Skip to content

Commit 16747fe

Browse files
carlbennettcarlbennett
committed
Add templating for commenting on documents
1 parent 3a4abce commit 16747fe

File tree

1 file changed

+32
-11
lines changed

1 file changed

+32
-11
lines changed

src/templates/Document/View.phtml

Lines changed: 32 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -8,10 +8,12 @@ use \BNETDocs\Libraries\User;
88
use \CarlBennett\MVC\Libraries\Common;
99
use \CarlBennett\MVC\Libraries\Pair;
1010

11-
$attachments = $this->getContext()->attachments;
12-
$comments = $this->getContext()->comments;
13-
$object_id = $this->getContext()->document_id;
14-
$object = $this->getContext()->document;
11+
$attachments = $this->getContext()->attachments;
12+
$comments = $this->getContext()->comments;
13+
$object = $this->getContext()->document;
14+
$object_id = $this->getContext()->document_id;
15+
$logged_in = $this->getContext()->user;
16+
$logged_in_id = ($logged_in ? $logged_in->getId() : null);
1517

1618
$logged_in = (
1719
isset($_SESSION['user_id']) ? new User($_SESSION['user_id']) : null
@@ -27,8 +29,8 @@ $url = Common::relativeUrlToAbsolute("/document/" . urlencode($object_id));
2729
if ($object) {
2830

2931
$url = $object->getURI();
30-
$title = htmlspecialchars($object->getTitle(), ENT_HTML5, "UTF-8");
3132

33+
$title = $object->getTitle();
3234
$description = Common::stripUpTo(trim(filter_var(
3335
$object->getContent(true), FILTER_SANITIZE_STRING
3436
)), "\n", 300);
@@ -75,7 +77,7 @@ require("./header.inc.phtml");
7577
<span class="float-right"><time datetime="<?php echo $object->getCreatedDateTime()->format('c'); ?>"><?php echo $object->getCreatedDateTime()->format("l, F j, Y"); ?></time></span>
7678
<?php } ?>
7779
<?php if ($user_id !== null) { ?>
78-
<span class="float-left"><a href="<?php echo $user_url; ?>"><img class="avatar" src="<?php echo $user_avatar; ?>"/> <?php echo htmlspecialchars($user_name, ENT_HTML5, "UTF-8"); ?></a></span>
80+
<span><a href="<?php echo $user_url; ?>"><img class="avatar" src="<?php echo $user_avatar; ?>"/> <?php echo filter_var($user_name, FILTER_SANITIZE_STRING); ?></a></span>
7981
<?php } ?>
8082
</footer>
8183
</article>
@@ -95,7 +97,7 @@ require("./header.inc.phtml");
9597
$a_author_url = $a_author_user->getURI();
9698
$a_author_avatar = $a_author_user->getAvatarURI(22);
9799
?>
98-
<tr><td><a href="<?php echo $a_url; ?>"><?php echo $a_filename; ?></a></td><td><?php echo $a_size; ?></td><td><?php echo $a_uploaddate; ?></td><td><a href="<?php echo $a_author_url; ?>"><img class="avatar" src="<?php echo $a_author_avatar; ?>"/> <?php echo htmlspecialchars($a_author_name, ENT_HTML5, "UTF-8"); ?></a></td></tr>
100+
<tr><td><a href="<?php echo $a_url; ?>"><?php echo $a_filename; ?></a></td><td><?php echo $a_size; ?></td><td><?php echo $a_uploaddate; ?></td><td><a href="<?php echo $a_author_url; ?>"><img class="avatar" src="<?php echo $a_author_avatar; ?>"/> <?php echo filter_var($a_author_name, FILTER_SANITIZE_STRING); ?></a></td></tr>
99101
<?php } ?>
100102
</tbody></table>
101103
</section>
@@ -106,23 +108,42 @@ require("./header.inc.phtml");
106108
<section>
107109
<?php if (!$comments) { ?>
108110
<p class="center"><em>no one has commented yet.</em></p>
109-
<?php } else { ?>
111+
<?php } else {
112+
$c_edit_visible_master = ($logged_in && ($logged_in->getOptionsBitmask() & User::OPTION_ACL_COMMENT_MODIFY));
113+
$c_delete_visible_master = ($logged_in && ($logged_in->getOptionsBitmask() & User::OPTION_ACL_COMMENT_DELETE));
114+
?>
110115
<table class="comments"><tbody>
111116
<?php foreach ($comments as $c) {
117+
$c_id = $c->getId();
112118
$c_user = $c->getUser();
113119
$c_user_name = $c_user->getName();
114120
$c_user_id = $c->getUserId();
115121
$c_user_url = $c_user->getURI();
116122
$c_user_avatar = $c_user->getAvatarURI(22);
123+
124+
$c_edit_visible = ($c_user_id == $logged_in_id || $c_edit_visible_master);
125+
$c_delete_visible = ($c_user_id == $logged_in_id || $c_delete_visible_master);
117126
?>
118-
<tr><td><a href="<?php echo $c_user_url; ?>"><img class="avatar" src="<?php echo $c_user_avatar; ?>"/> <?php echo htmlspecialchars($c_user_name, ENT_HTML5, "UTF-8"); ?></a><br/><time class="comment_timestamp" datetime="<?php echo $c->getCreatedDateTime()->format("c"); ?>"><?php echo $c->getCreatedDateTime()->format("D M j, Y g:ia T"); ?></time></td><td><?php echo $c->getContent(true); ?></td></tr>
127+
<tr><td><a href="<?php echo $c_user_url; ?>"><img class="avatar" src="<?php echo $c_user_avatar; ?>"/> <?php echo filter_var($c_user_name, FILTER_SANITIZE_STRING); ?></a><br/><time class="comment_timestamp" datetime="<?php echo $c->getCreatedDateTime()->format("c"); ?>"><?php echo $c->getCreatedDateTime()->format("D M j, Y g:ia T"); ?></time><?php if ($c_delete_visible) { ?><a class="button comment_button" href="<?php echo Common::relativeUrlToAbsolute("/comment/delete?id=" . urlencode($c_id)); ?>">Delete</a><?php } if ($c_edit_visible) { ?><a class="button comment_button" href="<?php echo Common::relativeUrlToAbsolute("/comment/edit?id=" . urlencode($c_id)); ?>">Edit</a><?php } ?></td><td><?php echo $c->getContent(true); ?></td></tr>
119128
<?php } ?>
120129
</tbody></table>
121130
<?php } ?>
122131
</section>
132+
<?php if ($logged_in) { ?>
133+
<section>
134+
<hr/>
135+
<form method="POST" action="<?php echo Common::relativeUrlToAbsolute("/comment/create"); ?>">
136+
<input type="hidden" name="parent_type" value="<?php echo Comment::PARENT_TYPE_DOCUMENT; ?>"/>
137+
<input type="hidden" name="parent_id" value="<?php echo $object_id; ?>"/>
138+
<p class="center"><label for="comment-content">Comment on this post:</label></p>
139+
<p class="center"><textarea id="comment-content" name="content" cols="80" rows="5"></textarea></p>
140+
<p class="center"><input type="submit" value="Comment"/></p>
141+
</form>
142+
</section>
143+
<?php } ?>
123144
<?php } else { ?>
124-
<header class="red"><?php echo htmlspecialchars($title, ENT_HTML5, "UTF-8"); ?></header>
125-
<section class="red"><?php echo htmlspecialchars($description, ENT_HTML5, "UTF-8"); ?></section>
145+
<header class="red"><?php echo filter_var($title, FILTER_SANITIZE_STRING); ?></header>
146+
<section class="red"><?php echo filter_var($description, FILTER_SANITIZE_STRING); ?></section>
126147
<?php } ?>
127148
</article>
128149
<?php require("./footer.inc.phtml"); ?>

0 commit comments

Comments
 (0)