Collections functions
General functions
Render functions
Theme permission functions
Resource functions

comments_submit()

Description

Write comments to the database, also deals with hiding and flagging comments

Parameters

This function accepts no parameters.

Return

void

Location

include/comment_functions.php lines 8 to 118

Definition

 
function comments_submit()
    {
    global 
$username$anonymous_login$userref$regex_email$comments_max_characters$lang$email_notify$comments_email_notification_address;

    if (
$username == $anonymous_login && (getval("fullname","") == "" || preg_match ("/${regex_email}/"getval("email","")) === false)) return;

    
$comment_to_hide getval("comment_to_hide",0,true);

    if ((
$comment_to_hide != 0) && (checkPerm("o"))) {
        
$root find_root_comment($comment_to_hide);
        
// Does this comment have any child comments?
        
if (ps_value("SELECT ref AS value FROM comment WHERE ref_parent = ?",array("i",$comment_to_hide),'') != '')
            {
            
ps_query("UPDATE comment SET hide = 1 WHERE ref = ?",array("i",$comment_to_hide));
            }
        else
            {
            
ps_query("DELETE FROM comment WHERE ref = ?",array("i",$comment_to_hide));
            }
        if(!
is_null($root)){clean_comment_tree($root);}

        return;
    }

    
$comment_flag_ref getval("comment_flag_ref",0,true);

    
// --- process flag request

    
if ($comment_flag_ref != 0)
        {
        
$comment_flag_reason getval("comment_flag_reason","");
        
$comment_flag_url getval("comment_flag_url","");

        if (
$comment_flag_reason == "" || $comment_flag_url == "") return;

        
# the following line can be simplified using strstr (with before_needle boolean) but not supported < PHP 5.3.0
        
if (!strpos ($comment_flag_url"#") === false$comment_flag_url substr ($comment_flag_url0strpos ($comment_flag_url"#")-1);

        
$comment_flag_url .= "#comment${comment_flag_ref}";        // add comment anchor to end of URL

        
$comment_body ps_query("select body from comment where ref=?",array("i",$comment_flag_ref));
        
$comment_body = (!empty($comment_body[0]['body'])) ? $comment_body[0]['body'] : "";

        if (
$comment_body == "") return;

        
$email_subject = (text("comments_flag_notification_email_subject")!="") ?
            
text("comments_flag_notification_email_subject") : $lang['comments_flag-email-default-subject'];

        
$email_body = (text("comments_flag_notification_email_body")!="") ?
            
text("comments_flag_notification_email_body") : $lang['comments_flag-email-default-body'];

        
$email_body .=    "\r\n\r\n\"${comment_body}\"";
        
$email_body .= "\r\n\r\n${comment_flag_url}";
        
$email_body .= "\r\n\r\n${lang['comments_flag-email-flagged-by']} ${username}";
        
$email_body .= "\r\n\r\n${lang['comments_flag-email-flagged-reason']} \"${comment_flag_reason}\"";

        
$email_to = (
                empty (
$comments_email_notification_address)

                
// (preg_match ("/${regex_email}/", $comments_email_notification_address) === false)        // TODO: make this regex better
            
) ? $email_notify $comments_email_notification_address;

        
rs_setcookie("comment${comment_flag_ref}flagged""true");
        
$_POST["comment${comment_flag_ref}flagged"] = "true";  // we set this so that the subsequent getval() function will pick up this comment flagged in the show comments function (headers have already been sent before cookie set)

        
send_mail ($email_to$email_subject$email_body);
        return;
    }

    
// --- process comment submission
    
if (    // we don't want to insert an empty comment or an orphan
        
(getval("body","") == "") ||
        ((
getval("collection_ref","") == "") && (getval("resource_ref","") == "") && (getval("ref_parent","") == ""))
        )
        return;

    if (
$username == $anonymous_login)    // anonymous user
        
{
        
$sql_fields "fullname, email, website_url";
        
$sql_values = array(
            
"s"getval("fullname""") ,
            
"s"getval("email"""),
            
"s"getval("website_url""")
        );
        }
    else
        {
        
$sql_fields "user_ref";
        
$sql_values = array("i", (int)$userref);
        }

    
$body getval("body""");
    if (
strlen ($body) > $comments_max_characters$body substr ($body0$comments_max_characters);        // just in case not caught in submit form

    
$parent_ref =  getval("ref_parent"0,true);
    
$collection_ref =  getval("collection_ref"0,true);
    
$resource_ref =  getval("resource_ref"0,true);

    
$sql_values_prepend = array(
        
"i", ($parent_ref == NULL : (int)$parent_ref),
        
"i", ($collection_ref == NULL : (int)$collection_ref),
        
"i", ($resource_ref == NULL : (int)$resource_ref)
    );

    
$sql_values array_merge($sql_values_prepend$sql_values, array("s",$body));

    
ps_query("insert into comment (ref_parent, collection_ref, resource_ref, {$sql_fields}, body) values (" ps_param_insert(count($sql_values) / 2) . ")"$sql_values);

    
// Notify anyone tagged.
    
comments_notify_tagged($body,$userref,$resource_ref,$collection_ref);
    }

This article was last updated 30th September 2022 17:35 Europe/London time based on the source file dated 1st July 2022 09:30 Europe/London time.