예제 #1
0
 /**
  * Edit an existing comment
  *
  * @return array|false
  */
 private function editComment()
 {
     # Validate the user is logged in
     if (!$this->isLoggedIn) {
         return false;
     }
     # Grab the user's row from the session
     $user = \Kanso\Kanso::getInstance()->Session->get('KANSO_ADMIN_DATA');
     # Validate the user is an admin
     if ($user['role'] !== 'administrator') {
         return false;
     }
     # Filter and sanitize the POST variables
     $postVars = $this->GUMP->sanitize($this->postVars);
     $this->GUMP->validation_rules(['comment_id' => 'required|integer', 'content' => 'required']);
     $this->GUMP->filter_rules(['comment_id' => 'trim|sanitize_numbers', 'content' => 'trim|sanitize_string']);
     $validated_data = $this->GUMP->run($postVars);
     if ($validated_data) {
         $commentRow = $this->Query->SELECT('*')->FROM('comments')->WHERE('id', '=', (int) $validated_data['comment_id'])->ROW();
         # If it doesn't exist return false
         if (!$commentRow) {
             return false;
         }
         $Parser = new \Kanso\Parsedown\ParsedownExtra();
         $HTMLContent = $Parser->text($validated_data['content']);
         $commentRow['content'] = $validated_data['content'];
         $commentRow['html_content'] = $HTMLContent;
         $this->Query->UPDATE('comments')->SET(['content' => $validated_data['content'], 'html_content' => $HTMLContent])->WHERE('id', '=', $commentRow['id'])->QUERY();
         return $HTMLContent;
     }
     return false;
 }
예제 #2
0
파일: Query.php 프로젝트: kanso-cms/cms
 /**
  * The content
  *
  * @param   int   $post_id (optional) 
  * @return  string|false
  */
 public function the_content($post_id = null)
 {
     $content = '';
     if ($post_id) {
         $post = $this->getPostByID($post_id);
         if ($post) {
             $content = $post->content;
         }
     } else {
         if (!empty($this->post)) {
             $content = $this->post->content;
         }
     }
     if (empty($content)) {
         return '';
     }
     $Parser = new \Kanso\Parsedown\ParsedownExtra();
     return $Parser->text($content);
 }
예제 #3
0
 /**
  * Add a comment to an article
  *
  * @param  array    $commentData          Associative array of comment data
  * @param  array    $spamValidation       Defaults to true (optional). Should spam validation be used 
  *                                        (e.g Adding a comment from the admin panel)
  * @return bool   
  */
 public static function add($commentData, $spamValidation = true)
 {
     # Validate that a kanso instance has been called
     if (is_null(self::$Kanso)) {
         self::$Kanso = \Kanso\Kanso::getInstance();
     }
     # Get a new Query builder
     $Query = self::$Kanso->Database()->Builder();
     # Validate the input array
     $commentData = self::validateInputData($commentData);
     # Return false if the input array was invalid
     if (!$commentData) {
         return false;
     }
     # Covert string IDs to int
     $commentData['replyID'] = (int) $commentData['replyID'];
     $commentData['postID'] = (int) $commentData['postID'];
     # Convert boolean values
     $commentData['email-reply'] = $commentData['email-reply'] === 'false' || !(bool) $commentData['email-reply'] ? false : true;
     $commentData['email-thread'] = $commentData['email-thread'] === 'false' || !(bool) $commentData['email-thread'] ? false : true;
     # Convert the content from markdown to HTML
     $Parser = new \Kanso\Parsedown\ParsedownExtra();
     $htmlContent = $Parser->text($commentData['content']);
     $status = 'approved';
     $spamRating = 1;
     # Run the comment through the SPAM validator if needed
     if ($spamValidation) {
         $spamFilter = new \Kanso\Comments\Spam\SpamProtector($commentData['name'], $commentData['email'], $commentData['content'], $htmlContent);
         # If the user is blacklisted, they can't make comments
         if ($spamFilter->isBlacklistedIP()) {
             return false;
         }
         # If the user is whitelisted, they skip spam validation
         if (!$spamFilter->isWhiteListedIP()) {
             $isSPAM = $spamFilter->isSPAM();
             $spamRating = $spamFilter->getRating();
             if ($isSPAM || $spamRating < 0) {
                 $status = 'spam';
             } else {
                 if ($spamRating === 0) {
                     $status = 'pending';
                 } else {
                     $status = 'approved';
                 }
             }
         }
     }
     # Find the existing article
     $articleRow = $Query->SELECT('*')->FROM('posts')->WHERE('id', '=', (int) $commentData['postID'])->FIND();
     # If the article doesn't exist return false
     if (!$articleRow) {
         return false;
     }
     # Save existing comment id's on article locally
     $existingComments = $Query->SELECT('*')->FROM('comments')->WHERE('post_id', '=', (int) $commentData['postID'])->FIND_ALL();
     # Is this a reply comment ?
     $parentID = null;
     if (isset($commentData['replyID'])) {
         $parent = $Query->SELECT('id')->FROM('comments')->WHERE('id', '=', (int) $commentData['replyID'])->ROW();
         if ($parent) {
             $parentID = (int) $parent['id'];
         }
     }
     $type = !$parentID ? 'comment' : 'reply';
     # Prep data for entry
     $commentRow = ['post_id' => $commentData['postID'], 'parent' => $parentID, 'date' => time(), 'type' => $type, 'status' => $status, 'name' => $commentData['name'], 'email' => $commentData['email'], 'content' => $commentData['content'], 'html_content' => $htmlContent, 'ip_address' => self::$Kanso->Environment['CLIENT_IP_ADDRESS'], 'email_reply' => $commentData['email-reply'], 'email_thread' => $commentData['email-thread'], 'rating' => $spamRating];
     # Validate the parent exists
     $parentRow = $parentID ? $Query->SELECT('*')->FROM('comments')->WHERE('id', '=', (int) $parentID)->FIND() : null;
     # You cannot reply to spam, deleted or pending comment
     if ($parentRow && $parentRow['status'] !== 'approved') {
         return false;
     }
     # insert new comment
     $Query->INSERT_INTO('comments')->VALUES($commentRow)->QUERY();
     # Get the comment id
     $id = self::$Kanso->Database->lastInsertId();
     $commentRow['id'] = intval($id);
     if ($commentRow['id'] === 0) {
         return false;
     }
     # Get the id of the new comment and
     # append/set it to article row in the databse
     self::sendCommentEmails($articleRow, $commentRow);
     return $status;
 }