public function addComment()
{
JSession::checkToken() or die(JText::_('JINVALID_TOKEN'));
$user = JFactory::getUser();
$model = $this->getModel();
$rootComment = JUDirectoryFrontHelperComment::getRootComment();
$data = $_POST;
$listingId = $data['listing_id'];
$params = JUDirectoryHelper::getParams(null, $listingId);
$parentId = $data['parent_id'];
$model->setSessionCommentForm($listingId);
if (strlen($data['title']) < 6) {
$this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_TITLE'));
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
if (strlen($data['guest_name']) < 1) {
$this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_NAME'));
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
if (isset($data['guest_email'])) {
if (!preg_match('/^[\\w\\.-]+@[\\w\\.-]+\\.[\\w\\.-]{2,6}$/', $data['guest_email'])) {
$this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_EMAIL'));
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
}
if (isset($data['website'])) {
if (!preg_match('/^(https?:\\/\\/)?([\\w\\.-]+)\\.([\\w\\.-]{2,6})([\\/\\w \\.-]*)*\\/?$/i', $data['website'])) {
$this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_WEBSITE'));
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
}
if (isset($data['comment_language'])) {
$langArray = JHtml::_('contentlanguage.existing');
$langKey = array_keys($langArray);
array_unshift($langKey, '*');
if (!in_array($data['comment_language'], $langKey)) {
$this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_LANGUAGE'));
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
}
$minCharacter = $params->get('min_comment_characters', 20);
$maxCharacter = $params->get('max_comment_characters', 1000);
$comment = $data['comment'];
$comment = JUDirectoryFrontHelperComment::parseCommentText($comment, $listingId);
$comment = strip_tags($comment);
$commentCharacter = strlen($comment);
if ($commentCharacter < $minCharacter || $commentCharacter > $maxCharacter) {
$this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_COMMENT'));
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
$showCaptcha = JUDirectoryFrontHelperPermission::showCaptchaWhenComment($listingId);
if ($showCaptcha) {
$validCaptcha = JUDirectoryFrontHelperCaptcha::checkCaptcha();
if (!$validCaptcha) {
if ($parentId == $rootComment->id) {
$form = '#judir-comment-form';
} else {
$form = '#comment-reply-wrapper-' . $parentId;
}
$this->setError(JText::_('COM_JUDIRECTORY_INVALID_CAPTCHA'));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId . $form, false));
return false;
}
}
if ($user->get('guest')) {
if (!$model->checkNameOfGuest($listingId)) {
$this->setError(JText::_('COM_JUDIRECTORY_YOU_ARE_NOT_AUTHORIZED_TO_COMMENT_ON_THIS_LISTING'));
$this->setMessage($model->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
if (!$model->checkEmailOfGuest()) {
$this->setMessage($model->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
}
if ($parentId == $rootComment->id) {
$canComment = JUDirectoryFrontHelperPermission::canComment($listingId, $data['guest_email']);
if (!$canComment) {
$this->setError(JText::_('COM_JUDIRECTORY_YOU_ARE_NOT_AUTHORIZED_TO_COMMENT_ON_THIS_LISTING'));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
} elseif ($parentId > 0 && $parentId != $rootComment->id) {
$canReplyComment = JUDirectoryFrontHelperPermission::canReplyComment($listingId, $parentId);
if (!$canReplyComment) {
$this->setError(JText::_('COM_JUDIRECTORY_YOU_ARE_NOT_AUTHORIZED_TO_REPLY_THIS_COMMENT'));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
} else {
$this->setError(JText::_('COM_JUDIRECTORY_INVALID_DATA'));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
$dataValid = array();
if ($parentId == $rootComment->id) {
$canRateListing = JUDirectoryFrontHelperPermission::canRateListing($listingId);
if ($canRateListing) {
$dataValid = $this->validateCriteria($data, $parentId);
if (!$dataValid) {
$this->setError(JText::_('COM_JUDIRECTORY_INVALID_RATING_VALUE'));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
}
}
$requiredPostNames = array('title', 'guest_name', 'guest_email', 'comment', 'parent_id', 'listing_id');
if ($params->get('website_field_in_comment_form', 0) == 2) {
array_push($requiredPostNames, 'website');
}
if ($parentId == $rootComment->id && $params->get('filter_comment_language', 0)) {
array_push($requiredPostNames, 'comment_language');
}
foreach ($requiredPostNames as $requiredPostName) {
if (trim($data[$requiredPostName]) == '') {
$this->setError(JText::_('COM_JUDIRECTORY_INVALID_INPUT_DATA'));
$this->setMessage($this->getError(), 'error');
$this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false));
return false;
}
}
$acceptedPostNames = array('title', 'guest_name', 'guest_email', 'language', 'website', 'comment', 'parent_id', 'listing_id', 'subscribe');
if ($params->get('website_field_in_comment_form', 0) == 2 || $params->get('website_field_in_comment_form', 0) == 1) {
array_push($acceptedPostNames, 'website');
}
if ($params->get('filter_comment_language', 0)) {
array_push($acceptedPostNames, 'comment_language');
}
foreach ($acceptedPostNames as $acceptedPostName) {
if (isset($data[$acceptedPostName])) {
$dataValid[$acceptedPostName] = $data[$acceptedPostName];
}
}
$newCommentId = $model->saveComment($dataValid);
if (!$newCommentId) {
$this->setError($model->getError());
$this->setMessage($this->getError(), 'error');
$redirectUrl = JRoute::_(JUDirectoryHelperRoute::getListingRoute($listingId), false);
$this->setRedirect($redirectUrl);
return false;
}
$session = JFactory::getSession();
$timeNow = JFactory::getDate()->toSql();
$timeNowStamp = strtotime($timeNow);
$sessionCommentOnListingTime = 'judir-commented-' . $listingId;
$sessionCommentTime = 'judir-commented';
$session->set($sessionCommentOnListingTime, $timeNowStamp);
$session->set($sessionCommentTime, $timeNowStamp);
$session->clear('judirectory_commentform_' . $listingId);
$this->setMessage(JText::_('COM_JUDIRECTORY_ADD_COMMENT_SUCCESSFULLY'));
$redirectUrl = JRoute::_(JUDirectoryHelperRoute::getListingRoute($listingId) . '#comment-item-' . $newCommentId, false);
$this->setRedirect($redirectUrl);
return true;
}
public function getItem()
{
$params = $this->getState('params');
$listingId = (int) $this->getState('listing.id');
if (!$listingId) {
JError::raiseError(404, JText::_('COM_JUDIRECTORY_LISTING_NOT_FOUND'));
return false;
}
$user = JFactory::getUser();
$db = JFactory::getDbo();
$query = $db->getQuery(true);
$query->select('listing.*, c.id AS cat_id');
$query->from('#__judirectory_listings AS listing');
$query->join('', '#__judirectory_listings_xref AS listingxref ON listing.id = listingxref.listing_id AND listingxref.main=1');
$query->join('', '#__judirectory_categories AS c ON c.id = listingxref.cat_id');
$query->select('(SELECT COUNT(*) FROM #__judirectory_comments AS cm WHERE cm.listing_id = listing.id AND cm.approved = 1 AND cm.published = 1) AS total_comments');
$query->select('(SELECT COUNT(*) FROM #__judirectory_subscriptions AS sub WHERE sub.item_id = listing.id AND sub.type = "listing" AND sub.published = 1) AS total_subscriptions');
$query->select('(SELECT COUNT(*) FROM #__judirectory_reports AS r WHERE r.item_id = listing.id AND r.type = "listing") AS total_reports');
$query->select('(SELECT GROUP_CONCAT(catids.id ORDER BY listingx_catids.main DESC, listingx_catids.ordering ASC SEPARATOR ",") FROM (#__judirectory_categories AS catids JOIN #__judirectory_listings_xref AS listingx_catids ON catids.id = listingx_catids.cat_id) WHERE listing.id = listingx_catids.listing_id GROUP BY listing.id) AS cat_ids');
$query->select('(SELECT GROUP_CONCAT(cattitles.title ORDER BY listingx_cattitles.main DESC, listingx_cattitles.ordering ASC SEPARATOR "|||") FROM (#__judirectory_categories AS cattitles JOIN #__judirectory_listings_xref AS listingx_cattitles ON cattitles.id = listingx_cattitles.cat_id) WHERE listing.id = listingx_cattitles.listing_id GROUP BY listing.id) AS cat_titles');
$accessLevel = implode(',', $user->getAuthorisedViewLevels());
$db = JFactory::getDbo();
$date = JFactory::getDate();
$nullDate = $db->quote($db->getNullDate());
$nowDate = $db->quote($date->toSql());
$fieldQuery = $db->getQuery(true);
$fieldQuery->select('field.id');
$fieldQuery->from('#__judirectory_fields AS field');
$fieldQuery->where('field.group_id != 1');
$fieldQuery->where('field.details_view = 1');
$fieldQuery->where('field.published = 1');
$fieldQuery->where('field.publish_up <= ' . $nowDate);
$fieldQuery->where('(field.publish_down = ' . $nullDate . ' OR field.publish_down > ' . $nowDate . ')');
$fieldQuery->where('field.access IN (' . $accessLevel . ')');
$category = JUDirectoryFrontHelperCategory::getMainCategory($listingId);
if (is_object($category)) {
$fieldQuery->where('field.group_id = ' . $category->fieldgroup_id);
}
$fieldQuery->join('', '#__judirectory_fields_groups AS field_group ON field.group_id = field_group.id');
$fieldQuery->where('field_group.published = 1');
$fieldQuery->where('field_group.access IN (' . $accessLevel . ')');
$fieldQuery->group('field.id');
$db->setQuery($fieldQuery);
$fields = $db->loadObjectList();
foreach ($fields as $field) {
$query->select('IFNULL (fields_values_' . $field->id . '.value, "") AS field_values_' . $field->id);
$query->join('LEFT', '#__judirectory_fields_values AS fields_values_' . $field->id . ' ON fields_values_' . $field->id . '.listing_id = listing.id AND fields_values_' . $field->id . '.field_id = ' . $field->id);
}
$query->where('listing.id = ' . $listingId);
$db->setQuery($query);
$listingObject = $db->loadObject();
if (!is_object($listingObject)) {
JError::raiseError(404, JText::_('COM_JUDIRECTORY_LISTING_NOT_FOUND'));
return false;
}
$listingObject->params = JUDirectoryFrontHelperListing::getListingDisplayParams($listingObject->id);
if (!$user->get('guest')) {
$canEditListing = JUDirectoryFrontHelperPermission::canEditListing($listingObject->id);
$canDeleteListing = JUDirectoryFrontHelperPermission::canDeleteListing($listingObject->id);
$canEditStateListing = JUDirectoryFrontHelperPermission::canEditStateListing($listingObject);
$listingObject->params->set('access-edit', $canEditListing);
$listingObject->params->set('access-edit-state', $canEditStateListing);
$listingObject->params->set('access-delete', $canDeleteListing);
}
$canReportListing = JUDirectoryFrontHelperPermission::canReportListing($listingObject->id);
$canContactListing = JUDirectoryFrontHelperPermission::canContactListing($listingObject->id);
$canClaimListing = JUDirectoryFrontHelperPermission::canClaimListing($listingObject->id);
$canRateListing = JUDirectoryFrontHelperPermission::canRateListing($listingObject->id);
$canCommentListing = JUDirectoryFrontHelperPermission::canComment($listingObject->id);
$listingObject->params->set('access-report', $canReportListing);
$listingObject->params->set('access-contact', $canContactListing);
$listingObject->params->set('access-claim', $canClaimListing);
$listingObject->params->set('access-rate', $canRateListing);
$listingObject->params->set('access-comment', $canCommentListing);
$listingObject->template_params = new JRegistry($listingObject->template_params);
if ($params->get('show_new_label', 1) && JUDirectoryFrontHelper::isWithinXDays($listingObject->publish_up, $params->get('num_day_to_show_as_new', 10))) {
$listingObject->label_new = true;
} else {
$listingObject->label_new = false;
}
if ($params->get('show_updated_label', 1) && JUDirectoryFrontHelper::isWithinXDays($listingObject->updated, $params->get('num_day_to_show_as_updated', 10))) {
$listingObject->label_updated = true;
} else {
$listingObject->label_updated = false;
}
if ($params->get('show_hot_label', 1) && JUDirectoryFrontHelperListing::checkHotListing($listingObject->publish_up, $params->get('num_hit_per_day_to_be_hot', 100), $listingObject->hits)) {
$listingObject->label_hot = true;
} else {
$listingObject->label_hot = false;
}
if ($params->get('show_featured_label', 1) && $listingObject->featured) {
$listingObject->label_featured = true;
} else {
$listingObject->label_featured = false;
}
$listingObject->next_item = $this->getNextPrevItem($listingObject, 'next');
$listingObject->prev_item = $this->getNextPrevItem($listingObject, 'prev');
return $listingObject;
}
