/** * Save comment * * @return void */ protected function _saveComment() { // Check permission if (!$this->model->access('content')) { App::abort(403, Lang::txt('ALERTNOTAUTH')); } // Incoming $itemid = Request::getInt('itemid', 0, 'post'); $tbl = trim(Request::getVar('tbl', 'activity', 'post')); $comment = trim(Request::getVar('comment', '', 'post')); $parent_activity = Request::getInt('parent_activity', 0, 'post'); // Clean-up $comment = \Hubzero\Utility\Sanitize::stripScripts($comment); $comment = \Hubzero\Utility\Sanitize::stripImages($comment); // Instantiate comment $objC = new \Components\Projects\Tables\Comment($this->_database); if ($comment) { $objC->itemid = $itemid; $objC->tbl = $tbl; $objC->parent_activity = $parent_activity; $objC->comment = $comment; $objC->created = Date::toSql(); $objC->created_by = $this->_uid; if (!$objC->store()) { $this->setError($objC->getError()); } else { $this->_msg = Lang::txt('PLG_PROJECTS_BLOG_COMMENT_POSTED'); } // Get new entry ID if (!$objC->id) { $objC->checkin(); } // Record activity if ($objC->id) { $what = $tbl == 'blog' ? Lang::txt('COM_PROJECTS_BLOG_POST') : Lang::txt('COM_PROJECTS_AN_ACTIVITY'); $what = $tbl == 'todo' ? Lang::txt('COM_PROJECTS_TODO_ITEM') : $what; $url = $tbl == 'todo' ? Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid) : Route::url($this->model->link('feed')) . '#tr_' . $parent_activity; // same-page link $aid = $this->model->recordActivity(Lang::txt('COM_PROJECTS_COMMENTED') . ' ' . Lang::txt('COM_PROJECTS_ON') . ' ' . $what, $objC->id, $what, $url, 'quote', 0); } // Store activity ID if ($aid) { $objC->activityid = $aid; $objC->store(); } } // Pass error or success message if ($this->getError()) { Notify::message($this->getError(), 'error', 'projects'); } elseif (!empty($this->_msg)) { Notify::message($this->_msg, 'success', 'projects'); } // Redirect App::redirect(Route::url($this->model->link())); }
/** * Save comment * * @return void, redirect */ protected function _saveComment() { // Check for request forgeries Request::checkToken(); // Check permission if (!$this->model->access('content')) { throw new Exception(Lang::txt('ALERTNOTAUTH'), 403); return; } // Incoming $itemid = Request::getInt('itemid', 0, 'post'); $comment = trim(Request::getVar('comment', '', 'post')); $parent_activity = Request::getInt('parent_activity', 0, 'post'); // Clean-up $comment = \Hubzero\Utility\Sanitize::stripScripts($comment); $comment = \Hubzero\Utility\Sanitize::stripImages($comment); $comment = \Hubzero\Utility\String::truncate($comment, 800); // Instantiate comment $objC = new \Components\Projects\Tables\Comment($this->_database); if ($comment) { $objC->itemid = $itemid; $objC->tbl = 'todo'; $objC->parent_activity = $parent_activity; $objC->comment = $comment; $objC->created = Date::toSql(); $objC->created_by = $this->_uid; if (!$objC->store()) { $this->setError($objC->getError()); } else { $this->_msg = Lang::txt('PLG_PROJECTS_TODO_COMMENT_POSTED'); } // Get new entry ID if (!$objC->id) { $objC->checkin(); } // Record activity if ($objC->id) { $what = Lang::txt('COM_PROJECTS_TODO_ITEM'); $url = Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid); $aid = $this->model->recordActivity(Lang::txt('COM_PROJECTS_COMMENTED') . ' ' . Lang::txt('COM_PROJECTS_ON') . ' ' . $what, $objC->id, $what, $url, 'quote', 0); } // Store activity ID if ($aid) { $objC->activityid = $aid; $objC->store(); } } // Pass error or success message if ($this->getError()) { \Notify::message($this->getError(), 'error', 'projects'); } elseif (!empty($this->_msg)) { \Notify::message($this->_msg, 'success', 'projects'); } // Redirect App::redirect(Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid)); return; }