COMMENT - Code Metrics - Inspection of "fix handling of external links when glossarising" - mysociety/theyworkforyou - Measure and Improve Code Quality continuously with Scrutinizer

Passed

Push — master ( 0e9327...12087f )

by Struan

created 2025-10-08 13:10 UTC

COMMENT A

↳ Parent: Project

Complexity

Total Complexity

Size/Duplication

Total Lines	334
Duplicated Lines	0 %

Test Coverage

Coverage

39.08%

Importance

Changes

Metric	Value
eloc	185
dl	0
loc	334
ccs	34
cts	87
cp	0.3908
rs	9.44
c	0
b	0
f	0
wmc	37

19 Methods

Rating	Name	Size	Complexity
A	exists()	2	1
A	user_id()	2	1
A	epobject_id()	2	1
A	comments_enabled()	2	1
A	__construct()	44	4
A	modflagged()	2	1
A	firstname()	2	1
A	lastname()	2	1
A	visible()	2	1
A	url()	2	1
A	comment_id()	2	1
A	posted()	2	1
A	body()	2	1
A	display()	17	1
B	create()	85	6
A	_set_username()	15	4
A	delete()	26	3
A	_set_url()	26	3
A	set_modflag()	34	4

<?php

/* A class for doing things with single comments.

    To access stuff about an existing comment you can do something like:
        $COMMENT = new COMMENT(37);
        $COMMENT->display();
    Where '37' is the comment_id.

    To create a new comment you should get a $data array prepared of
    the key/value pairs needed to create a new comment and do:
        $COMMENT = new COMMENT;
        $COMMENT->create ($data);

    You can delete a comment by doing $COMMENT->delete() (it isn't actually
    deleted from the database, just set to invisible.

    You can also do $COMMENT->set_modflag() which happens when a user
    posts a report about a comment. The flag is unset when/if the report is
    rejected.

*/



class COMMENT {
    public $comment_id = '';
    public $user_id = '';
    public $epobject_id = '';
    public $body = '';
    public $posted = '';
    public $visible = false;
    public $modflagged = null;	// Is a datetime when set.
    public $firstname = '';	// Of the person who posted it.
    public $lastname = '';
    public $url = '';

    // So that after trying to init a comment, we can test for
    // if it exists in the DB.
    public $exists = false;


    public function __construct($comment_id = '') {

        $this->db = new ParlDB();


        // Set in init.php
        if (ALLOWCOMMENTS == true) {

            $this->comments_enabled = true;

        } else {
            $this->comments_enabled = false;
        }


        if (is_numeric($comment_id)) {
            // We're getting the data for an existing comment from the DB.

            $q = $this->db->query(
                "SELECT user_id,
                                    epobject_id,
                                    body,
                                    posted,
                                    visible,
                                    modflagged
                            FROM	comments
                            WHERE 	comment_id=:comment_id",
                [':comment_id' => $comment_id]
            )->first();

            if ($q) {

                $this->comment_id 	= $comment_id;
                $this->user_id		= $q['user_id'];
                $this->epobject_id	= $q['epobject_id'];
                $this->body			= $q['body'];
                $this->posted		= $q['posted'];
                $this->visible		= $q['visible'];
                $this->modflagged	= $q['modflagged'];

                // Sets the URL and username for this comment. Duh.
                $this->_set_url();
                $this->_set_username();

                $this->exists = true;
            } else {
                $this->exists = false;
            }
        }
    }


    // Use these for accessing the object's variables externally.
    public function comment_id() {
        return $this->comment_id;
    }
    public function user_id() {
        return $this->user_id;
    }
    public function epobject_id() {
        return $this->epobject_id;
    }
    public function body() {
        return $this->body;
    }
    public function posted() {
        return $this->posted;
    }
    public function visible() {
        return $this->visible;
    }
    public function modflagged() {
        return $this->modflagged;
    }
    public function exists() {
        return $this->exists;
    }
    public function firstname() {
        return $this->firstname;
    }
    public function lastname() {
        return $this->lastname;
    }
    public function url() {
        return $this->url;
    }

    public function comments_enabled() {
        return $this->comments_enabled;
    }


    public function create($data) {
        // Inserts data for this comment into the database.
        // $data has 'epobject_id' and 'body' elements.
        // Returns the new comment_id if successful, false otherwise.

        global $THEUSER, $PAGE;

        if ($this->comments_enabled() == false) {

            $PAGE->error_message("Sorry, the posting of annotations has been temporarily disabled.");
            return;
        }

        if (!$THEUSER->is_able_to('addcomment')) {
            $message = 	[
                'title' => 'Sorry',
                'text' => 'You are not allowed to post annotations.',
            ];
            $PAGE->error_message($message);
            return false;
        }

        if (!is_numeric($data['epobject_id'])) {
            $message = [
                'title' => 'Sorry',
                'text' => "We don't have an epobject id.",
            ];
            $PAGE->error_message($message);
            return false;
        }

        if ($data['body'] == '') {
            $message = [
                'title' => 'Whoops!',
                'text' => "You haven't entered an annotation!",
            ];
            $PAGE->error_message($message);
            return false;
        }

        // OK, let's get on with it...

        // Tidy up the HTML tags
        // (but we don't make URLs into links; only when displaying the comment).
        $body = filter_user_input($data['body'], 'comment'); // In utility.php

        $posted = date('Y-m-d H:i:s', time());


        $q_gid = $this->db->query("select gid from hansard where epobject_id = :epobject_id", [':epobject_id' => $data['epobject_id']]);
        $data['gid'] = $q_gid->field(0, 'gid');

        $q = $this->db->query(
            "INSERT INTO comments
            (user_id, epobject_id, body, posted, visible, original_gid)
            VALUES
            (
            :user_id,
            :epobject_id,
            :body,
            :posted,
            1,
            :gid
            )",
            [
                ':user_id' => $THEUSER->user_id(),
                ':epobject_id' => $data['epobject_id'],
                ':body' => $body,
                ':posted' => $posted,
                ':gid' => $data['gid'],
            ]
        );

        if ($q->success()) {
            // Set the object varibales up.
            $this->comment_id 	= $q->insert_id();
            $this->user_id	  	= $THEUSER->user_id();
            $this->epobject_id 	= $data['epobject_id'];
            $this->body			= $data['body'];
            $this->posted		= $posted;
            $this->visible		= 1;

            return $this->comment_id();

        } else {
            return false;
        }
    }


    public function display($format = 'html', $template = 'comments') {
        $data['comments'][0] =  [

            'comment_id'	=> $this->comment_id,
            'user_id'		=> $this->user_id,
            'epobject_id'	=> $this->epobject_id,
            'body'			=> $this->body,
            'posted'		=> $this->posted,
            'modflagged'	=> $this->modflagged,
            'url'			=> $this->url,
            'firstname'		=> $this->firstname,
            'lastname'		=> $this->lastname,
            'visible'		=> $this->visible,
        ];

        // Use the same renderer as the COMMENTLIST class.
        $COMMENTLIST = new COMMENTLIST();
        $COMMENTLIST->render($data, $format, $template);

    }


    public function set_modflag($switch) {
        // $switch is either 'on' or 'off'.
        // The comment's modflag goes to on when someone reports the comment.
        // It goes to off when a commentreport has been resolved but the
        // comment HASN'T been deleted.
        global $PAGE;

        if ($switch == 'on') {
            $date = gmdate("Y-m-d H:i:s");
            $flag = "'$date'";

        } elseif ($switch == 'off') {
            $date = null;
            $flag = 'NULL';

        } else {
            $PAGE->error_message("Why are you trying to switch this comment's modflag to '" . _htmlentities($switch) . "'!");
        }

        $q = $this->db->query("UPDATE comments
                        SET		modflagged = $flag

                        WHERE 	comment_id = '" . $this->comment_id . "'
                        ");

        if ($q->success()) {
            $this->modflagged = $date;

            return true;
        } else {
            $message =  [
                'title' => 'Sorry',
                'text' => "We couldn't update the annotation's modflag.",
            ];
            $PAGE->error_message($message);
            return false;
        }

    }


    public function delete() {
        // Mark the comment as invisible.

        global $THEUSER, $PAGE;

        if ($THEUSER->is_able_to('deletecomment')) {
            $q = $this->db->query("UPDATE comments SET visible = '0' WHERE comment_id = '" . $this->comment_id . "'");

            if ($q->success()) {
                return true;
            } else {
                $message =  [
                    'title' => 'Sorry',
                    'text' => "We were unable to delete the annotation.",
                ];
                $PAGE->error_message($message);
                return false;
            }

        } else {
            $message =  [
                'title' => 'Sorry',
                'text' => "You are not authorised to delete annotations.",
            ];
            $PAGE->error_message($message);
            return false;
        }

    }



    public function _set_url() {
        global $hansardmajors;
        // Creates and sets the URL for the comment.

        if ($this->url == '') {

            $q = $this->db->query(
                "SELECT major,
                                    gid
                            FROM	hansard
                            WHERE	epobject_id = :epobject_id",
                [':epobject_id' => $this->epobject_id]
            )->first();

            if ($q) {
                // If you change stuff here, you might have to change it in
                // $COMMENTLIST->_get_comment_data() too...

                $gid = fix_gid_from_db($q['gid']); // In includes/utility.php

                $major = $q['major'];
                $page = $hansardmajors[$major]['page'];

                $URL = new \MySociety\TheyWorkForYou\Url($page);
                $URL->insert(['id' => $gid]);
                $this->url = $URL->generate() . '#c' . $this->comment_id;
            }
        }
    }



    public function _set_username() {
        // Gets and sets the user's name who posted the comment.

        if ($this->firstname == '' && $this->lastname == '') {
            $q = $this->db->query(
                "SELECT firstname,
                                    lastname
                            FROM	users
                            WHERE	user_id = :user_id",
                [':user_id' => $this->user_id]
            )->first();

            if ($q) {
                $this->firstname = $q['firstname'];
                $this->lastname = $q['lastname'];
            }
        }
    }




}


1		<?php
2
3		/* A class for doing things with single comments.
4
5		To access stuff about an existing comment you can do something like:
6		$COMMENT = new COMMENT(37);
7		$COMMENT->display();
8		Where '37' is the comment_id.
9
10		To create a new comment you should get a $data array prepared of
11		the key/value pairs needed to create a new comment and do:
12		$COMMENT = new COMMENT;
13		$COMMENT->create ($data);
14
15		You can delete a comment by doing $COMMENT->delete() (it isn't actually
16		deleted from the database, just set to invisible.
17
18		You can also do $COMMENT->set_modflag() which happens when a user
19		posts a report about a comment. The flag is unset when/if the report is
20		rejected.
21
22		*/
23
24
25
26		class COMMENT {
27		public $comment_id = '';
28		public $user_id = '';
29		public $epobject_id = '';
30		public $body = '';
31		public $posted = '';
32		public $visible = false;
33		public $modflagged = null; // Is a datetime when set.
34		public $firstname = ''; // Of the person who posted it.
35		public $lastname = '';
36		public $url = '';
37
38		// So that after trying to init a comment, we can test for
39		// if it exists in the DB.
40		public $exists = false;
41
42
43		public function __construct($comment_id = '') {
44	3
45		$this->db = new ParlDB();
		0 ignored issues – show Bug Best Practice introduced 2018-06-21 14:28 UTC by Report Bug Copy Issue Report The property `db` does not exist. Although not strictly required by PHP, it is generally a best practice to declare properties explicitly. Loading history...
46	3
47		// Set in init.php
48		if (ALLOWCOMMENTS == true) {
		0 ignored issues – show Coding Style Best Practice introduced 2018-06-21 14:28 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history... introduced 2018-10-30 10:15 UTC by Report Bug Copy Issue Report The condition `ALLOWCOMMENTS == true` is always `true`. Loading history...
49	3	$this->comments_enabled = true;
		0 ignored issues – show Bug Best Practice introduced 2018-06-21 14:28 UTC by Report Bug Copy Issue Report The property `comments_enabled` does not exist. Although not strictly required by PHP, it is generally a best practice to declare properties explicitly. Loading history...
50	3	} else {
51		$this->comments_enabled = false;
52		}
53
54
55		if (is_numeric($comment_id)) {
56	3	// We're getting the data for an existing comment from the DB.
57
58		$q = $this->db->query(
59	3	"SELECT user_id,
60		epobject_id,
61		body,
62		posted,
63		visible,
64		modflagged
65		FROM comments
66		WHERE comment_id=:comment_id",
67	3	[':comment_id' => $comment_id]
68		)->first();
69	3
70		if ($q) {
71	3
72	3	$this->comment_id = $comment_id;
73	3	$this->user_id = $q['user_id'];
74	3	$this->epobject_id = $q['epobject_id'];
75	3	$this->body = $q['body'];
76	3	$this->posted = $q['posted'];
77	3	$this->visible = $q['visible'];
78		$this->modflagged = $q['modflagged'];
79
80	3	// Sets the URL and username for this comment. Duh.
81	3	$this->_set_url();
82		$this->_set_username();
83	3
84		$this->exists = true;
85		} else {
86		$this->exists = false;
87		}
88	3	}
89		}
90
91
92		// Use these for accessing the object's variables externally.
93		public function comment_id() {
94		return $this->comment_id;
95		}
96		public function user_id() {
97		return $this->user_id;
98		}
99		public function epobject_id() {
100		return $this->epobject_id;
101		}
102		public function body() {
103		return $this->body;
104		}
105		public function posted() {
106		return $this->posted;
107		}
108		public function visible() {
109		return $this->visible;
110		}
111		public function modflagged() {
112		return $this->modflagged;
113		}
114		public function exists() {
115		return $this->exists;
116		}
117		public function firstname() {
118		return $this->firstname;
119		}
120		public function lastname() {
121		return $this->lastname;
122		}
123		public function url() {
124		return $this->url;
125		}
126
127		public function comments_enabled() {
128		return $this->comments_enabled;
129		}
130
131
132		public function create($data) {
133		// Inserts data for this comment into the database.
134		// $data has 'epobject_id' and 'body' elements.
135		// Returns the new comment_id if successful, false otherwise.
136
137		global $THEUSER, $PAGE;
138
139		if ($this->comments_enabled() == false) {
		0 ignored issues – show Coding Style Best Practice introduced 2025-09-15 14:42 UTC by Report Bug Copy Issue Report It seems like you are loosely comparing two booleans. Considering using the strict comparison `===` instead. When comparing two booleans, it is generally considered safer to use the strict comparison operator. Loading history...
140		$PAGE->error_message("Sorry, the posting of annotations has been temporarily disabled.");
141		return;
142		}
143
144		if (!$THEUSER->is_able_to('addcomment')) {
145		$message = [
146		'title' => 'Sorry',
147		'text' => 'You are not allowed to post annotations.',
148		];
149		$PAGE->error_message($message);
150		return false;
151		}
152
153		if (!is_numeric($data['epobject_id'])) {
154		$message = [
155		'title' => 'Sorry',
156		'text' => "We don't have an epobject id.",
157		];
158		$PAGE->error_message($message);
159		return false;
160		}
161
162		if ($data['body'] == '') {
163		$message = [
164		'title' => 'Whoops!',
165		'text' => "You haven't entered an annotation!",
166		];
167		$PAGE->error_message($message);
168		return false;
169		}
170
171		// OK, let's get on with it...
172
173		// Tidy up the HTML tags
174		// (but we don't make URLs into links; only when displaying the comment).
175		$body = filter_user_input($data['body'], 'comment'); // In utility.php
176
177		$posted = date('Y-m-d H:i:s', time());
178
179
180		$q_gid = $this->db->query("select gid from hansard where epobject_id = :epobject_id", [':epobject_id' => $data['epobject_id']]);
181		$data['gid'] = $q_gid->field(0, 'gid');
182
183		$q = $this->db->query(
184		"INSERT INTO comments
185		(user_id, epobject_id, body, posted, visible, original_gid)
186		VALUES
187		(
188		:user_id,
189		:epobject_id,
190		:body,
191		:posted,
192		1,
193		:gid
194		)",
195		[
196		':user_id' => $THEUSER->user_id(),
197		':epobject_id' => $data['epobject_id'],
198		':body' => $body,
199		':posted' => $posted,
200	3	':gid' => $data['gid'],
201	3	]
202		);
203
204	3	if ($q->success()) {
205		// Set the object varibales up.
206	3	$this->comment_id = $q->insert_id();
207		$this->user_id = $THEUSER->user_id();
208		$this->epobject_id = $data['epobject_id'];
209		$this->body = $data['body'];
210	3	$this->posted = $posted;
211		$this->visible = 1;
212	3
213		return $this->comment_id();
214
215		} else {
216		return false;
217		}
218		}
219
220
221		public function display($format = 'html', $template = 'comments') {
222		$data['comments'][0] = [
		0 ignored issues – show Comprehensibility Best Practice introduced 2018-06-21 14:28 UTC by Report Bug Copy Issue Report `$data` was never initialized. Although not strictly required by PHP, it is generally a good practice to add `$data = array();` before regardless. Loading history...
223		'comment_id' => $this->comment_id,
224		'user_id' => $this->user_id,
225		'epobject_id' => $this->epobject_id,
226	3	'body' => $this->body,
227		'posted' => $this->posted,
228		'modflagged' => $this->modflagged,
229		'url' => $this->url,
230	3	'firstname' => $this->firstname,
231		'lastname' => $this->lastname,
232		'visible' => $this->visible,
233	3	];
234	3
235		// Use the same renderer as the COMMENTLIST class.
236		$COMMENTLIST = new COMMENTLIST();
237		$COMMENTLIST->render($data, $format, $template);
238	3
239		}
240	3
241	3
242	3	public function set_modflag($switch) {
243		// $switch is either 'on' or 'off'.
244		// The comment's modflag goes to on when someone reports the comment.
245	3	// It goes to off when a commentreport has been resolved but the
246		// comment HASN'T been deleted.
247		global $PAGE;
248
249		if ($switch == 'on') {
250		$date = gmdate("Y-m-d H:i:s");
251		$flag = "'$date'";
252
253		} elseif ($switch == 'off') {
254		$date = null;
255		$flag = 'NULL';
256
257		} else {
258		$PAGE->error_message("Why are you trying to switch this comment's modflag to '" . _htmlentities($switch) . "'!");
259		}
260
261		$q = $this->db->query("UPDATE comments
262		SET modflagged = $flag
		0 ignored issues – show Comprehensibility Best Practice introduced 2018-06-21 14:28 UTC by Report Bug Copy Issue Report The variable `$flag` does not seem to be defined for all execution paths leading up to this point. Loading history...
263		WHERE comment_id = '" . $this->comment_id . "'
264		");
265
266		if ($q->success()) {
267		$this->modflagged = $date;
		0 ignored issues – show Comprehensibility Best Practice introduced 2018-06-21 14:28 UTC by Report Bug Copy Issue Report The variable `$date` does not seem to be defined for all execution paths leading up to this point. Loading history...
268		return true;
269		} else {
270		$message = [
271		'title' => 'Sorry',
272		'text' => "We couldn't update the annotation's modflag.",
273		];
274		$PAGE->error_message($message);
275		return false;
276		}
277
278		}
279
280
281		public function delete() {
282		// Mark the comment as invisible.
283
284		global $THEUSER, $PAGE;
285
286		if ($THEUSER->is_able_to('deletecomment')) {
287		$q = $this->db->query("UPDATE comments SET visible = '0' WHERE comment_id = '" . $this->comment_id . "'");
288
289		if ($q->success()) {
290		return true;
291		} else {
292		$message = [
293		'title' => 'Sorry',
294		'text' => "We were unable to delete the annotation.",
295		];
296		$PAGE->error_message($message);
297		return false;
298		}
299
300		} else {
301		$message = [
302		'title' => 'Sorry',
303		'text' => "You are not authorised to delete annotations.",
304		];
305		$PAGE->error_message($message);
306		return false;
307		}
308
309		}
310
311
312
313		public function _set_url() {
314		global $hansardmajors;
315		// Creates and sets the URL for the comment.
316
317		if ($this->url == '') {
318
319		$q = $this->db->query(
320		"SELECT major,
321		gid
322		FROM hansard
323		WHERE epobject_id = :epobject_id",
324		[':epobject_id' => $this->epobject_id]
325		)->first();
326
327		if ($q) {
328		// If you change stuff here, you might have to change it in
329		// $COMMENTLIST->_get_comment_data() too...
330
331		$gid = fix_gid_from_db($q['gid']); // In includes/utility.php
332
333		$major = $q['major'];
334		$page = $hansardmajors[$major]['page'];
335
336		$URL = new \MySociety\TheyWorkForYou\Url($page);
337		$URL->insert(['id' => $gid]);
338		$this->url = $URL->generate() . '#c' . $this->comment_id;
339		}
340		}
341		}
342
343
344
345		public function _set_username() {
346		// Gets and sets the user's name who posted the comment.
347
348		if ($this->firstname == '' && $this->lastname == '') {
349		$q = $this->db->query(
350		"SELECT firstname,
351		lastname
352		FROM users
353		WHERE user_id = :user_id",
354		[':user_id' => $this->user_id]
355		)->first();
356
357		if ($q) {
358		$this->firstname = $q['firstname'];
359		$this->lastname = $q['lastname'];
360		}
361		}
362		}
363
364
365
366
367		}
368

mysociety / theyworkforyou

Push — master ( 0e9327...12087f )

COMMENT A

Complexity

Size/Duplication

Test Coverage

Importance

19 Methods

Duplication Side-by-Side

Filter issues like