diff options
| author | Bharat Mediratta <bharat@menalto.com> | 2010-01-16 22:27:07 -0800 |
|---|---|---|
| committer | Bharat Mediratta <bharat@menalto.com> | 2010-01-16 22:27:07 -0800 |
| commit | 1c85cf6397d8c780db0d2ade185e0bbf714a57a6 (patch) | |
| tree | bc4dbaf25229fc8a03914b21eb8a46d44f2925c1 /modules | |
| parent | 39ad9fa9a0b8d262bf87d2932a18ce9d49ab3437 (diff) | |
Convert comment code over to model based validation.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/comment/controllers/comments.php | 57 | ||||
| -rw-r--r-- | modules/comment/helpers/comment.php | 40 | ||||
| -rw-r--r-- | modules/comment/models/comment.php | 87 |
3 files changed, 99 insertions, 85 deletions
diff --git a/modules/comment/controllers/comments.php b/modules/comment/controllers/comments.php index 068152a2..6c546321 100644 --- a/modules/comment/controllers/comments.php +++ b/modules/comment/controllers/comments.php @@ -26,50 +26,39 @@ class Comments_Controller extends Controller { access::required("view", $item); $form = comment::get_add_form($item); - $valid = $form->validate(); - if ($valid) { - if (identity::active_user()->guest && !$form->add_comment->inputs["name"]->value) { - $form->add_comment->inputs["name"]->add_error("missing", 1); - $valid = false; - } - - if (!$form->add_comment->text->value) { - $form->add_comment->text->add_error("missing", 1); - $valid = false; + try { + $valid = $form->validate(); + $comment = ORM::factory("comment"); + $comment->item_id = $id; + $comment->author_id = identity::active_user()->id; + $comment->text = $form->add_comment->text->value; + $comment->guest_name = $form->add_comment->inputs["name"]->value; + $comment->guest_email = $form->add_comment->email->value; + $comment->guest_url = $form->add_comment->url->value; + $comment->validate(); + } catch (ORM_Validation_Exception $e) { + // Translate ORM validation errors into form error messages + foreach ($e->validation->errors() as $key => $error) { + switch ($key) { + case "guest_name": $key = "name"; break; + case "guest_email": $key = "email"; break; + } + $form->add_comment->inputs[$key]->add_error($error, 1); } + $valid = false; } if ($valid) { - $comment = comment::create( - $item, identity::active_user(), - $form->add_comment->text->value, - $form->add_comment->inputs["name"]->value, - $form->add_comment->email->value, - $form->add_comment->url->value); - - $active = identity::active_user(); - if ($active->guest) { - $form->add_comment->inputs["name"]->value(""); - $form->add_comment->email->value(""); - $form->add_comment->url->value(""); - } else { - $form->add_comment->inputs["name"]->value($active->full_name); - $form->add_comment->email->value($active->email); - $form->add_comment->url->value($active->url); - } - - $form->add_comment->text->value(""); + $comment->save(); $view = new Theme_View("comment.html", "other", "comment-fragment"); $view->comment = $comment; print json_encode( array("result" => "success", - "view" => $view->__toString(), - "form" => $form->__toString())); + "view" => (string) $view, + "form" => (string) comment::get_add_form($item))); } else { - print json_encode( - array("result" => "error", - "form" => $form->__toString())); + print json_encode(array("result" => "error", "form" => (string) $form)); } } diff --git a/modules/comment/helpers/comment.php b/modules/comment/helpers/comment.php index 1e1e7d2f..389c8922 100644 --- a/modules/comment/helpers/comment.php +++ b/modules/comment/helpers/comment.php @@ -24,46 +24,6 @@ * Note: by design, this class does not do any permission checking. */ class comment_Core { - /** - * Create a new comment. - * @param Item_MOdel $item the parent item - * @param User_Model $author the author User_Model - * @param string $text comment body - * @param string $guest_name guest's name (if the author is a guest user, default empty) - * @param string $guest_email guest's email (if the author is a guest user, default empty) - * @param string $guest_url guest's url (if the author is a guest user, default empty) - * @return Comment_Model - */ - static function create($item, $author, $text, $guest_name=null, - $guest_email=null, $guest_url=null) { - $comment = ORM::factory("comment"); - $comment->author_id = $author->id; - $comment->guest_email = $guest_email; - $comment->guest_name = $guest_name; - $comment->guest_url = $guest_url; - $comment->item_id = $item->id; - $comment->text = $text; - $comment->state = "published"; - - // These values are useful for spam fighting, so save them with the comment. - $input = Input::instance(); - $comment->server_http_accept = substr($input->server("HTTP_ACCEPT"), 0, 128); - $comment->server_http_accept_charset = substr($input->server("HTTP_ACCEPT_CHARSET"), 0, 64); - $comment->server_http_accept_encoding = substr($input->server("HTTP_ACCEPT_ENCODING"), 0, 64); - $comment->server_http_accept_language = substr($input->server("HTTP_ACCEPT_LANGUAGE"), 0, 64); - $comment->server_http_connection = substr($input->server("HTTP_CONNECTION"), 0, 64); - $comment->server_http_host = substr($input->server("HTTP_HOST"), 0, 64); - $comment->server_http_referer = substr($input->server("HTTP_REFERER"), 0, 255); - $comment->server_http_user_agent = substr($input->server("HTTP_USER_AGENT"), 0, 128); - $comment->server_query_string = substr($input->server("QUERY_STRING"), 0, 64); - $comment->server_remote_addr = substr($input->server("REMOTE_ADDR"), 0, 32); - $comment->server_remote_host = substr($input->server("REMOTE_HOST"), 0, 64); - $comment->server_remote_port = substr($input->server("REMOTE_PORT"), 0, 16); - $comment->save(); - - return $comment; - } - static function get_add_form($item) { $form = new Forge("comments/create/{$item->id}", "", "post", array("id" => "g-comment-form")); $group = $form->group("add_comment")->label(t("Add comment")); diff --git a/modules/comment/models/comment.php b/modules/comment/models/comment.php index e0b82039..7ad47c6d 100644 --- a/modules/comment/models/comment.php +++ b/modules/comment/models/comment.php @@ -18,6 +18,11 @@ * Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA 02110-1301, USA. */ class Comment_Model extends ORM { + var $rules = array( + "text" => array("rules" => array("required")), + "state" => array("rules" => array("Comment_Model::valid_state")) + ); + function item() { return ORM::factory("item", $this->item_id); } @@ -54,24 +59,56 @@ class Comment_Model extends ORM { } /** + * Add some custom per-instance rules. + */ + public function validate($array=null) { + // validate() is recursive, only modify the rules on the outermost call. + if (!$array) { + $this->rules["item_id"]["callbacks"] = array(array($this, "valid_item")); + $this->rules["guest_name"]["callbacks"] = array(array($this, "valid_author")); + } + + parent::validate($array); + } + + /** * @see ORM::save() */ public function save() { - if (!empty($this->changed)) { - $this->updated = time(); - if (!$this->loaded() && empty($this->created)) { - $this->created = $this->updated; - $created = true; + $this->updated = time(); + if (!$this->loaded()) { + // New comment + $this->created = $this->updated; + if (empty($this->state)) { + $this->state = "published"; } - } - $visible_change = $this->original()->state == "published" || $this->state == "published"; - - $original = clone $this->original(); - parent::save(); - if (isset($created)) { + // These values are useful for spam fighting, so save them with the comment. It's painful to + // check each one to see if it already exists before setting it, so just use server_http_host + // as a semaphore for now (we use that in g2_import.php) + if (empty($this->server_http_host)) { + $input = Input::instance(); + $this->server_http_accept = substr($input->server("HTTP_ACCEPT"), 0, 128); + $this->server_http_accept_charset = substr($input->server("HTTP_ACCEPT_CHARSET"), 0, 64); + $this->server_http_accept_encoding = substr($input->server("HTTP_ACCEPT_ENCODING"), 0, 64); + $this->server_http_accept_language = substr($input->server("HTTP_ACCEPT_LANGUAGE"), 0, 64); + $this->server_http_connection = substr($input->server("HTTP_CONNECTION"), 0, 64); + $this->server_http_host = substr($input->server("HTTP_HOST"), 0, 64); + $this->server_http_referer = substr($input->server("HTTP_REFERER"), 0, 255); + $this->server_http_user_agent = substr($input->server("HTTP_USER_AGENT"), 0, 128); + $this->server_query_string = substr($input->server("QUERY_STRING"), 0, 64); + $this->server_remote_addr = substr($input->server("REMOTE_ADDR"), 0, 32); + $this->server_remote_host = substr($input->server("REMOTE_HOST"), 0, 64); + $this->server_remote_port = substr($input->server("REMOTE_PORT"), 0, 16); + } + $visible_change = $this->original()->state == "published" || $this->state == "published"; + parent::save(); module::event("comment_created", $this); } else { + // Updated comment + $visible_change = $this->original()->state == "published" || $this->state == "published"; + $original = clone $this->original(); + parent::save(); module::event("comment_updated", $original, $this); } @@ -92,4 +129,32 @@ class Comment_Model extends ORM { $this->join("items", "items.id", "comments.item_id"); return item::viewable($this); } + + /** + * Make sure we have an appropriate author id set, or a guest name. + */ + public function valid_author(Validation $v, $field) { + if ($this->author_id == identity::guest()->id && empty($this->guest_name)) { + $v->add_error("guest_name", "required"); + } + } + + /** + * Make sure we have a valid associated item id. + */ + public function valid_item(Validation $v, $field) { + if (db::build() + ->from("items") + ->where("id", "=", $this->item_id) + ->count_records() != 1) { + $v->add_error("item_id", "invalid"); + } + } + + /** + * Make sure that the state is legal. + */ + static function valid_state($value) { + return in_array($value, array("published", "unpublished", "spam", "deleted")); + } } |