tonyair/silverstripe-cms
1
0
Fork 0
mirror of https://github.com/silverstripe/silverstripe-cms synced 2024-06-15 01:01:33 +02:00
Code Issues Projects Releases Wiki Activity

APICHANGE: removed page comments from core. Please see the github.com account for page comments functionality

Browse Source 
git-svn-id: svn://svn.silverstripe.com/silverstripe/open/modules/cms/trunk@114821 467b73ca-7a2a-4603-9d3b-597d59a354a9
This commit is contained in:
Will Rossiter 2010-12-11 05:43:08 +00:00
parent 2d0f3be756
commit 6d0c79c839
15 changed files with 0 additions and 2267 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
_config.php
View File

@ -10,7 +10,6 @@ Director::addRules(50, array(
'admin/help//$Action/$ID' => 'CMSHelp',
'admin/bulkload//$Action/$ID/$OtherID' => 'BulkLoaderAdmin',
'admin/cms//$Action/$ID/$OtherID' => 'CMSMain',
'PageComment//$Action/$ID' => 'PageComment_Controller',
'dev/buildcache/$Action' => 'RebuildStaticCacheTask',
));

320
code/CommentAdmin.php
View File

@ -1,320 +0,0 @@
<?php
/**
* Comment administration system within the CMS
* @package cms
* @subpackage comments
*/
class CommentAdmin extends LeftAndMain {
static $url_segment = 'comments';
static $url_rule = '/$Action';
static $menu_title = 'Comments';
static $allowed_actions = array(
'approvedmarked',
'deleteall',
'deletemarked',
'hammarked',
'showtable',
'spammarked',
'EditForm',
'unmoderated'
);
/**
* @var int The number of comments per page for the {@link CommentTable} in this admin.
*/
static $comments_per_page = '20';
public function init() {
parent::init();
Requirements::css(CMS_DIR . '/css/CommentAdmin.css');
}
public function showtable($params) {
$form = $this->getEditForm();
return $form->formHtmlContent();
}
public function Section() {
$url = rtrim($_SERVER['REQUEST_URI'], '/');
if(strrpos($url, '&')) {
$url = substr($url, 0, strrpos($url, '&'));
}
$section = substr($url, strrpos($url, '/') + 1);
if($section != 'approved' && $section != 'unmoderated' && $section != 'spam') {
$section = Session::get('CommentsSection');
}
if($section != 'approved' && $section != 'unmoderated' && $section != 'spam') {
$section = 'approved';
}
return $section;
}
public function getEditForm($id = null) {
$section = $this->Section();
if($section == 'approved') {
$filter = "\"IsSpam\" = 0 AND \"NeedsModeration\" = 0";
$title = "<h2>". _t('CommentAdmin.APPROVEDCOMMENTS', 'Approved Comments')."</h2>";
} else if($section == 'unmoderated') {
$filter = '"NeedsModeration" = 1';
$title = "<h2>"._t('CommentAdmin.COMMENTSAWAITINGMODERATION', 'Comments Awaiting Moderation')."</h2>";
} else {
$filter = '"IsSpam" = 1';
$title = "<h2>"._t('CommentAdmin.SPAM', 'Spam')."</h2>";
}
$filter .= ' AND "ParentID">0';
$tableFields = array(
"Name" => _t('CommentAdmin.AUTHOR', 'Author'),
"Comment" => _t('CommentAdmin.COMMENT', 'Comment'),
"Parent.Title" => _t('CommentAdmin.PAGE', 'Page'),
"CommenterURL" => _t('CommentAdmin.COMMENTERURL', 'URL'),
"Created" => _t('CommentAdmin.DATEPOSTED', 'Date Posted')
);
$popupFields = new FieldSet(
new TextField('Name', _t('CommentAdmin.NAME', 'Name')),
new TextField('CommenterURL', _t('CommentAdmin.COMMENTERURL', 'URL')),
new TextareaField('Comment', _t('CommentAdmin.COMMENT', 'Comment'))
);
$idField = new HiddenField('ID', '', $section);
$table = new CommentTableField($this, "Comments", "PageComment", $section, $tableFields, $popupFields, array($filter), 'Created DESC');
$table->setParentClass(false);
$table->setFieldCasting(array(
'Created' => 'SS_Datetime->Full',
'Comment' => array('HTMLText->LimitCharacters', 150)
));
$table->setPageSize(self::get_comments_per_page());
$table->addSelectOptions(array('all'=>'All', 'none'=>'None'));
$table->Markable = true;
$fields = new FieldSet(
new LiteralField("Title", $title),
$idField,
$table
);
$actions = new FieldSet();
if($section == 'unmoderated') {
$actions->push(new FormAction('acceptmarked', _t('CommentAdmin.ACCEPT', 'Accept')));
}
if($section == 'approved' || $section == 'unmoderated') {
$actions->push(new FormAction('spammarked', _t('CommentAdmin.SPAMMARKED', 'Mark as spam')));
}
if($section == 'spam') {
$actions->push(new FormAction('hammarked', _t('CommentAdmin.MARKASNOTSPAM', 'Mark as not spam')));
}
$actions->push(new FormAction('deletemarked', _t('CommentAdmin.DELETE', 'Delete')));
if($section == 'spam') {
$actions->push(new FormAction('deleteall', _t('CommentAdmin.DELETEALL', 'Delete All')));
}
$form = new Form($this, "EditForm", $fields, $actions);
return $form;
}
function deletemarked() {
$numComments = 0;
$folderID = 0;
$deleteList = '';
if($_REQUEST['Comments']) {
foreach($_REQUEST['Comments'] as $commentid) {
$comment = DataObject::get_by_id('PageComment', $commentid);
if($comment) {
$comment->delete();
$numComments++;
}
}
} else {
user_error("No comments in $commentList could be found!", E_USER_ERROR);
}
echo <<<JS
$deleteList
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
statusMessage("Deleted $numComments comments.");
JS;
}
function deleteall() {
$numComments = 0;
$spam = DataObject::get('PageComment', '"PageComment"."IsSpam" = 1');
if($spam) {
$numComments = $spam->Count();
foreach($spam as $comment) {
$comment->delete();
}
}
$msg = sprintf(_t('CommentAdmin.DELETED', 'Deleted %s comments.'), $numComments);
echo <<<JS
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
statusMessage("$msg");
JS;
}
function spammarked() {
$numComments = 0;
$folderID = 0;
$deleteList = '';
if($_REQUEST['Comments']) {
foreach($_REQUEST['Comments'] as $commentid) {
$comment = DataObject::get_by_id('PageComment', $commentid);
if($comment) {
$comment->IsSpam = true;
$comment->NeedsModeration = false;
$comment->write();
if(SSAkismet::isEnabled()) {
try {
$akismet = new SSAkismet();
$akismet->setCommentAuthor($comment->getField('Name'));
$akismet->setCommentContent($comment->getField('Comment'));
$akismet->submitSpam();
} catch (Exception $e) {
// Akismet didn't work, most likely the service is down.
}
}
$numComments++;
}
}
} else {
user_error("No comments in $commentList could be found!", E_USER_ERROR);
}
$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
echo <<<JS
$deleteList
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
statusMessage("$msg");
JS;
}
function hammarked() {
$numComments = 0;
$folderID = 0;
$deleteList = '';
if($_REQUEST['Comments']) {
foreach($_REQUEST['Comments'] as $commentid) {
$comment = DataObject::get_by_id('PageComment', $commentid);
if($comment) {
$comment->IsSpam = false;
$comment->NeedsModeration = false;
$comment->write();
if(SSAkismet::isEnabled()) {
try {
$akismet = new SSAkismet();
$akismet->setCommentAuthor($comment->getField('Name'));
$akismet->setCommentContent($comment->getField('Comment'));
$akismet->submitSpam();
} catch (Exception $e) {
// Akismet didn't work, most likely the service is down.
}
}
$numComments++;
}
}
} else {
user_error("No comments in $commentList could be found!", E_USER_ERROR);
}
$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
echo <<<JS
$deleteList
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
statusMessage("$msg");
JS;
}
function acceptmarked() {
$numComments = 0;
$folderID = 0;
$deleteList = '';
if($_REQUEST['Comments']) {
foreach($_REQUEST['Comments'] as $commentid) {
$comment = DataObject::get_by_id('PageComment', $commentid);
if($comment) {
$comment->IsSpam = false;
$comment->NeedsModeration = false;
$comment->write();
$numComments++;
}
}
} else {
user_error("No comments in $commentList could be found!", E_USER_ERROR);
}
$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
echo <<<JS
$deleteList
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
statusMessage("Accepted $numComments comments.");
JS;
}
/**
* Return the number of moderated comments
*/
function NumModerated() {
return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=0 AND \"NeedsModeration\"=0")->value();
}
/**
* Return the number of unmoderated comments
*/
function NumUnmoderated() {
return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=0 AND \"NeedsModeration\"=1")->value();
}
/**
* Return the number of comments marked as spam
*/
function NumSpam() {
return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=1")->value();
}
/**
* @param $num int
*/
function set_comments_per_page($num){
self::$comments_per_page = $num;
}
/**
* @return int
*/
function get_comments_per_page(){
return self::$comments_per_page;
}
}
?>

109
code/CommentTableField.php
View File

@ -1,109 +0,0 @@
<?php
/**
* Special kind of ComplexTableField for managing comments.
* @package cms
* @subpackage comments
*/
class CommentTableField extends ComplexTableField {
protected $template = "CommentTableField";
protected $mode;
function __construct($controller, $name, $sourceClass, $mode, $fieldList, $detailFormFields = null, $sourceFilter = "", $sourceSort = "Created", $sourceJoin = "") {
$this->mode = $mode;
Session::set('CommentsSection', $mode);
parent::__construct($controller, $name, $sourceClass, $fieldList, $detailFormFields, $sourceFilter, $sourceSort, $sourceJoin);
$this->Markable = true;
// Note: These keys have special behaviour associated through TableListField.js
$this->selectOptions = array(
'all' => _t('CommentTableField.SELECTALL', 'All'),
'none' => _t('CommentTableField.SELECTNONE', 'None')
);
// search
$search = isset($_REQUEST['CommentSearch']) ? Convert::raw2sql($_REQUEST['CommentSearch']) : null;
if(!empty($_REQUEST['CommentSearch'])) {
$this->sourceFilter[] = "( \"Name\" LIKE '%$search%' OR \"Comment\" LIKE '%$search%')";
}
}
function FieldHolder() {
$ret = parent::FieldHolder();
Requirements::javascript(CMS_DIR . '/javascript/CommentTableField.js');
return $ret;
}
function Items() {
$this->sourceItems = $this->sourceItems();
if(!$this->sourceItems) {
return null;
}
$pageStart = (isset($_REQUEST['ctf'][$this->Name()]['start']) && is_numeric($_REQUEST['ctf'][$this->Name()]['start'])) ? $_REQUEST['ctf'][$this->Name()]['start'] : 0;
$this->sourceItems->setPageLimits($pageStart, $this->pageSize, $this->totalCount);
$output = new DataObjectSet();
foreach($this->sourceItems as $pageIndex=>$item) {
$output->push(Object::create('CommentTableField_Item',$item, $this, $pageStart+$pageIndex));
}
return $output;
}
function HasSpamButton() {
return $this->mode == 'approved' || $this->mode == 'unmoderated';
}
function HasApproveButton() {
return $this->mode == 'unmoderated';
}
function HasHamButton() {
return $this->mode == 'spam';
}
function SearchForm() {
$query = isset($_GET['CommentSearch']) ? $_GET['CommentSearch'] : null;
$searchFields = new FieldGroup(
new TextField('CommentSearch', _t('CommentTableField.SEARCH', 'Search'), $query),
new HiddenField("ctf[ID]",'',$this->mode),
new HiddenField('CommentFieldName','',$this->name)
);
$actionFields = new LiteralField('CommentFilterButton','<input type="submit" name="CommentFilterButton" value="'. _t('CommentTableField.FILTER', 'Filter') .'" id="CommentFilterButton"/>');
$fieldContainer = new FieldGroup(
$searchFields,
$actionFields
);
return $fieldContainer->FieldHolder();
}
}
/**
* Single row of a {@link CommentTableField}
* @package cms
* @subpackage comments
*/
class CommentTableField_Item extends ComplexTableField_Item {
function HasSpamButton() {
return $this->parent()->HasSpamButton();
}
function HasApproveButton() {
return $this->parent()->HasApproveButton();
}
function HasHamButton() {
return $this->parent()->HasHamButton();
}
}
?>

399
code/sitefeatures/Akismet.php
View File

@ -1,399 +0,0 @@
<?php
/**
* Akismet anti-comment spam service
*
* The class in this package allows use of the {@link http://akismet.com Akismet} anti-comment spam service in any PHP5 application.
*
* This service performs a number of checks on submitted data and returns whether or not the data is likely to be spam.
*
* Please note that in order to use this class, you must have a vaild {@link http://wordpress.com/api-keys/ WordPress API key}. They are free for non/small-profit types and getting one will only take a couple of minutes.
*
* For commercial use, please {@link http://akismet.com/commercial/ visit the Akismet commercial licensing page}.
*
* Please be aware that this class is PHP5 only. Attempts to run it under PHP4 will most likely fail.
*
* See the Akismet class documentation page linked to below for usage information.
*
* @package cms
* @subpackage comments
* @author Alex Potsides, {@link http://www.achingbrain.net http://www.achingbrain.net}
* @version 0.1
* @copyright Alex Potsides, {@link http://www.achingbrain.net http://www.achingbrain.net}
* @license http://www.gnu.org/licenses/gpl.html GNU General Public License
*/
/**
* The Akismet PHP5 Class
*
* This class takes the functionality from the Akismet WordPress plugin written by {@link http://photomatt.net/ Matt Mullenweg} and allows it to be integrated into any PHP5 application or website.
*
* The original plugin is {@link http://akismet.com/download/ available on the Akismet website}.
*
* <b>Usage:</b>
* <code>
* $akismet = new Akismet('http://www.example.com/blog/', 'aoeu1aoue');
* $akismet->setCommentAuthor($name);
* $akismet->setCommentAuthorEmail($email);
* $akismet->setCommentAuthorURL($url);
* $akismet->setCommentContent($comment);
* $akismet->setPermalink('http://www.example.com/blog/alex/someurl/');
* if($akismet->isCommentSpam())
* // store the comment but mark it as spam (in case of a mis-diagnosis)
* else
* // store the comment normally
* </code>
*
* @version 0.2
* @author Alex Potsides
* @link http://www.achingbrain.net/
* @package cms
* @subpackage comments
*/
class Akismet
{
private $version = '0.2';
private $wordPressAPIKey;
private $blogURL;
private $comment;
private $apiPort;
private $akismetServer;
private $akismetVersion;
// This prevents some potentially sensitive information from being sent accross the wire.
private $ignore = array('HTTP_COOKIE',
'HTTP_X_FORWARDED_FOR',
'HTTP_X_FORWARDED_HOST',
'HTTP_MAX_FORWARDS',
'HTTP_X_FORWARDED_SERVER',
'REDIRECT_STATUS',
'SERVER_PORT',
'PATH',
'DOCUMENT_ROOT',
'SERVER_ADMIN',
'QUERY_STRING',
'PHP_SELF' );
/**
* @throws Exception An exception is thrown if your API key is invalid.
* @param string Your WordPress API key.
* @param string $blogURL The URL of your blog.
*/
public function __construct($blogURL, $wordPressAPIKey)
{
$this->blogURL = $blogURL;
$this->wordPressAPIKey = $wordPressAPIKey;
// Set some default values
$this->apiPort = 80;
$this->akismetServer = 'rest.akismet.com';
$this->akismetVersion = '1.1';
// Start to populate the comment data
$this->comment['blog'] = $blogURL;
$this->comment['user_agent'] = $_SERVER['HTTP_USER_AGENT'];
$this->comment['referrer'] = $_SERVER['HTTP_REFERER'];
// This is necessary if the server PHP5 is running on has been set up to run PHP4 and
// PHP5 concurently and is actually running through a separate proxy al a these instructions:
// http://www.schlitt.info/applications/blog/archives/83_How_to_run_PHP4_and_PHP_5_parallel.html
// and http://wiki.coggeshall.org/37.html
// Otherwise the user_ip appears as the IP address of the PHP4 server passing the requests to the
// PHP5 one...
$this->comment['user_ip'] = $_SERVER['REMOTE_ADDR'] != getenv('SERVER_ADDR') ? $_SERVER['REMOTE_ADDR'] : getenv('HTTP_X_FORWARDED_FOR');
// Check to see if the key is valid
$response = $this->http_post('key=' . $this->wordPressAPIKey . '&blog=' . $this->blogURL, $this->akismetServer, '/' . $this->akismetVersion . '/verify-key');
if($response[1] != 'valid')
{
// Whoops, no it's not. Throw an exception as we can't proceed without a valid API key.
throw new Exception('Invalid API key. Please obtain one from http://wordpress.com/api-keys/');
}
}
private function http_post($request, $host, $path)
{
$http_request = "POST " . $path . " HTTP/1.1\r\n";
$http_request .= "Host: " . $host . "\r\n";
$http_request .= "Content-Type: application/x-www-form-urlencoded; charset=utf-8\r\n";
$http_request .= "Content-Length: " . strlen($request) . "\r\n";
$http_request .= "User-Agent: Akismet PHP5 Class " . $this->version . " | Akismet/1.11\r\n";
$http_request .= "\r\n";
$http_request .= $request;
$socketWriteRead = new SocketWriteRead($host, $this->apiPort, $http_request);
$socketWriteRead->send();
return explode("\r\n\r\n", $socketWriteRead->getResponse(), 2);
}
// Formats the data for transmission echo $sql;
private function getQueryString()
{
foreach($_SERVER as $key => $value)
{
if(!in_array($key, $this->ignore))
{
if($key == 'REMOTE_ADDR')
{
$this->comment[$key] = $this->comment['user_ip'];
}
else
{
$this->comment[$key] = $value;
}
}
}
$query_string = '';
foreach($this->comment as $key => $data)
{
@$query_string .= $key . '=' . urlencode(stripslashes($data)) . '&';
}
return $query_string;
}
/**
* Tests for spam.
*
* Uses the web service provided by {@link http://www.akismet.com Akismet} to see whether or not the submitted comment is spam. Returns a boolean value.
*
* @return bool True if the comment is spam, false if not
*/
public function isCommentSpam()
{
$response = $this->http_post($this->getQueryString(), $this->wordPressAPIKey . '.rest.akismet.com', '/' . $this->akismetVersion . '/comment-check');
return ($response[1] == 'true');
}
/**
* Submit spam that is incorrectly tagged as ham.
*
* Using this function will make you a good citizen as it helps Akismet to learn from its mistakes. This will improve the service for everybody.
*/
public function submitSpam()
{
$this->http_post($this->getQueryString(), $this->wordPressAPIKey . '.' . $this->akismetServer, '/' . $this->akismetVersion . '/submit-spam');
}
/**
* Submit ham that is incorrectly tagged as spam.
*
* Using this function will make you a good citizen as it helps Akismet to learn from its mistakes. This will improve the service for everybody.
*/
public function submitHam()
{
$this->http_post($this->getQueryString(), $this->wordPressAPIKey . '.' . $this->akismetServer, '/' . $this->akismetVersion . '/submit-ham');
}
/**
* To override the user IP address when submitting spam/ham later on
*
* @param string $userip An IP address. Optional.
*/
public function setUserIP($userip)
{
$this->comment['user_ip'] = $userip;
}
/**
* To override the referring page when submitting spam/ham later on
*
* @param string $referrer The referring page. Optional.
*/
public function setReferrer($referrer)
{
$this->comment['referrer'] = $referrer;
}
/**
* A permanent URL referencing the blog post the comment was submitted to.
*
* @param string $permalink The URL. Optional.
*/
public function setPermalink($permalink)
{
$this->comment['permalink'] = $permalink;
}
/**
* The type of comment being submitted.
*
* May be blank, comment, trackback, pingback, or a made up value like "registration" or "wiki".
*/
public function setCommentType($commentType)
{
$this->comment['comment_type'] = $commentType;
}
/**
* The name that the author submitted with the comment.
*/
public function setCommentAuthor($commentAuthor)
{
$this->comment['comment_author'] = $commentAuthor;
}
/**
* The email address that the author submitted with the comment.
*
* The address is assumed to be valid.
*/
public function setCommentAuthorEmail($authorEmail)
{
$this->comment['comment_author_email'] = $authorEmail;
}
/**
* The URL that the author submitted with the comment.
*/
public function setCommentAuthorURL($authorURL)
{
$this->comment['comment_author_url'] = $authorURL;
}
/**
* The comment's body text.
*/
public function setCommentContent($commentBody)
{
$this->comment['comment_content'] = $commentBody;
}
/**
* Defaults to 80
*/
public function setAPIPort($apiPort)
{
$this->apiPort = $apiPort;
}
/**
* Defaults to rest.akismet.com
*/
public function setAkismetServer($akismetServer)
{
$this->akismetServer = $akismetServer;
}
/**
* Defaults to '1.1'
*/
public function setAkismetVersion($akismetVersion)
{
$this->akismetVersion = $akismetVersion;
}
}
/**
* Utility class used by Akismet
*
* This class is used by Akismet to do the actual sending and receiving of data. It opens a connection to a remote host, sends some data and the reads the response and makes it available to the calling program.
*
* The code that makes up this class originates in the Akismet WordPress plugin, which is {@link http://akismet.com/download/ available on the Akismet website}.
*
* N.B. It is not necessary to call this class directly to use the Akismet class. This is included here mainly out of a sense of completeness.
*
* @name SocketWriteRead
* @version 0.1
* @author Alex Potsides
* @link http://www.achingbrain.net/
* @package cms
* @subpackage comments
*/
class SocketWriteRead
{
private $host;
private $port;
private $request;
private $response;
private $responseLength;
private $errorNumber;
private $errorString;
/**
* @param string $host The host to send/receive data.
* @param int $port The port on the remote host.
* @param string $request The data to send.
* @param int $responseLength The amount of data to read. Defaults to 1160 bytes.
*/
public function __construct($host, $port, $request, $responseLength = 1160)
{
$this->host = $host;
$this->port = $port;
$this->request = $request;
$this->responseLength = $responseLength;
$this->errorNumber = 0;
$this->errorString = '';
}
/**
* Sends the data to the remote host.
*
* @throws An exception is thrown if a connection cannot be made to the remote host.
*/
public function send()
{
$this->response = '';
$fs = fsockopen($this->host, $this->port, $this->errorNumber, $this->errorString, 3);
if($this->errorNumber != 0)
{
throw new Exception('Error connecting to host: ' . $this->host . ' Error number: ' . $this->errorNumber . ' Error message: ' . $this->errorString);
}
if($fs !== false)
{
@fwrite($fs, $this->request);
while(!feof($fs))
{
$this->response .= fgets($fs, $this->responseLength);
}
fclose($fs);
}
}
/**
* Returns the server response text
*
* @return string
*/
public function getResponse()
{
return $this->response;
}
/**
* Returns the error number
*
* If there was no error, 0 will be returned.
*
* @return int
*/
public function getErrorNumner()
{
return $this->errorNumber;
}
/**
* Returns the error string
*
* If there was no error, an empty string will be returned.
*
* @return string
*/
public function getErrorString()
{
return $this->errorString;
}
}
?>

91
code/sitefeatures/MathSpamProtection.php
View File

@ -1,91 +0,0 @@
<?php
/**
* Tools for adding an optional Maths protection question to a form.
*
* @package cms
* @subpackage comments
*/
class MathSpamProtection {
private static $mathProtection = false;
/**
* Creates the question from random variables, which are also saved to the session.
* @return String
*/
static function getMathQuestion(){
if(!Session::get("mathQuestionV1")&&!Session::get("mathQuestionV2")){
$v1 = rand(1,9);
$v2 = rand(1,9);
Session::set("mathQuestionV1",$v1);
Session::set("mathQuestionV2",$v2);
}
else{
$v1 = Session::get("mathQuestionV1");
$v2 = Session::get("mathQuestionV2");
}
return sprintf(
_t('MathSpamProtection.WHATIS',"What is %s plus %s?"),
MathSpamProtection::digitToWord($v1),
MathSpamProtection::digitToWord($v2)
);
}
/**
* Checks the given answer if it matches the addition of the saved session variables. Users can answer using words or digits.
*/
static function correctAnswer($answer){
$v1 = Session::get("mathQuestionV1");
$v2 = Session::get("mathQuestionV2");
Session::clear('mathQuestionV1');
Session::clear('mathQuestionV2');
if(MathSpamProtection::digitToWord($v1 + $v2) == $answer || ($v1 + $v2) == $answer){
return true;
}
return false;
}
/**
* Helper method for converting digits to their equivelant english words
*/
static function digitToWord($num){
$numbers = array(_t('MathSpamProtection.ZERO', 'zero'),
_t('MathSpamProtection.ONE', 'one'),
_t('MathSpamProtection.TWO', 'two'),
_t('MathSpamProtection.THREE', 'three'),
_t('MathSpamProtection.FOUR', 'four'),
_t('MathSpamProtection.FIVE', 'five'),
_t('MathSpamProtection.SIX', 'six'),
_t('MathSpamProtection.SEVEN', 'seven'),
_t('MathSpamProtection.EIGHT', 'eight'),
_t('MathSpamProtection.NINE', 'nine'),
_t('MathSpamProtection.TEN', 'ten'),
_t('MathSpamProtection.ELEVEN', 'eleven'),
_t('MathSpamProtection.TWELVE', 'twelve'),
_t('MathSpamProtection.THIRTEEN', 'thirteen'),
_t('MathSpamProtection.FOURTEEN', 'fourteen'),
_t('MathSpamProtection.FIFTEEN', 'fifteen'),
_t('MathSpamProtection.SIXTEEN', 'sixteen'),
_t('MathSpamProtection.SEVENTEEN', 'seventeen'),
_t('MathSpamProtection.EIGHTEEN', 'eighteen'));
if($num < 0) return "minus ".($numbers[-1*$num]);
return $numbers[$num];
}
static function isEnabled() {
return self::$mathProtection;
}
static function setEnabled($math = true) {
self::$mathProtection = $math;
}
}

366
code/sitefeatures/PageComment.php
View File

@ -1,366 +0,0 @@
<?php
/**
* Represents a single comment on a page
*
* @package cms
* @subpackage comments
*/
class PageComment extends DataObject {
static $db = array(
"Name" => "Varchar(200)",
"Comment" => "Text",
"IsSpam" => "Boolean",
"NeedsModeration" => "Boolean",
"CommenterURL" => "Varchar(255)",
"SessionID" => "Varchar(255)"
);
static $has_one = array(
"Parent" => "SiteTree",
"Author" => "Member" // Only set when the user is logged in when posting
);
static $has_many = array();
static $many_many = array();
static $defaults = array();
static $casting = array(
"RSSTitle" => "Varchar",
);
// Number of comments to show before paginating
static $comments_per_page = 10;
static $moderate = false;
static $bbcode = false;
/**
* Return a link to this comment
* @return string link to this comment.
*/
function Link() {
return $this->Parent()->Link() . '#PageComment_'. $this->ID;
}
function getRSSName() {
if($this->Name) {
return $this->Name;
} elseif($this->Author()) {
return $this->Author()->getName();
}
}
function ParsedBBCode(){
$parser = new BBCodeParser($this->Comment);
return $parser->parse();
}
function DeleteLink() {
return ($this->canDelete()) ? "PageComment_Controller/deletecomment/$this->ID" : false;
}
function CommentTextWithLinks() {
$pattern = '|([a-zA-Z]+://)([a-zA-Z0-9?&%.;:/=+_-]*)|is';
$replace = '<a rel="nofollow" href="$1$2">$1$2</a>';
return preg_replace($pattern, $replace, $this->Comment);
}
function SpamLink() {
return ($this->canEdit() && !$this->IsSpam) ? "PageComment_Controller/reportspam/$this->ID" : false;
}
function HamLink() {
return ($this->canEdit() && $this->IsSpam) ? "PageComment_Controller/reportham/$this->ID" : false;
}
function ApproveLink() {
return ($this->canEdit() && $this->NeedsModeration) ? "PageComment_Controller/approve/$this->ID" : false;
}
function SpamClass() {
if($this->getField('IsSpam')) {
return 'spam';
} else if($this->getField('NeedsModeration')) {
return 'unmoderated';
} else {
return 'notspam';
}
}
function RSSTitle() {
return sprintf(
_t('PageComment.COMMENTBY', "Comment by '%s' on %s", PR_MEDIUM, 'Name, Page Title'),
Convert::raw2xml($this->getRSSName()),
$this->Parent()->Title
);
}
function PageTitle() {
return $this->Parent()->Title;
}
static function enableModeration() {
self::$moderate = true;
}
static function moderationEnabled() {
return self::$moderate;
}
static function enableBBCode() {
self::$bbcode = true;
}
static function bbCodeEnabled() {
return self::$bbcode;
}
/**
*
* @param boolean $includerelations a boolean value to indicate if the labels returned include relation fields
*
*/
function fieldLabels($includerelations = true) {
$labels = parent::fieldLabels($includerelations);
$labels['Name'] = _t('PageComment.Name', 'Author Name');
$labels['Comment'] = _t('PageComment.Comment', 'Comment');
$labels['IsSpam'] = _t('PageComment.IsSpam', 'Spam?');
$labels['NeedsModeration'] = _t('PageComment.NeedsModeration', 'Needs Moderation?');
return $labels;
}
/**
* This method is called just before this object is
* written to the database.
*
* Specifically, make sure "http://" exists at the start
* of the URL, if it doesn't have https:// or http://
*/
public function onBeforeWrite() {
parent::onBeforeWrite();
$url = $this->CommenterURL;
if($url) {
if(strtolower(substr($url, 0, 8)) != 'https://' && strtolower(substr($url, 0, 7)) != 'http://') {
$this->CommenterURL = 'http://' . $url;
}
}
}
/**
* This always returns true, and should be handled by {@link PageCommentInterface->CanPostComment()}.
*
* @todo Integrate with PageCommentInterface::$comments_require_permission and $comments_require_login
*
* @param Member $member
* @return Boolean
*/
function canCreate($member = null) {
return true;
}
/**
* Checks for association with a page,
* and {@link SiteTree->ProvidePermission} flag being set to TRUE.
* Note: There's an additional layer of permission control
* in {@link PageCommentInterface}.
*
* @param Member $member
* @return Boolean
*/
function canView($member = null) {
if(!$member) $member = Member::currentUser();
// Standard mechanism for accepting permission changes from decorators
$extended = $this->extendedCan('canView', $member);
if($extended !== null) return $extended;
$page = $this->Parent();
return (
($page && $page->ProvideComments)
|| (bool)Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin')
);
}
/**
* Checks for "CMS_ACCESS_CommentAdmin" permission codes
* and {@link canView()}.
*
* @param Member $member
* @return Boolean
*/
function canEdit($member = null) {
if(!$member) $member = Member::currentUser();
// Standard mechanism for accepting permission changes from decorators
$extended = $this->extendedCan('canEdit', $member);
if($extended !== null) return $extended;
if(!$this->canView($member)) return false;
return (bool)Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin');
}
/**
* Checks for "CMS_ACCESS_CommentAdmin" permission codes
* and {@link canEdit()}.
*
* @param Member $member
* @return Boolean
*/
function canDelete($member = null) {
if(!$member) $member = Member::currentUser();
// Standard mechanism for accepting permission changes from decorators
$extended = $this->extendedCan('canDelete', $member);
if($extended !== null) return $extended;
return $this->canEdit($member);
}
}
/**
* @package cms
* @subpackage comments
*/
class PageComment_Controller extends Controller {
function rss() {
$parentcheck = isset($_REQUEST['pageid']) ? "\"ParentID\" = " . (int) $_REQUEST['pageid'] : "\"ParentID\" > 0";
$unmoderatedfilter = Permission::check('ADMIN') ? '' : "AND \"NeedsModeration\" = 0";
$comments = DataObject::get("PageComment", "$parentcheck AND \"IsSpam\" = 0 $unmoderatedfilter", "\"Created\" DESC", "", 10);
if(!isset($comments)) {
$comments = new DataObjectSet();
}
$rss = new RSSFeed($comments, "home/", "Page comments", "", "RSSTitle", "Comment", "RSSName");
$rss->outputToBrowser();
}
/**
* Deletes all comments on the page referenced by the url param pageid
*/
function deleteallcomments() {
$pageId = $_REQUEST['pageid'];
if(preg_match('/^\d+$/', $pageId)) {
$comments = DataObject::get("PageComment", "\"ParentID\" = $pageId");
if($comments) foreach($comments as $c) {
if($c->canDelete()) $c->delete();
}
}
if($this->isAjax()) {
echo "";
} else {
$this->redirectBack();
}
}
function deletecomment() {
$comment = DataObject::get_by_id("PageComment", $this->urlParams['ID']);
if($comment && $comment->canDelete()) {
$comment->delete();
}
if($this->isAjax()) {
echo "";
} else {
$this->redirectBack();
}
}
function approve() {
$comment = DataObject::get_by_id("PageComment", $this->urlParams['ID']);
if($comment && $comment->canEdit()) {
$comment->NeedsModeration = false;
$comment->write();
// @todo Report to spamprotecter this is true
if($this->isAjax()) {
echo $comment->renderWith('PageCommentInterface_singlecomment');
} else {
Director::redirectBack();
}
}
}
function reportspam() {
$comment = DataObject::get_by_id("PageComment", $this->urlParams['ID']);
if($comment && $comment->canEdit()) {
// if spam protection module exists
if(class_exists('SpamProtectorManager')) {
SpamProtectorManager::send_feedback($comment, 'spam');
}
// If Akismet is enabled
else if(SSAkismet::isEnabled()) {
try {
$akismet = new SSAkismet();
$akismet->setCommentAuthor($comment->getField('Name'));
$akismet->setCommentContent($comment->getField('Comment'));
$akismet->submitSpam();
} catch (Exception $e) {
// Akismet didn't work, most likely the service is down.
}
}
$comment->IsSpam = true;
$comment->NeedsModeration = false;
$comment->write();
}
if($this->isAjax()) {
if(SSAkismet::isEnabled() && SSAkismet::getSaveSpam()) {
echo $comment->renderWith('PageCommentInterface_singlecomment');
} else {
echo '';
}
} else {
$this->redirectBack();
}
}
/**
* Report a Spam Comment as valid comment (not spam)
*/
function reportham() {
$comment = DataObject::get_by_id("PageComment", $this->urlParams['ID']);
if($comment && $comment->canEdit()) {
// if spam protection module exists
if(class_exists('SpamProtectorManager')) {
SpamProtectorManager::send_feedback($comment, 'ham');
}
if(SSAkismet::isEnabled()) {
try {
$akismet = new SSAkismet();
$akismet->setCommentAuthor($comment->getField('Name'));
$akismet->setCommentContent($comment->getField('Comment'));
$akismet->submitHam();
} catch (Exception $e) {
// Akismet didn't work, most likely the service is down.
}
}
$comment->setField('IsSpam', false);
$comment->write();
}
if($this->isAjax()) {
echo $comment->renderWith('PageCommentInterface_singlecomment');
} else {
$this->redirectBack();
}
}
}
?>

377
code/sitefeatures/PageCommentInterface.php
View File

@ -1,377 +0,0 @@
<?php
/**
* Represents an interface for viewing and adding page comments
* Create one, passing the page discussed to the constructor. It can then be
* inserted into a template.
* @package cms
* @subpackage comments
*/
class PageCommentInterface extends RequestHandler {
static $url_handlers = array(
'$Item!' => '$Item',
);
static $allowed_actions = array(
'PostCommentForm',
);
protected $controller, $methodName, $page;
/**
* If this is true, you must be logged in to post a comment
* (and therefore, you don't need to specify a 'Your name' field unless
* your name is blank)
*
* @var bool
*/
static $comments_require_login = false;
/**
* If this is a valid permission code, you must be logged in
* and have the appropriate permission code on your account before you can
* post a comment.
*
* @var string
*/
static $comments_require_permission = "";
/**
* If this is true it will include the javascript for AJAX
* commenting. If it is set to false then it will not load
* the files required and it will fall back
*
* @var bool
*/
static $use_ajax_commenting = true;
/**
* If this is true then we should show the existing comments on
* the page even when we have disabled the comment form.
*
* If this is false the form + existing comments will be hidden
*
* @var bool
* @since 2.4 - Always show them by default
*/
static $show_comments_when_disabled = true;
/**
* Define how you want to order page comments by. By default order by newest
* to oldest.
*
* @var String - used as $orderby in DB query
* @since 2.4
*/
static $order_comments_by = "\"Created\" DESC";
/**
* Create a new page comment interface
* @param controller The controller that the interface is used on
* @param methodName The method to return this PageCommentInterface object
* @param page The page that we're commenting on
*/
function __construct($controller, $methodName, $page) {
$this->controller = $controller;
$this->methodName = $methodName;
$this->page = $page;
parent::__construct();
}
function Link() {
return Controller::join_links($this->controller->Link(), $this->methodName);
}
/**
* See {@link PageCommentInterface::$comments_require_login}
*
* @param boolean state The new state of this static field
*/
static function set_comments_require_login($state) {
self::$comments_require_login = (boolean) $state;
}
/**
* See {@link PageCommentInterface::$comments_require_permission}
*
* @param string permission The permission to check against.
*/
static function set_comments_require_permission($permission) {
self::$comments_require_permission = $permission;
}
/**
* See {@link PageCommentInterface::$show_comments_when_disabled}
*
* @param bool - show / hide the existing comments when disabled
*/
static function set_show_comments_when_disabled($state) {
self::$show_comments_when_disabled = $state;
}
/**
* See {@link PageCommentInterface::$order_comments_by}
*
* @param String
*/
static function set_order_comments_by($order) {
self::$order_comments_by = $order;
}
/**
* See {@link PageCommentInterface::$use_ajax_commenting}
*
* @param bool
*/
static function set_use_ajax_commenting($state) {
self::$use_ajax_commenting = $state;
}
function forTemplate() {
return $this->renderWith('PageCommentInterface');
}
/**
* @return boolean true if the currently logged in user can post a comment,
* false if they can't. Users can post comments by default, enforce
* security by using
* @link PageCommentInterface::set_comments_require_login() and
* @link {PageCommentInterface::set_comments_require_permission()}.
*/
static function CanPostComment() {
$member = Member::currentUser();
if(self::$comments_require_permission && $member && Permission::check(self::$comments_require_permission)) {
return true; // Comments require a certain permission, and the user has the correct permission
} elseif(self::$comments_require_login && $member && !self::$comments_require_permission) {
return true; // Comments only require that a member is logged in
} elseif(!self::$comments_require_permission && !self::$comments_require_login) {
return true; // Comments don't require anything - anyone can add a comment
}
return false;
}
/**
* if this page comment form requires users to have a
* valid permission code in order to post (used to customize the error
* message).
*
* @return bool
*/
function PostingRequiresPermission() {
return self::$comments_require_permission;
}
function Page() {
return $this->page;
}
function PostCommentForm() {
if(!$this->page->ProvideComments){
return false;
}
$fields = new FieldSet(
new HiddenField("ParentID", "ParentID", $this->page->ID)
);
$member = Member::currentUser();
if((self::$comments_require_login || self::$comments_require_permission) && $member && $member->FirstName) {
// note this was a ReadonlyField - which displayed the name in a span as well as the hidden field but
// it was not saving correctly. Have changed it to a hidden field. It passes the data correctly but I
// believe the id of the form field is wrong.
$fields->push(new ReadonlyField("NameView", _t('PageCommentInterface.YOURNAME', 'Your name'), $member->getName()));
$fields->push(new HiddenField("Name", "", $member->getName()));
} else {
$fields->push(new TextField("Name", _t('PageCommentInterface.YOURNAME', 'Your name')));
}
// optional commenter URL
$fields->push(new TextField("CommenterURL", _t('PageCommentInterface.COMMENTERURL', "Your website URL")));
if(MathSpamProtection::isEnabled()){
$fields->push(new TextField("Math", sprintf(_t('PageCommentInterface.SPAMQUESTION', "Spam protection question: %s"), MathSpamProtection::getMathQuestion())));
}
$fields->push(new TextareaField("Comment", _t('PageCommentInterface.YOURCOMMENT', "Comments")));
$form = new PageCommentInterface_Form($this, "PostCommentForm", $fields, new FieldSet(
new FormAction("postcomment", _t('PageCommentInterface.POST', 'Post'))), new RequiredFields('Name', 'Comment'));
// Set it so the user gets redirected back down to the form upon form fail
$form->setRedirectToFormOnValidationError(true);
// Optional Spam Protection.
if(class_exists('SpamProtectorManager')) {
SpamProtectorManager::update_form($form, null, array('Name' => 'author_name', 'CommenterURL' => 'author_url', 'Comment' => 'post_body'));
self::set_use_ajax_commenting(false);
}
// Shall We use AJAX?
if(self::$use_ajax_commenting) {
Requirements::javascript(SAPPHIRE_DIR . '/thirdparty/behaviour/behaviour.js');
Requirements::javascript(SAPPHIRE_DIR . '/thirdparty/prototype/prototype.js');
Requirements::javascript(SAPPHIRE_DIR . '/thirdparty/scriptaculous/effects.js');
Requirements::javascript(CMS_DIR . '/javascript/PageCommentInterface.js');
}
$this->extend('updatePageCommentForm', $form);
// Load the users data from a cookie
if($cookie = Cookie::get("PageCommentInterface_Data")) {
$form->loadDataFrom(unserialize($cookie));
}
return $form;
}
function Comments() {
// Comment limits
$limit = array();
$limit['start'] = isset($_GET['commentStart']) ? (int)$_GET['commentStart'] : 0;
$limit['limit'] = PageComment::$comments_per_page;
$spamfilter = isset($_GET['showspam']) ? '' : "AND \"IsSpam\" = 0";
$unmoderatedfilter = Permission::check('CMS_ACCESS_CommentAdmin') ? '' : "AND \"NeedsModeration\" = 0";
$order = self::$order_comments_by;
$comments = DataObject::get("PageComment", "\"ParentID\" = '" . Convert::raw2sql($this->page->ID) . "' $spamfilter $unmoderatedfilter", $order, "", $limit);
if(is_null($comments)) {
return;
}
// This allows us to use the normal 'start' GET variables as well (In the weird circumstance where you have paginated comments AND something else paginated)
$comments->setPaginationGetVar('commentStart');
return $comments;
}
function CommentRssLink() {
return Director::absoluteBaseURL() . "PageComment/rss?pageid=" . $this->page->ID;
}
/**
* A link to PageComment_Controller.deleteallcomments() which deletes all
* comments on a page referenced by the url param pageid
*/
function DeleteAllLink() {
if(Permission::check('CMS_ACCESS_CommentAdmin')) {
return Director::absoluteBaseURL() . "PageComment/deleteallcomments?pageid=" . $this->page->ID;
}
}
}
/**
* @package cms
* @subpackage comments
*/
class PageCommentInterface_Form extends Form {
function postcomment($data) {
Cookie::set("PageCommentInterface_Data", serialize($data));
// Spam filtering
if(SSAkismet::isEnabled()) {
try {
$akismet = new SSAkismet();
$akismet->setCommentAuthor($data['Name']);
$akismet->setCommentContent($data['Comment']);
if($akismet->isCommentSpam()) {
if(SSAkismet::getSaveSpam()) {
$comment = Object::create('PageComment');
$this->saveInto($comment);
$comment->setField("IsSpam", true);
$comment->write();
}
echo "<b>"._t('PageCommentInterface_Form.SPAMDETECTED', 'Spam detected!!') . "</b><br /><br />";
printf("If you believe this was in error, please email %s.", ereg_replace("@", " _(at)_", Email::getAdminEmail()));
echo "<br /><br />"._t('PageCommentInterface_Form.MSGYOUPOSTED', 'The message you posted was:'). "<br /><br />";
echo $data['Comment'];
return;
}
} catch (Exception $e) {
// Akismet didn't work, continue without spam check
}
}
//check if spam question was right.
if(MathSpamProtection::isEnabled()){
if(!MathSpamProtection::correctAnswer($data['Math'])){
if(!$this->controller->isAjax()) {
$this->controller->redirectBack();
}
return "spamprotectionfailed"; //used by javascript for checking if the spam question was wrong
}
}
// If commenting can only be done by logged in users, make sure the user is logged in
$member = Member::currentUser();
if(PageCommentInterface::CanPostComment() && $member) {
$this->Fields()->push(new HiddenField("AuthorID", "Author ID", $member->ID));
} elseif(!PageCommentInterface::CanPostComment()) {
echo "You're not able to post comments to this page. Please ensure you are logged in and have an appropriate permission level.";
return;
}
$comment = Object::create('PageComment');
$this->saveInto($comment);
// Store the Session ID if needed for Spamprotection
if($session = Session::get('mollom_user_session_id')) {
$comment->SessionID = $session;
Session::clear('mollom_user_session_id');
}
$comment->IsSpam = false;
$comment->NeedsModeration = PageComment::moderationEnabled();
$comment->write();
unset($data['Comment']);
Cookie::set("PageCommentInterface_Data", serialize($data));
$moderationMsg = _t('PageCommentInterface_Form.AWAITINGMODERATION', "Your comment has been submitted and is now awaiting moderation.");
if($this->controller->isAjax()) {
if($comment->NeedsModeration){
echo $moderationMsg;
} else{
echo $comment->renderWith('PageCommentInterface_singlecomment');
}
} else {
if($comment->NeedsModeration){
$this->sessionMessage($moderationMsg, 'good');
}
if($comment->ParentID) {
$page = DataObject::get_by_id("Page", $comment->ParentID);
if($page) {
// if it needs moderation then it won't appear in the list. Therefore
// we need to link to the comment holder rather than the individual comment
$url = ($comment->NeedsModeration) ? $page->Link() . '#PageComments_holder' : $page->Link() . '#PageComment_' . $comment->ID;
return Director::redirect($url);
}
}
return $this->controller->redirectBack(); // worst case, just go back to the page
}
}
}
/**
* @package cms
* @subpackage comments
*/
class PageCommentInterface_Controller extends ContentController {
function __construct() {
parent::__construct(null);
}
function newspamquestion() {
if($this->isAjax()) {
echo Convert::raw2xml(sprintf(_t('PageCommentInterface_Controller.SPAMQUESTION', "Spam protection question: %s"),MathSpamProtection::getMathQuestion()));
}
}
}
?>

46
code/sitefeatures/SSAkismet.php
View File

@ -1,46 +0,0 @@
<?php
/**
* The SSAkismet class provides spam detection for comments using http://akismet.com/.
* In order to use it, you must get an API key, which you can get free for non-commercial use by signing
* up for a http://www.wordpress.com account. Commercial keys can be bought at http://akismet.com/commercial/.
*
* To enable spam detection, set your API key in _config.php.
* The following lines should be added to **mysite/_config.php**
* (or to the _config.php in another folder if you're not using mysite).
*
* <code>
* SSAkismet::setAPIKey('<your-key>');
* </code>
*
* You can then view spam for a page by appending <i>?showspam=1</i> to the url, or use the {@link CommentAdmin} in the CMS.
*
* @see http://demo.silverstripe.com/blog Demo of SSAkismet in action
*
* @package cms
* @subpackage comments
*/
class SSAkismet extends Akismet {
private static $apiKey;
private static $saveSpam = true;
static function setAPIKey($key) {
self::$apiKey = $key;
}
static function isEnabled() {
return (self::$apiKey != null) ? true : false;
}
static function setSaveSpam($save = true) {
SSAkismet::$saveSpam = $save;
}
static function getSaveSpam() {
return SSAkismet::$saveSpam;
}
public function __construct() {
parent::__construct(Director::absoluteBaseURL(), self::$apiKey);
}
}
?>

249
javascript/PageCommentInterface.js
View File

@ -1,249 +0,0 @@
/**
* File: PageCommentInterface.js
*/
/**
* Class: PageCommentInterface
*
* Ajax to support the comment posting system
*/
PageCommentInterface = Class.create();
PageCommentInterface.prototype = {
initialize: function() {
Behaviour.register({
'#PageCommentInterface_Form_PostCommentForm_action_postcomment' : {
onclick : this.postComment
},
'#PageComments a.deletelink' : {
onclick : this.deleteComment
},
'#PageComments a.spamlink' : {
onclick : this.reportSpam
},
'#PageComments a.hamlink' : {
onclick : this.reportHam
},
'#PageComments a.approvelink' : {
onclick : this.approveComment
}
});
},
loadSpamQuestion: function(response) {
var spamQuestionDiv = $('Math');
var mathLabel = spamQuestionDiv.getElementsByTagName('label')[0];
mathLabel.innerHTML = response.responseText;
var mathQuestion = spamQuestionDiv.getElementsByTagName('input')[0];
mathQuestion.value = '';
},
postComment: function() {
var form = $("PageCommentInterface_Form_PostCommentForm");
var message = $("PageCommentInterface_Form_PostCommentForm_error");
if(form.elements.Name.value && form.elements.Comment.value) {
if(noComments = $('NoComments')) {
Element.remove(noComments);
var pageComments = document.createElement('ul');
pageComments.id = 'PageComments';
$('CommentHolder').appendChild(pageComments);
}
message.style.display = 'none';
// Create a new <li> for the post
var pageComments = $('PageComments').getElementsByTagName('li');
var __newComment = document.createElement('li');
// Add it to the list with a 'loading' message
$('PageComments').insertBefore(__newComment, pageComments[0]);
__newComment.innerHTML = '<p><img src="cms/images/network-save.gif" /> Loading...</p>';
// Submit the form via ajax
Ajax.SubmitForm(form, "action_postcomment", {
onSuccess : function(response) {
// Create an Ajax request to regenerate the spam protection question
//need to check if there is actually a spam question to change first
if(form.elements.Math){
new Ajax.Request(document.getElementsByTagName('base')[0].href+'PageCommentInterface_Controller/newspamquestion', {
onSuccess: loadSpamQuestion,
onFailure: Ajax.Evaluator
});
}
if(response.responseText != "spamprotectionfailed"){
__newComment.className ="even";
// Load the response into the new <li>
__newComment.innerHTML = response.responseText;
Behaviour.apply(__newComment);
// Flash it using Scriptaculous
new Effect.Highlight(__newComment, { endcolor: '#e9e9e9' } );
if(response.responseText.match('<b>Spam detected!!</b>')) {
__newComment.className = 'spam';
}
} else {
__newComment.innerHTML = "";
Behaviour.apply(__newComment);
message.style.display = '';
message.innerHTML = "You got the spam question wrong.";
}
},
onFailure : function(response) {
alert(response.responseText);
}
});
} else {
message.style.display = '';
message.innerHTML = "Please enter your name and a comment to be posted to the site.";
}
return false;
},
/**
* Ajax handler of moderation removal
*/
deleteComment: function() {
var __comment = this.parentNode.parentNode.parentNode;
__comment.getElementsByTagName('span')[0].innerHTML = "Removing...";
new Ajax.Request(this.href + '?ajax=1', {
onSuccess : function(response) {
// Clear our wee status message
__comment.getElementsByTagName('span')[0].innerHTML = "Removing...";
// Remove it using Scriptaculous
new Effect.Highlight(__comment, {
startcolor: '#cc9999' , endcolor: '#e9e9e9', duration: 0.5,
afterFinish : function () {
var commentList = __comment.parentNode;
commentList.removeChild(__comment);
if(!commentList.firstChild) {
$('CommentHolder').innerHTML = "<p id=\"NoComments\">No one has commented on this page yet.</p>";
}
}
} );
},
onFailure : function(response) {
alert(response.responseText);
}
});
return false;
},
/**
* Ajax handler of spam reporting
*/
reportSpam: function() {
var __comment = this.parentNode.parentNode.parentNode.parentNode;
__comment.getElementsByTagName('span')[0].innerHTML = "Reporting spam...";
new Ajax.Request(this.href + '?ajax=1', {
onSuccess : function(response) {
if(response.responseText != '') {
// Load the response into the <li>
__comment.innerHTML = response.responseText;
Behaviour.apply(__comment);
// Flash it using Scriptaculous
new Effect.Highlight(__comment, { endcolor: '#cc9999' } );
__comment.className = 'spam';
} else {
new Effect.Highlight(__comment, {
startcolor: '#cc9999' , endcolor: '#e9e9e9', duration: 0.5,
afterFinish : function() {
var commentList = __comment.parentNode;
commentList.removeChild(__comment);
if(!commentList.firstChild) {
$('CommentHolder').innerHTML = "<p id=\"NoComments\">No one has commented on this page yet.</p>";
}
}
} );
}
},
onFailure : function(response) {
alert(response.responseText);
}
});
return false;
},
/**
* Ajax handler of ham reporting
*/
reportHam: function() {
var __comment = this.parentNode.parentNode.parentNode.parentNode;
__comment.getElementsByTagName('span')[0].innerHTML = "Reporting as not spam...";
new Ajax.Request(this.href + '?ajax=1', {
onSuccess : function(response) {
// Load the response into the <li>
__comment.innerHTML = response.responseText;
Behaviour.apply(__comment);
// Flash it using Scriptaculous
new Effect.Highlight(__comment, { endcolor: '#e9e9e9' } );
__comment.className = 'notspam';
},
onFailure : function(response) {
alert(response.responseText);
}
});
return false;
},
/**
* Ajax handler of ham reporting
*/
approveComment: function() {
var __comment = this.parentNode.parentNode.parentNode.parentNode;
__comment.getElementsByTagName('span')[0].innerHTML = "Marking comment as approved...";
new Ajax.Request(this.href + '?ajax=1', {
onSuccess : function(response) {
// Load the response into the <li>
__comment.innerHTML = response.responseText;
Behaviour.apply(__comment);
// Flash it using Scriptaculous
new Effect.Highlight(__comment, { endcolor: '#e9e9e9' } );
__comment.className = 'notspam';
},
onFailure : function(response) {
alert(response.responseText);
}
});
return false;
}
}
PageCommentInterface.applyTo("#PageComments_holder");
function loadSpamQuestion(response) {
var spamQuestionDiv = $('Math');
var mathLabel = spamQuestionDiv.getElementsByTagName('label')[0];
mathLabel.innerHTML = response.responseText;
var mathQuestion = spamQuestionDiv.getElementsByTagName('input')[0];
mathQuestion.value = '';
}

65
templates/PageCommentInterface.ss
View File

@ -1,65 +0,0 @@
<div id="PageComments_holder" class="typography">
<h4><% _t('POSTCOM','Post your comment') %></h4>
<% if PostCommentForm %>
<% if CanPostComment %>
$PostCommentForm
<% else %>
<p><% _t('COMMENTLOGINERROR', 'You cannot post comments until you have logged in') %><% if PostingRequiresPermission %>,<% _t('COMMENTPERMISSIONERROR', 'and that you have an appropriate permission level') %><% end_if %>.
<a href="Security/login?BackURL={$Page.Link}" title="Login to post a comment"><% _t('COMMENTPOSTLOGIN', 'Login Here') %></a>.
</p>
<% end_if %>
<% else %>
<p><% _t('COMMENTSDISABLED', 'Posting comments has been disabled') %>.</p>
<% end_if %>
<h4><% _t('COMMENTS','Comments') %></h4>
<div id="CommentHolder">
<% if Comments %>
<ul id="PageComments">
<% control Comments %>
<li class="$EvenOdd<% if FirstLast %> $FirstLast <% end_if %> $SpamClass">
<% include PageCommentInterface_singlecomment %>
</li>
<% end_control %>
</ul>
<% if Comments.MoreThanOnePage %>
<div id="PageCommentsPagination">
<p>
<% if Comments.PrevLink %>
<a href="$Comments.PrevLink">&laquo; <% _t('PREV','previous') %></a>
<% end_if %>
<% if Comments.Pages %>
<% control Comments.Pages %>
<% if CurrentBool %>
<strong>$PageNum</strong>
<% else %>
<a href="$Link">$PageNum</a>
<% end_if %>
<% end_control %>
<% end_if %>
<% if Comments.NextLink %>
<a href="$Comments.NextLink"><% _t('NEXT','next') %> &raquo;</a>
<% end_if %>
</p>
</div>
<% end_if %>
<% else %>
<p id="NoComments"><% _t('NOCOMMENTSYET','No one has commented on this page yet.') %></p>
<% end_if %>
</div>
<% if DeleteAllLink %>
<p id="DeleteComments"><a href="$DeleteAllLink">
<% _t('PageCommentInterface.DELETEALLCOMMENTS','Delete all comments on this page') %>
</a></p>
<% end_if %>
<p id="CommentsRSSFeed">
<a class="commentrss" href="$CommentRssLink"><% _t('RSSFEEDCOMMENTS', 'RSS feed for comments on this page') %></a> |
<a href="PageComment/rss" class="commentrss" title="<% _t('RSSVIEWALLCOMMENTS', 'View all Comments') %>"><% _t('RSSFEEDALLCOMMENTS', 'RSS feed for all comments') %></a>
</p>
</div>

29
templates/PageCommentInterface_singlecomment.ss
View File

@ -1,29 +0,0 @@
<p class="comment" id="PageComment_$ID">
<% if bbCodeEnabled %>
$ParsedBBCode
<% else %>
$Comment.XML
<% end_if %>
</p>
<p class="info">
<% if CommenterURL %>
<% _t('PBY','Posted by') %> <a href="$CommenterURL.ATT">$Name.XML</a>, $Created.Nice ($Created.Ago)
<% else %>
<% _t('PBY','Posted by') %> $Name.XML, $Created.Nice ($Created.Ago)
<% end_if %>
</p>
<ul class="actionLinks">
<% if ApproveLink %>
<li><a href="$ApproveLink" class="approvelink"><% _t('APPROVE', 'approve this comment') %></a></li>
<% end_if %>
<% if SpamLink %>
<li><a href="$SpamLink" class="spamlink"><% _t('ISSPAM','this comment is spam') %></a></li>
<% end_if %>
<% if HamLink %>
<li><a href="$HamLink" class="hamlink"><% _t('ISNTSPAM','this comment is not spam') %></a></li>
<% end_if %>
<% if DeleteLink %>
<li class="last"><a href="$DeleteLink" class="deletelink"><% _t('REMCOM','remove this comment') %></a></li>
<% end_if %>
</ul>

16
tests/CMSMainTest.yml
View File

@ -62,22 +62,6 @@ SiteConfig_CreateTopLevelGroups:
createtoplevelgroups1:
SiteConfigID: =>SiteConfig.siteconfig1
GroupID: =>Group.rooteditusers
PageComment:
Comment1:
Name: Person
Comment: Very cool page
NeedsModeration: 1
EmailAddress: person@server.com
Comment2:
Name: Someone
Comment: I am a person
NeedsModeration: 0
EmailAddress: someone@somewhere.com
Comment3:
Name: Me
Comment: I like this comment
NeedsModeration: 1
EmailAddress: me@test.co.nz
RedirectorPage:
page5:
Title: Page 5

39
tests/CommentAdminTest.php
View File

@ -1,39 +0,0 @@
<?php
class CommentAdminTest extends FunctionalTest {
static $fixture_file = 'cms/tests/CMSMainTest.yml';
function testNumModerated() {
$comm = new CommentAdmin();
$resp = $comm->NumModerated();
$this->assertEquals(1, $resp);
}
function testNumUnmoderated(){
$comm = new CommentAdmin();
$resp = $comm->NumUnmoderated();
$this->assertEquals(2, $resp);
}
function testNumSpam(){
$comm = new CommentAdmin();
$resp = $comm->NumSpam();
$this->assertEquals(0, $resp);
}
function testdeletemarked(){
$comm = $this->objFromFixture('PageComment', 'Comment1');
$id = $comm->ID;
$this->logInWithPermission('CMS_ACCESS_CommentAdmin');
$result = $this->get("admin/comments/EditForm/field/Comments/item/$id/delete");
$checkComm = DataObject::get_by_id('PageComment',$id);
$this->assertFalse($checkComm);
}
}
?>

98
tests/PageCommentsTest.php
View File

@ -1,98 +0,0 @@
<?php
class PageCommentsTest extends FunctionalTest {
static $fixture_file = 'cms/tests/PageCommentsTest.yml';
function testCanView() {
$visitor = $this->objFromFixture('Member', 'visitor');
$admin = $this->objFromFixture('Member', 'commentadmin');
$comment = $this->objFromFixture('PageComment', 'firstComA');
$this->assertTrue($comment->canView($visitor),
'Unauthenticated members can view comments associated to a page with ProvideComments=1'
);
$this->assertTrue($comment->canView($admin),
'Admins with CMS_ACCESS_CommentAdmin permissions can view comments associated to a page with ProvideComments=1'
);
$disabledComment = $this->objFromFixture('PageComment', 'disabledCom');
$this->assertFalse($disabledComment->canView($visitor),
'Unauthenticated members can not view comments associated to a page with ProvideComments=0'
);
$this->assertTrue($disabledComment->canView($admin),
'Admins with CMS_ACCESS_CommentAdmin permissions can view comments associated to a page with ProvideComments=0'
);
}
function testCanEdit() {
$visitor = $this->objFromFixture('Member', 'visitor');
$admin = $this->objFromFixture('Member', 'commentadmin');
$comment = $this->objFromFixture('PageComment', 'firstComA');
$this->assertFalse($comment->canEdit($visitor));
$this->assertTrue($comment->canEdit($admin));
}
function testCanDelete() {
$visitor = $this->objFromFixture('Member', 'visitor');
$admin = $this->objFromFixture('Member', 'commentadmin');
$comment = $this->objFromFixture('PageComment', 'firstComA');
$this->assertFalse($comment->canEdit($visitor));
$this->assertTrue($comment->canEdit($admin));
}
function testDeleteComment() {
$firstPage = $this->objFromFixture('Page', 'first');
$this->autoFollowRedirection = false;
$this->logInAs('commentadmin');
$firstComment = $this->objFromFixture('PageComment', 'firstComA');
$firstCommentID = $firstComment->ID;
Director::test($firstPage->RelativeLink(), null, $this->session());
Director::test('PageComment/deletecomment/'.$firstComment->ID, null, $this->session());
$this->assertFalse(DataObject::get_by_id('PageComment', $firstCommentID));
}
function testDeleteAllCommentsOnPage() {
$second = $this->objFromFixture('Page', 'second');
$this->autoFollowRedirection = false;
$this->logInAs('commentadmin');
Director::test('second-page', null, $this->session());
Director::test('PageComment/deleteallcomments?pageid='.$second->ID,
null, $this->session());
Director::test('second-page', null, $this->session());
$secondComments = DataObject::get('PageComment', '"ParentID" = '.$second->ID);
$this->assertNull($secondComments);
$first = $this->objFromFixture('Page', 'first');
$firstComments = DataObject::get('PageComment', '"ParentID" = '.$first->ID);
$this->assertNotNull($firstComments);
$third = $this->objFromFixture('Page', 'third');
$thirdComments = DataObject::get('PageComment', '"ParentID" = '.$third->ID);
$this->assertEquals($thirdComments->Count(), 3);
}
function testCommenterURLWrite() {
$comment = new PageComment();
// We only care about the CommenterURL, so only set that
// Check a http and https URL. Add more test urls here as needed.
$protocols = array(
'Http',
'Https',
);
$url = '://example.com';
foreach($protocols as $protocol) {
$comment->CommenterURL = $protocol . $url;
// The protocol should stay as if, assuming it is valid
$comment->write();
$this->assertEquals($comment->CommenterURL, $protocol . $url, $protocol . ':// is a valid protocol');
}
}
}

62
tests/PageCommentsTest.yml
View File

@ -1,62 +0,0 @@
Member:
commentadmin:
FirstName: admin
visitor:
FirstName: visitor
Group:
commentadmins:
Title: Admin
Members: =>Member.commentadmin
Permission:
admin:
Code: CMS_ACCESS_CommentAdmin
Group: =>Group.commentadmins
Page:
first:
Title: First page
URLSegment: first-page
ProvideComments: 1
second:
Title: Second page
URLSegment: second-page
ProvideComments: 1
third:
Title: Third page
URLSegment:third-page
ProvideComments: 1
pageNoComments:
Title: No comments
URLSegment: no-comments
ProvideComments: 0
PageComment:
firstComA:
ParentID: =>Page.first
Name: FA
Comment: textFA
secondComA:
ParentID: =>Page.second
Name: SA
Comment: textSA
secondComB:
ParentID: =>Page.second
Name: SB
Comment: textSB
thirdComA:
ParentID: =>Page.third
Name: TA
Comment: textTA
thirdComB:
ParentID: =>Page.third
Name: TB
Comment: textTB
thirdComC:
ParentID: =>Page.third
Name: TC
Comment: textTC
disabledCom:
ParentID: =>Page.pageNoComments
Name: Disabled