public function can_modify()
{
$user = zest::check_login();
if ($user && ($this->user->id == $user->id || $user->roles[0]->id < 3)) {
return true;
}
return false;
}
private function __check_login()
{
// IF LOGGED IN
if ($this->user = zest::check_login()) {
$roles = $this->user->roles;
foreach ($roles as $role) {
if ($role->id == 1) {
$this->superuser = TRUE;
}
if ($role->id == 1 || $role->id == 2) {
$this->admin = TRUE;
}
}
} else {
// Redirect back to the login page
url::redirect('admin/login');
}
}
public function comment_form()
{
$array = array("title" => "", "display_name" => "", "email" => "");
$user = zest::check_login();
if ($user) {
$array = array("title" => "", "display_name" => $user->username, "email" => $user->email);
}
$comments_form = "";
if (isset($_POST['post_comment'])) {
$comment = ORM::factory('comment');
unset($_POST['post_comment']);
$post = $comment->validate($_POST);
if (count($post['errors']) == 0) {
foreach ($_POST as $key => $value) {
$comment->{$key} = $value;
}
$comment->feedpost_id = $this->id;
if (!$user) {
$comment->status_id = 1;
$comment->save();
$to = $comment->email;
$from = 'no-reply@' . str_replace('www.', '', $_SERVER['HTTP_HOST']);
$subject = "Please confirm your email address";
$message = "Please click on the link below to confirm your email address and make your comment active\n\n" . $comment->activate_url();
email::send($to, $from, $subject, $message, FALSE);
return "<p>You have been sent an email. You must confirm your email before your comment will become active.</p>";
} else {
$comment->user_id = $user->id;
$comment->status_id = 2;
$comment->email = $user->email;
$comment->save();
url::redirect($this->get_url() . '#comments');
return "<p>Thank you for your comment.</p>";
}
} else {
$comments_form .= "<p style='color:red'>";
foreach ($post['errors'] as $key => $value) {
$comments_form .= $value . "<br/>";
}
$comments_form .= "</p>";
$array = arr::overwrite($array, $post);
}
}
$comments_form .= form::open();
$comments_form .= form::hidden('post_comment', 'true');
$comments_form .= '<div class="user_auth">';
$comments_form .= form::label('display_name', 'Display Name');
$comments_form .= form::input('display_name', $array['display_name']) . '<br/>';
$comments_form .= form::label('email', 'Email');
$comments_form .= form::input('email', $array['email']) . '<br/>';
$comments_form .= '<fb:login-button onlogin="******"></fb:login-button>';
$comments_form .= '</div>';
$comments_form .= '
<script type="text\\javascript">
function update_user_box() {
var user_box = document.getElementById("user_auth");
user_box.innerHTML
}
</script>
';
$comments_form .= form::textarea('title', $array['title'], 'style="width:100%;"');
$comments_form .= form::label('', ' ');
$comments_form .= form::submit('', 'Submit', 'class="submit"');
$comments_form .= form::close();
return $comments_form;
}
