XpressEngine Core  1.11.2
 All Classes Namespaces Files Functions Variables Pages
comment.controller.php
Go to the documentation of this file.
1 <?php
2 /* Copyright (C) NAVER <http://www.navercorp.com> */
3 
13 {
14 
19  function init()
20  {
21 
22  }
23 
28  function procCommentVoteUp()
29  {
30  if(!Context::get('is_logged'))
31  {
32  return new BaseObject(-1, 'msg_invalid_request');
33  }
34 
35  $comment_srl = Context::get('target_srl');
36  if(!$comment_srl)
37  {
38  return new BaseObject(-1, 'msg_invalid_request');
39  }
40 
41  $oCommentModel = getModel('comment');
42  $oComment = $oCommentModel->getComment($comment_srl, FALSE, FALSE);
43  $module_srl = $oComment->get('module_srl');
44  if(!$module_srl)
45  {
46  return new BaseObject(-1, 'msg_invalid_request');
47  }
48 
49  $oModuleModel = getModel('module');
50  $comment_config = $oModuleModel->getModulePartConfig('comment', $module_srl);
51  if($comment_config->use_vote_up == 'N')
52  {
53  return new BaseObject(-1, 'msg_invalid_request');
54  }
55 
56  $point = 1;
57  $output = $this->updateVotedCount($comment_srl, $point);
58  $this->add('voted_count', $output->get('voted_count'));
59  return $output;
60  }
61 
67  {
68  if(!Context::get('is_logged'))
69  {
70  return new BaseObject(-1, 'msg_invalid_request');
71  }
72 
73  $comment_srl = Context::get('target_srl');
74  if(!$comment_srl)
75  {
76  return new BaseObject(-1, 'msg_invalid_request');
77  }
78 
79  $oCommentModel = getModel('comment');
80  $oComment = $oCommentModel->getComment($comment_srl, FALSE, FALSE);
81  $module_srl = $oComment->get('module_srl');
82  if(!$module_srl)
83  {
84  return new BaseObject(-1, 'msg_invalid_request');
85  }
86 
87  $oModuleModel = getModel('module');
88  $comment_config = $oModuleModel->getModulePartConfig('comment', $module_srl);
89  if($comment_config->use_vote_down == 'N')
90  {
91  return new BaseObject(-1, 'msg_invalid_request');
92  }
93 
94  $point = -1;
95  $output = $this->updateVotedCount($comment_srl, $point);
96  $this->add('blamed_count', $output->get('blamed_count'));
97  return $output;
98  }
99 
105  {
106  if(!Context::get('is_logged'))
107  {
108  return new BaseObject(-1, 'msg_invalid_request');
109  }
110 
111  $comment_srl = Context::get('target_srl');
112  if(!$comment_srl)
113  {
114  return new BaseObject(-1, 'msg_invalid_request');
115  }
116 
117  return $this->declaredComment($comment_srl);
118  }
119 
125  {
126  $document_srl = $obj->document_srl;
127  if(!$document_srl)
128  {
129  return new BaseObject();
130  }
131 
132  return $this->deleteComments($document_srl, $obj);
133  }
134 
140  {
141  $module_srl = $obj->module_srl;
142  if(!$module_srl)
143  {
144  return new BaseObject();
145  }
146 
147  $oCommentController = getAdminController('comment');
148  return $oCommentController->deleteModuleComments($module_srl);
149  }
150 
156  function addGrant($comment_srl)
157  {
158  $_SESSION['own_comment'][$comment_srl] = TRUE;
159  }
160 
168  {
169  if($module_srl == NULL)
170  {
171  return FALSE;
172  }
173 
174  $oModuleModel = getModel('module');
175  $module_info = $oModuleModel->getModuleInfoByModuleSrl($module_srl);
176  $module_part_config = $oModuleModel->getModulePartConfig('comment', $module_info->module_srl);
177  $use_validation = FALSE;
178  if(isset($module_part_config->use_comment_validation) && $module_part_config->use_comment_validation == "Y")
179  {
180  $use_validation = TRUE;
181  }
182  return $use_validation;
183  }
184 
191  function insertComment($obj, $manual_inserted = FALSE)
192  {
193  if(!$manual_inserted && !checkCSRF())
194  {
195  return new BaseObject(-1, 'msg_invalid_request');
196  }
197 
198  if(!is_object($obj))
199  {
200  $obj = new stdClass();
201  }
202 
203  // check if comment's module is using comment validation and set the publish status to 0 (false)
204  // for inserting query, otherwise default is 1 (true - means comment is published)
205  $using_validation = $this->isModuleUsingPublishValidation($obj->module_srl);
206  if(!$manual_inserted)
207  {
208  if(Context::get('is_logged'))
209  {
210  $logged_info = Context::get('logged_info');
211  if($logged_info->is_admin == 'Y')
212  {
213  $is_admin = TRUE;
214  }
215  else
216  {
217  $is_admin = FALSE;
218  }
219  }
220  }
221  else
222  {
223  $is_admin = FALSE;
224  }
225 
226  if(!$using_validation)
227  {
228  $obj->status = 1;
229  }
230  else
231  {
232  if($is_admin)
233  {
234  $obj->status = 1;
235  }
236  else
237  {
238  $obj->status = 0;
239  }
240  }
241  $obj->__isupdate = FALSE;
242 
243  // call a trigger (before)
244  $output = ModuleHandler::triggerCall('comment.insertComment', 'before', $obj);
245  if(!$output->toBool())
246  {
247  return $output;
248  }
249 
250  // check if a posting of the corresponding document_srl exists
251  $document_srl = $obj->document_srl;
252  if(!$document_srl)
253  {
254  return new BaseObject(-1, 'msg_invalid_document');
255  }
256 
257  // get a object of document model
258  $oDocumentModel = getModel('document');
259 
260  // even for manual_inserted if password exists, hash it.
261  if($obj->password)
262  {
263  $obj->password = getModel('member')->hashPassword($obj->password);
264  }
265 
266  // get the original posting
267  if(!$manual_inserted)
268  {
269  $oDocument = $oDocumentModel->getDocument($document_srl);
270 
271  if($document_srl != $oDocument->document_srl)
272  {
273  return new BaseObject(-1, 'msg_invalid_document');
274  }
275  if($oDocument->isLocked())
276  {
277  return new BaseObject(-1, 'msg_invalid_request');
278  }
279 
280  if($obj->homepage)
281  {
282  $obj->homepage = removeHackTag($obj->homepage);
283  if(!preg_match('/^[a-z]+:\/\//i',$obj->homepage))
284  {
285  $obj->homepage = 'http://'.$obj->homepage;
286  }
287  }
288 
289  // input the member's information if logged-in
290  if(Context::get('is_logged'))
291  {
292  $logged_info = Context::get('logged_info');
293  $obj->member_srl = $logged_info->member_srl;
294 
295  // user_id, user_name and nick_name already encoded
296  $obj->user_id = htmlspecialchars_decode($logged_info->user_id);
297  $obj->user_name = htmlspecialchars_decode($logged_info->user_name);
298  $obj->nick_name = htmlspecialchars_decode($logged_info->nick_name);
299  $obj->email_address = $logged_info->email_address;
300  $obj->homepage = $logged_info->homepage;
301  }
302  }
303 
304  // error display if neither of log-in info and user name exist.
305  if(!$logged_info->member_srl && !$obj->nick_name)
306  {
307  return new BaseObject(-1, 'msg_invalid_request');
308  }
309 
310  if(!$obj->comment_srl)
311  {
312  $obj->comment_srl = getNextSequence();
313  }
314  elseif(!$is_admin && !$manual_inserted && !checkUserSequence($obj->comment_srl))
315  {
316  return new BaseObject(-1, 'msg_not_permitted');
317  }
318 
319  // determine the order
320  $obj->list_order = getNextSequence() * -1;
321 
322  // remove XE's own tags from the contents
323  $obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content);
324 
325  if(Mobile::isFromMobilePhone() && $obj->use_editor != 'Y')
326  {
327  if($obj->use_html != 'Y')
328  {
329  $obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
330  }
331  $obj->content = nl2br($obj->content);
332  }
333 
334  if(!$obj->regdate)
335  {
336  $obj->regdate = date("YmdHis");
337  }
338 
339  // remove iframe and script if not a top administrator on the session.
340  if($logged_info->is_admin != 'Y')
341  {
342  $obj->content = removeHackTag($obj->content);
343  }
344 
345  if(!$obj->notify_message)
346  {
347  $obj->notify_message = 'N';
348  }
349 
350  if(!$obj->is_secret)
351  {
352  $obj->is_secret = 'N';
353  }
354 
355  // begin transaction
356  $oDB = DB::getInstance();
357  $oDB->begin();
358 
359  // Enter a list of comments first
360  $list_args = new stdClass();
361  $list_args->comment_srl = $obj->comment_srl;
362  $list_args->document_srl = $obj->document_srl;
363  $list_args->module_srl = $obj->module_srl;
364  $list_args->regdate = $obj->regdate;
365 
366  // If parent comment doesn't exist, set data directly
367  if(!$obj->parent_srl)
368  {
369  $list_args->head = $list_args->arrange = $obj->comment_srl;
370  $list_args->depth = 0;
371  // If parent comment exists, get information of the parent comment
372  }
373  else
374  {
375  // get information of the parent comment posting
376  $parent_args = new stdClass();
377  $parent_args->comment_srl = $obj->parent_srl;
378  $parent_output = executeQuery('comment.getCommentListItem', $parent_args);
379 
380  // return if no parent comment exists
381  if(!$parent_output->toBool() || !$parent_output->data)
382  {
383  return;
384  }
385 
386  $parent = $parent_output->data;
387 
388  $list_args->head = $parent->head;
389  $list_args->depth = $parent->depth + 1;
390 
391  // if the depth of comments is less than 2, execute insert.
392  if($list_args->depth < 2)
393  {
394  $list_args->arrange = $obj->comment_srl;
395  // if the depth of comments is greater than 2, execute update.
396  }
397  else
398  {
399  // get the top listed comment among those in lower depth and same head with parent's.
400  $p_args = new stdClass();
401  $p_args->head = $parent->head;
402  $p_args->arrange = $parent->arrange;
403  $p_args->depth = $parent->depth;
404  $output = executeQuery('comment.getCommentParentNextSibling', $p_args);
405 
406  if($output->data->arrange)
407  {
408  $list_args->arrange = $output->data->arrange;
409  $output = executeQuery('comment.updateCommentListArrange', $list_args);
410  }
411  else
412  {
413  $list_args->arrange = $obj->comment_srl;
414  }
415  }
416  }
417 
418  $output = executeQuery('comment.insertCommentList', $list_args);
419  if(!$output->toBool())
420  {
421  return $output;
422  }
423 
424  // insert comment
425  $output = executeQuery('comment.insertComment', $obj);
426  if(!$output->toBool())
427  {
428  $oDB->rollback();
429  return $output;
430  }
431 
432  // creat the comment model object
433  $oCommentModel = getModel('comment');
434 
435  // get the number of all comments in the posting
436  $comment_count = $oCommentModel->getCommentCount($document_srl);
437 
438  // create the controller object of the document
439  $oDocumentController = getController('document');
440 
441  // Update the number of comments in the post
442  if(!$using_validation)
443  {
444  $output = $oDocumentController->updateCommentCount($document_srl, $comment_count, $obj->nick_name, TRUE);
445  }
446  else
447  {
448  if($is_admin)
449  {
450  $output = $oDocumentController->updateCommentCount($document_srl, $comment_count, $obj->nick_name, TRUE);
451  }
452  }
453 
454  // grant autority of the comment
455  if(!$manual_inserted)
456  {
457  $this->addGrant($obj->comment_srl);
458  }
459 
460  // call a trigger(after)
461  if($output->toBool())
462  {
463  $trigger_output = ModuleHandler::triggerCall('comment.insertComment', 'after', $obj);
464  if(!$trigger_output->toBool())
465  {
466  $oDB->rollback();
467  return $trigger_output;
468  }
469  }
470 
471  // commit
472  $oDB->commit();
473 
474  if(!$manual_inserted)
475  {
476  // send a message if notify_message option in enabled in the original article
477  $oDocument->notify(Context::getLang('comment'), $obj->content);
478 
479  // send a message if notify_message option in enabled in the original comment
480  if($obj->parent_srl)
481  {
482  $oParent = $oCommentModel->getComment($obj->parent_srl);
483  if($oParent->get('member_srl') != $oDocument->get('member_srl'))
484  {
485  $oParent->notify(Context::getLang('comment'), $obj->content);
486  }
487  }
488  }
489 
491 
492  $output->add('comment_srl', $obj->comment_srl);
493 
494  return $output;
495  }
496 
504  {
505  $using_validation = $this->isModuleUsingPublishValidation($obj->module_srl);
506 
507  $oDocumentModel = getModel('document');
508  $oDocument = $oDocumentModel->getDocument($obj->document_srl);
509 
510  $oMemberModel = getModel("member");
511  if(isset($obj->member_srl) && !is_null($obj->member_srl))
512  {
513  $member_info = $oMemberModel->getMemberInfoByMemberSrl($obj->member_srl);
514  }
515  else
516  {
517  $member_info = new stdClass();
518  $member_info->is_admin = "N";
519  $member_info->nick_name = $obj->nick_name;
520  $member_info->user_name = $obj->user_name;
521  $member_info->email_address = $obj->email_address;
522  }
523 
524  $oCommentModel = getModel("comment");
525  $nr_comments_not_approved = $oCommentModel->getCommentAllCount(NULL, FALSE);
526 
527  $oModuleModel = getModel("module");
528  $module_info = $oModuleModel->getModuleInfoByDocumentSrl($obj->document_srl);
529 
530  // If there is no problem to register comment then send an email to all admin were set in module admin panel
531  if($module_info->admin_mail && $member_info->is_admin != 'Y')
532  {
533  $oMail = new Mail();
534  $oMail->setSender($obj->email_address, $obj->email_address);
535  $mail_title = "[XE - " . Context::get('mid') . "] A new comment was posted on document: \"" . $oDocument->getTitleText() . "\"";
536  $oMail->setTitle($mail_title);
537  $url_comment = getFullUrl('','document_srl',$obj->document_srl).'#comment_'.$obj->comment_srl;
538  if($using_validation)
539  {
540  $url_approve = getFullUrl('', 'module', 'admin', 'act', 'procCommentAdminChangePublishedStatusChecked', 'cart[]', $obj->comment_srl, 'will_publish', '1', 'search_target', 'is_published', 'search_keyword', 'N');
541  $url_trash = getFullUrl('', 'module', 'admin', 'act', 'procCommentAdminDeleteChecked', 'cart[]', $obj->comment_srl, 'search_target', 'is_trash', 'search_keyword', 'true');
542  $mail_content = "
543  A new comment on the document \"" . $oDocument->getTitleText() . "\" is waiting for your approval.
544  <br />
545  <br />
546  Author: " . $member_info->nick_name . "
547  <br />Author e-mail: " . $member_info->email_address . "
548  <br />From : <a href=\"" . $url_comment . "\">" . $url_comment . "</a>
549  <br />Comment:
550  <br />\"" . $obj->content . "\"
551  <br />Document:
552  <br />\"" . $oDocument->getContentText(). "\"
553  <br />
554  <br />
555  Approve it: <a href=\"" . $url_approve . "\">" . $url_approve . "</a>
556  <br />Trash it: <a href=\"" . $url_trash . "\">" . $url_trash . "</a>
557  <br />Currently " . $nr_comments_not_approved . " comments on \"" . Context::get('mid') . "\" module are waiting for approval. Please visit the moderation panel:
558  <br /><a href=\"" . getFullUrl('', 'module', 'admin', 'act', 'dispCommentAdminList', 'search_target', 'module', 'search_keyword', $obj->module_srl) . "\">" . getFullUrl('', 'module', 'admin', 'act', 'dispCommentAdminList', 'search_target', 'module', 'search_keyword', $obj->module_srl) . "</a>
559  ";
560  $oMail->setContent($mail_content);
561  }
562  else
563  {
564  $mail_content = "
565  Author: " . $member_info->nick_name . "
566  <br />Author e-mail: " . $member_info->email_address . "
567  <br />From : <a href=\"" . $url_comment . "\">" . $url_comment . "</a>
568  <br />Comment:
569  <br />\"" . $obj->content . "\"
570  <br />Document:
571  <br />\"" . $oDocument->getContentText(). "\"
572  ";
573  $oMail->setContent($mail_content);
574 
575  // get email of thread's author
576  $document_author_email = $oDocument->variables['email_address'];
577 
578  //get admin info
579  $logged_info = Context::get('logged_info');
580 
581  //mail to author of thread - START
585  /*
586  if($document_author_email != $obj->email_address && $logged_info->email_address != $document_author_email)
587  {
588  $oMail->setReceiptor($document_author_email, $document_author_email);
589  $oMail->send();
590  }
591  */
592  // mail to author of thread - STOP
593  }
594 
595  // get all admins emails
596  $admins_emails = $module_info->admin_mail;
597  $target_mail = explode(',', $admins_emails);
598 
599  // send email to all admins - START
600  for($i = 0; $i < count($target_mail); $i++)
601  {
602  $email_address = trim($target_mail[$i]);
603  if(!$email_address)
604  {
605  continue;
606  }
607 
608  $oMail->setReceiptor($email_address, $email_address);
609  $oMail->send();
610  }
611  // send email to all admins - STOP
612  }
613 
614  $comment_srl_list = array(0 => $obj->comment_srl);
615  // call a trigger for calling "send mail to subscribers" (for moment just for forum)
616  ModuleHandler::triggerCall("comment.sendEmailToAdminAfterInsertComment", "after", $comment_srl_list);
617 
618  /*
619  // send email to author - START
620  $oMail = new Mail();
621  $mail_title = "[XE - ".Context::get('mid')."] your comment on document: \"".$oDocument->getTitleText()."\" have to be approved";
622  $oMail->setTitle($mail_title);
623  //$mail_content = sprintf("From : <a href=\"%s?document_srl=%s&comment_srl=%s#comment_%d\">%s?document_srl=%s&comment_srl=%s#comment_%d</a><br/>\r\n%s ", getFullUrl(''),$comment->document_srl,$comment->comment_srl,$comment->comment_srl, getFullUrl(''),$comment->document_srl,$comment->comment_srl,$comment->comment_srl,$comment>content);
624  $mail_content = "
625  Your comment #".$obj->comment_srl." on document \"".$oDocument->getTitleText()."\" have to be approved by admin of <strong><i>". strtoupper($module_info->mid)."</i></strong> module before to be publish.
626  <br />
627  <br />Comment content:
628  ".$obj->content."
629  <br />
630  ";
631  $oMail->setContent($mail_content);
632  $oMail->setSender($obj->email_address, $obj->email_address);
633  $oMail->setReceiptor($obj->email_address, $obj->email_address);
634  $oMail->send();
635  // send email to author - START
636  */
637  return;
638  }
639 
647  function updateComment($obj, $is_admin = FALSE, $manual_updated = FALSE)
648  {
649  if(!$manual_updated && !checkCSRF())
650  {
651  return new BaseObject(-1, 'msg_invalid_request');
652  }
653 
654  if(!is_object($obj))
655  {
656  $obj = new stdClass();
657  }
658 
659  $obj->__isupdate = TRUE;
660 
661  // call a trigger (before)
662  $output = ModuleHandler::triggerCall('comment.updateComment', 'before', $obj);
663  if(!$output->toBool())
664  {
665  return $output;
666  }
667 
668  // create a comment model object
669  $oCommentModel = getModel('comment');
670 
671  // get the original data
672  $source_obj = $oCommentModel->getComment($obj->comment_srl);
673  if(!$source_obj->getMemberSrl())
674  {
675  $obj->member_srl = $source_obj->get('member_srl');
676  $obj->user_name = $source_obj->get('user_name');
677  $obj->nick_name = $source_obj->get('nick_name');
678  $obj->email_address = $source_obj->get('email_address');
679  $obj->homepage = $source_obj->get('homepage');
680  }
681 
682  // check if permission is granted
683  if(!$is_admin && !$source_obj->isGranted())
684  {
685  return new BaseObject(-1, 'msg_not_permitted');
686  }
687 
688  if($obj->password)
689  {
690  $obj->password = getModel('member')->hashPassword($obj->password);
691  }
692 
693  if($obj->homepage)
694  {
695  $obj->homepage = removeHackTag($obj->homepage);
696  if(!preg_match('/^[a-z]+:\/\//i',$obj->homepage))
697  {
698  $obj->homepage = 'http://'.$obj->homepage;
699  }
700  }
701 
702  // set modifier's information if logged-in and posting author and modifier are matched.
703  if(Context::get('is_logged'))
704  {
705  $logged_info = Context::get('logged_info');
706  if($source_obj->member_srl == $logged_info->member_srl)
707  {
708  $obj->member_srl = $logged_info->member_srl;
709  $obj->user_name = $logged_info->user_name;
710  $obj->nick_name = $logged_info->nick_name;
711  $obj->email_address = $logged_info->email_address;
712  $obj->homepage = $logged_info->homepage;
713  }
714  }
715 
716  // if nick_name of the logged-in author doesn't exist
717  if($source_obj->get('member_srl') && !$obj->nick_name)
718  {
719  $obj->member_srl = $source_obj->get('member_srl');
720  $obj->user_name = $source_obj->get('user_name');
721  $obj->nick_name = $source_obj->get('nick_name');
722  $obj->email_address = $source_obj->get('email_address');
723  $obj->homepage = $source_obj->get('homepage');
724  }
725 
726  if(!$obj->content)
727  {
728  $obj->content = $source_obj->get('content');
729  }
730 
731  // remove XE's wn tags from contents
732  $obj->content = preg_replace('!<\!--(Before|After)(Document|Comment)\(([0-9]+),([0-9]+)\)-->!is', '', $obj->content);
733 
734  if(Mobile::isFromMobilePhone() && $obj->use_editor != 'Y')
735  {
736  if($obj->use_html != 'Y')
737  {
738  $obj->content = htmlspecialchars($obj->content, ENT_COMPAT | ENT_HTML401, 'UTF-8', false);
739  }
740  $obj->content = nl2br($obj->content);
741  }
742 
743  // remove iframe and script if not a top administrator on the session
744  if($logged_info->is_admin != 'Y')
745  {
746  $obj->content = removeHackTag($obj->content);
747  }
748 
749  // begin transaction
750  $oDB = DB::getInstance();
751  $oDB->begin();
752 
753  // Update
754  $output = executeQuery('comment.updateComment', $obj);
755  if(!$output->toBool())
756  {
757  $oDB->rollback();
758  return $output;
759  }
760 
761  // call a trigger (after)
762  if($output->toBool())
763  {
764  $trigger_output = ModuleHandler::triggerCall('comment.updateComment', 'after', $obj);
765  if(!$trigger_output->toBool())
766  {
767  $oDB->rollback();
768  return $trigger_output;
769  }
770  }
771 
772  // commit
773  $oDB->commit();
774 
775  $output->add('comment_srl', $obj->comment_srl);
776 
777  return $output;
778  }
779 
787  function deleteComment($comment_srl, $is_admin = FALSE, $isMoveToTrash = FALSE)
788  {
789  // create the comment model object
790  $oCommentModel = getModel('comment');
791 
792  // check if comment already exists
793  $comment = $oCommentModel->getComment($comment_srl);
794  if($comment->comment_srl != $comment_srl)
795  {
796  return new BaseObject(-1, 'msg_invalid_request');
797  }
798 
799  $document_srl = $comment->document_srl;
800 
801  // call a trigger (before)
802  $output = ModuleHandler::triggerCall('comment.deleteComment', 'before', $comment);
803  if(!$output->toBool())
804  {
805  return $output;
806  }
807 
808  // check if permission is granted
809  if(!$is_admin && !$comment->isGranted())
810  {
811  return new BaseObject(-1, 'msg_not_permitted');
812  }
813 
814  // check if child comment exists on the comment
815  $childs = $oCommentModel->getChildComments($comment_srl);
816  if(count($childs) > 0)
817  {
818  $deleteAllComment = TRUE;
819  if(!$is_admin)
820  {
821  $logged_info = Context::get('logged_info');
822  foreach($childs as $val)
823  {
824  if($val->member_srl != $logged_info->member_srl)
825  {
826  $deleteAllComment = FALSE;
827  break;
828  }
829  }
830  }
831 
832  if(!$deleteAllComment)
833  {
834  return new BaseObject(-1, 'fail_to_delete_have_children');
835  }
836  else
837  {
838  foreach($childs as $val)
839  {
840  $output = $this->deleteComment($val->comment_srl, $is_admin, $isMoveToTrash);
841  if(!$output->toBool())
842  {
843  return $output;
844  }
845  }
846  }
847  }
848 
849  // begin transaction
850  $oDB = DB::getInstance();
851  $oDB->begin();
852 
853  // Delete
854  $args = new stdClass();
855  $args->comment_srl = $comment_srl;
856  $output = executeQuery('comment.deleteComment', $args);
857  if(!$output->toBool())
858  {
859  $oDB->rollback();
860  return $output;
861  }
862 
863  $output = executeQuery('comment.deleteCommentList', $args);
864 
865  // update the number of comments
866  $comment_count = $oCommentModel->getCommentCount($document_srl);
867 
868  // only document is exists
869  if(isset($comment_count))
870  {
871  // create the controller object of the document
872  $oDocumentController = getController('document');
873 
874  // update comment count of the article posting
875  $output = $oDocumentController->updateCommentCount($document_srl, $comment_count, NULL, FALSE);
876  if(!$output->toBool())
877  {
878  $oDB->rollback();
879  return $output;
880  }
881  }
882 
883  // call a trigger (after)
884  if($output->toBool())
885  {
886  $comment->isMoveToTrash = $isMoveToTrash;
887  $trigger_output = ModuleHandler::triggerCall('comment.deleteComment', 'after', $comment);
888  if(!$trigger_output->toBool())
889  {
890  $oDB->rollback();
891  return $trigger_output;
892  }
893  unset($comment->isMoveToTrash);
894  }
895 
896  if(!$isMoveToTrash)
897  {
899  $this->_deleteVotedComments($args);
900  }
901  else
902  {
903  $args = new stdClass();
904  $args->upload_target_srl = $comment_srl;
905  $args->isvalid = 'N';
906  $output = executeQuery('file.updateFileValid', $args);
907  }
908 
909  // commit
910  $oDB->commit();
911 
912  $output->add('document_srl', $document_srl);
913 
914  return $output;
915  }
916 
922  {
924  $this->_deleteVotedComments($args);
925  return new BaseObject(0, 'success');
926  }
927 
934  {
935  // create the document model object
936  $oDocumentModel = getModel('document');
937  $oCommentModel = getModel('comment');
938 
939  // check if permission is granted
940  if(is_object($obj))
941  {
942  $oDocument = new documentItem();
943  $oDocument->setAttribute($obj);
944  }
945  else
946  {
947  $oDocument = $oDocumentModel->getDocument($document_srl);
948  }
949 
950  if(!$oDocument->isExists() || !$oDocument->isGranted())
951  {
952  return new BaseObject(-1, 'msg_not_permitted');
953  }
954 
955  // get a list of comments and then execute a trigger(way to reduce the processing cost for delete all)
956  $args = new stdClass();
957  $args->document_srl = $document_srl;
958  $comments = executeQueryArray('comment.getAllComments', $args);
959  if($comments->data)
960  {
961  $commentSrlList = array();
962  foreach($comments->data as $comment)
963  {
964  $commentSrlList[] = $comment->comment_srl;
965 
966  // call a trigger (before)
967  $output = ModuleHandler::triggerCall('comment.deleteComment', 'before', $comment);
968  if(!$output->toBool())
969  {
970  continue;
971  }
972 
973  // call a trigger (after)
974  $output = ModuleHandler::triggerCall('comment.deleteComment', 'after', $comment);
975  if(!$output->toBool())
976  {
977  continue;
978  }
979  }
980  }
981 
982  // delete the comment
983  $args->document_srl = $document_srl;
984  $output = executeQuery('comment.deleteComments', $args);
985  if(!$output->toBool())
986  {
987  return $output;
988  }
989 
990  // Delete a list of comments
991  $output = executeQuery('comment.deleteCommentsList', $args);
992 
993  //delete declared, declared_log, voted_log
994  if(is_array($commentSrlList) && count($commentSrlList) > 0)
995  {
996  $args = new stdClass();
997  $args->comment_srl = join(',', $commentSrlList);
999  $this->_deleteVotedComments($args);
1000  }
1001 
1002  return $output;
1003  }
1004 
1010  function _deleteDeclaredComments($commentSrls)
1011  {
1012  executeQuery('comment.deleteDeclaredComments', $commentSrls);
1013  executeQuery('comment.deleteCommentDeclaredLog', $commentSrls);
1014  }
1015 
1021  function _deleteVotedComments($commentSrls)
1022  {
1023  executeQuery('comment.deleteCommentVotedLog', $commentSrls);
1024  }
1025 
1032  function updateVotedCount($comment_srl, $point = 1)
1033  {
1034  if($point > 0)
1035  {
1036  $failed_voted = 'failed_voted';
1037  $success_message = 'success_voted';
1038  }
1039  else
1040  {
1041  $failed_voted = 'failed_blamed';
1042  $success_message = 'success_blamed';
1043  }
1044 
1045  // invalid vote if vote info exists in the session info.
1046  if($_SESSION['voted_comment'][$comment_srl])
1047  {
1048  return new BaseObject(-1, $failed_voted);
1049  }
1050 
1051  $oCommentModel = getModel('comment');
1052  $oComment = $oCommentModel->getComment($comment_srl, FALSE, FALSE);
1053 
1054  // invalid vote if both ip addresses between author's and the current user are same.
1055  if($oComment->get('ipaddress') == $_SERVER['REMOTE_ADDR'])
1056  {
1057  $_SESSION['voted_comment'][$comment_srl] = TRUE;
1058  return new BaseObject(-1, $failed_voted);
1059  }
1060 
1061  // if the comment author is a member
1062  if($oComment->get('member_srl'))
1063  {
1064  // create the member model object
1065  $oMemberModel = getModel('member');
1066  $member_srl = $oMemberModel->getLoggedMemberSrl();
1067 
1068  // session registered if the author information matches to the current logged-in user's.
1069  if($member_srl && $member_srl == abs($oComment->get('member_srl')))
1070  {
1071  $_SESSION['voted_comment'][$comment_srl] = TRUE;
1072  return new BaseObject(-1, $failed_voted);
1073  }
1074  }
1075 
1076  $args = new stdClass();
1077 
1078  // If logged-in, use the member_srl. otherwise use the ipaddress.
1079  if($member_srl)
1080  {
1081  $args->member_srl = $member_srl;
1082  }
1083  else
1084  {
1085  $args->ipaddress = $_SERVER['REMOTE_ADDR'];
1086  }
1087 
1088  $args->comment_srl = $comment_srl;
1089  $output = executeQuery('comment.getCommentVotedLogInfo', $args);
1090 
1091  // session registered if log info contains recommendation vote log.
1092  if($output->data->count)
1093  {
1094  $_SESSION['voted_comment'][$comment_srl] = TRUE;
1095  return new BaseObject(-1, $failed_voted);
1096  }
1097 
1098  // Call a trigger (before)
1099  $trigger_obj = new stdClass;
1100  $trigger_obj->member_srl = $oComment->get('member_srl');
1101  $trigger_obj->module_srl = $oComment->get('module_srl');
1102  $trigger_obj->document_srl = $oComment->get('document_srl');
1103  $trigger_obj->comment_srl = $oComment->get('comment_srl');
1104  $trigger_obj->update_target = ($point < 0) ? 'blamed_count' : 'voted_count';
1105  $trigger_obj->point = $point;
1106  $trigger_obj->before_point = ($point < 0) ? $oComment->get('blamed_count') : $oComment->get('voted_count');
1107  $trigger_obj->after_point = $trigger_obj->before_point + $point;
1108  $trigger_output = ModuleHandler::triggerCall('comment.updateVotedCount', 'before', $trigger_obj);
1109  if(!$trigger_output->toBool())
1110  {
1111  return $trigger_output;
1112  }
1113 
1114  // begin transaction
1115  $oDB = DB::getInstance();
1116  $oDB->begin();
1117 
1118  // update the number of votes
1119  if($trigger_obj->update_target === 'blamed_count')
1120  {
1121  $args->blamed_count = $trigger_obj->after_point;
1122  $output = executeQuery('comment.updateBlamedCount', $args);
1123  }
1124  else
1125  {
1126  $args->voted_count = $trigger_obj->after_point;
1127  $output = executeQuery('comment.updateVotedCount', $args);
1128  }
1129 
1130  // leave logs
1131  $args->point = $trigger_obj->point;
1132  $output = executeQuery('comment.insertCommentVotedLog', $args);
1133 
1134  // Call a trigger (after)
1135  $trigger_output = ModuleHandler::triggerCall('comment.updateVotedCount', 'after', $trigger_obj);
1136  if(!$trigger_output->toBool())
1137  {
1138  $oDB->rollback();
1139  return $trigger_output;
1140  }
1141 
1142  $oDB->commit();
1143 
1144  // leave into session information
1145  $_SESSION['voted_comment'][$comment_srl] = TRUE;
1146 
1147  // Return the result
1148  $output = new BaseObject(0, $success_message);
1149  if($trigger_obj->update_target === 'voted_count')
1150  {
1151  $output->add('voted_count', $trigger_obj->after_point);
1152  }
1153  else
1154  {
1155  $output->add('blamed_count', $trigger_obj->after_point);
1156  }
1157 
1158  return $output;
1159  }
1160 
1166  function declaredComment($comment_srl)
1167  {
1168  // Fail if session information already has a reported document
1169  if($_SESSION['declared_comment'][$comment_srl])
1170  {
1171  return new BaseObject(-1, 'failed_declared');
1172  }
1173 
1174  // check if already reported
1175  $args = new stdClass();
1176  $args->comment_srl = $comment_srl;
1177  $output = executeQuery('comment.getDeclaredComment', $args);
1178  if(!$output->toBool())
1179  {
1180  return $output;
1181  }
1182  $declared_count = ($output->data->declared_count) ? $output->data->declared_count : 0;
1183 
1184  $trigger_obj = new stdClass();
1185  $trigger_obj->comment_srl = $comment_srl;
1186  $trigger_obj->declared_count = $declared_count;
1187 
1188  // Call a trigger (before)
1189  $trigger_output = ModuleHandler::triggerCall('comment.declaredComment', 'before', $trigger_obj);
1190  if(!$trigger_output->toBool())
1191  {
1192  return $trigger_output;
1193  }
1194 
1195  // get the original comment
1196  $oCommentModel = getModel('comment');
1197  $oComment = $oCommentModel->getComment($comment_srl, FALSE, FALSE);
1198 
1199  // failed if both ip addresses between author's and the current user are same.
1200  if($oComment->get('ipaddress') == $_SERVER['REMOTE_ADDR'])
1201  {
1202  $_SESSION['declared_comment'][$comment_srl] = TRUE;
1203  return new BaseObject(-1, 'failed_declared');
1204  }
1205 
1206  // if the comment author is a member
1207  if($oComment->get('member_srl'))
1208  {
1209  // create the member model object
1210  $oMemberModel = getModel('member');
1211  $member_srl = $oMemberModel->getLoggedMemberSrl();
1212 
1213  // session registered if the author information matches to the current logged-in user's.
1214  if($member_srl && $member_srl == abs($oComment->get('member_srl')))
1215  {
1216  $_SESSION['declared_comment'][$comment_srl] = TRUE;
1217  return new BaseObject(-1, 'failed_declared');
1218  }
1219  }
1220 
1221  // If logged-in, use the member_srl. otherwise use the ipaddress.
1222  if($member_srl)
1223  {
1224  $args->member_srl = $member_srl;
1225  }
1226  else
1227  {
1228  $args->ipaddress = $_SERVER['REMOTE_ADDR'];
1229  }
1230  $args->comment_srl = $comment_srl;
1231  $log_output = executeQuery('comment.getCommentDeclaredLogInfo', $args);
1232 
1233  // session registered if log info contains report log.
1234  if($log_output->data->count)
1235  {
1236  $_SESSION['declared_comment'][$comment_srl] = TRUE;
1237  return new BaseObject(-1, 'failed_declared');
1238  }
1239 
1240  // begin transaction
1241  $oDB = &DB::getInstance();
1242  $oDB->begin();
1243 
1244  // execute insert
1245  if($output->data->declared_count > 0)
1246  {
1247  $output = executeQuery('comment.updateDeclaredComment', $args);
1248  }
1249  else
1250  {
1251  $output = executeQuery('comment.insertDeclaredComment', $args);
1252  }
1253 
1254  if(!$output->toBool())
1255  {
1256  $oDB->rollback();
1257  return $output;
1258  }
1259 
1260  // leave the log
1261  $output = executeQuery('comment.insertCommentDeclaredLog', $args);
1262 
1263  // Call a trigger (after)
1264  $trigger_obj->declared_count = $declared_count + 1;
1265  $trigger_output = ModuleHandler::triggerCall('comment.declaredComment', 'after', $trigger_obj);
1266  if(!$trigger_output->toBool())
1267  {
1268  $oDB->rollback();
1269  return $trigger_output;
1270  }
1271 
1272  $oDB->commit();
1273 
1274  // leave into the session information
1275  $_SESSION['declared_comment'][$comment_srl] = TRUE;
1276 
1277  $this->setMessage('success_declared');
1278  }
1279 
1288  function addCommentPopupMenu($url, $str, $icon = '', $target = 'self')
1289  {
1290  $comment_popup_menu_list = Context::get('comment_popup_menu_list');
1291  if(!is_array($comment_popup_menu_list))
1292  {
1293  $comment_popup_menu_list = array();
1294  }
1295 
1296  $obj = new stdClass();
1297  $obj->url = $url;
1298  $obj->str = $str;
1299  $obj->icon = $icon;
1300  $obj->target = $target;
1301  $comment_popup_menu_list[] = $obj;
1302 
1303  Context::set('comment_popup_menu_list', $comment_popup_menu_list);
1304  }
1305 
1311  {
1312  $module_srl = Context::get('target_module_srl');
1313  if(preg_match('/^([0-9,]+)$/', $module_srl))
1314  {
1315  $module_srl = explode(',', $module_srl);
1316  }
1317  else
1318  {
1319  $module_srl = array($module_srl);
1320  }
1321 
1322  $comment_config = new stdClass();
1323  $comment_config->comment_count = (int) Context::get('comment_count');
1324  if(!$comment_config->comment_count)
1325  {
1326  $comment_config->comment_count = 50;
1327  }
1328 
1329  $comment_config->use_vote_up = Context::get('use_vote_up');
1330  if(!$comment_config->use_vote_up)
1331  {
1332  $comment_config->use_vote_up = 'Y';
1333  }
1334 
1335  $comment_config->use_vote_down = Context::get('use_vote_down');
1336  if(!$comment_config->use_vote_down)
1337  {
1338  $comment_config->use_vote_down = 'Y';
1339  }
1340 
1341  $comment_config->use_comment_validation = Context::get('use_comment_validation');
1342  if(!$comment_config->use_comment_validation)
1343  {
1344  $comment_config->use_comment_validation = 'N';
1345  }
1346 
1347  for($i = 0; $i < count($module_srl); $i++)
1348  {
1349  $srl = trim($module_srl[$i]);
1350  if(!$srl)
1351  {
1352  continue;
1353  }
1354 
1355  $output = $this->setCommentModuleConfig($srl, $comment_config);
1356  }
1357 
1358  $this->setError(-1);
1359  $this->setMessage('success_updated', 'info');
1360 
1361  $returnUrl = Context::get('success_return_url') ? Context::get('success_return_url') : getNotEncodedUrl('', 'module', 'admin', 'act', 'dispBoardAdminContent');
1362  $this->setRedirectUrl($returnUrl);
1363  }
1364 
1371  function setCommentModuleConfig($srl, $comment_config)
1372  {
1373  $oModuleController = getController('module');
1374  $oModuleController->insertModulePartConfig('comment', $srl, $comment_config);
1375  return new BaseObject();
1376  }
1377 
1383  {
1384  if(!Context::get('is_logged'))
1385  {
1386  return new BaseObject(-1, 'msg_not_permitted');
1387  }
1388 
1389  $commentSrls = Context::get('comment_srls');
1390  if($commentSrls)
1391  {
1392  $commentSrlList = explode(',', $commentSrls);
1393  }
1394 
1395  if(count($commentSrlList) > 0)
1396  {
1397  $oCommentModel = getModel('comment');
1398  $commentList = $oCommentModel->getComments($commentSrlList);
1399 
1400  if(is_array($commentList))
1401  {
1402  foreach($commentList as $value)
1403  {
1404  $value->content = strip_tags($value->content);
1405  }
1406  }
1407  }
1408  else
1409  {
1410  global $lang;
1411  $commentList = array();
1412  $this->setMessage($lang->no_documents);
1413  }
1414 
1415  $oSecurity = new Security($commentList);
1416  $oSecurity->encodeHTML('..variables.', '..');
1417 
1418  $this->add('comment_list', $commentList);
1419  }
1420 
1422  {
1423  $oModuleModel = getModel('module');
1424  $commentConfig = $oModuleModel->getModulePartConfig('comment', $obj->originModuleSrl);
1425 
1426  $oModuleController = getController('module');
1427  if(is_array($obj->moduleSrlList))
1428  {
1429  foreach($obj->moduleSrlList as $moduleSrl)
1430  {
1431  $oModuleController->insertModulePartConfig('comment', $moduleSrl, $commentConfig);
1432  }
1433  }
1434  }
1435 
1436 }
1437 /* End of file comment.controller.php */
1438 /* Location: ./modules/comment/comment.controller.php */
$oModuleModel
Definition: ko.install.php:236
setMessage($message= 'success', $type=NULL)
getController($module_name)
Definition: func.inc.php:90
$obj
Definition: ko.install.php:262
$output
Definition: ko.install.php:193
sendEmailToAdminAfterInsertComment($obj)
add($key, $val)
updateComment($obj, $is_admin=FALSE, $manual_updated=FALSE)
set($key, $val, $set_to_get_vars=0)
getNotEncodedUrl()
Definition: func.inc.php:316
_deleteDeclaredComments($commentSrls)
insertComment($obj, $manual_inserted=FALSE)
$module_srl
integer value to represent a run-time instance of Module (XE Module)
setError($error=0)
updateVotedCount($comment_srl, $point=1)
$args
Definition: ko.install.php:185
$module_info
an object containing the module information
checkCSRF()
Definition: func.inc.php:1623
setRedirectUrl($url= './', $output=NULL)
_deleteVotedComments($commentSrls)
$document_srl
Definition: ko.install.php:279
$oDocumentModel
Definition: ko.install.php:259
getInstance($db_type=NULL)
Definition: DB.class.php:142
isFromMobilePhone()
getLang($code)
checkUserSequence($seq)
Definition: func.inc.php:270
deleteComments($document_srl, $obj=NULL)
removeHackTag($content)
Definition: func.inc.php:1123
setCommentModuleConfig($srl, $comment_config)
$oDocumentController
Definition: ko.install.php:260
getNextSequence()
Definition: func.inc.php:236
getModel($module_name)
Definition: func.inc.php:145
executeQueryArray($query_id, $args=NULL, $arg_columns=NULL)
Definition: func.inc.php:219
getAdminController($module_name)
Definition: func.inc.php:101
declaredComment($comment_srl)
executeQuery($query_id, $args=NULL, $arg_columns=NULL)
Definition: func.inc.php:203
$oModuleController
Definition: ko.install.php:287
deleteComment($comment_srl, $is_admin=FALSE, $isMoveToTrash=FALSE)
addCommentPopupMenu($url, $str, $icon= '', $target= 'self')
getFullUrl()
Definition: func.inc.php:361
triggerCall($trigger_name, $called_position, &$obj)
isModuleUsingPublishValidation($module_srl=NULL)
if(isset($_REQUEST['encode'])) if(isset($_REQUEST['decode'])) $lang
Definition: example.php:23