/**
* Create a new comment.
*
* @access public
* @return void
*/
public function post()
{
$status = true;
$message = '';
$mongo = MongoDBI::getInstance();
$comment = [];
try {
$this->req()->expect('entity', 'entity_id', 'text');
} catch (Exception $e) {
$status = false;
$message = 'You must provide a comment';
}
if (!$_SESSION['user']->isAuthenticated()) {
$status = false;
$message = 'You must be logged in to comment';
}
if (!$_SESSION['user']->customer()->can_comment) {
$status = false;
$message = 'Permission denied.';
}
if ($status) {
$parent_id = isset($this->req()->parent_id) ? $this->req()->parent_id : 0;
$comment = new CustomerCommentSaurus(["entity_table" => $this->req()->entity, "entity_id" => $this->req()->entity_id, "parent_id" => $parent_id, "customer_id" => (int) $_SESSION['user']->customer()->id(), "customer_role" => $_SESSION['user']->customer()->customers_role, "ctime" => new MongoDate(), "mtime" => new MongoDate(), "ratings" => [(int) $_SESSION['user']->customer()->id()], "ratings_count" => 1, "reports" => 0, "visible" => true, "text" => $this->req()->text]);
// by default, hide replies to hidden comments, so they don't
// wind up in the feed (if you want to quietly send a message
// to the nerds watching the backchannel in the feed, you can
// unhide your comment and it'll show up there)
if ($parent_id != 0) {
$parent_comment = $comment->parent();
$comment->visible = $parent_comment->visible;
}
$bl_results = DB::fetchAll("select * from comment_blacklists where :term ~* regex_needle", ['term' => $this->req()->text]);
$blacklisted = count($bl_results) > 0;
if (!$blacklisted) {
// TODO: should this be $comment->insert() instead ?
if (!$mongo->comments->insert($comment->getRecord())) {
$status = false;
$message = 'Error saving comment, please try again later.';
} else {
LogSaurus::log('COMMENT_POST', $_SESSION['user']->customer()->id(), 'COMMERCE', $comment->id());
}
// assuming we saved that correctly, let's notify whoever wants to know about
// this comment being posted
if ($status) {
$comment->queueNotification();
}
} else {
LogSaurus::log('COMMENT_POST_BLACKLISTED', $_SESSION['user']->customer()->id(), 'COMMERCE', $this->req()->text);
}
}
$this->respondTo()->json = function () use($mongo, $status, $message, $comment) {
if (!$status) {
return ['status' => $status, 'message' => $message];
}
$updated_html = $this->app()->partial('comments/view');
$updated_html->entity_table = $this->req()->entity;
$updated_html->entity_id = $this->req()->entity_id;
if ($updated_html->entity_table == 'products') {
$updated_html->do_heading = false;
}
$updated_html->comments = $mongo->comments->find(['entity_table' => $this->req()->entity, 'entity_id' => $this->req()->entity_id, 'visible' => true]);
$updated_html->comments->sort(["ratings_count" => -1, "ctime" => -1]);
return ['status' => $status, 'message' => $message, 'comment_id' => (string) $comment->id()];
};
$this->respondTo()->html = function () use($status, $message, $comment) {
if ($status) {
return new Redirect($comment->url());
}
$this->template()->message = $message;
$this->layout()->title = 'Error posting comment';
return $this->layout();
};
}