Changeset 1052:de274bbd7b80 for inc/core

Timestamp:

12/03/12 14:14:58 (13 years ago)

Author:

franck <carnet.franck.paul@…>

Branch:

default

Message:

Cope with junk comments without antispam plugin enabled (addresses #903)

File:

• inc/core/class.dc.blog.php (modified) (1 diff)

inc/core/class.dc.blog.php

@@ -2215 +2215 @@
           $this->triggerBlog();
      }
+
+     public function delJunkComments()
+     {
+          if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
+               throw new Exception(__('You are not allowed to delete comments'));
+          }
+          
+          # mySQL uses "INNER JOIN" synthax
+          if ($this->con->driver() == 'mysql') {
+               $strReq = 
+                    'DELETE FROM tc '.
+                    'USING '.$this->prefix.'comment tc '.
+                    'INNER JOIN '.$this->prefix.'post tp ';
+          }
+          # pgSQL uses nothing special
+          else {
+               $strReq = 
+                    'DELETE FROM '.$this->prefix.'comment tc '.
+                    'USING '.$this->prefix.'post tp ';
+          }
+          
+          $strReq .= 
+               'WHERE tc.post_id = tp.post_id '.
+               "AND tp.blog_id = '".$this->con->escape($this->id)."' ".
+               'AND comment_status = -2';
+          
+          #If user can only delete, we need to check the post's owner
+          if (!$this->core->auth->check('contentadmin',$this->id))
+          {
+               $strReq .= 
+                    "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
+          }
+          
+          $this->con->execute($strReq);
+          $this->triggerBlog();
+     }
      
      private function getCommentCursor($cur)