This is a hard delete that completely removes it from the database.
Events: DeleteComment, BeforeDeleteComment.
/**
* Allows user to delete a comment.
*
* If the comment is the only one in the discussion, the discussion will
* be deleted as well. Users without administrative delete abilities
* should not be able to delete a comment unless it is a draft. This is
* a "hard" delete - it is removed from the database.
*
* @since 2.0.0
* @access public
*
* @param int $CommentID Unique comment ID.
* @param string $TransientKey Single-use hash to prove intent.
*/
public function deleteComment($CommentID = '', $TransientKey = '')
{
$Session = Gdn::session();
$DefaultTarget = '/discussions/';
$ValidCommentID = is_numeric($CommentID) && $CommentID > 0;
$ValidUser = $Session->UserID > 0 && $Session->validateTransientKey($TransientKey);
if ($ValidCommentID && $ValidUser) {
// Get comment and discussion data
$Comment = $this->CommentModel->getID($CommentID);
$DiscussionID = val('DiscussionID', $Comment);
$Discussion = $this->DiscussionModel->getID($DiscussionID);
if ($Comment && $Discussion) {
$DefaultTarget = discussionUrl($Discussion);
// Make sure comment is this user's or they have Delete permission
if ($Comment->InsertUserID != $Session->UserID || !c('Vanilla.Comments.AllowSelfDelete')) {
$this->permission('Vanilla.Comments.Delete', true, 'Category', $Discussion->PermissionCategoryID);
}
// Make sure that content can (still) be edited
$EditContentTimeout = c('Garden.EditContentTimeout', -1);
$CanEdit = $EditContentTimeout == -1 || strtotime($Comment->DateInserted) + $EditContentTimeout > time();
if (!$CanEdit) {
$this->permission('Vanilla.Comments.Delete', true, 'Category', $Discussion->PermissionCategoryID);
}
// Delete the comment
if (!$this->CommentModel->deleteID($CommentID)) {
$this->Form->addError('Failed to delete comment');
}
} else {
$this->Form->addError('Invalid comment');
}
} else {
$this->Form->addError('ErrPermission');
}
// Redirect
if ($this->_DeliveryType == DELIVERY_TYPE_ALL) {
$Target = GetIncomingValue('Target', $DefaultTarget);
SafeRedirect($Target);
}
if ($this->Form->errorCount() > 0) {
$this->setJson('ErrorMessage', $this->Form->errors());
} else {
$this->jsonTarget("#Comment_{$CommentID}", '', 'SlideUp');
}
$this->render();
}
/**
* Form to confirm that the administrator wants to delete the selected
* comments (and has permission to do so).
*/
public function confirmCommentDeletes($DiscussionID = '')
{
$Session = Gdn::session();
$this->Form = new Gdn_Form();
$DiscussionModel = new DiscussionModel();
$Discussion = $DiscussionModel->getID($DiscussionID);
if (!$Discussion) {
return;
}
// Verify that the user has permission to perform the delete
$PermissionCategory = CategoryModel::categories($Discussion->CategoryID);
$this->permission('Vanilla.Comments.Delete', true, 'Category', val('PermissionCategoryID', $PermissionCategory));
$this->title(t('Confirm'));
$CheckedComments = Gdn::userModel()->getAttribute($Session->User->UserID, 'CheckedComments', array());
if (!is_array($CheckedComments)) {
$CheckedComments = array();
}
$CommentIDs = array();
$DiscussionIDs = array();
foreach ($CheckedComments as $DiscID => $Comments) {
foreach ($Comments as $Comment) {
if (substr($Comment, 0, 11) == 'Discussion_') {
$DiscussionIDs[] = str_replace('Discussion_', '', $Comment);
} elseif ($DiscID == $DiscussionID) {
$CommentIDs[] = str_replace('Comment_', '', $Comment);
}
}
}
$CountCheckedComments = count($CommentIDs);
$this->setData('CountCheckedComments', $CountCheckedComments);
if ($this->Form->authenticatedPostBack()) {
// Delete the selected comments
$CommentModel = new CommentModel();
foreach ($CommentIDs as $CommentID) {
$CommentModel->deleteID($CommentID);
}
// Clear selections
unset($CheckedComments[$DiscussionID]);
Gdn::userModel()->saveAttribute($Session->UserID, 'CheckedComments', $CheckedComments);
ModerationController::InformCheckedComments($this);
$this->RedirectUrl = url('discussions');
}
$this->render();
}
