aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--include/functions.inc.php16
-rw-r--r--include/functions_comment.inc.php16
-rw-r--r--include/picture_comment.inc.php7
3 files changed, 36 insertions, 3 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index 12be821e7..14ee6b42c 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -1692,4 +1692,20 @@ function mobile_theme()
return $is_mobile_theme;
}
+
+/**
+ * check url format
+ */
+function url_check_format($url)
+{
+ if (version_compare(PHP_VERSION, '5.2.0') >= 0)
+ {
+ return filter_var($url, FILTER_VALIDATE_URL, FILTER_FLAG_SCHEME_REQUIRED | FILTER_FLAG_HOST_REQUIRED)!==false;
+ }
+ else
+ {
+ // http://mathiasbynens.be/demo/url-regex @imme_emosol
+ return (bool)preg_match('@^https?://(-\.)?([^\s/?\.#-]+\.?)+(/[^\s]*)?$@iS', $url);
+ }
+}
?> \ No newline at end of file
diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php
index 51e83cd81..e812a1c6f 100644
--- a/include/functions_comment.inc.php
+++ b/include/functions_comment.inc.php
@@ -127,6 +127,17 @@ SELECT COUNT(*) AS user_exists
$_POST['cr'][] = 'key'; // rvelices: I use this outside to see how spam robots work
}
+ // website
+ if ( !empty($comm['website_url']) and !preg_match('/^https?/i', $comm['website_url']) )
+ {
+ $comm['website_url'] = 'http://'.$comm['website_url'];
+ }
+ if ( !empty($comm['website_url']) and !url_check_format($comm['website_url']) )
+ {
+ array_push($infos, l10n('Your website URL is invalid'));
+ $comment_action='reject';
+ }
+
// anonymous id = ip address
$ip_components = explode('.', $comm['ip']);
if (count($ip_components) > 3)
@@ -168,7 +179,7 @@ SELECT count(1) FROM '.COMMENTS_TABLE.'
{
$query = '
INSERT INTO '.COMMENTS_TABLE.'
- (author, author_id, anonymous_id, content, date, validated, validation_date, image_id)
+ (author, author_id, anonymous_id, content, date, validated, validation_date, image_id, website_url)
VALUES (
\''.$comm['author'].'\',
'.$comm['author_id'].',
@@ -177,7 +188,8 @@ INSERT INTO '.COMMENTS_TABLE.'
NOW(),
\''.($comment_action=='validate' ? 'true':'false').'\',
'.($comment_action=='validate' ? 'NOW()':'NULL').',
- '.$comm['image_id'].'
+ '.$comm['image_id'].',
+ '.(!empty($comm['website_url']) ? '\''.$comm['website_url'].'\'' : 'NULL').'
)
';
diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php
index 380a66d5a..631f85596 100644
--- a/include/picture_comment.inc.php
+++ b/include/picture_comment.inc.php
@@ -48,6 +48,7 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) )
$comm = array(
'author' => trim( @$_POST['author'] ),
'content' => trim( $_POST['content'] ),
+ 'website_url' => trim( $_POST['website_url'] ),
'image_id' => $page['image_id'],
);
@@ -145,6 +146,7 @@ SELECT
'.$conf['user_fields']['username'].' AS username,
date,
image_id,
+ website_url,
content,
validated
FROM '.COMMENTS_TABLE.' AS com
@@ -178,6 +180,7 @@ SELECT
'AUTHOR' => trigger_event('render_comment_author', $author),
'DATE' => format_date($row['date'], true),
'CONTENT' => trigger_event('render_comment_content',$row['content']),
+ 'WEBSITE_URL' => $row['website_url'],
);
if (can_manage_comment('delete', $row['author_id']))
@@ -241,11 +244,12 @@ SELECT
if ($show_add_comment_form)
{
$key = get_ephemeral_key(3, $page['image_id']);
- $content = $author = '';
+ $content = $author = $website_url = '';
if ('reject'===@$comment_action)
{
$content = htmlspecialchars( stripslashes($comm['content']) );
$author = htmlspecialchars( stripslashes($comm['author']) );
+ $website_url = htmlspecialchars( stripslashes($comm['website_url']) );
}
$template->assign('comment_add',
array(
@@ -254,6 +258,7 @@ SELECT
'CONTENT' => $content,
'SHOW_AUTHOR' => !is_classic_user(),
'AUTHOR' => $author ,
+ 'WEBSITE_URL' => $website_url,
));
}
}