public function validatePost(PostWillBeSaved $event) { $post = $event->post; if ($post->exists || $post->user->groups()->count()) { return; } $akismet = new Akismet($this->settings->get('akismet.api_key'), Core::url()); $isSpam = $akismet->isSpam($post->content, $post->user->username, $post->user->email, null, 'comment'); if ($isSpam) { $post->hide(); $this->savingPost = $post; CommentPost::saved(function (CommentPost $post) { if ($post !== $this->savingPost) { return; } $report = new Report(); $report->post_id = $post->id; $report->reporter = 'Akismet'; $report->reason = 'spam'; $report->time = time(); $report->save(); $this->savingPost = null; }); } }
public static function addId($tag) { $post = CommentPost::find($tag->getAttribute('id')); if ($post) { $tag->setAttribute('discussionid', (int) $post->discussion_id); $tag->setAttribute('number', (int) $post->number); return true; } }
/** * Bootstrap the application events. * * @return void */ public function boot() { Post::setValidator($this->app->make('validator')); CommentPost::setFormatter($this->app->make('flarum.formatter')); $this->registerPostTypes(); $events = $this->app->make('events'); $settings = $this->app->make('Flarum\\Core\\Settings\\SettingsRepository'); $events->listen(ModelAllow::class, function (ModelAllow $event) use($settings) { if ($event->model instanceof Post) { $post = $event->model; $action = $event->action; $actor = $event->actor; if ($action === 'view' && (!$post->hide_time || $post->user_id == $actor->id || $post->can($actor, 'edit'))) { return true; } // A post is allowed to be edited if the user has permission to moderate // the discussion which it's in, or if they are the author and the post // hasn't been deleted by someone else. if ($action === 'edit') { if ($post->discussion->can($actor, 'editPosts')) { return true; } if ($post->user_id == $actor->id && (!$post->hide_time || $post->hide_user_id == $actor->id)) { $allowEditing = $settings->get('allow_post_editing'); if ($allowEditing === '-1' || $allowEditing === 'reply' && $event->model->number == $event->model->discussion->last_post_number || $event->model->time->diffInMinutes(Carbon::now()) < $allowEditing) { return true; } } } if ($post->discussion->can($actor, $action . 'Posts')) { return true; } } }); // When fetching a discussion's posts: if the user doesn't have permission // to moderate the discussion, then they can't see posts that have been // hidden by someone other than themself. $events->listen(ScopePostVisibility::class, function (ScopePostVisibility $event) { $user = $event->actor; if (!$event->discussion->can($user, 'editPosts')) { $event->query->where(function ($query) use($user) { $query->whereNull('hide_time')->orWhere('user_id', $user->id); }); } }); }
/** * @param PostReply $command * @return CommentPost * @throws \Flarum\Core\Exceptions\PermissionDeniedException */ public function handle(PostReply $command) { $actor = $command->actor; // Make sure the user has permission to reply to this discussion. First, // make sure the discussion exists and that the user has permission to // view it; if not, fail with a ModelNotFound exception so we don't give // away the existence of the discussion. If the user is allowed to view // it, check if they have permission to reply. $discussion = $this->discussions->findOrFail($command->discussionId, $actor); $discussion->assertCan($actor, 'reply'); // Create a new Post entity, persist it, and dispatch domain events. // Before persistence, though, fire an event to give plugins an // opportunity to alter the post entity based on data in the command. $post = CommentPost::reply($command->discussionId, array_get($command->data, 'attributes.content'), $actor->id); event(new PostWillBeSaved($post, $actor, $command->data)); $post->save(); $this->notifications->onePerUser(function () use($post) { $this->dispatchEventsFor($post); }); return $post; }
protected function formatPost($post) { // Code blocks $regexp = "/(.*)^\\s*\\[code\\]\n?(.*?)\n?\\[\\/code]\$/ims"; while (preg_match($regexp, $post->content)) { $post->content = preg_replace($regexp, "\$1```\n\$2\n```", $post->content); } // Inline tags $replace = ['/\\[url=(.*?)\\](.*?)\\[\\/url\\]/i' => '[$2]($1)', '/\\[b\\](.*?)\\[\\/b\\]/i' => '**$1**', '/\\[i\\](.*?)\\[\\/i\\]/i' => '*$1*', '/\\[h\\](.*?)\\[\\/h\\]/i' => '# $1', '/\\[img\\](.*?)\\[\\/img\\]/i' => '![]($1)', '/\\[code\\](.*?)\\[\\/code\\]/i' => '`$1`']; $post->content = preg_replace(array_keys($replace), array_values($replace), $post->content); // Quotes $regexp = "/(.*?)\n?\\[quote(?:=(.*?)(]?))?\\]\n?(.*?)\n?\\[\\/quote\\]\n{0,2}/is"; while (preg_match($regexp, $post->content)) { $post->content = preg_replace_callback($regexp, function ($matches) use($post) { if (strpos($matches[2], ':') !== false) { list($postId, $user) = explode(':', $matches[2]); $mentionedPost = CommentPost::find($postId); return $matches[1] . "\n@" . $mentionedPost->user->username . '#' . $mentionedPost->number . ' '; } else { return $matches[1] . '> ' . str_replace("\n", "\n> ", $matches[4]) . "\n\n"; } }, $post->content); } }