1 | <?php |
||
2 | |||
3 | namespace Apps\Model\Api\Comments; |
||
4 | |||
5 | use Apps\ActiveRecord\CommentPost; |
||
6 | use Ffcms\Core\App; |
||
7 | use Ffcms\Core\Arch\Model; |
||
8 | use Ffcms\Core\Exception\JsonException; |
||
9 | use Ffcms\Core\Helper\Date; |
||
10 | use Ffcms\Core\Helper\Type\Str; |
||
11 | |||
12 | /** |
||
13 | * Class CommentPostAdd. Model to parse and insert input comment post data. |
||
14 | * @package Apps\Model\Api\Comments |
||
15 | */ |
||
16 | class CommentPostAdd extends Model |
||
17 | { |
||
18 | public $appId; |
||
19 | public $appName; |
||
20 | |||
21 | public $message; |
||
22 | public $guestName; |
||
23 | |||
24 | public $ip; |
||
25 | |||
26 | private $_configs; |
||
27 | private $_userId = 0; |
||
28 | |||
29 | /** |
||
30 | * CommentPostAdd constructor. Pass configuration inside. |
||
31 | * @param array $configs |
||
32 | */ |
||
33 | public function __construct(array $configs) |
||
34 | { |
||
35 | $this->_configs = $configs; |
||
36 | parent::__construct(); |
||
37 | } |
||
38 | |||
39 | /** |
||
40 | * Prepare model data - user ip and other data |
||
41 | */ |
||
42 | public function before() |
||
43 | { |
||
44 | // set user ip |
||
45 | $this->ip = App::$Request->getClientIp(); |
||
46 | // set user object if auth done |
||
47 | if (App::$User->isAuth()) { |
||
48 | $this->_userId = App::$User->identity()->getId(); |
||
49 | } |
||
50 | } |
||
51 | |||
52 | /** |
||
53 | * Check comment add conditions. On bad conditions will be throw'd exception. |
||
54 | * @throws JsonException |
||
55 | * @return boolean |
||
56 | */ |
||
57 | public function check() |
||
58 | { |
||
59 | // check if user is auth'd or guest name is defined |
||
60 | if (!App::$User->isAuth() && ((int)$this->_configs['guestAdd'] !== 1 || Str::length($this->guestName) < 2)) { |
||
61 | throw new JsonException(__('Guest name is not defined')); |
||
62 | } |
||
63 | |||
64 | // check if target app_name or id is empty |
||
65 | if (Str::likeEmpty($this->appName) || Str::likeEmpty($this->appId) || (int)$this->appId < 0) { |
||
66 | throw new JsonException(__('Wrong target name or id')); |
||
67 | } |
||
68 | |||
69 | // check if message length is correct |
||
70 | if (Str::length($this->message) < (int)$this->_configs['minLength'] || Str::length($this->message) > (int)$this->_configs['maxLength']) { |
||
71 | throw new JsonException(__('Message length is incorrect. Current: %cur%, min - %min%, max - %max%', [ |
||
72 | 'cur' => Str::length($this->message), |
||
73 | 'min' => $this->_configs['minLength'], |
||
74 | 'max' => $this->_configs['maxLength'] |
||
75 | ])); |
||
76 | } |
||
77 | |||
78 | // guest moderation |
||
79 | if (!App::$User->isAuth() && (bool)$this->_configs['guestModerate']) { |
||
80 | $captcha = App::$Request->request->get('captcha'); |
||
81 | if (!App::$Captcha->validate($captcha)) { |
||
82 | throw new JsonException(__('Captcha is incorrect! Click on image to refresh and try again')); |
||
83 | } |
||
84 | } |
||
85 | |||
86 | // check delay between 2 comments from 1 user or 1 ip |
||
87 | $query = CommentPost::where('user_id', $this->_userId) |
||
88 | ->orWhere('ip', $this->ip) |
||
89 | ->orderBy('created_at', 'DESC') |
||
90 | ->first(); |
||
91 | |||
92 | /** @var CommentPost $query */ |
||
93 | // check if latest post time for this user is founded |
||
94 | if ($query) { |
||
95 | $isModerator = false; |
||
96 | if (App::$User->isAuth() && App::$User->identity()->role->can('global/modify')) { |
||
97 | $isModerator = true; |
||
98 | } |
||
99 | $postTime = Date::convertToTimestamp($query->created_at); |
||
100 | $delay = $postTime + $this->_configs['delay'] - time(); |
||
101 | if ($delay > 0 && !$isModerator) { |
||
102 | throw new JsonException(__('Spam protection: please, wait %sec% seconds', ['sec' => $delay])); |
||
103 | } |
||
104 | } |
||
105 | |||
106 | return true; |
||
107 | } |
||
108 | |||
109 | /** |
||
110 | * Insert new comment in table and return active record object |
||
111 | * @return CommentPost |
||
112 | */ |
||
113 | public function buildRecord() |
||
114 | { |
||
115 | $record = new CommentPost(); |
||
116 | $record->app_name = $this->appName; |
||
117 | $record->app_relation_id = (int)$this->appId; |
||
118 | $record->user_id = $this->_userId; |
||
119 | $record->guest_name = $this->guestName; |
||
120 | $record->message = $this->message; |
||
121 | $record->lang = App::$Request->getLanguage(); |
||
122 | // check if pre moderation is enabled and user is guest |
||
123 | if ((int)$this->_configs['guestModerate'] === 1 && $this->_userId < 1) { |
||
124 | $record->moderate = 1; |
||
0 ignored issues
–
show
|
|||
125 | } |
||
126 | $record->save(); |
||
127 | |||
128 | return $record; |
||
129 | } |
||
130 | } |
||
131 |
This check looks for assignments to scalar types that may be of the wrong type.
To ensure the code behaves as expected, it may be a good idea to add an explicit type cast.