ENHANCEMENT If a user posts a spamcomment and it's saved, ensure the form is correctly redirected to

This commit is contained in:
Damian Mooyman 2015-04-01 17:12:47 +13:00
parent e576717c26
commit 0b49de3648
3 changed files with 61 additions and 41 deletions

View File

@ -373,27 +373,30 @@ class CommentingController extends Controller {
$this->extend('onBeforePostComment', $form);
// If commenting can only be done by logged in users, make sure the user is logged in
$member = Member::currentUser();
if(!Commenting::can_member_post($class)) {
return Security::permissionFailure(
$this,
_t(
'CommentingController.PERMISSIONFAILURE',
"You're not able to post comments to this page. Please ensure you are logged in and have an "
. "appropriate permission level."
)
);
}
if(Commenting::can_member_post($class) && $member) {
if($member = Member::currentUser()) {
$form->Fields()->push(new HiddenField("AuthorID", "Author ID", $member->ID));
}
if(!Commenting::can_member_post($class)) {
echo _t('CommentingController.PERMISSIONFAILURE', "You're not able to post comments to this page. Please ensure you are logged in and have an appropriate permission level.");
return;
}
// is moderation turned on
$moderated = Commenting::get_config_value($class, 'require_moderation');
if(!$moderated){
$moderated_nonmembers = Commenting::get_config_value($class, 'require_moderation_nonmembers');
$moderated = $moderated_nonmembers ? !Member::currentUser() : false;
$requireModeration = Commenting::get_config_value($class, 'require_moderation');
if(!$requireModeration){
$requireModerationNonmembers = Commenting::get_config_value($class, 'require_moderation_nonmembers');
$requireModeration = $requireModerationNonmembers ? !Member::currentUser() : false;
}
// we want to show a notification if comments are moderated
if ($moderated) {
if ($requireModeration) {
Session::set('CommentsModerated', 1);
}
@ -402,7 +405,7 @@ class CommentingController extends Controller {
$form->saveInto($comment);
$comment->AllowHtml = Commenting::get_config_value($class, 'html_allowed');
$comment->Moderated = ($moderated) ? false : true;
$comment->Moderated = !$requireModeration;
// Save into DB, or call pre-save hooks to give accurate preview
if($isPreview) {
@ -410,19 +413,36 @@ class CommentingController extends Controller {
} else {
$comment->write();
// extend hook to allow extensions. Also see onBeforePostComment
$this->extend('onAfterPostComment', $comment);
// extend hook to allow extensions. Also see onBeforePostComment
$this->extend('onAfterPostComment', $comment);
}
// clear the users comment since it passed validation
Cookie::set('CommentsForm_Comment', false);
$holder = Commenting::get_config_value($comment->BaseClass, 'comments_holder_id');
// Find parent link
if(!empty($data['ReturnURL'])) {
$url = $data['ReturnURL'];
} elseif($parent = $comment->getParent()) {
$url = $parent->Link();
} else {
return $this->redirectBack();
}
$hash = ($moderated) ? $holder : $comment->Permalink();
$url = (isset($data['ReturnURL'])) ? $data['ReturnURL'] : false;
// Given a redirect page exists, attempt to link to the correct anchor
if(!$comment->Moderated) {
// Display the "awaiting moderation" text
$holder = Commenting::get_config_value($comment->BaseClass, 'comments_holder_id');
$hash = "{$holder}_PostCommentForm_error";
} elseif($comment->IsSpam) {
// Link to the form with the error message contained
$hash = $form->FormName();
} else {
// Link to the moderated, non-spam comment
$hash = $comment->Permalink();
}
return ($url) ? $this->redirect($url .'#'. $hash) : $this->redirectBack();
return $this->redirect(Controller::join_links($url, "#{$hash}"));
}
public function doPreviewComment($data, $form) {

View File

@ -1,11 +1,11 @@
<% if CommentsEnabled %>
<% if $CommentsEnabled %>
<div id="$CommentHolderID" class="comments-holder-container">
<h4><% _t('CommentsInterface_ss.POSTCOM','Post your comment') %></h4>
<% if AddCommentForm %>
<% if CanPost %>
<% if ModeratedSubmitted %>
<p id="$CommentHolderID_PostCommentForm_error" class="message good"><% _t('CommentsInterface_ss.AWAITINGMODERATION', 'Your comment has been submitted and is now awaiting moderation.') %></p>
<% if $AddCommentForm %>
<% if $CanPost %>
<% if $ModeratedSubmitted %>
<p id="{$CommentHolderID}_PostCommentForm_error" class="message good"><% _t('CommentsInterface_ss.AWAITINGMODERATION', 'Your comment has been submitted and is now awaiting moderation.') %></p>
<% end_if %>
$AddCommentForm
<% else %>
@ -20,25 +20,25 @@
<h4><% _t('CommentsInterface_ss.COMMENTS','Comments') %></h4>
<div class="comments-holder">
<% if Comments %>
<% if $Comments %>
<ul class="comments-list">
<% loop Comments %>
<% loop $Comments %>
<li class="comment $EvenOdd<% if FirstLast %> $FirstLast <% end_if %> $SpamClass">
<% include CommentsInterface_singlecomment %>
</li>
<% end_loop %>
</ul>
<% if Comments.MoreThanOnePage %>
<% if $Comments.MoreThanOnePage %>
<div class="comments-pagination">
<p>
<% if Comments.PrevLink %>
<% if $Comments.PrevLink %>
<a href="$Comments.PrevLink" class="previous">&laquo; <% _t('CommentsInterface_ss.PREV','previous') %></a>
<% end_if %>
<% if Comments.Pages %>
<% loop Comments.Pages %>
<% if CurrentBool %>
<% if $Comments.Pages %>
<% loop $Comments.Pages %>
<% if $CurrentBool %>
<strong>$PageNum</strong>
<% else %>
<a href="$Link">$PageNum</a>
@ -46,7 +46,7 @@
<% end_loop %>
<% end_if %>
<% if Comments.NextLink %>
<% if $Comments.NextLink %>
<a href="$Comments.NextLink" class="next"><% _t('CommentsInterface_ss.NEXT','next') %> &raquo;</a>
<% end_if %>
</p>
@ -58,7 +58,7 @@
</div>
<% if DeleteAllLink %>
<% if $DeleteAllLink %>
<p class="delete-comments">
<a href="$DeleteAllLink"><% _t('CommentsInterface_ss.PageCommentInterface.DELETEALLCOMMENTS','Delete all comments on this page') %></a>
</p>

View File

@ -1,4 +1,4 @@
<div class="comment" id="<% if isPreview %>comment-preview<% else %>$Permalink<% end_if %>">
<div class="comment" id="<% if $isPreview %>comment-preview<% else %>$Permalink<% end_if %>">
<% if $Gravatar %><img class="gravatar" src="$Gravatar" alt="Gravatar for $Name" title="Gravatar for $Name" /><% end_if %>
$EscapedComment
</div>
@ -14,16 +14,16 @@
<% if $ApproveLink || $SpamLink || $HamLink || $DeleteLink %>
<ul class="action-links">
<% if ApproveLink %>
<% if $ApproveLink %>
<li><a href="$ApproveLink.ATT" class="approve"><% _t('CommentsInterface_singlecomment_ss.APPROVE', 'approve this comment') %></a></li>
<% end_if %>
<% if SpamLink %>
<% if $SpamLink %>
<li><a href="$SpamLink.ATT" class="spam"><% _t('CommentsInterface_singlecomment_ss.ISSPAM','this comment is spam') %></a></li>
<% end_if %>
<% if HamLink %>
<% if $HamLink %>
<li><a href="$HamLink.ATT" class="ham"><% _t('CommentsInterface_singlecomment_ss.ISNTSPAM','this comment is not spam') %></a></li>
<% end_if %>
<% if DeleteLink %>
<% if $DeleteLink %>
<li class="last"><a href="$DeleteLink.ATT" class="delete"><% _t('CommentsInterface_singlecomment_ss.REMCOM','remove this comment') %></a></li>
<% end_if %>
</ul>