1<?php
2/**
3 * @license    GPL 2 (http://www.gnu.org/licenses/gpl.html)
4 * @author     Esther Brunner <wikidesign@gmail.com>
5 */
6
7/**
8 * Class action_plugin_discussion
9 */
10class action_plugin_discussion extends DokuWiki_Action_Plugin{
11
12    /** @var helper_plugin_avatar */
13    var $avatar = null;
14    var $style = null;
15    var $use_avatar = null;
16    /** @var helper_plugin_discussion */
17    var $helper = null;
18
19    /**
20     * load helper
21     */
22    public function __construct() {
23        $this->helper = plugin_load('helper', 'discussion');
24    }
25
26    /**
27     * Register the handlers
28     *
29     * @param Doku_Event_Handler $contr DokuWiki's event controller object.
30     */
31    public function register(Doku_Event_Handler $contr) {
32        $contr->register_hook(
33                'ACTION_ACT_PREPROCESS',
34                'BEFORE',
35                $this,
36                'handle_act_preprocess',
37                array()
38                );
39        $contr->register_hook(
40                'TPL_ACT_RENDER',
41                'AFTER',
42                $this,
43                'comments',
44                array()
45                );
46        $contr->register_hook(
47                'INDEXER_PAGE_ADD',
48                'AFTER',
49                $this,
50                'idx_add_discussion',
51                array('id' => 'page', 'text' => 'body')
52                );
53        $contr->register_hook(
54                'FULLTEXT_SNIPPET_CREATE',
55                'BEFORE',
56                $this,
57                'idx_add_discussion',
58                array('id' => 'id', 'text' => 'text')
59                );
60        $contr->register_hook(
61                'INDEXER_VERSION_GET',
62                'BEFORE',
63                $this,
64                'idx_version',
65                array()
66                );
67        $contr->register_hook(
68                'FULLTEXT_PHRASE_MATCH',
69                'AFTER',
70                $this,
71                'ft_phrase_match',
72                array()
73        );
74        $contr->register_hook(
75                'PARSER_METADATA_RENDER',
76                'AFTER',
77                $this,
78                'update_comment_status',
79                array()
80        );
81        $contr->register_hook(
82                'TPL_METAHEADER_OUTPUT',
83                'BEFORE',
84                $this,
85                'handle_tpl_metaheader_output',
86                array()
87                );
88        $contr->register_hook(
89                'TOOLBAR_DEFINE',
90                'AFTER',
91                $this,
92                'handle_toolbar_define',
93                array()
94                );
95        $contr->register_hook(
96                'AJAX_CALL_UNKNOWN',
97                'BEFORE',
98                $this,
99                'handle_ajax_call',
100                array()
101                );
102        $contr->register_hook(
103                'TPL_TOC_RENDER',
104                'BEFORE',
105                $this,
106                'handle_toc_render',
107                array()
108                );
109    }
110
111    /**
112     * Preview Comments
113     *
114     * @author Michael Klier <chi@chimeric.de>
115     *
116     * @param Doku_Event $event
117     * @param $params
118     */
119    public function handle_ajax_call(Doku_Event $event, $params) {
120        if($event->data != 'discussion_preview') return;
121        $event->preventDefault();
122        $event->stopPropagation();
123        print p_locale_xhtml('preview');
124        print '<div class="comment_preview">';
125        if(!$_SERVER['REMOTE_USER'] && !$this->getConf('allowguests')) {
126            print p_locale_xhtml('denied');
127        } else {
128            print $this->_render($_REQUEST['comment']);
129        }
130        print '</div>';
131    }
132
133    /**
134     * Adds a TOC item if a discussion exists
135     *
136     * @author Michael Klier <chi@chimeric.de>
137     *
138     * @param Doku_Event $event
139     * @param $params
140     */
141    public function handle_toc_render(Doku_Event $event, $params) {
142        global $ACT;
143        if($this->_hasDiscussion($title) && $event->data && $ACT != 'admin') {
144            $tocitem = array( 'hid' => 'discussion__section',
145                              'title' => $this->getLang('discussion'),
146                              'type' => 'ul',
147                              'level' => 1 );
148
149            array_push($event->data, $tocitem);
150        }
151    }
152
153    /**
154     * Modify Tollbar for use with discussion plugin
155     *
156     * @author Michael Klier <chi@chimeric.de>
157     *
158     * @param Doku_Event $event
159     * @param $param
160     */
161    public function handle_toolbar_define(Doku_Event $event, $param) {
162        global $ACT;
163        if($ACT != 'show') return;
164
165        if($this->_hasDiscussion($title) && $this->getConf('wikisyntaxok')) {
166            $toolbar = array();
167            foreach($event->data as $btn) {
168                if($btn['type'] == 'mediapopup') continue;
169                if($btn['type'] == 'signature') continue;
170                if($btn['type'] == 'linkwiz') continue;
171                if($btn['type'] == 'NewTable') continue; //skip button for Edittable Plugin
172                if(preg_match("/=+?/", $btn['open'])) continue;
173                array_push($toolbar, $btn);
174            }
175            $event->data = $toolbar;
176        }
177    }
178
179    /**
180     * Dirty workaround to add a toolbar to the discussion plugin
181     *
182     * @author Michael Klier <chi@chimeric.de>
183     *
184     * @param Doku_Event $event
185     * @param $param
186     */
187    public function handle_tpl_metaheader_output(Doku_Event $event, $param) {
188        global $ACT;
189        global $ID;
190        if($ACT != 'show') return;
191
192        if($this->_hasDiscussion($title) && $this->getConf('wikisyntaxok')) {
193            // FIXME ugly workaround, replace this once DW the toolbar code is more flexible
194            @require_once(DOKU_INC.'inc/toolbar.php');
195            ob_start();
196            print 'NS = "' . getNS($ID) . '";'; // we have to define NS, otherwise we get get JS errors
197            toolbar_JSdefines('toolbar');
198            $script = ob_get_clean();
199            array_push($event->data['script'], array('type' => 'text/javascript', 'charset' => "utf-8", '_data' => $script));
200        }
201    }
202
203    /**
204     * Handles comment actions, dispatches data processing routines
205     *
206     * @param Doku_Event $event
207     * @param $param
208     * @return bool
209     */
210    public function handle_act_preprocess(Doku_Event $event, $param) {
211        global $ID;
212        global $INFO;
213        global $lang;
214
215        // handle newthread ACTs
216        if ($event->data == 'newthread') {
217            // we can handle it -> prevent others
218            $event->data = $this->_newThread();
219        }
220
221        // enable captchas
222        if (in_array($_REQUEST['comment'], array('add', 'save'))) {
223            $this->_captchaCheck();
224            $this->_recaptchaCheck();
225        }
226
227        // if we are not in show mode or someone wants to unsubscribe, that was all for now
228        if ($event->data != 'show' && $event->data != 'discussion_unsubscribe' && $event->data != 'discussion_confirmsubscribe') return;
229
230        if ($event->data == 'discussion_unsubscribe' or $event->data == 'discussion_confirmsubscribe') {
231            if (!isset($_REQUEST['hash'])) {
232                return;
233            } else {
234                $file = metaFN($ID, '.comments');
235                $data = unserialize(io_readFile($file));
236                $themail = '';
237                foreach($data['subscribers'] as $mail => $info)  {
238                    // convert old style subscribers just in case
239                    if(!is_array($info)) {
240                        $hash = $data['subscribers'][$mail];
241                        $data['subscribers'][$mail]['hash']   = $hash;
242                        $data['subscribers'][$mail]['active'] = true;
243                        $data['subscribers'][$mail]['confirmsent'] = true;
244                    }
245
246                    if ($data['subscribers'][$mail]['hash'] == $_REQUEST['hash']) {
247                        $themail = $mail;
248                    }
249                }
250
251                if($themail != '') {
252                    if($event->data == 'discussion_unsubscribe') {
253                        unset($data['subscribers'][$themail]);
254                        msg(sprintf($lang['subscr_unsubscribe_success'], $themail, $ID), 1);
255                    } elseif($event->data == 'discussion_confirmsubscribe') {
256                        $data['subscribers'][$themail]['active'] = true;
257                        msg(sprintf($lang['subscr_subscribe_success'], $themail, $ID), 1);
258                    }
259                    io_saveFile($file, serialize($data));
260                    $event->data = 'show';
261                }
262                return;
263
264            }
265        } else {
266            // do the data processing for comments
267            $cid  = $_REQUEST['cid'];
268            switch ($_REQUEST['comment']) {
269                case 'add':
270                    if(empty($_REQUEST['text'])) return; // don't add empty comments
271                    if(isset($_SERVER['REMOTE_USER']) && !$this->getConf('adminimport')) {
272                        $comment['user']['id'] = $_SERVER['REMOTE_USER'];
273                        $comment['user']['name'] = $INFO['userinfo']['name'];
274                        $comment['user']['mail'] = $INFO['userinfo']['mail'];
275                    } elseif((isset($_SERVER['REMOTE_USER']) && $this->getConf('adminimport') && $this->helper->isDiscussionMod()) || !isset($_SERVER['REMOTE_USER'])) {
276                        if(empty($_REQUEST['name']) or empty($_REQUEST['mail'])) return; // don't add anonymous comments
277                        if(!mail_isvalid($_REQUEST['mail'])) {
278                            msg($lang['regbadmail'], -1);
279                            return;
280                        } else {
281                            $comment['user']['id'] = 'test'.hsc($_REQUEST['user']);
282                            $comment['user']['name'] = hsc($_REQUEST['name']);
283                            $comment['user']['mail'] = hsc($_REQUEST['mail']);
284                        }
285                    }
286                    $comment['user']['address'] = ($this->getConf('addressfield')) ? hsc($_REQUEST['address']) : '';
287                    $comment['user']['url'] = ($this->getConf('urlfield')) ? $this->_checkURL($_REQUEST['url']) : '';
288                    $comment['subscribe'] = ($this->getConf('subscribe')) ? $_REQUEST['subscribe'] : '';
289                    $comment['date'] = array('created' => $_REQUEST['date']);
290                    $comment['raw'] = cleanText($_REQUEST['text']);
291                    $repl = $_REQUEST['reply'];
292                    if($this->getConf('moderate') && !$this->helper->isDiscussionMod()) {
293                        $comment['show'] = false;
294                    } else {
295                        $comment['show'] = true;
296                    }
297                    $this->_add($comment, $repl);
298                    break;
299
300                case 'save':
301                    $raw  = cleanText($_REQUEST['text']);
302                    $this->save(array($cid), $raw);
303                    break;
304
305                case 'delete':
306                    $this->save(array($cid), '');
307                    break;
308
309                case 'toogle':
310                    $this->save(array($cid), '', 'toogle');
311                    break;
312            }
313        }
314    }
315
316    /**
317     * Main function; dispatches the visual comment actions
318     */
319    public function comments(Doku_Event $event, $param) {
320        if ($event->data != 'show') return; // nothing to do for us
321
322        $cid  = $_REQUEST['cid'];
323        if(!$cid) {
324            $cid = $_REQUEST['reply'];
325        }
326        switch ($_REQUEST['comment']) {
327            case 'edit':
328                $this->_show(NULL, $cid);
329                break;
330            default:
331                $this->_show($cid);
332                break;
333        }
334    }
335
336    /**
337     * Redirects browser to given comment anchor
338     */
339    protected function _redirect($cid) {
340        global $ID;
341        global $ACT;
342
343        if ($ACT !== 'show') return;
344
345        if($this->getConf('moderate') && !$this->helper->isDiscussionMod()) {
346            msg($this->getLang('moderation'), 1);
347            @session_start();
348            global $MSG;
349            $_SESSION[DOKU_COOKIE]['msg'] = $MSG;
350            session_write_close();
351            $url = wl($ID);
352        } else {
353            $url = wl($ID) . '#comment_' . $cid;
354        }
355
356        if (function_exists('send_redirect')) {
357            send_redirect($url);
358        } else {
359            header('Location: ' . $url);
360        }
361        exit();
362    }
363
364    /**
365     * Checks config settings to enable/disable discussions
366     *
367     * @return bool
368     */
369    public function isDiscussionEnabled() {
370        global $INFO;
371
372        if($this->getConf('excluded_ns') == '') {
373            $isNamespaceExcluded = false;
374        } else {
375            $isNamespaceExcluded = preg_match($this->getConf('excluded_ns'), $INFO['namespace']);
376        }
377
378        if($this->getConf('automatic')) {
379            if($isNamespaceExcluded) {
380                return false;
381            } else {
382                return true;
383            }
384        } else {
385            if($isNamespaceExcluded) {
386                return true;
387            } else {
388                return false;
389            }
390        }
391    }
392
393    /**
394     * Shows all comments of the current page
395     */
396    protected function _show($reply = null, $edit = null) {
397        global $ID;
398        global $INFO;
399
400        // get .comments meta file name
401        $file = metaFN($ID, '.comments');
402
403        if (!$INFO['exists']) return false;
404        if (!@file_exists($file) && !$this->isDiscussionEnabled()) return false;
405        if (!$_SERVER['REMOTE_USER'] && !$this->getConf('showguests')) return false;
406
407        // load data
408        if (@file_exists($file)) {
409            $data = unserialize(io_readFile($file, false));
410            if (!$data['status']) return false; // comments are turned off
411        } elseif (!@file_exists($file) && $this->isDiscussionEnabled() && $INFO['exists']) {
412            // set status to show the comment form
413            $data['status'] = 1;
414            $data['number'] = 0;
415        }
416
417        // show discussion wrapper only on certain circumstances
418        $cnt = empty($data['comments']) ? 0 : count($data['comments']);
419        $keys = @array_keys($data['comments']);
420        $show = false;
421        if($cnt > 1 || ($cnt == 1 && $data['comments'][$keys[0]]['show'] == 1) || $this->getConf('allowguests') || isset($_SERVER['REMOTE_USER'])) {
422            $show = true;
423            // section title
424            $title = ($data['title'] ? hsc($data['title']) : $this->getLang('discussion'));
425            ptln('<div class="comment_wrapper" id="comment_wrapper">'); // the id value is used for visibility toggling the section
426            ptln('<h2><a name="discussion__section" id="discussion__section">', 2);
427            ptln($title, 4);
428            ptln('</a></h2>', 2);
429            ptln('<div class="level2 hfeed">', 2);
430        }
431
432        // now display the comments
433        if (isset($data['comments'])) {
434            if (!$this->getConf('usethreading')) {
435                $data['comments'] = $this->_flattenThreads($data['comments']);
436                uasort($data['comments'], '_sortCallback');
437            }
438            if($this->getConf('newestfirst')) {
439                $data['comments'] = array_reverse($data['comments']);
440            }
441            foreach ($data['comments'] as $key => $value) {
442                if ($key == $edit) $this->_form($value['raw'], 'save', $edit); // edit form
443                else $this->_print($key, $data, '', $reply);
444            }
445        }
446
447        // comment form
448        if (($data['status'] == 1) && (!$reply || !$this->getConf('usethreading')) && !$edit) $this->_form('');
449
450        if($show) {
451            ptln('</div>', 2); // level2 hfeed
452            ptln('</div>'); // comment_wrapper
453        }
454
455        // check for toggle print configuration
456        if($this->getConf('visibilityButton')) {
457            // print the hide/show discussion section button
458            $this->_print_toggle_button();
459        }
460
461        return true;
462    }
463
464    /**
465     * @param array      $comments
466     * @param null|array $keys
467     * @return array
468     */
469    protected function _flattenThreads($comments, $keys = null) {
470        if (is_null($keys))
471            $keys = array_keys($comments);
472
473        foreach($keys as $cid) {
474            if (!empty($comments[$cid]['replies'])) {
475                $rids = $comments[$cid]['replies'];
476                $comments = $this->_flattenThreads($comments, $rids);
477                $comments[$cid]['replies'] = array();
478            }
479            $comments[$cid]['parent'] = '';
480        }
481        return $comments;
482    }
483
484    /**
485     * Adds a new comment and then displays all comments
486     *
487     * @param array $comment
488     * @param string $parent
489     * @return bool
490     */
491    protected function _add($comment, $parent) {
492        global $ID;
493        global $TEXT;
494
495        $otxt = $TEXT; // set $TEXT to comment text for wordblock check
496        $TEXT = $comment['raw'];
497
498        // spamcheck against the DokuWiki blacklist
499        if (checkwordblock()) {
500            msg($this->getLang('wordblock'), -1);
501            return false;
502        }
503
504        if ((!$this->getConf('allowguests'))
505                && ($comment['user']['id'] != $_SERVER['REMOTE_USER'])
506        ) {
507            return false; // guest comments not allowed
508        }
509
510        $TEXT = $otxt; // restore global $TEXT
511
512        // get discussion meta file name
513        $file = metaFN($ID, '.comments');
514
515        // create comments file if it doesn't exist yet
516        if(!@file_exists($file)) {
517            $data = array('status' => 1, 'number' => 0);
518            io_saveFile($file, serialize($data));
519        } else {
520            $data = unserialize(io_readFile($file, false));
521            if ($data['status'] != 1) return false; // comments off or closed
522        }
523
524        if ($comment['date']['created']) {
525            $date = strtotime($comment['date']['created']);
526        } else {
527            $date = time();
528        }
529
530        if ($date == -1) {
531            $date = time();
532        }
533
534        $cid  = md5($comment['user']['id'].$date); // create a unique id
535
536        if (!is_array($data['comments'][$parent])) {
537            $parent = NULL; // invalid parent comment
538        }
539
540        // render the comment
541        $xhtml = $this->_render($comment['raw']);
542
543        // fill in the new comment
544        $data['comments'][$cid] = array(
545                'user'    => $comment['user'],
546                'date'    => array('created' => $date),
547                'raw'     => $comment['raw'],
548                'xhtml'   => $xhtml,
549                'parent'  => $parent,
550                'replies' => array(),
551                'show'    => $comment['show']
552                );
553
554        if($comment['subscribe']) {
555            $mail = $comment['user']['mail'];
556            if($data['subscribers']) {
557                if(!$data['subscribers'][$mail]) {
558                    $data['subscribers'][$mail]['hash'] = md5($mail . mt_rand());
559                    $data['subscribers'][$mail]['active'] = false;
560                    $data['subscribers'][$mail]['confirmsent'] = false;
561                } else {
562                    // convert old style subscribers and set them active
563                    if(!is_array($data['subscribers'][$mail])) {
564                        $hash = $data['subscribers'][$mail];
565                        $data['subscribers'][$mail]['hash'] = $hash;
566                        $data['subscribers'][$mail]['active'] = true;
567                        $data['subscribers'][$mail]['confirmsent'] = true;
568                    }
569                }
570            } else {
571                $data['subscribers'][$mail]['hash']   = md5($mail . mt_rand());
572                $data['subscribers'][$mail]['active'] = false;
573                $data['subscribers'][$mail]['confirmsent'] = false;
574            }
575        }
576
577        // update parent comment
578        if ($parent) {
579            $data['comments'][$parent]['replies'][] = $cid;
580        }
581
582        // update the number of comments
583        $data['number']++;
584
585        // notify subscribers of the page
586        $data['comments'][$cid]['cid'] = $cid;
587        $this->_notify($data['comments'][$cid], $data['subscribers']);
588
589        // save the comment metadata file
590        io_saveFile($file, serialize($data));
591        $this->_addLogEntry($date, $ID, 'cc', '', $cid);
592
593        $this->_redirect($cid);
594        return true;
595    }
596
597    /**
598     * Saves the comment with the given ID and then displays all comments
599     *
600     * @param array|string $cids
601     * @param string $raw
602     * @param string $act
603     * @return bool
604     */
605    public function save($cids, $raw, $act = NULL) {
606        global $ID;
607
608        if(!$cids) return false; // do nothing if we get no comment id
609
610        if ($raw) {
611            global $TEXT;
612
613            $otxt = $TEXT; // set $TEXT to comment text for wordblock check
614            $TEXT = $raw;
615
616            // spamcheck against the DokuWiki blacklist
617            if (checkwordblock()) {
618                msg($this->getLang('wordblock'), -1);
619                return false;
620            }
621
622            $TEXT = $otxt; // restore global $TEXT
623        }
624
625        // get discussion meta file name
626        $file = metaFN($ID, '.comments');
627        $data = unserialize(io_readFile($file, false));
628
629        if (!is_array($cids)) $cids = array($cids);
630        foreach ($cids as $cid) {
631
632            if (is_array($data['comments'][$cid]['user'])) {
633                $user    = $data['comments'][$cid]['user']['id'];
634                $convert = false;
635            } else {
636                $user    = $data['comments'][$cid]['user'];
637                $convert = true;
638            }
639
640            // someone else was trying to edit our comment -> abort
641            if (($user != $_SERVER['REMOTE_USER']) && (!$this->helper->isDiscussionMod())) return false;
642
643            $date = time();
644
645            // need to convert to new format?
646            if ($convert) {
647                $data['comments'][$cid]['user'] = array(
648                        'id'      => $user,
649                        'name'    => $data['comments'][$cid]['name'],
650                        'mail'    => $data['comments'][$cid]['mail'],
651                        'url'     => $data['comments'][$cid]['url'],
652                        'address' => $data['comments'][$cid]['address'],
653                        );
654                $data['comments'][$cid]['date'] = array(
655                        'created' => $data['comments'][$cid]['date']
656                        );
657            }
658
659            if ($act == 'toogle') {     // toogle visibility
660                $now = $data['comments'][$cid]['show'];
661                $data['comments'][$cid]['show'] = !$now;
662                $data['number'] = $this->_count($data);
663
664                $type = ($data['comments'][$cid]['show'] ? 'sc' : 'hc');
665
666            } elseif ($act == 'show') { // show comment
667                $data['comments'][$cid]['show'] = true;
668                $data['number'] = $this->_count($data);
669
670                $type = 'sc'; // show comment
671
672            } elseif ($act == 'hide') { // hide comment
673                $data['comments'][$cid]['show'] = false;
674                $data['number'] = $this->_count($data);
675
676                $type = 'hc'; // hide comment
677
678            } elseif (!$raw) {          // remove the comment
679                $data['comments'] = $this->_removeComment($cid, $data['comments']);
680                $data['number'] = $this->_count($data);
681
682                $type = 'dc'; // delete comment
683
684            } else {                   // save changed comment
685                $xhtml = $this->_render($raw);
686
687                // now change the comment's content
688                $data['comments'][$cid]['date']['modified'] = $date;
689                $data['comments'][$cid]['raw']              = $raw;
690                $data['comments'][$cid]['xhtml']            = $xhtml;
691
692                $type = 'ec'; // edit comment
693            }
694        }
695
696        // save the comment metadata file
697        io_saveFile($file, serialize($data));
698        $this->_addLogEntry($date, $ID, $type, '', $cid);
699
700        $this->_redirect($cid);
701        return true;
702    }
703
704    /**
705     * Recursive function to remove a comment
706     */
707    protected function _removeComment($cid, $comments) {
708        if (is_array($comments[$cid]['replies'])) {
709            foreach ($comments[$cid]['replies'] as $rid) {
710                $comments = $this->_removeComment($rid, $comments);
711            }
712        }
713        unset($comments[$cid]);
714        return $comments;
715    }
716
717    /**
718     * Prints an individual comment
719     *
720     * @param string $cid
721     * @param array $data
722     * @param string $parent
723     * @param string $reply
724     * @param bool $visible
725     * @return bool
726     */
727    protected function _print($cid, &$data, $parent = '', $reply = '', $visible = true) {
728        if (!isset($data['comments'][$cid])) return false; // comment was removed
729        $comment = $data['comments'][$cid];
730
731        if (!is_array($comment)) return false;             // corrupt datatype
732
733        if ($comment['parent'] != $parent) return true;    // reply to an other comment
734
735        if (!$comment['show']) {                            // comment hidden
736            if ($this->helper->isDiscussionMod()) $hidden = ' comment_hidden';
737            else return true;
738        } else {
739            $hidden = '';
740        }
741
742        // print the actual comment
743        $this->_print_comment($cid, $data, $parent, $reply, $visible, $hidden);
744        // replies to this comment entry?
745        $this->_print_replies($cid, $data, $reply, $visible);
746        // reply form
747        $this->_print_form($cid, $reply);
748        return true;
749    }
750
751    /**
752     * @param $cid
753     * @param $data
754     * @param $parent
755     * @param $reply
756     * @param $visible
757     * @param $hidden
758     */
759    protected function _print_comment($cid, &$data, $parent, $reply, $visible, $hidden) {
760        global $conf, $lang, $HIGH;
761        $comment = $data['comments'][$cid];
762
763        // comment head with date and user data
764        ptln('<div class="hentry'.$hidden.'">', 4);
765        ptln('<div class="comment_head">', 6);
766        ptln('<a name="comment_'.$cid.'" id="comment_'.$cid.'"></a>', 8);
767        $head = '<span class="vcard author">';
768
769        // prepare variables
770        if (is_array($comment['user'])) { // new format
771            $user    = $comment['user']['id'];
772            $name    = $comment['user']['name'];
773            $mail    = $comment['user']['mail'];
774            $url     = $comment['user']['url'];
775            $address = $comment['user']['address'];
776        } else {                         // old format
777            $user    = $comment['user'];
778            $name    = $comment['name'];
779            $mail    = $comment['mail'];
780            $url     = $comment['url'];
781            $address = $comment['address'];
782        }
783        if (is_array($comment['date'])) { // new format
784            $created  = $comment['date']['created'];
785            $modified = $comment['date']['modified'];
786        } else {                         // old format
787            $created  = $comment['date'];
788            $modified = $comment['edited'];
789        }
790
791        // show username or real name?
792        if ((!$this->getConf('userealname')) && ($user)) {
793            $showname = $user;
794        } else {
795            $showname = $name;
796        }
797
798        // show avatar image?
799        if ($this->_use_avatar()) {
800            $user_data['name'] = $name;
801            $user_data['user'] = $user;
802            $user_data['mail'] = $mail;
803            $avatar = $this->avatar->getXHTML($user_data, $name, 'left');
804            if($avatar) $head .= $avatar;
805        }
806
807        if ($this->getConf('linkemail') && $mail) {
808            $head .= $this->email($mail, $showname, 'email fn');
809        } elseif ($url) {
810            $head .= $this->external_link($this->_checkURL($url), $showname, 'urlextern url fn');
811        } else {
812            $head .= '<span class="fn">'.$showname.'</span>';
813        }
814
815        if ($address) {
816            $head .= ', <span class="adr">'.$address.'</span>';
817        }
818        $head .= '</span>, '.
819            '<abbr class="published" title="'. strftime('%Y-%m-%dT%H:%M:%SZ', $created) .'">'.
820            dformat($created, $conf['dformat']).'</abbr>';
821        if ($modified) {
822            $head .= ', <abbr class="updated" title="'.
823                strftime('%Y-%m-%dT%H:%M:%SZ', $modified).'">'.dformat($modified, $conf['dformat']).
824                '</abbr>';
825        }
826        ptln($head, 8);
827        ptln('</div>', 6); // class="comment_head"
828
829        // main comment content
830        ptln('<div class="comment_body entry-content"'.
831                ($this->_use_avatar() ? $this->_get_style() : '').'>', 6);
832        echo ($HIGH?html_hilight($comment['xhtml'],$HIGH):$comment['xhtml']).DOKU_LF;
833        ptln('</div>', 6); // class="comment_body"
834
835        if ($visible) {
836            ptln('<div class="comment_buttons">', 6);
837
838            // show reply button?
839            if (($data['status'] == 1) && !$reply && $comment['show']
840                    && ($this->getConf('allowguests') || $_SERVER['REMOTE_USER']) && $this->getConf('usethreading')
841            ) {
842                $this->_button($cid, $this->getLang('btn_reply'), 'reply', true);
843            }
844
845            // show edit, show/hide and delete button?
846            if ((($user == $_SERVER['REMOTE_USER']) && ($user != '')) || ($this->helper->isDiscussionMod())) {
847                $this->_button($cid, $lang['btn_secedit'], 'edit', true);
848                $label = ($comment['show'] ? $this->getLang('btn_hide') : $this->getLang('btn_show'));
849                $this->_button($cid, $label, 'toogle');
850                $this->_button($cid, $lang['btn_delete'], 'delete');
851            }
852            ptln('</div>', 6); // class="comment_buttons"
853        }
854        ptln('</div>', 4); // class="hentry"
855    }
856
857    /**
858     * @param string $cid
859     * @param string $reply
860     */
861    protected function _print_form($cid, $reply)
862    {
863        if ($this->getConf('usethreading') && $reply == $cid) {
864            ptln('<div class="comment_replies">', 4);
865            $this->_form('', 'add', $cid);
866            ptln('</div>', 4); // class="comment_replies"
867        }
868    }
869
870    /**
871     * @param string $cid
872     * @param array  $data
873     * @param string $reply
874     * @param bool $visible
875     */
876    protected function _print_replies($cid, &$data, $reply, &$visible)
877    {
878        $comment = $data['comments'][$cid];
879        if (!count($comment['replies'])) {
880            return;
881        }
882        ptln('<div class="comment_replies"'.$this->_get_style().'>', 4);
883        $visible = ($comment['show'] && $visible);
884        foreach ($comment['replies'] as $rid) {
885            $this->_print($rid, $data, $cid, $reply, $visible);
886        }
887        ptln('</div>', 4);
888    }
889
890    /**
891     * Is an avatar displayed?
892     *
893     * @return bool
894     */
895    protected function _use_avatar()
896    {
897        if (is_null($this->use_avatar)) {
898            $this->use_avatar = $this->getConf('useavatar')
899                    && (!plugin_isdisabled('avatar'))
900                    && ($this->avatar =& plugin_load('helper', 'avatar'));
901        }
902        return $this->use_avatar;
903    }
904
905    /**
906     * Calculate width of indent
907     *
908     * @return string
909     */
910    protected function _get_style() {
911        if (is_null($this->style)){
912            if ($this->_use_avatar()) {
913                $this->style = ' style="margin-left: '.($this->avatar->getConf('size') + 14).'px;"';
914            } else {
915                $this->style = ' style="margin-left: 20px;"';
916            }
917        }
918        return $this->style;
919    }
920
921    /**
922     * Show the button which toggle the visibility of the discussion section
923     */
924    protected function _print_toggle_button() {
925        ptln('<div id="toggle_button" class="toggle_button" style="text-align: right;">');
926        ptln('<input type="submit" id="discussion__btn_toggle_visibility" title="Toggle Visibiliy" class="button" value="'.$this->getLang('toggle_display').'">');
927        ptln('</div>');
928    }
929
930    /**
931     * Outputs the comment form
932     */
933    protected function _form($raw = '', $act = 'add', $cid = NULL) {
934        global $lang;
935        global $conf;
936        global $ID;
937
938        // not for unregistered users when guest comments aren't allowed
939        if (!$_SERVER['REMOTE_USER'] && !$this->getConf('allowguests')) {
940            ?>
941            <div class="comment_form">
942                <?php echo $this->getLang('noguests'); ?>
943            </div>
944            <?php
945            return;
946        }
947
948        // fill $raw with $_REQUEST['text'] if it's empty (for failed CAPTCHA check)
949        if (!$raw && ($_REQUEST['comment'] == 'show')) {
950            $raw = $_REQUEST['text'];
951        }
952        ?>
953
954        <div class="comment_form">
955          <form id="discussion__comment_form" method="post" action="<?php echo script() ?>" accept-charset="<?php echo $lang['encoding'] ?>">
956            <div class="no">
957              <input type="hidden" name="id" value="<?php echo $ID ?>" />
958              <input type="hidden" name="do" value="show" />
959              <input type="hidden" name="comment" value="<?php echo $act ?>" />
960        <?php
961        // for adding a comment
962        if ($act == 'add') {
963        ?>
964              <input type="hidden" name="reply" value="<?php echo $cid ?>" />
965        <?php
966        // for guest/adminimport: show name, e-mail and subscribe to comments fields
967        if(!$_SERVER['REMOTE_USER'] or ($this->getConf('adminimport') && $this->helper->isDiscussionMod())) {
968        ?>
969              <input type="hidden" name="user" value="<?php echo clientIP() ?>" />
970              <div class="comment_name">
971                <label class="block" for="discussion__comment_name">
972                  <span><?php echo $lang['fullname'] ?>:</span>
973                  <input type="text" class="edit<?php if($_REQUEST['comment'] == 'add' && empty($_REQUEST['name'])) echo ' error'?>" name="name" id="discussion__comment_name" size="50" tabindex="1" value="<?php echo hsc($_REQUEST['name'])?>" />
974                </label>
975              </div>
976              <div class="comment_mail">
977                <label class="block" for="discussion__comment_mail">
978                  <span><?php echo $lang['email'] ?>:</span>
979                  <input type="text" class="edit<?php if($_REQUEST['comment'] == 'add' && empty($_REQUEST['mail'])) echo ' error'?>" name="mail" id="discussion__comment_mail" size="50" tabindex="2" value="<?php echo hsc($_REQUEST['mail'])?>" />
980                </label>
981              </div>
982        <?php
983        }
984
985        // allow entering an URL
986        if ($this->getConf('urlfield')) {
987        ?>
988              <div class="comment_url">
989                <label class="block" for="discussion__comment_url">
990                  <span><?php echo $this->getLang('url') ?>:</span>
991                  <input type="text" class="edit" name="url" id="discussion__comment_url" size="50" tabindex="3" value="<?php echo hsc($_REQUEST['url'])?>" />
992                </label>
993              </div>
994        <?php
995        }
996
997        // allow entering an address
998        if ($this->getConf('addressfield')) {
999        ?>
1000              <div class="comment_address">
1001                <label class="block" for="discussion__comment_address">
1002                  <span><?php echo $this->getLang('address') ?>:</span>
1003                  <input type="text" class="edit" name="address" id="discussion__comment_address" size="50" tabindex="4" value="<?php echo hsc($_REQUEST['address'])?>" />
1004                </label>
1005              </div>
1006        <?php
1007        }
1008
1009        // allow setting the comment date
1010        if ($this->getConf('adminimport') && ($this->helper->isDiscussionMod())) {
1011        ?>
1012              <div class="comment_date">
1013                <label class="block" for="discussion__comment_date">
1014                  <span><?php echo $this->getLang('date') ?>:</span>
1015                  <input type="text" class="edit" name="date" id="discussion__comment_date" size="50" />
1016                </label>
1017              </div>
1018        <?php
1019        }
1020
1021        // for saving a comment
1022        } else {
1023        ?>
1024              <input type="hidden" name="cid" value="<?php echo $cid ?>" />
1025        <?php
1026        }
1027        ?>
1028                <div class="comment_text">
1029                  <?php echo $this->getLang('entercomment'); echo ($this->getConf('wikisyntaxok') ? "" : ":");
1030                        if($this->getConf('wikisyntaxok')) echo '. ' . $this->getLang('wikisyntax') . ':'; ?>
1031
1032                  <!-- Fix for disable the toolbar when wikisyntaxok is set to false. See discussion's script.jss -->
1033                  <?php if($this->getConf('wikisyntaxok')) { ?>
1034                    <div id="discussion__comment_toolbar" class="toolbar group">
1035                  <?php } else { ?>
1036                    <div id="discussion__comment_toolbar_disabled">
1037                  <?php } ?>
1038                </div>
1039                <textarea class="edit<?php if($_REQUEST['comment'] == 'add' && empty($_REQUEST['text'])) echo ' error'?>" name="text" cols="80" rows="10" id="discussion__comment_text" tabindex="5"><?php
1040                  if($raw) {
1041                      echo formText($raw);
1042                  } else {
1043                      echo hsc($_REQUEST['text']);
1044                  }
1045                ?></textarea>
1046              </div>
1047
1048              <?php
1049              /** @var helper_plugin_captcha $captcha */
1050              $captcha = $this->loadHelper('captcha', false);
1051              if ($captcha && $captcha->isEnabled()) {
1052                  echo $captcha->getHTML();
1053              }
1054
1055              /** @var helper_plugin_recaptcha $recaptcha */
1056              $recaptcha = $this->loadHelper('recaptcha', false);
1057              if ($recaptcha && $recaptcha->isEnabled()) {
1058                  echo $recaptcha->getHTML();
1059              }
1060              ?>
1061
1062              <input class="button comment_submit" id="discussion__btn_submit" type="submit" name="submit" accesskey="s" value="<?php echo $lang['btn_save'] ?>" title="<?php echo $lang['btn_save']?> [S]" tabindex="7" />
1063              <input class="button comment_preview_button" id="discussion__btn_preview" type="button" name="preview" accesskey="p" value="<?php echo $lang['btn_preview'] ?>" title="<?php echo $lang['btn_preview']?> [P]" />
1064
1065        <?php if((!$_SERVER['REMOTE_USER'] || $_SERVER['REMOTE_USER'] && !$conf['subscribers']) && $this->getConf('subscribe')) { ?>
1066              <div class="comment_subscribe">
1067                <input type="checkbox" id="discussion__comment_subscribe" name="subscribe" tabindex="6" />
1068                <label class="block" for="discussion__comment_subscribe">
1069                  <span><?php echo $this->getLang('subscribe') ?></span>
1070                </label>
1071              </div>
1072        <?php } ?>
1073
1074              <div class="clearer"></div>
1075              <div id="discussion__comment_preview">&nbsp;</div>
1076            </div>
1077          </form>
1078        </div>
1079        <?php
1080    }
1081
1082    /**
1083     * General button function
1084     *
1085     * @param string $cid
1086     * @param string $label
1087     * @param string $act
1088     * @param bool $jump
1089     * @return bool
1090     */
1091    protected function _button($cid, $label, $act, $jump = false) {
1092        global $ID;
1093
1094        $anchor = ($jump ? '#discussion__comment_form' : '' );
1095
1096        ?>
1097        <form class="button discussion__<?php echo $act?>" method="get" action="<?php echo script().$anchor ?>">
1098          <div class="no">
1099            <input type="hidden" name="id" value="<?php echo $ID ?>" />
1100            <input type="hidden" name="do" value="show" />
1101            <input type="hidden" name="comment" value="<?php echo $act ?>" />
1102            <input type="hidden" name="cid" value="<?php echo $cid ?>" />
1103            <input type="submit" value="<?php echo $label ?>" class="button" title="<?php echo $label ?>" />
1104          </div>
1105        </form>
1106        <?php
1107        return true;
1108    }
1109
1110    /**
1111     * Adds an entry to the comments changelog
1112     *
1113     * @author Esther Brunner <wikidesign@gmail.com>
1114     * @author Ben Coburn <btcoburn@silicodon.net>
1115     *
1116     * @param int    $date
1117     * @param string $id page id
1118     * @param string $type
1119     * @param string $summary
1120     * @param string $extra
1121     */
1122    protected function _addLogEntry($date, $id, $type = 'cc', $summary = '', $extra = '') {
1123        global $conf;
1124
1125        $changelog = $conf['metadir'].'/_comments.changes';
1126
1127        //use current time if none supplied
1128        if(!$date) {
1129            $date = time();
1130        }
1131        $remote = $_SERVER['REMOTE_ADDR'];
1132        $user   = $_SERVER['REMOTE_USER'];
1133
1134        $strip = array("\t", "\n");
1135        $logline = array(
1136                'date'  => $date,
1137                'ip'    => $remote,
1138                'type'  => str_replace($strip, '', $type),
1139                'id'    => $id,
1140                'user'  => $user,
1141                'sum'   => str_replace($strip, '', $summary),
1142                'extra' => str_replace($strip, '', $extra)
1143                );
1144
1145        // add changelog line
1146        $logline = implode("\t", $logline)."\n";
1147        io_saveFile($changelog, $logline, true); //global changelog cache
1148        $this->_trimRecentCommentsLog($changelog);
1149
1150        // tell the indexer to re-index the page
1151        @unlink(metaFN($id, '.indexed'));
1152    }
1153
1154    /**
1155     * Trims the recent comments cache to the last $conf['changes_days'] recent
1156     * changes or $conf['recent'] items, which ever is larger.
1157     * The trimming is only done once a day.
1158     *
1159     * @author Ben Coburn <btcoburn@silicodon.net>
1160     *
1161     * @param string $changelog file path
1162     * @return bool
1163     */
1164    protected function _trimRecentCommentsLog($changelog) {
1165        global $conf;
1166
1167        if (@file_exists($changelog) &&
1168                (filectime($changelog) + 86400) < time() &&
1169                !@file_exists($changelog.'_tmp')
1170        ) {
1171
1172            io_lock($changelog);
1173            $lines = file($changelog);
1174            if (count($lines)<$conf['recent']) {
1175                // nothing to trim
1176                io_unlock($changelog);
1177                return true;
1178            }
1179
1180            io_saveFile($changelog.'_tmp', '');                  // presave tmp as 2nd lock
1181            $trim_time = time() - $conf['recent_days']*86400;
1182            $out_lines = array();
1183
1184            $num = count($lines);
1185            for ($i=0; $i<$num; $i++) {
1186                $log = parseChangelogLine($lines[$i]);
1187                if ($log === false) continue;                      // discard junk
1188                if ($log['date'] < $trim_time) {
1189                    $old_lines[$log['date'].".$i"] = $lines[$i];     // keep old lines for now (append .$i to prevent key collisions)
1190                } else {
1191                    $out_lines[$log['date'].".$i"] = $lines[$i];     // definitely keep these lines
1192                }
1193            }
1194
1195            // sort the final result, it shouldn't be necessary,
1196            // however the extra robustness in making the changelog cache self-correcting is worth it
1197            ksort($out_lines);
1198            $extra = $conf['recent'] - count($out_lines);        // do we need extra lines do bring us up to minimum
1199            if ($extra > 0) {
1200                ksort($old_lines);
1201                $out_lines = array_merge(array_slice($old_lines,-$extra),$out_lines);
1202            }
1203
1204            // save trimmed changelog
1205            io_saveFile($changelog.'_tmp', implode('', $out_lines));
1206            @unlink($changelog);
1207            if (!rename($changelog.'_tmp', $changelog)) {
1208                // rename failed so try another way...
1209                io_unlock($changelog);
1210                io_saveFile($changelog, implode('', $out_lines));
1211                @unlink($changelog.'_tmp');
1212            } else {
1213                io_unlock($changelog);
1214            }
1215            return true;
1216        }
1217        return true;
1218    }
1219
1220    /**
1221     * Sends a notify mail on new comment
1222     *
1223     * @param  array  $comment  data array of the new comment
1224     * @param  array  $subscribers data of the subscribers
1225     *
1226     * @author Andreas Gohr <andi@splitbrain.org>
1227     * @author Esther Brunner <wikidesign@gmail.com>
1228     */
1229    protected function _notify($comment, &$subscribers) {
1230        global $conf;
1231        global $ID;
1232
1233        $notify_text = io_readfile($this->localfn('subscribermail'));
1234        $confirm_text = io_readfile($this->localfn('confirmsubscribe'));
1235        $subject_notify = '['.$conf['title'].'] '.$this->getLang('mail_newcomment');
1236        $subject_subscribe = '['.$conf['title'].'] '.$this->getLang('subscribe');
1237
1238        $mailer = new Mailer();
1239        if (empty($_SERVER['REMOTE_USER'])) {
1240            $mailer->from($conf['mailfromnobody']);
1241        }
1242
1243        $replace = array(
1244            'PAGE' => $ID,
1245            'TITLE' => $conf['title'],
1246            'DATE' => dformat($comment['date']['created'], $conf['dformat']),
1247            'NAME' => $comment['user']['name'],
1248            'TEXT' => $comment['raw'],
1249            'COMMENTURL' => wl($ID, '', true) . '#comment_' . $comment['cid'],
1250            'UNSUBSCRIBE' => wl($ID, 'do=subscribe', true, '&'),
1251            'DOKUWIKIURL' => DOKU_URL
1252        );
1253
1254        $confirm_replace = array(
1255            'PAGE' => $ID,
1256            'TITLE' => $conf['title'],
1257            'DOKUWIKIURL' => DOKU_URL
1258        );
1259
1260
1261        $mailer->subject($subject_notify);
1262        $mailer->setBody($notify_text, $replace);
1263
1264        // send mail to notify address
1265        if ($conf['notify']) {
1266            $mailer->bcc($conf['notify']);
1267            $mailer->send();
1268        }
1269
1270        // send email to moderators
1271        if ($this->getConf('moderatorsnotify')) {
1272            $mods = trim($this->getConf('moderatorgroups'));
1273            if (!empty($mods)) {
1274                global $auth;
1275                // create a clean mods list
1276                $mods = explode(',', $mods);
1277                $mods = array_map('trim', $mods);
1278                $mods = array_unique($mods);
1279                $mods = array_filter($mods);
1280                // search for moderators users
1281                foreach($mods as $mod) {
1282                    if(!$auth->isCaseSensitive()) $mod = utf8_strtolower($mod);
1283                    // create a clean mailing list
1284                    $dests = array();
1285                    if($mod[0] == '@') {
1286                        foreach($auth->retrieveUsers(0, 0, array('grps' => $auth->cleanGroup(substr($mod, 1)))) as $user) {
1287                            if (!empty($user['mail'])) {
1288                                array_push($dests, $user['mail']);
1289                            }
1290                        }
1291                    } else {
1292                        $userdata = $auth->getUserData($auth->cleanUser($mod));
1293                        if (!empty($userdata['mail'])) {
1294                            array_push($dests, $userdata['mail']);
1295                        }
1296                    }
1297                    $dests = array_unique($dests);
1298                    // notify the users
1299                    $mailer->bcc(implode(',', $dests));
1300                    $mailer->send();
1301                }
1302            }
1303        }
1304
1305        // notify page subscribers
1306        if (actionOK('subscribe')) {
1307            $data = array('id' => $ID, 'addresslist' => '', 'self' => false);
1308            if (class_exists('Subscription')) { /* Introduced in DokuWiki 2013-05-10 */
1309                trigger_event(
1310                    'COMMON_NOTIFY_ADDRESSLIST', $data,
1311                    array(new Subscription(), 'notifyaddresses')
1312                );
1313            } else { /* Old, deprecated default handler */
1314                trigger_event(
1315                    'COMMON_NOTIFY_ADDRESSLIST', $data,
1316                    'subscription_addresslist'
1317                );
1318            }
1319            $to = $data['addresslist'];
1320            if(!empty($to)) {
1321                $mailer->bcc($to);
1322                $mailer->send();
1323            }
1324        }
1325
1326        // notify comment subscribers
1327        if (!empty($subscribers)) {
1328
1329            foreach($subscribers as $mail => $data) {
1330                $mailer->bcc($mail);
1331                if($data['active']) {
1332                    $replace['UNSUBSCRIBE'] = wl($ID, 'do=discussion_unsubscribe&hash=' . $data['hash'], true, '&');
1333
1334                    $mailer->subject($subject_notify);
1335                    $mailer->setBody($notify_text, $replace);
1336                    $mailer->send();
1337                } elseif(!$data['active'] && !$data['confirmsent']) {
1338                    $confirm_replace['SUBSCRIBE'] = wl($ID, 'do=discussion_confirmsubscribe&hash=' . $data['hash'], true, '&');
1339
1340                    $mailer->subject($subject_subscribe);
1341                    $mailer->setBody($confirm_text, $confirm_replace);
1342                    $mailer->send();
1343                    $subscribers[$mail]['confirmsent'] = true;
1344                }
1345            }
1346        }
1347    }
1348
1349    /**
1350     * Counts the number of visible comments
1351     *
1352     * @param array $data
1353     * @return int
1354     */
1355    protected function _count($data) {
1356        $number = 0;
1357        foreach ($data['comments'] as $comment) {
1358            if ($comment['parent']) continue;
1359            if (!$comment['show']) continue;
1360            $number++;
1361            $rids = $comment['replies'];
1362            if (count($rids)) {
1363                $number = $number + $this->_countReplies($data, $rids);
1364            }
1365        }
1366        return $number;
1367    }
1368
1369    /**
1370     * @param array $data
1371     * @param array $rids
1372     * @return int
1373     */
1374    protected function _countReplies(&$data, $rids) {
1375        $number = 0;
1376        foreach ($rids as $rid) {
1377            if (!isset($data['comments'][$rid])) continue; // reply was removed
1378            if (!$data['comments'][$rid]['show']) continue;
1379            $number++;
1380            $rids = $data['comments'][$rid]['replies'];
1381            if (count($rids)) {
1382                $number = $number + $this->_countReplies($data, $rids);
1383            }
1384        }
1385        return $number;
1386    }
1387
1388    /**
1389     * Renders the comment text
1390     *
1391     * @param string $raw
1392     * @return null|string
1393     */
1394    protected function _render($raw) {
1395        if ($this->getConf('wikisyntaxok')) {
1396            // Note the warning for render_text:
1397            //   "very ineffecient for small pieces of data - try not to use"
1398            // in dokuwiki/inc/plugin.php
1399            $xhtml = $this->render_text($raw);
1400        } else { // wiki syntax not allowed -> just encode special chars
1401            $xhtml = hsc(trim($raw));
1402            $xhtml = str_replace("\n", '<br />', $xhtml);
1403        }
1404        return $xhtml;
1405    }
1406
1407    /**
1408     * Finds out whether there is a discussion section for the current page
1409     *
1410     * @param string $title
1411     * @return bool
1412     */
1413    protected function _hasDiscussion(&$title) {
1414        global $ID;
1415
1416        $cfile = metaFN($ID, '.comments');
1417
1418        if (!@file_exists($cfile)) {
1419            if ($this->isDiscussionEnabled()) {
1420                return true;
1421            } else {
1422                return false;
1423            }
1424        }
1425
1426        $comments = unserialize(io_readFile($cfile, false));
1427
1428        if ($comments['title']) {
1429            $title = hsc($comments['title']);
1430        }
1431        $num = $comments['number'];
1432        if ((!$comments['status']) || (($comments['status'] == 2) && (!$num))) return false;
1433        else return true;
1434    }
1435
1436    /**
1437     * Creates a new thread page
1438     *
1439     * @return string
1440     */
1441    protected function _newThread() {
1442        global $ID, $INFO;
1443
1444        $ns    = cleanID($_REQUEST['ns']);
1445        $title = str_replace(':', '', $_REQUEST['title']);
1446        $back  = $ID;
1447        $ID    = ($ns ? $ns.':' : '').cleanID($title);
1448        $INFO  = pageinfo();
1449
1450        // check if we are allowed to create this file
1451        if ($INFO['perm'] >= AUTH_CREATE) {
1452
1453            //check if locked by anyone - if not lock for my self
1454            if ($INFO['locked']) {
1455                return 'locked';
1456            } else {
1457                lock($ID);
1458            }
1459
1460            // prepare the new thread file with default stuff
1461            if (!@file_exists($INFO['filepath'])) {
1462                global $TEXT;
1463
1464                $TEXT = pageTemplate(array(($ns ? $ns.':' : '').$title));
1465                if (!$TEXT) {
1466                    $data = array('id' => $ID, 'ns' => $ns, 'title' => $title, 'back' => $back);
1467                    $TEXT = $this->_pageTemplate($data);
1468                }
1469                return 'preview';
1470            } else {
1471                return 'edit';
1472            }
1473        } else {
1474            return 'show';
1475        }
1476    }
1477
1478    /**
1479     * Adapted version of pageTemplate() function
1480     *
1481     * @param array $data
1482     * @return string
1483     */
1484    protected function _pageTemplate($data) {
1485        global $conf, $INFO;
1486
1487        $id   = $data['id'];
1488        $user = $_SERVER['REMOTE_USER'];
1489        $tpl  = io_readFile(DOKU_PLUGIN.'discussion/_template.txt');
1490
1491        // standard replacements
1492        $replace = array(
1493                '@NS@'   => $data['ns'],
1494                '@PAGE@' => strtr(noNS($id),'_',' '),
1495                '@USER@' => $user,
1496                '@NAME@' => $INFO['userinfo']['name'],
1497                '@MAIL@' => $INFO['userinfo']['mail'],
1498                '@DATE@' => dformat(time(), $conf['dformat']),
1499                );
1500
1501        // additional replacements
1502        $replace['@BACK@']  = $data['back'];
1503        $replace['@TITLE@'] = $data['title'];
1504
1505        // avatar if useavatar and avatar plugin available
1506        if ($this->getConf('useavatar')
1507                && (@file_exists(DOKU_PLUGIN.'avatar/syntax.php'))
1508                && (!plugin_isdisabled('avatar'))
1509        ) {
1510            $replace['@AVATAR@'] = '{{avatar>'.$user.' }} ';
1511        } else {
1512            $replace['@AVATAR@'] = '';
1513        }
1514
1515        // tag if tag plugin is available
1516        if ((@file_exists(DOKU_PLUGIN.'tag/syntax/tag.php'))
1517                && (!plugin_isdisabled('tag'))
1518        ) {
1519            $replace['@TAG@'] = "\n\n{{tag>}}";
1520        } else {
1521            $replace['@TAG@'] = '';
1522        }
1523
1524        // do the replace
1525        $tpl = str_replace(array_keys($replace), array_values($replace), $tpl);
1526        return $tpl;
1527    }
1528
1529    /**
1530     * Checks if the CAPTCHA string submitted is valid
1531     */
1532    protected function _captchaCheck() {
1533        /** @var helper_plugin_captcha $captcha */
1534        if (plugin_isdisabled('captcha') || (!$captcha = plugin_load('helper', 'captcha')))
1535            return; // CAPTCHA is disabled or not available
1536
1537        if ($captcha->isEnabled() && !$captcha->check()) {
1538            if ($_REQUEST['comment'] == 'save') {
1539                $_REQUEST['comment'] = 'edit';
1540            } elseif ($_REQUEST['comment'] == 'add') {
1541                $_REQUEST['comment'] = 'show';
1542            }
1543        }
1544    }
1545
1546    /**
1547     * checks if the submitted reCAPTCHA string is valid
1548     *
1549     * @author Adrian Schlegel <adrian@liip.ch>
1550     */
1551    protected function _recaptchaCheck() {
1552        /** @var $recaptcha helper_plugin_recaptcha */
1553        if (plugin_isdisabled('recaptcha') || (!$recaptcha = plugin_load('helper', 'recaptcha')))
1554            return; // reCAPTCHA is disabled or not available
1555
1556        // do nothing if logged in user and no reCAPTCHA required
1557        if (!$recaptcha->getConf('forusers') && $_SERVER['REMOTE_USER']) return;
1558
1559        $resp = $recaptcha->check();
1560        if (!$resp->is_valid) {
1561            msg($recaptcha->getLang('testfailed'),-1);
1562            if ($_REQUEST['comment'] == 'save') {
1563                $_REQUEST['comment'] = 'edit';
1564            } elseif ($_REQUEST['comment'] == 'add') {
1565                $_REQUEST['comment'] = 'show';
1566            }
1567        }
1568    }
1569
1570    /**
1571     * Add discussion plugin version to the indexer version
1572     * This means that all pages will be indexed again in order to add the comments
1573     * to the index whenever there has been a change that concerns the index content.
1574     *
1575     * @param Doku_Event $event
1576     * @param $param
1577     */
1578    public function idx_version(Doku_Event $event, $param) {
1579        $event->data['discussion'] = '0.1';
1580    }
1581
1582    /**
1583     * Adds the comments to the index
1584     *
1585     * @param Doku_Event $event
1586     * @param $param
1587     */
1588    public function idx_add_discussion(Doku_Event $event, $param) {
1589
1590        // get .comments meta file name
1591        $file = metaFN($event->data[$param['id']], '.comments');
1592
1593        if (!@file_exists($file)) return;
1594        $data = unserialize(io_readFile($file, false));
1595        if ((!$data['status']) || ($data['number'] == 0)) return; // comments are turned off
1596
1597        // now add the comments
1598        if (isset($data['comments'])) {
1599            foreach ($data['comments'] as $key => $value) {
1600                $event->data[$param['text']] .= DOKU_LF.$this->_addCommentWords($key, $data);
1601            }
1602        }
1603    }
1604
1605    function ft_phrase_match(Doku_Event $event, $param) {
1606        if ($event->result === true) return;
1607
1608        // get .comments meta file name
1609        $file = metaFN($event->data['id'], '.comments');
1610
1611        if (!@file_exists($file)) return;
1612        $data = unserialize(io_readFile($file, false));
1613        if ((!$data['status']) || ($data['number'] == 0)) return; // comments are turned off
1614
1615        $matched = false;
1616
1617        // now add the comments
1618        if (isset($data['comments'])) {
1619            foreach ($data['comments'] as $key => $value) {
1620                $matched = $this->comment_phrase_match($event->data['phrase'], $key, $data);
1621                if ($matched) break;
1622            }
1623        }
1624
1625        if ($matched)
1626            $event->result = true;
1627    }
1628
1629    function comment_phrase_match($phrase, $cid, &$data, $parent = '') {
1630        if (!isset($data['comments'][$cid])) return false; // comment was removed
1631        $comment = $data['comments'][$cid];
1632
1633        if (!is_array($comment)) return false;             // corrupt datatype
1634        if ($comment['parent'] != $parent) return false;   // reply to an other comment
1635        if (!$comment['show']) return false;               // hidden comment
1636
1637        $text = utf8_strtolower($comment['raw']);
1638        if (strpos($text, $phrase) !== false) {
1639            return true;
1640        }
1641
1642        if (is_array($comment['replies'])) {             // and the replies
1643            foreach ($comment['replies'] as $rid) {
1644                if ($this->comment_phrase_match($phrase, $rid, $data, $cid)) {
1645                    return true;
1646                }
1647            }
1648        }
1649        return false;
1650    }
1651
1652    /**
1653     * Saves the current comment status and title in the .comments file
1654     *
1655     * @param Doku_Event $event
1656     * @param $param
1657     */
1658    public function update_comment_status(Doku_Event $event, $param) {
1659        global $ID;
1660
1661        $meta = $event->data['current'];
1662        $file = metaFN($ID, '.comments');
1663        $status = ($this->isDiscussionEnabled() ? 1 : 0);
1664        $title = NULL;
1665        if (isset($meta['plugin_discussion'])) {
1666            $status = $meta['plugin_discussion']['status'];
1667            $title = $meta['plugin_discussion']['title'];
1668        } else if ($status == 1) {
1669            // Don't enable comments when automatic comments are on - this already happens automatically
1670            // and if comments are turned off in the admin this only updates the .comments file
1671            return;
1672        }
1673
1674        if ($status || @file_exists($file)) {
1675            $data = array();
1676            if (@file_exists($file)) {
1677                $data = unserialize(io_readFile($file, false));
1678            }
1679
1680            if (!array_key_exists('title', $data) || $data['title'] !== $title || !isset($data['status']) || $data['status'] !== $status) {
1681                $data['title']  = $title;
1682                $data['status'] = $status;
1683                if (!isset($data['number']))
1684                    $data['number'] = 0;
1685                io_saveFile($file, serialize($data));
1686            }
1687        }
1688    }
1689
1690    /**
1691     * Adds the words of a given comment to the index
1692     *
1693     * @param string $cid
1694     * @param array  $data
1695     * @param string $parent
1696     * @return string
1697     */
1698    protected function _addCommentWords($cid, &$data, $parent = '') {
1699
1700        if (!isset($data['comments'][$cid])) return ''; // comment was removed
1701        $comment = $data['comments'][$cid];
1702
1703        if (!is_array($comment)) return '';             // corrupt datatype
1704        if ($comment['parent'] != $parent) return '';   // reply to an other comment
1705        if (!$comment['show']) return '';               // hidden comment
1706
1707        $text = $comment['raw'];                        // we only add the raw comment text
1708        if (is_array($comment['replies'])) {             // and the replies
1709            foreach ($comment['replies'] as $rid) {
1710                $text .= $this->_addCommentWords($rid, $data, $cid);
1711            }
1712        }
1713        return ' '.$text;
1714    }
1715
1716    /**
1717     * Only allow http(s) URLs and append http:// to URLs if needed
1718     *
1719     * @param string $url
1720     * @return string
1721     */
1722    protected function _checkURL($url) {
1723        if(preg_match("#^http://|^https://#", $url)) {
1724            return hsc($url);
1725        } elseif(substr($url, 0, 4) == 'www.') {
1726            return hsc('http://' . $url);
1727        } else {
1728            return '';
1729        }
1730    }
1731}
1732
1733/**
1734 * Sort threads
1735 *
1736 * @param $a
1737 * @param $b
1738 * @return int
1739 */
1740function _sortCallback($a, $b) {
1741    if (is_array($a['date'])) {
1742        // new format
1743        $createdA  = $a['date']['created'];
1744    } else {
1745        // old format
1746        $createdA  = $a['date'];
1747    }
1748
1749    if (is_array($b['date'])) {
1750        // new format
1751        $createdB  = $b['date']['created'];
1752    } else {
1753        // old format
1754        $createdB  = $b['date'];
1755    }
1756
1757    if ($createdA == $createdB) {
1758        return 0;
1759    } else {
1760        return ($createdA < $createdB) ? -1 : 1;
1761    }
1762}
1763
1764// vim:ts=4:sw=4:et:enc=utf-8:
1765