source: branches/2.1/comments.php @ 6329

Last change on this file since 6329 was 6329, checked in by plg, 14 years ago

merge r6266 from trunk to branch 2.1

File size: 14.7 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based picture gallery                                  |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2010 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
27define('PHPWG_ROOT_PATH','./');
28include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
29include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
30
31// +-----------------------------------------------------------------------+
32// | Check Access and exit when user status is not ok                      |
33// +-----------------------------------------------------------------------+
34check_status(ACCESS_GUEST);
35
36$sort_order = array(
37  'DESC' => l10n('descending'),
38  'ASC'  => l10n('ascending')
39  );
40
41// sort_by : database fields proposed for sorting comments list
42$sort_by = array(
43  'date' => l10n('comment date'),
44  'image_id' => l10n('picture')
45  );
46
47// items_number : list of number of items to display per page
48$items_number = array(5,10,20,50,'all');
49
50// since when display comments ?
51//
52$since_options = array(
53  1 => array('label' => l10n('today'),
54             'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
55  2 => array('label' => sprintf(l10n('last %d days'), 7),
56             'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
57  3 => array('label' => sprintf(l10n('last %d days'), 30),
58             'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
59  4 => array('label' => l10n('the beginning'),
60             'clause' => '1=1') // stupid but generic
61  );
62
63if (!empty($_GET['since']) && is_numeric($_GET['since']))
64{
65  $page['since'] = $_GET['since'];
66}
67else
68{
69  $page['since'] = 4;
70}
71
72// on which field sorting
73//
74$page['sort_by'] = 'date';
75// if the form was submitted, it overloads default behaviour
76if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
77{
78  $page['sort_by'] = $_GET['sort_by'];
79}
80
81// order to sort
82//
83$page['sort_order'] = 'DESC';
84// if the form was submitted, it overloads default behaviour
85if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
86{
87  $page['sort_order'] = $_GET['sort_order'];
88}
89
90// number of items to display
91//
92$page['items_number'] = 10;
93if (isset($_GET['items_number']))
94{
95  $page['items_number'] = $_GET['items_number'];
96}
97if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
98{
99  $page['items_number'] = 10;
100}
101
102$page['where_clauses'] = array();
103
104// which category to filter on ?
105if (isset($_GET['cat']) and 0 != $_GET['cat'])
106{
107  $page['where_clauses'][] =
108    'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
109}
110
111// search a particular author
112if (!empty($_GET['author']))
113{
114  $page['where_clauses'][] =
115    'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
116     OR author = \''.$_GET['author'].'\'';
117}
118
119// search a specific comment (if you're coming directly from an admin
120// notification email)
121if (!empty($_GET['comment_id']))
122{
123  check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
124
125  // currently, the $_GET['comment_id'] is only used by admins from email
126  // for management purpose (validate/delete)
127  if (!is_admin())
128  {
129    $login_url =
130      get_root_url().'identification.php?redirect='
131      .urlencode(urlencode($_SERVER['REQUEST_URI']))
132      ;
133    redirect($login_url);
134  }
135
136  $page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
137}
138
139// search a substring among comments content
140if (!empty($_GET['keyword']))
141{
142  $page['where_clauses'][] =
143    '('.
144    implode(' AND ',
145            array_map(
146              create_function(
147                '$s',
148                'return "content LIKE \'%$s%\'";'
149                ),
150              preg_split('/[\s,;]+/', $_GET['keyword'] )
151              )
152      ).
153    ')';
154}
155
156$page['where_clauses'][] = $since_options[$page['since']]['clause'];
157
158// which status to filter on ?
159if ( !is_admin() )
160{
161  $page['where_clauses'][] = 'validated=\'true\'';
162}
163
164$page['where_clauses'][] = get_sql_condition_FandF
165  (
166    array
167      (
168        'forbidden_categories' => 'category_id',
169        'visible_categories' => 'category_id',
170        'visible_images' => 'ic.image_id'
171      ),
172    '', true
173  );
174
175// +-----------------------------------------------------------------------+
176// |                         comments management                           |
177// +-----------------------------------------------------------------------+
178
179$comment_id = null;
180$action = null;
181
182$actions = array('delete', 'validate', 'edit');
183foreach ($actions as $loop_action)
184{
185  if (isset($_GET[$loop_action]))
186  {
187    $action = $loop_action;
188    check_input_parameter($action, $_GET, false, PATTERN_ID);
189    $comment_id = $_GET[$action];
190    break;
191  }
192}
193
194if (isset($action))
195{
196  check_pwg_token();
197
198  $comment_author_id = get_comment_author_id($comment_id);
199
200  if (can_manage_comment($action, $comment_author_id))
201  {
202    $perform_redirect = false;
203
204    if ('delete' == $action)
205    {
206      delete_user_comment($comment_id);
207      $perform_redirect = true;
208    }
209
210    if ('validate' == $action)
211    {
212      validate_user_comment($comment_id);
213      $perform_redirect = true;
214    }
215
216    if ('edit' == $action)
217    {
218      if (!empty($_POST['content']))
219      {
220        update_user_comment(
221          array(
222            'comment_id' => $_GET['edit'],
223            'image_id' => $_POST['image_id'],
224            'content' => $_POST['content']
225            ),
226          $_POST['key']
227          );
228
229        $edit_comment = null;
230      }
231      else
232      {
233        $edit_comment = $_GET['edit'];
234      }
235    }
236
237    if ($perform_redirect)
238    {
239      $redirect_url =
240        PHPWG_ROOT_PATH
241        .'comments.php'
242        .get_query_string_diff(array('delete','validate','pwg_token'));
243
244      redirect($redirect_url);
245    }
246  }
247}
248
249// +-----------------------------------------------------------------------+
250// |                       page header and options                         |
251// +-----------------------------------------------------------------------+
252
253$title= l10n('User comments');
254$page['body_id'] = 'theCommentsPage';
255
256$template->set_filenames(array('comments'=>'comments.tpl'));
257$template->assign(
258  array(
259    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
260    'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
261    'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
262    )
263  );
264
265// +-----------------------------------------------------------------------+
266// |                          form construction                            |
267// +-----------------------------------------------------------------------+
268
269// Search in a particular category
270$blockname = 'categories';
271
272$query = '
273SELECT id, name, uppercats, global_rank
274  FROM '.CATEGORIES_TABLE.'
275'.get_sql_condition_FandF
276  (
277    array
278      (
279        'forbidden_categories' => 'id',
280        'visible_categories' => 'id'
281      ),
282    'WHERE'
283  ).'
284;';
285display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
286
287// Filter on recent comments...
288$tpl_var=array();
289foreach ($since_options as $id => $option)
290{
291  $tpl_var[ $id ] = $option['label'];
292}
293$template->assign( 'since_options', $tpl_var);
294$template->assign( 'since_options_selected', $page['since']);
295
296// Sort by
297$template->assign( 'sort_by_options', $sort_by);
298$template->assign( 'sort_by_options_selected', $page['sort_by']);
299
300// Sorting order
301$template->assign( 'sort_order_options', $sort_order);
302$template->assign( 'sort_order_options_selected', $page['sort_order']);
303
304
305// Number of items
306$blockname = 'items_number_option';
307$tpl_var=array();
308foreach ($items_number as $option)
309{
310  $tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
311}
312$template->assign( 'item_number_options', $tpl_var);
313$template->assign( 'item_number_options_selected', $page['items_number']);
314
315
316// +-----------------------------------------------------------------------+
317// |                            navigation bar                             |
318// +-----------------------------------------------------------------------+
319
320if (isset($_GET['start']) and is_numeric($_GET['start']))
321{
322  $start = $_GET['start'];
323}
324else
325{
326  $start = 0;
327}
328
329$query = '
330SELECT COUNT(DISTINCT(com.id))
331  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
332    INNER JOIN '.COMMENTS_TABLE.' AS com
333    ON ic.image_id = com.image_id
334    LEFT JOIN '.USERS_TABLE.' As u
335    ON u.'.$conf['user_fields']['id'].' = com.author_id
336  WHERE '.implode('
337    AND ', $page['where_clauses']).'
338;';
339list($counter) = pwg_db_fetch_row(pwg_query($query));
340
341$url = PHPWG_ROOT_PATH
342    .'comments.php'
343  .get_query_string_diff(array('start','delete','validate','pwg_token'));
344
345$navbar = create_navigation_bar($url,
346                                $counter,
347                                $start,
348                                $page['items_number'],
349                                '');
350
351$template->assign('navbar', $navbar);
352
353// +-----------------------------------------------------------------------+
354// |                        last comments display                          |
355// +-----------------------------------------------------------------------+
356
357$comments = array();
358$element_ids = array();
359$category_ids = array();
360
361$query = '
362SELECT com.id AS comment_id
363     , com.image_id
364     , ic.category_id
365     , com.author
366     , com.author_id
367     , com.date
368     , com.content
369     , com.validated
370  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
371    INNER JOIN '.COMMENTS_TABLE.' AS com
372    ON ic.image_id = com.image_id
373    LEFT JOIN '.USERS_TABLE.' As u
374    ON u.'.$conf['user_fields']['id'].' = com.author_id
375  WHERE '.implode('
376    AND ', $page['where_clauses']).'
377  GROUP BY comment_id
378  ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
379if ('all' != $page['items_number'])
380{
381  $query.= '
382  LIMIT '.$page['items_number'].' OFFSET '.$start;
383}
384$query.= '
385;';
386$result = pwg_query($query);
387while ($row = pwg_db_fetch_assoc($result))
388{
389  array_push($comments, $row);
390  array_push($element_ids, $row['image_id']);
391  array_push($category_ids, $row['category_id']);
392}
393
394if (count($comments) > 0)
395{
396  // retrieving element informations
397  $elements = array();
398  $query = '
399SELECT id, name, file, path, tn_ext
400  FROM '.IMAGES_TABLE.'
401  WHERE id IN ('.implode(',', $element_ids).')
402;';
403  $result = pwg_query($query);
404  while ($row = pwg_db_fetch_assoc($result))
405  {
406    $elements[$row['id']] = $row;
407  }
408
409  // retrieving category informations
410  $query = '
411SELECT id, name, permalink, uppercats
412  FROM '.CATEGORIES_TABLE.'
413  WHERE id IN ('.implode(',', $category_ids).')
414;';
415  $categories = hash_from_query($query, 'id');
416
417  foreach ($comments as $comment)
418  {
419    if (!empty($elements[$comment['image_id']]['name']))
420    {
421      $name=$elements[$comment['image_id']]['name'];
422    }
423    else
424    {
425      $name=get_name_from_file($elements[$comment['image_id']]['file']);
426    }
427
428    // source of the thumbnail picture
429    $thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
430
431    // link to the full size picture
432    $url = make_picture_url(
433      array(
434        'category' => $categories[ $comment['category_id'] ],
435        'image_id' => $comment['image_id'],
436        'image_file' => $elements[$comment['image_id']]['file'],
437        )
438      );
439
440    $tpl_comment = array(
441      'U_PICTURE' => $url,
442      'TN_SRC' => $thumbnail_src,
443      'ALT' => $name,
444      'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
445      'DATE'=>format_date($comment['date'], true),
446      'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
447      );
448
449    if (can_manage_comment('delete', $comment['author_id']))
450    {
451      $url =
452        get_root_url()
453        .'comments.php'
454        .get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
455
456      $tpl_comment['U_DELETE'] = add_url_params(
457        $url,
458        array(
459          'delete' => $comment['comment_id'],
460          'pwg_token' => get_pwg_token(),
461          )
462        );
463    }
464
465    if (can_manage_comment('edit', $comment['author_id']))
466    {
467      $url =
468        get_root_url()
469        .'comments.php'
470        .get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
471
472      $tpl_comment['U_EDIT'] = add_url_params(
473        $url,
474        array(
475          'edit' => $comment['comment_id'],
476          'pwg_token' => get_pwg_token(),
477          )
478        );
479
480      if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
481      {
482        $tpl_comment['IN_EDIT'] = true;
483        $key = get_comment_post_key($comment['image_id']);
484        $tpl_comment['KEY'] = $key;
485        $tpl_comment['IMAGE_ID'] = $comment['image_id'];
486        $tpl_comment['CONTENT'] = $comment['content'];
487      }
488    }
489
490    if (can_manage_comment('validate', $comment['author_id']))
491    {
492      if ('true' != $comment['validated'])
493      {
494        $tpl_comment['U_VALIDATE'] = add_url_params(
495          $url,
496          array(
497            'validate'=> $comment['comment_id'],
498            'pwg_token' => get_pwg_token(),
499            )
500          );
501      }
502    }
503    $template->append('comments', $tpl_comment);
504  }
505}
506// +-----------------------------------------------------------------------+
507// |                           html code display                           |
508// +-----------------------------------------------------------------------+
509include(PHPWG_ROOT_PATH.'include/page_header.php');
510$template->pparse('comments');
511include(PHPWG_ROOT_PATH.'include/page_tail.php');
512?>
Note: See TracBrowser for help on using the repository browser.