public function execute() { $this->getResponse()->addHeader('Content-type', 'application/json'); if ($comment_id = $this->getRequest()->post('id', 0, waRequest::TYPE_INT)) { $comment_model = new blogCommentModel(); $comment = $comment_model->getById($comment_id); if (!$comment) { throw new waException(_w('Comment not found'), 404); } $post_model = new blogPostModel(); if (!($post = $post_model->getBlogPost(array('id' => $comment['post_id'], 'blog_id' => $comment['blog_id'])))) { throw new waException(_w('Post not found'), 404); } $user_id = $this->getUser()->getId(); $rights = blogHelper::checkRights($comment['blog_id'], $user_id, blogRightConfig::RIGHT_READ_WRITE); if ($rights == blogRightConfig::RIGHT_READ_WRITE && $user_id != $post['contact_id']) { throw new waRightsException(_w('Access denied'), 403); } $status = $this->getRequest()->post('status', blogCommentModel::STATUS_DELETED); if ($status != blogCommentModel::STATUS_DELETED) { $status = blogCommentModel::STATUS_PUBLISHED; } $changed = $comment_model->updateById($comment_id, array('status' => $status)); $count = $comment_model->getCount($comment['blog_id'], $comment['post_id']); if ($changed) { if ($status == blogCommentModel::STATUS_DELETED) { $this->log('comment_delete', 1); } else { $this->log('comment_restore', 1); } } $this->response = array('count_str' => $count . " " . _w('comment', 'comments', $count), 'status' => $status, 'changed' => $changed); } }
public function execute() { $id = $this->get('id', true); $comment_model = new blogCommentModel(); $comment = $comment_model->getById($id); if ($comment) { $this->response = $comment; } else { throw new waAPIException('invalid_param', 'Comment not found', 404); } }
public function execute() { $data = waRequest::post(); $exclude = array('left_key', 'right_key', 'type', 'full_url', 'parent_id'); foreach ($exclude as $k) { if (isset($data[$k])) { unset($data[$k]); } } // check required params $this->post('text', true); $post_id = $this->get('post_id', true); $post_model = new blogPostModel(); $post = $post_model->getBlogPost($post_id); if (!$post) { throw new waAPIException('invalid_param', 'Post not found', 404); } $parent_id = $this->post('parent_id'); $comment_model = new blogCommentModel(); if ($parent_id) { $parent = $comment_model->getById($parent_id); if (!$parent) { throw new waAPIException('invalid_param', 'Parent comment not found', 404); } } $contact_id = wa()->getUser()->getId(); // check rights try { blogHelper::checkRights($post['blog_id'], $contact_id, blogRightConfig::RIGHT_READ); } catch (waException $e) { throw new waAPIException('access_denied', 403); } // check comment mode if (!$post['comments_allowed']) { throw new waAPIException('invalid_param', "Isn't allowed comment to this post", 404); } $data = array_merge($data, array('blog_id' => $post['blog_id'], 'post_id' => $post_id, 'contact_id' => $contact_id, 'auth_provider' => blogCommentModel::AUTH_USER)); $messages = $comment_model->validate($data); if ($messages) { throw new waAPIException('invalid_param', 'Validate messages: ' . implode("\n", $messages), 404); } $id = $comment_model->add($data, $parent_id); $_GET['id'] = $id; $method = new blogPostCommentsGetInfoMethod(); $this->response = $method->getResponse(true); }
public function execute() { $comment_id = (int) waRequest::post('spam'); $comment_model = new blogCommentModel(); $comment = $comment_model->getById($comment_id); $this->response['status'] = null; if ($comment) { $comment_model->updateById($comment_id, array('akismet_spam' => 1, 'status' => blogCommentModel::STATUS_DELETED)); $this->response['status'] = blogCommentModel::STATUS_DELETED; $blog_plugin = wa()->getPlugin('akismet'); $akismet = new Akismet(wa()->getRouting()->getUrl('blog', array(), true), $blog_plugin->getSettingValue('api_key')); $akismet->setCommentAuthor($comment['name']); $akismet->setCommentAuthorEmail($comment['email']); $akismet->setCommentContent($comment['text']); if (!waSystemConfig::isDebug() && $blog_plugin->getSettingValue('send_spam')) { $akismet->submitSpam(); } } }
private function displayComment() { $this->getResponse()->addHeader('Content-type', 'application/json'); if ($this->comment_id && ($comment = $this->comment_model->getById($this->comment_id))) { $count = $this->comment_model->getCount($comment['blog_id'], $comment['post_id']); $comments = $this->comment_model->prepareView(array($comment), array('photo_url_20'), array('user' => true, 'escape' => true)); $theme = waRequest::param('theme', 'default'); $theme_path = wa()->getDataPath('themes', true) . '/' . $theme; if (!file_exists($theme_path) || !file_exists($theme_path . '/theme.xml')) { $theme_path = wa()->getAppPath() . '/themes/' . $theme; } $template = 'file:comment.html'; $view = wa()->getView(array('template_dir' => $theme_path)); $view->assign('comment', array_shift($comments)); $this->response['template'] = $view->fetch($template); $this->response['count_str'] = $count . " " . _w('comment', 'comments', $count); $this->response['parent'] = $this->parent_id; } else { throw new waException(_w('Comment not found'), 404); } }
public function explainLogs($logs) { $logs = parent::explainLogs($logs); $app_url = wa()->getConfig()->getBackendUrl(true) . $this->application . '/'; $post_ids = array(); $comment_ids = array(); foreach ($logs as $l_id => $l) { if (in_array($l['action'], array('page_add', 'page_edit', 'page_move')) && isset($l['params_html'])) { $logs[$l_id]['params_html'] = str_replace('#/pages/', '?module=pages#/', $l['params_html']); } else { if ($l['action'] == 'post_edit' && version_compare(wa('webasyst')->getVersion(), '1.4.0.40888') >= 0) { // Removal of log records in activity is only supported since 1.4.0.40888, // but we don't want to raise requirements yet, so have to check for version here. // !!! TODO: should probably remove the check later and update requirements.php $logs[$l_id] = null; } else { if (in_array($l['action'], array('post_edit', 'post_publish', 'post_unpublish')) && $l['params']) { $post_ids[$l['params']] = 1; } else { if (in_array($l['action'], array('comment_add', 'comment_delete', 'comment_restore')) && $l['params']) { $comment_ids[$l['params']] = 1; } } } } } if ($comment_ids) { $comment_model = new blogCommentModel(); $comments = $comment_model->getById(array_keys($comment_ids)); foreach ($comments as $c) { $post_ids[$c['post_id']] = 1; } } if ($post_ids) { $post_model = new blogPostModel(); $posts = $post_model->getById(array_keys($post_ids)); } foreach ($logs as $l_id => $l) { if (!$l) { continue; } // Link to blog post in question $p = $c = null; if (in_array($l['action'], array('post_edit', 'post_publish', 'post_unpublish')) && isset($posts[$l['params']])) { $p = $posts[$l['params']]; } else { if (in_array($l['action'], array('comment_add', 'comment_delete', 'comment_restore')) && isset($comments[$l['params']])) { $c = $comments[$l['params']]; if (isset($posts[$c['post_id']])) { $p = $posts[$c['post_id']]; } } } if (!empty($p)) { if ($p['status'] == blogPostModel::STATUS_PUBLISHED) { $url = $app_url . '?module=post&id=' . $p['id']; } else { $url = $app_url . '?module=post&action=edit&id=' . $p['id']; } $logs[$l_id]['params_html'] = '<div class="activity-target"><a href="' . $url . '">' . htmlspecialchars($p['title']) . '</a></div>'; } if (!empty($c)) { $logs[$l_id]['params_html'] .= '<div class="activity-body"><p' . ($c['status'] == 'deleted' ? ' class="strike gray"' : '') . '>' . nl2br(htmlspecialchars(mb_substr($c['text'], 0, 512))) . '</p></div>'; } } return $logs; }
public function execute() { $this->post_id = max(0, $this->getRequest()->get('id', 0, waRequest::TYPE_INT)); $this->parent_id = max(0, $this->getRequest()->post('parent', 0, waRequest::TYPE_INT)); $comment_model = new blogCommentModel(); $post_model = new blogPostModel(); /** * * Parent comment data * @var array */ $parent = null; $stream = false; //find comment parent if ($this->parent_id && ($parent = $comment_model->getById($this->parent_id))) { if ($this->post_id && $this->post_id != $parent['post_id']) { throw new waRightsException(_w('Access denied')); } if (!$this->post_id) { $stream = true; } $this->post_id = $parent['post_id']; } else { $this->parent_id = 0; } //find post if (!$this->post_id || !($post = $post_model->getBlogPost($this->post_id))) { throw new waException(_w('Post not found'), 404); } $contact_id = $this->getUser()->getId(); #check rights $rights = blogHelper::checkRights($post['blog_id'], $contact_id, blogRightConfig::RIGHT_READ); //check comment mode if (!$post['comments_allowed']) { throw new waException(_w("Isn't allowed comment to this post")); } $comment = array('blog_id' => $post['blog_id'], 'post_id' => $this->post_id, 'contact_id' => $contact_id, 'text' => $this->getRequest()->post('text'), 'auth_provider' => blogCommentModel::AUTH_USER); $this->errors += $comment_model->validate($comment); if (count($this->errors) > 0) { return; } $id = $comment_model->add($comment, $this->parent_id); $this->logAction('comment_add', $id); $comment = $comment_model->getById($id); //$comment['new'] = false; $comment['parent'] = $this->parent_id; if ($stream) { $comment['parent_text'] = $parent ? $parent['text'] : null; $comment['parent_status'] = $parent ? $parent['status'] : null; } else { $count = $comment_model->getCount($post['blog_id'], $this->post_id); $this->response['count_str'] = $count . " " . _w('comment', 'comments', $count); } $comment['rights'] = $rights; $comment['post'] =& $post; $post['comments'] = $comment_model->prepareView(array($comment), array('photo_url_20')); blogHelper::extendRights($post['comments'], array(), $contact_id); if ($stream) { $posts = array($this->post_id => &$post); $blog_model = new blogBlogModel(); $extend_data = array('blog' => $blog_model->search(array('id' => $this->post_id))->fetchSearchAll()); $post_model->prepareView($posts, array('link' => true), $extend_data); } else { unset($comment['post']); } $view = wa()->getView(); $view->assign('post', $post); $view->assign('contact_rights', $this->getUser()->getRights('contacts', 'backend')); $template = $view->fetch('templates/actions/post/include.comments.html'); $this->getResponse()->addHeader('Content-type', 'application/json'); $this->response['template'] = $template; }