/**
* Ajax request to comment submission
* @param sfWebRequest $request
*/
public function executeAjaxCommentSubmission(sfWebRequest $request)
{
if ($request->isMethod(sfRequest::POST)) {
if (!$request->hasParameter("my_comment") || trim($request->getParameter("my_comment")) == "") {
echo "Comment cannot be empty.";
} elseif (!$request->hasParameter("term")) {
echo "Must choose a term.";
} elseif (!$request->hasParameter("year")) {
echo "Must choose a year.";
} elseif (!$request->hasParameter("security") || trim($request->getParameter("security")) == "") {
echo "Must type in the security string.";
} else {
// first, check for security string
$code = $_SESSION['securityImage'];
if (trim($request->getParameter("security")) != $code) {
echo "Security string does not match.";
return sfView::NONE;
}
// second, get the course object
$id = $request->getParameter("id");
$conn = Propel::getConnection();
$courseObj = CoursePeer::retrieveByPK($id, $conn);
if (!is_object($courseObj)) {
echo "Error with comment submission. Please try again later.";
return sfView::NONE;
}
// third, check for spam
$c = new Criteria();
$year = $request->getParameter("year");
$term = $request->getParameter("term");
$crit = $c->getNewCriterion(CourseCommentPeer::APPLIES_TO, $year . $term);
$c->addAnd($crit);
$_list = $courseObj->getCourseComments($c, $conn, true);
$ip = $_SERVER['REMOTE_ADDR'];
//FIXME i have disabled spam checking because computers in the computer lab might all have the same ip
/*$isSpam = false;
foreach ($_list as $commentObj){
if ($commentObj->getIp() == $ip){
$isSpam = true;
break;
}
}
if ($isSpam){
echo "You cannot comment on the same semester twice!";
return sfView::NONE;
}*/
// now we can save
try {
$_comment = trim($request->getParameter("my_comment"));
$date = date(skuleadminConst::TIMESTAMP_FORMAT);
$newComment = new CourseComment();
$newComment->setComment($_comment);
$newComment->setAppliesTo($year . $term);
$newComment->setApproved(0);
$newComment->setCourse($courseObj);
$newComment->setIp($ip);
$newComment->setInputDt($date);
$newComment->save($conn);
// send notification
$msg = "A new comment on [course=" . $courseObj->getId() . "; term=" . $year . $term . "] has been submitted by " . $ip . " on " . $date . ".\n\n";
$msg .= "Below is the main body of the comment:\n\n" . $_comment;
$msg .= "\n\nPlease access the siteadmin module: http://courses.skule.ca/siteadmin to approve the submission.";
helperFunctions::sendEmailNotice("Comment Submission", $msg);
echo "Submission successful. Pending moderator review.\n <script type='text/javascript'>eval(\"document.getElementById('commentInputBtns').style.display='none'; document.getElementById('commentSuccessBtns').style.display='block';\")</script>";
return sfView::NONE;
} catch (Exception $e) {
echo "Error with comment submission. Please try again later.";
helperFunctions::sendEmailNotice("Comment Submission Error", $e->getMessage());
return sfView::NONE;
}
}
}
return sfView::NONE;
}
