public function save(Comment $comment)
{
DB::db()->query('INSERT INTO comments (`theme_id`, `date`, `comment`, `author`) VALUES(?, ?, ?, ?)', [$comment->getThemeId(), $comment->getDate(), $comment->getComment(), $comment->getAuthor()]);
}
/**
* Guarda un comentario en la base de datos
*
* @param Comment $coment
* El comentario a ser guardado
* @throws PDOException Si ocurre un error de base de datos
* @return void
*/
public function save(Comment $comment)
{
$stmt = $this->db->prepare("INSERT INTO comments(`dateComment`,`content`,`numLikes`,`author`,`idPost`) values(?,?,?,?,?)");
$stmt->execute(array($comment->getDate(), $comment->getContent(), 0, $comment->getAuthor(), $comment->getIdPost()));
}
$response[2] .= '<input class="btn btn-primary" type="submit" value="'.$langSubmit.'" onclick="xmlhttpPost(\''.$urlServer.'modules/comments/comments_perso_blog.php\', \'editSave\','.$comment->getRid().', \''.$comment->getRtype().'\', \''.$langCommentsSaveConfirm.'\', '.$comment->getId().');"/>';
} else {
$response[0] = 'ERROR';
$response[1] = "<div class='alert alert-warning'>".$langCommentsEditNoPerm."</div>";
}
} else {
$response[0] = 'ERROR';
$response[1] = "<div class='alert alert-warning'>".$langCommentsLoadFail."</div>";
}
echo json_encode($response);
} else if ($_POST['action'] == 'editSave') {
$comment = new Comment();
if ($comment->loadFromDB(intval($_POST['cid']))) {
$permEdit = false;
if (isset($_SESSION['uid'])) {
if ($comment->getAuthor() == $uid) {
$permEdit = true;
}
$blog_user = Database::get()->querySingle("SELECT user_id FROM blog_post WHERE id = ?d", $comment->getRid());
if ($blog_user->user_id == $uid) {
$permEdit = true;
}
if (isset($is_admin) && $is_admin) {
$permEdit = true;
}
}
if ($permEdit) {
if ($comment->edit($_POST['commentText'])) {
$response[0] = 'OK';
$response[1] = "<div class='alert alert-success'>".$langCommentsSaveSuccess."</div>";
$response[2] = '<div id="comment_content-'.$comment->getId().'">'.q($comment->getContent()).'</div>';
$post_actions = '<div class="pull-right">';
$post_actions .= '<a href="javascript:void(0)" onclick="xmlhttpPost(\''.$urlServer.'modules/comments/comments.php?course='.$course_code.'\', \'editLoad\', '.$_POST['rid'].', \''.$_POST['rtype'].'\', \'\', '.$comment->getId().')">';
$post_actions .= icon('fa-edit', $langModify).'</a> ';
$post_actions .= '<a href="javascript:void(0)" onclick="xmlhttpPost(\''.$urlServer.'modules/comments/comments.php?course='.$course_code.'\', \'delete\', '.$_POST['rid'].', \''.$_POST['rtype'].'\', \''.$langCommentsDelConfirm.'\', '.$comment->getId().')">';
$post_actions .= icon('fa-times', $langDelete).'</a>';
$post_actions .='</div>';
$response[0] = 'OK';
$response[1] = "<div class='alert alert-success'>".$langCommentsSaveSuccess."</div>";
$response[2] = $comment->getId();
$response[3] = "
<div class='row margin-bottom-thin margin-top-thin comment' id='comment-".$comment->getId()."'>
<div class='col-xs-12'>
<div class='media'>
<a class='media-left' href='#'>
". profile_image($comment->getAuthor(), IMAGESIZE_SMALL) ."
</a>
<div class='media-body bubble'>
<div class='label label-success media-heading'>".nice_format($comment->getTime(), true).'</div>'.
"<small>".$langBlogPostUser.display_user($comment->getAuthor(), false, false)."</small>".
$post_actions
."<div class='margin-top-thin' id='comment_content-".$comment->getId()."'>". q($comment->getContent()) ."</div>
</div>
</div>
</div>
</div>
";
} else {
$response[0] = 'ERROR';
$response[1] = "<div class='alert alert-warning'>".$langCommentsSaveFail."</div>";
}
//[0] -> status, [1] -> message, other positions -> other data
$response = array();
if ($_POST['action'] == 'new') {
if (Commenting::permCreate($is_editor, $uid, $course_id)) {
$comment = new Comment();
if ($comment->create($_POST['commentText'], $uid, $_POST['rtype'], intval($_POST['rid']))) {
$post_actions = '<div class="pull-right">';
$post_actions .= '<a href="javascript:void(0)" onclick="xmlhttpPost(\'' . $urlServer . 'modules/comments/comments.php?course=' . $course_code . '\', \'editLoad\', ' . $_POST['rid'] . ', \'' . $_POST['rtype'] . '\', \'\', ' . $comment->getId() . ')">';
$post_actions .= icon('fa-edit', $langModify) . '</a> ';
$post_actions .= '<a href="javascript:void(0)" onclick="xmlhttpPost(\'' . $urlServer . 'modules/comments/comments.php?course=' . $course_code . '\', \'delete\', ' . $_POST['rid'] . ', \'' . $_POST['rtype'] . '\', \'' . $langCommentsDelConfirm . '\', ' . $comment->getId() . ')">';
$post_actions .= icon('fa-times', $langDelete) . '</a>';
$post_actions .= '</div>';
$response[0] = 'OK';
$response[1] = "<div class='alert alert-success'>" . $langCommentsSaveSuccess . "</div>";
$response[2] = $comment->getId();
$response[3] = "\r\n <div class='row margin-bottom-thin margin-top-thin comment' id='comment-" . $comment->getId() . "'>\r\n <div class='col-xs-12'>\r\n <div class='media'>\r\n <a class='media-left' href='#'>\r\n " . profile_image($comment->getAuthor(), IMAGESIZE_SMALL) . "\r\n </a>\r\n <div class='media-body bubble'>\r\n <div class='label label-success media-heading'>" . nice_format($comment->getTime(), true) . '</div>' . "<small>" . $langBlogPostUser . display_user($comment->getAuthor(), false, false) . "</small>" . $post_actions . "<div class='margin-top-thin' id='comment_content-" . $comment->getId() . "'>" . q($comment->getContent()) . "</div>\r\n </div>\r\n </div>\r\n </div>\r\n </div> \r\n ";
} else {
$response[0] = 'ERROR';
$response[1] = "<div class='alert alert-warning'>" . $langCommentsSaveFail . "</div>";
}
} else {
$response[0] = 'ERROR';
$response[1] = "<div class='alert alert-warning'>" . $langCommentsNewNoPerm . "</div>";
}
echo json_encode($response);
} else {
if ($_POST['action'] == 'delete') {
$comment = new Comment();
if ($comment->loadFromDB(intval($_POST['cid']))) {
if ($comment->permEdit($is_editor, $uid)) {
if ($comment->delete()) {
/**
* Saves a comment
*
* @param Comment $comment The comment to save
* @throws PDOException if a database error occurs
* @return void
*/
public function save(Comment $comment)
{
$stmt = $this->db->prepare("INSERT INTO comments(content, author, post) values (?,?,?)");
$stmt->execute(array($comment->getContent(), $comment->getAuthor()->getUsername(), $comment->getPost()->getId()));
}
/**
* Write comment to XML format
*
* @param Shared_XMLWriter $objWriter XML Writer
* @param string $pCellReference Cell reference
* @param Comment $pComment Comment
* @param array $pAuthors Array of authors
* @throws Exception
*/
public function _writeComment(Shared_XMLWriter $objWriter = null, $pCellReference = 'A1', Comment $pComment = null, $pAuthors = null)
{
// comment
$objWriter->startElement('comment');
$objWriter->writeAttribute('ref', $pCellReference);
$objWriter->writeAttribute('authorId', $pAuthors[$pComment->getAuthor()]);
// text
$objWriter->startElement('text');
$this->getParentWriter()->getWriterPart('stringtable')->writeRichText($objWriter, $pComment->getText());
$objWriter->endElement();
$objWriter->endElement();
}
require_once '../database_access.php';
$comment = new Comment();
if (isset($_POST['creation_date'])) {
$comment->setCreationDate($_POST['creation_date']);
}
if (isset($_POST['edit_date'])) {
$comment->setEditDate($_POST['edit_date']);
}
if (isset($_POST['author_user_id'])) {
$comment->setAuthorUserId($_POST['author_user_id']);
}
if (isset($_POST['target_event_id'])) {
$comment->setTargetEventId($_POST['target_event_id']);
}
if (isset($_POST['comment_text'])) {
$comment->setCommentText($_POST['comment_text']);
}
if (!$comment->validate()) {
foreach ($comment->getValidationFailures() as $failure) {
echo '<p><strong>Error in ' . $failure->getPropertyPath() . ' field!</strong> ' . $failure->getMessage() . '</p>';
}
unset($failure);
} else {
$comment->save();
// add the author name and return the JSON
$comment_json = json_decode($comment->toJSON());
$author = $comment->getAuthor();
$comment_json->authorFirstName = $author->getFirstName();
$comment_json->authorLastName = $author->getLastName();
echo json_encode($comment_json);
}