help with comment form

chandler · August 7, 2011

Hi I have this comment srcipt I found online, there is an option to recieve an email once a new comment is made, but what I would rather is to have the last 5 comments made on the index page where it will also have a link to the page that the comment was made on. I have very little knowladge of php could one of you please help me with this...Thanks

<?php

$COM_CONF['full_path'] = dirname(__FILE__);

include("{$COM_CONF['full_path']}/config.php");
if (! $COM_CONF['dbhost']) {
echo 'It seems that comments script is not properly installed. See readme.txt for more info.';
}

require("{$COM_CONF['full_path']}/lang/lang_{$COM_CONF['lang']}.php");
require("{$COM_CONF['full_path']}/akismet-class.php");

$comments_db_link = mysql_connect($COM_CONF['dbhost'],$COM_CONF['dbuser'],$COM_CONF['dbpassword']);
mysql_select_db($COM_CONF['dbname'], $comments_db_link);

smcom_main();

function smcom_main()
{
if ($_REQUEST['action'] == 'add'){
	smcom_add();
}
elseif ($_REQUEST['action'] == 'unsub'){
	smcom_unsub();
}
elseif (1) {
	smcom_view();
}
}

function smcom_check_for_errors() {

global $comments_db_link, $COM_CONF, $COM_LANG;

$ip = mysql_escape_string($_SERVER['REMOTE_ADDR']);
$result = mysql_query("SELECT ip FROM {$COM_CONF['dbbannedipstable']} WHERE ip='$ip'", $comments_db_link);

if (mysql_num_rows($result)>0) {
	$error_message.=$COM_LANG['not_allowed'] . "<br />";
}
if ($_REQUEST['disc_name'] == '') {
	$error_message.=$_REQUEST['r_disc_name'] . "<br />";
}
if ($_REQUEST['disc_body'] == '') {
	$error_message.=$_REQUEST['r_disc_body'] . "<br />";
}
if ($_REQUEST['disc_email'] != '') {
	if (!smcom_is_email($_REQUEST['disc_email'])) {
		$error_message.="Invalid email address" . "<br />";
	}
}

return $error_message;

}

function smcom_flood_protection($INPUT) {

global $comments_db_link, $COM_CONF, $COM_LANG;

$result = mysql_query("select time from {$COM_CONF['dbmaintable']} where ip='{$_SERVER['REMOTE_ADDR']}' AND  (UNIX_TIMESTAMP( NOW( ) ) - UNIX_TIMESTAMP( time )) < {$COM_CONF['anti_flood_pause']}", $comments_db_link);
if (mysql_num_rows($result)>0) {
	$error_message="Flood detected";
	return $error_message;
}
$result = mysql_query("select ID from {$COM_CONF['dbmaintable']} where text='{$INPUT['disc_body']}' AND author='{$INPUT['disc_name']}' AND href='{$INPUT['href']}'", $comments_db_link);
if (mysql_num_rows($result)>0) {
	$error_message="Flood detected";
	return $error_message;
}

return "";
}

function smcom_spam_check($email, $name, $url, $text, $path_to_page, $ip) {

global $COM_CONF, $comments_db_link;

$try = 0;
while (!$valid && $try <= 3) {
	// Initialize and verify API key
	$akismet = new Akismet($COM_CONF['site_url'], $COM_CONF['akismet_apikey']);
	$result = $akismet->isKeyValid();
	// Possible values: 'valid', 'invalid', 'no connect'
	if ($result != 'valid') {
		if (($result == 'invalid')) {
			// Invalid key
			return 2;
		} else {
			// Could not connect to the Akismet server
			$try++;
		}
	}
	else {
		$valid = 1;
	}
}

if (!$valid) {
	return 3; // Could not connect to the Akismet server
}

// Pass comment info to the class
$akismet->setCommentAuthorEmail($email);
$akismet->setCommentAuthor($name);
$akismet->setCommentAuthorURL($url);
$akismet->setCommentContent($text);
$akismet->setUserIP($ip);
$akismet->setPermalink($COM_CONF['site_url'] . $path_to_page);
$akismet->setCommentType('Comment');

$try = 0;
while ($try <= 3) {
	// Check the comment for spam
	$result = $akismet->isCommentSpam();
	// Possible values: 'false' (not spam), 'true' (spam), 'no connect'
	if ($result != 'false') {
		if ($result == 'true') {
			// The comment is spam
			return 1;
		} else {
			// Could not connect to the Akismet server
			$try++;
		}
	} else {
		return 0;
	}
}

return 3; // Could not connect to the Akismet server
}

function smcom_add()
{
global $comments_db_link, $COM_CONF, $COM_LANG;

foreach ($_REQUEST as $key => $value) {
	if ($key == 'disc_body') {
		$comment_text=stripslashes($value);
	}
	$_REQUEST[$key] = str_replace('<', '<', $_REQUEST[$key]);
	$_REQUEST[$key] = str_replace('>', '>', $_REQUEST[$key]);
	if (get_magic_quotes_gpc()) {
		$_REQUEST[$key] = stripslashes($_REQUEST[$key]);
	}
	$_REQUEST[$key] = mysql_escape_string($_REQUEST[$key]);
}

$_REQUEST['href'] = str_replace('%2F', '/', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%3F', '?', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%26', '&', $_REQUEST['href']);
$_REQUEST['href'] = str_replace('%3D', '=', $_REQUEST['href']);

if ($_REQUEST['dont_show_email'] != '') { $dont_show="1"; }
else { $dont_show="0"; }


$error_message = smcom_check_for_errors();
$error_message .= smcom_flood_protection($_REQUEST);


if ($COM_CONF['ckeck_for_spam']) {
	if (!$error_message) {
		$spam_check_result = smcom_spam_check($_REQUEST['disc_email'], $_REQUEST['disc_name'], "", $comment_text, $_REQUEST['href'], "");
		if ($spam_check_result == 1) {
			$error_message .= "<br>Your comment suspected as spam.";

			mysql_query("INSERT INTO {$COM_CONF['dbjunktable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link);
		}
		if ($spam_check_result == 2) {
			$error_message .= "<br>Invalid WordPress API key";
		}
		if ($spam_check_result == 3) {
			$error_message .= "<br>Could not connect to the Akismet server";
		}
	}
}


if ($error_message) {
	print "The following errors occured:<br>$error_message<br><br>
		Please <a href=\"javascript:history.go(-1)\">get back</a> and try again.";
	return 0;
}


mysql_query("INSERT INTO {$COM_CONF['dbmaintable']} VALUES (NULL, NOW(), '{$_REQUEST['href']}', '{$_REQUEST['disc_body']}', '{$_REQUEST['disc_name']}', '{$_REQUEST['disc_email']}', '$dont_show', '{$_SERVER['REMOTE_ADDR']}')", $comments_db_link);

if ($_REQUEST['email_me'] != '' && $_REQUEST['disc_email'] != '') {
	$result = mysql_query("select COUNT(*) from {$COM_CONF['dbemailstable']} where href='{$_REQUEST['href']}' AND email='{$_REQUEST['disc_email']}'", $comments_db_link);
	list ($count) = mysql_fetch_row($result);
	if ($count == 0) {
		$hash=md5($email . $COM_CONF['copy_random_seed']);
		mysql_query("INSERT INTO {$COM_CONF['dbemailstable']} VALUES (NULL, '{$_REQUEST['disc_email']}', '{$_REQUEST['href']}', '$hash')", $comments_db_link);
	}
}

if ($COM_CONF['email_admin']) {
	smcom_notify_admin($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email'], $comment_text, "{$_SERVER['REMOTE_ADDR']}, {$_SERVER['HTTP_USER_AGENT']}");
}
smcom_notify_users($_REQUEST['href'], $_REQUEST['disc_name'], $_REQUEST['disc_email']);

header("HTTP/1.1 302");
header("Location: {$COM_CONF['site_url']}{$_REQUEST['href']}");
print "<a href=\"{$COM_CONF['site_url']}{$_REQUEST['href']}\">Click here to get back.</a>";

}

function smcom_notify_admin($href, $name, $email, $text, $ip)
{
global $comments_db_link, $COM_CONF, $COM_LANG;

$headers = "From: Comments <{$COM_CONF['email_from']}>\r\n";
$text_of_message="
{$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href
{$COM_LANG['email_from']}: $name <$email>

$text

$ip
	";

mail($COM_CONF['email_admin'], "{$COM_LANG['email_new_comment']} $href", $text_of_message, $headers);
}

function smcom_notify_users($href, $name, $email_from)
{
global $comments_db_link, $COM_CONF, $COM_LANG;

$headers = "From: Comments <{$COM_CONF['email_from']}>\n";

$result=mysql_query("select email, hash from {$COM_CONF['dbemailstable']} where href='$href'", $comments_db_link);
while (list($email, $hash) = mysql_fetch_row($result)) {
	if ($email != $email_from) {
		$text_of_message="
{$COM_LANG['email_new_comment']} {$COM_CONF['site_url']}$href
{$COM_LANG['email_from']}: $name

{$COM_LANG['email_to_unsubscribe']}
{$COM_CONF['site_url']}{$COM_CONF['script_url']}?action=unsub&page=$href&id=$hash

		";
		mail($email, "{$COM_LANG['email_new_comment']} $href",$text_of_message, $headers);
	}
}


}

function smcom_unsub()
{
global $comments_db_link, $COM_CONF, $COM_LANG;

$id=mysql_escape_string($_REQUEST['id']);
$href=mysql_escape_string($_REQUEST['page']);

mysql_query("delete from {$COM_CONF['dbemailstable']} where href='$href' AND hash='$id'", $comments_db_link);

if (mysql_affected_rows() > 0) {
	print "{$COM_LANG['unsubscribed']}";
}
else {
	print "{$COM_LANG['not_unsubscribed']}";
}
}

function smcom_view()
{
global $comments_db_link, $COM_CONF, $COM_LANG;

$request_uri = mysql_escape_string($_SERVER['REQUEST_URI']);
$result = mysql_query("select time, text, author, email, dont_show_email from {$COM_CONF['dbmaintable']} where href='$request_uri' order by time {$COM_CONF['sort_order']}", $comments_db_link);

$comments_count=0;
$time=$text=$author=$email=$dont_show_email=array();
while (list($time[$comments_count], $text[$comments_count], $author[$comments_count], $email[$comments_count], $dont_show_email[$comments_count])=mysql_fetch_array($result)) {
	$text[$comments_count] = wordwrap($text[$comments_count], 75, "\n", 1);
	$time[$comments_count] = smcom_format_date($time[$comments_count]);
	$comments_count++;
}

require("{$COM_CONF['full_path']}/templates/{$COM_CONF['template']}.php");

}

function smcom_format_date($date)
{
global $COM_LANG;

$year = substr($date, 0, 4);
$month = intval(substr($date, 5, 2)) - 1;
$day = substr($date, 8, 2);
$hour = substr($date, 11, 2);
$min = substr($date, 14, 2);

return "$day {$COM_LANG['months'][$month]} $year, $hour:$min";
}

function smcom_is_email($Addr)
{
$p = '/^[a-z0-9!#$%&*+-=?^_`{|}~]+(\.[a-z0-9!#$%&*+-=?^_`{|}~]+)*';
$p.= '@([-a-z0-9]+\.)+([a-z]{2,3}';
$p.= '|info|arpa|aero|coop|name|museum)$/ix';
return preg_match($p, $Addr);
}

?>

Sign In

help with comment form

Recommended Posts

chandler

Link to comment

Share on other sites

Join the conversation

Browse

Activity

Important Information