'. t("This module lets users delete comments on own nodes they create without giving them full comment administration access. Permissions are on a per node type basis, so it is a great way to, e.g., allow users to administer comments on their own blogs. Additionally, you can configure this module to force comments on selected node types to be approved before they get published. As with delete rights, this is administered by users so you don not have to do it yourself.") .'
'; + break; + case 'admin/modules#description': + return t('This module gives users some additional comment administration rights on content they create.'); + break; + } +} + +/** * Implementation of hook_comment() + * Shows the message and optional sends the mail to nodeauthor. + * + * @param object $comment The comment object by reference + * @param string $op The operation insert, update and so on + * @return unknown_type */ function usercomment_comment(&$comment, $op) { switch ($op) { case 'insert': case 'update': - if (usercomment_access_check($comment['cid'], 'approve', 'update')) { - global $user; - + if (usercomment_access_check($comment['cid'], 'update')) { $node = node_load($comment['nid']); - $node->user = $node->user ? $node->user : user_load( array( "uid" => $node->uid ) ); - + $nodeauthor = user_load(array("uid" => $node->uid)); $status_msg_php = variable_get('usercomment_msg_approval_queue_php', ''); if ($status_msg_php != '') { - $status_msg = eval($status_msg_php); + $status_msg = drupal_eval($status_msg_php); } else { - $status_msg = variable_get('usercomment_msg_approval_queue', t("Your comment will be posted once it's been approved.")); + $status_msg = variable_get('usercomment_msg_approval_queue', "Your comment will be posted once it's been approved."); $status_msg = t($status_msg, array( - '@poster' => $user->name, - '@node_owner' => $node->user->name, - '@subject' => $comment['subject'], + '@poster' => (!empty($comment['name'])) ? $comment['name'] : variable_get('anonymous','anonymous'), + '@node_owner' => (!empty($node->name)) ? $node->name : variable_get('anonymous','anonymous'), + '@subject' => check_plain($comment['subject']), )); } drupal_set_message($status_msg); - + //unpublish the comment db_query("UPDATE {comments} SET status = %d WHERE cid = %d", COMMENT_NOT_PUBLISHED, $comment['cid']); - if (! isset($node->user->usercomment_get_notifications) || $node->user->usercomment_get_notifications == 1) { - $subject = variable_get('usercomment_mail_subject', t('Someone posted a new comment!')); - $message = variable_get('usercomment_mail_message', usercomment_mail_message_default()); + // send the mail when enable + if ($nodeauthor->usercomment_get_notifications) { $replacements = array( - '@approver' => $node->name, - '@subject' => $comment['subject'], - '@comment' => $comment['comment'], - '@commenter' => $comment['name'], - '@link' => url('node/'. $node->nid, array('absolute' => TRUE)), + '@approver' => (!empty($node->name)) ? $node->name : variable_get('anonymous','anonymous'), + '@subject' => check_plain($comment['subject']), + '@comment' => check_plain($comment['comment']), + '@commenter' => (!empty($comment['name'])) ? $comment['name'] : variable_get('anonymous','anonymous'), + '@nodelink' => url('node/'. $node->nid, array('absolute' => TRUE)), + '@commentlink' => url('node/'. $node->nid, array('absolute' => TRUE, 'fragment' => 'comment-'.$comment['cid'])), '@site' => variable_get("site_name", "Drupal"), '@siteurl' => $GLOBALS["base_url"], ); - $subject = t($subject, $replacements); - $message = t($message, $replacements); - $site_mail = variable_get('site_mail', ""); - if (!strlen($site_mail)) { - if (user_access('administer nodes')) { - drupal_set_message(t('You should create an administrator mail address for your site! Do it here.', array('%url' => url('admin/settings/site-information'))), 'error'); - } - $site_mail = 'nobody@localhost'; - } -// drupal_mail('usercomment_mail', $node->user->mail, $subject, $message, $site_mail); - /* TODO Create a hook_mail($key, &$message, $params) function to generate - the message body when called by drupal_mail. */ - $account = array(); // Set this as needed - $language = user_preferred_language($account); - $object = array(); // Replace this as needed - $context['subject'] = $subject; - $context['body'] = $body; - $params = array('account' => $account, 'object' => $object, 'context' => $context); - drupal_mail('usercomment', 'usercomment_mail', $node->user->mail, $language, $params, $site_mail); + $params = array('account' => $nodeauthor, 'replacements' => $replacements); + drupal_mail('usercomment', 'usercomment_get_notifications', $nodeauthor->mail, user_preferred_language($nodeauthor), $params); } } break; } } + /** - * Implementation of hook_help() - */ -function usercomment_help($path, $arg) { - switch ($path) { - case 'admin/help#usercomment': - return t('This module lets users delete comments on own nodes they create without giving them full comment administration access. Permissions are on a per node type basis, so it\'s a great way to, e.g., allow users to administer comments on their own blogs. Additionally, you can configure this module to force comments on selected node types to be approved before they get published. As with delete rights, this is administered by users so you don\'t have to do it yourself.
'); - break; - case 'admin/modules#description': - return t('This module gives users some additional comment administration rights on content they create.'); - break; - } + * Implementation of hook_mail() + * @param string $key + * @param array $message + * @param array $params + * @return unknown_type + */ +function usercomment_mail($key, &$message, $params) { + $language = $message['language']; + $langcode = isset($language->language) ? $language->language : NULL; + + if($key == 'usercomment_get_notifications') { + $subject = variable_get('usercomment_mail_subject', '@commenter posted a new comment!'); + $messagebody = variable_get('usercomment_mail_message', usercomment_mail_message_default()); + $subject = t($subject, $params['replacements'], $langcode); + $messagebody = t($messagebody, $params['replacements'], $langcode); + $message['subject'] = $subject; + $message['body'] = $messagebody; + + } } /** * Implementation of hook_link() + * @param string $type comment, node + * @param object $object node object, comment object + * @param booleen $teaser TRUE or FALSE + * @return array $links */ function usercomment_link($type, $object = NULL, $teaser = FALSE) { $links = array(); // we're only adding links to comments, so return if not comment - if ($type != "comment") return $links; - if (usercomment_access_check($object->cid)) { + if ($type != "comment") { + return $links; + } + if (usercomment_access_check($object->cid, 'delete')) { $links['usercomment_delete'] = array( 'title' => t('delete'), 'href' => 'usercomment/delete/'. $object->cid, ); } - if (usercomment_access_check($object->cid, 'approve', 'link')) { - $node = node_load($object->nid); - if ($object->status == COMMENT_NOT_PUBLISHED) { - $links['usercomment_approve'] = array( - 'title' => t('approve'), - 'href' => 'usercomment/approve/'. $object->cid, - ); - } + if (usercomment_access_check($object->cid, 'approve')) { + $links['usercomment_approve'] = array( + 'title' => t('approve'), + 'href' => 'usercomment/approve/'. $object->cid, + ); } return $links; } /** - * Implementation of hook_menu() + * Implementation of hook_menu(). + * @return array $items */ function usercomment_menu() { $items = array(); @@ -124,11 +139,12 @@ function usercomment_menu() { 'access arguments' => array('administer comments'), 'weight' => 20, ); - $items['usercomment/delete'] = array( + $items['usercomment/delete/%'] = array( 'type' => MENU_CALLBACK, 'page callback' => 'comment_delete', - 'access callback' => 'usercomment_menu_access', - 'access arguments' => array('delete'), + 'page arguments' => array(2), + 'access callback' => 'usercomment_access_check', + 'access arguments' => array(2, 'delete'), 'file path' => drupal_get_path('module', 'comment'), 'file' => 'comment.admin.inc', ); @@ -136,48 +152,30 @@ function usercomment_menu() { 'type' => MENU_CALLBACK, 'page callback' => 'usercomment_approve', 'page arguments' => array(2), - 'access callback' => 'usercomment_menu_access', - 'access arguments' => array('approve', 2), + 'access callback' => 'usercomment_access_check', + 'access arguments' => array(2, 'approve'), ); return $items; } /** - * Define menu access permission - */ -function usercomment_menu_access($op, $cid = NULL) { - global $user; - - if (is_numeric($cid)) { - $comment = _comment_load($cid); - $node = node_load($comment->nid); - } - - if (user_access('administer comments')) { - return TRUE; - } - - switch ($op) { - case 'approve': - return ($user->uid == $node->uid); - case 'delete': - return ($user->uid == $node->uid || usercomment_access_check($comment->cid)); - } - - return FALSE; -} - -/** * Implementation of hook_nodeapi() + * @param object $node The node object by reference + * @param string $op + * @param $a3 + * @param $a4 + * @return unknown_type */ function usercomment_nodeapi(&$node, $op, $a3 = NULL, $a4 = NULL) { global $user; switch ($op) { case 'view': - if ($user->uid == $node->uid && user_access('approve comments on own '. $node->type .' content')) { - $node->content['usercomment'] = array( - '#value' => usercomment_approval_form($node), - ); + if ($user->uid == $node->uid && (user_access('approve comments on own '. $node->type .' content') || user_access('administer comments on own content'))) { + if(!$a3 && $user->uid) { + $node->content['usercomment'] = array( + '#value' => usercomment_approval_form($node), + ); + } } break; } @@ -185,6 +183,7 @@ function usercomment_nodeapi(&$node, $op /** * Implementation of hook_perm(). + * @return array $perms */ function usercomment_perm() { $perms = array( @@ -193,8 +192,8 @@ function usercomment_perm() { ); foreach (node_get_types() as $node) { - $perms[] = 'delete comments on own '. check_plain($node->type) .' content'; - $perms[] = 'approve comments on own '. check_plain($node->type) .' content'; + $perms[] = 'delete comments on own '. $node->type .' content'; + $perms[] = 'approve comments on own '. $node->type .' content'; } return $perms; @@ -202,6 +201,10 @@ function usercomment_perm() { /** * Implementation of hook_form_alter(). + * @param array $form form by reference + * @param array $form_state + * @param string $form_id + * @return array $form */ function usercomment_form_alter(&$form, $form_state, $form_id) { global $user; @@ -213,36 +216,45 @@ function usercomment_form_alter(&$form, /** * Implementation of hook_user() + * @param string $op + * @param array $edit + * @param object $account the user object of the account + * @param string $category + * @return unknown_type */ function usercomment_user($op, &$edit, &$account, $category = NULL) { switch ($op) { - case 'form': + case 'form': if ($category == "account") { + $form = array(); foreach (node_get_types() as $node) { - if (user_access('approve comments on own '. $node->type .' content', $account )) { - $form['usercomment_settings']['usercomment_approve_'. $node->type] = array( - '#type' => 'checkbox', - '#title' => t('Skip '. $node->type .' approvals'), - '#default_value' => isset($edit['usercomment_approve_'. $node->type]) ? $edit['usercomment_approve_'. $node->type] : 1, - '#description' => t('If you check this, other non admin users will be able to post comments on your content without prior approval. Admin users, however, will be able to post comments without approval.'), - ); + if (user_access('create '. $node->type .' content', $account)) { + if((user_access('approve comments on own '. $node->type .' content', $account)) || (user_access('administer comments on own content'))) { + + $form['usercomment_settings']['usercomment_approve_'. $node->type] = array( + '#type' => 'checkbox', + '#title' => t('Skip '. $node->type .' approvals'), + '#default_value' => isset($edit['usercomment_approve_'. $node->type]) ? $edit['usercomment_approve_'. $node->type] : 1, + '#description' => t('If you check this, other non admin users will be able to post comments on your content without prior approval. Admin users, however, will be able to post comments without approval.'), + ); + } } } // if user has approval rights, put the settings in a fieldset and // give an extra option to receive emails - if (! empty($form['usercomment_settings'])) { + if (!empty($form['usercomment_settings'])) { $usercomment_settings = array( - '#type' => 'fieldset', - '#title' => t('Usercomment settings'), - '#weight' => 5, + '#type' => 'fieldset', + '#title' => t('Usercomment settings'), + '#weight' => 5, '#collapsible' => 1, ); $form['usercomment_settings'] = array_merge($form['usercomment_settings'], $usercomment_settings); $form['usercomment_settings']['usercomment_get_notifications'] = array( - '#type' => 'checkbox', - '#title' => t('Receive notification emails'), + '#type' => 'checkbox', + '#title' => t('Receive notification emails'), '#default_value' => isset($edit['usercomment_get_notifications']) ? $edit['usercomment_get_notifications'] : 1, - '#description' => t('Check here if you want to receive notification emails about new comments awaiting your approval.'), + '#description' => t('Check here if you want to receive notification emails about new comments awaiting your approval.'), ); } } @@ -257,39 +269,25 @@ function usercomment_user($op, &$edit, & * @param $nid - numeric node id */ function usercomment_count_unapproved($nid) { - $query = "SELECT count(cid) FROM {comments} WHERE status=%d AND nid=%d"; - $args = array(COMMENT_NOT_PUBLISHED, $nid); - $count = db_result(db_query($query, $args)); + $query = "SELECT count(cid) FROM {comments} WHERE status = %d AND nid = %d"; + $count = db_result(db_query($query, COMMENT_NOT_PUBLISHED, $nid)); return (int)$count; } /** * This function determines whether the specified user needs to approve comments on the specified node type * - * @param $nodetype - text string specifying the name of a node type - * @param $u - the user object if you have it, else a numeric uid - defaults to current user + * @param string $nodetype - text string specifying the name of a node type + * @param object $nodeauthor - the user object from the nodeauthor * * @return TRUE if the user must approve comments on the specified nodetype, FALSE if not */ -function usercomment_requires_approval($nodetype, $u = -1) { - // get the right user object - if (is_object($u)) { - $user_object =& $u; - } - elseif (is_numeric($u)) { - global $user; - if ($u == -1 || $u == $user->uid) { - $user_object =& $user; - } - else { - $user_object = user_load(array('uid' => $u)); - } - } - - if (is_object($user_object)) { // check the user's settings +function usercomment_requires_approval($nodetype, $nodeauthor = 0) { + // check the user's settings, when author is anonymous than return FALSE + if (is_object($nodeauthor) && $nodeauthor->uid) { $skip_approval_field = "usercomment_approve_{$nodetype}"; - if (! isset($user_object->$skip_approval_field) || $user_object->$skip_approval_field == 1) { - return FALSE; // user either hasn't specified approvals or has said to skip approvals for this node type + if ($nodeauthor->$skip_approval_field == 1) { + return FALSE; // $nodeauthor has said to skip approvals for this node type } else { return TRUE; @@ -300,100 +298,120 @@ function usercomment_requires_approval($ } } + /** - * This function checks access perms + * This function checks access perms. + * @param int $cid Comment ID + * @param string $op Delete, aproved or update + * @return booleen TRUE or FALSE dependent from the $op */ -function usercomment_access_check($cid, $op = 'delete', $type = '') { +function usercomment_access_check($cid, $op = '') { global $user; - // admin users already have functionality so no need to show duplicate link - if ($op == "delete" && user_access('administer comments')) { + if(!is_numeric($cid)) { return FALSE; } - elseif (user_access('skip author\'s approval queue when posting comments')) { - return FALSE; - } - else { - // get node info and see if node is owned by user or not - $comment = _comment_load($cid); - $thisnode = node_load($comment->nid); - switch ($op) { - case 'approve': - switch ($type) { - case 'update': - // if it's not node owner, check if node owner lets others - // post without approval - if ($thisnode->uid != $user->uid) { - static $access; - if (! isset($access)) { - if (! is_object($thisnode->user) ) { - $thisnode->user = user_load( array( "uid" => $thisnode->uid ) ); - } - $access = usercomment_requires_approval($thisnode->type, $thisnode->user); - } - return $access; - } - $check = (user_access('approve comments on own'. $thisnode->type .' content') && $thisnode->uid != $user->uid); - break; - case 'link': - default: - $check = user_access('approve comments on own '. $thisnode->type .' content'); - break; - } - break; - case 'delete': - default: - $check = (user_access('delete comments on own '. $thisnode->type .' content') && $thisnode->uid == $user->uid); - break; + $comment = _comment_load($cid); + $node = node_load($comment->nid); + switch($op) { + case 'delete': + if(!$user->uid) { + return FALSE; + } + // admin users already have functionality so no need to show duplicate link + if (user_access('administer comments')) { + return FALSE; } - if ($check) { + else if (user_access('administer comments on own content') && ($user->uid == $node->uid)) { return TRUE; } - else { + else if (user_access('delete comments on own '. $node->type .' content') && ($user->uid == $node->uid)) { + return TRUE; + } + break; + + case 'approve': + if(!$user->uid) { return FALSE; } - } + if ($comment->status == COMMENT_NOT_PUBLISHED) { + if (user_access('administer comments')) { + return TRUE; + } + else if (user_access('administer comments on own content') && ($user->uid == $node->uid)) { + return TRUE; + } + else if (user_access('approve comments on own '. $node->type .' content') && ($user->uid == $node->uid)) { + return TRUE; + } + } + break; + + case 'update': + //Nodeauthor do not need an mail, message and so on + if($node->uid == $user->uid) { + return FALSE; + } + elseif(user_access("skip author's approval queue when posting comments")) { + return FALSE; + } + else{ + $nodeauthor = user_load($node->uid); + return usercomment_requires_approval($node->type, $nodeauthor); + } + break; + + default: + return FALSE; + }// end switch $op } /** - * This function generates the approval page + * This function generates the approval message + * @param int $cid Comment ID + * @return nothing */ function usercomment_approve($cid) { + global $user; $comment = _comment_load($cid); $node = node_load($comment->nid); + $comment->status = COMMENT_PUBLISHED; + comment_save((array)$comment); - + // when COMMENT_NODE_READ_WRITE drupal shows an message + if($node->comment == COMMENT_NODE_READ_WRITE) { $status_msg_php = variable_get('usercomment_msg_approved_php', ''); if ($status_msg_php != '') { - $status_msg = eval($status_msg_php); + $status_msg = drupal_eval($status_msg_php); } else { - $status_msg = variable_get('usercomment_msg_approved', t("Your comment has been approved.")); + $status_msg = variable_get('usercomment_msg_approved', t("The comment has been approved.")); $status_msg = t($status_msg, array( - '@poster' => $user->name, - '@node_owner' => $node->user->name, + '@poster' => $comment->name, + '@node_owner' => $node->name, '@subject' => $comment->subject, )); } drupal_set_message($status_msg); + } drupal_goto('node/'. $node->nid); } /** * This function is a modified copy of comment_render() - * * I had to modify b/c comment_render() didn't let me get comments that * weren't published - * not ideal, but it works - * + * not ideal, but it works. + * + * @param object $node The node object + * @return $content */ function usercomment_comment_render($node) { $content = ''; $query = 'SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.format, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.thread, c.status FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.nid = %d AND c.status = %d'; - $query_args[] = $node->nid; - $query_args[] = COMMENT_NOT_PUBLISHED; - $result = db_query($query, $query_args); + + $result = db_query($query, $node->nid, COMMENT_NOT_PUBLISHED); while ($comment = db_fetch_object($result)) { $comment = drupal_unpack($comment); if (usercomment_access_check($comment->cid)) { @@ -415,7 +433,7 @@ function usercomment_admin_settings() { $form['mail'] = array( '#type' => 'fieldset', '#title' => t('Approval email'), - '#description' => t('This page is generated by the usercomment module. The following variables are available for use in email subject/message: @approver, @commenter, @title, @comment, @link, @site, @siteurl'), + '#description' => t('This page is generated by the usercomment module. The following variables are available for use in email subject/message: @approver, @commenter, @title, @comment, @commentlink, @nodelink, @site, @siteurl'), ); $form['mail']['usercomment_mail_subject'] = array( '#type' => 'textfield', @@ -439,11 +457,11 @@ function usercomment_admin_settings() { '#description' => t("Enter the status message a user will see after submitting a comment that requires approval prior to being published. The following variables are available for use in the status message: @poster, @node_owner, @subject."), '#default_value' => variable_get('usercomment_msg_approval_queue', t("Your comment will be posted once it's been approved.")), ); - $msg_php = variable_get('usercomment_msg_approval_queue_php', NULL); + $msg_php = variable_get('usercomment_msg_approval_queue_php', ''); $form['usercomment_text']['usercomment_msg_approval_queue_php_fieldset'] = array( '#type' => 'fieldset', '#collapsible' => TRUE, - '#collapsed' => is_null($msg_php) ? FALSE : TRUE, + '#collapsed' => empty($msg_php) ? FALSE : TRUE, '#title' => t('PHP code'), ); $form['usercomment_text']['usercomment_msg_approval_queue_php_fieldset']['usercomment_msg_approval_queue_php'] = array( @@ -452,7 +470,7 @@ function usercomment_admin_settings() { '#default_value' => $msg_php, '#cols' => 60, '#rows' => 6, - '#description' => ''. t('Advanced Usage Only: PHP code that returns the text of the status message. Should not include <?php ?> delimiters.') .'
'. t('Note: if set, this will override any Approval queue message text set above.') .'
', + '#description' => ''. t('Advanced Usage Only: PHP code that returns the text of the status message. The PHP code must be entered between %php. Note that executing incorrect PHP-code can break your Drupal site.', array('%php' => '')) .'
'. t('Note: if set, this will override any Approval queue message text set above.') .'
', ); $form['usercomment_text']['usercomment_msg_approved'] = array( @@ -462,20 +480,20 @@ function usercomment_admin_settings() { '#description' => t("Enter the status message a user will see after approving a comment. The following variables are available for use in the status message: @poster, @node_owner, @subject."), '#default_value' => variable_get('usercomment_msg_approved', t("Your comment has been approved.")), ); - $msg_php = variable_get('usercomment_msg_approved_php', NULL); + $msg_php2 = variable_get('usercomment_msg_approved_php', ''); $form['usercomment_text']['usercomment_msg_approved_php_fieldset'] = array( '#type' => 'fieldset', '#collapsible' => TRUE, - '#collapsed' => is_null($msg_php) ? FALSE : TRUE, + '#collapsed' => empty($msg_php2) ? FALSE : TRUE, '#title' => t('PHP code'), ); $form['usercomment_text']['usercomment_msg_approved_php_fieldset']['usercomment_msg_approved_php'] = array( '#type' => 'textarea', '#title' => t('Approved comment message code'), - '#default_value' => $msg_php, + '#default_value' => $msg_php2, '#cols' => 60, '#rows' => 6, - '#description' => ''. t('Advanced Usage Only: PHP code that returns the text of the status message. Should not include <?php ?> delimiters.') .'
'. t('Note: if set, this will override any Approval queue message text set above.') .'
', + '#description' => ''. t('Advanced Usage Only: PHP code that returns the text of the status message. The PHP code must be entered between %php. Note that executing incorrect PHP-code can break your Drupal site.', array('%php' => '')) .'
'. t('Note: if set, this will override any Approval queue message text set above.') .'
', ); return system_settings_form($form); } @@ -487,13 +505,19 @@ function usercomment_mail_message_defaul return <<