<?php

// Homepage URL.
define('HOMEPAGE', 'https://blog.salty-salty-studios.com');
// Jekyll site directory.
define('SOURCE_DIR', '/serve/www-data/blog.salty-salty-studios.com');
// Jekyll build directory.
define('BUILD_DIR', '/serve/www/blog.salty-salty-studios.com');

// Akismet API key.
define('AKISMET_API_KEY', '');
// Start a jekyll --build session after comment placement?
define('REBUILD_SITE', true);

////////////////////////////////////////

define('DS', DIRECTORY_SEPARATOR);
define('AKISMET_URL', 'https://%s.rest.akismet.com/1.1/comment-check');

if (!isset($_POST['id']) || !isset($_POST['author']) || !isset($_POST['email']) || !isset($_POST['comment'])) { die('Not a comment.'); }

$author = $_POST['author'];
$email = $_POST['email'];
$post = $_POST['comment'];
$ip = $_SERVER['REMOTE_ADDR'];
$userAgent = $_SERVER['HTTP_USER_AGENT'];
$referrer = $_SERVER['HTTP_REFERER'];
$id = ltrim($_POST['id'], '/');

////////////////////////////////////////

if (REBUILD_SITE) {
    // Make sure Jekyll rebuilds go through.
    ignore_user_abort(true);
}

function akismet_is_spam($author, $post, $ip, $userAgent, $referrer, $permalink)
{
    $data = http_build_query(array(
        'blog' => HOMEPAGE,
        'user_ip' => $ip,
        'user_agent' => $userAgent,
        'referrer' => $referrer,
        'comment_type' => 'comment',
        'comment_author' => $author,
        'comment_content' => $post
    ));

    $handle = curl_init();
    curl_setopt($handle, CURLOPT_URL, sprintf(AKISMET_URL, AKISMET_API_KEY));
    curl_setopt($handle, CURLOPT_USERAGENT, 'jekyll/1.2.1 | Askimet/1.1');
    curl_setopt($handle, CURLOPT_POST, 1);
    curl_setopt($handle, CURLOPT_POSTFIELDS, $data);
    curl_setopt($handle, CURLOPT_FOLLOWLOCATION, 1);
    curl_setopt($handle, CURLOPT_RETURNTRANSFER, 1);
    $response = @curl_exec($handle);

    if (!$response) {
        return true;
    }
    return $response == 'true';
}

////////////////////////////////////////

// Check post ID validity.
$filename = realpath(BUILD_DIR . DS . $id);
if (strpos($filename, realpath(BUILD_DIR)) !== 0 || !file_exists($filename)) {
    $filename = realpath(BUILD_DIR . DS . rtrim($id, '/') . DS . 'index.html');
    if (strpos($filename, realpath(BUILD_DIR)) !== 0 || !file_exists($filename)) {
        die('Invalid post.');
    }
}

// Check Akismet for spam.
$url = sprintf('%s/%s', HOMEPAGE, $id);
if (akismet_is_spam($author, $post, $ip, $userAgent, $referrer, $url)) {
    $target = '_comments_spam';
} else {
    $target = '_comments';
}

// Check if target directory exists.
$targetDirectory = SOURCE_DIR . DS . $target . DS . str_replace(array('/', '\\'), '-', $id);
if (!is_dir($targetDirectory)) {
    if (!mkdir($targetDirectory)) { die('Could not make post target directory.'); }
}

// Write post file.
$targetFile = $targetDirectory . DS . ((string) time()) . '.markdown';
$yaml = yaml_emit(array(
                      'author' => $author,
                      'email' => $email,
                      'content' => $post,
                      'ip' => $ip,
                      'time' => date('c', time()),
                      'post_id' => '/' . $id
                  ),
                  YAML_UTF8_ENCODING, YAML_LN_BREAK);
if (!$yaml) {
    die('Could not generate comment.');
}
if (!file_put_contents($targetFile, $yaml)) {
    die('Could not write comment.');
}

// Rebuild site if necessary.
if (REBUILD_SITE) {
    $r = shell_exec('LOCALE=en_GB.UTF-8 LANG=en_GB.UTF-8 LANGUAGE=en_GB.UTF-8 LC_ALL=en_GB.UTF-8 jekyll build -s ' . escapeshellarg(SOURCE_DIR));
    if (stristr($r, 'error')) { die('Could not rebuild site.'); }
}

// Redirect to post.
header('HTTP/1.1 303 See Other');
header('Location: ' . $url);