comment_post
- Versions
- 4.6
comment_post($edit)
Code
modules/comment.module, line 525
<?php
function comment_post($edit) {
global $user;
if (user_access('post comments') && node_comment_mode($edit['nid']) == 2) {
if (!form_get_errors()) {
// Check for duplicate comments. Note that we have to use the
// validated/filtered data to perform such check.
$duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit['pid'], $edit['nid'], $edit['subject'], $edit['comment']), 0);
if ($duplicate != 0) {
watchdog('content', t('Comment: duplicate %subject.', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_WARNING);
}
if ($edit['cid']) {
// Update the comment in the database. Note that the update
// query will fail if the comment isn't owned by the current
// user.
db_query("UPDATE {comments} SET subject = '%s', comment = '%s', format = '%s' WHERE cid = %d AND uid = %d", $edit['subject'], $edit['comment'], $edit['format'], $edit['cid'], $user->uid);
_comment_update_node_statistics($edit['nid']);
// Allow modules to respond to the updating of a comment.
module_invoke_all('comment', 'update', $edit);
// Add an entry to the watchdog log.
watchdog('content', t('Comment: updated %subject.', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
}
else {
// Add the comment to database.
$status = user_access('post comments without approval') ? 0 : 1;
$roles = variable_get('comment_roles', array());
$score = 0;
foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
$score = max($roles[$rid], $score);
}
$users = serialize(array(0 => $score));
// Here we are building the thread field. See the comment
// in comment_render().
if ($edit['pid'] == 0) {
// This is a comment with no parent comment (depth 0): we start
// by retrieving the maximum thread level.
$max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));
// Strip the "/" from the end of the thread.
$max = rtrim($max, '/');
// Next, we increase this value by one. Note that we can't
// use 1, 2, 3, ... 9, 10, 11 because we order by string and
// 10 would be right after 1. We use 1, 2, 3, ..., 9, 91,
// 92, 93, ... instead. Ugly but fast.
$decimals = (string) substr($max, 0, strlen($max) - 1);
$units = substr($max, -1, 1);
if ($units) {
$units++;
}
else {
$units = 1;
}
if ($units == 10) {
$units = '90';
}
// Finally, build the thread field for this new comment.
$thread = $decimals . $units .'/';
}
else {
// This is comment with a parent comment: we increase
// the part of the thread value at the proper depth.
// Get the parent comment:
$parent = db_fetch_object(db_query('SELECT * FROM {comments} WHERE cid = %d', $edit['pid']));
// Strip the "/" from the end of the parent thread.
$parent->thread = (string) rtrim((string) $parent->thread, '/');
// Get the max value in _this_ thread.
$max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));
if ($max == '') {
// First child of this parent.
$thread = $parent->thread .'.1/';
}
else {
// Strip the "/" at the end of the thread.
$max = rtrim($max, '/');
// We need to get the value at the correct depth.
$parts = explode('.', $max);
$parent_depth = count(explode('.', $parent->thread));
$last = $parts[$parent_depth];
// Next, we increase this value by one. Note that we can't
// use 1, 2, 3, ... 9, 10, 11 because we order by string and
// 10 would be right after 1. We use 1, 2, 3, ..., 9, 91,
// 92, 93, ... instead. Ugly but fast.
$decimals = (string)substr($last, 0, strlen($last) - 1);
$units = substr($last, -1, 1);
$units++;
if ($units == 10) {
$units = '90';
}
// Finally, build the thread field for this new comment.
$thread = $parent->thread .'.'. $decimals . $units .'/';
}
}
$edit['cid'] = db_next_id('{comments}_cid');
$edit['timestamp'] = time();
if ($edit['uid'] = $user->uid) {
$edit['name'] = $user->name;
}
db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
_comment_update_node_statistics($edit['nid']);
// Tell the other modules a new comment has been submitted.
module_invoke_all('comment', 'insert', $edit);
// Add an entry to the watchdog log.
watchdog('content', t('Comment: added %subject.', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
}
// Clear the cache so an anonymous user can see his comment being added.
cache_clear_all();
// Explain the approval queue if necessary, and then
// redirect the user to the node he's commenting on.
if ($status == 1) {
drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
drupal_goto('node/'. $edit['nid']);
}
else {
drupal_goto('node/'. $edit['nid'], NULL, 'comment-'. $edit['cid']);
}
}
else {
return comment_preview($edit);
}
}
else {
watchdog('content', t('Comment: unauthorized comment submitted or comment submitted to a closed node (%subject).', array('%subject' => theme('placeholder', $edit['subject']))), WATCHDOG_WARNING);
}
}
?>