Passed
Push — master ( c0a3a7...3b84a4 )
by Jeroen
58:51
created

mod/blog/actions/blog/auto_save_revision.php (4 issues)

1
<?php
2
/**
3
 * Action called by AJAX periodic auto saving when editing.
4
 *
5
 * @package Blog
6
 */
7
8
$guid = get_input('guid');
9
$user = elgg_get_logged_in_user_entity();
10
$title = elgg_get_title_input();
11
$description = get_input('description');
12
$excerpt = get_input('excerpt');
13
14
// because get_input() doesn't use the default if the input is ''
15
if (empty($excerpt)) {
16
	$excerpt = $description;
17
}
18
19
// store errors to pass along
20
$error = false;
21
22
if ($title && $description) {
23
	if ($guid) {
24
		$entity = get_entity($guid);
0 ignored issues
show
It seems like $guid can also be of type string; however, parameter $guid of get_entity() does only seem to accept integer, maybe add an additional type check? ( Ignorable by Annotation )

If this is a false-positive, you can also ignore this issue in your code via the ignore-type  annotation

24
		$entity = get_entity(/** @scrutinizer ignore-type */ $guid);
Loading history...
25
		if ($entity instanceof ElggBlog && $entity->canEdit()) {
26
			$blog = $entity;
27
		} else {
28
			$error = elgg_echo('blog:error:post_not_found');
29
		}
30
	} else {
31
		$blog = new ElggBlog();
32
		$blog->subtype = 'blog';
33
34
		// force draft and private for autosaves.
35
		$blog->status = 'unsaved_draft';
36
		$blog->access_id = ACCESS_PRIVATE;
37
		$blog->title = $title;
38
		$blog->description = $description;
39
		$blog->excerpt = elgg_get_excerpt($excerpt);
40
41
		// mark this as a brand new post so we can work out the
42
		// river / revision logic in the real save action.
43
		$blog->new_post = true;
44
45
		if (!$blog->save()) {
46
			$error = elgg_echo('blog:error:cannot_save');
47
		}
48
	}
49
50
	// creat draft annotation
51
	if (!$error) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $error of type false|string is loosely compared to false; this is ambiguous if the string can be empty. You might want to explicitly use === false instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
52
		// annotations don't have a "time_updated" so
53
		// we have to delete everything or the times are wrong.
54
55
		// don't save if nothing changed
56
		$auto_save_annotations = $blog->getAnnotations([
57
			'annotation_name' => 'blog_auto_save',
58
			'limit' => 1,
59
		]);
60
		if ($auto_save_annotations) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $auto_save_annotations of type array is implicitly converted to a boolean; are you sure this is intended? If so, consider using ! empty($expr) instead to make it clear that you intend to check for an array without elements.

This check marks implicit conversions of arrays to boolean values in a comparison. While in PHP an empty array is considered to be equal (but not identical) to false, this is not always apparent.

Consider making the comparison explicit by using empty(..) or ! empty(...) instead.

Loading history...
61
			$auto_save = $auto_save_annotations[0];
62
		} else {
63
			$auto_save = false;
64
		}
65
66
		if (!$auto_save) {
67
			$annotation_id = $blog->annotate('blog_auto_save', $description);
68
		} elseif ($auto_save instanceof ElggAnnotation && $auto_save->value != $description) {
69
			$blog->deleteAnnotations('blog_auto_save');
70
			$annotation_id = $blog->annotate('blog_auto_save', $description);
71
		} elseif ($auto_save instanceof ElggAnnotation && $auto_save->value == $description) {
72
			// this isn't an error because we have an up to date annotation.
73
			$annotation_id = $auto_save->id;
74
		}
75
76
		if (!$annotation_id) {
77
			$error = elgg_echo('blog:error:cannot_auto_save');
78
		}
79
	}
80
} else {
81
	$error = elgg_echo('blog:error:missing:description');
82
}
83
84
if ($error) {
0 ignored issues
show
Bug Best Practice introduced by
The expression $error of type false|string is loosely compared to true; this is ambiguous if the string can be empty. You might want to explicitly use !== false instead.

In PHP, under loose comparison (like ==, or !=, or switch conditions), values of different types might be equal.

For string values, the empty string '' is a special case, in particular the following results might be unexpected:

''   == false // true
''   == null  // true
'ab' == false // false
'ab' == null  // false

// It is often better to use strict comparison
'' === false // false
'' === null  // false
Loading history...
85
	$json = ['success' => false, 'message' => $error];
86
	echo json_encode($json);
87
} else {
88
	$msg = elgg_echo('blog:message:saved');
89
	$json = ['success' => true, 'message' => $msg, 'guid' => $blog->getGUID()];
90
	echo json_encode($json);
91
}
92
exit;
93