Changeset 1052:de274bbd7b80

Timestamp:

12/03/12 14:14:58 (13 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Cope with junk comments without antispam plugin enabled (addresses #903)

Files:

• admin/comments.php (modified) (4 diffs)
• inc/core/class.dc.blog.php (modified) (1 diff)
• plugins/antispam/_admin.php (modified) (1 diff)
• plugins/antispam/antispam.js (modified) (1 diff)
• plugins/antispam/index.php (modified) (4 diffs)

admin/comments.php

@@ -15 +15 @@
 dcPage::check('usage,contentadmin');
 
+if (!empty($_POST['delete_all_spam']))
+{
+     try {
+          $core->blog->delJunkComments();
+          http::redirect('comments.php?delspam=1');
+     } catch (Exception $e) {
+          $core->error->add($e->getMessage());
+     }
+}
+
 # Creating filter combo boxes
 # Filter form we'll put in html_block
@@ -164 +174 @@
 if (!$core->error->flag())
 {
+     if (!empty($_GET['delspam'])) {
+          dcPage::message(__('Spam comments have been successfully deleted.'));
+     }
+     
      # Filters
      if (!$show_filters) {
@@ -210 +224 @@
      
      if (!$with_spam) {
+
           $spam_count = $core->blog->getComments(array('comment_status'=>-2),true)->f(0);
-          
-          if (!empty($_GET['delspam'])) {
-               dcPage::message(__('Spam comments have been successfully deleted.'));
-          }
           
           if ($spam_count > 0) {
                
-               if ($core->plugins->moduleExists('antispam')) {
-                    echo 
-                    '<form action="plugin.php?p=antispam" method="post" class="fieldset">';
-               }
+               echo 
+                    '<form action="comments.php" method="post" class="fieldset">';
 
                if ($spam_count == 1) {
@@ -231 +240 @@
                }
                
-               if ($core->plugins->moduleExists('antispam')) {
-
-                    $moderationTTL = $core->blog->settings->antispam->antispam_moderation_ttl;
-                    $spam_redir =
-                         'comments.php?type='.$type.
-                         '&author='.preg_replace('/%/','%%',$author).
-                         '&status='.$status.
-                         '&sortby='.$sortby.
-                         '&ip='.preg_replace('/%/','%%',$ip).
-                         '&order='.$order.
-                         '&page='.$page.
-                         '&nb='.$nb_per_page;
-                    
-                    echo
+               echo
                     $core->formNonce().
-                    form::hidden('ts',time()).
-                    form::hidden('redir',$spam_redir).
                     '<input name="delete_all_spam" class="delete" type="submit" value="'.__('Delete all spams').'" /></p>';
 
-                    if ($moderationTTL != null && $moderationTTL >=0) {
-                         echo '<p>'.sprintf(__('All spam comments older than %s day(s) will be automatically deleted.'), $moderationTTL).' '.
-                         sprintf(__('You can modify this duration in the %s'),'<a href="blog_pref.php"> '.__('Blog preferences').'</a>').
-                         '</p>';
-                    }
-
-                    echo '</form>';
-               }
+               # --BEHAVIOR-- adminCommentsSpamForm
+               $core->callBehavior('adminCommentsSpamForm',$core);
+
+               echo '</form>';
           }
      }

inc/core/class.dc.blog.php

@@ -2215 +2215 @@
           $this->triggerBlog();
      }
+
+     public function delJunkComments()
+     {
+          if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
+               throw new Exception(__('You are not allowed to delete comments'));
+          }
+          
+          # mySQL uses "INNER JOIN" synthax
+          if ($this->con->driver() == 'mysql') {
+               $strReq = 
+                    'DELETE FROM tc '.
+                    'USING '.$this->prefix.'comment tc '.
+                    'INNER JOIN '.$this->prefix.'post tp ';
+          }
+          # pgSQL uses nothing special
+          else {
+               $strReq = 
+                    'DELETE FROM '.$this->prefix.'comment tc '.
+                    'USING '.$this->prefix.'post tp ';
+          }
+          
+          $strReq .= 
+               'WHERE tc.post_id = tp.post_id '.
+               "AND tp.blog_id = '".$this->con->escape($this->id)."' ".
+               'AND comment_status = -2';
+          
+          #If user can only delete, we need to check the post's owner
+          if (!$this->core->auth->check('contentadmin',$this->id))
+          {
+               $strReq .= 
+                    "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
+          }
+          
+          $this->con->execute($strReq);
+          $this->triggerBlog();
+     }
      
      private function getCommentCursor($cur)

plugins/antispam/_admin.php

@@ -49 +49 @@
      $core->addBehavior('adminBlogPreferencesForm',array('antispamBehaviors','adminBlogPreferencesForm'));
      $core->addBehavior('adminBeforeBlogSettingsUpdate',array('antispamBehaviors','adminBeforeBlogSettingsUpdate'));
+     $core->addBehavior('adminCommentsSpamForm',array('antispamBehaviors','adminCommentsSpamForm'));
 }
 
 class antispamBehaviors
 {
+     public static function adminCommentsSpamForm($core)
+     {
+          $ttl = $core->blog->settings->antispam->antispam_moderation_ttl;
+          if ($ttl != null && $ttl >=0) {
+               echo '<p>'.sprintf(__('All spam comments older than %s day(s) will be automatically deleted.'), $ttl).' '.
+               sprintf(__('You can modify this duration in the %s'),'<a href="blog_pref.php"> '.__('Blog preferences').'</a>').
+               '</p>';
+          }
+     }
+
      public static function adminBlogPreferencesForm($core,$settings)
      {

plugins/antispam/antispam.js

@@ -4 +4 @@
           dragsort.makeTableSortable(this,dotclear.sortable.setHandle, dotclear.sortable.saveOrder);
      });
-     $('form input[type=submit][name=delete_all_spam]').click(function(){
+     $('form input[type=submit][name=delete_all]').click(function(){
           return window.confirm(dotclear.msg.confirm_spam_delete);
      });

plugins/antispam/index.php

@@ -20 +20 @@
 $default_tab = null;
 
-$redir = isset($_POST['redir']) && strpos($_POST['redir'],'://') === false ?
-     $_POST['redir'] : $p_url;
-
 try
 {
@@ -41 +38 @@
 
      # Remove all spam
-     if (!empty($_POST['delete_all_spam']))
+     if (!empty($_POST['delete_all']))
      {
           $ts = dt::str('%Y-%m-%d %H:%M:%S',$_POST['ts'],$core->blog->settings->system->blog_timezone);
 
           dcAntispam::delAllSpam($core,$ts);
-          http::redirect($redir.'&delspam=1');
+          http::redirect($p_url.'&del=1');
      }
 
@@ -141 +138 @@
      '<h3>'.__('Information').'</h3>';
 
-     if (!empty($_GET['delspam'])) {
+     if (!empty($_GET['del'])) {
           dcPage::message(__('Spam comments have been successfully deleted.'));
      }
@@ -158 +155 @@
           '<p>'.$core->formNonce().
           form::hidden('ts',time()).
-          '<input name="delete_all_spam" class="delete" type="submit" value="'.__('Delete all spams').'" /></p>';
+          '<input name="delete_all" class="delete" type="submit" value="'.__('Delete all spams').'" /></p>';
      }
      if ($moderationTTL != null && $moderationTTL >=0) {