[12515] | 1 | <?php |
---|
| 2 | |
---|
| 3 | if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); |
---|
| 4 | include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); |
---|
| 5 | |
---|
| 6 | global $user, $conf; |
---|
| 7 | |
---|
| 8 | // +-----------------------------------------------------------------------+ |
---|
| 9 | // | comments management | |
---|
| 10 | // +-----------------------------------------------------------------------+ |
---|
| 11 | |
---|
| 12 | $comment_id = null; |
---|
| 13 | $action = null; |
---|
| 14 | |
---|
| 15 | $actions = array('delete_comment', 'validate_comment', 'edit_comment'); |
---|
| 16 | foreach ($actions as $loop_action) |
---|
| 17 | { |
---|
| 18 | if (isset($_GET[$loop_action])) |
---|
| 19 | { |
---|
| 20 | $action = $loop_action; |
---|
| 21 | check_input_parameter($action, $_GET, false, PATTERN_ID); |
---|
| 22 | $comment_id = $_GET[$action]; |
---|
| 23 | break; |
---|
| 24 | } |
---|
| 25 | } |
---|
| 26 | |
---|
| 27 | if (isset($action)) |
---|
| 28 | { |
---|
| 29 | check_pwg_token(); |
---|
| 30 | |
---|
| 31 | $comment_author_id = get_comment_author_id($comment_id); |
---|
| 32 | $action = str_replace('_comment', '', $action); |
---|
| 33 | |
---|
| 34 | if (can_manage_comment($action, $comment_author_id)) |
---|
| 35 | { |
---|
| 36 | $perform_redirect = false; |
---|
| 37 | |
---|
| 38 | if ('delete' == $action) |
---|
| 39 | { |
---|
| 40 | delete_user_comment($comment_id); |
---|
| 41 | $perform_redirect = true; |
---|
| 42 | } |
---|
| 43 | |
---|
| 44 | if ('validate' == $action) |
---|
| 45 | { |
---|
| 46 | validate_user_comment($comment_id); |
---|
| 47 | $perform_redirect = true; |
---|
| 48 | } |
---|
| 49 | |
---|
| 50 | if ('edit' == $action) |
---|
| 51 | { |
---|
| 52 | if (!empty($_POST['content'])) |
---|
| 53 | { |
---|
| 54 | update_user_comment( |
---|
| 55 | array( |
---|
| 56 | 'comment_id' => $_GET['edit_comment'], |
---|
| 57 | 'image_id' => $_POST['image_id'], |
---|
| 58 | 'content' => $_POST['content'] |
---|
| 59 | ), |
---|
| 60 | $_POST['key'] |
---|
| 61 | ); |
---|
| 62 | |
---|
| 63 | $perform_redirect = true; |
---|
| 64 | } |
---|
| 65 | else |
---|
| 66 | { |
---|
| 67 | $edit_comment = $_GET['edit_comment']; |
---|
| 68 | } |
---|
| 69 | } |
---|
| 70 | |
---|
| 71 | if ($perform_redirect) |
---|
| 72 | { |
---|
| 73 | $redirect_url = |
---|
| 74 | PHPWG_ROOT_PATH |
---|
| 75 | .'index.php' |
---|
| 76 | .get_query_string_diff(array('delete_comment','validate_comment','edit_comment','pwg_token')); |
---|
| 77 | |
---|
| 78 | redirect($redirect_url); |
---|
| 79 | } |
---|
| 80 | } |
---|
| 81 | } |
---|
| 82 | |
---|
| 83 | // +-----------------------------------------------------------------------+ |
---|
| 84 | // | last comments display | |
---|
| 85 | // +-----------------------------------------------------------------------+ |
---|
| 86 | if ( !is_admin() ) |
---|
| 87 | { |
---|
| 88 | $page['where_clauses'][] = 'validated=\'true\''; |
---|
| 89 | } |
---|
| 90 | |
---|
| 91 | $page['where_clauses'][] = get_sql_condition_FandF |
---|
| 92 | ( |
---|
| 93 | array |
---|
| 94 | ( |
---|
| 95 | 'forbidden_categories' => 'category_id', |
---|
| 96 | 'visible_categories' => 'category_id', |
---|
| 97 | 'visible_images' => 'ic.image_id' |
---|
| 98 | ), |
---|
| 99 | '', true |
---|
| 100 | ); |
---|
| 101 | |
---|
| 102 | $comments = array(); |
---|
| 103 | $element_ids = array(); |
---|
| 104 | $category_ids = array(); |
---|
| 105 | |
---|
| 106 | $query = ' |
---|
| 107 | SELECT com.id AS comment_id, |
---|
| 108 | com.image_id, |
---|
| 109 | com.author, |
---|
| 110 | com.author_id, |
---|
| 111 | com.date, |
---|
| 112 | com.content, |
---|
| 113 | com.validated |
---|
| 114 | FROM '.IMAGE_CATEGORY_TABLE.' AS ic |
---|
| 115 | INNER JOIN '.COMMENTS_TABLE.' AS com |
---|
| 116 | ON ic.image_id = com.image_id |
---|
| 117 | LEFT JOIN '.USERS_TABLE.' As u |
---|
| 118 | ON u.'.$conf['user_fields']['id'].' = com.author_id |
---|
| 119 | WHERE '.implode(' |
---|
| 120 | AND ', $page['where_clauses']).' |
---|
| 121 | GROUP BY comment_id, |
---|
| 122 | com.image_id, |
---|
| 123 | com.author, |
---|
| 124 | com.author_id, |
---|
| 125 | com.date, |
---|
| 126 | com.content, |
---|
| 127 | com.validated |
---|
| 128 | ORDER BY date DESC |
---|
| 129 | LIMIT 0, ' . $datas[0] . ';'; |
---|
| 130 | |
---|
| 131 | $query.= ' |
---|
| 132 | ;'; |
---|
| 133 | $result = pwg_query($query); |
---|
| 134 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 135 | { |
---|
| 136 | array_push($comments, $row); |
---|
| 137 | array_push($element_ids, $row['image_id']); |
---|
| 138 | } |
---|
| 139 | |
---|
| 140 | if (count($comments) > 0) |
---|
| 141 | { |
---|
| 142 | $block['TEMPLATE'] = 'stuffs_lastcoms.tpl'; |
---|
| 143 | $block['TITLE_URL'] = 'comments.php'; |
---|
| 144 | $block['comments'] = array(); |
---|
| 145 | $block['MAX_WIDTH'] = $datas[3]; |
---|
| 146 | $block['MAX_HEIGHT'] = $datas[4]; |
---|
| 147 | switch ($datas[2]) |
---|
| 148 | { |
---|
| 149 | case 1 : |
---|
| 150 | $block['NB_COMMENTS_LINE'] = '99%'; |
---|
| 151 | break; |
---|
| 152 | case 2 : |
---|
| 153 | $block['NB_COMMENTS_LINE'] = '49.5%'; |
---|
| 154 | break; |
---|
| 155 | case 3 : |
---|
| 156 | $block['NB_COMMENTS_LINE'] = '33%'; |
---|
| 157 | break; |
---|
| 158 | } |
---|
| 159 | |
---|
| 160 | // retrieving element informations |
---|
| 161 | $elements = array(); |
---|
| 162 | $query = ' |
---|
| 163 | SELECT id, name, file, path, tn_ext |
---|
| 164 | FROM '.IMAGES_TABLE.' |
---|
| 165 | WHERE id IN ('.implode(',', $element_ids).') |
---|
| 166 | ;'; |
---|
| 167 | $result = pwg_query($query); |
---|
| 168 | while ($row = pwg_db_fetch_assoc($result)) |
---|
| 169 | { |
---|
| 170 | $elements[$row['id']] = $row; |
---|
| 171 | } |
---|
| 172 | |
---|
| 173 | // retrieving category informations |
---|
| 174 | $query = ' |
---|
| 175 | SELECT c.id, name, permalink, uppercats, com.id as comment_id |
---|
| 176 | FROM '.CATEGORIES_TABLE.' AS c |
---|
| 177 | LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic |
---|
| 178 | ON c.id=ic.category_id |
---|
| 179 | LEFT JOIN '.COMMENTS_TABLE.' AS com |
---|
| 180 | ON ic.image_id=com.image_id |
---|
| 181 | '.get_sql_condition_FandF |
---|
| 182 | ( |
---|
| 183 | array |
---|
| 184 | ( |
---|
| 185 | 'forbidden_categories' => 'c.id', |
---|
| 186 | 'visible_categories' => 'c.id' |
---|
| 187 | ), |
---|
| 188 | 'WHERE' |
---|
| 189 | ).' |
---|
| 190 | ;'; |
---|
| 191 | $categories = hash_from_query($query, 'comment_id'); |
---|
| 192 | |
---|
| 193 | foreach ($comments as $comment) |
---|
| 194 | { |
---|
| 195 | if (!empty($elements[$comment['image_id']]['name'])) |
---|
| 196 | { |
---|
| 197 | $name=$elements[$comment['image_id']]['name']; |
---|
| 198 | } |
---|
| 199 | else |
---|
| 200 | { |
---|
| 201 | $name=get_name_from_file($elements[$comment['image_id']]['file']); |
---|
| 202 | } |
---|
| 203 | |
---|
| 204 | // source of the thumbnail picture |
---|
| 205 | $thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] ); |
---|
| 206 | |
---|
| 207 | // link to the full size picture |
---|
| 208 | $url = make_picture_url( |
---|
| 209 | array( |
---|
| 210 | 'category' => $categories[ $comment['comment_id'] ], |
---|
| 211 | 'image_id' => $comment['image_id'], |
---|
| 212 | 'image_file' => $elements[$comment['image_id']]['file'], |
---|
| 213 | ) |
---|
| 214 | ); |
---|
| 215 | |
---|
| 216 | $tpl_comment = array( |
---|
| 217 | 'ID' => $comment['comment_id'], |
---|
| 218 | 'U_PICTURE' => $url, |
---|
| 219 | 'TN_SRC' => $thumbnail_src, |
---|
| 220 | 'ALT' => $name, |
---|
| 221 | 'AUTHOR' => trigger_event('render_comment_author', $comment['author']), |
---|
| 222 | 'DATE'=>format_date($comment['date'], true), |
---|
| 223 | 'CONTENT'=>trigger_event('render_comment_content',$comment['content']), |
---|
| 224 | 'WIDTH' => $datas[3], |
---|
| 225 | 'HEIGHT' => $datas[4], |
---|
| 226 | ); |
---|
| 227 | |
---|
| 228 | if (can_manage_comment('delete', $comment['author_id'])) |
---|
| 229 | { |
---|
| 230 | $url = |
---|
| 231 | get_root_url() |
---|
| 232 | .'index.php' |
---|
| 233 | .get_query_string_diff(array('edit_comment', 'delete_comment','validate_comment', 'pwg_token')); |
---|
| 234 | |
---|
| 235 | $tpl_comment['U_DELETE'] = add_url_params( |
---|
| 236 | $url, |
---|
| 237 | array( |
---|
| 238 | 'delete_comment' => $comment['comment_id'], |
---|
| 239 | 'pwg_token' => get_pwg_token(), |
---|
| 240 | ) |
---|
| 241 | ); |
---|
| 242 | } |
---|
| 243 | |
---|
| 244 | if (can_manage_comment('edit', $comment['author_id'])) |
---|
| 245 | { |
---|
| 246 | $url = |
---|
| 247 | get_root_url() |
---|
| 248 | .'index.php' |
---|
| 249 | .get_query_string_diff(array('edit_comment', 'delete_comment','validate_comment', 'pwg_token')); |
---|
| 250 | |
---|
| 251 | $tpl_comment['U_EDIT'] = add_url_params( |
---|
| 252 | $url, |
---|
| 253 | array( |
---|
| 254 | 'edit_comment' => $comment['comment_id'], |
---|
| 255 | 'pwg_token' => get_pwg_token(), |
---|
| 256 | ) |
---|
| 257 | ); |
---|
| 258 | |
---|
| 259 | if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment)) |
---|
| 260 | { |
---|
| 261 | $tpl_comment['IN_EDIT'] = true; |
---|
| 262 | $key = get_ephemeral_key(2, $comment['image_id']); |
---|
| 263 | $tpl_comment['KEY'] = $key; |
---|
| 264 | $tpl_comment['IMAGE_ID'] = $comment['image_id']; |
---|
| 265 | $tpl_comment['CONTENT'] = $comment['content']; |
---|
| 266 | } |
---|
| 267 | } |
---|
| 268 | |
---|
| 269 | if (can_manage_comment('validate', $comment['author_id'])) |
---|
| 270 | { |
---|
| 271 | if ('true' != $comment['validated']) |
---|
| 272 | { |
---|
| 273 | $tpl_comment['U_VALIDATE'] = add_url_params( |
---|
| 274 | $url, |
---|
| 275 | array( |
---|
| 276 | 'validate_comment'=> $comment['comment_id'], |
---|
| 277 | 'pwg_token' => get_pwg_token(), |
---|
| 278 | ) |
---|
| 279 | ); |
---|
| 280 | } |
---|
| 281 | } |
---|
| 282 | array_push($block['comments'], $tpl_comment); |
---|
| 283 | } |
---|
| 284 | } |
---|
| 285 | |
---|
[3300] | 286 | ?> |
---|