/** * Save comment * * @return void */ protected function _saveComment() { // Check permission if (!$this->model->access('content')) { App::abort(403, Lang::txt('ALERTNOTAUTH')); } // Incoming $itemid = Request::getInt('itemid', 0, 'post'); $tbl = trim(Request::getVar('tbl', 'activity', 'post')); $comment = trim(Request::getVar('comment', '', 'post')); $parent_activity = Request::getInt('parent_activity', 0, 'post'); // Clean-up $comment = \Hubzero\Utility\Sanitize::stripScripts($comment); $comment = \Hubzero\Utility\Sanitize::stripImages($comment); // Instantiate comment $objC = new \Components\Projects\Tables\Comment($this->_database); if ($comment) { $objC->itemid = $itemid; $objC->tbl = $tbl; $objC->parent_activity = $parent_activity; $objC->comment = $comment; $objC->created = Date::toSql(); $objC->created_by = $this->_uid; if (!$objC->store()) { $this->setError($objC->getError()); } else { $this->_msg = Lang::txt('PLG_PROJECTS_BLOG_COMMENT_POSTED'); } // Get new entry ID if (!$objC->id) { $objC->checkin(); } // Record activity if ($objC->id) { $what = $tbl == 'blog' ? Lang::txt('COM_PROJECTS_BLOG_POST') : Lang::txt('COM_PROJECTS_AN_ACTIVITY'); $what = $tbl == 'todo' ? Lang::txt('COM_PROJECTS_TODO_ITEM') : $what; $url = $tbl == 'todo' ? Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid) : Route::url($this->model->link('feed')) . '#tr_' . $parent_activity; // same-page link $aid = $this->model->recordActivity(Lang::txt('COM_PROJECTS_COMMENTED') . ' ' . Lang::txt('COM_PROJECTS_ON') . ' ' . $what, $objC->id, $what, $url, 'quote', 0); } // Store activity ID if ($aid) { $objC->activityid = $aid; $objC->store(); } } // Pass error or success message if ($this->getError()) { Notify::message($this->getError(), 'error', 'projects'); } elseif (!empty($this->_msg)) { Notify::message($this->_msg, 'success', 'projects'); } // Redirect App::redirect(Route::url($this->model->link())); }
/** * Save a review * * @return void */ public function savereview() { // Is the user logged in? if (User::isGuest()) { $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_LOGIN_NOTICE')); return; } // Check for request forgeries Request::checkToken(); // Incoming $data = Request::getVar('review', array(), 'post', 'none', 2); // Bind the form data to our object $row = \Components\Resources\Reviews\Models\Review::oneOrNew($data['id'])->set($data); // Perform some text cleaning, etc. if ($row->isNew()) { $row->set('state', \Components\Resources\Reviews\Models\Review::STATE_PUBLISHED); } $row->set('comment', \Hubzero\Utility\Sanitize::stripImages(\Hubzero\Utility\Sanitize::clean($row->get('comment')))); $row->set('anonymous', $row->get('anonymous') ? 1 : 0); // Save the data if (!$row->save()) { $this->setError($row->getError()); return; } // Calculate the new average rating for the parent resource $resource =& $this->resource; $resource->calculateRating(); $resource->updateRating(); // Instantiate a helper object and get all the contributor IDs $database = App::get('db'); $helper = new \Components\Resources\Helpers\Helper($resource->id, $database); $helper->getContributorIDs(); $users = $helper->contributorIDs; // Build the subject $subject = Config::get('sitename') . ' ' . Lang::txt('PLG_RESOURCES_REVIEWS_CONTRIBUTIONS'); // Message $eview = new \Hubzero\Plugin\View(array('folder' => 'resources', 'element' => 'reviews', 'name' => 'emails')); $eview->option = $this->_option; $eview->user = User::getInstance(); $eview->resource = $resource; $eview->review = $row; $message = $eview->loadTemplate(); // Build the "from" data for the e-mail $from = array('name' => Config::get('sitename') . ' ' . Lang::txt('PLG_RESOURCES_REVIEWS_CONTRIBUTIONS'), 'email' => Config::get('mailfrom')); // Send message if (!Event::trigger('xmessage.onSendMessage', array('resources_new_comment', $subject, $message, $from, $users, $this->_option))) { $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_FAILED_TO_MESSAGE')); } }
/** * Save comment * * @return void, redirect */ protected function _saveComment() { // Check for request forgeries Request::checkToken(); // Check permission if (!$this->model->access('content')) { throw new Exception(Lang::txt('ALERTNOTAUTH'), 403); return; } // Incoming $itemid = Request::getInt('itemid', 0, 'post'); $comment = trim(Request::getVar('comment', '', 'post')); $parent_activity = Request::getInt('parent_activity', 0, 'post'); // Clean-up $comment = \Hubzero\Utility\Sanitize::stripScripts($comment); $comment = \Hubzero\Utility\Sanitize::stripImages($comment); $comment = \Hubzero\Utility\String::truncate($comment, 800); // Instantiate comment $objC = new \Components\Projects\Tables\Comment($this->_database); if ($comment) { $objC->itemid = $itemid; $objC->tbl = 'todo'; $objC->parent_activity = $parent_activity; $objC->comment = $comment; $objC->created = Date::toSql(); $objC->created_by = $this->_uid; if (!$objC->store()) { $this->setError($objC->getError()); } else { $this->_msg = Lang::txt('PLG_PROJECTS_TODO_COMMENT_POSTED'); } // Get new entry ID if (!$objC->id) { $objC->checkin(); } // Record activity if ($objC->id) { $what = Lang::txt('COM_PROJECTS_TODO_ITEM'); $url = Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid); $aid = $this->model->recordActivity(Lang::txt('COM_PROJECTS_COMMENTED') . ' ' . Lang::txt('COM_PROJECTS_ON') . ' ' . $what, $objC->id, $what, $url, 'quote', 0); } // Store activity ID if ($aid) { $objC->activityid = $aid; $objC->store(); } } // Pass error or success message if ($this->getError()) { \Notify::message($this->getError(), 'error', 'projects'); } elseif (!empty($this->_msg)) { \Notify::message($this->_msg, 'success', 'projects'); } // Redirect App::redirect(Route::url($this->model->link('todo') . '&action=view&todoid=' . $itemid)); return; }
/** * Save a review * * @return void */ public function savereview() { // Check for request forgeries Request::checkToken(); // Incoming $resource_id = Request::getInt('resource_id', 0); // Do we have a resource ID? if (!$resource_id) { // No ID - fail! Can't do anything else without an ID $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_NO_RESOURCE_ID')); return; } $database = App::get('db'); // Bind the form data to our object $row = new \Components\Resources\Tables\Review($database); if (!$row->bind($_POST)) { $this->setError($row->getError()); return; } // Perform some text cleaning, etc. $row->id = Request::getInt('reviewid', 0); if (!$row->id) { $row->state = 1; } $row->comment = \Hubzero\Utility\Sanitize::stripImages(\Hubzero\Utility\Sanitize::clean($row->comment)); $row->anonymous = $row->anonymous == 1 || $row->anonymous == '1' ? $row->anonymous : 0; $row->created = $row->created && $row->created != '0000-00-00 00:00:00' ? $row->created : Date::toSql(); // Check for missing (required) fields if (!$row->check()) { $this->setError($row->getError()); return; } // Save the data if (!$row->store()) { $this->setError($row->getError()); return; } // Calculate the new average rating for the parent resource $resource =& $this->resource; $resource->calculateRating(); $resource->updateRating(); // Process tags $tags = trim(Request::getVar('review_tags', '')); if ($tags) { $rt = new \Components\Resources\Helpers\Tags($resource_id); $rt->setTags($tags, $row->user_id); } // Instantiate a helper object and get all the contributor IDs $helper = new \Components\Resources\Helpers\Helper($resource->id, $database); $helper->getContributorIDs(); $users = $helper->contributorIDs; // Build the subject $subject = Config::get('sitename') . ' ' . Lang::txt('PLG_RESOURCES_REVIEWS_CONTRIBUTIONS'); // Message $eview = new \Hubzero\Plugin\View(array('folder' => 'resources', 'element' => 'reviews', 'name' => 'emails')); $eview->option = $this->_option; $eview->user = User::getRoot(); $eview->resource = $resource; $eview->review = $row; $message = $eview->loadTemplate(); // Build the "from" data for the e-mail $from = array('name' => Config::get('sitename') . ' ' . Lang::txt('PLG_RESOURCES_REVIEWS_CONTRIBUTIONS'), 'email' => Config::get('mailfrom')); // Send message if (!Event::trigger('xmessage.onSendMessage', array('resources_new_comment', $subject, $message, $from, $users, $this->_option))) { $this->setError(Lang::txt('PLG_RESOURCES_REVIEWS_FAILED_TO_MESSAGE')); } }