You are here

Home » API reference » Anonymous Publishing 7

anonymous_publishing_cl.module in Anonymous Publishing 7

File

modules/cl/anonymous_publishing_cl.module
View source 
<?php

/**
 * @file
 * Main hooks for the Anonymous Publishing CL module.
 */
module_load_include('inc', 'anonymous_publishing_cl', 'anonymous_publishing_cl.admin');

/**
 * Check if the content type can be published anonymously.
 *
 * @param string $type
 *   The content type to check.
 *
 * @return bool
 *   TRUE if the content type can be published anonymously,
 *   FALSE otherwise.
 */
function anonymous_publishing_cl_content_type_allowed($type) {
  $types = variable_get('anonymous_publishing_cl_types', array());
  return !empty($types[$type]);
}

/**
 * Class wrapper for honeyfield.
 *
 * This will wrap the field in a div so it can be hidden with CSS.
 * The wrapper class name is deliberately misleading.
 * The wrapper class need to be set to display_none in css.
 */
function _anonymous_publishing_cl_honeyfield_post_render($content, $element) {
  return '<div class="edit-email-confirm-wrapper">' . $content . '</div>';
}

/**
 * Implements a custom submit form for nodes.
 *
 * No need to call check_plain() for alias/byline field as it is
 * sanitized when output.
 */
function anonymous_publishing_cl_node_form_submit($form, &$form_state) {
  $emailusedtoactivate = $form_state['node']->anonymous_publishing['email'];
  if (user_is_logged_in() || !isset($emailusedtoactivate)) {

    // No need to manage insertion of this content.
    return;
  }

  // The alias is the Byline from the form.
  $alias = empty($form_state['node']->anonymous_publishing['alias']) ? NULL : trim($form_state['node']->anonymous_publishing['alias']);
  $nid = $form_state['nid'];
  $node = $form_state['node'];
  if ($form_state['node']->status) {

    // This insert is for return visits.
    db_insert('anonymous_publishing')
      ->fields(array(
      'nid' => $nid,
      'cid' => 0,
      'akey' => NULL,
      'verified' => 1,
      'alias' => $alias,
      'email' => $emailusedtoactivate,
      'ip' => ip_address(),
    ))
      ->execute();

    // $vrfypers = variable_get('anonymous_publishing_cl_vrfypers', 0);.
    // $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);.
    $fields = array();
    if (!empty($alias)) {
      $fields['alias'] = $alias;
    }
    $fields['ipaddress'] = ip_address();
    db_update('anonymous_publishing_emails')
      ->fields($fields)
      ->condition('email', $emailusedtoactivate, '=')
      ->execute();
    return;
  }
  $options = variable_get('anonymous_publishing_cl_options', array());
  $at = $options['sactivate'] ? 'A' : 'V';
  $akey = $at . drupal_hmac_base64(mt_rand(), drupal_get_hash_salt());

  // This insert is for first visit.
  db_insert('anonymous_publishing')
    ->fields(array(
    'nid' => $nid,
    'cid' => 0,
    'akey' => $akey,
    'verified' => 0,
    'alias' => $alias,
    'email' => $emailusedtoactivate,
    'ip' => ip_address(),
  ))
    ->execute();
  _anonymous_publishing_cl_send_email($node, $akey);
}

/**
 * Helper function to handle anonymous comment submits.
 *
 * No need to call check_plain() for alias/byline field as it is
 * sanitized when output.
 */
function _anonymous_publishing_cl_my_comment_insert($content) {
  if (user_is_logged_in() || !isset($content->anonymous_publishing['email']) && !isset($content->anonymous_publishing['options'])) {

    // Nothing do to with this module.
    return;
  }
  if (isset($content->anonymous_publishing['email'])) {
    $comm = comment_load($content->cid);
    $comm->uid = 0;
    $comm->name = '';
    $comm->mail = '';
    comment_save($comm);
  }

  // Not logged in.
  if (isset($content->anonymous_publishing['alias'])) {
    $alias = trim($content->anonymous_publishing['alias']);
  }
  else {
    $alias = '';
  }
  $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
  if (!empty($alias) && (2 == $aliasopt || 3 == $aliasopt)) {
    db_update('anonymous_publishing_emails')
      ->fields(array(
      'alias' => $alias,
      'ipaddress' => ip_address(),
    ))
      ->condition('email', $content->anonymous_publishing['email'], '=')
      ->execute();
  }
  if ($content->status) {
    $comm = comment_load($content->cid);
    $comm->name = '';
    if (user_access('skip comment approval')) {
      $comm->status = COMMENT_PUBLISHED;
    }
    else {
      $comm->status = COMMENT_NOT_PUBLISHED;
    }
    comment_save($comm);

    // This insert is for return visits.
    db_insert('anonymous_publishing')
      ->fields(array(
      'nid' => $content->nid,
      'cid' => $content->cid,
      'akey' => NULL,
      'verified' => 1,
      'alias' => $alias,
      'email' => $content->anonymous_publishing['email'],
      'ip' => ip_address(),
    ))
      ->execute();
    return;
  }
  $options = variable_get('anonymous_publishing_cl_options', array());
  $at = $options['sactivate'] ? 'A' : 'V';
  if (isset($content->anonymous_publishing['email'])) {
    $emailusedtoactivate = $content->anonymous_publishing['email'];
    $akey = $at . drupal_hmac_base64(mt_rand(), drupal_get_hash_salt());
  }
  if (user_is_anonymous() && 0 == $content->status) {
    _anonymous_publishing_cl_send_email($content, $akey);
  }

  // This insert is for first visit.
  db_insert('anonymous_publishing')
    ->fields(array(
    'nid' => $content->nid,
    'cid' => $content->cid,
    'akey' => $akey,
    'verified' => 0,
    'alias' => $alias,
    'email' => $emailusedtoactivate,
    'ip' => ip_address(),
  ))
    ->execute();
}

/**
 * Implements a custom submit form for comments.
 *
 * Hacks the system messages generated when comments are posted.
 * Needed because system messages for comments are confusing with the
 * logic in this module. No need to hack messages for nodes.
 */
function anonymous_publishing_cl_comment_form_submit($form, &$form_state) {
  if (user_is_logged_in()) {
    return;
  }
  _anonymous_publishing_cl_my_comment_insert($form_state['comment']);
  $mm = drupal_get_messages('status', TRUE);
  $options = variable_get('anonymous_publishing_cl_options', array());
  if (user_access('skip comment approval') && $options['sactivate']) {
    $key = array_search(t('Your comment has been queued for review by site administrators and will be published after approval.'), $mm['status']);
    if (FALSE !== $key) {
      $mm['status'][$key] = t('Your comment will be published when you validate your e-mail address.');
    }
  }
  elseif (!user_access('skip comment approval')) {
    $key = array_search(t('Your comment has been posted.'), $mm['status']);
    if (FALSE !== $key) {
      $mm['status'][$key] = t('Your comment will be published after it has been approved by an administrator.');
    }
    $key = array_search(t('Your comment has been queued for review by site administrators and will be published after approval.'), $mm['status']);
    if (FALSE !== $key) {
      $mm['status'][$key] = t("Your comment will be published after you've confirmed your email and the comment has been approved by an administrator.");
    }
  }
  else {
    $key = array_search(t('Your comment has been queued for review by site administrators and will be published after approval.'), $mm['status']);
    if (FALSE !== $key) {
      $mm['status'][$key] = t("Your comment will be published after you've confirmed your email and the comment has been approved by an administrator.");
    }
  }
  foreach ($mm['status'] as $msg) {
    drupal_set_message($msg, 'status');
  }
}

/**
 * Helper function to make form alterations to input form.
 *
 * Changes form for any content type managed by Anonymous Publishing
 * to add two additional fields. The field for the verification email
 * address, and a bogus "email_confirm_field".
 */
function _anonymous_publishing_cl_alter_comment_or_node_form(&$form, &$form_state, $type, $entity_type) {
  if (user_is_anonymous() && anonymous_publishing_cl_content_type_allowed($type)) {
    $form['anonymous_publishing'] = array(
      '#type' => 'fieldset',
      '#collapsible' => TRUE,
      '#tree' => TRUE,
    );
    $options = variable_get('anonymous_publishing_cl_options', array());
    $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
    $selfactmsg = $options['sactivate'] ? '' : ' ' . t('and the content is approved by by an administrator');
    $verifymsg = t('Your content will not appear on this site until your e-mail is verified!selfactmsg.', array(
      '!selfactmsg' => $selfactmsg,
    ));
    $form['anonymous_publishing']['#title'] = t('Credentials (your e-mail address will not be shown publicly)');
    $form['anonymous_publishing']['#weight'] = variable_get('anonymous_publishing_cl_emailweight', 0);
    $form['anonymous_publishing']['email'] = array(
      '#type' => 'textfield',
      '#title' => t('Verification e-mail address:'),
      '#description' => $verifymsg,
      '#size' => 60,
      '#maxlength' => EMAIL_MAX_LENGTH,
      '#required' => TRUE,
    );
    if (2 == $aliasopt || 3 == $aliasopt) {
      $reqchar = variable_get('anonymous_publishing_cl_requiredchar', 6);
      $bylineguide = _anonymous_publishing_cl_substitute_text('anonymous_publishing_cl_bylineguide', array(
        '!reqchar' => $reqchar,
      ));
      if (!empty($bylineguide)) {
        $bylineguide .= ' ';
      }
      $form['anonymous_publishing']['alias'] = array(
        '#type' => 'textfield',
        '#title' => t('Byline:'),
        '#description' => t('@bylineguide<em>All</em> posts associated with this e-mail address will carry this byline.  Leave blank if you want to keep the byline already associated with this email address.', array(
          '@bylineguide' => $bylineguide,
        )),
        '#size' => 30,
        '#maxlength' => EMAIL_MAX_LENGTH,
      );
    }
    if (isset($form['#node_edit_form'])) {
      $form['actions']['submit']['#submit'][] = 'anonymous_publishing_cl_node_form_submit';
    }
    if ($type === 'comment') {
      $form['#submit'][] = 'anonymous_publishing_cl_comment_form_submit';
      $form['#validate'][] = 'anonymous_publishing_cl_comment_form_validate';

      // We disable the author field in the comment form.
      $form['author']['name']['#access'] = FALSE;
    }

    // Set default_value non-empty to simulate 'bot.
    // The text for the #title field is not user facing, it's bait for the 'bot.
    // It shall never be seen by humans. 'Bots look for English words like
    // "e-mail", so it is better to leave this untranslated to make sure the
    // 'bot bites the bait.
    $form['email_confirm_field'] = array(
      '#title' => 'Enter your e-mail address (not!):',
      '#type' => 'textfield',
      '#default_value' => '',
      '#size' => 20,
      '#name' => 'email_confirm_field',
      '#description' => t('This field should not even be visible to humans.'),
      '#post_render' => array(
        '_anonymous_publishing_cl_honeyfield_post_render',
      ),
    );
    $form['#attached'] = array(
      'css' => array(
        drupal_get_path('module', 'anonymous_publishing') . '/anonymous_publishing.css',
      ),
    );
  }
  $amail = NULL;
  if (isset($form['cid']['#value'])) {
    $cid = $form['cid']['#value'];
    $amail = db_query("SELECT email FROM {anonymous_publishing} WHERE cid = :cid", array(
      ':cid' => $cid,
    ))
      ->fetchField();
  }
  elseif (isset($form['#node_edit_form']) && isset($form['nid']['#value'])) {
    $nid = $form['nid']['#value'];
    $amail = db_query("SELECT email FROM {anonymous_publishing} WHERE nid = :nid", array(
      ':nid' => $nid,
    ))
      ->fetchField();
  }

  // Show it if it exists and the user is allowed to see this form.
  if (!empty($amail)) {
    $form['email_confirm_field'] = array(
      '#type' => 'markup',
      '#markup' => t('<div class="anon-cl-email"><strong>Posted using the email-address</strong> “@email”.</div>', array(
        '@email' => $amail,
      )),
      '#weight' => -5,
    );
  }
}

/**
 * Implements hook_form_BASE_FORM_ID_alter().
 */
function anonymous_publishing_cl_form_node_form_alter(&$form, &$form_state, $form_id) {
  _anonymous_publishing_cl_alter_comment_or_node_form($form, $form_state, $form['#bundle'], 'node');
}

/**
 * Implements hook_form_BASE_FORM_ID_alter().
 */
function anonymous_publishing_cl_form_comment_form_alter(&$form, &$form_state) {
  _anonymous_publishing_cl_alter_comment_or_node_form($form, $form_state, 'comment', 'comment');
}

/**
 * Implements hook_username_alter().
 */
function anonymous_publishing_cl_username_alter(&$name, $account) {
  $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
  if (isset($account->comment_body) || isset($account->body) && $aliasopt && !$account->uid) {
    if (isset($account->comment_body) && $account->cid) {
      $amail = db_query("SELECT email FROM {anonymous_publishing} WHERE cid = :cid", array(
        ':cid' => $account->cid,
      ))
        ->fetchField();
    }
    elseif (isset($account->body) && $account->nid) {
      $amail = db_query("SELECT email FROM {anonymous_publishing} WHERE nid = :nid", array(
        ':nid' => $account->nid,
      ))
        ->fetchField();
    }
    else {
      $amail = '';
    }
    $alias = db_query("SELECT alias FROM {anonymous_publishing_emails} WHERE email = :email", array(
      ':email' => $amail,
    ))
      ->fetchField();
    if (!empty($alias)) {
      $name = $alias;
    }
  }
}

/**
 * Content submission and verification.
 */

/**
 * Activate a node or comment published anonymously.
 *
 * @param int $apid
 *   The apid to activate.
 */
function anonymous_publishing_cl_activate($apid) {
  $result1 = db_query("SELECT nid, cid, alias, email FROM {anonymous_publishing} WHERE apid = :apid", array(
    ':apid' => $apid,
  ))
    ->fetchAssoc();
  $nid = $result1['nid'];
  $cid = $result1['cid'];
  $wish = $result1['alias'];
  $email = $result1['email'];
  $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
  if (1 == $aliasopt) {
    $auid = db_next_id(db_query('SELECT MAX(auid) FROM {anonymous_publishing_emails}')
      ->fetchField());
    $alias = 'user' . $auid;
  }
  elseif (2 == $aliasopt || 3 == $aliasopt) {
    $alias = $wish;
  }
  else {
    $alias = '';
  }
  $ip = ip_address();

  // Insert it.
  $now = date('Y-m-d');
  $auid = db_insert('anonymous_publishing_emails')
    ->fields(array(
    'email' => $email,
    'alias' => $alias,
    'ipaddress' => $ip,
    'firstseen' => $now,
    'lastseen' => $now,
  ))
    ->execute();
  db_update('anonymous_publishing')
    ->fields(array(
    'verified' => 1,
  ))
    ->condition('apid', $apid, '=')
    ->execute();
  $fields = array();
  if (!empty($alias)) {
    $fields['alias'] = $alias;
  }
  $fields['ipaddress'] = ip_address();
  db_update('anonymous_publishing_emails')
    ->fields($fields)
    ->condition('email', $email, '=')
    ->execute();

  // Activate.
  drupal_set_message(t('The anonymously published posting(s) has been activated.'));
  if ($cid) {
    $comm_obj = comment_load($cid, TRUE);
    comment_publish_action($comm_obj);
    comment_save($comm_obj);
  }
  else {
    $node_obj = node_load($nid, NULL, TRUE);
    node_publish_action($node_obj);
    node_save($node_obj);
  }
}

/**
 * Page callback: Activate a node or comment published anonymously.
 *
 * This is the page callback for the link sent to the user by email
 * to activate the node.
 *
 * @param object $node
 *   Node.
 */
function anonymous_publishing_cl_verify(stdClass $node) {
  if (isset($_GET['akey'])) {
    $akey = $_GET['akey'];
  }
  else {
    drupal_set_message(t('No activation key present.'));
    drupal_goto();
  }

  // Do the key exist?
  $result1 = db_query("SELECT nid, cid, akey, alias, verified, email FROM {anonymous_publishing} WHERE akey = :akey", array(
    ':akey' => $akey,
  ))
    ->fetchAssoc();
  $nid = $result1['nid'];
  $cid = $result1['cid'];
  $rkey = $result1['akey'];
  $wish = $result1['alias'];
  $vfied = $result1['verified'];
  $email = $result1['email'];
  $at = $akey[0];
  if ($akey != $rkey) {
    drupal_set_message(t('Invalid activation key.'), 'error');
    drupal_goto();
  }
  if ($vfied) {
    drupal_set_message(t('Stale activation key.'), 'error');
    drupal_goto();
  }
  $found = FALSE;
  $result = db_query("SELECT email, blocked FROM {anonymous_publishing_emails} WHERE email = :email", array(
    ':email' => $email,
  ));
  $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
  if (1 == $aliasopt) {
    $auid = db_next_id(db_query('SELECT MAX(auid) FROM {anonymous_publishing_emails}')
      ->fetchField());
    $alias = 'user' . $auid;
  }
  elseif (2 == $aliasopt || 3 == $aliasopt) {
    $alias = $wish;
  }
  else {
    $alias = '';
  }
  $ip = ip_address();
  if ($result) {
    $row = $result
      ->fetchAssoc();
    $found = $row['email'];
  }

  // Insert it (unless blocked).
  if ($found) {
    if ($row['blocked']) {

      // Hand-moderate if already blocked.
      $at = 'V';
    }
  }
  else {
    $now = date('Y-m-d');
    $auid = db_insert('anonymous_publishing_emails')
      ->fields(array(
      'email' => $email,
      'alias' => $alias,
      'ipaddress' => $ip,
      'firstseen' => $now,
      'lastseen' => $now,
    ))
      ->execute();
  }
  db_update('anonymous_publishing')
    ->fields(array(
    'verified' => 1,
  ))
    ->condition('akey', $akey, '=')
    ->execute();
  $fields = array();
  if (!empty($alias)) {
    $fields['alias'] = $alias;
  }
  $fields['ipaddress'] = ip_address();
  db_update('anonymous_publishing_emails')
    ->fields($fields)
    ->condition('email', $email, '=')
    ->execute();
  $vfymsg = t('Thanks for verifying your e-mail,');
  if ('V' == $at) {
    drupal_set_message($vfymsg . ' ' . t('your content will be published when it has been approved by an administrator.'));
    drupal_goto();
  }
  else {

    // Activate (unless comment moderation).
    if ($cid && user_access('skip comment approval')) {
      $comm_obj = comment_load($cid, TRUE);
      comment_publish_action($comm_obj);
      comment_save($comm_obj);
      drupal_set_message($vfymsg . ' ' . t('your comment has been published and will appear on the site soon.'));
      drupal_goto('comment/' . $cid, array(
        'fragment' => 'comment-' . $cid,
      ));
    }
    elseif ($cid) {
      drupal_set_message($vfymsg . ' ' . t('your comment will be published when it has been approved by an administrator.'));
      drupal_goto();
    }
    else {
      $node_obj = node_load($nid, NULL, TRUE);
      node_publish_action($node_obj);
      node_save($node_obj);
      drupal_set_message($vfymsg . ' ' . t('your content has been published and will appear on the site soon.'));
      if (node_access('view', $node_obj)) {
        drupal_goto('node/' . $nid . '/view');
      }
    }
  }
}

/**
 * Helper function to check whether we need to process it.
 *
 * Is this content something Amonymous Publishing should handle?
 *
 * @return bool
 *   TRUE if content should be handled, else FALSE.
 */
function _anonymous_publishing_cl_relevantp($content, $nodep) {
  if (user_is_logged_in()) {
    return FALSE;
  }
  if ($nodep) {
    $isrelevantp = isset($content->anonymous_publishing['email']);
  }
  else {
    $isrelevantp = isset($content['anonymous_publishing']['email']);
  }
  return $isrelevantp;
}

/**
 * Common validation of submission form for nodes and comments.
 *
 * Only called when content is first posted (not when it it is
 * activated via link).
 *
 * @param mixed $content
 *   The content (array or object).
 *
 * @return bool
 *   TRUE if the form validates, FALSE otherwise.
 */
function _anonymous_publishing_cl_content_validate($content) {

  // Node contents is object. Comment content is array.
  $nodep = is_object($content);
  if ($nodep) {
    $email = $content->anonymous_publishing['email'];
    $alias = !empty($content->anonymous_publishing['alias']) ? $content->anonymous_publishing['alias'] : '';
  }
  else {
    $email = $content['anonymous_publishing']['email'];
    $alias = !empty($content['anonymous_publishing']['alias']) ? $content['anonymous_publishing']['alias'] : '';
  }
  $aliasopt = variable_get('anonymous_publishing_cl_alias', 0);
  $reqchar = variable_get('anonymous_publishing_cl_requiredchar', 6);
  if (empty($alias)) {
    $alias = db_query("SELECT alias FROM {anonymous_publishing_emails} WHERE email = :email", array(
      ':email' => $email,
    ))
      ->fetchField();
  }
  if (2 == $aliasopt) {
    if ($alias && strlen($alias) < $reqchar) {
      form_set_error('anonymous_publishing][alias', t('If you enter a byline, make it at least @reqchar characters.', array(
        '@reqchar' => $reqchar,
      )));
      return FALSE;
    }
  }
  elseif (3 == $aliasopt && strlen($alias) < $reqchar) {
    form_set_error('anonymous_publishing][alias', t('Please enter a byline with at least @reqchar characters.', array(
      '@reqchar' => $reqchar,
    )));
    return FALSE;
  }
  $isrelevantp = _anonymous_publishing_cl_relevantp($content, $nodep);
  if (!$isrelevantp) {
    return TRUE;
  }

  // Extract bogus email confirm field.
  if ($nodep) {
    $ecfld = $content->email_confirm_field;
    $email = check_plain($content->anonymous_publishing['email']);
  }
  else {
    $ecfld = $content['email_confirm_field'];
    $email = check_plain($content['anonymous_publishing']['email']);
  }
  if (!empty($ecfld)) {
    drupal_set_message(t("I smell a 'bot.  Please log in to post."), 'status');
    watchdog('anonymous_publishing', 'Bot with email "@email".', array(
      '@email' => $email,
    ));
    $stats = variable_get('anonymous_publishing_cl_stats', array(
      'start' => REQUEST_TIME,
      'smart' => 0,
      'stupid' => 0,
    ));
    $stats['stupid']++;
    variable_set('anonymous_publishing_cl_stats', $stats);
    $id = db_query("SELECT id FROM {anonymous_publishing_bots} WHERE ip = :ip", array(
      ':ip' => ip_address(),
    ))
      ->fetchField();
    if ($id) {
      db_update('anonymous_publishing_bots')
        ->fields(array(
        'last' => REQUEST_TIME,
      ))
        ->expression('visits', 'visits + 1')
        ->condition('id', $id)
        ->execute();
    }
    else {
      db_insert('anonymous_publishing_bots')
        ->fields(array(
        'ip' => ip_address(),
        'visits' => 1,
        'first' => REQUEST_TIME,
        'last' => REQUEST_TIME,
      ))
        ->execute();
    }
    drupal_goto('<front>');
    return FALSE;
  }
  $cntid = $nodep ? $content->nid : $content['cid'];
  if (empty($cntid) && user_is_anonymous()) {
    if (!isset($email)) {
      form_set_error('anonymous_publishing][email', t('No e-mail-field. (This should not happen.)'));
      return FALSE;
    }
    if (user_validate_mail($email)) {
      form_set_error('anonymous_publishing][email', t('Please type in a valid e-mail address.'));
      return FALSE;
    }
    $options = variable_get('anonymous_publishing_cl_options', array());
    if (db_query("SELECT COUNT(*) FROM {users} WHERE mail = :email", array(
      ':email' => $email,
    ))
      ->fetchField()) {
      if (!$options['aregist']) {
        form_set_error('anonymous_publishing][email', t('This e-mail is already in use.  If this is you, please log in to post.'));
        return FALSE;
      }
    }
    $ip = ip_address();
    $sql1 = "SELECT auid, email, ipaddress, blocked FROM {anonymous_publishing_emails} WHERE email = :email";
    $parameters = array(
      ':email' => $email,
    );
    if ($options['blockip']) {
      $sql1 .= " OR ipaddress = :ip";
      $parameters[':ip'] = $ip;
    }
    $result = db_query($sql1, $parameters);
    $nmrows = $result
      ->rowCount();

    // Block if at least one record indicate that this should be blocked.
    $blocked = 0;
    $now = date('Y-m-d');
    if ($nmrows) {
      foreach ($result as $record) {
        $auid = $record->auid;
        $blocked += $record->blocked;
        db_update('anonymous_publishing_emails')
          ->fields(array(
          'lastseen' => $now,
        ))
          ->condition('auid', $auid)
          ->execute();
      }
    }
    else {
      $flood = variable_get('anonymous_publishing_cl_flood');
      $flooded = FALSE;
      if ($flood != -1) {
        if (flood_is_allowed('anonymous_publishing_ip', $flood, 3600)) {
          flood_register_event('anonymous_publishing_ip', 3600);
          if (flood_is_allowed('anonymous_publishing_em', $flood, 3600, $email)) {
            flood_register_event('anonymous_publishing_em', 3600, $email);
          }
          else {
            $flooded = TRUE;
          }
        }
        else {
          $flooded = TRUE;
        }
      }
      if ($flooded) {
        form_set_error('anonymous_publishing][email', t('This website only allows @flood postings of content from non-registered users within one hour.  This restriction may be lifted if you register.', array(
          '@flood' => $flood,
        )));
        return FALSE;
      }
      return FALSE;
    }
    if ($blocked) {
      form_set_error('anonymous_publishing][email', t('This e-mail/ip-address is banned from posting content on this site.  Please contact the site administrator if you believe this is an error.'));
      return FALSE;
    }
  }
  return TRUE;
}

/**
 * Callback for comment_form_validate.
 */
function anonymous_publishing_cl_comment_form_validate($form, $form_state) {
  _anonymous_publishing_cl_content_validate($form_state['values']);
}

/**
 * Implements hook_node_validate().
 *
 * The validate function will handle the honeyfield.
 */
function anonymous_publishing_cl_node_validate($node) {
  $nodep = 'object' == gettype($node);
  $isrelevantp = _anonymous_publishing_cl_relevantp($node, $nodep);
  if ($isrelevantp) {
    _anonymous_publishing_cl_content_validate($node);
  }
}

/**
 * Implements hook_comment_presave().
 */
function anonymous_publishing_cl_comment_presave($comment) {
  if (isset($comment->anonymous_publishing['email'])) {
    $mustconfirm = TRUE;
    $vrfypers = variable_get('anonymous_publishing_cl_vrfypers', 0);
    if (2 > $vrfypers) {
      $result = db_query("SELECT email, ipaddress, blocked FROM {anonymous_publishing_emails} WHERE email = :email", array(
        ':email' => $comment->anonymous_publishing['email'],
      ))
        ->fetchAssoc();
      if ($result['email']) {
        $ip = ip_address();
        if (0 == $vrfypers || 1 == $vrfypers && $ip == $result['ipaddress']) {

          // Blocked s. handled by_anonymous_publishing_cl_content_validate().
          $comment->status = COMMENT_PUBLISHED;
          drupal_set_message(t('Your email has been activated previously.'));
          $mustconfirm = FALSE;
        }
      }
    }
    if ($mustconfirm) {
      $comment->status = COMMENT_NOT_PUBLISHED;
      drupal_set_message(t('Thank you for posting here. You must also confirm that @email belongs to you.', array(
        '@email' => $comment->anonymous_publishing['email'],
      )));
    }
  }
  elseif ($comment->status) {

    // Do not insert here if it is not in {anonymous_publishing} yet.
    $result = db_query("SELECT apid, nid, cid, alias, email, ip FROM {anonymous_publishing} WHERE cid = :cid", array(
      ':cid' => $comment->cid,
    ))
      ->fetchAssoc();
    if ($result) {
      $alias = $result['alias'] ? $result['alias'] : '';
      $usealias = variable_get('anonymous_publishing_cl_alias', 0);
      if ($usealias) {
        $email = $result['email'];
        $exists = db_query("SELECT email FROM {anonymous_publishing_emails} WHERE email = :email", array(
          ':email' => $email,
        ))
          ->fetchAssoc();
        if (!$exists) {

          // Insert the email and alias.
          $now = date('Y-m-d');
          db_insert('anonymous_publishing_emails')
            ->fields(array(
            'email' => $email,
            'alias' => $alias,
            'ipaddress' => $result['ip'],
            'firstseen' => $now,
            'lastseen' => $now,
          ))
            ->execute();
        }
      }
    }
    db_update('anonymous_publishing')
      ->fields(array(
      'verified' => 1,
    ))
      ->condition('apid', $result['apid'], '=')
      ->execute();
  }
}

/**
 * Implements hook_node_presave().
 */
function anonymous_publishing_cl_node_presave($node) {
  if (!anonymous_publishing_cl_content_type_allowed($node->type)) {
    return;
  }
  if (isset($node->anonymous_publishing['email'])) {
    $vrfypers = variable_get('anonymous_publishing_cl_vrfypers', 0);
    $mustconfirm = TRUE;
    if (2 > $vrfypers) {
      $result = db_query("SELECT email, ipaddress, blocked FROM {anonymous_publishing_emails} WHERE email = :email", array(
        ':email' => $node->anonymous_publishing['email'],
      ))
        ->fetchAssoc();
      if ($result['email']) {
        $ip = ip_address();
        if (0 == $vrfypers || 1 == $vrfypers && $ip == $result['ipaddress']) {

          // Blocked s. handled by_anonymous_publishing_cl_content_validate().
          $node->status = NODE_PUBLISHED;
          drupal_set_message(t('Your email has been activated previously.'));
          $mustconfirm = FALSE;
        }
      }
    }
    if ($mustconfirm) {
      $node->status = NODE_NOT_PUBLISHED;
      drupal_set_message(t('Thank you for posting here. You must also confirm that @email belongs to you.', array(
        '@email' => $node->anonymous_publishing['email'],
      )));
    }
  }
  elseif ($node->status) {

    // IN AP queue?
    $result = db_query("SELECT apid, nid, alias, email, ip FROM {anonymous_publishing} WHERE nid = :nid", array(
      ':nid' => $node->nid,
    ))
      ->fetchAssoc();
    if (!$result) {
      return;
    }

    // Do we need to enter an alias?
    $usealias = variable_get('anonymous_publishing_cl_alias', 0);
    if ($usealias) {
      $email = $result['email'] ? $result['email'] : '';
      $alias = $result['alias'] ? $result['alias'] : '';
      $exists = db_query("SELECT email FROM {anonymous_publishing_emails} WHERE email = :email", array(
        ':email' => $email,
      ))
        ->fetchAssoc();
      if (!$exists) {

        // Insert the email and alias.
        $now = date('Y-m-d');
        db_insert('anonymous_publishing_emails')
          ->fields(array(
          'email' => $email,
          'alias' => $alias,
          'ipaddress' => $result['ip'],
          'firstseen' => $now,
          'lastseen' => $now,
        ))
          ->execute();
      }
    }
    db_update('anonymous_publishing')
      ->fields(array(
      'verified' => 1,
    ))
      ->condition('apid', $result['apid'], '=')
      ->execute();
  }
}

/**
 * Implements hook_entity_delete().
 */
function anonymous_publishing_cl_entity_delete($entity, $type) {
  $apid = NULL;
  if ('node' == $type) {
    $apid = db_query("SELECT apid FROM {anonymous_publishing} WHERE :nid = nid", array(
      ':nid' => $entity->nid,
    ))
      ->fetchField();
  }
  elseif ('comment' == $type) {
    $apid = db_query("SELECT apid FROM {anonymous_publishing} WHERE :cid = cid", array(
      ':cid' => $entity->cid,
    ))
      ->fetchField();
  }
  if (!empty($apid)) {
    db_delete('anonymous_publishing')
      ->condition('apid', $apid)
      ->execute();
  }
}

Functions

Namesort descending Description
anonymous_publishing_cl_activate Activate a node or comment published anonymously.
anonymous_publishing_cl_comment_form_submit Implements a custom submit form for comments.
anonymous_publishing_cl_comment_form_validate Callback for comment_form_validate.
anonymous_publishing_cl_comment_presave Implements hook_comment_presave().
anonymous_publishing_cl_content_type_allowed Check if the content type can be published anonymously.
anonymous_publishing_cl_entity_delete Implements hook_entity_delete().
anonymous_publishing_cl_form_comment_form_alter Implements hook_form_BASE_FORM_ID_alter().
anonymous_publishing_cl_form_node_form_alter Implements hook_form_BASE_FORM_ID_alter().
anonymous_publishing_cl_node_form_submit Implements a custom submit form for nodes.
anonymous_publishing_cl_node_presave Implements hook_node_presave().
anonymous_publishing_cl_node_validate Implements hook_node_validate().
anonymous_publishing_cl_username_alter Implements hook_username_alter().
anonymous_publishing_cl_verify Page callback: Activate a node or comment published anonymously.
_anonymous_publishing_cl_alter_comment_or_node_form Helper function to make form alterations to input form.
_anonymous_publishing_cl_content_validate Common validation of submission form for nodes and comments.
_anonymous_publishing_cl_honeyfield_post_render Class wrapper for honeyfield.
_anonymous_publishing_cl_my_comment_insert Helper function to handle anonymous comment submits.
_anonymous_publishing_cl_relevantp Helper function to check whether we need to process it.