$user_arr[4]"; }
else{ $my_names[$user_arr[2]] = "$user_arr[4]"; }
$name_to_nick[$user_arr[2]] = $user_arr[4];
}
else
{
if($user_arr[7] != 1 and $user_arr[5] != ""){ $my_names[$user_arr[2]] = "$user_arr[2] "; }
else{ $my_names[$user_arr[2]] = "$user_arr[2]"; }
$name_to_nick[$user_arr[2]] = $user_arr[2];
}
if($user_arr[7] != 1){ $my_mails[$user_arr[2]] = $user_arr[5]; }
else{ $my_mails[$user_arr[2]] = ""; }
$my_passwords[$user_arr[2]] = $user_arr[3];
$my_users[] = $user_arr[2];
}
}
//####################################################################################################################
// Add Comment
//####################################################################################################################
if($allow_add_comment){
$name = trim($name);
$mail = trim($mail);
$id = (int) $id; // Yes it's stupid how I didn't thought about this :/
//----------------------------------
// Check the lenght of comment, include name + mail
//----------------------------------
if( strlen($name) > 50 ){
echo"Your name is too long!
";
$CN_HALT = TRUE;
break 1;
}
if( strlen($mail) > 50){
echo"Your e-mail is too long!
";
$CN_HALT = TRUE;
break 1;
}
if( strlen($comments) > $config_comment_max_long and $config_comment_max_long != "" and $config_comment_max_long != "0"){
echo"Your comment is too long!
";
$CN_HALT = TRUE;
break 1;
}
//----------------------------------
// Get the IP
//----------------------------------
if (getenv("HTTP_CLIENT_IP")) $ip = getenv("HTTP_CLIENT_IP");
else if(getenv("HTTP_X_FORWARDED_FOR")) $ip = getenv("HTTP_X_FORWARDED_FOR");
else if(getenv("REMOTE_ADDR")) $ip = getenv("REMOTE_ADDR");
else $ip = "not detected";
//----------------------------------
// Flood Protection
//----------------------------------
if($config_flood_time != 0 and $config_flood_time != "" ){
if(flooder($ip, $id) == TRUE ){
echo("Flood protection activated !!!
");
$CN_HALT = TRUE;
break 1;
}
}
//----------------------------------
// Check if IP is blocked
//----------------------------------
$blockip = FALSE;
$old_ips = file("$cutepath/data/ipban.db.php");
$new_ips = fopen("$cutepath/data/ipban.db.php", "w");
@flock ($new_ips,2);
foreach($old_ips as $old_ip_line){
$ip_arr = explode("|", $old_ip_line);
if($ip_arr[0] != $ip){
fwrite($new_ips, $old_ip_line);
}else{
$countblocks = $ip_arr[1] = $ip_arr[1] + 1;
fwrite($new_ips, "$ip_arr[0]|$countblocks||\n"); $blockip = TRUE;
}
}
@flock ($new_ips,3);
fclose($new_ips);
if($blockip){
echo("Sorry but you have been blocked from posting comments
");
$CN_HALT = TRUE;
break 1;
}
//----------------------------------
// Check if the name is protected
//----------------------------------
$is_member = FALSE;
foreach($all_users as $member_db_line)
{
if(!eregi("<\?",$member_db_line) and $member_db_line != ""){
$user_arr = explode("|",$member_db_line);
//if the name is protected
if((strtolower($user_arr[2]) == strtolower($name) or strtolower($user_arr[4]) == strtolower($name)) and ($user_arr[3] != $CNpass and $user_arr[3] != md5($password)) and $name != "")
{
//$comments = replace_comment("add", $comments); //commented because will mess up the This name is owned by a registered user and you must enter password to use it
";
$CN_HALT = TRUE;
break 2;
}
if(strtolower($user_arr[2]) == strtolower($name)) $is_member = TRUE;
//----------------------------------
// Member wants to save his pass in cookie ?
//----------------------------------
if($CNrememberPass == 1){
if(file_exists("$cutepath/remember.js")){
echo"";
echo"";
}
}
}
}
//----------------------------------
// Check if only members can comment
//----------------------------------
if($config_only_registered_comment == "yes" and !$is_member){
echo"Sorry but only registered users can post comments, and '".htmlspecialchars($name)."' is not recognized as valid member.
";
$CN_HALT = TRUE;
break 1;
}
//----------------------------------
// Wrap the long words
//----------------------------------
if($config_auto_wrap > 1){
$comments_arr = explode("\n", $comments);
foreach($comments_arr as $line){
$wraped_comm .= ereg_replace("([^ \/\/]{".$config_auto_wrap."})","\\1\n", $line) ."\n";
}
if(strlen($name) > $config_auto_wrap){ $name = substr($name, 0, $config_auto_wrap)." ..."; }
$comments = $wraped_comm;
}
//----------------------------------
// Do some validation check 4 name, mail..
//----------------------------------
$comments = replace_comment("add", $comments);
$name = replace_comment("add", preg_replace("/\n/", "",$name));
$mail = replace_comment("add", preg_replace("/\n/", "",$mail));
if($name == " " or $name == ""){
echo("");
$CN_HALT = TRUE;
break 1;
}
if($mail == " " or $mail == ""){ $mail = "none"; }
else{ $ok = FALSE;
if(preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $mail)) $ok = TRUE;
elseif($config_allow_url_instead_mail == "yes" and preg_match("/((http(s?):\/\/)|(www\.))([\w\.]+)([\/\w+\.-?]+)/", $mail)) $ok = TRUE;
elseif($config_allow_url_instead_mail != "yes"){
echo("");
$CN_HALT = TRUE;
break 1;
}
else{
echo("This is not a valid e-mail or site URL
go back Sorry but the comment can not be blank
go back ", $output);
}else{
$output = str_replace("[com-link]"," ", $output);
}
$output = str_replace("[/com-link]"," ", $output);
$output = str_replace("{author-name}", $name_to_nick[$news_arr[1]], $output);
if($my_mails[$news_arr[1]] != ""){
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]"," ", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", $news_arr[0], $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);
$output = replace_news("show", $output);
echo $output;
}
}
if(!$found){
echo("Can not find an article with id: ". @(int) htmlspecialchars($id)."
");
$CN_HALT = TRUE;
break 1;
}
}
//####################################################################################################################
// Show Comments
//####################################################################################################################
if($allow_comments){
$comm_per_page = $config_comments_per_page;
$total_comments = 0;
$showed_comments = 0;
$comment_number = 0;
$showed = 0;
$all_comments = file("$comm_file");
foreach($all_comments as $comment_line)
{
$comment_line = trim($comment_line);
$comment_line_arr = explode("|>|", $comment_line);
if($id == $comment_line_arr[0])
{
$individual_comments = explode("||", $comment_line_arr[1]);
$total_comments = @count($individual_comments) - 1;
//show the page with our new comment, if we just added one
/* causes some problems, will be updated !!!
if($allow_add_comment and true){
$comm_start_from = $total_comments-1;
if($config_reverse_comments == "yes"){
$comm_start_from = 0;
}
}
*/
if($config_reverse_comments == "yes"){ $individual_comments = array_reverse($individual_comments); }
foreach($individual_comments as $comment)
{
$comment_arr = explode("|", $comment);
if($comment_arr[0] != "")
{
if(isset($comm_start_from) and $comm_start_from != ""){
if($comment_number < $comm_start_from){ $comment_number++; continue; }
elseif($showed_comments == $comm_per_page){ break; }
}
$comment_number ++;
$comment_arr[4] = stripslashes(rtrim($comment_arr[4]));
if($comment_arr[2] != "none"){
if( preg_match("/^[\.A-z0-9_\-]+[@][A-z0-9_\-]+([.][A-z0-9_\-]+)+[A-z]{1,4}$/", $comment_arr[2])){ $url_target = "";$mail_or_url = "mailto:"; }
else{
$url_target = "target=\"_blank\"";
$mail_or_url = "";
if(substr($comment_arr[2],0,3) == "www"){ $mail_or_url = "http://"; }
}
$output = str_replace("{author}", "".stripslashes($comment_arr[1])." ", $template_comment);
}
else{ $output = str_replace("{author}", $comment_arr[1], $template_comment); }
$comment_arr[4] = preg_replace("/\b((http(s?):\/\/)|(www\.))([\w\.]+)([-~\/\w+\.-?]+)\b/i", "$2$4$5$6 ", $comment_arr[4]);
$comment_arr[4] = preg_replace("/([\w\.]+)(@)([-\w\.]+)/i", "$0 ", $comment_arr[4]);
$output = str_replace("{mail}", "$comment_arr[2]",$output);
$output = str_replace("{date}", date($config_timestamp_comment, $comment_arr[0]),$output);
$output = str_replace("{comment-id}", $comment_arr[0],$output);
$output = str_replace("{comment}", "\\1 ", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1", $prev_next_msg); $no_prev = TRUE; }
// Pages
if($comm_per_page){
$pages_count = @ceil($total_comments/$comm_per_page);
$pages_start_from = 0;
$pages = "";
for($j=1;$j<=$pages_count;$j++){
if($pages_start_from != $comm_start_from){ $pages .= "$j "; }
else{ $pages .= " $j "; }
$pages_start_from += $comm_per_page;
}
$prev_next_msg = str_replace("{pages}", $pages, $prev_next_msg);
}
// Next link
if($comm_per_page < $total_comments and $comment_number < $total_comments){
$prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1 ", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1", $prev_next_msg); $no_next = TRUE;}
if (!$no_prev or !$no_next){
echo $prev_next_msg;
}
$template_form = str_replace("{config_http_script_dir}", "$config_http_script_dir", $template_form);
//----------------------------------
// Check if the remember script exists
//----------------------------------
$CN_remember_include = '';
$CN_remember_form = '';
if(file_exists("$cutepath/remember.js")){
$CN_remember_include = "";
$CN_remember_form = "onsubmit=\"return CNSubmitComment()\"";
}
$smilies_form = "\n
Your browser is not Javascript enable or you have turn it off. We recommend you to activate, otherwise you will have to enter the emoticons representations manually.
".insertSmilies('short', FALSE);
$template_form = str_replace("{smilies}", $smilies_form, $template_form);
echo"
\n $CN_remember_include";
}
//####################################################################################################################
// Active News
//####################################################################################################################
if($allow_active_news){
$all_news = file("$news_file");
if($reverse == TRUE){ $all_news = array_reverse($all_news); }
$count_all = 0;
if(isset($category) and $category != ""){
foreach($all_news as $news_line){
$news_arr = explode("|", $news_line);
if($requested_cats and $requested_cats[$news_arr[6]] == TRUE){ $count_all ++; }
else{ continue; }
}
}else{ $count_all = count($all_news); }
$i = 0;
$showed = 0;
$repeat = TRUE;
$url_archive = $archive;
while($repeat != FALSE){
foreach($all_news as $news_line){
$news_arr = explode("|", $news_line);
if($category and $requested_cats[$news_arr[6]] != TRUE){ continue; }
if(isset($start_from) and $start_from != ""){
if($i < $start_from){ $i++; continue; }
elseif($showed == $number){ break; }
}
if($my_names[$news_arr[1]]){ $my_author = $my_names[$news_arr[1]]; }
else{ $my_author = $news_arr[1]; }
$output = $template_active;
$output = str_replace("{title}", $news_arr[2], $output);
$output = str_replace("{date}", date($config_timestamp_active, $news_arr[0]), $output);
$output = str_replace("{author}", $my_author, $output);
if($news_arr[5] != ""){$output = str_replace("{avatar}", "", $output);
$output = str_replace("[/link]"," ", $output);
$output = str_replace("{comments-num}", countComments($news_arr[0], $archive), $output);
$output = str_replace("{short-story}", $news_arr[3], $output);
$output = str_replace("{full-story}", $news_arr[4], $output);
$output = str_replace("{category}", $cat[$news_arr[6]], $output);
$output = str_replace("{category-id}", $news_arr[6], $output);
if($cat_icon[$news_arr[6]] != ""){ $output = str_replace("{category-icon}", "", $output);
$output = str_replace("[/mail]"," ", $output);
}else{
$output = str_replace("[mail]","", $output);
$output = str_replace("[/mail]","", $output);
}
$output = str_replace("{news-id}", $news_arr[0], $output);
$output = str_replace("{archive-id}", $archive, $output);
$output = str_replace("{php-self}", $PHP_SELF, $output);
$output = str_replace("{cute-http-path}", $config_http_script_dir, $output);
$output = replace_news("show", $output);
if($news_arr[4] != "" or $action == "showheadlines"){//if full story
if($config_full_popup == "yes"){
$output = preg_replace("/\\[full-link\\]/","", $output);
}else{
$output = str_replace("[full-link]"," ", $output);
}
$output = str_replace("[/full-link]"," ", $output);
}else{
$output = preg_replace("'\\[full-link\\].*?\\[/full-link\\]'si","", $output);
}
if($config_comments_popup == "yes"){
$output = str_replace("[com-link]","", $output);
}else{
$output = str_replace("[com-link]"," ", $output);
}
$output = str_replace("[/com-link]"," ", $output);
echo $output;
$showed++;
$i++;
if($number != 0 and $number == $i){ break; }
}
$used_archives[$archive] = TRUE;
// Archives Looop
if($i < $number and $only_active != TRUE){
if(!$handle = opendir("$cutepath/data/archives")){ die("Can not open directory $cutepath/data/archives
"); }
while (false !== ($file = readdir($handle)))
{
if($file != "." and $file != ".." and eregi("news.arch", $file))
{
$file_arr = explode(".",$file);
$archives_arr[$file_arr[0]] = $file_arr[0];
}
}
closedir($handle);
$archives_arr[$in_use]="";
$in_use = max($archives_arr);
if($in_use != "" and !$used_archives[$in_use]){
$all_news = file("$cutepath/data/archives/$in_use.news.arch");
$archive = $in_use;
$used_archives[$in_use] = TRUE;
}else{ $repeat = FALSE; }
}else{ $repeat = FALSE; }
}
// << Previous & Next >>
$prev_next_msg = $template_prev_next;
//----------------------------------
// Previous link
//----------------------------------
if(isset($start_from) and $start_from != "" and $start_from > 0){
$prev = $start_from - $number;
$prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1 ", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[prev-link\](.*?)\[/prev-link\]'si", "\\1", $prev_next_msg); $no_prev = TRUE; }
//----------------------------------
// Pages
//----------------------------------
if($number){
$pages_count = @ceil($count_all/$number);
$pages_start_from = 0;
$pages = "";
for($j=1;$j<=$pages_count;$j++){
if($pages_start_from != $start_from){ $pages .= "$j "; }
else{ $pages .= " $j "; }
$pages_start_from += $number;
}
$prev_next_msg = str_replace("{pages}", $pages, $prev_next_msg);
}
//----------------------------------
// Next link (typo here ... typo there... typos everywhere !)
//----------------------------------
if($number < $count_all and $i < $count_all){
$prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1 ", $prev_next_msg);
}else{ $prev_next_msg = preg_replace("'\[next-link\](.*?)\[/next-link\]'si", "\\1", $prev_next_msg); $no_next = TRUE;}
if (!$no_prev or !$no_next){ echo $prev_next_msg; }
}
}while(0);
?>