- Timestamp:
- Oct 25, 2011, 4:35:54 PM (12 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/PWG_Stuffs/trunk/modules/LastComs/main.inc.php
r9737 r12515 2 2 3 3 if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!'); 4 include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); 5 4 6 global $user, $conf; 5 7 … … 7 9 // | comments management | 8 10 // +-----------------------------------------------------------------------+ 9 // comments deletion 10 if (isset($_GET['delete']) and is_numeric($_GET['delete']) and is_admin()) 11 { 12 check_status(ACCESS_ADMINISTRATOR); 13 check_pwg_token(); 14 $query = ' 15 DELETE FROM ' . COMMENTS_TABLE . ' 16 WHERE id=' . $_GET['delete'] . ' 17 ;'; 18 pwg_query($query); 19 } 20 21 // comments validation 22 if (isset($_GET['validate']) and is_numeric($_GET['validate']) and is_admin()) 23 { 24 check_status(ACCESS_ADMINISTRATOR); 25 check_pwg_token(); 26 $query = ' 27 UPDATE ' . COMMENTS_TABLE . ' 28 SET validated = \'true\' 29 , validation_date = NOW() 30 WHERE id=' . $_GET['validate'] . ' 31 ;'; 32 pwg_query($query); 11 12 $comment_id = null; 13 $action = null; 14 15 $actions = array('delete_comment', 'validate_comment', 'edit_comment'); 16 foreach ($actions as $loop_action) 17 { 18 if (isset($_GET[$loop_action])) 19 { 20 $action = $loop_action; 21 check_input_parameter($action, $_GET, false, PATTERN_ID); 22 $comment_id = $_GET[$action]; 23 break; 24 } 25 } 26 27 if (isset($action)) 28 { 29 check_pwg_token(); 30 31 $comment_author_id = get_comment_author_id($comment_id); 32 $action = str_replace('_comment', '', $action); 33 34 if (can_manage_comment($action, $comment_author_id)) 35 { 36 $perform_redirect = false; 37 38 if ('delete' == $action) 39 { 40 delete_user_comment($comment_id); 41 $perform_redirect = true; 42 } 43 44 if ('validate' == $action) 45 { 46 validate_user_comment($comment_id); 47 $perform_redirect = true; 48 } 49 50 if ('edit' == $action) 51 { 52 if (!empty($_POST['content'])) 53 { 54 update_user_comment( 55 array( 56 'comment_id' => $_GET['edit_comment'], 57 'image_id' => $_POST['image_id'], 58 'content' => $_POST['content'] 59 ), 60 $_POST['key'] 61 ); 62 63 $perform_redirect = true; 64 } 65 else 66 { 67 $edit_comment = $_GET['edit_comment']; 68 } 69 } 70 71 if ($perform_redirect) 72 { 73 $redirect_url = 74 PHPWG_ROOT_PATH 75 .'index.php' 76 .get_query_string_diff(array('delete_comment','validate_comment','edit_comment','pwg_token')); 77 78 redirect($redirect_url); 79 } 80 } 33 81 } 34 82 … … 36 84 // | last comments display | 37 85 // +-----------------------------------------------------------------------+ 86 if ( !is_admin() ) 87 { 88 $page['where_clauses'][] = 'validated=\'true\''; 89 } 90 91 $page['where_clauses'][] = get_sql_condition_FandF 92 ( 93 array 94 ( 95 'forbidden_categories' => 'category_id', 96 'visible_categories' => 'category_id', 97 'visible_images' => 'ic.image_id' 98 ), 99 '', true 100 ); 101 38 102 $comments = array(); 39 103 $element_ids = array(); 40 104 $category_ids = array(); 41 $max_width = 0; 42 if (!is_admin()) 43 { 44 $clauses[] = 'validated="true"'; 45 } 46 $clauses[] = get_sql_condition_FandF ( 47 array ('forbidden_categories' => 'category_id', 48 'visible_categories' => 'category_id', 49 'visible_images' => 'ic.image_id'), '', true); 50 51 $query = 'SELECT com.id AS comment_id 52 , com.image_id 53 , ic.category_id 54 , com.author 55 , com.date 56 , com.content 57 , com.id AS comment_id 58 , com.validated 59 FROM ' . IMAGE_CATEGORY_TABLE . ' AS ic 60 INNER JOIN ' . COMMENTS_TABLE . ' AS com 61 ON ic.image_id = com.image_id 62 WHERE ' . implode(' AND ', $clauses) . ' 63 GROUP BY comment_id 64 ORDER BY date DESC 65 LIMIT 0, ' . $datas[0] . ';'; 66 105 106 $query = ' 107 SELECT com.id AS comment_id, 108 com.image_id, 109 com.author, 110 com.author_id, 111 com.date, 112 com.content, 113 com.validated 114 FROM '.IMAGE_CATEGORY_TABLE.' AS ic 115 INNER JOIN '.COMMENTS_TABLE.' AS com 116 ON ic.image_id = com.image_id 117 LEFT JOIN '.USERS_TABLE.' As u 118 ON u.'.$conf['user_fields']['id'].' = com.author_id 119 WHERE '.implode(' 120 AND ', $page['where_clauses']).' 121 GROUP BY comment_id, 122 com.image_id, 123 com.author, 124 com.author_id, 125 com.date, 126 com.content, 127 com.validated 128 ORDER BY date DESC 129 LIMIT 0, ' . $datas[0] . ';'; 130 131 $query.= ' 132 ;'; 67 133 $result = pwg_query($query); 68 while ($row = mysql_fetch_assoc($result))134 while ($row = pwg_db_fetch_assoc($result)) 69 135 { 70 136 array_push($comments, $row); 71 137 array_push($element_ids, $row['image_id']); 72 array_push($category_ids, $row['category_id']);73 138 } 74 139 75 140 if (count($comments) > 0) 76 141 { 142 $block['TEMPLATE'] = 'stuffs_lastcoms.tpl'; 77 143 $block['TITLE_URL'] = 'comments.php'; 78 144 $block['comments'] = array(); 145 $block['MAX_WIDTH'] = $datas[3]; 146 $block['MAX_HEIGHT'] = $datas[4]; 147 switch ($datas[2]) 148 { 149 case 1 : 150 $block['NB_COMMENTS_LINE'] = '99%'; 151 break; 152 case 2 : 153 $block['NB_COMMENTS_LINE'] = '49.5%'; 154 break; 155 case 3 : 156 $block['NB_COMMENTS_LINE'] = '33%'; 157 break; 158 } 79 159 80 160 // retrieving element informations … … 86 166 ;'; 87 167 $result = pwg_query($query); 88 while ($row = mysql_fetch_assoc($result))168 while ($row = pwg_db_fetch_assoc($result)) 89 169 { 90 170 $elements[$row['id']] = $row; … … 93 173 // retrieving category informations 94 174 $query = ' 95 SELECT id, name, permalink, uppercats 96 FROM '.CATEGORIES_TABLE.' 97 WHERE id IN ('.implode(',', $category_ids).') 175 SELECT c.id, name, permalink, uppercats, com.id as comment_id 176 FROM '.CATEGORIES_TABLE.' AS c 177 LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic 178 ON c.id=ic.category_id 179 LEFT JOIN '.COMMENTS_TABLE.' AS com 180 ON ic.image_id=com.image_id 181 '.get_sql_condition_FandF 182 ( 183 array 184 ( 185 'forbidden_categories' => 'c.id', 186 'visible_categories' => 'c.id' 187 ), 188 'WHERE' 189 ).' 98 190 ;'; 99 $categories = hash_from_query($query, ' id');191 $categories = hash_from_query($query, 'comment_id'); 100 192 101 193 foreach ($comments as $comment) … … 115 207 // link to the full size picture 116 208 $url = make_picture_url( 117 array( 118 'category' => $categories[ $comment['category_id'] ], 119 'image_id' => $comment['image_id'], 120 'image_file' => $elements[$comment['image_id']]['file'], 209 array( 210 'category' => $categories[ $comment['comment_id'] ], 211 'image_id' => $comment['image_id'], 212 'image_file' => $elements[$comment['image_id']]['file'], 213 ) 214 ); 215 216 $tpl_comment = array( 217 'ID' => $comment['comment_id'], 218 'U_PICTURE' => $url, 219 'TN_SRC' => $thumbnail_src, 220 'ALT' => $name, 221 'AUTHOR' => trigger_event('render_comment_author', $comment['author']), 222 'DATE'=>format_date($comment['date'], true), 223 'CONTENT'=>trigger_event('render_comment_content',$comment['content']), 224 'WIDTH' => $datas[3], 225 'HEIGHT' => $datas[4], 226 ); 227 228 if (can_manage_comment('delete', $comment['author_id'])) 229 { 230 $url = 231 get_root_url() 232 .'index.php' 233 .get_query_string_diff(array('edit_comment', 'delete_comment','validate_comment', 'pwg_token')); 234 235 $tpl_comment['U_DELETE'] = add_url_params( 236 $url, 237 array( 238 'delete_comment' => $comment['comment_id'], 239 'pwg_token' => get_pwg_token(), 240 ) 241 ); 242 } 243 244 if (can_manage_comment('edit', $comment['author_id'])) 245 { 246 $url = 247 get_root_url() 248 .'index.php' 249 .get_query_string_diff(array('edit_comment', 'delete_comment','validate_comment', 'pwg_token')); 250 251 $tpl_comment['U_EDIT'] = add_url_params( 252 $url, 253 array( 254 'edit_comment' => $comment['comment_id'], 255 'pwg_token' => get_pwg_token(), 256 ) 257 ); 258 259 if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment)) 260 { 261 $tpl_comment['IN_EDIT'] = true; 262 $key = get_ephemeral_key(2, $comment['image_id']); 263 $tpl_comment['KEY'] = $key; 264 $tpl_comment['IMAGE_ID'] = $comment['image_id']; 265 $tpl_comment['CONTENT'] = $comment['content']; 266 } 267 } 268 269 if (can_manage_comment('validate', $comment['author_id'])) 270 { 271 if ('true' != $comment['validated']) 272 { 273 $tpl_comment['U_VALIDATE'] = add_url_params( 274 $url, 275 array( 276 'validate_comment'=> $comment['comment_id'], 277 'pwg_token' => get_pwg_token(), 121 278 ) 122 279 ); 123 124 $author = $comment['author']; 125 if (empty($comment['author'])) 126 { 127 $author = l10n('guest'); 128 } 129 130 $tpl_comment = 131 array( 132 'U_PICTURE' => $url, 133 'TN_SRC' => $thumbnail_src, 134 'ALT' => $name, 135 'AUTHOR' => trigger_event('render_comment_author', $author), 136 'DATE' => format_date($comment['date'],'mysql_datetime',true), 137 'CONTENT' => trigger_event('render_comment_content',$comment['content']), 138 'WIDTH' => $datas[3], 139 'HEIGHT' => $datas[4], 140 ); 141 142 switch ($datas[2]) 143 { 144 case 1 : 145 $tpl_comment['CLASS'] = 'one_comment'; 146 break; 147 case 2 : 148 $tpl_comment['CLASS'] = 'two_comment'; 149 break; 150 case 3 : 151 $tpl_comment['CLASS'] = 'three_comment'; 152 break; 153 } 154 155 if ( is_admin() ) 156 { 157 $url = get_root_url().'index.php'.get_query_string_diff(array('delete','validate')); 158 $tpl_comment['U_DELETE'] = add_url_params($url, array( 159 'delete' => $comment['comment_id'], 160 'pwg_token' => get_pwg_token())); 161 162 if ($comment['validated'] != 'true') 163 { 164 $tpl_comment['U_VALIDATE'] = add_url_params($url, array( 165 'validate' => $comment['comment_id'], 166 'pwg_token' => get_pwg_token())); 167 } 168 } 169 170 // Show comment editor link 171 if (defined('CE_PATH') and ((!is_a_guest() and ($user[$conf['user_fields']['username']] == $author)) or is_admin())) 172 { 173 load_language('plugin.lang', CE_PATH); 174 $tpl_comment['U_EDIT'] = add_url_params(get_root_url() . 'index.php', array( 175 CE_ACTION => CE_ACTION_EDIT, 176 CE_ID => $comment['comment_id'], 177 'pwg_token' => get_pwg_token())); 280 } 178 281 } 179 282 array_push($block['comments'], $tpl_comment); 180 283 } 181 $block['TEMPLATE'] = 'stuffs_lastcoms.tpl';182 284 } 183 285
Note: See TracChangeset
for help on using the changeset viewer.
