View file modules/guestbook/includes/index.php

File size: 3.86Kb
<?php

/**
 * This file is part of JohnCMS Content Management System.
 *
 * @copyright JohnCMS Community
 * @license   https://opensource.org/licenses/GPL-3.0 GPL-3.0
 * @link      https://johncms.com JohnCMS Project
 */

declare(strict_types=1);

use Guestbook\Models\Guestbook;
use Johncms\System\Http\Environment;
use Johncms\System\Http\Request;
use Johncms\System\Legacy\Bbcode;
use Johncms\Users\User;
use Johncms\Validator\Validator;

/** @var User $user */
$user = di(User::class);

/** @var Request $request */
$request = di(Request::class);

/** @var Environment $env */
$env = di(Environment::class);

/** @var Bbcode $bbcode */
$bbcode = di(Bbcode::class);

$data = [
    'access_to_buttons' => ($user->rights > 0 || in_array($user->id, $guestAccess)),
    'is_guestbook'      => ! isset($_SESSION['ga']),
    'access_to_form'    => ($user->isValid() || $config['mod_guest'] === 2) && ! isset($user->ban['1']) && ! isset($user->ban['13']),
    'bbcode'            => $bbcode->buttons('form', 'message'),
    'errors'            => [],
];

$form_data = [
    'name'       => $request->getPost('name', '', FILTER_SANITIZE_STRING),
    'message'    => $request->getPost('message', ''),
    'csrf_token' => $request->getPost('csrf_token', ''),
    'code'       => $request->getPost('code', ''),
];

$form_data = array_map('trim', $form_data);
$data['form_data'] = $form_data;

if ($request->getMethod() === 'POST') {
    $rules = [
        'message'    => [
            'NotEmpty',
            'StringLength'   => ['min' => 4],
            'ModelNotExists' => [
                'model'   => Guestbook::class,
                'field'   => 'text',
                'exclude' => static function ($query) use ($user) {
                    $query->where('user_id', $user->id)->where('time', '>', (time() - 600));
                },
            ],
        ],
        'csrf_token' => [
            'Csrf',
            'Flood',
            'Ban' => [
                'bans' => [1, 13],
            ],
        ],
    ];

    if (! $user->isValid()) {
        $rules['name'] = [
            'NotEmpty',
            'StringLength' => ['min' => 3, 'max' => 25],
        ];
        $rules['code'] = [
            'Captcha',
        ];
    }

    $validator = new Validator($form_data, $rules);

    if ($validator->isValid()) {
        $new_message = (new Guestbook())->create(
            [
                'adm'     => ! $data['is_guestbook'],
                'time'    => time(),
                'user_id' => $user->id ?? 0,
                'name'    => $user->isValid() ? $user->name : $form_data['name'],
                'text'    => $form_data['message'],
                'ip'      => $env->getIp(false),
                'browser' => $env->getUserAgent(),
                'otvet'   => '',
            ]
        );
        if ($user->isValid()) {
            $post_guest = $user->postguest + 1;
            (new User())
                ->where('id', $user->id)
                ->update(
                    [
                        'postguest' => $post_guest,
                        'lastpost'  => time(),
                    ]
                );
        }
        $data['form_data']['message'] = '';
    } else {
        $data['errors'] = $validator->getErrors();
    }
    unset($_SESSION['code']);
}

if ($data['access_to_form'] && ! $user->isValid()) {
    // CAPTCHA for guests
    $code = (new Mobicms\Captcha\Code())->generate();
    $_SESSION['code'] = $code;
    $data['captcha'] = (new Mobicms\Captcha\Image($code))->generate();
}

$admin_club = (isset($_SESSION['ga']) && ($user->rights >= 1 || in_array($user->id, $guestAccess)));
$messages = (new Guestbook())->with('user')->where('adm', $admin_club)->orderByDesc('time')->paginate($user->config->kmess);

$data['items'] = $messages;
$data['pagination'] = $messages->render();

echo $view->render(
    'guestbook::index',
    [
        'title' => $title,
        'data'  => $data,
    ]
);