aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
Diffstat (limited to 'include')
-rw-r--r--include/functions.inc.php19
-rw-r--r--include/functions_comment.inc.php41
-rw-r--r--include/functions_user.inc.php14
-rw-r--r--include/picture_comment.inc.php52
4 files changed, 87 insertions, 39 deletions
diff --git a/include/functions.inc.php b/include/functions.inc.php
index f94aad480..0be5ec9ef 100644
--- a/include/functions.inc.php
+++ b/include/functions.inc.php
@@ -1725,4 +1725,23 @@ function url_check_format($url)
return (bool)preg_match('@^https?://(-\.)?([^\s/?\.#-]+\.?)+(/[^\s]*)?$@iS', $url);
}
}
+
+/**
+ * check email format
+ */
+function email_check_format($mail_address)
+{
+ if (version_compare(PHP_VERSION, '5.2.0') >= 0)
+ {
+ return filter_var($mail_address, FILTER_VALIDATE_EMAIL)!==false;
+ }
+ else
+ {
+ $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase
+ $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name
+ $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';
+
+ return (bool)preg_match($regex, $mail_address);
+ }
+}
?> \ No newline at end of file
diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php
index e812a1c6f..67716216c 100644
--- a/include/functions_comment.inc.php
+++ b/include/functions_comment.inc.php
@@ -91,6 +91,11 @@ function insert_user_comment( &$comm, $key, &$infos )
{
if ( empty($comm['author']) )
{
+ if ($conf['comments_author_mandatory'])
+ {
+ array_push($infos, l10n('Username is mandatory') );
+ $comment_action='reject';
+ }
$comm['author'] = 'guest';
}
$comm['author_id'] = $conf['guest_id'];
@@ -128,13 +133,35 @@ SELECT COUNT(*) AS user_exists
}
// website
- if ( !empty($comm['website_url']) and !preg_match('/^https?/i', $comm['website_url']) )
+ if (!empty($comm['website_url']))
+ {
+ if (!preg_match('/^https?/i', $comm['website_url']))
+ {
+ $comm['website_url'] = 'http://'.$comm['website_url'];
+ }
+ if (!url_check_format($comm['website_url']))
+ {
+ array_push($infos, l10n('Your website URL is invalid'));
+ $comment_action='reject';
+ }
+ }
+
+ // email
+ if (empty($comm['email']))
{
- $comm['website_url'] = 'http://'.$comm['website_url'];
+ if (!empty($user['email']))
+ {
+ $comm['email'] = $user['email'];
+ }
+ else if ($conf['comments_email_mandatory'])
+ {
+ array_push($infos, l10n('Email address is missing. Please specify an email address.') );
+ $comment_action='reject';
+ }
}
- if ( !empty($comm['website_url']) and !url_check_format($comm['website_url']) )
+ else if (!email_check_format($comm['email']))
{
- array_push($infos, l10n('Your website URL is invalid'));
+ array_push($infos, l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)'));
$comment_action='reject';
}
@@ -179,7 +206,7 @@ SELECT count(1) FROM '.COMMENTS_TABLE.'
{
$query = '
INSERT INTO '.COMMENTS_TABLE.'
- (author, author_id, anonymous_id, content, date, validated, validation_date, image_id, website_url)
+ (author, author_id, anonymous_id, content, date, validated, validation_date, image_id, website_url, email)
VALUES (
\''.$comm['author'].'\',
'.$comm['author_id'].',
@@ -189,7 +216,8 @@ INSERT INTO '.COMMENTS_TABLE.'
\''.($comment_action=='validate' ? 'true':'false').'\',
'.($comment_action=='validate' ? 'NOW()':'NULL').',
'.$comm['image_id'].',
- '.(!empty($comm['website_url']) ? '\''.$comm['website_url'].'\'' : 'NULL').'
+ '.(!empty($comm['website_url']) ? '\''.$comm['website_url'].'\'' : 'NULL').',
+ '.(!empty($comm['email']) ? '\''.$comm['email'].'\'' : 'NULL').'
)
';
@@ -207,6 +235,7 @@ INSERT INTO '.COMMENTS_TABLE.'
$keyargs_content = array
(
get_l10n_args('Author: %s', stripslashes($comm['author']) ),
+ get_l10n_args('Email: %s', stripslashes($comm['email']) ),
get_l10n_args('Comment: %s', stripslashes($comm['content']) ),
get_l10n_args('', ''),
get_l10n_args('Manage this user comment: %s', $comment_url)
diff --git a/include/functions_user.inc.php b/include/functions_user.inc.php
index f0006a55e..e6bbe57f8 100644
--- a/include/functions_user.inc.php
+++ b/include/functions_user.inc.php
@@ -41,11 +41,7 @@ function validate_mail_address($user_id, $mail_address)
return '';
}
- $atom = '[-a-z0-9!#$%&\'*+\\/=?^_`{|}~]'; // before arobase
- $domain = '([a-z0-9]([-a-z0-9]*[a-z0-9]+)?)'; // domain name
- $regex = '/^' . $atom . '+' . '(\.' . $atom . '+)*' . '@' . '(' . $domain . '{1,63}\.)+' . $domain . '{2,63}$/i';
-
- if ( !preg_match( $regex, $mail_address ) )
+ if ( !email_check_format($mail_address) )
{
return l10n('mail address must be like xxx@yyy.eee (example : jack@altern.org)');
}
@@ -53,10 +49,10 @@ function validate_mail_address($user_id, $mail_address)
if (defined("PHPWG_INSTALLED") and !empty($mail_address))
{
$query = '
-select count(*)
-from '.USERS_TABLE.'
-where upper('.$conf['user_fields']['email'].') = upper(\''.$mail_address.'\')
-'.(is_numeric($user_id) ? 'and '.$conf['user_fields']['id'].' != \''.$user_id.'\'' : '').'
+SELECT count(*)
+FROM '.USERS_TABLE.'
+WHERE upper('.$conf['user_fields']['email'].') = upper(\''.$mail_address.'\')
+'.(is_numeric($user_id) ? 'AND '.$conf['user_fields']['id'].' != \''.$user_id.'\'' : '').'
;';
list($count) = pwg_db_fetch_row(pwg_query($query));
if ($count != 0)
diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php
index 631f85596..5d007d4ea 100644
--- a/include/picture_comment.inc.php
+++ b/include/picture_comment.inc.php
@@ -49,12 +49,13 @@ if ( $page['show_comments'] and isset( $_POST['content'] ) )
'author' => trim( @$_POST['author'] ),
'content' => trim( $_POST['content'] ),
'website_url' => trim( $_POST['website_url'] ),
+ 'email' => trim( @$_POST['email'] ),
'image_id' => $page['image_id'],
);
include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
- $comment_action = insert_user_comment($comm, @$_POST['key'], $page['infos']);
+ $comment_action = insert_user_comment($comm, @$_POST['key'], $page['errors']);
switch ($comment_action)
{
@@ -143,10 +144,11 @@ SELECT
com.id,
author,
author_id,
- '.$conf['user_fields']['username'].' AS username,
+ u.'.$conf['user_fields']['email'].' AS user_email,
date,
image_id,
website_url,
+ com.email,
content,
validated
FROM '.COMMENTS_TABLE.' AS com
@@ -161,23 +163,25 @@ SELECT
while ($row = pwg_db_fetch_assoc($result))
{
- if (!empty($row['author']))
+ if ($row['author'] == 'guest')
{
- $author = $row['author'];
- if ($author == 'guest')
- {
- $author = l10n('guest');
- }
+ $row['author'] = l10n('guest');
}
- else
+
+ $email = null;
+ if (!empty($row['user_email']))
{
- $author = stripslashes($row['username']);
+ $email = $row['user_email'];
+ }
+ else if (!empty($row['email']))
+ {
+ $email = $row['email'];
}
$tpl_comment =
array(
'ID' => $row['id'],
- 'AUTHOR' => trigger_event('render_comment_author', $author),
+ 'AUTHOR' => trigger_event('render_comment_author', $row['author']),
'DATE' => format_date($row['date'], true),
'CONTENT' => trigger_event('render_comment_content',$row['content']),
'WEBSITE_URL' => $row['website_url'],
@@ -215,6 +219,8 @@ SELECT
}
if (is_admin())
{
+ $tpl_comment['EMAIL'] = $email;
+
if ($row['validated'] != 'true')
{
$tpl_comment['U_VALIDATE'] = add_url_params(
@@ -244,21 +250,19 @@ SELECT
if ($show_add_comment_form)
{
$key = get_ephemeral_key(3, $page['image_id']);
- $content = $author = $website_url = '';
- if ('reject'===@$comment_action)
- {
- $content = htmlspecialchars( stripslashes($comm['content']) );
- $author = htmlspecialchars( stripslashes($comm['author']) );
- $website_url = htmlspecialchars( stripslashes($comm['website_url']) );
- }
+
$template->assign('comment_add',
array(
- 'F_ACTION' => $url_self,
- 'KEY' => $key,
- 'CONTENT' => $content,
- 'SHOW_AUTHOR' => !is_classic_user(),
- 'AUTHOR' => $author ,
- 'WEBSITE_URL' => $website_url,
+ 'F_ACTION' => $url_self,
+ 'KEY' => $key,
+ 'CONTENT' => stripslashes(@$_POST['content']),
+ 'SHOW_AUTHOR' => !is_classic_user(),
+ 'AUTHOR_MANDATORY' => $conf['comments_author_mandatory'],
+ 'AUTHOR' => stripslashes(@$_POST['author']),
+ 'WEBSITE_URL' => stripslashes(@$_POST['website_url']),
+ 'SHOW_EMAIL' => !is_classic_user() or empty($user['email']),
+ 'EMAIL_MANDATORY' => $conf['comments_email_mandatory'],
+ 'EMAIL' => stripslashes(@$_POST['email']),
));
}
}