コード例 #1
0
 protected function __trigger()
 {
     $result = new XMLElement('forum-post');
     $fields = $_POST['fields'];
     $entry_id = NULL;
     if (isset($_POST['id']) && is_numeric($_POST['id'])) {
         $entry_id = $_POST['id'];
     }
     $fields = self::prepareFieldValues($_POST['fields'], $_FILES['fields']);
     ## Create the post data cookie element
     if (is_array($fields) && !empty($fields)) {
         $cookie = new XMLElement('post-values');
         foreach ($fields as $element_name => $value) {
             if (strlen($value) == 0) {
                 continue;
             }
             $cookie->appendChild(new XMLElement($element_name, General::sanitize($value)));
         }
     }
     $discussion = $comment = $fields;
     $action = $_POST['action'];
     $Forum =& $this->_Parent->ExtensionManager->create('forum');
     $Members =& $this->_Parent->ExtensionManager->create('members');
     $Members->initialiseCookie();
     $isLoggedIn = $Members->isLoggedIn();
     $Members->initialiseMemberObject();
     if ($isLoggedIn && is_object($Members->Member)) {
         $role_data = $Members->Member->getData($Members->roleField());
     }
     $role = $Members->fetchRole($isLoggedIn ? $role_data['role_id'] : 1, true);
     /*			if(!$loggedin || !$member = $Members->initialiseMemberObject()){
     				$result->setAttribute('result', 'error');
     				$result->appendChild(new XMLElement('message', 'Not authorised'));
     				return $result;
     			}
     */
     /*
     		add_comment
     	<action name="edit_comment" />
     	<action name="edit_discussion" />
     	<action name="edit_own_comment" />
     	<action name="edit_own_discussion" />
     	<action name="start_discussion" />
     	if($role->canPerformEventAction('forum', $action.'_discussion')){ 
     		$Forum->Discussion->$action($discussion_id);
     		$success = true;
     	}
     */
     $success = false;
     $discussion_id = NULL;
     $comment_discussion_id_field_handle = Symphony::Database()->fetchVar('element_name', 0, "SELECT `element_name` FROM `tbl_fields` \n\t\t\t\tWHERE `id` = " . (int) Symphony::Configuration()->get('comment-discussion-link-field', 'forum') . " LIMIT 1");
     if (isset($action['forum-new-discussion'])) {
         if ($role->canPerformEventAction('forum', 'start_discussion')) {
             if (!($oDiscussion = $this->__doit($Forum->getDiscussionSectionID(), $discussion, $result, NULL, $cookie))) {
                 return $result;
             }
             $comment[$comment_discussion_id_field_handle] = $oDiscussion->get('id');
             if (!($oComment = $this->__doit($Forum->getCommentSectionID(), $comment, $result, NULL, $cookie))) {
                 $Forum->Discussion->remove($oDiscussion->get('id'));
                 return $result;
             }
             if ($isLoggedIn) {
                 $Forum->Discussion->updateRead($Members->Member->get('id'), $oDiscussion->get('id'));
             }
             $success = true;
             $discussion_id = $oDiscussion->get('id');
         } else {
             $result->appendChild(new XMLElement('message', 'Not authorised'));
         }
     } elseif (isset($action['forum-edit-discussion'])) {
         $is_owner = $isLoggedIn ? $Forum->Discussion->isDiscussionOwner((int) $Members->Member->get('id'), $entry_id) : false;
         if ($role->canPerformEventAction('forum', 'edit_discussion') || $is_owner && $role->canPerformEventAction('forum', 'edit_own_discussion')) {
             if (!($oDiscussion = $this->__doit($Forum->getDiscussionSectionID(), $discussion, $result, $entry_id, $cookie))) {
                 return $result;
             }
             if (!($oComment = $this->__doit($Forum->getCommentSectionID(), $comment, $result, $discussion['comment-id'], $cookie))) {
                 return $result;
             }
             $success = true;
             $discussion_id = $entry_id;
         } else {
             $result->appendChild(new XMLElement('message', 'Not authorised'));
         }
     } elseif (isset($action['forum-new-comment'])) {
         $oDiscussion = new Discussion($this->_Parent, $comment[$comment_discussion_id_field_handle]);
         $isOpen = Symphony::Database()->fetchVar('value', 0, 'SELECT `value` FROM `sym_entries_data_' . $oDiscussion->getLockedField() . '` WHERE `entry_id` = ' . $oDiscussion->Entry()->get('id') . ' LIMIT 1');
         if ($role->canPerformEventAction('forum', 'add_comment') && $isOpen == 'no') {
             //if(!$oDiscussion = $this->__doit($Forum->getDiscussionSectionID(), $discussion, $result, $comment[$comment_discussion_id_field_handle], $cookie)) return $result;
             try {
                 if (!($oComment = $this->__doit($Forum->getCommentSectionID(), $comment, $result, NULL, $cookie))) {
                     return $result;
                 }
                 if ($isLoggedIn) {
                     $username_and_password = $Members->Member->getData($Members->usernameAndPasswordField());
                     $oDiscussion->Entry()->setData(Discussion::getLastActiveField(), array('local' => strtotime($oComment->get('creation_date')), 'gmt' => strtotime($oComment->get('creation_date_gmt')), 'value' => DateTimeObj::get('c', strtotime($oComment->get('creation_date')))));
                     $oDiscussion->Entry()->setData(Discussion::getLastPostField(), array('member_id' => $Members->Member->get('id'), 'username' => $username_and_password['username']));
                     $oDiscussion->Entry()->commit();
                     $Forum->Discussion->updateRead($Members->Member->get('id'), $comment[$comment_discussion_id_field_handle]);
                 }
                 $success = true;
                 $discussion_id = $oDiscussion->Entry()->get('id');
             } catch (Exception $e) {
                 $result->appendChild(new XMLElement('error', General::sanitize($e->getMessage())));
                 $success = false;
             }
         } else {
             $result->appendChild(new XMLElement('message', 'Not authorised'));
         }
     } elseif (isset($action['forum-edit-comment'])) {
         $is_owner = $isLoggedIn ? $Forum->Discussion->isCommentOwner((int) $Members->Member->get('id'), $entry_id) : false;
         if ($role->canPerformEventAction('forum', 'edit_comment') || $is_owner && $role->canPerformEventAction('forum', 'edit_own_comment')) {
             if (!($oComment = $this->__doit($Forum->getCommentSectionID(), $comment, $result, $entry_id, $cookie))) {
                 return $result;
             }
             $success = true;
             $discussion_id = $comment[$comment_discussion_id_field_handle];
         } else {
             $result->appendChild(new XMLElement('message', 'Not authorised'));
         }
     }
     if ($success && isset($_REQUEST['redirect'])) {
         redirect(str_replace('{$id}', $discussion_id, $_REQUEST['redirect']));
     }
     $result->setAttributeArray(array('result' => $success ? 'success' : 'failed', 'type' => isset($entry_id) ? 'edited' : 'created'));
     if ($success) {
         $result->appendChild(new XMLElement('message', 'Entry ' . (isset($entry_id) ? 'edited' : 'created') . ' successfully.'));
     }
     return $result;
 }