forked from SynapseTechnologies/BuckysRoom
/
comments.php
executable file
·123 lines (107 loc) · 3.52 KB
/
comments.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
<?php
/**
* Add/Delete Comments
*/
require(dirname(__FILE__) . '/includes/bootstrap.php');
$userID = buckys_is_logged_in();
if( isset($_POST['action']) )
{
//Save Comment
if( $_POST['action'] == 'save-comment' )
{
if( !$userID )
{
echo MSG_INVALID_REQUEST;
exit;
}
$postID = $_POST['postID'];
$comment = $_POST['comment'];
//If comment is empty, show error
if( trim($comment) == '')
{
echo MSG_COMMENT_EMPTY;
exit;
}
//if Post Id was not set, show error
if( !$postID )
{
echo MSG_INVALID_REQUEST;
exit;
}
//Check the post id is correct
if( !BuckysPost::checkPostID($postID) )
{
echo MSG_POST_NOT_EXIST;
exit;
}
$post = BuckysPost::getPostById($postID);
if( $post['visibility'] == 0 && $userID != $post['poster'] && !BuckysFriend::isFriend($userID, $post['poster']) )
{
//Only Friends can leave comments to private post
echo MSG_INVALID_REQUEST;
exit;
}
//If error, show it
if( !($commentID = BuckysComment::saveComments($userID, $postID, $comment)) )
{
echo $db->getLastError();
exit;
}else{
//Show Results
header('Content-type: application/xml');
$newComment = BuckysComment::getComment($commentID);
$newCount = BuckysComment::getPostCommentsCount($postID);
render_result_xml(
array(
'newcomment' => render_single_comment( $newComment, $userID, true ),
'count' => $newCount > 1 ? ($newCount . " comments") : ($newCount . " comment")
)
);
exit;
}
}
//Getting More Comments
if( $_POST['action'] == 'get-comments' )
{
$postID = $_POST['postID'];
$lastDate = $_POST['last'];
$comments = BuckysComment::getPostComments($postID, $lastDate);
//Show Results
header('Content-type: application/xml');
$commentsHTML = '';
foreach($comments as $comment)
{
$commentsHTML .= render_single_comment( $comment, $userID, true );
$lastDate = $comment['posted_date'];
}
$result = array('comment' => $commentsHTML);
render_result_xml(
array(
'comment' => $commentsHTML,
'lastdate' => $lastDate,
'hasmore' => ($commentsHTML != '' && BuckysComment::hasMoreComments($postID, $lastDate)) ? 'yes' : 'no'
)
);
}
}else if($_GET['action']){
//Delete Post
if( $_GET['action'] == 'delete-comment' ){
if( !$userID )
{
echo MSG_INVALID_REQUEST;
exit;
}
$postID = $_GET['postID'];
$commentID = $_GET['commentID'];
$cUserID = $_GET['userID'];
if( !BuckysComment::deleteComment($userID, $commentID) )
{
echo 'Invalid Request';
}else{
header('content-type: application/xml');
$newCount = BuckysComment::getPostCommentsCount($postID);
render_result_xml(array('commentcount' => $newCount > 1 ? ($newCount . " comments") : ($newCount . " comment")));
}
exit;
}
}