Exemplo n.º 1
0
 /**
  * Handle the preprocess event
  *
  * Takes care of handling all the post input from creating
  * comments and saves them. Also handles optin and unsubscribe
  * actions.
  *
  * @param Doku_Event $event  event object by reference
  * @param array      $param  empty array as passed to register_hook()
  * @return bool
  */
 function handle_act_preprocess(Doku_Event $event, $param)
 {
     global $INFO, $ID;
     // optin
     if (isset($_REQUEST['btngo'])) {
         $this->commenthelper->optin($_REQUEST['btngo']);
     }
     // unsubscribe
     if (isset($_REQUEST['btngu'])) {
         $this->commenthelper->unsubscribe_by_key(md5($ID), $_REQUEST['btngu']);
     }
     global $BLOGTNG;
     $BLOGTNG = array();
     // prepare data for comment form
     $comment = array();
     $comment['source'] = $this->tools->getParam('comment/source');
     $comment['name'] = ($commentname = $this->tools->getParam('comment/name')) ? $commentname : $INFO['userinfo']['name'];
     $comment['mail'] = ($commentmail = $this->tools->getParam('comment/mail')) ? $commentmail : $INFO['userinfo']['mail'];
     $comment['web'] = ($commentweb = $this->tools->getParam('comment/web')) ? $commentweb : '';
     $comment['text'] = isset($_REQUEST['wikitext']) ? cleanText($_REQUEST['wikitext']) : null;
     $comment['pid'] = isset($_REQUEST['pid']) ? $_REQUEST['pid'] : null;
     $comment['page'] = isset($_REQUEST['id']) ? $_REQUEST['id'] : null;
     $comment['subscribe'] = isset($_REQUEST['blogtng']['subscribe']) ? $_REQUEST['blogtng']['subscribe'] : null;
     $comment['ip'] = clientIP(true);
     //add "http(s)://" to website
     if (!preg_match('/^http/', $comment['web']) && $comment['web'] != '') {
         $comment['web'] = 'http://' . $comment['web'];
     }
     $BLOGTNG['comment'] = $comment;
     if (is_array($event->data) && (isset($event->data['comment_submit']) || isset($event->data['comment_preview']))) {
         if (isset($event->data['comment_submit'])) {
             $BLOGTNG['comment_action'] = 'submit';
         }
         if (isset($event->data['comment_preview'])) {
             $BLOGTNG['comment_action'] = 'preview';
         }
         // check for empty fields
         $BLOGTNG['comment_submit_errors'] = array();
         foreach (array('name', 'mail', 'text') as $field) {
             if (empty($comment[$field])) {
                 $BLOGTNG['comment_submit_errors'][$field] = true;
             }
         }
         // check CAPTCHA if available (on submit only)
         $captchaok = true;
         if ($BLOGTNG['comment_action'] == 'submit') {
             /** @var helper_plugin_captcha $helper */
             $helper = null;
             if (@is_dir(DOKU_PLUGIN . 'captcha')) {
                 $helper = plugin_load('helper', 'captcha');
             }
             if (!is_null($helper) && $helper->isEnabled()) {
                 $captchaok = $helper->check();
             }
         }
         // return on errors
         if (!empty($BLOGTNG['comment_submit_errors']) || !$captchaok) {
             $event->data = 'show';
             $_SERVER['REQUEST_METHOD'] = 'get';
             //hack to avoid redirect
             return false;
         }
         if ($BLOGTNG['comment_action'] == 'submit') {
             // save comment and redirect FIXME cid
             $this->commenthelper->save($comment);
             act_redirect($comment['page'], 'show');
         } elseif ($BLOGTNG['comment_action'] == 'preview') {
             $event->data = 'show';
             $_SERVER['REQUEST_METHOD'] = 'get';
             // hack to avoid redirect
             return false;
         }
     } else {
         return true;
     }
 }
Exemplo n.º 2
0
 /**
  * Handles all actions of the admin component
  *
  * @author Michael Klier <*****@*****.**>
  */
 public function handle()
 {
     if (!isset($_REQUEST['btng']['admin'])) {
         $admin = null;
     } else {
         $admin = is_array($_REQUEST['btng']['admin']) ? key($_REQUEST['btng']['admin']) : $_REQUEST['btng']['admin'];
     }
     //skip actions when no valid security token given
     $noSecTokenNeeded = array('search', 'comment_edit', 'comment_preview', null);
     if (!in_array($admin, $noSecTokenNeeded) && !checkSecurityToken()) {
         $admin = null;
     }
     // handle actions
     switch ($admin) {
         case 'comment_save':
             // FIXME error handling?
             $comment = $_REQUEST['btng']['comment'];
             $this->commenthelper->save($comment);
             msg($this->getLang('msg_comment_save'), 1);
             break;
         case 'comment_delete':
             // FIXME error handling
             $comment = $_REQUEST['btng']['comment'];
             $this->commenthelper->delete($comment['cid']);
             msg($this->getLang('msg_comment_delete'), 1);
             break;
         case 'comment_batch_edit':
             $batch = $_REQUEST['btng']['admin']['comment_batch_edit'];
             $cids = $_REQUEST['btng']['comments']['cids'];
             if ($cids) {
                 foreach ($cids as $cid) {
                     switch ($batch) {
                         // FIXME messages
                         case 'delete':
                             $this->commenthelper->delete($cid);
                             msg($this->getLang('msg_comment_delete'), 1);
                             break;
                         case 'status_hidden':
                             $this->commenthelper->moderate($cid, 'hidden');
                             msg($this->getLang('msg_comment_status_change'), 1);
                             break;
                         case 'status_visible':
                             $this->commenthelper->moderate($cid, 'visible');
                             msg($this->getLang('msg_comment_status_change'), 1);
                             break;
                     }
                 }
             }
             break;
         case 'entry_set_blog':
             // FIXME errors?
             $pid = $_REQUEST['btng']['entry']['pid'];
             $blog = $_REQUEST['btng']['entry']['blog'];
             if ($pid) {
                 $blogs = $this->entryhelper->get_blogs();
                 if (in_array($blog, $blogs)) {
                     $this->entryhelper->load_by_pid($pid);
                     $this->entryhelper->entry['blog'] = $blog;
                     $this->entryhelper->save();
                 }
             }
             msg($this->getLang('msg_entry_blog_change'), 1);
             break;
         case 'entry_set_commentstatus':
             $pid = $_REQUEST['btng']['entry']['pid'];
             $status = $_REQUEST['btng']['entry']['commentstatus'];
             if ($pid) {
                 if (in_array($status, array('disabled', 'enabled', 'closed'))) {
                     $this->entryhelper->load_by_pid($pid);
                     $this->entryhelper->entry['commentstatus'] = $status;
                     $this->entryhelper->save();
                 }
             }
             msg($this->getLang('msg_comment_status_change'), 1);
             break;
         default:
             // do nothing - show dashboard
             break;
     }
 }