function renderPreviewList()
{
$options = array('date_min' => getDateTimeFieldValue('time_start'), 'date_max' => getDateTimeFieldValue('time_end'));
### author
if (intval(get('person'))) {
$options['modified_by'] = get('person');
}
### Object types
$types = array();
if (get('type_task') || get('type_topic')) {
$types[] = ITEM_TASK;
}
if (get('type_comment')) {
$types[] = ITEM_COMMENT;
}
$options['type'] = $types;
$items = DbProjectItem::getAll($options);
echo "<ol>";
foreach ($items as $item) {
if ($item->type == ITEM_COMMENT) {
$comment = Comment::getById($item->id);
if (get('only_spam_comments') && !isSpam($comment->name . " " . $comment->description)) {
continue;
}
renderRemovalPreviewComment($comment);
}
if ($item->type == ITEM_TASK) {
$task = Task::getById($item->id);
renderRemovalPreviewTask($task);
}
}
echo "</ol>";
}
public function controlerJob($maincont)
{
// récupération des données
if (!$maincont->isLoggued()) {
$maincont->goModule("home", "display");
}
$liste = Comment::getByPublished("0");
// on récupère les commentaires non validés
// récupération des données des commentaires
$coms = array();
for ($i = 0; $i < count($liste); $i++) {
$c = Comment::getById($liste[$i]->id);
$c = $c[0];
/*$coms[$i] = array('date'=>"Le ".$c->getDate()." à ".$c->getHour(),
'author'=>$c->getAuthor(),
'content'=>$c->getBody(),
'postitle'=>''.$c->getPost()->getTitle()
);*/
$coms[$i] = array("contenu" => "De : " . $c->getAuthor() . ", contenu : \"" . $c->getBody() . "\", sur l'article : " . $c->getPost()->getTitle(), "id" => $c->id);
}
// récupération de tous les tags pour le nuage
$at = Tag::getAll();
$alltags = array();
foreach ($at as $ta) {
$alltags[] = $ta->getTag();
}
// récupération des années
$ay = Post::getAll();
$allyears = array();
foreach ($ay as $ye) {
$couranty = explode("-", $ye->getDate());
$couranty = $couranty[0];
if (!in_array($couranty, $allyears)) {
$allyears[] = $couranty;
}
}
// login
if ($maincont->isLoggued()) {
$login = $_SESSION["login"];
} else {
$login = "******";
}
// affichage de la vue
include_once "view.php";
$v = new CommentAdminView();
$v->display($login, $alltags, $allyears, $coms);
}
public function actionDeleteViaAjax($id)
{
$getData = GetUtil::getData();
$relatedModelId = ArrayUtil::getArrayValue($getData, 'relatedModelId');
$relatedModelClassName = ArrayUtil::getArrayValue($getData, 'relatedModelClassName');
$comment = Comment::getById(intval($id));
$relatedModel = $relatedModelClassName::getById(intval($relatedModelId));
if ($comment->createdByUser->id != Yii::app()->user->userModel->id && $relatedModel->owner->id != Yii::app()->user->userModel->id && $relatedModel->createdByUser->id != Yii::app()->user->userModel->id) {
$messageView = new AccessFailureAjaxView();
$view = new AjaxPageView($messageView);
echo $view->render();
Yii::app()->end(0, false);
}
$deleted = $comment->delete();
if (!$deleted) {
throw new FailedToDeleteModelException();
}
}
/**
* Remove items of certain type and autho
*/
function itemsRemoveManySubmit()
{
global $PH;
global $auth;
### cancel ? ###
if (get('form_do_cancel')) {
if (!$PH->showFromPage()) {
$PH->show('home', array());
}
exit;
}
$count_removed_items = 0;
$item_ids = get('item_*');
foreach ($item_ids as $id) {
if ($item = DbProjectItem::getById($id)) {
if ($item->type == ITEM_COMMENT) {
if ($comment = Comment::getById($id)) {
revertDateOfCommentParent($comment);
$comment->deleteFromDb();
$count_removed_items++;
}
} else {
if ($item->type == ITEM_TASK) {
if ($task = Task::getById($id)) {
#revertDateOfCommentParent($comment);
$task->deleteFromDb();
$count_removed_items++;
}
}
}
}
}
new FeedbackMessage(sprintf(__("Removed %s items"), $count_removed_items));
### display taskView ####
if (!$PH->showFromPage()) {
$PH->show('home');
}
}
public function addComment()
{
if (isset($this->params[0])) {
$alias = strtolower($this->params[0]);
$page = $this->model->getByAlias($alias);
} else {
Router::redirect('/');
}
$page_id = $page['id'];
$comments_model = new Comment();
$comment_id = $comments_model->add($page_id, $_POST);
if ($comment_id) {
// Выводим обратно блок с комментарием
ob_start();
$comment = $comments_model->getById($comment_id);
include VIEWS_PATH . DS . 'helpers' . DS . 'comment.html';
$result = ob_get_clean();
echo $result;
} else {
echo "Ошибка!!!";
}
exit;
}
/**
* Create new comment
*
* New comments have to be attached to an option. So the major part of this code
* deals with finding out, to what the comment belongs to.
*
* @ingroup pages
*
*
* - requires comment, task or comments_* - param
*/
function commentNew()
{
global $PH;
global $COMMENTTYPE_VALUES;
$project = NULL;
$name = get('new_name') ? get('new_name') : __('New Comment', 'Default name of new comment');
### build new object ###
$newComment = new Comment(array('id' => 0, 'name' => $name));
### try single project-id ###
if ($id = getOnePassedId('prj', 'projects_*', false)) {
#no not abort if not found
if ($project = Project::getVisibleById($id)) {
$newComment->project = $project->id;
}
}
### try single task-id ###
$task = NULL;
$comment = NULL;
if ($id = getOnePassedId('tsk', 'tasks_*', false)) {
#no not abort if not found
if ($task = Task::getVisibleById($id)) {
$newComment->task = $task->id;
### try to figure project-id from task ###
if (!$newComment->project) {
$newComment->project = $task->getProject()->id;
}
}
}
### subtask? ###
if (!$task) {
if ($task_id = get('parent_task')) {
if ($task = Task::getVisibleById($task_id)) {
$newComment->task = $task->id;
### try to figure project-id from task ###
if (!$newComment->project) {
$newComment->project = $task->getProject()->id;
}
}
}
}
### try single company-id ###
if ($id = getOnePassedId('company', 'companies_*', false)) {
#no not abort if not found
if ($company = Company::getVisibleById($id)) {
$newComment->company = $company->id;
}
}
### try single person-id ###
if ($id = getOnePassedId('person', 'people_*', false)) {
#no not abort if not found
if ($person = Person::getVisibleById($id)) {
$newComment->person = $person->id;
}
}
### try comment on comment ###
if ($id = getOnePassedId('comment', 'comments_*', false)) {
#no not abort if not found
if ($comment = Comment::getById($id)) {
$newComment->comment = $comment->id;
switch (confGet('REPLY_ON_COMMENT_PREFIX')) {
case 0:
$newComment->name = '';
break;
case 1:
$newComment->name = __('Re: ') . $comment->name;
break;
case 2:
$newComment->name = __('Reply to ', 'prefix for name of new comment on another comment') . $comment->name;
break;
default:
$newComment->name = __('Re: ') . $comment->name;
break;
}
$newComment->occasion = $COMMENTTYPE_VALUES['Reply'];
}
}
### get current project ###
if (!$project) {
if ($task) {
if (!($project = Project::getVisibleById($task->project))) {
$PH->abortWarning('invalid project id', ERROR_FATAL);
}
} else {
$PH->abortWarning('can´t access project', ERROR_BUG);
}
}
if (!$task && !$comment) {
$PH->abortWarning('need at least comment or task', ERROR_WARNING);
}
### set a valid create-level ###
$newComment->pub_level = $project->getCurrentLevelCreate();
if ($newComment->pub_level < 1) {
### abort, if not enough rights ###
$PH->abortWarning(__('insufficient rights'), ERROR_RIGHTS);
}
### render form ###
$PH->show('commentEdit', array('comment' => $newComment->id), $newComment);
}
public function deleteCommentAction()
{
$id = $this->_request->getClean('id');
if (!$id) {
return $this->renderText('{"result":"error", "code":1}');
}
$comment = Comment::getById($id);
if (!$comment) {
return $this->renderText('{"result":"error", "code":1}');
}
if (!in_array($this->_user->user_group, $this->_config['moder_groups']) && !in_array($this->_user->user_id, $this->_config['moders']) && !($this->_user->user_id == $comment->getUserId() && $comment->getUserId() || $this->_user->ip_address == $comment->getIpAddress() && $comment->getDate() > time() - $this->_config['owner_comment_del_time'])) {
return $this->renderText('{"result":"error", "code":5}');
}
$st = $comment->getStatement();
$st->setCommNum($st->getCommNum() - 1);
$st->save();
$comment->delete();
return $this->renderText('{"result":"ok"}');
}
$user = User::getCurrent();
if (!$user->authenticate($_POST['oldpassword'])) {
//Throw an error if the old password field's value does not match the user's current password.
BootstrapSkin::displayAlertBox("The old password you entered is not correct.", "alert-error", "Error", true, false);
BootstrapSkin::displayInternalFooter();
die;
}
$user->setPassword($_POST['newpassword']);
$user->save();
BootstrapSkin::displayAlertBox("Password successfully changed!", "alert-success", "", false, false);
BootstrapSkin::displayInternalFooter();
die;
} elseif ($action == "ec") {
// edit comment
global $smarty, $baseurl;
$comment = Comment::getById($_GET['id'], gGetDb());
if ($comment == false) {
// Only using die("Message"); for errors looks ugly.
BootstrapSkin::displayAlertBox("Comment not found.", "alert-error", "Error", true, false);
BootstrapSkin::displayInternalFooter();
die;
}
// Unauthorized if user is not an admin or the user who made the comment being edited.
if (!User::getCurrent()->isAdmin() && !User::getCurrent()->isCheckuser() && $comment->getUser() != User::getCurrent()->getId()) {
BootstrapSkin::displayAccessDenied();
BootstrapSkin::displayInternalFooter();
die;
}
// get[id] is safe by this point.
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
$database = gGetDb();
/**
* query if editable for current user
*/
static function getEditableById($id)
{
if ($c = Comment::getById(intval($id))) {
if ($p = Project::getById($c->project)) {
if ($p->validateEditItem($c)) {
return $c;
}
}
}
return NULL;
}