Context Navigation

source: trunk/comments.php @ 20214

Last change on this file since 20214 was 19703, checked in by plg, 11 years ago
update Piwigo headers to 2013 (the end of the world didn't occur as expected on r12922)
Property svn:eol-style set to `LF`
File size: 17.7 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[19703]	5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[12887]	31	if (!$conf['activate_comments'])
	32	{
	33	page_not_found(null);
	34	}
	35
[1072]	36	// +-----------------------------------------------------------------------+
	37	// \| Check Access and exit when user status is not ok \|
	38	// +-----------------------------------------------------------------------+
	39	check_status(ACCESS_GUEST);
	40
[796]	41	$sort_order = array(
[2223]	42	'DESC' => l10n('descending'),
	43	'ASC' => l10n('ascending')
[796]	44	);
	45
	46	// sort_by : database fields proposed for sorting comments list
	47	$sort_by = array(
[2223]	48	'date' => l10n('comment date'),
[8711]	49	'image_id' => l10n('photo')
[796]	50	);
	51
	52	// items_number : list of number of items to display per page
	53	$items_number = array(5,10,20,50,'all');
	54
[19303]	55	// if the default value is not in the expected values, we add it in the $items_number array
	56	if (!in_array($conf['comments_page_nb_comments'], $items_number))
	57	{
	58	$items_number_new = array();
	59
	60	$is_inserted = false;
	61
	62	foreach ($items_number as $number)
	63	{
	64	if ($number > $conf['comments_page_nb_comments'] or ($number == 'all' and !$is_inserted))
	65	{
	66	$items_number_new[] = $conf['comments_page_nb_comments'];
	67	$is_inserted = true;
	68	}
	69
	70	$items_number_new[] = $number;
	71	}
	72
	73	$items_number = $items_number_new;
	74	}
	75
[796]	76	// since when display comments ?
	77	//
	78	$since_options = array(
	79	1 => array('label' => l10n('today'),
[4367]	80	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[796]	81	2 => array('label' => sprintf(l10n('last %d days'), 7),
[4367]	82	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[796]	83	3 => array('label' => sprintf(l10n('last %d days'), 30),
[4367]	84	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]	85	4 => array('label' => l10n('the beginning'),
	86	'clause' => '1=1') // stupid but generic
	87	);
[18063]	88
	89	trigger_action('loc_begin_comments');
[796]	90
[4139]	91	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	92	{
	93	$page['since'] = $_GET['since'];
	94	}
	95	else
	96	{
	97	$page['since'] = 4;
	98	}
[796]	99
	100	// on which field sorting
	101	//
	102	$page['sort_by'] = 'date';
	103	// if the form was submitted, it overloads default behaviour
[2757]	104	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	105	{
[796]	106	$page['sort_by'] = $_GET['sort_by'];
[393]	107	}
[796]	108
	109	// order to sort
	110	//
[2223]	111	$page['sort_order'] = 'DESC';
[796]	112	// if the form was submitted, it overloads default behaviour
[2757]	113	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	114	{
[2223]	115	$page['sort_order'] = $_GET['sort_order'];
[393]	116	}
[796]	117
	118	// number of items to display
	119	//
[19303]	120	$page['items_number'] = $conf['comments_page_nb_comments'];
[796]	121	if (isset($_GET['items_number']))
	122	{
	123	$page['items_number'] = $_GET['items_number'];
	124	}
[3600]	125	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	126	{
	127	$page['items_number'] = 10;
	128	}
[796]	129
[1716]	130	$page['where_clauses'] = array();
	131
[796]	132	// which category to filter on ?
	133	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	134	{
[6910]	135	check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]	136
	137	$category_ids = get_subcat_ids(array($_GET['cat']));
[9679]	138	if (empty($category_ids))
[7488]	139	{
	140	$category_ids = array(-1);
	141	}
[12930]	142
[1716]	143	$page['where_clauses'][] =
[7488]	144	'category_id IN ('.implode(',', $category_ids).')';
[796]	145	}
	146
	147	// search a particular author
[4139]	148	if (!empty($_GET['author']))
[796]	149	{
[3487]	150	$page['where_clauses'][] =
	151	'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
	152	OR author = \''.$_GET['author'].'\'';
[796]	153	}
	154
[5195]	155	// search a specific comment (if you're coming directly from an admin
	156	// notification email)
	157	if (!empty($_GET['comment_id']))
	158	{
	159	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
	160
	161	// currently, the $_GET['comment_id'] is only used by admins from email
	162	// for management purpose (validate/delete)
	163	if (!is_admin())
	164	{
	165	$login_url =
	166	get_root_url().'identification.php?redirect='
	167	.urlencode(urlencode($_SERVER['REQUEST_URI']))
	168	;
	169	redirect($login_url);
	170	}
	171
	172	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
	173	}
	174
[796]	175	// search a substring among comments content
[4139]	176	if (!empty($_GET['keyword']))
[796]	177	{
[1716]	178	$page['where_clauses'][] =
[796]	179	'('.
	180	implode(' AND ',
	181	array_map(
	182	create_function(
	183	'$s',
	184	'return "content LIKE \'%$s%\'";'
	185	),
[2012]	186	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	187	)
	188	).
	189	')';
	190	}
	191
[1716]	192	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	193
[1598]	194	// which status to filter on ?
[1716]	195	if ( !is_admin() )
[1598]	196	{
[4367]	197	$page['where_clauses'][] = 'validated=\'true\'';
[1598]	198	}
	199
[1716]	200	$page['where_clauses'][] = get_sql_condition_FandF
	201	(
	202	array
	203	(
	204	'forbidden_categories' => 'category_id',
	205	'visible_categories' => 'category_id',
	206	'visible_images' => 'ic.image_id'
	207	),
	208	'', true
	209	);
[1598]	210
[579]	211	// +-----------------------------------------------------------------------+
	212	// \| comments management \|
	213	// +-----------------------------------------------------------------------+
[1598]	214
[5195]	215	$comment_id = null;
	216	$action = null;
	217
	218	$actions = array('delete', 'validate', 'edit');
	219	foreach ($actions as $loop_action)
	220	{
	221	if (isset($_GET[$loop_action]))
	222	{
[5199]	223	$action = $loop_action;
[5195]	224	check_input_parameter($action, $_GET, false, PATTERN_ID);
	225	$comment_id = $_GET[$action];
	226	break;
	227	}
[579]	228	}
[1617]	229
[5195]	230	if (isset($action))
[3445]	231	{
[5195]	232	$comment_author_id = get_comment_author_id($comment_id);
[5199]	233
[5195]	234	if (can_manage_comment($action, $comment_author_id))
[3445]	235	{
[5195]	236	$perform_redirect = false;
[5199]	237
[5195]	238	if ('delete' == $action)
	239	{
[13865]	240	check_pwg_token();
[5195]	241	delete_user_comment($comment_id);
	242	$perform_redirect = true;
	243	}
[3445]	244
[5195]	245	if ('validate' == $action)
	246	{
[13865]	247	check_pwg_token();
[5195]	248	validate_user_comment($comment_id);
	249	$perform_redirect = true;
	250	}
[5199]	251
[5195]	252	if ('edit' == $action)
	253	{
	254	if (!empty($_POST['content']))
	255	{
[13865]	256	check_pwg_token();
[18995]	257	$comment_action = update_user_comment(
[5195]	258	array(
	259	'comment_id' => $_GET['edit'],
	260	'image_id' => $_POST['image_id'],
[18995]	261	'content' => $_POST['content'],
	262	'website_url' => @$_POST['website_url'],
[5195]	263	),
	264	$_POST['key']
	265	);
[18995]	266
	267	switch ($comment_action)
	268	{
	269	case 'moderate':
	270	$_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
	271	case 'validate':
	272	$_SESSION['page_infos'][] = l10n('Your comment has been registered');
	273	$perform_redirect = true;
	274	break;
	275	case 'reject':
	276	$_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
	277	break;
	278	default:
	279	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
	280	}
[5195]	281	}
[18995]	282
	283	$edit_comment = $_GET['edit'];
[5195]	284	}
[5199]	285
[5195]	286	if ($perform_redirect)
	287	{
	288	$redirect_url =
	289	PHPWG_ROOT_PATH
	290	.'comments.php'
[12765]	291	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
[5199]	292
[5195]	293	redirect($redirect_url);
	294	}
[3445]	295	}
	296	}
	297
[579]	298	// +-----------------------------------------------------------------------+
	299	// \| page header and options \|
	300	// +-----------------------------------------------------------------------+
[355]	301
[2268]	302	$title= l10n('User comments');
[850]	303	$page['body_id'] = 'theCommentsPage';
	304
[579]	305	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	306	$template->assign(
[579]	307	array(
[796]	308	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	309	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	310	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	311	)
	312	);
[355]	313
[796]	314	// +-----------------------------------------------------------------------+
	315	// \| form construction \|
	316	// +-----------------------------------------------------------------------+
	317
	318	// Search in a particular category
[2223]	319	$blockname = 'categories';
[796]	320
	321	$query = '
[1861]	322	SELECT id, name, uppercats, global_rank
[1677]	323	FROM '.CATEGORIES_TABLE.'
	324	'.get_sql_condition_FandF
	325	(
	326	array
	327	(
	328	'forbidden_categories' => 'id',
	329	'visible_categories' => 'id'
	330	),
	331	'WHERE'
	332	).'
[796]	333	;';
	334	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	335
	336	// Filter on recent comments...
[2223]	337	$tpl_var=array();
[796]	338	foreach ($since_options as $id => $option)
	339	{
[2223]	340	$tpl_var[ $id ] = $option['label'];
[355]	341	}
[2223]	342	$template->assign( 'since_options', $tpl_var);
	343	$template->assign( 'since_options_selected', $page['since']);
[796]	344
	345	// Sort by
[2223]	346	$template->assign( 'sort_by_options', $sort_by);
	347	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	348
	349	// Sorting order
[2223]	350	$template->assign( 'sort_order_options', $sort_order);
	351	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	352
	353
	354	// Number of items
	355	$blockname = 'items_number_option';
[2223]	356	$tpl_var=array();
[796]	357	foreach ($items_number as $option)
	358	{
[2223]	359	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	360	}
[2223]	361	$template->assign( 'item_number_options', $tpl_var);
	362	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	363
[2223]	364
[579]	365	// +-----------------------------------------------------------------------+
[796]	366	// \| navigation bar \|
	367	// +-----------------------------------------------------------------------+
	368
	369	if (isset($_GET['start']) and is_numeric($_GET['start']))
	370	{
	371	$start = $_GET['start'];
	372	}
	373	else
	374	{
	375	$start = 0;
	376	}
	377
	378	$query = '
[3450]	379	SELECT COUNT(DISTINCT(com.id))
[796]	380	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]	381	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	382	ON ic.image_id = com.image_id
[4139]	383	LEFT JOIN '.USERS_TABLE.' As u
	384	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	385	WHERE '.implode('
	386	AND ', $page['where_clauses']).'
[796]	387	;';
[4325]	388	list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]	389
[1598]	390	$url = PHPWG_ROOT_PATH
	391	.'comments.php'
[5195]	392	.get_query_string_diff(array('start','delete','validate','pwg_token'));
[796]	393
	394	$navbar = create_navigation_bar($url,
	395	$counter,
	396	$start,
	397	$page['items_number'],
	398	'');
	399
[3172]	400	$template->assign('navbar', $navbar);
[796]	401
[15924]	402	$url_self = PHPWG_ROOT_PATH
	403	.'comments.php'
	404	.get_query_string_diff(array('edit','delete','validate','pwg_token'));
	405
[796]	406	// +-----------------------------------------------------------------------+
[579]	407	// \| last comments display \|
	408	// +-----------------------------------------------------------------------+
[355]	409
[796]	410	$comments = array();
	411	$element_ids = array();
	412	$category_ids = array();
	413
[579]	414	$query = '
[6596]	415	SELECT com.id AS comment_id,
	416	com.image_id,
	417	com.author,
	418	com.author_id,
[18164]	419	u.'.$conf['user_fields']['email'].' AS user_email,
	420	com.email,
[6596]	421	com.date,
[17351]	422	com.website_url,
[6596]	423	com.content,
	424	com.validated
[796]	425	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]	426	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	427	ON ic.image_id = com.image_id
[4139]	428	LEFT JOIN '.USERS_TABLE.' As u
	429	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	430	WHERE '.implode('
	431	AND ', $page['where_clauses']).'
[6596]	432	GROUP BY comment_id,
	433	com.image_id,
	434	com.author,
	435	com.author_id,
	436	com.date,
	437	com.content,
	438	com.validated
[796]	439	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	440	if ('all' != $page['items_number'])
	441	{
	442	$query.= '
[4334]	443	LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]	444	}
	445	$query.= '
[579]	446	;';
[587]	447	$result = pwg_query($query);
[4325]	448	while ($row = pwg_db_fetch_assoc($result))
[393]	449	{
[796]	450	array_push($comments, $row);
	451	array_push($element_ids, $row['image_id']);
[393]	452	}
[796]	453
	454	if (count($comments) > 0)
[579]	455	{
[796]	456	// retrieving element informations
	457	$elements = array();
[579]	458	$query = '
[12930]	459	SELECT *
[579]	460	FROM '.IMAGES_TABLE.'
[796]	461	WHERE id IN ('.implode(',', $element_ids).')
[579]	462	;';
[796]	463	$result = pwg_query($query);
[4325]	464	while ($row = pwg_db_fetch_assoc($result))
[579]	465	{
[796]	466	$elements[$row['id']] = $row;
[579]	467	}
[721]	468
[796]	469	// retrieving category informations
[579]	470	$query = '
[6596]	471	SELECT c.id, name, permalink, uppercats, com.id as comment_id
	472	FROM '.CATEGORIES_TABLE.' AS c
	473	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
	474	ON c.id=ic.category_id
	475	LEFT JOIN '.COMMENTS_TABLE.' AS com
	476	ON ic.image_id=com.image_id
[6601]	477	'.get_sql_condition_FandF
	478	(
	479	array
	480	(
	481	'forbidden_categories' => 'c.id',
	482	'visible_categories' => 'c.id'
	483	),
	484	'WHERE'
	485	).'
[796]	486	;';
[6596]	487	$categories = hash_from_query($query, 'comment_id');
[796]	488
	489	foreach ($comments as $comment)
[579]	490	{
[796]	491	if (!empty($elements[$comment['image_id']]['name']))
[166]	492	{
[1598]	493	$name=$elements[$comment['image_id']]['name'];
[166]	494	}
[796]	495	else
	496	{
[1598]	497	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	498	}
[1090]	499
[796]	500	// source of the thumbnail picture
[12930]	501	$src_image = new SrcImage($elements[$comment['image_id']]);
[1090]	502
[796]	503	// link to the full size picture
[1090]	504	$url = make_picture_url(
[796]	505	array(
[6596]	506	'category' => $categories[ $comment['comment_id'] ],
[5195]	507	'image_id' => $comment['image_id'],
	508	'image_file' => $elements[$comment['image_id']]['file'],
	509	)
	510	);
[18164]	511
	512	$email = null;
	513	if (!empty($comment['user_email']))
	514	{
	515	$email = $comment['user_email'];
	516	}
	517	else if (!empty($comment['email']))
	518	{
	519	$email = $comment['email'];
	520	}
[5199]	521
[5195]	522	$tpl_comment = array(
[11261]	523	'ID' => $comment['comment_id'],
[5195]	524	'U_PICTURE' => $url,
[12930]	525	'src_image' => $src_image,
[5195]	526	'ALT' => $name,
	527	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
[17351]	528	'WEBSITE_URL' => $comment['website_url'],
[5195]	529	'DATE'=>format_date($comment['date'], true),
	530	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
	531	);
[18164]	532
	533	if (is_admin())
	534	{
	535	$tpl_comment['EMAIL'] = $email;
	536	}
[1598]	537
[3487]	538	if (can_manage_comment('delete', $comment['author_id']))
[1598]	539	{
[5195]	540	$url =
	541	get_root_url()
	542	.'comments.php'
	543	.get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
[5199]	544
[5195]	545	$tpl_comment['U_DELETE'] = add_url_params(
	546	$url,
	547	array(
	548	'delete' => $comment['comment_id'],
	549	'pwg_token' => get_pwg_token(),
	550	)
	551	);
[3445]	552	}
[5199]	553
[3450]	554	if (can_manage_comment('edit', $comment['author_id']))
[3445]	555	{
[5195]	556	$url =
	557	get_root_url()
	558	.'comments.php'
	559	.get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
[5199]	560
[5195]	561	$tpl_comment['U_EDIT'] = add_url_params(
	562	$url,
	563	array(
[13865]	564	'edit' => $comment['comment_id']
[5195]	565	)
	566	);
[5199]	567
[3487]	568	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	569	{
[12930]	570	$tpl_comment['IN_EDIT'] = true;
	571	$key = get_ephemeral_key(2, $comment['image_id']);
	572	$tpl_comment['KEY'] = $key;
	573	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	574	$tpl_comment['CONTENT'] = $comment['content'];
[13865]	575	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
[15924]	576	$tpl_comment['U_CANCEL'] = $url_self;
[1598]	577	}
	578	}
[3445]	579
[5195]	580	if (can_manage_comment('validate', $comment['author_id']))
[3445]	581	{
[5195]	582	if ('true' != $comment['validated'])
	583	{
	584	$tpl_comment['U_VALIDATE'] = add_url_params(
	585	$url,
	586	array(
	587	'validate'=> $comment['comment_id'],
	588	'pwg_token' => get_pwg_token(),
	589	)
	590	);
	591	}
[3445]	592	}
[2223]	593	$template->append('comments', $tpl_comment);
[166]	594	}
[579]	595	}
[10812]	596
[12930]	597	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
	598	$template->assign( 'derivative_params', $derivative_params );
	599
[10812]	600	// include menubar
	601	$themeconf = $template->get_template_vars('themeconf');
[10824]	602	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]	603	{
	604	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
	605	}
	606
[579]	607	// +-----------------------------------------------------------------------+
	608	// \| html code display \|
	609	// +-----------------------------------------------------------------------+
[2107]	610	include(PHPWG_ROOT_PATH.'include/page_header.php');
[18063]	611	trigger_action('loc_end_comments');
[15578]	612	include(PHPWG_ROOT_PATH.'include/page_messages.php');
[2223]	613	$template->pparse('comments');
[1598]	614	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	615	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: