toutpratique/modules/cms_comments/ajax_comments.php

<?php
require_once '../../config/config.inc.php';
require_once '../../init.php';
require_once dirname(__FILE__).'/classes/CmsComments.php';
require_once dirname(__FILE__).'../../cmsps/classes/CmsPsPost.php';


$result = array();
$id_element = Tools::getValue('id_element');
$cmsps = new CmsPsPost($id_element);

$code = Tools::getValue('g-recaptcha-response');

if(isValid($code) == FALSE) {
    $result['errors'] = true;
    $result['html'] = 'Êtes-vous un robot ? Veuillez cocher la case svp.';
    die(Tools::jsonEncode($result));
}

if (Validate::isLoadedObject($cmsps)) {
    $name = Tools::getValue('name');
    $email = Tools::getValue('email');
    $commentaire = Tools::getValue('comments');

    if (Tools::getValue('offre')) {
        $context = Context::getContext();
        if (!isNewsletterRegistered($email, $context->shop->id)) {
            $sql = '
                INSERT INTO '._DB_PREFIX_.'newsletter (id_shop, id_shop_group, email, newsletter_date_add, ip_registration_newsletter, http_referer, active)
                VALUES
                ('.$context->shop->id.',
                '.$context->shop->id_shop_group.',
                \''.pSQL($email).'\',
                NOW(),
                \''.pSQL(Tools::getRemoteAddr()).'\',
                (
                    SELECT c.http_referer
                    FROM '._DB_PREFIX_.'connections c
                    WHERE c.id_guest = '.(int)$context->customer->id.'
                    ORDER BY c.date_add DESC LIMIT 1
                ),
                1
                )';
            Db::getInstance()->execute($sql);
        }
    }

    $comments = new CmsComments();
    $comments->published = 0;   
    $comments->name = $name;
    $comments->email = $email;
    $comments->comments = $commentaire;
    $comments->id_element = $cmsps->id;

    if ($comments->add()) {
        $result['errors'] = false;
        Mail::Send(
            Context::getContext()->language->id,
            'commentaire',
            Mail::l('Nouveau commentaire'),
            array(
                '{comments}' => $commentaire,
                '{name}' => $name,
                '{email}' => $email,
                '{title}' => $cmsps->title[(int) $context->language->id]
             ),
            'claudine@toutpratique.com'
        );
    }   

} else {
    $result['errors'] = true;   
}

die(Tools::jsonEncode($result));

function isValid($code)
{
    if (empty($code)) {
        return false;
    }
    $params = array(
        'secret'    => '6LchYwsTAAAAAFSK4EEtSJV3kJon6H7bEgOTpLA0',
        'response'  => $code
    );
    $url = "https://www.google.com/recaptcha/api/siteverify?" . http_build_query($params);
    if (function_exists('curl_version')) {
        $curl = curl_init($url);
        curl_setopt($curl, CURLOPT_HEADER, false);
        curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
        curl_setopt($curl, CURLOPT_TIMEOUT, 1);
        curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
        $response = curl_exec($curl);
    } else {
        $response = file_get_contents($url);
    }

    if (empty($response) || is_null($response)) {
        return false;
    }

    $json = json_decode($response);
    return (bool) $json->success;
}

function isNewsletterRegistered($customer_email, $id_shop) {
    $sql = 'SELECT `email`
            FROM '._DB_PREFIX_.'newsletter
            WHERE `email` = \''.pSQL($customer_email).'\'
            AND id_shop = '.$id_shop;

    if (Db::getInstance()->getRow($sql))
        return TRUE;

    return FALSE;
}
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`<?php`
			`require_once '../../config/config.inc.php';`
			`require_once '../../init.php';`
			`require_once dirname(__FILE__).'/classes/CmsComments.php';`
			`require_once dirname(__FILE__).'../../cmsps/classes/CmsPsPost.php';`

recette 2015-11-10 12:21:27 +01:00
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`$result = array();`
recette 2015-10-29 15:04:21 +01:00			`$id_element = Tools::getValue('id_element');`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`$cmsps = new CmsPsPost($id_element);`

			`$code = Tools::getValue('g-recaptcha-response');`

			`if(isValid($code) == FALSE) {`
recette 2015-10-29 15:04:21 +01:00			`$result['errors'] = true;`
			`$result['html'] = 'Êtes-vous un robot ? Veuillez cocher la case svp.';`
			`die(Tools::jsonEncode($result));`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`}`

			`if (Validate::isLoadedObject($cmsps)) {`
recette 2015-10-29 15:04:21 +01:00			`$name = Tools::getValue('name');`
			`$email = Tools::getValue('email');`
			`$commentaire = Tools::getValue('comments');`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`if (Tools::getValue('offre')) {`
			`$context = Context::getContext();`
			`if (!isNewsletterRegistered($email, $context->shop->id)) {`
			`$sql = '`
			`INSERT INTO '._DB_PREFIX_.'newsletter (id_shop, id_shop_group, email, newsletter_date_add, ip_registration_newsletter, http_referer, active)`
			`VALUES`
			`('.$context->shop->id.',`
			`'.$context->shop->id_shop_group.',`
			`\''.pSQL($email).'\',`
			`NOW(),`
			`\''.pSQL(Tools::getRemoteAddr()).'\',`
			`(`
			`SELECT c.http_referer`
			`FROM '._DB_PREFIX_.'connections c`
			`WHERE c.id_guest = '.(int)$context->customer->id.'`
			`ORDER BY c.date_add DESC LIMIT 1`
			`),`
			`1`
			`)';`
			`Db::getInstance()->execute($sql);`
			`}`
			`}`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`$comments = new CmsComments();`
			`$comments->published = 0;`
			`$comments->name = $name;`
			`$comments->email = $email;`
			`$comments->comments = $commentaire;`
			`$comments->id_element = $cmsps->id;`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`if ($comments->add()) {`
			`$result['errors'] = false;`
push serveur prod 2015-12-14 16:07:18 +01:00			`Mail::Send(`
			`Context::getContext()->language->id,`
			`'commentaire',`
			`Mail::l('Nouveau commentaire'),`
			`array(`
			`'{comments}' => $commentaire,`
			`'{name}' => $name,`
			`'{email}' => $email,`
			`'{title}' => $cmsps->title[(int) $context->language->id]`
			`),`
			`'claudine@toutpratique.com'`
			`);`
recette 2015-10-29 15:04:21 +01:00			`}`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
			`} else {`
recette 2015-10-29 15:04:21 +01:00			`$result['errors'] = true;`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`}`

			`die(Tools::jsonEncode($result));`

			`function isValid($code)`
			`{`
recette 2015-10-29 15:04:21 +01:00			`if (empty($code)) {`
			`return false;`
			`}`
recette 2015-11-10 12:21:27 +01:00			`$params = array(`
recette 2015-10-29 15:04:21 +01:00			`'secret' => '6LchYwsTAAAAAFSK4EEtSJV3kJon6H7bEgOTpLA0',`
			`'response' => $code`
recette 2015-11-10 12:21:27 +01:00			`);`
recette 2015-10-29 15:04:21 +01:00			`$url = "https://www.google.com/recaptcha/api/siteverify?" . http_build_query($params);`
			`if (function_exists('curl_version')) {`
			`$curl = curl_init($url);`
			`curl_setopt($curl, CURLOPT_HEADER, false);`
			`curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);`
			`curl_setopt($curl, CURLOPT_TIMEOUT, 1);`
			`curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);`
			`$response = curl_exec($curl);`
			`} else {`
			`$response = file_get_contents($url);`
			`}`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`if (empty($response) \|\| is_null($response)) {`
			`return false;`
			`}`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`$json = json_decode($response);`
			`return (bool) $json->success;`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`}`

			`function isNewsletterRegistered($customer_email, $id_shop) {`
recette 2015-10-29 15:04:21 +01:00			$sql = 'SELECT `email`
			`FROM '._DB_PREFIX_.'newsletter`
			WHERE `email` = \''.pSQL($customer_email).'\'
			`AND id_shop = '.$id_shop;`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`if (Db::getInstance()->getRow($sql))`
			`return TRUE;`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00
recette 2015-10-29 15:04:21 +01:00			`return FALSE;`
version 1 du systeme de commentaire 2015-08-17 15:15:34 +02:00			`}`