ComunicAPI/RestControllers/CommentsController.php

205 lines
5.4 KiB
PHP
Raw Normal View History

2018-01-25 06:55:18 +01:00
<?php
/**
* Comments controller
*
* @author Pierre HUBERT
*/
class CommentsController {
2018-01-25 06:55:18 +01:00
2018-01-31 06:47:25 +01:00
/**
* Create a comment
*
* @url POST /comments/create
*/
public function create(){
user_login_required();
//Get the ID of the associated post
$postID = getPostPostIDWithAccess("postID");
//Check if an image was included in the request
if(check_post_file("image")){
//Get comment content
$content = $this->get_comment_content("content", false);
//Save the image
$image_path = save_post_image("image", userID, "imgcommentaire", 700, 700);
}
//Else check the content of the comment before getting it
else
$content = $this->get_comment_content("content", true);
2018-04-22 13:51:22 +02:00
//Create comment object with new information
$comment = new Comment();
$comment->set_postID($postID);
$comment->set_userID(userID);
$comment->set_content($content);
$comment->set_img_path(isset($image_path) ? $image_path : "");
2018-01-31 06:47:25 +01:00
//Try to create the comment
2018-04-22 13:51:22 +02:00
$commentID = components()->comments->create($comment);
2018-01-31 06:47:25 +01:00
//Check for errors
if($commentID < 1)
Rest_fatal_error(500, "An error occured while trying to create comment !");
2018-02-17 19:25:33 +01:00
2018-02-18 18:40:16 +01:00
//Create a notification about the comments created
2018-02-17 19:25:33 +01:00
$notification = new Notification();
2018-02-18 14:40:54 +01:00
$notification->set_time_create(time());
2018-02-17 19:25:33 +01:00
$notification->set_from_user_id(userID);
$notification->set_on_elem_id($postID);
$notification->set_on_elem_type(Notification::POST);
$notification->set_type(Notification::COMMENT_CREATED);
components()->notifications->push($notification);
//Delete any other notification targeting this user about the post
delete_user_notifications_over_post(userID, $postID);
2018-02-18 18:40:16 +01:00
2018-01-31 06:47:25 +01:00
//Success
return array(
"success" => "The comment was created!",
"commentID" => $commentID
);
}
/**
* Get informations about a single comment
*
* @url POST /comments/get_single
*/
public function get_single_infos(){
//Get the comment ID
$commentID = getPostCommentIDWithAccess("commentID");
//Get informations about the comment
$comment = components()->comments->get_single($commentID, TRUE);
//Check for errors
if(!$comment->isValid())
Rest_fatal_error(500, "Couldn't fetch informations about the comment !");
//Return informations about the comment
return $this->commentToAPI($comment);
}
2018-01-27 18:19:30 +01:00
/**
* Edit a comment content
*
* @url POST /comments/edit
*/
public function edit_comment(){
user_login_required();
//Get comment ID
$commentID = $this->getPostCommentIDWithFullAccess("commentID");
//Get comment content$
$new_content = $this->get_comment_content("content");
//Update comment content
if(!components()->comments->edit($commentID, $new_content))
Rest_fatal_error(500, "Could not update comment content !");
//Success
return array("success" => "The comment has been updated !");
}
2018-01-25 06:55:18 +01:00
/**
* Delete a comment
*
* @url POST /comments/delete
*/
public function delete_comment(){
user_login_required();
//Get comment ID
$commentID = $this->getPostCommentIDWithFullAccess("commentID");
//Try to delete the comment
if(!components()->comments->delete($commentID))
Rest_fatal_error(500, "Coudln't delete comment!");
//Success
return array("success" => "The comment has been deleted!");
}
/**
* Get a comment ID with full access
*
* @param string $name The name of the POST field containing
* the comment ID
* @return int The comment ID
*/
private function getPostCommentIDWithFullAccess($name) : int {
//Get comment ID
$commentID = getPostCommentIDWithAccess($name);
//Check the user is the owner of the comment
if(!components()->comments->is_owner(userID, $commentID))
Rest_fatal_error(401, "You are not the owner of this comment !");
//Return comment ID
return $commentID;
}
2018-01-27 18:19:30 +01:00
/**
* Get a comment content from $_POST field
*
* @param string $name The name of post field containing the commment content
2018-01-31 06:47:25 +01:00
* @param bool $need_check TRUE if the comment content has to be checked / FALSE else
2018-01-27 18:19:30 +01:00
* @return string The comment content, if it passed security checks
*/
2018-01-31 06:47:25 +01:00
private function get_comment_content(string $name, bool $need_check = true) : string {
2018-01-27 18:19:30 +01:00
//Get comment content
if(!isset($_POST[$name]))
Rest_fatal_error(400, "Please specify the new content of the comment!");
$comment_content = (string) $_POST[$name];
//Perform security check
2018-01-31 06:47:25 +01:00
if(!check_string_before_insert($comment_content) && $need_check)
2018-01-27 18:19:30 +01:00
Rest_fatal_error(400, "Please check new comment content !");
//Make the comment secure before insertion
$comment_content = removeHTMLnodes($comment_content);
//Return comment conent
return $comment_content;
}
/**
* Turn a comment object into a readable object
*
* @param Comment $comment The comment to convert
* @return array Informations about the comment
*/
public static function commentToAPI(Comment $comment) : array {
$data = array();
$data["ID"] = $comment->get_id();
$data["userID"] = $comment->get_userID();
$data["postID"] = $comment->get_postID();
$data["time_sent"] = $comment->get_time_sent();
2018-05-19 09:36:09 +02:00
$data["content"] = $comment->has_content() ? $comment->get_content() : "";
$data["img_path"] = $comment->has_img_path() ? $comment->get_img_path() : null;
$data["img_url"] = $comment->has_img_url() ? $comment->get_img_url() : null;
if($comment->has_likes()){
$data["likes"] = $comment->get_likes();
$data["userlike"] = $comment->get_userlike();
}
return $data;
}
2018-01-25 06:55:18 +01:00
}