Context Navigation

source: extensions/Comments_on_Albums/trunk/include/coa_albums.php @ 28629

Last change on this file since 28629 was 28629, checked in by mistic100, 10 years ago
use trigger_notify and trigger_change
File size: 11.5 KB

Line
1	<?php
2	/* Code adapted from include/picture_comment.inc.php and picture.php */
3	defined('COA_ID') or die('Hacking attempt!');
4
5	global $template, $page, $conf, $pwg_loaded_plugins, $user;
6
7	// +-----------------------------------------------------------------------+
8	// \| category infos \|
9	// +-----------------------------------------------------------------------+
10	$category = $page['category'];
11
12	$url_self = duplicate_index_url(array(
13	'category' => array(
14	'id' => $category['id'],
15	'name' => $category['name'],
16	'permalink' => $category['permalink']
17	),
18	array('start')
19	));
20
21
22	// +-----------------------------------------------------------------------+
23	// \| actions \|
24	// +-----------------------------------------------------------------------+
25	if (isset($_GET['action']))
26	{
27	switch ($_GET['action'])
28	{
29	case 'edit_comment' :
30	{
31	include_once(COA_PATH.'include/functions_comment.inc.php');
32	check_input_parameter('comment_to_edit', $_GET, false, PATTERN_ID);
33	$author_id = get_comment_author_id_albums($_GET['comment_to_edit']);
34
35	if (can_manage_comment('edit', $author_id))
36	{
37	if (!empty($_POST['content']))
38	{
39	check_pwg_token();
40	$comment_action = update_user_comment_albums(
41	array(
42	'comment_id' => $_GET['comment_to_edit'],
43	'category_id' => $category['id'],
44	'content' => $_POST['content'],
45	'website_url' => @$_POST['website_url'],
46	),
47	$_POST['key']
48	);
49
50	$perform_redirect = false;
51	switch ($comment_action)
52	{
53	case 'moderate':
54	$_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
55	case 'validate':
56	$_SESSION['page_infos'][] = l10n('Your comment has been registered');
57	$perform_redirect = true;
58	break;
59	case 'reject':
60	$_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
61	$perform_redirect = true;
62	break;
63	default:
64	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
65	}
66
67	if ($perform_redirect)
68	{
69	redirect($url_self);
70	}
71	unset($_POST['content']);
72	}
73	else
74	{
75	$edit_comment = $_GET['comment_to_edit'];
76	}
77
78	$template->assign('DISPLAY_COMMENTS_BLOCK', true);
79	break;
80	}
81	}
82	case 'delete_comment' :
83	{
84	check_pwg_token();
85
86	include_once(COA_PATH.'include/functions_comment.inc.php');
87
88	check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID);
89
90	$author_id = get_comment_author_id_albums($_GET['comment_to_delete']);
91
92	if (can_manage_comment('delete', $author_id))
93	{
94	delete_user_comment_albums($_GET['comment_to_delete']);
95	}
96
97	redirect($url_self);
98	}
99	case 'validate_comment' :
100	{
101	check_pwg_token();
102
103	include_once(COA_PATH.'include/functions_comment.inc.php');
104
105	check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID);
106
107	$author_id = get_comment_author_id_albums($_GET['comment_to_validate']);
108
109	if (can_manage_comment('validate', $author_id))
110	{
111	validate_user_comment_albums($_GET['comment_to_validate']);
112	}
113
114	redirect($url_self);
115	}
116	}
117	}
118
119
120	// +-----------------------------------------------------------------------+
121	// \| insert comment \|
122	// +-----------------------------------------------------------------------+
123	if ($category['commentable'] and isset($_POST['content']))
124	{
125	if (is_a_guest() and !$conf['comments_forall'])
126	{
127	die('Session expired');
128	}
129
130	$comm = array(
131	'author' => trim( @$_POST['author'] ),
132	'content' => trim( $_POST['content'] ),
133	'website_url' => trim( $_POST['website_url'] ),
134	'email' => trim( @$_POST['email'] ),
135	'category_id' => $category['id'],
136	);
137
138	include_once(COA_PATH.'include/functions_comment.inc.php');
139
140	$comment_action = insert_user_comment_albums($comm, @$_POST['key'], $page['errors']);
141
142	switch ($comment_action)
143	{
144	case 'moderate':
145	$page['infos'][] = l10n('An administrator must authorize your comment before it is visible.');
146	case 'validate':
147	$page['infos'][] = l10n('Your comment has been registered');
148	break;
149	case 'reject':
150	set_status_header(403);
151	$page['errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
152	break;
153	default:
154	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
155	}
156
157	// allow plugins to notify what's going on
158	trigger_notify('user_comment_insertion',
159	array_merge($comm, array('action'=>$comment_action) ),
160	'album'
161	);
162
163	$template->assign('DISPLAY_COMMENTS_BLOCK', true);
164	}
165	else if (isset($_POST['content']))
166	{
167	set_status_header(403);
168	die('ugly spammer');
169	}
170
171
172	// +-----------------------------------------------------------------------+
173	// \| display comments \|
174	// +-----------------------------------------------------------------------+
175	if ($category['commentable'])
176	{
177	if (isset($_GET['coa_open']))
178	{
179	$template->assign('DISPLAY_COMMENTS_BLOCK', true);
180	}
181
182	if (!is_admin())
183	{
184	$validated_clause = " AND validated = 'true'";
185	}
186	else
187	{
188	$validated_clause = null;
189	}
190
191	// number of comments for this category
192	$query = '
193	SELECT
194	COUNT(*) AS nb_comments
195	FROM '.COA_TABLE.'
196	WHERE category_id = '.$category['id']
197	.$validated_clause.'
198	;';
199	$row = pwg_db_fetch_assoc(pwg_query($query));
200
201	// navigation bar creation
202	// can't use $_GET['start'] because used by thumbnails navigation bar
203	if (isset($_GET['start_comments']))
204	{
205	$page['start_comments'] = $_GET['start_comments'];
206	}
207	else
208	{
209	$page['start_comments'] = 0;
210	}
211
212	$navigation_bar = create_navigation_bar(
213	add_url_params(duplicate_index_url(array(), array('start_comments')), array('coa_open'=>null)),
214	$row['nb_comments'],
215	$page['start_comments'],
216	$conf['nb_comment_page'],
217	false,
218	'start_comments'
219	);
220
221	$template->assign(
222	array(
223	'COMMENT_COUNT' => $row['nb_comments'],
224	'comment_navbar' => $navigation_bar,
225	)
226	);
227
228	if ($row['nb_comments'] > 0)
229	{
230	// comments order (get, session, conf)
231	if (!empty($_GET['comments_order']) && in_array(strtoupper($_GET['comments_order']), array('ASC', 'DESC')))
232	{
233	pwg_set_session_var('comments_order', $_GET['comments_order']);
234	}
235	$comments_order = pwg_get_session_var('comments_order', $conf['comments_order']);
236
237	$template->assign(array(
238	'COMMENTS_ORDER_URL' => add_url_params(duplicate_index_url(), array('comments_order'=> ($comments_order == 'ASC' ? 'DESC' : 'ASC'), 'coa_open'=>null ) ),
239	'COMMENTS_ORDER_TITLE' => $comments_order == 'ASC' ? l10n('Show latest comments first') : l10n('Show oldest comments first'),
240	));
241
242	// get comments
243	$query = '
244	SELECT
245	com.id,
246	com.author,
247	com.author_id,
248	u.'.$conf['user_fields']['email'].' AS user_email,
249	com.date,
250	com.category_id,
251	com.website_url,
252	com.email,
253	com.content,
254	com.validated
255	FROM '.COA_TABLE.' AS com
256	LEFT JOIN '.USERS_TABLE.' AS u
257	ON u.'.$conf['user_fields']['id'].' = author_id
258	WHERE category_id = '.$category['id'].'
259	'.$validated_clause.'
260	ORDER BY date '.$comments_order.'
261	LIMIT '.$conf['nb_comment_page'].' OFFSET '.$page['start_comments'].'
262	;';
263	$result = pwg_query($query);
264
265	while ($row = pwg_db_fetch_assoc($result))
266	{
267	if ($row['author'] == 'guest')
268	{
269	$row['author'] = l10n('guest');
270	}
271
272	$email = null;
273	if (!empty($row['user_email']))
274	{
275	$email = $row['user_email'];
276	}
277	else if (!empty($row['email']))
278	{
279	$email = $row['email'];
280	}
281
282	// comment content
283	$tpl_comment = array(
284	'ID' => $row['id'],
285	'AUTHOR' => trigger_change('render_comment_author', $row['author']),
286	'DATE' => trigger_change($row['date'], true),
287	'CONTENT' => trigger_change('render_comment_content', $row['content'], 'album'),
288	'WEBSITE_URL' => $row['website_url'],
289	);
290
291	// rights
292	if (can_manage_comment('delete', $row['author_id']))
293	{
294	$tpl_comment['U_DELETE'] = add_url_params(
295	$url_self,
296	array(
297	'action' => 'delete_comment',
298	'comment_to_delete' => $row['id'],
299	'pwg_token' => get_pwg_token(),
300	)
301	);
302	}
303	if (can_manage_comment('edit', $row['author_id']))
304	{
305	$tpl_comment['U_EDIT'] = add_url_params(
306	$url_self,
307	array(
308	'action' => 'edit_comment',
309	'comment_to_edit' => $row['id'],
310	)
311	);
312	if (isset($edit_comment) and ($row['id'] == $edit_comment))
313	{
314	$tpl_comment['IN_EDIT'] = true;
315	$key = get_ephemeral_key(2, $category['id']);
316	$tpl_comment['KEY'] = $key;
317	$tpl_comment['CONTENT'] = $row['content'];
318	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
319	$tpl_comment['U_CANCEL'] = $url_self;
320	}
321	}
322	if (is_admin())
323	{
324	$tpl_comment['EMAIL'] = $email;
325
326	if ($row['validated'] != 'true')
327	{
328	$tpl_comment['U_VALIDATE'] = add_url_params(
329	$url_self,
330	array(
331	'action' => 'validate_comment',
332	'comment_to_validate' => $row['id'],
333	'pwg_token' => get_pwg_token(),
334	)
335	);
336	}
337	}
338
339	$template->append('comments', $tpl_comment);
340	}
341	}
342
343	// comment form
344	$show_add_comment_form = true;
345	if (isset($edit_comment))
346	{
347	$show_add_comment_form = false;
348	}
349	if (is_a_guest() and !$conf['comments_forall'])
350	{
351	$show_add_comment_form = false;
352	}
353
354	if ($show_add_comment_form)
355	{
356	$key = get_ephemeral_key(3, $category['id']);
357
358	$tpl_var = array(
359	'F_ACTION' => $url_self,
360	'KEY' => $key,
361	'CONTENT' => '',
362	'SHOW_AUTHOR' => !is_classic_user(),
363	'AUTHOR_MANDATORY' => $conf['comments_author_mandatory'],
364	'AUTHOR' => '',
365	'WEBSITE_URL' => '',
366	'SHOW_EMAIL' => !is_classic_user() or empty($user['email']),
367	'EMAIL_MANDATORY' => $conf['comments_email_mandatory'],
368	'EMAIL' => '',
369	);
370
371	if ('reject'==@$comment_action)
372	{
373	foreach (array('content', 'author', 'website_url', 'email') as $k)
374	{
375	$tpl_var[strtoupper($k)] = htmlspecialchars( stripslashes(@$_POST[$k]) );
376	}
377	}
378	$template->assign('comment_add', $tpl_var);
379	}
380
381	// template
382	$template->assign(array(
383	'COA_PATH' => COA_PATH,
384	'COA_ABSOLUTE_PATH' => realpath(COA_PATH) . '/',
385	));
386
387	$template->set_filename('comments_on_albums', realpath(COA_PATH . 'template/albums.tpl'));
388
389	trigger_notify('loc_end_coa');
390
391	if (isset($pwg_loaded_plugins['rv_tscroller']) and count($page['navigation_bar']) != 0)
392	{
393	$template->assign('COMMENTS_ON_TOP', true);
394	$template->concat('PLUGIN_INDEX_CONTENT_BEGIN', $template->parse('comments_on_albums', true));
395	}
396	else
397	{
398	$template->concat('PLUGIN_INDEX_CONTENT_END', $template->parse('comments_on_albums', true));
399	}
400	}

Note: See TracBrowser for help on using the repository browser.

Download in other formats: