2010-11-29 23:24:17 +01:00
|
|
|
<?php
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
namespace SilverStripe\Comments\Model;
|
|
|
|
|
|
2022-11-16 00:13:50 +01:00
|
|
|
use SilverStripe\Dev\Deprecation;
|
2017-01-16 20:57:37 +01:00
|
|
|
use HTMLPurifier;
|
2018-06-15 07:23:06 +02:00
|
|
|
use HTMLPurifier_Config;
|
2017-01-16 20:57:37 +01:00
|
|
|
use SilverStripe\Comments\Controllers\CommentingController;
|
|
|
|
|
use SilverStripe\Comments\Extensions\CommentsExtension;
|
|
|
|
|
use SilverStripe\Comments\Model\Comment\SecurityToken;
|
|
|
|
|
use SilverStripe\Control\Controller;
|
|
|
|
|
use SilverStripe\Control\Director;
|
|
|
|
|
use SilverStripe\Core\Injector\Injector;
|
2017-10-09 06:26:07 +02:00
|
|
|
use SilverStripe\Core\TempFolder;
|
2017-01-16 20:57:37 +01:00
|
|
|
use SilverStripe\Forms\CheckboxField;
|
|
|
|
|
use SilverStripe\Forms\EmailField;
|
|
|
|
|
use SilverStripe\Forms\FieldGroup;
|
|
|
|
|
use SilverStripe\Forms\FieldList;
|
2018-06-15 07:23:06 +02:00
|
|
|
use SilverStripe\Forms\Form;
|
2017-01-16 20:57:37 +01:00
|
|
|
use SilverStripe\Forms\HeaderField;
|
|
|
|
|
use SilverStripe\Forms\HTMLEditor\HTMLEditorField;
|
|
|
|
|
use SilverStripe\Forms\TextareaField;
|
|
|
|
|
use SilverStripe\Forms\TextField;
|
|
|
|
|
use SilverStripe\ORM\ArrayList;
|
|
|
|
|
use SilverStripe\ORM\DataObject;
|
2018-06-15 07:23:06 +02:00
|
|
|
use SilverStripe\ORM\FieldType\DBDatetime;
|
2017-01-16 20:57:37 +01:00
|
|
|
use SilverStripe\ORM\PaginatedList;
|
2018-06-15 07:23:06 +02:00
|
|
|
use SilverStripe\ORM\SS_List;
|
2017-01-16 20:57:37 +01:00
|
|
|
use SilverStripe\Security\Member;
|
|
|
|
|
use SilverStripe\Security\Permission;
|
|
|
|
|
|
2010-11-29 23:24:17 +01:00
|
|
|
/**
|
|
|
|
|
* Represents a single comment object.
|
2015-03-27 05:40:00 +01:00
|
|
|
*
|
2015-04-13 05:41:18 +02:00
|
|
|
* @property string $Name
|
|
|
|
|
* @property string $Comment
|
|
|
|
|
* @property string $Email
|
|
|
|
|
* @property string $URL
|
|
|
|
|
* @property string $BaseClass
|
2015-03-27 05:40:00 +01:00
|
|
|
* @property boolean $Moderated
|
2015-04-13 05:41:18 +02:00
|
|
|
* @property boolean $IsSpam True if the comment is known as spam
|
|
|
|
|
* @property integer $ParentID ID of the parent page / dataobject
|
|
|
|
|
* @property boolean $AllowHtml If true, treat $Comment as HTML instead of plain text
|
|
|
|
|
* @property string $SecretToken Secret admin token required to provide moderation links between sessions
|
2015-04-07 05:56:00 +02:00
|
|
|
* @property integer $Depth Depth of this comment in the nested chain
|
2015-04-13 05:41:18 +02:00
|
|
|
*
|
2015-04-07 05:56:00 +02:00
|
|
|
* @method HasManyList ChildComments() List of child comments
|
|
|
|
|
* @method Member Author() Member object who created this comment
|
2015-04-07 05:56:00 +02:00
|
|
|
* @method Comment ParentComment() Parent comment this is a reply to
|
2010-11-29 23:24:17 +01:00
|
|
|
* @package comments
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
class Comment extends DataObject
|
|
|
|
|
{
|
|
|
|
|
/**
|
2017-01-16 20:57:37 +01:00
|
|
|
* {@inheritDoc}
|
2016-02-19 01:48:25 +01:00
|
|
|
*/
|
|
|
|
|
private static $db = array(
|
|
|
|
|
'Name' => 'Varchar(200)',
|
|
|
|
|
'Comment' => 'Text',
|
|
|
|
|
'Email' => 'Varchar(200)',
|
|
|
|
|
'URL' => 'Varchar(255)',
|
|
|
|
|
'Moderated' => 'Boolean(0)',
|
|
|
|
|
'IsSpam' => 'Boolean(0)',
|
|
|
|
|
'AllowHtml' => 'Boolean',
|
|
|
|
|
'SecretToken' => 'Varchar(255)',
|
2017-01-16 20:57:37 +01:00
|
|
|
'Depth' => 'Int'
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $has_one = array(
|
2017-01-16 20:57:37 +01:00
|
|
|
'Author' => Member::class,
|
|
|
|
|
'ParentComment' => self::class,
|
|
|
|
|
'Parent' => DataObject::class
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $has_many = array(
|
2017-01-16 20:57:37 +01:00
|
|
|
'ChildComments' => self::class
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $default_sort = '"Created" DESC';
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $defaults = array(
|
|
|
|
|
'Moderated' => 0,
|
|
|
|
|
'IsSpam' => 0,
|
|
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $casting = array(
|
|
|
|
|
'Title' => 'Varchar',
|
|
|
|
|
'ParentTitle' => 'Varchar',
|
|
|
|
|
'ParentClassName' => 'Varchar',
|
|
|
|
|
'AuthorName' => 'Varchar',
|
|
|
|
|
'RSSName' => 'Varchar',
|
|
|
|
|
'DeleteLink' => 'Varchar',
|
2018-06-15 07:23:06 +02:00
|
|
|
'Date' => 'Datetime',
|
2016-02-19 01:48:25 +01:00
|
|
|
'SpamLink' => 'Varchar',
|
|
|
|
|
'HamLink' => 'Varchar',
|
|
|
|
|
'ApproveLink' => 'Varchar',
|
2017-01-16 20:57:37 +01:00
|
|
|
'Permalink' => 'Varchar'
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $searchable_fields = array(
|
|
|
|
|
'Name',
|
|
|
|
|
'Email',
|
|
|
|
|
'Comment',
|
2017-01-16 20:57:37 +01:00
|
|
|
'Created'
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $summary_fields = array(
|
2019-01-10 23:48:51 +01:00
|
|
|
'getAuthorName' => 'Submitted By',
|
|
|
|
|
'getAuthorEmail' => 'Email',
|
2016-02-19 01:48:25 +01:00
|
|
|
'Comment.LimitWordCount' => 'Comment',
|
|
|
|
|
'Created' => 'Date Posted',
|
2017-01-16 20:57:37 +01:00
|
|
|
'Parent.Title' => 'Post',
|
|
|
|
|
'IsSpam' => 'Is Spam'
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
private static $field_labels = array(
|
2017-01-16 20:57:37 +01:00
|
|
|
'Author' => 'Author Member'
|
2016-02-19 01:48:25 +01:00
|
|
|
);
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
|
|
|
|
private static $table_name = 'Comment';
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
public function onBeforeWrite()
|
|
|
|
|
{
|
|
|
|
|
parent::onBeforeWrite();
|
|
|
|
|
|
|
|
|
|
// Sanitize HTML, because its expected to be passed to the template unescaped later
|
|
|
|
|
if ($this->AllowHtml) {
|
|
|
|
|
$this->Comment = $this->purifyHtml($this->Comment);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check comment depth
|
|
|
|
|
$this->updateDepth();
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
public function onBeforeDelete()
|
|
|
|
|
{
|
|
|
|
|
parent::onBeforeDelete();
|
|
|
|
|
|
|
|
|
|
// Delete all children
|
|
|
|
|
foreach ($this->ChildComments() as $comment) {
|
|
|
|
|
$comment->delete();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return Comment_SecurityToken
|
|
|
|
|
*/
|
|
|
|
|
public function getSecurityToken()
|
|
|
|
|
{
|
2017-01-16 20:57:37 +01:00
|
|
|
return Injector::inst()->createWithArgs(SecurityToken::class, array($this));
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return a link to this comment
|
|
|
|
|
*
|
|
|
|
|
* @param string $action
|
|
|
|
|
*
|
|
|
|
|
* @return string link to this comment.
|
|
|
|
|
*/
|
|
|
|
|
public function Link($action = '')
|
|
|
|
|
{
|
2017-01-16 20:57:37 +01:00
|
|
|
if ($parent = $this->Parent()) {
|
2016-02-19 01:48:25 +01:00
|
|
|
return $parent->Link($action) . '#' . $this->Permalink();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Returns the permalink for this {@link Comment}. Inserted into
|
|
|
|
|
* the ID tag of the comment
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function Permalink()
|
|
|
|
|
{
|
|
|
|
|
$prefix = $this->getOption('comment_permalink_prefix');
|
|
|
|
|
return $prefix . $this->ID;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Translate the form field labels for the CMS administration
|
|
|
|
|
*
|
|
|
|
|
* @param boolean $includerelations
|
|
|
|
|
*
|
|
|
|
|
* @return array
|
|
|
|
|
*/
|
|
|
|
|
public function fieldLabels($includerelations = true)
|
|
|
|
|
{
|
|
|
|
|
$labels = parent::fieldLabels($includerelations);
|
|
|
|
|
|
2019-01-11 00:25:20 +01:00
|
|
|
$labels['Name'] = _t(__CLASS__ . '.NAME', 'Author name');
|
2018-06-15 07:23:06 +02:00
|
|
|
$labels['Comment'] = _t(__CLASS__ . '.COMMENT', 'Comment');
|
|
|
|
|
$labels['Email'] = _t(__CLASS__ . '.EMAIL', 'Email');
|
|
|
|
|
$labels['URL'] = _t(__CLASS__ . '.URL', 'URL');
|
|
|
|
|
$labels['IsSpam'] = _t(__CLASS__ . '.ISSPAM', 'Spam?');
|
|
|
|
|
$labels['Moderated'] = _t(__CLASS__ . '.MODERATED', 'Moderated?');
|
|
|
|
|
$labels['ParentTitle'] = _t(__CLASS__ . '.PARENTTITLE', 'Parent');
|
|
|
|
|
$labels['Created'] = _t(__CLASS__ . '.CREATED', 'Date posted');
|
2016-02-19 01:48:25 +01:00
|
|
|
|
|
|
|
|
return $labels;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Get the commenting option
|
|
|
|
|
*
|
|
|
|
|
* @param string $key
|
|
|
|
|
*
|
|
|
|
|
* @return mixed Result if the setting is available, or null otherwise
|
|
|
|
|
*/
|
|
|
|
|
public function getOption($key)
|
|
|
|
|
{
|
|
|
|
|
// If possible use the current record
|
2017-01-16 20:57:37 +01:00
|
|
|
$record = $this->Parent();
|
2016-02-19 01:48:25 +01:00
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
if (!$record && $this->Parent()) {
|
2016-02-19 01:48:25 +01:00
|
|
|
// Otherwise a singleton of that record
|
2017-01-16 20:57:37 +01:00
|
|
|
$record = singleton($this->Parent()->dataClass());
|
2016-02-19 01:48:25 +01:00
|
|
|
} elseif (!$record) {
|
|
|
|
|
// Otherwise just use the default options
|
2017-01-16 20:57:37 +01:00
|
|
|
$record = singleton(CommentsExtension::class);
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
return ($record instanceof CommentsExtension || $record->hasExtension(CommentsExtension::class))
|
|
|
|
|
? $record->getCommentsOption($key)
|
|
|
|
|
: null;
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Returns the parent {@link DataObject} this comment is attached too
|
|
|
|
|
*
|
2017-01-16 20:57:37 +01:00
|
|
|
* @deprecated 4.0.0 Use $this->Parent() instead
|
2016-02-19 01:48:25 +01:00
|
|
|
* @return DataObject
|
|
|
|
|
*/
|
|
|
|
|
public function getParent()
|
|
|
|
|
{
|
2022-11-16 00:13:50 +01:00
|
|
|
Deprecation::notice('4.0.0', 'Use $this->Parent() instead');
|
2016-02-19 01:48:25 +01:00
|
|
|
return $this->BaseClass && $this->ParentID
|
|
|
|
|
? DataObject::get_by_id($this->BaseClass, $this->ParentID, true)
|
|
|
|
|
: null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Returns a string to help identify the parent of the comment
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getParentTitle()
|
|
|
|
|
{
|
2017-01-16 20:57:37 +01:00
|
|
|
if ($parent = $this->Parent()) {
|
2016-02-19 01:48:25 +01:00
|
|
|
return $parent->Title ?: ($parent->ClassName . ' #' . $parent->ID);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Comment-parent classnames obviously vary, return the parent classname
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getParentClassName()
|
|
|
|
|
{
|
2017-01-16 20:57:37 +01:00
|
|
|
return $this->Parent()->getClassName();
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* {@inheritDoc}
|
|
|
|
|
*/
|
2016-02-19 01:48:25 +01:00
|
|
|
public function castingHelper($field)
|
|
|
|
|
{
|
|
|
|
|
// Safely escape the comment
|
2017-01-16 20:57:37 +01:00
|
|
|
if (in_array($field, ['EscapedComment', 'Comment'], true)) {
|
2016-02-19 01:48:25 +01:00
|
|
|
return $this->AllowHtml ? 'HTMLText' : 'Text';
|
|
|
|
|
}
|
|
|
|
|
return parent::castingHelper($field);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Content to be safely escaped on the frontend
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getEscapedComment()
|
|
|
|
|
{
|
|
|
|
|
return $this->Comment;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return whether this comment is a preview (has not been written to the db)
|
|
|
|
|
*
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
public function isPreview()
|
|
|
|
|
{
|
|
|
|
|
return !$this->exists();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @todo needs to compare to the new {@link Commenting} configuration API
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member
|
2017-01-16 20:57:37 +01:00
|
|
|
* @param array $context
|
2016-02-19 01:48:25 +01:00
|
|
|
* @return bool
|
|
|
|
|
*/
|
2017-01-16 20:57:37 +01:00
|
|
|
public function canCreate($member = null, $context = [])
|
2016-02-19 01:48:25 +01:00
|
|
|
{
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Checks for association with a page, and {@link SiteTree->ProvidePermission}
|
|
|
|
|
* flag being set to true.
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member
|
|
|
|
|
* @return Boolean
|
|
|
|
|
*/
|
|
|
|
|
public function canView($member = null)
|
|
|
|
|
{
|
|
|
|
|
$member = $this->getMember($member);
|
|
|
|
|
|
|
|
|
|
$extended = $this->extendedCan('canView', $member);
|
|
|
|
|
if ($extended !== null) {
|
|
|
|
|
return $extended;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin')) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
if ($parent = $this->Parent()) {
|
2016-02-19 01:48:25 +01:00
|
|
|
return $parent->canView($member)
|
2017-01-16 20:57:37 +01:00
|
|
|
&& $parent->hasExtension(CommentsExtension::class)
|
2016-02-19 01:48:25 +01:00
|
|
|
&& $parent->CommentsEnabled;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Checks if the comment can be edited.
|
|
|
|
|
*
|
|
|
|
|
* @param null|int|Member $member
|
|
|
|
|
* @return Boolean
|
|
|
|
|
*/
|
|
|
|
|
public function canEdit($member = null)
|
|
|
|
|
{
|
|
|
|
|
$member = $this->getMember($member);
|
|
|
|
|
|
|
|
|
|
if (!$member) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$extended = $this->extendedCan('canEdit', $member);
|
|
|
|
|
if ($extended !== null) {
|
|
|
|
|
return $extended;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin')) {
|
|
|
|
|
return true;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
if ($parent = $this->Parent()) {
|
2016-02-19 01:48:25 +01:00
|
|
|
return $parent->canEdit($member);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Checks if the comment can be deleted.
|
|
|
|
|
*
|
|
|
|
|
* @param null|int|Member $member
|
|
|
|
|
* @return Boolean
|
|
|
|
|
*/
|
|
|
|
|
public function canDelete($member = null)
|
|
|
|
|
{
|
|
|
|
|
$member = $this->getMember($member);
|
|
|
|
|
|
|
|
|
|
if (!$member) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$extended = $this->extendedCan('canDelete', $member);
|
|
|
|
|
if ($extended !== null) {
|
|
|
|
|
return $extended;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $this->canEdit($member);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Resolves Member object.
|
|
|
|
|
*
|
|
|
|
|
* @param Member|int|null $member
|
|
|
|
|
* @return Member|null
|
|
|
|
|
*/
|
|
|
|
|
protected function getMember($member = null)
|
|
|
|
|
{
|
|
|
|
|
if (!$member) {
|
|
|
|
|
$member = Member::currentUser();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (is_numeric($member)) {
|
2017-01-16 20:57:37 +01:00
|
|
|
$member = DataObject::get_by_id(Member::class, $member, true);
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $member;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Return the authors name for the comment
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getAuthorName()
|
|
|
|
|
{
|
|
|
|
|
if ($this->Name) {
|
|
|
|
|
return $this->Name;
|
|
|
|
|
} elseif ($author = $this->Author()) {
|
|
|
|
|
return $author->getName();
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2019-01-10 23:48:51 +01:00
|
|
|
/**
|
|
|
|
|
* Return the comment authors email address
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getAuthorEmail()
|
|
|
|
|
{
|
|
|
|
|
if ($this->Email) {
|
|
|
|
|
return $this->Email;
|
|
|
|
|
} elseif ($author = $this->Author()) {
|
|
|
|
|
return $author->Email;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
/**
|
|
|
|
|
* Generate a secure admin-action link authorised for the specified member
|
|
|
|
|
*
|
|
|
|
|
* @param string $action An action on CommentingController to link to
|
|
|
|
|
* @param Member $member The member authorised to invoke this action
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
protected function actionLink($action, $member = null)
|
|
|
|
|
{
|
|
|
|
|
if (!$member) {
|
|
|
|
|
$member = Member::currentUser();
|
|
|
|
|
}
|
|
|
|
|
if (!$member) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
/**
|
|
|
|
|
* @todo: How do we handle "DataObject" instances that don't have a Link to reject/spam/delete?? This may
|
|
|
|
|
* we have to make CMS a hard dependency instead.
|
|
|
|
|
*/
|
|
|
|
|
// if (!$this->Parent()->hasMethod('Link')) {
|
|
|
|
|
// return false;
|
|
|
|
|
// }
|
|
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
$url = Controller::join_links(
|
|
|
|
|
Director::baseURL(),
|
2017-01-16 20:57:37 +01:00
|
|
|
'comments',
|
2016-02-19 01:48:25 +01:00
|
|
|
$action,
|
|
|
|
|
$this->ID
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// Limit access for this user
|
|
|
|
|
$token = $this->getSecurityToken();
|
|
|
|
|
return $token->addToUrl($url, $member);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Link to delete this comment
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function DeleteLink($member = null)
|
|
|
|
|
{
|
|
|
|
|
if ($this->canDelete($member)) {
|
|
|
|
|
return $this->actionLink('delete', $member);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Link to mark as spam
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function SpamLink($member = null)
|
|
|
|
|
{
|
|
|
|
|
if ($this->canEdit($member) && !$this->IsSpam) {
|
|
|
|
|
return $this->actionLink('spam', $member);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Link to mark as not-spam (ham)
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function HamLink($member = null)
|
|
|
|
|
{
|
|
|
|
|
if ($this->canEdit($member) && $this->IsSpam) {
|
|
|
|
|
return $this->actionLink('ham', $member);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Link to approve this comment
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function ApproveLink($member = null)
|
|
|
|
|
{
|
|
|
|
|
if ($this->canEdit($member) && !$this->Moderated) {
|
|
|
|
|
return $this->actionLink('approve', $member);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Mark this comment as spam
|
|
|
|
|
*/
|
|
|
|
|
public function markSpam()
|
|
|
|
|
{
|
|
|
|
|
$this->IsSpam = true;
|
|
|
|
|
$this->Moderated = true;
|
|
|
|
|
$this->write();
|
|
|
|
|
$this->extend('afterMarkSpam');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Mark this comment as approved
|
|
|
|
|
*/
|
|
|
|
|
public function markApproved()
|
|
|
|
|
{
|
|
|
|
|
$this->IsSpam = false;
|
|
|
|
|
$this->Moderated = true;
|
|
|
|
|
$this->write();
|
|
|
|
|
$this->extend('afterMarkApproved');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Mark this comment as unapproved
|
|
|
|
|
*/
|
|
|
|
|
public function markUnapproved()
|
|
|
|
|
{
|
|
|
|
|
$this->Moderated = false;
|
|
|
|
|
$this->write();
|
|
|
|
|
$this->extend('afterMarkUnapproved');
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function SpamClass()
|
|
|
|
|
{
|
|
|
|
|
if ($this->IsSpam) {
|
|
|
|
|
return 'spam';
|
|
|
|
|
} elseif (!$this->Moderated) {
|
|
|
|
|
return 'unmoderated';
|
|
|
|
|
} else {
|
|
|
|
|
return 'notspam';
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getTitle()
|
|
|
|
|
{
|
2022-04-13 00:22:29 +02:00
|
|
|
$title = sprintf(_t(__CLASS__ . '.COMMENTBY', 'Comment by %s', 'Name') ?? '', $this->getAuthorName());
|
2016-02-19 01:48:25 +01:00
|
|
|
|
2017-01-16 20:57:37 +01:00
|
|
|
if ($parent = $this->Parent()) {
|
2016-02-19 01:48:25 +01:00
|
|
|
if ($parent->Title) {
|
2018-06-15 07:23:06 +02:00
|
|
|
$title .= sprintf(' %s %s', _t(__CLASS__ . '.ON', 'on'), $parent->Title);
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $title;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
* Modify the default fields shown to the user
|
|
|
|
|
*/
|
|
|
|
|
public function getCMSFields()
|
|
|
|
|
{
|
2017-01-16 20:57:37 +01:00
|
|
|
$commentField = $this->AllowHtml ? HTMLEditorField::class : TextareaField::class;
|
2016-02-19 01:48:25 +01:00
|
|
|
$fields = new FieldList(
|
|
|
|
|
$this
|
|
|
|
|
->obj('Created')
|
|
|
|
|
->scaffoldFormField($this->fieldLabel('Created'))
|
|
|
|
|
->performReadonlyTransformation(),
|
2016-06-10 16:04:03 +02:00
|
|
|
TextField::create('Name', $this->fieldLabel('Name')),
|
2016-02-19 01:48:25 +01:00
|
|
|
$commentField::create('Comment', $this->fieldLabel('Comment')),
|
|
|
|
|
EmailField::create('Email', $this->fieldLabel('Email')),
|
|
|
|
|
TextField::create('URL', $this->fieldLabel('URL')),
|
|
|
|
|
FieldGroup::create(array(
|
|
|
|
|
CheckboxField::create('Moderated', $this->fieldLabel('Moderated')),
|
|
|
|
|
CheckboxField::create('IsSpam', $this->fieldLabel('IsSpam')),
|
|
|
|
|
))
|
2018-06-15 07:23:06 +02:00
|
|
|
->setTitle(_t(__CLASS__ . '.OPTIONS', 'Options'))
|
2016-02-19 01:48:25 +01:00
|
|
|
->setDescription(_t(
|
2018-06-15 07:23:06 +02:00
|
|
|
__CLASS__ . '.OPTION_DESCRIPTION',
|
2016-02-19 01:48:25 +01:00
|
|
|
'Unmoderated and spam comments will not be displayed until approved'
|
|
|
|
|
))
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// Show member name if given
|
|
|
|
|
if (($author = $this->Author()) && $author->exists()) {
|
|
|
|
|
$fields->insertAfter(
|
|
|
|
|
TextField::create('AuthorMember', $this->fieldLabel('Author'), $author->Title)
|
|
|
|
|
->performReadonlyTransformation(),
|
|
|
|
|
'Name'
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Show parent comment if given
|
|
|
|
|
if (($parent = $this->ParentComment()) && $parent->exists()) {
|
|
|
|
|
$fields->push(new HeaderField(
|
|
|
|
|
'ParentComment_Title',
|
2018-06-15 07:23:06 +02:00
|
|
|
_t(__CLASS__ . '.ParentComment_Title', 'This comment is a reply to the below')
|
2016-02-19 01:48:25 +01:00
|
|
|
));
|
|
|
|
|
// Created date
|
2016-01-08 06:51:14 +01:00
|
|
|
// FIXME - the method setName in DatetimeField is not chainable, hence
|
|
|
|
|
// the lack of chaining here
|
|
|
|
|
$createdField = $parent
|
2017-01-16 20:57:37 +01:00
|
|
|
->obj('Created')
|
|
|
|
|
->scaffoldFormField($parent->fieldLabel('Created'));
|
2016-01-08 06:51:14 +01:00
|
|
|
$createdField->setName('ParentComment_Created');
|
|
|
|
|
$createdField->setValue($parent->Created);
|
|
|
|
|
$createdField->performReadonlyTransformation();
|
|
|
|
|
$fields->push($createdField);
|
2015-04-22 07:00:28 +02:00
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
// Name (could be member or string value)
|
|
|
|
|
$fields->push(
|
|
|
|
|
$parent
|
|
|
|
|
->obj('AuthorName')
|
|
|
|
|
->scaffoldFormField($parent->fieldLabel('AuthorName'))
|
|
|
|
|
->setName('ParentComment_AuthorName')
|
|
|
|
|
->setValue($parent->getAuthorName())
|
|
|
|
|
->performReadonlyTransformation()
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
// Comment body
|
|
|
|
|
$fields->push(
|
|
|
|
|
$parent
|
|
|
|
|
->obj('EscapedComment')
|
2017-01-16 20:57:37 +01:00
|
|
|
->scaffoldFormField($parent->fieldLabel(self::class))
|
2016-02-19 01:48:25 +01:00
|
|
|
->setName('ParentComment_EscapedComment')
|
|
|
|
|
->setValue($parent->Comment)
|
|
|
|
|
->performReadonlyTransformation()
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->extend('updateCMSFields', $fields);
|
|
|
|
|
return $fields;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
2017-01-16 20:57:37 +01:00
|
|
|
* @param string $dirtyHtml
|
2016-02-19 01:48:25 +01:00
|
|
|
*
|
2017-01-16 20:57:37 +01:00
|
|
|
* @return string
|
2016-02-19 01:48:25 +01:00
|
|
|
*/
|
|
|
|
|
public function purifyHtml($dirtyHtml)
|
|
|
|
|
{
|
2017-09-14 01:12:07 +02:00
|
|
|
if ($service = $this->getHtmlPurifierService()) {
|
|
|
|
|
return $service->purify($dirtyHtml);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $dirtyHtml;
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* @return HTMLPurifier (or anything with a "purify()" method)
|
|
|
|
|
*/
|
|
|
|
|
public function getHtmlPurifierService()
|
|
|
|
|
{
|
2017-09-14 01:12:07 +02:00
|
|
|
if (!class_exists(HTMLPurifier_Config::class)) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
$config = HTMLPurifier_Config::createDefault();
|
2017-01-16 20:57:37 +01:00
|
|
|
$allowedElements = (array) $this->getOption('html_allowed_elements');
|
|
|
|
|
if (!empty($allowedElements)) {
|
|
|
|
|
$config->set('HTML.AllowedElements', $allowedElements);
|
|
|
|
|
}
|
2016-01-11 18:02:08 +01:00
|
|
|
|
|
|
|
|
// This injector cannot be set unless the 'p' element is allowed
|
2022-04-13 00:22:29 +02:00
|
|
|
if (in_array('p', $allowedElements ?? [])) {
|
2016-01-11 18:02:08 +01:00
|
|
|
$config->set('AutoFormat.AutoParagraph', true);
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
$config->set('AutoFormat.Linkify', true);
|
|
|
|
|
$config->set('URI.DisableExternalResources', true);
|
2017-10-09 06:26:07 +02:00
|
|
|
$config->set('Cache.SerializerPath', TempFolder::getTempFolder(BASE_PATH));
|
2016-02-19 01:48:25 +01:00
|
|
|
return new HTMLPurifier($config);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Calculate the Gravatar link from the email address
|
|
|
|
|
*
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function Gravatar()
|
|
|
|
|
{
|
|
|
|
|
$gravatar = '';
|
|
|
|
|
$use_gravatar = $this->getOption('use_gravatar');
|
2017-09-18 04:16:24 +02:00
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
if ($use_gravatar) {
|
2022-04-13 00:22:29 +02:00
|
|
|
$gravatar = 'https://www.gravatar.com/avatar/' . md5(strtolower(trim($this->Email ?? '')));
|
2016-02-19 01:48:25 +01:00
|
|
|
$gravatarsize = $this->getOption('gravatar_size');
|
|
|
|
|
$gravatardefault = $this->getOption('gravatar_default');
|
|
|
|
|
$gravatarrating = $this->getOption('gravatar_rating');
|
2018-05-11 15:02:00 +02:00
|
|
|
$gravatar .= '?' . http_build_query(array(
|
|
|
|
|
's' => $gravatarsize,
|
|
|
|
|
'd' => $gravatardefault,
|
|
|
|
|
'r' => $gravatarrating,
|
|
|
|
|
));
|
2016-02-19 01:48:25 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return $gravatar;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Determine if replies are enabled for this instance
|
|
|
|
|
*
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
public function getRepliesEnabled()
|
|
|
|
|
{
|
|
|
|
|
// Check reply option
|
|
|
|
|
if (!$this->getOption('nested_comments')) {
|
|
|
|
|
return false;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check if depth is limited
|
|
|
|
|
$maxLevel = $this->getOption('nested_depth');
|
|
|
|
|
$notSpam = ($this->SpamClass() == 'notspam');
|
|
|
|
|
return $notSpam && (!$maxLevel || $this->Depth < $maxLevel);
|
|
|
|
|
}
|
|
|
|
|
|
2018-07-03 01:00:40 +02:00
|
|
|
/**
|
|
|
|
|
* Proxy for checking whether the has permission to comment on the comment parent.
|
|
|
|
|
*
|
|
|
|
|
* @param Member $member Member to check
|
|
|
|
|
*
|
|
|
|
|
* @return boolean
|
|
|
|
|
*/
|
|
|
|
|
public function canPostComment($member = null)
|
|
|
|
|
{
|
|
|
|
|
return $this->Parent()
|
|
|
|
|
&& $this->Parent()->exists()
|
|
|
|
|
&& $this->Parent()->canPostComment($member);
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
/**
|
|
|
|
|
* Returns the list of all replies
|
|
|
|
|
*
|
|
|
|
|
* @return SS_List
|
|
|
|
|
*/
|
|
|
|
|
public function AllReplies()
|
|
|
|
|
{
|
|
|
|
|
// No replies if disabled
|
|
|
|
|
if (!$this->getRepliesEnabled()) {
|
|
|
|
|
return new ArrayList();
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Get all non-spam comments
|
|
|
|
|
$order = $this->getOption('order_replies_by')
|
|
|
|
|
?: $this->getOption('order_comments_by');
|
|
|
|
|
$list = $this
|
|
|
|
|
->ChildComments()
|
|
|
|
|
->sort($order);
|
|
|
|
|
|
|
|
|
|
$this->extend('updateAllReplies', $list);
|
|
|
|
|
return $list;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Returns the list of replies, with spam and unmoderated items excluded, for use in the frontend
|
|
|
|
|
*
|
|
|
|
|
* @return SS_List
|
|
|
|
|
*/
|
|
|
|
|
public function Replies()
|
|
|
|
|
{
|
|
|
|
|
// No replies if disabled
|
|
|
|
|
if (!$this->getRepliesEnabled()) {
|
|
|
|
|
return new ArrayList();
|
|
|
|
|
}
|
|
|
|
|
$list = $this->AllReplies();
|
|
|
|
|
|
|
|
|
|
// Filter spam comments for non-administrators if configured
|
2017-01-16 20:57:37 +01:00
|
|
|
$parent = $this->Parent();
|
2016-02-19 01:48:25 +01:00
|
|
|
$showSpam = $this->getOption('frontend_spam') && $parent && $parent->canModerateComments();
|
|
|
|
|
if (!$showSpam) {
|
|
|
|
|
$list = $list->filter('IsSpam', 0);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Filter un-moderated comments for non-administrators if moderation is enabled
|
|
|
|
|
$showUnmoderated = $parent && (
|
|
|
|
|
($parent->ModerationRequired === 'None')
|
|
|
|
|
|| ($this->getOption('frontend_moderation') && $parent->canModerateComments())
|
|
|
|
|
);
|
|
|
|
|
if (!$showUnmoderated) {
|
|
|
|
|
$list = $list->filter('Moderated', 1);
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$this->extend('updateReplies', $list);
|
|
|
|
|
return $list;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Returns the list of replies paged, with spam and unmoderated items excluded, for use in the frontend
|
|
|
|
|
*
|
|
|
|
|
* @return PaginatedList
|
|
|
|
|
*/
|
|
|
|
|
public function PagedReplies()
|
|
|
|
|
{
|
|
|
|
|
$list = $this->Replies();
|
|
|
|
|
|
|
|
|
|
// Add pagination
|
|
|
|
|
$list = new PaginatedList($list, Controller::curr()->getRequest());
|
2017-01-16 20:57:37 +01:00
|
|
|
$list->setPaginationGetVar('repliesstart' . $this->ID);
|
2016-02-19 01:48:25 +01:00
|
|
|
$list->setPageLength($this->getOption('comments_per_page'));
|
|
|
|
|
|
|
|
|
|
$this->extend('updatePagedReplies', $list);
|
|
|
|
|
return $list;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/**
|
|
|
|
|
* Generate a reply form for this comment
|
|
|
|
|
*
|
|
|
|
|
* @return Form
|
|
|
|
|
*/
|
|
|
|
|
public function ReplyForm()
|
|
|
|
|
{
|
|
|
|
|
// Ensure replies are enabled
|
|
|
|
|
if (!$this->getRepliesEnabled()) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Check parent is available
|
2017-01-16 20:57:37 +01:00
|
|
|
$parent = $this->Parent();
|
2016-02-19 01:48:25 +01:00
|
|
|
if (!$parent || !$parent->exists()) {
|
|
|
|
|
return null;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
// Build reply controller
|
|
|
|
|
$controller = CommentingController::create();
|
|
|
|
|
$controller->setOwnerRecord($parent);
|
2017-01-16 20:57:37 +01:00
|
|
|
$controller->setParentClass($parent->ClassName);
|
2016-02-19 01:48:25 +01:00
|
|
|
$controller->setOwnerController(Controller::curr());
|
|
|
|
|
|
|
|
|
|
return $controller->ReplyForm($this);
|
|
|
|
|
}
|
|
|
|
|
|
2018-06-15 07:23:06 +02:00
|
|
|
/**
|
|
|
|
|
* @return string
|
|
|
|
|
*/
|
|
|
|
|
public function getDate()
|
|
|
|
|
{
|
|
|
|
|
return $this->Created;
|
|
|
|
|
}
|
|
|
|
|
|
2016-02-19 01:48:25 +01:00
|
|
|
/**
|
|
|
|
|
* Refresh of this comment in the hierarchy
|
|
|
|
|
*/
|
|
|
|
|
public function updateDepth()
|
|
|
|
|
{
|
|
|
|
|
$parent = $this->ParentComment();
|
|
|
|
|
if ($parent && $parent->exists()) {
|
|
|
|
|
$parent->updateDepth();
|
|
|
|
|
$this->Depth = $parent->Depth + 1;
|
|
|
|
|
} else {
|
|
|
|
|
$this->Depth = 1;
|
|
|
|
|
}
|
|
|
|
|
}
|
2012-03-17 00:21:58 +01:00
|
|
|
}
|
