/** * Handle the preprocess event * * Takes care of handling all the post input from creating * comments and saves them. Also handles optin and unsubscribe * actions. * * @param Doku_Event $event event object by reference * @param array $param empty array as passed to register_hook() * @return bool */ function handle_act_preprocess(Doku_Event $event, $param) { global $INFO, $ID; // optin if (isset($_REQUEST['btngo'])) { $this->commenthelper->optin($_REQUEST['btngo']); } // unsubscribe if (isset($_REQUEST['btngu'])) { $this->commenthelper->unsubscribe_by_key(md5($ID), $_REQUEST['btngu']); } global $BLOGTNG; $BLOGTNG = array(); // prepare data for comment form $comment = array(); $comment['source'] = $this->tools->getParam('comment/source'); $comment['name'] = ($commentname = $this->tools->getParam('comment/name')) ? $commentname : $INFO['userinfo']['name']; $comment['mail'] = ($commentmail = $this->tools->getParam('comment/mail')) ? $commentmail : $INFO['userinfo']['mail']; $comment['web'] = ($commentweb = $this->tools->getParam('comment/web')) ? $commentweb : ''; $comment['text'] = isset($_REQUEST['wikitext']) ? cleanText($_REQUEST['wikitext']) : null; $comment['pid'] = isset($_REQUEST['pid']) ? $_REQUEST['pid'] : null; $comment['page'] = isset($_REQUEST['id']) ? $_REQUEST['id'] : null; $comment['subscribe'] = isset($_REQUEST['blogtng']['subscribe']) ? $_REQUEST['blogtng']['subscribe'] : null; $comment['ip'] = clientIP(true); //add "http(s)://" to website if (!preg_match('/^http/', $comment['web']) && $comment['web'] != '') { $comment['web'] = 'http://' . $comment['web']; } $BLOGTNG['comment'] = $comment; if (is_array($event->data) && (isset($event->data['comment_submit']) || isset($event->data['comment_preview']))) { if (isset($event->data['comment_submit'])) { $BLOGTNG['comment_action'] = 'submit'; } if (isset($event->data['comment_preview'])) { $BLOGTNG['comment_action'] = 'preview'; } // check for empty fields $BLOGTNG['comment_submit_errors'] = array(); foreach (array('name', 'mail', 'text') as $field) { if (empty($comment[$field])) { $BLOGTNG['comment_submit_errors'][$field] = true; } } // check CAPTCHA if available (on submit only) $captchaok = true; if ($BLOGTNG['comment_action'] == 'submit') { /** @var helper_plugin_captcha $helper */ $helper = null; if (@is_dir(DOKU_PLUGIN . 'captcha')) { $helper = plugin_load('helper', 'captcha'); } if (!is_null($helper) && $helper->isEnabled()) { $captchaok = $helper->check(); } } // return on errors if (!empty($BLOGTNG['comment_submit_errors']) || !$captchaok) { $event->data = 'show'; $_SERVER['REQUEST_METHOD'] = 'get'; //hack to avoid redirect return false; } if ($BLOGTNG['comment_action'] == 'submit') { // save comment and redirect FIXME cid $this->commenthelper->save($comment); act_redirect($comment['page'], 'show'); } elseif ($BLOGTNG['comment_action'] == 'preview') { $event->data = 'show'; $_SERVER['REQUEST_METHOD'] = 'get'; // hack to avoid redirect return false; } } else { return true; } }
/** * Handles all actions of the admin component * * @author Michael Klier <*****@*****.**> */ public function handle() { if (!isset($_REQUEST['btng']['admin'])) { $admin = null; } else { $admin = is_array($_REQUEST['btng']['admin']) ? key($_REQUEST['btng']['admin']) : $_REQUEST['btng']['admin']; } //skip actions when no valid security token given $noSecTokenNeeded = array('search', 'comment_edit', 'comment_preview', null); if (!in_array($admin, $noSecTokenNeeded) && !checkSecurityToken()) { $admin = null; } // handle actions switch ($admin) { case 'comment_save': // FIXME error handling? $comment = $_REQUEST['btng']['comment']; $this->commenthelper->save($comment); msg($this->getLang('msg_comment_save'), 1); break; case 'comment_delete': // FIXME error handling $comment = $_REQUEST['btng']['comment']; $this->commenthelper->delete($comment['cid']); msg($this->getLang('msg_comment_delete'), 1); break; case 'comment_batch_edit': $batch = $_REQUEST['btng']['admin']['comment_batch_edit']; $cids = $_REQUEST['btng']['comments']['cids']; if ($cids) { foreach ($cids as $cid) { switch ($batch) { // FIXME messages case 'delete': $this->commenthelper->delete($cid); msg($this->getLang('msg_comment_delete'), 1); break; case 'status_hidden': $this->commenthelper->moderate($cid, 'hidden'); msg($this->getLang('msg_comment_status_change'), 1); break; case 'status_visible': $this->commenthelper->moderate($cid, 'visible'); msg($this->getLang('msg_comment_status_change'), 1); break; } } } break; case 'entry_set_blog': // FIXME errors? $pid = $_REQUEST['btng']['entry']['pid']; $blog = $_REQUEST['btng']['entry']['blog']; if ($pid) { $blogs = $this->entryhelper->get_blogs(); if (in_array($blog, $blogs)) { $this->entryhelper->load_by_pid($pid); $this->entryhelper->entry['blog'] = $blog; $this->entryhelper->save(); } } msg($this->getLang('msg_entry_blog_change'), 1); break; case 'entry_set_commentstatus': $pid = $_REQUEST['btng']['entry']['pid']; $status = $_REQUEST['btng']['entry']['commentstatus']; if ($pid) { if (in_array($status, array('disabled', 'enabled', 'closed'))) { $this->entryhelper->load_by_pid($pid); $this->entryhelper->entry['commentstatus'] = $status; $this->entryhelper->save(); } } msg($this->getLang('msg_comment_status_change'), 1); break; default: // do nothing - show dashboard break; } }