comment.module 74.4 KB
Newer Older
1
<?php
2
// $Id$
Dries's avatar
 
Dries committed
3

Dries's avatar
Dries committed
4 5
/**
 * @file
Dries's avatar
 
Dries committed
6
 * Enables users to comment on published content.
Dries's avatar
Dries committed
7 8 9 10 11 12
 *
 * When enabled, the Drupal comment module creates a discussion
 * board for each Drupal node. Users can post comments to discuss
 * a forum topic, weblog post, story, collaborative book page, etc.
 */

13 14
/**
 * Comment is published.
15
 */
Dries's avatar
Dries committed
16
define('COMMENT_PUBLISHED', 0);
17 18 19 20

/**
 * Comment is awaiting approval.
 */
Dries's avatar
Dries committed
21 22 23
define('COMMENT_NOT_PUBLISHED', 1);

/**
24
 * Comments are displayed in a flat list - collapsed.
Dries's avatar
Dries committed
25
 */
26
define('COMMENT_MODE_FLAT_COLLAPSED', 1);
27 28 29 30

/**
 * Comments are displayed in a flat list - expanded.
 */
31
define('COMMENT_MODE_FLAT_EXPANDED', 2);
32 33 34 35

/**
 * Comments are displayed as a threaded list - collapsed.
 */
36
define('COMMENT_MODE_THREADED_COLLAPSED', 3);
37 38 39 40

/**
 * Comments are displayed as a threaded list - expanded.
 */
41
define('COMMENT_MODE_THREADED_EXPANDED', 4);
Dries's avatar
Dries committed
42 43

/**
44
 * Comments are ordered by date - newest first.
Dries's avatar
Dries committed
45
 */
46
define('COMMENT_ORDER_NEWEST_FIRST', 1);
47 48 49 50

/**
 * Comments are ordered by date - oldest first.
 */
51
define('COMMENT_ORDER_OLDEST_FIRST', 2);
Dries's avatar
Dries committed
52 53

/**
54
 * Comment controls should be shown above the comment list.
Dries's avatar
Dries committed
55 56
 */
define('COMMENT_CONTROLS_ABOVE', 0);
57 58 59 60

/**
 * Comment controls should be shown below the comment list.
 */
Dries's avatar
Dries committed
61
define('COMMENT_CONTROLS_BELOW', 1);
62 63 64 65

/**
 * Comment controls should be shown both above and below the comment list.
 */
Dries's avatar
Dries committed
66
define('COMMENT_CONTROLS_ABOVE_BELOW', 2);
67 68 69 70

/**
 * Comment controls are hidden.
 */
Dries's avatar
Dries committed
71 72 73
define('COMMENT_CONTROLS_HIDDEN', 3);

/**
74
 * Anonymous posters may not enter their contact information.
Dries's avatar
Dries committed
75 76
 */
define('COMMENT_ANONYMOUS_MAYNOT_CONTACT', 0);
77 78 79 80

/**
 * Anonymous posters may leave their contact information.
 */
Dries's avatar
Dries committed
81
define('COMMENT_ANONYMOUS_MAY_CONTACT', 1);
82 83 84 85

/**
 * Anonymous posters must leave their contact information.
 */
Dries's avatar
Dries committed
86 87 88
define('COMMENT_ANONYMOUS_MUST_CONTACT', 2);

/**
89
 * Comment form should be displayed on a separate page.
Dries's avatar
Dries committed
90 91
 */
define('COMMENT_FORM_SEPARATE_PAGE', 0);
92 93 94 95

/**
 * Comment form should be shown below post or list of comments.
 */
Dries's avatar
Dries committed
96 97 98
define('COMMENT_FORM_BELOW', 1);

/**
99
 * Comments for this node are disabled.
Dries's avatar
Dries committed
100 101
 */
define('COMMENT_NODE_DISABLED', 0);
102 103 104 105

/**
 * Comments for this node are locked.
 */
Dries's avatar
Dries committed
106
define('COMMENT_NODE_READ_ONLY', 1);
107 108 109 110

/**
 * Comments are enabled on this node.
 */
Dries's avatar
Dries committed
111
define('COMMENT_NODE_READ_WRITE', 2);
112

113
/**
114
 * Comment preview is optional.
115 116
 */
define('COMMENT_PREVIEW_OPTIONAL', 0);
117 118 119 120

/**
 * Comment preview is required.
 */
121 122
define('COMMENT_PREVIEW_REQUIRED', 1);

123 124 125
/**
 * Implementation of hook_help().
 */
126
function comment_help($section) {
Dries's avatar
 
Dries committed
127
  switch ($section) {
Dries's avatar
 
Dries committed
128
    case 'admin/help#comment':
129
      $output = '<p>'. t('The comment module creates a discussion board for each post. Users can post comments to discuss a forum topic, weblog post, story, collaborative book page, etc. The ability to comment is an important part of involving members in a community dialogue.') .'</p>';
130
      $output .= '<p>'. t('An administrator can give comment permissions to user groups, and users can (optionally) edit their last comment, assuming no others have been posted since. Attached to each comment board is a control panel for customizing the way that comments are displayed. Users can control the chronological ordering of posts (newest or oldest first) and the number of posts to display on each page. Comments behave like other user submissions. Filters, smileys and HTML that work in nodes will also work with comments. The comment module provides specific features to inform site members when new comments have been posted.') .'</p>';
131
      $output .= '<p>'. t('For more information please read the configuration and customization handbook <a href="@comment">Comment page</a>.', array('@comment' => 'http://drupal.org/handbook/modules/comment/')) .'</p>';
132
      return $output;
133 134
    case 'admin/content/comment':
    case 'admin/content/comment/new':
135
      return '<p>'. t("Below is a list of the latest comments posted to your site. Click on a subject to see the comment, the author's name to edit the author's user information , 'edit' to modify the text, and 'delete' to remove their submission.") .'</p>';
136
    case 'admin/content/comment/approval':
137
      return '<p>'. t("Below is a list of the comments posted to your site that need approval. To approve a comment, click on 'edit' and then change its 'moderation status' to Approved. Click on a subject to see the comment, the author's name to edit the author's user information, 'edit' to modify the text, and 'delete' to remove their submission.") .'</p>';
138
    case 'admin/content/comment/settings':
139
      return '<p>'. t("Comments can be attached to any node, and their settings are below. The display comes in two types: a 'flat list' where everything is flush to the left side, and comments come in chronological order, and a 'threaded list' where replies to other comments are placed immediately below and slightly indented, forming an outline. They also come in two styles: 'expanded', where you see both the title and the contents, and 'collapsed' where you only see the title. Preview comment forces a user to look at their comment by clicking on a 'Preview' button before they can actually add the comment.") .'</p>';
140
   }
Dries's avatar
 
Dries committed
141 142
}

143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164
/**
 * Implementation of hook_theme()
 */
function comment_theme() {
  return array(
    'comment_block' => array(
      'arguments' => array(),
    ),
    'comment_admin_overview' => array(
      'arguments' => array('form' => NULL),
    ),
    'comment_preview' => array(
      'arguments' => array('comment' => NULL, 'links' => array(), 'visible' => 1),
    ),
    'comment_view' => array(
      'arguments' => array('comment' => NULL, 'links' => array(), 'visible' => 1),
    ),
    'comment_controls' => array(
      'arguments' => array('form' => NULL),
    ),
    'comment' => array(
      'arguments' => array('comment' => NULL, 'links' => array()),
165
      'file' => 'comment.tpl.php',
166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190
    ),
    'comment_folded' => array(
      'arguments' => array('comment' => NULL),
    ),
    'comment_flat_collapsed' => array(
      'arguments' => array('comment' => NULL),
    ),
    'comment_flat_expanded' => array(
      'arguments' => array('comment' => NULL),
    ),
    'comment_thread_collapsed' => array(
      'arguments' => array('comment' => NULL),
    ),
    'comment_thread_expanded' => array(
      'arguments' => array('comment' => NULL),
    ),
    'comment_post_forbidden' => array(
      'arguments' => array('nid' => NULL),
    ),
    'comment_wrapper' => array(
      'arguments' => array('content' => NULL),
    ),
  );
}

191 192 193 194
function _comment_view_access($node, $cid) {
  return $node && $cid;
}

Dries's avatar
 
Dries committed
195 196 197
/**
 * Implementation of hook_menu().
 */
198 199
function comment_menu() {
  $items['admin/content/comment'] = array(
200 201
    'title' => 'Comments',
    'description' => 'List and edit site comments and the comment moderation queue.',
202 203 204
    'page callback' => 'comment_admin',
    'access arguments' => array('administer comments'),
  );
Dries's avatar
 
Dries committed
205

206 207
  // Tabs:
  $items['admin/content/comment/list'] = array(
208
    'title' => 'List',
209 210 211
    'type' => MENU_DEFAULT_LOCAL_TASK,
    'weight' => -10,
  );
Dries's avatar
 
Dries committed
212

213 214
  // Subtabs:
  $items['admin/content/comment/list/new'] = array(
215
    'title' => 'Published comments',
216 217 218 219
    'type' => MENU_DEFAULT_LOCAL_TASK,
    'weight' => -10,
  );
  $items['admin/content/comment/list/approval'] = array(
220
    'title' => 'Approval queue',
221 222 223 224 225
    'page arguments' => array('approval'),
    'type' => MENU_LOCAL_TASK,
  );

  $items['admin/content/comment/settings'] = array(
226
    'title' => 'Settings',
227 228 229 230 231 232 233
    'page callback' => 'drupal_get_form',
    'page arguments' => array('comment_admin_settings'),
    'weight' => 10,
    'type' => MENU_LOCAL_TASK,
  );

  $items['comment/delete'] = array(
234
    'title' => 'Delete comment',
235 236 237 238 239 240
    'page callback' => 'comment_delete',
    'access arguments' => array('administer comments'),
    'type' => MENU_CALLBACK,
  );

  $items['comment/edit'] = array(
241
    'title' => 'Edit comment',
242 243 244 245
    'page callback' => 'comment_edit',
    'access arguments' => array('post comments'),
    'type' => MENU_CALLBACK,
  );
246
  $items['comment/reply/%node'] = array(
247
    'title' => 'Reply to comment',
248
    'page callback' => 'comment_reply',
249
    'page arguments' => array(2),
250 251 252 253
    'access callback' => 'node_access',
    'access arguments' => array('view', 2),
    'type' => MENU_CALLBACK,
  );
254
  $items['node/%node/%'] = array(
255
    'title' => 'View',
256 257 258 259 260 261
    'page callback' => 'node_page_view',
    'page arguments' => array(1, 2),
    'access callback' => '_comment_view_access',
    'access arguments' => array(1, 2),
    'type' => MENU_CALLBACK,
  );
Dries's avatar
 
Dries committed
262 263 264 265 266 267 268 269

  return $items;
}

/**
 * Implementation of hook_perm().
 */
function comment_perm() {
270
  return array('access comments', 'post comments', 'administer comments', 'post comments without approval');
Dries's avatar
 
Dries committed
271 272 273 274 275 276 277 278 279 280 281 282
}

/**
 * Implementation of hook_block().
 *
 * Generates a block with the most recent comments.
 */
function comment_block($op = 'list', $delta = 0) {
  if ($op == 'list') {
    $blocks[0]['info'] = t('Recent comments');
    return $blocks;
  }
283
  else if ($op == 'view' && user_access('access comments')) {
Dries's avatar
 
Dries committed
284
    $block['subject'] = t('Recent comments');
285
    $block['content'] = theme('comment_block');
Dries's avatar
 
Dries committed
286 287 288 289
    return $block;
  }
}

290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306
/**
 * Find a number of recent comments. This is done in two steps.
 *   1. Find the n (specified by $number) nodes that have the most recent
 *      comments.  This is done by querying node_comment_statistics which has
 *      an index on last_comment_timestamp, and is thus a fast query.
 *   2. Loading the information from the comments table based on the nids found
 *      in step 1.
 *
 * @param $number (optional) The maximum number of comments to find.
 * @return $comments An array of comment objects each containing a nid,
 *   subject, cid, and timstamp, or an empty array if there are no recent
 *   comments visible to the current user.
 */
function comment_get_recent($number = 10) {
  // Select the $number nodes (visible to the current user) with the most
  // recent comments. This is efficient due to the index on
  // last_comment_timestamp.
307
  $result = db_query_range(db_rewrite_sql("SELECT nc.nid FROM {node_comment_statistics} nc WHERE nc.comment_count > 0 ORDER BY nc.last_comment_timestamp DESC", 'nc'), 0, $number);
308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332

  $nids = array();
  while ($row = db_fetch_object($result)) {
    $nids[] = $row->nid;
  }

  $comments = array();
  if (!empty($nids)) {
    // From among the comments on the nodes selected in the first query,
    // find the $number most recent comments.
    $result = db_query_range('SELECT c.nid, c.subject, c.cid, c.timestamp FROM {comments} c INNER JOIN {node} n ON n.nid = c.nid WHERE c.nid IN ('. implode(',', $nids) .') AND n.status = 1 AND c.status = %d ORDER BY c.timestamp DESC', COMMENT_PUBLISHED, 0, $number);
    while ($comment = db_fetch_object($result)) {
      $comments[] = $comment;
    }
  }

  return $comments;
}

/**
 * Returns a formatted list of recent comments to be displayed in the comment
 * block.
 *
 * @ingroup themeable
 */
333 334
function theme_comment_block() {
  $items = array();
335
  foreach (comment_get_recent() as $comment) {
336
    $items[] = l($comment->subject, 'node/'. $comment->nid, array('fragment' => 'comment-'. $comment->cid)) .'<br />'. t('@time ago', array('@time' => format_interval(time() - $comment->timestamp)));
337
  }
338 339 340
  if ($items) {
    return theme('item_list', $items);
  }
341 342
}

Dries's avatar
 
Dries committed
343 344 345
/**
 * Implementation of hook_link().
 */
346
function comment_link($type, $node = NULL, $teaser = FALSE) {
Dries's avatar
 
Dries committed
347 348 349 350
  $links = array();

  if ($type == 'node' && $node->comment) {

351
    if ($teaser) {
Dries's avatar
 
Dries committed
352 353 354 355 356 357
      // Main page: display the number of comments that have been posted.

      if (user_access('access comments')) {
        $all = comment_num_all($node->nid);

        if ($all) {
358
          $links['comment_comments'] = array(
359
            'title' => format_plural($all, '1 comment', '@count comments'),
360 361
            'href' => "node/$node->nid",
            'attributes' => array('title' => t('Jump to the first comment of this posting.')),
362
            'fragment' => 'comments'
363
          );
364 365

          $new = comment_num_new($node->nid);
Dries's avatar
 
Dries committed
366 367

          if ($new) {
368
            $links['comment_new_comments'] = array(
369
              'title' => format_plural($new, '1 new comment', '@count new comments'),
370 371 372
              'href' => "node/$node->nid",
              'attributes' => array('title' => t('Jump to the first new comment of this posting.')),
              'fragment' => 'new'
373
            );
Dries's avatar
 
Dries committed
374 375 376
          }
        }
        else {
Dries's avatar
Dries committed
377
          if ($node->comment == COMMENT_NODE_READ_WRITE) {
Dries's avatar
 
Dries committed
378
            if (user_access('post comments')) {
379
              $links['comment_add'] = array(
380
                'title' => t('Add new comment'),
381 382
                'href' => "comment/reply/$node->nid",
                'attributes' => array('title' => t('Add a new comment to this page.')),
383
                'fragment' => 'comment-form'
384
              );
Dries's avatar
 
Dries committed
385 386
            }
            else {
387
              $links['comment_forbidden']['title'] = theme('comment_post_forbidden', $node->nid);
Dries's avatar
 
Dries committed
388 389 390 391 392 393 394 395 396
            }
          }
        }
      }
    }
    else {
      // Node page: add a "post comment" link if the user is allowed to
      // post comments, if this node is not read-only, and if the comment form isn't already shown

397
      if ($node->comment == COMMENT_NODE_READ_WRITE) {
Dries's avatar
 
Dries committed
398
        if (user_access('post comments')) {
399
          if (variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE) == COMMENT_FORM_SEPARATE_PAGE) {
400
            $links['comment_add'] = array(
401
              'title' => t('Add new comment'),
402 403
              'href' => "comment/reply/$node->nid",
              'attributes' => array('title' => t('Share your thoughts and opinions related to this posting.')),
404
              'fragment' => 'comment-form'
405
            );
406
          }
Dries's avatar
 
Dries committed
407 408
        }
        else {
409
          $links['comment_forbidden']['title'] = theme('comment_post_forbidden', $node->nid);
Dries's avatar
 
Dries committed
410 411 412 413 414 415
        }
      }
    }
  }

  if ($type == 'comment') {
416
    $links = comment_links($node, $teaser);
Dries's avatar
 
Dries committed
417
  }
418 419 420
  if (isset($links['comment_forbidden'])) {
    $links['comment_forbidden']['html'] = TRUE;
  }
Dries's avatar
 
Dries committed
421 422 423 424

  return $links;
}

425
function comment_form_alter(&$form, $form_id) {
426 427 428 429
  if ($form_id == 'node_type_form' && isset($form['identity']['type'])) {
    $form['workflow']['comment'] = array(
      '#type' => 'radios',
      '#title' => t('Default comment setting'),
430
      '#default_value' => variable_get('comment_'. $form['#node_type']->type, COMMENT_NODE_READ_WRITE),
431 432 433 434
      '#options' => array(t('Disabled'), t('Read only'), t('Read/Write')),
      '#description' => t('Users with the <em>administer comments</em> permission will be able to override this setting.'),
    );
  }
435
  elseif (isset($form['type']) && isset($form['#node'])) {
436
    if ($form['type']['#value'] .'_node_form' == $form_id) {
437
      $node = $form['#node'];
438 439 440 441 442 443 444 445 446 447 448 449 450 451
      $form['comment_settings'] = array(
        '#type' => 'fieldset',
        '#access' => user_access('administer comments'),
        '#title' => t('Comment settings'),
        '#collapsible' => TRUE,
        '#collapsed' => TRUE,
        '#weight' => 30,
      );
      $form['comment_settings']['comment'] = array(
        '#type' => 'radios',
        '#parents' => array('comment'),
        '#default_value' => $node->comment,
        '#options' => array(t('Disabled'), t('Read only'), t('Read/Write')),
      );
452
    }
453 454 455
  }
}

Dries's avatar
 
Dries committed
456 457
/**
 * Implementation of hook_nodeapi().
Dries's avatar
 
Dries committed
458
 *
Dries's avatar
 
Dries committed
459 460 461
 */
function comment_nodeapi(&$node, $op, $arg = 0) {
  switch ($op) {
Dries's avatar
 
Dries committed
462
    case 'load':
463
      return db_fetch_array(db_query("SELECT last_comment_timestamp, last_comment_name, comment_count FROM {node_comment_statistics} WHERE nid = %d", $node->nid));
464 465 466 467
      break;

    case 'prepare':
      if (!isset($node->comment)) {
Dries's avatar
Dries committed
468
        $node->comment = variable_get("comment_$node->type", COMMENT_NODE_READ_WRITE);
Dries's avatar
 
Dries committed
469 470
      }
      break;
471

472 473 474 475 476 477 478 479 480
    case 'insert':
      db_query('INSERT INTO {node_comment_statistics} (nid, last_comment_timestamp, last_comment_name, last_comment_uid, comment_count) VALUES (%d, %d, NULL, %d, 0)', $node->nid, $node->created, $node->uid);
      break;

    case 'delete':
      db_query('DELETE FROM {comments} WHERE nid = %d', $node->nid);
      db_query('DELETE FROM {node_comment_statistics} WHERE nid = %d', $node->nid);
      break;

Dries's avatar
Dries committed
481 482
    case 'update index':
      $text = '';
483
      $comments = db_query('SELECT subject, comment, format FROM {comments} WHERE nid = %d AND status = %d', $node->nid, COMMENT_PUBLISHED);
Dries's avatar
Dries committed
484
      while ($comment = db_fetch_object($comments)) {
485
        $text .= '<h2>'. check_plain($comment->subject) .'</h2>'. check_markup($comment->comment, $comment->format, FALSE);
Dries's avatar
Dries committed
486 487
      }
      return $text;
488

Dries's avatar
Dries committed
489 490
    case 'search result':
      $comments = db_result(db_query('SELECT comment_count FROM {node_comment_statistics} WHERE nid = %d', $node->nid));
491
      return format_plural($comments, '1 comment', '@count comments');
492

Steven Wittens's avatar
- Typo  
Steven Wittens committed
493
    case 'rss item':
494
      if ($node->comment != COMMENT_NODE_DISABLED) {
495
        return array(array('key' => 'comments', 'value' => url('node/'. $node->nid, array('fragment' => 'comments', 'absolute' => TRUE))));
496 497 498 499
      }
      else {
        return array();
      }
Dries's avatar
 
Dries committed
500 501 502 503 504 505 506
  }
}

/**
 * Implementation of hook_user().
 */
function comment_user($type, $edit, &$user, $category = NULL) {
507
  if ($type == 'delete') {
508 509 510
    db_query('UPDATE {comments} SET uid = 0 WHERE uid = %d', $user->uid);
    db_query('UPDATE {node_comment_statistics} SET last_comment_uid = 0 WHERE last_comment_uid = %d', $user->uid);
  }
Dries's avatar
 
Dries committed
511 512
}

513
/**
Dries's avatar
 
Dries committed
514
 * Menu callback; presents the comment settings page.
515
 */
Dries's avatar
Dries committed
516
function comment_admin_settings() {
517 518
  $form['viewing_options'] = array(
    '#type' => 'fieldset',
519
    '#title' => t('Viewing options'),
520 521
    '#collapsible' => TRUE,
  );
Dries's avatar
 
Dries committed
522

Dries's avatar
Dries committed
523 524 525 526 527
  $form['viewing_options']['comment_default_mode'] = array(
    '#type' => 'radios',
    '#title' => t('Default display mode'),
    '#default_value' => variable_get('comment_default_mode', COMMENT_MODE_THREADED_EXPANDED),
    '#options' => _comment_get_modes(),
528
    '#description' => t('The default view for comments. Expanded views display the body of the comment. Threaded views keep replies together.'),
Dries's avatar
Dries committed
529
  );
530

Dries's avatar
Dries committed
531 532 533
  $form['viewing_options']['comment_default_order'] = array(
    '#type' => 'radios',
    '#title' => t('Default display order'),
534
    '#default_value' => variable_get('comment_default_order', COMMENT_ORDER_NEWEST_FIRST),
Dries's avatar
Dries committed
535
    '#options' => _comment_get_orders(),
536
    '#description' => t('The default sorting for new users and anonymous users while viewing comments. These users may change their view using the comment control panel. For registered users, this change is remembered as a persistent user preference.'),
Dries's avatar
Dries committed
537
  );
Dries's avatar
 
Dries committed
538

539
  $form['viewing_options']['comment_default_per_page'] = array(
540 541 542 543
    '#type' => 'select',
    '#title' => t('Default comments per page'),
    '#default_value' => variable_get('comment_default_per_page', 50),
    '#options' => _comment_per_page(),
544
    '#description' => t('Default number of comments for each page: more comments are distributed in several pages.'),
545 546
  );

Dries's avatar
Dries committed
547 548 549 550 551 552 553 554 555
  $form['viewing_options']['comment_controls'] = array(
    '#type' => 'radios',
    '#title' => t('Comment controls'),
    '#default_value' => variable_get('comment_controls', COMMENT_CONTROLS_HIDDEN),
    '#options' => array(
      t('Display above the comments'),
      t('Display below the comments'),
      t('Display above and below the comments'),
      t('Do not display')),
556
    '#description' => t('Position of the comment controls box. The comment controls let the user change the default display mode and display order of comments.'),
Dries's avatar
Dries committed
557
  );
558

559 560
  $form['posting_settings'] = array(
    '#type' => 'fieldset',
561
    '#title' => t('Posting settings'),
562 563
    '#collapsible' => TRUE,
  );
564

Dries's avatar
Dries committed
565 566
  $form['posting_settings']['comment_anonymous'] = array(
    '#type' => 'radios',
567
    '#title' => t('Anonymous commenting'),
Dries's avatar
Dries committed
568 569 570 571 572
    '#default_value' => variable_get('comment_anonymous', COMMENT_ANONYMOUS_MAYNOT_CONTACT),
    '#options' => array(
      COMMENT_ANONYMOUS_MAYNOT_CONTACT => t('Anonymous posters may not enter their contact information'),
      COMMENT_ANONYMOUS_MAY_CONTACT => t('Anonymous posters may leave their contact information'),
      COMMENT_ANONYMOUS_MUST_CONTACT => t('Anonymous posters must leave their contact information')),
573
    '#description' => t('This option is enabled when anonymous users have permission to post comments on the <a href="@url">permissions page</a>.', array('@url' => url('admin/user/access', array('fragment' => 'module-comment')))),
Dries's avatar
Dries committed
574
  );
575
  if (!user_access('post comments', user_load(array('uid' => 0)))) {
576
    $form['posting_settings']['comment_anonymous']['#disabled'] = TRUE;
577
  }
578 579

  $form['posting_settings']['comment_subject_field'] = array(
580 581 582 583
    '#type' => 'radios',
    '#title' => t('Comment subject field'),
    '#default_value' => variable_get('comment_subject_field', 1),
    '#options' => array(t('Disabled'), t('Enabled')),
584
    '#description' => t('Can users provide a unique subject for their comments?'),
585 586
  );

587 588 589 590 591 592
  $form['posting_settings']['comment_preview'] = array(
    '#type' => 'radios',
    '#title' => t('Preview comment'),
    '#default_value' => variable_get('comment_preview', COMMENT_PREVIEW_REQUIRED),
    '#options' => array(t('Optional'), t('Required')),
  );
593

Dries's avatar
Dries committed
594 595 596 597
  $form['posting_settings']['comment_form_location'] = array(
    '#type' => 'radios',
    '#title' => t('Location of comment submission form'),
    '#default_value' => variable_get('comment_form_location', COMMENT_FORM_SEPARATE_PAGE),
598
    '#options' => array(t('Display on separate page'), t('Display below post or comments')),
Dries's avatar
Dries committed
599
  );
600

601
  return system_settings_form($form);
Dries's avatar
 
Dries committed
602 603
}

604 605 606 607 608 609
/**
 * This is *not* a hook_access() implementation. This function is called
 * to determine whether the current user has access to a particular comment.
 *
 * Authenticated users can edit their comments as long they have not been
 * replied to. This prevents people from changing or revising their
610
 * statements based on the replies to their posts.
611
 */
Dries's avatar
 
Dries committed
612
function comment_access($op, $comment) {
Dries's avatar
 
Dries committed
613 614
  global $user;

615
  if ($op == 'edit') {
616
    return ($user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0) || user_access('administer comments');
Dries's avatar
 
Dries committed
617 618
  }
}
619

Dries's avatar
 
Dries committed
620
function comment_node_url() {
Dries's avatar
Dries committed
621
  return arg(0) .'/'. arg(1);
Dries's avatar
 
Dries committed
622
}
Dries's avatar
 
Dries committed
623

Dries's avatar
 
Dries committed
624 625 626
function comment_edit($cid) {
  global $user;

627
  $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d', $cid));
Dries's avatar
 
Dries committed
628
  $comment = drupal_unpack($comment);
629
  $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
630
  if (comment_access('edit', $comment)) {
631
    return comment_form_box((array)$comment);
632 633 634
  }
  else {
    drupal_access_denied();
Dries's avatar
 
Dries committed
635 636 637
  }
}

638 639 640 641 642 643 644 645 646 647 648
/**
 * This function is responsible for generating a comment reply form.
 * There are several cases that have to be handled, including:
 *   - replies to comments
 *   - replies to nodes
 *   - attempts to reply to nodes that can no longer accept comments
 *   - respecting access permissions ('access comments', 'post comments', etc.)
 *
 * The node or comment that is being replied to must appear above the comment
 * form to provide the user context while authoring the comment.
 *
649 650
 * @param $node
 *   Every comment belongs to a node. This is that node.
651 652 653 654 655 656 657
 * @param $pid
 *   Some comments are replies to other comments. In those cases, $pid is the parent
 *   comment's cid.
 *
 * @return $output
 *   The rendered parent node or comment plus the new comment form.
 */
658
function comment_reply($node, $pid = NULL) {
659
  // Set the breadcrumb trail.
660
  menu_set_location(array(array('path' => "node/$node->nid", 'title' => $node->title), array('path' => "comment/reply/$node->nid")));
Dries's avatar
 
Dries committed
661

662
  $op = isset($_POST['op']) ? $_POST['op'] : '';
Dries's avatar
 
Dries committed
663

664
  $output = '';
Dries's avatar
 
Dries committed
665

Dries's avatar
Dries committed
666
  if (user_access('access comments')) {
667
    // The user is previewing a comment prior to submitting it.
668 669
    if ($op == t('Preview comment')) {
      if (user_access('post comments')) {
670
        $output .= comment_form_box(array('pid' => $pid, 'nid' => $node->nid), NULL);
671 672 673
      }
      else {
        drupal_set_message(t('You are not authorized to post comments.'), 'error');
674
        drupal_goto("node/$node->nid");
675
      }
Dries's avatar
 
Dries committed
676 677
    }
    else {
678
      // $pid indicates that this is a reply to a comment.
679
      if ($pid) {
680
        // load the comment whose cid = $pid
681
        if ($comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.signature, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = %d', $pid, COMMENT_PUBLISHED))) {
682 683
          // If that comment exists, make sure that the current comment and the parent comment both
          // belong to the same parent node.
684
          if ($comment->nid != $node->nid) {
685 686
            // Attempting to reply to a comment not belonging to the current nid.
            drupal_set_message(t('The comment you are replying to does not exist.'), 'error');
687
            drupal_goto("node/$node->nid");
688
          }
689
          // Display the parent comment
690 691 692 693 694 695
          $comment = drupal_unpack($comment);
          $comment->name = $comment->uid ? $comment->registered_name : $comment->name;
          $output .= theme('comment_view', $comment);
        }
        else {
          drupal_set_message(t('The comment you are replying to does not exist.'), 'error');
696
          drupal_goto("node/$node->nid");
697
        }
698
      }
699
      // This is the case where the comment is in response to a node. Display the node.
700 701 702 703
      else if (user_access('access content')) {
        $output .= node_view($node);
      }

704
      // Should we show the reply box?
705
      if (node_comment_mode($node->nid) != COMMENT_NODE_READ_WRITE) {
706
        drupal_set_message(t("This discussion is closed: you can't post new comments."), 'error');
707
        drupal_goto("node/$node->nid");
708 709
      }
      else if (user_access('post comments')) {
710
        $output .= comment_form_box(array('pid' => $pid, 'nid' => $node->nid), t('Reply'));
711 712 713
      }
      else {
        drupal_set_message(t('You are not authorized to post comments.'), 'error');
714
        drupal_goto("node/$node->nid");
715
      }
Dries's avatar
 
Dries committed
716
    }
Kjartan's avatar
Kjartan committed
717 718
  }
  else {
719
    drupal_set_message(t('You are not authorized to view comments.'), 'error');
720
    drupal_goto("node/$node->nid");
Dries's avatar
 
Dries committed
721
  }
Dries's avatar
 
Dries committed
722

Dries's avatar
 
Dries committed
723
  return $output;
Dries's avatar
 
Dries committed
724 725
}

726 727 728 729 730 731 732
/**
 * Accepts a submission of new or changed comment content.
 *
 * @param $edit
 *   A comment array.
 *
 * @return
733
 *   If the comment is successfully saved the comment ID is returned. If the comment
734 735 736
 *   is not saved, FALSE is returned.
 */
function comment_save($edit) {
Dries's avatar
 
Dries committed
737
  global $user;
738
  if (user_access('post comments') && (user_access('administer comments') || node_comment_mode($edit['nid']) == COMMENT_NODE_READ_WRITE)) {
Dries's avatar
 
Dries committed
739
    if (!form_get_errors()) {
740
      if ($edit['cid']) {
741
        // Update the comment in the database.
742
        db_query("UPDATE {comments} SET status = %d, timestamp = %d, subject = '%s', comment = '%s', format = %d, uid = %d, name = '%s', mail = '%s', homepage = '%s' WHERE cid = %d", $edit['status'], $edit['timestamp'], $edit['subject'], $edit['comment'], $edit['format'], $edit['uid'], $edit['name'], $edit['mail'], $edit['homepage'], $edit['cid']);
Dries's avatar
 
Dries committed
743

Dries's avatar
 
Dries committed
744 745
        _comment_update_node_statistics($edit['nid']);

746
        // Allow modules to respond to the updating of a comment.
747 748
        comment_invoke_comment($edit, 'update');

Dries's avatar
Dries committed
749
        // Add an entry to the watchdog log.
750
        watchdog('content', 'Comment: updated %subject.', array('%subject' => $edit['subject']), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], array('fragment' => 'comment-'. $edit['cid'])));
Dries's avatar
 
Dries committed
751 752
      }
      else {
753 754 755 756
        // Check for duplicate comments. Note that we have to use the
        // validated/filtered data to perform such check.
        $duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit['pid'], $edit['nid'], $edit['subject'], $edit['comment']), 0);
        if ($duplicate != 0) {
757
          watchdog('content', 'Comment: duplicate %subject.', array('%subject' => $edit['subject']), WATCHDOG_WARNING);
758 759
        }

760
        // Add the comment to database.
761
        $status = user_access('post comments without approval') ? COMMENT_PUBLISHED : COMMENT_NOT_PUBLISHED;
762
        $roles = variable_get('comment_roles', array());
Dries's avatar
 
Dries committed
763 764 765 766 767 768
        $score = 0;

        foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
          $score = max($roles[$rid], $score);
        }

Dries's avatar
 
Dries committed
769 770
        $users = serialize(array(0 => $score));

771 772
        // Here we are building the thread field. See the documentation for
        // comment_render().
773
        if ($edit['pid'] == 0) {
774 775
          // This is a comment with no parent comment (depth 0): we start
          // by retrieving the maximum thread level.
776
          $max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));
Dries's avatar
 
Dries committed
777

778 779
          // Strip the "/" from the end of the thread.
          $max = rtrim($max, '/');
Dries's avatar
 
Dries committed
780

781
          // Finally, build the thread field for this new comment.
782
          $thread = int2vancode(vancode2int($max) + 1) .'/';
Dries's avatar
 
Dries committed
783 784
        }
        else {
785 786
          // This is comment with a parent comment: we increase
          // the part of the thread value at the proper depth.
Dries's avatar
 
Dries committed
787 788

          // Get the parent comment:
789
          $parent = _comment_load($edit['pid']);
Dries's avatar
 
Dries committed
790

791
          // Strip the "/" from the end of the parent thread.
792
          $parent->thread = (string) rtrim((string) $parent->thread, '/');
Dries's avatar
 
Dries committed
793

794
          // Get the max value in _this_ thread.
Dries's avatar
 
Dries committed
795
          $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));
Dries's avatar
 
Dries committed
796

797 798
          if ($max == '') {
            // First child of this parent.
799
            $thread = $parent->thread .'.'. int2vancode(0) .'/';
Dries's avatar
 
Dries committed
800 801
          }
          else {
802 803
            // Strip the "/" at the end of the thread.
            $max = rtrim($max, '/');
Dries's avatar
 
Dries committed
804

805 806 807
            // We need to get the value at the correct depth.
            $parts = explode('.', $max);
            $parent_depth = count(explode('.', $parent->thread));
Dries's avatar
 
Dries committed
808 809
            $last = $parts[$parent_depth];

810
            // Finally, build the thread field for this new comment.
811
            $thread = $parent->thread .'.'. int2vancode(vancode2int($last) + 1) .'/';
Dries's avatar
 
Dries committed
812 813 814
          }
        }

815
        $edit['cid'] = db_next_id('{comments}_cid');
Dries's avatar
 
Dries committed
816 817
        $edit['timestamp'] = time();

818
        if ($edit['uid'] === $user->uid) { // '===' because we want to modify anonymous users too
Dries's avatar
 
Dries committed
819 820 821
          $edit['name'] = $user->name;
        }

822
        $edit += array('mail' => '', 'homepage' => '');
823
        db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit['cid'], $edit['nid'], $edit['pid'], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit['name'], $edit['mail'], $edit['homepage']);
Dries's avatar
 
Dries committed
824 825

        _comment_update_node_statistics($edit['nid']);
Dries's avatar
 
Dries committed
826

827
        // Tell the other modules a new comment has been submitted.
828
        comment_invoke_comment($edit, 'insert');
Dries's avatar
 
Dries committed
829

830
        // Add an entry to the watchdog log.
831
        watchdog('content', 'Comment: added %subject.', array('%subject' => $edit['subject']), WATCHDOG_NOTICE, l(t('view'), 'node/'. $edit['nid'], array('fragment' => 'comment-'. $edit['cid'])));
Dries's avatar
 
Dries committed
832
      }
Dries's avatar
 
Dries committed
833

834
      // Clear the cache so an anonymous user can see his comment being added.
Dries's avatar
 
Dries committed
835
      cache_clear_all();
Dries's avatar
 
Dries committed
836

Dries's avatar
 
Dries committed
837
      // Explain the approval queue if necessary, and then
Dries's avatar
 
Dries committed
838
      // redirect the user to the node he's commenting on.
839
      if ($status == COMMENT_NOT_PUBLISHED) {
Dries's avatar
 
Dries committed
840
        drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
Dries's avatar