source: extensions/Comments_Access_Manager/include/functions.inc.php

Last change on this file was 21117, checked in by Eric, 12 years ago

Next version is 2.5.0 :
Compliance with Piwigo 2.5
Code refactory : Change config variables to assoc array and $_POST vars control before writing conf in database - Thx to flop25 for his advices ;-)
Update zh_CN, thanks to : winson and dennisyan
Add pt_BR, thanks to : flaviove

  • Property svn:eol-style set to LF
File size: 7.4 KB
Line 
1<?php
2load_language('plugin.lang', CM_PATH);
3
4
5/**
6 * Triggered on get_admin_plugin_menu_links
7 *
8 * Plugin's administration menu
9 */
10function CM_admin_menu($menu)
11{
12// +-----------------------------------------------------------------------+
13// |                      Getting plugin name                              |
14// +-----------------------------------------------------------------------+
15  $plugin =  CM_Infos(CM_PATH);
16  $name = $plugin['name'];
17 
18  array_push($menu,
19    array(
20      'NAME' => $name,
21      'URL' => get_root_url().'admin.php?page=plugin-'.basename(CM_PATH)
22    )
23  );
24
25  return $menu;
26}
27
28
29/**
30 * Check comment rules set in plugin before accepting it
31 *
32 * @param : comment action, comment
33 *
34 * @return : comment action
35 *
36 */
37function CM_CheckComment($comment_action, $comm)
38{
39  global $page, $conf, $user, $template;
40
41  load_language('plugin.lang', CM_PATH);
42
43  $conf_CM = unserialize($conf['CommentsManager']);
44
45  if ($conf['comments_forall'])
46  {
47    // Does not allow empty author name on comments for all
48    if ((isset($conf_CM['CM_No_Comment_Anonymous']) and $conf_CM['CM_No_Comment_Anonymous'] == 'true') and $comm['author'] == 'guest')
49    {
50      $comment_action = 'reject';
51      array_push($page['errors'], l10n('CM_Not_Allowed_Author'));
52    }
53   
54    if ((isset($conf_CM['CM_GROUPVALID2']) and $conf_CM['CM_GROUPVALID2'] == 'true') and !is_a_guest() and $conf['comments_validation'])
55    {
56      if (CM_CheckValidGroup($comm['author']) or is_admin())
57      {
58        $comment_action = 'validate'; // Comment is validated if author is not in the validated group
59      }
60      else
61      {
62        $comment_action = 'moderate'; // Comment needs moderation if author is not in the validated group
63      }
64    }
65  }
66
67// Rules on comments NOT for all
68  if (!$conf['comments_forall'] and !is_admin())
69  {
70    if ((isset($conf_CM['CM_GROUPCOMM']) and $conf_CM['CM_GROUPCOMM'] == 'true') and (isset($conf_CM['CM_GROUPVALID1']) and $conf_CM['CM_GROUPVALID1'] == 'false') and !CM_CheckAuthor($comm['author'])) // Comments authorized group set - Auto validation group unset
71    {
72      $comment_action = 'reject'; // Comment rejected if author is not in the allowed group
73      array_push($page['errors'], l10n('CM_Not_Allowed_Author'));
74    }
75    elseif ((isset($conf_CM['CM_GROUPCOMM']) and $conf_CM['CM_GROUPCOMM'] == 'false') and (isset($conf_CM['CM_GROUPVALID1']) and $conf_CM['CM_GROUPVALID1'] == 'true') and $conf['comments_validation']) // Comments authorized group unset - Auto validation group set
76    {
77      if (CM_CheckValidGroup($comm['author']) and $conf['comments_validation'])
78      {
79        $comment_action = 'validate'; // Comment is validated if author is not in the validated group
80      }
81      else
82      {
83        $comment_action = 'moderate'; // Comment needs moderation if author is not in the validated group
84      }
85    }
86    elseif ((isset($conf_CM['CM_GROUPCOMM']) and $conf_CM['CM_GROUPCOMM'] == 'true') and (isset($conf_CM['CM_GROUPVALID1']) and $conf_CM['CM_GROUPVALID1'] == 'true') and $conf['comments_validation']) // Comments authorized group set - Auto validation group set
87    {
88      if (!CM_CheckAuthor($comm['author']))
89      {
90        $comment_action = 'reject'; // Comment rejected if author is not in the allowed group
91        array_push($page['errors'], l10n('CM_Not_Allowed_Author'));
92      }
93      elseif (CM_CheckValidGroup($comm['author']) and $conf['comments_validation'])
94      {
95        $comment_action = 'validate'; // Comment is validated if author is not in the validated group
96      }
97      else
98        $comment_action = 'moderate'; // Comment needs moderation if author is not in the validated group
99    }
100  }
101
102  return $comment_action;
103}
104
105
106/**
107 * Checks if comment's author name is in the allowed group
108 *
109 * @author   : author's name
110 *
111 * @returns  : Boolean (true when user is allowed to post / false if not allowed)
112 *
113 */
114function CM_CheckAuthor($author)
115{
116  global $conf;
117 
118        // Get CM configuration
119  $conf_CM = unserialize($conf['CommentsManager']);
120 
121  if (isset($conf_CM['CM_ALLOWCOMM_GROUP']) and $conf_CM['CM_ALLOWCOMM_GROUP'] <> -1)
122  {
123    $query = '
124SELECT u.id,
125       u.username,
126       ug.user_id,
127       ug.group_id
128FROM '.USERS_TABLE.' AS u
129  INNER JOIN '.USER_GROUP_TABLE.' AS ug
130    ON u.id = ug.user_id
131WHERE u.username LIKE "'.$author.'"
132  AND ug.group_id = '.$conf_CM['CM_ALLOWCOMM_GROUP'].'
133;';
134
135    $count = pwg_db_num_rows(pwg_query($query));
136
137    if (is_null($count) or $count == 0)
138    {
139      return false;
140    }
141    else
142      return true;
143  }
144}
145
146
147/**
148 * Checks if comment's author name is in the admin's pre-validated group
149 * avoid admins to validate comments for the members of this group
150 *
151 * @author   : author's name
152 *
153 * @returns  : Boolean (true if user's comment doesn't need validation / false if user's comment is moderated)
154 *
155 */
156function CM_CheckValidGroup($author)
157{
158  global $conf;
159 
160        // Get CM configuration
161  $conf_CM = unserialize($conf['CommentsManager']);
162 
163  if ($conf['comments_forall'])
164  {
165    if (isset($conf_CM['CM_VALIDCOMM2_GROUP']) and $conf_CM['CM_VALIDCOMM2_GROUP'] <> -1)
166    {
167      $group_id = $conf_CM['CM_VALIDCOMM2_GROUP'];
168    }
169  }
170  else
171  {
172    if (isset($conf_CM['CM_VALIDCOMM1_GROUP']) and $conf_CM['CM_VALIDCOMM1_GROUP'] <> -1)
173    {
174      $group_id = $conf_CM['CM_VALIDCOMM1_GROUP'];
175    }
176  }
177
178  $query = '
179SELECT u.id,
180       u.username,
181       ug.user_id,
182       ug.group_id
183FROM '.USERS_TABLE.' AS u
184  INNER JOIN '.USER_GROUP_TABLE.' AS ug
185    ON u.id = ug.user_id
186WHERE u.username LIKE "'.$author.'"
187  AND ug.group_id = '.$group_id.'
188;';
189
190  $count = pwg_db_num_rows(pwg_query($query));
191
192  if (is_null($count) or $count == 0)
193  {
194    return false;
195  }
196  else
197    return true;
198}
199
200
201/**
202 * Get the plugin version and name
203 *
204 * @param : plugin directory
205 *
206 * @return : plugin's version and name
207 *
208 */
209function CM_Infos($dir)
210{
211  $path = $dir;
212
213  $plg_data = implode( '', file($path.'main.inc.php') );
214  if ( preg_match("|Plugin Name: (.*)|", $plg_data, $val) )
215  {
216    $plugin['name'] = trim( $val[1] );
217  }
218  if (preg_match("|Version: (.*)|", $plg_data, $val))
219  {
220    $plugin['version'] = trim($val[1]);
221  }
222  if ( preg_match("|Plugin URI: (.*)|", $plg_data, $val) )
223  {
224    $plugin['uri'] = trim($val[1]);
225  }
226  if ($desc = load_language('description.txt', $path.'/', array('return' => true)))
227  {
228    $plugin['description'] = trim($desc);
229  }
230  elseif ( preg_match("|Description: (.*)|", $plg_data, $val) )
231  {
232    $plugin['description'] = trim($val[1]);
233  }
234  if ( preg_match("|Author: (.*)|", $plg_data, $val) )
235  {
236    $plugin['author'] = trim($val[1]);
237  }
238  if ( preg_match("|Author URI: (.*)|", $plg_data, $val) )
239  {
240    $plugin['author uri'] = trim($val[1]);
241  }
242  if (!empty($plugin['uri']) and strpos($plugin['uri'] , 'extension_view.php?eid='))
243  {
244    list( , $extension) = explode('extension_view.php?eid=', $plugin['uri']);
245    if (is_numeric($extension)) $plugin['extension'] = $extension;
246  }
247// IMPORTANT SECURITY !
248  $plugin = array_map('htmlspecialchars', $plugin);
249
250  return $plugin ;
251}
252
253
254/**
255 * Delete obsolete files on plugin upgrade
256 * Obsolete files are listed in file obsolete.list
257 *
258 */
259function CM_Obsolete_Files()
260{
261  if (file_exists(CM_PATH.'obsolete.list')
262    and $old_files = file(CM_PATH.'obsolete.list', FILE_IGNORE_NEW_LINES)
263    and !empty($old_files))
264  {
265    array_push($old_files, 'obsolete.list');
266    foreach($old_files as $old_file)
267    {
268      $path = CM_PATH.$old_file;
269      if (is_file($path))
270      {
271        @unlink($path);
272      }
273    }
274  }
275}
276?>
Note: See TracBrowser for help on using the repository browser.