Context Navigation

source: trunk/comments.php @ 2268

Last change on this file since 2268 was 2268, checked in by rvelices, 16 years ago
security fix (profile) les langues a la hache fix some copy/paste errors
Property svn:eol-style set to `LF` Property svn:keywords set to `Author Date Id Revision`
File size: 12.1 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2008 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| file : $Id: comments.php 2268 2008-03-08 12:38:09Z rvelices $
8	// \| last update : $Date: 2008-03-08 12:38:09 +0000 (Sat, 08 Mar 2008) $
9	// \| last modifier : $Author: rvelices $
10	// \| revision : $Revision: 2268 $
11	// +-----------------------------------------------------------------------+
12	// \| This program is free software; you can redistribute it and/or modify \|
13	// \| it under the terms of the GNU General Public License as published by \|
14	// \| the Free Software Foundation \|
15	// \| \|
16	// \| This program is distributed in the hope that it will be useful, but \|
17	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
18	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
19	// \| General Public License for more details. \|
20	// \| \|
21	// \| You should have received a copy of the GNU General Public License \|
22	// \| along with this program; if not, write to the Free Software \|
23	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
24	// \| USA. \|
25	// +-----------------------------------------------------------------------+
26
27	// +-----------------------------------------------------------------------+
28	// \| initialization \|
29	// +-----------------------------------------------------------------------+
30	define('PHPWG_ROOT_PATH','./');
31	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
32
33	// +-----------------------------------------------------------------------+
34	// \| Check Access and exit when user status is not ok \|
35	// +-----------------------------------------------------------------------+
36	check_status(ACCESS_GUEST);
37
38	$sort_order = array(
39	'DESC' => l10n('descending'),
40	'ASC' => l10n('ascending')
41	);
42
43	// sort_by : database fields proposed for sorting comments list
44	$sort_by = array(
45	'date' => l10n('comment date'),
46	'image_id' => l10n('picture')
47	);
48
49	// items_number : list of number of items to display per page
50	$items_number = array(5,10,20,50,'all');
51
52	// since when display comments ?
53	//
54	$since_options = array(
55	1 => array('label' => l10n('today'),
56	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'),
57	2 => array('label' => sprintf(l10n('last %d days'), 7),
58	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'),
59	3 => array('label' => sprintf(l10n('last %d days'), 30),
60	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'),
61	4 => array('label' => l10n('the beginning'),
62	'clause' => '1=1') // stupid but generic
63	);
64
65	$page['since'] = isset($_GET['since']) ? $_GET['since'] : 4;
66
67	// on which field sorting
68	//
69	$page['sort_by'] = 'date';
70	// if the form was submitted, it overloads default behaviour
71	if (isset($_GET['sort_by']))
72	{
73	$page['sort_by'] = $_GET['sort_by'];
74	}
75
76	// order to sort
77	//
78	$page['sort_order'] = 'DESC';
79	// if the form was submitted, it overloads default behaviour
80	if (isset($_GET['sort_order']))
81	{
82	$page['sort_order'] = $_GET['sort_order'];
83	}
84
85	// number of items to display
86	//
87	$page['items_number'] = 10;
88	if (isset($_GET['items_number']))
89	{
90	$page['items_number'] = $_GET['items_number'];
91	}
92
93	$page['where_clauses'] = array();
94
95	// which category to filter on ?
96	if (isset($_GET['cat']) and 0 != $_GET['cat'])
97	{
98	$page['where_clauses'][] =
99	'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
100	}
101
102	// search a particular author
103	if (isset($_GET['author']) and !empty($_GET['author']))
104	{
105	$page['where_clauses'][] = 'com.author = \''.$_GET['author'].'\'';
106	}
107
108	// search a substring among comments content
109	if (isset($_GET['keyword']) and !empty($_GET['keyword']))
110	{
111	$page['where_clauses'][] =
112	'('.
113	implode(' AND ',
114	array_map(
115	create_function(
116	'$s',
117	'return "content LIKE \'%$s%\'";'
118	),
119	preg_split('/[\s,;]+/', $_GET['keyword'] )
120	)
121	).
122	')';
123	}
124
125	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
126
127	// which status to filter on ?
128	if ( !is_admin() )
129	{
130	$page['where_clauses'][] = 'validated="true"';
131	}
132
133	$page['where_clauses'][] = get_sql_condition_FandF
134	(
135	array
136	(
137	'forbidden_categories' => 'category_id',
138	'visible_categories' => 'category_id',
139	'visible_images' => 'ic.image_id'
140	),
141	'', true
142	);
143
144	// +-----------------------------------------------------------------------+
145	// \| comments management \|
146	// +-----------------------------------------------------------------------+
147	if (isset($_GET['delete']) and is_numeric($_GET['delete'])
148	and !is_adviser() )
149	{// comments deletion
150	check_status(ACCESS_ADMINISTRATOR);
151	$query = '
152	DELETE FROM '.COMMENTS_TABLE.'
153	WHERE id='.$_GET['delete'].'
154	;';
155	pwg_query($query);
156	}
157
158	if (isset($_GET['validate']) and is_numeric($_GET['validate'])
159	and !is_adviser() )
160	{ // comments validation
161	check_status(ACCESS_ADMINISTRATOR);
162	$query = '
163	UPDATE '.COMMENTS_TABLE.'
164	SET validated = \'true\'
165	, validation_date = NOW()
166	WHERE id='.$_GET['validate'].'
167	;';
168	pwg_query($query);
169	}
170
171	// +-----------------------------------------------------------------------+
172	// \| page header and options \|
173	// +-----------------------------------------------------------------------+
174
175	$title= l10n('User comments');
176	$page['body_id'] = 'theCommentsPage';
177
178	$template->set_filenames(array('comments'=>'comments.tpl'));
179	$template->assign(
180	array(
181	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
182	'F_KEYWORD'=>@htmlspecialchars(stripslashes($_GET['keyword'])),
183	'F_AUTHOR'=>@htmlspecialchars(stripslashes($_GET['author'])),
184	)
185	);
186
187	// +-----------------------------------------------------------------------+
188	// \| form construction \|
189	// +-----------------------------------------------------------------------+
190
191	// Search in a particular category
192	$blockname = 'categories';
193
194	$query = '
195	SELECT id, name, uppercats, global_rank
196	FROM '.CATEGORIES_TABLE.'
197	'.get_sql_condition_FandF
198	(
199	array
200	(
201	'forbidden_categories' => 'id',
202	'visible_categories' => 'id'
203	),
204	'WHERE'
205	).'
206	;';
207	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
208
209	// Filter on recent comments...
210	$tpl_var=array();
211	foreach ($since_options as $id => $option)
212	{
213	$tpl_var[ $id ] = $option['label'];
214	}
215	$template->assign( 'since_options', $tpl_var);
216	$template->assign( 'since_options_selected', $page['since']);
217
218	// Sort by
219	$template->assign( 'sort_by_options', $sort_by);
220	$template->assign( 'sort_by_options_selected', $page['sort_by']);
221
222	// Sorting order
223	$template->assign( 'sort_order_options', $sort_order);
224	$template->assign( 'sort_order_options_selected', $page['sort_order']);
225
226
227	// Number of items
228	$blockname = 'items_number_option';
229	$tpl_var=array();
230	foreach ($items_number as $option)
231	{
232	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
233	}
234	$template->assign( 'item_number_options', $tpl_var);
235	$template->assign( 'item_number_options_selected', $page['items_number']);
236
237
238	// +-----------------------------------------------------------------------+
239	// \| navigation bar \|
240	// +-----------------------------------------------------------------------+
241
242	if (isset($_GET['start']) and is_numeric($_GET['start']))
243	{
244	$start = $_GET['start'];
245	}
246	else
247	{
248	$start = 0;
249	}
250
251	$query = '
252	SELECT COUNT(DISTINCT(id))
253	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
254	INNER JOIN '.COMMENTS_TABLE.' AS com
255	ON ic.image_id = com.image_id
256	WHERE '.implode('
257	AND ', $page['where_clauses']).'
258	;';
259	list($counter) = mysql_fetch_row(pwg_query($query));
260
261	$url = PHPWG_ROOT_PATH
262	.'comments.php'
263	.get_query_string_diff(array('start','delete','validate'));
264
265	$navbar = create_navigation_bar($url,
266	$counter,
267	$start,
268	$page['items_number'],
269	'');
270
271	$template->assign('NAVBAR', $navbar);
272
273	// +-----------------------------------------------------------------------+
274	// \| last comments display \|
275	// +-----------------------------------------------------------------------+
276
277	$comments = array();
278	$element_ids = array();
279	$category_ids = array();
280
281	$query = '
282	SELECT com.id AS comment_id
283	, com.image_id
284	, ic.category_id
285	, com.author
286	, com.date
287	, com.content
288	, com.id AS comment_id
289	, com.validated
290	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
291	INNER JOIN '.COMMENTS_TABLE.' AS com
292	ON ic.image_id = com.image_id
293	WHERE '.implode('
294	AND ', $page['where_clauses']).'
295	GROUP BY comment_id
296	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
297	if ('all' != $page['items_number'])
298	{
299	$query.= '
300	LIMIT '.$start.','.$page['items_number'];
301	}
302	$query.= '
303	;';
304	$result = pwg_query($query);
305	while ($row = mysql_fetch_assoc($result))
306	{
307	array_push($comments, $row);
308	array_push($element_ids, $row['image_id']);
309	array_push($category_ids, $row['category_id']);
310	}
311
312	if (count($comments) > 0)
313	{
314	// retrieving element informations
315	$elements = array();
316	$query = '
317	SELECT id, name, file, path, tn_ext
318	FROM '.IMAGES_TABLE.'
319	WHERE id IN ('.implode(',', $element_ids).')
320	;';
321	$result = pwg_query($query);
322	while ($row = mysql_fetch_assoc($result))
323	{
324	$elements[$row['id']] = $row;
325	}
326
327	// retrieving category informations
328	$query = '
329	SELECT id, name, permalink, uppercats
330	FROM '.CATEGORIES_TABLE.'
331	WHERE id IN ('.implode(',', $category_ids).')
332	;';
333	$categories = hash_from_query($query, 'id');
334
335	foreach ($comments as $comment)
336	{
337	if (!empty($elements[$comment['image_id']]['name']))
338	{
339	$name=$elements[$comment['image_id']]['name'];
340	}
341	else
342	{
343	$name=get_name_from_file($elements[$comment['image_id']]['file']);
344	}
345
346	// source of the thumbnail picture
347	$thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
348
349	// link to the full size picture
350	$url = make_picture_url(
351	array(
352	'category' => $categories[ $comment['category_id'] ],
353	'image_id' => $comment['image_id'],
354	'image_file' => $elements[$comment['image_id']]['file'],
355	)
356	);
357
358	$author = $comment['author'];
359	if (empty($comment['author']))
360	{
361	$author = l10n('guest');
362	}
363
364	$tpl_comment =
365	array(
366	'U_PICTURE' => $url,
367	'TN_SRC' => $thumbnail_src,
368	'ALT' => $name,
369	'AUTHOR' => trigger_event('render_comment_author', $author),
370	'DATE'=>format_date($comment['date'],'mysql_datetime',true),
371	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
372	);
373
374	if ( is_admin() )
375	{
376	$url = get_root_url().'comments.php'.get_query_string_diff(array('delete','validate'));
377	$tpl_comment['U_DELETE'] = add_url_params($url,
378	array('delete'=>$comment['comment_id'])
379	);
380
381	if ($comment['validated'] != 'true')
382	{
383	$tpl_comment['U_VALIDATE'] = add_url_params($url,
384	array('validate'=>$comment['comment_id'])
385	);
386	}
387	}
388	$template->append('comments', $tpl_comment);
389	}
390	}
391	// +-----------------------------------------------------------------------+
392	// \| html code display \|
393	// +-----------------------------------------------------------------------+
394	include(PHPWG_ROOT_PATH.'include/page_header.php');
395	$template->pparse('comments');
396	include(PHPWG_ROOT_PATH.'include/page_tail.php');
397	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: