1<?php 2/** 3 * @license GPL 2 (http://www.gnu.org/licenses/gpl.html) 4 * @author Esther Brunner <wikidesign@gmail.com> 5 */ 6 7use dokuwiki\Extension\Event; 8use dokuwiki\Subscriptions\SubscriberManager; 9use dokuwiki\Utf8\PhpString; 10 11/** 12 * Class action_plugin_discussion 13 * 14 * Data format of file metadir/<id>.comments: 15 * array = [ 16 * 'status' => int whether comments are 0=disabled/1=open/2=closed, 17 * 'number' => int number of visible comments, 18 * 'title' => string|null alternative title for discussion section 19 * 'comments' => [ 20 * '<cid>'=> [ 21 * 'cid' => string comment id - long random string 22 * 'raw' => string comment text, 23 * 'xhtml' => string rendered html, 24 * 'parent' => null|string null or empty string at highest level, otherwise comment id of parent 25 * 'replies' => string[] array with comment ids 26 * 'user' => [ 27 * 'id' => string, 28 * 'name' => string, 29 * 'mail' => string, 30 * 'address' => string, 31 * 'url' => string 32 * ], 33 * 'date' => [ 34 * 'created' => int timestamp, 35 * 'modified' => int (not defined if not modified) 36 * ], 37 * 'show' => bool, whether shown (still be moderated, or hidden by moderator or user self) 38 * ], 39 * ... 40 * ] 41 * 'subscribers' => [ 42 * '<mail>' => [ 43 * 'hash' => string unique token, 44 * 'active' => bool, true if confirmed 45 * 'confirmsent' => bool, true if confirmation mail is sent 46 * ], 47 * ... 48 * ] 49 */ 50class action_plugin_discussion extends DokuWiki_Action_Plugin 51{ 52 53 /** @var helper_plugin_avatar */ 54 protected $avatar = null; 55 /** @var null|string */ 56 protected $style = null; 57 /** @var null|bool */ 58 protected $useAvatar = null; 59 /** @var helper_plugin_discussion */ 60 protected $helper = null; 61 62 /** 63 * load helper 64 */ 65 public function __construct() 66 { 67 $this->helper = plugin_load('helper', 'discussion'); 68 } 69 70 /** 71 * Register the handlers 72 * 73 * @param Doku_Event_Handler $controller DokuWiki's event controller object. 74 */ 75 public function register(Doku_Event_Handler $controller) 76 { 77 $controller->register_hook('ACTION_ACT_PREPROCESS', 'BEFORE', $this, 'handleCommentActions'); 78 $controller->register_hook('TPL_ACT_RENDER', 'AFTER', $this, 'renderCommentsSection'); 79 $controller->register_hook('INDEXER_PAGE_ADD', 'AFTER', $this, 'addCommentsToIndex', ['id' => 'page', 'text' => 'body']); 80 $controller->register_hook('FULLTEXT_SNIPPET_CREATE', 'BEFORE', $this, 'addCommentsToIndex', ['id' => 'id', 'text' => 'text']); 81 $controller->register_hook('INDEXER_VERSION_GET', 'BEFORE', $this, 'addIndexVersion', []); 82 $controller->register_hook('FULLTEXT_PHRASE_MATCH', 'AFTER', $this, 'fulltextPhraseMatchInComments', []); 83 $controller->register_hook('PARSER_METADATA_RENDER', 'AFTER', $this, 'updateCommentStatusFromMetadata', []); 84 $controller->register_hook('TPL_METAHEADER_OUTPUT', 'BEFORE', $this, 'addToolbarToCommentfield', []); 85 $controller->register_hook('TOOLBAR_DEFINE', 'AFTER', $this, 'modifyToolbar', []); 86 $controller->register_hook('AJAX_CALL_UNKNOWN', 'BEFORE', $this, 'ajaxPreviewComments', []); 87 $controller->register_hook('TPL_TOC_RENDER', 'BEFORE', $this, 'addDiscussionToTOC', []); 88 } 89 90 /** 91 * Preview Comments 92 * 93 * @param Doku_Event $event 94 * @author Michael Klier <chi@chimeric.de> 95 */ 96 public function ajaxPreviewComments(Doku_Event $event) 97 { 98 global $INPUT; 99 if ($event->data != 'discussion_preview') return; 100 101 $event->preventDefault(); 102 $event->stopPropagation(); 103 print p_locale_xhtml('preview'); 104 print '<div class="comment_preview">'; 105 if (!$INPUT->server->str('REMOTE_USER') && !$this->getConf('allowguests')) { 106 print p_locale_xhtml('denied'); 107 } else { 108 print $this->renderComment($INPUT->post->str('comment')); 109 } 110 print '</div>'; 111 } 112 113 /** 114 * Adds a TOC item if a discussion exists 115 * 116 * @param Doku_Event $event 117 * @author Michael Klier <chi@chimeric.de> 118 */ 119 public function addDiscussionToTOC(Doku_Event $event) 120 { 121 global $ACT; 122 if ($this->hasDiscussion($title) && $event->data && $ACT != 'admin') { 123 $tocitem = ['hid' => 'discussion__section', 124 'title' => $title ?: $this->getLang('discussion'), 125 'type' => 'ul', 126 'level' => 1]; 127 128 $event->data[] = $tocitem; 129 } 130 } 131 132 /** 133 * Modify Toolbar for use with discussion plugin 134 * 135 * @param Doku_Event $event 136 * @author Michael Klier <chi@chimeric.de> 137 */ 138 public function modifyToolbar(Doku_Event $event) 139 { 140 global $ACT; 141 if ($ACT != 'show') return; 142 143 if ($this->hasDiscussion($title) && $this->getConf('wikisyntaxok')) { 144 $toolbar = []; 145 foreach ($event->data as $btn) { 146 if ($btn['type'] == 'mediapopup') continue; 147 if ($btn['type'] == 'signature') continue; 148 if ($btn['type'] == 'linkwiz') continue; 149 if ($btn['type'] == 'NewTable') continue; //skip button for Edittable Plugin 150 //FIXME does nothing. Checks for '=' on toplevel, but today it are special buttons and a picker with subarray 151 if (isset($btn['open']) && preg_match("/=+?/", $btn['open'])) continue; 152 153 $toolbar[] = $btn; 154 } 155 $event->data = $toolbar; 156 } 157 } 158 159 /** 160 * Dirty workaround to add a toolbar to the discussion plugin 161 * 162 * @param Doku_Event $event 163 * @author Michael Klier <chi@chimeric.de> 164 */ 165 public function addToolbarToCommentfield(Doku_Event $event) 166 { 167 global $ACT; 168 global $ID; 169 if ($ACT != 'show') return; 170 171 if ($this->hasDiscussion($title) && $this->getConf('wikisyntaxok')) { 172 // FIXME ugly workaround, replace this once DW the toolbar code is more flexible 173 @require_once(DOKU_INC . 'inc/toolbar.php'); 174 ob_start(); 175 print 'NS = "' . getNS($ID) . '";'; // we have to define NS, otherwise we get get JS errors 176 toolbar_JSdefines('toolbar'); 177 $script = ob_get_clean(); 178 $event->data['script'][] = ['type' => 'text/javascript', 'charset' => "utf-8", '_data' => $script]; 179 } 180 } 181 182 /** 183 * Handles comment actions, dispatches data processing routines 184 * 185 * @param Doku_Event $event 186 */ 187 public function handleCommentActions(Doku_Event $event) 188 { 189 global $ID, $INFO, $lang, $INPUT; 190 191 // handle newthread ACTs 192 if ($event->data == 'newthread') { 193 // we can handle it -> prevent others 194 $event->data = $this->newThread(); 195 } 196 197 // enable captchas 198 if (in_array($INPUT->str('comment'), ['add', 'save'])) { 199 $this->captchaCheck(); 200 $this->recaptchaCheck(); 201 } 202 203 // if we are not in show mode or someone wants to unsubscribe, that was all for now 204 if ($event->data != 'show' 205 && $event->data != 'discussion_unsubscribe' 206 && $event->data != 'discussion_confirmsubscribe') { 207 return; 208 } 209 210 if ($event->data == 'discussion_unsubscribe' or $event->data == 'discussion_confirmsubscribe') { 211 if ($INPUT->has('hash')) { 212 $file = metaFN($ID, '.comments'); 213 $data = unserialize(io_readFile($file)); 214 $matchedMail = ''; 215 foreach ($data['subscribers'] as $mail => $info) { 216 // convert old style subscribers just in case 217 if (!is_array($info)) { 218 $hash = $data['subscribers'][$mail]; 219 $data['subscribers'][$mail]['hash'] = $hash; 220 $data['subscribers'][$mail]['active'] = true; 221 $data['subscribers'][$mail]['confirmsent'] = true; 222 } 223 224 if ($data['subscribers'][$mail]['hash'] == $INPUT->str('hash')) { 225 $matchedMail = $mail; 226 } 227 } 228 229 if ($matchedMail != '') { 230 if ($event->data == 'discussion_unsubscribe') { 231 unset($data['subscribers'][$matchedMail]); 232 msg(sprintf($lang['subscr_unsubscribe_success'], $matchedMail, $ID), 1); 233 } else { //$event->data == 'discussion_confirmsubscribe' 234 $data['subscribers'][$matchedMail]['active'] = true; 235 msg(sprintf($lang['subscr_subscribe_success'], $matchedMail, $ID), 1); 236 } 237 io_saveFile($file, serialize($data)); 238 $event->data = 'show'; 239 } 240 241 } 242 return; 243 } 244 245 // do the data processing for comments 246 $cid = $INPUT->str('cid'); 247 switch ($INPUT->str('comment')) { 248 case 'add': 249 if (empty($INPUT->str('text'))) return; // don't add empty comments 250 251 if ($INPUT->server->has('REMOTE_USER') && !$this->getConf('adminimport')) { 252 $comment['user']['id'] = $INPUT->server->str('REMOTE_USER'); 253 $comment['user']['name'] = $INFO['userinfo']['name']; 254 $comment['user']['mail'] = $INFO['userinfo']['mail']; 255 } elseif (($INPUT->server->has('REMOTE_USER') && $this->getConf('adminimport') && $this->helper->isDiscussionModerator()) 256 || !$INPUT->server->has('REMOTE_USER')) { 257 // don't add anonymous comments 258 if (empty($INPUT->str('name')) or empty($INPUT->str('mail'))) { 259 return; 260 } 261 262 if (!mail_isvalid($INPUT->str('mail'))) { 263 msg($lang['regbadmail'], -1); 264 return; 265 } else { 266 $comment['user']['id'] = ''; //prevent overlap with loggedin users, before: 'test<ipadress>' 267 $comment['user']['name'] = hsc($INPUT->str('name')); 268 $comment['user']['mail'] = hsc($INPUT->str('mail')); 269 } 270 } 271 $comment['user']['address'] = ($this->getConf('addressfield')) ? hsc($INPUT->str('address')) : ''; 272 $comment['user']['url'] = ($this->getConf('urlfield')) ? $this->checkURL($INPUT->str('url')) : ''; 273 $comment['subscribe'] = ($this->getConf('subscribe')) ? $INPUT->has('subscribe') : ''; 274 $comment['date'] = ['created' => $INPUT->str('date')]; 275 $comment['raw'] = cleanText($INPUT->str('text')); 276 $reply = $INPUT->str('reply'); 277 if ($this->getConf('moderate') && !$this->helper->isDiscussionModerator()) { 278 $comment['show'] = false; 279 } else { 280 $comment['show'] = true; 281 } 282 $this->add($comment, $reply); 283 break; 284 285 case 'save': 286 $raw = cleanText($INPUT->str('text')); 287 $this->save([$cid], $raw); 288 break; 289 290 case 'delete': 291 $this->save([$cid], ''); 292 break; 293 294 case 'toogle': 295 $this->save([$cid], '', 'toogle'); 296 break; 297 } 298 } 299 300 /** 301 * Main function; dispatches the visual comment actions 302 * 303 * @param Doku_Event $event 304 */ 305 public function renderCommentsSection(Doku_Event $event) 306 { 307 global $INPUT; 308 if ($event->data != 'show') return; // nothing to do for us 309 310 $cid = $INPUT->str('cid'); 311 312 if (!$cid) { 313 $cid = $INPUT->str('reply'); 314 } 315 316 switch ($INPUT->str('comment')) { 317 case 'edit': 318 $this->showDiscussionSection(null, $cid); 319 break; 320 default: //'reply' or no action specified 321 $this->showDiscussionSection($cid); 322 break; 323 } 324 } 325 326 /** 327 * Redirects browser to given comment anchor 328 * 329 * @param string $cid comment id 330 */ 331 protected function redirect($cid) 332 { 333 global $ID; 334 global $ACT; 335 336 if ($ACT !== 'show') return; 337 338 if ($this->getConf('moderate') && !$this->helper->isDiscussionModerator()) { 339 msg($this->getLang('moderation'), 1); 340 @session_start(); 341 global $MSG; 342 $_SESSION[DOKU_COOKIE]['msg'] = $MSG; 343 session_write_close(); 344 $url = wl($ID); 345 } else { 346 $url = wl($ID) . '#comment_' . $cid; 347 } 348 349 if (function_exists('send_redirect')) { 350 send_redirect($url); 351 } else { 352 header('Location: ' . $url); 353 } 354 exit(); 355 } 356 357 /** 358 * Checks config settings to enable/disable discussions 359 * 360 * @return bool true if enabled 361 */ 362 public function isDiscussionEnabled() 363 { 364 global $ID; 365 366 if ($this->getConf('excluded_ns') == '') { 367 $isNamespaceExcluded = false; 368 } else { 369 $ns = getNS($ID); // $INFO['namespace'] is not yet available, if used in update_comment_status() 370 $isNamespaceExcluded = preg_match($this->getConf('excluded_ns'), $ns); 371 } 372 373 if ($this->getConf('automatic')) { 374 if ($isNamespaceExcluded) { 375 return false; 376 } else { 377 return true; 378 } 379 } else { 380 if ($isNamespaceExcluded) { 381 return true; 382 } else { 383 return false; 384 } 385 } 386 } 387 388 /** 389 * Shows all comments of the current page, if no reply or edit requested, then comment form is shown on the end 390 * 391 * @param null|string $reply comment id on which the user requested a reply 392 * @param null|string $edit comment id which the user requested for editing 393 */ 394 protected function showDiscussionSection($reply = null, $edit = null) 395 { 396 global $ID, $INFO, $INPUT; 397 398 // get .comments meta file name 399 $file = metaFN($ID, '.comments'); 400 401 if (!$INFO['exists']) return; 402 if (!@file_exists($file) && !$this->isDiscussionEnabled()) return; 403 if (!$INPUT->server->has('REMOTE_USER') && !$this->getConf('showguests')) return; 404 405 // load data 406 $data = []; 407 if (@file_exists($file)) { 408 $data = unserialize(io_readFile($file, false)); 409 // comments are turned off 410 if (!$data['status']) { 411 return; 412 } 413 } elseif (!@file_exists($file) && $this->isDiscussionEnabled()) { 414 // set status to show the comment form 415 $data['status'] = 1; 416 $data['number'] = 0; 417 $data['title'] = null; 418 } 419 420 // show discussion wrapper only on certain circumstances 421 if (empty($data['comments']) || !is_array($data['comments'])) { 422 $cnt = 0; 423 $keys = []; 424 } else { 425 $cnt = count($data['comments']); 426 $keys = array_keys($data['comments']); 427 } 428 429 $show = false; 430 if ($cnt > 1 || ($cnt == 1 && $data['comments'][$keys[0]]['show'] == 1) 431 || $this->getConf('allowguests') || $INPUT->server->has('REMOTE_USER')) { 432 $show = true; 433 // section title 434 $title = (!empty($data['title']) ? hsc($data['title']) : $this->getLang('discussion')); 435 ptln('<div class="comment_wrapper" id="comment_wrapper">'); // the id value is used for visibility toggling the section 436 ptln('<h2><a name="discussion__section" id="discussion__section">', 2); 437 ptln($title, 4); 438 ptln('</a></h2>', 2); 439 ptln('<div class="level2 hfeed">', 2); 440 } 441 442 // now display the comments 443 if (isset($data['comments'])) { 444 if (!$this->getConf('usethreading')) { 445 $data['comments'] = $this->flattenThreads($data['comments']); 446 uasort($data['comments'], [$this, 'sortThreadsOnCreation']); 447 } 448 if ($this->getConf('newestfirst')) { 449 $data['comments'] = array_reverse($data['comments']); 450 } 451 foreach ($data['comments'] as $cid => $value) { 452 if ($cid == $edit) { // edit form 453 $this->showCommentForm($value['raw'], 'save', $edit); 454 } else { 455 $this->showCommentWithReplies($cid, $data, '', $reply); 456 } 457 } 458 } 459 460 // comment form shown on the end, if no comment form of $reply or $edit is requested before 461 if ($data['status'] == 1 && (!$reply || !$this->getConf('usethreading')) && !$edit) { 462 $this->showCommentForm('', 'add'); 463 } 464 465 if ($show) { 466 ptln('</div>', 2); // level2 hfeed 467 ptln('</div>'); // comment_wrapper 468 } 469 470 // check for toggle print configuration 471 if ($this->getConf('visibilityButton')) { 472 // print the hide/show discussion section button 473 $this->showDiscussionToggleButton(); 474 } 475 } 476 477 /** 478 * Remove the parent-child relation, such that the comment structure becomes flat 479 * 480 * @param array $comments array with all comments 481 * @param null|array $cids comment ids of replies, which should be flatten 482 * @return array returned array with flattened comment structure 483 */ 484 protected function flattenThreads($comments, $cids = null) 485 { 486 if (is_null($cids)) { 487 $cids = array_keys($comments); 488 } 489 490 foreach ($cids as $cid) { 491 if (!empty($comments[$cid]['replies'])) { 492 $rids = $comments[$cid]['replies']; 493 $comments = $this->flattenThreads($comments, $rids); 494 $comments[$cid]['replies'] = []; 495 } 496 $comments[$cid]['parent'] = ''; 497 } 498 return $comments; 499 } 500 501 /** 502 * Adds a new comment and then displays all comments 503 * 504 * @param array $comment with 505 * 'raw' => string comment text, 506 * 'user' => [ 507 * 'id' => string, 508 * 'name' => string, 509 * 'mail' => string 510 * ], 511 * 'date' => [ 512 * 'created' => int timestamp 513 * ] 514 * 'show' => bool 515 * 'subscribe' => bool 516 * @param string $parent comment id of parent 517 * @return bool 518 */ 519 protected function add($comment, $parent) 520 { 521 global $ID, $TEXT, $INPUT; 522 523 $originalTxt = $TEXT; // set $TEXT to comment text for wordblock check 524 $TEXT = $comment['raw']; 525 526 // spamcheck against the DokuWiki blacklist 527 if (checkwordblock()) { 528 msg($this->getLang('wordblock'), -1); 529 return false; 530 } 531 532 if (!$this->getConf('allowguests') 533 && $comment['user']['id'] != $INPUT->server->str('REMOTE_USER') 534 ) { 535 return false; // guest comments not allowed 536 } 537 538 $TEXT = $originalTxt; // restore global $TEXT 539 540 // get discussion meta file name 541 $file = metaFN($ID, '.comments'); 542 543 // create comments file if it doesn't exist yet 544 if (!@file_exists($file)) { 545 $data = [ 546 'status' => 1, 547 'number' => 0, 548 'title' => null 549 ]; 550 io_saveFile($file, serialize($data)); 551 } else { 552 $data = unserialize(io_readFile($file, false)); 553 // comments off or closed 554 if ($data['status'] != 1) { 555 return false; 556 } 557 } 558 559 if ($comment['date']['created']) { 560 $date = strtotime($comment['date']['created']); 561 } else { 562 $date = time(); 563 } 564 565 if ($date == -1) { 566 $date = time(); 567 } 568 569 $cid = md5($comment['user']['id'] . $date); // create a unique id 570 571 if (!isset($data['comments'][$parent]) || !is_array($data['comments'][$parent])) { 572 $parent = null; // invalid parent comment 573 } 574 575 // render the comment 576 $xhtml = $this->renderComment($comment['raw']); 577 578 // fill in the new comment 579 $data['comments'][$cid] = [ 580 'user' => $comment['user'], 581 'date' => ['created' => $date], 582 'raw' => $comment['raw'], 583 'xhtml' => $xhtml, 584 'parent' => $parent, 585 'replies' => [], 586 'show' => $comment['show'] 587 ]; 588 589 if ($comment['subscribe']) { 590 $mail = $comment['user']['mail']; 591 if ($data['subscribers']) { 592 if (!$data['subscribers'][$mail]) { 593 $data['subscribers'][$mail]['hash'] = md5($mail . mt_rand()); 594 $data['subscribers'][$mail]['active'] = false; 595 $data['subscribers'][$mail]['confirmsent'] = false; 596 } else { 597 // convert old style subscribers and set them active 598 if (!is_array($data['subscribers'][$mail])) { 599 $hash = $data['subscribers'][$mail]; 600 $data['subscribers'][$mail]['hash'] = $hash; 601 $data['subscribers'][$mail]['active'] = true; 602 $data['subscribers'][$mail]['confirmsent'] = true; 603 } 604 } 605 } else { 606 $data['subscribers'][$mail]['hash'] = md5($mail . mt_rand()); 607 $data['subscribers'][$mail]['active'] = false; 608 $data['subscribers'][$mail]['confirmsent'] = false; 609 } 610 } 611 612 // update parent comment 613 if ($parent) { 614 $data['comments'][$parent]['replies'][] = $cid; 615 } 616 617 // update the number of comments 618 $data['number']++; 619 620 // notify subscribers of the page 621 $data['comments'][$cid]['cid'] = $cid; 622 $this->notify($data['comments'][$cid], $data['subscribers']); 623 624 // save the comment metadata file 625 io_saveFile($file, serialize($data)); 626 $this->addLogEntry($date, $ID, 'cc', '', $cid); 627 628 $this->redirect($cid); 629 return true; 630 } 631 632 /** 633 * Saves the comment with the given ID and then displays all comments 634 * 635 * @param array|string $cids array with comment ids to save, or a single string comment id 636 * @param string $raw if empty comment is deleted, otherwise edited text is stored (note: storing is per one cid!) 637 * @param string|null $act 'toogle', 'show', 'hide', null. If null, it depends on $raw 638 * @return bool succeed? 639 */ 640 public function save($cids, $raw, $act = null) 641 { 642 global $ID, $INPUT; 643 644 if (empty($cids)) return false; // do nothing if we get no comment id 645 646 if ($raw) { 647 global $TEXT; 648 649 $otxt = $TEXT; // set $TEXT to comment text for wordblock check 650 $TEXT = $raw; 651 652 // spamcheck against the DokuWiki blacklist 653 if (checkwordblock()) { 654 msg($this->getLang('wordblock'), -1); 655 return false; 656 } 657 658 $TEXT = $otxt; // restore global $TEXT 659 } 660 661 // get discussion meta file name 662 $file = metaFN($ID, '.comments'); 663 $data = unserialize(io_readFile($file, false)); 664 665 if (!is_array($cids)) { 666 $cids = [$cids]; 667 } 668 foreach ($cids as $cid) { 669 670 if (is_array($data['comments'][$cid]['user'])) { 671 $user = $data['comments'][$cid]['user']['id']; 672 $convert = false; 673 } else { 674 $user = $data['comments'][$cid]['user']; 675 $convert = true; 676 } 677 678 // someone else was trying to edit our comment -> abort 679 if ($user != $INPUT->server->str('REMOTE_USER') && !$this->helper->isDiscussionModerator()) { 680 return false; 681 } 682 683 $date = time(); 684 685 // need to convert to new format? 686 if ($convert) { 687 $data['comments'][$cid]['user'] = [ 688 'id' => $user, 689 'name' => $data['comments'][$cid]['name'], 690 'mail' => $data['comments'][$cid]['mail'], 691 'url' => $data['comments'][$cid]['url'], 692 'address' => $data['comments'][$cid]['address'], 693 ]; 694 $data['comments'][$cid]['date'] = [ 695 'created' => $data['comments'][$cid]['date'] 696 ]; 697 } 698 699 if ($act == 'toogle') { // toogle visibility 700 $now = $data['comments'][$cid]['show']; 701 $data['comments'][$cid]['show'] = !$now; 702 $data['number'] = $this->countVisibleComments($data); 703 704 $type = ($data['comments'][$cid]['show'] ? 'sc' : 'hc'); 705 706 } elseif ($act == 'show') { // show comment 707 $data['comments'][$cid]['show'] = true; 708 $data['number'] = $this->countVisibleComments($data); 709 710 $type = 'sc'; // show comment 711 712 } elseif ($act == 'hide') { // hide comment 713 $data['comments'][$cid]['show'] = false; 714 $data['number'] = $this->countVisibleComments($data); 715 716 $type = 'hc'; // hide comment 717 718 } elseif (!$raw) { // remove the comment 719 $data['comments'] = $this->removeComment($cid, $data['comments']); 720 $data['number'] = $this->countVisibleComments($data); 721 722 $type = 'dc'; // delete comment 723 724 } else { // save changed comment 725 $xhtml = $this->renderComment($raw); 726 727 // now change the comment's content 728 $data['comments'][$cid]['date']['modified'] = $date; 729 $data['comments'][$cid]['raw'] = $raw; 730 $data['comments'][$cid]['xhtml'] = $xhtml; 731 732 $type = 'ec'; // edit comment 733 } 734 } 735 736 // save the comment metadata file 737 io_saveFile($file, serialize($data)); 738 $this->addLogEntry($date, $ID, $type, '', $cid); 739 740 $this->redirect($cid); 741 return true; 742 } 743 744 /** 745 * Recursive function to remove a comment from the data array 746 * 747 * @param string $cid comment id to be removed 748 * @param array $comments array with all comments 749 * @return array returns modified array with all remaining comments 750 */ 751 protected function removeComment($cid, $comments) 752 { 753 if (is_array($comments[$cid]['replies'])) { 754 foreach ($comments[$cid]['replies'] as $rid) { 755 $comments = $this->removeComment($rid, $comments); 756 } 757 } 758 unset($comments[$cid]); 759 return $comments; 760 } 761 762 /** 763 * Prints an individual comment 764 * 765 * @param string $cid comment id 766 * @param array $data array with all comments by reference 767 * @param string $parent comment id of parent 768 * @param string $reply comment id on which the user requested a reply 769 * @param bool $isVisible is marked as visible 770 */ 771 protected function showCommentWithReplies($cid, &$data, $parent = '', $reply = '', $isVisible = true) 772 { 773 // comment was removed 774 if (!isset($data['comments'][$cid])) { 775 return; 776 } 777 $comment = $data['comments'][$cid]; 778 779 // corrupt datatype 780 if (!is_array($comment)) { 781 return; 782 } 783 784 // handle only replies to given parent comment 785 if ($comment['parent'] != $parent) { 786 return; 787 } 788 789 // comment hidden, only shown for moderators 790 if (!$comment['show'] && !$this->helper->isDiscussionModerator()) { 791 return; 792 } 793 794 // print the actual comment 795 $this->showComment($cid, $data, $reply, $isVisible); 796 // replies to this comment entry? 797 $this->showReplies($cid, $data, $reply, $isVisible); 798 // reply form 799 $this->showReplyForm($cid, $reply); 800 } 801 802 /** 803 * Print the comment 804 * 805 * @param string $cid comment id 806 * @param array $data array with all comments 807 * @param string $reply comment id on which the user requested a reply 808 * @param bool $isVisible (grand)parent is marked as visible 809 */ 810 protected function showComment($cid, $data, $reply, $isVisible) 811 { 812 global $conf, $lang, $HIGH, $INPUT; 813 $comment = $data['comments'][$cid]; 814 815 //only moderators can arrive here if hidden 816 $class = ''; 817 if (!$comment['show'] || !$isVisible) { 818 $class = ' comment_hidden'; 819 } 820 if($cid === $reply) { 821 $class .= ' reply'; 822 } 823 // comment head with date and user data 824 ptln('<div class="hentry' . $class . '">', 4); 825 ptln('<div class="comment_head">', 6); 826 ptln('<a name="comment_' . $cid . '" id="comment_' . $cid . '"></a>', 8); 827 $head = '<span class="vcard author">'; 828 829 // prepare variables 830 if (is_array($comment['user'])) { // new format 831 $user = $comment['user']['id']; 832 $name = $comment['user']['name']; 833 $mail = $comment['user']['mail']; 834 $url = $comment['user']['url']; 835 $address = $comment['user']['address']; 836 } else { // old format 837 $user = $comment['user']; 838 $name = $comment['name']; 839 $mail = $comment['mail']; 840 $url = $comment['url']; 841 $address = $comment['address']; 842 } 843 if (is_array($comment['date'])) { // new format 844 $created = $comment['date']['created']; 845 $modified = $comment['date']['modified'] ?? null; 846 } else { // old format 847 $created = $comment['date']; 848 $modified = $comment['edited']; 849 } 850 851 // show username or real name? 852 if (!$this->getConf('userealname') && $user) { 853 //not logged-in users have currently username set to '', but before 'test<Ipaddress>' 854 if(substr($user, 0,4) === 'test' 855 && (strpos($user, ':', 4) !== false || strpos($user, '.', 4) !== false)) { 856 $showname = $name; 857 } else { 858 $showname = $user; 859 } 860 } else { 861 $showname = $name; 862 } 863 864 // show avatar image? 865 if ($this->useAvatar()) { 866 $user_data['name'] = $name; 867 $user_data['user'] = $user; 868 $user_data['mail'] = $mail; 869 $align = $lang['direction'] === 'ltr' ? 'left' : 'right'; 870 $avatar = $this->avatar->getXHTML($user_data, $name, $align); 871 if ($avatar) { 872 $head .= $avatar; 873 } 874 } 875 876 if ($this->getConf('linkemail') && $mail) { 877 $head .= $this->email($mail, $showname, 'email fn'); 878 } elseif ($url) { 879 $head .= $this->external_link($this->checkURL($url), $showname, 'urlextern url fn'); 880 } else { 881 $head .= '<span class="fn">' . $showname . '</span>'; 882 } 883 884 if ($address) { 885 $head .= ', <span class="adr">' . $address . '</span>'; 886 } 887 $head .= '</span>, ' . 888 '<abbr class="published" title="' . strftime('%Y-%m-%dT%H:%M:%SZ', $created) . '">' . 889 dformat($created, $conf['dformat']) . '</abbr>'; 890 if ($modified) { 891 $head .= ', <abbr class="updated" title="' . 892 strftime('%Y-%m-%dT%H:%M:%SZ', $modified) . '">' . dformat($modified, $conf['dformat']) . 893 '</abbr>'; 894 } 895 ptln($head, 8); 896 ptln('</div>', 6); // class="comment_head" 897 898 // main comment content 899 ptln('<div class="comment_body entry-content"' . 900 ($this->useAvatar() ? $this->getWidthStyle() : '') . '>', 6); 901 echo ($HIGH ? html_hilight($comment['xhtml'], $HIGH) : $comment['xhtml']) . DOKU_LF; 902 ptln('</div>', 6); // class="comment_body" 903 904 if ($isVisible) { 905 ptln('<div class="comment_buttons">', 6); 906 907 // show reply button? 908 if ($data['status'] == 1 && !$reply && $comment['show'] 909 && ($this->getConf('allowguests') || $INPUT->server->has('REMOTE_USER')) 910 && $this->getConf('usethreading') 911 ) { 912 $this->showButton($cid, $this->getLang('btn_reply'), 'reply', true); 913 } 914 915 // show edit, show/hide and delete button? 916 if (($user == $INPUT->server->str('REMOTE_USER') && $user != '') || $this->helper->isDiscussionModerator()) { 917 $this->showButton($cid, $lang['btn_secedit'], 'edit', true); 918 $label = ($comment['show'] ? $this->getLang('btn_hide') : $this->getLang('btn_show')); 919 $this->showButton($cid, $label, 'toogle'); 920 $this->showButton($cid, $lang['btn_delete'], 'delete'); 921 } 922 ptln('</div>', 6); // class="comment_buttons" 923 } 924 ptln('</div>', 4); // class="hentry" 925 } 926 927 /** 928 * If requested by user, show comment form to write a reply 929 * 930 * @param string $cid current comment id 931 * @param string $reply comment id on which the user requested a reply 932 */ 933 protected function showReplyForm($cid, $reply) 934 { 935 if ($this->getConf('usethreading') && $reply == $cid) { 936 ptln('<div class="comment_replies reply">', 4); 937 $this->showCommentForm('', 'add', $cid); 938 ptln('</div>', 4); // class="comment_replies" 939 } 940 } 941 942 /** 943 * Show the replies to the given comment 944 * 945 * @param string $cid comment id 946 * @param array $data array with all comments by reference 947 * @param string $reply comment id on which the user requested a reply 948 * @param bool $isVisible is marked as visible by reference 949 */ 950 protected function showReplies($cid, &$data, $reply, &$isVisible) 951 { 952 $comment = $data['comments'][$cid]; 953 if (!count($comment['replies'])) { 954 return; 955 } 956 ptln('<div class="comment_replies"' . $this->getWidthStyle() . '>', 4); 957 $isVisible = ($comment['show'] && $isVisible); 958 foreach ($comment['replies'] as $rid) { 959 $this->showCommentWithReplies($rid, $data, $cid, $reply, $isVisible); 960 } 961 ptln('</div>', 4); 962 } 963 964 /** 965 * Is an avatar displayed? 966 * 967 * @return bool 968 */ 969 protected function useAvatar() 970 { 971 if (is_null($this->useAvatar)) { 972 $this->useAvatar = $this->getConf('useavatar') 973 && ($this->avatar = $this->loadHelper('avatar', false)); 974 } 975 return $this->useAvatar; 976 } 977 978 /** 979 * Calculate width of indent 980 * 981 * @return string 982 */ 983 protected function getWidthStyle() 984 { 985 global $lang; 986 987 if (is_null($this->style)) { 988 $side = $lang['direction'] === 'ltr' ? 'left' : 'right'; 989 990 if ($this->useAvatar()) { 991 $this->style = ' style="margin-' . $side . ': ' . ($this->avatar->getConf('size') + 14) . 'px;"'; 992 } else { 993 $this->style = ' style="margin-' . $side . ': 20px;"'; 994 } 995 } 996 return $this->style; 997 } 998 999 /** 1000 * Show the button which toggles between show/hide of the entire discussion section 1001 */ 1002 protected function showDiscussionToggleButton() 1003 { 1004 ptln('<div id="toggle_button" class="toggle_button">'); 1005 ptln('<input type="submit" id="discussion__btn_toggle_visibility" title="Toggle Visibiliy" class="button"' 1006 . 'value="' . $this->getLang('toggle_display') . '">'); 1007 ptln('</div>'); 1008 } 1009 1010 /** 1011 * Outputs the comment form 1012 * 1013 * @param string $raw the existing comment text in case of edit 1014 * @param string $act action 'add' or 'save' 1015 * @param string|null $cid comment id to be responded to or null 1016 */ 1017 protected function showCommentForm($raw, $act, $cid = null) 1018 { 1019 global $lang, $conf, $ID, $INPUT; 1020 1021 // not for unregistered users when guest comments aren't allowed 1022 if (!$INPUT->server->has('REMOTE_USER') && !$this->getConf('allowguests')) { 1023 ?> 1024 <div class="comment_form"> 1025 <?php echo $this->getLang('noguests'); ?> 1026 </div> 1027 <?php 1028 return; 1029 } 1030 1031 // fill $raw with $INPUT->str('text') if it's empty (for failed CAPTCHA check) 1032 if (!$raw && $INPUT->str('comment') == 'show') { 1033 $raw = $INPUT->str('text'); 1034 } 1035 ?> 1036 1037 <div class="comment_form"> 1038 <form id="discussion__comment_form" method="post" action="<?php echo script() ?>" 1039 accept-charset="<?php echo $lang['encoding'] ?>"> 1040 <div class="no"> 1041 <input type="hidden" name="id" value="<?php echo $ID ?>"/> 1042 <input type="hidden" name="do" value="show"/> 1043 <input type="hidden" name="comment" value="<?php echo $act ?>"/> 1044 <?php 1045 // for adding a comment 1046 if ($act == 'add') { 1047 ?> 1048 <input type="hidden" name="reply" value="<?php echo $cid ?>"/> 1049 <?php 1050 // for guest/adminimport: show name, e-mail and subscribe to comments fields 1051 if (!$INPUT->server->has('REMOTE_USER') or ($this->getConf('adminimport') && $this->helper->isDiscussionModerator())) { 1052 ?> 1053 <input type="hidden" name="user" value=""/> 1054 <div class="comment_name"> 1055 <label class="block" for="discussion__comment_name"> 1056 <span><?php echo $lang['fullname'] ?>:</span> 1057 <input type="text" 1058 class="edit<?php if ($INPUT->str('comment') == 'add' && empty($INPUT->str('name'))) echo ' error' ?>" 1059 name="name" id="discussion__comment_name" size="50" tabindex="1" 1060 value="<?php echo hsc($INPUT->str('name')) ?>"/> 1061 </label> 1062 </div> 1063 <div class="comment_mail"> 1064 <label class="block" for="discussion__comment_mail"> 1065 <span><?php echo $lang['email'] ?>:</span> 1066 <input type="text" 1067 class="edit<?php if ($INPUT->str('comment') == 'add' && empty($INPUT->str('mail'))) echo ' error' ?>" 1068 name="mail" id="discussion__comment_mail" size="50" tabindex="2" 1069 value="<?php echo hsc($INPUT->str('mail')) ?>"/> 1070 </label> 1071 </div> 1072 <?php 1073 } 1074 1075 // allow entering an URL 1076 if ($this->getConf('urlfield')) { 1077 ?> 1078 <div class="comment_url"> 1079 <label class="block" for="discussion__comment_url"> 1080 <span><?php echo $this->getLang('url') ?>:</span> 1081 <input type="text" class="edit" name="url" id="discussion__comment_url" size="50" 1082 tabindex="3" value="<?php echo hsc($INPUT->str('url')) ?>"/> 1083 </label> 1084 </div> 1085 <?php 1086 } 1087 1088 // allow entering an address 1089 if ($this->getConf('addressfield')) { 1090 ?> 1091 <div class="comment_address"> 1092 <label class="block" for="discussion__comment_address"> 1093 <span><?php echo $this->getLang('address') ?>:</span> 1094 <input type="text" class="edit" name="address" id="discussion__comment_address" 1095 size="50" tabindex="4" value="<?php echo hsc($INPUT->str('address')) ?>"/> 1096 </label> 1097 </div> 1098 <?php 1099 } 1100 1101 // allow setting the comment date 1102 if ($this->getConf('adminimport') && ($this->helper->isDiscussionModerator())) { 1103 ?> 1104 <div class="comment_date"> 1105 <label class="block" for="discussion__comment_date"> 1106 <span><?php echo $this->getLang('date') ?>:</span> 1107 <input type="text" class="edit" name="date" id="discussion__comment_date" 1108 size="50"/> 1109 </label> 1110 </div> 1111 <?php 1112 } 1113 1114 // for saving a comment 1115 } else { 1116 ?> 1117 <input type="hidden" name="cid" value="<?php echo $cid ?>"/> 1118 <?php 1119 } 1120 ?> 1121 <div class="comment_text"> 1122 <?php echo $this->getLang('entercomment'); 1123 echo($this->getConf('wikisyntaxok') ? "" : ":"); 1124 if ($this->getConf('wikisyntaxok')) echo '. ' . $this->getLang('wikisyntax') . ':'; ?> 1125 1126 <!-- Fix for disable the toolbar when wikisyntaxok is set to false. See discussion's script.jss --> 1127 <?php if ($this->getConf('wikisyntaxok')) { ?> 1128 <div id="discussion__comment_toolbar" class="toolbar group"> 1129 <?php } else { ?> 1130 <div id="discussion__comment_toolbar_disabled"> 1131 <?php } ?> 1132 </div> 1133 <textarea 1134 class="edit<?php if ($INPUT->str('comment') == 'add' && empty($INPUT->str('text'))) echo ' error' ?>" 1135 name="text" cols="80" rows="10" id="discussion__comment_text" tabindex="5"><?php 1136 if ($raw) { 1137 echo formText($raw); 1138 } else { 1139 echo hsc($INPUT->str('text')); 1140 } 1141 ?></textarea> 1142 </div> 1143 1144 <?php 1145 /** @var helper_plugin_captcha $captcha */ 1146 $captcha = $this->loadHelper('captcha', false); 1147 if ($captcha && $captcha->isEnabled()) { 1148 echo $captcha->getHTML(); 1149 } 1150 1151 /** @var helper_plugin_recaptcha $recaptcha */ 1152 $recaptcha = $this->loadHelper('recaptcha', false); 1153 if ($recaptcha && $recaptcha->isEnabled()) { 1154 echo $recaptcha->getHTML(); 1155 } 1156 ?> 1157 1158 <input class="button comment_submit" id="discussion__btn_submit" type="submit" name="submit" 1159 accesskey="s" value="<?php echo $lang['btn_save'] ?>" 1160 title="<?php echo $lang['btn_save'] ?> [S]" tabindex="7"/> 1161 <?php 1162 //if enabled, let not logged-in users subscribe, and logged-in only if no page-subcriptions are used 1163 if ((!$INPUT->server->has('REMOTE_USER') 1164 || $INPUT->server->has('REMOTE_USER') && !$conf['subscribers']) 1165 && $this->getConf('subscribe')) { ?> 1166 <label class="nowrap" for="discussion__comment_subscribe"> 1167 <input type="checkbox" id="discussion__comment_subscribe" name="subscribe" 1168 tabindex="6"/> 1169 <span><?php echo $this->getLang('subscribe') ?></span> 1170 </label> 1171 <?php } ?> 1172 <input class="button comment_preview_button" id="discussion__btn_preview" type="button" 1173 name="preview" accesskey="p" value="<?php echo $lang['btn_preview'] ?>" 1174 title="<?php echo $lang['btn_preview'] ?> [P]"/> 1175 <?php if ($cid) { ?> 1176 <a class="button comment_cancel" href="<?php echo wl($ID) . '#comment_' . $cid ?>" ><?php echo $lang['btn_cancel'] ?></a> 1177 <?php } ?> 1178 1179 <div class="clearer"></div> 1180 <div id="discussion__comment_preview"> </div> 1181 </div> 1182 </form> 1183 </div> 1184 <?php 1185 } 1186 1187 /** 1188 * Action button below a comment 1189 * 1190 * @param string $cid comment id 1191 * @param string $label translated label 1192 * @param string $act action 1193 * @param bool $jump whether to scroll to the commentform 1194 */ 1195 protected function showButton($cid, $label, $act, $jump = false) 1196 { 1197 global $ID; 1198 1199 $anchor = ($jump ? '#discussion__comment_form' : ''); 1200 1201 $submitClass = ''; 1202 if($act === 'delete') { 1203 $submitClass = ' dcs_confirmdelete'; 1204 } 1205 ?> 1206 <form class="button discussion__<?php echo $act ?>" method="get" action="<?php echo script() . $anchor ?>"> 1207 <div class="no"> 1208 <input type="hidden" name="id" value="<?php echo $ID ?>"/> 1209 <input type="hidden" name="do" value="show"/> 1210 <input type="hidden" name="comment" value="<?php echo $act ?>"/> 1211 <input type="hidden" name="cid" value="<?php echo $cid ?>"/> 1212 <input type="submit" value="<?php echo $label ?>" class="button<?php echo $submitClass ?>" title="<?php echo $label ?>"/> 1213 </div> 1214 </form> 1215 <?php 1216 } 1217 1218 /** 1219 * Adds an entry to the comments changelog 1220 * 1221 * @param int $date 1222 * @param string $id page id 1223 * @param string $type create/edit/delete/show/hide comment 'cc', 'ec', 'dc', 'sc', 'hc' 1224 * @param string $summary 1225 * @param string $extra 1226 * @author Ben Coburn <btcoburn@silicodon.net> 1227 * 1228 * @author Esther Brunner <wikidesign@gmail.com> 1229 */ 1230 protected function addLogEntry($date, $id, $type = 'cc', $summary = '', $extra = '') 1231 { 1232 global $conf, $INPUT; 1233 1234 $changelog = $conf['metadir'] . '/_comments.changes'; 1235 1236 //use current time if none supplied 1237 if (!$date) { 1238 $date = time(); 1239 } 1240 $remote = $INPUT->server->str('REMOTE_ADDR'); 1241 $user = $INPUT->server->str('REMOTE_USER'); 1242 1243 $strip = ["\t", "\n"]; 1244 $logline = [ 1245 'date' => $date, 1246 'ip' => $remote, 1247 'type' => str_replace($strip, '', $type), 1248 'id' => $id, 1249 'user' => $user, 1250 'sum' => str_replace($strip, '', $summary), 1251 'extra' => str_replace($strip, '', $extra) 1252 ]; 1253 1254 // add changelog line 1255 $logline = implode("\t", $logline) . "\n"; 1256 io_saveFile($changelog, $logline, true); //global changelog cache 1257 $this->trimRecentCommentsLog($changelog); 1258 1259 // tell the indexer to re-index the page 1260 @unlink(metaFN($id, '.indexed')); 1261 } 1262 1263 /** 1264 * Trims the recent comments cache to the last $conf['changes_days'] recent 1265 * changes or $conf['recent'] items, which ever is larger. 1266 * The trimming is only done once a day. 1267 * 1268 * @param string $changelog file path 1269 * @return bool 1270 * @author Ben Coburn <btcoburn@silicodon.net> 1271 * 1272 */ 1273 protected function trimRecentCommentsLog($changelog) 1274 { 1275 global $conf; 1276 1277 if (@file_exists($changelog) 1278 && (filectime($changelog) + 86400) < time() 1279 && !@file_exists($changelog . '_tmp') 1280 ) { 1281 1282 io_lock($changelog); 1283 $lines = file($changelog); 1284 if (count($lines) < $conf['recent']) { 1285 // nothing to trim 1286 io_unlock($changelog); 1287 return true; 1288 } 1289 1290 // presave tmp as 2nd lock 1291 io_saveFile($changelog . '_tmp', ''); 1292 $trim_time = time() - $conf['recent_days'] * 86400; 1293 $out_lines = []; 1294 1295 $num = count($lines); 1296 for ($i = 0; $i < $num; $i++) { 1297 $log = parseChangelogLine($lines[$i]); 1298 if ($log === false) continue; // discard junk 1299 if ($log['date'] < $trim_time) { 1300 $old_lines[$log['date'] . ".$i"] = $lines[$i]; // keep old lines for now (append .$i to prevent key collisions) 1301 } else { 1302 $out_lines[$log['date'] . ".$i"] = $lines[$i]; // definitely keep these lines 1303 } 1304 } 1305 1306 // sort the final result, it shouldn't be necessary, 1307 // however the extra robustness in making the changelog cache self-correcting is worth it 1308 ksort($out_lines); 1309 $extra = $conf['recent'] - count($out_lines); // do we need extra lines do bring us up to minimum 1310 if ($extra > 0) { 1311 ksort($old_lines); 1312 $out_lines = array_merge(array_slice($old_lines, -$extra), $out_lines); 1313 } 1314 1315 // save trimmed changelog 1316 io_saveFile($changelog . '_tmp', implode('', $out_lines)); 1317 @unlink($changelog); 1318 if (!rename($changelog . '_tmp', $changelog)) { 1319 // rename failed so try another way... 1320 io_unlock($changelog); 1321 io_saveFile($changelog, implode('', $out_lines)); 1322 @unlink($changelog . '_tmp'); 1323 } else { 1324 io_unlock($changelog); 1325 } 1326 return true; 1327 } 1328 return true; 1329 } 1330 1331 /** 1332 * Sends a notify mail on new comment 1333 * 1334 * @param array $comment data array of the new comment 1335 * @param array $subscribers data of the subscribers by reference 1336 * 1337 * @author Andreas Gohr <andi@splitbrain.org> 1338 * @author Esther Brunner <wikidesign@gmail.com> 1339 */ 1340 protected function notify($comment, &$subscribers) 1341 { 1342 global $conf, $ID, $INPUT, $auth; 1343 1344 $notify_text = io_readfile($this->localfn('subscribermail')); 1345 $confirm_text = io_readfile($this->localfn('confirmsubscribe')); 1346 $subject_notify = '[' . $conf['title'] . '] ' . $this->getLang('mail_newcomment'); 1347 $subject_subscribe = '[' . $conf['title'] . '] ' . $this->getLang('subscribe'); 1348 1349 $mailer = new Mailer(); 1350 if (!$INPUT->server->has('REMOTE_USER')) { 1351 $mailer->from($conf['mailfromnobody']); 1352 } 1353 1354 $replace = [ 1355 'PAGE' => $ID, 1356 'TITLE' => $conf['title'], 1357 'DATE' => dformat($comment['date']['created'], $conf['dformat']), 1358 'NAME' => $comment['user']['name'], 1359 'TEXT' => $comment['raw'], 1360 'COMMENTURL' => wl($ID, '', true) . '#comment_' . $comment['cid'], 1361 'UNSUBSCRIBE' => wl($ID, 'do=subscribe', true, '&'), 1362 'DOKUWIKIURL' => DOKU_URL 1363 ]; 1364 1365 $confirm_replace = [ 1366 'PAGE' => $ID, 1367 'TITLE' => $conf['title'], 1368 'DOKUWIKIURL' => DOKU_URL 1369 ]; 1370 1371 1372 $mailer->subject($subject_notify); 1373 $mailer->setBody($notify_text, $replace); 1374 1375 // send mail to notify address 1376 if ($conf['notify']) { 1377 $mailer->bcc($conf['notify']); 1378 $mailer->send(); 1379 } 1380 1381 // send email to moderators 1382 if ($this->getConf('moderatorsnotify')) { 1383 $moderatorgrpsString = trim($this->getConf('moderatorgroups')); 1384 if (!empty($moderatorgrpsString)) { 1385 // create a clean mods list 1386 $moderatorgroups = explode(',', $moderatorgrpsString); 1387 $moderatorgroups = array_map('trim', $moderatorgroups); 1388 $moderatorgroups = array_unique($moderatorgroups); 1389 $moderatorgroups = array_filter($moderatorgroups); 1390 // search for moderators users 1391 foreach ($moderatorgroups as $moderatorgroup) { 1392 if (!$auth->isCaseSensitive()) { 1393 $moderatorgroup = PhpString::strtolower($moderatorgroup); 1394 } 1395 // create a clean mailing list 1396 $bccs = []; 1397 if ($moderatorgroup[0] == '@') { 1398 foreach ($auth->retrieveUsers(0, 0, ['grps' => $auth->cleanGroup(substr($moderatorgroup, 1))]) as $user) { 1399 if (!empty($user['mail'])) { 1400 $bccs[] = $user['mail']; 1401 } 1402 } 1403 } else { 1404 //it is an user 1405 $userdata = $auth->getUserData($auth->cleanUser($moderatorgroup)); 1406 if (!empty($userdata['mail'])) { 1407 $bccs[] = $userdata['mail']; 1408 } 1409 } 1410 $bccs = array_unique($bccs); 1411 // notify the users 1412 $mailer->bcc(implode(',', $bccs)); 1413 $mailer->send(); 1414 } 1415 } 1416 } 1417 1418 // notify page subscribers 1419 if (actionOK('subscribe')) { 1420 $data = ['id' => $ID, 'addresslist' => '', 'self' => false]; 1421 //FIXME default callback, needed to mentioned it again? 1422 Event::createAndTrigger( 1423 'COMMON_NOTIFY_ADDRESSLIST', $data, 1424 [new SubscriberManager(), 'notifyAddresses'] 1425 ); 1426 1427 $to = $data['addresslist']; 1428 if (!empty($to)) { 1429 $mailer->bcc($to); 1430 $mailer->send(); 1431 } 1432 } 1433 1434 // notify comment subscribers 1435 if (!empty($subscribers)) { 1436 1437 foreach ($subscribers as $mail => $data) { 1438 $mailer->bcc($mail); 1439 if ($data['active']) { 1440 $replace['UNSUBSCRIBE'] = wl($ID, 'do=discussion_unsubscribe&hash=' . $data['hash'], true, '&'); 1441 1442 $mailer->subject($subject_notify); 1443 $mailer->setBody($notify_text, $replace); 1444 $mailer->send(); 1445 } elseif (!$data['confirmsent']) { 1446 $confirm_replace['SUBSCRIBE'] = wl($ID, 'do=discussion_confirmsubscribe&hash=' . $data['hash'], true, '&'); 1447 1448 $mailer->subject($subject_subscribe); 1449 $mailer->setBody($confirm_text, $confirm_replace); 1450 $mailer->send(); 1451 $subscribers[$mail]['confirmsent'] = true; 1452 } 1453 } 1454 } 1455 } 1456 1457 /** 1458 * Counts the number of visible comments 1459 * 1460 * @param array $data array with all comments 1461 * @return int 1462 */ 1463 protected function countVisibleComments($data) 1464 { 1465 $number = 0; 1466 foreach ($data['comments'] as $comment) { 1467 if ($comment['parent']) continue; 1468 if (!$comment['show']) continue; 1469 1470 $number++; 1471 $rids = $comment['replies']; 1472 if (count($rids)) { 1473 $number = $number + $this->countVisibleReplies($data, $rids); 1474 } 1475 } 1476 return $number; 1477 } 1478 1479 /** 1480 * Count visible replies on the comments 1481 * 1482 * @param array $data 1483 * @param array $rids 1484 * @return int counted replies 1485 */ 1486 protected function countVisibleReplies(&$data, $rids) 1487 { 1488 $number = 0; 1489 foreach ($rids as $rid) { 1490 if (!isset($data['comments'][$rid])) continue; // reply was removed 1491 if (!$data['comments'][$rid]['show']) continue; 1492 1493 $number++; 1494 $rids = $data['comments'][$rid]['replies']; 1495 if (count($rids)) { 1496 $number = $number + $this->countVisibleReplies($data, $rids); 1497 } 1498 } 1499 return $number; 1500 } 1501 1502 /** 1503 * Renders the raw comment (wiki)text to html 1504 * 1505 * @param string $raw comment text 1506 * @return null|string 1507 */ 1508 protected function renderComment($raw) 1509 { 1510 if ($this->getConf('wikisyntaxok')) { 1511 // Note the warning for render_text: 1512 // "very ineffecient for small pieces of data - try not to use" 1513 // in dokuwiki/inc/plugin.php 1514 $xhtml = $this->render_text($raw); 1515 } else { // wiki syntax not allowed -> just encode special chars 1516 $xhtml = hsc(trim($raw)); 1517 $xhtml = str_replace("\n", '<br />', $xhtml); 1518 } 1519 return $xhtml; 1520 } 1521 1522 /** 1523 * Finds out whether there is a discussion section for the current page 1524 * 1525 * @param string $title set to title from metadata or empty string 1526 * @return bool discussion section is shown? 1527 */ 1528 protected function hasDiscussion(&$title) 1529 { 1530 global $ID; 1531 1532 $file = metaFN($ID, '.comments'); 1533 1534 if (!@file_exists($file)) { 1535 if ($this->isDiscussionEnabled()) { 1536 return true; 1537 } else { 1538 return false; 1539 } 1540 } 1541 1542 $data = unserialize(io_readFile($file, false)); 1543 1544 $title = $data['title'] ?? ''; 1545 1546 $num = $data['number']; 1547 if (!$data['status'] || ($data['status'] == 2 && $num == 0)) { 1548 //disabled, or closed and no comments 1549 return false; 1550 } else { 1551 return true; 1552 } 1553 } 1554 1555 /** 1556 * Creates a new thread page 1557 * 1558 * @return string 1559 */ 1560 protected function newThread() 1561 { 1562 global $ID, $INFO, $INPUT; 1563 1564 $ns = cleanID($INPUT->str('ns')); 1565 $title = str_replace(':', '', $INPUT->str('title')); 1566 $back = $ID; 1567 $ID = ($ns ? $ns . ':' : '') . cleanID($title); 1568 $INFO = pageinfo(); 1569 1570 // check if we are allowed to create this file 1571 if ($INFO['perm'] >= AUTH_CREATE) { 1572 1573 //check if locked by anyone - if not lock for my self 1574 if ($INFO['locked']) { 1575 return 'locked'; 1576 } else { 1577 lock($ID); 1578 } 1579 1580 // prepare the new thread file with default stuff 1581 if (!@file_exists($INFO['filepath'])) { 1582 global $TEXT; 1583 1584 $TEXT = pageTemplate(($ns ? $ns . ':' : '') . $title); 1585 if (!$TEXT) { 1586 $data = ['id' => $ID, 'ns' => $ns, 'title' => $title, 'back' => $back]; 1587 $TEXT = $this->pageTemplate($data); 1588 } 1589 return 'preview'; 1590 } else { 1591 return 'edit'; 1592 } 1593 } else { 1594 return 'show'; 1595 } 1596 } 1597 1598 /** 1599 * Adapted version of pageTemplate() function 1600 * 1601 * @param array $data 1602 * @return string 1603 */ 1604 protected function pageTemplate($data) 1605 { 1606 global $conf, $INFO, $INPUT; 1607 1608 $id = $data['id']; 1609 $user = $INPUT->server->str('REMOTE_USER'); 1610 $tpl = io_readFile(DOKU_PLUGIN . 'discussion/_template.txt'); 1611 1612 // standard replacements 1613 $replace = [ 1614 '@NS@' => $data['ns'], 1615 '@PAGE@' => strtr(noNS($id), '_', ' '), 1616 '@USER@' => $user, 1617 '@NAME@' => $INFO['userinfo']['name'], 1618 '@MAIL@' => $INFO['userinfo']['mail'], 1619 '@DATE@' => dformat(time(), $conf['dformat']), 1620 ]; 1621 1622 // additional replacements 1623 $replace['@BACK@'] = $data['back']; 1624 $replace['@TITLE@'] = $data['title']; 1625 1626 // avatar if useavatar and avatar plugin available 1627 if ($this->getConf('useavatar') && !plugin_isdisabled('avatar')) { 1628 $replace['@AVATAR@'] = '{{avatar>' . $user . ' }} '; 1629 } else { 1630 $replace['@AVATAR@'] = ''; 1631 } 1632 1633 // tag if tag plugin is available 1634 if (!plugin_isdisabled('tag')) { 1635 $replace['@TAG@'] = "\n\n{{tag>}}"; 1636 } else { 1637 $replace['@TAG@'] = ''; 1638 } 1639 1640 // perform the replacements in tpl 1641 return str_replace(array_keys($replace), array_values($replace), $tpl); 1642 } 1643 1644 /** 1645 * Checks if the CAPTCHA string submitted is valid, modifies action if needed 1646 */ 1647 protected function captchaCheck() 1648 { 1649 global $INPUT; 1650 /** @var helper_plugin_captcha $captcha */ 1651 if (!$captcha = $this->loadHelper('captcha', false)) { 1652 // CAPTCHA is disabled or not available 1653 return; 1654 } 1655 1656 if ($captcha->isEnabled() && !$captcha->check()) { 1657 if ($INPUT->str('comment') == 'save') { 1658 $INPUT->set('comment', 'edit'); 1659 } elseif ($INPUT->str('comment') == 'add') { 1660 $INPUT->set('comment', 'show'); 1661 } 1662 } 1663 } 1664 1665 /** 1666 * checks if the submitted reCAPTCHA string is valid, modifies action if needed 1667 * 1668 * @author Adrian Schlegel <adrian@liip.ch> 1669 */ 1670 protected function recaptchaCheck() 1671 { 1672 global $INPUT; 1673 /** @var helper_plugin_recaptcha $recaptcha */ 1674 if (!$recaptcha = plugin_load('helper', 'recaptcha')) 1675 return; // reCAPTCHA is disabled or not available 1676 1677 // do nothing if logged in user and no reCAPTCHA required 1678 if (!$recaptcha->getConf('forusers') && $INPUT->server->has('REMOTE_USER')) return; 1679 1680 $response = $recaptcha->check(); 1681 if (!$response->is_valid) { 1682 msg($recaptcha->getLang('testfailed'), -1); 1683 if ($INPUT->str('comment') == 'save') { 1684 $INPUT->str('comment', 'edit'); 1685 } elseif ($INPUT->str('comment') == 'add') { 1686 $INPUT->str('comment', 'show'); 1687 } 1688 } 1689 } 1690 1691 /** 1692 * Add discussion plugin version to the indexer version 1693 * This means that all pages will be indexed again in order to add the comments 1694 * to the index whenever there has been a change that concerns the index content. 1695 * 1696 * @param Doku_Event $event 1697 */ 1698 public function addIndexVersion(Doku_Event $event) 1699 { 1700 $event->data['discussion'] = '0.1'; 1701 } 1702 1703 /** 1704 * Adds the comments to the index 1705 * 1706 * @param Doku_Event $event 1707 * @param array $param with 1708 * 'id' => string 'page'/'id' for respectively INDEXER_PAGE_ADD and FULLTEXT_SNIPPET_CREATE event 1709 * 'text' => string 'body'/'text' 1710 */ 1711 public function addCommentsToIndex(Doku_Event $event, $param) 1712 { 1713 // get .comments meta file name 1714 $file = metaFN($event->data[$param['id']], '.comments'); 1715 1716 if (!@file_exists($file)) return; 1717 $data = unserialize(io_readFile($file, false)); 1718 1719 // comments are turned off or no comments available to index 1720 if (!$data['status'] || $data['number'] == 0) return; 1721 1722 // now add the comments 1723 if (isset($data['comments'])) { 1724 foreach ($data['comments'] as $key => $value) { 1725 $event->data[$param['text']] .= DOKU_LF . $this->addCommentWords($key, $data); 1726 } 1727 } 1728 } 1729 1730 /** 1731 * Checks if the phrase occurs in the comments and return event result true if matching 1732 * 1733 * @param Doku_Event $event 1734 */ 1735 public function fulltextPhraseMatchInComments(Doku_Event $event) 1736 { 1737 if ($event->result === true) return; 1738 1739 // get .comments meta file name 1740 $file = metaFN($event->data['id'], '.comments'); 1741 1742 if (!@file_exists($file)) return; 1743 $data = unserialize(io_readFile($file, false)); 1744 1745 // comments are turned off or no comments available to match 1746 if (!$data['status'] || $data['number'] == 0) return; 1747 1748 $matched = false; 1749 1750 // now add the comments 1751 if (isset($data['comments'])) { 1752 foreach ($data['comments'] as $cid => $value) { 1753 $matched = $this->phraseMatchInComment($event->data['phrase'], $cid, $data); 1754 if ($matched) break; 1755 } 1756 } 1757 1758 if ($matched) { 1759 $event->result = true; 1760 } 1761 } 1762 1763 /** 1764 * Match the phrase in the comment and its replies 1765 * 1766 * @param string $phrase phrase to search 1767 * @param string $cid comment id 1768 * @param array $data array with all comments by reference 1769 * @param string $parent cid of parent 1770 * @return bool if match true, otherwise false 1771 */ 1772 protected function phraseMatchInComment($phrase, $cid, &$data, $parent = '') 1773 { 1774 if (!isset($data['comments'][$cid])) return false; // comment was removed 1775 1776 $comment = $data['comments'][$cid]; 1777 1778 if (!is_array($comment)) return false; // corrupt datatype 1779 if ($comment['parent'] != $parent) return false; // reply to an other comment 1780 if (!$comment['show']) return false; // hidden comment 1781 1782 $text = PhpString::strtolower($comment['raw']); 1783 if (strpos($text, $phrase) !== false) { 1784 return true; 1785 } 1786 1787 if (is_array($comment['replies'])) { // and the replies 1788 foreach ($comment['replies'] as $rid) { 1789 if ($this->phraseMatchInComment($phrase, $rid, $data, $cid)) { 1790 return true; 1791 } 1792 } 1793 } 1794 return false; 1795 } 1796 1797 /** 1798 * Saves the current comment status and title from metadata into the .comments file 1799 * 1800 * @param Doku_Event $event 1801 */ 1802 public function updateCommentStatusFromMetadata(Doku_Event $event) 1803 { 1804 global $ID; 1805 1806 $meta = $event->data['current']; 1807 1808 $file = metaFN($ID, '.comments'); 1809 $configurationStatus = ($this->isDiscussionEnabled() ? 1 : 0); // 0=off, 1=enabled 1810 $title = null; 1811 if (isset($meta['plugin_discussion'])) { 1812 $status = (int) $meta['plugin_discussion']['status']; // 0=off, 1=enabled or 2=closed 1813 $title = $meta['plugin_discussion']['title']; 1814 1815 // do we have metadata that differs from general config? 1816 $saveNeededFromMetadata = $configurationStatus !== $status || ($status > 0 && $title); 1817 } else { 1818 $status = $configurationStatus; 1819 $saveNeededFromMetadata = false; 1820 } 1821 1822 // if .comment file exists always update it with latest status 1823 if ($saveNeededFromMetadata || file_exists($file)) { 1824 1825 $data = []; 1826 if (@file_exists($file)) { 1827 $data = unserialize(io_readFile($file, false)); 1828 } 1829 1830 if (!array_key_exists('title', $data) || $data['title'] !== $title || !isset($data['status']) || $data['status'] !== $status) { 1831 //title can be only set from metadata 1832 $data['title'] = $title; 1833 $data['status'] = $status; 1834 if (!isset($data['number'])) { 1835 $data['number'] = 0; 1836 } 1837 io_saveFile($file, serialize($data)); 1838 } 1839 } 1840 } 1841 1842 /** 1843 * Return words of a given comment and its replies, suitable to be added to the index 1844 * 1845 * @param string $cid comment id 1846 * @param array $data array with all comments by reference 1847 * @param string $parent cid of parent 1848 * @return string 1849 */ 1850 protected function addCommentWords($cid, &$data, $parent = '') 1851 { 1852 1853 if (!isset($data['comments'][$cid])) return ''; // comment was removed 1854 1855 $comment = $data['comments'][$cid]; 1856 1857 if (!is_array($comment)) return ''; // corrupt datatype 1858 if ($comment['parent'] != $parent) return ''; // reply to an other comment 1859 if (!$comment['show']) return ''; // hidden comment 1860 1861 $text = $comment['raw']; // we only add the raw comment text 1862 if (is_array($comment['replies'])) { // and the replies 1863 foreach ($comment['replies'] as $rid) { 1864 $text .= $this->addCommentWords($rid, $data, $cid); 1865 } 1866 } 1867 return ' ' . $text; 1868 } 1869 1870 /** 1871 * Only allow http(s) URLs and append http:// to URLs if needed 1872 * 1873 * @param string $url 1874 * @return string 1875 */ 1876 protected function checkURL($url) 1877 { 1878 if (preg_match("#^http://|^https://#", $url)) { 1879 return hsc($url); 1880 } elseif (substr($url, 0, 4) == 'www.') { 1881 return hsc('https://' . $url); 1882 } else { 1883 return ''; 1884 } 1885 } 1886 1887 /** 1888 * Sort threads 1889 * 1890 * @param array $a array with comment properties 1891 * @param array $b array with comment properties 1892 * @return int 1893 */ 1894 function sortThreadsOnCreation($a, $b) 1895 { 1896 if (is_array($a['date'])) { 1897 // new format 1898 $createdA = $a['date']['created']; 1899 } else { 1900 // old format 1901 $createdA = $a['date']; 1902 } 1903 1904 if (is_array($b['date'])) { 1905 // new format 1906 $createdB = $b['date']['created']; 1907 } else { 1908 // old format 1909 $createdB = $b['date']; 1910 } 1911 1912 if ($createdA == $createdB) { 1913 return 0; 1914 } else { 1915 return ($createdA < $createdB) ? -1 : 1; 1916 } 1917 } 1918 1919} 1920 1921 1922