/** * Save a reply * * @return void */ private function savereply() { // Is the user logged in? if (User::isGuest()) { $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_LOGIN_NOTICE')); return; } // Check for request forgeries Request::checkToken(); // Incoming $id = Request::getInt('id', 0); // Trim and addslashes all posted items $comment = Request::getVar('comment', array(), 'post', 'none', 2); if (!$id) { // Cannot proceed $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_COMMENT_ERROR_NO_REFERENCE_ID')); return; } $row = \Hubzero\Item\Comment::oneOrNew($comment['id'])->set($comment); // Perform some text cleaning, etc. $row->set('content', \Hubzero\Utility\Sanitize::stripImages(\Hubzero\Utility\Sanitize::clean($row->get('content')))); $row->set('anonymous', $row->get('anonymous') == 1 || $row->get('anonymous') == '1' ? $row->get('anonymous') : 0); $row->set('state', $row->isNew() ? 1 : $row->get('state')); // Save the data if (!$row->save()) { $this->setError($row->getError()); return; } }
/** * Save a comment * * @return string */ private function _savecomment() { // Check for request forgeries Request::checkToken(); // Ensure the user is logged in if (User::isGuest()) { return $this->_login(); } // Incoming $data = Request::getVar('comment', array(), 'post'); // Instantiate a new comment object and pass it the data $comment = \Hubzero\Item\Comment::oneOrNew($data['id'])->set($data); // Store new content if (!$comment->save()) { $this->setError($comment->getError()); return $this->_post(); } // Log activity $post = new \Components\Collections\Models\Post(Request::getInt('post', 0)); $recipients = array(['group', $this->group->get('gidNumber')], ['collection', $post->get('collection_id')], ['user', $comment->get('created_by')]); if ($comment->get('parent')) { $recipients[] = ['user', $comment->parent()->get('created_by')]; } foreach ($this->group->get('managers') as $recipient) { $recipients[] = ['user', $recipient]; } $title = $post->item()->get('title'); $title = $title ? $title : $post->item()->get('description', '#' . $post->get('id')); $title = \Hubzero\Utility\String::truncate(strip_tags($title), 70); $url = Route::url('index.php?option=com_collections&controller=posts&post=' . $post->get('id') . '&task=comment'); Event::trigger('system.logActivity', ['activity' => ['action' => $data['id'] ? 'updated' : 'created', 'scope' => 'collections.comment', 'scope_id' => $comment->get('id'), 'description' => Lang::txt('PLG_GROUPS_COLLECTIONS_ACTIVITY_COMMENT_' . ($data['id'] ? 'UPDATED' : 'CREATED'), $comment->get('id'), '<a href="' . $url . '#c' . $comment->get('id') . '">' . $title . '</a>'), 'details' => array('collection_id' => $post->get('collection_id'), 'post_id' => $post->get('id'), 'item_id' => $row->get('item_id'), 'url' => $url . '#c' . $comment->get('id'))], 'recipients' => $recipients]); return $this->_post(); }
/** * Edit an entry * * @param mixed $row * @return void */ public function editTask($row = null) { Request::setVar('hidemainmenu', 1); if (!User::authorise('core.edit', $this->_option) && !User::authorise('core.create', $this->_option)) { App::abort(403, Lang::txt('JERROR_ALERTNOAUTHOR')); } $wish = Request::getInt('wish', 0); if (!is_object($row)) { // Incoming $id = Request::getVar('id', array(0)); if (is_array($id) && !empty($id)) { $id = $id[0]; } // Load category $row = Comment::oneOrNew($id); } if ($row->isNew()) { $row->set('item_type', 'wish'); $row->set('item_id', $wish); $row->set('created', Date::toSql()); $row->set('created_by', User::get('id')); } // Output the HTML $this->view->set('row', $row)->set('wish', $wish)->setLayout('edit')->display(); }