1
|
|
|
<?php |
2
|
|
|
namespace Redaxscript\Controller; |
3
|
|
|
|
4
|
|
|
use Redaxscript\Filter; |
5
|
|
|
use Redaxscript\Html; |
6
|
|
|
use Redaxscript\Mailer; |
7
|
|
|
use Redaxscript\Model; |
8
|
|
|
use Redaxscript\Validator; |
9
|
|
|
|
10
|
|
|
/** |
11
|
|
|
* children class to process the comment request |
12
|
|
|
* |
13
|
|
|
* @since 3.0.0 |
14
|
|
|
* |
15
|
|
|
* @package Redaxscript |
16
|
|
|
* @category Controller |
17
|
|
|
* @author Henry Ruhs |
18
|
|
|
* @author Balázs Szilágyi |
19
|
|
|
*/ |
20
|
|
|
|
21
|
|
|
class Comment extends ControllerAbstract |
22
|
|
|
{ |
23
|
|
|
/** |
24
|
|
|
* process the class |
25
|
|
|
* |
26
|
|
|
* @since 3.3.0 |
27
|
|
|
* |
28
|
|
|
* @return string |
29
|
|
|
*/ |
30
|
|
|
|
31
|
7 |
|
public function process() : string |
32
|
|
|
{ |
33
|
7 |
|
$articleModel = new Model\Article(); |
34
|
7 |
|
$settingModel = new Model\Setting(); |
35
|
7 |
|
$postArray = $this->_normalizePost($this->_sanitizePost()); |
36
|
7 |
|
$validateArray = $this->_validatePost($postArray); |
|
|
|
|
37
|
7 |
|
$route = $postArray['article'] ? $articleModel->getRouteById($postArray['article']) : null; |
38
|
|
|
|
39
|
|
|
/* handle validate */ |
40
|
|
|
|
41
|
7 |
|
if ($validateArray) |
|
|
|
|
42
|
|
|
{ |
43
|
3 |
|
return $this->_error( |
44
|
|
|
[ |
45
|
3 |
|
'route' => $route, |
46
|
3 |
|
'message' => $validateArray |
47
|
|
|
]); |
48
|
|
|
} |
49
|
|
|
|
50
|
|
|
/* handle create */ |
51
|
|
|
|
52
|
|
|
$createArray = |
53
|
|
|
[ |
54
|
4 |
|
'author' => $postArray['author'], |
55
|
4 |
|
'email' => $postArray['email'], |
56
|
4 |
|
'url' => $postArray['url'], |
57
|
4 |
|
'text' => $postArray['text'], |
58
|
4 |
|
'language' => $articleModel->getById($postArray['article'])->language, |
59
|
4 |
|
'article' => $postArray['article'], |
60
|
4 |
|
'status' => $settingModel->get('verification') ? 0 : 1 |
61
|
|
|
]; |
62
|
4 |
|
if (!$this->_create($createArray)) |
63
|
|
|
{ |
64
|
1 |
|
return $this->_error( |
65
|
|
|
[ |
66
|
1 |
|
'route' => $route |
67
|
|
|
]); |
68
|
|
|
} |
69
|
|
|
|
70
|
|
|
/* handle mail */ |
71
|
|
|
|
72
|
|
|
$mailArray = |
73
|
|
|
[ |
74
|
3 |
|
'email' => $postArray['email'], |
75
|
3 |
|
'url' => $postArray['url'], |
76
|
3 |
|
'route' => $route, |
77
|
3 |
|
'author' => $postArray['author'], |
78
|
3 |
|
'text' => $postArray['text'], |
79
|
3 |
|
'article' => $articleModel->getById($postArray['article'])->title |
80
|
|
|
]; |
81
|
3 |
|
if (!$this->_mail($mailArray)) |
82
|
|
|
{ |
83
|
1 |
|
return $this->_warning( |
84
|
|
|
[ |
85
|
1 |
|
'route' => $route, |
86
|
1 |
|
'timeout' => $settingModel->get('notification') ? 2 : 0, |
87
|
1 |
|
'message' => $this->_language->get('email_failed') |
88
|
|
|
]); |
89
|
|
|
} |
90
|
|
|
|
91
|
|
|
/* handle success */ |
92
|
|
|
|
93
|
2 |
|
return $this->_success( |
94
|
|
|
[ |
95
|
2 |
|
'route' => $route, |
96
|
2 |
|
'timeout' => $settingModel->get('notification') ? 2 : 0, |
97
|
2 |
|
'message' => $settingModel->get('moderation') ? $this->_language->get('comment_moderation') : $this->_language->get('comment_sent') |
98
|
|
|
]); |
99
|
|
|
} |
100
|
|
|
|
101
|
|
|
/** |
102
|
|
|
* sanitize the post |
103
|
|
|
* |
104
|
|
|
* @since 4.0.0 |
105
|
|
|
* |
106
|
|
|
* @return array |
107
|
|
|
*/ |
108
|
|
|
|
109
|
7 |
|
protected function _sanitizePost() : array |
110
|
|
|
{ |
111
|
7 |
|
$numberFilter = new Filter\Number(); |
112
|
7 |
|
$specialFilter = new Filter\Special(); |
113
|
7 |
|
$emailFilter = new Filter\Email(); |
114
|
7 |
|
$urlFilter = new Filter\Url(); |
115
|
7 |
|
$htmlFilter = new Filter\Html(); |
116
|
|
|
|
117
|
|
|
/* sanitize post */ |
118
|
|
|
|
119
|
|
|
return |
120
|
|
|
[ |
121
|
7 |
|
'author' => $specialFilter->sanitize($this->_request->getPost('author')), |
|
|
|
|
122
|
7 |
|
'email' => $emailFilter->sanitize($this->_request->getPost('email')), |
|
|
|
|
123
|
7 |
|
'url' => $urlFilter->sanitize($this->_request->getPost('url')), |
|
|
|
|
124
|
7 |
|
'text' => $htmlFilter->sanitize($this->_request->getPost('text')), |
|
|
|
|
125
|
7 |
|
'article' => $numberFilter->sanitize($this->_request->getPost('article')), |
|
|
|
|
126
|
7 |
|
'task' => $numberFilter->sanitize($this->_request->getPost('task')), |
|
|
|
|
127
|
7 |
|
'solution' => $this->_request->getPost('solution') |
128
|
|
|
]; |
129
|
|
|
} |
130
|
|
|
|
131
|
|
|
/** |
132
|
|
|
* validate the post |
133
|
|
|
* |
134
|
|
|
* @since 3.3.0 |
135
|
|
|
* |
136
|
|
|
* @param array $postArray array of the post |
137
|
|
|
* |
138
|
|
|
* @return array |
139
|
|
|
*/ |
140
|
|
|
|
141
|
7 |
|
protected function _validatePost(array $postArray = []) : array |
142
|
|
|
{ |
143
|
7 |
|
$emailValidator = new Validator\Email(); |
144
|
7 |
|
$captchaValidator = new Validator\Captcha(); |
145
|
7 |
|
$urlValidator = new Validator\Url(); |
146
|
7 |
|
$settingModel = new Model\Setting(); |
147
|
7 |
|
$validateArray = []; |
148
|
|
|
|
149
|
|
|
/* validate post */ |
150
|
|
|
|
151
|
7 |
|
if (!$postArray['author']) |
152
|
|
|
{ |
153
|
2 |
|
$validateArray[] = $this->_language->get('author_empty'); |
154
|
|
|
} |
155
|
7 |
|
if (!$postArray['email']) |
156
|
|
|
{ |
157
|
1 |
|
$validateArray[] = $this->_language->get('email_empty'); |
158
|
|
|
} |
159
|
6 |
|
else if (!$emailValidator->validate($postArray['email'])) |
160
|
|
|
{ |
161
|
1 |
|
$validateArray[] = $this->_language->get('email_incorrect'); |
162
|
|
|
} |
163
|
7 |
|
if ($postArray['url'] && !$urlValidator->validate($postArray['url'])) |
164
|
|
|
{ |
165
|
1 |
|
$validateArray[] = $this->_language->get('url_incorrect'); |
166
|
|
|
} |
167
|
7 |
|
if (!$postArray['text']) |
168
|
|
|
{ |
169
|
2 |
|
$validateArray[] = $this->_language->get('comment_empty'); |
170
|
|
|
} |
171
|
7 |
|
if (!$postArray['article']) |
172
|
|
|
{ |
173
|
2 |
|
$validateArray[] = $this->_language->get('article_empty'); |
174
|
|
|
} |
175
|
7 |
|
if ($settingModel->get('captcha') > 0 && !$captchaValidator->validate($postArray['task'], $postArray['solution'])) |
176
|
|
|
{ |
177
|
2 |
|
$validateArray[] = $this->_language->get('captcha_incorrect'); |
178
|
|
|
} |
179
|
7 |
|
return $validateArray; |
180
|
|
|
} |
181
|
|
|
|
182
|
|
|
/** |
183
|
|
|
* create the comment |
184
|
|
|
* |
185
|
|
|
* @since 3.0.0 |
186
|
|
|
* |
187
|
|
|
* @param array $createArray array of the create |
188
|
|
|
* |
189
|
|
|
* @return bool |
190
|
|
|
*/ |
191
|
|
|
|
192
|
3 |
|
protected function _create(array $createArray = []) : bool |
193
|
|
|
{ |
194
|
3 |
|
$commentModel = new Model\Comment(); |
195
|
3 |
|
return $commentModel->createByArray($createArray); |
196
|
|
|
} |
197
|
|
|
|
198
|
|
|
/** |
199
|
|
|
* send the mail |
200
|
|
|
* |
201
|
|
|
* @since 3.3.0 |
202
|
|
|
* |
203
|
|
|
* @param array $mailArray array of the mail |
204
|
|
|
* |
205
|
|
|
* @return bool |
206
|
|
|
*/ |
207
|
|
|
|
208
|
2 |
|
protected function _mail(array $mailArray = []) : bool |
209
|
|
|
{ |
210
|
2 |
|
$settingModel = new Model\Setting(); |
211
|
2 |
|
$urlArticle = $this->_registry->get('root') . '/' . $this->_registry->get('parameterRoute') . $mailArray['route']; |
212
|
|
|
|
213
|
|
|
/* html element */ |
214
|
|
|
|
215
|
2 |
|
$element = new Html\Element(); |
216
|
|
|
$linkEmail = $element |
217
|
2 |
|
->copy() |
218
|
2 |
|
->init('a', |
219
|
|
|
[ |
220
|
2 |
|
'href' => 'mailto:' . $mailArray['email'] |
221
|
|
|
]) |
222
|
2 |
|
->text($mailArray['email']); |
223
|
|
|
$linkUrl = $element |
224
|
2 |
|
->copy() |
225
|
2 |
|
->init('a', |
226
|
|
|
[ |
227
|
2 |
|
'href' => $mailArray['url'] |
228
|
|
|
]) |
229
|
2 |
|
->text($mailArray['url'] ? : $this->_language->get('none')); |
230
|
|
|
$linkArticle = $element |
231
|
2 |
|
->copy() |
232
|
2 |
|
->init('a', |
233
|
|
|
[ |
234
|
2 |
|
'href' => $urlArticle |
235
|
|
|
]) |
236
|
2 |
|
->text($urlArticle); |
237
|
|
|
|
238
|
|
|
/* prepare mail */ |
239
|
|
|
|
240
|
|
|
$toArray = |
241
|
|
|
[ |
242
|
2 |
|
$this->_language->get('author') => $settingModel->get('email') |
243
|
|
|
]; |
244
|
|
|
$fromArray = |
245
|
|
|
[ |
246
|
2 |
|
$mailArray['author'] => $mailArray['email'] |
247
|
|
|
]; |
248
|
2 |
|
$subject = $this->_language->get('comment_new'); |
249
|
|
|
$bodyArray = |
250
|
|
|
[ |
251
|
2 |
|
$this->_language->get('author') . $this->_language->get('colon') . ' ' . $mailArray['author'], |
252
|
2 |
|
'<br />', |
253
|
2 |
|
$this->_language->get('email') . $this->_language->get('colon') . ' ' . $linkEmail, |
254
|
2 |
|
'<br />', |
255
|
2 |
|
$this->_language->get('url') . $this->_language->get('colon') . ' ' . $linkUrl, |
256
|
2 |
|
'<br />', |
257
|
2 |
|
$this->_language->get('article') . $this->_language->get('colon') . ' ' . $linkArticle, |
258
|
2 |
|
'<br />', |
259
|
2 |
|
$this->_language->get('comment') . $this->_language->get('colon') . ' ' . $mailArray['text'] |
260
|
|
|
]; |
261
|
|
|
|
262
|
|
|
/* send mail */ |
263
|
|
|
|
264
|
2 |
|
$mailer = new Mailer(); |
265
|
2 |
|
$mailer->init($toArray, $fromArray, $subject, $bodyArray); |
|
|
|
|
266
|
2 |
|
return $mailer->send(); |
267
|
|
|
} |
268
|
|
|
} |
269
|
|
|
|
If a method or function can return multiple different values and unless you are sure that you only can receive a single value in this context, we recommend to add an additional type check:
If this a common case that PHP Analyzer should handle natively, please let us know by opening an issue.