diff -ura subscribe-to-comments.o/subscribe-to-comments.php subscribe-to-comments/subscribe-to-comments.php --- subscribe-to-comments.o/subscribe-to-comments.php 2008-10-18 12:15:57.000000000 +0200 +++ subscribe-to-comments/subscribe-to-comments.php 2008-10-18 15:13:38.000000000 +0200 @@ -158,6 +158,14 @@ echo '

' . __('Entry Author', 'subscribe-to-comments') . '

'; + echo ''; + + echo '

' . __('E-Mail Text', 'subscribe-to-comments') . ''; + + echo '

' . __('Double Opt-In', 'subscribe-to-comments') . '
' . sg_subscribe_settings::textarea_setting('double_opt_in') . '

'; @@ -413,18 +421,89 @@ global $wpdb; $cid = (int) $cid; $id = (int) $id; - $email = strtolower($wpdb->get_var("SELECT comment_author_email FROM $wpdb->comments WHERE comment_ID = '$cid'")); + + $row = $wpdb->get_row("SELECT comment_author_email, comment_post_ID, comment_author_IP from $wpdb->comments WHERE comment_ID = '$cid'"); + + $email = $row->comment_author_email; + $postid = $row->comment_post_ID; + $ip = $row->comment_author_IP; + $email_sql = $wpdb->escape($email); - $postid = $wpdb->get_var("SELECT comment_post_ID from $wpdb->comments WHERE comment_ID = '$cid'"); $previously_subscribed = ( $wpdb->get_var("SELECT comment_subscribe from $wpdb->comments WHERE comment_post_ID = '$postid' AND LCASE(comment_author_email) = '$email_sql' AND comment_subscribe = 'Y' LIMIT 1") || in_array($email, (array) get_post_meta($postid, '_sg_subscribe-to-comments')) ) ? true : false; // If user wants to be notified or has previously subscribed, set the flag on this current comment if (($_POST['subscribe'] == 'subscribe' && is_email($email)) || $previously_subscribed) { - delete_post_meta($postid, '_sg_subscribe-to-comments', $email); - $wpdb->query("UPDATE $wpdb->comments SET comment_subscribe = 'Y' where comment_post_ID = '$postid' AND LCASE(comment_author_email) = '$email'"); + delete_post_meta($postid, '_sg_subscribe-to-comments', $email); + + $sendOptIn = true; + if ($previously_subscribed) { + $sendOptIn = false; + } + + if ($sendOptIn) { + // check if author has subscribed to an comment in the last 3 months + + $sql = "SELECT COUNT(*) + FROM " . $wpdb->comments . " + WHERE DATE_SUB(CURDATE(), INTERVAL 3 MONTH) <= comment_date_gmt + AND LCASE(comment_author_email) = '" . $email_sql . "' + AND comment_subscribe = 'Y'"; + + $result = $wpdb->get_var($sql); + if ($result >= 1) { + $sendOptIn = false; + } + } + + if ($sendOptIn) { + // send double-opt in + $key = md5($cid . $email . $postid . $ip); + + // link + $link = get_option('home') . '/?wp-subscription-manager=1&opt-in=1'; + $link = add_query_arg('cid', $cid, $link); + $link = add_query_arg('key', urlencode($key), $link); + + $message = isset($this->settings['double_opt_in']) ? $this->settings['double_opt_in'] : "Click to confirm:\n[link]"; + + $message = str_replace("[link]", $link, $message); + + $this->send_mail($email, "Confirm the subscription ", $message); + } else { + $wpdb->query("UPDATE $wpdb->comments SET comment_subscribe = 'Y' where comment_post_ID = '$postid' AND LCASE(comment_author_email) = '$email'"); + } } return $cid; + } + + function add_opt_in_subscriber($cid, $key) + { + global $wpdb; + + $cid = (int) $cid; + $row = $wpdb->get_row("SELECT comment_author_email, comment_post_ID, comment_author_IP, comment_subscribe from $wpdb->comments WHERE comment_ID = '$cid'"); + + if (!is_object($row)) { + return 1; + } + + if ($row->comment_subscribe == "Y") { + return 2; + } + + $postid = $row->comment_post_ID; + $email = $row->comment_author_email; + + $checkkey = md5($cid . $email . $postid . $row->comment_author_IP); + + if ($key != $checkkey) { + return 3; + } + + $wpdb->query("UPDATE $wpdb->comments SET comment_subscribe = 'Y' where comment_post_ID = '$postid' AND LCASE(comment_author_email) = '$email'"); + + return 0; } @@ -860,9 +939,34 @@ } function sg_subscribe_admin($standalone = false) { - global $wpdb, $sg_subscribe; - - sg_subscribe_start(); + global $wpdb, $sg_subscribe; + + sg_subscribe_start(); + + if (isset($_REQUEST["opt-in"], $_REQUEST["cid"], $_REQUEST["key"])) { + $result = $sg_subscribe->add_opt_in_subscriber($_REQUEST["cid"], $_REQUEST["key"]); + + switch ($result) { + + case 0: + die ( __('Successfully subscribed!', 'subscribe-to-comments') ); + break; + + case 1: + die ( __('Error while fetching db record!', 'subscribe-to-comments') ); + break; + + case 2: + die ( __('Already subscribed!', 'subscribe-to-comments') ); + break; + + case 3: + die ( __('Invalid key!', 'subscribe-to-comments') ); + break; + + } + die ( __('You may not access this page without a valid key.', 'subscribe-to-comments') ); + } if ( $standalone ) { $sg_subscribe->form_action = get_option('home') . '/?wp-subscription-manager=1';