/**
* Store a new comment in the database.
*
* @param string $hash Unique hash value of the parent page.
* @return Response
*/
public function create($hash)
{
// Retrieve the parent page
$page = $this->findPageByHash($hash);
// Create a comment from the post data
$comment = comment::fromInput();
$comment->set('page_uri', $page->uri());
// Collect user information
$comment->set('author_ip', visitor::ip());
$comment->set('author_agent', visitor::ua());
// Handle signed-in users
if ($user = user::current()) {
$fullname = trim($user->firstname() . ' ' . $user->lastname());
$fullname = empty($fullname) ? $user->username() : $fullname;
$comment->set('author', $fullname);
$comment->set('author_email', $user->email());
$comment->set('username', $user->username());
}
// Ensure the required comment fields are set
if (!$comment->validate()) {
$msg = l('comments.error.incomplete', 'Missing required fields');
return $this->error($msg, 400, array('input' => $comment->toArray(), 'errors' => $comment->errors()->toArray()));
}
// Check the honeypot fields. Pretend everything went fine.
if ($this->isBot()) {
return $this->success();
}
// Throttle comment posting
if ($this->isPartOfFlood($comment)) {
$msg = l('comments.error.throttle', 'Number of allowed comments per interval exceeded');
return $this->error($msg, 429, array('input' => $comment->toArray(), 'errors' => array('other' => $msg)));
}
// Check for duplicate contents
if ($this->isDuplicate($comment)) {
$msg = l('comments.error.duplicate', 'Duplicate content');
return $this->error($msg, 409, array('input' => $comment->toArray(), 'errors' => array('text' => $msg)));
}
// Classify comment as spam or ham using Akismet. In addition allow to
// blacklist authors.
$discard = false;
if ($this->isSpam($comment, $discard) || $this->isBlocked($comment)) {
$comment->set('status', Comment::STATUS_SPAM);
}
// Save the comment to the database. Pretend the comment was saved
// successfully for comments containing `blatant spam`.
if ($discard && $comment->isSpam() || $comment->save()) {
$msg = l('comments.success.saved', 'Comment saved');
return $this->success($msg, 201, array('id' => $comment->id()));
} else {
$msg = l('comments.error.save', 'Could not save comment');
return $this->error($msg, 400, array('input' => $comment->toArray(), 'errors' => $comment->errors()->toArray()));
}
}
<!DOCTYPE html>
<html lang="<?php
echo site()->language()->code();
?>
">
<head>
<meta charset="utf-8">
<?php
if (strpos(visitor::ua(), 'MSIE') !== false) {
header('X-UA-Compatible: IE=edge,chrome=1');
}
?>
<meta http-equiv="cache-control" content="max-age=0" />
<meta http-equiv="cache-control" content="no-cache" />
<meta http-equiv="expires" content="0" />
<meta http-equiv="expires" content="Tue, 01 Jan 1980 1:00:00 GMT" />
<meta http-equiv="pragma" content="no-cache" />
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="Risky-B batteria per la valutazione della propensione al rischio">
<meta name="keywords" content="rischio propensione incertezza psicologia risk uncertainty psychology">
<title><?php
echo html($site->title() . ' / ' . $page->title());
?>
</title>
<!-- LOAD BOOTLINT -->
public static function current()
{
$cookey = cookie::get('kirby');
$username = s::get('auth.username');
if (empty($cookey) or $cookey !== s::get('auth.key')) {
static::logout();
return false;
}
if (s::get('auth.secret') !== sha1($username . $cookey)) {
static::logout();
return false;
}
if (s::get('auth.ua') !== visitor::ua()) {
static::logout();
return false;
}
// keep logged in for one week max.
if (s::get('auth.created') < time() - 60 * 60 * 24 * 7) {
static::logout();
return false;
}
// find the logged in user by token
if ($user = site()->user($username)) {
return $user;
} else {
return false;
}
}
/**
* Dirty browser sniffing for an ios device
*
* @return boolean
*/
public static function ios()
{
$ua = visitor::ua();
return str::contains($ua, 'iPod') or str::contains($ua, 'iPhone') or str::contains($ua, 'iPad');
}
/**
* Prepare the request data send to the Akismet API
*
* @param array $content Comment contents to send.
* @param string $userIp IP address of the comment submitter.
* @param string $userAgent User agent string of the web browser submitting the comment.
*
* @return array
*/
protected function prepareContent($content = array(), $userIp = null, $userAgent = null)
{
if (empty($content['comment_type'])) {
$content['comment_type'] = 'comment';
}
if (is_null($userIp)) {
$content['user_ip'] = visitor::ip();
} else {
if (!empty($userIp)) {
$content['user_ip'] = $userIp;
}
}
if (is_null($userAgent)) {
$content['user_agent'] = visitor::ua();
} else {
if (!empty($userAgent)) {
$content['user_agent'] = $userAgent;
}
}
return $content;
}
