gordonbanderson /
silverstripe-comments
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | * Get the commenting option for the current state |
| 121 | 121 | * |
| 122 | 122 | * @param string $key |
| 123 | - * @return mixed Result if the setting is available, or null otherwise |
|
| 123 | + * @return integer Result if the setting is available, or null otherwise |
|
| 124 | 124 | */ |
| 125 | 125 | public function getOption($key) { |
| 126 | 126 | // If possible use the current record |
@@ -280,6 +280,7 @@ discard block |
||
| 280 | 280 | * Redirect back to referer if available, ensuring that only site URLs |
| 281 | 281 | * are allowed to avoid phishing. If it's an AJAX request render the |
| 282 | 282 | * comment in it's new state |
| 283 | + * @param DataObject $comment |
|
| 283 | 284 | */ |
| 284 | 285 | private function renderChangedCommentState($comment) { |
| 285 | 286 | $referer = $this->request->getHeader('Referer'); |
@@ -243,7 +243,7 @@ discard block |
||
| 243 | 243 | if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
| 244 | 244 | |
| 245 | 245 | $comment->markSpam(); |
| 246 | - return $this->renderChangedCommentState($comment); |
|
| 246 | + return $this->renderChangedCommentState($comment); |
|
| 247 | 247 | } |
| 248 | 248 | |
| 249 | 249 | /** |
@@ -258,7 +258,7 @@ discard block |
||
| 258 | 258 | if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
| 259 | 259 | |
| 260 | 260 | $comment->markApproved(); |
| 261 | - return $this->renderChangedCommentState($comment); |
|
| 261 | + return $this->renderChangedCommentState($comment); |
|
| 262 | 262 | } |
| 263 | 263 | |
| 264 | 264 | /** |
@@ -273,36 +273,36 @@ discard block |
||
| 273 | 273 | if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
| 274 | 274 | |
| 275 | 275 | $comment->markApproved(); |
| 276 | - return $this->renderChangedCommentState($comment); |
|
| 276 | + return $this->renderChangedCommentState($comment); |
|
| 277 | 277 | } |
| 278 | 278 | |
| 279 | - /** |
|
| 280 | - * Redirect back to referer if available, ensuring that only site URLs |
|
| 281 | - * are allowed to avoid phishing. If it's an AJAX request render the |
|
| 282 | - * comment in it's new state |
|
| 283 | - */ |
|
| 284 | - private function renderChangedCommentState($comment) { |
|
| 285 | - $referer = $this->request->getHeader('Referer'); |
|
| 286 | - |
|
| 287 | - // Render comment using AJAX |
|
| 288 | - if ($this->request->isAjax()) { |
|
| 289 | - return $comment->renderWith('CommentsInterface_singlecomment'); |
|
| 290 | - } else { |
|
| 291 | - // Redirect to either the comment or start of the page |
|
| 292 | - if (empty($referer)) { |
|
| 293 | - return $this->redirectBack(); |
|
| 294 | - } else { |
|
| 295 | - // Redirect to the comment, but check for phishing |
|
| 296 | - $url = $referer . '#comment-' . $comment->ID; |
|
| 297 | - // absolute redirection URLs not located on this site may cause phishing |
|
| 298 | - if(Director::is_site_url($url)) { |
|
| 299 | - return $this->redirect($url); |
|
| 300 | - } else { |
|
| 301 | - return false; |
|
| 302 | - } |
|
| 303 | - } |
|
| 304 | - } |
|
| 305 | - } |
|
| 279 | + /** |
|
| 280 | + * Redirect back to referer if available, ensuring that only site URLs |
|
| 281 | + * are allowed to avoid phishing. If it's an AJAX request render the |
|
| 282 | + * comment in it's new state |
|
| 283 | + */ |
|
| 284 | + private function renderChangedCommentState($comment) { |
|
| 285 | + $referer = $this->request->getHeader('Referer'); |
|
| 286 | + |
|
| 287 | + // Render comment using AJAX |
|
| 288 | + if ($this->request->isAjax()) { |
|
| 289 | + return $comment->renderWith('CommentsInterface_singlecomment'); |
|
| 290 | + } else { |
|
| 291 | + // Redirect to either the comment or start of the page |
|
| 292 | + if (empty($referer)) { |
|
| 293 | + return $this->redirectBack(); |
|
| 294 | + } else { |
|
| 295 | + // Redirect to the comment, but check for phishing |
|
| 296 | + $url = $referer . '#comment-' . $comment->ID; |
|
| 297 | + // absolute redirection URLs not located on this site may cause phishing |
|
| 298 | + if(Director::is_site_url($url)) { |
|
| 299 | + return $this->redirect($url); |
|
| 300 | + } else { |
|
| 301 | + return false; |
|
| 302 | + } |
|
| 303 | + } |
|
| 304 | + } |
|
| 305 | + } |
|
| 306 | 306 | |
| 307 | 307 | /** |
| 308 | 308 | * Returns the comment referenced in the URL (by ID). Permission checking |
@@ -124,12 +124,12 @@ discard block |
||
| 124 | 124 | */ |
| 125 | 125 | public function getOption($key) { |
| 126 | 126 | // If possible use the current record |
| 127 | - if($record = $this->getOwnerRecord()) { |
|
| 127 | + if ($record = $this->getOwnerRecord()) { |
|
| 128 | 128 | return $record->getCommentsOption($key); |
| 129 | 129 | } |
| 130 | 130 | |
| 131 | 131 | // Otherwise a singleton of that record |
| 132 | - if($class = $this->getBaseClass()) { |
|
| 132 | + if ($class = $this->getBaseClass()) { |
|
| 133 | 133 | return singleton($class)->getCommentsOption($key); |
| 134 | 134 | } |
| 135 | 135 | |
@@ -143,7 +143,7 @@ discard block |
||
| 143 | 143 | * @return string |
| 144 | 144 | */ |
| 145 | 145 | public function Link($action = '', $id = '', $other = '') { |
| 146 | - return Controller::join_links(Director::baseURL(), __CLASS__ , $action, $id, $other); |
|
| 146 | + return Controller::join_links(Director::baseURL(), __CLASS__, $action, $id, $other); |
|
| 147 | 147 | } |
| 148 | 148 | |
| 149 | 149 | /** |
@@ -173,7 +173,7 @@ discard block |
||
| 173 | 173 | $id = $request->param('OtherID'); |
| 174 | 174 | |
| 175 | 175 | // Support old pageid param |
| 176 | - if(!$id && !$class && ($id = $request->getVar('pageid'))) { |
|
| 176 | + if (!$id && !$class && ($id = $request->getVar('pageid'))) { |
|
| 177 | 177 | $class = 'SiteTree'; |
| 178 | 178 | } |
| 179 | 179 | |
@@ -183,8 +183,8 @@ discard block |
||
| 183 | 183 | )); |
| 184 | 184 | |
| 185 | 185 | // Check if class filter |
| 186 | - if($class) { |
|
| 187 | - if(!is_subclass_of($class, 'DataObject') || !$class::has_extension('CommentsExtension')) { |
|
| 186 | + if ($class) { |
|
| 187 | + if (!is_subclass_of($class, 'DataObject') || !$class::has_extension('CommentsExtension')) { |
|
| 188 | 188 | return $this->httpError(404); |
| 189 | 189 | } |
| 190 | 190 | $this->setBaseClass($class); |
@@ -192,7 +192,7 @@ discard block |
||
| 192 | 192 | $link = Controller::join_links($link, $class); |
| 193 | 193 | |
| 194 | 194 | // Check if id filter |
| 195 | - if($id) { |
|
| 195 | + if ($id) { |
|
| 196 | 196 | $comments = $comments->filter('ParentID', $id); |
| 197 | 197 | $link = Controller::join_links($link, $id); |
| 198 | 198 | $this->setOwnerRecord(DataObject::get_by_id($class, $id)); |
@@ -218,11 +218,11 @@ discard block |
||
| 218 | 218 | */ |
| 219 | 219 | public function delete() { |
| 220 | 220 | $comment = $this->getComment(); |
| 221 | - if(!$comment) return $this->httpError(404); |
|
| 222 | - if(!$comment->canDelete()) { |
|
| 221 | + if (!$comment) return $this->httpError(404); |
|
| 222 | + if (!$comment->canDelete()) { |
|
| 223 | 223 | return Security::permissionFailure($this, 'You do not have permission to delete this comment'); |
| 224 | 224 | } |
| 225 | - if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 225 | + if (!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 226 | 226 | |
| 227 | 227 | $comment->delete(); |
| 228 | 228 | |
@@ -236,11 +236,11 @@ discard block |
||
| 236 | 236 | */ |
| 237 | 237 | public function spam() { |
| 238 | 238 | $comment = $this->getComment(); |
| 239 | - if(!$comment) return $this->httpError(404); |
|
| 240 | - if(!$comment->canEdit()) { |
|
| 239 | + if (!$comment) return $this->httpError(404); |
|
| 240 | + if (!$comment->canEdit()) { |
|
| 241 | 241 | return Security::permissionFailure($this, 'You do not have permission to edit this comment'); |
| 242 | 242 | } |
| 243 | - if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 243 | + if (!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 244 | 244 | |
| 245 | 245 | $comment->markSpam(); |
| 246 | 246 | return $this->renderChangedCommentState($comment); |
@@ -251,11 +251,11 @@ discard block |
||
| 251 | 251 | */ |
| 252 | 252 | public function ham() { |
| 253 | 253 | $comment = $this->getComment(); |
| 254 | - if(!$comment) return $this->httpError(404); |
|
| 255 | - if(!$comment->canEdit()) { |
|
| 254 | + if (!$comment) return $this->httpError(404); |
|
| 255 | + if (!$comment->canEdit()) { |
|
| 256 | 256 | return Security::permissionFailure($this, 'You do not have permission to edit this comment'); |
| 257 | 257 | } |
| 258 | - if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 258 | + if (!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 259 | 259 | |
| 260 | 260 | $comment->markApproved(); |
| 261 | 261 | return $this->renderChangedCommentState($comment); |
@@ -266,11 +266,11 @@ discard block |
||
| 266 | 266 | */ |
| 267 | 267 | public function approve() { |
| 268 | 268 | $comment = $this->getComment(); |
| 269 | - if(!$comment) return $this->httpError(404); |
|
| 270 | - if(!$comment->canEdit()) { |
|
| 269 | + if (!$comment) return $this->httpError(404); |
|
| 270 | + if (!$comment->canEdit()) { |
|
| 271 | 271 | return Security::permissionFailure($this, 'You do not have permission to approve this comment'); |
| 272 | 272 | } |
| 273 | - if(!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 273 | + if (!$comment->getSecurityToken()->checkRequest($this->request)) return $this->httpError(400); |
|
| 274 | 274 | |
| 275 | 275 | $comment->markApproved(); |
| 276 | 276 | return $this->renderChangedCommentState($comment); |
@@ -295,7 +295,7 @@ discard block |
||
| 295 | 295 | // Redirect to the comment, but check for phishing |
| 296 | 296 | $url = $referer . '#comment-' . $comment->ID; |
| 297 | 297 | // absolute redirection URLs not located on this site may cause phishing |
| 298 | - if(Director::is_site_url($url)) { |
|
| 298 | + if (Director::is_site_url($url)) { |
|
| 299 | 299 | return $this->redirect($url); |
| 300 | 300 | } else { |
| 301 | 301 | return false; |
@@ -313,10 +313,10 @@ discard block |
||
| 313 | 313 | public function getComment() { |
| 314 | 314 | $id = isset($this->urlParams['ID']) ? $this->urlParams['ID'] : false; |
| 315 | 315 | |
| 316 | - if($id) { |
|
| 316 | + if ($id) { |
|
| 317 | 317 | $comment = DataObject::get_by_id('Comment', $id); |
| 318 | 318 | |
| 319 | - if($comment) { |
|
| 319 | + if ($comment) { |
|
| 320 | 320 | $this->fallbackReturnURL = $comment->Link(); |
| 321 | 321 | return $comment; |
| 322 | 322 | } |
@@ -333,7 +333,7 @@ discard block |
||
| 333 | 333 | public function ReplyForm($comment) { |
| 334 | 334 | // Enables multiple forms with different names to use the same handler |
| 335 | 335 | $form = $this->CommentsForm(); |
| 336 | - $form->setName('ReplyForm_'.$comment->ID); |
|
| 336 | + $form->setName('ReplyForm_' . $comment->ID); |
|
| 337 | 337 | $form->addExtraClass('reply-form'); |
| 338 | 338 | |
| 339 | 339 | // Load parent into reply form |
@@ -357,9 +357,9 @@ discard block |
||
| 357 | 357 | */ |
| 358 | 358 | public function reply(SS_HTTPRequest $request) { |
| 359 | 359 | // Extract parent comment from reply and build this way |
| 360 | - if($parentID = $request->param('ParentCommentID')) { |
|
| 360 | + if ($parentID = $request->param('ParentCommentID')) { |
|
| 361 | 361 | $comment = DataObject::get_by_id('Comment', $parentID, true); |
| 362 | - if($comment) { |
|
| 362 | + if ($comment) { |
|
| 363 | 363 | return $this->ReplyForm($comment); |
| 364 | 364 | } |
| 365 | 365 | } |
@@ -415,7 +415,7 @@ discard block |
||
| 415 | 415 | |
| 416 | 416 | // Preview formatted comment. Makes most sense when shortcodes or |
| 417 | 417 | // limited HTML is allowed. Populated by JS/Ajax. |
| 418 | - if($usePreview) { |
|
| 418 | + if ($usePreview) { |
|
| 419 | 419 | $fields->insertAfter( |
| 420 | 420 | ReadonlyField::create('PreviewComment', _t('CommentInterface.PREVIEWLABEL', 'Preview')) |
| 421 | 421 | ->setAttribute('style', 'display: none'), // enable through JS |
@@ -429,7 +429,7 @@ discard block |
||
| 429 | 429 | $actions = new FieldList( |
| 430 | 430 | new FormAction("doPostComment", _t('CommentInterface.POST', 'Post')) |
| 431 | 431 | ); |
| 432 | - if($usePreview) { |
|
| 432 | + if ($usePreview) { |
|
| 433 | 433 | $actions->push( |
| 434 | 434 | FormAction::create('doPreviewComment', _t('CommentInterface.PREVIEW', 'Preview')) |
| 435 | 435 | ->addExtraClass('action-minor') |
@@ -444,11 +444,11 @@ discard block |
||
| 444 | 444 | $form = new Form($this, 'CommentsForm', $fields, $actions, $required); |
| 445 | 445 | |
| 446 | 446 | // if the record exists load the extra required data |
| 447 | - if($record = $this->getOwnerRecord()) { |
|
| 447 | + if ($record = $this->getOwnerRecord()) { |
|
| 448 | 448 | |
| 449 | 449 | // Load member data |
| 450 | 450 | $member = Member::currentUser(); |
| 451 | - if(($record->CommentsRequireLogin || $record->PostingRequiredPermission) && $member) { |
|
| 451 | + if (($record->CommentsRequireLogin || $record->PostingRequiredPermission) && $member) { |
|
| 452 | 452 | $fields = $form->Fields(); |
| 453 | 453 | |
| 454 | 454 | $fields->removeByName('Name'); |
@@ -471,7 +471,7 @@ discard block |
||
| 471 | 471 | $form->setRedirectToFormOnValidationError(true); |
| 472 | 472 | |
| 473 | 473 | // load any data from the cookies |
| 474 | - if($data = Cookie::get('CommentsForm_UserData')) { |
|
| 474 | + if ($data = Cookie::get('CommentsForm_UserData')) { |
|
| 475 | 475 | $data = Convert::json2array($data); |
| 476 | 476 | |
| 477 | 477 | $form->loadDataFrom(array( |
@@ -481,12 +481,12 @@ discard block |
||
| 481 | 481 | )); |
| 482 | 482 | // allow previous value to fill if comment not stored in cookie (i.e. validation error) |
| 483 | 483 | $prevComment = Cookie::get('CommentsForm_Comment'); |
| 484 | - if($prevComment && $prevComment != ''){ |
|
| 484 | + if ($prevComment && $prevComment != '') { |
|
| 485 | 485 | $form->loadDataFrom(array("Comment" => $prevComment)); |
| 486 | 486 | } |
| 487 | 487 | } |
| 488 | 488 | |
| 489 | - if(!empty($member)) { |
|
| 489 | + if (!empty($member)) { |
|
| 490 | 490 | $form->loadDataFrom($member); |
| 491 | 491 | } |
| 492 | 492 | |
@@ -504,13 +504,13 @@ discard block |
||
| 504 | 504 | */ |
| 505 | 505 | public function doPostComment($data, $form) { |
| 506 | 506 | // Load class and parent from data |
| 507 | - if(isset($data['BaseClass'])) { |
|
| 507 | + if (isset($data['BaseClass'])) { |
|
| 508 | 508 | $this->setBaseClass($data['BaseClass']); |
| 509 | 509 | } |
| 510 | - if(isset($data['ParentID']) && ($class = $this->getBaseClass())) { |
|
| 510 | + if (isset($data['ParentID']) && ($class = $this->getBaseClass())) { |
|
| 511 | 511 | $this->setOwnerRecord($class::get()->byID($data['ParentID'])); |
| 512 | 512 | } |
| 513 | - if(!$this->getOwnerRecord()) return $this->httpError(404); |
|
| 513 | + if (!$this->getOwnerRecord()) return $this->httpError(404); |
|
| 514 | 514 | |
| 515 | 515 | // cache users data |
| 516 | 516 | Cookie::set("CommentsForm_UserData", Convert::raw2json($data)); |
@@ -520,7 +520,7 @@ discard block |
||
| 520 | 520 | $this->extend('onBeforePostComment', $form); |
| 521 | 521 | |
| 522 | 522 | // If commenting can only be done by logged in users, make sure the user is logged in |
| 523 | - if(!$this->getOwnerRecord()->canPostComment()) { |
|
| 523 | + if (!$this->getOwnerRecord()->canPostComment()) { |
|
| 524 | 524 | return Security::permissionFailure( |
| 525 | 525 | $this, |
| 526 | 526 | _t( |
@@ -531,12 +531,12 @@ discard block |
||
| 531 | 531 | ); |
| 532 | 532 | } |
| 533 | 533 | |
| 534 | - if($member = Member::currentUser()) { |
|
| 534 | + if ($member = Member::currentUser()) { |
|
| 535 | 535 | $form->Fields()->push(new HiddenField("AuthorID", "Author ID", $member->ID)); |
| 536 | 536 | } |
| 537 | 537 | |
| 538 | 538 | // What kind of moderation is required? |
| 539 | - switch($this->getOwnerRecord()->ModerationRequired) { |
|
| 539 | + switch ($this->getOwnerRecord()->ModerationRequired) { |
|
| 540 | 540 | case 'Required': |
| 541 | 541 | $requireModeration = true; |
| 542 | 542 | break; |
@@ -558,7 +558,7 @@ discard block |
||
| 558 | 558 | // Save into DB, or call pre-save hooks to give accurate preview |
| 559 | 559 | $usePreview = $this->getOption('use_preview'); |
| 560 | 560 | $isPreview = $usePreview && !empty($data['IsPreview']); |
| 561 | - if($isPreview) { |
|
| 561 | + if ($isPreview) { |
|
| 562 | 562 | $comment->extend('onBeforeWrite'); |
| 563 | 563 | } else { |
| 564 | 564 | $comment->write(); |
@@ -576,19 +576,19 @@ discard block |
||
| 576 | 576 | Cookie::set('CommentsForm_Comment', false); |
| 577 | 577 | |
| 578 | 578 | // Find parent link |
| 579 | - if(!empty($data['ReturnURL'])) { |
|
| 579 | + if (!empty($data['ReturnURL'])) { |
|
| 580 | 580 | $url = $data['ReturnURL']; |
| 581 | - } elseif($parent = $comment->getParent()) { |
|
| 581 | + } elseif ($parent = $comment->getParent()) { |
|
| 582 | 582 | $url = $parent->Link(); |
| 583 | 583 | } else { |
| 584 | 584 | return $this->redirectBack(); |
| 585 | 585 | } |
| 586 | 586 | |
| 587 | 587 | // Given a redirect page exists, attempt to link to the correct anchor |
| 588 | - if($comment->IsSpam) { |
|
| 588 | + if ($comment->IsSpam) { |
|
| 589 | 589 | // Link to the form with the error message contained |
| 590 | 590 | $hash = $form->FormName(); |
| 591 | - } else if(!$comment->Moderated) { |
|
| 591 | + } else if (!$comment->Moderated) { |
|
| 592 | 592 | // Display the "awaiting moderation" text |
| 593 | 593 | $holder = $this->getOption('comments_holder_id'); |
| 594 | 594 | $hash = "{$holder}_PostCommentForm_error"; |
@@ -615,21 +615,21 @@ discard block |
||
| 615 | 615 | // In edge-cases, this will be called outside of a handleRequest() context; in that case, |
| 616 | 616 | // redirect to the homepage - don't break into the global state at this stage because we'll |
| 617 | 617 | // be calling from a test context or something else where the global state is inappropraite |
| 618 | - if($this->request) { |
|
| 619 | - if($this->request->requestVar('BackURL')) { |
|
| 618 | + if ($this->request) { |
|
| 619 | + if ($this->request->requestVar('BackURL')) { |
|
| 620 | 620 | $url = $this->request->requestVar('BackURL'); |
| 621 | - } else if($this->request->isAjax() && $this->request->getHeader('X-Backurl')) { |
|
| 621 | + } else if ($this->request->isAjax() && $this->request->getHeader('X-Backurl')) { |
|
| 622 | 622 | $url = $this->request->getHeader('X-Backurl'); |
| 623 | - } else if($this->request->getHeader('Referer')) { |
|
| 623 | + } else if ($this->request->getHeader('Referer')) { |
|
| 624 | 624 | $url = $this->request->getHeader('Referer'); |
| 625 | 625 | } |
| 626 | 626 | } |
| 627 | 627 | |
| 628 | - if(!$url) $url = $this->fallbackReturnURL; |
|
| 629 | - if(!$url) $url = Director::baseURL(); |
|
| 628 | + if (!$url) $url = $this->fallbackReturnURL; |
|
| 629 | + if (!$url) $url = Director::baseURL(); |
|
| 630 | 630 | |
| 631 | 631 | // absolute redirection URLs not located on this site may cause phishing |
| 632 | - if(Director::is_site_url($url)) { |
|
| 632 | + if (Director::is_site_url($url)) { |
|
| 633 | 633 | return $this->redirect($url); |
| 634 | 634 | } else { |
| 635 | 635 | return false; |
