public function fetch_comments($params = array())
{
// Make certain handler_vars local with defaults, and add them to the theme output
$locals = array('do_delete' => false, 'do_spam' => false, 'do_approve' => false, 'do_unapprove' => false, 'comment_ids' => null, 'nonce' => '', 'timestamp' => '', 'password_digest' => '', 'mass_spam_delete' => null, 'mass_delete' => null, 'type' => 'All', 'limit' => 20, 'offset' => 0, 'search' => '', 'status' => 'All', 'orderby' => 'date DESC');
foreach ($locals as $varname => $default) {
${$varname} = isset($this->handler_vars[$varname]) ? $this->handler_vars[$varname] : (isset($params[$varname]) ? $params[$varname] : $default);
$this->theme->{$varname} = ${$varname};
}
// Setting these mass_delete options prevents any other processing. Desired?
if (isset($mass_spam_delete) && $status == 'spam') {
// Delete all comments that have the spam status.
Comments::delete_by_status('spam');
// let's optimize the table
$result = DB::query('OPTIMIZE TABLE {comments}');
Session::notice(_t('Deleted all spam comments'));
EventLog::log(_t('Deleted all spam comments'), 'info');
Utils::redirect();
} elseif (isset($mass_delete) && $status == 'unapproved') {
// Delete all comments that are unapproved.
Comments::delete_by_status('unapproved');
Session::notice(_t('Deleted all unapproved comments'));
EventLog::log(_t('Deleted all unapproved comments'), 'info');
Utils::redirect();
} elseif (($do_delete || $do_spam || $do_approve || $do_unapprove) && isset($comment_ids)) {
$okay = true;
if (empty($nonce) || empty($timestamp) || empty($password_digest)) {
$okay = false;
}
$wsse = Utils::WSSE($nonce, $timestamp);
if ($password_digest != $wsse['digest']) {
$okay = false;
}
if ($okay) {
if ($do_delete) {
$action = 'delete';
} elseif ($do_spam) {
$action = 'spam';
} elseif ($do_approve) {
$action = 'approve';
} elseif ($do_unapprove) {
$action = 'unapprove';
}
$ids = array();
foreach ($comment_ids as $id => $id_value) {
if (!isset(${'$comment_ids[' . $id . ']'})) {
// Skip unmoderated submitted comment_ids
$ids[] = $id;
}
}
$to_update = Comments::get(array('id' => $ids));
$modstatus = array(_t('Deleted %d comments') => 0, _t('Marked %d comments as spam') => 0, _t('Approved %d comments') => 0, _t('Unapproved %d comments') => 0, _t('Edited %d comments') => 0);
Plugins::act('admin_moderate_comments', $action, $to_update, $this);
switch ($action) {
case 'delete':
// This comment was marked for deletion
$to_update = $this->comment_access_filter($to_update, 'delete');
Comments::delete_these($to_update);
$modstatus[_t('Deleted %d comments')] = count($to_update);
break;
case 'spam':
// This comment was marked as spam
$to_update = $this->comment_access_filter($to_update, 'edit');
Comments::moderate_these($to_update, 'spam');
$modstatus[_t('Marked %d comments as spam')] = count($to_update);
break;
case 'approve':
case 'approved':
// Comments marked for approval
$to_update = $this->comment_access_filter($to_update, 'edit');
Comments::moderate_these($to_update, 'approved');
$modstatus[_t('Approved %d comments')] = count($to_update);
foreach ($to_update as $comment) {
$modstatus[_t('Approved comments on these posts: %s')] = (isset($modstatus[_t('Approved comments on these posts: %s')]) ? $modstatus[_t('Approved comments on these posts: %s')] . ' · ' : '') . '<a href="' . $comment->post->permalink . '">' . $comment->post->title . '</a> ';
}
break;
case 'unapprove':
case 'unapproved':
// This comment was marked for unapproval
$to_update = $this->comment_access_filter($to_update, 'edit');
Comments::moderate_these($to_update, 'unapproved');
$modstatus[_t('Unapproved %d comments')] = count($to_update);
break;
case 'edit':
$to_update = $this->comment_access_filter($to_update, 'edit');
foreach ($to_update as $comment) {
// This comment was edited
if ($_POST['name_' . $comment->id] != null) {
$comment->name = $_POST['name_' . $comment->id];
}
if ($_POST['email_' . $comment->id] != null) {
$comment->email = $_POST['email_' . $comment->id];
}
if ($_POST['url_' . $comment->id] != null) {
$comment->url = $_POST['url_' . $comment->id];
}
if ($_POST['content_' . $comment->id] != null) {
$comment->content = $_POST['content_' . $comment->id];
}
$comment->update();
}
$modstatus[_t('Edited %d comments')] = count($to_update);
break;
}
foreach ($modstatus as $key => $value) {
if ($value) {
Session::notice(sprintf($key, $value));
}
}
}
Utils::redirect();
}
// we load the WSSE tokens
// for use in the delete button
$this->theme->wsse = Utils::WSSE();
$arguments = array('type' => $type, 'status' => $status, 'limit' => $limit, 'offset' => $offset, 'orderby' => $orderby);
// only get comments the user is allowed to manage
if (!User::identify()->can('manage_all_comments')) {
$arguments['post_author'] = User::identify()->id;
}
// there is no explicit 'all' type/status for comments, so we need to unset these arguments
// if that's what we want. At the same time we can set up the search field
$this->theme->search_args = '';
if ($type == 'All') {
unset($arguments['type']);
} else {
$this->theme->search_args = 'type:' . Comment::type_name($type) . ' ';
}
if ($status == 'All') {
unset($arguments['status']);
} else {
$this->theme->search_args .= 'status:' . Comment::status_name($status);
}
if ('' != $search) {
$arguments = array_merge($arguments, Comments::search_to_get($search));
}
$this->theme->comments = Comments::get($arguments);
$monthcts = Comments::get(array_merge($arguments, array('month_cts' => 1)));
$years = array();
foreach ($monthcts as $month) {
if (isset($years[$month->year])) {
$years[$month->year][] = $month;
} else {
$years[$month->year] = array($month);
}
}
$this->theme->years = $years;
$baseactions = array();
$statuses = Comment::list_comment_statuses();
foreach ($statuses as $statusid => $statusname) {
$baseactions[$statusname] = array('url' => 'javascript:itemManage.update(\'' . $statusname . '\',__commentid__);', 'title' => _t('Change this comment\'s status to %s', array($statusname)), 'label' => Comment::status_action($statusid), 'access' => 'edit');
}
/* Standard actions */
$baseactions['delete'] = array('url' => 'javascript:itemManage.update(\'delete\',__commentid__);', 'title' => _t('Delete this comment'), 'label' => _t('Delete'), 'access' => 'delete');
$baseactions['edit'] = array('url' => URL::get('edit_comment', 'id=__commentid__'), 'title' => _t('Edit this comment'), 'label' => _t('Edit'), 'access' => 'edit');
/* Allow plugins to apply actions */
$actions = Plugins::filter('comments_actions', $baseactions, $this->theme->comments);
foreach ($this->theme->comments as $comment) {
// filter the actions based on the user's permissions
$comment_access = $comment->get_access();
$menu = FormControlDropbutton::create('comment' . $comment->id . '_commentactions');
foreach ($actions as $name => $action) {
if ($name == Comment::status_name($comment->status)) {
// skip current status
continue;
}
if (!isset($action['label']) || empty($action['label'])) {
// just grab something so the thing is labeled
$action['label'] = _t($name);
}
// replace constants/placeholders
$action['url'] = str_replace('__commentid__', $comment->id, $action['url']);
$entry = FormControlSubmit::create($name)->set_caption($action['label'])->set_url($action['url'])->set_property('title', $action['title']);
if (!isset($action['access']) || ACL::access_check($comment_access, $action['access'])) {
$menu->append($entry);
}
}
$comment->menu = Plugins::filter('comment_actions', $menu, $comment);
}
}