source: trunk/comments.php @ 13648

Last change on this file since 13648 was 12930, checked in by rvelices, 12 years ago

feature 2548 multisize

  • comments thumbnails + no more hard coded thumbnail sizes in css
  • removed admin thumbnail page + language cleanup
  • Property svn:eol-style set to LF
File size: 15.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2012 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
27define('PHPWG_ROOT_PATH','./');
28include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
29include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
30
31if (!$conf['activate_comments'])
32{
33  page_not_found(null);
34}
35
36// +-----------------------------------------------------------------------+
37// | Check Access and exit when user status is not ok                      |
38// +-----------------------------------------------------------------------+
39check_status(ACCESS_GUEST);
40
41$sort_order = array(
42  'DESC' => l10n('descending'),
43  'ASC'  => l10n('ascending')
44  );
45
46// sort_by : database fields proposed for sorting comments list
47$sort_by = array(
48  'date' => l10n('comment date'),
49  'image_id' => l10n('photo')
50  );
51
52// items_number : list of number of items to display per page
53$items_number = array(5,10,20,50,'all');
54
55// since when display comments ?
56//
57$since_options = array(
58  1 => array('label' => l10n('today'),
59             'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
60  2 => array('label' => sprintf(l10n('last %d days'), 7),
61             'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
62  3 => array('label' => sprintf(l10n('last %d days'), 30),
63             'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
64  4 => array('label' => l10n('the beginning'),
65             'clause' => '1=1') // stupid but generic
66  );
67
68if (!empty($_GET['since']) && is_numeric($_GET['since']))
69{
70  $page['since'] = $_GET['since'];
71}
72else
73{
74  $page['since'] = 4;
75}
76
77// on which field sorting
78//
79$page['sort_by'] = 'date';
80// if the form was submitted, it overloads default behaviour
81if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
82{
83  $page['sort_by'] = $_GET['sort_by'];
84}
85
86// order to sort
87//
88$page['sort_order'] = 'DESC';
89// if the form was submitted, it overloads default behaviour
90if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
91{
92  $page['sort_order'] = $_GET['sort_order'];
93}
94
95// number of items to display
96//
97$page['items_number'] = 10;
98if (isset($_GET['items_number']))
99{
100  $page['items_number'] = $_GET['items_number'];
101}
102if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
103{
104  $page['items_number'] = 10;
105}
106
107$page['where_clauses'] = array();
108
109// which category to filter on ?
110if (isset($_GET['cat']) and 0 != $_GET['cat'])
111{
112  check_input_parameter('cat', $_GET, false, PATTERN_ID);
113
114  $category_ids = get_subcat_ids(array($_GET['cat']));
115  if (empty($category_ids))
116  {
117    $category_ids = array(-1);
118  }
119
120  $page['where_clauses'][] =
121    'category_id IN ('.implode(',', $category_ids).')';
122}
123
124// search a particular author
125if (!empty($_GET['author']))
126{
127  $page['where_clauses'][] =
128    'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
129     OR author = \''.$_GET['author'].'\'';
130}
131
132// search a specific comment (if you're coming directly from an admin
133// notification email)
134if (!empty($_GET['comment_id']))
135{
136  check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
137
138  // currently, the $_GET['comment_id'] is only used by admins from email
139  // for management purpose (validate/delete)
140  if (!is_admin())
141  {
142    $login_url =
143      get_root_url().'identification.php?redirect='
144      .urlencode(urlencode($_SERVER['REQUEST_URI']))
145      ;
146    redirect($login_url);
147  }
148
149  $page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
150}
151
152// search a substring among comments content
153if (!empty($_GET['keyword']))
154{
155  $page['where_clauses'][] =
156    '('.
157    implode(' AND ',
158            array_map(
159              create_function(
160                '$s',
161                'return "content LIKE \'%$s%\'";'
162                ),
163              preg_split('/[\s,;]+/', $_GET['keyword'] )
164              )
165      ).
166    ')';
167}
168
169$page['where_clauses'][] = $since_options[$page['since']]['clause'];
170
171// which status to filter on ?
172if ( !is_admin() )
173{
174  $page['where_clauses'][] = 'validated=\'true\'';
175}
176
177$page['where_clauses'][] = get_sql_condition_FandF
178  (
179    array
180      (
181        'forbidden_categories' => 'category_id',
182        'visible_categories' => 'category_id',
183        'visible_images' => 'ic.image_id'
184      ),
185    '', true
186  );
187
188// +-----------------------------------------------------------------------+
189// |                         comments management                           |
190// +-----------------------------------------------------------------------+
191
192$comment_id = null;
193$action = null;
194
195$actions = array('delete', 'validate', 'edit');
196foreach ($actions as $loop_action)
197{
198  if (isset($_GET[$loop_action]))
199  {
200    $action = $loop_action;
201    check_input_parameter($action, $_GET, false, PATTERN_ID);
202    $comment_id = $_GET[$action];
203    break;
204  }
205}
206
207if (isset($action))
208{
209  check_pwg_token();
210
211  $comment_author_id = get_comment_author_id($comment_id);
212
213  if (can_manage_comment($action, $comment_author_id))
214  {
215    $perform_redirect = false;
216
217    if ('delete' == $action)
218    {
219      delete_user_comment($comment_id);
220      $perform_redirect = true;
221    }
222
223    if ('validate' == $action)
224    {
225      validate_user_comment($comment_id);
226      $perform_redirect = true;
227    }
228
229    if ('edit' == $action)
230    {
231      if (!empty($_POST['content']))
232      {
233        update_user_comment(
234          array(
235            'comment_id' => $_GET['edit'],
236            'image_id' => $_POST['image_id'],
237            'content' => $_POST['content']
238            ),
239          $_POST['key']
240          );
241
242        $perform_redirect = true;
243      }
244      else
245      {
246        $edit_comment = $_GET['edit'];
247      }
248    }
249
250    if ($perform_redirect)
251    {
252      $redirect_url =
253        PHPWG_ROOT_PATH
254        .'comments.php'
255        .get_query_string_diff(array('delete','edit','validate','pwg_token'));
256
257      redirect($redirect_url);
258    }
259  }
260}
261
262// +-----------------------------------------------------------------------+
263// |                       page header and options                         |
264// +-----------------------------------------------------------------------+
265
266$title= l10n('User comments');
267$page['body_id'] = 'theCommentsPage';
268
269$template->set_filenames(array('comments'=>'comments.tpl'));
270$template->assign(
271  array(
272    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
273    'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
274    'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
275    )
276  );
277
278// +-----------------------------------------------------------------------+
279// |                          form construction                            |
280// +-----------------------------------------------------------------------+
281
282// Search in a particular category
283$blockname = 'categories';
284
285$query = '
286SELECT id, name, uppercats, global_rank
287  FROM '.CATEGORIES_TABLE.'
288'.get_sql_condition_FandF
289  (
290    array
291      (
292        'forbidden_categories' => 'id',
293        'visible_categories' => 'id'
294      ),
295    'WHERE'
296  ).'
297;';
298display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
299
300// Filter on recent comments...
301$tpl_var=array();
302foreach ($since_options as $id => $option)
303{
304  $tpl_var[ $id ] = $option['label'];
305}
306$template->assign( 'since_options', $tpl_var);
307$template->assign( 'since_options_selected', $page['since']);
308
309// Sort by
310$template->assign( 'sort_by_options', $sort_by);
311$template->assign( 'sort_by_options_selected', $page['sort_by']);
312
313// Sorting order
314$template->assign( 'sort_order_options', $sort_order);
315$template->assign( 'sort_order_options_selected', $page['sort_order']);
316
317
318// Number of items
319$blockname = 'items_number_option';
320$tpl_var=array();
321foreach ($items_number as $option)
322{
323  $tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
324}
325$template->assign( 'item_number_options', $tpl_var);
326$template->assign( 'item_number_options_selected', $page['items_number']);
327
328
329// +-----------------------------------------------------------------------+
330// |                            navigation bar                             |
331// +-----------------------------------------------------------------------+
332
333if (isset($_GET['start']) and is_numeric($_GET['start']))
334{
335  $start = $_GET['start'];
336}
337else
338{
339  $start = 0;
340}
341
342$query = '
343SELECT COUNT(DISTINCT(com.id))
344  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
345    INNER JOIN '.COMMENTS_TABLE.' AS com
346    ON ic.image_id = com.image_id
347    LEFT JOIN '.USERS_TABLE.' As u
348    ON u.'.$conf['user_fields']['id'].' = com.author_id
349  WHERE '.implode('
350    AND ', $page['where_clauses']).'
351;';
352list($counter) = pwg_db_fetch_row(pwg_query($query));
353
354$url = PHPWG_ROOT_PATH
355    .'comments.php'
356  .get_query_string_diff(array('start','delete','validate','pwg_token'));
357
358$navbar = create_navigation_bar($url,
359                                $counter,
360                                $start,
361                                $page['items_number'],
362                                '');
363
364$template->assign('navbar', $navbar);
365
366// +-----------------------------------------------------------------------+
367// |                        last comments display                          |
368// +-----------------------------------------------------------------------+
369
370$comments = array();
371$element_ids = array();
372$category_ids = array();
373
374$query = '
375SELECT com.id AS comment_id,
376       com.image_id,
377       com.author,
378       com.author_id,
379       com.date,
380       com.content,
381       com.validated
382  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
383    INNER JOIN '.COMMENTS_TABLE.' AS com
384    ON ic.image_id = com.image_id
385    LEFT JOIN '.USERS_TABLE.' As u
386    ON u.'.$conf['user_fields']['id'].' = com.author_id
387  WHERE '.implode('
388    AND ', $page['where_clauses']).'
389  GROUP BY comment_id,
390       com.image_id,
391       com.author,
392       com.author_id,
393       com.date,
394       com.content,
395       com.validated
396  ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
397if ('all' != $page['items_number'])
398{
399  $query.= '
400  LIMIT '.$page['items_number'].' OFFSET '.$start;
401}
402$query.= '
403;';
404$result = pwg_query($query);
405while ($row = pwg_db_fetch_assoc($result))
406{
407  array_push($comments, $row);
408  array_push($element_ids, $row['image_id']);
409}
410
411if (count($comments) > 0)
412{
413  // retrieving element informations
414  $elements = array();
415  $query = '
416SELECT *
417  FROM '.IMAGES_TABLE.'
418  WHERE id IN ('.implode(',', $element_ids).')
419;';
420  $result = pwg_query($query);
421  while ($row = pwg_db_fetch_assoc($result))
422  {
423    $elements[$row['id']] = $row;
424  }
425
426  // retrieving category informations
427  $query = '
428SELECT c.id, name, permalink, uppercats, com.id as comment_id
429  FROM '.CATEGORIES_TABLE.' AS c
430  LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
431  ON c.id=ic.category_id
432  LEFT JOIN '.COMMENTS_TABLE.' AS com
433  ON ic.image_id=com.image_id
434  '.get_sql_condition_FandF
435    (
436      array
437      (
438        'forbidden_categories' => 'c.id',
439        'visible_categories' => 'c.id'
440       ),
441      'WHERE'
442     ).'
443;';
444  $categories = hash_from_query($query, 'comment_id');
445
446  foreach ($comments as $comment)
447  {
448    if (!empty($elements[$comment['image_id']]['name']))
449    {
450      $name=$elements[$comment['image_id']]['name'];
451    }
452    else
453    {
454      $name=get_name_from_file($elements[$comment['image_id']]['file']);
455    }
456
457    // source of the thumbnail picture
458    $src_image = new SrcImage($elements[$comment['image_id']]);
459
460    // link to the full size picture
461    $url = make_picture_url(
462      array(
463        'category' => $categories[ $comment['comment_id'] ],
464        'image_id' => $comment['image_id'],
465        'image_file' => $elements[$comment['image_id']]['file'],
466        )
467      );
468
469    $tpl_comment = array(
470      'ID' => $comment['comment_id'],
471      'U_PICTURE' => $url,
472      'src_image' => $src_image,
473      'ALT' => $name,
474      'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
475      'DATE'=>format_date($comment['date'], true),
476      'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
477      );
478
479    if (can_manage_comment('delete', $comment['author_id']))
480    {
481      $url =
482        get_root_url()
483        .'comments.php'
484        .get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
485
486      $tpl_comment['U_DELETE'] = add_url_params(
487        $url,
488        array(
489          'delete' => $comment['comment_id'],
490          'pwg_token' => get_pwg_token(),
491          )
492        );
493    }
494
495    if (can_manage_comment('edit', $comment['author_id']))
496    {
497      $url =
498        get_root_url()
499        .'comments.php'
500        .get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
501
502      $tpl_comment['U_EDIT'] = add_url_params(
503        $url,
504        array(
505          'edit' => $comment['comment_id'],
506          'pwg_token' => get_pwg_token(),
507          )
508        );
509
510      if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
511      {
512        $tpl_comment['IN_EDIT'] = true;
513        $key = get_ephemeral_key(2, $comment['image_id']);
514        $tpl_comment['KEY'] = $key;
515        $tpl_comment['IMAGE_ID'] = $comment['image_id'];
516        $tpl_comment['CONTENT'] = $comment['content'];
517      }
518    }
519
520    if (can_manage_comment('validate', $comment['author_id']))
521    {
522      if ('true' != $comment['validated'])
523      {
524        $tpl_comment['U_VALIDATE'] = add_url_params(
525          $url,
526          array(
527            'validate'=> $comment['comment_id'],
528            'pwg_token' => get_pwg_token(),
529            )
530          );
531      }
532    }
533    $template->append('comments', $tpl_comment);
534  }
535}
536
537$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
538$template->assign( 'derivative_params', $derivative_params );
539
540// include menubar
541$themeconf = $template->get_template_vars('themeconf');
542if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
543{
544  include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
545}
546
547// +-----------------------------------------------------------------------+
548// |                           html code display                           |
549// +-----------------------------------------------------------------------+
550include(PHPWG_ROOT_PATH.'include/page_header.php');
551$template->pparse('comments');
552include(PHPWG_ROOT_PATH.'include/page_tail.php');
553?>
Note: See TracBrowser for help on using the repository browser.