Skip to content
Permalink
Browse files
update
  • Loading branch information
peter-mw committed Oct 27, 2021
1 parent 5f16ffd commit 2cdf5714e57d5b192cb784c267f0ec86b3cfe3c6
Show file tree
Hide file tree
Showing 18 changed files with 503 additions and 532 deletions.
@@ -14,6 +14,7 @@
use Illuminate\Support\Facades\View;
use Illuminate\Support\ServiceProvider;


class CommentServiceProvider extends ServiceProvider
{
/**
@@ -23,9 +24,10 @@ class CommentServiceProvider extends ServiceProvider
*/
public function boot()
{
include_once (__DIR__.'/helpers/comments_helpers.php');

$this->loadRoutesFrom(__DIR__ . '/routes/api.php');

View::addNamespace('comment', __DIR__.'/resources/views');
}
}
}
@@ -8,26 +8,202 @@

namespace MicroweberPackages\Comment\Http\Controllers\Admin;

use GrahamCampbell\Markdown\Facades\Markdown;
use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
use Illuminate\Support\Facades\Auth;

use Illuminate\Support\Facades\Notification;
use MicroweberPackages\App\Http\Controllers\AdminController;
use MicroweberPackages\Comment\Comment;
use MicroweberPackages\Comment\Models\Comment;
use MicroweberPackages\Comment\Events\NewComment;
use MicroweberPackages\Comment\Notifications\NewCommentNotification;
use MicroweberPackages\User\Models\User;
use MicroweberPackages\Utils\Mail\MailSender;


class AdminCommentController extends AdminController
{
public function index(Request $request)
{
$contents = Comment::filter($request->all())
->groupBy(['rel_id','rel_type'])
->groupBy(['rel_id', 'rel_type'])
->paginate($request->get('limit', 30))
->appends($request->except('page'));

foreach ($contents as $content) {
$content->allComments = Comment::where('rel_type', $content['rel_type'])->where('rel_id', $content['rel_id'])->get();
}

return $this->view('comment::admin.comments.index', ['contents'=>$contents]);
return $this->view('comment::admin.comments.index', ['contents' => $contents]);
}
}


public function saveCommentEdit(Request $request)
{

$is_del = false;
$table = 'comments';
mw_var('FORCE_SAVE', $table);

$data = $request->all();
if (!isset($data['rel_type']) and isset($data['rel'])) {
$data['rel_type'] = $data['rel'];
}

if (isset($data['reply_to_comment_id'])) {
$old_comment = $this->get_by_id($data['reply_to_comment_id']);
$data['id'] = 0;
if (!$old_comment) {
return array('error' => 'Error: invalid data');
}
if (isset($old_comment['rel_type'])) {
$data['rel_type'] = $old_comment['rel_type'];
}
if (isset($old_comment['rel_id'])) {
$data['rel_id'] = $old_comment['rel_id'];
}


}
if (!isset($data['id']) and !isset($data['is_moderated'])) {
$data['is_moderated'] = 1;
} else {
$require_moderation = get_option('require_moderation', 'comments');
if ($require_moderation != 'y') {
$data['is_moderated'] = 1;
}
}
if (isset($data['action']) and isset($data['id'])) {
$action = strtolower($data['action']);

switch ($action) {
case 'publish' :
$data['is_moderated'] = 1;
$data['is_spam'] = 0;


break;
case 'unpublish' :
$data['is_moderated'] = 0;

break;
case 'spam' :
$data['is_moderated'] = 0;
$data['is_spam'] = 1;

$this->__report_for_spam($data['id']);

break;

case 'delete' :
$is_del = true;
$del = mw()->database_manager->delete_by_id($table, $id = intval($data['id']), $field_name = 'id');

break;

default :
break;
}


} else {
if (!isset($data['id'])) {
if (!isset($data['rel_type'])) {
return array('error' => 'Error: invalid data rel_type');
}
if (!isset($data['rel_id'])) {
return array('error' => 'Error: invalid data rel_id');
} else {
if (trim($data['rel_id']) == '') {
return array('error' => 'Error: invalid data rel_id');
}
}
}
}

if($is_del){
return (new JsonResource($data))->response();
}

if (!isset($data['comment_body'])) {
$data['comment_body'] = '';
}

$comment_body = $data['comment_body'];

// Claer HTML
$comment_body = $this->app->format->clean_html($comment_body);

// Clear XSS
$evil = ['(?<!\w)on\w*', 'xmlns', 'formaction', 'xlink:href', 'FSCommand', 'seekSegmentTime'];
$comment_body = $this->app->format->clean_xss($comment_body, true, $evil, 'removeEvilAttributes');

if (!empty($comment_body) and !empty($data['format']) and $data['format'] == 'markdown') {
$comment_body = Markdown::convertToHtml($comment_body);
}

$data['comment_body'] = $comment_body;
$data['allow_html'] = '1';

$saved_data_id = mw()->database_manager->save($table, $data);

$get_comment = get_comments("single=1&id=" . $saved_data_id);

return (new JsonResource($get_comment))->response();

}



private function __report_for_spam($comment_id)
{
if (defined("MW_UNIT_TEST")) {
return true;
}

$comment = $this->get_by_id($comment_id);
$report_url = 'https://spamchecker.microweberapi.com/';

if ($comment) {
$report = array();
$report['site_url'] = site_url();
$report['from_url'] = $comment['from_url'];
$report['is_spam'] = 1;
if (isset($comment['user_ip']) and $comment['user_ip']) {
$report['ip'] = trim($comment['user_ip']);
}
if (isset($comment['comment_email']) and $comment['comment_email']) {
$report['email'] = trim($comment['comment_email']);
}
if (isset($comment['created_by']) and $comment['created_by']) {
$report['is_logged'] = true;
$report['user_id'] = $comment['created_by'];
}
if (isset($comment['comment_name']) and $comment['comment_name']) {
$report['comment_name'] = $comment['comment_name'];
}
if (isset($comment['comment_body']) and $comment['comment_body']) {
$report['comment_body'] = $comment['comment_body'];
}
if (isset($comment['comment_website']) and $comment['comment_website']) {
$report['comment_website'] = $comment['comment_website'];
}
if (isset($comment['comment_subject']) and $comment['comment_subject']) {
$report['comment_subject'] = $comment['comment_subject'];
}

if (isset($comment['rel_type']) and $comment['rel_type']) {
$report['rel_type'] = $comment['rel_type'];
}
if (isset($comment['rel_id']) and $comment['rel_id']) {
$report['rel_id'] = $comment['rel_id'];
}
$http = new \MicroweberPackages\Utils\Http\Http();
$http->url($report_url);
$http->set_timeout(10);
return $http->post($report);

}
}
}
@@ -15,7 +15,8 @@

use Illuminate\Http\Request;
use Illuminate\Http\Resources\Json\JsonResource;
use MicroweberPackages\Comment\Comment;
use MicroweberPackages\App\Http\RequestRoute;
use MicroweberPackages\Comment\Models\Comment;
use MicroweberPackages\Comment\Events\NewComment;
use MicroweberPackages\Comment\Notifications\NewCommentNotification;
use MicroweberPackages\Option\Facades\Option;
@@ -33,23 +34,46 @@ public function postComment(Request $request)
}





$rules = [];
$inputs = $request->all();
if(isset($inputs['rel']) and !isset($inputs['rel_type'])){
$inputs['rel_type'] = $inputs['rel'];
unset($inputs['rel']);
}


if(isset($inputs['id'])) {
$comment = get_comments('single=1&id=' . $inputs['id']);
if (empty($comment)) {
return \Response::make(['errors' => ['Cannot find comment']]);
}
if (mw()->user_manager->session_id() != $comment['session_id']) {
return \Response::make(['errors' => ['Cannot edit comment']]);
}

}


$rules['rel_id'] = 'required';
$rules['rel_type'] = 'required';
$rules['comment_body'] = 'required';

if (!empty($inputs['comment_email'])) {
$inputs['email'] = $inputs['comment_email'];
if (!empty($inputs['email'])) {
$inputs['comment_email'] = $inputs['email'];
unset( $inputs['email']);
}

if (Option::getValue('require_terms', 'comments')) {
$rules['terms'] = 'terms:terms_comments';
if (isset($inputs['newsletter_subscribe']) and $inputs['newsletter_subscribe']) {
$rules['terms'] = $rules['terms'] . ', terms_newsletter';
if(!isset($inputs['terms'])) {
$rules['terms'] = 'terms:terms_comments';
if (isset($inputs['newsletter_subscribe']) and $inputs['newsletter_subscribe']) {
$rules['terms'] = $rules['terms'] . ', terms_newsletter';
}
$rules['comment_email'] = 'required';
}
$rules['comment_email'] = 'required';
}

$rules['captcha'] = 'captcha';
@@ -59,13 +83,23 @@ public function postComment(Request $request)

$validator = \Validator::make($inputs, $rules);
if ($validator->fails()) {
return ['errors'=>$validator->messages()->toArray()];


$response = \Response::make(['errors'=>$validator->messages()->toArray()]);

$response->setStatusCode(422);

$response = RequestRoute::formatFrontendResponse($response);

return $response;
}

$saveComment = $request->all();
$saveComment = $inputs;

$requireModeration = Option::getValue('require_moderation', 'comments');
if ($requireModeration) {
$saveComment['is_moderated'] = 0;
} else {
$saveComment['is_moderated'] = 1;
}

@@ -79,6 +113,9 @@ public function postComment(Request $request)

Notification::send(User::whereIsAdmin(1)->get(), new NewCommentNotification($save));

cache_clear('comments');


return (new JsonResource($save))->response();
}
}
}
@@ -1,11 +1,10 @@
<?php

namespace MicroweberPackages\Comment;
namespace MicroweberPackages\Comment\Models;

use EloquentFilter\Filterable;
use Illuminate\Database\Eloquent\Model;
use MicroweberPackages\Content\Models\ModelFilters\ContentFilter;
use MicroweberPackages\Database\Casts\MarkdownCast;

class Comment extends Model
{
@@ -31,4 +30,4 @@ public function modelFilter()
return $this->provideFilter(ContentFilter::class);
}

}
}

0 comments on commit 2cdf571

Please sign in to comment.