Context Navigation

comments.php @ 4183

Visit:

Revision 4183, 12.4 KB (checked in by nikrou, 4 years ago)
bug 1220 : merge from trunk fix regression when search by author or keyword contains quote
Property svn:eol-style set to `LF` Property svn:keywords set to `Author Date Id Revision`

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based picture gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2009 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	// +-----------------------------------------------------------------------+
25	// \| initialization \|
26	// +-----------------------------------------------------------------------+
27	define('PHPWG_ROOT_PATH','./');
28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
29
30	// +-----------------------------------------------------------------------+
31	// \| Check Access and exit when user status is not ok \|
32	// +-----------------------------------------------------------------------+
33	check_status(ACCESS_GUEST);
34
35	$sort_order = array(
36	'DESC' => l10n('descending'),
37	'ASC' => l10n('ascending')
38	);
39
40	// sort_by : database fields proposed for sorting comments list
41	$sort_by = array(
42	'date' => l10n('comment date'),
43	'image_id' => l10n('picture')
44	);
45
46	// items_number : list of number of items to display per page
47	$items_number = array(5,10,20,50,'all');
48
49	// since when display comments ?
50	//
51	$since_options = array(
52	1 => array('label' => l10n('today'),
53	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'),
54	2 => array('label' => sprintf(l10n('last %d days'), 7),
55	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'),
56	3 => array('label' => sprintf(l10n('last %d days'), 30),
57	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'),
58	4 => array('label' => l10n('the beginning'),
59	'clause' => '1=1') // stupid but generic
60	);
61
62	if (!empty($_GET['since']) && is_numeric($_GET['since']))
63	{
64	$page['since'] = $_GET['since'];
65	}
66	else
67	{
68	$page['since'] = 4;
69	}
70
71	// on which field sorting
72	//
73	$page['sort_by'] = 'date';
74	// if the form was submitted, it overloads default behaviour
75	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
76	{
77	$page['sort_by'] = $_GET['sort_by'];
78	}
79
80	// order to sort
81	//
82	$page['sort_order'] = 'DESC';
83	// if the form was submitted, it overloads default behaviour
84	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
85	{
86	$page['sort_order'] = $_GET['sort_order'];
87	}
88
89	// number of items to display
90	//
91	$page['items_number'] = 10;
92	if (isset($_GET['items_number']))
93	{
94	$page['items_number'] = $_GET['items_number'];
95	}
96	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
97	{
98	$page['items_number'] = 10;
99	}
100
101	$page['where_clauses'] = array();
102
103	// which category to filter on ?
104	if (isset($_GET['cat']) and 0 != $_GET['cat'])
105	{
106	$page['where_clauses'][] =
107	'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
108	}
109
110	// search a particular author
111	if (!empty($_GET['author']))
112	{
113	$page['where_clauses'][] = 'com.author = \''.$_GET['author'].'\'';
114	}
115
116	// search a substring among comments content
117	if (!empty($_GET['keyword']))
118	{
119	$page['where_clauses'][] =
120	'('.
121	implode(' AND ',
122	array_map(
123	create_function(
124	'$s',
125	'return "content LIKE \'%$s%\'";'
126	),
127	preg_split('/[\s,;]+/', $_GET['keyword'] )
128	)
129	).
130	')';
131	}
132
133	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
134
135	// which status to filter on ?
136	if ( !is_admin() )
137	{
138	$page['where_clauses'][] = 'validated="true"';
139	}
140
141	$page['where_clauses'][] = get_sql_condition_FandF
142	(
143	array
144	(
145	'forbidden_categories' => 'category_id',
146	'visible_categories' => 'category_id',
147	'visible_images' => 'ic.image_id'
148	),
149	'', true
150	);
151
152	// +-----------------------------------------------------------------------+
153	// \| comments management \|
154	// +-----------------------------------------------------------------------+
155	if (isset($_GET['delete']) and is_numeric($_GET['delete'])
156	and !is_adviser() )
157	{// comments deletion
158	check_status(ACCESS_ADMINISTRATOR);
159	$query = '
160	DELETE FROM '.COMMENTS_TABLE.'
161	WHERE id='.$_GET['delete'].'
162	;';
163	pwg_query($query);
164	}
165
166	if (isset($_GET['validate']) and is_numeric($_GET['validate'])
167	and !is_adviser() )
168	{ // comments validation
169	check_status(ACCESS_ADMINISTRATOR);
170	$query = '
171	UPDATE '.COMMENTS_TABLE.'
172	SET validated = \'true\'
173	, validation_date = NOW()
174	WHERE id='.$_GET['validate'].'
175	;';
176	pwg_query($query);
177	}
178
179	// +-----------------------------------------------------------------------+
180	// \| page header and options \|
181	// +-----------------------------------------------------------------------+
182
183	$title= l10n('User comments');
184	$page['body_id'] = 'theCommentsPage';
185
186	$template->set_filenames(array('comments'=>'comments.tpl'));
187	$template->assign(
188	array(
189	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
190	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
191	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
192	)
193	);
194
195	// +-----------------------------------------------------------------------+
196	// \| form construction \|
197	// +-----------------------------------------------------------------------+
198
199	// Search in a particular category
200	$blockname = 'categories';
201
202	$query = '
203	SELECT id, name, uppercats, global_rank
204	FROM '.CATEGORIES_TABLE.'
205	'.get_sql_condition_FandF
206	(
207	array
208	(
209	'forbidden_categories' => 'id',
210	'visible_categories' => 'id'
211	),
212	'WHERE'
213	).'
214	;';
215	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
216
217	// Filter on recent comments...
218	$tpl_var=array();
219	foreach ($since_options as $id => $option)
220	{
221	$tpl_var[ $id ] = $option['label'];
222	}
223	$template->assign( 'since_options', $tpl_var);
224	$template->assign( 'since_options_selected', $page['since']);
225
226	// Sort by
227	$template->assign( 'sort_by_options', $sort_by);
228	$template->assign( 'sort_by_options_selected', $page['sort_by']);
229
230	// Sorting order
231	$template->assign( 'sort_order_options', $sort_order);
232	$template->assign( 'sort_order_options_selected', $page['sort_order']);
233
234
235	// Number of items
236	$blockname = 'items_number_option';
237	$tpl_var=array();
238	foreach ($items_number as $option)
239	{
240	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
241	}
242	$template->assign( 'item_number_options', $tpl_var);
243	$template->assign( 'item_number_options_selected', $page['items_number']);
244
245
246	// +-----------------------------------------------------------------------+
247	// \| navigation bar \|
248	// +-----------------------------------------------------------------------+
249
250	if (isset($_GET['start']) and is_numeric($_GET['start']))
251	{
252	$start = $_GET['start'];
253	}
254	else
255	{
256	$start = 0;
257	}
258
259	$query = '
260	SELECT COUNT(DISTINCT(com.id))
261	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
262	INNER JOIN '.COMMENTS_TABLE.' AS com
263	ON ic.image_id = com.image_id
264	LEFT JOIN '.USERS_TABLE.' As u
265	ON u.'.$conf['user_fields']['id'].' = com.author_id
266	WHERE '.implode('
267	AND ', $page['where_clauses']).'
268	;';
269	list($counter) = mysql_fetch_row(pwg_query($query));
270
271	$url = PHPWG_ROOT_PATH
272	.'comments.php'
273	.get_query_string_diff(array('start','delete','validate'));
274
275	$navbar = create_navigation_bar($url,
276	$counter,
277	$start,
278	$page['items_number'],
279	'');
280
281	$template->assign('NAVBAR', $navbar);
282
283	// +-----------------------------------------------------------------------+
284	// \| last comments display \|
285	// +-----------------------------------------------------------------------+
286
287	$comments = array();
288	$element_ids = array();
289	$category_ids = array();
290
291	$query = '
292	SELECT com.id AS comment_id
293	, com.image_id
294	, ic.category_id
295	, com.author
296	, com.date
297	, com.content
298	, com.validated
299	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
300	INNER JOIN '.COMMENTS_TABLE.' AS com
301	ON ic.image_id = com.image_id
302	LEFT JOIN '.USERS_TABLE.' As u
303	ON u.'.$conf['user_fields']['id'].' = com.author_id
304	WHERE '.implode('
305	AND ', $page['where_clauses']).'
306	GROUP BY comment_id
307	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
308	if ('all' != $page['items_number'])
309	{
310	$query.= '
311	LIMIT '.$start.','.$page['items_number'];
312	}
313	$query.= '
314	;';
315	$result = pwg_query($query);
316	while ($row = mysql_fetch_assoc($result))
317	{
318	array_push($comments, $row);
319	array_push($element_ids, $row['image_id']);
320	array_push($category_ids, $row['category_id']);
321	}
322
323	if (count($comments) > 0)
324	{
325	// retrieving element informations
326	$elements = array();
327	$query = '
328	SELECT id, name, file, path, tn_ext
329	FROM '.IMAGES_TABLE.'
330	WHERE id IN ('.implode(',', $element_ids).')
331	;';
332	$result = pwg_query($query);
333	while ($row = mysql_fetch_assoc($result))
334	{
335	$elements[$row['id']] = $row;
336	}
337
338	// retrieving category informations
339	$query = '
340	SELECT id, name, permalink, uppercats
341	FROM '.CATEGORIES_TABLE.'
342	WHERE id IN ('.implode(',', $category_ids).')
343	;';
344	$categories = hash_from_query($query, 'id');
345
346	foreach ($comments as $comment)
347	{
348	if (!empty($elements[$comment['image_id']]['name']))
349	{
350	$name=$elements[$comment['image_id']]['name'];
351	}
352	else
353	{
354	$name=get_name_from_file($elements[$comment['image_id']]['file']);
355	}
356
357	// source of the thumbnail picture
358	$thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
359
360	// link to the full size picture
361	$url = make_picture_url(
362	array(
363	'category' => $categories[ $comment['category_id'] ],
364	'image_id' => $comment['image_id'],
365	'image_file' => $elements[$comment['image_id']]['file'],
366	)
367	);
368
369	$author = $comment['author'];
370	if (empty($comment['author']))
371	{
372	$author = l10n('guest');
373	}
374
375	$tpl_comment =
376	array(
377	'U_PICTURE' => $url,
378	'TN_SRC' => $thumbnail_src,
379	'ALT' => $name,
380	'AUTHOR' => trigger_event('render_comment_author', $author),
381	'DATE'=>format_date($comment['date'], true),
382	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
383	);
384
385	if ( is_admin() )
386	{
387	$url = get_root_url().'comments.php'.get_query_string_diff(array('delete','validate'));
388	$tpl_comment['U_DELETE'] = add_url_params($url,
389	array('delete'=>$comment['comment_id'])
390	);
391
392	if ($comment['validated'] != 'true')
393	{
394	$tpl_comment['U_VALIDATE'] = add_url_params($url,
395	array('validate'=>$comment['comment_id'])
396	);
397	}
398	}
399	$template->append('comments', $tpl_comment);
400	}
401	}
402	// +-----------------------------------------------------------------------+
403	// \| html code display \|
404	// +-----------------------------------------------------------------------+
405	include(PHPWG_ROOT_PATH.'include/page_header.php');
406	$template->pparse('comments');
407	include(PHPWG_ROOT_PATH.'include/page_tail.php');
408	?>

Note: See TracBrowser for help on using the browser.

Context Navigation

root/branches/2.0/comments.php @ 4183

Download in other formats: