00001 <?php
00007 namespace Habari;
00008
00014 class FeedbackHandler extends ActionHandler
00015 {
00021 public function act_add_comment()
00022 {
00023 Utils::check_request_method( array( 'POST' ) );
00024
00025
00026 $post = Post::get( array( 'id' => $this->handler_vars['id'] ) );
00027 if ( ! $post ) {
00028
00029 header( 'HTTP/1.1 403 Forbidden', true, 403 );
00030 die();
00031 }
00032
00033
00034 Themes::create();
00035 $form = $post->comment_form();
00036 $form->get();
00037
00038
00039 if ( !$form->submitted ) {
00040
00041 header( 'HTTP/1.1 403 Forbidden', true, 403 );
00042 die();
00043 }
00044 else {
00045
00046
00047 Plugins::act( 'comment_form_submit', $form );
00048
00049 if ( $form->success ) {
00050 $this->add_comment(
00051 $post->id,
00052 $form->cf_commenter->value,
00053 $form->cf_email->value,
00054 $form->cf_url->value,
00055 $form->cf_content->value,
00056 $form->get_values()
00057 );
00058 }
00059 else {
00060 Session::error( _t( 'There was a problem submitting your comment.' ) );
00061 $form->bounce();
00062
00063 }
00064 }
00065 }
00066
00077 function add_comment( $post, $name = null, $email = null, $url = null, $content = null, $extra = null )
00078 {
00079 if ( is_numeric( $post ) ) {
00080 $post = Post::get( array( 'id' => $post ) );
00081 }
00082
00083 if ( !$post instanceof Post ) {
00084
00085 header( 'HTTP/1.1 403 Forbidden', true, 403 );
00086 die();
00087 }
00088
00089
00090 foreach ( array( 'name', 'url', 'email', 'content' ) as $k ) {
00091 $$k = InputFilter::filter( $$k );
00092 }
00093
00094
00095 $name = strip_tags( html_entity_decode( $name, ENT_QUOTES, 'UTF-8' ) );
00096
00097
00098 if ( !empty( $url ) ) {
00099 $parsed = InputFilter::parse_url( $url );
00100 if ( $parsed['is_relative'] ) {
00101
00102 $parsed = InputFilter::parse_url( 'http://' . $url );
00103 if ( ! $parsed['is_error'] ) {
00104 $url = InputFilter::glue_url( $parsed );
00105 }
00106 else {
00107
00108 $url = '';
00109 }
00110 }
00111 if ( $parsed['is_pseudo'] || ( $parsed['scheme'] !== 'http' && $parsed['scheme'] !== 'https' ) ) {
00112
00113 $url = '';
00114 }
00115 else {
00116
00117
00118 $url = InputFilter::glue_url( $parsed );
00119 }
00120 }
00121
00122
00123 $comment = new Comment( array(
00124 'post_id' => $post->id,
00125 'name' => $name,
00126 'email' => $email,
00127 'url' => $url,
00128 'ip' => Utils::get_ip(),
00129 'content' => $content,
00130 'status' => Comment::status('approved'),
00131 'date' => DateTime::create(),
00132 'type' => Comment::type('comment'),
00133 ) );
00134
00135
00136
00137 $user = User::identify();
00138 if ( ( $user->loggedin ) && ( $comment->email == $user->email ) ) {
00139 $comment->status = 'approved';
00140 }
00141
00142
00143 Themes::create();
00144
00145
00146 Plugins::act( 'comment_accepted', $comment, $this->handler_vars, $extra );
00147
00148 $spam_rating = 0;
00149 $spam_rating = Plugins::filter( 'spam_filter', $spam_rating, $comment, $this->handler_vars, $extra );
00150
00151 if ( $spam_rating >= Options::get( 'spam_percentage', 100 ) ) {
00152 $comment->status = 'spam';
00153 }
00154
00155 $comment->insert();
00156 $anchor = '';
00157
00158
00159 if ( $comment->id && $comment->status != 'spam' ) {
00160 $anchor = '#comment-' . $comment->id;
00161
00162
00163 if ( $comment->status == 'unapproved' ) {
00164 Session::notice( _t( 'Your comment is pending moderation.' ), 'comment_' . $comment->id );
00165 }
00166
00167
00168
00169 $cookie_name = 'comment_' . Options::get( 'public-GUID' );
00170
00171
00172 $cookie_content = implode( '#', array( $comment->name, $comment->email, $comment->url ) );
00173
00174
00175 if ( User::identify()->loggedin == false && ( !isset( $_COOKIE[ $cookie_name ] ) || $_COOKIE[ $cookie_name ] != $cookie_content ) ) {
00176
00177
00178 setcookie( $cookie_name, $cookie_content, time() + DateTime::YEAR, Site::get_path( 'base', true ) );
00179
00180 }
00181 }
00182
00183
00184 Utils::redirect( $post->permalink . $anchor );
00185 }
00186
00187 }
00188 ?>