source: trunk/include/picture_comment.inc.php @ 2178

Last change on this file since 2178 was 2155, checked in by rvelices, 17 years ago
  • send status code 403 when attempt to enter a user comment, but comments are disabled
  • don't increase hit count when a comment is posted
  • remove the check of user ip agains spamhaus.org when a comment is entered (my conclusion is that is useless)
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 5.9 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | file          : $Id: picture_comment.inc.php 2155 2007-10-29 23:39:41Z rvelices $
8// | last update   : $Date: 2007-10-29 23:39:41 +0000 (Mon, 29 Oct 2007) $
9// | last modifier : $Author: rvelices $
10// | revision      : $Revision: 2155 $
11// +-----------------------------------------------------------------------+
12// | This program is free software; you can redistribute it and/or modify  |
13// | it under the terms of the GNU General Public License as published by  |
14// | the Free Software Foundation                                          |
15// |                                                                       |
16// | This program is distributed in the hope that it will be useful, but   |
17// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
18// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
19// | General Public License for more details.                              |
20// |                                                                       |
21// | You should have received a copy of the GNU General Public License     |
22// | along with this program; if not, write to the Free Software           |
23// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
24// | USA.                                                                  |
25// +-----------------------------------------------------------------------+
26
27/**
28 * This file is included by the picture page to manage user comments
29 *
30 */
31
32// the picture is commentable if it belongs at least to one category which
33// is commentable
34$page['show_comments'] = false;
35foreach ($related_categories as $category)
36{
37  if ($category['commentable'] == 'true')
38  {
39    $page['show_comments'] = true;
40    break;
41  }
42}
43
44if ( $page['show_comments'] and isset( $_POST['content'] ) )
45{
46  if ( is_a_guest() and !$conf['comments_forall'] )
47  {
48    die ('Session expired');
49  }
50
51  $comm = array(
52    'author' => trim( stripslashes(@$_POST['author']) ),
53    'content' => trim( stripslashes($_POST['content']) ),
54    'image_id' => $page['image_id'],
55   );
56
57  include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
58
59  $comment_action = insert_user_comment($comm, @$_POST['key'], $infos );
60
61  switch ($comment_action)
62  {
63    case 'moderate':
64      array_push( $infos, l10n('comment_to_validate') );
65    case 'validate':
66      array_push( $infos, l10n('comment_added'));
67      break;
68    case 'reject':
69      set_status_header(403);
70      array_push($infos, l10n('comment_not_added') );
71      break;
72    default:
73      trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
74  }
75
76  $block_var = ($comment_action=='reject') ? 'errors.error' : 'infos.info';
77  foreach ($infos as $info)
78  {
79    $template->assign_block_vars(
80        $block_var,
81        array( 'TEXT'=>$info )
82      );
83  }
84
85  // allow plugins to notify what's going on
86  trigger_action( 'user_comment_insertion',
87      array_merge($comm, array('action'=>$comment_action) )
88    );
89}
90elseif ( isset($_POST['content']) )
91{
92  set_status_header(403);
93  die('ugly spammer');
94}
95
96if ($page['show_comments'])
97{
98  // number of comment for this picture
99  $query = 'SELECT COUNT(*) AS nb_comments';
100  $query.= ' FROM '.COMMENTS_TABLE.' WHERE image_id = '.$page['image_id'];
101  $query.= " AND validated = 'true'";
102  $query.= ';';
103  $row = mysql_fetch_array( pwg_query( $query ) );
104
105  // navigation bar creation
106  if (!isset($page['start']))
107  {
108    $page['start'] = 0;
109  }
110
111  $page['navigation_bar'] = create_navigation_bar(
112    duplicate_picture_url(array(), array('start')),
113    $row['nb_comments'],
114    $page['start'],
115    $conf['nb_comment_page'],
116    true // We want a clean URL
117    );
118
119  $template->assign_block_vars(
120    'comments',
121    array(
122      'NB_COMMENT' => $row['nb_comments'],
123      'NAV_BAR' => $page['navigation_bar'],
124      )
125    );
126
127  if ($row['nb_comments'] > 0)
128  {
129    $query = '
130SELECT id,author,date,image_id,content
131  FROM '.COMMENTS_TABLE.'
132  WHERE image_id = '.$page['image_id'].'
133    AND validated = \'true\'
134  ORDER BY date ASC
135  LIMIT '.$page['start'].', '.$conf['nb_comment_page'].'
136;';
137    $result = pwg_query( $query );
138
139    while ($row = mysql_fetch_array($result))
140    {
141      $template->assign_block_vars(
142        'comments.comment',
143        array(
144          'COMMENT_AUTHOR' => trigger_event('render_comment_author',
145            empty($row['author'])
146            ? l10n('guest')
147            : $row['author']),
148
149          'COMMENT_DATE' => format_date(
150            $row['date'],
151            'mysql_datetime',
152            true),
153
154          'COMMENT' => trigger_event('render_comment_content',$row['content']),
155          )
156        );
157
158      if (is_admin())
159      {
160        $template->assign_block_vars(
161          'comments.comment.delete',
162          array(
163            'U_COMMENT_DELETE' =>
164              add_url_params(
165                    $url_self,
166                    array(
167                      'action'=>'delete_comment',
168                      'comment_to_delete'=>$row['id']
169                    )
170                )
171            )
172          );
173      }
174    }
175  }
176
177  if (!is_a_guest()
178      or (is_a_guest() and $conf['comments_forall']))
179  {
180    include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
181    $key = get_comment_post_key($page['image_id']);
182    $content = '';
183    if ('reject'===@$comment_action)
184    {
185      $content = htmlspecialchars($comm['content']);
186    }
187    $template->assign_block_vars('comments.add_comment',
188        array(
189          'KEY' => $key,
190          'CONTENT' => $content
191        ));
192
193    // display author field if the user status is guest or generic
194    if (!is_classic_user())
195    {
196      $template->assign_block_vars(
197        'comments.add_comment.author_field', array()
198        );
199    }
200  }
201}
202
203?>
Note: See TracBrowser for help on using the repository browser.