mirror of
https://github.com/silverstripe/silverstripe-comments
synced 2024-10-22 11:05:49 +02:00
ENHANCEMENT: dont allow comments to be displayed on fake pages such as security. BUGFIX: updated commentadmin tests to just work
This commit is contained in:
Will Rossiter
parent
d9580ed600
commit
5dec31c84f
@ -27,7 +27,7 @@ class CommentAdmin extends LeftAndMain {
|
|||||||
/**
|
/**
|
||||||
* @var int The number of comments per page for the {@link CommentTable} in this admin.
|
* @var int The number of comments per page for the {@link CommentTable} in this admin.
|
||||||
*/
|
*/
|
||||||
static $comments_per_page = '20';
|
static $comments_per_page = 20;
|
||||||
|
|
||||||
public function init() {
|
public function init() {
|
||||||
parent::init();
|
parent::init();
|
||||||
@ -78,18 +78,18 @@ class CommentAdmin extends LeftAndMain {
|
|||||||
"Name" => _t('CommentAdmin.AUTHOR', 'Author'),
|
"Name" => _t('CommentAdmin.AUTHOR', 'Author'),
|
||||||
"Comment" => _t('CommentAdmin.COMMENT', 'Comment'),
|
"Comment" => _t('CommentAdmin.COMMENT', 'Comment'),
|
||||||
"Parent.Title" => _t('CommentAdmin.PAGE', 'Page'),
|
"Parent.Title" => _t('CommentAdmin.PAGE', 'Page'),
|
||||||
"CommenterURL" => _t('CommentAdmin.COMMENTERURL', 'URL'),
|
"URL" => _t('CommentAdmin.COMMENTERURL', 'URL'),
|
||||||
"Created" => _t('CommentAdmin.DATEPOSTED', 'Date Posted')
|
"Created" => _t('CommentAdmin.DATEPOSTED', 'Date Posted')
|
||||||
);
|
);
|
||||||
|
|
||||||
$popupFields = new FieldSet(
|
$popupFields = new FieldSet(
|
||||||
new TextField('Name', _t('CommentAdmin.NAME', 'Name')),
|
new TextField('Name', _t('CommentAdmin.NAME', 'Name')),
|
||||||
new TextField('CommenterURL', _t('CommentAdmin.COMMENTERURL', 'URL')),
|
new TextField('URL', _t('CommentAdmin.URL', 'URL')),
|
||||||
new TextareaField('Comment', _t('CommentAdmin.COMMENT', 'Comment'))
|
new TextareaField('Comment', _t('CommentAdmin.COMMENT', 'Comment'))
|
||||||
);
|
);
|
||||||
|
|
||||||
$idField = new HiddenField('ID', '', $section);
|
$idField = new HiddenField('ID', '', $section);
|
||||||
$table = new CommentTableField($this, "Comments", "PageComment", $section, $tableFields, $popupFields, array($filter), 'Created DESC');
|
$table = new CommentTableField($this, "Comments", "Comment", $section, $tableFields, $popupFields, array($filter), 'Created DESC');
|
||||||
|
|
||||||
$table->setParentClass(false);
|
$table->setParentClass(false);
|
||||||
$table->setFieldCasting(array(
|
$table->setFieldCasting(array(
|
||||||
@ -133,38 +133,40 @@ class CommentAdmin extends LeftAndMain {
|
|||||||
}
|
}
|
||||||
|
|
||||||
function deletemarked() {
|
function deletemarked() {
|
||||||
$numComments = 0;
|
$numComments = 0;
|
||||||
$folderID = 0;
|
$folderID = 0;
|
||||||
$deleteList = '';
|
$deleteList = '';
|
||||||
|
|
||||||
if($_REQUEST['Comments']) {
|
if($_REQUEST['Comments']) {
|
||||||
foreach($_REQUEST['Comments'] as $commentid) {
|
foreach($_REQUEST['Comments'] as $commentid) {
|
||||||
$comment = DataObject::get_by_id('PageComment', $commentid);
|
$comment = DataObject::get_by_id('Comment', $commentid);
|
||||||
if($comment) {
|
if($comment && $comment->canDelete()) {
|
||||||
$comment->delete();
|
$comment->delete();
|
||||||
$numComments++;
|
$numComments++;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
||||||
|
}
|
||||||
|
|
||||||
echo <<<JS
|
echo <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("Deleted $numComments comments.");
|
statusMessage("Deleted $numComments comments.");
|
||||||
JS;
|
JS;
|
||||||
}
|
}
|
||||||
|
|
||||||
function deleteall() {
|
function deleteall() {
|
||||||
$numComments = 0;
|
$numComments = 0;
|
||||||
$spam = DataObject::get('PageComment', '"PageComment"."IsSpam" = 1');
|
$spam = DataObject::get('Comment', "\"Comment\".\"IsSpam\" = '1'");
|
||||||
|
|
||||||
if($spam) {
|
if($spam) {
|
||||||
$numComments = $spam->Count();
|
$numComments = $spam->Count();
|
||||||
|
|
||||||
foreach($spam as $comment) {
|
foreach($spam as $comment) {
|
||||||
$comment->delete();
|
if($comment->canDelete()) {
|
||||||
|
$comment->delete();
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -177,134 +179,118 @@ JS;
|
|||||||
}
|
}
|
||||||
|
|
||||||
function spammarked() {
|
function spammarked() {
|
||||||
$numComments = 0;
|
$numComments = 0;
|
||||||
$folderID = 0;
|
$folderID = 0;
|
||||||
$deleteList = '';
|
$deleteList = '';
|
||||||
|
|
||||||
if($_REQUEST['Comments']) {
|
if($_REQUEST['Comments']) {
|
||||||
foreach($_REQUEST['Comments'] as $commentid) {
|
foreach($_REQUEST['Comments'] as $commentid) {
|
||||||
$comment = DataObject::get_by_id('PageComment', $commentid);
|
$comment = DataObject::get_by_id('Comment', $commentid);
|
||||||
if($comment) {
|
if($comment) {
|
||||||
$comment->IsSpam = true;
|
$comment->IsSpam = true;
|
||||||
$comment->NeedsModeration = false;
|
$comment->Moderated = true;
|
||||||
$comment->write();
|
$comment->write();
|
||||||
|
|
||||||
if(SSAkismet::isEnabled()) {
|
$numComments++;
|
||||||
try {
|
|
||||||
$akismet = new SSAkismet();
|
|
||||||
$akismet->setCommentAuthor($comment->getField('Name'));
|
|
||||||
$akismet->setCommentContent($comment->getField('Comment'));
|
|
||||||
|
|
||||||
$akismet->submitSpam();
|
|
||||||
} catch (Exception $e) {
|
|
||||||
// Akismet didn't work, most likely the service is down.
|
|
||||||
}
|
|
||||||
}
|
|
||||||
$numComments++;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
||||||
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.MARKEDSPAM', 'Marked %s comments as spam.'), $numComments);
|
||||||
echo <<<JS
|
echo <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("$msg");
|
statusMessage("$msg");
|
||||||
JS;
|
JS;
|
||||||
}
|
}
|
||||||
|
|
||||||
function hammarked() {
|
function hammarked() {
|
||||||
$numComments = 0;
|
$numComments = 0;
|
||||||
$folderID = 0;
|
$folderID = 0;
|
||||||
$deleteList = '';
|
$deleteList = '';
|
||||||
|
|
||||||
if($_REQUEST['Comments']) {
|
if($_REQUEST['Comments']) {
|
||||||
foreach($_REQUEST['Comments'] as $commentid) {
|
foreach($_REQUEST['Comments'] as $commentid) {
|
||||||
$comment = DataObject::get_by_id('PageComment', $commentid);
|
$comment = DataObject::get_by_id('Comment', $commentid);
|
||||||
if($comment) {
|
|
||||||
$comment->IsSpam = false;
|
|
||||||
$comment->NeedsModeration = false;
|
|
||||||
$comment->write();
|
|
||||||
|
|
||||||
if(SSAkismet::isEnabled()) {
|
if($comment) {
|
||||||
try {
|
$comment->IsSpam = false;
|
||||||
$akismet = new SSAkismet();
|
$comment->Moderated = true;
|
||||||
$akismet->setCommentAuthor($comment->getField('Name'));
|
$comment->write();
|
||||||
$akismet->setCommentContent($comment->getField('Comment'));
|
|
||||||
|
|
||||||
$akismet->submitSpam();
|
$numComments++;
|
||||||
} catch (Exception $e) {
|
|
||||||
// Akismet didn't work, most likely the service is down.
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
$numComments++;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
||||||
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.MARKEDNOTSPAM', 'Marked %s comments as not spam.'), $numComments);
|
||||||
echo <<<JS
|
echo <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("$msg");
|
statusMessage("$msg");
|
||||||
JS;
|
JS;
|
||||||
}
|
}
|
||||||
|
|
||||||
function acceptmarked() {
|
function acceptmarked() {
|
||||||
$numComments = 0;
|
$numComments = 0;
|
||||||
$folderID = 0;
|
$folderID = 0;
|
||||||
$deleteList = '';
|
$deleteList = '';
|
||||||
|
|
||||||
if($_REQUEST['Comments']) {
|
if($_REQUEST['Comments']) {
|
||||||
foreach($_REQUEST['Comments'] as $commentid) {
|
foreach($_REQUEST['Comments'] as $commentid) {
|
||||||
$comment = DataObject::get_by_id('PageComment', $commentid);
|
$comment = DataObject::get_by_id('Comment', $commentid);
|
||||||
if($comment) {
|
if($comment) {
|
||||||
$comment->IsSpam = false;
|
$comment->IsSpam = false;
|
||||||
$comment->NeedsModeration = false;
|
$comment->Moderated = true;
|
||||||
$comment->write();
|
$comment->write();
|
||||||
$numComments++;
|
$numComments++;
|
||||||
}
|
|
||||||
}
|
}
|
||||||
} else {
|
|
||||||
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
|
||||||
}
|
}
|
||||||
|
} else {
|
||||||
|
user_error("No comments in $commentList could be found!", E_USER_ERROR);
|
||||||
|
}
|
||||||
|
|
||||||
$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
|
$msg = sprintf(_t('CommentAdmin.APPROVED', 'Accepted %s comments.'), $numComments);
|
||||||
echo <<<JS
|
echo <<<JS
|
||||||
$deleteList
|
$deleteList
|
||||||
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
$('Form_EditForm').getPageFromServer($('Form_EditForm_ID').value);
|
||||||
statusMessage("Accepted $numComments comments.");
|
statusMessage("Accepted $numComments comments.");
|
||||||
JS;
|
JS;
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the number of moderated comments
|
* Return the number of moderated comments
|
||||||
|
*
|
||||||
|
* @return int
|
||||||
*/
|
*/
|
||||||
function NumModerated() {
|
function NumModerated() {
|
||||||
return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=0 AND \"NeedsModeration\"=0")->value();
|
return DB::query("SELECT COUNT(*) FROM \"Comment\" WHERE \"Moderated\" = 1")->value();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the number of unmoderated comments
|
* Return the number of unmoderated comments
|
||||||
|
*
|
||||||
|
* @return int
|
||||||
*/
|
*/
|
||||||
function NumUnmoderated() {
|
function NumUnmoderated() {
|
||||||
return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=0 AND \"NeedsModeration\"=1")->value();
|
return DB::query("SELECT COUNT(*) FROM \"Comment\" WHERE \"Moderated\" = 0")->value();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Return the number of comments marked as spam
|
* Return the number of comments marked as spam
|
||||||
|
*
|
||||||
|
* @return int
|
||||||
*/
|
*/
|
||||||
function NumSpam() {
|
function NumSpam() {
|
||||||
return DB::query("SELECT COUNT(*) FROM \"PageComment\" WHERE \"IsSpam\"=1")->value();
|
return DB::query("SELECT COUNT(*) FROM \"Comment\" WHERE \"IsSpam\" = 1")->value();
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @param $num int
|
* @param int
|
||||||
*/
|
*/
|
||||||
function set_comments_per_page($num){
|
function set_comments_per_page($num){
|
||||||
self::$comments_per_page = $num;
|
self::$comments_per_page = $num;
|
||||||
@ -317,5 +303,3 @@ JS;
|
|||||||
return self::$comments_per_page;
|
return self::$comments_per_page;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
?>
|
|
||||||
|
|||||||
@ -13,7 +13,8 @@ class Comment extends DataObject {
|
|||||||
"Email" => "Varchar(200)",
|
"Email" => "Varchar(200)",
|
||||||
"URL" => "Varchar(255)",
|
"URL" => "Varchar(255)",
|
||||||
"BaseClass" => "Varchar(200)",
|
"BaseClass" => "Varchar(200)",
|
||||||
"Moderated" => "Boolean"
|
"Moderated" => "Boolean",
|
||||||
|
"IsSpam" => "Boolean"
|
||||||
);
|
);
|
||||||
|
|
||||||
static $has_one = array(
|
static $has_one = array(
|
||||||
|
|||||||
@ -75,7 +75,10 @@ class CommentsExtension extends DataObjectDecorator {
|
|||||||
// on a {@link DataObject} then it is enabled, however {@link SiteTree} objects can
|
// on a {@link DataObject} then it is enabled, however {@link SiteTree} objects can
|
||||||
// trigger comments on / off via ProvideComments
|
// trigger comments on / off via ProvideComments
|
||||||
$enabled = (!$this->attachedToSiteTree() || $this->owner->ProvideComments) ? true : false;
|
$enabled = (!$this->attachedToSiteTree() || $this->owner->ProvideComments) ? true : false;
|
||||||
|
|
||||||
|
// do not include the comments on pages which don't have id's such as security pages
|
||||||
|
if($this->owner->ID < 0) return false;
|
||||||
|
|
||||||
$controller = new CommentingController();
|
$controller = new CommentingController();
|
||||||
|
|
||||||
// tad bit messy but needed to ensure all datas available
|
// tad bit messy but needed to ensure all datas available
|
||||||
@ -85,6 +88,7 @@ class CommentsExtension extends DataObjectDecorator {
|
|||||||
|
|
||||||
$form = ($enabled) ? $controller->CommentsForm() : false;
|
$form = ($enabled) ? $controller->CommentsForm() : false;
|
||||||
|
|
||||||
|
Debug::show(Controller::curr()->ID);
|
||||||
// a little bit all over the show but to ensure a slightly easier upgrade for users
|
// a little bit all over the show but to ensure a slightly easier upgrade for users
|
||||||
// return back the same variables as previously done in comments
|
// return back the same variables as previously done in comments
|
||||||
return $interface->process(new ArrayData(array(
|
return $interface->process(new ArrayData(array(
|
||||||
|
|||||||
39
tests/CommentAdminTest.php
Normal file
39
tests/CommentAdminTest.php
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
/**
|
||||||
|
* @package comments
|
||||||
|
*/
|
||||||
|
|
||||||
|
class CommentAdminTest extends FunctionalTest {
|
||||||
|
|
||||||
|
static $fixture_file = 'comments/tests/CommentsTest.yml';
|
||||||
|
|
||||||
|
function testNumModerated() {
|
||||||
|
$comm = new CommentAdmin();
|
||||||
|
$resp = $comm->NumModerated();
|
||||||
|
$this->assertEquals(4, $resp);
|
||||||
|
}
|
||||||
|
|
||||||
|
function testNumUnmoderated(){
|
||||||
|
$comm = new CommentAdmin();
|
||||||
|
$resp = $comm->NumUnmoderated();
|
||||||
|
$this->assertEquals(3, $resp);
|
||||||
|
}
|
||||||
|
|
||||||
|
function testNumSpam(){
|
||||||
|
$comm = new CommentAdmin();
|
||||||
|
$resp = $comm->NumSpam();
|
||||||
|
$this->assertEquals(2, $resp);
|
||||||
|
}
|
||||||
|
|
||||||
|
function testdeletemarked(){
|
||||||
|
$comm = $this->objFromFixture('Comment', 'firstComA');
|
||||||
|
$id = $comm->ID;
|
||||||
|
$this->logInWithPermission('CMS_ACCESS_CommentAdmin');
|
||||||
|
$result = $this->get("admin/comments/EditForm/field/Comments/item/$id/delete");
|
||||||
|
|
||||||
|
$checkComm = DataObject::get_by_id('Comment',$id);
|
||||||
|
|
||||||
|
$this->assertFalse($checkComm);
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -1,62 +1,72 @@
|
|||||||
Member:
|
Member:
|
||||||
commentadmin:
|
commentadmin:
|
||||||
FirstName: admin
|
FirstName: admin
|
||||||
visitor:
|
visitor:
|
||||||
FirstName: visitor
|
FirstName: visitor
|
||||||
|
|
||||||
Group:
|
Group:
|
||||||
commentadmins:
|
commentadmins:
|
||||||
Title: Admin
|
Title: Admin
|
||||||
Members: =>Member.commentadmin
|
Members: =>Member.commentadmin
|
||||||
|
|
||||||
Permission:
|
Permission:
|
||||||
admin:
|
admin:
|
||||||
Code: CMS_ACCESS_CommentAdmin
|
Code: CMS_ACCESS_CommentAdmin
|
||||||
Group: =>Group.commentadmins
|
Group: =>Group.commentadmins
|
||||||
|
|
||||||
Page:
|
Page:
|
||||||
first:
|
first:
|
||||||
Title: First page
|
Title: First page
|
||||||
URLSegment: first-page
|
URLSegment: first-page
|
||||||
ProvideComments: 1
|
ProvideComments: 1
|
||||||
second:
|
second:
|
||||||
Title: Second page
|
Title: Second page
|
||||||
URLSegment: second-page
|
URLSegment: second-page
|
||||||
ProvideComments: 1
|
ProvideComments: 1
|
||||||
third:
|
third:
|
||||||
Title: Third page
|
Title: Third page
|
||||||
URLSegment:third-page
|
URLSegment:third-page
|
||||||
ProvideComments: 1
|
ProvideComments: 1
|
||||||
pageNoComments:
|
pageNoComments:
|
||||||
Title: No comments
|
Title: No comments
|
||||||
URLSegment: no-comments
|
URLSegment: no-comments
|
||||||
ProvideComments: 0
|
ProvideComments: 0
|
||||||
|
|
||||||
Comment:
|
Comment:
|
||||||
firstComA:
|
firstComA:
|
||||||
ParentID: =>Page.first
|
ParentID: =>Page.first
|
||||||
Name: FA
|
Name: FA
|
||||||
Comment: textFA
|
Comment: textFA
|
||||||
secondComA:
|
Moderated: 1
|
||||||
ParentID: =>Page.second
|
secondComA:
|
||||||
Name: SA
|
ParentID: =>Page.second
|
||||||
Comment: textSA
|
Name: SA
|
||||||
secondComB:
|
Comment: textSA
|
||||||
ParentID: =>Page.second
|
Moderated: 1
|
||||||
Name: SB
|
secondComB:
|
||||||
Comment: textSB
|
ParentID: =>Page.second
|
||||||
thirdComA:
|
Name: SB
|
||||||
ParentID: =>Page.third
|
Comment: textSB
|
||||||
Name: TA
|
Moderated: 1
|
||||||
Comment: textTA
|
thirdComA:
|
||||||
thirdComB:
|
ParentID: =>Page.third
|
||||||
ParentID: =>Page.third
|
Name: TA
|
||||||
Name: TB
|
Comment: textTA
|
||||||
Comment: textTB
|
Moderated: 1
|
||||||
thirdComC:
|
IsSpam: 1
|
||||||
ParentID: =>Page.third
|
thirdComB:
|
||||||
Name: TC
|
ParentID: =>Page.third
|
||||||
Comment: textTC
|
Name: TB
|
||||||
disabledCom:
|
Comment: textTB
|
||||||
ParentID: =>Page.pageNoComments
|
Moderated: 0
|
||||||
Name: Disabled
|
thirdComC:
|
||||||
|
ParentID: =>Page.third
|
||||||
|
Name: TC
|
||||||
|
Comment: textTC
|
||||||
|
Moderated: 0
|
||||||
|
|
||||||
|
disabledCom:
|
||||||
|
ParentID: =>Page.pageNoComments
|
||||||
|
Name: Disabled
|
||||||
|
Moderated: 0
|
||||||
|
IsSpam: 1
|
||||||
Loading…
Reference in New Issue
Block a user