| 1 | <?php |
|---|
| 2 | # Movable Type (r) Open Source (C) 2001-2008 Six Apart, Ltd. |
|---|
| 3 | # This program is distributed under the terms of the |
|---|
| 4 | # GNU General Public License, version 2. |
|---|
| 5 | # |
|---|
| 6 | # $Id$ |
|---|
| 7 | |
|---|
| 8 | function smarty_function_mtcommentauthorlink($args, &$ctx) { |
|---|
| 9 | global $mt; |
|---|
| 10 | $comment = $ctx->stash('comment'); |
|---|
| 11 | $name = $comment['comment_author']; |
|---|
| 12 | if (!$name && isset($args['default_name'])) |
|---|
| 13 | $name = $args['default_name']; |
|---|
| 14 | $name or $name = $mt->translate("Anonymous"); |
|---|
| 15 | $email = $comment['comment_email']; |
|---|
| 16 | $url = $comment['comment_url']; |
|---|
| 17 | if (isset($args['show_email'])) |
|---|
| 18 | $show_email = $args['show_email']; |
|---|
| 19 | else |
|---|
| 20 | $show_email = 0; |
|---|
| 21 | if (isset($args['show_url'])) |
|---|
| 22 | $show_url = $args['show_url']; |
|---|
| 23 | else |
|---|
| 24 | $show_url = 1; |
|---|
| 25 | $target = (isset($args['new_window']) && $args['new_window']) |
|---|
| 26 | ? ' target="_blank"' : ''; |
|---|
| 27 | |
|---|
| 28 | _comment_follow($args, $ctx); |
|---|
| 29 | |
|---|
| 30 | $cmntr = $ctx->stash('commenter'); |
|---|
| 31 | if (!isset($cmntr) && isset($comment['comment_commenter_id'])) |
|---|
| 32 | $cmntr = $ctx->mt->db->fetch_author($comment['comment_commenter_id']); |
|---|
| 33 | |
|---|
| 34 | if ( $cmntr ) { |
|---|
| 35 | $name = isset($cmntr['author_nickname']) ? $cmntr['author_nickname'] : $name; |
|---|
| 36 | if ($cmntr['author_url']) |
|---|
| 37 | return sprintf('<a title="%s" href="%s"%s>%s</a>', $cmntr['author_url'], $cmntr['author_url'], $target, $name); |
|---|
| 38 | return $name; |
|---|
| 39 | } elseif ($show_url && $url) { |
|---|
| 40 | require_once "function.mtcgipath.php"; |
|---|
| 41 | $cgi_path = smarty_function_mtcgipath($args, $ctx); |
|---|
| 42 | $comment_script = $ctx->mt->config('CommentScript'); |
|---|
| 43 | $name = strip_tags($name); |
|---|
| 44 | $url = strip_tags($url); |
|---|
| 45 | $url = preg_replace('/>/', '>', $url); |
|---|
| 46 | if ($comment['comment_id'] && !isset($args['no_redirect']) && !isset($args['nofollowfy'])) |
|---|
| 47 | return sprintf('<a title="%s" href="%s%s?__mode=red;id=%d"%s>%s</a>', $url, $cgi_path, $comment_script, $comment['comment_id'], $target, $name); |
|---|
| 48 | else |
|---|
| 49 | return sprintf('<a title="%s" href="%s"%s>%s</a>', $url, $url, $target, $name); |
|---|
| 50 | } elseif ($show_email && $email && is_valid_email($email)) { |
|---|
| 51 | $email = strip_tags($email); |
|---|
| 52 | $str = 'mailto:' . $email; |
|---|
| 53 | if ($args['spam_protect']) { |
|---|
| 54 | $str = spam_protect($str); |
|---|
| 55 | } |
|---|
| 56 | return sprintf('<a href="%s">%s</a>', $str, $name); |
|---|
| 57 | } |
|---|
| 58 | return $name; |
|---|
| 59 | |
|---|
| 60 | } |
|---|
| 61 | |
|---|
| 62 | function _comment_follow (&$args, $ctx) { |
|---|
| 63 | $comment = $ctx->stash('comment'); |
|---|
| 64 | if (empty($comment)) |
|---|
| 65 | return; |
|---|
| 66 | |
|---|
| 67 | $blog = $ctx->stash('blog'); |
|---|
| 68 | if (!empty($blog) && $blog['blog_nofollow_urls']) { |
|---|
| 69 | if ($blog['blog_follow_auth_links']) { |
|---|
| 70 | $cmntr = $ctx->stash('commenter'); |
|---|
| 71 | if (!isset($cmntr) && isset($comment['comment_commenter_id'])) { |
|---|
| 72 | $cmntr = $ctx->mt->db->fetch_author($comment['comment_commenter_id']); |
|---|
| 73 | if (!empty($cmntr)) |
|---|
| 74 | $ctx->stash('commenter', $cmntr); |
|---|
| 75 | } |
|---|
| 76 | if (empty($cmntr) || (!empty($cmntr) && !is_trusted($cmntr, $ctx, $blog['blog_id']))) |
|---|
| 77 | $args['nofollowfy'] = 1; |
|---|
| 78 | } else { |
|---|
| 79 | $args['nofollowfy'] = 1; |
|---|
| 80 | } |
|---|
| 81 | } |
|---|
| 82 | } |
|---|
| 83 | |
|---|
| 84 | function is_trusted ($cmntr, $ctx, $blog_id) { |
|---|
| 85 | if (empty($cmntr)) |
|---|
| 86 | return false; |
|---|
| 87 | |
|---|
| 88 | // commenter is superuser? |
|---|
| 89 | $perms = $ctx->mt->db->fetch_permission(array('blog_id' => 0, 'id' => $cmntr['author_id'])); |
|---|
| 90 | if (!empty($perms)) { |
|---|
| 91 | $perms = $perms[0]; |
|---|
| 92 | if (strstr($perms['permission_permissions'], '\'administer\'')) |
|---|
| 93 | return true; |
|---|
| 94 | } |
|---|
| 95 | |
|---|
| 96 | if (intval($ctx->mt->config['singlecommunity'])) |
|---|
| 97 | $blog_id = 0; |
|---|
| 98 | |
|---|
| 99 | // commenter has permission? |
|---|
| 100 | $perms = $ctx->mt->db->fetch_permission(array('blog_id' => $blog_id, 'id' => $cmntr['author_id'])); |
|---|
| 101 | if (!empty($perms)) |
|---|
| 102 | return false; |
|---|
| 103 | $perms = $perms[0]; |
|---|
| 104 | if (strstr($perms['permission_restrictions'], "'comment'")) |
|---|
| 105 | return false; |
|---|
| 106 | elseif (strstr($perms['permission_permissions'], "'comment'") || strstr($perms['permission_permissions'], "'manage_feedback'")) |
|---|
| 107 | return true; |
|---|
| 108 | else |
|---|
| 109 | return false; |
|---|
| 110 | } |
|---|
