comment.module 74.8 KB
Newer Older
1
<?php
2
// $Id$
Dries's avatar
 
Dries committed
3

Dries's avatar
Dries committed
4
5
/**
 * @file
Dries's avatar
   
Dries committed
6
 * Enables users to comment on published content.
Dries's avatar
Dries committed
7
8
9
10
11
12
 *
 * When enabled, the Drupal comment module creates a discussion
 * board for each Drupal node. Users can post comments to discuss
 * a forum topic, weblog post, story, collaborative book page, etc.
 */

13
14
15
/**
 * Implementation of hook_help().
 */
Dries's avatar
Dries committed
16
function comment_help($section = "admin/help#comment") {
Dries's avatar
   
Dries committed
17
  switch ($section) {
Dries's avatar
   
Dries committed
18
    case 'admin/help#comment':
19
      return t("
Dries's avatar
Dries committed
20
21
      <p>When enabled, the Drupal comment module creates a discussion board for each Drupal node. Users can post comments to discuss a forum topic, weblog post, story, collaborative book page, etc. An administrator can give comment permissions to user groups, and users can (optionally) edit their last comment, assuming no others have been posted since.</p>

Dries's avatar
   
Dries committed
22
23
      <h3>User control of comment display</h3>
      <p>Attached to each comment board is a control panel for customizing the way that comments are displayed. Users can control the chronological ordering of posts (newest or oldest first) and the number of posts to display on each page. Additional settings include:</p>
Dries's avatar
Dries committed
24
25
26
27
28
      <ul><li><strong>Threaded</strong> &mdash; Displays the posts grouped according to conversations and subconversations.</li>
      <li><strong>Flat</strong> &mdash;  Displays the posts in chronological order, with no threading whatsoever.</li>
      <li><strong>Expanded</strong> &mdash; Displays the title and text for each post.</li>
      <li><strong>Collapsed</strong> &mdash; Displays only the title for each post.</li></ul>
      <p>When a user chooses <em>save settings</em>, the comments are then redisplayed using the user's new choices. Administrators can set the default settings for the comment control panel, along with other comment defaults, in <a href=\"%comment-config\">administer &raquo; comments &raquo; configure</a>. NOTE: When comment moderation is enabled, users will have another control panel option to control thresholds (see below).</p>
Dries's avatar
   
Dries committed
29

Dries's avatar
   
Dries committed
30
      <h3>Additional comment configurations</h3>
Dries's avatar
Dries committed
31
32
33
34
35
36
      <p>Comments behave like other user submissions in Drupal. Filters, smileys and HTML that work in nodes will also work with comments. Administrators can control access to various comment module functions through <a href=\"%user-permissions\">administer &raquo; users &raquo; configure &raquo; permissions</a>. Know that in a new Drupal installation, all comment permissions are disabled by default. The choice of which permissions to grant to which roles (groups of users) is left up to the site administrator. The following permissions:</p>
      <ul><li><strong>Access comments</strong> &mdash; Allows users to view comments.</li>
      <li><strong>Administrate comments</strong> &mdash; Allows users complete control over configuring, editing and deleting all comments.</li>
      <li><strong>Moderate comments</strong> &mdash; Allows users to rate comment postings (see more on moderation below).</li>
      <li><strong>Post comments</strong> &mdash; Allows users to post comments into an administrator moderation queue.</li>
      <li><strong>Post comments without approval</strong> &mdash; Allows users to directly post comments, bypassing the moderation queue.</li></ul>
Dries's avatar
   
Dries committed
37

Dries's avatar
   
Dries committed
38
      <h3>Notification of new comments</h3>
Dries's avatar
Dries committed
39
40
41
      <p>Drupal provides specific features to inform site members when new comments have been posted.</p>
      <p>Drupal displays the total number of comments attached to each node, and tracks comments read by individual site members. Members which have logged in will see a notice accompanying nodes which contain comments they have not read. Some administrators may want to <a href=\"%download-notify\">download, install and configure the notify module</a>. Users can then request that Drupal send them an e-mail when new comments are posted (the notify module requires that cron.php be configured properly).</p>
      <p>The <em>tracker</em> module, disabled by default, displays all the site's recent posts.  There is a link to the <a href=\"%tracker\">recent posts</a> page in the navigation block.  This page is a useful way to browse new or updated nodes and comments. Content which the user has not yet read is tagged with a red star (this graphic depends on the current theme). Visit the comment board for any node, and Drupal will display a red <em>\"new\"</em> label beside the text of unread comments.</p>
Dries's avatar
   
Dries committed
42

Dries's avatar
   
Dries committed
43
44
      <h3>Comment moderation</h3>
      <p>On sites with active commenting from users, the administrator can turn over comment moderation to the community. </p>
Dries's avatar
Dries committed
45
      <p>With comment moderation, each comment is automatically assigned an initial rating. As users read comments, they can apply a vote which affects the comment rating. At the same time, users have an additional option in the control panel which allows them to set a threshold for the comments they wish to view. Those comments with ratings lower than the set threshold will not be shown. To enable moderation, the administrator must grant <a href=\"%user-permissions\">moderate comments</a> permissions. Then, a number of options in <a href=\"%comment-config\">administer &raquo; comments &raquo; configure</a> must be configured.</p>
Dries's avatar
   
Dries committed
46

Dries's avatar
   
Dries committed
47
      <h4>Moderation votes</h4>
48
      <p>The first step is to create moderation labels which allow users to rate a comment.  Go to <a href=\"%comment-votes\">administer &raquo; comments &raquo; configure &raquo; moderation votes</a>. In the <em>vote</em> field, enter the textual labels which users will see when casting their votes. Some examples are</p>
Dries's avatar
Dries committed
49
50
      <ul><li>Excellent +3</li><li>Insightful +2</li><li>Useful +1</li><li>Redundant -1</li><li>Flame -3</li></ul>
      <p>So that users know how their votes affect the comment, these examples include the vote value as part of the label, although that is optional. Using the weight option, you can control the order in which the votes appear to users. Setting the weight heavier (positive numbers) will make the vote label appear at the bottom of the list. Lighter (a negative number) will push it to the top. To encourage positive voting, a useful order might be higher values, positive votes, at the top, with negative votes at the bottom.</p>
Dries's avatar
   
Dries committed
51

Dries's avatar
   
Dries committed
52
      <h4>Moderator vote/values matrix</h4>
Dries's avatar
Dries committed
53
      <p>Next go to <a href=\"%comment-matrix\">administer &raquo; comments &raquo; configure &raquo; moderation matrix</a>. Enter the values for the vote labels for each permission role in the vote matrix. The values entered here will be used to create the rating for each comment. NOTE: Comment ratings are calculated by averaging user votes with the initial rating.</p>
Dries's avatar
   
Dries committed
54

Dries's avatar
   
Dries committed
55
      <h4>Creating comment thresholds</h4>
56
      <p>In <a href=\"%comment-thresholds\">administer &raquo; comments &raquo; configure &raquo; moderation thresholds</a>, you'll have to create some comment thresholds to make the comment rating system useful. When comment moderation is enabled and the thresholds are created, users will find another comment control panel option for selecting their thresholds. They'll use the thresholds you enter here to filter out comments with low ratings. Consequently, you'll probably want to create more than one threshold to give users some flexibility in filtering comments.</p>
Dries's avatar
Dries committed
57
      <p>When creating the thresholds, note that the <em>Minimum score</em> is asking you for the lowest rating that a comment can have in order to be displayed. To see a common example of how thresholds work, you might visit <a href=\"%slashdot\">Slashdot</a> and view one of their comment boards associated with a story. You can reset the thresholds in their comment control panel.</p>
Dries's avatar
   
Dries committed
58

Dries's avatar
   
Dries committed
59
      <h4>Initial comment scores</h4>
Dries's avatar
Dries committed
60
      <p>Finally, you may want to enter some <em>initial comment scores</em>. In <a href=\"%comment-initial\">administer &raquo; comments &raquo; configure &raquo; moderation roles</a> you can assign a beginning rating for all comments posted by a particular permission role. If you do not assign any initial scores, Drupal will assign a rating of <strong>0</strong> as the default.</p>", array('%comment-config' => url('admin/comment/configure'), '%user-permissions' => url('admin/user/configure/permission'), '%tracker' => url('tracker'), '%download-notify' => 'http://drupal.org/project/releases', '%comment-votes' => url('admin/comment/configure/votes'), '%comment-matrix' => url('admin/comment/configure/matrix'), '%comment-thresholds' => url('admin/comment/configure/thresholds'), '%slashdot' => ' http://slashdot.org', '%comment-initial' => url('admin/comment/configure/roles')));
Dries's avatar
   
Dries committed
61
    case 'admin/comment':
62
    case 'admin/comment/new':
Dries's avatar
   
Dries committed
63
      return t("Below is a list of the latest comments posted your site. Click on a subject to see the comment, the author's name to edit the author's user information , \"edit\" to modify the text, and \"delete\" to remove their submission.");
Dries's avatar
   
Dries committed
64
    case 'admin/comment/approval':
Dries's avatar
   
Dries committed
65
      return t("Below is a list of the comments posted to your site that need approval. To approve a comment, click on \"edit\" and then change its \"moderation status\" to Approved. Click on a subject to see the comment, the author's name to edit the author's user information, \"edit\" to modify the text, and \"delete\" to remove their submission.");
Dries's avatar
Dries committed
66
67
68
    case 'admin/comment/configure':
    case 'admin/comment/configure/settings':
      return t("Comments can be attached to any node, and their settings are below. The display comes in two types: a \"flat list\" where everything is flush to the left side, and comments come in chronological order, and a \"threaded list\" where replies to other comments are placed immediately below and slightly indented, forming an outline. They also come in two styles: \"expanded\", where you see both the title and the contents, and \"collapsed\" where you only see the title. Preview comment forces a user to look at their comment by clicking on a \"Preview\" button before they can actually add the comment.");
69
    case 'admin/comment/configure/matrix':
Dries's avatar
Dries committed
70
71
72
      return t("Here you assign a value to each item in the comment moderation dropdown menu. This value is added to the vote total, which is then divided by the number of users who have voted and rounded off to the nearest integer. <ul><li>In order to use comment moderation, every text box on this page should be populated.</li><li>You must assign the \"moderate comments\" permission to at least one role in order to use this page.</li><li>Every box not filled in will have a value of zero, which will have the effect of lowering a comments overall score.</li></ul>");
    case 'admin/comment/configure/roles':
      return t("You can setup the initial vote value of a comment posted by each user role using these forms. This value is used before any other users vote on the comment. Blank entries are valued at zero.");
73
    case 'admin/comment/configure/thresholds':
Dries's avatar
Dries committed
74
      return t("Use these forms to setup the name and minimum \"cut off\" score to help your users hide comments they don't want to see. These thresholds appear in the user's comment control panel. Click \"edit threshold\" to modify the values of an already existing configuration. To delete a setting, \"edit\" it first, and then choose \"delete threshold\".");
75
    case 'admin/comment/configure/votes':
Dries's avatar
Dries committed
76
      return t("Create and control the possible comment moderation votes here. \"Weight\" lets you set the order of the drop down menu. Click \"edit\" to edit a current vote weight. To delete a name/weight combination go to the \"edit\" area. To delete a setting, \"edit\" it first, and then choose \"delete vote\".");
Dries's avatar
   
Dries committed
77
    case 'admin/comment/search':
Dries's avatar
Dries committed
78
79
80
      return t("Enter a simple pattern ('*' may be used as a wildcard match) to search for a comment.  For example, one may search for 'br' and Drupal might return 'bread brakers', 'our daily bread' and 'brenda'.");
    case 'admin/modules#description':
      return t('Enables user to comment on published content.');
81
   }
Dries's avatar
   
Dries committed
82
83
}

Dries's avatar
   
Dries committed
84
85
86
/**
 * Implementation of hook_menu().
 */
Dries's avatar
   
Dries committed
87
function comment_menu($may_cache) {
Dries's avatar
   
Dries committed
88
89
  $items = array();

Dries's avatar
   
Dries committed
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
  if ($may_cache) {
    $access = user_access('administer comments');
    $items[] = array('path' => 'admin/comment', 'title' => t('comments'),
      'callback' => 'comment_admin_overview', 'access' => $access);
    $items[] = array('path' => 'admin/comment/edit', 'title' => t('edit comment'),
      'callback' => 'comment_admin_edit', 'access' => $access, 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'admin/comment/delete', 'title' => t('delete comment'),
      'callback' => 'comment_delete', 'access' => $access, 'type' => MENU_CALLBACK);

    // Tabs:
    $items[] = array('path' => 'admin/comment/list', 'title' => t('list'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/comment/configure', 'title' => t('configure'),
      'callback' => 'comment_configure', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    if (module_exist('search')) {
      $items[] = array('path' => 'admin/comment/search', 'title' => t('search'),
        'callback' => 'comment_search', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    }

    // Subtabs:
    $items[] = array('path' => 'admin/comment/list/new', 'title' => t('new comments'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);
    $items[] = array('path' => 'admin/comment/list/approval', 'title' => t('approval queue'),
      'callback' => 'comment_admin_overview', 'access' => $access,
      'callback arguments' => 'approval',
      'type' => MENU_LOCAL_TASK);

    $items[] = array('path' => 'admin/comment/configure/settings', 'title' => t('settings'),
      'type' => MENU_DEFAULT_LOCAL_TASK, 'weight' => -10);

    $access = user_access('administer comments') && user_access('administer moderation');
    $items[] = array('path' => 'admin/comment/configure/matrix', 'title' => t('moderation matrix'),
      'callback' => 'comment_matrix_settings', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/comment/configure/thresholds', 'title' => t('moderation thresholds'),
      'callback' => 'comment_threshold_settings', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/comment/configure/roles', 'title' => t('moderation roles'),
      'callback' => 'comment_role_settings', 'access' => $access, 'type' => MENU_LOCAL_TASK);
    $items[] = array('path' => 'admin/comment/configure/votes', 'title' => t('moderation votes'),
      'callback' => 'comment_vote_settings', 'access' => $access,'type' => MENU_LOCAL_TASK);

    $access = user_access('post comments');
    $items[] = array('path' => 'comment/reply', 'title' => t('reply to comment'),
      'callback' => 'comment_reply', 'access' => $access, 'type' => MENU_CALLBACK);
    $items[] = array('path' => 'comment/edit', 'title' => t('edit your comment'),
      'callback' => 'comment_edit', 'access' => $access, 'type' => MENU_CALLBACK);

    $items[] = array('path' => 'comment', 'title' => t('reply to comment'),
      'callback' => 'comment_save_settings', 'access' => 1, 'type' => MENU_CALLBACK);
Dries's avatar
   
Dries committed
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
  }

  return $items;
}

/**
 * Implementation of hook_perm().
 */
function comment_perm() {
  return array('access comments', 'post comments', 'administer comments', 'moderate comments', 'post comments without approval', 'administer moderation');
}

/**
 * Implementation of hook_block().
 *
 * Generates a block with the most recent comments.
 */
function comment_block($op = 'list', $delta = 0) {
  if ($op == 'list') {
    $blocks[0]['info'] = t('Recent comments');
    return $blocks;
  }
  else if (user_access('access comments')) {
    $result = db_query_range('SELECT * FROM {comments} WHERE status = 0 ORDER BY timestamp DESC', 0, 10);
    $items = array();
    while ($comment = db_fetch_object($result)) {
      $items[] = l($comment->subject, "node/$comment->nid", NULL, NULL, "comment-$comment->cid") .'<br />'. format_interval(time() - $comment->timestamp) .' '. t('ago');
    }

    $block['subject'] = t('Recent comments');
    $block['content'] = theme('item_list', $items);
    return $block;
  }
}

/**
 * Implementation of hook_link().
 */
function comment_link($type, $node = 0, $main = 0) {
  $links = array();

  if ($type == 'node' && $node->comment) {

    if ($main) {
      // Main page: display the number of comments that have been posted.

      if (user_access('access comments')) {
        $all = comment_num_all($node->nid);
        $new = comment_num_new($node->nid);

        if ($all) {
          $links[] = l(format_plural($all, '1 comment', '%count comments'), "node/$node->nid", array('title' => t('Jump to the first comment of this posting.')), NULL, 'comment');

          if ($new) {
            $links[] = l(format_plural($new, '1 new comment', '%count new comments'), "node/$node->nid", array('title' => t('Jump to the first new comment of this posting.')), NULL, 'new');
          }
        }
        else {
          if ($node->comment == 2) {
            if (user_access('post comments')) {
              $links[] = l(t('add new comment'), "comment/reply/$node->nid", array('title' => t('Add a new comment to this page.')));
            }
            else {
              $links[] = theme('comment_post_forbidden');
            }
          }
        }
      }
    }
    else {
      // Node page: add a "post comment" link if the user is allowed to
      // post comments, if this node is not read-only, and if the comment form isn't already shown

      if ($node->comment == 2 && variable_get('comment_form_location', 0) == 0) {
        if (user_access('post comments')) {
          $links[] = l(t('add new comment'), "comment/reply/$node->nid", array('title' => t('Share your thoughts and opinions related to this posting.')), NULL, 'comment');
        }
        else {
          $links[] = theme('comment_post_forbidden');
        }
      }
    }
  }

  if ($type == 'comment') {
    $links = comment_links($node, $main);
  }

  return $links;
}

/**
 * Implementation of hook_nodeapi().
Dries's avatar
   
Dries committed
231
 *
Dries's avatar
   
Dries committed
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
 */
function comment_nodeapi(&$node, $op, $arg = 0) {
  switch ($op) {
    case 'settings':
      $output[t('comment')] = form_select('', "comment_$node->type", variable_get("comment_$node->type", 2), array(t('Disabled'), t('Read only'), t('Read/Write')));
      return $output;
    case 'fields':
      return array('comment');
    case 'form admin':
      if (user_access('administer comments')) {
        $selected = isset($node->comment) ? $node->comment : variable_get("comment_$node->type", 2);
        $output = form_radios('', 'comment', $selected, array(t('Disabled'), t('Read only'), t('Read/write')));
        return form_group(t('User comments'), $output);
      }
      break;
Dries's avatar
   
Dries committed
247
248
    case 'load':
      return db_fetch_array(db_query("SELECT last_comment_timestamp, last_comment_name, last_comment_name, comment_count, cid as last_comment_cid FROM {node_comment_statistics} WHERE nid = %d", $node->nid));
Dries's avatar
   
Dries committed
249
250
251
252
253
254
    case 'validate':
      if (!user_access('administer nodes')) {
        // Force default for normal users:
        $node->comment = variable_get("comment_$node->type", 2);
      }
      break;
Dries's avatar
   
Dries committed
255
256
257
    case 'insert':
      db_query('INSERT INTO {node_comment_statistics} (nid, cid, last_comment_timestamp, last_comment_name, last_comment_uid, comment_count) VALUES (%d,0,%d,NULL,%d,0)', $node->nid, $node->created, $node->uid);
      break;
Dries's avatar
   
Dries committed
258
    case 'delete':
Dries's avatar
   
Dries committed
259
260
      db_query('DELETE FROM {comments} WHERE nid = %d', $node->nid);
      db_query('DELETE FROM {node_comment_statistics} WHERE nid = %d', $node->nid);
Dries's avatar
   
Dries committed
261
262
263
264
265
266
267
268
269
270
271
272
273
274
      break;
  }
}

/**
 * Implementation of hook_node_link().
 *
 * Allows users with appropriate privileges to edit comments when viewing
 * a node.
 */
function comment_node_link($node) {
  if (user_access('administer comments')) {
    $result = db_query('SELECT c.cid, c.subject, c.name, c.homepage, u.uid, u.name AS registered_name, c.name FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE nid = %d AND c.status = 0 ORDER BY c.timestamp', $node->nid);

Dries's avatar
   
Dries committed
275
    $header = array(t('Title'), t('Author'), array('data' => t('Operations'), 'colspan' => 3));
Dries's avatar
   
Dries committed
276
277
278

    while ($comment = db_fetch_object($result)) {
      $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
Dries's avatar
   
Dries committed
279
      $rows[] = array(l($comment->subject, "node/$node->nid", NULL, NULL, "comment-$comment->cid"), format_name($comment), l(t('view'), "node/$node->nid", NULL, NULL, $comment->cid), l(t('edit'), "admin/comment/edit/$comment->cid"), l(t('delete'), "admin/comment/delete/$comment->cid"));
Dries's avatar
   
Dries committed
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
    }

    if ($rows) {
      $output  = '<h3>'. t('Edit comments') .'</h3>';
      $output .= theme('table', $header, $rows);
    }

    return $output;
  }
}

/**
 * Implementation of hook_search().
 *
 * This search function uses search.module's built-in content index by
 * calling do_search(). The "nid" identifier in the select is used to
 * present search results in the context of their associated node.
Dries's avatar
   
Dries committed
297
298
 *
 * This function doubles as a menu callback for the administrative comment search.
Dries's avatar
   
Dries committed
299
 */
Dries's avatar
Dries committed
300
301
302
303
304
305
306
function comment_search($keys = NULL) {
  if (!$keys) {
    // if there are no keys, we've been called from our menu callback,
    // so we hook into the search.module to pass the $keys back to us.
    print theme('page', search_type('comment', url('admin/comment/search'), $_POST['keys']));
  }
  else if ($keys) {
Dries's avatar
   
Dries committed
307
    $find = do_search(array('keys' => $keys, 'type' => 'comment', 'select' => 'SELECT s.lno AS lno, c.nid AS nid, c.subject AS title, c.timestamp AS created, u.uid AS uid, u.name AS name, s.count AS count FROM {search_index} s, {comments} c INNER JOIN {users} u ON c.uid = u.uid '. node_access_join_sql('c') .' WHERE '. node_access_where_sql() ." AND s.lno = c.cid AND s.type = 'comment' AND c.status = 0 AND s.word like '%'"));
Dries's avatar
Dries committed
308
309
    return array(t('Matching comments ranked in order of relevance'), $find);
  }
Dries's avatar
   
Dries committed
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
}

/**
 * Implementation of hook_update_index().
 *
 * The SQL statement returned checks for the last time the index was updated
 * so as not to cause redundant work for the indexer.
 */
function comment_update_index() {
  return array('last_update' => 'comment_cron_last', 'node_type' => 'comment', 'select' => 'SELECT c.cid as lno, c.subject as text1, c.comment as text2 FROM {comments} c WHERE c.status = 0 AND timestamp > '. variable_get('comment_cron_last', 1));
}

/**
 * Implementation of hook_user().
 *
 * Provides signature customization for the user's comments.
 */
function comment_user($type, $edit, &$user, $category = NULL) {
  if ($type == 'form' && $category == 'account') {
    // when user tries to edit his own data
Dries's avatar
   
Dries committed
330
    return array(array('title' => t('Comment settings'), 'data' => form_textarea(t('Signature'), 'signature', $edit['signature'], 64, 3, t('Your signature will be publicly displayed at the end of your comments.')), 'weight' => 2));
Dries's avatar
   
Dries committed
331
332
333
334
335
336
337
  }
  if ($type == 'validate') {
    // validate user data editing
    return array('signature' => $edit['signature']);
  }
}

338
/**
Dries's avatar
   
Dries committed
339
 * Menu callback; presents the comment settings page.
340
 */
Dries's avatar
   
Dries committed
341
342
343
344
345
function comment_configure() {
  if ($_POST) {
    system_settings_save();
  }

346
347
348
349
  $group  = form_radios(t('Default display mode'), 'comment_default_mode', variable_get('comment_default_mode', 4), _comment_get_modes(), t('The default view for comments. Expanded views display the body of the comment. Threaded views keep replies together.'));
  $group .= form_radios(t('Default display order'), 'comment_default_order', variable_get('comment_default_order', 1), _comment_get_orders(), t('The default sorting for new users and anonymous users while viewing comments. These users may change their view using the comment control panel. For registered users, this change is remembered as a persistent user preference.'));
  $group .= form_select(t('Default comments per page'), 'comment_default_per_page', variable_get('comment_default_per_page', '50'), _comment_per_page(), t('Default number of comments for each page: more comments are distributed in several pages.'));
  $group .= form_radios(t('Comment controls'), 'comment_controls', variable_get('comment_controls', 0), array(t('Display above the comments'), t('Display below the comments'), t('Display above and below the comments'), t('Do not display')), t('Position of the comment controls box.  The comment controls let the user change the default display mode and display order of comments.'));
Dries's avatar
Dries committed
350
  $output = form_group(t('Comment viewing options'), $group);
Dries's avatar
   
Dries committed
351

Dries's avatar
   
Dries committed
352
  $group  = form_radios(t('Anonymous poster settings'), 'comment_anonymous', variable_get('comment_anonymous', 0), array(t('Anonymous posters may not enter their contact information'), t('Anonymous posters may leave their contact information'), t('Anonymous posters must leave their contact information')), t('This feature is only useful if you allow anonymous users to post comments.  See the <a href="%url">permissions page</a>.', array('%url' => url('admin/user/configure/permission'))));
353
  $group .= form_radios(t('Comment subject field'), 'comment_subject_field', variable_get('comment_subject_field', 1), array(t('Disabled'), t('Enabled')), t('Must users provide a subject for their comments?'));
Dries's avatar
   
Dries committed
354
355
  $group .= form_radios(t('Preview comment'), 'comment_preview', variable_get('comment_preview', 1), array(t('Optional'), t('Required')));
  $group .= form_radios(t('Location of comment submission form'), 'comment_form_location', variable_get('comment_form_location', 0), array(t('Display on separate page'), t('Display below post or comments')));
Dries's avatar
   
Dries committed
356
  $output .= form_group(t('Comment posting settings'), $group);
Dries's avatar
   
Dries committed
357

358
  $result = db_query('SELECT fid, filter FROM {moderation_filters} ');
Dries's avatar
   
Dries committed
359
360
  while ($filter = db_fetch_object($result)) {
    $thresholds[$filter->fid] = ($filter->filter);
Dries's avatar
   
Dries committed
361
  }
Dries's avatar
   
Dries committed
362
  if ($thresholds) {
363
    $group = form_select(t('Default threshold'), 'comment_default_threshold', variable_get('comment_default_threshold', 0), $thresholds, t('Thresholds are values below which comments are hidden. These thresholds are useful for busy sites which want to hide poor comments from most users.'));
Dries's avatar
   
Dries committed
364
365
    $output .= form_group(t('Comment moderation settings'), $group);
  }
Dries's avatar
   
Dries committed
366

Dries's avatar
   
Dries committed
367
  print theme('page', system_settings_form($output));
Dries's avatar
   
Dries committed
368
369
}

370
371
372
373
374
375
376
377
378
379
/**
 * This is *not* a hook_access() implementation. This function is called
 * to determine whether the current user has access to a particular comment.
 *
 * Authenticated users can edit their comments as long they have not been
 * replied to. This prevents people from changing or revising their
 * statements based on the replies their posts got. Furthermore, users
 * can't reply to their own comments and are encouraged instead to extend
 * their original comment.
 */
Dries's avatar
   
Dries committed
380
function comment_access($op, $comment) {
Dries's avatar
   
Dries committed
381
382
  global $user;

383
  if ($op == 'edit') {
Dries's avatar
   
Dries committed
384
    return $user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0;
Dries's avatar
   
Dries committed
385
386
  }
}
387

Dries's avatar
   
Dries committed
388
function comment_node_url() {
Dries's avatar
Dries committed
389
  return arg(0) .'/'. arg(1);
Dries's avatar
   
Dries committed
390
}
Dries's avatar
   
Dries committed
391

Dries's avatar
   
Dries committed
392
393
394
function comment_edit($cid) {
  global $user;

Dries's avatar
   
Dries committed
395
  $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status != 2', $cid));
Dries's avatar
   
Dries committed
396
  $comment = drupal_unpack($comment);
Dries's avatar
   
Dries committed
397
  $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
398
  if (comment_access('edit', $comment)) {
Dries's avatar
Dries committed
399
    print theme('page', comment_preview(object2array($comment)), t('Edit comment'));
Dries's avatar
   
Dries committed
400
401
402
  }
}

Dries's avatar
Dries committed
403
function comment_reply($nid, $pid = NULL) {
Dries's avatar
   
Dries committed
404

405
  $output = '';
Dries's avatar
   
Dries committed
406

Dries's avatar
Dries committed
407
408
409
410
411
412
413
414
415
416
417
  // are we posting or previewing a reply?
  if ($_POST['op'] == t('Post comment')) {
    $edit = $_POST['edit'];
    comment_validate_form($edit);
    print theme('page', comment_post($edit), t('Post comment'));
    return;
  }
  else if ($_POST['op'] == t('Preview comment')) {
    $edit = $_POST['edit'];
    comment_validate_form($edit);
    print theme('page', comment_preview($edit), t('Preview comment'));
Steven Wittens's avatar
Steven Wittens committed
418
    return;
Dries's avatar
Dries committed
419
  }
Dries's avatar
   
Dries committed
420

Dries's avatar
Dries committed
421
422
423
424
425
  // or are we merely showing the form?
  if (user_access('access comments')) {

    // if this is a reply to another comment, show that comment first
    // else, we'll just show the user the node they're commenting on.
Dries's avatar
   
Dries committed
426
    if ($pid) {
Dries's avatar
   
Dries committed
427
      $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0', $pid));
Dries's avatar
   
Dries committed
428
      $comment = drupal_unpack($comment);
Dries's avatar
   
Dries committed
429
      $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
430
      $output .= theme('comment_view', $comment);
Dries's avatar
   
Dries committed
431
    }
432
433
    else if (user_access('access content')) {
      $output .= node_view(node_load(array('nid' => $nid)));
Dries's avatar
   
Dries committed
434
435
      $pid = 0;
    }
Dries's avatar
   
Dries committed
436

Dries's avatar
Dries committed
437
    // should we show the reply box?
Dries's avatar
   
Dries committed
438
    if (node_comment_mode($nid) != 2) {
439
      $output .= theme('box', t('Reply'), t("This discussion is closed: you can't post new comments."));
Kjartan's avatar
Kjartan committed
440
    }
441
442
    else if (user_access('post comments')) {
      $output .= theme('comment_form', array('pid' => $pid, 'nid' => $nid), t('Reply'));
Dries's avatar
   
Dries committed
443
444
    }
    else {
445
      $output .= theme('box', t('Reply'), t('You are not authorized to post comments.'));
Dries's avatar
   
Dries committed
446
    }
Kjartan's avatar
Kjartan committed
447
448
  }
  else {
449
    $output .= theme('box', t('Reply'), t('You are not authorized to view comments.'));
Dries's avatar
   
Dries committed
450
  }
Dries's avatar
   
Dries committed
451

Dries's avatar
Dries committed
452
  print theme('page', $output, t('Add new comment'));
Dries's avatar
   
Dries committed
453
454
}

Dries's avatar
   
Dries committed
455
456
function comment_validate_form($edit) {
  global $user;
Dries's avatar
   
Dries committed
457

Dries's avatar
   
Dries committed
458
459
460
461
462
463
464
465
  /*
  ** Validate the comment's body.
  */

  if ($edit['comment'] == '') {
    form_set_error('comment', t('The body of your comment is empty.'));
  }

466
467
468
  /*
  ** Validate filter format
  */
469
  if (array_key_exists('format', $edit) && !filter_access($edit['format'])) {
470
471
472
    form_set_error('format', t('The supplied input format is invalid.'));
  }

Dries's avatar
   
Dries committed
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
  /*
  ** Check validity of name, mail and homepage (if given)
  */

  if (!$user->uid) {
    if (variable_get('comment_anonymous', 0) > 0) {
      if ($edit['name']) {
        $taken = db_result(db_query("SELECT COUNT(uid) FROM {users} WHERE LOWER(name) = '%s'", strip_tags($edit['name'])), 0);

        if ($taken != 0) {
          form_set_error('name', t('The name you used belongs to a registered user.'));
        }

      }
      else if (variable_get('comment_anonymous', 0) == 2) {
        form_set_error('name', t('You have to leave your name.'));
      }

      if ($edit['mail']) {
        if (!valid_email_address($edit['mail'])) {
493
          form_set_error('mail', t('The e-mail address you specified is not valid.'));
Dries's avatar
   
Dries committed
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
        }
      }
      else if (variable_get('comment_anonymous', 0) == 2) {
        form_set_error('mail', t('You have to leave an e-mail address.'));
      }

      if ($edit['homepage']) {
        if (!valid_url($edit['homepage'], TRUE)) {
          form_set_error('homepage', t('The URL of your homepage is not valid.  Remember that it must be fully qualified, i.e. of the form <code>http://example.com/directory</code>.'));
        }
      }
    }
  }
}

Dries's avatar
   
Dries committed
509
function comment_preview($edit) {
Dries's avatar
   
Dries committed
510
  global $user;
Dries's avatar
   
Dries committed
511

512
  $output = '';
Dries's avatar
   
Dries committed
513

514
  $comment = new StdClass();
Dries's avatar
   
Dries committed
515
516
517
518
  foreach ($edit as $key => $value) {
    $comment->$key = $value;
  }

519
  // Attach the user and time information.
Dries's avatar
   
Dries committed
520
521
  $comment->uid = $user->uid;
  $comment->timestamp = time();
Dries's avatar
   
Dries committed
522
  $comment->name = $user->name ? $user->name : $comment->name;
Dries's avatar
   
Dries committed
523

524
525
526
  // Preview the comment.
  $output .= theme('comment_view', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 1)));
  $output .= theme('comment_form', $edit, t('Reply'));
Kjartan's avatar
Kjartan committed
527

528
529
  if ($edit['pid']) {
    $comment = db_fetch_object(db_query('SELECT c.*, u.uid, u.name AS registered_name, u.picture, u.data FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0', $edit['pid']));
Dries's avatar
   
Dries committed
530
    $comment = drupal_unpack($comment);
Dries's avatar
   
Dries committed
531
    $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
532
    $output .= theme('comment_view', $comment);
Kjartan's avatar
Kjartan committed
533
534
  }
  else {
535
536
    $output .= node_view(node_load(array('nid' => $edit['nid'])));
    $edit['pid'] = 0;
Kjartan's avatar
Kjartan committed
537
  }
Dries's avatar
   
Dries committed
538
539

  return $output;
Dries's avatar
   
Dries committed
540
541
542
}

function comment_post($edit) {
Dries's avatar
   
Dries committed
543
  global $user;
Dries's avatar
   
Dries committed
544

545
  if (user_access('post comments') && node_comment_mode($edit['nid']) == 2) {
Dries's avatar
   
Dries committed
546

547
548
    // Validate the comment's subject.  If not specified, extract
    // one from the comment's body.
Dries's avatar
   
Dries committed
549
    $edit['subject'] = strip_tags($edit['subject']);
Dries's avatar
   
Dries committed
550

551
    if ($edit['subject'] == '') {
Dries's avatar
   
Dries committed
552
      $edit['subject'] = truncate_utf8(strip_tags($edit['comment']), 29);
Dries's avatar
   
Dries committed
553
554
    }

Dries's avatar
   
Dries committed
555
    if (!form_get_errors()) {
556
557
      // Check for duplicate comments.  Note that we have to use the
      // validated/filtered data to perform such check.
Dries's avatar
   
Dries committed
558

Dries's avatar
   
Dries committed
559
560
      $duplicate = db_result(db_query("SELECT COUNT(cid) FROM {comments} WHERE pid = %d AND nid = %d AND subject = '%s' AND comment = '%s'", $edit["pid"], $edit["nid"], $edit['subject'], $edit['comment']), 0);
      if ($duplicate != 0) {
Dries's avatar
   
Dries committed
561
        watchdog('warning', t('Comment: duplicate %subject.', array('%subject' => '<em>'. $edit["subject"] .'</em>')));
Dries's avatar
   
Dries committed
562
      }
Dries's avatar
   
Dries committed
563

Dries's avatar
   
Dries committed
564
      if ($edit["cid"]) {
565
566
567
        // Update the comment in the database.  Note that the update
        // query will fail if the comment isn't owned by the current
        // user.
568
        db_query("UPDATE {comments} SET subject = '%s', comment = '%s', format = '%s' WHERE cid = %d AND uid = '$user->uid'", $edit['subject'], $edit['format'], $edit['comment'], $edit["cid"]);
Dries's avatar
   
Dries committed
569

Dries's avatar
   
Dries committed
570
571
        _comment_update_node_statistics($edit['nid']);

572
573
        // Allow modules to respond to the updating of a comment.
        module_invoke_all('comment', 'update', $edit);
Dries's avatar
   
Dries committed
574

575
        // Add entry to the watchdog log.
Dries's avatar
   
Dries committed
576
        watchdog('special', t('Comment: updated %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')), l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
Dries's avatar
   
Dries committed
577
578
      }
      else {
579
580
581
        // Add the comment to database.
        $status = user_access('post comments without approval') ? 0 : 1;
        $roles = variable_get('comment_roles', array());
Dries's avatar
   
Dries committed
582
583
584
585
586
587
        $score = 0;

        foreach (array_intersect(array_keys($roles), array_keys($user->roles)) as $rid) {
          $score = max($roles[$rid], $score);
        }

Dries's avatar
   
Dries committed
588
589
        $users = serialize(array(0 => $score));

Dries's avatar
   
Dries committed
590
591
592
593
594
        /*
        ** Here we are building the thread field.  See the comment
        ** in comment_render().
        */

595
        if ($edit['pid'] == 0) {
Dries's avatar
   
Dries committed
596
597
598
599
600
          /*
          ** This is a comment with no parent comment (depth 0): we start
          ** by retrieving the maximum thread level.
          */

601
          $max = db_result(db_query('SELECT MAX(thread) FROM {comments} WHERE nid = %d', $edit['nid']));
Dries's avatar
   
Dries committed
602

603
604
          // Strip the "/" from the end of the thread.
          $max = rtrim($max, '/');
Dries's avatar
   
Dries committed
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622

          /*
          ** Next, we increase this value by one.  Note that we can't
          ** use 1, 2, 3, ... 9, 10, 11 because we order by string and
          ** 10 would be right after 1.  We use 1, 2, 3, ..., 9, 91,
          ** 92, 93, ... instead.  Ugly but fast.
          */

          $decimals = (string)substr($max, 0, strlen($max) - 1);
          $units = substr($max, -1, 1);
          if ($units) {
            $units++;
          }
          else {
            $units = 1;
          }

          if ($units == 10) {
623
            $units = '90';
Dries's avatar
   
Dries committed
624
625
          }

626
          // Finally, build the thread field for this new comment.
Dries's avatar
   
Dries committed
627
628
629
630
631
632
633
634
635
          $thread = "$decimals$units/";
        }
        else {
          /*
          ** This is comment with a parent comment: we increase
          ** the part of the thread value at the proper depth.
          */

          // Get the parent comment:
636
          $parent = db_fetch_object(db_query('SELECT * FROM {comments} WHERE cid = %d', $edit['pid']));
Dries's avatar
   
Dries committed
637

638
639
          // Strip the "/" from the end of the parent thread.
          $parent->thread = (string)rtrim((string)$parent->thread, '/');
Dries's avatar
   
Dries committed
640

641
          // Get the max value in _this_ thread.
Dries's avatar
   
Dries committed
642
          $max = db_result(db_query("SELECT MAX(thread) FROM {comments} WHERE thread LIKE '%s.%%' AND nid = %d", $parent->thread, $edit['nid']));
Dries's avatar
   
Dries committed
643

644
645
          if ($max == '') {
            // First child of this parent.
Dries's avatar
   
Dries committed
646
647
648
            $thread = "$parent->thread.1/";
          }
          else {
649
650
            // Strip the "/" at the end of the thread.
            $max = rtrim($max, '/');
Dries's avatar
   
Dries committed
651

652
653
654
            // We need to get the value at the correct depth.
            $parts = explode('.', $max);
            $parent_depth = count(explode('.', $parent->thread));
Dries's avatar
   
Dries committed
655
656
657
658
659
660
661
662
663
664
665
666
667
            $last = $parts[$parent_depth];

            /*
            ** Next, we increase this value by one.  Note that we can't
            ** use 1, 2, 3, ... 9, 10, 11 because we order by string and
            ** 10 would be right after 1.  We use 1, 2, 3, ..., 9, 91,
            ** 92, 93, ... instead.  Ugly but fast.
            */

            $decimals = (string)substr($last, 0, strlen($last) - 1);
            $units = substr($last, -1, 1);
            $units++;
            if ($units == 10) {
668
              $units = '90';
Dries's avatar
   
Dries committed
669
670
            }

671
672
            // Finally, build the thread field for this new comment.
            $thread = "$parent->thread.". $decimals.$units .'/';
Dries's avatar
   
Dries committed
673
674
675
676
          }
        }


Dries's avatar
   
Dries committed
677
        $edit["cid"] = db_next_id("{comments}_cid");
Dries's avatar
   
Dries committed
678
679
680
681
682
683
        $edit['timestamp'] = time();

        if ($edit['uid'] = $user->uid) {
          $edit['name'] = $user->name;
        }

Dries's avatar
   
Dries committed
684

Dries's avatar
   
Dries committed
685
        db_query("INSERT INTO {comments} (cid, nid, pid, uid, subject, comment, format, hostname, timestamp, status, score, users, thread, name, mail, homepage) VALUES (%d, %d, %d, %d, '%s', '%s', %d, '%s', %d, %d, %d, '%s', '%s', '%s', '%s', '%s')", $edit["cid"], $edit["nid"], $edit["pid"], $edit['uid'], $edit['subject'], $edit['comment'], $edit['format'], $_SERVER['REMOTE_ADDR'], $edit['timestamp'], $status, $score, $users, $thread, $edit["name"], $edit['mail'], $edit["homepage"]);
Dries's avatar
   
Dries committed
686
687

        _comment_update_node_statistics($edit['nid']);
Dries's avatar
   
Dries committed
688

689
690
        // Tell the other modules a new comment has been submitted.
        module_invoke_all('comment', 'insert', $edit);
Dries's avatar
   
Dries committed
691

692
        // Add an entry to the watchdog log.
Dries's avatar
   
Dries committed
693
        watchdog('special', t('Comment: added %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')), l(t('view'), 'node/'. $edit['nid'], NULL, NULL, 'comment-'. $edit['cid']));
Dries's avatar
   
Dries committed
694
      }
Dries's avatar
   
Dries committed
695

696
      // Clear the cache so an anonymous user can see his comment being added.
Dries's avatar
   
Dries committed
697
      cache_clear_all();
Dries's avatar
   
Dries committed
698

Dries's avatar
   
Dries committed
699
700
      // Explain the moderation queue if necessary, and then
      // redirect the user to the node he's commenting on.
Dries's avatar
   
Dries committed
701
      if ($status == 1) {
Dries's avatar
   
Dries committed
702
703
        drupal_set_message(t('Your comment has been queued for moderation by site administrators and will be published after approval.'));
        drupal_goto('node/'. $edit['nid']);
Dries's avatar
   
Dries committed
704
705
      }
      else {
Dries's avatar
   
Dries committed
706
        drupal_goto('node/'. $edit['nid'] .'#comment-'. $edit['cid']);
Dries's avatar
   
Dries committed
707
708
709
710
      }
    }
    else {
      print theme('page', comment_preview($edit));
Dries's avatar
   
Dries committed
711
712
    }
  }
Dries's avatar
   
Dries committed
713
  else {
Dries's avatar
   
Dries committed
714
    watchdog('error', t('Comment: unauthorized comment submitted or comment submitted to a closed node %subject.', array('%subject' => '<em>'. $edit['subject'] .'</em>')));
Dries's avatar
   
Dries committed
715
716
717
718
  }
}

function comment_links($comment, $return = 1) {
Dries's avatar
   
Dries committed
719
  global $user;
Dries's avatar
   
Dries committed
720

Dries's avatar
   
Dries committed
721
  $links = array();
Dries's avatar
   
Dries committed
722

723
  // If we are viewing just this comment, we link back to the node.
Dries's avatar
   
Dries committed
724
  if ($return) {
725
    $links[] = l(t('parent'), comment_node_url(), NULL, NULL, "comment-$comment->cid");
Dries's avatar
   
Dries committed
726
  }
Dries's avatar
   
Dries committed
727

Dries's avatar
   
Dries committed
728
  if (node_comment_mode($comment->nid) == 2) {
729
    if (user_access('administer comments') && user_access('access administration pages')) {
Dries's avatar
   
Dries committed
730
731
732
      $links[] = l(t('delete'), "admin/comment/delete/$comment->cid");
      $links[] = l(t('edit'), "admin/comment/edit/$comment->cid");
      $links[] = l(t('reply'), "comment/reply/$comment->nid/$comment->cid");
733
    }
734
735
    else if (user_access('post comments')) {
      if (comment_access('edit', $comment)) {
Dries's avatar
   
Dries committed
736
        $links[] = l(t('edit'), "comment/edit/$comment->cid");
Dries's avatar
   
Dries committed
737
      }
Dries's avatar
   
Dries committed
738
      $links[] = l(t('reply'), "comment/reply/$comment->nid/$comment->cid");
Dries's avatar
   
Dries committed
739
740
    }
    else {
741
      $links[] = theme('comment_post_forbidden');
Dries's avatar
   
Dries committed
742
    }
Dries's avatar
   
Dries committed
743
  }
Dries's avatar
   
Dries committed
744

745
  if ($moderation = theme('comment_moderation_form', $comment)) {
Dries's avatar
   
Dries committed
746
747
    $links[] = $moderation;
  }
Dries's avatar
   
Dries committed
748

Dries's avatar
   
Dries committed
749
  return $links;
Dries's avatar
   
Dries committed
750
751
}

Dries's avatar
   
Dries committed
752
function comment_render($node, $cid = 0) {
Dries's avatar
   
Dries committed
753
754
  global $user;

755
756
757
758
759
  $mode = $_GET['mode'];
  $order = $_GET['order'];
  $threshold = $_GET['threshold'];
  $comments_per_page = $_GET['comments_per_page'];
  $comment_page = $_GET['comment_page'];
Dries's avatar
   
Dries committed
760

761
  $output = '';
Dries's avatar
   
Dries committed
762

763
764
  if (user_access('access comments')) {
    // Pre-process variables.
Dries's avatar
   
Dries committed
765
    $nid = $node->nid;
Dries's avatar
   
Dries committed
766
767
    if (empty($nid)) {
      $nid = 0;
Dries's avatar
   
Dries committed
768
769
770
    }

    if (empty($mode)) {
771
      $mode = $user->mode ? $user->mode : ($_SESSION['comment_mode'] ? $_SESSION['comment_mode'] : variable_get('comment_default_mode', 4));
Dries's avatar
   
Dries committed
772
773
774
    }

    if (empty($order)) {
775
      $order = $user->sort ? $user->sort : ($_SESSION['comment_sort'] ? $_SESSION['comment_sort'] : variable_get('comment_default_order', 1));
Dries's avatar
   
Dries committed
776
777
    }
    if (empty($threshold)) {
778
      $threshold = $user->threshold ? $user->threshold : ($_SESSION['comment_threshold'] ? $_SESSION['comment_threshold'] : variable_get('comment_default_threshold', 0));
Dries's avatar
   
Dries committed
779
    }
780
    $threshold_min = db_result(db_query('SELECT minimum FROM {moderation_filters} WHERE fid = %d', $threshold));
Dries's avatar
   
Dries committed
781

Dries's avatar
   
Dries committed
782
    if (empty($comments_per_page)) {
783
      $comments_per_page = $user->comments_per_page ? $user->comments_per_page : ($_SESSION['comment_comments_per_page'] ? $_SESSION['comment_comments_per_page'] : variable_get('comment_default_per_page', '50'));
Dries's avatar
   
Dries committed
784
    }
Dries's avatar
   
Dries committed
785

Dries's avatar
   
Dries committed
786
    $output .= "<a id=\"comment\"></a>\n";
Dries's avatar
   
Dries committed
787

Kjartan's avatar
Kjartan committed
788
    if ($cid) {
789
      // Single comment view.
Dries's avatar
   
Dries committed
790

791
792
      $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
      $output .= form_hidden('nid', $nid);
Dries's avatar
   
Dries committed
793

Dries's avatar
   
Dries committed
794
      $result = db_query('SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, c.name, c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status = 0 GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users', $cid);
Dries's avatar
   
Dries committed
795

Dries's avatar
   
Dries committed
796
      if ($comment = db_fetch_object($result)) {
Dries's avatar
   
Dries committed
797
        $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
Dries's avatar
   
Dries committed
798
        $output .= theme('comment_view', $comment, theme('links', module_invoke_all('link', 'comment', $comment, 1)));
Dries's avatar
   
Dries committed
799
      }
Dries's avatar
   
Dries committed
800

Dries's avatar
   
Dries committed
801
      if ((comment_user_can_moderate($node)) && $user->uid != $comment->uid && !(comment_already_moderated($user->uid, $comment->users))) {
802
        $output .= '<div style="text-align: center;">'. form_submit(t('Moderate comment')) .'</div><br />';
Dries's avatar
   
Dries committed
803
      }
804
      $output .= '</div></form>';
Dries's avatar
   
Dries committed
805
    }
Dries's avatar
   
Dries committed
806
    else {
807
      // Multiple comment view
Dries's avatar
   
Dries committed
808

Dries's avatar
   
Dries committed
809
      $query .= "SELECT c.cid as cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, c.name , c.mail, c.homepage, u.uid, u.name AS registered_name, u.picture, u.data, c.score, c.users, c.thread FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.nid = '". check_query($nid) ."' AND c.status = 0";
Dries's avatar
   
Dries committed
810

Dries's avatar
   
Dries committed
811
      $query .= ' GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, c.name, c.mail, u.picture, c.homepage, u.uid, u.name, u.picture, u.data, c.score, c.users, c.thread';
Dries's avatar
   
Dries committed
812

Dries's avatar
   
Dries committed
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
      /*
      ** We want to use the standard pager, but threads would need every
      ** comment to build the thread structure, so we need to store some
      ** extra info.
      **
      ** We use a "thread" field to store this extra info. The basic idea
      ** is to store a value and to order by that value. The "thread" field
      ** keeps this data in a way which is easy to update and convenient
      ** to use.
      **
      ** A "thread" value starts at "1". If we add a child (A) to this
      ** comment, we assign it a "thread" = "1.1". A child of (A) will have
      ** "1.1.1". Next brother of (A) will get "1.2". Next brother of the
      ** parent of (A) will get "2" and so on.
      **
      ** First of all note that the thread field stores the depth of the
      ** comment: depth 0 will be "X", depth 1 "X.X", depth 2 "X.X.X", etc.
      **
      ** Now to get the ordering right, consider this example:
      **
      ** 1
      ** 1.1
      ** 1.1.1
      ** 1.2
      ** 2
      **
      ** If we "ORDER BY thread ASC" we get the above result, and this is
      ** the natural order sorted by time.  However, if we "ORDER BY thread
      ** DESC" we get:
      **
      ** 2
      ** 1.2
      ** 1.1.1
      ** 1.1
      ** 1
      **
      ** Clearly, this is not a natural way to see a thread, and users
      ** will get confused. The natural order to show a thread by time
      ** desc would be:
      **
      ** 2
      ** 1
      ** 1.2
      ** 1.1
      ** 1.1.1
      **
      ** which is what we already did before the standard pager patch. To
      ** achieve this we simply add a "/" at the end of each "thread" value.
      ** This way out thread fields will look like depicted below:
      **
      ** 1/
      ** 1.1/
      ** 1.1.1/
      ** 1.2/
      ** 2/
      **
      ** we add "/" since this char is, in ASCII, higher than every number,
      ** so if now we "ORDER BY thread DESC" we get the correct order.  Try
      ** it, it works ;).  However this would spoil the "ORDER BY thread ASC"
      ** Here, we do not need to consider the trailing "/" so we use a
      ** substring only.
      */
Dries's avatar
   
Dries committed
875
876

      if ($order == 1) {
Dries's avatar
   
Dries committed
877
        if ($mode == 1 || $mode == 2) {
878
          $query .= ' ORDER BY c.timestamp DESC';
Dries's avatar
   
Dries committed
879
880
        }
        else {
881
          $query .= ' ORDER BY c.thread DESC';
Dries's avatar
   
Dries committed
882
        }
Dries's avatar
   
Dries committed
883
      }
Dries's avatar
   
Dries committed
884
      else if ($order == 2) {
Dries's avatar
   
Dries committed
885
        if ($mode == 1 || $mode == 2) {
886
          $query .= ' ORDER BY c.timestamp';
Dries's avatar
   
Dries committed
887
888
889
890
891
892
893
894
895
        }
        else {

          /*
          ** See comment above.  Analysis learns that this doesn't cost
          ** too much.  It scales much much better than having the whole
          ** comment structure.
          */

896
          $query .= ' ORDER BY SUBSTRING(c.thread, 1, (LENGTH(c.thread) - 1))';
Dries's avatar
   
Dries committed
897
        }
Dries's avatar
   
Dries committed
898
899
      }

900
      // Start a form, for use with comment control and moderation.
Dries's avatar
   
Dries committed
901
      $result = pager_query($query, $comments_per_page, 0, "SELECT COUNT(*) FROM {comments} WHERE nid = '". check_query($nid) ."'");
902
903
904
905
906
      if (db_num_rows($result) && (variable_get('comment_controls', 0) == 0 || variable_get('comment_controls', 0) == 2)) {
        $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
        $output .= theme('comment_controls', $threshold, $mode, $order, $comments_per_page);
        $output .= form_hidden('nid', $nid);
        $output .= '</div></form>';
Dries's avatar
   
Dries committed
907
      }
Dries's avatar
   
Dries committed
908

909
910
      $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
      $output .= form_hidden('nid', $nid);
Dries's avatar
   
Dries committed
911

Dries's avatar
   
Dries committed
912
      while ($comment = db_fetch_object($result)) {
Dries's avatar
   
Dries committed
913
        $comment = drupal_unpack($comment);
Dries's avatar
   
Dries committed
914
        $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
915
        $comment->depth = count(explode('.', $comment->thread)) - 1;
Dries's avatar
   
Dries committed
916

Dries's avatar
   
Dries committed
917
        if ($mode == 1) {
918
          $output .= theme('comment_flat_collapsed', $comment, $threshold_min);
Dries's avatar
   
Dries committed
919
        }
Dries's avatar
   
Dries committed
920
        else if ($mode == 2) {
921
          $output .= theme('comment_flat_expanded', $comment, $threshold_min);
Dries's avatar
   
Dries committed
922
        }
Dries's avatar
   
Dries committed
923
        else if ($mode == 3) {
924
          $output .= theme('comment_thread_min', $comment, $threshold_min);
Dries's avatar
   
Dries committed
925
        }
Dries's avatar
   
Dries committed
926
        else if ($mode == 4) {
927
          $output .= theme('comment_thread_max', $comment, $threshold_min);
Dries's avatar
   
Dries committed
928
        }
Dries's avatar
   
Dries committed
929
      }
Dries's avatar
   
Dries committed
930

Dries's avatar
   
Dries committed
931
932
933
934
935
936
937
      /*
      ** Use the standard pager; $pager_total is the number of returned rows,
      ** is global and defined in pager.inc.
      */
      if ($pager = theme('pager', NULL, $comments_per_page, 0, array('comments_per_page' => $comments_per_page))) {
        $output .= $pager;
      }
Dries's avatar
   
Dries committed
938

Dries's avatar
   
Dries committed
939
940
941
      if (db_num_rows($result) && comment_user_can_moderate($node)) {
        $output .= '<div align="center">'. form_submit(t('Moderate comments')) .'</div><br />';
      }
Dries's avatar
   
Dries committed
942

Dries's avatar
   
Dries committed
943
      $output .= '</div></form>';
Dries's avatar
   
Dries committed
944

Dries's avatar
   
Dries committed
945
946
947
948
949
950
951
952
953
954
955
956
957
958
      if (db_num_rows($result) && (variable_get('comment_controls', 0) == 1 || variable_get('comment_controls', 0) == 2)) {
        $output .= '<form method="post" action="'. url('comment') ."\"><div>\n";
        $output .= theme('comment_controls', $threshold, $mode, $order, $comments_per_page);
        $output .= form_hidden('nid', $nid);
        $output .= '</div></form>';
      }
    }

    // If enabled, show new comment form.
    if (user_access('post comments') && node_comment_mode($nid) == 2 && variable_get('comment_form_location', 0)) {
      $output .= theme('comment_form', array('nid' => $nid), t('Post new comment'));
    }
  }
  return $output;
Dries's avatar
   
Dries committed
959
960
}

Dries's avatar
   
Dries committed
961
962
963
/**
 * Menu callback; edit a comment from the administrative interface.
 */
Dries's avatar
Dries committed
964
function comment_admin_edit($cid) {
Dries's avatar
   
Dries committed
965

Dries's avatar
Dries committed
966
967
968
969
  // comment edits need to be saved.
  if ($_POST['op'] == t('Submit')) {
    $edit = $_POST['edit'];
    $output  = comment_save($edit['cid'], $edit);
Dries's avatar
Dries committed
970
    drupal_goto('admin/comment');
Dries's avatar
   
Dries committed
971
972
  }

Dries's avatar
Dries committed
973
974
  // if we're not saving our changes above, we're editing it.
  $result = db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON c.uid = u.uid WHERE c.cid = %d AND c.status != 2', $cid);
Dries's avatar
   
Dries committed
975
  $comment = db_fetch_object($result);
Dries's avatar
   
Dries committed
976
  $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
Dries's avatar
   
Dries committed
977
  $comment = drupal_unpack($comment);
Dries's avatar
   
Dries committed
978
979

  if ($comment) {
980
981
    $form .= form_item(t('Author'), format_name($comment));
    $form .= form_textfield(t('Subject'), 'subject', $comment->subject, 70, 128);
982
    $form .= form_textarea(t('Comment'), 'comment', $comment->comment, 70, 15, '');
983
    $form .= filter_form('format', $comment->format);
984
    $form .= form_radios(t('Status'), 'status', $comment->status, array('published', 'not published'));
Dries's avatar
Dries committed
985
    $form .= form_hidden('cid', $cid);
986
    $form .= form_submit(t('Submit'));
Dries's avatar
Dries committed
987
    print theme('page', form($form));
Dries's avatar
   
Dries committed
988
  }
Dries's avatar
 
Dries committed
989
990
}

Dries's avatar
   
Dries committed
991
992
993
/**
 * Menu callback; delete a comment.
 */
Dries's avatar
Dries committed
994
function comment_delete($cid) {
Dries's avatar
   
Dries committed
995
996
  $comment = db_fetch_object(db_query('SELECT c.*, u.name AS registered_name, u.uid FROM {comments} c INNER JOIN {users} u ON u.uid = c.uid WHERE c.cid = %d', $cid));
  $comment->name = $comment->registered_name ? $comment->registered_name : $comment->name;
997

Dries's avatar
Dries committed
998
  $output = '';
999

Dries's avatar
   
Dries committed
1000
  // We'll only delete if the user has confirmed the