Coding standards
Security in ResourceSpace
Developer reference
Database
Action functions
Admin functions
Ajax functions
Annotation functions
API functions
Collections functions
Comment functions
Config functions
CSV export functions
Dash functions
Debug functions
Encryption functions
Facial recognition functions
File functions
General functions
Language functions
Log functions
Login functions
Message functions
Migration functions
Node functions
PDF functions
Plugin functions
Render functions
Reporting functions
Request functions
Research functions
Slideshow functions
Theme permission functions
User functions
Video functions
Database functions
Metadata functions
Resource functions
Search functions
Map functions
Job functions
Tab functions
Test functions

comments_submit()

Description

Write comments to the database, also deals with hiding and flagging comments

Parameters

This function accepts no parameters.

Return

void

Location

include/comment_functions.php lines 8 to 139

Definition

 
function comments_submit()
    {
    global 
$username$anonymous_login$userref$regex_email$comments_max_characters$lang$email_notify$comments_email_notification_address;

    if (
        
$username == $anonymous_login
        
&& (getval("fullname","") == ""
        
|| preg_match ("/{$regex_email}/"getval("email","")) === false)
    ) {
        return;
    } 

    
$comment_to_hide getval("comment_to_hide",0,true);

    if ((
$comment_to_hide != 0) && (checkPerm("o"))) {
        
$root find_root_comment($comment_to_hide);
        
// Does this comment have any child comments?
        
if (ps_value("SELECT ref AS value FROM comment WHERE ref_parent = ?",array("i",$comment_to_hide),'') != '')
            {
            
ps_query("UPDATE comment SET hide = 1 WHERE ref = ?",array("i",$comment_to_hide));
            }
        else
            {
            
ps_query("DELETE FROM comment WHERE ref = ?",array("i",$comment_to_hide));
            }
        if(!
is_null($root)){clean_comment_tree($root);}

        return;
    }

    
$comment_flag_ref getval("comment_flag_ref",0,true);

    
// --- process flag request

    
if ($comment_flag_ref != 0)
        {
        
$comment_flag_reason getval("comment_flag_reason","");
        
$comment_flag_url getval("comment_flag_url","");

        if (
$comment_flag_reason == "" || $comment_flag_url == "") {
            return;
        }

        
# the following line can be simplified using strstr (with before_needle boolean) but not supported < PHP 5.3.0
        
if (!strpos($comment_flag_url"#") === false) {
            
$comment_flag_url substr($comment_flag_url0strpos($comment_flag_url"#") - 1);
        }

        
$comment_flag_url .= "#comment{$comment_flag_ref}";     // add comment anchor to end of URL

        
$comment_body ps_query("select body from comment where ref=?",array("i",$comment_flag_ref));
        
$comment_body = (!empty($comment_body[0]['body'])) ? $comment_body[0]['body'] : "";

        if (
$comment_body == "") {
            return;
        }

        
$email_subject = (text("comments_flag_notification_email_subject")!="") ?
            
text("comments_flag_notification_email_subject") : $lang['comments_flag-email-default-subject'];

        
$email_body = (text("comments_flag_notification_email_body")!="") ?
            
text("comments_flag_notification_email_body") : $lang['comments_flag-email-default-body'];

        
$email_body .=  "\r\n\r\n\"{$comment_body}\"";
        
$email_body .= "\r\n\r\n{$comment_flag_url}";
        
$email_body .= "\r\n\r\n{$lang['comments_flag-email-flagged-by']} {$username}";
        
$email_body .= "\r\n\r\n{$lang['comments_flag-email-flagged-reason']} \"{$comment_flag_reason}\"";

        
$email_to = (
                empty (
$comments_email_notification_address)

                
// (preg_match ("/{$regex_email}/", $comments_email_notification_address) === false)        // TODO: make this regex better
            
) ? $email_notify $comments_email_notification_address;

        
rs_setcookie("comment{$comment_flag_ref}flagged""true");
        
$_POST["comment{$comment_flag_ref}flagged"] = "true";  // we set this so that the subsequent getval() function will pick up this comment flagged in the show comments function (headers have already been sent before cookie set)

        
send_mail ($email_to$email_subject$email_body);
        return;
    }

    
// --- process comment submission

    // we don't want to insert an empty comment or an orphan
    
if (
        (
getval("body""") == "")
        || (
            (
getval("collection_ref""") == "")
            && (
getval("resource_ref""") == "")
            && (
getval("ref_parent""") == "")
        )
    ) {
        return;
    }

    if (
$username == $anonymous_login)  // anonymous user
        
{
        
$sql_fields "fullname, email, website_url";
        
$sql_values = array(
            
"s"getval("fullname""") ,
            
"s"getval("email"""),
            
"s"getval("website_url""")
        );
        }
    else
        {
        
$sql_fields "user_ref";
        
$sql_values = array("i", (int)$userref);
        }

    
$body getval("body""");
    if (
strlen($body) > $comments_max_characters) {
        
$body substr($body0$comments_max_characters); // just in case not caught in submit form
    
}

    
$parent_ref =  getval("ref_parent"0,true);
    
$collection_ref =  getval("collection_ref"0,true);
    
$resource_ref =  getval("resource_ref"0,true);

    
$sql_values_prepend = array(
        
"i", ($parent_ref == null : (int)$parent_ref),
        
"i", ($collection_ref == null : (int)$collection_ref),
        
"i", ($resource_ref == null : (int)$resource_ref)
    );

    
$sql_values array_merge($sql_values_prepend$sql_values, array("s",$body));

    
ps_query("insert into comment (ref_parent, collection_ref, resource_ref, {$sql_fields}, body) values (" ps_param_insert(count($sql_values) / 2) . ")"$sql_values);

    
// Notify anyone tagged.
    
comments_notify_tagged($body,$userref,$resource_ref,$collection_ref);
    }

This article was last updated 15th December 2024 10:35 Europe/London time based on the source file dated 11th December 2024 15:55 Europe/London time.