Context Navigation

source: temp/test-xoops.ec-cube.net/html/include/comment_post.php @ 405

Visit:

Revision 405, 19.6 KB checked in by root, 20 years ago (diff)

Line
1	<?php
2	// $Id: comment_post.php,v 1.5 2005/08/03 12:39:11 onokazu Exp $
3	// ------------------------------------------------------------------------ //
4	// XOOPS - PHP Content Management System //
5	// Copyright (c) 2000 XOOPS.org //
6	// <http://www.xoops.org/> //
7	// ------------------------------------------------------------------------ //
8	// This program is free software; you can redistribute it and/or modify //
9	// it under the terms of the GNU General Public License as published by //
10	// the Free Software Foundation; either version 2 of the License, or //
11	// (at your option) any later version. //
12	// //
13	// You may not change or alter any portion of this comment or credits //
14	// of supporting developers from this source code or any supporting //
15	// source code which is considered copyrighted (c) material of the //
16	// original comment or credit authors. //
17	// //
18	// This program is distributed in the hope that it will be useful, //
19	// but WITHOUT ANY WARRANTY; without even the implied warranty of //
20	// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
21	// GNU General Public License for more details. //
22	// //
23	// You should have received a copy of the GNU General Public License //
24	// along with this program; if not, write to the Free Software //
25	// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
26	// ------------------------------------------------------------------------ //
27	// Author: Kazumi Ono (AKA onokazu) //
28	// URL: http://www.xoops.org/ http://jp.xoops.org/ http://www.myweb.ne.jp/ //
29	// Project: The XOOPS Project (http://www.xoops.org/) //
30	// ------------------------------------------------------------------------- //
31
32	if (!defined('XOOPS_ROOT_PATH') \|\| !is_object($xoopsModule)) {
33	exit();
34	}
35	include_once XOOPS_ROOT_PATH.'/language/'.$xoopsConfig['language'].'/comment.php';
36	include_once XOOPS_ROOT_PATH.'/include/comment_constants.php';
37	$com_id = isset($_POST['com_id']) ? intval($_POST['com_id']) : 0;
38	$extra_params = '';
39	if ('system' == $xoopsModule->getVar('dirname')) {
40	if (empty($com_id)) {
41	exit();
42	}
43	$comment_handler =& xoops_gethandler('comment');
44	$comment =& $comment_handler->get($com_id);
45	$module_handler =& xoops_gethandler('module');
46	$module =& $module_handler->get($comment->getVar('com_modid'));
47	$comment_config = $module->getInfo('comments');
48	$com_modid = $module->getVar('mid');
49	$redirect_page = XOOPS_URL.'/modules/system/admin.php?fct=comments&com_modid='.$com_modid.'&com_itemid';
50	$moddir = $module->getVar('dirname');
51	unset($comment);
52	} else {
53	if (XOOPS_COMMENT_APPROVENONE == $xoopsModuleConfig['com_rule']) {
54	exit();
55	}
56	$comment_config = $xoopsModule->getInfo('comments');
57	$com_modid = $xoopsModule->getVar('mid');
58	$redirect_page = $comment_config['pageName'].'?';
59	if (isset($comment_config['extraParams']) && is_array($comment_config['extraParams'])) {
60	$myts =& MyTextSanitizer::getInstance();
61	foreach ($comment_config['extraParams'] as $extra_param) {
62	$extra_params .= isset($_POST[$extra_param]) ? $extra_param.'='.$myts->stripSlashesGPC($_POST[$extra_param]).'&' : $extra_param.'=&';
63	}
64	$redirect_page .= $extra_params;
65	}
66	$redirect_page .= $comment_config['itemName'];
67	$comment_url = $redirect_page;
68	$moddir = $xoopsModule->getVar('dirname');
69	}
70	$op = '';
71	if (!empty($_POST)) {
72
73	if (isset($_POST['com_dopost'])) {
74	$op = 'post';
75	} elseif (isset($_POST['com_dopreview'])) {
76	$op = 'preview';
77	}
78	if (isset($_POST['com_dodelete'])) {
79	$op = 'delete';
80	}
81
82	// if ($op == 'preview' \|\| $op == 'post') {
83	// if (!xoops_token_validate()) {
84	// $op = '';
85	// }
86	// }
87
88	$com_mode = isset($_POST['com_mode']) ? htmlspecialchars(trim($_POST['com_mode']), ENT_QUOTES) : 'flat';
89	$com_order = isset($_POST['com_order']) ? intval($_POST['com_order']) : XOOPS_COMMENT_OLD1ST;
90	$com_itemid = isset($_POST['com_itemid']) ? intval($_POST['com_itemid']) : 0;
91	$com_pid = isset($_POST['com_pid']) ? intval($_POST['com_pid']) : 0;
92	$com_rootid = isset($_POST['com_rootid']) ? intval($_POST['com_rootid']) : 0;
93	$com_status = isset($_POST['com_status']) ? intval($_POST['com_status']) : 0;
94	$dosmiley = (isset($_POST['dosmiley']) && intval($_POST['dosmiley']) > 0) ? 1 : 0;
95	$doxcode = (isset($_POST['doxcode']) && intval($_POST['doxcode']) > 0) ? 1 : 0;
96	$dobr = (isset($_POST['dobr']) && intval($_POST['dobr']) > 0) ? 1 : 0;
97	$dohtml = (isset($_POST['dohtml']) && intval($_POST['dohtml']) > 0) ? 1 : 0;
98	$doimage = (isset($_POST['doimage']) && intval($_POST['doimage']) > 0) ? 1 : 0;
99	$com_icon = isset($_POST['com_icon']) ? trim($_POST['com_icon']) : '';
100	$noname = isset($_POST['noname']) ? intval($_POST['noname']) : 0;
101	} else {
102	exit();
103	}
104
105	switch ( $op ) {
106
107	case "delete":
108	include XOOPS_ROOT_PATH.'/include/comment_delete.php';
109	break;
110	case "preview":
111	$myts =& MyTextSanitizer::getInstance();
112	$doimage = 1;
113	$com_title = $myts->htmlSpecialChars($myts->stripSlashesGPC($_POST['com_title']));
114	if ($dohtml != 0) {
115	if (is_object($xoopsUser)) {
116	if (!$xoopsUser->isAdmin($com_modid)) {
117	$sysperm_handler =& xoops_gethandler('groupperm');
118	if (!$sysperm_handler->checkRight('system_admin', XOOPS_SYSTEM_COMMENT, $xoopsUser->getGroups())) {
119	$dohtml = 0;
120	}
121	}
122	} else {
123	$dohtml = 0;
124	}
125	}
126	$p_comment =& $myts->previewTarea($_POST['com_text'], $dohtml, $dosmiley, $doxcode, $doimage, $dobr);
127	$com_text = $myts->htmlSpecialChars($myts->stripSlashesGPC($_POST['com_text']));
128	//Added By viva(2006/06/08) --->
129	$com_poster_name = $myts->htmlSpecialChars($myts->stripSlashesGPC($_POST['com_poster_name']));
130	//Added By viva(2006/06/08) <---
131	if ($xoopsModule->getVar('dirname') != 'system') {
132	include XOOPS_ROOT_PATH.'/header.php';
133	themecenterposts($com_title, $p_comment);
134	include XOOPS_ROOT_PATH.'/include/comment_form.php';
135	include XOOPS_ROOT_PATH.'/footer.php';
136	} else {
137	xoops_cp_header();
138	themecenterposts($com_title, $p_comment);
139	include XOOPS_ROOT_PATH.'/include/comment_form.php';
140	xoops_cp_footer();
141	}
142	break;
143	case "post":
144	$doimage = 1;
145	$comment_handler =& xoops_gethandler('comment');
146	$add_userpost = false;
147	$call_approvefunc = false;
148	$call_updatefunc = false;
149	// RMV-NOTIFY - this can be set to 'comment' or 'comment_submit'
150	$notify_event = false;
151	if (!empty($com_id)) {
152	$comment =& $comment_handler->get($com_id);
153	$accesserror = false;
154
155	if (is_object($xoopsUser)) {
156	$sysperm_handler =& xoops_gethandler('groupperm');
157	if ($xoopsUser->isAdmin($com_modid) \|\| $sysperm_handler->checkRight('system_admin', XOOPS_SYSTEM_COMMENT, $xoopsUser->getGroups())) {
158	if (!empty($com_status) && $com_status != XOOPS_COMMENT_PENDING) {
159	$old_com_status = $comment->getVar('com_status');
160	$comment->setVar('com_status', $com_status);
161	// if changing status from pending state, increment user post
162	if (XOOPS_COMMENT_PENDING == $old_com_status) {
163	$add_userpost = true;
164	if (XOOPS_COMMENT_ACTIVE == $com_status) {
165	$call_updatefunc = true;
166	$call_approvefunc = true;
167	// RMV-NOTIFY
168	$notify_event = 'comment';
169	}
170	} elseif (XOOPS_COMMENT_HIDDEN == $old_com_status && XOOPS_COMMENT_ACTIVE == $com_status) {
171	$call_updatefunc = true;
172	// Comments can not be directly posted hidden,
173	// no need to send notification here
174	} elseif (XOOPS_COMMENT_ACTIVE == $old_com_status && XOOPS_COMMENT_HIDDEN == $com_status) {
175	$call_updatefunc = true;
176	}
177	}
178	} else {
179	$dohtml = 0;
180	if ($comment->getVar('com_uid') != $xoopsUser->getVar('uid')) {
181	$accesserror = true;
182	}
183	}
184	} else {
185	$dohtml = 0;
186	$accesserror = true;
187	}
188	if (false != $accesserror) {
189	redirect_header($redirect_page.'='.$com_itemid.'&com_id='.$com_id.'&com_mode='.$com_mode.'&com_order='.$com_order, 1, _NOPERM);
190	exit();
191	}
192	} else {
193	$comment = $comment_handler->create();
194	$comment->setVar('com_created', time());
195	$comment->setVar('com_pid', $com_pid);
196	$comment->setVar('com_itemid', $com_itemid);
197	$comment->setVar('com_rootid', $com_rootid);
198	$comment->setVar('com_ip', xoops_getenv('REMOTE_ADDR'));
199	if (is_object($xoopsUser)) {
200	$sysperm_handler =& xoops_gethandler('groupperm');
201	if ($xoopsUser->isAdmin($com_modid) \|\| $sysperm_handler->checkRight('system_admin', XOOPS_SYSTEM_COMMENT, $xoopsUser->getGroups())) {
202	$comment->setVar('com_status', XOOPS_COMMENT_ACTIVE);
203	$add_userpost = true;
204	$call_approvefunc = true;
205	$call_updatefunc = true;
206	// RMV-NOTIFY
207	$notify_event = 'comment';
208	} else {
209	$dohtml = 0;
210	switch ($xoopsModuleConfig['com_rule']) {
211	case XOOPS_COMMENT_APPROVEALL:
212	case XOOPS_COMMENT_APPROVEUSER:
213	$comment->setVar('com_status', XOOPS_COMMENT_ACTIVE);
214	$add_userpost = true;
215	$call_approvefunc = true;
216	$call_updatefunc = true;
217	// RMV-NOTIFY
218	$notify_event = 'comment';
219	break;
220	case XOOPS_COMMENT_APPROVEADMIN:
221	default:
222	$comment->setVar('com_status', XOOPS_COMMENT_PENDING);
223	$notify_event = 'comment_submit';
224	break;
225	}
226	}
227	if (!empty($xoopsModuleConfig['com_anonpost']) && !empty($noname)) {
228	$uid = 0;
229	} else {
230	$uid = $xoopsUser->getVar('uid');
231	}
232	} else {
233	$dohtml = 0;
234	$uid = 0;
235	if ($xoopsModuleConfig['com_anonpost'] != 1) {
236	redirect_header($redirect_page.'='.$com_itemid.'&com_id='.$com_id.'&com_mode='.$com_mode.'&com_order='.$com_order, 1, _NOPERM);
237	exit();
238	}
239	}
240	if ($uid == 0) {
241	switch ($xoopsModuleConfig['com_rule']) {
242	case XOOPS_COMMENT_APPROVEALL:
243	$comment->setVar('com_status', XOOPS_COMMENT_ACTIVE);
244	$add_userpost = true;
245	$call_approvefunc = true;
246	$call_updatefunc = true;
247	// RMV-NOTIFY
248	$notify_event = 'comment';
249	break;
250	case XOOPS_COMMENT_APPROVEADMIN:
251	case XOOPS_COMMENT_APPROVEUSER:
252	default:
253	$comment->setVar('com_status', XOOPS_COMMENT_PENDING);
254	// RMV-NOTIFY
255	$notify_event = 'comment_submit';
256	break;
257	}
258	}
259	$comment->setVar('com_uid', $uid);
260	}
261	$com_title = xoops_trim($_POST['com_title']);
262	$com_title = ($com_title == '') ? _NOTITLE : $com_title;
263
264
265	//Added By viva(2005/12/13) --->
266	$com_poster_name = "";
267	if( !empty($_POST['com_poster_name']) ) {
268	$com_poster_name = xoops_trim($_POST['com_poster_name']);
269	}
270	if(empty($com_poster_name)) {
271	global $xoopsUser;
272	if( !empty($xoopsUser) ) {
273	$com_poster_name = $xoopsUser->getVar('uname', 'E');
274	} else {
275	$com_poster_name = $GLOBALS['xoopsConfig']['anonymous'];
276	}
277	}
278	$comment->setVar('com_poster_name', $com_poster_name);
279	//Added By viva(2005/12/13) <---
280
281
282	$comment->setVar('com_title', $com_title);
283	$comment->setVar('com_text', $_POST['com_text']);
284	$comment->setVar('dohtml', $dohtml);
285	$comment->setVar('dosmiley', $dosmiley);
286	$comment->setVar('doxcode', $doxcode);
287	$comment->setVar('doimage', $doimage);
288	$comment->setVar('dobr', $dobr);
289	$comment->setVar('com_icon', $com_icon);
290	$comment->setVar('com_modified', time());
291	$comment->setVar('com_modid', $com_modid);
292	if (!empty($extra_params)) {
293	$comment->setVar('com_exparams', str_replace('&', '&', $extra_params));
294	}
295	if (false != $comment_handler->insert($comment)) {
296	$newcid = $comment->getVar('com_id');
297
298	// set own id as root id if this is a top comment
299	if ($com_rootid == 0) {
300	$com_rootid = $newcid;
301	if (!$comment_handler->updateByField($comment, 'com_rootid', $com_rootid)) {
302	$comment_handler->delete($comment);
303	include XOOPS_ROOT_PATH.'/header.php';
304	xoops_error();
305	include XOOPS_ROOT_PATH.'/footer.php';
306	}
307	}
308
309	// call custom approve function if any
310	if (false != $call_approvefunc && isset($comment_config['callback']['approve']) && trim($comment_config['callback']['approve']) != '') {
311	$skip = false;
312	if (!function_exists($comment_config['callback']['approve'])) {
313	if (isset($comment_config['callbackFile'])) {
314	$callbackfile = trim($comment_config['callbackFile']);
315	if ($callbackfile != '' && file_exists(XOOPS_ROOT_PATH.'/modules/'.$moddir.'/'.$callbackfile)) {
316	include_once XOOPS_ROOT_PATH.'/modules/'.$moddir.'/'.$callbackfile;
317	}
318	if (!function_exists($comment_config['callback']['approve'])) {
319	$skip = true;
320	}
321	} else {
322	$skip = true;
323	}
324	}
325	if (!$skip) {
326	$comment_config['callback']['approve']($comment);
327	}
328	}
329
330	// call custom update function if any
331	if (false != $call_updatefunc && isset($comment_config['callback']['update']) && trim($comment_config['callback']['update']) != '') {
332	$skip = false;
333	if (!function_exists($comment_config['callback']['update'])) {
334	if (isset($comment_config['callbackFile'])) {
335	$callbackfile = trim($comment_config['callbackFile']);
336	if ($callbackfile != '' && file_exists(XOOPS_ROOT_PATH.'/modules/'.$moddir.'/'.$callbackfile)) {
337	include_once XOOPS_ROOT_PATH.'/modules/'.$moddir.'/'.$callbackfile;
338	}
339	if (!function_exists($comment_config['callback']['update'])) {
340	$skip = true;
341	}
342	} else {
343	$skip = true;
344	}
345	}
346	if (!$skip) {
347	$criteria = new CriteriaCompo(new Criteria('com_modid', $com_modid));
348	$criteria->add(new Criteria('com_itemid', $com_itemid));
349	$criteria->add(new Criteria('com_status', XOOPS_COMMENT_ACTIVE));
350	$comment_count = $comment_handler->getCount($criteria);
351	$func = $comment_config['callback']['update'];
352	call_user_func_array($func, array($com_itemid, $comment_count, $comment->getVar('com_id')));
353	}
354	}
355
356	// increment user post if needed
357	$uid = $comment->getVar('com_uid');
358	if ($uid > 0 && false != $add_userpost) {
359	$member_handler =& xoops_gethandler('member');
360	$poster =& $member_handler->getUser($uid);
361	if (is_object($poster)) {
362	$member_handler->updateUserByField($poster, 'posts', $poster->getVar('posts') + 1);
363	}
364	}
365
366	// RMV-NOTIFY
367	// trigger notification event if necessary
368	if ($notify_event) {
369	$not_modid = $com_modid;
370	include_once XOOPS_ROOT_PATH . '/include/notification_functions.php';
371	$not_catinfo =& notificationCommentCategoryInfo($not_modid);
372	$not_category = $not_catinfo['name'];
373	$not_itemid = $com_itemid;
374	$not_event = $notify_event;
375	// Build an ABSOLUTE URL to view the comment. Make sure we
376	// point to a viewable page (i.e. not the system administration
377	// module).
378	$comment_tags = array();
379	if ('system' == $xoopsModule->getVar('dirname')) {
380	$module_handler =& xoops_gethandler('module');
381	$not_module =& $module_handler->get($not_modid);
382	} else {
383	$not_module =& $xoopsModule;
384	}
385	if (!isset($comment_url)) {
386	$com_config =& $not_module->getInfo('comments');
387	$comment_url = $com_config['pageName'] . '?';
388	if (isset($com_config['extraParams']) && is_array($com_config['extraParams'])) {
389	$extra_params = '';
390	foreach ($com_config['extraParams'] as $extra_param) {
391	$extra_params .= isset($_POST[$extra_param]) ? $extra_param.'='.$_POST[$extra_param].'&' : $extra_param.'=&';
392	//$extra_params .= isset($_GET[$extra_param]) ? $extra_param.'='.$_GET[$extra_param].'&' : $extra_param.'=&';
393	}
394	$comment_url .= $extra_params;
395	}
396	$comment_url .= $com_config['itemName'];
397	}
398	$comment_tags['X_COMMENT_URL'] = XOOPS_URL . '/modules/' . $not_module->getVar('dirname') . '/' .$comment_url . '=' . $com_itemid.'&com_id='.$newcid.'&com_rootid='.$com_rootid.'&com_mode='.$com_mode.'&com_order='.$com_order.'#comment'.$newcid;
399	$notification_handler =& xoops_gethandler('notification');
400	$notification_handler->triggerEvent ($not_category, $not_itemid, $not_event, $comment_tags, false, $not_modid);
401	}
402
403	if (!isset($comment_post_results)) {
404
405	// if the comment is active, redirect to posted comment
406	if ($comment->getVar('com_status') == XOOPS_COMMENT_ACTIVE) {
407	redirect_header($redirect_page.'='.$com_itemid.'&com_id='.$newcid.'&com_rootid='.$com_rootid.'&com_mode='.$com_mode.'&com_order='.$com_order.'#comment'.$newcid, 2, _CM_THANKSPOST);
408	} else {
409	// not active, so redirect to top comment page
410	redirect_header($redirect_page.'='.$com_itemid.'&com_mode='.$com_mode.'&com_order='.$com_order.'#comment'.$newcid, 2, _CM_THANKSPOST);
411	}
412	}
413	} else {
414	if (!isset($purge_comment_post_results)) {
415	include XOOPS_ROOT_PATH.'/header.php';
416	xoops_error($comment->getHtmlErrors());
417	include XOOPS_ROOT_PATH.'/footer.php';
418	} else {
419	$comment_post_results = $comment->getErrors();
420	}
421	}
422	break;
423	default:
424	redirect_header(XOOPS_URL.'/',3);
425	break;
426	}
427	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: