Context Navigation

source: extensions/Comments_on_Albums/trunk/include/coa_albums.php @ 26089

Last change on this file since 26089 was 26089, checked in by mistic100, 10 years ago
update for 2.6 + clean
File size: 11.4 KB

Line
1	<?php
2	/* Code adapted from include/picture_comment.inc.php and picture.php */
3	defined('COA_ID') or die('Hacking attempt!');
4
5	global $template, $page, $conf, $pwg_loaded_plugins, $user;
6
7	// +-----------------------------------------------------------------------+
8	// \| category infos \|
9	// +-----------------------------------------------------------------------+
10	$category = $page['category'];
11
12	$url_self = duplicate_index_url(array(
13	'category' => array(
14	'id' => $category['id'],
15	'name' => $category['name'],
16	'permalink' => $category['permalink']
17	),
18	array('start')
19	));
20
21
22	// +-----------------------------------------------------------------------+
23	// \| actions \|
24	// +-----------------------------------------------------------------------+
25	if (isset($_GET['action']))
26	{
27	switch ($_GET['action'])
28	{
29	case 'edit_comment' :
30	{
31	include_once(COA_PATH.'include/functions_comment.inc.php');
32	check_input_parameter('comment_to_edit', $_GET, false, PATTERN_ID);
33	$author_id = get_comment_author_id_albums($_GET['comment_to_edit']);
34
35	if (can_manage_comment('edit', $author_id))
36	{
37	if (!empty($_POST['content']))
38	{
39	check_pwg_token();
40	$comment_action = update_user_comment_albums(
41	array(
42	'comment_id' => $_GET['comment_to_edit'],
43	'category_id' => $category['id'],
44	'content' => $_POST['content'],
45	'website_url' => @$_POST['website_url'],
46	),
47	$_POST['key']
48	);
49
50	$perform_redirect = false;
51	switch ($comment_action)
52	{
53	case 'moderate':
54	$_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
55	case 'validate':
56	$_SESSION['page_infos'][] = l10n('Your comment has been registered');
57	$perform_redirect = true;
58	break;
59	case 'reject':
60	$_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
61	$perform_redirect = true;
62	break;
63	default:
64	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
65	}
66
67	if ($perform_redirect)
68	{
69	redirect($url_self);
70	}
71	unset($_POST['content']);
72	}
73	else
74	{
75	$edit_comment = $_GET['comment_to_edit'];
76	}
77
78	$template->assign('DISPLAY_COMMENTS_BLOCK', true);
79	break;
80	}
81	}
82	case 'delete_comment' :
83	{
84	check_pwg_token();
85
86	include_once(COA_PATH.'include/functions_comment.inc.php');
87
88	check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID);
89
90	$author_id = get_comment_author_id_albums($_GET['comment_to_delete']);
91
92	if (can_manage_comment('delete', $author_id))
93	{
94	delete_user_comment_albums($_GET['comment_to_delete']);
95	}
96
97	redirect($url_self);
98	}
99	case 'validate_comment' :
100	{
101	check_pwg_token();
102
103	include_once(COA_PATH.'include/functions_comment.inc.php');
104
105	check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID);
106
107	$author_id = get_comment_author_id_albums($_GET['comment_to_validate']);
108
109	if (can_manage_comment('validate', $author_id))
110	{
111	validate_user_comment_albums($_GET['comment_to_validate']);
112	}
113
114	redirect($url_self);
115	}
116	}
117	}
118
119
120	// +-----------------------------------------------------------------------+
121	// \| insert comment \|
122	// +-----------------------------------------------------------------------+
123	if ($category['commentable'] and isset($_POST['content']))
124	{
125	if (is_a_guest() and !$conf['comments_forall'])
126	{
127	die('Session expired');
128	}
129
130	$comm = array(
131	'author' => trim( @$_POST['author'] ),
132	'content' => trim( $_POST['content'] ),
133	'website_url' => trim( $_POST['website_url'] ),
134	'email' => trim( @$_POST['email'] ),
135	'category_id' => $category['id'],
136	);
137
138	include_once(COA_PATH.'include/functions_comment.inc.php');
139
140	$comment_action = insert_user_comment_albums($comm, @$_POST['key'], $page['errors']);
141
142	switch ($comment_action)
143	{
144	case 'moderate':
145	$page['infos'][] = l10n('An administrator must authorize your comment before it is visible.');
146	case 'validate':
147	$page['infos'][] = l10n('Your comment has been registered');
148	break;
149	case 'reject':
150	set_status_header(403);
151	$page['errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
152	break;
153	default:
154	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
155	}
156
157	// allow plugins to notify what's going on
158	trigger_action( 'user_comment_insertion',
159	array_merge($comm, array('action'=>$comment_action) )
160	);
161
162	$template->assign('DISPLAY_COMMENTS_BLOCK', true);
163	}
164	else if (isset($_POST['content']))
165	{
166	set_status_header(403);
167	die('ugly spammer');
168	}
169
170
171	// +-----------------------------------------------------------------------+
172	// \| display comments \|
173	// +-----------------------------------------------------------------------+
174	if ($category['commentable'])
175	{
176	if (isset($_GET['coa_open']))
177	{
178	$template->assign('DISPLAY_COMMENTS_BLOCK', true);
179	}
180
181	if (!is_admin())
182	{
183	$validated_clause = " AND validated = 'true'";
184	}
185	else
186	{
187	$validated_clause = null;
188	}
189
190	// number of comments for this category
191	$query = '
192	SELECT
193	COUNT(*) AS nb_comments
194	FROM '.COA_TABLE.'
195	WHERE category_id = '.$category['id']
196	.$validated_clause.'
197	;';
198	$row = pwg_db_fetch_assoc(pwg_query($query));
199
200	// navigation bar creation
201	// can't use $_GET['start'] because used by thumbnails navigation bar
202	if (isset($_GET['start_comments']))
203	{
204	$page['start_comments'] = $_GET['start_comments'];
205	}
206	else
207	{
208	$page['start_comments'] = 0;
209	}
210
211	$navigation_bar = create_navigation_bar(
212	add_url_params(duplicate_index_url(array(), array('start_comments')), array('coa_open'=>null)),
213	$row['nb_comments'],
214	$page['start_comments'],
215	$conf['nb_comment_page'],
216	false,
217	'start_comments'
218	);
219
220	$template->assign(
221	array(
222	'COMMENT_COUNT' => $row['nb_comments'],
223	'comment_navbar' => $navigation_bar,
224	)
225	);
226
227	if ($row['nb_comments'] > 0)
228	{
229	// comments order (get, session, conf)
230	if (!empty($_GET['comments_order']) && in_array(strtoupper($_GET['comments_order']), array('ASC', 'DESC')))
231	{
232	pwg_set_session_var('comments_order', $_GET['comments_order']);
233	}
234	$comments_order = pwg_get_session_var('comments_order', $conf['comments_order']);
235
236	$template->assign(array(
237	'COMMENTS_ORDER_URL' => add_url_params(duplicate_index_url(), array('comments_order'=> ($comments_order == 'ASC' ? 'DESC' : 'ASC'), 'coa_open'=>null ) ),
238	'COMMENTS_ORDER_TITLE' => $comments_order == 'ASC' ? l10n('Show latest comments first') : l10n('Show oldest comments first'),
239	));
240
241	// get comments
242	$query = '
243	SELECT
244	com.id,
245	com.author,
246	com.author_id,
247	u.'.$conf['user_fields']['email'].' AS user_email,
248	com.date,
249	com.category_id,
250	com.website_url,
251	com.email,
252	com.content,
253	com.validated
254	FROM '.COA_TABLE.' AS com
255	LEFT JOIN '.USERS_TABLE.' AS u
256	ON u.'.$conf['user_fields']['id'].' = author_id
257	WHERE category_id = '.$category['id'].'
258	'.$validated_clause.'
259	ORDER BY date '.$comments_order.'
260	LIMIT '.$conf['nb_comment_page'].' OFFSET '.$page['start_comments'].'
261	;';
262	$result = pwg_query($query);
263
264	while ($row = pwg_db_fetch_assoc($result))
265	{
266	if ($row['author'] == 'guest')
267	{
268	$row['author'] = l10n('guest');
269	}
270
271	$email = null;
272	if (!empty($row['user_email']))
273	{
274	$email = $row['user_email'];
275	}
276	else if (!empty($row['email']))
277	{
278	$email = $row['email'];
279	}
280
281	// comment content
282	$tpl_comment = array(
283	'ID' => $row['id'],
284	'AUTHOR' => trigger_event('render_comment_author', $row['author']),
285	'DATE' => format_date($row['date'], true),
286	'CONTENT' => trigger_event('render_comment_content', $row['content'], 'album'),
287	'WEBSITE_URL' => $row['website_url'],
288	);
289
290	// rights
291	if (can_manage_comment('delete', $row['author_id']))
292	{
293	$tpl_comment['U_DELETE'] = add_url_params(
294	$url_self,
295	array(
296	'action' => 'delete_comment',
297	'comment_to_delete' => $row['id'],
298	'pwg_token' => get_pwg_token(),
299	)
300	);
301	}
302	if (can_manage_comment('edit', $row['author_id']))
303	{
304	$tpl_comment['U_EDIT'] = add_url_params(
305	$url_self,
306	array(
307	'action' => 'edit_comment',
308	'comment_to_edit' => $row['id'],
309	)
310	);
311	if (isset($edit_comment) and ($row['id'] == $edit_comment))
312	{
313	$tpl_comment['IN_EDIT'] = true;
314	$key = get_ephemeral_key(2, $category['id']);
315	$tpl_comment['KEY'] = $key;
316	$tpl_comment['CONTENT'] = $row['content'];
317	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
318	$tpl_comment['U_CANCEL'] = $url_self;
319	}
320	}
321	if (is_admin())
322	{
323	$tpl_comment['EMAIL'] = $email;
324
325	if ($row['validated'] != 'true')
326	{
327	$tpl_comment['U_VALIDATE'] = add_url_params(
328	$url_self,
329	array(
330	'action' => 'validate_comment',
331	'comment_to_validate' => $row['id'],
332	'pwg_token' => get_pwg_token(),
333	)
334	);
335	}
336	}
337
338	$template->append('comments', $tpl_comment);
339	}
340	}
341
342	// comment form
343	$show_add_comment_form = true;
344	if (isset($edit_comment))
345	{
346	$show_add_comment_form = false;
347	}
348	if (is_a_guest() and !$conf['comments_forall'])
349	{
350	$show_add_comment_form = false;
351	}
352
353	if ($show_add_comment_form)
354	{
355	$key = get_ephemeral_key(3, $category['id']);
356
357	$tpl_var = array(
358	'F_ACTION' => $url_self,
359	'KEY' => $key,
360	'CONTENT' => '',
361	'SHOW_AUTHOR' => !is_classic_user(),
362	'AUTHOR_MANDATORY' => $conf['comments_author_mandatory'],
363	'AUTHOR' => '',
364	'WEBSITE_URL' => '',
365	'SHOW_EMAIL' => !is_classic_user() or empty($user['email']),
366	'EMAIL_MANDATORY' => $conf['comments_email_mandatory'],
367	'EMAIL' => '',
368	);
369
370	if ('reject'==@$comment_action)
371	{
372	foreach (array('content', 'author', 'website_url', 'email') as $k)
373	{
374	$tpl_var[strtoupper($k)] = htmlspecialchars( stripslashes(@$_POST[$k]) );
375	}
376	}
377	$template->assign('comment_add', $tpl_var);
378	}
379
380	// template
381	$template->assign(array(
382	'COA_PATH' => COA_PATH,
383	'COA_ABSOLUTE_PATH' => realpath(COA_PATH) . '/',
384	));
385
386	$template->set_filename('comments_on_albums', realpath(COA_PATH . 'template/albums.tpl'));
387
388	if (isset($pwg_loaded_plugins['rv_tscroller']) and count($page['navigation_bar']) != 0)
389	{
390	$template->assign('COMMENTS_ON_TOP', true);
391	$template->concat('PLUGIN_INDEX_CONTENT_BEGIN', $template->parse('comments_on_albums', true));
392	}
393	else
394	{
395	$template->concat('PLUGIN_INDEX_CONTENT_END', $template->parse('comments_on_albums', true));
396	}
397	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: