use sql statement

This commit is contained in:
Jean-Christian Denis 2023-04-21 00:14:04 +02:00
parent 829c750901
commit ff63c5a582
Signed by: JcDenis
GPG key ID: 1B5B8C5B90B6C951

View file

@ -16,9 +16,14 @@ namespace Dotclear\Plugin\emailNotification;
use cursor;
use dcAuth;
use dcBlog;
use dcCore;
use dcNsProcess;
use dcRecord;
use Dotclear\Database\Statement\{
JoinStatement,
SelectStatement
};
use Dotclear\Helper\Html\Html;
use Dotclear\Helper\Network\Mail\Mail;
use rsExtUser;
@ -39,34 +44,57 @@ class Frontend extends dcNsProcess
}
dcCore::app()->addBehavior('publicAfterCommentCreate', function (cursor $cur, ?int $comment_id): void {
// nullsafe PHP < 8.0
if (is_null(dcCore::app()->auth) || is_null(dcCore::app()->blog)) {
return;
}
# We don't want notification for spam
if ($cur->comment_status == -2) {
if ((int) $cur->getField('comment_status') == dcBlog::COMMENT_JUNK) {
return;
}
# Information on comment author and post author
$rs = dcCore::app()->auth->sudo([dcCore::app()->blog, 'getComments'], ['comment_id' => $comment_id]);
if ($rs->isEmpty()) {
if (is_null($rs) || $rs->isEmpty()) {
return;
}
# Information on blog users
$strReq = 'SELECT U.user_id, user_email, user_options ' .
'FROM ' . dcCore::app()->blog->prefix . dcAuth::USER_TABLE_NAME . ' U ' .
'JOIN ' . dcCore::app()->blog->prefix . dcAuth::PERMISSIONS_TABLE_NAME . ' P ON U.user_id = P.user_id ' .
"WHERE blog_id = '" . dcCore::app()->con->escapeStr(dcCore::app()->blog->id) . "' " .
'UNION ' .
'SELECT user_id, user_email, user_options ' .
'FROM ' . dcCore::app()->blog->prefix . dcAuth::USER_TABLE_NAME . ' ' .
'WHERE user_super = 1 ';
$sql = new SelectStatement();
$users = $sql->from($sql->as(dcCore::app()->blog->prefix . dcAuth::USER_TABLE_NAME, 'U'))
->columns([
'U.user_id as user_id',
'user_email',
'user_options',
])
->join(
(new JoinStatement())
->from($sql->as(dcCore::app()->blog->prefix . dcAuth::PERMISSIONS_TABLE_NAME, 'P'))
->on('U.user_id = P.user_id')
->statement()
)
->where('blog_id = ' . $sql->quote(dcCore::app()->blog->id))
->union(
(new SelectStatement())
->columns([
'U.user_id as user_id',
'user_email',
'user_options',
])
->from($sql->as(dcCore::app()->blog->prefix . dcAuth::USER_TABLE_NAME, 'U'))
->where('user_super = 1')
->statement()
)
->select();
$users = dcCore::app()->con->select($strReq);
if (is_null($users) || $users->isEmpty()) {
return;
}
# Create notify list
$ulist = [];
while ($users->fetch()) {
if (!$users->user_email) {
if (!$users->f('user_email')) {
continue;
}
@ -75,15 +103,15 @@ class Frontend extends dcNsProcess
unset($o);
if ($notification_pref == 'all'
|| ($notification_pref == 'mine' && $users->user_id == $rs->user_id)) {
$ulist[$users->user_id] = $users->user_email;
|| ($notification_pref == 'mine' && $users->f('user_id') == $rs->f('user_id'))) {
$ulist[$users->f('user_id')] = $users->f('user_email');
}
}
if (count($ulist) > 0) {
# Author of the post wants to be notified by mail
$headers = [
'Reply-To: ' . $rs->comment_email,
'Reply-To: ' . $rs->f('comment_email'),
'Content-Type: text/plain; charset=UTF-8;',
'X-Mailer: Dotclear',
'X-Blog-Id: ' . Mail::B64Header(dcCore::app()->blog->id),
@ -91,33 +119,33 @@ class Frontend extends dcNsProcess
'X-Blog-Url: ' . Mail::B64Header(dcCore::app()->blog->url),
];
$subject = '[' . dcCore::app()->blog->name . '] ' . sprintf(__('"%s" - New comment'), $rs->post_title);
$subject = '[' . dcCore::app()->blog->name . '] ' . sprintf(__('"%s" - New comment'), $rs->f('post_title'));
$subject = Mail::B64Header($subject);
$msg = preg_replace('%</p>\s*<p>%msu', "\n\n", $rs->comment_content);
$msg = preg_replace('%</p>\s*<p>%msu', "\n\n", $rs->f('comment_content'));
$msg = Html::clean($msg);
$msg = html_entity_decode($msg);
if ($cur->comment_status == 1) {
if ((int) $cur->getField('comment_status') == dcBlog::COMMENT_PUBLISHED) {
$status = __('published');
} elseif ($cur->comment_status == 0) {
} elseif ((int) $cur->getField('comment_status') == dcBlog::COMMENT_UNPUBLISHED) {
$status = __('unpublished');
} elseif ($cur->comment_status == -1) {
} elseif ((int) $cur->getField('comment_status') == dcBlog::COMMENT_PENDING) {
$status = __('pending');
} else {
# unknown status
$status = $cur->comment_status;
$status = $cur->getField('comment_status');
}
$msg .= "\n\n-- \n" .
sprintf(__('Blog: %s'), dcCore::app()->blog->name) . "\n" .
sprintf(__('Entry: %s <%s>'), $rs->post_title, $rs->getPostURL()) . "\n" .
sprintf(__('Comment by: %s <%s>'), $rs->comment_author, $rs->comment_email) . "\n" .
sprintf(__('Entry: %s <%s>'), $rs->f('post_title'), $rs->getPostURL()) . "\n" .
sprintf(__('Comment by: %s <%s>'), $rs->f('comment_author'), $rs->f('comment_email')) . "\n" .
sprintf(__('Website: %s'), $rs->getAuthorURL()) . "\n" .
sprintf(__('Comment status: %s'), $status) . "\n" .
sprintf(__('Edit this comment: <%s>'), DC_ADMIN_URL .
((substr(DC_ADMIN_URL, -1) != '/') ? '/' : '') .
'comment.php?id=' . $cur->comment_id .
'comment.php?id=' . $cur->getField('comment_id') .
'&switchblog=' . dcCore::app()->blog->id) . "\n" .
__('You must log in on the backend before clicking on this link to go directly to the comment.');