lib.php 77.8 KB
Newer Older
1 2 3 4 5 6
<?php
/**
 *
 * @package    mahara
 * @subpackage artefact-comment
 * @author     Catalyst IT Ltd
7 8
 * @license    http://www.gnu.org/copyleft/gpl.html GNU GPL version 3 or later
 * @copyright  For copyright information on Mahara, please see the README file distributed with this software.
9 10 11 12 13
 *
 */

defined('INTERNAL') || die();

14
require_once('activity.php');
15
require_once('license.php');
16

17
define('MIN_RATING', 1);
18 19
$maxrating = get_config_plugin('artefact', 'comment', 'ratinglength');
define('MAX_RATING', $maxrating ? $maxrating : 5);
20 21 22 23 24 25 26 27 28 29 30 31 32 33

function valid_rating($ratingstr) {
    if (empty($ratingstr)) {
        return null;
    }

    $rating = intval($ratingstr);
    if ($rating < MIN_RATING) {
        return null;
    }

    return max(MIN_RATING, min(MAX_RATING, $rating));
}

34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57
class PluginArtefactComment extends PluginArtefact {

    public static function get_artefact_types() {
        return array(
            'comment',
        );
    }

    public static function get_block_types() {
        return array();
    }

    public static function get_plugin_name() {
        return 'comment';
    }

    public static function menu_items() {
        return array();
    }

    public static function get_event_subscriptions() {
        return array();
    }

58 59 60 61 62 63
    public static function get_activity_types() {
        return array(
            (object)array(
                'name' => 'feedback',
                'admin' => 0,
                'delay' => 0,
64 65
                'allownonemethod' => 1,
                'defaultmethod' => 'email',
66 67 68 69
            )
        );
    }

70 71 72 73
    public static function can_be_disabled() {
        return false;
    }

74 75
    public static function postinst($prevversion) {
        if ($prevversion == 0) {
76
            set_config_plugin('artefact', 'comment', 'commenteditabletime', 10);
77 78 79
            foreach(ArtefactTypeComment::deleted_types() as $type) {
                insert_record('artefact_comment_deletedby', (object)array('name' => $type));
            }
80 81

            set_config_plugin('artefact', 'comment', 'maxindent', '5');
82 83
        }
    }
84 85 86 87 88 89

    public static function view_export_extra_artefacts($viewids) {
        $artefacts = array();
        if (!$artefacts = get_column_sql("
            SELECT artefact
            FROM {artefact_comment_comment}
90
            WHERE deletedby IS NULL AND hidden=0 AND onview IN (" . join(',', array_map('intval', $viewids)) . ')', array())) {
91 92 93 94 95 96 97 98 99 100 101 102 103 104 105
            return array();
        }
        if ($attachments = get_column_sql('
            SELECT attachment
            FROM {artefact_attachment}
            WHERE artefact IN (' . join(',', $artefacts). ')')) {
            $artefacts = array_merge($artefacts, $attachments);
        }
        return $artefacts;
    }

    public static function artefact_export_extra_artefacts($artefactids) {
        if (!$artefacts = get_column_sql("
            SELECT artefact
            FROM {artefact_comment_comment}
106
            WHERE deletedby IS NULL AND hidden=0 AND onartefact IN (" . join(',', $artefactids) . ')', array())) {
107 108 109 110 111 112 113 114 115 116
            return array();
        }
        if ($attachments = get_column_sql('
            SELECT attachment
            FROM {artefact_attachment}
            WHERE artefact IN (' . join(',', $artefacts). ')')) {
            $artefacts = array_merge($artefacts, $attachments);
        }
        return $artefacts;
    }
117 118 119 120 121 122 123 124 125 126 127 128 129 130 131

    public static function get_cron() {
        return array(
            (object)array(
                'callfunction' => 'clean_feedback_notifications',
                'minute'       => '35',
                'hour'         => '22',
            ),
        );
    }

    public static function clean_feedback_notifications() {
        safe_require('notification', 'internal');
        PluginNotificationInternal::clean_notifications(array('feedback'));
    }
132

133 134 135 136 137 138 139 140 141 142 143 144
    public static function progressbar_link($artefacttype) {
        switch ($artefacttype) {
            case 'feedback':
                return 'view/sharedviews.php';
                break;
        }
    }

    public static function progressbar_additional_items() {
        return array(
            (object)array(
                    'name' => 'feedback',
145
                    'title' => get_string('addcomment', 'artefact.comment'),
146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171
                    'plugin' => 'comment',
                    'active' => true,
                    'iscountable' => true,
                    'is_metaartefact' => true,
            )
        );
    }

    public static function progressbar_metaartefact_count($name) {
        global $USER;
        $meta = new stdClass();
        $meta->artefacttype = $name;
        $meta->completed = 0;
        switch ($name) {
            case 'feedback':
                $sql = "SELECT COUNT(*) AS completed
                         FROM {artefact}
                       WHERE artefacttype='comment'
                         AND owner <> ? AND author = ?";
                $count = get_records_sql_array($sql, array($USER->get('id'), $USER->get('id')));
                $meta->completed = $count[0]->completed;
                break;
            default:
                return false;
        }
        return $meta;
172
    }
173 174 175 176 177 178 179 180
}

class ArtefactTypeComment extends ArtefactType {

    protected $onview;
    protected $onartefact;
    protected $private;
    protected $deletedby;
181
    protected $requestpublic;
182
    protected $rating;
183
    protected $lastcontentupdate;
184
    protected $threadedposition;
185
    protected $hidden;
186 187 188 189 190 191 192 193 194 195 196 197 198

    public function __construct($id = 0, $data = null) {
        parent::__construct($id, $data);

        if ($this->id && ($extra = get_record('artefact_comment_comment', 'artefact', $this->id))) {
            foreach($extra as $name => $value) {
                if (property_exists($this, $name)) {
                    $this->{$name} = $value;
                }
            }
        }
    }

199 200 201 202
    public static function is_allowed_in_progressbar() {
        return false;
    }

203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219

    /**
     * For comments, the artefact.mtime property is displayed to users, as the "Update on" date,
     * if it is later than the artefact's creation time. The purpose of this is for transparency
     * in communication, so that people will know that a later comment may be in response to one
     * that no longer exists.
     *
     * So, we don't want the publishing
     * @see ArtefactType::set()
     */
    public function set($field, $value) {
        if (($field == 'title' || $field == 'description') && $this->{$field} != $value) {
            $this->lastcontentupdate = $this->mtime;
        }
        return parent::set($field, $value);
    }

220 221 222 223 224 225 226 227 228 229 230 231
    public function commit() {
        if (empty($this->dirty)) {
            return;
        }

        $new = empty($this->id);

        db_begin();

        parent::commit();

        $data = (object)array(
232 233 234 235 236 237
            'artefact'      => $this->get('id'),
            'onview'        => $this->get('onview'),
            'onartefact'    => $this->get('onartefact'),
            'private'       => $this->get('private'),
            'deletedby'     => $this->get('deletedby'),
            'requestpublic' => $this->get('requestpublic'),
238
            'rating'        => $this->get('rating'),
239
            'threadedposition'        => $this->get('threadedposition'),
240
            'hidden'        => $this->get('hidden'),
241
        );
242 243 244
        if ($this->get('lastcontentupdate')) {
            $data->lastcontentupdate = db_format_timestamp($this->get('lastcontentupdate'));
        }
245 246 247 248 249 250 251 252

        if ($new) {
            insert_record('artefact_comment_comment', $data);
        }
        else {
            update_record('artefact_comment_comment', $data, 'artefact');
        }

253 254
        if ($this->get('onview')) {
            set_field('view', 'mtime', db_format_timestamp(time()), 'id', $this->get('onview'));
255
        }
256 257 258 259
        else if ($this->get('onartefact')) {
            execute_sql("UPDATE {view} SET mtime = ? WHERE id IN (SELECT va.view FROM {view_artefact} va WHERE va.artefact = ?)", array(db_format_timestamp(time()), $this->get('onartefact')));
        }

260 261 262 263 264 265 266 267 268
        db_commit();
        $this->dirty = false;
    }

    public static function is_singular() {
        return false;
    }

    public static function get_icon($options=null) {
269 270
        // global $THEME;
        // return false;
271 272 273 274 275 276 277 278
    }

    public function delete() {
        if (empty($this->id)) {
            return;
        }
        db_begin();
        $this->detach();
279
        delete_records('artefact_comment_comment', 'artefact', $this->id);
280 281 282 283
        parent::delete();
        db_commit();
    }

284
    public static function bulk_delete($artefactids, $log=false) {
285 286 287 288
        if (empty($artefactids)) {
            return;
        }

289
        $idstr = join(',', array_map('intval', $artefactids));
290 291 292

        db_begin();
        delete_records_select('artefact_comment_comment', 'artefact IN (' . $idstr . ')');
293
        delete_records_select('artefact_file_embedded', 'resourcetype = ? AND resourceid IN (' . $idstr . ')', array('comment'));
294 295 296 297 298 299 300 301 302
        parent::bulk_delete($artefactids);
        db_commit();
    }

    public static function delete_view_comments($viewid) {
        $ids = get_column('artefact_comment_comment', 'artefact', 'onview', $viewid);
        self::bulk_delete($ids);
    }

303 304 305 306 307 308
    public static function delete_comments_onartefacts($artefactids) {
        $idstr = join(',', array_map('intval', $artefactids));
        $commentids = get_column_sql("SELECT artefact FROM {artefact_comment_comment} WHERE onartefact IN ($idstr)");
        self::bulk_delete($commentids);
    }

309 310
    public static function get_links($id) {
        return array(
311
            '_default' => get_config('wwwroot') . 'artefact/comment/view.php?id=' . $id,
312 313 314 315 316 317 318 319 320 321 322
        );
    }

    public function can_have_attachments() {
        return true;
    }

    public static function deleted_types() {
        return array('author', 'owner', 'admin');
    }

323
    /**
324 325 326
     * Generates default data object required for displaying comments on the page.
     * The is called before populating with specific data to send to get_comments() as
     * an easy way to add variables to get passed to get_comments.
327
     *
328 329 330 331 332 333 334 335 336 337 338
     * int $limit              The number of comments to display (set to
     *                         0 for disabling pagination and showing all comments)
     * int $offset             The offset of comments used for pagination
     * int|string $showcomment Optionally show page with particular comment
     *                         on it or the last page. $offset will be ignored.
     *                         Specify either comment_id or 'last' respectively.
     *                         Set to null to use $offset for pagination.
     * object $view            The view object
     * object $artefact        Optional artefact object
     * bool   $export          Determines if comments are fetched for html export purposes
     * bool   $onview          Optional - is viewing artefact comments on view page so don't show edit buttons
339
     * string $sort            Optional - the sort order of the comments. Valid options are 'earliest' and 'latest'.
340
     * @return object $options Default comments data object
341
     */
342 343 344 345 346 347 348 349
    public static function get_comment_options() {
        $options = new stdClass();
        $options->limit = 10;
        $options->offset = 0;
        $options->showcomment = null;
        $options->view = null;
        $options->artefact = null;
        $options->export = false;
350
        $options->onview = false;
351 352
        $sortorder = get_user_institution_comment_sort_order();
        $options->sort = (!empty($sortorder)) ? $sortorder : 'earliest';
353
        $options->threaded = null;
354 355 356 357 358 359 360 361 362 363 364
        return $options;
    }

    /**
     * Generates the data object required for displaying comments on the page.
     *
     * @param   object  $options  Object of comment options
     *                            - defaults can be retrieved from get_comment_options()
     * @return  object $result    Comment data object
     */
    public static function get_comments($options) {
365
        global $USER;
366
        $allowedoptions = self::get_comment_options();
367 368
        // set the object's key/val pairs as variables
        foreach ($options as $key => $option) {
369
            if (array_key_exists($key, $allowedoptions));
370 371
            $$key = $option;
        }
372 373 374 375
        $userid = $USER->get('id');
        $viewid = $view->get('id');
        if (!empty($artefact)) {
            $canedit = $USER->can_edit_artefact($artefact);
376 377
            $owner = $artefact->get('owner');
            $isowner = $userid && $userid == $owner;
378 379 380
            $artefactid = $artefact->get('id');
        }
        else {
381 382 383 384 385 386 387 388 389 390 391
            if ($group = $view->get('group')) {
                $group_admins = group_get_admin_ids($group);
                $canedit = (array_search($userid, $group_admins) !== false) ? true : false;
                $owner = null;
                $isowner = null;
            }
            else {
                $canedit = $USER->can_moderate_view($view);
                $owner = $view->get('owner');
                $isowner = $userid && $userid == $owner;
            }
392 393
            $artefactid = null;
        }
394

395 396 397 398 399 400 401 402
        // Find out whether the page's owner has threaded comments or not
        if ($owner) {
            $threaded = get_user_institution_comment_threads($owner);
        }
        else {
            $threaded = false;
        }

403 404 405 406 407 408
        $result = (object) array(
            'limit'    => $limit,
            'offset'   => $offset,
            'view'     => $viewid,
            'artefact' => $artefactid,
            'canedit'  => $canedit,
409
            'owner'    => $owner,
410
            'isowner'  => $isowner,
411
            'export'   => $export,
412
            'sort'     => $sort,
413
            'threaded' => $threaded,
414 415 416
            'data'     => array(),
        );

417
        $where = 'c.hidden = 0';
418
        if (!empty($artefactid)) {
419
            $where .= ' AND c.onartefact = ' . (int)$artefactid;
420 421
        }
        else {
422
            $where .= ' AND c.onview = ' . (int)$viewid;
423 424
        }
        if (!$canedit) {
425 426 427 428 429 430 431
            $where .= ' AND (';
            $where .= 'c.private = 0 '; // Comment is public
            $where .= 'OR a.author = ' . (int) $userid; // You are the comment author
            if ($threaded) {
                $where .= ' OR p.author = ' . (int) $userid; // you authored the parent
            }
            $where .= ')';
432 433 434 435
        }

        $result->count = count_records_sql('
            SELECT COUNT(*)
436 437 438 439 440 441
            FROM
                {artefact} a
                JOIN {artefact_comment_comment} c
                    ON a.id = c.artefact
                LEFT JOIN {artefact} p
                    ON a.parent = p.id
442 443
            WHERE ' . $where);

444
        if ($result->count > 0) {
445 446 447 448 449 450

            // Figure out sortorder
            if (!$threaded) {
                $orderby = 'a.ctime ' . ($sort == 'latest' ? 'DESC' : 'ASC');
            }
            else {
451
                $orderby = 'c.threadedposition ' . ($sort == 'latest' ? 'DESC' : 'ASC');
452 453
            }

454 455 456
            // If pagination is in use, see if we want to get a page with particular comment
            if ($limit) {
                if ($showcomment == 'last') {
457
                    // If we have limit (pagination is used) ignore $offset and just get the last page of comments.
458 459 460 461 462
                    $result->forceoffset = $offset = (ceil($result->count / $limit) - 1) * $limit;
                }
                else if (is_numeric($showcomment)) {
                    // Ignore $offset and get the page that has the comment
                    // with id $showcomment on it.
463
                    // Fetch everything and figure out which page $showcomment is in.
464 465
                    // This will get ugly if there are 1000s of comments
                    $ids = get_column_sql('
466 467 468 469 470 471 472 473 474 475 476 477 478 479 480
                            SELECT a.id
                            FROM {artefact} a JOIN {artefact_comment_comment} c ON a.id = c.artefact
                                LEFT JOIN {artefact} p ON a.parent = p.id
                            WHERE ' . $where . '
                            ORDER BY ' . $orderby,
                            array()
                    );
                    $found = false;
                    foreach ($ids as $k => $v) {
                        if ($v == $showcomment) {
                            $found = $k;
                            break;
                        }
                    }
                    if ($found !== false) {
481
                        // Add 1 because array index starts from 0 and therefore key value is offset by 1.
482
                        $rank = $found + 1;
483 484 485
                        $result->forceoffset = $offset = ((ceil($rank / $limit) - 1) * $limit);
                        $result->showcomment = $showcomment;
                    }
486
                }
487
            }
488

489 490
            $comments = get_records_sql_assoc('
                SELECT
491
                    a.id, a.author, a.authorname, a.ctime, a.mtime, a.description, a.group,
492
                    c.private, c.deletedby, c.requestpublic, c.rating, c.lastcontentupdate,
493
                    u.username, u.firstname, u.lastname, u.preferredname, u.email, u.staff, u.admin,
494
                    u.deleted, u.profileicon, u.urlid, a.path, p.id AS parent, p.author AS parentauthor
495 496
                FROM {artefact} a
                    INNER JOIN {artefact_comment_comment} c ON a.id = c.artefact
497 498
                    LEFT JOIN {artefact} p
                        ON a.parent = p.id
499
                    LEFT JOIN {usr} u ON a.author = u.id
500
                WHERE ' . $where . '
501
                ORDER BY ' . $orderby, array(), $offset, $limit);
502

503
            $files = ArtefactType::attachments_from_id_list(array_keys($comments));
504

505 506 507 508 509
            if ($files) {
                safe_require('artefact', 'file');
                foreach ($files as &$file) {
                    $comments[$file->artefact]->attachments[] = $file;
                }
510 511
            }

512 513 514 515 516 517 518
            // calculate the indent tabs for the comments
            $max_depth = ($threaded ? get_config_plugin('artefact', 'comment', 'maxindent') : 1);

            $usercache = array($userid => $canedit);

            foreach($comments as &$c) {
                // You can post a public reply to a comment if you can see it & the comment is not private
519
                $c->canpublicreply = (int) self::can_public_reply_to_comment($c->private, $c->deletedby);
520 521
                $c->canprivatereply = (int) self::can_private_reply_to_comment(
                        $c->private,
522
                        $c->deletedby,
523 524 525 526 527 528 529 530 531 532 533
                        $userid,
                        $c->author,
                        $c->parentauthor,
                        $artefact,
                        $view
                );
                $c->canreply = ($threaded && ($c->canpublicreply || $c->canprivatereply)) ? 1 : 0;
                $c->indent = ($max_depth == 1) ? 1 : min($max_depth, substr_count($c->path, '/'));
                // Count indent levels starting from 0 instead of 1.
                $c->indent -= 1;
            }
534 535
            $result->data = array_values($comments);
        }
536

537
        // check to see if the comments are to be displayed in a block instance
538
        // or the base of the page
539
        $result->position = 'base';
540
        $blocks = get_records_array('block_instance', 'view', $viewid);
541
        if (!empty($blocks)) {
542
            foreach ($blocks as $block) {
543
                if ($block->blocktype === 'comment') {
544
                    $result->position = 'blockinstance';
545
                }
546 547 548
            }
        }

549
        self::build_html($result, $onview);
550 551 552
        return $result;
    }

553 554 555 556
    /**
     * Can you post a public reply to this comment?
     * (Made into a separate function so we can re-use the logic)
     * @param boolean $isprivate Is the comment private?
557
     * @param int $deletedby The id of the user who deleted the comment (or null)
558 559
     * @return boolean
     */
560 561
    public static function can_public_reply_to_comment($isprivate, $deletedby) {
        return !($isprivate || $deletedby);
562 563 564 565 566 567
    }

    /**
     * Can you post a private reply to this comment?
     * (Made into a separate function so we can re-use the logic)
     * @param boolean $isprivate Is the replied-to comment private?
568
     * @param int $deletedby The id of the user who deleted the comment (or null)
569 570 571 572 573 574 575
     * @param int $commenter User replying to the comment
     * @param int $author Author of the replied-to comment
     * @param int $parentauthor Author of the replied-to comment's parent
     * @param ArtefactType $artefact The artefact being commented on (or null)
     * @param View $view The view being commented on (or null)
     * @return boolean
     */
576 577 578 579 580 581 582
    public static function can_private_reply_to_comment($isprivate, $deletedby, $commenter, $author, $parentauthor, $artefact=null, $view=null) {

        // Can't post a private reply to a deleted comment
        if ($deletedby) {
            return false;
        }

583 584 585 586 587 588 589 590 591 592 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632
        // No private replies to anonymous comments
        // (It would be impossible for the commenter to see!)
        if (!$author) {
            return false;
        }

        // No private replies to your own private comments
        if ($isprivate && $author == $commenter) {
            return false;
        }

        // You can post a private reply to a comment that is a private reply to one of your comments
        if ($isprivate && $parentauthor == $commenter) {
            return true;
        }

        // The page owner can post private replies to others' comments
        if (self::can_moderate_comments($commenter, $artefact, $view)) {
            return true;
        }

        // Other users can post a private reply to a comment by the page owner.
        return self::can_moderate_comments($author, $artefact, $view);
    }

    /**
     * Whether a user can moderate comments on a particular (view or artefact) page
     * @param int $userid
     * @param ArtefactType $artefact
     * @param View $view
     * @return boolean
     */
    public static function can_moderate_comments($userid, $artefact=null, $view=null) {
        static $usercache = array();
        if (array_key_exists($userid, $usercache)) {
            return $usercache[$userid];
        }

        $user = new User();
        $user->find_by_id($userid);
        if ($artefact) {
            $canmod = $user->can_edit_artefact($artefact);
        }
        else {
            $canmod = $user->can_moderate_view($view);
        }
        $usercache[$userid] = $canmod;
        return $canmod;
    }

633
    public static function count_comments($viewids=null, $artefactids=null) {
634 635 636 637
        if (!empty($viewids)) {
            return get_records_sql_assoc('
                SELECT c.onview, COUNT(c.artefact) AS comments
                FROM {artefact_comment_comment} c
638
                WHERE c.onview IN (' . join(',', array_map('intval', $viewids)) . ') AND c.deletedby IS NULL AND c.hidden=0
Richard Mansfield's avatar
Richard Mansfield committed
639 640 641
                GROUP BY c.onview',
                array()
            );
642 643 644 645 646
        }
        if (!empty($artefactids)) {
            return get_records_sql_assoc('
                SELECT c.onartefact, COUNT(c.artefact) AS comments
                FROM {artefact_comment_comment} c
647
                WHERE c.onartefact IN (' . join(',', array_map('intval', $artefactids)) . ') AND c.deletedby IS NULL AND c.hidden=0
Richard Mansfield's avatar
Richard Mansfield committed
648 649 650
                GROUP BY c.onartefact',
                array()
            );
651 652 653
        }
    }

654 655 656 657 658 659 660 661 662 663 664 665
    public static function last_public_comment($view=null, $artefact=null) {
        if (!empty($artefact)) {
            $where = 'c.onartefact = ?';
            $values = array($artefact);
        }
        else {
            $where = 'c.onview = ?';
            $values = array($view);
        }
        $newest = get_records_sql_array('
            SELECT a.id, a.ctime
            FROM {artefact} a INNER JOIN {artefact_comment_comment} c ON a.id = c.artefact
666
            WHERE c.private = 0 AND c.hidden = 0 AND ' . $where . '
667 668 669 670 671
            ORDER BY a.ctime DESC', $values, 0, 1
        );
        return $newest[0];
    }

672 673 674
    /**
     * Fetching the comments for an artefact to display on a view
     *
675
     * @param   ArtefactType  $artfact  The artefact to display comments for
676 677 678
     * @param   object  $view     The view on which the artefact appears
     * @param   int     $blockid  The id of the block instance that connects the artefact to the view
     * @param   bool    $html     Whether to return the information rendered as html or not
679
     * @param   bool    $editing  Whether we are view edit mode or not
680 681 682 683
     *
     * @return  array   $commentcount, $comments   The count of comments and either the comments
     *                                             or the html to render them.
     */
684
    public function get_artefact_comments_for_view(ArtefactType $artefact, $view, $blockid, $html = true, $editing = false) {
685 686
        global $USER;

687
        if (!is_object($artefact) || !is_object($view)) {
688 689 690 691 692 693 694 695 696 697 698
            throw new MaharaException('we do not have the right information to display the comments');
        }

        $commentoptions = ArtefactTypeComment::get_comment_options();
        $commentoptions->limit = 0;
        $commentoptions->view = $view;
        $commentoptions->artefact = $artefact;
        $commentoptions->onview = true;
        $comments = ArtefactTypeComment::get_comments($commentoptions);
        $commentcount = isset($comments->count) ? $comments->count : 0;

699 700 701 702 703
        // If there are no comments, and comments are not allowed, don't display anything.
        if ($commentcount == 0 && !$artefact->get('allowcomments')) {
            return array(0, '');
        }

704 705
        $artefacttitle = $artefact->title;

706 707 708 709
        $artefacturl = get_config('wwwroot') . 'artefact/artefact.php?view=' . $view->get('id') . '&artefact=' . $artefact->get('id');
        if ($html) {
            $smarty = smarty_core();
            $smarty->assign('artefacturl', $artefacturl);
710
            $smarty->assign('artefacttitle', $artefacttitle);
711 712 713
            $smarty->assign('blockid', $blockid);
            $smarty->assign('commentcount', $commentcount);
            $smarty->assign('comments', $comments);
714
            $smarty->assign('editing', $editing);
715
            $smarty->assign('allowcomments', $artefact->get('allowcomments'));
716
            $smarty->assign('allowcommentsadd', ($artefact->get('allowcomments') && ( $USER->is_logged_in() || (!$USER->is_logged_in() && get_config('anonymouscomments')))));
717 718 719 720 721 722 723 724
            $render = $smarty->fetch('artefact/artefactcommentsview.tpl');
            return array($commentcount, $render);
        }
        else {
            return array($commentcount, $comments);
        }
    }

725 726
    public static function deleted_messages() {
        return array(
727 728 729
            'author' => 'commentremovedbyauthor',
            'owner'  => 'commentremovedbyowner',
            'admin'  => 'commentremovedbyadmin',
Richard Mansfield's avatar
Richard Mansfield committed
730
        );
731 732
    }

733
    public static function build_html(&$data, $onview) {
734
        global $USER, $THEME;
735

736
        $candelete = $data->canedit || $USER->get('admin');
737 738 739 740
        $deletedmessage = array();
        foreach (self::deleted_messages() as $k => $v) {
            $deletedmessage[$k] = get_string($v, 'artefact.comment');
        }
741
        $authors = array();
742 743
        $lastcomment = self::last_public_comment($data->view, $data->artefact);
        $editableafter = time() - 60 * get_config_plugin('artefact', 'comment', 'commenteditabletime');
744
        foreach ($data->data as &$item) {
745

746
            $item->ts = strtotime($item->ctime);
747 748
            $timelapse = format_timelapse($item->ts);
            $item->date = ($timelapse) ? $timelapse : format_date($item->ts, 'strftimedatetime');
749
            if ($item->ts < strtotime($item->lastcontentupdate)) {
750 751
                $timelapseupdated = format_timelapse(strtotime($item->lastcontentupdate));
                $item->updated = ($timelapseupdated) ? $timelapseupdated : format_date(strtotime($item->lastcontentupdate), 'strftimedatetime');
752
            }
753
            $item->isauthor = $item->author && $item->author == $USER->get('id');
754
            if (!empty($item->attachments)) {
755 756 757

                $item->filescount = count($item->attachments);

758
                if ($data->isowner) {
759 760
                    $item->attachmessage = get_string(
                        'feedbackattachmessage',
761 762
                        'artefact.comment',
                        get_string('feedbackattachdirname', 'artefact.comment')
763 764 765 766 767 768
                    );
                }
                foreach ($item->attachments as &$a) {
                    $a->attachid    = $a->attachment;
                    $a->attachtitle = $a->title;
                    $a->attachsize  = display_size($a->size);
769 770
                }
            }
771
            if ($item->private) {
772
                $item->pubmessage = get_string('thiscommentisprivate', 'artefact.comment');
773
            }
774

775 776 777
            if (isset($data->showcomment) && $data->showcomment == $item->id) {
                $item->highlight = 1;
            }
778
            $is_export_preview = param_integer('export',0);
Richard Mansfield's avatar
Richard Mansfield committed
779 780 781
            if ($item->deletedby) {
                $item->deletedmessage = $deletedmessage[$item->deletedby];
            }
782
            else if (($candelete || $item->isauthor) && !$is_export_preview) {
Richard Mansfield's avatar
Richard Mansfield committed
783 784
                $item->deleteform = pieform(self::delete_comment_form($item->id));
            }
785 786

            // Comment authors can edit recent comments if they're private or if no one has replied yet.
787
            if (!$item->deletedby && $item->isauthor && !$is_export_preview
788 789 790 791 792 793 794 795
                && ($item->private || $item->id == $lastcomment->id) && $item->ts > $editableafter) {
                $item->canedit = 1;
            }

            // Form to make private comment public, or request that a
            // private comment be made public
            if (!$item->deletedby && $item->private && $item->author && $data->owner
                && ($item->isauthor || $data->isowner)) {
796
                if ((empty($item->requestpublic) && $data->isowner)
797 798
                    || $item->isauthor && $item->requestpublic == 'owner'
                    || $data->isowner && $item->requestpublic == 'author') {
799 800 801
                    if (!$is_export_preview) {
                        $item->makepublicform = pieform(self::make_public_form($item->id));
                    }
802 803 804 805 806 807
                }
                else if ($item->isauthor && $item->requestpublic == 'author'
                         || $data->isowner && $item->requestpublic == 'owner') {
                    $item->makepublicrequested = 1;
                }
            }
808
            else if (!$item->deletedby && $item->private && !$item->author
809
                && $data->owner && $data->isowner && $item->requestpublic == 'author' && !$is_export_preview) {
810 811
                $item->makepublicform = pieform(self::make_public_form($item->id));
            }
812 813 814 815 816 817 818
            else if (!$item->deletedby && $item->private && !$data->owner
                && $item->group && $item->requestpublic == 'author') {
                // no owner as comment is on a group view / artefact
                if ($item->isauthor) {
                    $item->makepublicrequested = 1;
                }
                else {
819
                    if (($data->artefact && $data->canedit) || ($data->view && $data->canedit) && !$is_export_preview) {
820 821 822 823 824 825 826
                        $item->makepublicform = pieform(self::make_public_form($item->id));
                    }
                    else {
                        $item->makepublicrequested = 1;
                    }
                }
            }
827

828 829 830 831 832 833 834 835 836 837 838 839 840 841 842 843
            if ($item->author) {
                if (isset($authors[$item->author])) {
                    $item->author = $authors[$item->author];
                }
                else {
                    $item->author = $authors[$item->author] = (object) array(
                        'id'            => $item->author,
                        'username'      => $item->username,
                        'firstname'     => $item->firstname,
                        'lastname'      => $item->lastname,
                        'preferredname' => $item->preferredname,
                        'email'         => $item->email,
                        'staff'         => $item->staff,
                        'admin'         => $item->admin,
                        'deleted'       => $item->deleted,
                        'profileicon'   => $item->profileicon,
844
                        'profileurl'    => profile_url($item->author),
845 846 847
                    );
                }
            }
848

849
            if (get_config_plugin('artefact', 'comment', 'commentratings') and $item->rating) {
850 851 852 853
                $item->ratingdata = (object) array(
                    'value' => valid_rating($item->rating),
                    'min_rating' => MIN_RATING,
                    'max_rating' => MAX_RATING,
854
                    'export' => $data->export,
855
                );
856
            }
857
        }
858

859
        $extradata = array('view' => $data->view);
860 861
        $data->jsonscript = 'artefact/comment/comments.json.php';

862
        if (!empty($data->artefact)) {
863
            $data->baseurl = get_config('wwwroot') . 'artefact/artefact.php?view=' . $data->view . '&artefact=' . $data->artefact;
864 865 866 867 868
            $extradata['artefact'] = $data->artefact;
        }
        else {
            $data->baseurl = get_config('wwwroot') . 'view/view.php?id=' . $data->view;
        }
869

870
        $smarty = smarty_core();
871
        $smarty->assign('data', $data->data);
872
        $smarty->assign('canedit', $data->canedit);
873
        $smarty->assign('position', $data->position);
874
        $smarty->assign('viewid', $data->view);
875
        $smarty->assign('baseurl', $data->baseurl);
876
        $smarty->assign('onview', $onview);
877 878 879 880
        $icon = get_config_plugin('artefact', 'comment', 'ratingicon');
        $smarty->assign('star', $icon ? $icon : 'star');
        $colour = get_config_plugin('artefact', 'comment', 'ratingcolour');
        $smarty->assign('colour', $colour ? $colour : '#DBB80E');
881

882
        $data->tablerows = $smarty->fetch('artefact:comment:commentlist.tpl');
883

884 885 886 887 888
        $pagination = build_pagination(array(
            'id' => 'feedback_pagination',
            'class' => 'center',
            'url' => $data->baseurl,
            'jsonscript' => $data->jsonscript,
889
            'datatable' => 'feedbacktable',
890 891 892
            'count' => $data->count,
            'limit' => $data->limit,
            'offset' => $data->offset,
893
            'forceoffset' => isset($data->forceoffset) ? $data->forceoffset : null,
894 895
            'resultcounttextsingular' => get_string('comment', 'artefact.comment'),
            'resultcounttextplural' => get_string('comments', 'artefact.comment'),
896 897 898 899 900 901
            'extradata' => $extradata,
        ));
        $data->pagination = $pagination['html'];
        $data->pagination_js = $pagination['javascript'];
    }

902
    public function render_self($options) {
903 904 905
        return clean_html($this->get('description'));
    }

906
    public static function add_comment_form($defaultprivate=false, $moderate=false) {
907 908 909 910 911 912 913 914 915 916
        global $USER;
        $form = array(
            'name'            => 'add_feedback_form',
            'method'          => 'post',
            'plugintype'      => 'artefact',
            'pluginname'      => 'comment',
            'jsform'          => true,
            'autofocus'       => false,
            'elements'        => array(),
            'jssuccesscallback' => 'addFeedbackSuccess',
917
            'jserrorcallback'   => 'addFeedbackError',
918 919
        );
        if (!$USER->is_logged_in()) {
920 921
            $form['spam'] = array(
                'secret'       => get_config('formsecret'),
922
                'mintime'      => 1,
923 924 925
                // Not hashing the "ispublic" element, so that we can show/hide it with JS when
                // doing threaded comments.
                'hash'         => array('authorname', 'message', 'message', 'submit'),
926
            );
927 928 929 930 931 932 933 934 935 936
            $form['elements']['authorname'] = array(
                'type'  => 'text',
                'title' => get_string('name'),
                'rules' => array(
                    'required' => true,
                ),
            );
        }
        $form['elements']['message'] = array(
            'type'  => 'wysiwyg',
937
            'title' => get_string('Comment', 'artefact.comment'),
938
            'class' => ($USER->is_logged_in() ? 'hide-label' : ''),
939 940
            'rows'  => 5,
            'cols'  => 80,
941
            'rules' => array('maxlength' => 8192),
942
        );
943 944
        if (get_config_plugin('artefact', 'comment', 'commentratings')) {
            $form['elements']['rating'] = array(
945
                'type'  => 'ratings',
946 947 948
                'title' => get_string('rating', 'artefact.comment'),
            );
        }
949
        $form['elements']['ispublic'] = array(
950
            'type'  => 'switchbox',
951
            'title' => get_string('makecommentpublic', 'artefact.comment'),
952
            'defaultvalue' => !$defaultprivate,
953
        );
954 955 956 957
        if (get_config('licensemetadata')) {
            $form['elements']['license'] = license_form_el_basic(null);
            $form['elements']['licensing_advanced'] = license_form_el_advanced(null);
        }
958
        if ($moderate) {
959 960 961 962 963 964
            $form['elements']['ispublic']['description'] = get_string('approvalrequired', 'artefact.comment');
            $form['elements']['moderate'] = array(
                'type'  => 'hidden',
                'value' => true,
            );
        }
965
        if ($USER->is_logged_in()) {
966 967 968 969
            $form['elements']['attachments'] = array(
                'type'         => 'files',
                'title'        => get_string('attachfile', 'artefact.comment'),
                'defaultvalue' => array(),
970
                'maxfilesize'  => get_max_upload_size(false),
971 972 973 974
            );
        }
        $form['elements']['submit'] = array(
            'type'  => 'submitcancel',
975
            'class' => 'btn-default',
976
            'value' => array(get_string('Comment', 'artefact.comment'), get_string('cancel')),
977
        );
978 979 980 981 982 983 984 985 986 987 988 989 990
        // This is a placeholder where we can display the parent comment's text
        // And also the strings we display when we are forcing a reply to be public or private
        $snippet = smarty_core();
        $form['elements']['replytoview'] = array(
            'type' => 'html',
            'value' => $snippet->fetch('artefact:comment:replyplaceholder.tpl')
        );
        // This is a placeholder for the parent comment's ID. It'll be populated by Javascript if needed.
        $form['elements']['replyto'] = array(
            'type' => 'hidden',
            'dynamic' => 'true',
            'value' => null
        );
991 992
        return $form;
    }
993

994 995 996
    public static function make_public_form($id) {
        return array(
            'name'            => 'make_public',
997 998
            'renderer'        => 'div',
            'class'           => 'form-as-button',
999 1000 1001
            'elements'        => array(
                'comment'  => array('type' => 'hidden', 'value' => $id),
                'submit'   => array(
1002 1003
                    'type'  => 'button',
                    'usebuttontag' => true,
1004
                    'class' => 'btn-link btn-xs',
1005
                    'name'  => 'make_public_submit',
1006
                    'value' => '<span class="icon icon-lock text-default left" role="presentation" aria-hidden="true"></span>' . get_string('makecommentpublic', 'artefact.comment'),
1007 1008 1009 1010 1011
                ),
            ),
        );
    }

Richard Mansfield's avatar
Richard Mansfield committed
1012
    public static function delete_comment_form($id) {
1013
        global $THEME;
Richard Mansfield's avatar
Richard Mansfield committed
1014
        return array(
1015 1016
            'name'     => 'delete_comment' . $id,
            'successcallback' => 'delete_comment_submit',
1017
            'renderer' => 'div',
1018
            'class' => 'form-as-button pull-left delete-comment btn-group-item',
Richard Mansfield's avatar
Richard Mansfield committed
1019 1020 1021
            'elements' => array(
                'comment' => array('type' => 'hidden', 'value' => $id),
                'submit'  => array(
1022 1023
                    'type'  => 'button',
                    'usebuttontag' => true,
1024
                    'class' => 'btn-default btn-sm',
1025
                    'value' => '<span class="icon icon-trash icon-lg text-danger" role="presentation" aria-hidden="true"></span> <span class="sr-only">' . get_string('delete') . '</span>',
1026
                    'confirm' => get_string('reallydeletethiscomment', 'artefact.comment'),
1027
                    'name'  => 'delete_comment_submit',
Richard Mansfield's avatar
Richard Mansfield committed
1028 1029 1030 1031
                ),
            ),
        );
    }
1032 1033 1034 1035

    public function exportable() {
        return empty($this->deletedby);
    }
1036

1037
    public function get_view_url($viewid, $showcomment=true, $full=true) {
1038
        if ($artefact = $this->get('onartefact')) {
1039
            $url = 'artefact/artefact.php?view=' . $viewid . '&artefact=' . $artefact;
1040 1041
        }
        else {
1042
            $url = 'view/view.php?id=' . $viewid;
1043 1044 1045 1046
        }
        if ($showcomment) {
            $url .= '&showcomment=' . $this->get('id');
        }
1047 1048 1049
        if ($full) {
            $url = get_config('wwwroot') . $url;
        }
1050 1051
        return $url;
    }
1052 1053 1054 1055 1056 1057 1058 1059 1060 1061 1062 1063 1064 1065 1066 1067 1068 1069 1070 1071 1072 1073 1074 1075 1076 1077 1078 1079 1080 1081 1082 1083 1084

    // Check whether the logged-in user can see a comment within the
    // context of a given view.  Does not check whether the user can
    // view the view.
    public function viewable_in($viewid) {
        global $USER;
        if ($this->get('deletedby')) {
            return false;
        }

        if ($USER->is_logged_in()) {
            if ($USER->can_view_artefact($this)) {
                return true;
            }
            if ($this->get('author') == $USER->get('id')) {
                return true;
            }
        }

        if ($this->get('private')) {
            return false;
        }

        if ($onview = $this->get('onview')) {
            return $onview == $viewid;
        }

        if ($onartefact = $this->get('onartefact')) {
            return artefact_in_view($onartefact, $viewid);
        }

        return false;
    }
1085 1086 1087 1088 1089 1090

    public static function has_config() {
        return true;
    }

    public static function get_config_options() {
1091 1092 1093 1094
        $length = get_config_plugin('artefact', 'comment', 'ratinglength');
        $length = empty($length) ? 5 : $length;
        $colour = get_config_plugin('artefact', 'comment', 'ratingcolour');
        $colour = empty($colour) ? '#DBB80E' : $colour;
1095 1096
        $elements =  array(
            'commentratings' => array(
1097
                'type'  => 'switchbox',
1098 1099 1100 1101
                'title' => get_string('commentratings', 'artefact.comment'),
                'defaultvalue' => get_config_plugin('artefact', 'comment', 'commentratings'),
                'help'  => true,
            ),
1102 1103 1104 1105 1106 1107 1108 1109 1110 1111 1112 1113 1114 1115 1116 1117 1118 1119 1120 1121 1122 1123 1124 1125 1126 1127 1128 1129 1130 1131 1132 1133 1134 1135 1136 1137 1138 1139 1140 1141 1142 1143
            'ratingicon' => array(
                'type' => 'select',
                'title' => get_string('ratingicons', 'artefact.comment'),
                'defaultvalue' => get_config_plugin('artefact', 'comment', 'ratingicon'),
                'options' => array(
                    'star' => get_string('star', 'artefact.comment'),
                    'heart' => get_string('heart', 'artefact.comment'),
                    'thumbs-up' => get_string('thumbsup', 'artefact.comment'),
                    'check-circle' => get_string('ok', 'artefact.comment'),
                ),
            ),
            'ratinglength' => array(
                'type' => 'select',
                'title' => get_string('ratinglength', 'artefact.comment'),
                'defaultvalue' => $length,
                'options' => array(
                    '3' => '3',
                    '4' => '4',
                    '5' => '5',
                    '6' => '6',
                    '7' => '7',
                    '8' => '8',
                    '9' => '9',
                    '10' => '10',
                    '11' => '11',
                    '12' => '12',
                ),
            ),
            'ratingcolour' => array(
                'type' => 'color',
                'title' => get_string('ratingcolour', 'artefact.comment'),
                'defaultvalue' => $colour,
                'description' => get_string('ratingcolourdesc', 'artefact.comment'),
            ),
            'ratingexample' => array(
                'type'  => 'ratings',
                'title' => get_string('ratingexample', 'artefact.comment'),
                'readonly' => true,
                'defaultvalue' => ceil($length / 2),
                'iconempty' => true,
                'officon' => 'dummy',
            ),
1144 1145 1146 1147 1148 1149
        );
        return array(
            'elements' => $elements,
        );
    }

1150
    public static function save_config_options(Pieform $form, $values) {
1151 1152 1153
        $valid = array('commentratings', 'ratingicon', 'ratinglength',
                       'ratingcolour');
        foreach ($valid as $settingname) {
1154 1155 1156
            set_config_plugin('artefact', 'comment', $settingname, $values[$settingname]);
        }
    }
1157 1158 1159 1160 1161 1162 1163

    /**
     * Fetch all users that are currently watching the view the comment is being added to,
     * in case of comment on artefact it will be the view the artefact sits on,
     * so we can use this array to email affected parties.
     *
     * @param   int    $posterid   If set, the poster's id is ignored from resulting array
1164
     * @return  array  $users      An array of user objects of the users that are watching this page or a page this artefact is on
1165
     */
1166
    public function get_watchlist_users($posterid = null) {
1167 1168
        $ontype = ($onview = $this->get('onview')) ? 'onview' : 'onartefact';
        $values = array();
1169
        $sql = "SELECT DISTINCT u.id, u.username, u.firstname, u.lastname, u.preferredname, u.email FROM {usr} u";
1170 1171 1172 1173 1174 1175 1176 1177 1178 1179 1180 1181 1182 1183 1184
        if ($ontype == 'onview') {
            $sql .= " JOIN {usr_watchlist_view} uwv ON uwv.view = ? AND uwv.usr = u.id";
            $values[] = $this->get($ontype);
        }
        else if ($ontype == 'onartefact') {
            $sql .= " JOIN {view_artefact} va ON va.artefact = ?
                      JOIN {usr_watchlist_view} uwv ON uwv.view = va.view AND uwv.usr = u.id";
            $values[] = $this->get($ontype);
        }
        if ($posterid) {
            $sql .= " WHERE u.id != ?";
            $values[] = $posterid;
        }

        $users = get_records_sql_assoc($sql, $values);
1185 1186 1187 1188 1189 1190
        if ($users) {
            return $users;
        }
        else {
            return array();
        }
1191
    }
1192 1193 1194 1195 1196 1197 1198 1199 1200 1201 1202 1203 1204 1205 1206 1207 1208 1209 1210 1211 1212 1213 1214 1215 1216 1217 1218 1219 1220 1221 1222 1223 1224 1225 1226 1227 1228 1229 1230 1231 1232 1233 1234 1235 1236 1237 1238 1239 1240 1241 1242 1243 1244 1245 1246 1247 1248 1249 1250 1251 1252 1253 1254 1255 1256 1257 1258 1259 1260 1261 1262 1263 1264 1265 1266 1267 1268 1269 1270 1271 1272 1273 1274 1275 1276 1277 1278

    /**
     * Determine whether there are visible comments below this one. This determines
     * whether or not we need to keep a "comment deleted" placeholder to provide
     * context if we delete this comment.
     *
     * @return boolean
     */
    public function has_visible_descendants() {
        $sql = 'SELECT 1 FROM {artefact_comment_comment} acc INNER JOIN {artefact} a ON acc.artefact = a.id WHERE ';
        $params = array();
        if ($this->get('onview')) {
            $sql .= 'acc.onview = ?';
            $params[] = $this->get('onview');
        }
        else {
            $sql .= 'acc.onartefact = ?';
            $params[] = $this->get('onartefact');
        }
        $sql .= ' AND acc.hidden = 0 AND (a.parent = ?';
        $params[] = $this->get('id');

        // If this is a top-level comment, we also need to check whether there are
        // any other comments below it that aren't its direct children.
        if (!$this->get('parent')) {
            $sql .= ' OR acc.threadedposition > ?';
            $params[] = $this->get('threadedposition');
        }

        $sql .= ')';
        return record_exists_sql($sql, $params);
    }

    /**
     * Recursively check all the ancestors of a hidden comment to see if they
     * too now meet the criteria to be hidden.
     */
    public function hide_deleted_parents() {

        // If this comment is in a thread, first traverse up the thread.
        $parentid = $this->get('parent');
        while ($parentid) {
            $parent = new ArtefactTypeComment($parentid);
            if ($parent->get('deletedby') && !$parent->has_visible_descendants()) {
                if (!$parent->get('hidden')) {
                    $parent->set('hidden', 1);
                    $parent->commit();
                }
                $parentid = $parent->get('parent');
                unset($parent);
            }
            else {
                break;
            }
        }

        // Now we're at top-level (or unthreaded) comments, so we traverse up
        // the threadedposition order.
        $where = 'hidden = 0 AND threadedposition < ?';
        $params = array($this->get('threadedposition'));
        if ($this->get('onview')) {
            $where .= ' AND onview = ?';
            $params[] = $this->get('onview');
        }
        else {
            $where .= ' AND onartefact = ?';
            $params[] = $this->get('onartefact');
        }
        $prev = get_records_select_array('artefact_comment_comment', $where, $params, 'threadedposition DESC', 'artefact');
        if ($prev) {
            foreach ($prev as $c) {
                $parent = new ArtefactTypeComment($c->artefact);
                if ($parent->get('deletedby') && !$parent->has_visible_descendants()) {
                    // Already hidden. (Maybe a fluke?)
                    if ($parent->get('hidden')) {
                        continue;
                    }
                    $parent->set('hidden', 1);
                    $parent->commit();
                    unset($parent);
                }
                else {
                    break;
                }
            }
        }
    }
1279 1280
}

1281 1282 1283 1284 1285 1286 1287 1288
/* To make private comments public, both the author and the owner must agree. */
function make_public_validate(Pieform $form, $values) {
    global $USER;
    $comment = new ArtefactTypeComment((int) $values['comment']);

    $author    = $comment->get('author');
    $owner     = $comment->get('owner');
    $requester = $USER->get('id');
1289
    $group     = $comment->get('group');
1290

1291 1292 1293 1294 1295 1296 1297 1298 1299 1300 1301 1302 1303 1304 1305 1306 1307
    if (!$owner && !$group) {
        $form->set_error('comment', get_string('makepublicnotallowed', 'artefact.comment'));
    }
    else if (!$owner && $group) {
        if ($requester) {
            $allowed = false;
            // check to see if the requester is a group admin
            $group_admins = group_get_admin_ids($group);
            if (array_search($requester,$group_admins) === false) {
                $form->set_error('comment', get_string('makepublicnotallowed', 'artefact.comment'));
            }
        }
        else {
            $form->set_error('comment', get_string('makepublicnotallowed', 'artefact.comment'));
        }
    }
    else if (!$owner || !$requester || ($requester != $owner && $requester != $author)) {
1308 1309 1310 1311 1312 1313 1314 1315 1316
        $form->set_error('comment', get_string('makepublicnotallowed', 'artefact.comment'));
    }
}

function make_public_submit(Pieform $form, $values) {
    global $SESSION, $USER, $view;

    $comment = new ArtefactTypeComment((int) $values['comment']);

1317 1318
    $relativeurl = $comment->get_view_url($view->get('id'), true, false);
    $url = get_config('wwwroot') . $relativeurl;
1319 1320 1321

    $author    = $comment->get('author');
    $owner     = $comment->get('owner');
1322 1323 1324 1325 1326
    $groupid   = $comment->get('group');
    $group_admins = array();
    if ($groupid) {
        $group_admins = group_get_admin_ids($groupid);
    }
1327 1328 1329 1330
    $requester = $USER->get('id');

    if (($author == $owner && $requester == $owner)
        || ($requester == $owner  && $comment->get('requestpublic') == 'author')
1331
        || (array_search($requester,$group_admins) !== false && $comment->get('requestpublic') == 'author')
1332 1333 1334 1335 1336 1337 1338 1339 1340 1341 1342 1343 1344 1345 1346 1347 1348 1349 1350 1351 1352 1353 1354
        || ($requester == $author && $comment->get('requestpublic') == 'owner')) {
        $comment->set('private', 0);
        $comment->set('requestpublic', null);
        $comment->commit();
        $SESSION->add_ok_msg(get_string('commentmadepublic', 'artefact.comment'));
        redirect($url);
    }

    $subject = 'makepublicrequestsubject';
    if ($requester == $owner) {
        $comment->set('requestpublic', 'owner');
        $message = 'makepublicrequestbyownermessage';
        $arg = display_name($owner, $author);
        $userid = $author;
        $sessionmessage = get_string('makepublicrequestsent', 'artefact.comment', display_name($author));
    }
    else if ($requester == $author) {
        $comment->set('requestpublic', 'author');
        $message = 'makepublicrequestbyauthormessage';
        $arg = display_name($author, $owner);
        $userid = $owner;
        $sessionmessage = get_string('makepublicrequestsent', 'artefact.comment', display_name($owner));
    }
1355 1356 1357 1358 1359 1360 1361
    else if (array_search($requester,$group_admins) !== false) {
        $comment->set('requestpublic', 'owner');
        $message = 'makepublicrequestbyownermessage';
        $arg = display_name($requester, $author);
        $userid = $author;
        $sessionmessage = get_string('makepublicrequestsent', 'artefact.comment', display_name($author));
    }
1362 1363 1364 1365 1366 1367 1368 1369 1370 1371 1372 1373 1374 1375 1376 1377 1378 1379 1380 1381 1382
    else {
        redirect($url); // Freak out?
    }

    db_begin();
    $comment->commit();

    $data = (object) array(
        'subject'   => false,
        'message'   => false,
        'strings'   => (object) array(
            'subject' => (object) array(
                'key'     => $subject,
                'section' => 'artefact.comment',
                'args'    => array(),
            ),
            'message' => (object) array(
                'key'     => $message,
                'section' => 'artefact.comment',
                'args'    => array(hsc($arg)),
            ),
1383 1384 1385 1386
            'urltext' => (object) array(
                'key'     => 'Comment',
                'section' => 'artefact.comment',
            ),
1387 1388
        ),
        'users'     => array($userid),
1389
        'url'       => $relativeurl,
1390 1391 1392 1393 1394 1395 1396 1397
    );
    activity_occurred('maharamessage', $data);
    db_commit();

    $SESSION->add_ok_msg($sessionmessage);
    redirect($url);
}

1398

Richard Mansfield's avatar
Richard Mansfield committed
1399 1400
function delete_comment_submit(Pieform $form, $values) {
    global $SESSION, $USER, $view;
1401
    require_once('embeddedimage.php');
Richard Mansfield's avatar
Richard Mansfield committed
1402 1403 1404 1405 1406 1407 1408 1409 1410 1411 1412 1413 1414

    $comment = new ArtefactTypeComment((int) $values['comment']);

    if ($USER->get('id') == $comment->get('author')) {
        $deletedby = 'author';
    }
    else if ($USER->can_edit_view($view)) {
        $deletedby = 'owner';
    }
    else if ($USER->get('admin')) {
        $deletedby = 'admin';
    }

1415 1416
    $viewid = $view->get('id');
    if ($artefact = $comment->get('onartefact')) {
1417
        $url = 'artefact/artefact.php?view=' . $viewid . '&artefact=' . $artefact;
1418 1419
    }
    else {
1420
        $url = $view->get_url(false);
1421 1422
    }

1423 1424
    db_begin();

Richard Mansfield's avatar
Richard Mansfield committed
1425
    $comment->set('deletedby', $deletedby);
1426 1427 1428 1429 1430

    if (!$comment->has_visible_descendants()) {
        $comment->set('hidden', 1);
    }

Richard Mansfield's avatar
Richard Mansfield committed
1431 1432
    $comment->commit();

1433 1434 1435 1436 1437 1438
    // If this comment was hidden, check to see if its parent now also needs to be
    // hidden (i.e. has no visible replies). And then its grandparent, etc
    if ($comment->get('hidden')) {
        $comment->hide_deleted_parents();
    }

1439 1440
    if ($deletedby != 'author') {
        // Notify author
1441 1442 1443 1444 1445 1446 1447 1448 1449 1450 1451 1452 1453 1454 1455 1456 1457 1458 1459 1460 1461
        if ($artefact) {
            $title = get_field('artefact', 'title', 'id', $artefact);
        }
        else {
            $title = get_field('view', 'title', 'id', $comment->get('onview'));
        }
        $title = hsc($title);
        $data = (object) array(
            'subject'   => false,
            'message'   => false,
            'strings'   => (object) array(
                'subject' => (object) array(
                    'key'     => 'commentdeletednotificationsubject',
                    'section' => 'artefact.comment',
                    'args'    => array($title),
                ),
                'message' => (object) array(
                    'key'     => 'commentdeletedauthornotification',
                    'section' => 'artefact.comment',
                    'args'    => array($title, html2text($comment->get('description'))),
                ),
1462 1463 1464
                'urltext' => (object) array(
                    'key'     => $artefact ? 'artefact' : 'view',
                ),
1465 1466 1467 1468 1469
            ),
            'users'     => array($comment->get('author')),
            'url'       => $url,
        );
        activity_occurred('maharamessage', $data);
1470 1471 1472 1473
    }
    if ($deletedby != 'owner' && $comment->get('owner') != $USER->get('id')) {
        // Notify owner
        $data = (object) array(
1474 1475
            'commentid' => $comment->get('id'),
            'viewid'    => $view->get('id'),
1476 1477 1478 1479
        );
        activity_occurred('feedback', $data, 'artefact', 'comment');
    }

1480 1481
    // Delete embedded images in the comment
    require_once('embeddedimage.php');
1482
    EmbeddedImage::delete_embedded_images('comment', $comment->get('id'));
1483 1484
    db_commit();

Richard Mansfield's avatar
Richard Mansfield committed
1485
    $SESSION->add_ok_msg(get_string('commentremoved', 'artefact.comment'));
1486
    redirect(get_config('wwwroot') . $url);
Richard Mansfield's avatar
Richard Mansfield committed
1487 1488
}

1489
function add_feedback_form_validate(Pieform $form, $values) {
1490
    global $USER, $view, $artefact;
1491
    require_once(get_config('libroot') . 'antispam.php');
1492 1493 1494 1495 1496 1497 1498 1499 1500 1501 1502 1503 1504 1505 1506 1507 1508
    if ($form->get_property('spam')) {
        $spamtrap = new_spam_trap(array(
            array(
                'type' => 'body',
                'value' => $values['message'],
            ),
        ));

        if ($form->spam_error() || $spamtrap->is_spam()) {
            $msg = get_string('formerror');
            $emailcontact = get_config('emailcontact');
            if (!empty($emailcontact)) {
                $msg .= ' ' . get_string('formerroremail', 'mahara', $emailcontact, $emailcontact);
            }
            $form->set_error('message', $msg);
        }
    }
1509 1510 1511
    if (empty($values['attachments']) && empty($values['message'])) {
        $form->set_error('message', get_string('messageempty', 'artefact.comment'));
    }
1512 1513
    $result = probation_validate_content($values['message']);
    if ($result !== true) {
1514
        $form->set_error('message', get_string('newuserscantpostlinksorimages1'));
1515
    }
1516 1517 1518 1519 1520 1521
    if ($values['replyto']) {
        $parent = get_record_sql(
            'SELECT
                a.id,
                acc.private,
                a.author,
1522
                p.author as grandparentauthor,
1523 1524
                acc.deletedby,
                acc.hidden
1525 1526 1527 1528 1529 1530 1531 1532 1533 1534 1535 1536 1537 1538 1539 1540 1541
            FROM
                {artefact} a
                INNER JOIN {artef