comments_submit()

Coding standards

Security in ResourceSpace

Developer reference

Database

Action functions

Admin functions

Ajax functions

Annotation functions

API functions

Collections functions

Comment functions

Config functions

CSV export functions

Dash functions

Debug functions

Encryption functions

Facial recognition functions

File functions

General functions

Language functions

Log functions

Message functions

Migration functions

Node functions

PDF functions

Plugin functions

Render functions

Reporting functions

Request functions

Research functions

Slideshow functions

Theme permission functions

getThemePathPerms()

User functions

Video functions

Database functions

Metadata functions

Resource functions

Search functions

Map functions

Job functions

get_job_type_priority()

Tab functions

Test functions

Description

Write comments to the database, also deals with hiding and flagging comments

Parameters

This function accepts no parameters.

Return

void

Location

include/comment_functions.php lines 8 to 139

Definition


 
function comments_submit()
    {
    global $username, $anonymous_login, $userref, $regex_email, $comments_max_characters, $lang, $email_notify, $comments_email_notification_address;

    if (
        $username == $anonymous_login
        && (getval("fullname","") == ""
        || preg_match ("/{$regex_email}/", getval("email","")) === false)
    ) {
        return;
    } 

    $comment_to_hide = getval("comment_to_hide",0,true);

    if (($comment_to_hide != 0) && (checkPerm("o"))) {
        $root = find_root_comment($comment_to_hide);
        // Does this comment have any child comments?
        if (ps_value("SELECT ref AS value FROM comment WHERE ref_parent = ?",array("i",$comment_to_hide),'') != '')
            {
            ps_query("UPDATE comment SET hide = 1 WHERE ref = ?",array("i",$comment_to_hide));
            }
        else
            {
            ps_query("DELETE FROM comment WHERE ref = ?",array("i",$comment_to_hide));
            }
        if(!is_null($root)){clean_comment_tree($root);}

        return;
    }

    $comment_flag_ref = getval("comment_flag_ref",0,true);

    // --- process flag request

    if ($comment_flag_ref != 0)
        {
        $comment_flag_reason = getval("comment_flag_reason","");
        $comment_flag_url = getval("comment_flag_url","");

        if ($comment_flag_reason == "" || $comment_flag_url == "") {
            return;
        }

        # the following line can be simplified using strstr (with before_needle boolean) but not supported < PHP 5.3.0
        if (!strpos($comment_flag_url, "#") === false) {
            $comment_flag_url = substr($comment_flag_url, 0, strpos($comment_flag_url, "#") - 1);
        }

        $comment_flag_url .= "#comment{$comment_flag_ref}";     // add comment anchor to end of URL

        $comment_body = ps_query("select body from comment where ref=?",array("i",$comment_flag_ref));
        $comment_body = (!empty($comment_body[0]['body'])) ? $comment_body[0]['body'] : "";

        if ($comment_body == "") {
            return;
        }

        $email_subject = (text("comments_flag_notification_email_subject")!="") ?
            text("comments_flag_notification_email_subject") : $lang['comments_flag-email-default-subject'];

        $email_body = (text("comments_flag_notification_email_body")!="") ?
            text("comments_flag_notification_email_body") : $lang['comments_flag-email-default-body'];

        $email_body .=  "\r\n\r\n\"{$comment_body}\"";
        $email_body .= "\r\n\r\n{$comment_flag_url}";
        $email_body .= "\r\n\r\n{$lang['comments_flag-email-flagged-by']} {$username}";
        $email_body .= "\r\n\r\n{$lang['comments_flag-email-flagged-reason']} \"{$comment_flag_reason}\"";

        $email_to = (
                empty ($comments_email_notification_address)

                // (preg_match ("/{$regex_email}/", $comments_email_notification_address) === false)        // TODO: make this regex better
            ) ? $email_notify : $comments_email_notification_address;

        rs_setcookie("comment{$comment_flag_ref}flagged", "true");
        $_POST["comment{$comment_flag_ref}flagged"] = "true";  // we set this so that the subsequent getval() function will pick up this comment flagged in the show comments function (headers have already been sent before cookie set)

        send_mail ($email_to, $email_subject, $email_body);
        return;
    }

    // --- process comment submission

    // we don't want to insert an empty comment or an orphan
    if (
        (getval("body", "") == "")
        || (
            (getval("collection_ref", "") == "")
            && (getval("resource_ref", "") == "")
            && (getval("ref_parent", "") == "")
        )
    ) {
        return;
    }

    if ($username == $anonymous_login)  // anonymous user
        {
        $sql_fields = "fullname, email, website_url";
        $sql_values = array(
            "s", getval("fullname", "") ,
            "s", getval("email", ""),
            "s", getval("website_url", "")
        );
        }
    else
        {
        $sql_fields = "user_ref";
        $sql_values = array("i", (int)$userref);
        }

    $body = getval("body", "");
    if (strlen($body) > $comments_max_characters) {
        $body = substr($body, 0, $comments_max_characters); // just in case not caught in submit form
    }

    $parent_ref =  getval("ref_parent", 0,true);
    $collection_ref =  getval("collection_ref", 0,true);
    $resource_ref =  getval("resource_ref", 0,true);

    $sql_values_prepend = array(
        "i", ($parent_ref == 0 ? null : (int)$parent_ref),
        "i", ($collection_ref == 0 ? null : (int)$collection_ref),
        "i", ($resource_ref == 0 ? null : (int)$resource_ref)
    );

    $sql_values = array_merge($sql_values_prepend, $sql_values, array("s",$body));

    ps_query("insert into comment (ref_parent, collection_ref, resource_ref, {$sql_fields}, body) values (" . ps_param_insert(count($sql_values) / 2) . ")", $sql_values);

    // Notify anyone tagged.
    comments_notify_tagged($body,$userref,$resource_ref,$collection_ref);
    }

This article was last updated 20th September 2024 21:35 Europe/London time based on the source file dated 17th May 2024 16:10 Europe/London time.