b2evolution PHP Cross Reference Blogging Systems

Source: /htsrv/comment_review.php - 224 lines - 6590 bytes - Text - Print

Description: This is file implements the comments quick edit operations after email notification. This file is part of the evoCore framework - {@link http://evocore.net/} See also {@link http://sourceforge.net/projects/evocms/}.

   1  <?php
   2  /**
   3   * This is file implements the comments quick edit operations after email notification.
   4   *
   5   * This file is part of the evoCore framework - {@link http://evocore.net/}
   6   * See also {@link http://sourceforge.net/projects/evocms/}.
   7   *
   8   * @copyright (c)2003-2014 by Francois Planque - {@link http://fplanque.com/}
   9   *
  10   * @package htsrv
  11   *
  12   * @version $Id: comment_review.php 6136 2014-03-08 07:59:48Z manuel $
  13   */
  14  
  15  /**
  16   * Initialize everything:
  17   */
  18  require_once dirname(__FILE__).'/../conf/_config.php';
  19  require_once $inc_path.'/_main.inc.php';
  20  
  21  param('cmt_ID', 'integer', '' );
  22  param('secret', 'string', '' );
  23  param_action();
  24  
  25  $to_dashboard = $admin_url.'?ctrl=dashboard';
  26  $to_comment_edit = $admin_url.'?ctrl=comments&action=edit&comment_ID='.$cmt_ID;
  27  
  28  if( $cmt_ID != null )
  29  {
  30      $posted_Comment = & Comment_get_by_ID( $cmt_ID );
  31  }
  32  else
  33  {
  34      $Messages->add( 'Requested comment does not exist!' );
  35      header_redirect( $to_dashboard );
  36  }
  37  
  38  $comment_Item = & $posted_Comment->get_Item();
  39  $comment_Blog = $comment_Item->get_Blog();
  40  if( $comment_Blog->get_setting( 'comment_quick_moderation' ) == 'never' )
  41  { // comment quick moderation setting was set to 'never' after this comment quick moderation link was created
  42      // don't allow quick moderation
  43      $Messages->add( T_('Quick moderation not available.') );
  44  }
  45  
  46  // Check the secret parameter (This doubles as a CRUMB)
  47  if( ( $secret != $posted_Comment->get('secret') ) || empty( $secret ) )
  48  { // Invalid secret, no moderation allowed here, go to regular form with regular login requirements:
  49      $Messages->add( T_('Invalid secret key. Quick moderation not available.') );
  50  }
  51  
  52  if( $posted_Comment->status == 'trash' )
  53  { // Comment is already in trash
  54      $Messages->add( T_('The comment was already deleted. Quick moderation not available.') );
  55  }
  56  
  57  if( $Messages->has_errors() )
  58  { // quick moderation is not available, redirect to normal edit form
  59      header_redirect( $to_comment_edit );
  60  }
  61  
  62  $antispam_url = $admin_url.'?ctrl=antispam&action=ban&keyword='.rawurlencode(get_ban_domain($posted_Comment->author_url)).'&'.url_crumb( 'antispam' );
  63  
  64  // perform action if action is not null
  65  switch( $action )
  66  {
  67      case 'publish':
  68          $posted_Comment->set('status', 'published' );
  69          // Comment moderation is done, handle moderation "secret"
  70          $posted_Comment->handle_qm_secret();
  71  
  72          $posted_Comment->dbupdate();    // Commit update to the DB
  73  
  74          $posted_Comment->handle_notifications();
  75  
  76          $Messages->add( T_('Comment has been published.'), 'success' );
  77  
  78          header_redirect( $to_dashboard );
  79          /* exited */
  80          break;
  81  
  82      case 'deprecate':
  83          $posted_Comment->set('status', 'deprecated' );
  84          // Comment moderation is done, handle moderation "secret"
  85          $posted_Comment->handle_qm_secret();
  86  
  87          $posted_Comment->dbupdate();    // Commit update to the DB
  88  
  89          $Messages->add( T_('Comment has been deprecated.'), 'success' );
  90  
  91          header_redirect( $to_dashboard );
  92          /* exited */
  93          break;
  94  
  95      case 'delete':
  96          // Delete from DB:
  97          $posted_Comment->dbdelete();
  98  
  99          $Messages->add( T_('Comment has been deleted.'), 'success' );
 100  
 101          header_redirect( $to_dashboard );
 102          break;
 103  
 104      case 'deleteurl':
 105          // Delete author url:
 106          $posted_Comment->set( 'author_url', null );
 107  
 108          $posted_Comment->dbupdate();    // Commit update to the DB
 109  
 110          $Messages->add( T_('Comment url has been deleted.'), 'success' );
 111  
 112          // redirect to this page, without action param!!!
 113          header_redirect( regenerate_url( 'action', array ( 'cmt_ID='.$cmt_ID, 'secret='.$secret ), '', '&' ) );
 114          break;
 115  
 116      case 'antispamtool':
 117          // Redirect to the Antispam ban screen
 118  
 119          header_redirect( $antispam_url );
 120          /* exited */
 121          break;
 122  }
 123  
 124  // No action => display the form
 125  
 126  headers_content_mightcache( 'text/html', 0 );  // Do NOT cache!
 127  
 128  ?>
 129  <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
 130  <html xml:lang="<?php locale_lang() ?>" lang="<?php locale_lang() ?>">
 131  <head>
 132      <title><?php echo ' '.T_('Comment review').' '; ?></title>
 133  </head>
 134  
 135  <body>
 136  
 137  <form method="post" name="review">
 138  
 139  <?php
 140  
 141  if ($secret == $posted_Comment->get('secret') && ($secret != NULL) )
 142  {
 143      // delete button
 144      echo '<input type="submit" name="actionArray[delete]"';
 145      echo ' value="'.T_('Delete').'" title="'.T_('Delete this comment').'"/>';
 146      echo "\n";
 147  
 148      // deprecate button
 149      if( $posted_Comment->status != 'deprecated' )
 150      {
 151          echo '<input type="submit" name="actionArray[deprecate]"';
 152          echo ' value="'.T_('Deprecate').'" title="'.T_('Deprecate this comment').'"/>';
 153          echo "\n";
 154      }
 155  
 156      // publish button
 157      if( $posted_Comment->status != 'published' )
 158      {
 159          echo '<input type="submit" name="actionArray[publish]"';
 160          echo ' value="'.T_('Publish').'" title="'.T_('Publish this comment').'"/>';
 161          echo "\n";
 162      }
 163  
 164      if( $posted_Comment->author_url != null )
 165      {
 166          // delete url button
 167          echo '<input type="submit" name="actionArray[deleteurl]"';
 168          echo ' value="'.T_('Delete URL').'" title="'.T_('Delete comment URL').'" />';
 169          echo "\n";
 170  
 171          // antispam tool button
 172          echo '<input type="submit" name="actionArray[antispamtool]"';
 173          echo ' value="'.T_('Antispam tool').'" title="'.T_('Antispam tool').'" />';
 174          echo "\n";
 175      }
 176  
 177      echo '<input type="hidden" name="secret" value="'.$secret.'" />';
 178      echo "\n";
 179      echo '<input type="hidden" name="cmt_ID" value="'.$cmt_ID.'" />';
 180      echo "\n";
 181  }
 182  else
 183  {
 184      die( T_('Invalid link!') );
 185  }
 186  
 187  ?>
 188  <fieldset>
 189  <legend><?php echo T_('Posted comment')?></legend>
 190  <div class=bComment>
 191      <div class="bSmallHead">
 192          <span class="bDate"><?php $posted_Comment->date(); ?></span>
 193          @
 194          <span class="bTime"><?php $posted_Comment->time( 'H:i' ); ?></span>
 195          <?php
 196                  $posted_Comment->author_url( '', ' &middot; Url: <span class="bUrl">', '</span>' );
 197                  if( $posted_Comment->author_url != null )
 198                  {
 199                      echo ' '.action_icon( T_('Delete comment URL'), 'delete', regenerate_url( '', array( 'action=deleteurl', 'cmt_ID='.$cmt_ID, 'secret='.$secret ) ) ).' ';
 200                      echo ' '.action_icon( T_('Antispam tool'), 'ban', $antispam_url );
 201                  }
 202                  $posted_Comment->author_email( '', ' &middot; Email: <span class="bEmail">', '</span>' );
 203                  $posted_Comment->author_ip( ' &middot; IP: <span class="bIP">', '</span>' );
 204                  echo ' &middot; <span class="bKarma">';
 205                  $posted_Comment->spam_karma( T_('Spam Karma').': %s%', T_('No Spam Karma') );
 206                  echo '</span>';
 207               ?>
 208      </div>
 209      <div class="bTitle">
 210          <?php echo $posted_Comment->get_title(); ?>
 211      </div>
 212      <?php $posted_Comment->rating(); ?>
 213      <?php $posted_Comment->avatar(); ?>
 214      <fieldset class="bCommentText">
 215          <legend><?php echo T_('Content')?></legend>
 216          <?php $posted_Comment->content() ?>
 217      </fieldset>
 218  </div>
 219  </fieldset>
 220  
 221  </form>
 222  
 223  </body>
 224  </html>

title

Description

title

Description

title

Description

title

title

Body