public function addComment() { JSession::checkToken() or die(JText::_('JINVALID_TOKEN')); $user = JFactory::getUser(); $model = $this->getModel(); $rootComment = JUDirectoryFrontHelperComment::getRootComment(); $data = $_POST; $listingId = $data['listing_id']; $params = JUDirectoryHelper::getParams(null, $listingId); $parentId = $data['parent_id']; $model->setSessionCommentForm($listingId); if (strlen($data['title']) < 6) { $this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_TITLE')); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } if (strlen($data['guest_name']) < 1) { $this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_NAME')); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } if (isset($data['guest_email'])) { if (!preg_match('/^[\\w\\.-]+@[\\w\\.-]+\\.[\\w\\.-]{2,6}$/', $data['guest_email'])) { $this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_EMAIL')); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } if (isset($data['website'])) { if (!preg_match('/^(https?:\\/\\/)?([\\w\\.-]+)\\.([\\w\\.-]{2,6})([\\/\\w \\.-]*)*\\/?$/i', $data['website'])) { $this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_WEBSITE')); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } if (isset($data['comment_language'])) { $langArray = JHtml::_('contentlanguage.existing'); $langKey = array_keys($langArray); array_unshift($langKey, '*'); if (!in_array($data['comment_language'], $langKey)) { $this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_LANGUAGE')); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } $minCharacter = $params->get('min_comment_characters', 20); $maxCharacter = $params->get('max_comment_characters', 1000); $comment = $data['comment']; $comment = JUDirectoryFrontHelperComment::parseCommentText($comment, $listingId); $comment = strip_tags($comment); $commentCharacter = strlen($comment); if ($commentCharacter < $minCharacter || $commentCharacter > $maxCharacter) { $this->setError(JText::_('COM_JUDIRECTORY_COMMENT_INVALID_COMMENT')); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } $showCaptcha = JUDirectoryFrontHelperPermission::showCaptchaWhenComment($listingId); if ($showCaptcha) { $validCaptcha = JUDirectoryFrontHelperCaptcha::checkCaptcha(); if (!$validCaptcha) { if ($parentId == $rootComment->id) { $form = '#judir-comment-form'; } else { $form = '#comment-reply-wrapper-' . $parentId; } $this->setError(JText::_('COM_JUDIRECTORY_INVALID_CAPTCHA')); $this->setMessage($this->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId . $form, false)); return false; } } if ($user->get('guest')) { if (!$model->checkNameOfGuest($listingId)) { $this->setError(JText::_('COM_JUDIRECTORY_YOU_ARE_NOT_AUTHORIZED_TO_COMMENT_ON_THIS_LISTING')); $this->setMessage($model->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } if (!$model->checkEmailOfGuest()) { $this->setMessage($model->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } if ($parentId == $rootComment->id) { $canComment = JUDirectoryFrontHelperPermission::canComment($listingId, $data['guest_email']); if (!$canComment) { $this->setError(JText::_('COM_JUDIRECTORY_YOU_ARE_NOT_AUTHORIZED_TO_COMMENT_ON_THIS_LISTING')); $this->setMessage($this->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } elseif ($parentId > 0 && $parentId != $rootComment->id) { $canReplyComment = JUDirectoryFrontHelperPermission::canReplyComment($listingId, $parentId); if (!$canReplyComment) { $this->setError(JText::_('COM_JUDIRECTORY_YOU_ARE_NOT_AUTHORIZED_TO_REPLY_THIS_COMMENT')); $this->setMessage($this->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } else { $this->setError(JText::_('COM_JUDIRECTORY_INVALID_DATA')); $this->setMessage($this->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } $dataValid = array(); if ($parentId == $rootComment->id) { $canRateListing = JUDirectoryFrontHelperPermission::canRateListing($listingId); if ($canRateListing) { $dataValid = $this->validateCriteria($data, $parentId); if (!$dataValid) { $this->setError(JText::_('COM_JUDIRECTORY_INVALID_RATING_VALUE')); $this->setMessage($this->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } } $requiredPostNames = array('title', 'guest_name', 'guest_email', 'comment', 'parent_id', 'listing_id'); if ($params->get('website_field_in_comment_form', 0) == 2) { array_push($requiredPostNames, 'website'); } if ($parentId == $rootComment->id && $params->get('filter_comment_language', 0)) { array_push($requiredPostNames, 'comment_language'); } foreach ($requiredPostNames as $requiredPostName) { if (trim($data[$requiredPostName]) == '') { $this->setError(JText::_('COM_JUDIRECTORY_INVALID_INPUT_DATA')); $this->setMessage($this->getError(), 'error'); $this->setRedirect(JRoute::_('index.php?option=' . $this->option . '&view=' . $this->view_item . '&id=' . $listingId, false)); return false; } } $acceptedPostNames = array('title', 'guest_name', 'guest_email', 'language', 'website', 'comment', 'parent_id', 'listing_id', 'subscribe'); if ($params->get('website_field_in_comment_form', 0) == 2 || $params->get('website_field_in_comment_form', 0) == 1) { array_push($acceptedPostNames, 'website'); } if ($params->get('filter_comment_language', 0)) { array_push($acceptedPostNames, 'comment_language'); } foreach ($acceptedPostNames as $acceptedPostName) { if (isset($data[$acceptedPostName])) { $dataValid[$acceptedPostName] = $data[$acceptedPostName]; } } $newCommentId = $model->saveComment($dataValid); if (!$newCommentId) { $this->setError($model->getError()); $this->setMessage($this->getError(), 'error'); $redirectUrl = JRoute::_(JUDirectoryHelperRoute::getListingRoute($listingId), false); $this->setRedirect($redirectUrl); return false; } $session = JFactory::getSession(); $timeNow = JFactory::getDate()->toSql(); $timeNowStamp = strtotime($timeNow); $sessionCommentOnListingTime = 'judir-commented-' . $listingId; $sessionCommentTime = 'judir-commented'; $session->set($sessionCommentOnListingTime, $timeNowStamp); $session->set($sessionCommentTime, $timeNowStamp); $session->clear('judirectory_commentform_' . $listingId); $this->setMessage(JText::_('COM_JUDIRECTORY_ADD_COMMENT_SUCCESSFULLY')); $redirectUrl = JRoute::_(JUDirectoryHelperRoute::getListingRoute($listingId) . '#comment-item-' . $newCommentId, false); $this->setRedirect($redirectUrl); return true; }
public function getItem() { $params = $this->getState('params'); $listingId = (int) $this->getState('listing.id'); if (!$listingId) { JError::raiseError(404, JText::_('COM_JUDIRECTORY_LISTING_NOT_FOUND')); return false; } $user = JFactory::getUser(); $db = JFactory::getDbo(); $query = $db->getQuery(true); $query->select('listing.*, c.id AS cat_id'); $query->from('#__judirectory_listings AS listing'); $query->join('', '#__judirectory_listings_xref AS listingxref ON listing.id = listingxref.listing_id AND listingxref.main=1'); $query->join('', '#__judirectory_categories AS c ON c.id = listingxref.cat_id'); $query->select('(SELECT COUNT(*) FROM #__judirectory_comments AS cm WHERE cm.listing_id = listing.id AND cm.approved = 1 AND cm.published = 1) AS total_comments'); $query->select('(SELECT COUNT(*) FROM #__judirectory_subscriptions AS sub WHERE sub.item_id = listing.id AND sub.type = "listing" AND sub.published = 1) AS total_subscriptions'); $query->select('(SELECT COUNT(*) FROM #__judirectory_reports AS r WHERE r.item_id = listing.id AND r.type = "listing") AS total_reports'); $query->select('(SELECT GROUP_CONCAT(catids.id ORDER BY listingx_catids.main DESC, listingx_catids.ordering ASC SEPARATOR ",") FROM (#__judirectory_categories AS catids JOIN #__judirectory_listings_xref AS listingx_catids ON catids.id = listingx_catids.cat_id) WHERE listing.id = listingx_catids.listing_id GROUP BY listing.id) AS cat_ids'); $query->select('(SELECT GROUP_CONCAT(cattitles.title ORDER BY listingx_cattitles.main DESC, listingx_cattitles.ordering ASC SEPARATOR "|||") FROM (#__judirectory_categories AS cattitles JOIN #__judirectory_listings_xref AS listingx_cattitles ON cattitles.id = listingx_cattitles.cat_id) WHERE listing.id = listingx_cattitles.listing_id GROUP BY listing.id) AS cat_titles'); $accessLevel = implode(',', $user->getAuthorisedViewLevels()); $db = JFactory::getDbo(); $date = JFactory::getDate(); $nullDate = $db->quote($db->getNullDate()); $nowDate = $db->quote($date->toSql()); $fieldQuery = $db->getQuery(true); $fieldQuery->select('field.id'); $fieldQuery->from('#__judirectory_fields AS field'); $fieldQuery->where('field.group_id != 1'); $fieldQuery->where('field.details_view = 1'); $fieldQuery->where('field.published = 1'); $fieldQuery->where('field.publish_up <= ' . $nowDate); $fieldQuery->where('(field.publish_down = ' . $nullDate . ' OR field.publish_down > ' . $nowDate . ')'); $fieldQuery->where('field.access IN (' . $accessLevel . ')'); $category = JUDirectoryFrontHelperCategory::getMainCategory($listingId); if (is_object($category)) { $fieldQuery->where('field.group_id = ' . $category->fieldgroup_id); } $fieldQuery->join('', '#__judirectory_fields_groups AS field_group ON field.group_id = field_group.id'); $fieldQuery->where('field_group.published = 1'); $fieldQuery->where('field_group.access IN (' . $accessLevel . ')'); $fieldQuery->group('field.id'); $db->setQuery($fieldQuery); $fields = $db->loadObjectList(); foreach ($fields as $field) { $query->select('IFNULL (fields_values_' . $field->id . '.value, "") AS field_values_' . $field->id); $query->join('LEFT', '#__judirectory_fields_values AS fields_values_' . $field->id . ' ON fields_values_' . $field->id . '.listing_id = listing.id AND fields_values_' . $field->id . '.field_id = ' . $field->id); } $query->where('listing.id = ' . $listingId); $db->setQuery($query); $listingObject = $db->loadObject(); if (!is_object($listingObject)) { JError::raiseError(404, JText::_('COM_JUDIRECTORY_LISTING_NOT_FOUND')); return false; } $listingObject->params = JUDirectoryFrontHelperListing::getListingDisplayParams($listingObject->id); if (!$user->get('guest')) { $canEditListing = JUDirectoryFrontHelperPermission::canEditListing($listingObject->id); $canDeleteListing = JUDirectoryFrontHelperPermission::canDeleteListing($listingObject->id); $canEditStateListing = JUDirectoryFrontHelperPermission::canEditStateListing($listingObject); $listingObject->params->set('access-edit', $canEditListing); $listingObject->params->set('access-edit-state', $canEditStateListing); $listingObject->params->set('access-delete', $canDeleteListing); } $canReportListing = JUDirectoryFrontHelperPermission::canReportListing($listingObject->id); $canContactListing = JUDirectoryFrontHelperPermission::canContactListing($listingObject->id); $canClaimListing = JUDirectoryFrontHelperPermission::canClaimListing($listingObject->id); $canRateListing = JUDirectoryFrontHelperPermission::canRateListing($listingObject->id); $canCommentListing = JUDirectoryFrontHelperPermission::canComment($listingObject->id); $listingObject->params->set('access-report', $canReportListing); $listingObject->params->set('access-contact', $canContactListing); $listingObject->params->set('access-claim', $canClaimListing); $listingObject->params->set('access-rate', $canRateListing); $listingObject->params->set('access-comment', $canCommentListing); $listingObject->template_params = new JRegistry($listingObject->template_params); if ($params->get('show_new_label', 1) && JUDirectoryFrontHelper::isWithinXDays($listingObject->publish_up, $params->get('num_day_to_show_as_new', 10))) { $listingObject->label_new = true; } else { $listingObject->label_new = false; } if ($params->get('show_updated_label', 1) && JUDirectoryFrontHelper::isWithinXDays($listingObject->updated, $params->get('num_day_to_show_as_updated', 10))) { $listingObject->label_updated = true; } else { $listingObject->label_updated = false; } if ($params->get('show_hot_label', 1) && JUDirectoryFrontHelperListing::checkHotListing($listingObject->publish_up, $params->get('num_hit_per_day_to_be_hot', 100), $listingObject->hits)) { $listingObject->label_hot = true; } else { $listingObject->label_hot = false; } if ($params->get('show_featured_label', 1) && $listingObject->featured) { $listingObject->label_featured = true; } else { $listingObject->label_featured = false; } $listingObject->next_item = $this->getNextPrevItem($listingObject, 'next'); $listingObject->prev_item = $this->getNextPrevItem($listingObject, 'prev'); return $listingObject; }