators will get emails about every new trackback
 213  // Subscribed user will only get emails about new published trackback
 214  $Comment->handle_notifications( true );
 215  
 216  
 217  // Trigger event: a Plugin should cleanup any temporary data here..
 218  // fp>> WARNING: won't be called if trackback gets deleted by antispam
 219  $Plugins->trigger_event( 'AfterTrackbackInsert', array( 'Comment' => & $Comment ) );
 220  
 221  
 222  // fp>TODO: warn about moderation
 223  trackback_response( 0, 'ok' );
 224  
 225  ?>

title

Description

title

Description

title

Description

title

title

Body