Context Navigation

source: branches/1.5/comments.php @ 17335

Last change on this file since 17335 was 1005, checked in by nikrou, 19 years ago
Revert to revision 1002
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 13.6 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| PhpWebGallery - a PHP based picture gallery \|
4	// \| Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net \|
5	// \| Copyright (C) 2003-2005 PhpWebGallery Team - http://phpwebgallery.net \|
6	// +-----------------------------------------------------------------------+
7	// \| branch : BSF (Best So Far)
8	// \| file : $RCSfile$
9	// \| last update : $Date: 2006-01-15 13:49:29 +0000 (Sun, 15 Jan 2006) $
10	// \| last modifier : $Author: nikrou $
11	// \| revision : $Revision: 1005 $
12	// +-----------------------------------------------------------------------+
13	// \| This program is free software; you can redistribute it and/or modify \|
14	// \| it under the terms of the GNU General Public License as published by \|
15	// \| the Free Software Foundation \|
16	// \| \|
17	// \| This program is distributed in the hope that it will be useful, but \|
18	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
19	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
20	// \| General Public License for more details. \|
21	// \| \|
22	// \| You should have received a copy of the GNU General Public License \|
23	// \| along with this program; if not, write to the Free Software \|
24	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
25	// \| USA. \|
26	// +-----------------------------------------------------------------------+
27
28	// +-----------------------------------------------------------------------+
29	// \| initialization \|
30	// +-----------------------------------------------------------------------+
31	if (!defined('IN_ADMIN'))
32	{
33	define('PHPWG_ROOT_PATH','./');
34	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
35	}
36
37	$sort_order = array(
38	'descending' => 'DESC',
39	'ascending' => 'ASC'
40	);
41
42	// sort_by : database fields proposed for sorting comments list
43	$sort_by = array(
44	'date' => 'comment date',
45	'image_id' => 'picture'
46	);
47
48	// items_number : list of number of items to display per page
49	$items_number = array(5,10,20,50,'all');
50
51	// since when display comments ?
52	//
53	$since_options = array(
54	1 => array('label' => l10n('today'),
55	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'),
56	2 => array('label' => sprintf(l10n('last %d days'), 7),
57	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'),
58	3 => array('label' => sprintf(l10n('last %d days'), 30),
59	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'),
60	4 => array('label' => l10n('the beginning'),
61	'clause' => '1=1') // stupid but generic
62	);
63
64	// since
65	//
66	$page['since'] = 1;
67	if (isset($_GET['since']))
68	{
69	if (!isset($since_options{ $_GET['since'] }))
70	{
71	die('Hacking attempt on "since" GET parameter');
72	}
73	else
74	{
75	$page['since'] = $_GET['since'];
76	}
77	}
78
79	// on which field sorting
80	//
81	$page['sort_by'] = 'date';
82	// if the form was submitted, it overloads default behaviour
83	if (isset($_GET['sort_by']))
84	{
85	if (!isset($sort_by{ $_GET['sort_by'] }))
86	{
87	die('Hacking attempt on "sort_by" GET parameter');
88	}
89	else
90	{
91	$page['sort_by'] = $_GET['sort_by'];
92	}
93	}
94
95	// order to sort
96	//
97	$page['sort_order'] = $sort_order['descending'];
98	// if the form was submitted, it overloads default behaviour
99	if (isset($_GET['sort_order']))
100	{
101	if (!isset($sort_order{ $_GET['sort_order'] }))
102	{
103	die('Hacking attempt on "sort_order" GET parameter');
104	}
105	else
106	{
107	$page['sort_order'] = $sort_order[$_GET['sort_order']];
108	}
109	}
110
111	// number of items to display
112	//
113	$page['items_number'] = 5;
114	if (isset($_GET['items_number']))
115	{
116	if (!in_array($_GET['items_number'], $items_number))
117	{
118	die('Hacking attempt on "items_number" GET parameter');
119	}
120	else
121	{
122	$page['items_number'] = $_GET['items_number'];
123	}
124	}
125
126	// which category to filter on ?
127	$page['cat_clause'] = '1=1';
128	if (isset($_GET['cat']))
129	{
130	if (''.intval($_GET['cat']) != ''.$_GET['cat'])
131	{
132	die('Hacking attempt on "cat" GET parameter');
133	}
134	else if (0 != $_GET['cat'])
135	{
136	$page['cat_clause'] =
137	'category_id IN ('.
138	implode(
139	',',
140	get_subcat_ids(array($_GET['cat']))
141	).
142	')'
143	;
144	}
145	}
146
147	// search a particular author
148	$page['author_clause'] = '1=1';
149	if (isset($_GET['author']) and !empty($_GET['author']))
150	{
151	if (function_exists('mysql_real_escape_string'))
152	{
153	$author = mysql_real_escape_string($_GET['author']);
154	}
155	else
156	{
157	$author = mysql_escape_string($_GET['author']);
158	}
159
160	$page['author_clause'] = 'author = \''.$author.'\'';
161	}
162
163	// search a substring among comments content
164	$page['keyword_clause'] = '1=1';
165	if (isset($_GET['keyword']) and !empty($_GET['keyword']))
166	{
167	if (function_exists('mysql_real_escape_string'))
168	{
169	$keyword = mysql_real_escape_string($_GET['keyword']);
170	}
171	else
172	{
173	$keyword = mysql_escape_string($_GET['keyword']);
174	}
175	$page['keyword_clause'] =
176	'('.
177	implode(
178	' AND ',
179	array_map(
180	create_function(
181	'$s',
182	'return "content LIKE \'%$s%\'";'
183	),
184	preg_split('/[\s,;]+/', $keyword)
185	)
186	).
187	')'
188	;
189	}
190
191	// +-----------------------------------------------------------------------+
192	// \| comments management \|
193	// +-----------------------------------------------------------------------+
194	// comments deletion
195	if (isset($_POST['delete']) and count($_POST['comment_id']) > 0)
196	{
197	$query = '
198	DELETE FROM '.COMMENTS_TABLE.'
199	WHERE id IN ('.implode(',', $_POST['comment_id']).')
200	;';
201	pwg_query($query);
202	}
203	// comments validation
204	if (isset($_POST['validate']) and count($_POST['comment_id']) > 0)
205	{
206	$query = '
207	UPDATE '.COMMENTS_TABLE.'
208	SET validated = \'true\'
209	, validation_date = NOW()
210	WHERE id IN ('.implode(',', $_POST['comment_id']).')
211	;';
212	pwg_query($query);
213	}
214	// +-----------------------------------------------------------------------+
215	// \| page header and options \|
216	// +-----------------------------------------------------------------------+
217
218	$title= l10n('title_comments');
219	$page['body_id'] = 'theCommentsPage';
220	include(PHPWG_ROOT_PATH.'include/page_header.php');
221
222	$template->set_filenames(array('comments'=>'comments.tpl'));
223	$template->assign_vars(
224	array(
225	'L_COMMENT_TITLE' => $title,
226
227	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
228	'F_KEYWORD'=>@$_GET['keyword'],
229	'F_AUTHOR'=>@$_GET['author'],
230
231	'U_HOME' => add_session_id(PHPWG_ROOT_PATH.'category.php')
232	)
233	);
234
235	// +-----------------------------------------------------------------------+
236	// \| form construction \|
237	// +-----------------------------------------------------------------------+
238
239	// Search in a particular category
240	$blockname = 'category';
241
242	$template->assign_block_vars(
243	$blockname,
244	array('SELECTED' => '',
245	'VALUE'=> 0,
246	'OPTION' => '------------'
247	));
248
249	$query = '
250	SELECT id,name,uppercats,global_rank
251	FROM '.CATEGORIES_TABLE;
252	if ($user['forbidden_categories'] != '')
253	{
254	$query.= '
255	WHERE id NOT IN ('.$user['forbidden_categories'].')';
256	}
257	$query.= '
258	;';
259	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
260
261	// Filter on recent comments...
262	$blockname = 'since_option';
263
264	foreach ($since_options as $id => $option)
265	{
266	$selected = ($id == $page['since']) ? 'selected="selected"' : '';
267
268	$template->assign_block_vars(
269	$blockname,
270	array('SELECTED' => $selected,
271	'VALUE'=> $id,
272	'CONTENT' => $option['label']
273	));
274	}
275
276	// Sort by
277	$blockname = 'sort_by_option';
278
279	foreach ($sort_by as $key => $value)
280	{
281	$selected = ($key == $page['sort_by']) ? 'selected="selected"' : '';
282
283	$template->assign_block_vars(
284	$blockname,
285	array('SELECTED' => $selected,
286	'VALUE'=> $key,
287	'CONTENT' => l10n($value)
288	));
289	}
290
291	// Sorting order
292	$blockname = 'sort_order_option';
293
294	foreach (array_keys($sort_order) as $option)
295	{
296	$selected = ($option == $page['sort_order']) ? 'selected="selected"' : '';
297
298	$template->assign_block_vars(
299	$blockname,
300	array('SELECTED' => $selected,
301	'VALUE'=> $option,
302	'CONTENT' => l10n($option)
303	));
304	}
305
306	// Number of items
307	$blockname = 'items_number_option';
308
309	foreach ($items_number as $option)
310	{
311	$selected = ($option == $page['items_number']) ? 'selected="selected"' : '';
312
313	$template->assign_block_vars(
314	$blockname,
315	array('SELECTED' => $selected,
316	'VALUE'=> $option,
317	'CONTENT' => is_numeric($option) ? $option : l10n($option)
318	));
319	}
320
321	// +-----------------------------------------------------------------------+
322	// \| navigation bar \|
323	// +-----------------------------------------------------------------------+
324
325	if (isset($_GET['start']) and is_numeric($_GET['start']))
326	{
327	$start = $_GET['start'];
328	}
329	else
330	{
331	$start = 0;
332	}
333
334	$query = '
335	SELECT COUNT(DISTINCT(id))
336	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
337	INNER JOIN '.COMMENTS_TABLE.' AS com
338	ON ic.image_id = com.image_id
339	WHERE validated = \'true\'
340	AND '.$since_options[$page['since']]['clause'].'
341	AND '.$page['cat_clause'].'
342	AND '.$page['author_clause'].'
343	AND '.$page['keyword_clause'];
344	if ($user['forbidden_categories'] != '')
345	{
346	$query.= '
347	AND category_id NOT IN ('.$user['forbidden_categories'].')';
348	}
349	$query.= '
350	;';
351	list($counter) = mysql_fetch_row(pwg_query($query));
352
353	$url = PHPWG_ROOT_PATH.'comments.php?t=1'.get_query_string_diff(array('start'));
354
355	$navbar = create_navigation_bar($url,
356	$counter,
357	$start,
358	$page['items_number'],
359	'');
360
361	$template->assign_vars(array('NAVBAR' => $navbar));
362
363	// +-----------------------------------------------------------------------+
364	// \| last comments display \|
365	// +-----------------------------------------------------------------------+
366
367	$comments = array();
368	$element_ids = array();
369	$category_ids = array();
370
371	$query = '
372	SELECT com.id AS comment_id
373	, com.image_id
374	, ic.category_id
375	, com.author
376	, com.date
377	, com.content
378	, com.id AS comment_id
379	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
380	INNER JOIN '.COMMENTS_TABLE.' AS com
381	ON ic.image_id = com.image_id
382	WHERE validated = \'true\'
383	AND '.$since_options[$page['since']]['clause'].'
384	AND '.$page['cat_clause'].'
385	AND '.$page['author_clause'].'
386	AND '.$page['keyword_clause'];
387	if ($user['forbidden_categories'] != '')
388	{
389	$query.= '
390	AND category_id NOT IN ('.$user['forbidden_categories'].')';
391	}
392	$query.= '
393	GROUP BY comment_id
394	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
395	if ('all' != $page['items_number'])
396	{
397	$query.= '
398	LIMIT '.$start.','.$page['items_number'];
399	}
400	$query.= '
401	;';
402	$result = pwg_query($query);
403	while ($row = mysql_fetch_array($result))
404	{
405	array_push($comments, $row);
406	array_push($element_ids, $row['image_id']);
407	array_push($category_ids, $row['category_id']);
408	}
409
410	if (count($comments) > 0)
411	{
412	// retrieving element informations
413	$elements = array();
414	$query = '
415	SELECT id, name, file, path, tn_ext
416	FROM '.IMAGES_TABLE.'
417	WHERE id IN ('.implode(',', $element_ids).')
418	;';
419	$result = pwg_query($query);
420	while ($row = mysql_fetch_array($result))
421	{
422	$elements[$row['id']] = $row;
423	}
424
425	// retrieving category informations
426	$categories = array();
427	$query = '
428	SELECT id, uppercats
429	FROM '.CATEGORIES_TABLE.'
430	WHERE id IN ('.implode(',', $category_ids).')
431	;';
432	$result = pwg_query($query);
433	while ($row = mysql_fetch_array($result))
434	{
435	$categories[$row['id']] = $row;
436	}
437
438	foreach ($comments as $comment)
439	{
440	// name of the picture
441	$name = get_cat_display_name_cache(
442	$categories[$comment['category_id']]['uppercats'], '', false);
443	$name.= $conf['level_separator'];
444	if (!empty($elements[$comment['image_id']]['name']))
445	{
446	$name.= $elements[$comment['image_id']]['name'];
447	}
448	else
449	{
450	$name.= get_name_from_file($elements[$comment['image_id']]['file']);
451	}
452
453	// source of the thumbnail picture
454	$thumbnail_src = get_thumbnail_src(
455	$elements[$comment['image_id']]['path'],
456	@$elements[$comment['image_id']]['tn_ext']
457	);
458
459	// link to the full size picture
460	$url = PHPWG_ROOT_PATH.'picture.php?cat='.$comment['category_id'];
461	$url.= '&image_id='.$comment['image_id'];
462
463	$template->assign_block_vars(
464	'picture',
465	array(
466	'TITLE_IMG'=>$name,
467	'I_THUMB'=>$thumbnail_src,
468	'U_THUMB'=>add_session_id($url)
469	));
470
471	$author = $comment['author'];
472	if (empty($comment['author']))
473	{
474	$author = l10n('guest');
475	}
476
477	$template->assign_block_vars(
478	'comment',
479	array(
480	'U_PICTURE' => add_session_id($url),
481	'TN_SRC' => $thumbnail_src,
482	'AUTHOR' => $author,
483	'DATE'=>format_date($comment['date'],'mysql_datetime',true),
484	'CONTENT'=>parse_comment_content($comment['content']),
485	));
486	}
487	}
488	// +-----------------------------------------------------------------------+
489	// \| html code display \|
490	// +-----------------------------------------------------------------------+
491	if (defined('IN_ADMIN'))
492	{
493	$template->assign_var_from_handle('ADMIN_CONTENT', 'comments');
494	}
495	else
496	{
497	$template->assign_block_vars('title',array());
498	$template->parse('comments');
499	include(PHPWG_ROOT_PATH.'include/page_tail.php');
500	}
501	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: