示例#1
0
 /**
  * @Route("/comment")
  * @Request({"post_id": "int", "comment": "array"}, csrf=true)
  */
 public function commentAction($id, $data)
 {
     try {
         $user = $this['user'];
         if (!$user->hasAccess('blog: post comments')) {
             throw new Exception(__('Insufficient User Rights.'));
         }
         // check minimum idle time in between user comments
         if (!$user->hasAccess('blog: skip comment min idle') and $minidle = $this->extension->getParams('comments.minidle') and $comment = $this->comments->query()->where($user->isAuthenticated() ? ['user_id' => $user->getId()] : ['ip' => $this['request']->getClientIp()])->orderBy('created', 'DESC')->first()) {
             $diff = $comment->getCreated()->diff(new \DateTime("- {$minidle} sec"));
             if ($diff->invert) {
                 throw new Exception(__('Please wait another %seconds% seconds before commenting again.', ['%seconds%' => $diff->s + $diff->i * 60 + $diff->h * 3600]));
             }
         }
         if (!($post = $this->posts->query()->where(['id' => $id, 'status' => Post::STATUS_PUBLISHED])->first())) {
             throw new Exception(__('Insufficient User Rights.'));
         }
         if (!$post->isCommentable()) {
             throw new Exception(__('Comments have been disabled for this post.'));
         }
         // retrieve user data
         if ($user->isAuthenticated()) {
             $data['author'] = $user->getName();
             $data['email'] = $user->getEmail();
             $data['url'] = $user->getUrl();
         } elseif ($this->extension->getParams('comments.require_name_and_email') && (!$data['author'] || !$data['email'])) {
             throw new Exception(__('Please provide valid name and email.'));
         }
         $comment = new Comment();
         $comment->setUserId((int) $user->getId());
         $comment->setIp($this['request']->getClientIp());
         $comment->setCreated(new \DateTime());
         $comment->setPost($post);
         $approved_once = (bool) $this->comments->query()->where(['user_id' => $user->getId(), 'status' => Comment::STATUS_APPROVED])->first();
         $comment->setStatus($user->hasAccess('blog: skip comment approval') ? Comment::STATUS_APPROVED : $user->hasAccess('blog: comment approval required once') && $approved_once ? Comment::STATUS_APPROVED : Comment::STATUS_PENDING);
         // check the max links rule
         if ($comment->getStatus() == Comment::STATUS_APPROVED && $this->extension->getParams('comments.maxlinks') <= preg_match_all('/<a [^>]*href/i', @$data['content'])) {
             $comment->setStatus(Comment::STATUS_PENDING);
         }
         // check for spam
         $this['events']->dispatch('system.comment.spam_check', new CommentEvent($comment));
         $this->comments->save($comment, $data);
         $this['message']->info(__('Thanks for commenting!'));
         return $this->redirect($this['url']->route('@blog/id', ['id' => $post->getId()], true) . '#comment-' . $comment->getId());
     } catch (Exception $e) {
         $this['message']->error($e->getMessage());
         return $this->redirect($this['url']->previous());
     } catch (\Exception $e) {
         $this['message']->error(__('Whoops, something went wrong!'));
         return $this->redirect($this['url']->previous());
     }
 }
 /**
  * @Request({"comment": "array", "id": "int"}, csrf=true)
  * @Response("json")
  */
 public function saveAction($data, $id = 0)
 {
     try {
         $user = $this['user'];
         if (!$id || !($comment = $this->comments->find($id))) {
             if (!($parent = $this->comments->find((int) @$data['parent_id']))) {
                 throw new Exception('Invalid comment reply.');
             }
             $comment = new Comment();
             $comment->setUserId((int) $user->getId());
             $comment->setIp($this['request']->getClientIp());
             $comment->setAuthor($user->getName());
             $comment->setEmail($user->getEmail());
             $comment->setUrl($user->getUrl());
             $comment->setStatus(CommentInterface::STATUS_APPROVED);
             $comment->setPostId($parent->getPostId());
             $comment->setParent($parent);
         }
         $this->comments->save($comment, $data);
         return ['message' => $id ? __('Comment saved.') : __('Comment created.')];
     } catch (Exception $e) {
         return ['message' => $e->getMessage(), 'error' => true];
     }
 }