ChWsbCmts.php

Go to the documentation of this file.

<?php
 
require_once( CH_DIRECTORY_PATH_CLASSES . 'ChWsbCmtsQuery.php' );
 
define('CH_OLD_CMT_VOTES', 365*86400); // comment votes older than this number of seconds will be deleted automatically
 
class ChWsbCmts
{
    var $_iId = 0;  // obect id to be commented
    var $iGlobAllowHtml;
    var $iAutoHideRootPostForm = 0;
    var $bDynamic = false;
 
    var $_sSystem = 'profile';  // current comment system name
    var $_aSystem = array ();   // current comments system array
    var $_aCmtElements = array (); // comment submit form elements
    var $_oQuery = null;
    var $_sOrder = 'desc';
    var $_aMoodText = array(
        '-1' => '_sys_txt_cmt_mood_negative',
        '0' => '_sys_txt_cmt_mood_neutral',
        '1' => '_sys_txt_cmt_mood_positive',
    );
 
    function __construct( $sSystem, $iId, $iInit = 1)
    {
        $this->_aCmtElements = array (
            'CmtParent' => array ( 'reg' => '^[0-9]+$', 'msg' => str_replace('"', '\\"', trim(_t('_bad comment parent id'))) ),
            'CmtText'   => array ( 'reg' => '^.{3,2048}$', 'msg' => str_replace('"', '\\"', trim(_t('_Please enter 3-2048 characters'))) ),
            'CmtMood'   => array ( 'reg' => '^-?[0-9]?$', 'msg' => str_replace('"', '\\"', trim(_t('_You need to select the mood'))) ),
        );
 
        $this->_aSystems =& $this->getSystems ();
 
        $this->_sSystem = $sSystem;
        if (isset($this->_aSystems[$sSystem]))
            $this->_aSystem = $this->_aSystems[$sSystem];
        else
            return;
 
        $this->_oQuery = new ChWsbCmtsQuery($this->_aSystem);
 
        if ($iInit)
            $this->init($iId);
 
        $this->iGlobAllowHtml = (getParam("enable_tiny_in_comments") == "on") ? 1 : 0;
 
        $this->bDynamic = isset($_SERVER['HTTP_X_REQUESTED_WITH']) && $_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest';
    }
 
    static function getObjectInstance($sSys, $iId, $iInit = true)
    {
        $aSystems = self::getSystems ();
        if (!isset($aSystems[$sSys]))
            return null;
 
        ch_import('ChTemplCmtsView');
        $sClassName = 'ChTemplCmtsView';
        if ($aSystems[$sSys]['class_name']) {
            require_once (CH_DIRECTORY_PATH_ROOT . $aSystems[$sSys]['class_file']);
            $sClassName = $aSystems[$sSys]['class_name'];
        }
 
        $oCmts = new $sClassName($sSys, $iId, $iInit);
        return $oCmts;
    }
 
    public static function & getSystems ()
    {
        if (!isset($GLOBALS['ch_dol_cmts_systems'])) {
            $GLOBALS['ch_dol_cmts_systems'] = $GLOBALS['MySQL']->fromCache('sys_objects_cmts', 'getAllWithKey', '
                SELECT
                    `ID` as `system_id`,
                    `ObjectName` AS `name`,
                    `TableCmts` AS `table_cmts`,
                    `TableTrack` AS `table_track`,
                    `AllowTags` AS `allow_tags`,
                    `Nl2br` AS `nl2br`,
                    `SecToEdit` AS `sec_to_edit`,
                    `PerView` AS `per_view`,
                    `IsRatable` AS `is_ratable`,
                    `ViewingThreshold` AS `viewing_threshold`,
                    `AnimationEffect` AS `animation_effect`,
                    `AnimationSpeed` AS `animation_speed`,
                    `IsOn` AS `is_on`,
                    `IsMood` AS `is_mood`,
                    `RootStylePrefix` AS `root_style_prefix`,
                    `TriggerTable` AS `trigger_table`,
                    `TriggerFieldId` AS `trigger_field_id`,
                    `TriggerFieldComments` AS `trigger_field_comments`,
                    `ClassName` AS `class_name`,
                    `ClassFile` AS `class_file`
                FROM `sys_objects_cmts`', 'name');
        }
 
        return $GLOBALS['ch_dol_cmts_systems'];
    }
 
    function init ($iId)
    {
        if(!$this->isEnabled())
            return;
 
        if(empty($this->iId) && $iId)
            $this->setId($iId);
    }
 
    function checkAction ($iAction, $isPerformAction = false)
    {
        $iId = $this->_getAuthorId();
        $check_res = checkAction($iId, $iAction, $isPerformAction);
        return $check_res[CHECK_ACTION_RESULT] == CHECK_ACTION_RESULT_ALLOWED;
    }
 
    function checkActionErrorMsg ($iAction)
    {
        $iId = $this->_getAuthorId();
        $check_res = checkAction($iId, $iAction);
        return $check_res[CHECK_ACTION_RESULT] != CHECK_ACTION_RESULT_ALLOWED ? $check_res[CHECK_ACTION_MESSAGE] : '';
    }
 
    function getId ()
    {
        return $this->_iId;
    }
 
    function isEnabled ()
    {
        return isset($this->_aSystem['is_on']) && $this->_aSystem['is_on'];
    }
 
    function getSystemName()
    {
        return $this->_sSystem;
    }
 
    function getOrder ()
    {
        return $this->_sOrder;
    }
 
    function setId ($iId)
    {
        if ($iId == $this->getId()) return;
        $this->_iId = $iId;
    }
 
    function getBaseUrl ()
    {
        return '';
    }
 
    function isValidSystem ($sSystem)
    {
        return isset($this->_aSystems[$sSystem]);
    }
 
    function isTagsAllowed ()
    {
        return $this->_aSystem['allow_tags'];
    }
 
    function isNl2br ()
    {
        return $this->_aSystem['nl2br'];
    }
 
    function isRatable ()
    {
        return $this->_aSystem['is_ratable'];
    }
 
    function getAllowedEditTime ()
    {
        return $this->_aSystem['sec_to_edit'];
    }
 
    function getPerView ()
    {
        return $this->_aSystem['per_view'];
    }
 
    function getSystemId ()
    {
        return $this->_aSystem['system_id'];
    }
 
    function maintenance ()
    {
        $iDeletedRecords = 0;
        foreach ($this->_aSystems as $aSystem) {
            if (!$aSystem['is_on'])
                continue;
            $oQuery = new ChWsbCmtsQuery($aSystem);
            $iDeletedRecords += $oQuery->maintenance();
            unset($oQuery);
        }
        return $iDeletedRecords;
    }
 
    function getCommentsArray ($iCmtParentId, $sCmtOrder, $iStart = 0, $iCount = -1)
    {
        return $this->_oQuery->getComments ($this->getId(), $iCmtParentId, $this->_getAuthorId(), $sCmtOrder, $iStart, $iCount);
    }
 
    function getCommentRow ($iCmtId)
    {
        return $this->_oQuery->getComment ($this->getId(), $iCmtId, $this->_getAuthorId());
    }
 
    function onObjectDelete ($iObjectId = 0)
    {
        return $this->_oQuery->deleteObjectComments ($iObjectId ? $iObjectId : $this->getId());
    }
 
    // delete all profiles comments in all systems, if some replies exist, set this comment to anonymous
 
    function onAuthorDelete ($iAuthorId)
    {
        foreach ($this->_aSystems as $sSystem => $aSystem) {
            $oQuery = new ChWsbCmtsQuery($aSystem);
            $oQuery->deleteAuthorComments ($iAuthorId);
        }
        return true;
    }
 
    function getCommentsTableName ()
    {
        return $this->_oQuery->getTableName ();
    }
 
    function getObjectCommentsCount ($iObjectId = 0)
    {
        return $this->_oQuery->getObjectCommentsCount ($iObjectId ? $iObjectId : $this->getId());
    }
 
    // is rate comment allowed
    function isRateAllowed ($isPerformAction = false)
    {
        return $this->checkAction (ACTION_ID_COMMENTS_VOTE, $isPerformAction);
    }
 
    function msgErrRateAllowed ()
    {
        return $this->checkActionErrorMsg(ACTION_ID_COMMENTS_VOTE);
    }
 
    // is post comment allowed
    function isPostReplyAllowed ($isPerformAction = false)
    {
        return $this->checkAction (ACTION_ID_COMMENTS_POST, $isPerformAction);
    }
 
    function msgErrPostReplyAllowed ()
    {
        return $this->checkActionErrorMsg(ACTION_ID_COMMENTS_POST);
    }
 
    // is edit own comment allowed
    function isEditAllowed ($isPerformAction = false)
    {
        return $this->checkAction (ACTION_ID_COMMENTS_EDIT_OWN, $isPerformAction);
    }
 
    function msgErrEditAllowed ()
    {
        return $this->checkActionErrorMsg (ACTION_ID_COMMENTS_EDIT_OWN);
    }
 
    // is removing own comment allowed
    function isRemoveAllowed ($isPerformAction = false)
    {
        return $this->checkAction (ACTION_ID_COMMENTS_REMOVE_OWN, $isPerformAction);
    }
 
    function msgErrRemoveAllowed ()
    {
        return $this->checkActionErrorMsg(ACTION_ID_COMMENTS_REMOVE_OWN);
    }
 
    // is edit any comment allowed
    function isEditAllowedAll ()
    {
        return isAdmin() ? true : false;
    }
 
    // is removing any comment allowed
    function isRemoveAllowedAll ()
    {
        return isAdmin() ? true : false;
    }
 
    function actionPaginateGet ()
    {
        if (!$this->isEnabled())
           return '';
 
        $iCmtStart = isset($_REQUEST['CmtStart']) ? (int)$_REQUEST['CmtStart'] : 0;
        $iCmtPerPage= isset($_REQUEST['CmtPerPage']) ? (int)$_REQUEST['CmtPerPage'] : $this->getPerView();
 
        return $this->getPaginate($iCmtStart, $iCmtPerPage);
    }
 
    function actionFormGet ()
    {
        if (!$this->isEnabled())
           return '';
 
        $sCmtType = isset($_REQUEST['CmtType']) ? $_REQUEST['CmtType'] : 'reply';
        $iCmtParentId= isset($_REQUEST['CmtParent']) ? (int)$_REQUEST['CmtParent'] : 0;
 
        return $this->getForm($sCmtType, $iCmtParentId);
    }
 
    function actionCmtsGet ()
    {
        if (!$this->isEnabled())
           return '';
 
        $iCmtParentId = (int)$_REQUEST['CmtParent'];
        $sCmtOrder = isset($_REQUEST['CmtOrder']) ? $_REQUEST['CmtOrder'] : $this->_sOrder;
        $iCmtStart = isset($_REQUEST['CmtStart']) ? (int)$_REQUEST['CmtStart'] : 0;
        $iCmtPerPage= isset($_REQUEST['CmtPerPage']) ? (int)$_REQUEST['CmtPerPage'] : -1;
 
        return $this->getComments($iCmtParentId, $sCmtOrder, $iCmtStart, $iCmtPerPage);
    }
 
    function actionCmtGet ()
    {
        if (!$this->isEnabled())
           return '';
 
        $iCmtId = (int)$_REQUEST['Cmt'];
        return $this->getComment ($iCmtId, (isset($_REQUEST['Type']) ? $_REQUEST['Type'] : 'new'));
    }
 
    function actionCmtPost()
    {
        if(!$this->isEnabled())
            return '';
 
        if(!$this->isPostReplyAllowed())
            return $this->msgErrPostReplyAllowed();
 
        $iCmtObjectId = (int)$this->getId();
        $iCmtParentId = (int)$_REQUEST['CmtParent'];
        $iCmtAuthorId = $this->_getAuthorId();
 
        if ($this->_isSpam($_REQUEST['CmtText']))
            return sprintf(_t("_sys_spam_detected"), CH_WSB_URL_ROOT . 'contact.php');
 
        $sText = $this->_prepareTextForSave ($_REQUEST['CmtText']);
 
        $iMood = (int)$_REQUEST['CmtMood'];
 
        $iCmtNewId = $this->_oQuery->addComment ($iCmtObjectId, $iCmtParentId, $iCmtAuthorId, $sText, $iMood);
 
        if(false === $iCmtNewId)
            return '';
 
        $this->_triggerComment();
 
        $this->isPostReplyAllowed(true);
 
        ch_import('ChWsbAlerts');
        $oZ = new ChWsbAlerts($this->_sSystem, 'commentPost', $iCmtObjectId, $iCmtAuthorId, array('comment_id' => $iCmtNewId, 'comment_author_id' => $iCmtAuthorId));
        $oZ->alert();
 
        $oZ = new ChWsbAlerts('comment', 'add', $iCmtNewId, $iCmtAuthorId, array('object_system' => $this->_sSystem, 'object_id' => $iCmtObjectId));
        $oZ->alert();
 
        return $iCmtNewId;
    }
 
    // returns error string on error, or empty string on success
 
    function actionCmtRemove ()
    {
        if(!$this->isEnabled())
            return '';
 
        $iCmtId = (int)$_REQUEST['Cmt'];
        $iObjectId = (int)$this->getId();
        $iAuthorId = $this->_getAuthorId();
 
        $aCmt = $this->_oQuery->getCommentSimple ($iObjectId, $iCmtId);
        if(!$aCmt)
            return _t('_No such comment');
 
        if($aCmt['cmt_replies'] > 0)
            return _t('_Can not delete comments with replies');
 
        $isRemoveAllowed = $this->isRemoveAllowedAll() || ($aCmt['cmt_author_id'] == $iAuthorId && $this->isRemoveAllowed());
        if (!$isRemoveAllowed && $aCmt['cmt_secs_ago'] > ($this->getAllowedEditTime()+20))
            return $aCmt['cmt_author_id'] == $iAuthorId && !$this->isRemoveAllowed() ? strip_tags($this->msgErrRemoveAllowed()) : _t('_Access denied');
 
        if (!$this->_oQuery->removeComment ($iObjectId, $aCmt['cmt_id'], $aCmt['cmt_parent_id']))
            return _t('_Database Error');
 
        $this->_triggerComment();
 
        if ($aCmt['cmt_author_id'] == $iAuthorId)
           $this->isRemoveAllowed(true);
 
        ch_import('ChWsbAlerts');
        $oZ = new ChWsbAlerts($this->_sSystem, 'commentRemoved', $iObjectId, $iAuthorId, array('comment_id' => $aCmt['cmt_id'], 'comment_author_id' => $aCmt['cmt_author_id']));
        $oZ->alert();
 
        $oZ = new ChWsbAlerts('comment', 'delete', $aCmt['cmt_id'], $iAuthorId, array('object_system' => $this->_sSystem, 'object_id' => $iObjectId));
        $oZ->alert();
 
        return '';
    }
 
    // returns string with "err" prefix on error, or string with html form on success
 
    function actionCmtEdit ()
    {
        if (!$this->isEnabled()) return '';
 
        $iCmtId = (int)$_REQUEST['Cmt'];
        $aCmt = $this->_oQuery->getCommentSimple ($this->getId(), $iCmtId);
 
        if (!$aCmt)
            return 'err'._t('_No such comment');
 
        $isEditAllowed = $this->isEditAllowedAll() || ($aCmt['cmt_author_id'] == $this->_getAuthorId() && $this->isEditAllowed());
        if (!$isEditAllowed && $aCmt['cmt_secs_ago'] > ($this->getAllowedEditTime()+20))
            return 'err' . ($aCmt['cmt_author_id'] == $this->_getAuthorId() && !$this->isEditAllowed() ? strip_tags($this->msgErrEditAllowed()) : _t('_Access denied'));
 
        return $this->_getFormBox ('edit', array('id' => $iCmtId, 'parent_id' => $aCmt['cmt_parent_id'], 'text' => $aCmt['cmt_text']));
    }
 
    function actionCmtEditSubmit()
    {
        if (!$this->isEnabled()) return '{}';
 
        $iCmtId = (int)$_REQUEST['Cmt'];
 
        if ($this->_isSpam($_REQUEST['CmtText']))
            return json_encode(array('err' => sprintf(_t("_sys_spam_detected"), CH_WSB_URL_ROOT . 'contact.php')));
 
        $iObjectId = $this->getId();
        $iAuthorId = $this->_getAuthorId();
 
        $sText = $this->_prepareTextForSave ($_REQUEST['CmtText']);
        $sTextRet = stripslashes($sText);
 
        $iCmtMood = (int)$_REQUEST['CmtMood'];
 
        $aCmt = $this->_oQuery->getCommentSimple ($iObjectId, $iCmtId);
        if(!$aCmt)
            return '{}';
 
        $isEditAllowed = $this->isEditAllowedAll() || ($aCmt['cmt_author_id'] == $iAuthorId && $this->isEditAllowed());
 
        if (!$isEditAllowed && $aCmt['cmt_secs_ago'] > ($this->getAllowedEditTime()+20))
            return '{}';
 
        if (($sTextRet != $aCmt['cmt_text'] || $iCmtMood != $aCmt['cmt_mood']) && $this->_oQuery->updateComment ($iObjectId, $aCmt['cmt_id'], $sText, $iCmtMood)) {
            if ($aCmt['cmt_author_id'] == $iAuthorId)
               $this->isEditAllowed(true);
 
            ch_import('ChWsbAlerts');
            $oZ = new ChWsbAlerts($this->_sSystem, 'commentUpdated', $iObjectId, $iAuthorId, array('comment_id' => $aCmt['cmt_id'], 'comment_author_id' => $aCmt['cmt_author_id']));
            $oZ->alert();
 
            $oZ = new ChWsbAlerts('comment', 'change', $aCmt['cmt_id'], $iAuthorId, array('object_system' => $this->_sSystem, 'object_id' => $iObjectId));
            $oZ->alert();
        }
 
        $aCmt = $this->_oQuery->getCommentSimple($iObjectId, $iCmtId);
 
        return json_encode(array('text' => $aCmt['cmt_text'], 'mood' => $aCmt['cmt_mood'], 'mood_text' => _t($this->_aMoodText[$aCmt['cmt_mood']])));
    }
 
    function actionCmtRate ()
    {
        if (!$this->isEnabled()) return _t('_Error occured');
        if (!$this->isRatable()) return _t('_Error occured');
        if (!$this->isRateAllowed()) return strip_tags($this->msgErrRateAllowed());
 
        $iCmtId = (int)$_REQUEST['Cmt'];
        $iRate = (int)$_REQUEST['Rate'];
 
        if($iRate >= 1)
            $iRate = 1;
        elseif($iRate <= -1)
            $iRate = -1;
        else
            return _t('_Error occured');
 
        if(!$this->_oQuery->rateComment($this->getSystemId(), $iCmtId, $iRate, $this->_getAuthorId(), $this->_getAuthorIp()))
            return _t('_Duplicate vote');
 
        $aCmt = $this->_oQuery->getCommentSimple ($this->getId(), $iCmtId);
 
        $this->isRateAllowed(true);
 
        ch_import('ChWsbAlerts');
        $oZ = new ChWsbAlerts($this->_sSystem, 'commentRated', $this->getId(), $this->_getAuthorId(), array('comment_id' => $iCmtId, 'comment_author_id' => $aCmt['cmt_author_id'], 'rate' => $iRate));
        $oZ->alert();
 
        return '';
    }
 
    function _getAuthorId ()
    {
        return isMember() ? (int)$_COOKIE['memberID'] : 0;
    }
 
    function _getAuthorPassword ()
    {
        return isMember() ? $_COOKIE['memberPassword'] : "";
    }
 
    function _getAuthorIp ()
    {
        return getVisitorIP();
    }
 
    function _prepareTextForEdit ($s)
    {
        if ($this->isNl2br())
            return str_replace(array('<br />', '&shy;'), '', $s);
        return $s;
    }
 
    function _prepareTextForSave ($s)
    {
        if ($this->iGlobAllowHtml || $this->isTagsAllowed()) {
            $iTagsAction = CH_TAGS_VALIDATE;
        }
        elseif (!$this->iGlobAllowHtml && $this->isNl2br()) {
            $s = WordWrapStr($s);
            $iTagsAction = CH_TAGS_STRIP_AND_NL2BR;
        }
        else {
            $iTagsAction = CH_TAGS_STRIP;
        }
 
        return process_db_input($s, $iTagsAction);
    }
 
    function _prepareTextForOutput ($s)
    {
        return 0 === strpos($s, '<iframe') ? $s : ch_linkify_html($s, 'class="' . CH_WSB_LINK_CLASS . '"');
    }
 
    function _triggerComment()
    {
        if (!$this->_aSystem['trigger_table'])
            return false;
        $iId = $this->getId();
        if (!$iId)
            return false;
        $iCount = $this->_oQuery->getObjectCommentsCount ($iId);
        return $this->_oQuery->updateTriggerTable($iId, $iCount);
    }
 
    function _isSpam($s)
    {
        return ch_is_spam($s);
    }
 
    function _getAnchor($iId)
    {
        $aReplacement = array(
            ' ' => '-',
            '_' => '-'
        );
 
        return str_replace(array_keys($aReplacement), array_values($aReplacement), $this->_sSystem . '-' . $this->getId() . '-' . $iId);
    }
}