PageRenderTime 55ms CodeModel.GetById 21ms RepoModel.GetById 0ms app.codeStats 0ms

/_backkup/HB_BACKUP_APRIL5_2012/public_html/system/expressionengine/modules/comment/mcp.comment.php

https://bitbucket.org/sims/heartbeets
PHP | 1691 lines | 1054 code | 350 blank | 287 comment | 156 complexity | 090b96d0b41590a8301a012145f6230e MD5 | raw file
    

  1. <?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. /**
    3. 

  3.  * ExpressionEngine - by EllisLab
    4. 

  4.  *
    5. 

  5.  * @package		ExpressionEngine
    6. 

  6.  * @author		ExpressionEngine Dev Team
    7. 

  7.  * @copyright	Copyright (c) 2003 - 2011, EllisLab, Inc.
    8. 

  8.  * @license		http://expressionengine.com/user_guide/license.html
    9. 

  9.  * @link		http://expressionengine.com
    10. 

  10.  * @since		Version 2.0
    11. 

  11.  * @filesource
    12. 

  12.  */
    13. 

  13. 

  14. // ------------------------------------------------------------------------
    15. 

  15. 

  16. /**
    17. 

  17.  * ExpressionEngine Comment Module
    18. 

  18.  *
    19. 

  19.  * @package		ExpressionEngine
    20. 

  20.  * @subpackage	Modules
    21. 

  21.  * @category	Modules
    22. 

  22.  * @author		ExpressionEngine Dev Team
    23. 

  23.  * @link		http://expressionengine.com
    24. 

  24.  */
    25. 

  25. class Comment_mcp {
    26. 

  26. 

  27. 	protected $pipe_length			= '2';
    28. 

  28. 	protected $comment_chars		= "20";
    29. 

  29. 	protected $comment_leave_breaks = 'n';
    30. 

  30. 	protected $perpage 				= 50;
    31. 

  31. 	protected $base_url 			= '';
    32. 

  32. 	protected $search_url;
    33. 

  33. 

  34. 	protected $_dir; 
    35. 

  35. 	protected $_limit;
    36. 

  36. 	protected $_offset;
    37. 

  37. 	protected $_order_by;
    38. 

  38. 	protected $_entry_id;
    39. 

  39. 

  40. 	/**
    41. 

  41. 	 * Constructor
    42. 

  42. 	 */
    43. 

  43. 	public function __construct()
    44. 

  44. 	{
    45. 

  45. 		// Make a local reference to the ExpressionEngine super object
    46. 

  46. 		$this->EE =& get_instance();
    47. 

  47. 				
    48. 

  48. 		if (REQ == 'CP')
    49. 

  49. 		{
    50. 

  50. 			$this->base_url = BASE.AMP.'C=addons_modules'.AMP.'M=show_module_cp'.AMP.'module=comment';
    51. 

  51. 

  52. 			if ($this->EE->cp->allowed_group('can_moderate_comments') &&  
    53. 

  53. 				$this->EE->cp->allowed_group('can_edit_all_comments') && 
    54. 

  54. 				$this->EE->cp->allowed_group('can_delete_all_comments'))
    55. 

  55. 			{
    56. 

  56. 				$this->EE->cp->set_right_nav(
    57. 

  57. 					array(
    58. 

  58. 						'settings'	=> $this->base_url.AMP.'method=settings',
    59. 

  59. 						'comments'	=> $this->base_url)
    60. 

  60. 					);	
    61. 

  61. 			}
    62. 

  62. 		}
    63. 

  63. 	}
    64. 

  64. 

  65. 	// --------------------------------------------------------------------
    66. 

  66. 

  67. 	/**
    68. 

  68. 	 * Comments Home Page
    69. 

  69. 	 *
    70. 

  70. 	 * For the time being, this bad-boy is being simplified.  With some existing
    71. 

  71. 	 * inefficiencies + datatables, the memory requirements to load the page
    72. 

  72. 	 * with a large dataset (> 100k comments) was unacceptable.
    73. 

  73. 	 *
    74. 

  74. 	 * In an attempt to mitigate high memory usage, I'm purposely avoiding
    75. 

  75. 	 * using a model and doing the queries right in this controller.  But Greg, 
    76. 

  76. 	 * that's "poor design!" When performance is a concern, I'm more than happy
    77. 

  77. 	 * to drop using a model, since we aren't on an ORM. 
    78. 

  78. 	 */
    79. 

  79. 	public function index()
    80. 

  80. 	{
    81. 

  81. 		$this->_permissions_check();
    82. 

  82. 

  83. 		$this->EE->load->helper(array('text', 'form'));
    84. 

  84. 		$this->EE->load->library('javascript');
    85. 

  85. 

  86. 		$this->EE->javascript->set_global('lang.selection_required', lang('selection_required'));
    87. 

  87. 

  88. 		$this->EE->cp->set_variable('cp_page_title', lang('comments'));
    89. 

  89. 

  90. 		$this->_setup_query_filters();
    91. 

  91. 

  92. 		list($total_count, $qry) = $this->_setup_index_query();
    93. 

  93. 

  94. 		if ( ! $qry->num_rows())
    95. 

  95. 		{
    96. 

  96. 			$comments = FALSE;
    97. 

  97. 		}
    98. 

  98. 		else
    99. 

  99. 		{
    100. 

  100. 			$comment = $this->_get_comments($qry->result());
    101. 

  101. 			$channel = $this->_get_channel_info($comment->result());
    102. 

  102. 			$author = $this->_get_author_info($comment->result());
    103. 

  103. 

  104. 			$comments = $this->_merge_comment_data($comment->result(), $channel, $author);
    105. 

  105. 

  106. 			$comment->free_result();
    107. 

  107. 			$channel->free_result();
    108. 

  108. 			$author->free_result();
    109. 

  109. 		}
    110. 

  110. 

  111. 		$data = array(
    112. 

  112. 			'comments'				=> $comments,
    113. 

  113. 			'pagination'			=> $this->_setup_pagination($total_count),
    114. 

  114. 			'channel_select_opts' 	=> $this->_channel_select_opts(),
    115. 

  115. 			'channel_selected'		=> $this->_channel,
    116. 

  116. 			'status_select_opts'	=> $this->_status_select_opts(),
    117. 

  117. 			'status_selected'		=> $this->_status,
    118. 

  118. 			'date_select_opts'		=> $this->_date_select_opts(),
    119. 

  119. 			'date_selected'			=> $this->_date_range,
    120. 

  120. 			'form_options'			=> array(
    121. 

  121. 							'close' 	=> lang('close_selected'),
    122. 

  122. 							'open' 		=> lang('open_selected'),
    123. 

  123. 							'pending' 	=> lang('pending_selected'),
    124. 

  124. 							'null'		=> '------',
    125. 

  125. 							'delete'	=> lang('delete_selected')
    126. 

  126. 			)
    127. 

  127. 		);
    128. 

  128. 

  129. 		return $this->EE->load->view('index', $data, TRUE);
    130. 

  130. 	}
    131. 

  131. 

  132. 	// --------------------------------------------------------------------
    133. 

  133. 

  134. 	/**
    135. 

  135. 	 * Date Select Options
    136. 

  136. 	 *
    137. 

  137. 	 * @return 	array
    138. 

  138. 	 */
    139. 

  139. 	 protected function _date_select_opts()
    140. 

  140. 	 {
    141. 

  141. 	 	return array(
    142. 

  142. 	 		''	=> lang('date_range'),
    143. 

  143. 	 		1 	=> lang('past_day'),
    144. 

  144. 	 		7	=> lang('past_week'),
    145. 

  145. 	 		31	=> lang('past_month'),
    146. 

  146. 	 		182	=> lang('past_six_months'),
    147. 

  147. 	 		365	=> lang('past_year')
    148. 

  148. 		);
    149. 

  149. 	 }
    150. 

  150. 

  151. 	// --------------------------------------------------------------------
    152. 

  152. 

  153. 	/**
    154. 

  154. 	 * Status Select Options
    155. 

  155. 	 *
    156. 

  156. 	 * @return array
    157. 

  157. 	 */
    158. 

  158. 	protected function _status_select_opts()
    159. 

  159. 	{
    160. 

  160. 		return array(
    161. 

  161. 			''		=> lang('filter_by_status'),
    162. 

  162. 			'all'	=> lang('all'),
    163. 

  163. 			'p'		=> lang('pending'),
    164. 

  164. 			'o'		=> lang('open'),
    165. 

  165. 			'c'		=> lang('closed')
    166. 

  166. 		);
    167. 

  167. 	}
    168. 

  168. 

  169. 	// --------------------------------------------------------------------
    170. 

  170. 

  171. 	/**
    172. 

  172. 	 * Channel filter select options
    173. 

  173. 	 *
    174. 

  174. 	 * @return array
    175. 

  175. 	 */
    176. 

  176. 	protected function _channel_select_opts()
    177. 

  177. 	{
    178. 

  178. 		// We only limit to channels they are assigned to if they can't 
    179. 

  179. 		// moderate and can't edit all
    180. 

  180. 		if ( ! $this->EE->cp->allowed_group('can_moderate_comments') && 
    181. 

  181. 			 ! $this->EE->cp->allowed_group('can_edit_all_comments'))
    182. 

  182. 		{
    183. 

  183. 			$query = $this->EE->channel_model->get_channels(
    184. 

  184. 									(int) $this->EE->config->item('site_id'), 
    185. 

  185. 									array('channel_title', 'channel_id', 'cat_group'));
    186. 

  186. 		}
    187. 

  187. 		else
    188. 

  188. 		{
    189. 

  189. 			$this->EE->db->select('channel_title, channel_id, cat_group');
    190. 

  190. 			$this->EE->db->where('site_id', (int) $this->EE->config->item('site_id'));
    191. 

  191. 			$this->EE->db->order_by('channel_title');
    192. 

  192. 		
    193. 

  193. 			$query = $this->EE->db->get('channels'); 
    194. 

  194. 		}
    195. 

  195. 

  196. 		$opts = array(
    197. 

  197. 			''	=> lang('filter_by_channel')
    198. 

  198. 		);
    199. 

  199. 		
    200. 

  200. 		if ( ! $query)
    201. 

  201. 		{
    202. 

  202. 			return array();
    203. 

  203. 		}
    204. 

  204. 

  205. 		if ($query->num_rows() > 1)
    206. 

  206. 		{
    207. 

  207. 			$opts['all'] = lang('all');
    208. 

  208. 		}
    209. 

  209. 

  210. 		foreach ($query->result() as $row)
    211. 

  211. 		{
    212. 

  212. 			$opts[$row->channel_id] = $row->channel_title;
    213. 

  213. 		}
    214. 

  214. 

  215. 		return $opts;
    216. 

  216. 	}
    217. 

  217. 

  218. 	// --------------------------------------------------------------------
    219. 

  219. 

  220. 	/**
    221. 

  221. 	 * Merge Comment Data
    222. 

  222. 	 *
    223. 

  223. 	 * This is a...productive method.
    224. 

  224. 	 *
    225. 

  225. 	 * This method loops through the array of 50 comment db objects and 
    226. 

  226. 	 * adds in a few more vars that will be used in the view. Additionally,
    227. 

  227. 	 * we alter some values such as status to make it human readable to get 
    228. 

  228. 	 * that logic out of the views where it has no bidness.
    229. 

  229. 	 *
    230. 

  230. 	 * @param 	array 	array of comment objects
    231. 

  231. 	 * @param 	object 	db result from channel query
    232. 

  232. 	 * @param 	object 	db result from authors query
    233. 

  233. 	 * @return 	array 	array of altered comment objects
    234. 

  234. 	 */
    235. 

  235. 	protected function _merge_comment_data($comments, $channels, $authors)
    236. 

  236. 	{
    237. 

  237. 		$this->EE->load->library('typography');
    238. 

  238. 

  239. 		$config = array(
    240. 

  240. 			'parse_images'	=> FALSE,
    241. 

  241. 			'allow_headings'=> FALSE,	
    242. 

  242. 			'word_censor' 	=> ($this->EE->config->item('comment_word_censoring') == 'y') ? TRUE : FALSE
    243. 

  243. 		);
    244. 

  244. 

  245. 		$this->EE->typography->initialize($config);
    246. 

  246. 

  247. 		// There a result for authors here, or are they all anon?
    248. 

  248. 		$authors = ( ! $authors->num_rows()) ? array() : $authors->result();
    249. 

  249. 

  250. 		foreach ($comments as $k => $v)
    251. 

  251. 		{
    252. 

  252. 			// Drop the entry title into the comment object
    253. 

  253. 			foreach ($channels->result() as $row)
    254. 

  254. 			{
    255. 

  255. 				if ($v->entry_id == $row->entry_id)
    256. 

  256. 				{
    257. 

  257. 					$comments[$k]->entry_title = $row->title;
    258. 

  258. 

  259. 					break;
    260. 

  260. 				}
    261. 

  261. 			}
    262. 

  262. 

  263. 			// Get member info as well.
    264. 

  264. 			foreach ($authors as $row)
    265. 

  265. 			{
    266. 

  266. 				if ($v->author_id == $row->member_id)
    267. 

  267. 				{
    268. 

  268. 					$comments[$k]->author_screen_name = $row->screen_name;
    269. 

  269. 					break;
    270. 

  270. 				}
    271. 

  271. 			}
    272. 

  272. 

  273. 			if ( ! isset($comments[$k]->author_screen_name))
    274. 

  274. 			{
    275. 

  275. 				$comments[$k]->author_screen_name = '';
    276. 

  276. 			}
    277. 

  277. 

  278. 			// Convert stati to human readable form
    279. 

  279. 			switch ($comments[$k]->status)
    280. 

  280. 			{
    281. 

  281. 				case 'o':
    282. 

  282. 					$comments[$k]->status = lang('open');
    283. 

  283. 					break;
    284. 

  284. 				case 'c':
    285. 

  285. 					$comments[$k]->status = lang('closed');
    286. 

  286. 					break;
    287. 

  287. 				default:
    288. 

  288. 					$comments[$k]->status = lang("pending");
    289. 

  289. 			}
    290. 

  290. 

  291. 			// Alter the email var
    292. 

  292. 			$comments[$k]->email = mailto($comments[$k]->email);
    293. 

  293. 

  294. 			// Create comment_edit_link
    295. 

  295. 			$comments[$k]->comment_edit_link = sprintf(
    296. 

  296. 					"<a class=\"less_important_link\" href=\"%s\" title=\"%s\">%s</a>",
    297. 

  297. 					$this->base_url.AMP.'method=edit_comment_form'.AMP.'comment_id='.$comments[$k]->comment_id,
    298. 

  298. 					'edit',
    299. 

  299. 					ellipsize($comments[$k]->comment, 50)
    300. 

  300. 				);
    301. 

  301. 			
    302. 

  302. 			$comments[$k]->comment = $this->EE->typography->parse_type($comments[$k]->comment);
    303. 

  303. 		}
    304. 

  304. 

  305. 		// flip the array
    306. 

  306. 		$comments = array_reverse($comments);
    307. 

  307. 

  308. 		return $comments;
    309. 

  309. 	}
    310. 

  310. 

  311. 	// --------------------------------------------------------------------
    312. 

  312. 

  313. 	/**
    314. 

  314. 	 * Get comment author information
    315. 

  315. 	 *
    316. 

  316. 	 * @param 	array 	array of comment db objects
    317. 

  317. 	 * @return 	object 	members db result object
    318. 

  318. 	 */
    319. 

  319. 	protected function _get_author_info($comments)
    320. 

  320. 	{
    321. 

  321. 		$ids = array();
    322. 

  322. 

  323. 		foreach ($comments as $comment)
    324. 

  324. 		{
    325. 

  325. 			if ($comment->author_id != 0) // db results are always string
    326. 

  326. 			{
    327. 

  327. 				$ids[] = (int) $comment->author_id;
    328. 

  328. 			}
    329. 

  329. 		}
    330. 

  330. 

  331. 		$ids = array_unique($ids);
    332. 

  332. 

  333. 		if (empty($ids))
    334. 

  334. 		{
    335. 

  335. 			$ids = array(0);
    336. 

  336. 		}
    337. 

  337. 

  338. 		return $this->EE->db->select('member_id, screen_name, username')
    339. 

  339. 							->where_in('member_id', $ids)
    340. 

  340. 							->get('members');
    341. 

  341. 	}
    342. 

  342. 

  343. 	// --------------------------------------------------------------------
    344. 

  344. 

  345. 	/**
    346. 

  346. 	 * Get channel info.
    347. 

  347. 	 *
    348. 

  348. 	 * With large datasets/databases, a JOIN can be stupidly expensive,
    349. 

  349. 	 * especially in a situation where the db server isn't properly tuned
    350. 

  350. 	 * to make usage of system cache/buffers.  While I do appreciate the 
    351. 

  351. 	 * various distributions not making assumptions on what you want, sane
    352. 

  352. 	 * defaults would be really nice.
    353. 

  353. 	 *
    354. 

  354. 	 * @param 	array 	array of comment db objects
    355. 

  355. 	 * @return 	object 	channel_titles db result object
    356. 

  356. 	 */
    357. 

  357. 	protected function _get_channel_info($comments)
    358. 

  358. 	{
    359. 

  359. 		$ids = array();
    360. 

  360. 

  361. 		foreach ($comments as $comment)
    362. 

  362. 		{
    363. 

  363. 			$ids[] = (int) $comment->entry_id;
    364. 

  364. 		}
    365. 

  365. 

  366. 		// Remove duplicate keys.
    367. 

  367. 		$ids = array_unique($ids);
    368. 

  368. 

  369. 		if (empty($ids))
    370. 

  370. 		{
    371. 

  371. 			$ids = array(0);
    372. 

  372. 		}
    373. 

  373. 

  374. 		return $this->EE->db->select('title, entry_id')
    375. 

  375. 							->where_in('entry_id', $ids)
    376. 

  376. 							->get('channel_titles');
    377. 

  377. 	}
    378. 

  378. 

  379. 	// --------------------------------------------------------------------
    380. 

  380. 

  381. 	/**
    382. 

  382. 	 * Setup pagination for the module index page.
    383. 

  383. 	 *
    384. 

  384. 	 * @param 	int 	total number of items
    385. 

  385. 	 * @return 	string 	rendered pagination links to display in the view
    386. 

  386. 	 */
    387. 

  387. 	protected function _setup_pagination($total)
    388. 

  388. 	{
    389. 

  389. 		$this->EE->load->library('pagination');
    390. 

  390. 

  391. 		$url = $this->base_url.AMP.'method=index';
    392. 

  392. 

  393. 		if ($this->_channel)
    394. 

  394. 		{
    395. 

  395. 			$url .= AMP.'channel_id='.$this->_channel;
    396. 

  396. 		}
    397. 

  397. 

  398. 		if ($this->_status && $this->_status != 'all')
    399. 

  399. 		{
    400. 

  400. 			$url .= AMP.'status='.$this->_status;
    401. 

  401. 		}
    402. 

  402. 

  403. 		if ($this->_date_range)
    404. 

  404. 		{
    405. 

  405. 			$url .= AMP.'status='.$this->_date_range;
    406. 

  406. 		}
    407. 

  407. 

  408. 		if ($this->_entry_id)
    409. 

  409. 		{
    410. 

  410. 			$url .= AMP.'entry_id='.$this->_entry_id;
    411. 

  411. 		}
    412. 

  412. 

  413. 		$p_button = "<img src=\"{$this->EE->cp->cp_theme_url}images/pagination_%s_button.gif\" width=\"13\" height=\"13\" alt=\"%s\" />";
    414. 

  414. 

  415. 		$config = array(
    416. 

  416. 			'base_url'				=> $url,
    417. 

  417. 			'total_rows'			=> $total,
    418. 

  418. 			'per_page'				=> $this->_limit,
    419. 

  419. 			'page_query_string'		=> TRUE,
    420. 

  420. 			'query_string_segment'	=> 'offset',
    421. 

  421. 			'full_tag_open'			=> '<p id="paginationLinks">',
    422. 

  422. 			'full_tag_close'		=> '</p>',
    423. 

  423. 			'prev_link'				=> sprintf($p_button, 'prev', '&lt;'),
    424. 

  424. 			'next_link'				=> sprintf($p_button, 'next', '&gt;'),
    425. 

  425. 			'first_link'			=> sprintf($p_button, 'first', '&lt; &lt;'),
    426. 

  426. 			'last_link'				=> sprintf($p_button, 'last', '&gt; &gt;')
    427. 

  427. 		);
    428. 

  428. 

  429. 		$this->EE->pagination->initialize($config);
    430. 

  430. 

  431. 		return $this->EE->pagination->create_links();
    432. 

  432. 	}
    433. 

  433. 

  434. 	// --------------------------------------------------------------------
    435. 

  435. 

  436. 	/**
    437. 

  437. 	 * Setup query 
    438. 

  438. 	 *
    439. 

  439. 	 * This method checks permissions on the logged in user to ensure they
    440. 

  440. 	 * have been granted access to moderate/edit comments.  If they are, 
    441. 

  441. 	 * we give them everything, if not, we only give them the comments they
    442. 

  442. 	 * authored.
    443. 

  443. 	 *
    444. 

  444. 	 * @return 	array 	$array($number_of_results, $comment_id_query);
    445. 

  445. 	 */
    446. 

  446. 	protected function _setup_index_query()
    447. 

  447. 	{
    448. 

  448. 		// get filters
    449. 

  449. 		$this->_query_filters();
    450. 

  450. 

  451. 		// get total number of comments
    452. 

  452. 		$count = (int) $this->EE->db->select('COUNT(*) as count')
    453. 

  453. 									->get_where('comments', array(
    454. 

  454. 							  		'site_id' => (int) $this->EE->config->item('site_id')
    455. 

  455. 								   ))->row('count');
    456. 

  456. 

  457. 		// get filters
    458. 

  458. 		$this->_query_filters();
    459. 

  459. 

  460. 		$qry = $this->EE->db->select('comment_id')
    461. 

  461. 							->where('site_id', (int) $this->EE->config->item('site_id'))
    462. 

  462. 							->order_by('comment_date', $this->_dir)
    463. 

  463. 							->get('comments', $this->_limit, $this->_offset);
    464. 

  464. 

  465. 		return array($count, $qry);
    466. 

  466. 	}
    467. 

  467. 

  468. 	// --------------------------------------------------------------------	
    469. 

  469. 

  470. 	protected function _query_filters()
    471. 

  471. 	{
    472. 

  472. 		// If the can ONLY edit their own comments- need to 
    473. 

  473. 		// bring in title table to limit on author		
    474. 

  474. 		if (( ! $this->EE->cp->allowed_group('can_moderate_comments') && 
    475. 

  475. 			  ! $this->EE->cp->allowed_group('can_edit_all_comments')) && 	
    476. 

  476. 				$this->EE->cp->allowed_group('can_edit_own_comments'))
    477. 

  477. 		{
    478. 

  478. 			$this->EE->db->where('author_id', (int) $this->EE->session->userdata('member_id'));
    479. 

  479. 		}
    480. 

  480. 

  481. 		if ($this->_channel)
    482. 

  482. 		{
    483. 

  483. 			$this->EE->db->where('channel_id', (int) $this->_channel);
    484. 

  484. 		}
    485. 

  485. 

  486. 		if ($this->_status && $this->_status != 'all')
    487. 

  487. 		{
    488. 

  488. 			$this->EE->db->where('status', $this->_status);
    489. 

  489. 		}
    490. 

  490. 

  491. 		if ($this->_date_range)
    492. 

  492. 		{
    493. 

  493. 			$date_range = time() - ($this->_date_range * 60 * 60 * 24);
    494. 

  494. 			
    495. 

  495. 			$this->EE->db->where('comment_date >', (int) $date_range);			
    496. 

  496. 		}
    497. 

  497. 

  498. 		if ($this->_entry_id)
    499. 

  499. 		{
    500. 

  500. 			$this->EE->db->where('entry_id', (int) $this->_entry_id);		
    501. 

  501. 		}
    502. 

  502. 	}
    503. 

  503. 

  504. 	// --------------------------------------------------------------------
    505. 

  505. 

  506. 	/**
    507. 

  507. 	 * Get Comments
    508. 

  508. 	 *
    509. 

  509. 	 * This method takes an array of comment ids and performs the query
    510. 

  510. 	 * based on the filtering that previously happened.  
    511. 

  511. 	 *
    512. 

  512. 	 * @param 	array 	ids of comments to retrieve
    513. 

  513. 	 * @return 	object 	db object
    514. 

  514. 	 */
    515. 

  515. 	protected function _get_comments($ids)
    516. 

  516. 	{
    517. 

  517. 		$comment_ids = array();
    518. 

  518. 

  519. 		foreach ($ids as $id)
    520. 

  520. 		{
    521. 

  521. 			$comment_ids[] = (int) $id->comment_id;
    522. 

  522. 		}
    523. 

  523. 

  524. 		return $this->EE->db->where_in('comment_id', $comment_ids)
    525. 

  525. 							->get('comments');
    526. 

  526. 	}
    527. 

  527. 

  528. 	// --------------------------------------------------------------------
    529. 

  529. 

  530. 	/**
    531. 

  531. 	 * Setup Query Filters
    532. 

  532. 	 *
    533. 

  533. 	 * This method Sets up a few class properties based on query strings to 
    534. 

  534. 	 * filter the comments query on the index page.
    535. 

  535. 	 *
    536. 

  536. 	 * @return void
    537. 

  537. 	 */
    538. 

  538. 	protected function _setup_query_filters()
    539. 

  539. 	{
    540. 

  540. 		$this->_channel = $this->EE->input->get_post('channel_id');
    541. 

  541. 		$this->_status = $this->EE->input->get_post('status');
    542. 

  542. 		$this->_date_range = $this->EE->input->get_post('date_range');
    543. 

  543. 

  544. 		$this->_limit = ($per_page = $this->EE->input->get('per_page')) ? $per_page : 50;
    545. 

  545. 		$this->_offset = ($offset = $this->EE->input->get('offset')) ? $offset : 0;
    546. 

  546. 		$this->_dir = ($dir = $this->EE->input->get('dir')) ? $dir : 'desc'; 
    547. 

  547. 		$this->_order_by = ($ob = $this->EE->input->get('order_by')) ? $ob : 'comment_date';
    548. 

  548. 		$this->_entry_id = $this->EE->input->get('entry_id');
    549. 

  549. 	}
    550. 

  550. 

  551. 	// --------------------------------------------------------------------
    552. 

  552. 

  553. 	/**
    554. 

  554. 	 * Delete Comment Notification
    555. 

  555. 	 *
    556. 

  556. 	 * @return	string
    557. 

  557. 	 */
    558. 

  558. 	public function delete_comment_notification()
    559. 

  559. 	{
    560. 

  560. 		if ( ! $id = $this->EE->input->get_post('id') OR 
    561. 

  561. 			 ! $hash = $this->EE->input->get_post('hash'))
    562. 

  562. 		{
    563. 

  563. 			return FALSE;
    564. 

  564. 		}
    565. 

  565. 

  566. 		if ( ! is_numeric($id))
    567. 

  567. 		{
    568. 

  568. 			return FALSE;
    569. 

  569. 		}
    570. 

  570. 

  571. 		$this->EE->lang->loadfile('comment');
    572. 

  572. 

  573. 		$this->EE->load->library('subscription');
    574. 

  574. 		$this->EE->subscription->init('comment', array('subscription_id' => $id), TRUE);
    575. 

  575. 		$this->EE->subscription->unsubscribe('', $hash);
    576. 

  576. 

  577. 		$data = array(
    578. 

  578. 				'title' 	=> lang('cmt_notification_removal'),
    579. 

  579. 				'heading'	=> lang('thank_you'),
    580. 

  580. 				'content'	=> lang('cmt_you_have_been_removed'),
    581. 

  581. 				'redirect'	=> '',
    582. 

  582. 				'link'		=> array($this->EE->config->item('site_url'), stripslashes($this->EE->config->item('site_name')))
    583. 

  583. 		);
    584. 

  584. 

  585. 		$this->EE->output->show_message($data);
    586. 

  586. 	}
    587. 

  587. 	
    588. 

  588. 	// --------------------------------------------------------------------
    589. 

  589. 

  590. 	/**
    591. 

  591. 	 * Edit Comment Form
    592. 

  592. 	 *
    593. 

  593. 	 * @return	void
    594. 

  594. 	 */
    595. 

  595. 	public function edit_comment_form($comment_id = FALSE)
    596. 

  596. 	{
    597. 

  597. 		$this->_permissions_check();
    598. 

  598. 

  599. 		$can_edit = FALSE;
    600. 

  600. 

  601. 		$this->EE->load->library('table');
    602. 

  602. 		$this->EE->load->library('javascript');	
    603. 

  603. 

  604. 		$this->EE->javascript->output('		
    605. 

    606. 

  606. 		// If validation fails- want to be sure to show the move field if populated
    607. 

  607. 		if ($("#move_to").val() != "")
    608. 

  608. 		{
    609. 

  609. 			$("#move_link").hide();
    610. 

  610. 			$("#move_field").show();
    611. 

  611. 		}
    612. 

  612. 		
    613. 

  613. 		$("#move_link").click(function() {
    614. 

  614. 			$("#move_link").hide();
    615. 

  615. 			$("#move_field").show();
    616. 

  616. 			return false;
    617. 

  617. 		});
    618. 

  618. 		
    619. 

  619. 		$("#cancel_link").click(function() {
    620. 

  620. 			$("input#move_to").val("");
    621. 

  621. 			$("#move_link").show();
    622. 

  622. 			$("#move_field").hide();
    623. 

  623. 			return false;
    624. 

  624. 		});		
    625. 

  625. 		');
    626. 

    627. 

  627. 

  628. 		$this->EE->javascript->compile();
    629. 

  629. 		$comment_id	= ( ! $comment_id) ? $this->EE->input->get_post('comment_id') : $comment_id;
    630. 

  630. 

  631. 

  632. 		if ($comment_id == FALSE OR ! is_numeric($comment_id))
    633. 

  633. 		{
    634. 

  634. 			show_error(lang('unauthorized_access'));
    635. 

  635. 		}
    636. 

  636. 

  637. 		$this->EE->load->helper(array('form', 'snippets'));
    638. 

  638. 

  639. 

  640. 		$this->EE->db->select('channel_titles.author_id as entry_author, title, channel_title, comment_require_email, comment, comment_id, comments.author_id, comments.status, name, email, url, location, comments.ip_address, comment_date, channels.comment_text_formatting, channels.comment_html_formatting, channels.comment_allow_img_urls, channels.comment_auto_link_urls');
    641. 

  641. 		$this->EE->db->from(array('channel_titles', 'comments'));
    642. 

  642. 		$this->EE->db->join('channels', 'exp_comments.channel_id = exp_channels.channel_id ', 'left');
    643. 

  643. 		$this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
    644. 

  644. 		$this->EE->db->where('comments.comment_id', $comment_id);
    645. 

  645. 

  646. 		$query = $this->EE->db->get();
    647. 

  647. 		
    648. 

  648. 		if ($query->num_rows() === 0)
    649. 

  649. 		{
    650. 

  650. 			return FALSE;
    651. 

  651. 		}
    652. 

  652. 			
    653. 

  653. 		if ($this->EE->cp->allowed_group('can_edit_all_comments'))
    654. 

  654. 		{
    655. 

  655. 			$can_edit = TRUE;
    656. 

  656. 		}
    657. 

  657. 		else
    658. 

  658. 		{
    659. 

  659. 			if ($query->row('entry_author') == $this->EE->session->userdata('member_id'))
    660. 

  660. 			{
    661. 

  661. 				$can_edit = TRUE;
    662. 

  662. 			}
    663. 

  663. 			else
    664. 

  664. 			{
    665. 

  665. 				if ( ! $this->EE->cp->allowed_group('can_moderate_comments'))
    666. 

  666. 				{
    667. 

  667. 					show_error(lang('unauthorized_access'));
    668. 

  668. 				}							
    669. 

  669. 			}
    670. 

  670. 		}
    671. 

  671. 

  672. 		$vars = $query->row_array();
    673. 

  673. 

  674. 		$vars['move_link'] = '';
    675. 

  675. 		$vars['move_to'] = '';
    676. 

  676. 		$vars['can_edit'] = $can_edit;
    677. 

  677. 		
    678. 

  678. 	 	$vars['status_select_options']['p'] = lang('pending');
    679. 

  679. 		$vars['status_select_options']['o'] = lang('open');
    680. 

  680. 		$vars['status_select_options']['c'] = lang('closed');	
    681. 

  681. 		
    682. 

  682. 		$vars['status'] = ($this->EE->input->post('status')) ? $this->EE->input->post('status') : $vars['status'];
    683. 

  683. 

  684. 		// Instantiate Typography class
    685. 

  685. 		$config = ($this->EE->config->item('comment_word_censoring') == 'y') ? array('word_censor' => TRUE) : array();
    686. 

  686. 		
    687. 

  687. 		$this->EE->load->library('typography');
    688. 

  688. 		$this->EE->typography->initialize(array(
    689. 

  689. 				'parse_images'	=> FALSE)
    690. 

  690. 				);
    691. 

  691. 

  692. 		$vars['display_comment'] = $this->EE->typography->parse_type($vars['comment'],
    693. 

  693. 										array(
    694. 

  694. 												'text_format'	=> $vars['comment_text_formatting'],
    695. 

  695. 												'html_format'	=> $vars['comment_html_formatting'],
    696. 

  696. 												'auto_links'	=> $vars['comment_auto_link_urls'],
    697. 

  697. 												'allow_img_url' => $vars['comment_allow_img_urls']
    698. 

  698. 											)
    699. 

  699. 									);
    700. 

  700. 		
    701. 

  701. 		$hidden = array(
    702. 

  702. 						'comment_id'	=> $comment_id,
    703. 

  703. 						'email'			=> $query->row('email')
    704. 

  704. 						);
    705. 

  705. 

  706. 		$this->EE->cp->set_variable('cp_page_title', lang('edit_comment'));
    707. 

  707. 

  708. 		// a bit of a breadcrumb override is needed
    709. 

  709. 		$this->EE->cp->set_variable('cp_breadcrumbs', array(
    710. 

  710. 			$this->base_url => lang('comments')));
    711. 

  711. 

  712. 		$vars['hidden'] = $hidden;
    713. 

  713. 

  714. 		$this->EE->javascript->compile();
    715. 

  715. 		
    716. 

  716. 		return $this->EE->load->view('edit', $vars, TRUE);
    717. 

  717. 	}
    718. 

  718. 	
    719. 

  719. 	// --------------------------------------------------------------------
    720. 

  720. 

  721. 	/**
    722. 

  722. 	 * This permissions check is used in several places.
    723. 

  723. 	 */
    724. 

  724. 	private function _permissions_check()
    725. 

  725. 	{
    726. 

  726. 		if ( ! $this->EE->cp->allowed_group('can_moderate_comments') 
    727. 

  727. 		  && ! $this->EE->cp->allowed_group('can_edit_all_comments') 
    728. 

  728. 		  && ! $this->EE->cp->allowed_group('can_edit_own_comments'))
    729. 

  729. 		{
    730. 

  730. 			show_error(lang('unauthorized_access'));
    731. 

  731. 		}		
    732. 

  732. 	}
    733. 

  733. 

  734. 	// --------------------------------------------------------------------
    735. 

  735. 

  736. 	/**
    737. 

  737. 	 * Update Comment
    738. 

  738. 	 *
    739. 

  739. 	 * @return	void
    740. 

  740. 	 */
    741. 

  741. 	public function update_comment()
    742. 

  742. 	{
    743. 

  743. 		$this->_permissions_check();
    744. 

  744. 

  745. 		$comment_id = $this->EE->input->get_post('comment_id');
    746. 

  746. 

  747. 		if ($comment_id == FALSE OR ! is_numeric($comment_id))
    748. 

  748. 		{
    749. 

  749. 			show_error(lang('unauthorized_access'));
    750. 

  750. 		}
    751. 

  751. 

  752. 		$this->EE->load->library('form_validation');
    753. 

  753. 		$can_edit = FALSE;
    754. 

  754. 		
    755. 

  755. 		if ($this->EE->cp->allowed_group('can_edit_all_comments'))
    756. 

  756. 		{
    757. 

  757. 			$query = $this->EE->db->get_where('comments', array('comment_id' => $comment_id));
    758. 

  758. 			$can_edit = TRUE;
    759. 

  759. 		}
    760. 

  760. 		else
    761. 

  761. 		{
    762. 

  762. 			$this->EE->db->select('channel_titles.author_id, comments.channel_id, comments.entry_id');
    763. 

  763. 			$this->EE->db->from(array('channel_titles', 'comments'));
    764. 

  764. 			$this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
    765. 

  765. 			$this->EE->db->where('comments.comment_id', $comment_id);
    766. 

  766. 

  767. 			$query = $this->EE->db->get();
    768. 

  768. 

  769. 			if ($query->row('author_id') != $this->EE->session->userdata('member_id'))
    770. 

  770. 			{
    771. 

  771. 				if ( ! $this->EE->cp->allowed_group('can_moderate_comments'))
    772. 

  772. 				{
    773. 

  773. 					show_error(lang('unauthorized_access'));
    774. 

  774. 				}
    775. 

  775. 

  776. 				$can_edit = TRUE;
    777. 

  777. 			}
    778. 

  778. 		}
    779. 

  779. 

  780. 		if ($query->num_rows() == 0)
    781. 

  781. 		{
    782. 

  782. 			return false;
    783. 

  783. 		}
    784. 

  784. 		
    785. 

  785. 		$row = $query->row_array();
    786. 

  786. 

  787.    		$author_id = $row['author_id'];
    788. 

  788. 		$channel_id = $row['channel_id'];
    789. 

  789. 		$entry_id = $row['entry_id'];
    790. 

  790. 		$current_status = $row['status'];
    791. 

  791. 		
    792. 

  792. 		$new_channel_id = $row['channel_id'];
    793. 

  793. 		$new_entry_id = $row['entry_id'];
    794. 

  794. 

  795. 		//	 Are emails required?
    796. 

  796. 		$this->EE->db->select('channels.comment_require_email');
    797. 

  797. 		$this->EE->db->from(array('channels', 'comments'));
    798. 

  798. 		$this->EE->db->where('comments.channel_id = '.$this->EE->db->dbprefix('channels.channel_id'));
    799. 

  799. 		$this->EE->db->where('comments.comment_id', $comment_id);
    800. 

  800. 		$query = $this->EE->db->get();
    801. 

  801. 

  802. 		if ($query->num_rows() == 0)
    803. 

  803. 		{
    804. 

  804. 			return show_error(lang('no_channel_exists'));
    805. 

  805. 		}
    806. 

  806. 

  807. 		foreach ($query->row_array() as $key => $val)
    808. 

  808. 		{
    809. 

  809. 			$$key = $val;
    810. 

  810. 		}
    811. 

  811. 

  812. 		$status = $this->EE->input->post('status');
    813. 

  813. 

  814. 		//  If they can not edit- only the status may change
    815. 

  815. 		if ( ! $can_edit)
    816. 

  816. 		{
    817. 

  817. 			if ( ! in_array($status, array('o', 'c', 'p')))
    818. 

  818. 			{
    819. 

  819. 				show_error(lang('unauthorized_access'));
    820. 

  820. 			}
    821. 

  821. 			
    822. 

  822. 			$data = array('status' => $status);
    823. 

  823. 			$this->EE->db->query($this->EE->db->update_string('exp_comments', $data, "comment_id = '$comment_id'"));
    824. 

  824. 			
    825. 

  825. 			$this->update_stats(array($entry_id), array($channel_id), array($author_id));
    826. 

  826. 

  827. 			//  Did status change to open?  Notify
    828. 

  828. 			if ($status == 'o' && $current_status != 'o')
    829. 

  829. 			{
    830. 

  830. 				$this->send_notification_emails(array($comment_id));
    831. 

  831. 			}
    832. 

  832. 			
    833. 

  833. 			$this->EE->functions->clear_caching('all');
    834. 

  834. 

  835. 			$url = $this->base_url.AMP.'comment_id='.$comment_id;
    836. 

  836. 

  837. 			$this->EE->session->set_flashdata('message_success',  
    838. 

  838. 												lang('comment_updated'));
    839. 

  839. 			$this->EE->functions->redirect($url);			
    840. 

  840. 		}
    841. 

  841. 		
    842. 

  842. 		// Error checks
    843. 

  843. 		if ($author_id == 0)
    844. 

  844. 		{
    845. 

  845. 			// Fetch language file
    846. 

  846. 			$this->EE->lang->loadfile('myaccount');
    847. 

  847. 

  848. 			if ($comment_require_email == 'y')
    849. 

  849. 			{
    850. 

  850. 				$this->EE->form_validation->set_rules('email', 'lang:email', 'callback__email_check');
    851. 

  851. 			}
    852. 

  852. 			else
    853. 

  853. 			{
    854. 

  854. 				$this->EE->form_validation->set_rules('email', 'lang:email', '');
    855. 

  855. 			}
    856. 

  856. 

  857. 			$this->EE->form_validation->set_rules('name', 'lang:name', 'required');
    858. 

  858. 	
    859. 

  859. 		
    860. 

  860. 			$this->EE->form_validation->set_rules('url', '', '');			
    861. 

  861. 			$this->EE->form_validation->set_rules('location', '', '');
    862. 

  862. 		}
    863. 

  863. 

  864. 

  865. 		// Are thy moving the comment?  Check for valid entry_id
    866. 

  866. 		$move_to = $this->EE->input->get_post('move_to');
    867. 

  867. 		$recount_ids = array();
    868. 

  868. 		$recount_channels = array();
    869. 

  869. 

  870. 		if ($move_to != '')
    871. 

  871. 		{
    872. 

  872. 			$tcount = 0;
    873. 

  873. 			
    874. 

  874. 			if (ctype_digit($move_to))
    875. 

  875. 			{
    876. 

  876. 				$this->EE->db->select('title, entry_id, channel_id');
    877. 

  877. 				$this->EE->db->where('entry_id', $move_to);
    878. 

  878. 				$query = $this->EE->db->get('channel_titles');
    879. 

  879. 			
    880. 

  880. 				$tcount = $query->num_rows();
    881. 

  881. 			}
    882. 

  882. 

  883. 

  884. 			if ($tcount == 0)
    885. 

  885. 			{
    886. 

  886. 				$this->EE->form_validation->set_rules('move_to', 'lang:move_to', 'callback__move_check');
    887. 

  887. 			}
    888. 

  888. 			else
    889. 

  889. 			{
    890. 

  890. 				$row = $query->row();
    891. 

  891. 			
    892. 

  892. 				$new_entry_id = $row->entry_id;
    893. 

  893. 				$new_channel_id = $row->channel_id;
    894. 

  894. 

  895. 				$recount_ids[] = $entry_id;
    896. 

  896. 				$recount_channels[] = $channel_id;
    897. 

  897. 

  898. 				$recount_ids[] = $row->entry_id;
    899. 

  899. 				$recount_channels[] = $row->channel_id;
    900. 

  900. 			}
    901. 

  901. 		}
    902. 

  902. 

  903. 		
    904. 

  904. 		$this->EE->form_validation->set_rules('comment', 'lang:comment', 'required');
    905. 

  905. 

  906. 		$this->EE->form_validation->set_error_delimiters('<br /><span class="notice">', '<br />');
    907. 

  907. 		
    908. 

  908. 		if ($this->EE->form_validation->run() === FALSE)
    909. 

  909. 		{
    910. 

  910. 			return $this->edit_comment_form($comment_id);
    911. 

  911. 		}		
    912. 

  912. 

  913. 		// Build query
    914. 

  914. 

  915. 		if ($author_id == 0)
    916. 

  916. 		{
    917. 

  917. 			$data = array(
    918. 

  918. 							'entry_id' => $new_entry_id,
    919. 

  919. 							'channel_id' => $new_channel_id,
    920. 

  920. 							'name'		=> $this->EE->input->post('name'),
    921. 

  921. 							'email'		=> $this->EE->input->post('email'),
    922. 

  922. 							'url'		=> $this->EE->input->post('url'),
    923. 

  923. 							'location'	=> $this->EE->input->post('location'),
    924. 

  924. 							'comment'	=> $this->EE->input->post('comment'),
    925. 

  925. 							'status'	=> $status
    926. 

  926. 						 );
    927. 

  927. 		}
    928. 

  928. 		else
    929. 

  929. 		{
    930. 

  930. 			$data = array(
    931. 

  931. 							'entry_id' => $new_entry_id,
    932. 

  932. 							'channel_id' => $new_channel_id,
    933. 

  933. 							'comment'	=> $this->EE->input->post('comment'),
    934. 

  934. 							'status'	=> $status
    935. 

  935. 						 );
    936. 

  936. 		}
    937. 

  937. 		
    938. 

  938. 		$this->EE->db->query($this->EE->db->update_string('exp_comments', $data, "comment_id = '$comment_id'"));
    939. 

  939. 

  940. 		if ($status != $current_status)
    941. 

  941. 		{
    942. 

  942. 			$this->update_stats(array($entry_id), array($channel_id), array($author_id));
    943. 

  943. 

  944. 			//  Did status change to open?  Notify
    945. 

  945. 			if ($status == 'o' && $current_status != 'o')
    946. 

  946. 			{
    947. 

  947. 				$this->send_notification_emails(array($comment_id));
    948. 

  948. 			}			
    949. 

  949. 		}
    950. 

  950. 

  951. 

  952. 		if (count($recount_ids) > 0)
    953. 

  953. 		{
    954. 

  954. 			$this->EE->load->model('comment_model');
    955. 

  955. 

  956. 			$this->EE->comment_model->recount_entry_comments($recount_ids);
    957. 

  957. 			
    958. 

  958. 			// Quicker and updates just the channels
    959. 

  959. 			foreach(array_unique($recount_channels) as $channel_id) 
    960. 

  960. 			{ 
    961. 

  961. 				$this->EE->stats->update_comment_stats($channel_id, '', FALSE); 
    962. 

  962. 			}
    963. 

  963. 

  964. 			// Updates the total stats
    965. 

  965. 			$this->EE->stats->update_comment_stats();
    966. 

  966. 		}
    967. 

  967. 		
    968. 

  968. 

  969. 		/* -------------------------------------------
    970. 

  970. 		/* 'update_comment_additional' hook.
    971. 

  971. 		/*  - Add additional processing on comment update.
    972. 

  972. 		*/
    973. 

  973. 			$edata = $this->EE->extensions->call('update_comment_additional', $comment_id, $data);
    974. 

  974. 			if ($this->EE->extensions->end_script === TRUE) return;
    975. 

  975. 		/*
    976. 

  976. 		/* -------------------------------------------*/
    977. 

  977. 		
    978. 

  978. 		$this->EE->functions->clear_caching('all');
    979. 

  979. 

  980. 		$url = $this->base_url.AMP.'comment_id='.$comment_id;
    981. 

  981. 

  982. 		$this->EE->session->set_flashdata('message_success',  lang('comment_updated'));
    983. 

  983. 		$this->EE->functions->redirect($url);
    984. 

  984. 	}
    985. 

  985. 

  986. 	// --------------------------------------------------------------------
    987. 

  987. 

  988. 	/**
    989. 

  989. 	 * Email Check
    990. 

  990. 	 * 
    991. 

  991. 	 * callback function for form_validation, so it needs to be publicly 
    992. 

  992. 	 * accessible.
    993. 

  993. 	 */
    994. 

  994. 	public function _email_check($str)
    995. 

  995. 	{
    996. 

  996. 		// Is email missing?
    997. 

  997. 		if ($str == '')
    998. 

  998. 		{
    999. 

  999. 			$this->EE->form_validation->set_message('_email_check', 	
    1000. 

  1000. 												lang('missing_email'));
    1001. 

  1001. 			return FALSE;
    1002. 

  1002. 

  1003. 		}
    1004. 

  1004. 

  1005. 		// Is email valid?
    1006. 

  1006. 		$this->EE->load->helper('email');
    1007. 

  1007. 		
    1008. 

  1008. 		if ( ! valid_email($str))
    1009. 

  1009. 		{
    1010. 

  1010. 			$this->EE->form_validation->set_message('_email_check', 
    1011. 

  1011. 												lang('invalid_email_address'));
    1012. 

  1012. 			return FALSE;
    1013. 

  1013. 		}
    1014. 

  1014. 

  1015. 		// Is email banned?
    1016. 

  1016. 		if ($this->EE->session->ban_check('email', $str))
    1017. 

  1017. 		{
    1018. 

  1018. 			$this->EE->form_validation->set_message('_email_check', 
    1019. 

  1019. 												lang('banned_email'));
    1020. 

  1020. 			return FALSE;
    1021. 

  1021. 		}
    1022. 

  1022. 		
    1023. 

  1023. 		return TRUE;
    1024. 

  1024. 	}
    1025. 

  1025. 

  1026. 	// --------------------------------------------------------------------
    1027. 

  1027. 	
    1028. 

  1028. 	/**
    1029. 

  1029. 	 * Move check -- form_validation callback
    1030. 

  1030. 	 *
    1031. 

  1031. 	 */
    1032. 

  1032. 	public function _move_check($str)
    1033. 

  1033. 	{
    1034. 

  1034. 		// failed by definition
    1035. 

  1035. 		$this->EE->form_validation->set_message('_move_check', 
    1036. 

  1036. 												lang('invalid_entry_id'));
    1037. 

  1037. 		return FALSE;
    1038. 

  1038. 	}
    1039. 

  1039. 	
    1040. 

  1040. 	// --------------------------------------------------------------------
    1041. 

  1041. 

  1042. 	/**
    1043. 

  1043. 	 * Modify Comments
    1044. 

  1044. 	 *
    1045. 

  1045. 	 * @return	void
    1046. 

  1046. 	 */
    1047. 

  1047. 	public function modify_comments()
    1048. 

  1048. 	{
    1049. 

  1049. 		// This only happens if they submit with no comments checked, so we send
    1050. 

  1050. 		// them home.
    1051. 

  1051. 		if ( ! $this->EE->input->post('toggle') && 
    1052. 

  1052. 			 ! $this->EE->input->get_post('comment_id'))
    1053. 

  1053. 		{
    1054. 

  1054. 			$this->EE->session->set_flashdata('message_failure', 
    1055. 

  1055. 											lang('no_valid_selections'));
    1056. 

  1056. 			$this->EE->functions->redirect($this->base_url);
    1057. 

  1057. 		}
    1058. 

  1058. 

  1059. 		switch($this->EE->input->post('action'))
    1060. 

  1060. 		{
    1061. 

  1061. 			case 'open':
    1062. 

  1062. 				$this->change_comment_status('o');
    1063. 

  1063. 			break;
    1064. 

  1064. 			case 'close':
    1065. 

  1065. 				$this->change_comment_status('c');
    1066. 

  1066. 			break;
    1067. 

  1067. 			case 'pending':
    1068. 

  1068. 				$this->change_comment_status('p');
    1069. 

  1069. 			break;			
    1070. 

  1070. 			default:
    1071. 

  1071. 				return $this->delete_comment_confirm();
    1072. 

  1072. 			break;
    1073. 

  1073. 		}
    1074. 

  1074. 	}
    1075. 

  1075. 

  1076. 	// --------------------------------------------------------------------
    1077. 

  1077. 

  1078. 	/**
    1079. 

  1079. 	 * Delete Comments Confirmation
    1080. 

  1080. 	 *
    1081. 

  1081. 	 * @return	void
    1082. 

  1082. 	 */
    1083. 

  1083. 	public function delete_comment_confirm()
    1084. 

  1084. 	{
    1085. 

  1085. 		if ( ! $this->EE->cp->allowed_group('can_delete_all_comments') 
    1086. 

  1086. 		  && ! $this->EE->cp->allowed_group('can_delete_own_comments'))
    1087. 

  1087. 		{
    1088. 

  1088. 			show_error(lang('unauthorized_access'));
    1089. 

  1089. 		}
    1090. 

  1090. 

  1091. 		$this->EE->cp->get_installed_modules();
    1092. 

  1092. 		
    1093. 

  1093. 		$blacklist_installed =  (isset($this->EE->cp->installed_modules['blacklist'])) ? TRUE : FALSE;
    1094. 

  1094. 

  1095. 		if ( ! $this->EE->input->post('toggle') && ! $this->EE->input->get_post('comment_id'))
    1096. 

  1096. 		{
    1097. 

  1097. 			$this->EE->session->set_flashdata('message_failure', lang('no_valid_selections'));
    1098. 

  1098. 			$this->EE->functions->redirect($this->base_url);
    1099. 

  1099. 		}
    1100. 

  1100. 

  1101. 		$this->EE->load->library('table');
    1102. 

  1102. 		$comments = array();
    1103. 

  1103. 

  1104. 		if ($this->EE->input->post('toggle'))
    1105. 

  1105. 		{
    1106. 

  1106. 			foreach ($_POST['toggle'] as $key => $val)
    1107. 

  1107. 			{
    1108. 

  1108. 				$comments[] = $val;
    1109. 

  1109. 			}
    1110. 

  1110. 		}
    1111. 

  1111. 		
    1112. 

  1112. 		if ($this->EE->input->get_post('comment_id') !== FALSE && is_numeric($this->EE->input->get_post('comment_id')))
    1113. 

  1113. 		{
    1114. 

  1114. 			$comments[] = $this->EE->input->get_post('comment_id');
    1115. 

  1115. 		}
    1116. 

  1116. 

  1117. 		if (count($comments) == 0)
    1118. 

  1118. 		{
    1119. 

  1119. 			show_error(lang('unauthorized_access'));
    1120. 

  1120. 		}
    1121. 

  1121. 

  1122. 		$this->EE->db->select('channel_titles.author_id, title, comments.comment_id, comment, comments.ip_address');
    1123. 

  1123. 		$this->EE->db->from(array('channel_titles', 'comments'));
    1124. 

  1124. 		$this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
    1125. 

  1125. 		$this->EE->db->where_in('comments.comment_id', $comments);
    1126. 

  1126. 

  1127. 		$comments	= array();
    1128. 

  1128. 

  1129. 		$query = $this->EE->db->get();
    1130. 

  1130. 

  1131. 		if ($query->num_rows() > 0)
    1132. 

  1132. 		{
    1133. 

  1133. 			foreach($query->result_array() as $row)
    1134. 

  1134. 			{
    1135. 

  1135. 				if ( ! $this->EE->cp->allowed_group('can_delete_all_comments')  && ($row['author_id'] != $this->EE->session->userdata('member_id')))
    1136. 

  1136. 				{					
    1137. 

  1137. 					continue;
    1138. 

  1138. 				}
    1139. 

  1139. 				
    1140. 

  1140. 				$row['comment'] = strip_tags(str_replace(array("\t","\n","\r"), ' ', $row['comment']));
    1141. 

  1141. 				$row['comment'] = $this->EE->functions->char_limiter(trim($row['comment']), 100);
    1142. 

  1142. 

  1143. 

  1144. 				$comments[$row['comment_id']]['entry_title'] = $row['title'];
    1145. 

  1145. 				$comments[$row['comment_id']]['comment'] = $row['comment'];
    1146. 

  1146. 				$comments[$row['comment_id']]['ip_address'] = $row['ip_address'];
    1147. 

  1147. 			}
    1148. 

  1148. 		}
    1149. 

  1149. 

  1150. 		if (count($comments) == 0)
    1151. 

  1151. 		{
    1152. 

  1152. 			$this->EE->session->set_flashdata('message_failure', 
    1153. 

  1153. 											lang('no_valid_selections'));
    1154. 

  1154. 			$this->EE->functions->redirect($this->base_url);
    1155. 

  1155. 		}
    1156. 

  1156. 

  1157. 		$this->EE->load->helper('form');
    1158. 

  1158. 		$this->EE->cp->set_variable('cp_page_title', lang('delete_confirm'));
    1159. 

  1159. 

  1160. 		$this->EE->cp->set_variable('cp_breadcrumbs', array(
    1161. 

  1161. 			$this->base_url => lang('comments'),
    1162. 

  1162. 

  1163. 		));
    1164. 

  1164. 		
    1165. 

  1165. 		$vars = array();
    1166. 

  1166. 

  1167. 		$vars['hidden'] = array(
    1168. 

  1168. 					'comment_ids'	=> implode('|', array_keys($comments)));
    1169. 

  1169. 								
    1170. 

  1170. 		$vars['blacklist_installed'] = (isset($this->EE->cp->installed_modules['blacklist'])) ? TRUE : FALSE;
    1171. 

  1171. 								
    1172. 

  1172. 		$message = (count($comments) > 1) ? 'delete_comments_confirm' : 'delete_comment_confirm';
    1173. 

  1173. 

  1174. 		$vars['comments'] = $comments;
    1175. 

  1175. 		$vars['message'] = $message;
    1176. 

  1176. 		
    1177. 

  1177. 		return $this->EE->load->view('delete_comments', $vars, TRUE);
    1178. 

  1178. 	}
    1179. 

  1179. 

  1180. 	// --------------------------------------------------------------------
    1181. 

  1181. 

  1182. 	/**
    1183. 

  1183. 	 * Change Comment Status
    1184. 

  1184. 	 *
    1185. 

  1185. 	 * @param	string	new status
    1186. 

  1186. 	 * @return	void
    1187. 

  1187. 	 */
    1188. 

  1188. 	public function change_comment_status($status = '')
    1189. 

  1189. 	{
    1190. 

  1190. 		$this->_permissions_check();
    1191. 

  1191. 

  1192. 		$comments	= array();
    1193. 

  1193. 		
    1194. 

  1194. 		if (isset($_POST['toggle']) && is_array($_POST['toggle']))
    1195. 

  1195. 		{
    1196. 

  1196. 			foreach ($_POST['toggle'] as $key => $val)
    1197. 

  1197. 			{
    1198. 

  1198. 				$comments[$val] = $val;
    1199. 

  1199. 			}
    1200. 

  1200. 		}
    1201. 

  1201. 

  1202. 		if($this->EE->input->get_post('comment_id') !== FALSE && is_numeric($this->EE->input->get_post('comment_id')))
    1203. 

  1203. 		{
    1204. 

  1204. 			$comments[$this->EE->input->get_post('comment_id')] = $this->EE->input->get_post('comment_id');
    1205. 

  1205. 		}
    1206. 

  1206. 

  1207. 		if (count($comments) == 0)
    1208. 

  1208. 		{
    1209. 

  1209. 			show_error(lang('unauthorized_access'));
    1210. 

  1210. 		}
    1211. 

  1211. 

  1212. 		$status = ($status == '') ? $this->EE->input->get('status') : $status;
    1213. 

  1213. 

  1214. 		if ( ! in_array($status, array('o', 'c', 'p')))
    1215. 

  1215. 		{
    1216. 

  1216. 			show_error(lang('unauthorized_access'));
    1217. 

  1217. 		}
    1218. 

  1218. 

  1219. 		$this->EE->db->select('exp_comments.entry_id, exp_comments.channel_id, exp_comments.author_id, comment_id, exp_channel_titles.author_id AS entry_author');
    1220. 

  1220. 		$this->EE->db->join('channel_titles', 'exp_comments.entry_id = exp_channel_titles.entry_id', 'left');
    1221. 

  1221. 		$this->EE->db->where_in('comment_id', $comments);
    1222. 

  1222. 		$query = $this->EE->db->get('comments');
    1223. 

  1223. 

  1224. 		// Retrieve Our Results
    1225. 

  1225. 

  1226. 		if ($query->num_rows() == 0)
    1227. 

  1227. 		{
    1228. 

  1228. 			show_error(lang('unauthorized_access'));
    1229. 

  1229. 		}
    1230. 

  1230. 

  1231. 		$entry_ids	= array();
    1232. 

  1232. 		$author_ids = array();
    1233. 

  1233. 		$channel_ids = array();
    1234. 

  1234. 

  1235. 

  1236. 		foreach($query->result_array() as $row)
    1237. 

  1237. 		{
    1238. 

  1238. 			if (( ! $this->EE->cp->allowed_group('can_moderate_comments') 
    1239. 

  1239. 			   && ! $this->EE->cp->allowed_group('can_edit_all_comments')) 
    1240. 

  1240. 			   && ($row['entry_author'] != $this->EE->session->userdata('member_id')))
    1241. 

  1241. 			{					
    1242. 

  1242. 				unset($comments[$row['comment_id']]);
    1243. 

  1243. 				continue;
    1244. 

  1244. 			}
    1245. 

  1245. 

  1246. 			$entry_ids[]  = $row['entry_id'];
    1247. 

  1247. 			$author_ids[] = $row['author_id'];
    1248. 

  1248. 			$channel_ids[] = $row['channel_id'];
    1249. 

  1249. 		}
    1250. 

  1250. 		
    1251. 

  1251. 		if (count($comments) == 0)
    1252. 

  1252. 		{
    1253. 

  1253. 			show_error(lang('unauthorized_access'));
    1254. 

  1254. 		}		
    1255. 

  1255. 		
    1256. 

  1256. 

  1257. 		$entry_ids	= array_unique($entry_ids);
    1258. 

  1258. 		$author_ids = array_unique($author_ids);
    1259. 

  1259. 		$channel_ids = array_unique($channel_ids);
    1260. 

  1260. 

  1261. 		/** -------------------------------
    1262. 

  1262. 		/**	 Change Status
    1263. 

  1263. 		/** -------------------------------*/
    1264. 

  1264. 

  1265. 		$this->EE->db->set('status', $status);
    1266. 

  1266. 		$this->EE->db->where_in('comment_id', $comments);
    1267. 

  1267. 		$this->EE->db->update('comments');
    1268. 

  1268. 		
    1269. 

  1269. 		$this->update_stats($entry_ids, $channel_ids, $author_ids);
    1270. 

  1270. 		
    1271. 

  1271. 		//	 Send email notification or remove notifications
    1272. 

  1272. 

  1273. 		if ($status == 'o')
    1274. 

  1274. 		{
    1275. 

  1275. 			$this->send_notification_emails($comments);
    1276. 

  1276. 		}
    1277. 

  1277. 		
    1278. 

  1278. 		if ($this->EE->extensions->active_hook('update_comment_additional'))
    1279. 

  1279. 		{
    1280. 

  1280. 

  1281. 			$qry = $this->EE->db->where_in('comment_id', $comments)
    1282. 

  1282. 								->get('comments');
    1283. 

  1283. 			
    1284. 

  1284. 			foreach ($qry->result_array() as $row)
    1285. 

  1285. 			{
    1286. 

  1286. 				/* -------------------------------------------
    1287. 

  1287. 				/* 'update_comment_additional' hook.
    1288. 

  1288. 				/*  - Add additional processing on comment update.
    1289. 

  1289. 				*/
    1290. 

  1290. 					$edata = $this->EE->extensions->call(
    1291. 

  1291. 													'update_comment_additional', 
    1292. 

  1292. 													$row['comment_id'], $row
    1293. 

  1293. 												);
    1294. 

  1294. 

  1295. 					if ($this->EE->extensions->end_script === TRUE) return;
    1296. 

  1296. 				/*
    1297. 

  1297. 				/* -------------------------------------------*/
    1298. 

  1298. 			}
    1299. 

  1299. 		}
    1300. 

  1300. 

  1301. 		$this->EE->functions->clear_caching('all');
    1302. 

  1302. 

  1303. 		$url = $this->base_url;
    1304. 

  1304. 

  1305. 		$this->EE->session->set_flashdata('message_success', lang('status_changed'));
    1306. 

  1306. 		$this->EE->functions->redirect($url);
    1307. 

  1307. 	}
    1308. 

  1308. 

  1309. 	// --------------------------------------------------------------------
    1310. 

  1310. 

  1311. 	/**
    1312. 

  1312. 	 * Delete Comment
    1313. 

  1313. 	 *
    1314. 

  1314. 	 * @return	void
    1315. 

  1315. 	 */
    1316. 

  1316. 	public function delete_comment()
    1317. 

  1317. 	{
    1318. 

  1318. 		if ( ! $this->EE->cp->allowed_group('can_delete_all_comments') && 
    1319. 

  1319. 			 ! $this->EE->cp->allowed_group('can_delete_own_comments'))
    1320. 

  1320. 		{
    1321. 

  1321. 			show_error(lang('unauthorized_access'));
    1322. 

  1322. 		}
    1323. 

  1323. 

  1324. 		$comment_id = $this->EE->input->post('comment_ids');
    1325. 

  1325. 

  1326. 		if ($comment_id == FALSE)
    1327. 

  1327. 		{
    1328. 

  1328. 			show_error(lang('unauthorized_access'));
    1329. 

  1329. 		}
    1330. 

  1330. 

  1331. 

  1332. 		if ( ! preg_match("/^[0-9]+$/", str_replace('|', '', $comment_id)))
    1333. 

  1333. 		{
    1334. 

  1334. 			show_error(lang('unauthorized_access'));
    1335. 

  1335. 		}
    1336. 

  1336. 		
    1337. 

  1337. 		$this->EE->db->where_in('comment_id', explode('|', $comment_id));
    1338. 

  1338. 		$count = $this->EE->db->count_all_results('comments');
    1339. 

  1339. 

  1340. 		if ($count == 0)
    1341. 

  1341. 		{
    1342. 

  1342. 			show_error(lang('unauthorized_access'));
    1343. 

  1343. 		}
    1344. 

  1344. 	
    1345. 

  1345. 		$this->EE->cp->get_installed_modules();
    1346. 

  1346. 		
    1347. 

  1347. 		$blacklist_installed =  (isset($this->EE->cp->installed_modules['blacklist'])) ? TRUE : FALSE;
    1348. 

  1348. 

  1349. 		$this->EE->db->select('channel_titles.author_id, channel_titles.entry_id, channel_titles.channel_id, channel_titles.comment_total, comments.ip_address');
    1350. 

  1350. 		$this->EE->db->from(array('channel_titles', 'comments'));
    1351. 

  1351. 		$this->EE->db->where('channel_titles.entry_id = '.$this->EE->db->dbprefix('comments.entry_id'));
    1352. 

  1352. 		$this->EE->db->where_in('comments.comment_id', explode('|', $comment_id));
    1353. 

  1353. 

  1354. 		$query = $this->EE->db->get();
    1355. 

  1355. 

  1356. 		if ($query->num_rows() == 0)
    1357. 

  1357. 		{
    1358. 

  1358. 			show_error(lang('unauthorized_access'));
    1359. 

  1359. 		}
    1360. 

  1360. 

  1361. 		$entry_ids	= array();
    1362. 

  1362. 		$author_ids = array();
    1363. 

  1363. 		$channel_ids = array();
    1364. 

  1364. 		$bad_ips = array();
    1365. 

  1365. 

  1366. 		foreach($query->result_array() as $row)
    1367. 

  1367. 		{
    1368. 

  1368. 			$entry_ids[]  = $row['entry_id'];
    1369. 

  1369. 			$author_ids[] = $row['author_id'];
    1370. 

  1370. 			$channel_ids[] = $row['channel_id'];
    1371. 

  1371. 			$bad_ips[] = $row['ip_address'];
    1372. 

  1372. 		}
    1373. 

  1373. 

  1374. 		$entry_ids	= array_unique($entry_ids);
    1375. 

  1375. 		$author_ids = array_unique($author_ids);
    1376. 

  1376. 		$channel_ids = array_unique($channel_ids);
    1377. 

  1377. 		$ips['ip'] = array_unique($bad_ips);
    1378. 

  1378. 		unset($bad_ips);
    1379. 

  1379. 

  1380. 

  1381. 		if ( ! $this->EE->cp->allowed_group('can_delete_all_comments'))
    1382. 

  1382. 		{
    1383. 

  1383. 			foreach($query->result_array() as $row)
    1384. 

  1384. 			{
    1385. 

  1385. 				if ($row['author_id'] != $this->EE->session->userdata('member_id'))
    1386. 

  1386. 				{
    1387. 

  1387. 					show_error(lang('unauthorized_access'));
    1388. 

  1388. 				}
    1389. 

  1389. 			}
    1390. 

  1390. 		}
    1391. 

  1391. 

  1392. 		// If blacklist was checked- blacklist!
    1393. 

  1393. 		if ($blacklist_installed && $this->EE->input->post('add_to_blacklist') == 'y')
    1394. 

  1394. 		{
    1395. 

  1395. 			include_once PATH_MOD.'blacklist/mcp.blacklist.php';
    1396. 

  1396. 

  1397. 			$bl = new Blacklist_mcp();
    1398. 

  1398. 			
    1399. 

  1399. 			// Write to htaccess?
    1400. 

  1400. 			$write_htacces = ($this->EE->session->userdata('group_id') == '1' && $this->EE->config->item('htaccess_path') != '')	? TRUE : FALSE;		
    1401. 

  1401. 			
    1402. 

  1402. 			$blacklisted = $bl->update_blacklist($ips, $write_htacces, 'bool');
    1403. 

  1403. 		}
    1404. 

  1404. 

  1405. 

  1406. 		$comment_ids = explode('|', $comment_id);
    1407. 

  1407. 

  1408. 		/* -------------------------------------------
    1409. 

  1409. 		/* 'delete_comment_additional' hook.
    1410. 

  1410. 		/*  - Add additional processing on comment delete
    1411. 

  1411. 		*/
    1412. 

  1412. 			$edata = $this->EE->extensions->call('delete_comment_additional', $comment_ids);
    1413. 

  1413. 			if ($this->EE->extensions->end_script === TRUE) return;
    1414. 

  1414. 		/*
    1415. 

  1415. 		/* -------------------------------------------*/
    1416. 

  1416. 

  1417. 		$this->EE->db->where_in('comment_id', $comment_ids);
    1418. 

  1418. 		$this->EE->db->delete('comments');
    1419. 

  1419. 		
    1420. 

  1420. 		$this->update_stats($entry_ids, $channel_ids, $author_ids);
    1421. 

  1421. 

  1422. 		$this->EE->functions->clear_caching('all');
    1423. 

  1423. 		$this->EE->session->set_flashdata('message_success', 
    1424. 

  1424. 										  lang('comment_deleted'));
    1425. 

  1425. 

  1426. 		$this->EE->functions->redirect($this->base_url);
    1427. 

  1427. 	}
    1428. 

  1428. 	
    1429. 

  1429. 	// --------------------------------------------------------------------
    1430. 

  1430. 

  1431. 	/**
    1432. 

  1432. 	 * Send Notification Emails
    1433. 

  1433. 	 *
    1434. 

  1434. 	 * @return	void
    1435. 

  1435. 	 */
    1436. 

  1436. 	public function send_notification_emails($comments)
    1437. 

  1437. 	{
    1438. 

  1438. 		// Load subscription class
    1439. 

  1439. 		$this->EE->load->library('subscription');
    1440. 

  1440. 			
    1441. 

  1441. 		// Instantiate Typography class
    1442. 

  1442. 		$this->EE->load->library('typography');
    1443. 

  1443. 		$this->EE->typography->initialize(array(
    1444. 

  1444. 				'parse_images'		=> FALSE,
    1445. 

  1445. 				'word_censor'		=> ($this->EE->config->item('comment_word_censoring') == 'y') ? TRUE : FALSE)
    1446. 

  1446. 				);
    1447. 

  1447. 

  1448. 

  1449. 		// Grab the required comments
    1450. 

  1450. 		$this->EE->db->select('comment, comment_id, author_id, name, email, comment_date, entry_id');
    1451. 

  1451. 		$this->EE->db->where_in('comment_id', $comments);
    1452. 

  1452. 		$query = $this->EE->db->get('comments');
    1453. 

  1453. 

  1454. 

  1455. 		// Sort based on entry
    1456. 

  1456. 		$entries = array();
    1457. 

  1457. 		
    1458. 

  1458. 		foreach ($query->result() as $row)
    1459. 

  1459. 		{
    1460. 

  1460. 			if ( ! isset($entries[$row->entry_id]))
    1461. 

  1461. 			{
    1462. 

  1462. 				$entries[$row->entry_id] = array();
    1463. 

  1463. 			}
    1464. 

  1464. 			
    1465. 

  1465. 			$entries[$row->entry_id][] = $row;
    1466. 

  1466. 		}
    1467. 

  1467. 		
    1468. 

  1468. 

  1469. 		// Go through the entries and send subscriptions
    1470. 

  1470. 		
    1471. 

  1471. 		foreach ($entries as $entry_id => $comments)
    1472. 

  1472. 		{
    1473. 

  1473. 			$this->EE->subscription->init('comment', array('entry_id' => $entry_id), TRUE);
    1474. 

  1474. 			
    1475. 

  1475. 			// Grab them all
    1476. 

  1476. 			$subscriptions = $this->EE->subscription->get_subscriptions();
    1477. 

  1477. 			
    1478. 

  1478. 			$this->EE->load->model('comment_model');
    1479. 

  1479. 			$recipients = $this->EE->comment_model->fetch_email_recipients($entry_id, $subscriptions);
    1480. 

  1480. 			
    1481. 

  1481. 			if (count($recipients))
    1482. 

  1482. 			{
    1483. 

  1483. 				// Grab generic entry info
    1484. 

  1484. 				
    1485. 

  1485. 				$action_id	= $this->EE->functions->fetch_action_id('Comment_mcp', 'delete_comment_notification');
    1486. 

  1486. 

  1487. 				$this->EE->db->select('channel_titles.title, channel_titles.entry_id, channel_titles.url_title, channels.channel_title, channels.comment_url, channels.channel_url, channels.channel_id');
    1488. 

  1488. 				$this->EE->db->join('channels', 'exp_channel_titles.channel_id = exp_channels.channel_id', 'left');
    1489. 

  1489. 				$this->EE->db->where('channel_titles.entry_id', $entry_id);
    1490. 

  1490. 				$results = $this->EE->db->get('channel_titles');		
    1491. 

  1491. 

  1492. 				$com_url = ($results->row('comment_url')  == '') ? $results->row('channel_url')	 : $results->row('comment_url');				
    1493. 

  1493. 				
    1494. 

  1494. 				
    1495. 

  1495. 				// Create an array of comments to add to the email
    1496. 

  1496. 				
    1497. 

  1497. 				$comments_swap = array();
    1498. 

  1498. 				
    1499. 

  1499. 				foreach ($comments as $c)
    1500. 

  1500. 				{
    1501. 

  1501. 					$comment_text = $this->EE->typography->parse_type(
    1502. 

  1502. 						$c->comment,
    1503. 

  1503. 						array(
    1504. 

  1504. 							'text_format'	=> 'none',
    1505. 

  1505. 							'html_format'	=> 'none',
    1506. 

  1506. 							'auto_links'	=> 'n',
    1507. 

  1507. 							'allow_img_url' => 'n'
    1508. 

  1508. 						)
    1509. 

  1509. 					);
    1510. 

  1510. 					
    1511. 

  1511. 					$comments_swap[] = array(
    1512. 

  1512. 						'name_of_commenter'	=> $c->name,
    1513. 

  1513. 						'name'				=> $c->name,
    1514. 

  1514. 						'comment'			=> $comment_text,
    1515. 

  1515. 						'comment_id'		=> $c->comment_id,
    1516. 

  1516. 					);
    1517. 

  1517. 				}
    1518. 

  1518. 				
    1519. 

  1519. 				
    1520. 

  1520. 				$swap = array(
    1521. 

  1521. 					'channel_name'					=> $results->row('channel_title'),
    1522. 

  1522. 					'entry_title'					=> $results->row('title'),
    1523. 

  1523. 					'site_name'						=> stripslashes($this->EE->config->item('site_name')),
    1524. 

  1524. 					'site_url'						=> $this->EE->config->item('site_url'),
    1525. 

  1525. 					'comment_url'					=> $this->EE->functions->remove_double_slashes($com_url.'/'.$results->row('url_title') .'/'),
    1526. 

  1526. 					'channel_id'					=> $results->row('channel_id'),
    1527. 

  1527. 					'entry_id'						=> $results->row('entry_id'),
    1528. 

  1528. 					'url_title'						=> $results->row('url_title'),
    1529. 

  1529. 					'comment_url_title_auto_path'	=> reduce_double_slashes($com_url.'/'.$results->row('url_title')),
    1530. 

  1530. 					
    1531. 

  1531. 					'comments'						=> $comments_swap
    1532. 

  1532. 				);
    1533. 

  1533. 				
    1534. 

  1534. 				$template = $this->EE->functions->fetch_email_template('comments_opened_notification');
    1535. 

  1535. 				
    1536. 

  1536. 				$this->EE->load->library('template');
    1537. 

  1537. 				
    1538. 

  1538. 				
    1539. 

  1539. 				$email_tit = $this->EE->template->parse_variables_row($template['title'], $swap);
    1540. 

  1540. 				$email_msg = $this->EE->template->parse_variables_row($template['data'], $swap);
    1541. 

  1541. 

  1542. 				//	Send email
    1543. 

  1543. 				$this->EE->load->library('email');
    1544. 

  1544. 				$this->EE->email->wordwrap = true;
    1545. 

  1545. 

  1546. 				// Load the text helper
    1547. 

  1547. 				$this->EE->load->helper('text');
    1548. 

  1548. 

  1549. 				$sent = array();
    1550. 

  1550. 

  1551. 				foreach ($recipients as $val)
    1552. 

  1552. 				{
    1553. 

  1553. 					if ( ! in_array($val['0'], $sent))
    1554. 

  1554. 					{
    1555. 

  1555. 						$title	 = $email_tit;
    1556. 

  1556. 						$message = $email_msg;
    1557. 

  1557. 

  1558. 						$sub	= $subscriptions[$val['1']];
    1559. 

  1559. 						$sub_qs	= 'id='.$sub['subscription_id'].'&hash='.$sub['hash'];
    1560. 

  1560. 

  1561. 						// Deprecate the {name} variable at some point
    1562. 

  1562. 						$title	 = str_replace('{name}', $val['2'], $title);
    1563. 

  1563. 						$message = str_replace('{name}', $val['2'], $message);
    1564. 

  1564. 

  1565. 						$title	 = str_replace('{name_of_recipient}', $val['2'], $title);
    1566. 

  1566. 						$message = str_replace('{name_of_recipient}', $val['2'], $message);
    1567. 

  1567. 

  1568. 						$title	 = str_replace('{notification_removal_url}', $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&'.$sub_qs, $title);
    1569. 

  1569. 						$message = str_replace('{notification_removal_url}', $this->EE->functions->fetch_site_index(0, 0).QUERY_MARKER.'ACT='.$action_id.'&'.$sub_qs, $message);
    1570. 

  1570. 

  1571. 						$this->EE->email->EE_initialize();
    1572. 

  1572. 						$this->EE->email->from($this->EE->config->item('webmaster_email'), $this->EE->config->item('webmaster_name'));
    1573. 

  1573. 						$this->EE->email->to($val['0']);
    1574. 

  1574. 						$this->EE->email->subject($title);
    1575. 

  1575. 						$this->EE->email->message(entities_to_ascii($message));
    1576. 

  1576. 						$this->EE->email->send();
    1577. 

  1577. 

  1578. 						$sent[] = $val['0'];
    1579. 

  1579. 					}
    1580. 

  1580. 				}
    1581. 

  1581. 			}
    1582. 

  1582. 		}
    1583. 

  1583. 

  1584. 		return;
    1585. 

  1585. 	}
    1586. 

  1586. 		
    1587. 

  1587. 	// --------------------------------------------------------------------
    1588. 

  1588. 

  1589. 	/**
    1590. 

  1590. 	 * Update Entry and Channel Stats
    1591. 

  1591. 	 *
    1592. 

  1592. 	 * @return	void
    1593. 

  1593. 	 */
    1594. 

  1594. 	public function update_stats($entry_ids, $channel_ids, $author_ids)
    1595. 

  1595. 	{
    1596. 

  1596. 		foreach($entry_ids as $entry_id)
    1597. 

  1597. 		{
    1598. 

  1598. 			$query = $this->EE->db->query("SELECT MAX(comment_date) AS max_date FROM exp_comments WHERE status = 'o' AND entry_id = '".$this->EE->db->escape_str($entry_id)."'");
    1599. 

  1599. 

  1600. 			$comment_date = ($query->num_rows() == 0 OR ! is_numeric($query->row('max_date') )) ? 0 : $query->row('max_date') ;
    1601. 

  1601. 

  1602. 			$query = $this->EE->db->query("SELECT COUNT(*) AS count FROM exp_comments WHERE entry_id = '".$this->EE->db->escape_str($entry_id)."' AND status = 'o'");
    1603. 

  1603. 

  1604. 			$this->EE->db->set('comment_total', $query->row('count'));
    1605. 

  1605. 			$this->EE->db->set('recent_comment_date', $comment_date);
    1606. 

  1606. 			$this->EE->db->where('entry_id', $entry_id);
    1607. 

  1607. 			$this->EE->db->update('channel_titles');
    1608. 

  1608. 		}
    1609. 

  1609. 

  1610. 		// Quicker and updates just the channels
    1611. 

  1611. 		foreach($channel_ids as $channel_id)
    1612. 

  1612. 		{
    1613. 

  1613. 			$this->EE->stats->update_comment_stats($channel_id, '', FALSE);
    1614. 

  1614. 		}
    1615. 

  1615. 

  1616. 		// Updates the total stats
    1617. 

  1617. 		$this->EE->stats->update_comment_stats();
    1618. 

  1618. 

  1619. 		foreach($author_ids as $author_id)
    1620. 

  1620. 		{
    1621. 

  1621. 			$res = $this->EE->db->query("SELECT COUNT(comment_id) AS comment_total, MAX(comment_date) AS comment_date FROM exp_comments WHERE author_id = '$author_id'");
    1622. 

  1622. 			$resrow = $res->row_array();
    1623. 

  1623. 

  1624. 			$comment_total = $resrow['comment_total'] ;
    1625. 

  1625. 			$comment_date  = ( ! empty($resrow['comment_date'])) ? $resrow['comment_date'] : 0;
    1626. 

  1626. 

  1627. 			$this->EE->db->query($this->EE->db->update_string('exp_members', array('total_comments' => $comment_total, 'last_comment_date' => $comment_date), "member_id = '$author_id'"));
    1628. 

  1628. 		}
    1629. 

  1629. 		
    1630. 

  1630. 		return;
    1631. 

  1631. 	}
    1632. 

  1632. 

  1633. 	// --------------------------------------------------------------------
    1634. 

  1634. 

  1635. 	/**
    1636. 

  1636. 	 * Settings page
    1637. 

  1637. 	 *
    1638. 

  1638. 	 * @return	void
    1639. 

  1639. 	 */
    1640. 

  1640. 	public function settings()
    1641. 

  1641. 	{
    1642. 

  1642. 		$this->_permissions_check();
    1643. 

  1643. 

  1644. 		$this->EE->load->library('table');
    1645. 

  1645. 		$this->EE->load->library('javascript');
    1646. 

  1646. 		$this->EE->load->helper('form');
    1647. 

  1647. 

  1648. 		$vars = array('action_url' => 'C=addons_modules'.AMP.'M=show_module_cp'.AMP.'module=comment'.AMP.'method=save_settings'
    1649. 

  1649. 		);
    1650. 

  1650. 

  1651. 		$this->EE->cp->set_variable('cp_page_title', lang('comment_settings'));
    1652. 

  1652. 

  1653. 		$this->EE->cp->set_variable('cp_breadcrumbs', array(
    1654. 

  1654. 			$this->base_url => lang('comments')));		
    1655. 

  1655. 		
    1656. 

  1656. 		$vars['comment_word_censoring']			= ($this->EE->config->item('comment_word_censoring') == 'y') ? TRUE : FALSE;
    1657. 

  1657. 		$vars['comment_moderation_override']	= ($this->EE->config->item('comment_moderation_override') == 'y') ? TRUE : FALSE;
    1658. 

  1658. 		$vars['comment_edit_time_limit']	= ($this->EE->config->item('comment_edit_time_limit') && ctype_digit($this->EE->config->item('comment_edit_time_limit'))) ? $this->EE->config->item('comment_edit_time_limit') : 0;		
    1659. 

  1659. 

  1660. 		return $this->EE->load->view('settings', $vars, TRUE);		
    1661. 

  1661. 	}
    1662. 

  1662. 	
    1663. 

  1663. 	// --------------------------------------------------------------------
    1664. 

  1664. 

  1665. 	/**
    1666. 

  1666. 	 * Update Comment Settings
    1667. 

  1667. 	 *
    1668. 

  1668. 	 * @return	void
    1669. 

  1669. 	 */	
    1670. 

  1670. 	public function save_settings()
    1671. 

  1671. 	{
    1672. 

  1672. 		$this->_permissions_check();
    1673. 

  1673. 

  1674. 		$timelimit = $this->EE->input->post('comment_edit_time_limit');
    1675. 

  1675. 		
    1676. 

  1676. 		$insert['comment_word_censoring'] = ($this->EE->input->post('comment_word_censoring')) ? 'y' : 'n';
    1677. 

  1677. 		$insert['comment_moderation_override'] = ($this->EE->input->post('comment_moderation_override')) ? 'y' : 'n';
    1678. 

  1678. 		$insert['comment_edit_time_limit'] = ($timelimit && ctype_digit($timelimit)) ? $timelimit : '';
    1679. 

  1679. 		
    1680. 

  1680. 		$this->EE->config->_update_config($insert);
    1681. 

  1681. 

  1682. 

  1683. 		$this->EE->session->set_flashdata('message_success', lang('settings_updated'));
    1684. 

  1684. 

  1685. 		$this->EE->functions->redirect($this->base_url.AMP.'method=settings');
    1686. 

  1686. 	}
    1687. 

  1687. }
    1688. 

  1688. // END CLASS
    1689. 

  1689. 

  1690. /* End of file mcp.comment.php */
    1691. 

  1691. /* Location: ./system/expressionengine/modules/comment/mcp.comment.php */
    1692.