1 | <?php |
||
2 | /** |
||
3 | * Action for adding and editing comments |
||
4 | * |
||
5 | * @package Elgg.Core |
||
6 | * @subpackage Comments |
||
7 | */ |
||
8 | |||
9 | $entity_guid = (int) get_input('entity_guid', 0, false); |
||
10 | $comment_guid = (int) get_input('comment_guid', 0, false); |
||
11 | $comment_text = get_input('generic_comment'); |
||
12 | |||
13 | if (empty($comment_text)) { |
||
14 | return elgg_error_response(elgg_echo('generic_comment:blank')); |
||
15 | } |
||
16 | |||
17 | if ($comment_guid) { |
||
18 | // Edit an existing comment |
||
19 | $comment = get_entity($comment_guid); |
||
20 | |||
21 | if (!$comment instanceof ElggComment) { |
||
22 | return elgg_error_response(elgg_echo('generic_comment:notfound')); |
||
23 | } |
||
24 | if (!$comment->canEdit()) { |
||
25 | return elgg_error_response(elgg_echo('actionunauthorized')); |
||
26 | } |
||
27 | |||
28 | $comment->description = $comment_text; |
||
29 | if (!$comment->save()) { |
||
30 | return elgg_error_response(elgg_echo('generic_comment:failure')); |
||
31 | } |
||
32 | |||
33 | $success_message = elgg_echo('generic_comment:updated'); |
||
34 | } else { |
||
35 | // Create a new comment on the target entity |
||
36 | $entity = get_entity($entity_guid); |
||
37 | if (!$entity) { |
||
1 ignored issue
–
show
introduced
by
Loading history...
|
|||
38 | return elgg_error_response(elgg_echo('generic_comment:notfound')); |
||
39 | } |
||
40 | |||
41 | $user = elgg_get_logged_in_user_entity(); |
||
42 | |||
43 | $comment = new ElggComment(); |
||
44 | $comment->description = $comment_text; |
||
45 | $comment->owner_guid = $user->getGUID(); |
||
46 | $comment->container_guid = $entity->getGUID(); |
||
47 | $comment->access_id = $entity->access_id; |
||
48 | $guid = $comment->save(); |
||
49 | |||
50 | if (!$guid) { |
||
51 | return elgg_error_response(elgg_echo('generic_comment:failure')); |
||
52 | } |
||
53 | |||
54 | // Add to river |
||
55 | elgg_create_river_item([ |
||
56 | 'view' => 'river/object/comment/create', |
||
57 | 'action_type' => 'comment', |
||
58 | 'object_guid' => $guid, |
||
59 | 'target_guid' => $entity_guid, |
||
60 | ]); |
||
61 | |||
62 | $success_message = elgg_echo('generic_comment:posted'); |
||
63 | } |
||
64 | |||
65 | $forward = $comment->getURL(); |
||
66 | |||
67 | // return to activity page if posted from there |
||
68 | // this can be removed once saving new comments is ajaxed |
||
69 | if (!empty($_SERVER['HTTP_REFERER'])) { |
||
70 | // don't redirect to URLs from client without verifying within site |
||
71 | $site_url = preg_quote(elgg_get_site_url(), '~'); |
||
72 | if (preg_match("~^{$site_url}activity(/|\\z)~", $_SERVER['HTTP_REFERER'], $m)) { |
||
73 | $forward = "{$m[0]}#elgg-object-{$comment->guid}"; |
||
74 | } |
||
75 | } |
||
76 | |||
77 | $result = [ |
||
78 | 'guid' => $comment->guid, |
||
79 | 'output' => elgg_view_entity($comment), |
||
80 | ]; |
||
81 | |||
82 | return elgg_ok_response($result, $success_message, $forward); |
||
83 |