diff options
-rw-r--r-- | comments.php | 2 | ||||
-rw-r--r-- | include/functions.inc.php | 16 | ||||
-rw-r--r-- | include/functions_comment.inc.php | 16 | ||||
-rw-r--r-- | include/picture_comment.inc.php | 7 | ||||
-rw-r--r-- | install/db/129-database.php | 38 | ||||
-rw-r--r-- | install/piwigo_structure-mysql.sql | 1 | ||||
-rw-r--r-- | themes/default/template/comment_list.tpl | 3 | ||||
-rw-r--r-- | themes/default/template/picture.tpl | 4 |
8 files changed, 82 insertions, 5 deletions
diff --git a/comments.php b/comments.php index 570e88997..15891e2d5 100644 --- a/comments.php +++ b/comments.php @@ -382,6 +382,7 @@ SELECT com.id AS comment_id, com.author, com.author_id, com.date, + com.website_url, com.content, com.validated FROM '.IMAGE_CATEGORY_TABLE.' AS ic @@ -477,6 +478,7 @@ SELECT c.id, name, permalink, uppercats, com.id as comment_id 'src_image' => $src_image, 'ALT' => $name, 'AUTHOR' => trigger_event('render_comment_author', $comment['author']), + 'WEBSITE_URL' => $comment['website_url'], 'DATE'=>format_date($comment['date'], true), 'CONTENT'=>trigger_event('render_comment_content',$comment['content']), ); diff --git a/include/functions.inc.php b/include/functions.inc.php index 12be821e7..14ee6b42c 100644 --- a/include/functions.inc.php +++ b/include/functions.inc.php @@ -1692,4 +1692,20 @@ function mobile_theme() return $is_mobile_theme; } + +/** + * check url format + */ +function url_check_format($url) +{ + if (version_compare(PHP_VERSION, '5.2.0') >= 0) + { + return filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED)!==false; + } + else + { + // http://mathiasbynens.be/demo/url-regex @imme_emosol + return (bool)preg_match('@^https?://(-\.)?([^\s/?\.#-]+\.?)+(/[^\s]*)?$@iS', $url); + } +} ?>
\ No newline at end of file diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php index 51e83cd81..e812a1c6f 100644 --- a/include/functions_comment.inc.php +++ b/include/functions_comment.inc.php @@ -127,6 +127,17 @@ SELECT COUNT(*) AS user_exists $_POST['cr'][] = 'key'; // rvelices: I use this outside to see how spam robots work } + // website + if ( !empty($comm['website_url']) and !preg_match('/^https?/i', $comm['website_url']) ) + { + $comm['website_url'] = 'http://'.$comm['website_url']; + } + if ( !empty($comm['website_url']) and !url_check_format($comm['website_url']) ) + { + array_push($infos, l10n('Your website URL is invalid')); + $comment_action='reject'; + } + // anonymous id = ip address $ip_components = explode('.', $comm['ip']); if (count($ip_components) > 3) @@ -168,7 +179,7 @@ SELECT count(1) FROM '.COMMENTS_TABLE.' { $query = ' INSERT INTO '.COMMENTS_TABLE.' - (author, author_id, anonymous_id, content, date, validated, validation_date, image_id) + (author, author_id, anonymous_id, content, date, validated, validation_date, image_id, website_url) VALUES ( \''.$comm['author'].'\', '.$comm['author_id'].', @@ -177,7 +188,8 @@ INSERT INTO '.COMMENTS_TABLE.' NOW(), \''.($comment_action=='validate' ? 'true':'false').'\', '.($comment_action=='validate' ? 'NOW()':'NULL').', - '.$comm['image_id'].' + '.$comm['image_id'].', + '.(!empty($comm['website_url']) ? '\''.$comm['website_url'].'\'' : 'NULL').' ) '; diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index 380a66d5a..631f85596 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -48,6 +48,7 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) ) $comm = array( 'author' => trim( @$_POST['author'] ), 'content' => trim( $_POST['content'] ), + 'website_url' => trim( $_POST['website_url'] ), 'image_id' => $page['image_id'], ); @@ -145,6 +146,7 @@ SELECT '.$conf['user_fields']['username'].' AS username, date, image_id, + website_url, content, validated FROM '.COMMENTS_TABLE.' AS com @@ -178,6 +180,7 @@ SELECT 'AUTHOR' => trigger_event('render_comment_author', $author), 'DATE' => format_date($row['date'], true), 'CONTENT' => trigger_event('render_comment_content',$row['content']), + 'WEBSITE_URL' => $row['website_url'], ); if (can_manage_comment('delete', $row['author_id'])) @@ -241,11 +244,12 @@ SELECT if ($show_add_comment_form) { $key = get_ephemeral_key(3, $page['image_id']); - $content = $author = ''; + $content = $author = $website_url = ''; if ('reject'===@$comment_action) { $content = htmlspecialchars( stripslashes($comm['content']) ); $author = htmlspecialchars( stripslashes($comm['author']) ); + $website_url = htmlspecialchars( stripslashes($comm['website_url']) ); } $template->assign('comment_add', array( @@ -254,6 +258,7 @@ SELECT 'CONTENT' => $content, 'SHOW_AUTHOR' => !is_classic_user(), 'AUTHOR' => $author , + 'WEBSITE_URL' => $website_url, )); } } diff --git a/install/db/129-database.php b/install/db/129-database.php new file mode 100644 index 000000000..c8a8761bb --- /dev/null +++ b/install/db/129-database.php @@ -0,0 +1,38 @@ +<?php +// +-----------------------------------------------------------------------+ +// | Piwigo - a PHP based photo gallery | +// +-----------------------------------------------------------------------+ +// | Copyright(C) 2008-2012 Piwigo Team http://piwigo.org | +// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | +// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +if (!defined('PHPWG_ROOT_PATH')) +{ + die('Hacking attempt!'); +} + +$upgrade_description = 'add "website_url" field in comments table'; + +include_once(PHPWG_ROOT_PATH.'include/constants.php'); + +$query = 'ALTER TABLE `'.COMMENTS_TABLE.'` ADD `website_url` varchar(255) DEFAULT NULL;'; +pwg_query($query); + +echo "\n".$upgrade_description."\n"; + +?>
\ No newline at end of file diff --git a/install/piwigo_structure-mysql.sql b/install/piwigo_structure-mysql.sql index d1202b1bd..c8b4b10b9 100644 --- a/install/piwigo_structure-mysql.sql +++ b/install/piwigo_structure-mysql.sql @@ -53,6 +53,7 @@ CREATE TABLE `piwigo_comments` ( `author` varchar(255) default NULL, `author_id` smallint(5) DEFAULT NULL, `anonymous_id` varchar(45) NOT NULL, + `website_url` varchar(255) DEFAULT NULL, `content` longtext, `validated` enum('true','false') NOT NULL default 'false', `validation_date` datetime default NULL, diff --git a/themes/default/template/comment_list.tpl b/themes/default/template/comment_list.tpl index b61cd73bb..ec27111ef 100644 --- a/themes/default/template/comment_list.tpl +++ b/themes/default/template/comment_list.tpl @@ -54,7 +54,8 @@ </div> {/if} - <span class="commentAuthor">{$comment.AUTHOR}</span> - <span class="commentDate">{$comment.DATE}</span> + <span class="commentAuthor">{if $comment.WEBSITE_URL}<a href="{$comment.WEBSITE_URL}" class="external" target="_blank">{$comment.AUTHOR}</a>{else}{$comment.AUTHOR}{/if}</span> + - <span class="commentDate">{$comment.DATE}</span> {if isset($comment.IN_EDIT)} <a name="edit_comment"></a> <form method="post" action="{$comment.U_EDIT}" id="editComment"> diff --git a/themes/default/template/picture.tpl b/themes/default/template/picture.tpl index a46ed4e64..4d316c004 100644 --- a/themes/default/template/picture.tpl +++ b/themes/default/template/picture.tpl @@ -349,8 +349,10 @@ function togglePrivacyLevelBox() {if $comment_add.SHOW_AUTHOR} <p><label for="author">{'Author'|@translate} :</label></p> <p><input type="text" name="author" id="author" value="{$comment_add.AUTHOR}"></p> - <p><label for="contentid">{'Comment'|@translate} :</label></p> {/if} + <p><label for="website_url">{'Website'|@translate} :</label></p> + <p><input type="text" name="website_url" id="website_url" value="{$comment_add.WEBSITE_URL}"></p> + <p><label for="contentid">{'Comment'|@translate} :</label></p> <p><textarea name="content" id="contentid" rows="5" cols="50">{$comment_add.CONTENT}</textarea></p> <p><input type="hidden" name="key" value="{$comment_add.KEY}"> <input type="submit" value="{'Submit'|@translate}"></p> |