public function review_action($material_id = null) { Navigation::activateItem("/lernmarktplatz/overview"); $this->material = new LernmarktplatzMaterial($material_id); $this->review = LernmarktplatzReview::findOneBySQL("material_id = ? AND user_id = ? AND host_id IS NULL", array($material_id, $GLOBALS['user']->id)); if (!$this->review) { $this->review = new LernmarktplatzReview(); $this->review['material_id'] = $this->material->getId(); $this->review['user_id'] = $GLOBALS['user']->id; } if (Request::isPost()) { $this->review['review'] = Request::get("review"); $this->review['rating'] = Request::get("rating"); $this->review->store(); $this->material['rating'] = $this->material->calculateRating(); $this->material->store(); PageLayout::postMessage(MessageBox::success(_("Danke für das Review!"))); $this->redirect("market/details/" . $material_id); } }
public function fetchData() { if ($this['host_id']) { $host = new LernmarktplatzHost($this['host_id']); if ($host) { $data = $host->fetchItemData($this['foreign_material_id']); if (!$data) { return false; } if ($data['deleted']) { return "deleted"; } //user: $user = LernmarktplatzUser::findOneBySQL("foreign_user_id", array($data['user']['user_id'], $host->getId())); if (!$user) { $user = new LernmarktplatzUser(); $user['foreign_user_id'] = $data['user']['user_id']; $user['host_id'] = $host->getId(); } $user['name'] = $data['user']['name']; $user['avatar'] = $data['user']['avatar'] ?: null; $user['description'] = $data['user']['description'] ?: null; $user->store(); //material: $material_data = $data['data']; unset($material_data['material_id']); unset($material_data['user_id']); unset($material_data['mkdate']); $this->setData($material_data); $this->store(); //topics: $this->setTopics($data['topics']); foreach ((array) $data['reviews'] as $review_data) { $currenthost = LernmarktplatzHost::findOneByUrl(trim($review_data['host']['url'])); if (!$currenthost) { $currenthost = new LernmarktplatzHost(); $currenthost['url'] = trim($review_data['host']['url']); $currenthost['last_updated'] = time(); $currenthost->fetchPublicKey(); if ($currenthost['public_key']) { $currenthost->store(); } } if ($currenthost && $currenthost['public_key'] && !$currenthost->isMe()) { $review = LernmarktplatzReview::findOneBySQL("foreign_review_id = ? AND host_id = ?", array($review_data['foreign_review_id'], $currenthost->getId())); if (!$review) { $review = new LernmarktplatzReview(); $review['foreign_review_id'] = $review_data['foreign_review_id']; $review['material_id'] = $this->getId(); $review['host_id'] = $currenthost->getId(); } $review['review'] = $review_data['review']; $review['rating'] = $review_data['rating']; if ($review_data['chdate']) { $review['chdate'] = $review_data['chdate']; } if ($review_data['mkdate']) { $review['mkdate'] = $review_data['mkdate']; } $user = LernmarktplatzUser::findOneBySQL("foreign_user_id", array($review_data['user']['user_id'], $currenthost->getId())); if (!$user) { $user = new LernmarktplatzUser(); $user['foreign_user_id'] = $review_data['user']['user_id']; $user['host_id'] = $currenthost->getId(); } $user['name'] = $review_data['user']['name']; $user['avatar'] = $review_data['user']['avatar'] ?: null; $user['description'] = $review_data['user']['description'] ?: null; $user->store(); $review['user_id'] = $user->getId(); $review->store(); } } } } return true; }
/** * Adds or edits a comment to the material on this server from a client of another server. * Use this request only as a POST request, the body must be a JSON-object that carries all the * necessary variables. * The review_id is the foreign_review_id if the host_hash is not empty or the review_id if the host_hash is empty. * @param $material_id : ID of the item on this server. */ public function add_comment_action($review_id, $host_hash = null) { if (Request::isPost()) { $public_key_hash = $_SERVER['HTTP_' . str_replace("-", "_", strtoupper($GLOBALS['LERNMARKTPLATZ_HEADER_PUBLIC_KEY_HASH']))]; //MD5_HASH_OF_RSA_PUBLIC_KEY $signature = base64_decode($_SERVER['HTTP_' . str_replace("-", "_", strtoupper($GLOBALS['LERNMARKTPLATZ_HEADER_SIGNATURE']))]); //BASE64_RSA_SIGNATURE $host = LernmarktplatzHost::findOneBySQL("MD5(public_key) = ?", array($public_key_hash)); if ($host && !$host->isMe()) { $body = file_get_contents('php://input'); if ($host->verifySignature($body, $signature)) { if ($host_hash) { /*$review = LernmarktplatzReview::findOneBySQL("INNER JOIN lernmarktplatz_hosts ON (lernmarktplatz_hosts.host_id = lernmarktplatz_reviews.host_id) WHERE foreign_review_id = :id AND MD5(lernmarktplatz_hosts.public_key) = :host_hash", array( 'id' => $review_id, 'host_hash' => $host_hash ));*/ $review = LernmarktplatzReview::findOneByForeign_review_id($review_id); } else { $review = LernmarktplatzReview::find($review_id); } if (!$review) { throw new Exception("Unknown material."); } $data = studip_utf8decode(json_decode($body, true)); $user = LernmarktplatzUser::findOneBySQL("host_id = ? AND foreign_user_id = ?", array($host->getId(), $data['user']['user_id'])); if (!$user) { $user = new LernmarktplatzUser(); $user['host_id'] = $host->getId(); $user['foreign_user_id'] = $data['user']['user_id']; } $user['name'] = $data['user']['name']; $user['avatar'] = $data['user']['avatar']; $user['description'] = $data['user']['description'] ?: null; $user->store(); $comment = new LernmarktplatzComment(); $comment['user_id'] = $user->getId(); $comment['foreign_comment_id'] = $data['data']['foreign_comment_id']; $comment['host_id'] = $host->getId(); $comment['review_id'] = $review->getId(); $comment['comment'] = $data['data']['comment']; $comment['mkdate'] = $data['data']['mkdate']; $comment['chdate'] = $data['data']['chdate']; $comment->store(); echo "stored "; } else { throw new Exception("Wrong signature, sorry."); } } $this->render_text(""); } else { throw new Exception("USE POST TO PUSH."); } }