Index: modules/comment/comment.module
===================================================================
RCS file: /cvs/drupal/drupal/modules/comment/comment.module,v
retrieving revision 1.663
diff -u -F^f -u -F^f -r1.663 comment.module
--- modules/comment/comment.module 15 Nov 2008 11:45:03 -0000 1.663
+++ modules/comment/comment.module 16 Nov 2008 17:07:44 -0000
@@ -710,134 +710,114 @@ function comment_node_url() {
* If the comment is successfully saved the comment ID is returned. If the comment
* is not saved, FALSE is returned.
*/
-function comment_save($edit) {
+function comment_save(&$edit) {
global $user;
- if (user_access('post comments') && (user_access('administer comments') || node_comment_mode($edit['nid']) == COMMENT_NODE_READ_WRITE)) {
- if (!form_get_errors()) {
- $edit += array(
- 'mail' => '',
- 'homepage' => '',
- 'name' => '',
- 'status' => user_access('post comments without approval') ? COMMENT_PUBLISHED : COMMENT_NOT_PUBLISHED,
- );
- if ($edit['cid']) {
- // Update the comment in the database.
- db_update('comments')
- ->fields(array(
- 'status' => $edit['status'],
- 'timestamp' => $edit['timestamp'],
- 'subject' => $edit['subject'],
- 'comment' => $edit['comment'],
- 'format' => $edit['comment_format'],
- 'uid' => $edit['uid'],
- 'name' => $edit['name'],
- 'mail' => $edit['mail'],
- 'homepage' => $edit['homepage']
- ))
- ->condition('cid', $edit['cid'])
- ->execute();
- // Allow modules to respond to the updating of a comment.
- comment_invoke_comment($edit, 'update');
- // Add an entry to the watchdog log.
- watchdog('content', 'Comment: updated %subject.', array('%subject' => $edit['subject']), WATCHDOG_NOTICE, l(t('view'), 'node/' . $edit['nid'], array('fragment' => 'comment-' . $edit['cid'])));
- }
- else {
- // Add the comment to database. This next section builds the thread field.
- // Also see the documentation for comment_render().
- if ($edit['pid'] == 0) {
- // This is a comment with no parent comment (depth 0): we start
- // by retrieving the maximum thread level.
- $max = db_query('SELECT MAX(thread) FROM {comments} WHERE nid = :nid', array(':nid' => $edit['nid']))->fetchField();
- // Strip the "/" from the end of the thread.
- $max = rtrim($max, '/');
- // Finally, build the thread field for this new comment.
- $thread = int2vancode(vancode2int($max) + 1) . '/';
- }
- else {
- // This is a comment with a parent comment, so increase
- // the part of the thread value at the proper depth.
- // Get the parent comment:
- $parent = comment_load($edit['pid']);
- // Strip the "/" from the end of the parent thread.
- $parent->thread = (string) rtrim((string) $parent->thread, '/');
- // Get the max value in *this* thread.
- $max = db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE :thread AND nid = :nid", array(
- ':thread' => $parent->thread .'.%',
- ':nid' => $edit['nid']))
- ->fetchField();
-
- if ($max == '') {
- // First child of this parent.
- $thread = $parent->thread . '.' . int2vancode(0) . '/';
- }
- else {
- // Strip the "/" at the end of the thread.
- $max = rtrim($max, '/');
- // Get the value at the correct depth.
- $parts = explode('.', $max);
- $parent_depth = count(explode('.', $parent->thread));
- $last = $parts[$parent_depth];
- // Finally, build the thread field for this new comment.
- $thread = $parent->thread . '.' . int2vancode(vancode2int($last) + 1) . '/';
- }
- }
-
- if (empty($edit['timestamp'])) {
- $edit['timestamp'] = REQUEST_TIME;
- }
-
- if ($edit['uid'] === $user->uid) { // '===' Need to modify anonymous users as well.
- $edit['name'] = $user->name;
- }
+ $edit += array(
+ 'mail' => '',
+ 'homepage' => '',
+ 'name' => '',
+ 'status' => user_access('post comments without approval') ? COMMENT_PUBLISHED : COMMENT_NOT_PUBLISHED,
+ );
+ if ($edit['cid']) {
+ // Update the comment in the database.
+ db_update('comments')
+ ->fields(array(
+ 'status' => $edit['status'],
+ 'timestamp' => $edit['timestamp'],
+ 'subject' => $edit['subject'],
+ 'comment' => $edit['comment'],
+ 'format' => $edit['comment_format'],
+ 'uid' => $edit['uid'],
+ 'name' => $edit['name'],
+ 'mail' => $edit['mail'],
+ 'homepage' => $edit['homepage']
+ ))
+ ->condition('cid', $edit['cid'])
+ ->execute();
+ // Allow modules to respond to the updating of a comment.
+ comment_invoke_comment($edit, 'update');
+ // Add an entry to the watchdog log.
+ watchdog('content', 'Comment: updated %subject.', array('%subject' => $edit['subject']), WATCHDOG_NOTICE, l(t('view'), 'node/' . $edit['nid'], array('fragment' => 'comment-' . $edit['cid'])));
+ }
+ else {
+ // Add the comment to database. This next section builds the thread field.
+ // Also see the documentation for comment_render().
+ if ($edit['pid'] == 0) {
+ // This is a comment with no parent comment (depth 0): we start
+ // by retrieving the maximum thread level.
+ $max = db_query('SELECT MAX(thread) FROM {comments} WHERE nid = :nid', array(':nid' => $edit['nid']))->fetchField();
+ // Strip the "/" from the end of the thread.
+ $max = rtrim($max, '/');
+ // Finally, build the thread field for this new comment.
+ $thread = int2vancode(vancode2int($max) + 1) . '/';
+ }
+ else {
+ // This is a comment with a parent comment, so increase
+ // the part of the thread value at the proper depth.
- $edit['cid'] = db_insert('comments')
- ->fields(array(
- 'nid' => $edit['nid'],
- 'pid' => empty($edit['pid']) ? 0 : $edit['pid'],
- 'uid' => empty($edit['uid']) ? 0 : $edit['uid'],
- 'subject' => $edit['subject'],
- 'comment' => $edit['comment'],
- 'format' => $edit['comment_format'],
- 'hostname' => ip_address(),
- 'timestamp' => $edit['timestamp'],
- 'status' => $edit['status'],
- 'thread' => $thread,
- 'name' => $edit['name'],
- 'mail' => $edit['mail'],
- 'homepage' => $edit['homepage']
- ))
- ->execute();
- // Tell the other modules a new comment has been submitted.
- comment_invoke_comment($edit, 'insert');
- // Add an entry to the watchdog log.
- watchdog('content', 'Comment: added %subject.', array('%subject' => $edit['subject']), WATCHDOG_NOTICE, l(t('view'), 'node/' . $edit['nid'], array('fragment' => 'comment-' . $edit['cid'])));
- }
- _comment_update_node_statistics($edit['nid']);
- // Clear the cache so an anonymous user can see his comment being added.
- cache_clear_all();
-
- // Explain the approval queue if necessary, and then
- // redirect the user to the node he's commenting on.
- if ($edit['status'] == COMMENT_NOT_PUBLISHED) {
- drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
+ // Get the parent comment:
+ $parent = comment_load($edit['pid']);
+ // Strip the "/" from the end of the parent thread.
+ $parent->thread = (string) rtrim((string) $parent->thread, '/');
+ // Get the max value in *this* thread.
+ $max = db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE :thread AND nid = :nid", array(
+ ':thread' => $parent->thread .'.%',
+ ':nid' => $edit['nid']))
+ ->fetchField();
+
+ if ($max == '') {
+ // First child of this parent.
+ $thread = $parent->thread . '.' . int2vancode(0) . '/';
}
else {
- drupal_set_message(t('Your comment has been posted.'));
- comment_invoke_comment($edit, 'publish');
+ // Strip the "/" at the end of the thread.
+ $max = rtrim($max, '/');
+ // Get the value at the correct depth.
+ $parts = explode('.', $max);
+ $parent_depth = count(explode('.', $parent->thread));
+ $last = $parts[$parent_depth];
+ // Finally, build the thread field for this new comment.
+ $thread = $parent->thread . '.' . int2vancode(vancode2int($last) + 1) . '/';
}
-
- return $edit['cid'];
- }
- else {
- return FALSE;
}
- }
- else {
- watchdog('content', 'Comment: unauthorized comment submitted or comment submitted to a closed post %subject.', array('%subject' => $edit['subject']), WATCHDOG_WARNING);
- drupal_set_message(t('Comment: unauthorized comment submitted or comment submitted to a closed post %subject.', array('%subject' => $edit['subject'])), 'error');
- return FALSE;
+ if (empty($edit['timestamp'])) {
+ $edit['timestamp'] = REQUEST_TIME;
+ }
+
+ if ($edit['uid'] === $user->uid) { // '===' Need to modify anonymous users as well.
+ $edit['name'] = $user->name;
+ }
+
+ $edit['cid'] = db_insert('comments')
+ ->fields(array(
+ 'nid' => $edit['nid'],
+ 'pid' => empty($edit['pid']) ? 0 : $edit['pid'],
+ 'uid' => empty($edit['uid']) ? 0 : $edit['uid'],
+ 'subject' => $edit['subject'],
+ 'comment' => $edit['comment'],
+ 'format' => $edit['comment_format'],
+ 'hostname' => ip_address(),
+ 'timestamp' => $edit['timestamp'],
+ 'status' => $edit['status'],
+ 'thread' => $thread,
+ 'name' => $edit['name'],
+ 'mail' => $edit['mail'],
+ 'homepage' => $edit['homepage']
+ ))
+ ->execute();
+ // Tell the other modules a new comment has been submitted.
+ comment_invoke_comment($edit, 'insert');
+ // Add an entry to the watchdog log.
+ watchdog('content', 'Comment: added %subject.', array('%subject' => $edit['subject']), WATCHDOG_NOTICE, l(t('view'), 'node/' . $edit['nid'], array('fragment' => 'comment-' . $edit['cid'])));
+ }
+ _comment_update_node_statistics($edit['nid']);
+ // Clear the cache so an anonymous user can see his comment being added.
+ cache_clear_all();
+
+ if ($edit['status'] == COMMENT_PUBLISHED) {
+ comment_invoke_comment($edit, 'publish');
}
}
@@ -1196,61 +1176,11 @@ function comment_num_new($nid, $timestam
*
* @param $edit
* An associative array containing the comment data.
- * @return
- * The original $edit.
*/
-function comment_validate($edit) {
- global $user;
+function comment_validate(&$edit) {
// Invoke other validation handlers.
comment_invoke_comment($edit, 'validate');
-
- if (isset($edit['date'])) {
- if (strtotime($edit['date']) === FALSE) {
- form_set_error('date', t('You have to specify a valid date.'));
- }
- }
- if (isset($edit['author']) && !$account = user_load(array('name' => $edit['author']))) {
- form_set_error('author', t('You have to specify a valid author.'));
- }
-
- // Check validity of name, mail and homepage (if given).
- if (!$user->uid || isset($edit['is_anonymous'])) {
- $node = node_load($edit['nid']);
- if (variable_get('comment_anonymous_' . $node->type, COMMENT_ANONYMOUS_MAYNOT_CONTACT) > COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
- if ($edit['name']) {
- $query = db_select('users', 'u');
- $query->addField('u', 'uid', 'uid');
- $taken = $query->where('LOWER(name) = :name', array(':name' => $edit['name']))
- ->countQuery()
- ->execute()
- ->fetchField();
- if ($taken != 0) {
- form_set_error('name', t('The name you used belongs to a registered user.'));
- }
- }
- elseif (variable_get('comment_anonymous_' . $node->type, COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
- form_set_error('name', t('You have to leave your name.'));
- }
-
- if ($edit['mail']) {
- if (!valid_email_address($edit['mail'])) {
- form_set_error('mail', t('The e-mail address you specified is not valid.'));
- }
- }
- elseif (variable_get('comment_anonymous_' . $node->type, COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
- form_set_error('mail', t('You have to leave an e-mail address.'));
- }
-
- if ($edit['homepage']) {
- if (!valid_url($edit['homepage'], TRUE)) {
- form_set_error('homepage', t('The URL of your homepage is not valid. Remember that it must be fully qualified, i.e. of the form http://example.com/directory.'));
- }
- }
- }
- }
-
- return $edit;
}
/**
@@ -1597,7 +1527,54 @@ function comment_form_validate($form, &$
}
}
}
+
+ // Perform non form-specific validation.
comment_validate($form_state['values']);
+
+ if (isset($form_state['values']['date'])) {
+ if (strtotime($form_state['values']['date']) === FALSE) {
+ form_set_error('date', t('You have to specify a valid date.'));
+ }
+ }
+ if (isset($form_state['values']['author']) && !$account = user_load(array('name' => $form_state['values']['author']))) {
+ form_set_error('author', t('You have to specify a valid author.'));
+ }
+
+ // Check validity of name, mail and homepage (if given).
+ if (!$user->uid || isset($form_state['values']['is_anonymous'])) {
+ $node = node_load($form_state['values']['nid']);
+ if (variable_get('comment_anonymous_' . $node->type, COMMENT_ANONYMOUS_MAYNOT_CONTACT) > COMMENT_ANONYMOUS_MAYNOT_CONTACT) {
+ if ($form_state['values']['name']) {
+ $query = db_select('users', 'u');
+ $query->addField('u', 'uid', 'uid');
+ $taken = $query->where('LOWER(name) = :name', array(':name' => $form_state['values']['name']))
+ ->countQuery()
+ ->execute()
+ ->fetchField();
+ if ($taken != 0) {
+ form_set_error('name', t('The name you used belongs to a registered user.'));
+ }
+ }
+ elseif (variable_get('comment_anonymous_' . $node->type, COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
+ form_set_error('name', t('You have to leave your name.'));
+ }
+
+ if ($form_state['values']['mail']) {
+ if (!valid_email_address($form_state['values']['mail'])) {
+ form_set_error('mail', t('The e-mail address you specified is not valid.'));
+ }
+ }
+ elseif (variable_get('comment_anonymous_' . $node->type, COMMENT_ANONYMOUS_MAYNOT_CONTACT) == COMMENT_ANONYMOUS_MUST_CONTACT) {
+ form_set_error('mail', t('You have to leave an e-mail address.'));
+ }
+
+ if ($form_state['values']['homepage']) {
+ if (!valid_url($form_state['values']['homepage'], TRUE)) {
+ form_set_error('homepage', t('The URL of your homepage is not valid. Remember that it must be fully qualified, i.e. of the form http://example.com/directory.'));
+ }
+ }
+ }
+ }
}
/**
@@ -1639,12 +1616,31 @@ function _comment_form_submit(&$comment_
* Process comment form submissions; prepare the comment, store it, and set a redirection target.
*/
function comment_form_submit($form, &$form_state) {
+
+ $node = node_load($form_state['values']['nid']);
+ $page = comment_new_page_count($node->comment_count, 1, $node);
+
_comment_form_submit($form_state['values']);
- if ($cid = comment_save($form_state['values'])) {
- $node = node_load($form_state['values']['nid']);
- $page = comment_new_page_count($node->comment_count, 1, $node);
+
+ if (user_access('post comments') && (user_access('administer comments') || node_comment_mode($edit['nid']) == COMMENT_NODE_READ_WRITE)) {
+
+
+ comment_save($form_state['values']);
+ // Explain the approval queue if necessary, and then
+ // redirect the user to the node he's commenting on.
+ if ($form_state['values']['status'] == COMMENT_NOT_PUBLISHED) {
+ drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
+ }
+ else {
+ drupal_set_message(t('Your comment has been posted.'));
+ }
$form_state['redirect'] = array('node/' . $node->nid, $page, "comment-$cid");
- return;
+ }
+ else {
+ watchdog('content', 'Comment: unauthorized comment submitted or comment submitted to a closed post %subject.', array('%subject' => $form_state['values']['subject']), WATCHDOG_WARNING);
+ drupal_set_message(t('Comment: unauthorized comment submitted or comment submitted to a closed post %subject.', array('%subject' => $form_state['values']['subject'])), 'error');
+
+ $form_state['redirect'] = array('node/' . $node->nid, $page);
}
}