disable comments $NB_COM_CLOSE = 1728000; # (20 days) number of seconds after which comments are closed $NB_COM_MAX_SIZE = 2000; # max number of chars in a comment $NB_COM_AUTHOR_MAX_SIZE = 100; # max number of chars in a name $NB_COM_URL_MAX_SIZE = 100; # max number of chars in an url $NB_COM_EMAIL_MAX_SIZE = 100; # max number of chars in an url $NB_COM_EMAIL_DEFAULT = "nobody@example.net"; $o_umask = umask(0); # for mkdir() # Display the comment form function form($id) { global $NB_COM; $me = $_SERVER['PHP_SELF']; $author = $_POST['author']; $url = $_POST['url']; $email = $_POST['email']; $com = stripslashes($_POST['comment']); $epoch = id2epoch($id); if ($NB_COM == 0) { echo "

Comments are temporary closed

"; return; } if (closed($epoch)) { echo "

Comments are closed

"; echo "If you really, really want to comment, please "; echo "mail miek@miek.nl"; echo "

"; return; } if (strlen($url) == 0) { $url = "http://"; } echo <<Leave a Comment

Allowed bb tags: [b] [i] [u] [s] [code] [quote] [url]

PHP and HTML is stripped. Comments are moderated

EOF; } # submit a comment function submit() { global $NB_COM_BASE; global $NB_COM; global $NB_COM_EMAIL_DEFAULT; $link = "" . strip_html_tags($_POST['author']) . ""; $com = bb_tags(strip_html_tags(stripslashes($_POST['comment']))); $email = strip_html_tags($_POST['email']); $dir = "$NB_COM_BASE/" . $_POST['comment_id'] . "/new/"; $ok = "$NB_COM_BASE/" . $_POST['comment_id'] . "/ok/"; if ($NB_COM == 1) { if (!file_exists($dir)) { mkdir($dir, 0775, TRUE); } if (!file_exists($ok)) { mkdir($ok, 0775, TRUE); } } $prefix = time() . "_"; $err = form_check(); $author = $_POST['author']; $date = strftime($NB_TIME, time()); # email may be left empty fill in a default if (strlen($_POST['email']) == 0) { $_POST['email'] = $NB_COM_EMAIL_DEFAULT; } $email = $_POST['email']; if (!empty($err)) { # errors echo '
'; foreach($err as $e) { echo $e, "
"; } echo '
'; } else { echo '
'; echo "Your comment is submitted and awaits moderation"; if ($NB_COM != 1) { echo "Sorry, commenting is temporary disabled"; } echo '
'; $_POST['author'] = ""; $_POST['url'] = ""; $_POST['comment'] = ""; $_POST['email'] = ""; if ($NB_COM == 1) { $file = tempnam($dir, $prefix); chmod($file, 0640); file_put_contents($file, "$link\n$email\n$com"); } } echo <<
Submitted
$author
$date
$com
EOF; } # preview a submit function preview() { global $NB_TIME; $date = strftime($NB_TIME, time()); $author = "" . strip_html_tags($_POST['author']) . ""; $com = bb_tags(strip_html_tags(stripslashes($_POST['comment']))); $err = form_check(); if (!empty($err)) { # errors echo '
'; echo '
    '; foreach($err as $e) { echo "
  • " . $e, "
    • "; } echo '
'; echo '
'; } echo <<
Preview
$author
$date
$com
EOF; } # check $website starts with http:// does not contain ../'s function form_check() { global $NB_COM_MAX_SIZE; global $NB_COM_AUTHOR_MAX_SIZE; global $NB_COM_URL_MAX_SIZE; global $NB_COM_EMAIL_MAX_SIZE; $err = array(); if (strlen($_POST['author']) == 0) { $err[] = "A name is required"; } if (strlen($_POST['author']) > $NB_COM_AUTHOR_MAX_SIZE) { $err[] = "Name is too large"; $_POST['author'] = substr($author, 0 , $NB_COM_AUTHOR_MAX_SIZE); } if (strlen($_POST['comment']) > $NB_COM_MAX_SIZE) { $err[] = "Comment is too large"; $_POST['comment'] = substr($text, 0, $NB_COM_MAX_SIZE); } if (strlen($_POST['url']) > $NB_COM_URL_MAX_SIZE) { $err[] = "Website address is too large"; $_POST['url'] = substr($text, 0, $NB_COM_URL_MAX_SIZE); } if (strlen($_POST['email']) > $NB_COM_EMAIL_MAX_SIZE) { $err[] = "Email address is too large"; $_POST['email'] = substr($text, 0, $NB_COM_EMAIL_MAX_SIZE); } if (preg_match("/^http:\/\//", $_POST['url']) == 0) { $err[] = "Website needs to start with 'http://'"; } if (preg_match("/\.\./", $_POST['url']) == 1) { $err[] = "Illegal website address"; } return $err; } # Check the comment directory for this article # return an array with the commens function gather($id) { global $NB_COM_BASE; global $NB_TIME; $dir="$NB_COM_BASE/$id/ok"; $comment = array(); $matched = array(); $contents = array(); $i = 0; foreach (glob("$dir/*") as $com) { # $matched[1] has epoch preg_match("/.*ok\/(.*)_/", $com, $matched); if (strlen($matched[1]) != 0) { $contents = explode("\n", file_get_contents($com)); $comment[$i]['author'] = $contents[0]; # first line $comment[$i]['email'] = $contents[1]; # second line $comment[$i]['date'] = strftime($NB_TIME, $matched[1]); $comment[$i]['comment'] = implode("\n", array_slice($contents, 2)); $i++; } } return $comment; } # Give back the html of the given comments function show($comment) { $i = 0; $me = $_SERVER['PHP_SELF']; echo ''; foreach ($comment as $com) { echo ""; if ($i % 2 == 0) { echo '
'; } else { echo '
'; } echo ""; echo "$i"; echo ""; echo '
'; echo $com['author']; echo "
"; echo ''; echo $com['date']; echo ''; echo '
'; echo '
' . $com['comment'] . "
"; echo '
'; echo "
\n"; $i++; } } # http://nadeausoftware.com/articles/2007/09/php_tip_how_strip_html_tags_web_page # Remove HTML tags, including invisible text such as style and # script code, and embedded objects. Add line breaks around # block-level tags to prevent word joining after tag removal. function strip_html_tags($text) { $text = preg_replace( array( # Remove invisible content '@]*?>.*?@siu', '@]*?>.*?@siu', '@]*?.*?@siu', '@]*?.*?@siu', '@]*?.*?@siu', '@]*?.*?@siu', '@]*?.*?@siu', '@]*?.*?@siu', '@]*?.*?@siu', # Add line breaks before and after blocks '@$1", $text); # [i] - italic $text = preg_replace("/\[i\]((.|\n)*?)\[\/i\]/", "$1", $text); # [u] - underline $text = preg_replace("/\[u\]((.|\n)*?)\[\/u\]/", "$1", $text); # [s] - strike through $text = preg_replace("/\[s\]((.|\n)*?)\[\/s\]/", "$1", $text); # [code] - code examples $text = preg_replace("/\[code\]((.|\n)*?)\[\/code\]/", "$1", $text); # [quote] - quote something $text = preg_replace("/\[quote\]((.|\n)*?)\[\/quote\]/", "
$1
", $text); # [url]link[/url] $text = preg_replace("/\[url\]((.|\n)*?)\[\/url\]/", "$1", $text); # [url=domain]linkname[/url] $text = preg_replace("/\[url=(.*)\]((.|\n)*?)\[\/url\]/", "$2", $text); $text = nl2br($text); return $text; } # convert an article ID to epoch function id2epoch($id) { $m = array(); preg_match("/e(.*?)-(.*?)-(.*?)T(.*?)_(.*?)_(.*?)\.txt/", $id, $m); return strtotime($m[1] . "-" . $m[2] . "-" . $m[3] . " " . $m[4] . ":" . $m[5] . ":" . $m[6]); } # return FALSE when comments are OK, otherwise TRUE function closed($t) { global $NB_COM_CLOSE; if (time() - $t > $NB_COM_CLOSE) { return TRUE; } return FALSE; } # return a comment string in HTML # the string is with strike through if # commenting is closed otherwise it is # normal function commentstr($id, $permalink) { global $NB_COM; $epoch = id2epoch($id); $link = ""; if ($NB_COM != 1) { return "$linkComments: "; } if (closed($epoch)) { return "$linkComments: "; } else { return "${link}Comments: "; } } # not actually part of the comment system, but more of a # nb plugin. This adds a sidetitle with the most recent # comments, and links to the articles # show the 10 articles with the most recent articles function recent_comments() { global $NB_COM_BASE; global $NB_BASE; $comments = array(); $match = array(); $count = array(); foreach (glob("$NB_COM_BASE/*") as $artid) { $i = 0; foreach (glob("$artid/ok/*") as $com) { $comments[basename($com)] = basename($artid); $i++; } $count[basename($artid)] = $i; } arsort($comments); echo << recent comments
EOF; $j = 0; $seen = array(); foreach ($comments as $epoch => $artid) { if ( $seen[$artid] == 1) { continue; } # only 1 article $file = substr($artid, 1); $h = fopen("$NB_BASE/data/$file", "r"); $blog_title = rtrim(fgets($h, 1024)); fclose($h); $blog_title = preg_replace("/^TITLE: /", "", $blog_title); $nb_blog_title = strtolower(preg_replace("/ +/", "_", $blog_title)); preg_match("/([0-9]{4})-([0-9]{2})-([0-9]{2})T/", $file, $match); $permalink = "archives/" . $match[1] . "/" . $match[2] . "/" . $match[3] . "/" . $nb_blog_title . "/index.html"; if ($j++ > 9) { break; } $c = $count[$artid]; echo ""; echo "$blog_title ($c)
\n"; $seen[$artid] = 1; } echo "
"; } ?>