/**
* Method to save a new comment
*
* @return int 1 on success, 2 on success but approval necessary, boolean false otherwise
* @since 1.5.5
*/
public function save()
{
// Check for hacking attempt
$authorised_viewlevels = implode(',', $this->_user->getAuthorisedViewLevels());
$query = $this->_db->getQuery(true)->select('c.cid')->from(_JOOM_TABLE_IMAGES . ' AS a')->leftJoin(_JOOM_TABLE_CATEGORIES . ' AS c ON c.cid = a.catid')->where('a.published = 1')->where('a.approved = 1')->where('a.id = ' . $this->_id)->where('a.access IN (' . $authorised_viewlevels . ')')->where('c.access IN (' . $authorised_viewlevels . ')');
$this->_db->setQuery($query);
$result = $this->_db->loadResult();
if (!$result || !$this->_config->get('jg_showcomment') || !$this->_config->get('jg_anoncomment') && !$this->_user->get('id')) {
die('Hacking attempt, aborted!');
}
$categories = $this->_ambit->getCategoryStructure();
if (!isset($categories[$result])) {
die('Hacking attempt, aborted!');
}
// Comment text
$filter = JFilterInput::getInstance();
$text = trim($filter->clean(JRequest::getVar('cmttext', '', 'post')));
if (!$text) {
$this->_mainframe->redirect(JRoute::_('index.php?view=detail&id=' . $this->_id . '#joomcommentform', false), JText::_('COM_JOOMGALLERY_NO_COMMENT_ENTERED'), 'notice');
}
// Name of the one who comments
if ($this->_user->get('id')) {
$name = $this->_config->get('jg_realname') ? $this->_user->get('name') : $this->_user->get('username');
} else {
if ($this->_config->get('jg_namedanoncomment')) {
$name = trim($filter->clean(JRequest::getVar('cmtname', '', 'post')));
if (!$name) {
$name = JText::_('COM_JOOMGALLERY_COMMON_GUEST');
}
} else {
$name = JText::_('COM_JOOMGALLERY_COMMON_GUEST');
}
}
// Store the data in session
$this->_mainframe->setUserState('joom.comments.name', $name);
$this->_mainframe->setUserState('joom.comments.text', $text);
// Captcha
$valid = true;
$plugins = $this->_mainframe->triggerEvent('onJoomCheckCaptcha');
foreach ($plugins as $key => $result) {
if (is_array($result) && isset($result['valid']) && !$result['valid']) {
$valid = false;
if (isset($result['error']) && $result['error']) {
$msg = $result['error'];
} else {
$msg = JText::_('COM_JOOMGALLERY_DETAIL_MSG_COMMENT_SECURITY_CODE_WRONG');
}
break;
}
}
if (!$valid) {
$this->_mainframe->redirect(JRoute::_('index.php?view=detail&id=' . $this->_id . '#joomcommentform', false), $msg, 'notice');
}
// Check whether the comment has to be approved by administrators
if (!$this->_config->get('jg_approvecom') && $this->_user->get('id') || !$this->_config->get('jg_anonapprovecom') && !$this->_user->get('id')) {
$approved = 1;
// Load image data
$image = $this->getTable('joomgalleryimages');
$image->load($this->_id);
// Message about new comment to image owner
// If comments have to be approved by administrators
// this message will be sent as soon as the comment was approved
if ($this->_config->get('jg_msg_comment_toowner') && $image->owner && $image->owner != $this->_user->get('id')) {
// Load image data
$row = $this->getTable('joomgalleryimages');
$row->load($this->_id);
require_once JPATH_COMPONENT . '/helpers/messenger.php';
$messenger = new JoomMessenger();
$message = array('from' => $this->_user->get('id'), 'recipient' => $image->owner, 'subject' => JText::_('COM_JOOMGALLERY_MESSAGE_NEW_COMMENT_TO_OWNER_SUBJECT'), 'body' => JText::sprintf('COM_JOOMGALLERY_MESSAGE_NEW_COMMENT_TO_OWNER_BODY', $name, $image->imgtitle, $this->_id), 'type' => $messenger->getType('comment'));
}
} else {
$approved = 0;
// Message about new comment
require_once JPATH_COMPONENT . '/helpers/messenger.php';
$messenger = new JoomMessenger();
$message = array('from' => $this->_user->get('id'), 'subject' => JText::_('COM_JOOMGALLERY_MESSAGE_NEW_COMMENT_SUBJECT'), 'body' => JText::sprintf('COM_JOOMGALLERY_MESSAGE_NEW_COMMENT_BODY', $name), 'mode' => 'comment');
}
// Change \r\n or \n to <br />
$text = nl2br(stripcslashes($text));
$date = JFactory::getDate();
$row = $this->getTable('joomgallerycomments');
$row->cmtpic = $this->_id;
$row->cmtip = $_SERVER['REMOTE_ADDR'];
$row->userid = $this->_user->get('id');
$row->cmtname = $name;
$row->cmttext = $text;
$row->cmtdate = $date->toSQL();
$row->published = 1;
$row->approved = $approved;
// Trigger event 'onJoomBeforeComment'
$plugins = $this->_mainframe->triggerEvent('onJoomBeforeComment', array(&$row));
if (in_array(false, $plugins, true)) {
return false;
}
if (!$row->check()) {
$this->setError($row->getError());
return false;
}
if (!$row->store()) {
$this->setError(JText::_('COM_JOOMGALLERY_ERROR_SAVING_COMMENT'));
return false;
}
if (isset($messenger)) {
$messenger->send($message);
}
$this->_mainframe->triggerEvent('onJoomAfterComment', array($row));
// After successfully storing the comment remove the comment text from the session, but keep the name
$this->_mainframe->setUserState('joom.comments.text', null);
if ($approved) {
return 1;
} else {
return 2;
}
}
/**
* Method to save a name tag
*
* @return boolean True on success, false otherwise
* @since 1.5.5
*/
public function save()
{
$yvalue = JRequest::getInt('yvalue', 0, 'post');
$xvalue = JRequest::getInt('xvalue', 0, 'post');
$height = $this->_config->get('jg_nameshields_height');
// Access check
if (!($by = $this->_user->get('id'))) {
JError::raiseError(500, JText::_('COM_JOOMGALLERY_COMMON_PERMISSION_DENIED'));
}
// Check for hacking attempt
$authorised_viewlevels = implode(',', $this->_user->getAuthorisedViewLevels());
$query = $this->_db->getQuery(true)->select('c.cid')->from(_JOOM_TABLE_IMAGES . ' AS a')->leftJoin(_JOOM_TABLE_CATEGORIES . ' AS c ON c.cid = a.catid')->where('a.published = 1')->where('a.approved = 1')->where('a.id = ' . $this->_id)->where('a.access IN (' . $authorised_viewlevels . ')')->where('c.access IN (' . $authorised_viewlevels . ')');
$this->_db->setQuery($query);
if (!($result = $this->_db->loadResult())) {
die('Hacking attempt, aborted!');
}
$categories = $this->_ambit->getCategoryStructure();
if (!isset($categories[$result])) {
die('Hacking attempt, aborted!');
}
if ($this->_config->get('jg_nameshields_others')) {
$userid = JRequest::getInt('userid');
} else {
$userid = $by;
}
// Check whether an existing user was selected
$user = JFactory::getUser($userid);
if (!is_object($user)) {
$this->setError(JText::_('COM_JOOMGALLERY_DETAIL_NAMETAGS_MSG_ERROR_SAVING'));
return false;
}
$query = $this->_db->getQuery(true)->select('nid')->from(_JOOM_TABLE_NAMESHIELDS)->where('npicid = ' . $this->_id)->where('nuserid = ' . $userid);
$this->_db->setQuery($query);
if ($this->_db->loadResult()) {
if ($userid == $by) {
$this->setError(JText::_('COM_JOOMGALLERY_DETAIL_NAMETAGS_MSG_YOU_ARE_ALREADY_TAGGED'));
} else {
$this->setError(JText::_('COM_JOOMGALLERY_DETAIL_NAMETAGS_MSG_USER_ALREADY_TAGGED'));
}
return false;
}
$length = strlen($user->get('username')) * $this->_config->get('jg_nameshields_width');
if ($xvalue < $height && $yvalue < $length) {
$this->setError(JText::_('COM_JOOMGALLERY_DETAIL_NAMETAGS_MSG_NOT_SAVED'));
return false;
}
$query->clear()->select('MIN(nzindex)')->from(_JOOM_TABLE_NAMESHIELDS)->where('npicid = ' . $this->_id);
$this->_db->setQuery($query);
$zindex = $this->_db->loadResult();
if (!$zindex) {
$zindex = 500;
} else {
$zindex--;
}
$row = $this->getTable('joomgallerynameshields');
$date = JFactory::getDate();
$row->npicid = $this->_id;
$row->nuserid = $userid;
$row->nxvalue = $xvalue;
$row->nyvalue = $yvalue;
$row->by = $by;
$row->nuserip = $_SERVER['REMOTE_ADDR'];
$row->ndate = $date->toSQL();
$row->nzindex = $zindex;
if (!$row->store()) {
$this->setError(JText::_('COM_JOOMGALLERY_DETAIL_NAMETAGS_MSG_ERROR_SAVING'));
return false;
}
$this->_mainframe->triggerEvent('onJoomAfterTag', array($row));
// Send messages
if ($this->_config->get('jg_msg_nametag_type')) {
$image = $this->getTable('joomgalleryimages');
$image->load($this->_id);
$user = JFactory::getUser($userid);
$name = $this->_config->get('jg_realname') ? $user->get('name') : $user->get('username');
$by_name = $this->_config->get('jg_realname') ? $this->_user->get('name') : $this->_user->get('username');
require_once JPATH_COMPONENT . '/helpers/messenger.php';
$messenger = new JoomMessenger();
// General Message
if ($by != $userid) {
$subject = JText::sprintf('COM_JOOMGALLERY_MESSAGE_NEW_NAMETAG_OTHERS_BODY', $name, $by_name, $image->imgtitle, $this->_id);
} else {
$subject = JText::sprintf('COM_JOOMGALLERY_MESSAGE_NEW_NAMETAG_BODY', $name, $image->imgtitle, $this->_id);
}
$message = array('from' => $by, 'subject' => JText::_('COM_JOOMGALLERY_MESSAGE_NEW_NAMETAG_SUBJECT'), 'body' => $subject, 'mode' => 'nametag');
// Message to image owner
if ($this->_config->get('jg_msg_nametag_toowner') && $by != $image->owner) {
// Simply add the owner to the list of recipients
$message['recipient'] = $image->owner;
}
// Send general message
$messenger->send($message);
// Message to tagged user
if ($this->_config->get('jg_msg_nametag_totaggeduser') && $by != $userid) {
$url = JRoute::_('index.php?view=detail&id=' . $this->_id, false) . ($this->_config->get('jg_anchors') ? '#joomimg' : '');
// Ensure that the correct host and path is prepended
$current_uri = JURI::getInstance(JURI::base());
$current_host = $current_uri->toString(array('scheme', 'host', 'port'));
$uri = JFactory::getUri($url);
$uri->setHost($current_host);
$url = $uri->toString();
$message = array('from' => $by, 'recipient' => $userid, 'subject' => JText::sprintf('COM_JOOMGALLERY_MESSAGE_YOU_WERE_TAGGED_SUBJECT', $this->_mainframe->getCfg('sitename')), 'body' => JText::sprintf('COM_JOOMGALLERY_MESSAGE_YOU_WERE_TAGGED_BODY', $name, $image->imgtitle, $url), 'type' => $messenger->getType('nametag'));
$messenger->send($message);
}
}
return true;
}
