/**
* onBeforeSave method. Hook for chidlren model to prepare the data.
*
* @param array $data The data to be saved.
* @param JTable $table The table object.
*
* @return boolean
*/
protected function onBeforeSave(&$data, $table)
{
// Get application
$application = JFactory::getApplication();
// Params
$params = JComponentHelper::getParams('com_k2');
// Get user
$user = JFactory::getUser();
// New comments
if (!$table->id) {
// New comments only allowed in frontend
if ($application->isAdmin()) {
$this->setError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
return false;
}
// Don't allow new comments if comments are disabled
if (!$params->get('comments')) {
$this->setError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
return false;
}
// Get the item to check permissions
$model = K2Model::getInstance('Items');
$model->setState('id', $data['itemId']);
$item = $model->getRow();
// First check that user can actualy view the specific item
if (!$item->checkSiteAccess()) {
$this->setError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
return false;
}
// Check that the current user can comment on this category
if (!$user->authorise('k2.comment.create', 'com_k2.category.' . $item->catid)) {
$this->setError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
return false;
}
// Text is required for both guests and authenticated users
if (trim($data['text']) == '') {
$this->setError(JText::_('K2_YOU_NEED_TO_FILL_IN_ALL_REQUIRED_FIELDS'));
return false;
}
// Validate user data for guests
if ($user->guest) {
// Check that the required fields have been set
if (trim($data['name']) == '' || trim($data['email']) == '') {
$this->setError(JText::_('K2_YOU_NEED_TO_FILL_IN_ALL_REQUIRED_FIELDS'));
return false;
}
// Check that the email is valid
if (!JMailHelper::isEmailAddress($data['email'])) {
$this->setError(JText::_('K2_INVALID_EMAIL_ADDRESS'));
return false;
}
// Check for spoofing
$model = K2Model::getInstance('Users');
$spoofing = $model->checkSpoofing(trim($data['name']), $data['email']);
if ($spoofing > 0) {
$this->setError(JText::_('K2_THE_NAME_OR_EMAIL_ADDRESS_YOU_TYPED_IS_ALREADY_IN_USE'));
return false;
}
// Enforce some data for guests
$data['userId'] = 0;
} else {
// Enforce some data for authenticated users
$data['userId'] = $user->id;
$data['name'] = $user->name;
$data['email'] = $user->email;
}
// Check captcha depending on settings
require_once JPATH_SITE . '/components/com_k2/helpers/captcha.php';
if (!($result = K2HelperCaptcha::check($data, $this))) {
return false;
}
// Everything seems fine, lets enforce the common variables
$data['ip'] = $_SERVER['REMOTE_ADDR'];
$data['hostname'] = gethostbyaddr($_SERVER['REMOTE_ADDR']);
$data['date'] = JFactory::getDate()->toSql();
$data['state'] = $params->get('commentsPublishing') ? 1 : 0;
// Set a variable to indicate that this was a new comment
$this->setState('isNew', true);
} else {
// Check permissions
$canEditAnyComment = $user->authorise('k2.comment.edit', 'com_k2');
if (!$canEditAnyComment) {
$this->setError(JText::_('K2_YOU_ARE_NOT_AUTHORIZED_TO_PERFORM_THIS_OPERATION'));
return false;
}
// Edit is only allowed for comment text and state. The rest fields should not be edited.
$data['id'] = $table->id;
$data['itemId'] = $table->itemId;
$data['userId'] = $table->userId;
$data['name'] = $table->name;
$data['date'] = $table->date;
$data['email'] = $table->email;
$data['url'] = $table->url;
$data['ip'] = $table->ip;
$data['hostname'] = $table->hostname;
}
return true;
}
<textarea name="reportReason" id="reportReason" cols="60" rows="10"></textarea>
<?php
if ($this->params->get('recaptcha') && $this->user->guest) {
?>
<label class="formRecaptcha"><?php
echo JText::_('K2_PLEASE_VERIFY_THAT_YOU_ARE_HUMAN');
?>
</label>
<div id="recaptcha"></div>
<?php
}
?>
<?php
echo K2HelperCaptcha::display();
?>
<button data-action="report.send"><?php
echo JText::_('K2_SEND_REPORT');
?>
</button>
<span data-role="log"></span>
<input type="hidden" name="id" value="" />
<input type="hidden" name="task" value="comments.report" />
<input type="hidden" name="format" value="json" />
<?php
echo JHTML::_('form.token');
?>
</form>
public function display($tpl = null)
{
// Get application
$application = JFactory::getApplication();
// Get input
$id = $application->input->get('id', 0, 'int');
// Get item
$this->item = K2Items::getInstance($id);
// Check access
$this->item->checkSiteAccess();
// Merge menu params with category params
$effectiveParams = $this->item->category->getEffectiveParams();
$this->params->merge($effectiveParams);
// Merge params with item params
$this->params->merge($this->item->params);
// Get the image depending on params
$this->item->image = $this->item->getImage($this->params->get('itemImgSize'));
// Trigger plugins. We need to do this there in order to provide the correct context
$this->item->events = $this->item->getEvents('com_k2.item', $this->params, 0);
// Image modal
JHtml::_('behavior.modal', 'a.k2Modal');
// Load head data for comments and inline editing if required
if ($this->item->canEdit || $this->params->get('itemComments') && $this->params->get('comments') && empty($this->item->events->K2CommentsCounter) && empty($this->item->events->K2CommentsBlock)) {
// Common
JHtml::_('behavior.keepalive');
$this->document->addScriptDeclaration('var K2SitePath = "' . JUri::root(true) . '";');
$this->document->addScriptDeclaration('var K2SessionToken = "' . JSession::getFormToken() . '";');
// Comments
if ($this->params->get('itemComments') && $this->params->get('comments') && empty($this->item->events->K2CommentsCounter) && empty($this->item->events->K2CommentsBlock)) {
// Check if user can comment
$this->user->canComment = $this->user->authorise('k2.comment.create', 'com_k2');
// Load comments requirements
$this->document->addScript(JURI::root(true) . '/media/k2app/vendor/underscore/underscore-min.js');
$this->document->addScript(JURI::root(true) . '/media/k2app/vendor/backbone/backbone-min.js');
$this->document->addScript(JURI::root(true) . '/media/k2app/vendor/marionette/backbone.marionette.min.js');
$this->document->addScript(JURI::root(true) . '/media/k2app/app/sync.js');
require_once JPATH_SITE . '/components/com_k2/helpers/captcha.php';
K2HelperCaptcha::initialize();
}
// Inline editing
if ($this->item->canEdit) {
$this->document->addScript('//cdn.ckeditor.com/4.4.6/standard/ckeditor.js');
}
}
// Get related items. We need to do this here since the parameter is related with the view
if ($this->params->get('itemRelated')) {
$this->item->related = $this->item->getRelated($this->params->get('itemRelatedLimit', 5));
foreach ($this->item->related as $related) {
$related->image = $related->getImage($this->params->get('itemRelatedImageSize'));
}
}
// Get latest from same author. We need to do this here since the parameter is related with the view
if ($this->params->get('itemAuthorLatest')) {
$this->item->author->latest = $this->item->getLatestByAuthor($this->params->get('itemAuthorLatestLimit', 5));
}
// Increase hits counter
$this->item->hit();
// Set metadata
$this->setMetadata($this->item);
// Set Facebook meta data
if ($this->params->get('facebookMetadata')) {
$this->document->setMetaData('og:url', $this->item->url);
$this->document->setMetaData('og:title', $this->document->getTitle());
$this->document->setMetaData('og:type', 'article');
$this->document->setMetaData('og:description', $this->document->getDescription());
$facebookImage = $this->item->getImage($this->params->get('facebookMetadataImageSize'));
if ($facebookImage) {
$this->document->setMetaData('og:image', $facebookImage->url);
}
}
// Set the layout
$this->setLayout('item');
// Add the template path
$this->addTemplatePath(JPATH_SITE . '/components/com_k2/templates/' . $this->item->category->template);
$this->addTemplatePath(JPATH_SITE . '/templates/' . JFactory::getApplication()->getTemplate() . '/html/com_k2/' . $this->item->category->template);
// Display
parent::display($tpl);
}
public function report()
{
// Check for token
JSession::checkToken() or K2Response::throwError(JText::_('JINVALID_TOKEN'));
// Get application
$application = JFactory::getApplication();
// Get configuration
$configuration = JFactory::getConfig();
// Get input
$id = $application->input->get('id', 0, 'int');
$reportName = $application->input->get('reportName', '', 'string');
$reportReason = $application->input->get('reportReason', '', 'string');
// Get params
$params = JComponentHelper::getParams('com_k2');
// Get user
$user = JFactory::getUser();
// Check if user can report
if (!$params->get('comments') || !$params->get('commentsReporting') || $params->get('commentsReporting') == '2' && $user->guest) {
K2Response::throwError(JText::_('K2_ALERTNOTAUTH'), 403);
}
// Get comment
$comment = K2Comments::getInstance($id);
// Check comment is published
if (!$comment->state) {
K2Response::throwError(JText::_('K2_COMMENT_NOT_FOUND'));
}
// Get item
$item = K2Items::getInstance($comment->itemId);
// Check access to the item
$item->checkSiteAccess();
// Check input
if (trim($reportName) == '') {
K2Response::throwError(JText::_('K2_PLEASE_TYPE_YOUR_NAME'));
}
if (trim($reportReason) == '') {
K2Response::throwError(JText::_('K2_PLEASE_TYPE_THE_REPORT_REASON'));
}
// Check captcha depending on settings
require_once JPATH_SITE . '/components/com_k2/helpers/captcha.php';
$data = $this->getInputData();
if (!($result = K2HelperCaptcha::check($data, $this))) {
K2Response::throwError($this->getError());
}
$mailer = JFactory::getMailer();
$senderEmail = $configuration->get('mailfrom');
$senderName = $configuration->get('fromname');
$mailer->setSender(array($senderEmail, $senderName));
$mailer->setSubject(JText::_('K2_COMMENT_REPORT'));
$mailer->IsHTML(true);
$body = "\n <strong>" . JText::_('K2_NAME') . "</strong>: " . $reportName . " <br/>\n <strong>" . JText::_('K2_REPORT_REASON') . "</strong>: " . $reportReason . " <br/>\n <strong>" . JText::_('K2_COMMENT') . "</strong>: " . nl2br($comment->text) . " <br/>\n ";
$mailer->setBody($body);
$mailer->ClearAddresses();
$mailer->AddAddress($params->get('commentsReportRecipient', $configuration->get('mailfrom')));
$mailer->Send();
$application->enqueueMessage(JText::_('K2_REPORT_SUBMITTED'));
echo json_encode(K2Response::render());
return $this;
}
