source: trunk/admin/comments.php @ 29060

Revision 29060, 7.0 KB checked in by rvelices, 5 years ago (diff)

bug 3100 display IP address of comment author on admin page and also save the entire ip address in the database, not only the first three ip components

  • Property svn:eol-style set to LF
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2014 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24if (!defined('PHPWG_ROOT_PATH'))
25{
26  die ("Hacking attempt!");
27}
28
29include_once(PHPWG_ROOT_PATH.'admin/include/functions.php');
30
31if (isset($_GET['start']) and is_numeric($_GET['start']))
32{
33  $page['start'] = $_GET['start'];
34}
35else
36{
37  $page['start'] = 0;
38}
39
40// +-----------------------------------------------------------------------+
41// | Check Access and exit when user status is not ok                      |
42// +-----------------------------------------------------------------------+
43
44check_status(ACCESS_ADMINISTRATOR);
45
46// +-----------------------------------------------------------------------+
47// |                                actions                                |
48// +-----------------------------------------------------------------------+
49
50if (!empty($_POST))
51{
52  if (empty($_POST['comments']))
53  {
54    $page['errors'][] = l10n('Select at least one comment');
55  }
56  else
57  {
58    include_once( PHPWG_ROOT_PATH .'include/functions_comment.inc.php' );
59    check_input_parameter('comments', $_POST, true, PATTERN_ID);
60
61    if (isset($_POST['validate']))
62    {
63      validate_user_comment($_POST['comments']);
64
65      $page['infos'][] = l10n_dec(
66        '%d user comment validated', '%d user comments validated',
67        count($_POST['comments'])
68        );
69    }
70
71    if (isset($_POST['reject']))
72    {
73      delete_user_comment($_POST['comments']);
74
75      $page['infos'][] = l10n_dec(
76        '%d user comment rejected', '%d user comments rejected',
77        count($_POST['comments'])
78        );
79    }
80  }
81}
82
83// +-----------------------------------------------------------------------+
84// |                             template init                             |
85// +-----------------------------------------------------------------------+
86
87$template->set_filenames(array('comments'=>'comments.tpl'));
88
89$template->assign(
90  array(
91    'F_ACTION' => get_root_url().'admin.php?page=comments'
92    )
93  );
94
95// +-----------------------------------------------------------------------+
96// | Tabs                                                                  |
97// +-----------------------------------------------------------------------+
98
99include_once(PHPWG_ROOT_PATH.'admin/include/tabsheet.class.php');
100
101$tabsheet = new tabsheet();
102$tabsheet->set_id('comments');
103$tabsheet->select('');
104$tabsheet->assign();
105
106// +-----------------------------------------------------------------------+
107// |                           comments display                            |
108// +-----------------------------------------------------------------------+
109
110$nb_total = 0;
111$nb_pending = 0;
112
113$query = '
114SELECT
115    COUNT(*) AS counter,
116    validated
117  FROM '.COMMENTS_TABLE.'
118  GROUP BY validated
119;';
120$result = pwg_query($query);
121while ($row = pwg_db_fetch_assoc($result))
122{
123  $nb_total+= $row['counter'];
124
125  if ('false' == $row['validated'])
126  {
127    $nb_pending = $row['counter'];
128  }
129}
130
131if (!isset($_GET['filter']) and $nb_pending > 0)
132{
133  $page['filter'] = 'pending';
134}
135else
136{
137  $page['filter'] = 'all';
138}
139
140if (isset($_GET['filter']) and 'pending' == $_GET['filter'])
141{
142  $page['filter'] = $_GET['filter'];
143}
144
145$template->assign(
146  array(
147    'nb_total' => $nb_total,
148    'nb_pending' => $nb_pending,
149    'filter' => $page['filter'],
150    )
151  );
152
153$where_clauses = array('1=1');
154
155if ('pending' == $page['filter'])
156{
157  $where_clauses[] = 'validated=\'false\'';
158}
159
160$query = '
161SELECT
162    c.id,
163    c.image_id,
164    c.date,
165    c.author,
166    '.$conf['user_fields']['username'].' AS username,
167    c.content,
168    i.path,
169    i.representative_ext,
170    validated,
171    c.anonymous_id
172  FROM '.COMMENTS_TABLE.' AS c
173    INNER JOIN '.IMAGES_TABLE.' AS i
174      ON i.id = c.image_id
175    LEFT JOIN '.USERS_TABLE.' AS u
176      ON u.'.$conf['user_fields']['id'].' = c.author_id
177  WHERE '.implode(' AND ', $where_clauses).'
178  ORDER BY c.date DESC
179  LIMIT '.$page['start'].', '.$conf['comments_page_nb_comments'].'
180;';
181$result = pwg_query($query);
182while ($row = pwg_db_fetch_assoc($result))
183{
184  $thumb = DerivativeImage::thumb_url(
185      array(
186        'id'=>$row['image_id'],
187        'path'=>$row['path'],
188        )
189     );
190  if (empty($row['author_id']))
191  {
192    $author_name = $row['author'];
193  }
194  else
195  {
196    $author_name = stripslashes($row['username']);
197  }
198  $template->append(
199    'comments',
200    array(
201      'U_PICTURE' => get_root_url().'admin.php?page=photo-'.$row['image_id'],
202      'ID' => $row['id'],
203      'TN_SRC' => $thumb,
204      'AUTHOR' => trigger_change('render_comment_author', $author_name),
205      'DATE' => format_date($row['date'], array('day_name','day','month','year','time')),
206      'CONTENT' => trigger_change('render_comment_content',$row['content']),
207      'IS_PENDING' => ('false' == $row['validated']),
208      'IP' => $row['anonymous_id'],
209      )
210    );
211
212  $list[] = $row['id'];
213}
214
215// +-----------------------------------------------------------------------+
216// |                            navigation bar                             |
217// +-----------------------------------------------------------------------+
218
219$navbar = create_navigation_bar(
220  get_root_url().'admin.php'.get_query_string_diff(array('start')),
221  ('pending' == $page['filter'] ? $nb_pending : $nb_total),
222  $page['start'],
223  $conf['comments_page_nb_comments']
224  );
225
226$template->assign('navbar', $navbar);
227
228// +-----------------------------------------------------------------------+
229// |                           sending html code                           |
230// +-----------------------------------------------------------------------+
231
232$template->assign_var_from_handle('ADMIN_CONTENT', 'comments');
233
234?>
Note: See TracBrowser for help on using the repository browser.