PageRenderTime 59ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 1ms

/html/AppCode/expressionengine/modules/comment/mcp.comment.php

https://github.com/w3bg/www.hsifin.com
PHP | 2083 lines | 1466 code | 421 blank | 196 comment | 195 complexity | 1e5136d96038714c690db1de1efbbb0c MD5 | raw file
Possible License(s): AGPL-3.0

Large files files are truncated, but you can click here to view the full file

  1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
  2. /**
  3. * ExpressionEngine - by EllisLab
  4. *
  5. * @package ExpressionEngine
  6. * @author ExpressionEngine Dev Team
  7. * @copyright Copyright (c) 2003 - 2010, EllisLab, Inc.
  8. * @license http://expressionengine.com/user_guide/license.html
  9. * @link http://expressionengine.com
  10. * @since Version 2.0
  11. * @filesource
  12. */
  13. // ------------------------------------------------------------------------
  14. /**
  15. * ExpressionEngine Comment Module
  16. *
  17. * @package ExpressionEngine
  18. * @subpackage Modules
  19. * @category Modules
  20. * @author ExpressionEngine Dev Team
  21. * @link http://expressionengine.com
  22. */
  23. class Comment_mcp {
  24. var $pipe_length = '2';
  25. var $comment_chars = "20";
  26. var $comment_leave_breaks = 'n';
  27. var $perpage = 50;
  28. var $base_url = '';
  29. var $search_url;
  30. /**
  31. * Constructor
  32. *
  33. * @access public
  34. */
  35. function Comment_mcp()
  36. {
  37. // Make a local reference to the ExpressionEngine super object
  38. $this->EE =& get_instance();
  39. if (REQ == 'CP')
  40. {
  41. $this->base_url = BASE.AMP.'C=addons_modules'.AMP.'M=show_module_cp'.AMP.'module=comment';
  42. if ($this->EE->cp->allowed_group('can_moderate_comments') && $this->EE->cp->allowed_group('can_edit_all_comments') && $this->EE->cp->allowed_group('can_delete_all_comments'))
  43. {
  44. $this->EE->cp->set_right_nav(array(
  45. 'settings' => $this->base_url.AMP.'method=settings',
  46. 'comments' => $this->base_url)
  47. );
  48. }
  49. }
  50. }
  51. // --------------------------------------------------------------------
  52. /**
  53. * Main Comment Listing
  54. *
  55. * @access public
  56. * @return string
  57. */
  58. function index($channel_id = '', $entry_id = '', $message = '', $id_array = '', $total_rows = '', $pag_base_url = '')
  59. {
  60. if ( ! $this->EE->cp->allowed_group('can_moderate_comments') && ! $this->EE->cp->allowed_group('can_edit_all_comments') && ! $this->EE->cp->allowed_group('can_edit_own_comments'))
  61. {
  62. show_error($this->EE->lang->line('unauthorized_access'));
  63. }
  64. $this->EE->load->helper('text');
  65. $this->EE->load->model('search_model');
  66. $this->EE->load->model('comment_model');
  67. $this->EE->load->library('javascript');
  68. $this->EE->load->library('table');
  69. $this->EE->load->helper('form');
  70. $this->EE->cp->set_variable('cp_page_title', $this->EE->lang->line('comments'));
  71. // Add javascript
  72. $this->EE->cp->add_js_script(array('plugin' => 'dataTables'));
  73. $this->EE->cp->add_js_script(array('plugin' => 'crypt'));
  74. $this->EE->cp->add_js_script('ui', 'datepicker');
  75. $this->EE->javascript->output($this->ajax_filters('comments_ajax_filter', 9));
  76. $this->EE->cp->get_installed_modules();
  77. $this->EE->javascript->output('
  78. $(".toggle_comments").toggle(
  79. function(){
  80. $("input[class=comment_toggle]").each(function() {
  81. this.checked = true;
  82. });
  83. }, function (){
  84. $("input[class=comment_toggle]").each(function() {
  85. this.checked = false;
  86. });
  87. }
  88. );');
  89. // Require at least one comment checked to submit
  90. $this->EE->javascript->output('
  91. $("#target").submit(function() {
  92. if ( ! $("input[class=comment_toggle]", this).is(":checked")) {
  93. $.ee_notice("'.$this->EE->lang->line('selection_required').'", {"type" : "error"});
  94. return false;
  95. }
  96. });');
  97. $this->EE->javascript->output('
  98. $("#custom_date_start_span").datepicker({
  99. dateFormat: "yy-mm-dd",
  100. prevText: "<<",
  101. nextText: ">>",
  102. onSelect: function(date) {
  103. $("#custom_date_start").val(date);
  104. dates_picked();
  105. }
  106. });
  107. $("#custom_date_end_span").datepicker({
  108. dateFormat: "yy-mm-dd",
  109. prevText: "<<",
  110. nextText: ">>",
  111. onSelect: function(date) {
  112. $("#custom_date_end").val(date);
  113. dates_picked();
  114. }
  115. });
  116. $("#custom_date_start, #custom_date_end").focus(function(){
  117. if ($(this).val() == "yyyy-mm-dd")
  118. {
  119. $(this).val("");
  120. }
  121. });
  122. $("#custom_date_start, #custom_date_end").keypress(function(){
  123. if ($(this).val().length >= 9)
  124. {
  125. dates_picked();
  126. }
  127. });
  128. function dates_picked()
  129. {
  130. if ($("#custom_date_start").val() != "yyyy-mm-dd" && $("#custom_date_end").val() != "yyyy-mm-dd")
  131. {
  132. // populate dropdown box
  133. focus_number = $("#date_range").children().length;
  134. $("#date_range").append("<option id=\"custom_date_option\">" + $("#custom_date_start").val() + " to " + $("#custom_date_end").val() + "</option>");
  135. document.getElementById("date_range").options[focus_number].selected=true;
  136. // hide custom date picker again
  137. $("#custom_date_picker").slideUp("fast");
  138. }
  139. }
  140. ');
  141. $this->EE->javascript->change("#date_range", "
  142. if ($('#date_range').val() == 'custom_date')
  143. {
  144. // clear any current dates, remove any custom options
  145. $('#custom_date_start').val('yyyy-mm-dd');
  146. $('#custom_date_end').val('yyyy-mm-dd');
  147. $('#custom_date_option').remove();
  148. // drop it down
  149. $('#custom_date_picker').slideDown('fast');
  150. }
  151. else
  152. {
  153. $('#custom_date_picker').hide();
  154. }
  155. ");
  156. $this->EE->javascript->compile();
  157. $filter = $this->filter_settings();
  158. $vars = $this->create_filter($filter);
  159. $vars['hidden'] = array();
  160. $vars['pagination'] = FALSE;
  161. $vars['form_options'] = array(
  162. 'close' => $this->EE->lang->line('close_selected'),
  163. 'open' => $this->EE->lang->line('open_selected'),
  164. 'pending' => $this->EE->lang->line('pending_selected'),
  165. );
  166. if ($this->EE->cp->allowed_group('can_delete_all_comments') OR $this->EE->cp->allowed_group('can_delete_own_comments'))
  167. {
  168. $vars['form_options']['null'] = '------';
  169. $vars['form_options']['delete'] = $this->EE->lang->line('delete_selected');
  170. }
  171. if ( ! $rownum = $this->EE->input->get_post('rownum'))
  172. {
  173. $rownum = 0;
  174. }
  175. // Get comment ids
  176. $comment_id_query = $this->EE->comment_model->get_comment_ids($filter);
  177. // Check for pagination
  178. $total = $comment_id_query->num_rows();
  179. // No results? No reason to continue...
  180. if ($total == 0)
  181. {
  182. $vars['message'] = $this->EE->lang->line('no_comments');
  183. $vars['comments'] = array();
  184. return $this->EE->load->view('index', $vars, TRUE);
  185. }
  186. $comment_ids = array_slice($comment_id_query->result_array(), $rownum, $this->perpage);
  187. $ids = array();
  188. foreach ($comment_ids as $id)
  189. {
  190. $ids[] = $id['comment_id'];
  191. }
  192. $comment_results = $this->EE->comment_model->fetch_comment_data($ids);
  193. /* -------------------------------------------
  194. /* Hidden Configuration Variables
  195. /* - view_comment_chars => Number of characters to display (#)
  196. /* - view_comment_leave_breaks => Create <br />'s based on line breaks? (y/n)
  197. /* -------------------------------------------*/
  198. $this->comment_chars = ($this->EE->config->item('view_comment_chars') !== FALSE) ? $this->EE->config->item('view_comment_chars') : $this->comment_chars;
  199. $this->comment_leave_breaks = ($this->EE->config->item('view_comment_leave_breaks') !== FALSE) ? $this->EE->config->item('view_comment_leave_breaks') : $this->comment_leave_breaks;
  200. // Do we need pagination?
  201. $this->EE->load->library('pagination');
  202. $p_config = $this->pagination_config('index', $total);
  203. $this->EE->pagination->initialize($p_config);
  204. $pagination_links = $this->EE->pagination->create_links();
  205. // Prep for output
  206. $config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
  207. $this->EE->load->library('typography');
  208. $this->EE->typography->initialize($config);
  209. $this->EE->load->helper('form');
  210. // Show comments
  211. $vars['comments'] = array();
  212. if ($comment_results != FALSE)
  213. {
  214. $config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
  215. $this->EE->load->library('typography');
  216. $this->EE->typography->initialize($config);
  217. $this->EE->typography->parse_images = FALSE;
  218. $this->EE->typography->allow_headings = FALSE;
  219. foreach ($comment_results->result_array() as $row)
  220. {
  221. $data = array();
  222. $row['full_comment'] = $this->EE->typography->parse_type($row['comment'],
  223. array(
  224. 'text_format' => $row['comment_text_formatting'],
  225. 'html_format' => $row['comment_html_formatting'],
  226. 'auto_links' => $row['comment_auto_link_urls'],
  227. 'allow_img_url' => $row['comment_allow_img_urls']
  228. )
  229. );
  230. if ($this->comment_leave_breaks == 'y')
  231. {
  232. $row['comment'] = str_replace(array("\n","\r"),
  233. '<br />',
  234. strip_tags($row['comment'])
  235. );
  236. }
  237. else
  238. {
  239. $row['comment'] = strip_tags(str_replace(array("\t","\n","\r"), ' ', $row['comment']));
  240. }
  241. if ($this->comment_chars != 0)
  242. {
  243. $row['comment'] = $this->EE->functions->char_limiter(trim($row['comment']), $this->comment_chars);
  244. }
  245. $row['can_edit_comment'] = TRUE;
  246. if (($row['entry_author_id'] != $this->EE->session->userdata('member_id')) && ! $this->EE->cp->allowed_group('can_edit_all_comments'))
  247. {
  248. $row['can_edit_comment'] = FALSE;
  249. }
  250. if ($row['status'] == 'o')
  251. {
  252. $status_label = $this->EE->lang->line('open');
  253. }
  254. elseif ($row['status'] == 'c')
  255. {
  256. $status_label = $this->EE->lang->line('closed');
  257. }
  258. else
  259. {
  260. $status_label = $this->EE->lang->line('pending');
  261. }
  262. $data = $row;
  263. $data['edit_url'] = $this->base_url.AMP.'method=edit_comment_form'.AMP.'comment_id='.$row['comment_id'];
  264. $data['status_label'] = $status_label;
  265. $data['status_search_url'] = $this->base_url.AMP.'status='.$row['status'];
  266. $data['can_edit_comment'] = $row['can_edit_comment'];
  267. $data['ip_search_url'] = $this->base_url.AMP.'ip_address='.base64_encode($row['ip_address']);
  268. $data['channel_search_url'] = $this->base_url.AMP.'channel_id='.$row['channel_id'];
  269. $data['email_search_url'] = $this->base_url.AMP.'email='.base64_encode($row['email']);
  270. $data['mail_to'] = ($row['email'] != '') ? mailto($row['email']) : FALSE;
  271. $data['name_search_url'] = $this->base_url.AMP.'name='.base64_encode($row['name']);
  272. $data['date'] = $this->EE->localize->set_human_time($row['comment_date']);
  273. $data['entry_search_url'] = $this->base_url.AMP.'entry_id='.$row['entry_id'];
  274. $data['entry_title'] = $this->EE->functions->char_limiter(trim(strip_tags($row['title'])), 26);
  275. $vars['comments'][] = $data;
  276. } // END FOREACH
  277. }
  278. $vars['pagination'] = $pagination_links;
  279. $vars['message'] = $message;
  280. return $this->EE->load->view('index', $vars, TRUE);
  281. }
  282. function pagination_config($method, $total_rows)
  283. {
  284. // Pass the relevant data to the paginate class
  285. $config['base_url'] = ($this->search_url == '') ? $this->base_url.AMP.'method='.$method : $this->base_url.AMP.'method='.$method.AMP.$this->search_url;
  286. $config['total_rows'] = $total_rows;
  287. $config['per_page'] = $this->perpage;
  288. $config['page_query_string'] = TRUE;
  289. $config['query_string_segment'] = 'rownum';
  290. $config['full_tag_open'] = '<p id="paginationLinks">';
  291. $config['full_tag_close'] = '</p>';
  292. $config['prev_link'] = '<img src="'.$this->EE->cp->cp_theme_url.'images/pagination_prev_button.gif" width="13" height="13" alt="&lt;" />';
  293. $config['next_link'] = '<img src="'.$this->EE->cp->cp_theme_url.'images/pagination_next_button.gif" width="13" height="13" alt="&gt;" />';
  294. $config['first_link'] = '<img src="'.$this->EE->cp->cp_theme_url.'images/pagination_first_button.gif" width="13" height="13" alt="&lt; &lt;" />';
  295. $config['last_link'] = '<img src="'.$this->EE->cp->cp_theme_url.'images/pagination_last_button.gif" width="13" height="13" alt="&gt; &gt;" />';
  296. return $config;
  297. }
  298. function ajax_filters($ajax_method = '', $cols = '')
  299. {
  300. if ($ajax_method == '')
  301. {
  302. return;
  303. }
  304. $js = '
  305. var oCache = {
  306. iCacheLower: -1
  307. };
  308. function fnSetKey( aoData, sKey, mValue )
  309. {
  310. for ( var i=0, iLen=aoData.length ; i<iLen ; i++ )
  311. {
  312. if ( aoData[i].name == sKey )
  313. {
  314. aoData[i].value = mValue;
  315. }
  316. }
  317. }
  318. function fnGetKey( aoData, sKey )
  319. {
  320. for ( var i=0, iLen=aoData.length ; i<iLen ; i++ )
  321. {
  322. if ( aoData[i].name == sKey )
  323. {
  324. return aoData[i].value;
  325. }
  326. }
  327. return null;
  328. }
  329. function fnDataTablesPipeline ( sSource, aoData, fnCallback ) {
  330. var iPipe = '.$this->pipe_length.', /* Ajust the pipe size */
  331. bNeedServer = false,
  332. sEcho = fnGetKey(aoData, "sEcho"),
  333. iRequestStart = fnGetKey(aoData, "iDisplayStart"),
  334. iRequestLength = fnGetKey(aoData, "iDisplayLength"),
  335. iRequestEnd = iRequestStart + iRequestLength,
  336. keywords = document.getElementById("keywords"),
  337. status = document.getElementById("f_status"),
  338. channel_id = document.getElementById("f_channel_id"),
  339. search_in = document.getElementById("f_search_in"),
  340. date_range = document.getElementById("date_range");
  341. //keywordFix = $.base64Encode(keywords.value);
  342. if (keywords.value.length)
  343. {
  344. keywordFix = $().crypt({method:"b64enc",source: keywords.value});
  345. }
  346. else
  347. {
  348. keywordFix = keywords.value;
  349. }
  350. aoData.push(
  351. { "name": "keywords", "value": keywordFix },
  352. { "name": "status", "value": status.value },
  353. { "name": "channel_id", "value": channel_id.value },
  354. { "name": "search_in", "value": search_in.value },
  355. { "name": "date_range", "value": date_range.value }
  356. );
  357. oCache.iDisplayStart = iRequestStart;
  358. /* outside pipeline? */
  359. if ( oCache.iCacheLower < 0 || iRequestStart < oCache.iCacheLower || iRequestEnd > oCache.iCacheUpper )
  360. {
  361. bNeedServer = true;
  362. }
  363. /* sorting etc changed? */
  364. if ( oCache.lastRequest && !bNeedServer )
  365. {
  366. for( var i=0, iLen=aoData.length ; i<iLen ; i++ )
  367. {
  368. if ( aoData[i].name != "iDisplayStart" && aoData[i].name != "iDisplayLength" && aoData[i].name != "sEcho" )
  369. {
  370. if ( aoData[i].value != oCache.lastRequest[i].value )
  371. {
  372. bNeedServer = true;
  373. break;
  374. }
  375. }
  376. }
  377. }
  378. /* Store the request for checking next time around */
  379. oCache.lastRequest = aoData.slice();
  380. if ( bNeedServer )
  381. {
  382. if ( iRequestStart < oCache.iCacheLower )
  383. {
  384. iRequestStart = iRequestStart - (iRequestLength*(iPipe-1));
  385. if ( iRequestStart < 0 )
  386. {
  387. iRequestStart = 0;
  388. }
  389. }
  390. oCache.iCacheLower = iRequestStart;
  391. oCache.iCacheUpper = iRequestStart + (iRequestLength * iPipe);
  392. oCache.iDisplayLength = fnGetKey( aoData, "iDisplayLength" );
  393. fnSetKey( aoData, "iDisplayStart", iRequestStart );
  394. fnSetKey( aoData, "iDisplayLength", iRequestLength*iPipe );
  395. aoData.push(
  396. { "name": "keywords", "value": keywordFix },
  397. { "name": "status", "value": status.value },
  398. { "name": "channel_id", "value": channel_id.value },
  399. { "name": "search_in", "value": search_in.value },
  400. { "name": "date_range", "value": date_range.value }
  401. );
  402. $.getJSON( sSource, aoData, function (json) {
  403. /* Callback processing */
  404. oCache.lastJson = jQuery.extend(true, {}, json);
  405. if ( oCache.iCacheLower != oCache.iDisplayStart )
  406. {
  407. json.aaData.splice( 0, oCache.iDisplayStart-oCache.iCacheLower );
  408. }
  409. json.aaData.splice( oCache.iDisplayLength, json.aaData.length );
  410. fnCallback(json)
  411. } );
  412. }
  413. else
  414. {
  415. json = jQuery.extend(true, {}, oCache.lastJson);
  416. json.sEcho = sEcho; /* Update the echo for each response */
  417. json.aaData.splice( 0, iRequestStart-oCache.iCacheLower );
  418. json.aaData.splice( iRequestLength, json.aaData.length );
  419. fnCallback(json);
  420. return;
  421. }
  422. }
  423. oTable = $(".mainTable").dataTable( {
  424. "sPaginationType": "full_numbers",
  425. "bLengthChange": false,
  426. "aaSorting": [[ 5, "desc" ]],
  427. "bFilter": false,
  428. "sWrapper": false,
  429. "sInfo": false,
  430. "bAutoWidth": false,
  431. "fnDrawCallback": fnOpenClose,
  432. "iDisplayLength": '.$this->perpage.',
  433. "aoColumns": [{ "bSortable" : false }, null, null, { "bVisible" : false }, null, null, null, null, null, { "bVisible" : false }, { "bSortable" : false } ],
  434. "oLanguage": {
  435. "sZeroRecords": "'.$this->EE->lang->line('no_valid_comments').'",
  436. "oPaginate": {
  437. "sFirst": "<img src=\"'.$this->EE->cp->cp_theme_url.'images/pagination_first_button.gif\" width=\"13\" height=\"13\" alt=\"&lt; &lt;\" />",
  438. "sPrevious": "<img src=\"'.$this->EE->cp->cp_theme_url.'images/pagination_prev_button.gif\" width=\"13\" height=\"13\" alt=\"&lt; &lt;\" />",
  439. "sNext": "<img src=\"'.$this->EE->cp->cp_theme_url.'images/pagination_next_button.gif\" width=\"13\" height=\"13\" alt=\"&lt; &lt;\" />",
  440. "sLast": "<img src=\"'.$this->EE->cp->cp_theme_url.'images/pagination_last_button.gif\" width=\"13\" height=\"13\" alt=\"&lt; &lt;\" />"
  441. }
  442. },
  443. "bProcessing": true,
  444. "bServerSide": true,
  445. "sAjaxSource": EE.BASE+"&C=addons_modules&M=show_module_cp&module=comment&method='.$ajax_method.'",
  446. "fnServerData": fnDataTablesPipeline
  447. } );
  448. /* Formating function for row details */
  449. function fnFormatDetails ( nTr )
  450. {
  451. var aData = oTable.fnGetData( nTr );
  452. var sOut = "<table class=\"detailTable\">";
  453. sOut += "<tr><td>"+aData[9]+"</td></tr>";
  454. sOut += "</table>";
  455. return sOut;
  456. }
  457. /* Event handler function */
  458. function fnOpenClose ( oSettings )
  459. {
  460. $("td img", oTable.fnGetNodes() ).each( function () {
  461. $(this).click( function () {
  462. var nTr = this.parentNode.parentNode;
  463. if ( this.src.match("field_expand") )
  464. {
  465. /* This row is already open - close it */
  466. this.src = "'.$this->EE->cp->cp_theme_url.'images/field_collapse.png";
  467. var nRemove = $(nTr).next()[0];
  468. nRemove.parentNode.removeChild( nRemove );
  469. }
  470. else
  471. {
  472. /* Open this row */
  473. this.src = "'.$this->EE->cp->cp_theme_url.'images/field_expand.png";
  474. oTable.fnOpen( nTr, fnFormatDetails(nTr), "details");
  475. }
  476. } );
  477. } );
  478. }
  479. $("#expand_contract").toggle(function () {
  480. $("[src$=\'field_collapse.png\']").click();
  481. }, function() {
  482. $("[src$=\'field_expand.png\']").click();
  483. });
  484. $("#keywords").keyup( function () {
  485. /* Filter on the column (the index) of this element */
  486. oTable.fnDraw();
  487. });
  488. $("select#f_channel_id").change(function () {
  489. oTable.fnDraw();
  490. });
  491. $("select#f_status").change(function () {
  492. oTable.fnDraw();
  493. });
  494. $("select#f_search_in").change(function () {
  495. oTable.fnDraw();
  496. });
  497. $("select#date_range").change(function () {
  498. oTable.fnDraw();
  499. });
  500. ';
  501. return $js;
  502. }
  503. function comments_ajax_filter()
  504. {
  505. $this->EE->output->enable_profiler(FALSE);
  506. $this->EE->load->helper('text');
  507. //$this->EE->load->model('search_model');
  508. $this->EE->load->model('comment_model');
  509. $ids = array();
  510. $col_map = array('comment', 'comment', 'title', 'channel_title', 'name', 'email', 'comment_date', 'ip_address', 'status');
  511. // Note- we pipeline the js, so pull more data than are displayed on the page
  512. $perpage = $this->EE->input->get_post('iDisplayLength');
  513. $offset = ($this->EE->input->get_post('iDisplayStart')) ? $this->EE->input->get_post('iDisplayStart') : 0; // Display start point
  514. $sEcho = $this->EE->input->get_post('sEcho');
  515. /* Ordering */
  516. $order = array();
  517. if ($this->EE->input->get('iSortCol_0') !== FALSE)
  518. {
  519. for ( $i=0; $i < $this->EE->input->get('iSortingCols'); $i++ )
  520. {
  521. if (isset($col_map[$this->EE->input->get('iSortCol_'.$i)]))
  522. {
  523. $order[$col_map[$this->EE->input->get('iSortCol_'.$i)]] = ($this->EE->input->get('sSortDir_'.$i) == 'asc') ? 'asc' : 'desc';
  524. }
  525. }
  526. }
  527. $filter = $this->filter_settings($ajax = TRUE);
  528. // Get comment ids
  529. $comment_id_query = $this->EE->comment_model->get_comment_ids($filter, '', $order);
  530. $comment_ids = array_slice($comment_id_query->result_array(), $offset, $perpage);
  531. foreach ($comment_ids as $id)
  532. {
  533. $ids[] = $id['comment_id'];
  534. }
  535. $this->EE->db->where('site_id', $this->EE->config->item('site_id'));
  536. $total = $this->EE->db->count_all_results('comments');
  537. $j_response['sEcho'] = $sEcho;
  538. $j_response['iTotalRecords'] = $total;
  539. $j_response['iTotalDisplayRecords'] = $comment_id_query->num_rows();
  540. $tdata = array();
  541. $i = 0;
  542. $comment_results = $this->EE->comment_model->fetch_comment_data($ids, $order);
  543. // Note- empty string added because otherwise it will throw a js error
  544. if ($comment_results != FALSE)
  545. {
  546. $config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
  547. $this->EE->load->library('typography');
  548. $this->EE->typography->initialize($config);
  549. $this->EE->typography->parse_images = FALSE;
  550. $this->EE->typography->allow_headings = FALSE;
  551. foreach ($comment_results->result_array() as $comment)
  552. {
  553. $can_edit_comment = TRUE;
  554. if (($comment['entry_author_id'] != $this->EE->session->userdata('member_id')) && ! $this->EE->cp->allowed_group('can_edit_all_comments'))
  555. {
  556. $can_edit_comment = FALSE;
  557. }
  558. if ($comment['status'] == 'o')
  559. {
  560. $status_label = $this->EE->lang->line('open');
  561. }
  562. elseif ($comment['status'] == 'c')
  563. {
  564. $status_label = $this->EE->lang->line('closed');
  565. }
  566. else
  567. {
  568. $status_label = $this->EE->lang->line('pending');
  569. }
  570. if ($this->comment_leave_breaks == 'y')
  571. {
  572. $display_comment = str_replace(array("\n","\r"),
  573. '<br />',
  574. strip_tags($comment['comment'])
  575. );
  576. }
  577. else
  578. {
  579. $display_comment = strip_tags(str_replace(array("\t","\n","\r"), ' ', $comment['comment']));
  580. }
  581. if ($this->comment_chars != 0)
  582. {
  583. $display_comment = $this->EE->functions->char_limiter(trim($display_comment), $this->comment_chars);
  584. }
  585. $full_comment = $this->EE->typography->parse_type($comment['comment'],
  586. array(
  587. 'text_format' => $comment['comment_text_formatting'],
  588. 'html_format' => $comment['comment_html_formatting'],
  589. 'auto_links' => $comment['comment_auto_link_urls'],
  590. 'allow_img_url' => $comment['comment_allow_img_urls']
  591. )
  592. );
  593. $edit_url = $this->base_url.AMP.'method=edit_comment_form'.AMP.'comment_id='.$comment['comment_id'];
  594. $status_search_url = $this->base_url.AMP.'status='.$comment['status'];
  595. $ip_search_url = $this->base_url.AMP.'ip_address='.base64_encode($comment['ip_address']);
  596. $channel_search_url = $this->base_url.AMP.'channel_id='.$comment['channel_id'];
  597. $email_search_url = $this->base_url.AMP.'email='.base64_encode($comment['email']);
  598. $mail_to = ($comment['email'] != '') ? mailto($comment['email']) : FALSE;
  599. $name_search_url = $this->base_url.AMP.'name='.base64_encode($comment['name']);
  600. $date = $this->EE->localize->set_human_time($comment['comment_date']);
  601. $entry_search_url = $this->base_url.AMP.'entry_id='.$comment['entry_id'];
  602. $entry_title = $this->EE->functions->char_limiter(trim(strip_tags($comment['title'])), 26);
  603. $expand_img = '<img src="'.$this->EE->cp->cp_theme_url.'images/field_collapse.png" alt="expand" />';
  604. $m[] = $expand_img;
  605. $m[] = "<a class='less_important_link' href='{$edit_url}'>{$display_comment}</a>";
  606. $m[] = "<a class='less_important_link' href='{$entry_search_url}'>{$entry_title}</a>";
  607. $m[] = "<a class='less_important_link' href='{$channel_search_url}'>{$comment['channel_title']}</a>";
  608. $m[] = "<a class='less_important_link' href='{$name_search_url}'>{$comment['name']}</a>";
  609. $m[] = "<a class='less_important_link' href='{$email_search_url}'>{$comment['email']}</a>";
  610. $m[] = ( ! is_null($date)) ? $date : '';
  611. $m[] = "<a class='less_important_link' href='{$ip_search_url}'>{$comment['ip_address']}</a>";
  612. $m[] = "<a class='less_important_link' href='{$status_search_url}'>{$status_label}</a>";
  613. $m[] = ( ! is_null($full_comment)) ? $full_comment : '';
  614. $m[] = '<input class="comment_toggle" type="checkbox" name="toggle[]" value="'.$comment['comment_id'].'" />';
  615. $tdata[$i] = $m;
  616. $i++;
  617. unset($m);
  618. }
  619. } // end false check
  620. $j_response['aaData'] = $tdata;
  621. $sOutput = $this->EE->javascript->generate_json($j_response, TRUE);
  622. die($sOutput);
  623. }
  624. function filter_settings($ajax = FALSE)
  625. {
  626. // Load the search helper so we can filter the keywords
  627. $this->EE->load->helper('search');
  628. $keywords = '';
  629. if ($this->EE->input->post('keywords'))
  630. {
  631. $keywords = $this->EE->input->get_post('keywords');
  632. }
  633. elseif ($this->EE->input->get('keywords'))
  634. {
  635. $keywords = base64_decode($this->EE->input->get('keywords'));
  636. }
  637. $channel_id = ($this->EE->input->get_post('channel_id') && $this->EE->input->get_post('channel_id') != 'null') ? $this->EE->input->get_post('channel_id') : '';
  638. $filter_on['status']= $this->EE->input->get_post('status');
  639. $filter_on['order'] = $this->EE->input->get_post('order');
  640. $filter_on['date_range'] = $this->EE->input->get_post('date_range');
  641. $filter_on['name'] = ($this->EE->input->get('name')) ? sanitize_search_terms(base64_decode($this->EE->input->get('name'))) : $this->EE->input->post('name');
  642. $filter_on['keywords'] = $keywords;
  643. $filter_on['search_in'] = $this->EE->input->get_post('search_in');
  644. $filter_on['channel_id'] = $this->EE->input->get_post('channel_id');
  645. $filter_on['date_range'] = $this->EE->input->get_post('date_range');
  646. $filter_on['ip_address'] = ($this->EE->input->get('ip_address')) ? sanitize_search_terms(base64_decode($this->EE->input->post('ip_address'))) : $this->EE->input->post('ip_address');
  647. $filter_on['email'] = ($this->EE->input->get('email')) ? base64_decode($this->EE->input->post('email')) : $this->EE->input->post('email');
  648. $filter_on['entry_id'] = $this->EE->input->get_post('entry_id');
  649. $filter_on['comment_id'] = $this->EE->input->get_post('comment_id');
  650. $filter_on['limit'] = $this->perpage;
  651. // Because you can specify some extra gets- let's translate that back to search_in/keywords
  652. if ($this->EE->input->get('entry_id'))
  653. {
  654. $filter_on['search_in'] = 'entry_title';
  655. $this->EE->db->select('title');
  656. $this->EE->db->where('entry_id', $this->EE->input->get('entry_id'));
  657. $query = $this->EE->db->get('channel_titles');
  658. $row = $query->row();
  659. $filter_on['keywords'] = $row->title;
  660. }
  661. elseif($this->EE->input->get('name'))
  662. {
  663. $filter_on['search_in'] = 'name';
  664. $filter_on['keywords'] = base64_decode($this->EE->input->get('name'));
  665. }
  666. elseif($this->EE->input->get('email'))
  667. {
  668. $filter_on['search_in'] = 'email';
  669. $filter_on['keywords'] = base64_decode($this->EE->input->get('email'));
  670. }
  671. elseif($this->EE->input->get('ip_address'))
  672. {
  673. $filter_on['search_in'] = 'ip_address';
  674. $filter_on['keywords'] = base64_decode($this->EE->input->get('ip_address'));
  675. }
  676. // Create the get variables for non-js pagination
  677. // Post variables: search_in, keywords*, channel_id, status, date_range
  678. // Get variables: entry_id, channel_id, name, email*, ip_address* and status
  679. $url = array('search_in' => $filter_on['search_in']);
  680. $filter_on['search_form_hidden'] = array();
  681. foreach ($filter_on as $name => $value)
  682. {
  683. if($this->EE->input->post($name) && $this->EE->input->post($name) != '')
  684. {
  685. $v = ($name == 'keywords') ? base64_encode($this->EE->input->post($name)) : $this->EE->input->post($name);
  686. $url[$name] = $name.'='.$v;
  687. }
  688. elseif ($this->EE->input->get($name))
  689. {
  690. $url[$name] = $name.'='.$this->EE->input->get($name);
  691. }
  692. }
  693. if ( ! isset($url['keywords']))
  694. {
  695. unset($url['search_in']);
  696. }
  697. $this->search_url = implode(AMP, $url);
  698. return $filter_on;
  699. }
  700. function create_filter($filter)
  701. {
  702. if ( ! $this->EE->cp->allowed_group('can_moderate_comments') && ! $this->EE->cp->allowed_group('can_edit_all_comments') && ! $this->EE->cp->allowed_group('can_edit_own_comments'))
  703. {
  704. show_error($this->EE->lang->line('unauthorized_access'));
  705. }
  706. // Channel selection pull-down menu
  707. // Fetch the names of all channels and write each one in an <option> field
  708. $fields = array('channel_title', 'channel_id', 'cat_group');
  709. $where = array();
  710. // We only limit to channels they are assigned to if they can't moderate and can't edit all
  711. if ( ! $this->EE->cp->allowed_group('can_moderate_comments') && ! $this->EE->cp->allowed_group('can_edit_all_comments'))
  712. {
  713. $query = $this->EE->channel_model->get_channels($this->EE->config->item('site_id'), $fields, $where);
  714. }
  715. else
  716. {
  717. $this->EE->db->select('channel_title, channel_id, cat_group');
  718. $this->EE->db->where('site_id', $this->EE->config->item('site_id'));
  719. $this->EE->db->order_by('channel_title');
  720. $query = $this->EE->db->get('channels');
  721. }
  722. $vars = array(
  723. 'channel_selected' => $filter['channel_id'],
  724. 'channel_select_options' => array('' => $this->EE->lang->line('filter_by_channel'))
  725. );
  726. if ($query->num_rows() > 1)
  727. {
  728. $vars['channel_select_options']['all'] = $this->EE->lang->line('all');
  729. }
  730. foreach ($query->result_array() as $row)
  731. {
  732. $vars['channel_select_options'][$row['channel_id']] = $row['channel_title'];
  733. }
  734. // Status pull-down menu
  735. $vars['status_selected'] = $filter['status'];
  736. $vars['status_select_options'][''] = $this->EE->lang->line('filter_by_status');
  737. $vars['status_select_options']['all'] = $this->EE->lang->line('all');
  738. $vars['status_select_options']['p'] = $this->EE->lang->line('pending');
  739. $vars['status_select_options']['o'] = $this->EE->lang->line('open');
  740. $vars['status_select_options']['c'] = $this->EE->lang->line('closed');
  741. // Date range pull-down menu
  742. $vars['date_selected'] = $filter['date_range'];
  743. $vars['date_select_options'][''] = $this->EE->lang->line('date_range');
  744. $vars['date_select_options']['1'] = $this->EE->lang->line('past_day');
  745. $vars['date_select_options']['7'] = $this->EE->lang->line('past_week');
  746. $vars['date_select_options']['31'] = $this->EE->lang->line('past_month');
  747. $vars['date_select_options']['182'] = $this->EE->lang->line('past_six_months');
  748. $vars['date_select_options']['365'] = $this->EE->lang->line('past_year');
  749. $vars['date_select_options']['custom_date'] = $this->EE->lang->line('any_date');
  750. $vars['search_form'] = 'C=addons_modules'.AMP.'M=show_module_cp'.AMP.'module=comment';
  751. $vars['keywords'] = $filter['keywords'];
  752. $vars['search_in_options']['comment'] = $this->EE->lang->line('search_in_comments');
  753. $vars['search_in_options']['ip_address'] = $this->EE->lang->line('search_in_ips');
  754. $vars['search_in_options']['email'] = $this->EE->lang->line('search_in_emails');
  755. $vars['search_in_options']['name'] = $this->EE->lang->line('search_in_names');
  756. $vars['search_in_options']['entry_title'] = $this->EE->lang->line('search_in_entry_titles');
  757. $vars['keywords'] = $filter['keywords'];
  758. $vars['search_in_selected'] = $filter['search_in'];
  759. $vars['search_form_hidden'] = array();
  760. return $vars;
  761. }
  762. // --------------------------------------------------------------------
  763. /**
  764. * Delete Comment Notification
  765. *
  766. * @access public
  767. * @return string
  768. */
  769. function delete_comment_notification()
  770. {
  771. if ( ! $id = $this->EE->input->get_post('id') OR ! $hash = $this->EE->input->get_post('hash'))
  772. {
  773. return FALSE;
  774. }
  775. if ( ! is_numeric($id))
  776. {
  777. return FALSE;
  778. }
  779. $this->EE->lang->loadfile('comment');
  780. $this->EE->load->library('subscription');
  781. $this->EE->subscription->init('comment', array('subscription_id' => $id), TRUE);
  782. $this->EE->subscription->unsubscribe('', $hash);
  783. $data = array(
  784. 'title' => $this->EE->lang->line('cmt_notification_removal'),
  785. 'heading' => $this->EE->lang->line('thank_you'),
  786. 'content' => $this->EE->lang->line('cmt_you_have_been_removed'),
  787. 'redirect' => '',
  788. 'link' => array($this->EE->config->item('site_url'), stripslashes($this->EE->config->item('site_name')))
  789. );
  790. $this->EE->output->show_message($data);
  791. }
  792. // --------------------------------------------------------------------
  793. /**
  794. * Edit Comment Form
  795. *
  796. * @access public
  797. * @return void
  798. */
  799. function edit_comment_form($comment_id = FALSE)
  800. {
  801. if ( ! $this->EE->cp->allowed_group('can_moderate_comments')
  802. && ! $this->EE->cp->allowed_group('can_edit_all_comments')
  803. && ! $this->EE->cp->allowed_group('can_edit_own_comments'))
  804. {
  805. show_error($this->EE->lang->line('unauthorized_access'));
  806. }
  807. $can_edit = FALSE;
  808. $this->EE->load->library('table');
  809. $this->EE->load->library('javascript');
  810. $this->EE->javascript->output('
  811. // If validation fails- want to be sure to show the move field if populated
  812. if ($("#move_to").val() != "")
  813. {
  814. $("#move_link").hide();
  815. $("#move_field").show();
  816. }
  817. $("#move_link").click(function() {
  818. $("#move_link").hide();
  819. $("#move_field").show();
  820. return false;
  821. });
  822. $("#cancel_link").click(function() {
  823. $("input#move_to").val("");
  824. $("#move_link").show();
  825. $("#move_field").hide();
  826. return false;
  827. });
  828. ');
  829. $this->EE->javascript->compile();
  830. $comment_id = ( ! $comment_id) ? $this->EE->input->get_post('comment_id') : $comment_id;
  831. if ($comment_id == FALSE OR ! is_numeric($comment_id))
  832. {
  833. show_error($this->EE->lang->line('unauthorized_access'));
  834. }
  835. $this->EE->load->helper(array('form', 'snippets'));
  836. $this->EE->db->select('channel_titles.author_id as entry_author, title, channel_title, comment_require_email, comment, comment_id, comments.author_id, comments.status, name, email, url, location, comments.ip_address, comment_date, channels.comment_text_formatting, channels.comment_html_formatting, channels.comment_allow_img_urls, channels.comment_auto_link_urls');
  837. $this->EE->db->from(array('channel_titles', 'comments'));
  838. $this->EE->db->join('channels', 'exp_comments.channel_id = exp_channels.channel_id ', 'left');
  839. $this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
  840. $this->EE->db->where('comments.comment_id', $comment_id);
  841. $query = $this->EE->db->get();
  842. if ($query->num_rows() === 0)
  843. {
  844. return FALSE;
  845. }
  846. if ( ! $this->EE->cp->allowed_group('can_edit_all_comments'))
  847. {
  848. if ($query->row('entry_author') != $this->EE->session->userdata('member_id'))
  849. {
  850. if ( ! $this->EE->cp->allowed_group('can_moderate_comments'))
  851. {
  852. show_error($this->EE->lang->line('unauthorized_access'));
  853. }
  854. }
  855. else
  856. {
  857. $can_edit = TRUE;
  858. }
  859. }
  860. else
  861. {
  862. $can_edit = TRUE;
  863. }
  864. $vars = $query->row_array();
  865. $vars['move_link'] = '';
  866. $vars['move_to'] = '';
  867. $vars['can_edit'] = $can_edit;
  868. $vars['status_select_options']['p'] = $this->EE->lang->line('pending');
  869. $vars['status_select_options']['o'] = $this->EE->lang->line('open');
  870. $vars['status_select_options']['c'] = $this->EE->lang->line('closed');
  871. $vars['status'] = ($this->EE->input->post('status')) ? $this->EE->input->post('status') : $vars['status'];
  872. // Instantiate Typography class
  873. $config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
  874. $this->EE->load->library('typography');
  875. $this->EE->typography->initialize($config);
  876. $this->EE->typography->parse_images = FALSE;
  877. $vars['display_comment'] = $this->EE->typography->parse_type($vars['comment'],
  878. array(
  879. 'text_format' => $vars['comment_text_formatting'],
  880. 'html_format' => $vars['comment_html_formatting'],
  881. 'auto_links' => $vars['comment_auto_link_urls'],
  882. 'allow_img_url' => $vars['comment_allow_img_urls']
  883. )
  884. );
  885. $hidden = array(
  886. 'comment_id' => $comment_id,
  887. 'email' => $query->row('email')
  888. );
  889. $this->EE->cp->set_variable('cp_page_title', $this->EE->lang->line('edit_comment'));
  890. // a bit of a breadcrumb override is needed
  891. $this->EE->cp->set_variable('cp_breadcrumbs', array(
  892. $this->base_url => $this->EE->lang->line('comments')));
  893. $vars['hidden'] = $hidden;
  894. $this->EE->javascript->compile();
  895. return $this->EE->load->view('edit', $vars, TRUE);
  896. }
  897. // --------------------------------------------------------------------
  898. /**
  899. * Update Comment
  900. *
  901. * @access public
  902. * @return void
  903. */
  904. function update_comment()
  905. {
  906. if ( ! $this->EE->cp->allowed_group('can_moderate_comments')
  907. && ! $this->EE->cp->allowed_group('can_edit_all_comments')
  908. && ! $this->EE->cp->allowed_group('can_edit_own_comments'))
  909. {
  910. show_error($this->EE->lang->line('unauthorized_access'));
  911. }
  912. $comment_id = $this->EE->input->get_post('comment_id');
  913. if ($comment_id == FALSE OR ! is_numeric($comment_id))
  914. {
  915. show_error($this->EE->lang->line('unauthorized_access'));
  916. }
  917. $this->EE->load->library('form_validation');
  918. $can_edit = FALSE;
  919. if ($this->EE->cp->allowed_group('can_edit_all_comments'))
  920. {
  921. $query = $this->EE->db->get_where('comments', array('comment_id' => $comment_id));
  922. $can_edit = TRUE;
  923. }
  924. else
  925. {
  926. $this->EE->db->select('channel_titles.author_id, comments.channel_id, comments.entry_id');
  927. $this->EE->db->from(array('channel_titles', 'comments'));
  928. $this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
  929. $this->EE->db->where('comments.comment_id', $comment_id);
  930. $query = $this->EE->db->get();
  931. if ($query->row('author_id') != $this->EE->session->userdata('member_id'))
  932. {
  933. if ( ! $this->EE->cp->allowed_group('can_moderate_comments'))
  934. {
  935. show_error($this->EE->lang->line('unauthorized_access'));
  936. }
  937. else
  938. {
  939. $can_edit = TRUE;
  940. }
  941. }
  942. }
  943. if ($query->num_rows() == 0)
  944. {
  945. return false;
  946. }
  947. $row = $query->row_array();
  948. $author_id = $row['author_id'];
  949. $channel_id = $row['channel_id'];
  950. $entry_id = $row['entry_id'];
  951. $current_status = $row['status'];
  952. $new_channel_id = $row['channel_id'];
  953. $new_entry_id = $row['entry_id'];
  954. // Are emails required?
  955. $this->EE->db->select('channels.comment_require_email');
  956. $this->EE->db->from(array('channels', 'comments'));
  957. $this->EE->db->where('comments.channel_id = '.$this->EE->db->dbprefix('channels.channel_id'));
  958. $this->EE->db->where('comments.comment_id', $comment_id);
  959. $query = $this->EE->db->get();
  960. if ($query->num_rows() == 0)
  961. {
  962. return show_error($this->EE->lang->line('no_channel_exists'));
  963. }
  964. foreach ($query->row_array() as $key => $val)
  965. {
  966. $$key = $val;
  967. }
  968. $status = $this->EE->input->post('status');
  969. // If they can not edit- only the status may change
  970. if ( ! $can_edit)
  971. {
  972. if ( ! in_array($status, array('o', 'c', 'p')))
  973. {
  974. show_error($this->EE->lang->line('unauthorized_access'));
  975. }
  976. $data = array('status' => $status);
  977. $this->EE->db->query($this->EE->db->update_string('exp_comments', $data, "comment_id = '$comment_id'"));
  978. $this->update_stats(array($entry_id), array($channel_id), array($author_id));
  979. // Did status change to open? Notify
  980. if ($status == 'o' && $current_status != 'o')
  981. {
  982. $this->send_notification_emails(array($comment_id));
  983. }
  984. $this->EE->functions->clear_caching('all');
  985. $url = $this->base_url.AMP.'comment_id='.$comment_id;
  986. $this->EE->session->set_flashdata('message_success', $this->EE->lang->line('comment_updated'));
  987. $this->EE->functions->redirect($url);
  988. }
  989. // Error checks
  990. if ($author_id == 0)
  991. {
  992. // Fetch language file
  993. $this->EE->lang->loadfile('myaccount');
  994. if ($comment_require_email == 'y')
  995. {
  996. $this->EE->form_validation->set_rules('email', 'lang:email', 'callback__email_check');
  997. }
  998. else
  999. {
  1000. $this->EE->form_validation->set_rules('email', 'lang:email', '');
  1001. }
  1002. $this->EE->form_validation->set_rules('name', 'lang:name', 'required');
  1003. $this->EE->form_validation->set_rules('url', '', '');
  1004. $this->EE->form_validation->set_rules('location', '', '');
  1005. }
  1006. // Are thy moving the comment? Check for valid entry_id
  1007. $move_to = $this->EE->input->get_post('move_to');
  1008. $recount_ids = array();
  1009. $recount_channels = array();
  1010. if ($move_to != '')
  1011. {
  1012. $tcount = 0;
  1013. if (ctype_digit($move_to))
  1014. {
  1015. $this->EE->db->select('title, entry_id, channel_id');
  1016. $this->EE->db->where('entry_id', $move_to);
  1017. $query = $this->EE->db->get('channel_titles');
  1018. $tcount = $query->num_rows();
  1019. }
  1020. if ($tcount == 0)
  1021. {
  1022. $this->EE->form_validation->set_rules('move_to', 'lang:move_to', 'callback__move_check');
  1023. }
  1024. else
  1025. {
  1026. $row = $query->row();
  1027. $new_entry_id = $row->entry_id;
  1028. $new_channel_id = $row->channel_id;
  1029. $recount_ids[] = $entry_id;
  1030. $recount_channels[] = $channel_id;
  1031. $recount_ids[] = $row->entry_id;
  1032. $recount_channels[] = $row->channel_id;
  1033. }
  1034. }
  1035. $this->EE->form_validation->set_rules('comment', 'lang:comment', 'required');
  1036. $this->EE->form_validation->set_error_delimiters('<br /><span class="notice">', '<br />');
  1037. if ($this->EE->form_validation->run() === FALSE)
  1038. {var_dump($this->EE->form_validation);exit;
  1039. return $this->edit_comment_form($comment_id);
  1040. }
  1041. // Build query
  1042. if ($author_id == 0)
  1043. {
  1044. $data = array(
  1045. 'entry_id' => $new_entry_id,
  1046. 'channel_id' => $new_channel_id,
  1047. 'name' => $this->EE->input->post('name'),
  1048. 'email' => $this->EE->input->post('email'),
  1049. 'url' => $this->EE->input->post('url'),
  1050. 'location' => $this->EE->input->post('location'),
  1051. 'comment' => $this->EE->input->post('comment'),
  1052. 'status' => $status
  1053. );
  1054. }
  1055. else
  1056. {
  1057. $data = array(
  1058. 'entry_id' => $new_entry_id,
  1059. 'channel_id' => $new_channel_id,
  1060. 'comment' => $this->EE->input->post('comment'),
  1061. 'status' => $status
  1062. );
  1063. }
  1064. $this->EE->db->query($this->EE->db->update_string('exp_comments', $data, "comment_id = '$comment_id'"));
  1065. if ($status != $current_status)
  1066. {
  1067. $this->update_stats(array($entry_id), array($channel_id), array($author_id));
  1068. // Did status change to open? Notify
  1069. if ($status == 'o' && $current_status != 'o')
  1070. {
  1071. $this->send_notification_emails(array($comment_id));
  1072. }
  1073. }
  1074. if (count($recount_ids) > 0)
  1075. {
  1076. $this->EE->load->model('comment_model');
  1077. $this->EE->comment_model->recount_entry_comments($recount_ids);
  1078. // Quicker and updates just the channels
  1079. foreach(array_unique($recount_channels) as $channel_id)
  1080. {
  1081. $this->EE->stats->update_comment_stats($channel_id, '', FALSE);
  1082. }
  1083. // Updates the total stats
  1084. $this->EE->stats->update_comment_stats();
  1085. }
  1086. /* -------------------------------------------
  1087. /* 'update_comment_additional' hook.
  1088. /* - Add additional processing on comment update.
  1089. */
  1090. $edata = $this->EE->extensions->call('update_comment_additional', $comment_id, $data);
  1091. if ($this->EE->extensions->end_script === TRUE) return;
  1092. /*
  1093. /* -------------------------------------------*/
  1094. $this->EE->functions->clear_caching('all');
  1095. $url = $this->base_url.AMP.'comment_id='.$comment_id;
  1096. $this->EE->session->set_flashdata('message_success', $this->EE->lang->line('comment_updated'));
  1097. $this->EE->functions->redirect($url);
  1098. }
  1099. function _email_check($str)
  1100. {
  1101. // Is email missing?
  1102. if ($str == '')
  1103. {
  1104. $this->EE->form_validation->set_message('_email_check', $this->EE->lang->line('missing_email'));
  1105. return FALSE;
  1106. }
  1107. // Is email valid?
  1108. $this->EE->load->helper('email');
  1109. if ( ! valid_email($str))
  1110. {
  1111. $this->EE->form_validation->set_message('_email_check', $this->EE->lang->line('invalid_email_address'));
  1112. return FALSE;
  1113. }
  1114. // Is email banned?
  1115. if ($this->EE->session->ban_check('email', $str))
  1116. {
  1117. $this->EE->form_validation->set_message('_email_check', $this->EE->lang->line('banned_email'));
  1118. return FALSE;
  1119. }
  1120. return TRUE;
  1121. }
  1122. function _move_check($str)
  1123. {
  1124. // failed by definition
  1125. $this->EE->form_validation->set_message('_move_check', $this->EE->lang->line('invalid_entry_id'));
  1126. return FALSE;
  1127. }
  1128. // --------------------------------------------------------------------
  1129. /**
  1130. * Modify Comments
  1131. *
  1132. * @access public
  1133. * @return void
  1134. */
  1135. function modify_comments()
  1136. {
  1137. // This only happens if they submit with no comments checked, so we send
  1138. // them home.
  1139. if ( ! $this->EE->input->post('toggle') && ! $this->EE->input->get_post('comment_id'))
  1140. {
  1141. $this->EE->session->set_flashdata('message_failure', $this->EE->lang->line('no_valid_selections'));
  1142. $this->EE->functions->redirect($this->base_url);
  1143. }
  1144. switch($this->EE->input->post('action'))
  1145. {
  1146. case 'open':
  1147. $this->change_comment_status('o');
  1148. break;
  1149. case 'close':
  1150. $this->change_comment_status('c');
  1151. break;
  1152. case 'pending':
  1153. $this->change_comment_status('p');
  1154. break;
  1155. default:
  1156. return $this->delete_comment_confirm();
  1157. break;
  1158. }
  1159. }
  1160. // --------------------------------------------------------------------
  1161. /**
  1162. * Delete Comments Confirmation
  1163. *
  1164. * @access public
  1165. * @return void
  1166. */
  1167. function delete_comment_confirm()
  1168. {
  1169. if ( ! $this->EE->cp->allowed_group('can_delete_all_comments')
  1170. && ! $this->EE->cp->allowed_group('can_delete_own_comments'))
  1171. {
  1172. show_error($this->EE->lang->line('unauthorized_access'));
  1173. }
  1174. $this->EE->cp->get_installed_modules();
  1175. $blacklist_installed = (isset($this->EE->cp->installed_modules['blacklist'])) ? TRUE : FALSE;
  1176. if ( ! $this->EE->input->post('toggle') && ! $this->EE->input->get_post('comment_id'))
  1177. {
  1178. $this->EE->session->set_flashdata('message_failure', $this->EE->lang->line('no_valid_selections'));
  1179. $this->EE->functions->redirect($this->base_url);
  1180. }
  1181. $this->EE->load->library('table');
  1182. $comments = array();
  1183. if ($this->EE->input->post('toggle'))
  1184. {
  1185. foreach ($_POST['toggle'] as $key => $val)
  1186. {
  1187. $comments[] = $val;
  1188. }
  1189. }
  1190. if ($this->EE->input->get_post('comment_id') !== FALSE && is_numeric($this->EE->input->get_post('comment_id')))
  1191. {
  1192. $comments[] = $this->EE->input->get_post('comment_id');
  1193. }
  1194. if (count($comments) == 0)
  1195. {
  1196. show_error($this->EE->lang->line('unauthorized_access'));
  1197. }
  1198. $this->EE->db->select('channel_titles.author_id, title, comments.comment_id, comment, comments.ip_address');
  1199. $this->EE->db->from(array('channel_titles', 'comments'));
  1200. $this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
  1201. $this->EE->db->where_in('comments.comment_id', $comments);
  1202. $comments = array();
  1203. $query = $this->EE->db->get();
  1204. if ($query->num_rows() > 0)
  1205. {
  1206. foreach($query->result_array() as $row)
  1207. {
  1208. if ( ! $this->EE->cp->allowed_group('can_delete_all_comments') && ($row['author_id'] != $this->EE->session->userdata('member_id')))
  1209. {
  1210. continue;
  1211. }
  1212. $row['comment'] = strip_tags(str_replace(array("\t","\n","\r"), ' ', $row['comment']));
  1213. $row['comment'] = $this->EE->functions->char_limiter(trim($row['comment']), 100);
  1214. $comments[$row['comment_id']]['entry_title'] = $row['title'];
  1215. $comments[$row['comment_id']]['comment'] = $row['comment'];
  1216. $comments[$row['comment_id']]['ip_address'] = $row['ip_address'];
  1217. }
  1218. }
  1219. if (count($comments) == 0)
  1220. {
  1221. $this->EE->session->set_flashdata('message_failure', $this->EE->lang->line('no_valid_selections'));
  1222. $this->EE->functions->redirect($this->base_url);
  1223. }
  1224. $this->EE->load->helper('form');
  1225. $this->EE->cp->set_variable('cp_page_title', $this->EE->lang->line('delete_confirm'));
  1226. $this->EE->cp->set_variable('cp_breadcrumbs', array(
  1227. $this->base_url => $this->EE->lang->line('comments'),
  1228. ));
  1229. $vars = array();
  1230. $vars['hidden'] = array(
  1231. 'comment_ids' => implode('|', array_keys($comments))
  1232. );
  1233. $vars['blacklist_installed'] = (isset($this->EE->cp->installed_modules['blacklist'])) ? TRUE : FALSE;
  1234. $message = (count($comments) > 1) ? 'delete_comments_confirm' : 'delete_comment_confirm';
  1235. $vars['comments'] = $comments;
  1236. $vars['message'] = $message;
  1237. return $this->EE->load->view('delete_comments', $vars, TRUE);
  1238. }
  1239. // --------------------------------------------------------------------
  1240. /**
  1241. * Change Comment Status
  1242. *
  1243. * @access public
  1244. * @param string new status
  1245. * @return void
  1246. */
  1247. function change_comment_status($status = '')
  1248. {
  1249. if ( ! $this->EE->cp->allowed_group('can_moderate_comments')
  1250. && ! $this->EE->cp->allowed_group('can_edit_all_comments')
  1251. && ! $this->EE->cp->allowed_group('can_edit_own_comments'))
  1252. {
  1253. show_error($this->EE->lang->line('unauthorized_access'));
  1254. }
  1255. $comments = array();
  1256. if (isset($_POST['toggle']) && is_array($_POST['toggle']))
  1257. {
  1258. foreach ($_POST['toggle'] as $key => $val)
  1259. {
  1260. $comments[$val] = $val;
  1261. }
  1262. }
  1263. if($this->EE->input->get_post('comment_id') !== FALSE && is_numeric($this->EE->input->get_post('comment_id')))
  1264. {
  1265. $comments[$this->EE->input->get_post('comment_id')] = $this->EE->input->get_post('comment_id');
  1266. }
  1267. if (count($comments) == 0)
  1268. {
  1269. show_error($this->EE->lang->line('unauthorized_access'));
  1270. }
  1271. if ($status == '')
  1272. {
  1273. $status = $this->EE->input->get('status');
  1274. }
  1275. if ( ! in_array($status, array('o', 'c', 'p')))
  1276. {
  1277. show_error($this->EE->lang->line('unauthorized_access'));
  1278. }
  1279. $this->EE->db->select('exp_comments.entry_id, exp_comments.channel_id, exp_comments.author_id, comment_id, exp_channel_titles.author_id AS entry_author');
  1280. $this->EE->db->join('channel_titles', 'exp_comments.entry_id = exp_channel_titles.entry_id', 'left');
  1281. $this->EE->db->where_in('comment_id', $comments);
  1282. $query = $this->EE->db->get('comments');
  1283. // Retrieve Our Results
  1284. if ($query->num_rows() == 0)
  1285. {
  1286. show_error($this->EE->lang->line('unauthorized_access'));
  1287. }
  1288. $entry_ids = array();
  1289. $author_ids = array();
  1290. $channel_ids = array();
  1291. foreach($query->result_array() as $row)
  1292. {
  1293. if (( ! $this->EE->cp->allowed_group('can_moderate_comments')
  1294. && ! $this->EE->cp->allowed_group('can_edit_all_comments'))
  1295. && ($row['entry_author'] != $this->EE->session->userdata('member_id')))
  1296. {
  1297. unset($comments[$row['comment_id']]);
  1298. continue;
  1299. }
  1300. $entry_ids[] = $row['entry_id'];
  1301. $author_ids[] = $row['author_id'];
  1302. $channel_ids[

Large files files are truncated, but you can click here to view the full file