/**
* testProcessDisapprove
*
* @return void
*/
public function testProcessDisapprove()
{
$data['Comment'] = array('1' => 1, '2' => 0);
$this->Comment->process('disapprove', $data);
$comment = $this->Comment->findById(1);
$this->assertEqual($comment['Comment']['approved'], 0);
}
public function actionDeleteComment()
{
if (empty($_POST['id']) || !App::isAdmin()) {
return $this->redirect('/article');
}
$currentArticleUrl = Article::findById(Comment::findById($_POST['id'])->article_id)->url;
Comment::deleteComment($_POST['id']);
$this->redirect('/article/show/' . $currentArticleUrl);
}
function edit($id = null)
{
if (is_null($id)) {
redirect(get_url('plugin/comment'));
}
if (!($comment = Comment::findById($id))) {
Flash::set('error', __('comment not found!'));
redirect(get_url('plugin/comment'));
}
// check if trying to save
if (get_request_method() == 'POST') {
return $this->_edit($id);
}
// display things...
$this->display('comment/views/edit', array('action' => 'edit', 'comment' => $comment));
}
function unapprove($id)
{
// find the user to unapprove
if ($comment = Comment::findById($id)) {
$comment->is_approved = 0;
if ($comment->save()) {
Flash::set('success', __('Comment has been unapproved!'));
Observer::notify('comment_after_unapprove', $comment);
}
} else {
Flash::set('error', __('Comment not found!'));
}
redirect(get_url('plugin/comment'));
}
public static function deleteComment($id)
{
$comment = Comment::findById($id);
$comment->delete();
}
public function destroy($id)
{
$this->commentRepository->findById($id)->delete();
return Redirect::action('AdminCommentsController@index');
}
/**
* Executed through the Observer system each time a page is found.
*
* @global <type> $__CMS_CONN__
* @param Page $page The object instance for the page that was found.
* @return <type> Nothing.
*/
function comment_save(&$page)
{
// Check if we need to save a comment
if (!isset($_POST['comment'])) {
return;
}
$data = $_POST['comment'];
if (is_null($data)) {
return;
}
$captcha = Plugin::getSetting('use_captcha', 'comment');
if ($captcha && $captcha == '1') {
if (isset($data['secure'])) {
if ($data['secure'] == "" or empty($data['secure']) or $data['secure'] != $_SESSION['security_number']) {
return;
}
} else {
return;
}
}
if ($page->comment_status != Comment::OPEN) {
return;
}
if (!isset($data['author_name']) or trim($data['author_name']) == '') {
return;
}
if (!isset($data['author_email']) or trim($data['author_email']) == '') {
return;
}
if (!preg_match('/[^\\x00-\\x20()<>@,;:\\".[\\]\\x7f-\\xff]+(?:\\.[^\\x00-\\x20()<>@,;:\\".[\\]\\x7f-\\xff]+)*\\@[^\\x00-\\x20()<>@,;:\\".[\\]\\x7f-\\xff]+(?:\\.[^\\x00-\\x20()<>@,;:\\".[\\]\\x7f-\\xff]+)+/i', $data['author_email'])) {
return;
}
if (!isset($data['body']) or trim($data['body']) == '') {
return;
}
use_helper('Kses');
$allowed_tags = array('a' => array('href' => array(), 'title' => array()), 'abbr' => array('title' => array()), 'acronym' => array('title' => array()), 'b' => array(), 'blockquote' => array('cite' => array()), 'br' => array(), 'code' => array(), 'em' => array(), 'i' => array(), 'p' => array(), 'strike' => array(), 'strong' => array());
$auto_approve_comment = Plugin::getSetting('auto_approve_comment', 'comment');
// Check for and correct problems with website link
if (isset($data['author_link']) && $data['author_link'] !== '') {
if (strpos($data['author_link'], 'http://') !== 0 && strpos($data['author_link'], 'https://') !== 0) {
$data['author_link'] = 'http://' . $data['author_link'];
}
}
global $__CMS_CONN__;
$sql = 'INSERT INTO ' . TABLE_PREFIX . 'comment (page_id, author_name, author_email, author_link, ip, body, is_approved, created_on) VALUES (' . '\'' . $page->id . '\', ' . $__CMS_CONN__->quote(strip_tags($data['author_name'])) . ', ' . $__CMS_CONN__->quote(strip_tags($data['author_email'])) . ', ' . $__CMS_CONN__->quote(strip_tags($data['author_link'])) . ', ' . $__CMS_CONN__->quote($data['author_ip']) . ', ' . $__CMS_CONN__->quote(kses($data['body'], $allowed_tags)) . ', ' . $__CMS_CONN__->quote($auto_approve_comment) . ', ' . $__CMS_CONN__->quote(date('Y-m-d H:i:s')) . ')';
$__CMS_CONN__->exec($sql);
// @todo FIXME - If code above used Comment object for saving data there would be
// no need to reload it from database. Using lastInsertId() is unrealiable anyway.
$comment_id = Record::lastInsertId();
$comment = Comment::findById($comment_id);
Observer::notify('comment_after_add', $comment);
if (Plugin::isEnabled('statistics_api')) {
$event = array('event_type' => 'comment_added', 'description' => __('A comment was added.'), 'ipaddress' => $comment->ip, 'username' => $comment->author_name);
Observer::notify('stats_comment_after_add', $event);
}
}
