Classes

File content/comments/CommentsService.class.php

File content/comments/CommentsService.class.php

  1:   2:   3:   4:   5:   6:   7:   8:   9:  10:  11:  12:  13:  14:  15:  16:  17:  18:  19:  20:  21:  22:  23:  24:  25:  26:  27:  28:  29:  30:  31:  32:  33:  34:  35:  36:  37:  38:  39:  40:  41:  42:  43:  44:  45:  46:  47:  48:  49:  50:  51:  52:  53:  54:  55:  56:  57:  58:  59:  60:  61:  62:  63:  64:  65:  66:  67:  68:  69:  70:  71:  72:  73:  74:  75:  76:  77:  78:  79:  80:  81:  82:  83:  84:  85:  86:  87:  88:  89:  90:  91:  92:  93:  94:  95:  96:  97:  98:  99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: 111: 112: 113: 114: 115: 116: 117: 118: 119: 120: 121: 122: 123: 124: 125: 126: 127: 128: 129: 130: 131: 132: 133: 134: 135: 136: 137: 138: 139: 140: 141: 142: 143: 144: 145: 146: 147: 148: 149: 150: 151: 152: 153: 154: 155: 156: 157: 158: 159: 160: 161: 162: 163: 164: 165: 166: 167: 168: 169: 170: 171: 172: 173: 174: 175: 176: 177: 178: 179: 180: 181: 182: 183: 184: 185: 186: 187: 188: 189: 190: 191: 192: 193: 194: 195: 196: 197: 198: 199: 200: 201: 202: 203: 204: 205: 206: 207: 208: 209: 210: 211: 212: 213: 214: 215: 216: 217: 218: 219: 220: 221: 222: 223: 224: 225: 226: 227: 228: 229: 230: 231: 232: 233: 234: 235: 236: 237: 238: 239: 240: 241: 242: 243: 244: 245: 246: 247: 248: 249: 250: 251: 252: 253: 254: 255: 256: 257: 258: 259: 260: 261: 262: 263: 264: 265: 266: 267: 268: 269: 270: 271: 272: 273: 274: 275: 276: 277: 278: 279: 280: 281: 282: 283: 284: 285: 286: 287: 288: 289: 290: 291: 292: 293: 294: 295: 296: 297: 298: 299: 300: 301: 302: 303: 304: 305: 306: 307: 308: 309: 310: 311: 312: 313: 314: 315: 316: 
<?php
/**
 * This class allows you to use a comments system
 * @package     Content
 * @subpackage  Comments
 * @copyright   &copy; 2005-2019 PHPBoost
 * @license     https://www.gnu.org/licenses/gpl-3.0.html GNU/GPL-3.0
 * @author      Kevin MASSY <reidlos@phpboost.com>
 * @version     PHPBoost 5.2 - last update: 2018 01 04
 * @since       PHPBoost 3.0 - 2011 03 31
 * @contributor Julien BRISWALTER <j1.seth@phpboost.com>
 * @contributor Arnaud GENET <elenwii@phpboost.com>
*/

class CommentsService
{
    private static $user;
    private static $lang;
    private static $common_lang;
    private static $comments_lang;
    private static $comments_cache;
    private static $template;

    public static function __static()
    {
        self::$user = AppContext::get_current_user();
        self::$lang = LangLoader::get('main');
        self::$common_lang = LangLoader::get('common');
        self::$comments_lang = LangLoader::get('comments-common');
        self::$comments_cache = CommentsCache::load();
        self::$template = new FileTemplate('framework/content/comments/comments.tpl');
        self::$template->add_lang(self::$comments_lang);
    }

    /**
     * This function display the comments
     * @param class CommentsTopic $topic
     * @return Template is a template object
     */
    public static function display(CommentsTopic $topic)
    {
        $module_id = $topic->get_module_id();
        $id_in_module = $topic->get_id_in_module();
        $topic_identifier = $topic->get_topic_identifier();
        $authorizations = $topic->get_authorizations();

        if (!$authorizations->is_authorized_read())
        {
            self::$template->put('KEEP_MESSAGE', MessageHelper::display(self::$comments_lang['comments.not-authorized.read'], MessageHelper::NOTICE));
        }
        else
        {
            $edit_comment_id = AppContext::get_request()->get_getint('edit_comment', 0);
            $delete_comment_id = AppContext::get_request()->get_getint('delete_comment', 0);
            $return_path = AppContext::get_request()->get_getstring('return_path', '');
            $return_path = $return_path ? HOST . Url::to_relative($return_path) : '';

            try {
                $lock = AppContext::get_request()->get_getbool('lock');
                if ($authorizations->is_authorized_moderation())
                {
                    if ($lock)
                    {
                        if (!CommentsTopicDAO::topic_exists($module_id, $id_in_module, $topic_identifier))
                        {
                            CommentsTopicDAO::create_topic($module_id, $id_in_module, $topic_identifier, $topic->get_path());
                        }
                        CommentsManager::lock_topic($module_id, $id_in_module, $topic_identifier);
                    }
                    else
                    {
                        CommentsManager::unlock_topic($module_id, $id_in_module, $topic_identifier);
                    }
                }
                AppContext::get_response()->redirect($topic->get_path());
            } catch (UnexistingHTTPParameterException $e) {
            }

            if (!empty($delete_comment_id))
            {
                self::verificate_authorized_edit_or_delete_comment($authorizations, $delete_comment_id);

                CommentsManager::delete_comment($delete_comment_id);
                AppContext::get_response()->redirect($return_path ? $return_path : $topic->get_path());
            }
            elseif (!empty($edit_comment_id))
            {
                self::verificate_authorized_edit_or_delete_comment($authorizations, $edit_comment_id);

                $edit_comment_form = EditCommentBuildForm::create($edit_comment_id, $topic->get_path());
                self::$template->put_all(array(
                    'C_DISPLAY_FORM' => true,
                    'COMMENT_FORM' => $edit_comment_form->display()
                ));
            }
            else
            {
                if ($authorizations->is_authorized_post() && $authorizations->is_authorized_access_module())
                {
                    $comments_topic_locked = CommentsManager::comment_topic_locked($module_id, $id_in_module, $topic_identifier);
                    $user_read_only = self::$user->get_delay_readonly();
                    if (!$authorizations->is_authorized_moderation() && $comments_topic_locked)
                    {
                        self::$template->put('KEEP_MESSAGE', MessageHelper::display(self::$comments_lang['comment.locked'], MessageHelper::NOTICE));
                    }
                    elseif (!empty($user_read_only) && $user_read_only > time())
                    {
                        self::$template->put('KEEP_MESSAGE', MessageHelper::display(self::$comments_lang['comments.user.read-only'], MessageHelper::NOTICE));
                    }
                    else
                    {
                        $add_comment_form = AddCommentBuildForm::create($topic);
                        self::$template->put_all(array(
                            'C_DISPLAY_FORM' => true,
                            'COMMENT_FORM' => $add_comment_form->display()
                        ));
                    }
                }
                else
                {
                    self::$template->put('KEEP_MESSAGE', MessageHelper::display(self::$comments_lang['comments.not-authorized.post'], MessageHelper::NOTICE));
                }
            }

            $number_comments_display = $topic->get_number_comments_display();
            $number_comments = self::$comments_cache->get_count_comments_by_module($module_id, $id_in_module, $topic_identifier);

            self::$template->put_all(array(
                'COMMENTS_LIST' => self::display_comments($module_id, $id_in_module, $topic_identifier, $number_comments_display, $authorizations),
                'MODULE_ID' => $module_id,
                'ID_IN_MODULE' => $id_in_module,
                'TOPIC_IDENTIFIER' => $topic_identifier,
                'C_DISPLAY_VIEW_ALL_COMMENTS' => $number_comments > $number_comments_display,
                'C_MODERATE' => $authorizations->is_authorized_moderation(),
                'C_IS_LOCKED' => CommentsManager::comment_topic_locked($module_id, $id_in_module, $topic_identifier),
                'U_LOCK' => CommentsUrlBuilder::lock_and_unlock($topic->get_path(), true)->rel(),
                'U_UNLOCK' => CommentsUrlBuilder::lock_and_unlock($topic->get_path(), false)->rel(),
            ));
        }

        return self::$template;
    }

    /**
     * Returns number comments and lang (example : Comments (number_comments)
     * @param string $module_id the module identifier
     * @param integer $id_in_module id in module used in comments system
     * @param string $topic_identifier topic identifier (use if you have several comments system)
     * @return string number comments (example : Comments (number_comments)
     */
    public static function get_number_and_lang_comments($module_id, $id_in_module, $topic_identifier = CommentsTopic::DEFAULT_TOPIC_IDENTIFIER)
    {
        $number_comments = CommentsManager::get_number_comments($module_id, $id_in_module, $topic_identifier);
        $lang = $number_comments > 1 ? self::$lang['com_s'] : self::$lang['com'];

        return !empty($number_comments) ? $lang . ' (' . $number_comments . ')' : self::$lang['post_com'];
    }

    /**
     * Returns lang (example : "Comments" for several comments, "comment" for one comment and "No comment" if no comment
     * @param string $module_id the module identifier
     * @param integer $id_in_module id in module used in comments system
     * @param string $topic_identifier topic identifier (use if you have several comments system)
     * @return string
     */
    public static function get_lang_comments($module_id, $id_in_module, $topic_identifier = CommentsTopic::DEFAULT_TOPIC_IDENTIFIER)
    {
        $number_comments = CommentsManager::get_number_comments($module_id, $id_in_module, $topic_identifier);
        $lang = $number_comments > 1 ? self::$comments_lang['comments'] : self::$comments_lang['comment'];

        return !empty($number_comments) ? ' ' .$lang : self::$comments_lang['no_comment'];
    }

    /**
     * Delete all comments module
     * @param string $module_id the module identifier
     */
    public static function delete_comments_module($module_id)
    {
        try {
            CommentsManager::delete_comments_module($module_id);
        } catch (RowNotFoundException $e) {
        }
    }

    /**
     * Delete comments topic according to module identifier and id in module
     * @param string $module_id the module identifier
     * @param integer $id_in_module id in module used in comments system
     */
    public static function delete_comments_topic_module($module_id, $id_in_module)
    {
        try {
            CommentsManager::delete_comments_topic_module($module_id, $id_in_module);
        } catch (RowNotFoundException $e) {
        }
    }

    /**
     * Returns number comments
     * @param string $module_id the module identifier
     * @param integer $id_in_module id in module used in comments system
     * @param string $topic_identifier topic identifier (use if you have several comments system)
     * @return string number comments
     */
    public static function get_number_comments($module_id, $id_in_module, $topic_identifier = CommentsTopic::DEFAULT_TOPIC_IDENTIFIER)
    {
        return CommentsManager::get_number_comments($module_id, $id_in_module, $topic_identifier);
    }

    /**
     * Do not use, this is used for ajax display comments
     * @param string $module_id the module identifier
     * @param integer $id_in_module id in module used in comments system
     * @param string $topic_identifier topic identifier (use if you have several comments system)
     * @return object View is a view
     */
    public static function display_comments($module_id, $id_in_module, $topic_identifier, $number_comments_display, $authorizations, $display_from_number_comments = false)
    {
        $template = new FileTemplate('framework/content/comments/comments_list.tpl');

        if ($authorizations->is_authorized_read() && $authorizations->is_authorized_access_module())
        {
            $user_accounts_config = UserAccountsConfig::load();

            $condition = !$display_from_number_comments ? ' LIMIT '. $number_comments_display : ' LIMIT ' . $number_comments_display . ',18446744073709551615';
            $result = PersistenceContext::get_querier()->select("
                SELECT comments.*, comments.timestamp AS comment_timestamp, comments.id AS id_comment,
                topic.is_locked, topic.path,
                member.user_id, member.display_name, member.level, member.groups,
                ext_field.user_avatar
                FROM " . DB_TABLE_COMMENTS . " comments
                LEFT JOIN " . DB_TABLE_COMMENTS_TOPIC . " topic ON comments.id_topic = topic.id_topic
                LEFT JOIN " . DB_TABLE_MEMBER . " member ON member.user_id = comments.user_id
                LEFT JOIN " . DB_TABLE_MEMBER_EXTENDED_FIELDS . " ext_field ON ext_field.user_id = comments.user_id
                WHERE topic.module_id = '". $module_id ."' AND topic.id_in_module = '". $id_in_module ."' AND topic.topic_identifier = '". $topic_identifier ."'
                ORDER BY comments.timestamp " . CommentsConfig::load()->get_order_display_comments() . " " . $condition
            );

            while ($row = $result->fetch())
            {
                $id = $row['id_comment'];
                $path = $row['path'];

                //Avatar
                $user_avatar = !empty($row['user_avatar']) ? Url::to_rel($row['user_avatar']) : ($user_accounts_config->is_default_avatar_enabled() ? Url::to_rel('/templates/' . AppContext::get_current_user()->get_theme() . '/images/' .  $user_accounts_config->get_default_avatar_name()) : '');

                $timestamp = new Date($row['comment_timestamp'], Timezone::SERVER_TIMEZONE);
                $group_color = User::get_group_color($row['groups'], $row['level']);

                $template->assign_block_vars('comments', array_merge(
                    Date::get_array_tpl_vars($timestamp,'date'),
                    array(
                    'C_MODERATOR' => self::is_authorized_edit_or_delete_comment($authorizations, $id),
                    'C_VISITOR' => empty($row['display_name']),
                    'C_GROUP_COLOR' => !empty($group_color),
                    'C_AVATAR' => $row['user_avatar'] || ($user_accounts_config->is_default_avatar_enabled()),
                    'U_EDIT' => CommentsUrlBuilder::edit($path, $id)->rel(),
                    'U_DELETE' => CommentsUrlBuilder::delete($path, $id)->rel(),
                    'U_PROFILE' => UserUrlBuilder::profile($row['user_id'])->rel(),
                    'U_AVATAR' => $user_avatar,
                    'ID_COMMENT' => $id,
                    'MESSAGE' => FormatingHelper::second_parse($row['message']),
                    'USER_ID' => $row['user_id'],
                    'PSEUDO' => empty($row['display_name']) ? $row['pseudo'] : $row['display_name'],
                    'LEVEL_CLASS' => UserService::get_level_class($row['level']),
                    'GROUP_COLOR' => $group_color,
                    'L_LEVEL' => UserService::get_level_lang($row['level'] !== null ? $row['level'] : '-1'),
                )));

                $template->put_all(array(
                    'L_UPDATE' => self::$common_lang['edit'],
                    'L_DELETE' => self::$common_lang['delete'],
                ));
            }
            $result->dispose();
        }


        self::$template->put_all(array(
            'MODULE_ID' => $module_id,
            'ID_IN_MODULE' => $id_in_module,
            'TOPIC_IDENTIFIER' => $topic_identifier
        ));

        return $template;
    }

    private static function verificate_authorized_edit_or_delete_comment($authorizations, $comment_id)
    {
        $is_authorized = self::is_authorized_edit_or_delete_comment($authorizations, $comment_id);

        if (!CommentsManager::comment_exists($comment_id))
        {
            $error_controller = PHPBoostErrors::unexisting_page();
            DispatchManager::redirect($error_controller);
        }
        else if (!$is_authorized)
        {
            $error_controller = PHPBoostErrors::user_not_authorized();
            DispatchManager::redirect($error_controller);
        }
    }

    private static function is_authorized_edit_or_delete_comment($authorizations, $comment_id)
    {
        $user_id_posted_comment = CommentsManager::get_user_id_posted_comment($comment_id);
        if ($user_id_posted_comment !== '-1')
        {
            return ($authorizations->is_authorized_moderation() || $user_id_posted_comment == self::$user->get_id()) && $authorizations->is_authorized_access_module();
        }
        return false;
    }
}
?>
Annonces