Context Navigation

source: extensions/Comments_on_Albums/include/coa_albums.php @ 10213

Last change on this file since 10213 was 10213, checked in by mistic100, 13 years ago
compatibility with 'rv_tscroller' & comments revalidation
File size: 8.8 KB

Line
1	<?php
2	/* Code adapted from include/picture_comment.inc.php and picture.php */
3	if (!defined('PHPWG_ROOT_PATH')) die('Hacking attempt!');
4
5	// +-----------------------------------------------------------------------+
6	// Category's infos
7	// +-----------------------------------------------------------------------+
8	$category = $page['category'];
9
10	$url_self = duplicate_index_url(array(
11	'category' => array(
12	'id'=>$category['id'],
13	'name'=>$category['name'],
14	'permalink'=>$category['permalink']
15	),
16	array('start')
17	));
18
19
20	// +-----------------------------------------------------------------------+
21	// Actions
22	// +-----------------------------------------------------------------------+
23	if (isset($_GET['action'])) {
24	switch ($_GET['action']) {
25	case 'edit_comment' : {
26	check_pwg_token();
27	include_once(COA_PATH.'include/functions_comment.inc.php'); // custom fonctions
28	check_input_parameter('comment_to_edit', $_GET, false, PATTERN_ID);
29	$author_id = get_comment_author_id_albums($_GET['comment_to_edit']);
30
31	if (can_manage_comment('edit', $author_id)) {
32	if (!empty($_POST['content'])) {
33	$comment_action = update_user_comment_albums(
34	array(
35	'comment_id' => $_GET['comment_to_edit'],
36	'image_id' => $category['id'],
37	'content' => $_POST['content']
38	),
39	$_POST['key']
40	);
41
42	$infos = array();
43
44	switch ($comment_action)
45	{
46	case 'moderate':
47	array_push($infos, l10n('An administrator must authorize your comment before it is visible.'));
48	case 'validate':
49	array_push($infos, l10n('Your comment has been registered'));
50	break;
51	case 'reject':
52	set_status_header(403);
53	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules'));
54	break;
55	default:
56	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
57	}
58
59	$template->assign(
60	($comment_action=='reject') ? 'errors' : 'infos',
61	$infos
62	);
63
64	unset($_POST['content']);
65	break;
66	} else {
67	$edit_comment = $_GET['comment_to_edit'];
68	break;
69	}
70	}
71	}
72	case 'delete_comment' : {
73	check_pwg_token();
74	include_once(COA_PATH.'include/functions_comment.inc.php');
75	check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID);
76	$author_id = get_comment_author_id_albums($_GET['comment_to_delete']);
77
78	if (can_manage_comment('delete', $author_id)) {
79	delete_user_comment_albums($_GET['comment_to_delete']);
80	}
81
82	redirect($url_self);
83	}
84	case 'validate_comment' : {
85	check_pwg_token();
86	include_once(COA_PATH.'include/functions_comment.inc.php');
87	check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID);
88	$author_id = get_comment_author_id_albums($_GET['comment_to_validate']);
89
90	if (can_manage_comment('validate', $author_id)) {
91	validate_user_comment_albums($_GET['comment_to_validate']);
92	}
93
94	redirect($url_self);
95	}
96	}
97	}
98
99
100	// +-----------------------------------------------------------------------+
101	// Insert comment
102	// +-----------------------------------------------------------------------+
103	if ($category['commentable'] and isset($_POST['content'])) {
104	if (is_a_guest() and !$conf['comments_forall']) {
105	die('Session expired');
106	}
107
108	$comm = array(
109	'author' => trim( @$_POST['author'] ),
110	'content' => trim( $_POST['content'] ),
111	'image_id' => $category['id'],
112	);
113
114	include_once(COA_PATH.'include/functions_comment.inc.php');
115	$comment_action = insert_user_comment_albums($comm, @$_POST['key'], $infos);
116
117	switch ($comment_action) {
118	case 'moderate':
119	array_push($infos, l10n('An administrator must authorize your comment before it is visible.'));
120	case 'validate':
121	array_push($infos, l10n('Your comment has been registered'));
122	break;
123	case 'reject':
124	set_status_header(403);
125	array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules'));
126	break;
127	default:
128	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
129	}
130
131	$template->assign(($comment_action=='reject') ? 'errors' : 'infos', $infos);
132	trigger_action('user_comment_insertion', array_merge($comm, array('action'=>$comment_action)));
133
134	} elseif (isset($_POST['content'])) {
135	set_status_header(403);
136	die('ugly spammer');
137	}
138
139
140	// +-----------------------------------------------------------------------+
141	// Display comments
142	// +-----------------------------------------------------------------------+
143	if ($category['commentable']) {
144	if (!is_admin()) {
145	$validated_clause = " AND validated = 'true'";
146	} else {
147	$validated_clause = null;
148	}
149
150	// number of comments for this category
151	$query = 'SELECT COUNT(*) AS nb_comments
152	FROM '.COA_TABLE.'
153	WHERE category_id = '.$category['id']
154	.$validated_clause.'
155	;';
156	$row = pwg_db_fetch_assoc(pwg_query($query));
157
158	// navigation bar creation, custom again
159	if (isset($_GET['start_comments'])) {
160	$page['start_comments'] = $_GET['start_comments'];
161	} else {
162	$page['start_comments'] = 0;
163	}
164	include_once(COA_PATH.'include/functions.inc.php');
165
166	$navigation_bar = create_comment_navigation_bar(
167	duplicate_index_url(array(), array('start')),
168	$row['nb_comments'],
169	$page['start_comments'],
170	$conf['nb_comment_page']
171	);
172
173	$template->assign(array(
174	'COMMENT_COUNT' => $row['nb_comments'],
175	'comment_navbar' => $navigation_bar,
176	));
177
178	if ($row['nb_comments'] > 0) {
179	// get comments
180	$query = 'SELECT
181	com.id,
182	com.author,
183	com.author_id,
184	'.$conf['user_fields']['username'].' AS username,
185	com.date,
186	com.category_id,
187	com.content,
188	com.validated
189	FROM '.COA_TABLE.' AS com
190	LEFT JOIN '.USERS_TABLE.' AS u
191	ON u.'.$conf['user_fields']['id'].' = author_id
192	WHERE category_id = '.$category['id'].'
193	'.$validated_clause.'
194	ORDER BY date ASC
195	LIMIT '.$conf['nb_comment_page'].' OFFSET '.$page['start_comments'].'
196	;';
197	$result = pwg_query($query);
198
199	while ($row = pwg_db_fetch_assoc($result)) {
200	// author
201	if (!empty($row['author'])) {
202	$author = $row['author'];
203	if ($author == 'guest') {
204	$author = l10n('guest');
205	}
206	} else {
207	$author = stripslashes($row['username']);
208	}
209
210	// comment content
211	$tpl_comment = array(
212	'AUTHOR' => trigger_event('render_comment_author', $author),
213	'DATE' => format_date($row['date'], true),
214	'CONTENT' => trigger_event('render_comment_content', $row['content']),
215	);
216
217	// rights
218	if (can_manage_comment('delete', $row['author_id'])) {
219	$tpl_comment['U_DELETE'] = add_url_params($url_self, array(
220	'action' => 'delete_comment',
221	'comment_to_delete' => $row['id'],
222	'pwg_token' => get_pwg_token(),
223	));
224	}
225	if (can_manage_comment('edit', $row['author_id'])) {
226	$tpl_comment['U_EDIT'] = add_url_params($url_self, array(
227	'action' => 'edit_comment',
228	'comment_to_edit' => $row['id'],
229	'pwg_token' => get_pwg_token(),
230	));
231	if (isset($edit_comment) and ($row['id'] == $edit_comment)) {
232	$key = get_ephemeral_key(2, $category['id']);
233	$tpl_comment['IN_EDIT'] = true;
234	$tpl_comment['KEY'] = $key;
235	$tpl_comment['CONTENT'] = $row['content'];
236	}
237	}
238	if (is_admin() AND $row['validated'] != 'true') {
239	$tpl_comment['U_VALIDATE'] = add_url_params($url_self, array(
240	'action' => 'validate_comment',
241	'comment_to_validate' => $row['id'],
242	'pwg_token' => get_pwg_token(),
243	));
244	}
245
246	// template
247	$template->append('comments', $tpl_comment);
248	}
249	}
250
251	// comment form
252	$show_add_comment_form = true;
253	if (isset($edit_comment)) {
254	$show_add_comment_form = false;
255	}
256	if (is_a_guest() and !$conf['comments_forall']) {
257	$show_add_comment_form = false;
258	}
259
260	if ($show_add_comment_form) {
261	$key = get_ephemeral_key(3, $category['id']);
262	$content = null;
263	if ('reject'===@$comment_action) {
264	$content = htmlspecialchars(stripslashes($comm['content']));
265	}
266	$template->assign('comment_add', array(
267	'F_ACTION' => $url_self,
268	'KEY' => $key,
269	'CONTENT' => $content,
270	'SHOW_AUTHOR' => !is_classic_user(),
271	));
272	}
273
274	// template
275	$template->assign(array(
276	'COA_PATH' => COA_PATH, // for css
277	'COA_ABSOLUTE_PATH' => dirname(__FILE__) .'/../', // for template
278	));
279
280	$template->set_filename('comments_on_albums', dirname(__FILE__) .'/../template/coa_albums.tpl');
281	$template->concat('PLUGIN_INDEX_CONTENT_END', $template->parse('comments_on_albums', true));
282
283	$template->set_filename('comments_on_albums_messages', dirname(__FILE__) .'/../template/coa_messages.tpl');
284	$template->concat('PLUGIN_INDEX_CONTENT_BEFORE', $template->parse('comments_on_albums_messages', true));
285	}
286
287	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: