Minahito
minah****@users*****
2005年 12月 30日 (金) 17:20:11 JST
Index: xoops2jp/html/class/commentrenderer.php diff -u xoops2jp/html/class/commentrenderer.php:1.2 xoops2jp/html/class/commentrenderer.php:1.2.8.1 --- xoops2jp/html/class/commentrenderer.php:1.2 Fri Mar 18 21:51:55 2005 +++ xoops2jp/html/class/commentrenderer.php Fri Dec 30 17:20:10 2005 @@ -1,5 +1,5 @@ <?php -// $Id: commentrenderer.php,v 1.2 2005/03/18 12:51:55 onokazu Exp $ +// $Id: commentrenderer.php,v 1.2.8.1 2005/12/30 08:20:10 minahito Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -31,178 +31,178 @@ /** * Display comments * - * @package kernel - * @subpackage comment + * @package kernel + * @subpackage comment * - * @author Kazumi Ono <onoka****@xoops*****> - * @copyright (c) 2000-2003 The Xoops Project - www.xoops.org + * @author Kazumi Ono <onoka****@xoops*****> + * @copyright (c) 2000-2003 The Xoops Project - www.xoops.org */ class XoopsCommentRenderer { - /**#@+ - * @access private + /**#@+ + * @access private */ var $_tpl; - var $_comments = null; - var $_useIcons = true; - var $_doIconCheck = false; - var $_memberHandler; - var $_statusText; + var $_comments = null; + var $_useIcons = true; + var $_doIconCheck = false; + var $_memberHandler; + var $_statusText; /**#@-*/ - /** - * Constructor - * - * @param object &$tpl - * @param boolean $use_icons - * @param boolean $do_iconcheck - **/ - function XoopsCommentRenderer(&$tpl, $use_icons = true, $do_iconcheck = false) - { - $this->_tpl =& $tpl; - $this->_useIcons = $use_icons; - $this->_doIconCheck = $do_iconcheck; - $this->_memberHandler =& xoops_gethandler('member'); - $this->_statusText = array(XOOPS_COMMENT_PENDING => '<span style="text-decoration: none; font-weight: bold; color: #00ff00;">'._CM_PENDING.'</span>', XOOPS_COMMENT_ACTIVE => '<span style="text-decoration: none; font-weight: bold; color: #ff0000;">'._CM_ACTIVE.'</span>', XOOPS_COMMENT_HIDDEN => '<span style="text-decoration: none; font-weight: bold; color: #0000ff;">'._CM_HIDDEN.'</span>'); - } - - /** - * Access the only instance of this class - * - * @param object $tpl reference to a {@link Smarty} object - * @param boolean $use_icons - * @param boolean $do_iconcheck - * @return - **/ - function &instance(&$tpl, $use_icons = true, $do_iconcheck = false) - { - static $instance; - if (!isset($instance)) { - $instance = new XoopsCommentRenderer($tpl, $use_icons, $do_iconcheck); - } - return $instance; - } - - /** - * Accessor - * - * @param object &$comments_arr array of {@link XoopsComment} objects - **/ - function setComments(&$comments_arr) - { - if (isset($this->_comments)) { - unset($this->_comments); - } - $this->_comments =& $comments_arr; - } - - /** - * Render the comments in flat view - * - * @param boolean $admin_view - **/ - function renderFlatView($admin_view = false) - { - $count = count($this->_comments); - for ($i = 0; $i < $count; $i++) { - if (false != $this->_useIcons) { - $title = $this->_getTitleIcon($this->_comments[$i]->getVar('com_icon')).' '.$this->_comments[$i]->getVar('com_title'); - } else { - $title = $this->_comments[$i]->getVar('com_title'); - } - $poster = $this->_getPosterArray($this->_comments[$i]->getVar('com_uid')); - if (false != $admin_view) { - $text = $this->_comments[$i]->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-bottom: 0px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$this->_comments[$i]->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$this->_comments[$i]->getVar('com_ip').'</span></div>'; - } else { - // hide comments that are not active - if (XOOPS_COMMENT_ACTIVE != $this->_comments[$i]->getVar('com_status')) { - continue; - } else { - $text = $this->_comments[$i]->getVar('com_text'); - } - } - $this->_tpl->append('comments', array('id' => $this->_comments[$i]->getVar('com_id'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($this->_comments[$i]->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($this->_comments[$i]->getVar('com_modified'), 'm'), 'poster' => $poster)); - } - } - - /** - * Render the comments in thread view - * + /** + * Constructor + * + * @param object &$tpl + * @param boolean $use_icons + * @param boolean $do_iconcheck + **/ + function XoopsCommentRenderer(&$tpl, $use_icons = true, $do_iconcheck = false) + { + $this->_tpl =& $tpl; + $this->_useIcons = $use_icons; + $this->_doIconCheck = $do_iconcheck; + $this->_memberHandler =& xoops_gethandler('member'); + $this->_statusText = array(XOOPS_COMMENT_PENDING => '<span style="text-decoration: none; font-weight: bold; color: #00ff00;">'._CM_PENDING.'</span>', XOOPS_COMMENT_ACTIVE => '<span style="text-decoration: none; font-weight: bold; color: #ff0000;">'._CM_ACTIVE.'</span>', XOOPS_COMMENT_HIDDEN => '<span style="text-decoration: none; font-weight: bold; color: #0000ff;">'._CM_HIDDEN.'</span>'); + } + + /** + * Access the only instance of this class + * + * @param object $tpl reference to a {@link Smarty} object + * @param boolean $use_icons + * @param boolean $do_iconcheck + * @return + **/ + function &instance(&$tpl, $use_icons = true, $do_iconcheck = false) + { + static $instance; + if (!isset($instance)) { + $instance = new XoopsCommentRenderer($tpl, $use_icons, $do_iconcheck); + } + return $instance; + } + + /** + * Accessor + * + * @param object &$comments_arr array of {@link XoopsComment} objects + **/ + function setComments(&$comments_arr) + { + if (isset($this->_comments)) { + unset($this->_comments); + } + $this->_comments =& $comments_arr; + } + + /** + * Render the comments in flat view + * + * @param boolean $admin_view + **/ + function renderFlatView($admin_view = false) + { + $count = count($this->_comments); + for ($i = 0; $i < $count; $i++) { + if (false != $this->_useIcons) { + $title = $this->_getTitleIcon($this->_comments[$i]->getVar('com_icon')).' '.$this->_comments[$i]->getVar('com_title'); + } else { + $title = $this->_comments[$i]->getVar('com_title'); + } + $poster = $this->_getPosterArray($this->_comments[$i]->getVar('com_uid')); + if (false != $admin_view) { + $text = $this->_comments[$i]->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-bottom: 0px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$this->_comments[$i]->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$this->_comments[$i]->getVar('com_ip').'</span></div>'; + } else { + // hide comments that are not active + if (XOOPS_COMMENT_ACTIVE != $this->_comments[$i]->getVar('com_status')) { + continue; + } else { + $text = $this->_comments[$i]->getVar('com_text'); + } + } + $this->_tpl->append('comments', array('id' => $this->_comments[$i]->getVar('com_id'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($this->_comments[$i]->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($this->_comments[$i]->getVar('com_modified'), 'm'), 'poster' => $poster)); + } + } + + /** + * Render the comments in thread view + * * This method calls itself recursively - * - * @param integer $comment_id Should be "0" when called by client - * @param boolean $admin_view - * @param boolean $show_nav - **/ - function renderThreadView($comment_id = 0, $admin_view = false, $show_nav = true) - { - include_once XOOPS_ROOT_PATH.'/class/tree.php'; - // construct comment tree - $xot = new XoopsObjectTree($this->_comments, 'com_id', 'com_pid', 'com_rootid'); - $tree =& $xot->getTree(); - - if (false != $this->_useIcons) { - $title = $this->_getTitleIcon($tree[$comment_id]['obj']->getVar('com_icon')).' '.$tree[$comment_id]['obj']->getVar('com_title'); - } else { - $title = $tree[$comment_id]['obj']->getVar('com_title'); - } - if (false != $show_nav && $tree[$comment_id]['obj']->getVar('com_pid') != 0) { - $this->_tpl->assign('lang_top', _CM_TOP); - $this->_tpl->assign('lang_parent', _CM_PARENT); - $this->_tpl->assign('show_threadnav', true); - } else { - $this->_tpl->assign('show_threadnav', false); - } - if (false != $admin_view) { - // admins can see all - $text = $tree[$comment_id]['obj']->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-bottom: 0px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$tree[$comment_id]['obj']->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$tree[$comment_id]['obj']->getVar('com_ip').'</span></div>'; - } else { - // hide comments that are not active - if (XOOPS_COMMENT_ACTIVE != $tree[$comment_id]['obj']->getVar('com_status')) { - // if there are any child comments, display them as root comments - if (isset($tree[$comment_id]['child']) && !empty($tree[$comment_id]['child'])) { - foreach ($tree[$comment_id]['child'] as $child_id) { - $this->renderThreadView($child_id, $admin_view, false); - } - } - return; - } else { - $text = $tree[$comment_id]['obj']->getVar('com_text'); - } - } - $replies = array(); - $this->_renderThreadReplies($tree, $comment_id, $replies, ' ', $admin_view); - $show_replies = (count($replies) > 0) ? true : false; - $this->_tpl->append('comments', array('pid' => $tree[$comment_id]['obj']->getVar('com_pid'), 'id' => $tree[$comment_id]['obj']->getVar('com_id'), 'itemid' => $tree[$comment_id]['obj']->getVar('com_itemid'), 'rootid' => $tree[$comment_id]['obj']->getVar('com_rootid'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_modified'), 'm'), 'poster' => $this->_getPosterArray($tree[$comment_id]['obj']->getVar('com_uid')), 'replies' => $replies, 'show_replies' => $show_replies)); - } - - /** - * Render replies to a thread - * - * @param array &$thread - * @param int $key - * @param array $replies - * @param string $prefix - * @param bool $admin_view - * @param integer $depth - * @param string $current_prefix - * - * @access private - **/ - function _renderThreadReplies(&$thread, $key, &$replies, $prefix, $admin_view, $depth = 0, $current_prefix = '') - { + * + * @param integer $comment_id Should be "0" when called by client + * @param boolean $admin_view + * @param boolean $show_nav + **/ + function renderThreadView($comment_id = 0, $admin_view = false, $show_nav = true) + { + include_once XOOPS_ROOT_PATH.'/class/tree.php'; + // construct comment tree + $xot = new XoopsObjectTree($this->_comments, 'com_id', 'com_pid', 'com_rootid'); + $tree =& $xot->getTree(); + + if (false != $this->_useIcons) { + $title = $this->_getTitleIcon($tree[$comment_id]['obj']->getVar('com_icon')).' '.$tree[$comment_id]['obj']->getVar('com_title'); + } else { + $title = $tree[$comment_id]['obj']->getVar('com_title'); + } + if (false != $show_nav && $tree[$comment_id]['obj']->getVar('com_pid') != 0) { + $this->_tpl->assign('lang_top', _CM_TOP); + $this->_tpl->assign('lang_parent', _CM_PARENT); + $this->_tpl->assign('show_threadnav', true); + } else { + $this->_tpl->assign('show_threadnav', false); + } + if (false != $admin_view) { + // admins can see all + $text = $tree[$comment_id]['obj']->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-bottom: 0px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$tree[$comment_id]['obj']->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$tree[$comment_id]['obj']->getVar('com_ip').'</span></div>'; + } else { + // hide comments that are not active + if (XOOPS_COMMENT_ACTIVE != $tree[$comment_id]['obj']->getVar('com_status')) { + // if there are any child comments, display them as root comments + if (isset($tree[$comment_id]['child']) && !empty($tree[$comment_id]['child'])) { + foreach ($tree[$comment_id]['child'] as $child_id) { + $this->renderThreadView($child_id, $admin_view, false); + } + } + return; + } else { + $text = $tree[$comment_id]['obj']->getVar('com_text'); + } + } + $replies = array(); + $this->_renderThreadReplies($tree, $comment_id, $replies, ' ', $admin_view); + $show_replies = (count($replies) > 0) ? true : false; + $this->_tpl->append('comments', array('pid' => $tree[$comment_id]['obj']->getVar('com_pid'), 'id' => $tree[$comment_id]['obj']->getVar('com_id'), 'itemid' => $tree[$comment_id]['obj']->getVar('com_itemid'), 'rootid' => $tree[$comment_id]['obj']->getVar('com_rootid'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_modified'), 'm'), 'poster' => $this->_getPosterArray($tree[$comment_id]['obj']->getVar('com_uid')), 'replies' => $replies, 'show_replies' => $show_replies)); + } + + /** + * Render replies to a thread + * + * @param array &$thread + * @param int $key + * @param array $replies + * @param string $prefix + * @param bool $admin_view + * @param integer $depth + * @param string $current_prefix + * + * @access private + **/ + function _renderThreadReplies(&$thread, $key, &$replies, $prefix, $admin_view, $depth = 0, $current_prefix = '') + { if ($depth > 0) { - if (false != $this->_useIcons) { - $title = $this->_getTitleIcon($thread[$key]['obj']->getVar('com_icon')).' '.$thread[$key]['obj']->getVar('com_title'); - } else { - $title = $thread[$key]['obj']->getVar('com_title'); - } - $title = (false != $admin_view) ? $title.' '.$this->_statusText[$thread[$key]['obj']->getVar('com_status')] : $title; - $replies[] = array('id' => $key, 'prefix' => $current_prefix, 'date_posted' => formatTimestamp($thread[$key]['obj']->getVar('com_created'), 'm'), 'title' => $title, 'root_id' => $thread[$key]['obj']->getVar('com_rootid'), 'status' => $this->_statusText[$thread[$key]['obj']->getVar('com_status')], 'poster' => $this->_getPosterName($thread[$key]['obj']->getVar('com_uid'))); + if (false != $this->_useIcons) { + $title = $this->_getTitleIcon($thread[$key]['obj']->getVar('com_icon')).' '.$thread[$key]['obj']->getVar('com_title'); + } else { + $title = $thread[$key]['obj']->getVar('com_title'); + } + $title = (false != $admin_view) ? $title.' '.$this->_statusText[$thread[$key]['obj']->getVar('com_status')] : $title; + $replies[] = array('id' => $key, 'prefix' => $current_prefix, 'date_posted' => formatTimestamp($thread[$key]['obj']->getVar('com_created'), 'm'), 'title' => $title, 'root_id' => $thread[$key]['obj']->getVar('com_rootid'), 'status' => $this->_statusText[$thread[$key]['obj']->getVar('com_status')], 'poster' => $this->_getPosterName($thread[$key]['obj']->getVar('com_uid'))); $current_prefix .= $prefix; } if (isset($thread[$key]['child']) && !empty($thread[$key]['child'])) { - $depth++; + $depth++; foreach ($thread[$key]['child'] as $childkey) { if (!$admin_view && $thread[$childkey]['obj']->getVar('com_status') != XOOPS_COMMENT_ACTIVE) { // skip this comment if it is not active and continue on processing its child comments instead @@ -216,74 +216,74 @@ } } } - } + } - /** - * Render comments in nested view - * + /** + * Render comments in nested view + * * Danger: Recursive! - * - * @param integer $comment_id Always "0" when called by client. - * @param boolean $admin_view - **/ - function renderNestView($comment_id = 0, $admin_view = false) - { - include_once XOOPS_ROOT_PATH.'/class/tree.php'; - $xot = new XoopsObjectTree($this->_comments, 'com_id', 'com_pid', 'com_rootid'); - $tree =& $xot->getTree(); - if (false != $this->_useIcons) { - $title = $this->_getTitleIcon($tree[$comment_id]['obj']->getVar('com_icon')).' '.$tree[$comment_id]['obj']->getVar('com_title'); - } else { - $title = $tree[$comment_id]['obj']->getVar('com_title'); - } - if (false != $admin_view) { - $text = $tree[$comment_id]['obj']->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-bottom: 0px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$tree[$comment_id]['obj']->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$tree[$comment_id]['obj']->getVar('com_ip').'</span></div>'; - } else { - // skip this comment if it is not active and continue on processing its child comments instead - if (XOOPS_COMMENT_ACTIVE != $tree[$comment_id]['obj']->getVar('com_status')) { - // if there are any child comments, display them as root comments - if (isset($tree[$comment_id]['child']) && !empty($tree[$comment_id]['child'])) { - foreach ($tree[$comment_id]['child'] as $child_id) { - $this->renderNestView($child_id, $admin_view); - } - } - return; - } else { - $text = $tree[$comment_id]['obj']->getVar('com_text'); - } - } - $replies = array(); - $this->_renderNestReplies($tree, $comment_id, $replies, 25, $admin_view); - $this->_tpl->append('comments', array('pid' => $tree[$comment_id]['obj']->getVar('com_pid'), 'id' => $tree[$comment_id]['obj']->getVar('com_id'), 'itemid' => $tree[$comment_id]['obj']->getVar('com_itemid'), 'rootid' => $tree[$comment_id]['obj']->getVar('com_rootid'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_modified'), 'm'), 'poster' => $this->_getPosterArray($tree[$comment_id]['obj']->getVar('com_uid')), 'replies' => $replies)); - } - - /** - * Render replies in nested view - * - * @param array $thread - * @param int $key - * @param array $replies - * @param string $prefix - * @param bool $admin_view - * @param integer $depth - * - * @access private - **/ - function _renderNestReplies(&$thread, $key, &$replies, $prefix, $admin_view, $depth = 0) - { + * + * @param integer $comment_id Always "0" when called by client. + * @param boolean $admin_view + **/ + function renderNestView($comment_id = 0, $admin_view = false) + { + include_once XOOPS_ROOT_PATH.'/class/tree.php'; + $xot = new XoopsObjectTree($this->_comments, 'com_id', 'com_pid', 'com_rootid'); + $tree =& $xot->getTree(); + if (false != $this->_useIcons) { + $title = $this->_getTitleIcon($tree[$comment_id]['obj']->getVar('com_icon')).' '.$tree[$comment_id]['obj']->getVar('com_title'); + } else { + $title = $tree[$comment_id]['obj']->getVar('com_title'); + } + if (false != $admin_view) { + $text = $tree[$comment_id]['obj']->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-bottom: 0px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$tree[$comment_id]['obj']->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$tree[$comment_id]['obj']->getVar('com_ip').'</span></div>'; + } else { + // skip this comment if it is not active and continue on processing its child comments instead + if (XOOPS_COMMENT_ACTIVE != $tree[$comment_id]['obj']->getVar('com_status')) { + // if there are any child comments, display them as root comments + if (isset($tree[$comment_id]['child']) && !empty($tree[$comment_id]['child'])) { + foreach ($tree[$comment_id]['child'] as $child_id) { + $this->renderNestView($child_id, $admin_view); + } + } + return; + } else { + $text = $tree[$comment_id]['obj']->getVar('com_text'); + } + } + $replies = array(); + $this->_renderNestReplies($tree, $comment_id, $replies, 25, $admin_view); + $this->_tpl->append('comments', array('pid' => $tree[$comment_id]['obj']->getVar('com_pid'), 'id' => $tree[$comment_id]['obj']->getVar('com_id'), 'itemid' => $tree[$comment_id]['obj']->getVar('com_itemid'), 'rootid' => $tree[$comment_id]['obj']->getVar('com_rootid'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($tree[$comment_id]['obj']->getVar('com_modified'), 'm'), 'poster' => $this->_getPosterArray($tree[$comment_id]['obj']->getVar('com_uid')), 'replies' => $replies)); + } + + /** + * Render replies in nested view + * + * @param array $thread + * @param int $key + * @param array $replies + * @param string $prefix + * @param bool $admin_view + * @param integer $depth + * + * @access private + **/ + function _renderNestReplies(&$thread, $key, &$replies, $prefix, $admin_view, $depth = 0) + { if ($depth > 0) { - if (false != $this->_useIcons) { - $title = $this->_getTitleIcon($thread[$key]['obj']->getVar('com_icon')).' '.$thread[$key]['obj']->getVar('com_title'); - } else { - $title = $thread[$key]['obj']->getVar('com_title'); - } - $text = (false != $admin_view) ? $thread[$key]['obj']->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$thread[$key]['obj']->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$thread[$key]['obj']->getVar('com_ip').'</span></div>' : $thread[$key]['obj']->getVar('com_text'); - $replies[] = array('id' => $key, 'prefix' => $prefix, 'pid' => $thread[$key]['obj']->getVar('com_pid'), 'itemid' => $thread[$key]['obj']->getVar('com_itemid'), 'rootid' => $thread[$key]['obj']->getVar('com_rootid'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($thread[$key]['obj']->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($thread[$key]['obj']->getVar('com_modified'), 'm'), 'poster' => $this->_getPosterArray($thread[$key]['obj']->getVar('com_uid'))); + if (false != $this->_useIcons) { + $title = $this->_getTitleIcon($thread[$key]['obj']->getVar('com_icon')).' '.$thread[$key]['obj']->getVar('com_title'); + } else { + $title = $thread[$key]['obj']->getVar('com_title'); + } + $text = (false != $admin_view) ? $thread[$key]['obj']->getVar('com_text').'<div style="text-align:right; margin-top: 2px; margin-right: 2px;">'._CM_STATUS.': '.$this->_statusText[$thread[$key]['obj']->getVar('com_status')].'<br />IP: <span style="font-weight: bold;">'.$thread[$key]['obj']->getVar('com_ip').'</span></div>' : $thread[$key]['obj']->getVar('com_text'); + $replies[] = array('id' => $key, 'prefix' => $prefix, 'pid' => $thread[$key]['obj']->getVar('com_pid'), 'itemid' => $thread[$key]['obj']->getVar('com_itemid'), 'rootid' => $thread[$key]['obj']->getVar('com_rootid'), 'title' => $title, 'text' => $text, 'date_posted' => formatTimestamp($thread[$key]['obj']->getVar('com_created'), 'm'), 'date_modified' => formatTimestamp($thread[$key]['obj']->getVar('com_modified'), 'm'), 'poster' => $this->_getPosterArray($thread[$key]['obj']->getVar('com_uid'))); $prefix = $prefix + 25; } if (isset($thread[$key]['child']) && !empty($thread[$key]['child'])) { - $depth++; + $depth++; foreach ($thread[$key]['child'] as $childkey) { if (!$admin_view && $thread[$childkey]['obj']->getVar('com_status') != XOOPS_COMMENT_ACTIVE) { // skip this comment if it is not active and continue on processing its child comments instead @@ -297,91 +297,93 @@ } } } - } + } - /** - * Get the name of the poster - * - * @param int $poster_id - * @return string - * - * @access private - **/ - function _getPosterName($poster_id) - { - $poster['id'] = intval($poster_id); - if ($poster['id'] > 0) { - $com_poster =& $this->_memberHandler->getUser($poster_id); - if (is_object($com_poster)) { - $poster['uname'] = '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$poster['id'].'">'.$com_poster->getVar('uname').'</a>'; - return $poster; - } - } + /** + * Get the name of the poster + * + * @param int $poster_id + * @return string + * + * @access private + **/ + function _getPosterName($poster_id) + { + $poster['id'] = intval($poster_id); + if ($poster['id'] > 0) { + $com_poster =& $this->_memberHandler->getUser($poster_id); + if (is_object($com_poster)) { + $poster['uname'] = '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$poster['id'].'">'.$com_poster->getVar('uname').'</a>'; + return $poster; + } + } $poster['id'] = 0; // to cope with deleted user accounts - $poster['uname'] = $GLOBALS['xoopsConfig']['anonymous']; - return $poster; - } - - /** - * Get an array with info about the poster - * - * @param int $poster_id - * @return array - * - * @access private - **/ - function _getPosterArray($poster_id) - { - $poster['id'] = intval($poster_id); - if ($poster['id'] > 0) { - $com_poster =& $this->_memberHandler->getUser($poster['id']); - if (is_object($com_poster)) { - $poster['uname'] = '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$poster['id'].'">'.$com_poster->getVar('uname').'</a>'; - $poster_rank = $com_poster->rank(); - $poster['rank_image'] = ($poster_rank['image'] != '') ? $poster_rank['image'] : 'blank.gif'; - $poster['rank_title'] = $poster_rank['title']; - $poster['avatar'] = $com_poster->getVar('user_avatar'); - $poster['regdate'] = formatTimestamp($com_poster->getVar('user_regdate'), 's'); - $poster['from'] = $com_poster->getVar('user_from'); - $poster['postnum'] = $com_poster->getVar('posts'); - $poster['status'] = $com_poster->isOnline() ? _CM_ONLINE : ''; - return $poster; - } - } + $poster['uname'] = $GLOBALS['xoopsConfig']['anonymous']; + return $poster; + } + + /** + * Get an array with info about the poster + * + * @param int $poster_id + * @return array + * + * @access private + **/ + function _getPosterArray($poster_id) + { + $poster['id'] = intval($poster_id); + if ($poster['id'] > 0) { + $com_poster =& $this->_memberHandler->getUser($poster['id']); + if (is_object($com_poster)) { + $poster['uname'] = '<a href="'.XOOPS_URL.'/userinfo.php?uid='.$poster['id'].'">'.$com_poster->getVar('uname').'</a>'; + $poster_rank = $com_poster->rank(); + $poster['rank_image'] = ($poster_rank['image'] != '') ? $poster_rank['image'] : 'blank.gif'; + $poster['rank_title'] = $poster_rank['title']; + $poster['avatar'] = $com_poster->getVar('user_avatar'); + $poster['regdate'] = formatTimestamp($com_poster->getVar('user_regdate'), 's'); + $poster['from'] = $com_poster->getVar('user_from'); + $poster['postnum'] = $com_poster->getVar('posts'); + $poster['status'] = $com_poster->isOnline() ? _CM_ONLINE : ''; + return $poster; + } + } $poster['id'] = 0; // to cope with deleted user accounts - $poster['uname'] = $GLOBALS['xoopsConfig']['anonymous']; - $poster['rank_title'] = ''; - $poster['avatar'] = 'blank.gif'; - $poster['regdate'] = ''; - $poster['from'] = ''; - $poster['postnum'] = 0; - $poster['status'] = ''; - return $poster; - } - - /** - * Get the IMG tag for the title icon - * - * @param string $icon_image - * @return string HTML IMG tag - * - * @access private - **/ - function _getTitleIcon($icon_image) - { - if ($icon_image != '') { - if (false != $this->_doIconCheck) { - if (!file_exists(XOOPS_URL.'/images/subject/'.$icon_image)) { - return '<img src="'.XOOPS_URL.'/images/icons/no_posticon.gif" alt="" />'; - } else { - return '<img src="'.XOOPS_URL.'/images/subject/'.$icon_image.'" alt="" />'; - } - } else { - return '<img src="'.XOOPS_URL.'/images/subject/'.$icon_image.'" alt="" />'; - } - } - return '<img src="'.XOOPS_URL.'/images/icons/no_posticon.gif" alt="" />'; - } + $poster['uname'] = $GLOBALS['xoopsConfig']['anonymous']; + $poster['rank_title'] = ''; + $poster['avatar'] = 'blank.gif'; + $poster['regdate'] = ''; + $poster['from'] = ''; + $poster['postnum'] = 0; + $poster['status'] = ''; + return $poster; + } + + /** + * Get the IMG tag for the title icon + * + * @param string $icon_image + * @return string HTML IMG tag + * + * @access private + **/ + function _getTitleIcon($icon_image) + { + $icon_image = trim($icon_image); + if ($icon_image != '') { + $icon_image = htmlspecialchars($icon_image); + if (false != $this->_doIconCheck) { + if (!file_exists(XOOPS_URL.'/images/subject/'.$icon_image)) { + return '<img src="'.XOOPS_URL.'/images/icons/no_posticon.gif" alt="" />'; + } else { + return '<img src="'.XOOPS_URL.'/images/subject/'.$icon_image.'" alt="" />'; + } + } else { + return '<img src="'.XOOPS_URL.'/images/subject/'.$icon_image.'" alt="" />'; + } + } + return '<img src="'.XOOPS_URL.'/images/icons/no_posticon.gif" alt="" />'; + } } ?> \ No newline at end of file Index: xoops2jp/html/class/uploader.php diff -u xoops2jp/html/class/uploader.php:1.2.8.2 xoops2jp/html/class/uploader.php:1.2.8.3 --- xoops2jp/html/class/uploader.php:1.2.8.2 Sun Oct 23 18:44:34 2005 +++ xoops2jp/html/class/uploader.php Fri Dec 30 17:20:10 2005 @@ -1,5 +1,5 @@ <?php -// $Id: uploader.php,v 1.2.8.2 2005/10/23 09:44:34 minahito Exp $ +// $Id: uploader.php,v 1.2.8.3 2005/12/30 08:20:10 minahito Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -60,6 +60,11 @@ * @copyright (c) 2000-2003 The Xoops Project - www.xoops.org */ +define("XCUBE_IMAGETYPE_ENUM_GIF",1); +define("XCUBE_IMAGETYPE_ENUM_JPG",2); +define("XCUBE_IMAGETYPE_ENUM_PNG",3); +define("XCUBE_IMAGETYPE_ENUM_BMP",6); + class XoopsMediaUploader { /** @@ -116,7 +121,11 @@ $this->maxHeight = intval($maxHeight); } - $this->_strictCheckExtensions = array("gif","jpg","jpeg","png","tiff","bmp"); + $this->_strictCheckExtensions = array("gif"=>XCUBE_IMAGETYPE_ENUM_GIF, + "jpg"=>XCUBE_IMAGETYPE_ENUM_JPG, + "jpeg"=>XCUBE_IMAGETYPE_ENUM_JPG, + "png"=>XCUBE_IMAGETYPE_ENUM_PNG, + "bmp"=>XCUBE_IMAGETYPE_ENUM_BMP); } function setAllowedExtensions($extensions) @@ -124,6 +133,11 @@ $this->allowedExtensions = is_array($extensions) ? $extensions : array(); } + function setStrictCheckExtensions($extensions) + { + $this->_strictCheckExtensions = $extensions; + } + /** * Fetch the uploaded file * @@ -157,7 +171,7 @@ $this->mediaError = !empty($media_name['error']) ? $media_name['error'] : 0; } if ( ($ext = strrpos( $this->mediaName, '.' )) !== false ) { - $this->ext = substr( $this->mediaName, $ext + 1 ); + $this->ext = strtolower ( substr( $this->mediaName, $ext + 1 ) ); if ( isset( $this->extensionToMime[$this->ext] ) ) { $this->mediaRealType = $this->extensionToMime[$this->ext]; //trigger_error( "XoopsMediaUploader: Set mediaRealType to {$this->mediaRealType} (file extension is ".$this->ext.")", E_USER_NOTICE ); @@ -409,7 +423,7 @@ } // If this extension need strict check, call method for it. - if(in_array($this->ext,$this->_strictCheckExtensions)) { + if(isset($this->_strictCheckExtensions[$this->ext])) { return $this->_checkStrict(); } else { @@ -419,7 +433,12 @@ function _checkStrict() { - return (getimagesize($this->mediaTmpName)!==false); + $parseValue = getimagesize($this->mediaTmpName); + + if($parseValue===false) + return false; + + return $parseValue[2]==$this->_strictCheckExtensions[$this->ext]; } /** @@ -432,6 +451,7 @@ if ( empty( $this->mediaRealType ) && !$this->allowUnknownTypes ) { return false; } + return ( empty($this->allowedMimeTypes) || in_array($this->mediaRealType, $this->allowedMimeTypes) ); } Index: xoops2jp/html/class/module.textsanitizer.php diff -u xoops2jp/html/class/module.textsanitizer.php:1.2.8.1 xoops2jp/html/class/module.textsanitizer.php:1.2.8.2 --- xoops2jp/html/class/module.textsanitizer.php:1.2.8.1 Wed Oct 19 02:16:18 2005 +++ xoops2jp/html/class/module.textsanitizer.php Fri Dec 30 17:20:10 2005 @@ -1,5 +1,5 @@ <?php -// $Id: module.textsanitizer.php,v 1.2.8.1 2005/10/18 17:16:18 minahito Exp $ +// $Id: module.textsanitizer.php,v 1.2.8.2 2005/12/30 08:20:10 minahito Exp $ // ------------------------------------------------------------------------ // // XOOPS - PHP Content Management System // // Copyright (c) 2000 XOOPS.org // @@ -145,6 +145,9 @@ **/ function &xoopsCodeDecode(&$text, $allowimage = 1) { + $imgCallbackPattern = "/\[img( align=\w+)]([^\"\(\)\?\&'<>]*)\[\/img\]/sU"; + $text = preg_replace_callback($imgCallbackPattern, array($this, '_filterImgUrl'), $text); + $patterns = array(); $replacements = array(); // RMV: added new markup for intrasite url (allows easier site moves) @@ -203,6 +206,37 @@ } /** + * Filters out invalid strings included in URL, if any + * + * @param array $matches + * @return string + */ + function _filterImgUrl($matches) + { + if ($this->checkUrlString($matches[2])) { + return $matches[0]; + } else { + return ""; + } + } + + /** + * Checks if invalid strings are included in URL + * + * @param string $text + * @return bool + */ + function checkUrlString($text) + { + // Check control code + if (preg_match("/[\\0-\\31]/", $text)) { + return false; + } + // check black pattern(deprecated) + return !preg_match("/^(javascript|vbscript|about):/i", $text); + } + + /** * Convert linebreaks to <br /> tags * * @param string $text
