https://www.mediawiki.org/wiki/Special:Code/MediaWiki/108296
Revision: 108296
Author: ashley
Date: 2012-01-07 00:48:27 +0000 (Sat, 07 Jan 2012)
Log Message:
-----------
Comments: version 2.5:
*ResourceLoader compatibility; lots of JS refactoring + associated PHP changes
*dropped backwards compatibility, MediaWiki 1.18 is now required
*removed $wgTitle usage
*removed key cruft; unused legacy security thing?
*removed DIY escaping functions; useless, bad design, etc.
*added some comments
*added some paranoia checks to AJAX functions file
Modified Paths:
--------------
trunk/extensions/Comments/Comment.js
trunk/extensions/Comments/Comment.php
trunk/extensions/Comments/CommentClass.php
trunk/extensions/Comments/Comments_AjaxFunctions.php
Modified: trunk/extensions/Comments/Comment.js
===================================================================
--- trunk/extensions/Comments/Comment.js 2012-01-07 00:39:08 UTC (rev
108295)
+++ trunk/extensions/Comments/Comment.js 2012-01-07 00:48:27 UTC (rev
108296)
@@ -4,7 +4,7 @@
* object-oriented.
*
* @file
- * @date 19 June 2011
+ * @date 7 January 2012
*/
var Comment = {
submitted: 0,
@@ -16,58 +16,14 @@
pause: 0,
/**
- * Change the opacity of an element in a cross-browser compatible
manner.
- *
- * @param opacity Integer: opacity
- * @param id String: element ID
- */
- changeOpacity: function( opacity, id ) {
- var object = document.getElementById( id ).style;
- object.opacity = ( opacity / 100 );
- object.MozOpacity = ( opacity / 100 );
- object.KhtmlOpacity = ( opacity / 100 );
- object.filter = 'alpha(opacity=' + opacity + ')';
- },
-
- /**
- * Code from http://brainerror.net/scripts/javascript/blendtrans/
- *
- * @param id String: element ID
- * @param opacStart Integer
- * @param opacEnd Integer
- * @param millisec Integer
- */
- opacity: function( id, opacStart, opacEnd, millisec ) {
- // speed for each frame
- var speed = Math.round( millisec / 100 );
- var timer = 0;
- var i;
-
- // determine the direction for the blending, if start and end
are the same nothing happens
- if( opacStart > opacEnd ) {
- for( i = opacStart; i >= opacEnd; i-- ) {
- setTimeout( "Comment.changeOpacity(" + i + ",'"
+ id + "')", ( timer * speed ) );
- timer++;
- document.getElementById( id ).style.display =
'none'; // added by Jack
- }
- } else if( opacStart < opacEnd ) {
- for( i = opacStart; i <= opacEnd; i++ ) {
- setTimeout( "Comment.changeOpacity(" + i + ",'"
+ id + "')", ( timer * speed ) );
- timer++;
- document.getElementById( id ).style.display =
'block'; // added by Jack
- }
- }
- },
-
- /**
* When a comment's author is ignored, "Show Comment" link will be
* presented to the user.
* If the user clicks on it, this function is called to show the hidden
* comment.
*/
show: function( id ) {
- Comment.opacity( 'ignore-' + id, 100, 0, 6500 );
- Comment.opacity( 'comment-' + id, 0, 100, 500 );
+ jQuery( '#ignore-' + id ).hide( 100 );
+ jQuery( '#comment-' + id ).show( 500 );
},
/**
@@ -78,18 +34,16 @@
* @param user_id Integer: user ID number of the user whose comments we
* want to block
* @param c_id Integer: comment ID number
- * @param mk String: vote key (MD5-hashed combination of comment ID, the
- * string 'pants' and user's name); unused
*/
- blockUser: function( user_name, user_id, c_id, mk ) {
+ blockUser: function( user_name, user_id, c_id ) {
if( !user_name ) {
- user_name = _COMMENT_BLOCK_ANON;
+ user_name = mw.msg( 'comment-block-anon' );
} else {
- user_name = _COMMENT_BLOCK_USER + ' ' + user_name;
+ user_name = mw.msg( 'comment-block-user' ) + ' ' +
user_name;
}
- if( confirm( _COMMENT_BLOCK_WARNING + ' ' + user_name + ' ?' )
) {
+ if( confirm( mw.msg( 'comment-block-warning' ) + ' ' +
user_name + ' ?' ) ) {
sajax_request_type = 'POST';
- sajax_do_call( 'wfCommentBlock', [ c_id, user_id, mk ],
function( response ) {
+ sajax_do_call( 'wfCommentBlock', [ c_id, user_id ],
function( response ) {
alert( response.responseText );
window.location.href = window.location;
});
@@ -102,20 +56,19 @@
*
* @param cid Integer: comment ID number
* @param vt Integer: vote value
- * @param mk String: vote key (MD5-hashed combination of comment ID, the
- * string 'pants' and user's name); unused
* @param vg
*/
- vote: function( cid, vt, mk, vg ) {
+ vote: function( cid, vt, vg ) {
sajax_request_type = 'POST';
sajax_do_call(
'wfCommentVote',
- [ cid, vt, mk, ( ( vg ) ? vg : 0 ),
document.commentform.pid.value ],
+ [ cid, vt, ( ( vg ) ? vg : 0 ),
document.commentform.pid.value ],
function( response ) {
document.getElementById( 'Comment' + cid
).innerHTML = response.responseText;
var img = '<img src="' + wgScriptPath +
'/extensions/Comments/images/voted.gif" alt="" />';
document.getElementById( 'CommentBtn' + cid
).innerHTML =
- img + '<span class="CommentVoted">' +
_COMMENT_VOTED + '</span>';
+ img + '<span class="CommentVoted">' +
+ mw.msg( 'comment-voted-label' ) +
'</span>';
}
);
},
@@ -129,7 +82,7 @@
* @param end
*/
viewComments: function( pid, ord, end ) {
- document.getElementById( 'allcomments' ).innerHTML =
_COMMENT_LOADING + '<br /><br />';
+ document.getElementById( 'allcomments' ).innerHTML = mw.msg(
'comment-loading' ) + '<br /><br />';
var x = sajax_init_object();
var url = wgServer + wgScriptPath +
'/index.php?title=Special:CommentListGet&pid=' + pid +
'&ord=' +
@@ -153,25 +106,12 @@
},
/**
- * HTML-encodes ampersands and plus signs in the given input string.
- *
- * @param str String: input
- * @return String: input with ampersands and plus signs encoded
- */
- fixString: function( str ) {
- str = str.replace( /&/gi, '%26' );
- str = str.replace( /\+/gi, '%2B' );
- return str;
- },
-
- /**
* Submit a new comment.
*/
submit: function() {
if( Comment.submitted === 0 ) {
Comment.submitted = 1;
- // Moved variables here...
var pidVal = document.commentform.pid.value;
var parentId;
if ( !document.commentform.comment_parent_id.value ) {
@@ -179,16 +119,12 @@
} else {
parentId =
document.commentform.comment_parent_id.value;
}
- var fixedStr = Comment.fixString(
document.commentform.comment_text.value );
- var sid = document.commentform.sid.value;
- var mk = document.commentform.mk.value;
+ var commentText =
document.commentform.comment_text.value;
- // @todo CHECKME: possible double-encoding
- // (fixString func + encodeURIComponent, which sajax
object does)
sajax_request_type = 'POST';
sajax_do_call(
'wfCommentSubmit',
- [ pidVal, parentId, fixedStr, sid, mk ],
+ [ pidVal, parentId, commentText ],
function( response ) {
document.commentform.comment_text.value
= '';
Comment.viewComments(
document.commentform.pid.value, 0, 1 );
@@ -199,40 +135,31 @@
},
/**
- * I'm not sure what is the purpose of this function. This is used in
- * toggleLiveComments() below.
- * AFAIK we can do document.getElementById( 'spy' ).innerHTML and get
the
- * desired results in all browsers, including Internet Explorer.
+ * Toggle comment auto-refreshing on or off
+ *
+ * @param status
*/
- Ob: function( e, f ) {
- if( document.all ) {
- return ( ( f ) ? document.all[e].style :
document.all[e] );
- } else {
- return ( ( f ) ? document.getElementById( e ).style :
document.getElementById( e ) );
- }
- },
-
toggleLiveComments: function( status ) {
- var Pause;
- // @todo FIXME/CHECKME: maybe this should be Comment.pause
instead?
if( status ) {
- Pause = 0;
+ Comment.pause = 0;
} else {
- Pause = 1;
+ Comment.pause = 1;
}
var msg;
if ( status ) {
- msg = _COMMENT_PAUSE_REFRESHER;
+ msg = mw.msg( 'comment-auto-refresher-pause' );
} else {
- msg = _COMMENT_ENABLE_REFRESHER;
+ msg = mw.msg( 'comment-auto-refresher-enable' );
}
- Comment.Ob( 'spy' ).innerHTML =
- '<a href="javascript:Comment.toggleLiveComments(' + ( (
status ) ? 0 : 1 ) +
- ')" style="font-size: 10px">' + msg + '</a>';
+
+ jQuery( 'div#spy a' ).click( function() {
+ Comment.toggleLiveComments( ( status ) ? 0 : 1 );
+ } ).css( 'font-size', '10px' ).text( msg );
+
if( !Comment.pause ) {
Comment.LatestCommentID =
document.commentform.lastcommentid.value;
Comment.timer = setTimeout(
- 'Comment.checkUpdate()',
+ function() { Comment.checkUpdate(); },
Comment.updateDelay
);
}
@@ -267,7 +194,10 @@
Comment.isBusy = false;
if( !Comment.pause ) {
clearTimeout( Comment.timer );
- Comment.timer = setTimeout( 'Comment.checkUpdate()',
Comment.updateDelay );
+ Comment.timer = setTimeout(
+ function() { Comment.checkUpdate(); },
+ Comment.updateDelay
+ );
}
},
@@ -278,9 +208,23 @@
* @param poster String: name of the person whom we're replying to
*/
reply: function( parentId, poster ) {
- document.getElementById( 'replyto' ).innerHTML =
_COMMENT_REPLY_TO +
- ' ' + poster + ' (<a
href="javascript:Comment.cancelReply()">' +
- _COMMENT_CANCEL_REPLY + '</a>) <br />';
+ jQuery( '#replyto' ).text(
+ mw.msg( 'comment-reply-to' ) + ' ' + poster + ' ('
+ );
+ jQuery( '<a>', {
+ href: 'javascript:void(0);',
+ 'class': 'comments-cancel-reply-link',
+ click: function() {
+ // Calling Comments.cancelReply(); here, like
in the original
+ // code, does not work for some reason so we
have to duplicate
+ // its functionality here. Ah well, it's only
two lines.
+ document.getElementById( 'replyto' ).innerHTML
= '';
+ document.commentform.comment_parent_id.value =
'';
+ },
+ text: mw.msg( 'comment-cancel-reply' )
+ } ).appendTo( '#replyto' );
+ jQuery( '#replyto' ).append( ') <br />' );
+
document.commentform.comment_parent_id.value = parentId;
},
@@ -288,4 +232,66 @@
document.getElementById( 'replyto' ).innerHTML = '';
document.commentform.comment_parent_id.value = '';
}
-};
\ No newline at end of file
+};
+
+jQuery( document ).ready( function() {
+ // "Sort by X" feature
+ jQuery( 'select[name="TheOrder"]' ).change( function() {
+ Comment.viewComments(
+ mw.config.get( 'wgArticleId' ), // or we could use
jQuery( 'input[name="pid"]' ).val(), too
+ jQuery( this ).val()
+ );
+ } );
+
+ // Comment auto-refresher
+ jQuery( 'div#spy a' ).click( function() {
+ Comment.toggleLiveComments( 1 );
+ } );
+
+ // Voting links
+ jQuery( 'a#comment-vote-link' ).click( function() {
+ var that = jQuery( this );
+ Comment.vote(
+ that.data( 'comment-id' ),
+ that.data( 'vote-type' ),
+ that.data( 'voting' )
+ );
+ } );
+
+ // "Block this user" links
+ jQuery( 'a.comments-block-user' ).each( function( index ) {
+ var that = jQuery( this );
+ that.click( function() {
+ Comment.blockUser(
+ that.data( 'comments-safe-username' ),
+ that.data( 'comments-user-id' ),
+ that.data( 'comments-comment-id' )
+ );
+ } );
+ } );
+
+ // "Show this hidden comment" -- comments made by people on the user's
+ // personal block list
+ jQuery( 'div.c-ignored-links a' ).each( function( index ) {
+ var that = jQuery( this );
+ that.click( function() {
+ Comment.show( that.data( 'comment-id' ) );
+ } );
+ } );
+
+ // Reply links
+ jQuery( 'a.comments-reply-to' ).each( function( index ) {
+ var that = jQuery( this );
+ that.bind( 'click', function() {
+ Comment.reply(
+ that.data( 'comment-id' ),
+ that.data( 'comments-safe-username' )
+ );
+ } );
+ } );
+
+ // Handle clicks on the submit button (previously this was an onclick
attr)
+ jQuery( 'div.c-form-button input[type="button"]' ).click( function() {
+ Comment.submit();
+ } );
+} );
\ No newline at end of file
Modified: trunk/extensions/Comments/Comment.php
===================================================================
--- trunk/extensions/Comments/Comment.php 2012-01-07 00:39:08 UTC (rev
108295)
+++ trunk/extensions/Comments/Comment.php 2012-01-07 00:48:27 UTC (rev
108296)
@@ -4,12 +4,12 @@
*
* @file
* @ingroup Extensions
- * @version 2.4.1
+ * @version 2.5
* @author David Pean <david.p...@gmail.com>
* @author Misza <mi...@shoutwiki.com>
* @author Jack Phoenix <j...@countervandalism.net>
- * @copyright Copyright © 2008-2011 David Pean, Misza and Jack Phoenix
- * @link http://www.mediawiki.org/wiki/Extension:Comments Documentation
+ * @copyright Copyright © 2008-2012 David Pean, Misza and Jack Phoenix
+ * @link https://www.mediawiki.org/wiki/Extension:Comments Documentation
* @license http://www.gnu.org/copyleft/gpl.html GNU General Public License
2.0 or later
*/
@@ -24,7 +24,7 @@
// Extension credits that will show up on Special:Version
$wgExtensionCredits['parserhook'][] = array(
'name' => 'Comments',
- 'version' => '2.4.1',
+ 'version' => '2.5',
'author' => array( 'David Pean', 'Misza', 'Jack Phoenix' ),
'description' => 'Adds <tt><comments></tt> parser hook that
allows commenting on articles',
'url' => 'https://www.mediawiki.org/wiki/Extension:Comments'
@@ -34,6 +34,12 @@
$wgResourceModules['ext.comments'] = array(
'scripts' => 'Comment.js',
'styles' => 'Comments.css',
+ 'messages' => array(
+ 'comment-voted-label', 'comment-loading',
+ 'comment-auto-refresher-pause', 'comment-auto-refresher-enable',
+ 'comment-cancel-reply', 'comment-reply-to',
'comment-block-warning',
+ 'comment-block-anon', 'comment-block-user'
+ ),
'localBasePath' => dirname( __FILE__ ),
'remoteExtPath' => 'Comments',
'position' => 'top' // available since r85616
@@ -91,24 +97,24 @@
}
function displayComments( $input, $args, $parser ) {
- global $wgTitle, $wgOut, $wgScriptPath, $wgHooks;
+ global $wgOut;
wfProfileIn( __METHOD__ );
$parser->disableCache();
- // Add required CSS & JS
- if ( defined( 'MW_SUPPORTS_RESOURCE_MODULES' ) ) {
- $wgOut->addModules( 'ext.comments' );
- } else {
- $wgOut->addScriptFile( $wgScriptPath .
'/extensions/Comments/Comment.js' );
- $wgOut->addExtensionStyle( $wgScriptPath .
'/extensions/Comments/Comments.css' );
- }
+ // Add required CSS & JS via ResourceLoader
+ $wgOut->addModules( 'ext.comments' );
- // Add i18n for JS
- $wgHooks['MakeGlobalVariablesScript'][] = 'wfAddCommentJSVars';
-
// Parse arguments
+ // The preg_match() lines here are to support the old-style way of
+ // adding arguments:
+ // <comments>
+ // Allow=Foo,Bar
+ // Voting=Plus
+ // </comments>
+ // whereas the normal, standard MediaWiki style, which this extension
+ // also supports is: <comments allow="Foo,Bar" voting="Plus" />
$allow = '';
if( preg_match( '/^\s*Allow\s*=\s*(.*)/mi', $input, $matches ) ) {
$allow = htmlspecialchars( $matches[1] );
@@ -127,7 +133,7 @@
$voting = $args['voting'];
}
- $comment = new Comment( $wgTitle->getArticleID() );
+ $comment = new Comment( $wgOut->getTitle()->getArticleID() );
$comment->setAllow( $allow );
$comment->setVoting( $voting );
@@ -141,6 +147,8 @@
$output .= '<div id="allcomments">' . $comment->display() . '</div>';
+ // If the database is in read-only mode, display a message informing the
+ // user about that, otherwise allow them to comment
if( !wfReadOnly() ) {
$output .= $comment->displayForm();
} else {
@@ -152,26 +160,6 @@
return $output;
}
-/**
- * Add some i18n messages to the array of JS globals. This is called from
- * displayComments() (the callback function for wfComments).
- *
- * @param $vars Array: array of pre-existing JavaScript global variables
- * @return Boolean: true
- */
-function wfAddCommentJSVars( $vars ) {
- $vars['_COMMENT_VOTED'] = wfMsg( 'comment-voted-label' );
- $vars['_COMMENT_LOADING'] = wfMsg( 'comment-loading' );
- $vars['_COMMENT_PAUSE_REFRESHER'] = wfMsg(
'comment-auto-refresher-pause' );
- $vars['_COMMENT_ENABLE_REFRESHER'] = wfMsg(
'comment-auto-refresher-enable' );
- $vars['_COMMENT_CANCEL_REPLY'] = wfMsg( 'comment-cancel-reply' );
- $vars['_COMMENT_REPLY_TO'] = wfMsg( 'comment-reply-to' );
- $vars['_COMMENT_BLOCK_WARNING'] = wfMsg( 'comment-block-warning' );
- $vars['_COMMENT_BLOCK_ANON'] = wfMsg( 'comment-block-anon' );
- $vars['_COMMENT_BLOCK_USER'] = wfMsg( 'comment-block-user' );
- return true;
-}
-
// Translations for {{NUMBEROFCOMMENTS}}
//$wgExtensionMessagesFiles['NumberOfComments'] = $dir .
'Comments.i18n.magic.php';
Modified: trunk/extensions/Comments/CommentClass.php
===================================================================
--- trunk/extensions/Comments/CommentClass.php 2012-01-07 00:39:08 UTC (rev
108295)
+++ trunk/extensions/Comments/CommentClass.php 2012-01-07 00:48:27 UTC (rev
108296)
@@ -112,22 +112,19 @@
}
function getCommentText( $comment_text ) {
- global $wgTitle, $wgOut, $wgParser;
+ global $wgOut, $wgParser;
- $comment_text = trim( str_replace( """, "'", $comment_text
) );
+ $comment_text = trim( str_replace( '"', "'", $comment_text
) );
$comment_text_parts = explode( "\n", $comment_text );
$comment_text_fix = '';
foreach( $comment_text_parts as $part ) {
$comment_text_fix .= ( ( $comment_text_fix ) ? "\n" :
'' ) . trim( $part );
}
- if( $wgTitle->getArticleID() > 0 ) {
+ if( $wgOut->getTitle()->getArticleID() > 0 ) {
$comment_text = $wgParser->recursiveTagParse(
$comment_text_fix );
} else {
- $comment_text = $wgParser->parse(
- $comment_text_fix, $wgTitle,
$wgOut->parserOptions(), true
- );
- $comment_text = $comment_text->getText();
+ $comment_text = $wgOut->parse( $comment_text_fix );
}
// really bad hack because we want to parse=firstline, but
don't want wrapping <p> tags
@@ -264,9 +261,7 @@
global $wgUser;
$dbw = wfGetDB( DB_MASTER );
- // @todo FIXME/CHECKME: hurr durr legacy DIY security...still
needed?
- // I sure hope not...
- $text = /*$this->fixStr( str_replace( "'", '"',*/
$this->CommentText /*) )*/;
+ $text = $this->CommentText;
wfSuppressWarnings();
$commentDate = date( 'Y-m-d H:i:s' );
wfRestoreWarnings();
@@ -651,7 +646,7 @@
$output = '<div class="c-order">
<div class="c-order-select">
<form name="ChangeOrder" action="">
- <select name="TheOrder"
onchange="Comment.viewComments(' . $this->PageID . ',this.value)">
+ <select name="TheOrder">
<option value="0">' .
wfMsg(
'comment-sort-by-date' ) .
'</option>
@@ -662,7 +657,7 @@
</form>
</div>
<div id="spy" class="c-spy">
- <a
href="javascript:Comment.toggleLiveComments(1)">' .
+ <a href="javascript:void(0)">' .
wfMsg( 'comment-auto-refresher-enable'
) .
'</a>
</div>
@@ -682,11 +677,10 @@
}
$voteLink = '';
- $voteKey = md5( $commentID . 'pants' . $wgUser->getName() );
if ( $wgUser->isLoggedIn() ) {
- $voteLink .= '<a href=\'javascript:Comment.vote(' .
$commentID .
- ',' . $voteType . ',"' . $voteKey . '","' .
$this->Voting .
- '")\'>';
+ $voteLink .= '<a id="comment-vote-link"
data-comment-id="' .
+ $commentID . '" data-vote-type="' . $voteType .
+ '" data-voting="' . $this->Voting . '"
href="javascript:void(0);">';
} else {
// Anonymous users need to log in before they can vote
$login = SpecialPage::getTitleFor( 'Userlogin' );
@@ -757,7 +751,8 @@
if( $comment['Comment_user_id'] != 0 ) {
$title = Title::makeTitle( NS_USER,
$comment['Comment_Username'] );
- $CommentPoster = '<a href="' .
$title->escapeFullURL() . '" rel="nofollow">' . $comment['Comment_Username'] .
'</a>';
+ $CommentPoster = '<a href="' .
$title->escapeFullURL() .
+ '" rel="nofollow">' .
$comment['Comment_Username'] . '</a>';
$CommentReplyTo =
$comment['Comment_Username'];
@@ -788,8 +783,8 @@
if( $replyRow ) {
$replyRow .= ' | ';
}
- $replyRow .= " | <a href=\"#end\"
rel=\"nofollow\" onclick=\"javascript:Comment.reply({$comment['CommentID']},'" .
- htmlspecialchars(
$CommentReplyTo, ENT_QUOTES ) . "')\">" .
+ $replyRow .= " | <a href=\"#end\"
rel=\"nofollow\" class=\"comments-reply-to\"
data-comment-id=\"{$comment['CommentID']}\" data-comments-safe-username=\"" .
+ htmlspecialchars(
$CommentReplyTo, ENT_QUOTES ) . '">' .
wfMsg( 'comment-reply' ) .
'</a>';
}
@@ -801,17 +796,18 @@
$comment_class = 'r-message';
}
- // Display Block icon for logged in users for
comments of users that are already not in your block list
+ // Display Block icon for logged in users for
comments of users
+ // that are already not in your block list
$block_link = '';
if(
$wgUser->getID() != 0 &&
$wgUser->getID() != $comment['Comment_user_id'] &&
!( in_array(
$comment['Comment_Username'], $block_list ) )
) {
- $block_link = "<a
href=\"javascript:void(0)\" rel=\"nofollow\"
onclick=\"javascript:Comment.blockUser('" .
+ $block_link = '<a
href="javascript:void(0);" rel="nofollow" class="comments-block-user"
data-comments-safe-username="' .
htmlspecialchars(
$comment['Comment_Username'], ENT_QUOTES ) .
-
"',{$comment['Comment_user_id']},{$comment['CommentID']},'" .
- md5(
$comment['Comment_Username'] . '-' . $comment['Comment_user_id'] ) . "')\">
+ '" data-comments-comment-id="'
. $comment['CommentID'] . '" data-comments-user-id="' .
+ $comment['Comment_user_id'] .
"\">
<img
src=\"{$wgScriptPath}/extensions/Comments/images/block.png\" border=\"0\"
alt=\"\"/>
</a>";
}
@@ -828,7 +824,7 @@
$output .= "<div
id=\"ignore-{$comment['CommentID']}\" class=\"c-ignored
{$container_class}\">\n";
$output .= wfMsgExt(
'comment-ignore-message', 'parsemag' );
$output .= '<div
class="c-ignored-links">' . "\n";
- $output .= "<a
href=\"javascript:Comment.show({$comment['CommentID']});\">" .
+ $output .= "<a
href=\"javascript:void(0);\" data-comment-id=\"{$comment['CommentID']}\">" .
wfMsg(
'comment-show-comment-link' ) . '</a> | ';
$output .= "<a
href=\"{$blockListTitle->escapeFullURL()}\">" .
wfMsg(
'comment-manage-blocklist-link' ) . '</a>';
@@ -910,7 +906,8 @@
$output .= $this->getCommentText(
$comment['Comment_Text'] );
$output .= '</div>' . "\n";
$output .= '<div class="c-actions">' . "\n";
- $output .= '<a href="' .
$title->escapeFullURL() . "#comment-{$comment['CommentID']}\"
rel=\"nofollow\">" . wfMsg( 'comment-permalink' ) . '</a> ';
+ $output .= '<a href="' .
$title->escapeFullURL() . "#comment-{$comment['CommentID']}\"
rel=\"nofollow\">" .
+ wfMsg( 'comment-permalink' ) . '</a> ';
if( $replyRow || $dlt ) {
$output .= "{$replyRow} {$dlt}" . "\n";
}
@@ -925,25 +922,13 @@
}
/**
- * "Fixes" a string - replaces urlencoded entries with proper characters
- *
- * @param $str String: string to fix
- * @return $str String: fixed string
- */
- function fixStr( $str ) {
- $str = str_replace( '%26', '&', $str );
- $str = str_replace( '%2B', '+', $str );
- $str = str_replace( '%5C', "\\", $str );
- return $str;
- }
-
- /**
* Displays the form for adding new comments
*
* @return $output Mixed: HTML output
*/
function displayForm() {
global $wgUser;
+
$output = '<form action="" method="post" name="commentform">' .
"\n";
if( $this->Allow ) {
@@ -952,7 +937,6 @@
strtoupper( addslashes( $wgUser->getName() ) )
);
}
- $commentKey = md5( $this->PageID . 'pants' . $wgUser->getName()
);
// 'comment' user right is required to add new comments
if( !$wgUser->isAllowed( 'comment' ) ) {
@@ -962,8 +946,10 @@
// and maybe there's a list of users who should be
allowed to post
// comments
if( $wgUser->isBlocked() == false && ( $this->Allow ==
'' || $pos !== false ) ) {
- $output .= '<div class="c-form-title">' .
wfMsg( 'comment-submit' ) . '</div>' . "\n";
+ $output .= '<div class="c-form-title">' .
+ wfMsg( 'comment-submit' ) . '</div>' .
"\n";
$output .= '<div id="replyto"
class="c-form-reply-to"></div>' . "\n";
+ // Show a message to anons, prompting them to
register or log in
if ( !$wgUser->isLoggedIn() ) {
$login_title =
SpecialPage::getTitleFor( 'Userlogin' );
$register_title =
SpecialPage::getTitleFor( 'Userlogin', 'signup' );
@@ -976,15 +962,14 @@
}
$output .= '<textarea name="comment_text"
id="comment" rows="5" cols="64"></textarea>' . "\n";
- $output .= '<div class="c-form-button"><input
type="button" value="' . wfMsg( 'comment-post' ) . '"
onclick="javascript:Comment.submit()" class="site-button" /></div>' . "\n";
+ $output .= '<div class="c-form-button"><input
type="button" value="' .
+ wfMsg( 'comment-post' ) . '"
class="site-button" /></div>' . "\n";
}
$output .= '<input type="hidden" name="action"
value="purge" />' . "\n";
$output .= '<input type="hidden" name="pid" value="' .
$this->PageID . '" />' . "\n";
$output .= '<input type="hidden" name="commentid" />' .
"\n";
$output .= '<input type="hidden" name="lastcommentid"
value="' . $this->getLatestCommentID() . '" />' . "\n";
$output .= '<input type="hidden"
name="comment_parent_id" />' . "\n";
- $output .= '<input type="hidden" name="sid" value="' .
session_id() . '" />' . "\n";
- $output .= '<input type="hidden" name="mk" value="' .
$commentKey . '" />' . "\n";
}
$output .= '</form>' . "\n";
return $output;
Modified: trunk/extensions/Comments/Comments_AjaxFunctions.php
===================================================================
--- trunk/extensions/Comments/Comments_AjaxFunctions.php 2012-01-07
00:39:08 UTC (rev 108295)
+++ trunk/extensions/Comments/Comments_AjaxFunctions.php 2012-01-07
00:48:27 UTC (rev 108296)
@@ -4,7 +4,14 @@
*/
$wgAjaxExportList[] = 'wfCommentSubmit';
-function wfCommentSubmit( $page_id, $parent_id, $comment_text, $sid, $mk ) {
+function wfCommentSubmit( $page_id, $parent_id, $comment_text ) {
+ global $wgUser;
+
+ // Blocked users cannot submit new comments
+ if( $wgUser->isBlocked() ) {
+ return '';
+ }
+
if( $comment_text != '' ) {
$comment = new Comment( $page_id );
$comment->setCommentText( $comment_text );
@@ -12,7 +19,6 @@
$comment->add();
if( class_exists( 'UserStatsTrack' ) ) {
- global $wgUser;
$stats = new UserStatsTrack( $wgUser->getID(),
$wgUser->getName() );
$stats->incStatField( 'comment' );
}
@@ -21,7 +27,14 @@
}
$wgAjaxExportList[] = 'wfCommentVote';
-function wfCommentVote( $comment_id, $vote_value, $mk, $vg, $page_id ) {
+function wfCommentVote( $comment_id, $vote_value, $vg, $page_id ) {
+ global $wgUser;
+
+ // Blocked users cannot vote, obviously
+ if( $wgUser->isBlocked() ) {
+ return '';
+ }
+
if( is_numeric( $comment_id ) && is_numeric( $vote_value ) ) {
$dbr = wfGetDB( DB_SLAVE );
$res = $dbr->select(
@@ -41,7 +54,6 @@
$out = $comment->getCommentScore();
if( class_exists( 'UserStatsTrack' ) ) {
- global $wgUser;
$stats = new UserStatsTrack( $wgUser->getID(),
$wgUser->getName() );
// Must update stats for user doing the voting
@@ -96,7 +108,7 @@
}
$wgAjaxExportList[] = 'wfCommentBlock';
-function wfCommentBlock( $comment_id, $user_id, $mk ) {
+function wfCommentBlock( $comment_id, $user_id ) {
// Load user_name and user_id for person we want to block from the
comment it originated from
$dbr = wfGetDB( DB_SLAVE );
$s = $dbr->selectRow(
_______________________________________________
MediaWiki-CVS mailing list
MediaWiki-CVS@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/mediawiki-cvs
