| | 957 | sub session_state { |
| | 958 | my $app = shift; |
| | 959 | my $blog = $app->blog; |
| | 960 | my $blog_id = $blog->id if $blog; |
| | 961 | |
| | 962 | my $c; |
| | 963 | if ( $blog_id && $blog ) { |
| | 964 | my ( $sessobj, $commenter ) = $app->get_commenter_session(); |
| | 965 | if ( $sessobj && $commenter ) { |
| | 966 | my $blog_perms = $commenter->blog_perm($blog_id); |
| | 967 | my $banned = $commenter->is_banned($blog_id) ? "1" : "0"; |
| | 968 | $banned = 0 if $blog_perms && $blog_perms->can_administer; |
| | 969 | $banned ||= 1 if $commenter->status == MT::Author::BANNED(); |
| | 970 | |
| | 971 | if ($banned) { |
| | 972 | $sessobj->remove; |
| | 973 | } else { |
| | 974 | $sessobj->start( time + |
| | 975 | $app->config->CommentSessionTimeout); # extend by timeout |
| | 976 | $sessobj->save(); |
| | 977 | } |
| | 978 | |
| | 979 | # FIXME: These may not be accurate in 'SingleCommunity' mode... |
| | 980 | my $can_comment = $banned ? 0 : 1; |
| | 981 | $can_comment = 0 unless $blog->allow_unreg_comments || $blog->allow_reg_comments; |
| | 982 | my $can_post = ($blog_perms && $blog_perms->can_create_post) ? "1" : "0"; |
| | 983 | $c = { |
| | 984 | sid => $sessobj->id, |
| | 985 | name => $commenter->nickname, |
| | 986 | url => $commenter->url, |
| | 987 | email => $commenter->email, |
| | 988 | userpic => scalar $commenter->userpic_url, |
| | 989 | profile => "", # profile link url |
| | 990 | is_authenticated => "1", |
| | 991 | is_trusted => ($commenter->is_trusted($blog_id) ? "1" : "0"), |
| | 992 | is_author => ($commenter->type == MT::Author::AUTHOR() ? "1" : "0"), |
| | 993 | is_anonymous => "0", |
| | 994 | is_banned => $banned, |
| | 995 | can_comment => $can_comment, |
| | 996 | can_post => $can_post, |
| | 997 | }; |
| | 998 | } |
| | 999 | } |
| | 1000 | |
| | 1001 | unless ($c) { |
| | 1002 | my $can_comment = $blog && $blog->allow_anon_comments ? "1" : "0"; |
| | 1003 | $c = { |
| | 1004 | is_authenticated => "0", |
| | 1005 | is_trusted => "0", |
| | 1006 | is_anonymous => "1", |
| | 1007 | can_post => "0", # no anonymous posts |
| | 1008 | can_comment => $can_comment, |
| | 1009 | is_banned => "0", |
| | 1010 | }; |
| | 1011 | } |
| | 1012 | |
| | 1013 | return $c; |
| | 1014 | } |
| | 1015 | |
| | 1075 | } |
| | 1076 | |
| | 1077 | sub get_commenter_session { |
| | 1078 | my $app = shift; |
| | 1079 | my $q = $app->param; |
| | 1080 | |
| | 1081 | my $session_key; |
| | 1082 | |
| | 1083 | my $blog = $app->blog; |
| | 1084 | if ($blog) { |
| | 1085 | my $auths = $blog->commenter_authenticators || ''; |
| | 1086 | if ( $auths =~ /MovableType/ ) { |
| | 1087 | # First, check for a real MT user login. If one exists, |
| | 1088 | # return that as the commenter identity |
| | 1089 | my ($user, $first_time) = $app->login(); |
| | 1090 | if ( $user ) { |
| | 1091 | my $sess = $app->session; |
| | 1092 | return ( $sess, $user ); |
| | 1093 | } |
| | 1094 | } |
| | 1095 | } |
| | 1096 | |
| | 1097 | my %cookies = $app->cookies(); |
| | 1098 | my $cookie_name = $app->commenter_cookie; |
| | 1099 | if ( !$cookies{$cookie_name} ) { |
| | 1100 | return ( undef, undef ); |
| | 1101 | } |
| | 1102 | $session_key = $cookies{$cookie_name}->value() || ""; |
| | 1103 | $session_key =~ y/+/ /; |
| | 1104 | my $cfg = $app->config; |
| | 1105 | require MT::Session; |
| | 1106 | my $sess_obj = MT::Session->load( { id => $session_key, kind => 'SI' } ); |
| | 1107 | my $timeout = $cfg->CommentSessionTimeout; |
| | 1108 | my $user_id = $sess_obj->get('author_id') if $sess_obj; |
| | 1109 | my $user = MT::Author->load( $user_id ) if $user_id; |
| | 1110 | |
| | 1111 | if ( !$sess_obj |
| | 1112 | || ( $sess_obj->start() + $timeout < time ) |
| | 1113 | || ( !$user_id ) |
| | 1114 | || ( !$user ) |
| | 1115 | ) |
| | 1116 | { |
| | 1117 | $app->_invalidate_commenter_session( \%cookies ); |
| | 1118 | return ( undef, undef ); |
| | 1119 | } |
| | 1120 | |
| | 1121 | # session is valid! |
| | 1122 | return ( $sess_obj, $user ); |
