Adding new moderation lists

This commit is contained in:
Christopher Pitt 2015-04-13 15:41:18 +12:00
parent 128fa67f65
commit 162ad33e26
8 changed files with 412 additions and 180 deletions

View File

@ -1,3 +1,5 @@
<?php <?php
Deprecation::notification_version('2.0', 'comments'); Deprecation::notification_version('2.0', 'comments');
define('COMMENTS_DIR', ltrim(Director::makeRelative(realpath(__DIR__)), DIRECTORY_SEPARATOR));

View File

@ -48,36 +48,56 @@ class CommentAdmin extends LeftAndMain implements PermissionProvider {
$commentsConfig = CommentsGridFieldConfig::create(); $commentsConfig = CommentsGridFieldConfig::create();
$needs = new GridField( $newComments = Comment::get()->filter('Moderated', 0);
'Comments',
_t('CommentsAdmin.NeedsModeration', 'Needs Moderation'), $newGrid = new GridField(
Comment::get()->filter('Moderated',0), 'NewComments',
_t('CommentsAdmin.NewComments', 'Unmoderated'),
$newComments,
$commentsConfig $commentsConfig
); );
$moderated = new GridField( $approvedComments = Comment::get()->filter('Moderated', 1)->filter('IsSpam', 0);
'CommentsModerated',
_t('CommentsAdmin.Moderated', 'Moderated'), $approvedGrid = new GridField(
Comment::get()->filter('Moderated',1), 'ApprovedComments',
_t('CommentsAdmin.ApprovedComments', 'Displayed'),
$approvedComments,
$commentsConfig $commentsConfig
); );
$spamComments = Comment::get()->filter('Moderated', 1)->filter('IsSpam', 1);
$spamGrid = new GridField(
'SpamComments',
_t('CommentsAdmin.SpamComments', 'Spam'),
$spamComments,
$commentsConfig
);
$newCount = '(' . count($newComments) . ')';
$approvedCount = '(' . count($approvedComments) . ')';
$spamCount = '(' . count($spamComments) . ')';
$fields = new FieldList( $fields = new FieldList(
$root = new TabSet( $root = new TabSet(
'Root', 'Root',
new Tab('NeedsModeration', _t('CommentAdmin.NeedsModeration', 'Needs Moderation'), new Tab('NewComments', _t('CommentAdmin.NewComments', 'Unmoderated') . ' ' . $newCount,
$needs $newGrid
), ),
new Tab('Comments', _t('CommentAdmin.Moderated', 'Moderated'), new Tab('ApprovedComments', _t('CommentAdmin.ApprovedComments', 'Displayed') . ' ' . $approvedCount,
$moderated $approvedGrid
),
new Tab('SpamComments', _t('CommentAdmin.SpamComments', 'Spam') . ' ' . $spamCount,
$spamGrid
) )
) )
); );
$root->setTemplate('CMSTabSet'); $root->setTemplate('CMSTabSet');
$actions = new FieldList(); $actions = new FieldList();
$form = new Form( $form = new Form(
$this, $this,
'EditForm', 'EditForm',
@ -88,7 +108,7 @@ class CommentAdmin extends LeftAndMain implements PermissionProvider {
$form->addExtraClass('cms-edit-form'); $form->addExtraClass('cms-edit-form');
$form->setTemplate($this->getTemplatesWithSuffix('_EditForm')); $form->setTemplate($this->getTemplatesWithSuffix('_EditForm'));
if($form->Fields()->hasTabset()) { if($form->Fields()->hasTabset()) {
$form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet'); $form->Fields()->findOrMakeTab('Root')->setTemplate('CMSTabSet');
$form->addExtraClass('center ss-tabset cms-tabset ' . $this->BaseCSSClasses()); $form->addExtraClass('center ss-tabset cms-tabset ' . $this->BaseCSSClasses());
} }

View File

@ -0,0 +1,102 @@
<?php
class CommentsGridFieldAction implements GridField_ColumnProvider, GridField_ActionProvider {
/**
* {@inheritdoc}
*/
public function augmentColumns($gridField, &$columns) {
if(!in_array('Actions', $columns)) {
$columns[] = 'Actions';
}
}
/**
* {@inheritdoc}
*/
public function getColumnAttributes($gridField, $record, $columnName) {
return array('class' => 'col-buttons');
}
/**
* {@inheritdoc}
*/
public function getColumnMetadata($gridField, $columnName) {
if($columnName == 'Actions') {
return array('title' => '');
}
}
/**
* {@inheritdoc}
*/
public function getColumnsHandled($gridField) {
return array('Actions');
}
/**
* {@inheritdoc}
*/
public function getColumnContent($gridField, $record, $columnName) {
if(!$record->canEdit()) return;
$field = "";
$field .= GridField_FormAction::create(
$gridField,
'CustomAction' . $record->ID,
'Mark As Spam',
'spam',
array('RecordID' => $record->ID)
)->Field();
$field .= GridField_FormAction::create(
$gridField,
'CustomAction' . $record->ID,
'Mark As Not Spam',
'not_spam',
array('RecordID' => $record->ID)
)->Field();
return $field;
}
/**
* {@inheritdoc}
*/
public function getActions($gridField) {
return array('spam', 'not_spam');
}
/**
* {@inheritdoc}
*/
public function handleAction(GridField $gridField, $actionName, $arguments, $data) {
if($actionName == 'spam') {
$comment = Comment::get()->byID($arguments["RecordID"]);
$comment->Moderated = true;
$comment->IsSpam = true;
$comment->write();
// output a success message to the user
Controller::curr()->getResponse()->setStatusCode(
200,
'Comment marked as spam.'
);
}
if($actionName == 'not_spam') {
$comment = Comment::get()->byID($arguments["RecordID"]);
$comment->Moderated = true;
$comment->IsSpam = false;
$comment->write();
// output a success message to the user
Controller::curr()->getResponse()->setStatusCode(
200,
'Comment marked as not spam.'
);
}
}
}

View File

@ -12,14 +12,16 @@ class CommentsGridFieldBulkAction extends GridFieldBulkActionHandler {
* *
* @package comments * @package comments
*/ */
class CommentsGridFieldBulkAction_MarkAsSpam extends CommentsGridFieldBulkAction { class CommentsGridFieldBulkAction_Handlers extends CommentsGridFieldBulkAction {
private static $allowed_actions = array( private static $allowed_actions = array(
'markAsSpam' 'markAsSpam',
'markAsNotSpam',
); );
private static $url_handlers = array( private static $url_handlers = array(
'markAsSpam' => 'markAsSpam' 'markAsSpam' => 'markAsSpam',
'markAsNotSpam' => 'markAsNotSpam',
); );
@ -43,4 +45,26 @@ class CommentsGridFieldBulkAction_MarkAsSpam extends CommentsGridFieldBulkAction
return $response; return $response;
} }
public function markAsNotSpam(SS_HTTPRequest $request) {
$ids = array();
foreach($this->getRecords() as $record) {
array_push($ids, $record->ID);
$record->Moderated = 1;
$record->IsSpam = 0;
$record->write();
}
$response = new SS_HTTPResponse(Convert::raw2json(array(
'done' => true,
'records' => $ids
)));
$response->addHeader('Content-Type', 'text/json');
return $response;
}
} }

View File

@ -4,7 +4,9 @@ class CommentsGridFieldConfig extends GridFieldConfig_RecordEditor {
public function __construct($itemsPerPage = 25) { public function __construct($itemsPerPage = 25) {
parent::__construct($itemsPerPage); parent::__construct($itemsPerPage);
$this->addComponent(new GridFieldExportButton()); // $this->addComponent(new GridFieldExportButton());
$this->addComponent(new CommentsGridFieldAction());
// Format column // Format column
$columns = $this->getComponentByType('GridFieldDataColumns'); $columns = $this->getComponentByType('GridFieldDataColumns');
@ -20,14 +22,28 @@ class CommentsGridFieldConfig extends GridFieldConfig_RecordEditor {
// Add bulk option // Add bulk option
$manager = new GridFieldBulkManager(); $manager = new GridFieldBulkManager();
$manager->addBulkAction( $manager->addBulkAction(
'markAsSpam', 'Mark as spam', 'CommentsGridFieldBulkAction_MarkAsSpam', 'markAsSpam', 'Mark as spam', 'CommentsGridFieldBulkAction_Handlers',
array( array(
'isAjax' => true, 'isAjax' => true,
'icon' => 'delete', 'icon' => 'cross',
'isDestructive' => true 'isDestructive' => false
) )
); );
$manager->addBulkAction(
'markAsNotSpam', 'Mark as not spam', 'CommentsGridFieldBulkAction_Handlers',
array(
'isAjax' => true,
'icon' => 'cross',
'isDestructive' => false
)
);
$manager->removeBulkAction('bulkEdit');
$manager->removeBulkAction('unLink');
$this->addComponent($manager); $this->addComponent($manager);
} }
} }

View File

@ -3,46 +3,50 @@
/** /**
* Represents a single comment object. * Represents a single comment object.
* *
* @property string $Name * @property string $Name
* @property string $Comment * @property string $Comment
* @property string $Email * @property string $Email
* @property string $URL * @property string $URL
* @property string $BaseClass * @property string $BaseClass
* @property boolean $Moderated * @property boolean $Moderated
* @property boolean $IsSpam True if the comment is known as spam * @property boolean $IsSpam True if the comment is known as spam
* @property integer $ParentID ID of the parent page / dataobject * @property integer $ParentID ID of the parent page / dataobject
* @property boolean $AllowHtml If true, treat $Comment as HTML instead of plain text * @property boolean $AllowHtml If true, treat $Comment as HTML instead of plain text
* @property string $SecretToken Secret admin token required to provide moderation links between sessions * @property string $SecretToken Secret admin token required to provide moderation links between sessions
*
* @method HasManyList ChildComments() List of child comments * @method HasManyList ChildComments() List of child comments
* @method Member Author() Member object who created this comment * @method Member Author() Member object who created this comment
*
* @package comments * @package comments
*/ */
class Comment extends DataObject { class Comment extends DataObject {
/**
* @var array
*/
private static $db = array( private static $db = array(
"Name" => "Varchar(200)", 'Name' => 'Varchar(200)',
"Comment" => "Text", 'Comment' => 'Text',
"Email" => "Varchar(200)", 'Email' => 'Varchar(200)',
"URL" => "Varchar(255)", 'URL' => 'Varchar(255)',
"BaseClass" => "Varchar(200)", 'BaseClass' => 'Varchar(200)',
"Moderated" => "Boolean(1)", 'Moderated' => 'Boolean(0)',
"IsSpam" => "Boolean(0)", 'IsSpam' => 'Boolean(0)',
"ParentID" => "Int", 'ParentID' => 'Int',
'AllowHtml' => "Boolean", 'AllowHtml' => 'Boolean',
"SecretToken" => "Varchar(255)", 'SecretToken' => 'Varchar(255)',
); );
private static $has_one = array( private static $has_one = array(
"Author" => "Member", 'Author' => 'Member',
); );
private static $default_sort = '"Created" DESC'; private static $default_sort = '"Created" DESC';
private static $defaults = array( private static $defaults = array(
"Moderated" => 1, 'Moderated' => 0,
"IsSpam" => 0, 'IsSpam' => 0,
); );
private static $casting = array( private static $casting = array(
'Title' => 'Varchar', 'Title' => 'Varchar',
'ParentTitle' => 'Varchar', 'ParentTitle' => 'Varchar',
@ -63,13 +67,13 @@ class Comment extends DataObject {
'Created', 'Created',
'BaseClass', 'BaseClass',
); );
private static $summary_fields = array( private static $summary_fields = array(
'Name' => 'Submitted By', 'Name' => 'Submitted By',
'Email' => 'Email', 'Email' => 'Email',
'Comment' => 'Comment', 'Comment' => 'Comment',
'Created' => 'Date Posted', 'Created' => 'Date Posted',
'ParentTitle' => 'Parent', 'ParentTitle' => 'Post',
'IsSpam' => 'Is Spam', 'IsSpam' => 'Is Spam',
); );
@ -88,47 +92,49 @@ class Comment extends DataObject {
public function getSecurityToken() { public function getSecurityToken() {
return Injector::inst()->createWithArgs('Comment_SecurityToken', array($this)); return Injector::inst()->createWithArgs('Comment_SecurityToken', array($this));
} }
/** /**
* Migrates the old {@link PageComment} objects to {@link Comment} * Migrates the old {@link PageComment} objects to {@link Comment}
*/ */
public function requireDefaultRecords() { public function requireDefaultRecords() {
parent::requireDefaultRecords(); parent::requireDefaultRecords();
if(DB::getConn()->hasTable('PageComment')) { if(DB::getConn()->hasTable('PageComment')) {
$comments = DB::query("SELECT * FROM \"PageComment\""); $comments = DB::query('SELECT * FROM "PageComment"');
if($comments) { if($comments) {
while($pageComment = $comments->nextRecord()) { while($pageComment = $comments->nextRecord()) {
// create a new comment from the older page comment // create a new comment from the older page comment
$comment = new Comment(); $comment = new Comment();
$comment->update($pageComment); $comment->update($pageComment);
// set the variables which have changed // set the variables which have changed
$comment->BaseClass = 'SiteTree'; $comment->BaseClass = 'SiteTree';
$comment->URL = (isset($pageComment['CommenterURL'])) ? $pageComment['CommenterURL'] : ""; $comment->URL = (isset($pageComment['CommenterURL'])) ? $pageComment['CommenterURL'] : '';
if((int)$pageComment['NeedsModeration'] == 0) $comment->Moderated = true; if((int) $pageComment['NeedsModeration'] == 0) $comment->Moderated = true;
$comment->write(); $comment->write();
} }
} }
DB::alteration_message("Migrated PageComment to Comment","changed"); DB::alteration_message('Migrated PageComment to Comment', 'changed');
DB::getConn()->dontRequireTable('PageComment'); DB::getConn()->dontRequireTable('PageComment');
} }
} }
/** /**
* Return a link to this comment * Return a link to this comment
* *
* @param string $action
*
* @return string link to this comment. * @return string link to this comment.
*/ */
public function Link($action = "") { public function Link($action = '') {
if($parent = $this->getParent()){ if($parent = $this->getParent()) {
return $parent->Link($action) . '#' . $this->Permalink(); return $parent->Link($action) . '#' . $this->Permalink();
} }
} }
/** /**
* Returns the permalink for this {@link Comment}. Inserted into * Returns the permalink for this {@link Comment}. Inserted into
* the ID tag of the comment * the ID tag of the comment
@ -139,14 +145,17 @@ class Comment extends DataObject {
$prefix = $this->getOption('comment_permalink_prefix'); $prefix = $this->getOption('comment_permalink_prefix');
return $prefix . $this->ID; return $prefix . $this->ID;
} }
/** /**
* Translate the form field labels for the CMS administration * Translate the form field labels for the CMS administration
* *
* @param boolean $includerelations * @param boolean $includerelations
*
* @return array
*/ */
public function fieldLabels($includerelations = true) { public function fieldLabels($includerelations = true) {
$labels = parent::fieldLabels($includerelations); $labels = parent::fieldLabels($includerelations);
$labels['Name'] = _t('Comment.NAME', 'Author Name'); $labels['Name'] = _t('Comment.NAME', 'Author Name');
$labels['Comment'] = _t('Comment.COMMENT', 'Comment'); $labels['Comment'] = _t('Comment.COMMENT', 'Comment');
$labels['Email'] = _t('Comment.EMAIL', 'Email'); $labels['Email'] = _t('Comment.EMAIL', 'Email');
@ -155,7 +164,7 @@ class Comment extends DataObject {
$labels['Moderated'] = _t('Comment.MODERATED', 'Moderated?'); $labels['Moderated'] = _t('Comment.MODERATED', 'Moderated?');
$labels['ParentTitle'] = _t('Comment.PARENTTITLE', 'Parent'); $labels['ParentTitle'] = _t('Comment.PARENTTITLE', 'Parent');
$labels['Created'] = _t('Comment.CREATED', 'Date posted'); $labels['Created'] = _t('Comment.CREATED', 'Date posted');
return $labels; return $labels;
} }
@ -163,6 +172,7 @@ class Comment extends DataObject {
* Get the commenting option * Get the commenting option
* *
* @param string $key * @param string $key
*
* @return mixed Result if the setting is available, or null otherwise * @return mixed Result if the setting is available, or null otherwise
*/ */
public function getOption($key) { public function getOption($key) {
@ -178,7 +188,7 @@ class Comment extends DataObject {
return $record->getCommentsOption($key); return $record->getCommentsOption($key);
} }
/** /**
* Returns the parent {@link DataObject} this comment is attached too * Returns the parent {@link DataObject} this comment is attached too
* *
@ -198,7 +208,7 @@ class Comment extends DataObject {
*/ */
public function getParentTitle() { public function getParentTitle() {
if($parent = $this->getParent()) { if($parent = $this->getParent()) {
return $parent->Title ?: ($parent->ClassName . " #" . $parent->ID); return $parent->Title ?: ($parent->ClassName . ' #' . $parent->ID);
} }
} }
@ -218,7 +228,7 @@ class Comment extends DataObject {
} }
return parent::castingHelper($field); return parent::castingHelper($field);
} }
/** /**
* Content to be safely escaped on the frontend * Content to be safely escaped on the frontend
* *
@ -240,22 +250,25 @@ class Comment extends DataObject {
/** /**
* @todo needs to compare to the new {@link Commenting} configuration API * @todo needs to compare to the new {@link Commenting} configuration API
* *
* @return Boolean * @param Member $member
*
* @return bool
*/ */
public function canCreate($member = null) { public function canCreate($member = null) {
return false; return false;
} }
/** /**
* Checks for association with a page, and {@link SiteTree->ProvidePermission} * Checks for association with a page, and {@link SiteTree->ProvidePermission}
* flag being set to true. * flag being set to true.
* *
* @param Member $member * @param Member $member
*
* @return Boolean * @return Boolean
*/ */
public function canView($member = null) { public function canView($member = null) {
if(!$member) $member = Member::currentUser(); if(!$member) $member = Member::currentUser();
// Standard mechanism for accepting permission changes from decorators // Standard mechanism for accepting permission changes from decorators
$extended = $this->extendedCan('canView', $member); $extended = $this->extendedCan('canView', $member);
if($extended !== null) return $extended; if($extended !== null) return $extended;
@ -267,40 +280,42 @@ class Comment extends DataObject {
$parent = $this->getParent(); $parent = $this->getParent();
return $parent && $parent->ProvideComments && $parent->canView($member); return $parent && $parent->ProvideComments && $parent->canView($member);
} }
/** /**
* Checks for "CMS_ACCESS_CommentAdmin" permission codes and * Checks for "CMS_ACCESS_CommentAdmin" permission codes and
* {@link canView()}. * {@link canView()}.
* *
* @param Member $member * @param Member $member
*
* @return Boolean * @return Boolean
*/ */
public function canEdit($member = null) { public function canEdit($member = null) {
if(!$member) $member = Member::currentUser(); if(!$member) $member = Member::currentUser();
// Standard mechanism for accepting permission changes from decorators // Standard mechanism for accepting permission changes from decorators
$extended = $this->extendedCan('canEdit', $member); $extended = $this->extendedCan('canEdit', $member);
if($extended !== null) return $extended; if($extended !== null) return $extended;
if(!$this->canView($member)) return false; if(!$this->canView($member)) return false;
return (bool)Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin'); return (bool) Permission::checkMember($member, 'CMS_ACCESS_CommentAdmin');
} }
/** /**
* Checks for "CMS_ACCESS_CommentAdmin" permission codes and * Checks for "CMS_ACCESS_CommentAdmin" permission codes and
* {@link canEdit()}. * {@link canEdit()}.
* *
* @param Member $member * @param Member $member
*
* @return Boolean * @return Boolean
*/ */
public function canDelete($member = null) { public function canDelete($member = null) {
if(!$member) $member = Member::currentUser(); if(!$member) $member = Member::currentUser();
// Standard mechanism for accepting permission changes from decorators // Standard mechanism for accepting permission changes from decorators
$extended = $this->extendedCan('canDelete', $member); $extended = $this->extendedCan('canDelete', $member);
if($extended !== null) return $extended; if($extended !== null) return $extended;
return $this->canEdit($member); return $this->canEdit($member);
} }
@ -322,6 +337,7 @@ class Comment extends DataObject {
* *
* @param string $action An action on CommentingController to link to * @param string $action An action on CommentingController to link to
* @param Member $member The member authorised to invoke this action * @param Member $member The member authorised to invoke this action
*
* @return string * @return string
*/ */
protected function actionLink($action, $member = null) { protected function actionLink($action, $member = null) {
@ -330,7 +346,7 @@ class Comment extends DataObject {
$url = Controller::join_links( $url = Controller::join_links(
Director::baseURL(), Director::baseURL(),
"CommentingController", 'CommentingController',
$action, $action,
$this->ID $this->ID
); );
@ -344,6 +360,7 @@ class Comment extends DataObject {
* Link to delete this comment * Link to delete this comment
* *
* @param Member $member * @param Member $member
*
* @return string * @return string
*/ */
public function DeleteLink($member = null) { public function DeleteLink($member = null) {
@ -351,11 +368,12 @@ class Comment extends DataObject {
return $this->actionLink('delete', $member); return $this->actionLink('delete', $member);
} }
} }
/** /**
* Link to mark as spam * Link to mark as spam
* *
* @param Member $member * @param Member $member
*
* @return string * @return string
*/ */
public function SpamLink($member = null) { public function SpamLink($member = null) {
@ -363,11 +381,12 @@ class Comment extends DataObject {
return $this->actionLink('spam', $member); return $this->actionLink('spam', $member);
} }
} }
/** /**
* Link to mark as not-spam (ham) * Link to mark as not-spam (ham)
* *
* @param Member $member * @param Member $member
*
* @return string * @return string
*/ */
public function HamLink($member = null) { public function HamLink($member = null) {
@ -375,11 +394,12 @@ class Comment extends DataObject {
return $this->actionLink('ham', $member); return $this->actionLink('ham', $member);
} }
} }
/** /**
* Link to approve this comment * Link to approve this comment
* *
* @param Member $member * @param Member $member
*
* @return string * @return string
*/ */
public function ApproveLink($member = null) { public function ApproveLink($member = null) {
@ -387,7 +407,7 @@ class Comment extends DataObject {
return $this->actionLink('approve', $member); return $this->actionLink('approve', $member);
} }
} }
/** /**
* @return string * @return string
*/ */
@ -400,16 +420,16 @@ class Comment extends DataObject {
return 'notspam'; return 'notspam';
} }
} }
/** /**
* @return string * @return string
*/ */
public function getTitle() { public function getTitle() {
$title = sprintf(_t('Comment.COMMENTBY', "Comment by %s", 'Name'), $this->getAuthorName()); $title = sprintf(_t('Comment.COMMENTBY', 'Comment by %s', 'Name'), $this->getAuthorName());
if($parent = $this->getParent()) { if($parent = $this->getParent()) {
if($parent->Title) { if($parent->Title) {
$title .= sprintf(" %s %s", _t('Comment.ON', 'on'), $parent->Title); $title .= sprintf(' %s %s', _t('Comment.ON', 'on'), $parent->Title);
} }
} }
@ -433,6 +453,7 @@ class Comment extends DataObject {
/** /**
* @param String $dirtyHtml * @param String $dirtyHtml
*
* @return String * @return String
*/ */
public function purifyHtml($dirtyHtml) { public function purifyHtml($dirtyHtml) {
@ -454,19 +475,19 @@ class Comment extends DataObject {
} }
/** /**
* Calcualate the gravatar link from the email address * Calculate the Gravatar link from the email address
* *
* @return string * @return string
*/ */
public function Gravatar() { public function Gravatar() {
$gravatar = ''; $gravatar = '';
$use_gravatar = $this->getOption('use_gravatar'); $use_gravatar = $this->getOption('use_gravatar');
if ($use_gravatar) { if($use_gravatar) {
$gravatar = "http://www.gravatar.com/avatar/" . md5( strtolower(trim($this->Email))); $gravatar = 'http://www.gravatar.com/avatar/' . md5(strtolower(trim($this->Email)));
$gravatarsize = $this->getOption('gravatar_size'); $gravatarsize = $this->getOption('gravatar_size');
$gravatardefault = $this->getOption('gravatar_default'); $gravatardefault = $this->getOption('gravatar_default');
$gravatarrating = $this->getOption('gravatar_rating'); $gravatarrating = $this->getOption('gravatar_rating');
$gravatar.= "?s=".$gravatarsize."&d=".$gravatardefault."&r=".$gravatarrating; $gravatar .= '?s=' . $gravatarsize . '&d=' . $gravatardefault . '&r=' . $gravatarrating;
} }
return $gravatar; return $gravatar;
@ -495,6 +516,7 @@ class Comment_SecurityToken {
* Generate the token for the given salt and current secret * Generate the token for the given salt and current secret
* *
* @param string $salt * @param string $salt
*
* @return string * @return string
*/ */
protected function getToken($salt) { protected function getToken($salt) {
@ -506,11 +528,13 @@ class Comment_SecurityToken {
/** /**
* Get the member-specific salt. * Get the member-specific salt.
* *
* The reason for making the salt specific to a user is that it cannot be "passed in" via a querystring, * The reason for making the salt specific to a user is that it cannot be "passed in" via a
* requiring the same user to be present at both the link generation and the controller action. * querystring, requiring the same user to be present at both the link generation and the
* controller action.
*
* @param string $salt Single use salt
* @param Member $member Member object
* *
* @param string $salt Single use salt
* @param type $member Member object
* @return string Generated salt specific to this member * @return string Generated salt specific to this member
*/ */
protected function memberSalt($salt, $member) { protected function memberSalt($salt, $member) {
@ -519,8 +543,9 @@ class Comment_SecurityToken {
} }
/** /**
* @param string $url Comment action URL * @param string $url Comment action URL
* @param Member $member Member to restrict access to this action to * @param Member $member Member to restrict access to this action to
*
* @return string * @return string
*/ */
public function addToUrl($url, $member) { public function addToUrl($url, $member) {
@ -540,6 +565,7 @@ class Comment_SecurityToken {
/** /**
* @param SS_HTTPRequest $request * @param SS_HTTPRequest $request
*
* @return boolean * @return boolean
*/ */
public function checkRequest($request) { public function checkRequest($request) {
@ -559,12 +585,13 @@ class Comment_SecurityToken {
* Generates new random key * Generates new random key
* *
* @param integer $length * @param integer $length
*
* @return string * @return string
*/ */
protected function generate($length = null) { protected function generate($length = null) {
$generator = new RandomGenerator(); $generator = new RandomGenerator();
$result = $generator->randomToken('sha256'); $result = $generator->randomToken('sha256');
if($length !== null) return substr ($result, 0, $length); if($length !== null) return substr($result, 0, $length);
return $result; return $result;
} }
@ -580,24 +607,24 @@ class Comment_SecurityToken {
* *
* @return string derived key * @return string derived key
*/ */
private function hash_pbkdf2 ($a, $p, $s, $c, $kl, $st=0) { private function hash_pbkdf2($a, $p, $s, $c, $kl, $st = 0) {
$kb = $st+$kl; // Key blocks to compute $kb = $st + $kl; // Key blocks to compute
$dk = ''; // Derived key $dk = ''; // Derived key
// Create key // Create key
for ($block=1; $block<=$kb; $block++) { for($block = 1; $block <= $kb; $block++) {
// Initial hash for this block // Initial hash for this block
$ib = $h = hash_hmac($a, $s . pack('N', $block), $p, true); $ib = $h = hash_hmac($a, $s . pack('N', $block), $p, true);
// Perform block iterations // Perform block iterations
for ($i=1; $i<$c; $i++) { for($i = 1; $i < $c; $i++) {
// XOR each iterate // XOR each iterate
$ib ^= ($h = hash_hmac($a, $h, $p, true)); $ib ^= ($h = hash_hmac($a, $h, $p, true));
} }
$dk .= $ib; // Append iterated block $dk .= $ib; // Append iterated block
} }

View File

@ -5,47 +5,61 @@
* *
* @package comments * @package comments
*/ */
class CommentsExtension extends DataExtension { class CommentsExtension extends DataExtension {
/** /**
* Default configuration values * Default configuration values
* *
* @var array * enabled: Allows commenting to be disabled even if the extension is present
* enabled_cms: Allows commenting to be enabled or disabled via the CMS
* require_login: Boolean, whether a user needs to login (required for required_permission)
* require_login_cms: Allows require_login to be set via the CMS
* required_permission: Permission (or array of permissions) required to comment
* include_js: Enhance operation by ajax behaviour on moderation links (required for use_preview)
* use_gravatar: Set to true to show gravatar icons
* gravatar_default: Theme for 'not found' gravatar {@see http://gravatar.com/site/implement/images}
* gravatar_rating: Gravatar rating (same as the standard default)
* show_comments_when_disabled: Show older comments when commenting has been disabled.
* comments_holder_id: ID for the comments holder
* comment_permalink_prefix: ID prefix for each comment
* require_moderation: Require moderation for all comments
* require_moderation_cms: Ignore other comment moderation config settings and set via CMS
* html_allowed: Allow for sanitized HTML in comments
* use_preview: Preview formatted comment (when allowing HTML)
*
* @var array
*
* @config * @config
*/ */
private static $comments = array( private static $comments = array(
'enabled' => true, // Allows commenting to be disabled even if the extension is present 'enabled' => true,
'enabled_cms' => false, // Allows commenting to be enabled or disabled via the CMS 'enabled_cms' => false,
'require_login' => false, // boolean, whether a user needs to login 'require_login' => false,
'require_login_cms' => false, // Allows require_login to be set via the CMS 'require_login_cms' => false,
// required permission to comment (or array of permissions). require_login must be set for this to work
'required_permission' => false, 'required_permission' => false,
'include_js' => true, // Enhance operation by ajax behaviour on moderation links 'include_js' => true,
'use_gravatar' => false, // set to true to show gravatar icons, 'use_gravatar' => false,
'gravatar_size' => 80, // size of gravatar in pixels. This is the same as the standard default 'gravatar_size' => 80,
// theme for 'not found' gravatar (see http://gravatar.com/site/implement/images/)
'gravatar_default' => 'identicon', 'gravatar_default' => 'identicon',
'gravatar_rating' => 'g', // gravatar rating. This is the same as the standard default 'gravatar_rating' => 'g',
// when comments are disabled should we show older comments (if available)
'show_comments_when_disabled' => false, 'show_comments_when_disabled' => false,
'order_comments_by' => "\"Created\" DESC", 'order_comments_by' => '"Created" DESC',
'comments_per_page' => 10, 'comments_per_page' => 10,
'comments_holder_id' => "comments-holder", // id for the comments holder 'comments_holder_id' => 'comments-holder',
'comment_permalink_prefix' => "comment-", // id prefix for each comment. If needed make this different 'comment_permalink_prefix' => 'comment-',
'require_moderation' => false, // Require moderation for all comments 'require_moderation' => false,
// requires moderation for comments posted by non-members. 'require_moderation' overrides this if set.
'require_moderation_nonmembers' => false, 'require_moderation_nonmembers' => false,
// If true, ignore above values and configure moderation requirements via the CMS only
'require_moderation_cms' => false, 'require_moderation_cms' => false,
'html_allowed' => false, // allow for sanitized HTML in comments 'html_allowed' => false,
'html_allowed_elements' => array('a', 'img', 'i', 'b'), 'html_allowed_elements' => array('a', 'img', 'i', 'b'),
'use_preview' => false, // preview formatted comment (when allowing HTML). Requires include_js=true 'use_preview' => false,
); );
/**
* @var array
*/
private static $db = array( private static $db = array(
'ProvideComments' => 'Boolean', 'ProvideComments' => 'Boolean',
'ModerationRequired' => "Enum('None,Required,NonMembersOnly','None')", 'ModerationRequired' => 'Enum(\'None,Required,NonMembersOnly\',\'None\')',
'CommentsRequireLogin' => 'Boolean', 'CommentsRequireLogin' => 'Boolean',
); );
@ -56,7 +70,7 @@ class CommentsExtension extends DataExtension {
// Set if comments should be enabled by default // Set if comments should be enabled by default
$this->owner->ProvideComments = $this->owner->getCommentsOption('enabled') ? 1 : 0; $this->owner->ProvideComments = $this->owner->getCommentsOption('enabled') ? 1 : 0;
// If moderations options should be configurable via the CMS then // If moderation options should be configurable via the CMS then
if($this->owner->getCommentsOption('require_moderation')) { if($this->owner->getCommentsOption('require_moderation')) {
$this->owner->ModerationRequired = 'Required'; $this->owner->ModerationRequired = 'Required';
} elseif($this->owner->getCommentsOption('require_moderation_nonmembers')) { } elseif($this->owner->getCommentsOption('require_moderation_nonmembers')) {
@ -68,7 +82,7 @@ class CommentsExtension extends DataExtension {
$this->owner->CommentsRequireLogin = $this->owner->getCommentsOption('require_login') ? 1 : 0; $this->owner->CommentsRequireLogin = $this->owner->getCommentsOption('require_login') ? 1 : 0;
} }
/** /**
* If this extension is applied to a {@link SiteTree} record then * If this extension is applied to a {@link SiteTree} record then
* append a Provide Comments checkbox to allow authors to trigger * append a Provide Comments checkbox to allow authors to trigger
@ -76,12 +90,12 @@ class CommentsExtension extends DataExtension {
* *
* @todo Allow customization of other {@link Commenting} configuration * @todo Allow customization of other {@link Commenting} configuration
* *
* @param FieldSet * @param FieldList $fields
*/ */
public function updateSettingsFields(FieldList $fields) { public function updateSettingsFields(FieldList $fields) {
$options = FieldGroup::create()->setTitle(_t('CommentsExtension.COMMENTOPTIONS', 'Comments')); $options = FieldGroup::create()->setTitle(_t('CommentsExtension.COMMENTOPTIONS', 'Comments'));
// Check if enabled setting should be cms configurable // Check if enabled setting should be cms configurable
if($this->owner->getCommentsOption('enabled_cms')) { if($this->owner->getCommentsOption('enabled_cms')) {
$options->push(new CheckboxField('ProvideComments', _t('Comment.ALLOWCOMMENTS', 'Allow Comments'))); $options->push(new CheckboxField('ProvideComments', _t('Comment.ALLOWCOMMENTS', 'Allow Comments')));
@ -136,15 +150,19 @@ class CommentsExtension extends DataExtension {
} }
public function getComments() { public function getComments() {
Deprecation::notice('2.0', 'Use PagedComments to get paged coments'); // TODO: find out why this is being triggered when combined with blog
// Deprecation::notice('2.0', 'Use PagedComments to get paged comments');
return $this->PagedComments(); return $this->PagedComments();
} }
/** /**
* Get comment moderation rules for this parent * Get comment moderation rules for this parent
* *
* @return string A value of either 'None' (no moderation required), 'Required' (all comments), * None: No moderation required
* or 'NonMembersOnly' (only not logged in users) * Required: All comments
* NonMembersOnly: Only anonymous users
*
* @return string
*/ */
public function getModerationRequired() { public function getModerationRequired() {
if($this->owner->getCommentsOption('require_moderation_cms')) { if($this->owner->getCommentsOption('require_moderation_cms')) {
@ -165,9 +183,9 @@ class CommentsExtension extends DataExtension {
*/ */
public function getCommentsRequireLogin() { public function getCommentsRequireLogin() {
if($this->owner->getCommentsOption('require_login_cms')) { if($this->owner->getCommentsOption('require_login_cms')) {
return (bool)$this->owner->getField('CommentsRequireLogin'); return (bool) $this->owner->getField('CommentsRequireLogin');
} else { } else {
return (bool)$this->owner->getCommentsOption('require_login'); return (bool) $this->owner->getCommentsOption('require_login');
} }
} }
@ -183,10 +201,10 @@ class CommentsExtension extends DataExtension {
->AllComments() ->AllComments()
->sort($order) ->sort($order)
->filter('IsSpam', 0); ->filter('IsSpam', 0);
// Filter unmoderated comments for non-administrators if moderation is enabled // Filter un-moderated comments for non-administrators if moderation is enabled
if ($this->owner->ModerationRequired !== 'None') { if($this->owner->ModerationRequired !== 'None') {
$list = $list->filter('Moderated', 1); $list = $list->filter('Moderated', 1);
} }
$this->owner->extend('updateComments', $list); $this->owner->extend('updateComments', $list);
@ -201,10 +219,10 @@ class CommentsExtension extends DataExtension {
*/ */
public function PagedComments() { public function PagedComments() {
$list = $this->Comments(); $list = $this->Comments();
// Add pagination // Add pagination
$list = new PaginatedList($list, Controller::curr()->getRequest()); $list = new PaginatedList($list, Controller::curr()->getRequest());
$list->setPaginationGetVar('commentsstart'.$this->owner->ID); $list->setPaginationGetVar('commentsstart' . $this->owner->ID);
$list->setPageLength($this->owner->getCommentsOption('comments_per_page')); $list->setPageLength($this->owner->getCommentsOption('comments_per_page'));
$this->owner->extend('updatePagedComments', $list); $this->owner->extend('updatePagedComments', $list);
@ -276,6 +294,7 @@ class CommentsExtension extends DataExtension {
* Determine if a user can post comments on this item * Determine if a user can post comments on this item
* *
* @param Member $member Member to check * @param Member $member Member to check
*
* @return boolean * @return boolean
*/ */
public function canPostComment($member = null) { public function canPostComment($member = null) {
@ -301,6 +320,7 @@ class CommentsExtension extends DataExtension {
* Determine if this member can moderate comments in the CMS * Determine if this member can moderate comments in the CMS
* *
* @param Member $member * @param Member $member
*
* @return boolean * @return boolean
*/ */
public function canModerateComments($member = null) { public function canModerateComments($member = null) {
@ -318,7 +338,7 @@ class CommentsExtension extends DataExtension {
* @return string * @return string
*/ */
public function getCommentRSSLink() { public function getCommentRSSLink() {
return Controller::join_links(Director::baseURL(), "CommentingController/rss"); return Controller::join_links(Director::baseURL(), 'CommentingController/rss');
} }
public function getRssLinkPage() { public function getRssLinkPage() {
@ -336,17 +356,17 @@ class CommentsExtension extends DataExtension {
$this->getCommentRSSLink(), $this->ownerBaseClass, $this->owner->ID $this->getCommentRSSLink(), $this->ownerBaseClass, $this->owner->ID
); );
} }
/** /**
* Comments interface for the front end. Includes the CommentAddForm and the composition * Comments interface for the front end. Includes the CommentAddForm and the composition
* of the comments display. * of the comments display.
* *
* To customize the html see templates/CommentInterface.ss or extend this function with * To customize the html see templates/CommentInterface.ss or extend this function with
* your own extension. * your own extension.
* *
* @todo Cleanup the passing of all this configuration based functionality * @todo Cleanup the passing of all this configuration based functionality
* *
* @see docs/en/Extending * @see docs/en/Extending
*/ */
public function CommentsForm() { public function CommentsForm() {
// Check if enabled // Check if enabled
@ -357,7 +377,7 @@ class CommentsExtension extends DataExtension {
Requirements::javascript(THIRDPARTY_DIR . '/jquery-validate/jquery.validate.pack.js'); Requirements::javascript(THIRDPARTY_DIR . '/jquery-validate/jquery.validate.pack.js');
Requirements::javascript('comments/javascript/CommentsInterface.js'); Requirements::javascript('comments/javascript/CommentsInterface.js');
} }
$controller = CommentingController::create(); $controller = CommentingController::create();
$controller->setOwnerRecord($this->owner); $controller->setOwnerRecord($this->owner);
$controller->setBaseClass($this->ownerBaseClass); $controller->setBaseClass($this->ownerBaseClass);
@ -378,7 +398,7 @@ class CommentsExtension extends DataExtension {
)) ))
->renderWith('CommentsInterface'); ->renderWith('CommentsInterface');
} }
/** /**
* Returns whether this extension instance is attached to a {@link SiteTree} object * Returns whether this extension instance is attached to a {@link SiteTree} object
* *
@ -386,7 +406,7 @@ class CommentsExtension extends DataExtension {
*/ */
public function attachedToSiteTree() { public function attachedToSiteTree() {
$class = $this->ownerBaseClass; $class = $this->ownerBaseClass;
return (is_subclass_of($class, 'SiteTree')) || ($class == 'SiteTree'); return (is_subclass_of($class, 'SiteTree')) || ($class == 'SiteTree');
} }
@ -405,6 +425,7 @@ class CommentsExtension extends DataExtension {
* This can be overridden in any instance or extension to customise the option available * This can be overridden in any instance or extension to customise the option available
* *
* @param string $key * @param string $key
*
* @return mixed Result if the setting is available, or null otherwise * @return mixed Result if the setting is available, or null otherwise
*/ */
public function getCommentsOption($key) { public function getCommentsOption($key) {
@ -425,41 +446,61 @@ class CommentsExtension extends DataExtension {
* @param FieldList $fields * @param FieldList $fields
*/ */
protected function updateModerationFields(FieldList $fields) { protected function updateModerationFields(FieldList $fields) {
// Create gridfield config
$commentsConfig = CommentsGridFieldConfig::create(); $commentsConfig = CommentsGridFieldConfig::create();
$needs = new GridField( $newComments = $this->owner->AllComments()->filter('Moderated', 0);
'CommentsNeedsModeration',
_t('CommentsAdmin.NeedsModeration', 'Needs Moderation'), $newGrid = new GridField(
$this->owner->AllComments()->filter('Moderated', 0), 'NewComments',
_t('CommentsAdmin.NewComments', 'Unmoderated'),
$newComments,
$commentsConfig $commentsConfig
); );
$moderated = new GridField( $approvedComments = $this->owner->AllComments()->filter('Moderated', 1)->filter('IsSpam', 0);
'CommentsModerated',
_t('CommentsAdmin.Moderated', 'Moderated'), $approvedGrid = new GridField(
$this->owner->AllComments()->filter('Moderated', 1), 'ApprovedComments',
_t('CommentsAdmin.Comments', 'Displayed'),
$approvedComments,
$commentsConfig $commentsConfig
); );
$spamComments = $this->owner->AllComments()->filter('Moderated', 1)->filter('IsSpam', 1);
$spamGrid = new GridField(
'SpamComments',
_t('CommentsAdmin.SpamComments', 'Spam'),
$spamComments,
$commentsConfig
);
$newCount = '(' . count($newComments) . ')';
$approvedCount = '(' . count($approvedComments) . ')';
$spamCount = '(' . count($spamComments) . ')';
if($fields->hasTabSet()) { if($fields->hasTabSet()) {
$tabset = new TabSet( $tabs = new TabSet(
'Comments', 'Comments',
new Tab('CommentsNeedsModerationTab', _t('CommentAdmin.NeedsModeration', 'Needs Moderation'), new Tab('CommentsNewCommentsTab', _t('CommentAdmin.NewComments', 'Unmoderated') . ' ' . $newCount,
$needs $newGrid
), ),
new Tab('CommentsModeratedTab', _t('CommentAdmin.Moderated', 'Moderated'), new Tab('CommentsCommentsTab', _t('CommentAdmin.Comments', 'Displayed') . ' ' . $approvedCount,
$moderated $approvedGrid
),
new Tab('CommentsSpamCommentsTab', _t('CommentAdmin.SpamComments', 'Spam') . ' ' . $spamCount,
$spamGrid
) )
); );
$fields->addFieldToTab('Root', $tabset); $fields->addFieldToTab('Root', $tabs);
} else { } else {
$fields->push($needs); $fields->push($newGrid);
$fields->push($moderated); $fields->push($approvedGrid);
$fields->push($spamGrid);
} }
} }
public function updateCMSFields(\FieldList $fields) { public function updateCMSFields(FieldList $fields) {
// Disable moderation if not permitted // Disable moderation if not permitted
if($this->owner->canModerateComments()) { if($this->owner->canModerateComments()) {
$this->updateModerationFields($fields); $this->updateModerationFields($fields);

View File

@ -20,20 +20,20 @@
<h4><% _t('CommentsInterface_ss.COMMENTS','Comments') %></h4> <h4><% _t('CommentsInterface_ss.COMMENTS','Comments') %></h4>
<div class="comments-holder"> <div class="comments-holder">
<% if $Comments %> <% if $PagedComments %>
<ul class="comments-list"> <ul class="comments-list">
<% loop $Comments %> <% loop $PagedComments %>
<li class="comment $EvenOdd<% if FirstLast %> $FirstLast <% end_if %> $SpamClass"> <li class="comment $EvenOdd<% if FirstLast %> $FirstLast <% end_if %> $SpamClass">
<% include CommentsInterface_singlecomment %> <% include CommentsInterface_singlecomment %>
</li> </li>
<% end_loop %> <% end_loop %>
</ul> </ul>
<% with $Comments %> <% with $PagedComments %>
<% include CommentPagination %> <% include CommentPagination %>
<% end_with %> <% end_with %>
<% end_if %> <% end_if %>
<p class="no-comments-yet"<% if $Comments.Count %> style='display: none' <% end_if %> ><% _t('CommentsInterface_ss.NOCOMMENTSYET','No one has commented on this page yet.') %></p> <p class="no-comments-yet"<% if $PagedComments.Count %> style='display: none' <% end_if %> ><% _t('CommentsInterface_ss.NOCOMMENTSYET','No one has commented on this page yet.') %></p>
</div> </div>