repositories / ssproject1617.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
add cms, add todo
[ssproject1617.git] / testcms-final-anon / system / classes / comments.php
1 <?php defined('IN_CMS') or die('No direct access allowed.');
2
3 class Comments {
4
5 public static function list_all($params = array()) {
6 $sql = "select * from comments where 1 = 1";
7 $args = array();
8
9 if(isset($params['post'])) {
10 $sql .= " and post = ?";
11 $args[] = $params['post'];
12 }
13
14 if(isset($params['sortby'])) {
15 $sql .= " order by " . $params['sortby'];
16
17 if(isset($params['sortmode'])) {
18 $sql .= " " . $params['sortmode'];
19 }
20 }
21
22 if(isset($params['limit'])) {
23 $sql .= " limit " . $params['limit'];
24
25 if(isset($params['offset'])) {
26 $sql .= " offset " . $params['offset'];
27 }
28 }
29
30 $result = Db::results($sql, $args);
31
32 return new Items($result);
33 }
34
35 public static function add($post_id) {
36 $post = Input::post(array('name', 'email', 'text'));
37 $errors = array();
38
39 if(empty($post['name'])) {
40 $errors[] = 'Please enter your name';
41 }
42
43 if(filter_var($post['email'], FILTER_VALIDATE_EMAIL) === false) {
44 $errors[] = 'Please enter a valid email address';
45 }
46
47 if(empty($post['text'])) {
48 $errors[] = 'Please enter your comments';
49 }
50
51 if(count($errors)) {
52 Notifications::set('error', $errors);
53 return false;
54 }
55
56 $post['date'] = time();
57 $post['status'] = Config::get('metadata.auto_published_comments', 0) ? 'published' : 'pending';
58 $post['post'] = $post_id;
59
60 $keys = array();
61 $values = array();
62 $args = array();
63
64 foreach($post as $key => $value) {
65 $keys[] = '`' . $key . '`';
66 $values[] = '\'' . $value . '\'';
67 }
68
69 $sql = "insert into comments (" . implode(', ', $keys) . ") values (" . implode(', ', $values) . ")";
70
71 Db::query($sql, $args);
72
73 Notifications::set('success', 'Your comment has been sent');
74
75 return true;
76 }
77
78 public static function update() {
79 $post = Input::post(array('id', 'text', 'status'));
80 $errors = array();
81
82 if(empty($post['text'])) {
83 $errors[] = 'Please enter comment text';
84 }
85
86 if(count($errors)) {
87 $output = json_encode(array('result' => false, 'errors' => $errors));
88 Response::content($output);
89 return false;
90 }
91
92 $id = $post['id'];
93 unset($post['id']);
94
95 $updates = array();
96 $args = array();
97
98 foreach($post as $key => $value) {
99 $updates[] = '`' . $key . '` = ?';
100 $args[] = $value;
101 }
102
103 $sql = "update comments set " . implode(', ', $updates) . " where id = ?";
104 $args[] = $id;
105
106 Db::query($sql, $args);
107
108 $output = json_encode(array('result' => true));
109 Response::content($output);
110 }
111
112 public static function update_status() {
113 $post = Input::post(array('id', 'status'));
114 $errors = array();
115
116 if(in_array($post['status'], array('published', 'pending', 'spam')) === false) {
117 $errors[] = 'Invalid comment status';
118 }
119
120 if(count($errors)) {
121 $output = json_encode(array('result' => false, 'errors' => $errors));
122 Response::content($output);
123 return false;
124 }
125
126 $id = $post['id'];
127 unset($post['id']);
128
129 $updates = array();
130 $args = array();
131
132 foreach($post as $key => $value) {
133 $updates[] = '`' . $key . '` = ?';
134 $args[] = $value;
135 }
136
137 $sql = "update comments set " . implode(', ', $updates) . " where id = ?";
138 $args[] = $id;
139
140 Db::query($sql, $args);
141
142 $output = json_encode(array('result' => true));
143 Response::content($output);
144 }
145
146 public static function remove() {
147 $id = Input::post('id');
148
149 $sql = "delete from comments where id = ?";
150 $args = array($id);
151
152 Db::query($sql, $args);
153
154 $output = json_encode(array('result' => true));
155 Response::content($output);
156 }
157
158 }