source: trunk/comments.php @ 5336

Last change on this file since 5336 was 5199, checked in by rvelices, 14 years ago

fix bug (a comment could be displayed several times in the comments liat)

File size: 14.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
27define('PHPWG_ROOT_PATH','./');
28include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
29include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_GUEST);
35
36$sort_order = array(
37  'DESC' => l10n('descending'),
38  'ASC'  => l10n('ascending')
39  );
40
41// sort_by : database fields proposed for sorting comments list
42$sort_by = array(
43  'date' => l10n('comment date'),
44  'image_id' => l10n('picture')
45  );
46
47// items_number : list of number of items to display per page
48$items_number = array(5,10,20,50,'all');
49
50// since when display comments ?
51//
52$since_options = array(
53  1 => array('label' => l10n('today'),
54             'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
55  2 => array('label' => sprintf(l10n('last %d days'), 7),
56             'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
57  3 => array('label' => sprintf(l10n('last %d days'), 30),
58             'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
59  4 => array('label' => l10n('the beginning'),
60             'clause' => '1=1') // stupid but generic
61  );
62
63if (!empty($_GET['since']) && is_numeric($_GET['since']))
64{
65  $page['since'] = $_GET['since'];
66}
67else
68{
69  $page['since'] = 4;
70}
71
72// on which field sorting
73//
74$page['sort_by'] = 'date';
75// if the form was submitted, it overloads default behaviour
76if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
77{
78  $page['sort_by'] = $_GET['sort_by'];
79}
80
81// order to sort
82//
83$page['sort_order'] = 'DESC';
84// if the form was submitted, it overloads default behaviour
85if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
86{
87  $page['sort_order'] = $_GET['sort_order'];
88}
89
90// number of items to display
91//
92$page['items_number'] = 10;
93if (isset($_GET['items_number']))
94{
95  $page['items_number'] = $_GET['items_number'];
96}
97if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
98{
99  $page['items_number'] = 10;
100}
101
102$page['where_clauses'] = array();
103
104// which category to filter on ?
105if (isset($_GET['cat']) and 0 != $_GET['cat'])
106{
107  $page['where_clauses'][] =
108    'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
109}
110
111// search a particular author
112if (!empty($_GET['author']))
113{
114  $page['where_clauses'][] =
115    'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
116     OR author = \''.$_GET['author'].'\'';
117}
118
119// search a specific comment (if you're coming directly from an admin
120// notification email)
121if (!empty($_GET['comment_id']))
122{
123  check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
124
125  // currently, the $_GET['comment_id'] is only used by admins from email
126  // for management purpose (validate/delete)
127  if (!is_admin())
128  {
129    $login_url =
130      get_root_url().'identification.php?redirect='
131      .urlencode(urlencode($_SERVER['REQUEST_URI']))
132      ;
133    redirect($login_url);
134  }
135
136  $page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
137}
138
139// search a substring among comments content
140if (!empty($_GET['keyword']))
141{
142  $page['where_clauses'][] =
143    '('.
144    implode(' AND ',
145            array_map(
146              create_function(
147                '$s',
148                'return "content LIKE \'%$s%\'";'
149                ),
150              preg_split('/[\s,;]+/', $_GET['keyword'] )
151              )
152      ).
153    ')';
154}
155
156$page['where_clauses'][] = $since_options[$page['since']]['clause'];
157
158// which status to filter on ?
159if ( !is_admin() )
160{
161  $page['where_clauses'][] = 'validated=\'true\'';
162}
163
164$page['where_clauses'][] = get_sql_condition_FandF
165  (
166    array
167      (
168        'forbidden_categories' => 'category_id',
169        'visible_categories' => 'category_id',
170        'visible_images' => 'ic.image_id'
171      ),
172    '', true
173  );
174
175// +-----------------------------------------------------------------------+
176// |                         comments management                           |
177// +-----------------------------------------------------------------------+
178
179$comment_id = null;
180$action = null;
181
182$actions = array('delete', 'validate', 'edit');
183foreach ($actions as $loop_action)
184{
185  if (isset($_GET[$loop_action]))
186  {
187    $action = $loop_action;
188    check_input_parameter($action, $_GET, false, PATTERN_ID);
189    $comment_id = $_GET[$action];
190    break;
191  }
192}
193
194if (isset($action))
195{
196  check_pwg_token();
197
198  $comment_author_id = get_comment_author_id($comment_id);
199
200  if (can_manage_comment($action, $comment_author_id))
201  {
202    $perform_redirect = false;
203
204    if ('delete' == $action)
205    {
206      delete_user_comment($comment_id);
207      $perform_redirect = true;
208    }
209
210    if ('validate' == $action)
211    {
212      validate_user_comment($comment_id);
213      $perform_redirect = true;
214    }
215
216    if ('edit' == $action)
217    {
218      if (!empty($_POST['content']))
219      {
220        update_user_comment(
221          array(
222            'comment_id' => $_GET['edit'],
223            'image_id' => $_POST['image_id'],
224            'content' => $_POST['content']
225            ),
226          $_POST['key']
227          );
228
229        $edit_comment = null;
230      }
231      else
232      {
233        $edit_comment = $_GET['edit'];
234      }
235    }
236
237    if ($perform_redirect)
238    {
239      $redirect_url =
240        PHPWG_ROOT_PATH
241        .'comments.php'
242        .get_query_string_diff(array('delete','validate','pwg_token'));
243
244      redirect($redirect_url);
245    }
246  }
247}
248
249// +-----------------------------------------------------------------------+
250// |                       page header and options                         |
251// +-----------------------------------------------------------------------+
252
253$title= l10n('User comments');
254$page['body_id'] = 'theCommentsPage';
255
256$template->set_filenames(array('comments'=>'comments.tpl'));
257$template->assign(
258  array(
259    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
260    'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
261    'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
262    )
263  );
264
265// +-----------------------------------------------------------------------+
266// |                          form construction                            |
267// +-----------------------------------------------------------------------+
268
269// Search in a particular category
270$blockname = 'categories';
271
272$query = '
273SELECT id, name, uppercats, global_rank
274  FROM '.CATEGORIES_TABLE.'
275'.get_sql_condition_FandF
276  (
277    array
278      (
279        'forbidden_categories' => 'id',
280        'visible_categories' => 'id'
281      ),
282    'WHERE'
283  ).'
284;';
285display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
286
287// Filter on recent comments...
288$tpl_var=array();
289foreach ($since_options as $id => $option)
290{
291  $tpl_var[ $id ] = $option['label'];
292}
293$template->assign( 'since_options', $tpl_var);
294$template->assign( 'since_options_selected', $page['since']);
295
296// Sort by
297$template->assign( 'sort_by_options', $sort_by);
298$template->assign( 'sort_by_options_selected', $page['sort_by']);
299
300// Sorting order
301$template->assign( 'sort_order_options', $sort_order);
302$template->assign( 'sort_order_options_selected', $page['sort_order']);
303
304
305// Number of items
306$blockname = 'items_number_option';
307$tpl_var=array();
308foreach ($items_number as $option)
309{
310  $tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
311}
312$template->assign( 'item_number_options', $tpl_var);
313$template->assign( 'item_number_options_selected', $page['items_number']);
314
315
316// +-----------------------------------------------------------------------+
317// |                            navigation bar                             |
318// +-----------------------------------------------------------------------+
319
320if (isset($_GET['start']) and is_numeric($_GET['start']))
321{
322  $start = $_GET['start'];
323}
324else
325{
326  $start = 0;
327}
328
329$query = '
330SELECT COUNT(DISTINCT(com.id))
331  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
332    INNER JOIN '.COMMENTS_TABLE.' AS com
333    ON ic.image_id = com.image_id
334    LEFT JOIN '.USERS_TABLE.' As u
335    ON u.'.$conf['user_fields']['id'].' = com.author_id
336  WHERE '.implode('
337    AND ', $page['where_clauses']).'
338;';
339list($counter) = pwg_db_fetch_row(pwg_query($query));
340
341$url = PHPWG_ROOT_PATH
342    .'comments.php'
343  .get_query_string_diff(array('start','delete','validate','pwg_token'));
344
345$navbar = create_navigation_bar($url,
346                                $counter,
347                                $start,
348                                $page['items_number'],
349                                '');
350
351$template->assign('navbar', $navbar);
352
353// +-----------------------------------------------------------------------+
354// |                        last comments display                          |
355// +-----------------------------------------------------------------------+
356
357$comments = array();
358$element_ids = array();
359$category_ids = array();
360
361$query = '
362SELECT com.id AS comment_id
363     , com.image_id
364     , ic.category_id
365     , com.author
366     , com.author_id
367     , com.date
368     , com.content
369     , com.validated
370  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
371    INNER JOIN '.COMMENTS_TABLE.' AS com
372    ON ic.image_id = com.image_id
373    LEFT JOIN '.USERS_TABLE.' As u
374    ON u.'.$conf['user_fields']['id'].' = com.author_id
375  WHERE '.implode('
376    AND ', $page['where_clauses']).'
377  GROUP BY comment_id
378  ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
379if ('all' != $page['items_number'])
380{
381  $query.= '
382  LIMIT '.$page['items_number'].' OFFSET '.$start;
383}
384$query.= '
385;';
386$result = pwg_query($query);
387while ($row = pwg_db_fetch_assoc($result))
388{
389  array_push($comments, $row);
390  array_push($element_ids, $row['image_id']);
391  array_push($category_ids, $row['category_id']);
392}
393
394if (count($comments) > 0)
395{
396  // retrieving element informations
397  $elements = array();
398  $query = '
399SELECT id, name, file, path, tn_ext
400  FROM '.IMAGES_TABLE.'
401  WHERE id IN ('.implode(',', $element_ids).')
402;';
403  $result = pwg_query($query);
404  while ($row = pwg_db_fetch_assoc($result))
405  {
406    $elements[$row['id']] = $row;
407  }
408
409  // retrieving category informations
410  $query = '
411SELECT id, name, permalink, uppercats
412  FROM '.CATEGORIES_TABLE.'
413  WHERE id IN ('.implode(',', $category_ids).')
414;';
415  $categories = hash_from_query($query, 'id');
416
417  foreach ($comments as $comment)
418  {
419    if (!empty($elements[$comment['image_id']]['name']))
420    {
421      $name=$elements[$comment['image_id']]['name'];
422    }
423    else
424    {
425      $name=get_name_from_file($elements[$comment['image_id']]['file']);
426    }
427
428    // source of the thumbnail picture
429    $thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
430
431    // link to the full size picture
432    $url = make_picture_url(
433      array(
434        'category' => $categories[ $comment['category_id'] ],
435        'image_id' => $comment['image_id'],
436        'image_file' => $elements[$comment['image_id']]['file'],
437        )
438      );
439
440    $tpl_comment = array(
441      'U_PICTURE' => $url,
442      'TN_SRC' => $thumbnail_src,
443      'ALT' => $name,
444      'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
445      'DATE'=>format_date($comment['date'], true),
446      'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
447      );
448
449    if (can_manage_comment('delete', $comment['author_id']))
450    {
451      $url =
452        get_root_url()
453        .'comments.php'
454        .get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
455
456      $tpl_comment['U_DELETE'] = add_url_params(
457        $url,
458        array(
459          'delete' => $comment['comment_id'],
460          'pwg_token' => get_pwg_token(),
461          )
462        );
463    }
464
465    if (can_manage_comment('edit', $comment['author_id']))
466    {
467      $url =
468        get_root_url()
469        .'comments.php'
470        .get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
471
472      $tpl_comment['U_EDIT'] = add_url_params(
473        $url,
474        array(
475          'edit' => $comment['comment_id'],
476          'pwg_token' => get_pwg_token(),
477          )
478        );
479
480      if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
481      {
482        $tpl_comment['IN_EDIT'] = true;
483        $key = get_comment_post_key($comment['image_id']);
484        $tpl_comment['KEY'] = $key;
485        $tpl_comment['IMAGE_ID'] = $comment['image_id'];
486        $tpl_comment['CONTENT'] = $comment['content'];
487      }
488    }
489
490    if (can_manage_comment('validate', $comment['author_id']))
491    {
492      if ('true' != $comment['validated'])
493      {
494        $tpl_comment['U_VALIDATE'] = add_url_params(
495          $url,
496          array(
497            'validate'=> $comment['comment_id'],
498            'pwg_token' => get_pwg_token(),
499            )
500          );
501      }
502    }
503    $template->append('comments', $tpl_comment);
504  }
505}
506// +-----------------------------------------------------------------------+
507// |                           html code display                           |
508// +-----------------------------------------------------------------------+
509include(PHPWG_ROOT_PATH.'include/page_header.php');
510$template->pparse('comments');
511include(PHPWG_ROOT_PATH.'include/page_tail.php');
512?>
Note: See TracBrowser for help on using the repository browser.