Index: modules/comment.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/comment.module,v
retrieving revision 1.416
diff -u -F^f -r1.416 comment.module
--- modules/comment.module 17 Jan 2006 18:02:23 -0000 1.416
+++ modules/comment.module 18 Jan 2006 11:10:28 -0000
@@ -515,100 +515,6 @@ function comment_reply($nid, $pid = NULL
return $output;
}
-function comment_validate(&$edit) {
- global $user;
-
- // Invoke other validation handlers
- comment_invoke_comment($edit, 'validate');
-
- // only admins can change these fields
- if (!user_access('administer comments')) {
- $edit['uid'] = $user->uid;
- $edit['timestamp'] = time();
- $edit['status'] = user_access('post comments without approval') ? 0 : 1;
- }
- else {
- $date = isset($edit['date']) ? $edit['date'] : 'now';
- // As of PHP 5.1.0, strtotime returns FALSE upon failure instead of -1.
- if (strtotime($date) > 0) {
- $edit['timestamp'] = strtotime($date);
- }
- else {
- form_set_error('date', t('You have to specify a valid date.'));
- }
-
- if ($edit['uid']) {
- // if a registered user posted the comment, we assume you only want to transfer authorship
- // to another registered user. Name changes are freely allowed on anon comments.
- if ($account = user_load(array('name' => $edit['author']))) {
- $edit['uid'] = $account->uid;
- }
- else {
- form_set_error('author', t('You have to specify a valid author.'));
- }
- }
- else {
- $edit['uid'] = 0;
- $edit['name'] = $edit['author'];
- }
- }
-
- // Validate the comment's subject. If not specified, extract
- // one from the comment's body.
- if (trim($edit['subject']) == '') {
- // The body may be in any format, so we:
- // 1) Filter it into HTML
- // 2) Strip out all HTML tags
- // 3) Convert entities back to plain-text.
- // Note: format is checked by check_markup().
- $edit['subject'] = truncate_utf8(decode_entities(strip_tags(check_markup($edit['comment'], $edit['format']))), 29, TRUE);
- }
-
- // Validate the comment's body.
- if ($edit['comment'] == '') {
- form_set_error('comment', t('The body of your comment is empty.'));
- }
-
- // Validate filter format
- if (array_key_exists('format', $edit) && !filter_access($edit['format'])) {
- form_set_error('format', t('The supplied input format is invalid.'));
- }
-
- // Check validity of name, mail and homepage (if given)
- if (!$user->uid) {
- if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) > COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
- if ($edit['name']) {
- $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", $edit['name']), 0);
-
- if ($taken != 0) {
- form_set_error('name', t('The name you used belongs to a registered user.'));
- }
-
- }
- else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
- form_set_error('name', t('You have to leave your name.'));
- }
-
- if ($edit['mail']) {
- if (!valid_email_address($edit['mail'])) {
- form_set_error('mail', t('The e-mail address you specified is not valid.'));
- }
- }
- else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
- form_set_error('mail', t('You have to leave an e-mail address.'));
- }
-
- if ($edit['homepage']) {
- if (!valid_url($edit['homepage'], TRUE)) {
- form_set_error('homepage', t('The URL of your homepage is not valid. Remember that it must be fully qualified, i.e. of the form http://example.com/directory.'));
- }
- }
- }
- }
-
- return $edit;
-}
-
/**
* Accepts a submission of new or changed comment content.
*
@@ -632,7 +538,7 @@ function comment_save($edit) {
if ($edit['cid']) {
// Update the comment in the database.
- db_query("UPDATE {comments} SET status = '%s', timestamp = %d, subject = '%s', comment = '%s', format = '%s', uid = %d, name = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['cid']);
+ db_query("UPDATE {comments} SET status = '%s', timestamp = %d, subject = '%s', comment = '%s', format = '%s', uid = %d, name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);
_comment_update_node_statistics($edit['nid']);
@@ -931,7 +837,7 @@ function comment_render($node, $cid = 0)
}
// Start a form, for use with comment control.
- $result = pager_query($query, $comments_per_page, 0, "SELECT COUNT(*) FROM {comments} WHERE nid = %d AND status = %d", $nid, COMMENT_PUBLISHED);
+ $result = pager_query(db_rewrite_sql($query, 'c', 'cid'), $comments_per_page, 0, db_rewrite_sql("SELECT COUNT(*) FROM {comments} c WHERE c.nid = %d AND c.status = %d", 'c'), $nid, COMMENT_PUBLISHED);
if (db_num_rows($result) && (variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE || variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN) == COMMENT_CONTROLS_ABOVE_BELOW)) {
$output .= comment_controls($mode, $order, $comments_per_page);
}
@@ -1251,6 +1157,61 @@ function comment_num_new($nid, $timestam
}
+function comment_validate($edit) {
+ global $user;
+
+ // Invoke other validation handlers
+ comment_invoke_comment($edit, 'validate');
+
+ $check_date = strtotime($date);
+ // As of PHP 5.1.0, strtotime returns FALSE upon failure instead of -1.
+ if ($check_date === FALSE || $check_date === -1) {
+ form_set_error('date', t('You have to specify a valid date.'));
+ }
+ if (isset($edit['author']) && !$account = user_load(array('name' => $edit['author']))) {
+ form_set_error('author', t('You have to specify a valid author.'));
+ }
+
+ // Validate the comment's body.
+ if ($edit['comment'] == '') {
+ form_set_error('comment', t('The body of your comment is empty.'));
+ }
+
+ // Check validity of name, mail and homepage (if given)
+ if (!$user->uid || isset($edit['is_anonymous'])) {
+ if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) > COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
+ if ($edit['name']) {
+ $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", $edit['name']), 0);
+
+ if ($taken != 0) {
+ form_set_error('name', t('The name you used belongs to a registered user.'));
+ }
+
+ }
+ else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
+ form_set_error('name', t('You have to leave your name.'));
+ }
+
+ if ($edit['mail']) {
+ if (!valid_email_address($edit['mail'])) {
+ form_set_error('mail', t('The e-mail address you specified is not valid.'));
+ }
+ }
+ else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
+ form_set_error('mail', t('You have to leave an e-mail address.'));
+ }
+
+ if ($edit['homepage']) {
+ if (!valid_url($edit['homepage'], TRUE)) {
+ form_set_error('homepage', t('The URL of your homepage is not valid. Remember that it must be fully qualified, i.e. of the form http://example.com/directory.'));
+ }
+ }
+ }
+ }
+
+ return $edit;
+}
+
/*
** Generate the basic commenting form, for appending to a node or display on a separate page.
** This is rendered by theme_comment_form.
@@ -1287,9 +1248,57 @@ function comment_form($edit, $title = NU
$date = format_date($edit['timestamp'], 'custom', 'Y-m-d H:i O');
}
- $form['admin'] = array('#type' => 'fieldset', '#title' => t('Administration'), '#collapsible' => TRUE, '#collapsed' => TRUE, '#weight' => -2);
+ $form['admin'] = array(
+ '#type' => 'fieldset',
+ '#title' => t('Administration'),
+ '#collapsible' => TRUE,
+ '#collapsed' => TRUE,
+ '#weight' => -2,
+ );
- $form['admin']['author'] = array('#type' => 'textfield', '#parents' => array('author'), '#title' => t('Authored by'), '#size' => 30, '#maxlength' => 60, '#autocomplete_path' => 'user/autocomplete', '#default_value' => $author, '#weight' => -1);
+ if ($edit['registered_name'] != '') {
+ // The comment is by a registered user
+ $form['admin']['author'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Authored by'),
+ '#size' => 30,
+ '#maxlength' => 60,
+ '#autocomplete_path' => 'user/autocomplete',
+ '#default_value' => $author,
+ '#weight' => -1,
+ );
+ }
+ else {
+ // The comment is by an anonymous user
+ $form['is_anonymous'] = array(
+ '#type' => 'value',
+ '#value' => TRUE,
+ );
+ $form['admin']['name'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Authored by'),
+ '#size' => 30,
+ '#maxlength' => 60,
+ '#default_value' => $author,
+ '#weight' => -1,
+ );
+ $form['admin']['mail'] = array(
+ '#type' => 'textfield',
+ '#title' => t('E-mail'),
+ '#maxlength' => 64,
+ '#size' => 30,
+ '#default_value' => $edit['mail'],
+ '#description' => t('The content of this field is kept private and will not be shown publicly.'),
+ );
+
+ $form['admin']['homepage'] = array(
+ '#type' => 'textfield',
+ '#title' => t('Homepage'),
+ '#maxlength' => 255,
+ '#size' => 30,
+ '#default_value' => $edit['homepage'],
+ );
+ }
$form['admin']['date'] = array('#type' => 'textfield', '#parents' => array('date'), '#title' => t('Authored on'), '#size' => 20, '#maxlength' => 25, '#default_value' => $date, '#weight' => -1);
@@ -1297,8 +1306,9 @@ function comment_form($edit, $title = NU
}
else {
- $form['author'] = array('#type' => 'item', '#title' => t('Your name'), '#value' => theme('username', $user)
+ $form['_author'] = array('#type' => 'item', '#title' => t('Your name'), '#value' => theme('username', $user)
);
+ $form['author'] = array('#type' => 'value', '#value' => $user->name);
}
}
else if (variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MAY_CONTACT) {
@@ -1332,7 +1342,7 @@ function comment_form($edit, $title = NU
$form['nid'] = array('#type' => 'value', '#value' => $edit['nid']);
$form['uid'] = array('#type' => 'value', '#value' => $edit['uid']);
- $form['preview'] = array('#type' => 'submit', '#value' => t('Preview comment'), '#weight' => 19);
+ $form['preview'] = array('#type' => 'button', '#value' => t('Preview comment'), '#weight' => 19);
$form['#token'] = 'comment' . $edit['nid'] . $edit['pid'];
// Only show post button if preview is optional or if we are in preview mode.
@@ -1363,15 +1373,18 @@ function comment_form($edit, $title = NU
function comment_form_add_preview($form, $edit) {
global $user;
+ drupal_set_title(t('Preview comment'));
+
$output = '';
- $comment = (object)comment_validate($edit);
+ comment_validate($edit);
+ $comment = (object)_comment_form_submit($edit);
// Attach the user and time information.
if ($edit['author']) {
$account = user_load(array('name' => $edit['author']));
}
- elseif ($user->uid) {
+ elseif ($user->uid && !isset($edit['is_anonymous'])) {
$account = $user;
}
if ($account) {
@@ -1408,20 +1421,33 @@ function comment_form_validate($form_id,
comment_validate($form_values);
}
-function comment_form_submit($form_id, $form_values) {
-
- $op = isset($_POST['op']) ? $_POST['op'] : '';
- $nid = $form_values['nid'];
-
- // are we posting or previewing a reply?
- if ($op == t('Post comment')) {
- drupal_set_title(t('Post comment'));
- if ($cid = comment_save($form_values)) {
- drupal_goto("node/$nid", NULL, "comment-$cid");
- }
+function _comment_form_submit($form_values) {
+ if (!isset($form_values['date'])) {
+ $form_values['date'] = 'now';
+ }
+ $form_values['timestamp'] = strtotime($form_values['date']);
+ if (isset($form_values['author'])) {
+ $account = user_load(array('name' => $form_values['author']));
+ $form_values['uid'] = $account->uid;
+ $form_values['name'] = $form_values['author'];
}
- else if ($_POST['op'] == t('Preview comment')) {
- drupal_set_title(t('Preview comment'));
+ // Validate the comment's subject. If not specified, extract
+ // one from the comment's body.
+ if (trim($form_values['subject']) == '') {
+ // The body may be in any format, so we:
+ // 1) Filter it into HTML
+ // 2) Strip out all HTML tags
+ // 3) Convert entities back to plain-text.
+ // Note: format is checked by check_markup().
+ $form_values['subject'] = truncate_utf8(decode_entities(strip_tags(check_markup($form_values['comment'], $form_values['format']))), 29, TRUE);
+ }
+ return $form_values;
+}
+
+function comment_form_submit($form_id, $form_values) {
+ $form_values = _comment_form_submit($form_values);
+ if ($cid = comment_save($form_values)) {
+ drupal_goto('node/'. $form_values['nid'], NULL, "comment-$cid");
}
}