/** * Save a reply * * @return void */ private function savereply() { // Check for request forgeries Request::checkToken(); // Is the user logged in? if (User::isGuest()) { $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_LOGIN_NOTICE')); return; } $publication =& $this->publication; // Trim and addslashes all posted items $comment = Request::getVar('comment', array(), 'post', 'none', 2); if (!$publication->exists()) { // Cannot proceed $this->setError(Lang::txt('PLG_PUBLICATIONS_REVIEWS_COMMENT_ERROR_NO_REFERENCE_ID')); return; } $database = App::get('db'); $row = new \Hubzero\Item\Comment($database); if (!$row->bind($comment)) { $this->setError($row->getError()); return; } $message = $row->id ? Lang::txt('PLG_PUBLICATIONS_REVIEWS_EDITS_SAVED') : Lang::txt('PLG_PUBLICATIONS_REVIEWS_COMMENT_POSTED'); // Perform some text cleaning, etc. $row->content = \Hubzero\Utility\Sanitize::clean($row->content); $row->anonymous = $row->anonymous == 1 || $row->anonymous == '1' ? $row->anonymous : 0; $row->created = $row->id ? $row->created : Date::toSql(); $row->state = $row->id ? $row->state : 0; $row->created_by = $row->id ? $row->created_by : User::get('id'); // Check for missing (required) fields if (!$row->check()) { $this->setError($row->getError()); return; } // Save the data if (!$row->store()) { $this->setError($row->getError()); return; } // Redirect App::redirect(Route::url($publication->link('reviews')), $message); }
/** * Save an entry * * @return void */ protected function _save() { // Ensure the user is logged in if (User::isGuest()) { return $this->_login(); } // Check for request forgeries Request::checkToken(); // Incoming $comment = Request::getVar('comment', array(), 'post', 'none', 2); // Instantiate a new comment object and pass it the data $row = new \Hubzero\Item\Comment($this->database); if (!$row->bind($comment)) { App::redirect($this->url, $row->getError(), 'error'); return; } $row->setUploadDir($this->params->get('comments_uploadpath', '/site/comments')); if ($row->id && !$this->params->get('access-edit-comment')) { App::redirect($this->url, Lang::txt('PLG_COURSES_REVIEWS_NOTAUTH'), 'warning'); return; } // Check content if (!$row->check()) { App::redirect($this->url, $row->getError(), 'error'); return; } // Store new content if (!$row->store()) { App::redirect($this->url, $row->getError(), 'error'); return; } App::redirect($this->url, Lang::txt('PLG_COURSES_REVIEWS_SAVED'), 'message'); }
/** * Save a comment * * @return string */ private function _savecomment() { // Check for request forgeries Request::checkToken(); // Ensure the user is logged in if (User::isGuest()) { return $this->_login(); } // Incoming $comment = Request::getVar('comment', array(), 'post'); // Instantiate a new comment object and pass it the data $row = new \Hubzero\Item\Comment($this->database); if (!$row->bind($comment)) { $this->setError($row->getError()); return $this->_post(); } // Check content if (!$row->check()) { $this->setError($row->getError()); return $this->_post(); } // Store new content if (!$row->store()) { $this->setError($row->getError()); return $this->_post(); } return $this->_post(); }
/** * Save a reply * * @return void */ private function savereply() { // Check for request forgeries Request::checkToken(); // Is the user logged in? if (User::isGuest()) { $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_LOGIN_NOTICE')); return; } // Incoming $id = Request::getInt('id', 0); // Trim and addslashes all posted items $comment = Request::getVar('comment', array(), 'post', 'none', 2); if (!$id) { // Cannot proceed $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_COMMENT_ERROR_NO_REFERENCE_ID')); return; } $database = App::get('db'); $row = new \Hubzero\Item\Comment($database); if (!$row->bind($comment)) { $this->setError($row->getError()); return; } // Perform some text cleaning, etc. $row->content = \Hubzero\Utility\Sanitize::stripImages(\Hubzero\Utility\Sanitize::clean($row->content)); //$row->content = nl2br($row->content); $row->anonymous = $row->anonymous == 1 || $row->anonymous == '1' ? $row->anonymous : 0; $row->created = $row->id ? $row->created : Date::toSql(); $row->state = $row->id ? $row->state : 0; $row->created_by = $row->id ? $row->created_by : User::get('id'); // Check for missing (required) fields if (!$row->check()) { $this->setError($row->getError()); return; } // Save the data if (!$row->store()) { $this->setError($row->getError()); return; } }