Context Navigation

source: trunk/comments.php @ 18333

Last change on this file since 18333 was 18164, checked in by mistic100, 12 years ago
feature 2754: Add "Email" field for user comments + mandatory "Author"
Property svn:eol-style set to `LF`
File size: 16.5 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[12922]	5	// \| Copyright(C) 2008-2012 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[12887]	31	if (!$conf['activate_comments'])
	32	{
	33	page_not_found(null);
	34	}
	35
[1072]	36	// +-----------------------------------------------------------------------+
	37	// \| Check Access and exit when user status is not ok \|
	38	// +-----------------------------------------------------------------------+
	39	check_status(ACCESS_GUEST);
	40
[796]	41	$sort_order = array(
[2223]	42	'DESC' => l10n('descending'),
	43	'ASC' => l10n('ascending')
[796]	44	);
	45
	46	// sort_by : database fields proposed for sorting comments list
	47	$sort_by = array(
[2223]	48	'date' => l10n('comment date'),
[8711]	49	'image_id' => l10n('photo')
[796]	50	);
	51
	52	// items_number : list of number of items to display per page
	53	$items_number = array(5,10,20,50,'all');
	54
	55	// since when display comments ?
	56	//
	57	$since_options = array(
	58	1 => array('label' => l10n('today'),
[4367]	59	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[796]	60	2 => array('label' => sprintf(l10n('last %d days'), 7),
[4367]	61	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[796]	62	3 => array('label' => sprintf(l10n('last %d days'), 30),
[4367]	63	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]	64	4 => array('label' => l10n('the beginning'),
	65	'clause' => '1=1') // stupid but generic
	66	);
[18063]	67
	68	trigger_action('loc_begin_comments');
[796]	69
[4139]	70	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	71	{
	72	$page['since'] = $_GET['since'];
	73	}
	74	else
	75	{
	76	$page['since'] = 4;
	77	}
[796]	78
	79	// on which field sorting
	80	//
	81	$page['sort_by'] = 'date';
	82	// if the form was submitted, it overloads default behaviour
[2757]	83	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	84	{
[796]	85	$page['sort_by'] = $_GET['sort_by'];
[393]	86	}
[796]	87
	88	// order to sort
	89	//
[2223]	90	$page['sort_order'] = 'DESC';
[796]	91	// if the form was submitted, it overloads default behaviour
[2757]	92	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	93	{
[2223]	94	$page['sort_order'] = $_GET['sort_order'];
[393]	95	}
[796]	96
	97	// number of items to display
	98	//
[1814]	99	$page['items_number'] = 10;
[796]	100	if (isset($_GET['items_number']))
	101	{
	102	$page['items_number'] = $_GET['items_number'];
	103	}
[3600]	104	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	105	{
	106	$page['items_number'] = 10;
	107	}
[796]	108
[1716]	109	$page['where_clauses'] = array();
	110
[796]	111	// which category to filter on ?
	112	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	113	{
[6910]	114	check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]	115
	116	$category_ids = get_subcat_ids(array($_GET['cat']));
[9679]	117	if (empty($category_ids))
[7488]	118	{
	119	$category_ids = array(-1);
	120	}
[12930]	121
[1716]	122	$page['where_clauses'][] =
[7488]	123	'category_id IN ('.implode(',', $category_ids).')';
[796]	124	}
	125
	126	// search a particular author
[4139]	127	if (!empty($_GET['author']))
[796]	128	{
[3487]	129	$page['where_clauses'][] =
	130	'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
	131	OR author = \''.$_GET['author'].'\'';
[796]	132	}
	133
[5195]	134	// search a specific comment (if you're coming directly from an admin
	135	// notification email)
	136	if (!empty($_GET['comment_id']))
	137	{
	138	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
	139
	140	// currently, the $_GET['comment_id'] is only used by admins from email
	141	// for management purpose (validate/delete)
	142	if (!is_admin())
	143	{
	144	$login_url =
	145	get_root_url().'identification.php?redirect='
	146	.urlencode(urlencode($_SERVER['REQUEST_URI']))
	147	;
	148	redirect($login_url);
	149	}
	150
	151	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
	152	}
	153
[796]	154	// search a substring among comments content
[4139]	155	if (!empty($_GET['keyword']))
[796]	156	{
[1716]	157	$page['where_clauses'][] =
[796]	158	'('.
	159	implode(' AND ',
	160	array_map(
	161	create_function(
	162	'$s',
	163	'return "content LIKE \'%$s%\'";'
	164	),
[2012]	165	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	166	)
	167	).
	168	')';
	169	}
	170
[1716]	171	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	172
[1598]	173	// which status to filter on ?
[1716]	174	if ( !is_admin() )
[1598]	175	{
[4367]	176	$page['where_clauses'][] = 'validated=\'true\'';
[1598]	177	}
	178
[1716]	179	$page['where_clauses'][] = get_sql_condition_FandF
	180	(
	181	array
	182	(
	183	'forbidden_categories' => 'category_id',
	184	'visible_categories' => 'category_id',
	185	'visible_images' => 'ic.image_id'
	186	),
	187	'', true
	188	);
[1598]	189
[579]	190	// +-----------------------------------------------------------------------+
	191	// \| comments management \|
	192	// +-----------------------------------------------------------------------+
[1598]	193
[5195]	194	$comment_id = null;
	195	$action = null;
	196
	197	$actions = array('delete', 'validate', 'edit');
	198	foreach ($actions as $loop_action)
	199	{
	200	if (isset($_GET[$loop_action]))
	201	{
[5199]	202	$action = $loop_action;
[5195]	203	check_input_parameter($action, $_GET, false, PATTERN_ID);
	204	$comment_id = $_GET[$action];
	205	break;
	206	}
[579]	207	}
[1617]	208
[5195]	209	if (isset($action))
[3445]	210	{
[5195]	211	$comment_author_id = get_comment_author_id($comment_id);
[5199]	212
[5195]	213	if (can_manage_comment($action, $comment_author_id))
[3445]	214	{
[5195]	215	$perform_redirect = false;
[5199]	216
[5195]	217	if ('delete' == $action)
	218	{
[13865]	219	check_pwg_token();
[5195]	220	delete_user_comment($comment_id);
	221	$perform_redirect = true;
	222	}
[3445]	223
[5195]	224	if ('validate' == $action)
	225	{
[13865]	226	check_pwg_token();
[5195]	227	validate_user_comment($comment_id);
	228	$perform_redirect = true;
	229	}
[5199]	230
[5195]	231	if ('edit' == $action)
	232	{
	233	if (!empty($_POST['content']))
	234	{
[13865]	235	check_pwg_token();
[5195]	236	update_user_comment(
	237	array(
	238	'comment_id' => $_GET['edit'],
	239	'image_id' => $_POST['image_id'],
	240	'content' => $_POST['content']
	241	),
	242	$_POST['key']
	243	);
[5199]	244
[12765]	245	$perform_redirect = true;
[5195]	246	}
	247	else
	248	{
	249	$edit_comment = $_GET['edit'];
	250	}
	251	}
[5199]	252
[5195]	253	if ($perform_redirect)
	254	{
	255	$redirect_url =
	256	PHPWG_ROOT_PATH
	257	.'comments.php'
[12765]	258	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
[5199]	259
[5195]	260	redirect($redirect_url);
	261	}
[3445]	262	}
	263	}
	264
[579]	265	// +-----------------------------------------------------------------------+
	266	// \| page header and options \|
	267	// +-----------------------------------------------------------------------+
[355]	268
[2268]	269	$title= l10n('User comments');
[850]	270	$page['body_id'] = 'theCommentsPage';
	271
[579]	272	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	273	$template->assign(
[579]	274	array(
[796]	275	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	276	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	277	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	278	)
	279	);
[355]	280
[796]	281	// +-----------------------------------------------------------------------+
	282	// \| form construction \|
	283	// +-----------------------------------------------------------------------+
	284
	285	// Search in a particular category
[2223]	286	$blockname = 'categories';
[796]	287
	288	$query = '
[1861]	289	SELECT id, name, uppercats, global_rank
[1677]	290	FROM '.CATEGORIES_TABLE.'
	291	'.get_sql_condition_FandF
	292	(
	293	array
	294	(
	295	'forbidden_categories' => 'id',
	296	'visible_categories' => 'id'
	297	),
	298	'WHERE'
	299	).'
[796]	300	;';
	301	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	302
	303	// Filter on recent comments...
[2223]	304	$tpl_var=array();
[796]	305	foreach ($since_options as $id => $option)
	306	{
[2223]	307	$tpl_var[ $id ] = $option['label'];
[355]	308	}
[2223]	309	$template->assign( 'since_options', $tpl_var);
	310	$template->assign( 'since_options_selected', $page['since']);
[796]	311
	312	// Sort by
[2223]	313	$template->assign( 'sort_by_options', $sort_by);
	314	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	315
	316	// Sorting order
[2223]	317	$template->assign( 'sort_order_options', $sort_order);
	318	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	319
	320
	321	// Number of items
	322	$blockname = 'items_number_option';
[2223]	323	$tpl_var=array();
[796]	324	foreach ($items_number as $option)
	325	{
[2223]	326	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	327	}
[2223]	328	$template->assign( 'item_number_options', $tpl_var);
	329	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	330
[2223]	331
[579]	332	// +-----------------------------------------------------------------------+
[796]	333	// \| navigation bar \|
	334	// +-----------------------------------------------------------------------+
	335
	336	if (isset($_GET['start']) and is_numeric($_GET['start']))
	337	{
	338	$start = $_GET['start'];
	339	}
	340	else
	341	{
	342	$start = 0;
	343	}
	344
	345	$query = '
[3450]	346	SELECT COUNT(DISTINCT(com.id))
[796]	347	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]	348	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	349	ON ic.image_id = com.image_id
[4139]	350	LEFT JOIN '.USERS_TABLE.' As u
	351	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	352	WHERE '.implode('
	353	AND ', $page['where_clauses']).'
[796]	354	;';
[4325]	355	list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]	356
[1598]	357	$url = PHPWG_ROOT_PATH
	358	.'comments.php'
[5195]	359	.get_query_string_diff(array('start','delete','validate','pwg_token'));
[796]	360
	361	$navbar = create_navigation_bar($url,
	362	$counter,
	363	$start,
	364	$page['items_number'],
	365	'');
	366
[3172]	367	$template->assign('navbar', $navbar);
[796]	368
[15924]	369	$url_self = PHPWG_ROOT_PATH
	370	.'comments.php'
	371	.get_query_string_diff(array('edit','delete','validate','pwg_token'));
	372
[796]	373	// +-----------------------------------------------------------------------+
[579]	374	// \| last comments display \|
	375	// +-----------------------------------------------------------------------+
[355]	376
[796]	377	$comments = array();
	378	$element_ids = array();
	379	$category_ids = array();
	380
[579]	381	$query = '
[6596]	382	SELECT com.id AS comment_id,
	383	com.image_id,
	384	com.author,
	385	com.author_id,
[18164]	386	u.'.$conf['user_fields']['email'].' AS user_email,
	387	com.email,
[6596]	388	com.date,
[17351]	389	com.website_url,
[6596]	390	com.content,
	391	com.validated
[796]	392	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]	393	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	394	ON ic.image_id = com.image_id
[4139]	395	LEFT JOIN '.USERS_TABLE.' As u
	396	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	397	WHERE '.implode('
	398	AND ', $page['where_clauses']).'
[6596]	399	GROUP BY comment_id,
	400	com.image_id,
	401	com.author,
	402	com.author_id,
	403	com.date,
	404	com.content,
	405	com.validated
[796]	406	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	407	if ('all' != $page['items_number'])
	408	{
	409	$query.= '
[4334]	410	LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]	411	}
	412	$query.= '
[579]	413	;';
[587]	414	$result = pwg_query($query);
[4325]	415	while ($row = pwg_db_fetch_assoc($result))
[393]	416	{
[796]	417	array_push($comments, $row);
	418	array_push($element_ids, $row['image_id']);
[393]	419	}
[796]	420
	421	if (count($comments) > 0)
[579]	422	{
[796]	423	// retrieving element informations
	424	$elements = array();
[579]	425	$query = '
[12930]	426	SELECT *
[579]	427	FROM '.IMAGES_TABLE.'
[796]	428	WHERE id IN ('.implode(',', $element_ids).')
[579]	429	;';
[796]	430	$result = pwg_query($query);
[4325]	431	while ($row = pwg_db_fetch_assoc($result))
[579]	432	{
[796]	433	$elements[$row['id']] = $row;
[579]	434	}
[721]	435
[796]	436	// retrieving category informations
[579]	437	$query = '
[6596]	438	SELECT c.id, name, permalink, uppercats, com.id as comment_id
	439	FROM '.CATEGORIES_TABLE.' AS c
	440	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
	441	ON c.id=ic.category_id
	442	LEFT JOIN '.COMMENTS_TABLE.' AS com
	443	ON ic.image_id=com.image_id
[6601]	444	'.get_sql_condition_FandF
	445	(
	446	array
	447	(
	448	'forbidden_categories' => 'c.id',
	449	'visible_categories' => 'c.id'
	450	),
	451	'WHERE'
	452	).'
[796]	453	;';
[6596]	454	$categories = hash_from_query($query, 'comment_id');
[796]	455
	456	foreach ($comments as $comment)
[579]	457	{
[796]	458	if (!empty($elements[$comment['image_id']]['name']))
[166]	459	{
[1598]	460	$name=$elements[$comment['image_id']]['name'];
[166]	461	}
[796]	462	else
	463	{
[1598]	464	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	465	}
[1090]	466
[796]	467	// source of the thumbnail picture
[12930]	468	$src_image = new SrcImage($elements[$comment['image_id']]);
[1090]	469
[796]	470	// link to the full size picture
[1090]	471	$url = make_picture_url(
[796]	472	array(
[6596]	473	'category' => $categories[ $comment['comment_id'] ],
[5195]	474	'image_id' => $comment['image_id'],
	475	'image_file' => $elements[$comment['image_id']]['file'],
	476	)
	477	);
[18164]	478
	479	$email = null;
	480	if (!empty($comment['user_email']))
	481	{
	482	$email = $comment['user_email'];
	483	}
	484	else if (!empty($comment['email']))
	485	{
	486	$email = $comment['email'];
	487	}
[5199]	488
[5195]	489	$tpl_comment = array(
[11261]	490	'ID' => $comment['comment_id'],
[5195]	491	'U_PICTURE' => $url,
[12930]	492	'src_image' => $src_image,
[5195]	493	'ALT' => $name,
	494	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
[17351]	495	'WEBSITE_URL' => $comment['website_url'],
[5195]	496	'DATE'=>format_date($comment['date'], true),
	497	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
	498	);
[18164]	499
	500	if (is_admin())
	501	{
	502	$tpl_comment['EMAIL'] = $email;
	503	}
[1598]	504
[3487]	505	if (can_manage_comment('delete', $comment['author_id']))
[1598]	506	{
[5195]	507	$url =
	508	get_root_url()
	509	.'comments.php'
	510	.get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
[5199]	511
[5195]	512	$tpl_comment['U_DELETE'] = add_url_params(
	513	$url,
	514	array(
	515	'delete' => $comment['comment_id'],
	516	'pwg_token' => get_pwg_token(),
	517	)
	518	);
[3445]	519	}
[5199]	520
[3450]	521	if (can_manage_comment('edit', $comment['author_id']))
[3445]	522	{
[5195]	523	$url =
	524	get_root_url()
	525	.'comments.php'
	526	.get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
[5199]	527
[5195]	528	$tpl_comment['U_EDIT'] = add_url_params(
	529	$url,
	530	array(
[13865]	531	'edit' => $comment['comment_id']
[5195]	532	)
	533	);
[5199]	534
[3487]	535	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	536	{
[12930]	537	$tpl_comment['IN_EDIT'] = true;
	538	$key = get_ephemeral_key(2, $comment['image_id']);
	539	$tpl_comment['KEY'] = $key;
	540	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	541	$tpl_comment['CONTENT'] = $comment['content'];
[13865]	542	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
[15924]	543	$tpl_comment['U_CANCEL'] = $url_self;
[1598]	544	}
	545	}
[3445]	546
[5195]	547	if (can_manage_comment('validate', $comment['author_id']))
[3445]	548	{
[5195]	549	if ('true' != $comment['validated'])
	550	{
	551	$tpl_comment['U_VALIDATE'] = add_url_params(
	552	$url,
	553	array(
	554	'validate'=> $comment['comment_id'],
	555	'pwg_token' => get_pwg_token(),
	556	)
	557	);
	558	}
[3445]	559	}
[2223]	560	$template->append('comments', $tpl_comment);
[166]	561	}
[579]	562	}
[10812]	563
[12930]	564	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
	565	$template->assign( 'derivative_params', $derivative_params );
	566
[10812]	567	// include menubar
	568	$themeconf = $template->get_template_vars('themeconf');
[10824]	569	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]	570	{
	571	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
	572	}
	573
[579]	574	// +-----------------------------------------------------------------------+
	575	// \| html code display \|
	576	// +-----------------------------------------------------------------------+
[2107]	577	include(PHPWG_ROOT_PATH.'include/page_header.php');
[18063]	578	trigger_action('loc_end_comments');
[15578]	579	include(PHPWG_ROOT_PATH.'include/page_messages.php');
[2223]	580	$template->pparse('comments');
[1598]	581	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	582	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: