protected function postAction($request, $db)
{
$talk_id = $this->getItemId($request);
if (isset($request->url_elements[4])) {
// sub elements
if ($request->url_elements[4] == "comments") {
// no anonymous comments over the API
if (!isset($request->user_id) || empty($request->user_id)) {
throw new BadRequestException('You must log in to comment');
}
$comment = $request->getParameter('comment');
if (empty($comment)) {
throw new BadRequestException('The field "comment" is required');
}
$rating = $request->getParameter('rating');
if (empty($rating)) {
throw new BadRequestException('The field "rating" is required');
}
$comment_mapper = new TalkCommentMapper($db, $request);
$data['user_id'] = $request->user_id;
$data['talk_id'] = $talk_id;
$data['comment'] = $comment;
$data['rating'] = $rating;
$comment_mapper->save($data);
header("Location: " . $request->base . $request->path_info);
exit;
}
} else {
throw new Exception("method not yet supported - sorry");
}
}
public function postAction($request, $db)
{
if (!isset($request->user_id)) {
throw new Exception("You must be logged in to create data", 400);
}
$talk_id = $this->getItemId($request);
if (isset($request->url_elements[4])) {
switch ($request->url_elements[4]) {
case "comments":
$comment = $request->getParameter('comment');
if (empty($comment)) {
throw new Exception('The field "comment" is required', 400);
}
$rating = $request->getParameter('rating');
if (empty($rating)) {
throw new Exception('The field "rating" is required', 400);
}
$private = $request->getParameter('private') ? 1 : 0;
// Get the API key reference to save against the comment
$oauth_model = $request->getOauthModel($db);
$consumer_name = $oauth_model->getConsumerName($request->getAccessToken());
$talk_mapper = new TalkMapper($db, $request);
$comment_mapper = new TalkCommentMapper($db, $request);
$data['user_id'] = $request->user_id;
$data['talk_id'] = $talk_id;
$data['comment'] = $comment;
$data['rating'] = $rating;
$data['private'] = $private;
$data['source'] = $consumer_name;
try {
// run it by akismet if we have it
if (isset($this->config['akismet']['apiKey'], $this->config['akismet']['blog'])) {
$spamCheckService = new SpamCheckService($this->config['akismet']['apiKey'], $this->config['akismet']['blog']);
$isValid = $spamCheckService->isCommentAcceptable($data, $request->getClientIP(), $request->getClientUserAgent());
if (!$isValid) {
throw new Exception("Comment failed spam check", 400);
}
}
// should rating be allowed?
if ($comment_mapper->hasUserRatedThisTalk($data['user_id'], $data['talk_id'])) {
$data['rating'] = 0;
}
if ($talk_mapper->isUserASpeakerOnTalk($data['talk_id'], $data['user_id'])) {
// speakers cannot cannot rate their own talk
$data['rating'] = 0;
}
$new_id = $comment_mapper->save($data);
} catch (Exception $e) {
// just throw this again but with a 400 status code
throw new Exception($e->getMessage(), 400);
}
if ($new_id) {
$comment = $comment_mapper->getCommentById($new_id);
$talk = $talk_mapper->getTalkById($talk_id);
$speakers = $talk_mapper->getSpeakerEmailsByTalkId($talk_id);
$recipients = array();
foreach ($speakers as $person) {
$recipients[] = $person['email'];
}
$emailService = new TalkCommentEmailService($this->config, $recipients, $talk, $comment);
$emailService->sendEmail();
$uri = $request->base . '/' . $request->version . '/talk_comments/' . $new_id;
header("Location: " . $uri, true, 201);
exit;
} else {
throw new Exception("The comment could not be stored", 400);
}
break;
case 'starred':
// the body of this request is completely irrelevant
// The logged in user *is* attending the talk. Use DELETE to unattend
$talk_mapper = new TalkMapper($db, $request);
$talk_mapper->setUserStarred($talk_id, $request->user_id);
header("Location: " . $request->base . $request->path_info, null, 201);
exit;
default:
throw new Exception("Operation not supported, sorry", 404);
}
} else {
throw new Exception("method not supported - sorry");
}
}