Same name and namespace in other branches
- 4.6.x modules/comment.module \comment_save()
- 4.7.x modules/comment.module \comment_save()
- 6.x modules/comment/comment.module \comment_save()
- 7.x modules/comment/comment.module \comment_save()
Accepts a submission of new or changed comment content.
Parameters
$edit: A comment array.
Return value
If the comment is successfully saved the comment ID is returned. If the comment is not saved, FALSE is returned.
File
- modules/
comment/ comment.module, line 700 - Enables users to comment on published content.
Code
function comment_save($edit) {
global $user;
if (user_access('post comments') && (user_access('administer comments') || node_comment_mode($edit['nid']) == COMMENT_NODE_READ_WRITE)) {
if (!form_get_errors()) {
if ($edit['cid']) {
// Update the comment in the database.
db_query("UPDATE {comments} SET status = %d, timestamp = %d, subject = '%s', comment = '%s', format = %d, uid = %d, name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);
_comment_update_node_statistics($edit['nid']);
// Allow modules to respond to the updating of a comment.
comment_invoke_comment($edit, 'update');
// Add an entry to the watchdog log.
watchdog('content', t('Comment: updated %subject.', array(
'%subject' => $edit['subject'],
)), WATCHDOG_NOTICE, l(t('view'), 'node/' . $edit['nid'], NULL, NULL, 'comment-' . $edit['cid']));
}
else {
// Check for duplicate comments. Note that we have to use the
// validated/filtered data to perform such check.
$duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit['pid'], $edit['nid'], $edit['subject'], $edit['comment']), 0);
if ($duplicate != 0) {
watchdog('content', t('Comment: duplicate %subject.', array(
'%subject' => $edit['subject'],
)), WATCHDOG_WARNING);
}
// Add the comment to database.
$edit['status'] = user_access('post comments without approval') ? COMMENT_PUBLISHED : COMMENT_NOT_PUBLISHED;
$roles = variable_get('comment_roles', array());
$score = 0;
foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
$score = max($roles[$rid], $score);
}
$users = serialize(array(
0 => $score,
));
// Here we are building the thread field. See the documentation for
// comment_render().
if ($edit['pid'] == 0) {
// This is a comment with no parent comment (depth 0): we start
// by retrieving the maximum thread level.
$max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));
// Strip the "/" from the end of the thread.
$max = rtrim($max, '/');
// Finally, build the thread field for this new comment.
$thread = int2vancode(vancode2int($max) + 1) . '/';
}
else {
// This is comment with a parent comment: we increase
// the part of the thread value at the proper depth.
// Get the parent comment:
$parent = _comment_load($edit['pid']);
// Strip the "/" from the end of the parent thread.
$parent->thread = (string) rtrim((string) $parent->thread, '/');
// Get the max value in _this_ thread.
$max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));
if ($max == '') {
// First child of this parent.
$thread = $parent->thread . '.' . int2vancode(0) . '/';
}
else {
// Strip the "/" at the end of the thread.
$max = rtrim($max, '/');
// We need to get the value at the correct depth.
$parts = explode('.', $max);
$parent_depth = count(explode('.', $parent->thread));
$last = $parts[$parent_depth];
// Finally, build the thread field for this new comment.
$thread = $parent->thread . '.' . int2vancode(vancode2int($last) + 1) . '/';
}
}
$edit['cid'] = db_next_id('{comments}_cid');
$edit['timestamp'] = time();
if ($edit['uid'] === $user->uid) {
// '===' because we want to modify anonymous users too
$edit['name'] = $user->name;
}
db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $edit['status'], $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
_comment_update_node_statistics($edit['nid']);
// Tell the other modules a new comment has been submitted.
comment_invoke_comment($edit, 'insert');
// Add an entry to the watchdog log.
watchdog('content', t('Comment: added %subject.', array(
'%subject' => $edit['subject'],
)), WATCHDOG_NOTICE, l(t('view'), 'node/' . $edit['nid'], NULL, NULL, 'comment-' . $edit['cid']));
}
// Clear the cache so an anonymous user can see his comment being added.
cache_clear_all();
// Explain the approval queue if necessary, and then
// redirect the user to the node he's commenting on.
if ($edit['status'] == COMMENT_NOT_PUBLISHED) {
drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
}
return $edit['cid'];
}
else {
return FALSE;
}
}
else {
$txt = t('Comment: unauthorized comment submitted or comment submitted to a closed node %subject.', array(
'%subject' => $edit['subject'],
));
watchdog('content', $txt, WATCHDOG_WARNING);
drupal_set_message($txt, 'error');
return FALSE;
}
}