source: trunk/comments.php @ 3657

Last change on this file since 3657 was 3600, checked in by rvelices, 15 years ago
  • fix php warning from comment_list.tpl
  • author name is saved always in #comments (even for registered users) so that
    • sql queries are simpler on the comments page (one less table in a big join)
    • when a user is deleted, we can keep the username in the #comments (there might be still a bug that author_id is not updated when a user is deleted)
  • Property svn:eol-style set to LF
File size: 13.1 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2009 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
27define('PHPWG_ROOT_PATH','./');
28include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
29include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_GUEST);
35
36$sort_order = array(
37  'DESC' => l10n('descending'),
38  'ASC'  => l10n('ascending')
39  );
40
41// sort_by : database fields proposed for sorting comments list
42$sort_by = array(
43  'date' => l10n('comment date'),
44  'image_id' => l10n('picture')
45  );
46
47// items_number : list of number of items to display per page
48$items_number = array(5,10,20,50,'all');
49
50// since when display comments ?
51//
52$since_options = array(
53  1 => array('label' => l10n('today'),
54             'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'),
55  2 => array('label' => sprintf(l10n('last %d days'), 7),
56             'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'),
57  3 => array('label' => sprintf(l10n('last %d days'), 30),
58             'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'),
59  4 => array('label' => l10n('the beginning'),
60             'clause' => '1=1') // stupid but generic
61  );
62
63$page['since'] = isset($_GET['since']) ? $_GET['since'] : 4;
64
65// on which field sorting
66//
67$page['sort_by'] = 'date';
68// if the form was submitted, it overloads default behaviour
69if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
70{
71  $page['sort_by'] = $_GET['sort_by'];
72}
73
74// order to sort
75//
76$page['sort_order'] = 'DESC';
77// if the form was submitted, it overloads default behaviour
78if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
79{
80  $page['sort_order'] = $_GET['sort_order'];
81}
82
83// number of items to display
84//
85$page['items_number'] = 10;
86if (isset($_GET['items_number']))
87{
88  $page['items_number'] = $_GET['items_number'];
89}
90if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
91{
92  $page['items_number'] = 10;
93}
94
95$page['where_clauses'] = array();
96
97// which category to filter on ?
98if (isset($_GET['cat']) and 0 != $_GET['cat'])
99{
100  $page['where_clauses'][] =
101    'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
102}
103
104// search a particular author
105if (isset($_GET['author']) and !empty($_GET['author']))
106{
107  $page['where_clauses'][] =
108    'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
109     OR author = \''.$_GET['author'].'\'';
110}
111
112// search a substring among comments content
113if (isset($_GET['keyword']) and !empty($_GET['keyword']))
114{
115  $page['where_clauses'][] =
116    '('.
117    implode(' AND ',
118            array_map(
119              create_function(
120                '$s',
121                'return "content LIKE \'%$s%\'";'
122                ),
123              preg_split('/[\s,;]+/', $_GET['keyword'] )
124              )
125      ).
126    ')';
127}
128
129$page['where_clauses'][] = $since_options[$page['since']]['clause'];
130
131// which status to filter on ?
132if ( !is_admin() )
133{
134  $page['where_clauses'][] = 'validated="true"';
135}
136
137$page['where_clauses'][] = get_sql_condition_FandF
138  (
139    array
140      (
141        'forbidden_categories' => 'category_id',
142        'visible_categories' => 'category_id',
143        'visible_images' => 'ic.image_id'
144      ),
145    '', true
146  );
147
148// +-----------------------------------------------------------------------+
149// |                         comments management                           |
150// +-----------------------------------------------------------------------+
151if (isset($_GET['delete']) and is_numeric($_GET['delete'])
152    and (is_admin() || $conf['user_can_delete_comment']))
153{// comments deletion
154  delete_user_comment($_GET['delete']);
155}
156
157if (isset($_GET['validate']) and is_numeric($_GET['validate'])
158      and !is_adviser() )
159{  // comments validation
160  check_status(ACCESS_ADMINISTRATOR);
161  $query = '
162UPDATE '.COMMENTS_TABLE.'
163  SET validated = \'true\'
164  , validation_date = NOW()
165  WHERE id='.$_GET['validate'].'
166;';
167  pwg_query($query);
168}
169
170if (isset($_GET['edit']) and is_numeric($_GET['edit'])
171    and (is_admin() || $conf['user_can_edit_comment']))
172{
173  if (!empty($_POST['content']))
174  {
175    update_user_comment(array('comment_id' => $_GET['edit'],
176                              'image_id' => $_POST['image_id'],
177                              'content' => $_POST['content']),
178                        $_POST['key']
179                        );
180
181    $edit_comment = null;
182  }
183  else
184  {
185    $edit_comment = $_GET['edit'];
186  }
187}
188
189// +-----------------------------------------------------------------------+
190// |                       page header and options                         |
191// +-----------------------------------------------------------------------+
192
193$title= l10n('User comments');
194$page['body_id'] = 'theCommentsPage';
195
196$template->set_filenames(array('comments'=>'comments.tpl'));
197$template->assign(
198  array(
199    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
200    'F_KEYWORD'=>@htmlspecialchars(stripslashes($_GET['keyword'])),
201    'F_AUTHOR'=>@htmlspecialchars(stripslashes($_GET['author'])),
202    )
203  );
204
205// +-----------------------------------------------------------------------+
206// |                          form construction                            |
207// +-----------------------------------------------------------------------+
208
209// Search in a particular category
210$blockname = 'categories';
211
212$query = '
213SELECT id, name, uppercats, global_rank
214  FROM '.CATEGORIES_TABLE.'
215'.get_sql_condition_FandF
216  (
217    array
218      (
219        'forbidden_categories' => 'id',
220        'visible_categories' => 'id'
221      ),
222    'WHERE'
223  ).'
224;';
225display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
226
227// Filter on recent comments...
228$tpl_var=array();
229foreach ($since_options as $id => $option)
230{
231  $tpl_var[ $id ] = $option['label'];
232}
233$template->assign( 'since_options', $tpl_var);
234$template->assign( 'since_options_selected', $page['since']);
235
236// Sort by
237$template->assign( 'sort_by_options', $sort_by);
238$template->assign( 'sort_by_options_selected', $page['sort_by']);
239
240// Sorting order
241$template->assign( 'sort_order_options', $sort_order);
242$template->assign( 'sort_order_options_selected', $page['sort_order']);
243
244
245// Number of items
246$blockname = 'items_number_option';
247$tpl_var=array();
248foreach ($items_number as $option)
249{
250  $tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
251}
252$template->assign( 'item_number_options', $tpl_var);
253$template->assign( 'item_number_options_selected', $page['items_number']);
254
255
256// +-----------------------------------------------------------------------+
257// |                            navigation bar                             |
258// +-----------------------------------------------------------------------+
259
260if (isset($_GET['start']) and is_numeric($_GET['start']))
261{
262  $start = $_GET['start'];
263}
264else
265{
266  $start = 0;
267}
268
269$query = '
270SELECT COUNT(DISTINCT(com.id))
271  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
272    INNER JOIN '.COMMENTS_TABLE.' AS com
273    ON ic.image_id = com.image_id
274  WHERE '.implode('
275    AND ', $page['where_clauses']).'
276;';
277list($counter) = mysql_fetch_row(pwg_query($query));
278
279$url = PHPWG_ROOT_PATH
280    .'comments.php'
281    .get_query_string_diff(array('start','delete','validate'));
282
283$navbar = create_navigation_bar($url,
284                                $counter,
285                                $start,
286                                $page['items_number'],
287                                '');
288
289$template->assign('navbar', $navbar);
290
291// +-----------------------------------------------------------------------+
292// |                        last comments display                          |
293// +-----------------------------------------------------------------------+
294
295$comments = array();
296$element_ids = array();
297$category_ids = array();
298
299$query = '
300SELECT com.id AS comment_id
301     , com.image_id
302     , ic.category_id
303     , com.author
304     , com.author_id
305     , com.date
306     , com.content
307     , com.validated
308  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
309    INNER JOIN '.COMMENTS_TABLE.' AS com
310    ON ic.image_id = com.image_id
311  WHERE '.implode('
312    AND ', $page['where_clauses']).'
313  GROUP BY comment_id
314  ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
315if ('all' != $page['items_number'])
316{
317  $query.= '
318  LIMIT '.$start.','.$page['items_number'];
319}
320$query.= '
321;';
322$result = pwg_query($query);
323while ($row = mysql_fetch_assoc($result))
324{
325  array_push($comments, $row);
326  array_push($element_ids, $row['image_id']);
327  array_push($category_ids, $row['category_id']);
328}
329
330if (count($comments) > 0)
331{
332  // retrieving element informations
333  $elements = array();
334  $query = '
335SELECT id, name, file, path, tn_ext
336  FROM '.IMAGES_TABLE.'
337  WHERE id IN ('.implode(',', $element_ids).')
338;';
339  $result = pwg_query($query);
340  while ($row = mysql_fetch_assoc($result))
341  {
342    $elements[$row['id']] = $row;
343  }
344
345  // retrieving category informations
346  $query = '
347SELECT id, name, permalink, uppercats
348  FROM '.CATEGORIES_TABLE.'
349  WHERE id IN ('.implode(',', $category_ids).')
350;';
351  $categories = hash_from_query($query, 'id');
352
353  foreach ($comments as $comment)
354  {
355    if (!empty($elements[$comment['image_id']]['name']))
356    {
357      $name=$elements[$comment['image_id']]['name'];
358    }
359    else
360    {
361      $name=get_name_from_file($elements[$comment['image_id']]['file']);
362    }
363
364    // source of the thumbnail picture
365    $thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
366
367    // link to the full size picture
368    $url = make_picture_url(
369            array(
370              'category' => $categories[ $comment['category_id'] ],
371              'image_id' => $comment['image_id'],
372              'image_file' => $elements[$comment['image_id']]['file'],
373            )
374          );
375
376    $tpl_comment =
377      array(
378        'U_PICTURE' => $url,
379        'TN_SRC' => $thumbnail_src,
380        'ALT' => $name,
381        'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
382        'DATE'=>format_date($comment['date'], true),
383        'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
384        );
385
386    if (can_manage_comment('delete', $comment['author_id']))
387    {
388      $url = get_root_url().'comments.php'
389        .get_query_string_diff(array('delete','validate','edit'));
390      $tpl_comment['U_DELETE'] =
391        add_url_params($url,
392                       array('delete'=>$comment['comment_id'])
393                       );
394    }
395    if (can_manage_comment('edit', $comment['author_id']))
396    {
397      $url = get_root_url().'comments.php'
398        .get_query_string_diff(array('edit', 'delete','validate'));
399      $tpl_comment['U_EDIT'] =
400        add_url_params($url,
401                       array('edit'=>$comment['comment_id'])
402                       );
403      if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
404      {
405        $tpl_comment['IN_EDIT'] = true;
406        $key = get_comment_post_key($comment['image_id']);
407        $tpl_comment['KEY'] = $key;
408        $tpl_comment['IMAGE_ID'] = $comment['image_id'];
409        $tpl_comment['CONTENT'] = $comment['content'];
410      }
411    }
412
413    if ( is_admin() && $comment['validated'] != 'true')
414    {
415      $tpl_comment['U_VALIDATE'] =
416        add_url_params($url,
417                       array('validate'=>$comment['comment_id'])
418                       );
419    }
420    $template->append('comments', $tpl_comment);
421  }
422}
423// +-----------------------------------------------------------------------+
424// |                           html code display                           |
425// +-----------------------------------------------------------------------+
426include(PHPWG_ROOT_PATH.'include/page_header.php');
427$template->pparse('comments');
428include(PHPWG_ROOT_PATH.'include/page_tail.php');
429?>
Note: See TracBrowser for help on using the repository browser.