ENHANCEMENT If a user posts a spamcomment and it's saved, ensure the form is correctly redirected to

This commit is contained in:
Damian Mooyman 2015-04-01 17:12:47 +13:00
parent e576717c26
commit 0b49de3648
3 changed files with 61 additions and 41 deletions

View File

@ -373,27 +373,30 @@ class CommentingController extends Controller {
$this->extend('onBeforePostComment', $form); $this->extend('onBeforePostComment', $form);
// If commenting can only be done by logged in users, make sure the user is logged in // If commenting can only be done by logged in users, make sure the user is logged in
$member = Member::currentUser();
if(Commenting::can_member_post($class) && $member) {
$form->Fields()->push(new HiddenField("AuthorID", "Author ID", $member->ID));
}
if(!Commenting::can_member_post($class)) { if(!Commenting::can_member_post($class)) {
echo _t('CommentingController.PERMISSIONFAILURE', "You're not able to post comments to this page. Please ensure you are logged in and have an appropriate permission level."); return Security::permissionFailure(
$this,
return; _t(
'CommentingController.PERMISSIONFAILURE',
"You're not able to post comments to this page. Please ensure you are logged in and have an "
. "appropriate permission level."
)
);
} }
if($member = Member::currentUser()) {
$form->Fields()->push(new HiddenField("AuthorID", "Author ID", $member->ID));
}
// is moderation turned on // is moderation turned on
$moderated = Commenting::get_config_value($class, 'require_moderation'); $requireModeration = Commenting::get_config_value($class, 'require_moderation');
if(!$moderated){ if(!$requireModeration){
$moderated_nonmembers = Commenting::get_config_value($class, 'require_moderation_nonmembers'); $requireModerationNonmembers = Commenting::get_config_value($class, 'require_moderation_nonmembers');
$moderated = $moderated_nonmembers ? !Member::currentUser() : false; $requireModeration = $requireModerationNonmembers ? !Member::currentUser() : false;
} }
// we want to show a notification if comments are moderated // we want to show a notification if comments are moderated
if ($moderated) { if ($requireModeration) {
Session::set('CommentsModerated', 1); Session::set('CommentsModerated', 1);
} }
@ -402,7 +405,7 @@ class CommentingController extends Controller {
$form->saveInto($comment); $form->saveInto($comment);
$comment->AllowHtml = Commenting::get_config_value($class, 'html_allowed'); $comment->AllowHtml = Commenting::get_config_value($class, 'html_allowed');
$comment->Moderated = ($moderated) ? false : true; $comment->Moderated = !$requireModeration;
// Save into DB, or call pre-save hooks to give accurate preview // Save into DB, or call pre-save hooks to give accurate preview
if($isPreview) { if($isPreview) {
@ -410,19 +413,36 @@ class CommentingController extends Controller {
} else { } else {
$comment->write(); $comment->write();
// extend hook to allow extensions. Also see onBeforePostComment // extend hook to allow extensions. Also see onBeforePostComment
$this->extend('onAfterPostComment', $comment); $this->extend('onAfterPostComment', $comment);
} }
// clear the users comment since it passed validation // clear the users comment since it passed validation
Cookie::set('CommentsForm_Comment', false); Cookie::set('CommentsForm_Comment', false);
$holder = Commenting::get_config_value($comment->BaseClass, 'comments_holder_id'); // Find parent link
if(!empty($data['ReturnURL'])) {
$url = $data['ReturnURL'];
} elseif($parent = $comment->getParent()) {
$url = $parent->Link();
} else {
return $this->redirectBack();
}
$hash = ($moderated) ? $holder : $comment->Permalink(); // Given a redirect page exists, attempt to link to the correct anchor
$url = (isset($data['ReturnURL'])) ? $data['ReturnURL'] : false; if(!$comment->Moderated) {
// Display the "awaiting moderation" text
return ($url) ? $this->redirect($url .'#'. $hash) : $this->redirectBack(); $holder = Commenting::get_config_value($comment->BaseClass, 'comments_holder_id');
$hash = "{$holder}_PostCommentForm_error";
} elseif($comment->IsSpam) {
// Link to the form with the error message contained
$hash = $form->FormName();
} else {
// Link to the moderated, non-spam comment
$hash = $comment->Permalink();
}
return $this->redirect(Controller::join_links($url, "#{$hash}"));
} }
public function doPreviewComment($data, $form) { public function doPreviewComment($data, $form) {

View File

@ -1,11 +1,11 @@
<% if CommentsEnabled %> <% if $CommentsEnabled %>
<div id="$CommentHolderID" class="comments-holder-container"> <div id="$CommentHolderID" class="comments-holder-container">
<h4><% _t('CommentsInterface_ss.POSTCOM','Post your comment') %></h4> <h4><% _t('CommentsInterface_ss.POSTCOM','Post your comment') %></h4>
<% if AddCommentForm %> <% if $AddCommentForm %>
<% if CanPost %> <% if $CanPost %>
<% if ModeratedSubmitted %> <% if $ModeratedSubmitted %>
<p id="$CommentHolderID_PostCommentForm_error" class="message good"><% _t('CommentsInterface_ss.AWAITINGMODERATION', 'Your comment has been submitted and is now awaiting moderation.') %></p> <p id="{$CommentHolderID}_PostCommentForm_error" class="message good"><% _t('CommentsInterface_ss.AWAITINGMODERATION', 'Your comment has been submitted and is now awaiting moderation.') %></p>
<% end_if %> <% end_if %>
$AddCommentForm $AddCommentForm
<% else %> <% else %>
@ -20,25 +20,25 @@
<h4><% _t('CommentsInterface_ss.COMMENTS','Comments') %></h4> <h4><% _t('CommentsInterface_ss.COMMENTS','Comments') %></h4>
<div class="comments-holder"> <div class="comments-holder">
<% if Comments %> <% if $Comments %>
<ul class="comments-list"> <ul class="comments-list">
<% loop Comments %> <% loop $Comments %>
<li class="comment $EvenOdd<% if FirstLast %> $FirstLast <% end_if %> $SpamClass"> <li class="comment $EvenOdd<% if FirstLast %> $FirstLast <% end_if %> $SpamClass">
<% include CommentsInterface_singlecomment %> <% include CommentsInterface_singlecomment %>
</li> </li>
<% end_loop %> <% end_loop %>
</ul> </ul>
<% if Comments.MoreThanOnePage %> <% if $Comments.MoreThanOnePage %>
<div class="comments-pagination"> <div class="comments-pagination">
<p> <p>
<% if Comments.PrevLink %> <% if $Comments.PrevLink %>
<a href="$Comments.PrevLink" class="previous">&laquo; <% _t('CommentsInterface_ss.PREV','previous') %></a> <a href="$Comments.PrevLink" class="previous">&laquo; <% _t('CommentsInterface_ss.PREV','previous') %></a>
<% end_if %> <% end_if %>
<% if Comments.Pages %> <% if $Comments.Pages %>
<% loop Comments.Pages %> <% loop $Comments.Pages %>
<% if CurrentBool %> <% if $CurrentBool %>
<strong>$PageNum</strong> <strong>$PageNum</strong>
<% else %> <% else %>
<a href="$Link">$PageNum</a> <a href="$Link">$PageNum</a>
@ -46,7 +46,7 @@
<% end_loop %> <% end_loop %>
<% end_if %> <% end_if %>
<% if Comments.NextLink %> <% if $Comments.NextLink %>
<a href="$Comments.NextLink" class="next"><% _t('CommentsInterface_ss.NEXT','next') %> &raquo;</a> <a href="$Comments.NextLink" class="next"><% _t('CommentsInterface_ss.NEXT','next') %> &raquo;</a>
<% end_if %> <% end_if %>
</p> </p>
@ -58,7 +58,7 @@
</div> </div>
<% if DeleteAllLink %> <% if $DeleteAllLink %>
<p class="delete-comments"> <p class="delete-comments">
<a href="$DeleteAllLink"><% _t('CommentsInterface_ss.PageCommentInterface.DELETEALLCOMMENTS','Delete all comments on this page') %></a> <a href="$DeleteAllLink"><% _t('CommentsInterface_ss.PageCommentInterface.DELETEALLCOMMENTS','Delete all comments on this page') %></a>
</p> </p>

View File

@ -1,4 +1,4 @@
<div class="comment" id="<% if isPreview %>comment-preview<% else %>$Permalink<% end_if %>"> <div class="comment" id="<% if $isPreview %>comment-preview<% else %>$Permalink<% end_if %>">
<% if $Gravatar %><img class="gravatar" src="$Gravatar" alt="Gravatar for $Name" title="Gravatar for $Name" /><% end_if %> <% if $Gravatar %><img class="gravatar" src="$Gravatar" alt="Gravatar for $Name" title="Gravatar for $Name" /><% end_if %>
$EscapedComment $EscapedComment
</div> </div>
@ -14,16 +14,16 @@
<% if $ApproveLink || $SpamLink || $HamLink || $DeleteLink %> <% if $ApproveLink || $SpamLink || $HamLink || $DeleteLink %>
<ul class="action-links"> <ul class="action-links">
<% if ApproveLink %> <% if $ApproveLink %>
<li><a href="$ApproveLink.ATT" class="approve"><% _t('CommentsInterface_singlecomment_ss.APPROVE', 'approve this comment') %></a></li> <li><a href="$ApproveLink.ATT" class="approve"><% _t('CommentsInterface_singlecomment_ss.APPROVE', 'approve this comment') %></a></li>
<% end_if %> <% end_if %>
<% if SpamLink %> <% if $SpamLink %>
<li><a href="$SpamLink.ATT" class="spam"><% _t('CommentsInterface_singlecomment_ss.ISSPAM','this comment is spam') %></a></li> <li><a href="$SpamLink.ATT" class="spam"><% _t('CommentsInterface_singlecomment_ss.ISSPAM','this comment is spam') %></a></li>
<% end_if %> <% end_if %>
<% if HamLink %> <% if $HamLink %>
<li><a href="$HamLink.ATT" class="ham"><% _t('CommentsInterface_singlecomment_ss.ISNTSPAM','this comment is not spam') %></a></li> <li><a href="$HamLink.ATT" class="ham"><% _t('CommentsInterface_singlecomment_ss.ISNTSPAM','this comment is not spam') %></a></li>
<% end_if %> <% end_if %>
<% if DeleteLink %> <% if $DeleteLink %>
<li class="last"><a href="$DeleteLink.ATT" class="delete"><% _t('CommentsInterface_singlecomment_ss.REMCOM','remove this comment') %></a></li> <li class="last"><a href="$DeleteLink.ATT" class="delete"><% _t('CommentsInterface_singlecomment_ss.REMCOM','remove this comment') %></a></li>
<% end_if %> <% end_if %>
</ul> </ul>