Name == 'OnAddReview') { $item_prefix = $this->getPermPrefix($event); $res = $this->Application->CheckPermission($item_prefix.'.REVIEW.PENDING', 0) || $this->Application->CheckPermission($item_prefix.'.REVIEW', 0); if (!$res) { $event->status = erPERM_FAIL; } return $res; } return parent::CheckPermission($event); } /** * Returns prefix for permissions * * @param kEvent $event */ function getPermPrefix(&$event) { $main_prefix = $this->Application->GetTopmostPrefix($event->Prefix); // this will return LINK for l, ARTICLE for n, TOPIC for bb, PRODUCT for p $item_prefix = $this->Application->getUnitOption($main_prefix, 'PermItemPrefix'); return $item_prefix; } /** * Apply any custom changes to list's sql query * * @param kEvent $event * @access protected * @see OnListBuild */ function SetCustomQuery(&$event) { $object =& $event->getObject(); if (!$this->Application->IsAdmin()) { $object->addFilter('active', '%1$s.Status = '.STATUS_ACTIVE); } switch ($event->Special) { case 'showall': $object->clearFilters(); break; case 'item': $object->clearFilters(); $info = $object->getLinkedInfo(); $this->Application->setUnitOption($info['ParentPrefix'], 'AutoLoad', true); $parent =& $this->Application->recallObject($info['ParentPrefix']); $object->addFilter('item_reviews', '%1$s.ItemId = '.$parent->GetDBField('ResourceId')); break; case 'products': $object->removeFilter('parent_filter'); // this is important $object->addFilter('product_reviews', '%1$s.ItemId = pr.ResourceId'); break; case 'product': $object->clearFilters(); $object->addFilter('product_reviews', '%1$s.ItemId = pr.ResourceId'); $this->Application->setUnitOption('p', 'AutoLoad', true); $product =& $this->Application->recallObject('p'); $object->addFilter('current_product', 'pr.ResourceId = '.$product->GetDBField('ResourceId')); break; } if ($event->getEventParam('type') == 'current_user') { $user_id = $this->getUserID(); $ip = $_SERVER['REMOTE_ADDR']; $object =& $event->getObject( Array('skip_autoload' => true) ); $product_info = $object->getLinkedInfo(); $object->addFilter('current_item', '%1$s.ItemId = '.$product_info['ParentId']); $object->addFilter('current_user', '%1$s.CreatedById = '.$user_id); $object->addFilter('current_ip', '%1$s.IPAddress = "'.$ip.'"'); } } /** * Adds review from front in case if user is logged in * * @param kEvent $event */ function OnAddReview(&$event) { $user_id = $this->getUserID(); $event->redirect_params = Array('pass' => 'all,p'); $object =& $event->getObject( Array('skip_autoload' => true) ); $parent_info = $object->getLinkedInfo(); $review_fields = $this->Application->GetVar($event->getPrefixSpecial(true)); $sql = ' SELECT * FROM '.TABLE_PREFIX.'SpamControl WHERE ItemResourceId='.$parent_info['ParentId'].' AND IPaddress="'.$_SERVER['REMOTE_ADDR'].'" AND PortalUserId='.$user_id.' AND DataType="Review"'; $res = $this->Conn->GetRow($sql); if( $res && $res['Expire'] < adodb_mktime() ) { $sql = ' DELETE FROM '.TABLE_PREFIX.'SpamControl WHERE ItemResourceId='.$parent_info['ParentId'].' AND IPaddress="'.$_SERVER['REMOTE_ADDR'].'" AND PortalUserId='.$user_id.' AND DataType="Review"'; $this->Conn->Query($sql); unset($res); } if(!$res) { $object->SetFieldsFromHash( array_shift($review_fields) ); $object->SetDBField('CreatedById', $user_id); $object->SetDBField('IPAddress', $_SERVER['REMOTE_ADDR']); $object->SetDBField('CreatedOn', adodb_mktime()); $module_info = $this->Application->findModule('Var',$parent_info['ParentPrefix']); $object->SetDBField('Module', $module_info['Name']); if( $this->Application->CheckPermission( $this->getPermPrefix($event).'.REVIEW.PENDING', 0) ) { $object->SetDBField('Status', 2); $template_var = 'success_pending_template'; } if( $this->Application->CheckPermission($this->getPermPrefix($event).'.REVIEW', 0) ) { $object->SetDBField('Status', 1); $template_var = 'success_template'; } $object->SetDBField('ItemId', $parent_info['ParentId']); $event->CallSubEvent('OnCreate'); if($event->status == erSUCCESS) { $parent =& $this->Application->recallObject($parent_info['ParentPrefix']); $sql = ' SELECT COUNT(ReviewId) FROM '.$object->TableName.' WHERE ItemId='.$parent_info['ParentId']; $review_qty = $this->Conn->GetOne($sql); $parent->SetDBField('CachedReviewsQty', $review_qty); $parent->Update(); $expire = adodb_mktime() + $this->Application->ConfigValue('product_ReviewDelay_Value') * $this->Application->ConfigValue('product_ReviewDelay_Interval'); $sql = ' INSERT INTO '.TABLE_PREFIX.'SpamControl (ItemResourceId, IPaddress, PortalUserId, DataType, Expire) VALUES ('.$parent_info['ParentId'].', "'.$_SERVER['REMOTE_ADDR'].'", '.$user_id.', "Review", '.$expire.')'; $this->Conn->Query($sql); $event->redirect_params = Array('pass' => 'all,'.$parent_info['ParentPrefix']); $event->redirect = $this->Application->GetVar($template_var); } } else { // $this->Application->removeObject($event->getPrefixSpecial()); $event->status == erFAIL; $event->redirect=false; $object->FieldErrors['ReviewText']['pseudo'] = 'too_frequent'; $object->ErrorMsgs['too_frequent'] = $this->Application->Phrase('lu_ferror_review_duplicate'); } } /** * Enter description here... * * @param kEvent $event */ function OnBeforeItemCreate(&$event) { $object =& $event->getObject(); $object->SetDBField('Module', $this->Application->findModule('Var',$this->Application->getUnitOption($this->Prefix, 'ParentPrefix'), 'Name')); } /** * Returns current user id for reviews, for logic ask Kostja T. * * @return int */ function getUserID() { $user_id = $this->Application->RecallVar('user_id'); if ($user_id == 0) { $user_id = -2; } return $user_id; } } ?>