1 | <?php |
---|
2 | /* $Id: ce_plugin.class.php,v 1.14 2009/06/30 21:36:20 Criss Exp $ */ |
---|
3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
4 | |
---|
5 | /** |
---|
6 | * CE_Plugin class |
---|
7 | */ |
---|
8 | class CE_Plugin { |
---|
9 | |
---|
10 | var $comments_ids; |
---|
11 | var $config; |
---|
12 | var $plugin_id; |
---|
13 | |
---|
14 | /* ************************ */ |
---|
15 | /* ** Constructor ** */ |
---|
16 | /* ************************ */ |
---|
17 | |
---|
18 | function CE_Plugin($plugin_id, $config = null) { |
---|
19 | $this->plugin_id = $plugin_id; |
---|
20 | $this->config = $config; |
---|
21 | if (null != $this->config) { |
---|
22 | $this->config->setDBKey(CE_CFG_DB_KEY); |
---|
23 | $this->config->loadConfig(); |
---|
24 | $this->config->setValue(CE_CFG_COMMENT, CE_CFG_DB_COMMENT); |
---|
25 | } |
---|
26 | } |
---|
27 | |
---|
28 | function getConfig() { |
---|
29 | return $this->config; |
---|
30 | } |
---|
31 | |
---|
32 | /* ************************ */ |
---|
33 | /* ** Trigger management ** */ |
---|
34 | /* ************************ */ |
---|
35 | |
---|
36 | function get_admin_plugin_menu_links($menu) { |
---|
37 | array_push( |
---|
38 | $menu, |
---|
39 | array( |
---|
40 | 'NAME' => $this->plugin_id, |
---|
41 | 'URL' => $this->get_plugin_admin_url() |
---|
42 | ) |
---|
43 | ); |
---|
44 | return $menu; |
---|
45 | } |
---|
46 | |
---|
47 | /** |
---|
48 | * Update comment ID array |
---|
49 | */ |
---|
50 | function render_comment_content($content) { |
---|
51 | $author = null; |
---|
52 | $id = null; |
---|
53 | switch (script_basename()) { |
---|
54 | case "comments": |
---|
55 | global $comment; |
---|
56 | $author = $comment['author']; |
---|
57 | $id = $comment['comment_id']; |
---|
58 | break; |
---|
59 | case "picture": |
---|
60 | global $row; |
---|
61 | $author = $row['author']; |
---|
62 | $id = $row['id']; |
---|
63 | break; |
---|
64 | default: |
---|
65 | // Not in right script |
---|
66 | return $content; |
---|
67 | } |
---|
68 | global $template, $conf, $user; |
---|
69 | if ((!is_a_guest() |
---|
70 | and ($user[$conf['user_fields']['username']] == $author)) |
---|
71 | or is_admin()) { |
---|
72 | $key = count($template->get_template_vars('comments')); |
---|
73 | $this->comments_ids[$key] = $id; |
---|
74 | } |
---|
75 | return $content; |
---|
76 | } |
---|
77 | |
---|
78 | /** |
---|
79 | * Check whether the page contains comments. |
---|
80 | * Add an edit link if user is allowed to edit comment |
---|
81 | */ |
---|
82 | function loc_begin_page_header() { |
---|
83 | global $template; |
---|
84 | $comments = $template->get_template_vars('comments'); |
---|
85 | if (!isset($comments) or (null == $comments)) { |
---|
86 | // No comment... |
---|
87 | return; |
---|
88 | } |
---|
89 | // Include language advices |
---|
90 | load_language('plugin.lang', CE_PATH); |
---|
91 | foreach ($comments as $key => $value) { |
---|
92 | if (isset($this->comments_ids[$key])) { |
---|
93 | // User allowed to have edit link |
---|
94 | $current_id = $this->comments_ids[$key]; |
---|
95 | $comments[$key]['U_ID'] = $current_id; |
---|
96 | $comments[$key]['DATE'] .= ' - <a href="'; |
---|
97 | $comments[$key]['DATE'] .= $this->getEditUrl($current_id); |
---|
98 | $comments[$key]['DATE'] .= '">'; |
---|
99 | $comments[$key]['DATE'] .= l10n('ce_edit_tool'); |
---|
100 | $comments[$key]['DATE'] .= '</a>'; |
---|
101 | } |
---|
102 | } |
---|
103 | $template->assign('comments', $comments); |
---|
104 | } |
---|
105 | |
---|
106 | /** |
---|
107 | * Check whether a comment edit or update is requested. |
---|
108 | */ |
---|
109 | function loc_begin_index() { |
---|
110 | $this->doAction(); |
---|
111 | } |
---|
112 | |
---|
113 | function loc_begin_picture() { |
---|
114 | $this->doAction(); |
---|
115 | } |
---|
116 | |
---|
117 | /* ************************ */ |
---|
118 | /* ** Accessors ** */ |
---|
119 | /* ************************ */ |
---|
120 | |
---|
121 | function getVersion() { |
---|
122 | return $this->config->getVersion(); |
---|
123 | } |
---|
124 | |
---|
125 | /* ************************ */ |
---|
126 | /* ** Private functions ** */ |
---|
127 | /* ************************ */ |
---|
128 | |
---|
129 | function doAction() { |
---|
130 | $comment_id = ""; |
---|
131 | $action = $this->isCommentEdit($comment_id); |
---|
132 | switch ($action) { |
---|
133 | case CE_ACTION_EDIT: |
---|
134 | // Edit |
---|
135 | $this->editComment($comment_id); |
---|
136 | break; |
---|
137 | case CE_ACTION_UPDATE: |
---|
138 | $this->updateComment(); |
---|
139 | break; |
---|
140 | case CE_ACTION_ERROR: |
---|
141 | $infos = array('ce_edit_forbidden'); |
---|
142 | $this->displayError($infos); |
---|
143 | break; |
---|
144 | case CE_ACTION_NONE: |
---|
145 | // Not an edit mode |
---|
146 | break; |
---|
147 | } |
---|
148 | } |
---|
149 | |
---|
150 | function getTemplate($p_template = 'edit.tpl') { |
---|
151 | return realpath(CE_TEMPLATE . $p_template); |
---|
152 | } |
---|
153 | |
---|
154 | function isCommentEdit(&$p_comment_id) { |
---|
155 | $action = CE_ACTION_NONE; |
---|
156 | $comment_id = ""; |
---|
157 | if (isset($_GET[CE_ACTION])) { |
---|
158 | switch ($_GET[CE_ACTION]) { |
---|
159 | case CE_ACTION_EDIT: |
---|
160 | case CE_ACTION_UPDATE: |
---|
161 | $action = $_GET[CE_ACTION]; |
---|
162 | break; |
---|
163 | default: |
---|
164 | } |
---|
165 | } |
---|
166 | if (isset($_GET[CE_ID])) { |
---|
167 | $comment_id = $_GET[CE_ID]; |
---|
168 | } |
---|
169 | if (CE_ACTION_EDIT == $action) { |
---|
170 | if (is_numeric($comment_id)) { |
---|
171 | $p_comment_id = intval($comment_id); |
---|
172 | } else { |
---|
173 | $action = CE_ACTION_ERROR; |
---|
174 | } |
---|
175 | } |
---|
176 | return $action; |
---|
177 | } |
---|
178 | |
---|
179 | function isEditAllowed($p_comment) { |
---|
180 | if ((FALSE == $p_comment->getInfo()) or |
---|
181 | is_a_guest()) { |
---|
182 | return false; |
---|
183 | } |
---|
184 | if (is_admin() and !is_adviser()) { |
---|
185 | return true; |
---|
186 | } |
---|
187 | global $conf, $user; |
---|
188 | return $p_comment->isAuthor($user[$conf['user_fields']['username']]); |
---|
189 | } |
---|
190 | |
---|
191 | function editComment($p_comment_id) { |
---|
192 | $comment = new CE_Comment($p_comment_id); |
---|
193 | $infos = array(); |
---|
194 | if (!$this->isEditAllowed($comment)) { |
---|
195 | // Not allowed |
---|
196 | array_push($infos, 'ce_edit_forbidden'); |
---|
197 | $this->displayError($infos); |
---|
198 | return; |
---|
199 | } |
---|
200 | $this->displayComment($comment); |
---|
201 | } |
---|
202 | |
---|
203 | function updateComment() { |
---|
204 | $infos = array(); |
---|
205 | if ((!isset($_POST['ce_commentid'])) or |
---|
206 | (!isset($_POST['ce_imageid']))) { |
---|
207 | array_push($infos, 'ce_access_invalid'); |
---|
208 | $this->displayError($infos); |
---|
209 | return; |
---|
210 | } |
---|
211 | if (!is_numeric($_POST['ce_imageid'])) { |
---|
212 | array_push($infos, 'ce_access_invalid'); |
---|
213 | $this->displayError($infos); |
---|
214 | return; |
---|
215 | } |
---|
216 | $comment = new CE_Comment($_POST['ce_commentid']); |
---|
217 | |
---|
218 | if (!$this->isEditAllowed($comment)) { |
---|
219 | array_push($infos, 'ce_edit_forbidden'); |
---|
220 | $this->displayError($infos); |
---|
221 | return; |
---|
222 | } |
---|
223 | $image_id = $comment->getInfo('image_id'); |
---|
224 | if (intval($_POST['ce_imageid']) != intval($image_id)) { |
---|
225 | array_push($infos, 'ce_access_invalid'); |
---|
226 | $this->displayError($infos); |
---|
227 | return; |
---|
228 | } |
---|
229 | if (isset($_POST['ce_author'])) { |
---|
230 | $comment->setInfo('author', $_POST['ce_author']); |
---|
231 | } else if ((isset($_POST['ce_freeauthorck'])) and |
---|
232 | (isset($_POST['ce_freeauthor']))) { |
---|
233 | // Free author |
---|
234 | $new_author = trim(stripslashes($_POST['ce_freeauthor'])); |
---|
235 | $new_author = $comment->validateAuthor($new_author); |
---|
236 | $comment->setInfo('author', $new_author); |
---|
237 | } |
---|
238 | |
---|
239 | $comment_array = array( |
---|
240 | 'author' => trim( stripslashes($comment->getInfo('author')) ), |
---|
241 | 'content' => trim( stripslashes($_POST['ce_content']) ), |
---|
242 | 'image_id' => $image_id, |
---|
243 | 'comment_id' => $comment->getInfo('comment_id'), |
---|
244 | ); |
---|
245 | |
---|
246 | // Deactivate anti-flood system |
---|
247 | global $conf; |
---|
248 | $old_anti_flood = $conf['anti-flood_time']; |
---|
249 | $conf['anti-flood_time'] = 0; |
---|
250 | |
---|
251 | $comment_action = update_user_comment($comment_array, |
---|
252 | @$_POST['key'], |
---|
253 | $infos ); |
---|
254 | |
---|
255 | // Reactivate anti-flood system |
---|
256 | $conf['anti-flood_time'] = $old_anti_flood; |
---|
257 | |
---|
258 | switch ($comment_action) { |
---|
259 | case 'moderate': |
---|
260 | array_push( $infos, 'comment_to_validate' ); |
---|
261 | case 'validate': |
---|
262 | array_push( $infos, 'comment_added'); |
---|
263 | break; |
---|
264 | case 'reject': |
---|
265 | set_status_header(403); |
---|
266 | array_push($infos, 'comment_not_added' ); |
---|
267 | break; |
---|
268 | default: |
---|
269 | trigger_error('Invalid comment action '.$comment_action, |
---|
270 | E_USER_WARNING); |
---|
271 | } |
---|
272 | |
---|
273 | // allow plugins to notify what's going on |
---|
274 | trigger_action( 'user_comment_insertion', |
---|
275 | array_merge($comment_array, array('action'=> |
---|
276 | $comment_action))); |
---|
277 | if ($comment_action=='reject') { |
---|
278 | $this->displayError($infos); |
---|
279 | } else { |
---|
280 | $this->displayInfo($infos); |
---|
281 | } |
---|
282 | } |
---|
283 | |
---|
284 | function getCommentId($p_string_delete) { |
---|
285 | $comment_id = ""; |
---|
286 | $elements = split('\?', $p_string_delete); |
---|
287 | if (count($elements) > 1) { |
---|
288 | $elem_var = split('\&', $elements[1]); |
---|
289 | foreach ($elem_var as $var) { |
---|
290 | $key_value = split('=', $var); |
---|
291 | if (count($key_value) > 1) { |
---|
292 | switch ($key_value[0]) { |
---|
293 | case 'comment_to_delete': |
---|
294 | case 'delete': |
---|
295 | $comment_id = $key_value[1]; |
---|
296 | break; |
---|
297 | default: |
---|
298 | // No ID |
---|
299 | } |
---|
300 | } |
---|
301 | } |
---|
302 | } |
---|
303 | return $comment_id; |
---|
304 | } |
---|
305 | |
---|
306 | function displayError($p_error) { |
---|
307 | if ($this->config->getValue(CE_CFG_DISPLAY_ERROR)) { |
---|
308 | $this->displayMessage($p_error, CE_TYPE_ERROR, CE_ERRORS); |
---|
309 | } |
---|
310 | } |
---|
311 | |
---|
312 | function displayInfo($p_info) { |
---|
313 | if ($this->config->getValue(CE_CFG_DISPLAY_INFO)) { |
---|
314 | $this->displayMessage($p_info, CE_TYPE_INFO, CE_INFOS); |
---|
315 | } |
---|
316 | } |
---|
317 | |
---|
318 | function displayMessage($p_message, $p_type, $p_image) { |
---|
319 | // Include language advices |
---|
320 | load_language('plugin.lang', CE_PATH); |
---|
321 | |
---|
322 | $messages = array(); |
---|
323 | foreach ($p_message as $message) { |
---|
324 | array_push($messages, l10n($message)); |
---|
325 | } |
---|
326 | $message_array = array( |
---|
327 | 'TYPE' => $p_type, |
---|
328 | 'IMG' => $p_image, |
---|
329 | 'TITLE' => l10n('ce_'.$p_type), |
---|
330 | 'MSG' => $messages |
---|
331 | ); |
---|
332 | |
---|
333 | global $template; |
---|
334 | |
---|
335 | $ce_exit = array( |
---|
336 | 'URL' => $this->getBaseUrl(), |
---|
337 | 'TITLE' => 'ce_close_message_title', |
---|
338 | 'ALT' => 'ce_close_message_alt', |
---|
339 | 'IMG' => CE_CLOSE_IMG |
---|
340 | ); |
---|
341 | $template->assign('ce_exit', $ce_exit); |
---|
342 | $template->set_filenames( array('ce_message'=> |
---|
343 | $this->getTemplate('message.tpl'))); |
---|
344 | $template->block_html_head( '', |
---|
345 | '<link rel="stylesheet" type="text/css" href="' |
---|
346 | .CE_INCLUDE . $this->getScriptName() . '.css' |
---|
347 | .'">', |
---|
348 | $smarty, $repeat); |
---|
349 | if (!$this->setBeginEndFields($begin, $end)) { |
---|
350 | return; |
---|
351 | } |
---|
352 | |
---|
353 | $template->assign('ce_message', $message_array); |
---|
354 | $old_begin = $template->get_template_vars($begin); |
---|
355 | $template->assign($begin, $template->parse('ce_message', true)); |
---|
356 | $template->concat($begin, $old_begin); |
---|
357 | } |
---|
358 | |
---|
359 | function displayComment($p_comment) { |
---|
360 | // Include language advices |
---|
361 | load_language('plugin.lang', CE_PATH); |
---|
362 | |
---|
363 | global $template; |
---|
364 | $template->set_filenames(array('ce_edit'=>$this->getTemplate())); |
---|
365 | $template->block_html_head( '', |
---|
366 | '<link rel="stylesheet" type="text/css" href="' |
---|
367 | .CE_INCLUDE . $this->getScriptName() . '.css' |
---|
368 | .'">', |
---|
369 | $smarty, $repeat); |
---|
370 | |
---|
371 | if (!$this->setBeginEndFields($begin, $end)) { |
---|
372 | return; |
---|
373 | } |
---|
374 | |
---|
375 | $tpl_comment = array( |
---|
376 | 'CONTENT' => $p_comment->getInfo('content'), |
---|
377 | 'KEY' => $p_comment->getInfo('comment_id'), |
---|
378 | 'AUTHOR' => $p_comment->getInfo('author'), |
---|
379 | 'IMAGE' => $p_comment->getInfo('image_id'), |
---|
380 | 'F_ACTION' => $this->getUpdateUrl() |
---|
381 | ); |
---|
382 | |
---|
383 | if (is_admin()) { |
---|
384 | $tpl_comment['USERS'] = CE_Comment::getUsers(); |
---|
385 | $tpl_comment['FREEAUTHOR'] = ($p_comment->isKnownAuthor())? |
---|
386 | '':CE_CHECKED; |
---|
387 | } |
---|
388 | |
---|
389 | $additional_toolbar = ""; |
---|
390 | $additional_toolbar = trigger_event('comment_editor_toolbar', |
---|
391 | $additional_toolbar); |
---|
392 | if ("" != $additional_toolbar) { |
---|
393 | $tpl_comment['TOOLBAR'] = $additional_toolbar; |
---|
394 | } |
---|
395 | |
---|
396 | $ce_exit = array( |
---|
397 | 'URL' => $this->getBaseUrl(), |
---|
398 | 'TITLE' => 'ce_close_editor_title', |
---|
399 | 'ALT' => 'ce_close_editor_alt', |
---|
400 | 'IMG' => CE_CLOSE_IMG |
---|
401 | ); |
---|
402 | $template->assign('ce_exit', $ce_exit); |
---|
403 | |
---|
404 | $template->assign('comment_editor', $tpl_comment); |
---|
405 | $old_begin = $template->get_template_vars($begin); |
---|
406 | $template->assign($begin, $template->parse('ce_edit', true)); |
---|
407 | $template->concat($begin, $old_begin); |
---|
408 | } |
---|
409 | |
---|
410 | function setBeginEndFields(&$begin, &$end) { |
---|
411 | switch (script_basename()) { |
---|
412 | case 'index': |
---|
413 | $begin = 'PLUGIN_INDEX_CONTENT_BEFORE'; |
---|
414 | $end = 'PLUGIN_INDEX_CONTENT_AFTER'; |
---|
415 | break; |
---|
416 | case 'picture': |
---|
417 | $begin = 'PLUGIN_PICTURE_BEFORE'; |
---|
418 | $end = 'PLUGIN_PICTURE_AFTER'; |
---|
419 | break; |
---|
420 | default: |
---|
421 | return FALSE; |
---|
422 | } |
---|
423 | return TRUE; |
---|
424 | } |
---|
425 | |
---|
426 | function getScriptName() { |
---|
427 | switch (script_basename()) { |
---|
428 | case 'index': |
---|
429 | case 'picture': |
---|
430 | return script_basename(); |
---|
431 | default: |
---|
432 | return 'index'; |
---|
433 | } |
---|
434 | } |
---|
435 | |
---|
436 | function getBaseUrl() { |
---|
437 | $url = get_root_url() . $this->getScriptName() . '.php'; |
---|
438 | $url .= get_query_string_diff(array(CE_ACTION, CE_ID)); |
---|
439 | return $url; |
---|
440 | } |
---|
441 | |
---|
442 | function getEditUrl($comment_id) { |
---|
443 | $url = $this->getBaseUrl(); |
---|
444 | $url = add_url_params($url, |
---|
445 | array( |
---|
446 | CE_ACTION => CE_ACTION_EDIT, |
---|
447 | CE_ID=>$comment_id |
---|
448 | ) |
---|
449 | ); |
---|
450 | return $url; |
---|
451 | } |
---|
452 | |
---|
453 | function getUpdateUrl() { |
---|
454 | $url = $this->getBaseUrl(); |
---|
455 | $url = add_url_params($url, |
---|
456 | array( |
---|
457 | CE_ACTION => CE_ACTION_UPDATE |
---|
458 | ) |
---|
459 | ); |
---|
460 | return $url; |
---|
461 | } |
---|
462 | |
---|
463 | function get_plugin_admin_url() { |
---|
464 | return get_admin_plugin_menu_link(CE_PATH . 'administration.php'); |
---|
465 | } |
---|
466 | |
---|
467 | } |
---|
468 | ?> |
---|