/** * Writes a comment on a thread and outputs the metadata of new comment as json. * @throws AccessDeniedException */ public function comment_action() { if (!Request::isPost()) { throw new Exception("GET not supported"); } $context = Request::option("context"); $thread = new BlubberPosting(Request::option("thread")); if ($thread['context_type'] === "course" && $GLOBALS['SessSemName']['class'] === "sem") { $seminar = new Seminar($context); if ($seminar->write_level > 0 && !$GLOBALS['perm']->have_studip_perm("autor", $context)) { throw new AccessDeniedException(); } } BlubberPosting::$course_hashes = $thread['context_type'] === "course" ? $thread['Seminar_id'] : false; if (!$thread->isNew() && $thread['Seminar_id'] === $context) { $output = array(); $posting = new BlubberPosting(); $posting['context_type'] = $thread['context_type']; $posting['seminar_id'] = $thread['Seminar_id']; $posting['root_id'] = $posting['parent_id'] = $thread->getId(); $posting['name'] = "Re: " . $thread['name']; if ($GLOBALS['user']->id !== "nobody") { $posting['user_id'] = $GLOBALS['user']->id; } else { if (Request::get("anonymous_security") === $_SESSION['blubber_anonymous_security']) { $contact_user = BlubberExternalContact::findByEmail(Request::get("anonymous_email")); $_SESSION['anonymous_email'] = Request::get("anonymous_email"); $_SESSION['anonymous_name'] = $contact_user['name'] = Request::get("anonymous_name"); $contact_user->store(); $posting['user_id'] = $contact_user->getId(); $posting['external_contact'] = 1; } else { throw new AccessDeniedException("No permission to write posting."); } } $posting['author_host'] = $_SERVER['REMOTE_ADDR']; $posting['description'] = studip_utf8decode(Request::get("content")); $posting->store(); BlubberPosting::$mention_posting_id = $posting->getId(); StudipTransformFormat::addStudipMarkup("mention1", '@\\"[^\\n\\"]*\\"', null, "BlubberPosting::mention"); StudipTransformFormat::addStudipMarkup("mention2", '@[^\\s]*[\\d\\w_]+', null, "BlubberPosting::mention"); $content = transformBeforeSave(studip_utf8decode(Request::get("content"))); $posting['description'] = $content; $posting->store(); $factory = new Flexi_TemplateFactory($this->plugin->getPluginPath() . "/views/streams"); $template = $factory->open("comment.php"); $template->set_attribute('posting', $posting); $template->set_attribute('course_id', $thread['Seminar_id']); $output['content'] = $template->render($template->render()); $output['mkdate'] = time(); $output['posting_id'] = $posting->getId(); //Notifications: $user_ids = array(); if ($thread['user_id'] && $thread['user_id'] !== $GLOBALS['user']->id) { $user_ids[] = $thread['user_id']; } foreach ((array) $thread->getChildren() as $comment) { if ($comment['user_id'] && $comment['user_id'] !== $GLOBALS['user']->id && !$comment['external_contact']) { $user_ids[] = $comment['user_id']; } } $user_ids = array_unique($user_ids); foreach ($user_ids as $user_id) { setTempLanguage($user_id); $avatar = Visibility::verify('picture', $GLOBALS['user']->id, $user_id) ? Avatar::getAvatar($GLOBALS['user']->id) : Avatar::getNobody(); PersonalNotifications::add($user_id, PluginEngine::getURL($this->plugin, array('cid' => $thread['context_type'] === "course" ? $thread['Seminar_id'] : null), "streams/thread/" . $thread->getId()), sprintf(_("%s hat einen Kommentar geschrieben"), get_fullname()), "posting_" . $posting->getId(), $avatar->getURL(Avatar::MEDIUM)); restoreLanguage(); } $this->render_json($output); } else { $this->render_json(array('error' => "Konnte thread nicht zuordnen.")); } }
/** * Create a comment to a blubber * * @post /blubber/posting/:blubber_id/comments * * @param string $blubber_id id of the blubber * * @param string blubbercontent content of the comment. */ public function createComment($blubber_id) { if (!strlen(trim($this->data['content']))) { $this->error(400, 'No content provided'); } $thread = new \BlubberPosting($blubber_id); $this->requireReadAccessTo($thread); $blubber = new \BlubberPosting(); $blubber['root_id'] = $thread['root_id']; $blubber['parent_id'] = $thread->getId(); $blubber['user_id'] = $GLOBALS['user']->id; $blubber['external_contact'] = 0; $blubber['author_host'] = $_SERVER['REMOTE_ADDR']; $blubber['context_type'] = $thread['context_type']; $blubber['seminar_id'] = $thread['seminar_id']; $blubber->setId($blubber->getNewId()); \BlubberPosting::$mention_posting_id = $blubber->getId(); \StudipTransformFormat::addStudipMarkup("mention1", '@\\"[^\\n\\"]*\\"', "", "\\BlubberPosting::mention"); \StudipTransformFormat::addStudipMarkup("mention2", '@[^\\s]*[\\d\\w_]+', "", "\\BlubberPosting::mention"); $content = \transformBeforeSave($this->data['content']); $blubber['name'] = $blubber['description'] = $content; $blubber->store(); $this->redirect('blubber/comment/' . $blubber->getId(), 201, "ok"); }
/** * Deletes this posting and all regarding information. * @return integer: 1 if posting successfully deleted, else 0. */ public function delete() { $id = $this->getId(); $root_id = $this['root_id']; NotificationCenter::postNotification("PostingWillDelete", $this); foreach ((array) self::findBySQL("parent_id = ? ", array($id)) as $child_posting) { $child_posting->delete(); } $success = parent::delete(); if ($success) { NotificationCenter::postNotification("PostingHasDeleted", $this); } //insert into event-queue so it disappears from people's live-stream $delete_stmt = DBManager::get()->prepare("INSERT INTO blubber_events_queue " . "SET event_type = 'delete', " . "item_id = :item_id, " . "mkdate = UNIX_TIMESTAMP() " . ""); $delete_stmt->execute(array('item_id' => $id)); if ($id !== $root_id) { $thread = new BlubberPosting($root_id); $thread['chdate'] = time(); $thread->store(); } else { $delete_hashtags = DBManager::get()->prepare("DELETE FROM blubber_tags " . "WHERE topic_id = :topic_id " . ""); $delete_hashtags->execute(array('topic_id' => $id)); } return $success; }