Issues in save.php - All Issues - Inspection of "Merge pull request #11623 from jeabakker/master_i1..." - Elgg/Elgg - Measure and Improve Code Quality continuously with Scrutinizer

Completed

Push — master ( f4a3b3...4452de )

by Jeroen

created 2018-01-19 12:00 UTC

actions/comment/save.php (1 issue)

Severity

Unknown 1

Juho Jaakkola 1

<?php
/**
 * Action for adding and editing comments
 *
 * @package Elgg.Core
 * @subpackage Comments
 */

$entity_guid = (int) get_input('entity_guid', 0, false);
$comment_guid = (int) get_input('comment_guid', 0, false);
$comment_text = get_input('generic_comment');

if (empty($comment_text)) {
	return elgg_error_response(elgg_echo('generic_comment:blank'));
}

if ($comment_guid) {
	// Edit an existing comment
	$comment = get_entity($comment_guid);

	if (!$comment instanceof ElggComment) {
		return elgg_error_response(elgg_echo('generic_comment:notfound'));
	}
	if (!$comment->canEdit()) {
		return elgg_error_response(elgg_echo('actionunauthorized'));
	}

	$comment->description = $comment_text;
	if (!$comment->save()) {
		return elgg_error_response(elgg_echo('generic_comment:failure'));
	}
	
	$success_message = elgg_echo('generic_comment:updated');
} else {
	// Create a new comment on the target entity
	$entity = get_entity($entity_guid);
	if (!$entity) {

		return elgg_error_response(elgg_echo('generic_comment:notfound'));
	}

	$user = elgg_get_logged_in_user_entity();

	$comment = new ElggComment();
	$comment->description = $comment_text;
	$comment->owner_guid = $user->getGUID();
	$comment->container_guid = $entity->getGUID();
	$comment->access_id = $entity->access_id;
	$guid = $comment->save();

	if (!$guid) {
		return elgg_error_response(elgg_echo('generic_comment:failure'));
	}

	// Add to river
	elgg_create_river_item([
		'view' => 'river/object/comment/create',
		'action_type' => 'comment',
		'object_guid' => $guid,
		'target_guid' => $entity_guid,
	]);

	$success_message = elgg_echo('generic_comment:posted');
}

$forward = $comment->getURL();

// return to activity page if posted from there
// this can be removed once saving new comments is ajaxed
if (!empty($_SERVER['HTTP_REFERER'])) {
	// don't redirect to URLs from client without verifying within site
	$site_url = preg_quote(elgg_get_site_url(), '~');
	if (preg_match("~^{$site_url}activity(/|\\z)~", $_SERVER['HTTP_REFERER'], $m)) {
		$forward = "{$m[0]}#elgg-object-{$comment->guid}";
	}
}

$result = [
	'guid' => $comment->guid,
	'output' => elgg_view_entity($comment),
];

return elgg_ok_response($result, $success_message, $forward);


1			<?php
2			/**
3			* Action for adding and editing comments
4			*
5			* @package Elgg.Core
6			* @subpackage Comments
7			*/
8
9			$entity_guid = (int) get_input('entity_guid', 0, false);
10			$comment_guid = (int) get_input('comment_guid', 0, false);
11			$comment_text = get_input('generic_comment');
12
13			if (empty($comment_text)) {
14			return elgg_error_response(elgg_echo('generic_comment:blank'));
15			}
16
17			if ($comment_guid) {
18			// Edit an existing comment
19			$comment = get_entity($comment_guid);
20
21			if (!$comment instanceof ElggComment) {
22			return elgg_error_response(elgg_echo('generic_comment:notfound'));
23			}
24			if (!$comment->canEdit()) {
25			return elgg_error_response(elgg_echo('actionunauthorized'));
26			}
27
28			$comment->description = $comment_text;
29			if (!$comment->save()) {
30			return elgg_error_response(elgg_echo('generic_comment:failure'));
31			}
32
33			$success_message = elgg_echo('generic_comment:updated');
34			} else {
35			// Create a new comment on the target entity
36			$entity = get_entity($entity_guid);
37			if (!$entity) {
			0 ignored issues – show introduced 2018-01-15 19:39 UTC by Report Bug Copy Issue Report Show Similar Issues like this The condition `! $entity` can never be `false`. Loading history...
38			return elgg_error_response(elgg_echo('generic_comment:notfound'));
39			}
40
41			$user = elgg_get_logged_in_user_entity();
42
43			$comment = new ElggComment();
44			$comment->description = $comment_text;
45			$comment->owner_guid = $user->getGUID();
46			$comment->container_guid = $entity->getGUID();
47			$comment->access_id = $entity->access_id;
48			$guid = $comment->save();
49
50			if (!$guid) {
51			return elgg_error_response(elgg_echo('generic_comment:failure'));
52			}
53
54			// Add to river
55			elgg_create_river_item([
56			'view' => 'river/object/comment/create',
57			'action_type' => 'comment',
58			'object_guid' => $guid,
59			'target_guid' => $entity_guid,
60			]);
61
62			$success_message = elgg_echo('generic_comment:posted');
63			}
64
65			$forward = $comment->getURL();
66
67			// return to activity page if posted from there
68			// this can be removed once saving new comments is ajaxed
69			if (!empty($_SERVER['HTTP_REFERER'])) {
70			// don't redirect to URLs from client without verifying within site
71			$site_url = preg_quote(elgg_get_site_url(), '~');
72			if (preg_match("~^{$site_url}activity(/\|\\z)~", $_SERVER['HTTP_REFERER'], $m)) {
73			$forward = "{$m[0]}#elgg-object-{$comment->guid}";
74			}
75			}
76
77			$result = [
78			'guid' => $comment->guid,
79			'output' => elgg_view_entity($comment),
80			];
81
82			return elgg_ok_response($result, $success_message, $forward);
83

Elgg / Elgg

Push — master ( f4a3b3...4452de )

actions/comment/save.php (1 issue)

Severity

Introduced By

Duplication Side-by-Side

Filter issues like