source: branches/2.3/include/picture_comment.inc.php @ 15571

Revision 15571, 7.1 KB checked in by mistic100, 7 years ago (diff)

merge r15570 from trunk
bug:2645 author field is kept when comment not validated

  • Property svn:eol-style set to LF
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2011 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24/**
25 * This file is included by the picture page to manage user comments
26 *
27 */
28
29// the picture is commentable if it belongs at least to one category which
30// is commentable
31$page['show_comments'] = false;
32foreach ($related_categories as $category)
33{
34  if ($category['commentable'])
35  {
36    $page['show_comments'] = true;
37    break;
38  }
39}
40
41if ( $page['show_comments'] and isset( $_POST['content'] ) )
42{
43  if ( is_a_guest() and !$conf['comments_forall'] )
44  {
45    die ('Session expired');
46  }
47
48  $comm = array(
49    'author' => trim( @$_POST['author'] ),
50    'content' => trim( $_POST['content'] ),
51    'image_id' => $page['image_id'],
52   );
53
54  include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
55
56  $comment_action = insert_user_comment($comm, @$_POST['key'], $infos );
57
58  switch ($comment_action)
59  {
60    case 'moderate':
61      array_push( $infos, l10n('An administrator must authorize your comment before it is visible.') );
62    case 'validate':
63      array_push( $infos, l10n('Your comment has been registered'));
64      break;
65    case 'reject':
66      set_status_header(403);
67      array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') );
68      break;
69    default:
70      trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
71  }
72
73  $template->assign(
74      ($comment_action=='reject') ? 'errors' : 'infos',
75      $infos
76    );
77
78  // allow plugins to notify what's going on
79  trigger_action( 'user_comment_insertion',
80      array_merge($comm, array('action'=>$comment_action) )
81    );
82}
83elseif ( isset($_POST['content']) )
84{
85  set_status_header(403);
86  die('ugly spammer');
87}
88
89if ($page['show_comments'])
90{
91  if ( !is_admin() )
92  {
93    $validated_clause = '  AND validated = \'true\'';
94  }
95  else
96  {
97    $validated_clause = '';
98  }
99
100  // number of comments for this picture
101  $query = '
102SELECT
103    COUNT(*) AS nb_comments
104  FROM '.COMMENTS_TABLE.'
105  WHERE image_id = '.$page['image_id']
106  .$validated_clause.'
107;';
108  $row = pwg_db_fetch_assoc( pwg_query( $query ) );
109
110  // navigation bar creation
111  if (!isset($page['start']))
112  {
113    $page['start'] = 0;
114  }
115
116  $navigation_bar = create_navigation_bar(
117    duplicate_picture_url(array(), array('start')),
118    $row['nb_comments'],
119    $page['start'],
120    $conf['nb_comment_page'],
121    true // We want a clean URL
122    );
123
124  $template->assign(
125    array(
126      'COMMENT_COUNT' => $row['nb_comments'],
127      'navbar' => $navigation_bar,
128      )
129    );
130
131  if ($row['nb_comments'] > 0)
132  {
133    $query = '
134SELECT
135    com.id,
136    author,
137    author_id,
138    '.$conf['user_fields']['username'].' AS username,
139    date,
140    image_id,
141    content,
142    validated
143  FROM '.COMMENTS_TABLE.' AS com
144  LEFT JOIN '.USERS_TABLE.' AS u
145    ON u.'.$conf['user_fields']['id'].' = author_id
146  WHERE image_id = '.$page['image_id'].'
147    '.$validated_clause.'
148  ORDER BY date ASC
149  LIMIT '.$conf['nb_comment_page'].' OFFSET '.$page['start'].'
150;';
151    $result = pwg_query( $query );
152
153    while ($row = pwg_db_fetch_assoc($result))
154    {
155      if (!empty($row['author']))
156      {
157        $author = $row['author'];
158        if ($author == 'guest')
159        {
160          $author = l10n('guest');
161        }
162      }
163      else
164      {
165        $author = stripslashes($row['username']);
166      }
167
168      $tpl_comment =
169        array(
170          'ID' => $row['id'],
171          'AUTHOR' => trigger_event('render_comment_author', $author),
172          'DATE' => format_date($row['date'], true),
173          'CONTENT' => trigger_event('render_comment_content',$row['content']),
174        );
175
176      if (can_manage_comment('delete', $row['author_id']))
177      {
178        $tpl_comment['U_DELETE'] = add_url_params(
179          $url_self,
180          array(
181            'action'=>'delete_comment',
182            'comment_to_delete'=>$row['id'],
183            'pwg_token' => get_pwg_token(),
184            )
185          );
186      }
187      if (can_manage_comment('edit', $row['author_id']))
188      {
189        $tpl_comment['U_EDIT'] = add_url_params(
190          $url_self,
191          array(
192            'action'=>'edit_comment',
193            'comment_to_edit'=>$row['id'],
194            'pwg_token' => get_pwg_token(),
195            )
196          );
197          if (isset($edit_comment) and ($row['id'] == $edit_comment))
198          {
199            $tpl_comment['IN_EDIT'] = true;
200            $key = get_ephemeral_key(2, $page['image_id']);
201            $tpl_comment['KEY'] = $key;
202            $tpl_comment['CONTENT'] = $row['content'];
203          }
204      }
205      if (is_admin())
206      {
207        if ($row['validated'] != 'true')
208        {
209          $tpl_comment['U_VALIDATE'] = add_url_params(
210                  $url_self,
211                  array(
212                    'action' => 'validate_comment',
213                    'comment_to_validate' => $row['id'],
214                    'pwg_token' => get_pwg_token(),
215                    )
216                  );
217        }
218      }
219      $template->append('comments', $tpl_comment);
220    }
221  }
222
223  $show_add_comment_form = true;
224  if (isset($edit_comment))
225  {
226    $show_add_comment_form = false;
227  }
228  if (is_a_guest() and !$conf['comments_forall'])
229  {
230    $show_add_comment_form = false;
231  }
232
233  if ($show_add_comment_form)
234  {
235    $key = get_ephemeral_key(3, $page['image_id']);
236    $content = $author = '';
237    if ('reject'===@$comment_action)
238    {
239      $content = htmlspecialchars( stripslashes($comm['content']) );
240      $author = htmlspecialchars( stripslashes($comm['author']) );
241    }
242    $template->assign('comment_add',
243        array(
244          'F_ACTION' => $url_self,
245          'KEY' => $key,
246          'CONTENT' => $content,
247          'SHOW_AUTHOR' => !is_classic_user(),
248          'AUTHOR' => $author ,
249        ));
250  }
251}
252
253?>
Note: See TracBrowser for help on using the repository browser.