[Comoblog-commit] comoblog captcha.php, NONE, 1.1 add_comment.php, 1.5, 1.6 list_comments.php, 1.2,
Status: Inactive
Brought to you by:
markwallis
Menu
▾
▴
[Comoblog-commit] comoblog captcha.php, NONE, 1.1 add_comment.php, 1.5, 1.6 list_comments.php, 1.2, 1.3
|
From: iamdecal <iam...@us...> - 2006-11-17 00:50:54
|
Update of /cvsroot/comoblog/comoblog In directory sc8-pr-cvs4.sourceforge.net:/tmp/cvs-serv29462 Modified Files: add_comment.php list_comments.php Added Files: captcha.php Log Message: Working version of captchas. not as feature complete as id like, but it works on the current version think we should sort out a may sort out a mini release? if so it needs add_comment.php list_comments.php templates/add_comment.tpl.htm templates/list_comments.tpl.htm captcha.php img/ttf/REVELMED.TTF and a bit of tidying of captcha.php tested on two systems, but i cant garentee it for everywhere Index: list_comments.php =================================================================== RCS file: /cvsroot/comoblog/comoblog/list_comments.php,v retrieving revision 1.2 retrieving revision 1.3 diff -u -d -r1.2 -r1.3 --- list_comments.php 22 Oct 2006 11:44:01 -0000 1.2 +++ list_comments.php 17 Nov 2006 00:50:45 -0000 1.3 @@ -1,47 +1,47 @@ -<?php -require_once ("include/config.inc.php"); - -if (CFG_INTERACTION_COMMENTS != 'yes') { - error_404(); -} - -$tpl = new XTemplate ("templates/list_comments.tpl.htm"); - -$tpl->assign('TXT', $TXT); - -$tpl->assign('CFG_BODY_BGCOLOR', CFG_BODY_BGCOLOR); -$tpl->assign('CFG_BACKGROUND_COLOR', CFG_BACKGROUND_COLOR); - -$post_id = ''; -if (isset($_GET['i'])) $post_id = $_GET['i']; - -$post = post_details ($post_id); -$tpl->assign("POST", $post); - -$comments = comment_list($post_id); - -if ($comments) { - error_log ("got comment_id" . $comments[$c]['comment_id'] ); - - for ($c = 0; $c < count($comments); $c++) { - $comments[$c]['comment_author_email'] = antispam ($comments[$c]['comment_author_email'], true); - - $tpl->assign("COMMENT", $comments[$c]); - - if ($comments[$c]['comment_author_email'] != '') - $tpl->parse("main.comments.comment.email"); - - $tpl->parse("main.comments.comment"); - } - $tpl->parse("main.comments"); -} -else { - $tpl->parse("main.nocomments"); -} - -$tpl->parse("main"); -$tpl->out("main"); - -// close db connection -mysql_close (); +<?php +require_once ("include/config.inc.php"); + +if (CFG_INTERACTION_COMMENTS != 'yes') { + error_404(); +} + +$tpl = new XTemplate ("templates/list_comments.tpl.htm"); + +$tpl->assign('TXT', $TXT); + +$tpl->assign('CFG_BODY_BGCOLOR', CFG_BODY_BGCOLOR); +$tpl->assign('CFG_BACKGROUND_COLOR', CFG_BACKGROUND_COLOR); + +$post_id = ''; +if (isset($_GET['i'])) $post_id = $_GET['i']; + +$post = post_details ($post_id); +$tpl->assign("POST", $post); + +$comments = comment_list($post_id); + +if ($comments) { + error_log ("got comment_id" . $comments[$c]['comment_id'] ); + + for ($c = 0; $c < count($comments); $c++) { + $comments[$c]['comment_author_email'] = antispam ($comments[$c]['comment_author_email'], true); + + $tpl->assign("COMMENT", $comments[$c]); + + if ($comments[$c]['comment_author_email'] != '' && CFG_INTERACTION_AUTHOR =='yes') + $tpl->parse("main.comments.comment.email"); + + $tpl->parse("main.comments.comment"); + } + $tpl->parse("main.comments"); +} +else { + $tpl->parse("main.nocomments"); +} + +$tpl->parse("main"); +$tpl->out("main"); + +// close db connection +mysql_close (); ?> \ No newline at end of file Index: add_comment.php =================================================================== RCS file: /cvsroot/comoblog/comoblog/add_comment.php,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -r1.5 -r1.6 --- add_comment.php 22 Oct 2006 11:44:01 -0000 1.5 +++ add_comment.php 17 Nov 2006 00:50:45 -0000 1.6 @@ -1,106 +1,116 @@ -<?php -require_once ("include/config.inc.php"); - -if (CFG_INTERACTION_COMMENTS != 'yes') { - error_404(); -} - -$tpl = new XTemplate ("templates/add_comment.tpl.htm"); -$tpl->assign('TXT', $TXT); - -$tpl->assign('CFG_BODY_BGCOLOR', CFG_BODY_BGCOLOR); -$tpl->assign('CFG_BACKGROUND_COLOR', CFG_BACKGROUND_COLOR); - -$form['post_id'] = ''; -if(isset($_POST['post_id'])) $form['post_id'] = $_POST['post_id']; -elseif(isset($_GET['i'])) $form['post_id'] = $_GET['i']; -else exit(); - -$form['comment_author'] = ''; -if (isset($_POST['comment_author'])) -{ $form['comment_author'] = $_POST['comment_author'];} - -$form['comment_author_email'] == ''; -if (isset($_POST['comment_author_email'])) -{ $form['comment_author_email'] = $_POST['comment_author_email'];} - -$form['comment_author_url'] == ''; -if (isset($_POST['comment_author_url'])) -{ $form['comment_author_url'] = $_POST['comment_author_url'];} - -$form['comment_text'] == '';{ -if (isset($_POST['comment_text'])) $form['comment_text'] = $_POST['comment_text'];} - -// addition to allow HTML in comments if flagged - needs an admin option to turn on or off -$form['comment_convert'] == ''; -if (isset($_POST['comment_convert'])) { $form['comment_convert'] = $_POST['comment_convert'];} - - - -if ($_SERVER['REQUEST_METHOD'] == 'POST') { - $errors = array(); - - if ($form['comment_author'] == '') - array_push ($errors, 'Please type your name'); - - if ($form['comment_author_email'] != '' && !is_valid_email($form['comment_author_email'])) - array_push ($errors, 'Invalid email address'); - - if ($form['comment_text'] == '') - array_push ($errors, 'Please write your comment'); - - if (count($errors) == 0) { - $comment = $form; - - $comment = comment_add ($comment); - - $cookie_period = 60*60*24*365; - $domain = parse_url(CFG_SITE_URL); - $domain = $domain['host']; - setcookie("comment_name", $form['comment_author'], time() + $cookie_period, "/", $domain, 0); - //TODO: why wont this one save? - setcookie("comment_url", $form['comment_author_url'], time() + $cookie_period, "/", $domain, 0); - setcookie("comment_email", $form['comment_author_email'], time() + $cookie_period, "/", $domain, 0); - - - Header ("Location: list_comments.php?i=".$comment['post_id']); - exit(); - } - else { - foreach ($errors as $key=>$value) { - $tpl->assign("ERROR", $value); - $tpl->parse("main.form_errors.error"); - } - $tpl->parse("main.form_errors"); - } -} - - - - - -$tpl->assign("ACTION", basename($_SERVER['PHP_SELF'])); - -if (isset($_COOKIE['comment_name'])) - $form['comment_author'] = $_COOKIE['comment_name']; -if (isset($_COOKIE['comment_email'])) - $form['comment_author_email'] = $_COOKIE['comment_email']; -if (isset($_COOKIE['comment_url'])) - $form['comment_author_url'] = $_COOKIE['comment_url']; -$tpl->assign("FORM", $form); - - -// html comments are allowed -if (CFG_INTERACTION_HTML_COMMENTS == 'yes'){ - $tpl->parse('main.html_comments'); -} - - - -$tpl->parse("main"); -$tpl->out("main"); - - -// close db connection -mysql_close (); -?> +<?php +session_start(); +require_once ("include/config.inc.php"); + +if (CFG_INTERACTION_COMMENTS != 'yes') { + error_404(); +} + + + +$tpl = new XTemplate ("templates/add_comment.tpl.htm"); +$tpl->assign('TXT', $TXT); + +$tpl->assign('CFG_BODY_BGCOLOR', CFG_BODY_BGCOLOR); +$tpl->assign('CFG_BACKGROUND_COLOR', CFG_BACKGROUND_COLOR); + +$form['post_id'] = ''; +if(isset($_POST['post_id'])) $form['post_id'] = $_POST['post_id']; +elseif(isset($_GET['i'])) $form['post_id'] = $_GET['i']; +else exit(); + +$form['comment_author'] = ''; +if (isset($_POST['comment_author'])) +{ $form['comment_author'] = $_POST['comment_author'];} + +$form['comment_author_email'] == ''; +if (isset($_POST['comment_author_email'])) +{ $form['comment_author_email'] = $_POST['comment_author_email'];} + +$form['comment_author_url'] == ''; +if (isset($_POST['comment_author_url'])) +{ $form['comment_author_url'] = $_POST['comment_author_url'];} + +$form['comment_text'] == '';{ +if (isset($_POST['comment_text'])) $form['comment_text'] = $_POST['comment_text'];} + +// addition to allow HTML in comments if flagged - needs an admin option to turn on or off +$form['comment_convert'] == ''; +if (isset($_POST['comment_convert'])) { $form['comment_convert'] = $_POST['comment_convert'];} + + + +if ($_SERVER['REQUEST_METHOD'] == 'POST') { + $errors = array(); + if ($_POST['captcha_string'] == '') + array_push ($errors, 'Please type the text from the image'); + + + error_log("CAPTCHATEXT CHECK->" . $_SESSION['CAPTCHATEXT'] ."/" . $_POST['captcha_string']); + if ($_POST['captcha_string'] != $_SESSION['CAPTCHATEXT']) + array_push ($errors, 'Please type the correct text from the image'); + + if ($form['comment_author'] == '') + array_push ($errors, 'Please type your name'); + + if ($form['comment_author_email'] != '' && !is_valid_email($form['comment_author_email'])) + array_push ($errors, 'Invalid email address'); + + if ($form['comment_text'] == '') + array_push ($errors, 'Please write your comment'); + + if (count($errors) == 0) { + $comment = $form; + + $comment = comment_add ($comment); + + $cookie_period = 60*60*24*365; + $domain = parse_url(CFG_SITE_URL); + $domain = $domain['host']; + setcookie("comment_name", $form['comment_author'], time() + $cookie_period, "/", $domain, 0); + //TODO: why wont this one save? + setcookie("comment_url", $form['comment_author_url'], time() + $cookie_period, "/", $domain, 0); + setcookie("comment_email", $form['comment_author_email'], time() + $cookie_period, "/", $domain, 0); + + + Header ("Location: list_comments.php?i=".$comment['post_id']); + exit(); + } + else { + foreach ($errors as $key=>$value) { + $tpl->assign("ERROR", $value); + $tpl->parse("main.form_errors.error"); + } + $tpl->parse("main.form_errors"); + } +} + + + + +$tpl->assign("ACTION", basename($_SERVER['PHP_SELF'])); + +if (isset($_COOKIE['comment_name'])) + $form['comment_author'] = $_COOKIE['comment_name']; +if (isset($_COOKIE['comment_email'])) + $form['comment_author_email'] = $_COOKIE['comment_email']; +if (isset($_COOKIE['comment_url'])) + $form['comment_author_url'] = $_COOKIE['comment_url']; + +$tpl->assign("FORM", $form); + + +// html comments are allowed +if (CFG_INTERACTION_HTML_COMMENTS == 'yes'){ + $tpl->parse('main.html_comments'); +} + + + +$tpl->parse("main"); +$tpl->out("main"); + + +// close db connection +mysql_close (); +?> --- NEW FILE: captcha.php --- <?php /* CAPTCHA 4 COMO By iamdecal http://www.iamdecal.co.uk This script generates PNG images of text, written in the font/size that you specify. These PNG images are passed back to the browser. Developed for use with captchas on comoblog http://comoblog.sourceforge.net Additional documentation on PHP's image handling capabilities can be found at http://www.php.net/image/ */ session_start(); $font_file = 'img/ttf/REVELMED.TTF' ; $font_size = 18 ; $font_color = '#000000' ; $background_color = '#ffffff' ; $cache_images = false ; $cache_folder = 'cache' ; /* --------------------------------------------------------------------------- For basic usage, you should not need to edit anything below this comment. If you need to further customize this script's abilities, make sure you are familiar with PHP and its image handling capabilities. --------------------------------------------------------------------------- */ $mime_type = 'image/png' ; $extension = '.png' ; $send_buffer_size = 4096 ; // check for GD support if(!function_exists('ImageCreate')){ fatal_error('Error: Server does not support PHP image generation') ; } $text = StringGen() ; if(get_magic_quotes_gpc()){ $text = stripslashes($text) ; $text = javascript_to_html($text) ; } // check font availability $font_found = is_readable($font_file) ; if(!$font_found) { fatal_error('Error: The server is missing the specified font.') ;} // create image $background_rgb = hex_to_rgb($background_color) ; $font_rgb = hex_to_rgb($font_color) ; $dip = get_dip($font_file,$font_size) ; $box = @ImageTTFBBox($font_size,0,$font_file,$text) ; $image = @ImageCreate(abs($box[2]-$box[0]),abs($box[5]-$dip)) ; if(!$image || !$box) { fatal_error('Error: The server could not create this heading image.') ; } // allocate colors and draw text $background_color = @ImageColorAllocate($image,$background_rgb['red'], $background_rgb['green'],$background_rgb['blue']) ; $font_color = ImageColorAllocate($image,$font_rgb['red'], $font_rgb['green'],$font_rgb['blue']) ; ImageTTFText($image,$font_size,0,-$box[0],abs($box[5]-$box[3])-$box[1], $font_color,$font_file,$text) ; // set transparency if($transparent_background) ImageColorTransparent($image,$background_color) ; header('Content-type: ' . $mime_type) ; ImagePNG($image) ; ImageDestroy($image) ; exit ; /* try to determine the "dip" (pixels dropped below baseline) of this font for this size. */ function get_dip($font,$size) { $test_chars = 'abcdefghijklmnopqrstuvwxyz' . 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' . '1234567890' . '!@#$%^&*()\'"\\/;.,`~<>[]{}-+_-=' ; $box = @ImageTTFBBox($size,0,$font,$test_chars) ; return $box[3] ; } /* attempt to create an image containing the error message given. if this works, the image is sent to the browser. if not, an error is logged, and passed back to the browser as a 500 code instead. */ function fatal_error($message) { // send an image if(function_exists('ImageCreate')) { $width = ImageFontWidth(5) * strlen($message) + 10 ; $height = ImageFontHeight(5) + 10 ; if($image = ImageCreate($width,$height)) { $background = ImageColorAllocate($image,255,255,255) ; $text_color = ImageColorAllocate($image,0,0,0) ; ImageString($image,5,5,5,$message,$text_color) ; header('Content-type: image/png') ; ImagePNG($image) ; ImageDestroy($image) ; exit ; } } // send 500 code header("HTTP/1.0 500 Internal Server Error") ; print($message) ; exit ; } /* decode an HTML hex-code into an array of R,G, and B values. accepts these formats: (case insensitive) #ffffff, ffffff, #fff, fff */ function hex_to_rgb($hex) { // remove '#' if(substr($hex,0,1) == '#') $hex = substr($hex,1) ; // expand short form ('fff') color if(strlen($hex) == 3) { $hex = substr($hex,0,1) . substr($hex,0,1) . substr($hex,1,1) . substr($hex,1,1) . substr($hex,2,1) . substr($hex,2,1) ; } if(strlen($hex) != 6) fatal_error('Error: Invalid color "'.$hex.'"') ; // convert $rgb['red'] = hexdec(substr($hex,0,2)) ; $rgb['green'] = hexdec(substr($hex,2,2)) ; $rgb['blue'] = hexdec(substr($hex,4,2)) ; return $rgb ; } /* convert embedded, javascript unicode characters into embedded HTML entities. (e.g. '%u2018' => '‘'). returns the converted string. */ function javascript_to_html($text) { $matches = null ; preg_match_all('/%u([0-9A-F]{4})/i',$text,$matches) ; if(!empty($matches)) for($i=0;$i<sizeof($matches[0]);$i++) $text = str_replace($matches[0][$i], '&#'.hexdec($matches[1][$i]).';',$text) ; return $text ; } function StringGen () { $uppercase = range('A', 'Z'); $numeric = range(0, 9); $CharPool = array_merge($uppercase, $numeric); $PoolLength = count($CharPool) - 1; for ($i = 0; $i < 6; $i++) { $CaptchaString .= $CharPool[mt_rand(0, $PoolLength)]; } $_SESSION['CAPTCHATEXT']= ""; $_SESSION['CAPTCHATEXT']= $CaptchaString; error_log("CAPTCHA STORED IN SESSION ->". $_SESSION['CAPTCHATEXT'] ."/" . $CaptchaString); return $CaptchaString; } ?> |
