Ejemplo n.º 1
0
 /**
  * Ajax request to comment submission
  * @param sfWebRequest $request
  */
 public function executeAjaxCommentSubmission(sfWebRequest $request)
 {
     if ($request->isMethod(sfRequest::POST)) {
         if (!$request->hasParameter("my_comment") || trim($request->getParameter("my_comment")) == "") {
             echo "Comment cannot be empty.";
         } elseif (!$request->hasParameter("term")) {
             echo "Must choose a term.";
         } elseif (!$request->hasParameter("year")) {
             echo "Must choose a year.";
         } elseif (!$request->hasParameter("security") || trim($request->getParameter("security")) == "") {
             echo "Must type in the security string.";
         } else {
             // first, check for security string
             $code = $_SESSION['securityImage'];
             if (trim($request->getParameter("security")) != $code) {
                 echo "Security string does not match.";
                 return sfView::NONE;
             }
             // second, get the course object
             $id = $request->getParameter("id");
             $conn = Propel::getConnection();
             $courseObj = CoursePeer::retrieveByPK($id, $conn);
             if (!is_object($courseObj)) {
                 echo "Error with comment submission. Please try again later.";
                 return sfView::NONE;
             }
             // third, check for spam
             $c = new Criteria();
             $year = $request->getParameter("year");
             $term = $request->getParameter("term");
             $crit = $c->getNewCriterion(CourseCommentPeer::APPLIES_TO, $year . $term);
             $c->addAnd($crit);
             $_list = $courseObj->getCourseComments($c, $conn, true);
             $ip = $_SERVER['REMOTE_ADDR'];
             //FIXME i have disabled spam checking because computers in the computer lab might all have the same ip
             /*$isSpam = false;
               foreach ($_list as $commentObj){
                 if ($commentObj->getIp() == $ip){
                   $isSpam = true;
                   break;
                 }
               }
               if ($isSpam){
                 echo "You cannot comment on the same semester twice!";
                 return sfView::NONE;
               }*/
             // now we can save
             try {
                 $_comment = trim($request->getParameter("my_comment"));
                 $date = date(skuleadminConst::TIMESTAMP_FORMAT);
                 $newComment = new CourseComment();
                 $newComment->setComment($_comment);
                 $newComment->setAppliesTo($year . $term);
                 $newComment->setApproved(0);
                 $newComment->setCourse($courseObj);
                 $newComment->setIp($ip);
                 $newComment->setInputDt($date);
                 $newComment->save($conn);
                 // send notification
                 $msg = "A new comment on [course=" . $courseObj->getId() . "; term=" . $year . $term . "] has been submitted by " . $ip . " on " . $date . ".\n\n";
                 $msg .= "Below is the main body of the comment:\n\n" . $_comment;
                 $msg .= "\n\nPlease access the siteadmin module: http://courses.skule.ca/siteadmin to approve the submission.";
                 helperFunctions::sendEmailNotice("Comment Submission", $msg);
                 echo "Submission successful. Pending moderator review.\n          <script type='text/javascript'>eval(\"document.getElementById('commentInputBtns').style.display='none'; document.getElementById('commentSuccessBtns').style.display='block';\")</script>";
                 return sfView::NONE;
             } catch (Exception $e) {
                 echo "Error with comment submission. Please try again later.";
                 helperFunctions::sendEmailNotice("Comment Submission Error", $e->getMessage());
                 return sfView::NONE;
             }
         }
     }
     return sfView::NONE;
 }