1 call to comment_validate_form()
comment_reply in modules/comment.module

File

modules/comment.module, line 433
Enables users to comment on published content.

Code

function comment_validate_form($edit) {
  global $user;

  // Validate the comment's subject.  If not specified, extract
  // one from the comment's body.
  if (trim($edit['subject']) == '') {

    // The body may be in any format, so we:
    // 1) Filter it into HTML
    // 2) Strip out all HTML tags
    // 3) Convert entities back to plain-text.
    // Note: format is checked by check_output().
    $edit['subject'] = truncate_utf8(decode_entities(strip_tags(check_output($edit['comment'], $edit['format'], TRUE))), 29, TRUE);
  }

  // Validate the comment's body.
  if ($edit['comment'] == '') {
    form_set_error('comment', t('The body of your comment is empty.'));
  }

  // Validate filter format
  if (array_key_exists('format', $edit) && !filter_access($edit['format'])) {
    form_set_error('format', t('The supplied input format is invalid.'));
  }

  // Check validity of name, mail and homepage (if given)
  if (!$user->uid) {
    if (variable_get('comment_anonymous', 0) > 0) {
      if ($edit['name']) {
        $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", $edit['name']), 0);
        if ($taken != 0) {
          form_set_error('name', t('The name you used belongs to a registered user.'));
        }
      }
      else {
        if (variable_get('comment_anonymous', 0) == 2) {
          form_set_error('name', t('You have to leave your name.'));
        }
      }
      if ($edit['mail']) {
        if (!valid_email_address($edit['mail'])) {
          form_set_error('mail', t('The e-mail address you specified is not valid.'));
        }
      }
      else {
        if (variable_get('comment_anonymous', 0) == 2) {
          form_set_error('mail', t('You have to leave an e-mail address.'));
        }
      }
      if ($edit['homepage']) {
        if (!valid_url($edit['homepage'], TRUE)) {
          form_set_error('homepage', t('The URL of your homepage is not valid.  Remember that it must be fully qualified, i.e. of the form <code>http://example.com/directory</code>.'));
        }
      }
    }
  }
  return $edit;
}