diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-01-16 22:27:07 -0800 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-01-16 22:27:07 -0800 |
| commit | 1c85cf6397d8c780db0d2ade185e0bbf714a57a6 (patch) | |
| tree | bc4dbaf25229fc8a03914b21eb8a46d44f2925c1 /modules/comment/models/comment.php | |
| parent | 39ad9fa9a0b8d262bf87d2932a18ce9d49ab3437 (diff) | |
Convert comment code over to model based validation.
Diffstat (limited to 'modules/comment/models/comment.php')
| -rw-r--r-- | modules/comment/models/comment.php | 87 |
1 files changed, 76 insertions, 11 deletions
diff --git a/modules/comment/models/comment.php b/modules/comment/models/comment.php index e0b82039..7ad47c6d 100644 --- a/modules/comment/models/comment.php +++ b/modules/comment/models/comment.php @@ -18,6 +18,11 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Comment_Model extends ORM { + var $rules = array( + "text" => array("rules" => array("required")), + "state" => array("rules" => array("Comment_Model::valid_state")) + ); + function item() { return ORM::factory("item", $this->item_id); } @@ -54,24 +59,56 @@ class Comment_Model extends ORM { } /** + * Add some custom per-instance rules. + */ + public function validate($array=null) { + // validate() is recursive, only modify the rules on the outermost call. + if (!$array) { + $this->rules["item_id"]["callbacks"] = array(array($this, "valid_item")); + $this->rules["guest_name"]["callbacks"] = array(array($this, "valid_author")); + } + + parent::validate($array); + } + + /** * @see ORM::save() */ public function save() { - if (!empty($this->changed)) { - $this->updated = time(); - if (!$this->loaded() && empty($this->created)) { - $this->created = $this->updated; - $created = true; + $this->updated = time(); + if (!$this->loaded()) { + // New comment + $this->created = $this->updated; + if (empty($this->state)) { + $this->state = "published"; } - } - $visible_change = $this->original()->state == "published" || $this->state == "published"; - - $original = clone $this->original(); - parent::save(); - if (isset($created)) { + // These values are useful for spam fighting, so save them with the comment. It's painful to + // check each one to see if it already exists before setting it, so just use server_http_host + // as a semaphore for now (we use that in g2_import.php) + if (empty($this->server_http_host)) { + $input = Input::instance(); + $this->server_http_accept = substr($input->server("HTTP_ACCEPT"), 0, 128); + $this->server_http_accept_charset = substr($input->server("HTTP_ACCEPT_CHARSET"), 0, 64); + $this->server_http_accept_encoding = substr($input->server("HTTP_ACCEPT_ENCODING"), 0, 64); + $this->server_http_accept_language = substr($input->server("HTTP_ACCEPT_LANGUAGE"), 0, 64); + $this->server_http_connection = substr($input->server("HTTP_CONNECTION"), 0, 64); + $this->server_http_host = substr($input->server("HTTP_HOST"), 0, 64); + $this->server_http_referer = substr($input->server("HTTP_REFERER"), 0, 255); + $this->server_http_user_agent = substr($input->server("HTTP_USER_AGENT"), 0, 128); + $this->server_query_string = substr($input->server("QUERY_STRING"), 0, 64); + $this->server_remote_addr = substr($input->server("REMOTE_ADDR"), 0, 32); + $this->server_remote_host = substr($input->server("REMOTE_HOST"), 0, 64); + $this->server_remote_port = substr($input->server("REMOTE_PORT"), 0, 16); + } + $visible_change = $this->original()->state == "published" || $this->state == "published"; + parent::save(); module::event("comment_created", $this); } else { + // Updated comment + $visible_change = $this->original()->state == "published" || $this->state == "published"; + $original = clone $this->original(); + parent::save(); module::event("comment_updated", $original, $this); } @@ -92,4 +129,32 @@ class Comment_Model extends ORM { $this->join("items", "items.id", "comments.item_id"); return item::viewable($this); } + + /** + * Make sure we have an appropriate author id set, or a guest name. + */ + public function valid_author(Validation $v, $field) { + if ($this->author_id == identity::guest()->id && empty($this->guest_name)) { + $v->add_error("guest_name", "required"); + } + } + + /** + * Make sure we have a valid associated item id. + */ + public function valid_item(Validation $v, $field) { + if (db::build() + ->from("items") + ->where("id", "=", $this->item_id) + ->count_records() != 1) { + $v->add_error("item_id", "invalid"); + } + } + + /** + * Make sure that the state is legal. + */ + static function valid_state($value) { + return in_array($value, array("published", "unpublished", "spam", "deleted")); + } } |