function reportComment()
{
if (JCommentsSecurity::badRequest() == 1) {
JCommentsSecurity::notAuth();
}
$acl =& JCommentsFactory::getACL();
$db =& JCommentsFactory::getDBO();
$config =& JCommentsFactory::getConfig();
$response =& JCommentsFactory::getAjaxResponse();
$values = JCommentsAJAX::prepareValues($_POST);
$id = (int) $values['commentid'];
$reason = trim(strip_tags($values['reason']));
$name = trim(strip_tags($values['name']));
$ip = $acl->getUserIP();
if ($reason == '') {
JCommentsAJAX::showErrorMessage(JText::_('Please enter the reason for your report!'), '', 'comments-report-form');
return $response;
}
$query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id;
if ($acl->getUserId()) {
$query .= ' AND userid = ' . $acl->getUserId();
} else {
$query .= ' AND ip = "' . $ip . '"';
}
$db->setQuery($query);
$reported = $db->loadResult();
if (!$reported) {
$query = 'SELECT COUNT(*) FROM `#__jcomments_reports` WHERE commentid = ' . $id;
$db->setQuery($query);
$reported = $db->loadResult();
if (!$reported) {
$comment = new JCommentsDB($db);
if ($comment->load($id)) {
if ($acl->canReport($comment)) {
$allowed = true;
if ($config->getInt('enable_mambots') == 1) {
require_once JCOMMENTS_HELPERS . DS . 'plugin.php';
JCommentsPluginHelper::importPlugin('jcomments');
JCommentsPluginHelper::trigger('onReportComment', array(&$comment, &$response, &$allowed, &$value));
}
if ($allowed !== false) {
if ($acl->getUserId()) {
$user = JCommentsFactory::getUser();
$name = $user->name;
} else {
if ($name == '') {
$name = JText::_('Guest');
}
}
$query = "INSERT INTO `#__jcomments_reports`(`commentid`,`userid`, `name`,`ip`,`date`,`reason`)" . "VALUES('" . $comment->id . "', '" . $acl->getUserId() . "', '" . $db->getEscaped($name) . "', '" . $db->getEscaped($ip) . "', now(), '" . $db->getEscaped($reason) . "')";
$db->setQuery($query);
$db->query();
if ($config->getInt('enable_notification') == 1) {
if ($config->check('notification_type', 2)) {
$comment->datetime = $comment->date;
if (is_string($comment->datetime)) {
$comment->datetime = strtotime($comment->datetime);
}
JComments::sendReport($comment, $name, $reason);
}
}
$html = JText::_('Report successfully sent!');
$html = str_replace("\n", '\\n', $html);
$html = str_replace('\\n', '<br />', $html);
$html = JCommentsText::jsEscape($html);
$response->addScript("jcomments.closeReport('{$html}');");
}
} else {
JCommentsAJAX::showErrorMessage(JText::_('You have no rights to report comment!'), '', 'comments-report-form');
}
} else {
$response->addAlert(JText::_('ERROR_NOT_FOUND'));
}
unset($comment);
} else {
JCommentsAJAX::showErrorMessage(JText::_('Comment already reported to the site administrator'), '', 'comments-report-form');
}
} else {
JCommentsAJAX::showErrorMessage(JText::_('You can\'t report the same comment more than once!'), '', 'comments-report-form');
}
return $response;
}
public static function RefreshObjects($hash, $step = 0, $object_group = '', $lang = '')
{
if (JCommentsSecurity::badRequest() == 1) {
JCommentsSecurity::notAuth();
}
$response = JCommentsFactory::getAjaxResponse();
$app = JCommentsFactory::getApplication();
$count = 50;
if ($hash === md5($app->getCfg('secret'))) {
$db = JCommentsFactory::getDBO();
if ($step == 0) {
$db->setQuery('DELETE FROM #__jcomments_objects WHERE 1=1');
$db->query();
}
$where = array();
$where[] = 'IFNULL(c.lang, "") <> ""';
if (!empty($object_group)) {
$where[] = 'c.object_group = ' . $db->Quote($object_group);
}
// count objects without information
$query = "SELECT COUNT(DISTINCT c.object_id, c.object_group, c.lang)" . " FROM #__jcomments AS c" . (count($where) ? "\nWHERE " . implode(' AND ', $where) : "");
$db->setQuery($query);
$objectsCount = (int) $db->loadResult();
$where[] = 'NOT EXISTS (SELECT o.id FROM #__jcomments_objects AS o WHERE o.object_id = c.object_id AND o.object_group = c.object_group AND o.lang = c.lang)';
// get list of first objects without information
$query = "SELECT DISTINCT c.object_id, c.object_group, c.lang" . " FROM #__jcomments AS c" . (count($where) ? "\nWHERE " . implode(' AND ', $where) : "") . " ORDER BY c.object_group, c.lang";
$db->setQuery($query, 0, $count);
$rows = $db->loadObjectList();
$i = 0;
$multilanguage = JCommentsMultilingual::isEnabled();
$nextLanguage = $lang;
if (count($rows)) {
foreach ($rows as $row) {
if ($nextLanguage != $row->lang && $multilanguage) {
$nextLanguage = $row->lang;
break;
}
// retrieve and store object information
JCommentsObjectHelper::storeObjectInfo($row->object_id, $row->object_group, $row->lang, false, true);
$i++;
}
}
$objectsRefreshed = 0;
if ($i > 0) {
$db->setQuery("SELECT COUNT(*) FROM #__jcomments_objects");
$objectsRefreshed = (int) $db->loadResult();
$response->addScript("JCommentsRefreshObjectsProgress({$objectsRefreshed}, {$objectsCount});");
}
if ($objectsCount > $objectsRefreshed && ($i > 0 || $lang != $nextLanguage)) {
// we need continue refresh
$step++;
$response->addScript("JCommentsRefreshObjectsAJAX('{$hash}', '{$step}', '', '{$nextLanguage}');");
} else {
$response->addScript("JCommentsRefreshObjectsProgress({$objectsCount}, {$objectsCount});");
if ($app->getCfg('caching')) {
// clean cache for all object groups
$db->setQuery('SELECT DISTINCT object_group FROM #__jcomments_objects');
$rows = $db->loadResultArray();
foreach ($rows as $row) {
$cache = JCommentsFactory::getCache('com_jcomments_objects_' . strtolower($row));
$cache->clean();
}
}
}
}
return $response;
}
public static function restoreSettingsAjax()
{
$response = JCommentsFactory::getAjaxResponse();
$message = JCommentsAdmin::restoreSettings();
$response->addScript("jcbackend.showMessage('{$message}', 'info', 'jcomments-message-holder', 1);");
return $response;
}
public static function BanIP($id)
{
if (JCommentsSecurity::badRequest() == 1) {
JCommentsSecurity::notAuth();
}
$acl = JCommentsFactory::getACL();
$response = JCommentsFactory::getAjaxResponse();
if ($acl->canBan()) {
$config = JCommentsFactory::getConfig();
if ($config->getInt('enable_blacklist') == 1) {
$id = (int) $id;
$comment = JTable::getInstance('Comment', 'JCommentsTable');
if ($comment->load($id)) {
// we will not ban own IP ;)
if ($comment->ip != $acl->getUserIP()) {
$options = array();
$options['ip'] = $comment->ip;
// check if this IP already banned
if (JCommentsSecurity::checkBlacklist($options)) {
$result = JCommentsEventHelper::trigger('onJCommentsUserBeforeBan', array(&$comment, &$options));
if (!in_array(false, $result, true)) {
$blacklist = JTable::getInstance('Blacklist', 'JCommentsTable');
$blacklist->ip = $comment->ip;
$blacklist->created = JFactory::getDate()->toSql();
$blacklist->created_by = $acl->getUserId();
if ($blacklist->store()) {
JCommentsEventHelper::trigger('onJCommentsUserAfterBan', array(&$comment, $options));
self::showInfoMessage(JText::_('SUCCESSFULLY_BANNED'), 'comment-item-' . $id);
}
}
} else {
self::showErrorMessage(JText::_('ERROR_IP_ALREADY_BANNED'), '', 'comment-item-' . $id);
}
} else {
self::showErrorMessage(JText::_('ERROR_YOU_CAN_NOT_BAN_YOUR_IP'), '', 'comment-item-' . $id);
}
}
}
}
return $response;
}
