diff --git a/composer.json b/composer.json index 6394dcb..a55b803 100644 --- a/composer.json +++ b/composer.json @@ -21,7 +21,9 @@ "system/includes/functions.php", "system/admin/admin.php", "system/includes/session.php", - "system/includes/opml.php" + "system/includes/opml.php", + "system/includes/comments.php", + "system/includes/comments-frontend.php" ] } } diff --git a/lang/en_US.ini b/lang/en_US.ini index ff6076e..d2e0e55 100644 --- a/lang/en_US.ini +++ b/lang/en_US.ini @@ -336,3 +336,66 @@ custom_fields = "Custom fields" views_counter = "Views counter" themes = "Themes" version = "Version" +comments_management = "Comments Management" +all_comments = "All Comments" +pending_moderation = "Pending Moderation" +comment = "Comment" +post_page = "Post/Page" +date = "Date" +status = "Status" +actions = "Actions" +published = "Published" +pending = "Pending" +reply_to_comment = "Reply to comment" +notifications_enabled = "Notifications enabled" +modified = "Modified" +publish = "Publish" +edit = "Edit" +delete = "Delete" +confirm_publish_comment = "Are you sure you want to publish this comment?" +confirm_delete_comment = "Are you sure you want to delete this comment? This will also delete all replies to this comment." +no_comments_found = "No comments found" +edit_comment = "Edit Comment" +name = "Name" +email = "Email" +update_comment = "Update Comment" +cancel = "Cancel" +comments_settings = "Comments Settings" +general_settings = "General Settings" +note = "Note" +enable_comments_in_main_config = "To enable local comments, set comment.system = \"local\" in config/config.ini" +comment_moderation = "Comment Moderation" +require_admin_approval = "Comments must be approved by an administrator before being published" +comments_moderation_desc = "When enabled, new comments will be held for moderation and won't be visible until approved" +anti_spam_protection = "Anti-Spam Protection" +enable_honeypot = "Enable honeypot anti-spam protection" +honeypot_desc = "Honeypot is an invisible field that only bots fill out, helping prevent spam without user interaction" +email_notifications = "Email Notifications" +enable_notifications = "Enable Notifications" +send_email_notifications = "Send email notifications for new comments" +admin_email = "Administrator Email" +admin_email_desc = "Email address to receive notifications about new comments" +smtp_settings = "SMTP Settings" +enable_smtp = "Enable SMTP" +enable_smtp_for_emails = "Enable SMTP for sending email notifications" +smtp_host = "SMTP Host" +smtp_port = "SMTP Port" +encryption = "Encryption" +smtp_username = "SMTP Username" +smtp_password = "SMTP Password" +enter_password = "Enter password" +from_email = "From Email" +from_name = "From Name" +save_settings = "Save Settings" +leave_a_comment = "Leave a Comment" +email_not_published = "Your email will not be published" +comment_formatting_help = "You can use **bold text** for formatting. Line breaks are preserved." +notify_new_comments = "Notify me of new comments in this thread" +post_reply = "Post Reply" +post_comment = "Post Comment" +reply = "Reply" +comment_submitted_success = "Your comment has been posted successfully!" +comment_submitted_moderation = "Your comment has been submitted and is awaiting moderation." +comment_submission_error = "There was an error submitting your comment. Please try again." +pending_comments = "Pending Comments" +level = "Level" \ No newline at end of file diff --git a/system/admin/views/comments.html.php b/system/admin/views/comments.html.php new file mode 100644 index 0000000..9f5ed4a --- /dev/null +++ b/system/admin/views/comments.html.php @@ -0,0 +1,297 @@ + +

+
+ + +
+ + +
+ + + +

+ + + + + + + + + + + + + + + + + + + + + + + + + + + +
+
+
+ IP: + 		+ 100) echo '...'; + ?> + +
+ + +
+ + 		+ + + + + + +
: + + 		+ + + + + + + + + + + + + + + + + +
+ +

.

+ + + + +
+ + + + +

+
+ +
+ +
+
+ > + +
+ +
+
+ +
+ +
+
+ > + +
+ +
+
+ +

+
+ +
+ +
+
+ > + +
+
+
+ +
+ +
+ + +
+
+ +

+
+ +
+ +
+
+ > + +
+
+
+ +
+ +
+ +
+
+ +
+ +
+ + 587 (TLS) or 465 (SSL) +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+ +
+ +
+
+ +
+
+ +
+
+ +
+ + + + +

+
+
+ + +
+ + +
+ +
+ + +
+ +
+ + +
+ +
+
+ > + +
+
+ +
+ + +
+ +
+ diff --git a/system/admin/views/config-widget.html.php b/system/admin/views/config-widget.html.php index 885c534..68ed571 100644 --- a/system/admin/views/config-widget.html.php +++ b/system/admin/views/config-widget.html.php @@ -158,6 +158,12 @@ Facebook +
+ checked> + +
diff --git a/system/admin/views/layout.html.php b/system/admin/views/layout.html.php index e2f539e..d865b40 100644 --- a/system/admin/views/layout.html.php +++ b/system/admin/views/layout.html.php @@ -150,6 +150,50 @@ if (isset($author[0])) { + +
  • + + +

    + + 0): ?> + + + +

    +     + +
    • +
  • diff --git a/system/htmly.php b/system/htmly.php index 57bb401..400e1c3 100644 --- a/system/htmly.php +++ b/system/htmly.php @@ -3095,7 +3095,255 @@ get('/admin/categories/:category', function ($category) { } } else { $login = site_url() . 'login'; - } + } +}); + +// Show admin/comments - All comments +get('/admin/comments', function () { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if (login() && ($role === 'admin' || $role === 'editor')) { + config('views.root', 'system/admin/views'); + + $comments = getAllComments(); + $pendingCount = getPendingCommentsCount(); + + render('comments', array( + 'title' => generate_title('is_default', i18n('Comments_Management')), + 'description' => safe_html(strip_tags(blog_description())), + 'canonical' => site_url(), + 'metatags' => generate_meta(null, null), + 'type' => 'is_admin-comments', + 'is_admin' => true, + 'bodyclass' => 'admin-comments', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Comments'), + 'tab' => 'all', + 'comments' => $comments, + 'pendingCount' => $pendingCount + )); + } else { + $login = site_url() . 'login'; + header("location: $login"); + } +}); + +// Show admin/comments/pending - Pending comments +get('/admin/comments/pending', function () { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if (login() && ($role === 'admin' || $role === 'editor')) { + config('views.root', 'system/admin/views'); + + $allComments = getAllComments(); + $comments = array_filter($allComments, function($comment) { + return !$comment['published']; + }); + $pendingCount = count($comments); + + render('comments', array( + 'title' => generate_title('is_default', i18n('Pending_Comments')), + 'description' => safe_html(strip_tags(blog_description())), + 'canonical' => site_url(), + 'metatags' => generate_meta(null, null), + 'type' => 'is_admin-comments', + 'is_admin' => true, + 'bodyclass' => 'admin-comments', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Comments') . ' » ' . i18n('Pending'), + 'tab' => 'pending', + 'comments' => $comments, + 'pendingCount' => $pendingCount + )); + } else { + $login = site_url() . 'login'; + header("location: $login"); + } +}); + +// Show admin/comments/settings - Settings page +get('/admin/comments/settings', function () { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if (login() && $role === 'admin') { + config('views.root', 'system/admin/views'); + + $pendingCount = getPendingCommentsCount(); + + render('comments', array( + 'title' => generate_title('is_default', i18n('Comments_Settings')), + 'description' => safe_html(strip_tags(blog_description())), + 'canonical' => site_url(), + 'metatags' => generate_meta(null, null), + 'type' => 'is_admin-comments', + 'is_admin' => true, + 'bodyclass' => 'admin-comments', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Comments') . ' » ' . i18n('Settings'), + 'tab' => 'settings', + 'pendingCount' => $pendingCount + )); + } else { + $login = site_url() . 'login'; + header("location: $login"); + } +}); + +// Save comments settings +post('/admin/comments/settings', function () { + $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); + if (login() && $proper) { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if ($role === 'admin') { + $config = array(); + + // Get checkbox values (they are not sent if unchecked) + // Note: HTML forms convert dots to underscores in POST data + $config['comments.moderation'] = isset($_POST['comments_moderation']) ? 'true' : 'false'; + $config['comments.honeypot'] = isset($_POST['comments_honeypot']) ? 'true' : 'false'; + $config['comments.notify'] = isset($_POST['comments_notify']) ? 'true' : 'false'; + $config['comments.mail.enabled'] = isset($_POST['comments_mail_enabled']) ? 'true' : 'false'; + + // Get text fields (using underscores because HTML forms convert dots) + $config['comments.admin.email'] = from($_POST, 'comments_admin_email'); + $config['comments.mail.host'] = from($_POST, 'comments_mail_host'); + $config['comments.mail.port'] = from($_POST, 'comments_mail_port'); + $config['comments.mail.username'] = from($_POST, 'comments_mail_username'); + $config['comments.mail.encryption'] = from($_POST, 'comments_mail_encryption'); + $config['comments.mail.from.email'] = from($_POST, 'comments_mail_from_email'); + $config['comments.mail.from.name'] = from($_POST, 'comments_mail_from_name'); + + // Only update password if provided + $password = from($_POST, 'comments_mail_password'); + if (!empty($password)) { + $config['comments.mail.password'] = $password; + } + + // Debug: log to file (remove after debugging) + file_put_contents('content/comments-debug.log', + date('Y-m-d H:i:s') . "\n" . + "POST data: " . print_r($_POST, true) . "\n" . + "Config array: " . print_r($config, true) . "\n\n", + FILE_APPEND + ); + + $result = save_comments_config($config); + + // Log result + file_put_contents('content/comments-debug.log', + "Save result: " . ($result ? "SUCCESS ($result bytes)" : "FAILED") . "\n" . + "File content after save:\n" . file_get_contents('config/comments.ini') . "\n\n", + FILE_APPEND + ); + + $redir = site_url() . 'admin/comments/settings'; + header("location: $redir"); + } else { + $redir = site_url(); + header("location: $redir"); + } + } else { + $login = site_url() . 'login'; + header("location: $login"); + } +}); + +// Show edit comment form +get('/admin/comments/edit/:postid/:commentid', function ($postid, $commentid) { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if (login() && ($role === 'admin' || $role === 'editor')) { + config('views.root', 'system/admin/views'); + + $comments = getComments($postid, true); + $editComment = null; + + foreach ($comments as $comment) { + if ($comment['id'] === $commentid) { + $comment['post_id'] = $postid; + $editComment = $comment; + break; + } + } + + if ($editComment) { + $pendingCount = getPendingCommentsCount(); + + render('comments', array( + 'title' => generate_title('is_default', i18n('Edit_Comment')), + 'description' => safe_html(strip_tags(blog_description())), + 'canonical' => site_url(), + 'metatags' => generate_meta(null, null), + 'type' => 'is_admin-comments', + 'is_admin' => true, + 'bodyclass' => 'admin-comments', + 'breadcrumb' => '' . config('breadcrumb.home') . ' » ' . i18n('Comments') . ' » ' . i18n('Edit'), + 'editComment' => $editComment, + 'pendingCount' => $pendingCount + )); + } else { + $redir = site_url() . 'admin/comments'; + header("location: $redir"); + } + } else { + $login = site_url() . 'login'; + header("location: $login"); + } +}); + +// Update comment +post('/admin/comments/update/:postid/:commentid', function ($postid, $commentid) { + $proper = is_csrf_proper(from($_REQUEST, 'csrf_token')); + if (login() && $proper) { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if ($role === 'admin' || $role === 'editor') { + $data = array( + 'name' => from($_POST, 'name'), + 'email' => from($_POST, 'email'), + 'comment' => from($_POST, 'comment'), + 'published' => isset($_POST['published']) + ); + + if (commentModify($postid, $commentid, $data)) { + $redir = site_url() . 'admin/comments'; + header("location: $redir"); + } else { + $redir = site_url() . 'admin/comments/edit/' . $postid . '/' . $commentid; + header("location: $redir"); + } + } else { + $redir = site_url(); + header("location: $redir"); + } + } else { + $login = site_url() . 'login'; + header("location: $login"); + } +}); + +// Publish comment +get('/admin/comments/publish/:postid/:commentid', function ($postid, $commentid) { + if (login()) { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if ($role === 'admin' || $role === 'editor') { + commentPublish($postid, $commentid); + } + } + $redir = site_url() . 'admin/comments'; + header("location: $redir"); +}); + +// Delete comment +get('/admin/comments/delete/:postid/:commentid', function ($postid, $commentid) { + if (login()) { + $user = $_SESSION[site_url()]['user']; + $role = user('role', $user); + if ($role === 'admin' || $role === 'editor') { + commentDelete($postid, $commentid); + } + } + $redir = site_url() . 'admin/comments'; + header("location: $redir"); }); // Show admin/field @@ -5790,6 +6038,46 @@ post('/:year/:month/:name/delete', function () { } }); +// Submit comment from public form +post('/comments/submit', function () { + if (!local()) { + $redir = site_url(); + header("location: $redir"); + return; + } + + $postId = from($_POST, 'post_id'); + $name = from($_POST, 'name'); + $email = from($_POST, 'email'); + $comment = from($_POST, 'comment'); + $parentId = from($_POST, 'parent_id'); + $notify = from($_POST, 'notify'); + $website = from($_POST, 'website'); // honeypot field + + $data = array( + 'name' => $name, + 'email' => $email, + 'comment' => $comment, + 'parent_id' => $parentId, + 'notify' => $notify, + 'website' => $website + ); + + $result = commentInsert($postId, $data); + + if ($result['success']) { + // Redirect back to post with success anchor + $redir = site_url() . $postId . '#comment-success'; + // $redir = site_url() . $postId . '#comment-' . $result['comment_id']; + } else { + // Redirect back to post with error + $redir = site_url() . $postId . '#comment-error'; + // $redir = site_url() . $postId . '#comment-error?' . $result['message']; + } + + header("location: $redir"); +}); + // If we get here, it means that // nothing has been matched above get('.*', function () { diff --git a/system/includes/comments-frontend.php b/system/includes/comments-frontend.php new file mode 100644 index 0000000..5ff2841 --- /dev/null +++ b/system/includes/comments-frontend.php @@ -0,0 +1,263 @@ + +
    + + + + + + + + + +
    + + + + + +
    +
    +
    +
    + + + +
    + +
    +
    + + + + +
    +
    + 0 ? '#ddd' : '#007bff'; + ?> +
    +
    + + + +
    +
    + +
    +
    + +
    + + + '; + foreach ($comment['children'] as $child) { + displayComment($child, $postId); + } + echo '
    '; + } + ?> + + +
    + + +
    + +
    + + + +
    + +
    + +
    + +
    + + + + +
    +

    + +
    +
    + + + \ No newline at end of file diff --git a/system/includes/comments.php b/system/includes/comments.php new file mode 100644 index 0000000..5b9477a --- /dev/null +++ b/system/includes/comments.php @@ -0,0 +1,643 @@ + $value) { + // Ensure null and empty values are saved as empty strings + if ($value === null || $value === '') { + $value = '""'; + } else { + // Encode value + $value = json_encode($value, JSON_UNESCAPED_SLASHES | JSON_UNESCAPED_UNICODE); + } + + $map = array('\r\n' => ' \n ', '\r' => ' \n '); + $value = trim(strtr($value, $map)); + + // Escape dots in the key for regex + $escapedWord = str_replace('.', '\.', $word); + + // Try to replace existing line + $pattern = "/^" . $escapedWord . " = .*/m"; + if (preg_match($pattern, $string)) { + $string = preg_replace($pattern, $word . ' = ' . $value, $string); + } else { + // If line doesn't exist, add it at the end + $string = rtrim($string) . "\n" . $word . ' = ' . $value . "\n"; + } + } + + $string = rtrim($string) . "\n"; + $result = file_put_contents($config_file, $string, LOCK_EX); + + // Clear PHP opcache for this file + if (function_exists('opcache_invalidate')) { + opcache_invalidate($config_file, true); + } + + // Clear cache after saving + if ($result !== false) { + comments_config('reload'); + } + + return $result; +} + +/** + * Get comments file path for a post/page + * + * @param string $postId Post or page ID + * @return string File path + */ +function get_comments_file($postId) +{ + $dir = 'content/comments/'; + if (!is_dir($dir)) { + mkdir($dir, 0775, true); + } + return $dir . sanitize_filename($postId) . '.json'; +} + +/** + * Sanitize filename + * + * @param string $filename + * @return string Sanitized filename + */ +function sanitize_filename($filename) +{ + return preg_replace('/[^a-z0-9\-_]/i', '_', $filename); +} + +/** + * Get all comments for a post/page + * + * @param string $postId Post or page ID + * @param bool $includeUnpublished Include unpublished comments (for admin) + * @return array Comments array + */ +function getComments($postId, $includeUnpublished = false) +{ + $file = get_comments_file($postId); + + if (!file_exists($file)) { + return array(); + } + + $content = file_get_contents($file); + $comments = json_decode($content, true); + + if (!is_array($comments)) { + return array(); + } + + // Filter unpublished comments if not admin view + if (!$includeUnpublished) { + $comments = array_filter($comments, function($comment) { + return isset($comment['published']) && $comment['published'] === true; + }); + } + + // Sort by date (oldest first) + usort($comments, function($a, $b) { + return $a['timestamp'] - $b['timestamp']; + }); + + return $comments; +} + +/** + * Get all comments across all posts (for admin) + * + * @return array All comments with post info + */ +function getAllComments() +{ + $commentsDir = 'content/comments/'; + if (!is_dir($commentsDir)) { + return array(); + } + + $files = glob($commentsDir . '*.json'); + $allComments = array(); + + foreach ($files as $file) { + $postId = basename($file, '.json'); + $comments = getComments($postId, true); + + foreach ($comments as $comment) { + $comment['post_id'] = $postId; + $allComments[] = $comment; + } + } + + // Sort by date (newest first) + usort($allComments, function($a, $b) { + return $b['timestamp'] - $a['timestamp']; + }); + + return $allComments; +} + +/** + * Generate unique comment ID + * + * @return string Unique comment ID + */ +function generateCommentId() +{ + return uniqid('comment_', true); +} + +/** + * Build comment tree for nested display + * + * @param array $comments Flat array of comments + * @param string $parentId Parent comment ID (null for root) + * @param int $level Nesting level + * @return array Tree structure + */ +function buildCommentTree($comments, $parentId = null, $level = 0) +{ + $tree = array(); + + foreach ($comments as $comment) { + $commentParent = isset($comment['parent_id']) ? $comment['parent_id'] : null; + + if ($commentParent === $parentId) { + $comment['level'] = $level; + $comment['children'] = buildCommentTree($comments, $comment['id'], $level + 1); + $tree[] = $comment; + } + } + + return $tree; +} + +/** + * Validate comment data + * + * @param array $data Comment data + * @return array Array with 'valid' boolean and 'errors' array + */ +function validateComment($data) +{ + $errors = array(); + + // Validate name + if (empty($data['name']) || strlen(trim($data['name'])) < 2) { + $errors[] = 'Name is required and must be at least 2 characters'; + } + + // Validate email + if (empty($data['email']) || !filter_var($data['email'], FILTER_VALIDATE_EMAIL)) { + $errors[] = 'Valid email is required'; + } + + // Validate comment text + if (empty($data['comment']) || strlen(trim($data['comment'])) < 3) { + $errors[] = 'Comment is required and must be at least 3 characters'; + } + + // Validate honeypot (if enabled) + if (comments_config('comments.honeypot') === 'true') { + if (!empty($data['website'])) { + $errors[] = 'Spam detected'; + } + } + + return array( + 'valid' => empty($errors), + 'errors' => $errors + ); +} + +/** + * Insert a new comment + * + * @param string $postId Post or page ID + * @param array $data Comment data (name, email, comment, parent_id, notify) + * @return array Result with 'success' boolean and 'message' or 'comment_id' + */ +function commentInsert($postId, $data) +{ + // Validate comment + $validation = validateComment($data); + if (!$validation['valid']) { + return array( + 'success' => false, + 'message' => implode(', ', $validation['errors']) + ); + } + + // Get existing comments + $file = get_comments_file($postId); + $comments = array(); + if (file_exists($file)) { + $content = file_get_contents($file); + $comments = json_decode($content, true); + if (!is_array($comments)) { + $comments = array(); + } + } + + // Create new comment + $commentId = generateCommentId(); + $timestamp = time(); + + $comment = array( + 'id' => $commentId, + 'name' => trim($data['name']), + 'email' => trim($data['email']), + 'comment' => trim($data['comment']), + 'timestamp' => $timestamp, + 'date' => date('Y-m-d H:i:s', $timestamp), + 'parent_id' => isset($data['parent_id']) && !empty($data['parent_id']) ? $data['parent_id'] : null, + 'notify' => isset($data['notify']) && $data['notify'] === '1', + 'published' => comments_config('comments.moderation') !== 'true', // Auto-publish if moderation disabled + 'ip' => $_SERVER['REMOTE_ADDR'] ?? 'unknown' + ); + + // Add comment to array + $comments[] = $comment; + + // Save to file + $json = json_encode($comments, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); + if (file_put_contents($file, $json, LOCK_EX) === false) { + return array( + 'success' => false, + 'message' => 'Failed to save comment' + ); + } + + // Send notifications + sendCommentNotifications($postId, $comment, $comments); + + return array( + 'success' => true, + 'comment_id' => $commentId, + 'message' => $comment['published'] ? 'Comment published successfully' : 'Comment submitted for moderation' + ); +} + +/** + * Publish a comment (approve from moderation) + * + * @param string $postId Post or page ID + * @param string $commentId Comment ID + * @return bool Success status + */ +function commentPublish($postId, $commentId) +{ + $file = get_comments_file($postId); + if (!file_exists($file)) { + return false; + } + + $content = file_get_contents($file); + $comments = json_decode($content, true); + + if (!is_array($comments)) { + return false; + } + + $updated = false; + foreach ($comments as &$comment) { + if ($comment['id'] === $commentId) { + $comment['published'] = true; + $updated = true; + + // Send notifications to other commenters + sendCommentNotifications($postId, $comment, $comments, false); + break; + } + } + + if (!$updated) { + return false; + } + + $json = json_encode($comments, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); + return file_put_contents($file, $json, LOCK_EX) !== false; +} + +/** + * Delete a comment + * + * @param string $postId Post or page ID + * @param string $commentId Comment ID + * @return bool Success status + */ +function commentDelete($postId, $commentId) +{ + $file = get_comments_file($postId); + if (!file_exists($file)) { + return false; + } + + $content = file_get_contents($file); + $comments = json_decode($content, true); + + if (!is_array($comments)) { + return false; + } + + // Remove comment and its children + $comments = array_filter($comments, function($comment) use ($commentId) { + return $comment['id'] !== $commentId && + (empty($comment['parent_id']) || $comment['parent_id'] !== $commentId); + }); + + // Reindex array + $comments = array_values($comments); + + $json = json_encode($comments, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); + return file_put_contents($file, $json, LOCK_EX) !== false; +} + +/** + * Modify a comment + * + * @param string $postId Post or page ID + * @param string $commentId Comment ID + * @param array $data New comment data + * @return bool Success status + */ +function commentModify($postId, $commentId, $data) +{ + $file = get_comments_file($postId); + if (!file_exists($file)) { + return false; + } + + $content = file_get_contents($file); + $comments = json_decode($content, true); + + if (!is_array($comments)) { + return false; + } + + $updated = false; + foreach ($comments as &$comment) { + if ($comment['id'] === $commentId) { + // Update fields + if (isset($data['name'])) { + $comment['name'] = trim($data['name']); + } + if (isset($data['email'])) { + $comment['email'] = trim($data['email']); + } + if (isset($data['comment'])) { + $comment['comment'] = trim($data['comment']); + } + if (isset($data['published'])) { + $comment['published'] = (bool)$data['published']; + } + + $comment['modified'] = date('Y-m-d H:i:s'); + $updated = true; + break; + } + } + + if (!$updated) { + return false; + } + + $json = json_encode($comments, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES); + return file_put_contents($file, $json, LOCK_EX) !== false; +} + +/** + * Send comment notifications + * + * @param string $postId Post or page ID + * @param array $newComment The new comment + * @param array $allComments All comments for this post + * @param bool $notifyAdmin Notify admin (default true) + * @return void + */ +function sendCommentNotifications($postId, $newComment, $allComments, $notifyAdmin = true) +{ + // Check if notifications are enabled + if (comments_config('comments.notify') !== 'true' || + comments_config('comments.mail.enabled') !== 'true') { + return; + } + + $recipients = array(); + + // Add admin email + if ($notifyAdmin) { + $adminEmail = comments_config('comments.admin.email'); + if (!empty($adminEmail) && filter_var($adminEmail, FILTER_VALIDATE_EMAIL)) { + $recipients[$adminEmail] = array( + 'name' => 'Administrator', + 'type' => 'admin' + ); + } + } + + // Add parent comment author (if replying) + if (!empty($newComment['parent_id'])) { + foreach ($allComments as $comment) { + if ($comment['id'] === $newComment['parent_id'] && + $comment['notify'] && + $comment['email'] !== $newComment['email']) { + $recipients[$comment['email']] = array( + 'name' => $comment['name'], + 'type' => 'parent' + ); + } + } + } + + // Add other commenters in same thread who want notifications + foreach ($allComments as $comment) { + if ($comment['notify'] && + $comment['email'] !== $newComment['email'] && + $comment['id'] !== $newComment['id']) { + // Same thread = same parent or no parent + if ($comment['parent_id'] === $newComment['parent_id']) { + $recipients[$comment['email']] = array( + 'name' => $comment['name'], + 'type' => 'thread' + ); + } + } + } + + // Send emails + foreach ($recipients as $email => $info) { + sendCommentEmail($email, $info['name'], $postId, $newComment, $info['type']); + } +} + +/** + * Send a single comment notification email + * + * @param string $to Recipient email + * @param string $toName Recipient name + * @param string $postId Post ID + * @param array $comment Comment data + * @param string $type Notification type (admin, parent, thread) + * @return bool Success status + */ +function sendCommentEmail($to, $toName, $postId, $comment, $type = 'admin') +{ + try { + $mail = new PHPMailer(true); + + // Server settings + $mail->isSMTP(); + $mail->Host = comments_config('comments.mail.host'); + $mail->SMTPAuth = true; + $mail->Username = comments_config('comments.mail.username'); + $mail->Password = comments_config('comments.mail.password'); + $mail->Port = comments_config('comments.mail.port'); + + $encryption = comments_config('comments.mail.encryption'); + if ($encryption === 'tls') { + $mail->SMTPSecure = PHPMailer::ENCRYPTION_STARTTLS; + } elseif ($encryption === 'ssl') { + $mail->SMTPSecure = PHPMailer::ENCRYPTION_SMTPS; + } + + // Recipients + $mail->setFrom( + comments_config('comments.mail.from.email'), + comments_config('comments.mail.from.name') + ); + $mail->addAddress($to, $toName); + + // Content + $mail->isHTML(true); + $mail->CharSet = 'UTF-8'; + + if ($type === 'admin') { + $mail->Subject = 'New comment awaiting moderation'; + $mail->Body = " +

    New comment on: $postId

    +

    From: {$comment['name']} ({$comment['email']})

    +

    Comment:

    +

    " . nl2br(htmlspecialchars($comment['comment'])) . "

    +

    Moderate comments

    + "; + } else { + $mail->Subject = 'New reply to your comment'; + $mail->Body = " +

    Someone replied to your comment on: $postId

    +

    From: {$comment['name']}

    +

    Comment:

    +

    " . nl2br(htmlspecialchars($comment['comment'])) . "

    +

    View comment

    + "; + } + + $mail->send(); + return true; + } catch (Exception $e) { + error_log("Comment notification email failed: {$mail->ErrorInfo}"); + return false; + } +} + +/** + * Get comment count for a post + * + * @param string $postId Post or page ID + * @param bool $includeUnpublished Include unpublished comments + * @return int Comment count + */ +function getCommentCount($postId, $includeUnpublished = false) +{ + $comments = getComments($postId, $includeUnpublished); + return count($comments); +} + +/** + * Get pending comments count (for admin) + * + * @return int Pending comments count + */ +function getPendingCommentsCount() +{ + $allComments = getAllComments(); + $pending = array_filter($allComments, function($comment) { + return !$comment['published']; + }); + return count($pending); +} + +/** + * Format comment text (allow basic formatting) + * + * @param string $text Comment text + * @return string Formatted text + */ +function formatCommentText($text) +{ + // Convert line breaks + $text = nl2br(htmlspecialchars($text, ENT_QUOTES, 'UTF-8')); + + // Allow simple bold with **text** or __text__ + $text = preg_replace('/\*\*(.+?)\*\*/', '$1', $text); + $text = preg_replace('/__(.+?)__/', '$1', $text); + + return $text; +} + +?> \ No newline at end of file diff --git a/system/includes/functions.php b/system/includes/functions.php index 2ed505f..599c456 100644 --- a/system/includes/functions.php +++ b/system/includes/functions.php @@ -3535,7 +3535,7 @@ function is_index() } } else { $req = strtok($_SERVER["REQUEST_URI"], '?'); - if (stripos($req, '/category/') !== false || stripos($req, '/archive/') !== false || stripos($req, '/tag/') !== false || stripos($req, '/search/') !== false || stripos($req, '/type/') !== false || stripos($req, '/' . blog_path()) !== false || $req == site_path() . '/') { + if (stripos($req, '/category/') !== false || stripos($req, '/archive/') !== false || stripos($req, '/tag/') !== false || stripos($req, '/search/') !== false || stripos($req, '/type/') !== false || stripos($req, '/' . blog_path()) !== false || $req == site_path() . '/' || $req == '/') { return true; } else { return false; diff --git a/system/vendor/composer/autoload_files.php b/system/vendor/composer/autoload_files.php index 46cd6f2..90aaf54 100644 --- a/system/vendor/composer/autoload_files.php +++ b/system/vendor/composer/autoload_files.php @@ -12,4 +12,6 @@ return array( '8432047aca7938f88a2098a2f7770228' => $baseDir . '/system/admin/admin.php', '1b9bf2d9d029f1364c3d7262b5375c41' => $baseDir . '/system/includes/session.php', '62f038defb1b29aab3998eb437e01df9' => $baseDir . '/system/includes/opml.php', + '7d7ae14f7bb933ac50b7f6e42f6a7d60' => $baseDir . '/system/includes/comments.php', + '2591226a04118e81824e40ae6712427b' => $baseDir . '/system/includes/comments-frontend.php', ); diff --git a/system/vendor/composer/autoload_static.php b/system/vendor/composer/autoload_static.php index 6baf180..1f56f55 100644 --- a/system/vendor/composer/autoload_static.php +++ b/system/vendor/composer/autoload_static.php @@ -13,6 +13,8 @@ class ComposerStaticInitd88c6c25320034df85dd42f1462fbda7 '8432047aca7938f88a2098a2f7770228' => __DIR__ . '/../../..' . '/system/admin/admin.php', '1b9bf2d9d029f1364c3d7262b5375c41' => __DIR__ . '/../../..' . '/system/includes/session.php', '62f038defb1b29aab3998eb437e01df9' => __DIR__ . '/../../..' . '/system/includes/opml.php', + '7d7ae14f7bb933ac50b7f6e42f6a7d60' => __DIR__ . '/../../..' . '/system/includes/comments.php', + '2591226a04118e81824e40ae6712427b' => __DIR__ . '/../../..' . '/system/includes/comments-frontend.php', ); public static $prefixLengthsPsr4 = array (