source: trunk/comments.php @ 14529

Last change on this file since 14529 was 13865, checked in by rvelices, 13 years ago
  • comment edit form looks ok now with the new comment layout
  • removed unused css / simplify it
  • simplified jquery drop boxes ...
  • Property svn:eol-style set to LF
File size: 15.8 KB
RevLine 
[166]1<?php
[354]2// +-----------------------------------------------------------------------+
[8728]3// | Piwigo - a PHP based photo gallery                                    |
[2297]4// +-----------------------------------------------------------------------+
[12922]5// | Copyright(C) 2008-2012 Piwigo Team                  http://piwigo.org |
[2297]6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
[166]23
[579]24// +-----------------------------------------------------------------------+
25// |                           initialization                              |
26// +-----------------------------------------------------------------------+
[1598]27define('PHPWG_ROOT_PATH','./');
28include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]29include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]30
[12887]31if (!$conf['activate_comments'])
32{
33  page_not_found(null);
34}
35
[1072]36// +-----------------------------------------------------------------------+
37// | Check Access and exit when user status is not ok                      |
38// +-----------------------------------------------------------------------+
39check_status(ACCESS_GUEST);
40
[796]41$sort_order = array(
[2223]42  'DESC' => l10n('descending'),
43  'ASC'  => l10n('ascending')
[796]44  );
45
46// sort_by : database fields proposed for sorting comments list
47$sort_by = array(
[2223]48  'date' => l10n('comment date'),
[8711]49  'image_id' => l10n('photo')
[796]50  );
51
52// items_number : list of number of items to display per page
53$items_number = array(5,10,20,50,'all');
54
55// since when display comments ?
56//
57$since_options = array(
58  1 => array('label' => l10n('today'),
[4367]59             'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[796]60  2 => array('label' => sprintf(l10n('last %d days'), 7),
[4367]61             'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[796]62  3 => array('label' => sprintf(l10n('last %d days'), 30),
[4367]63             'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]64  4 => array('label' => l10n('the beginning'),
65             'clause' => '1=1') // stupid but generic
66  );
67
[4139]68if (!empty($_GET['since']) && is_numeric($_GET['since']))
69{
70  $page['since'] = $_GET['since'];
71}
72else
73{
74  $page['since'] = 4;
75}
[796]76
77// on which field sorting
78//
79$page['sort_by'] = 'date';
80// if the form was submitted, it overloads default behaviour
[2757]81if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]82{
[796]83  $page['sort_by'] = $_GET['sort_by'];
[393]84}
[796]85
86// order to sort
87//
[2223]88$page['sort_order'] = 'DESC';
[796]89// if the form was submitted, it overloads default behaviour
[2757]90if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]91{
[2223]92  $page['sort_order'] = $_GET['sort_order'];
[393]93}
[796]94
95// number of items to display
96//
[1814]97$page['items_number'] = 10;
[796]98if (isset($_GET['items_number']))
99{
100  $page['items_number'] = $_GET['items_number'];
101}
[3600]102if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]103{
104  $page['items_number'] = 10;
105}
[796]106
[1716]107$page['where_clauses'] = array();
108
[796]109// which category to filter on ?
110if (isset($_GET['cat']) and 0 != $_GET['cat'])
111{
[6910]112  check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]113
114  $category_ids = get_subcat_ids(array($_GET['cat']));
[9679]115  if (empty($category_ids))
[7488]116  {
117    $category_ids = array(-1);
118  }
[12930]119
[1716]120  $page['where_clauses'][] =
[7488]121    'category_id IN ('.implode(',', $category_ids).')';
[796]122}
123
124// search a particular author
[4139]125if (!empty($_GET['author']))
[796]126{
[3487]127  $page['where_clauses'][] =
128    'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
129     OR author = \''.$_GET['author'].'\'';
[796]130}
131
[5195]132// search a specific comment (if you're coming directly from an admin
133// notification email)
134if (!empty($_GET['comment_id']))
135{
136  check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
137
138  // currently, the $_GET['comment_id'] is only used by admins from email
139  // for management purpose (validate/delete)
140  if (!is_admin())
141  {
142    $login_url =
143      get_root_url().'identification.php?redirect='
144      .urlencode(urlencode($_SERVER['REQUEST_URI']))
145      ;
146    redirect($login_url);
147  }
148
149  $page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
150}
151
[796]152// search a substring among comments content
[4139]153if (!empty($_GET['keyword']))
[796]154{
[1716]155  $page['where_clauses'][] =
[796]156    '('.
157    implode(' AND ',
158            array_map(
159              create_function(
160                '$s',
161                'return "content LIKE \'%$s%\'";'
162                ),
[2012]163              preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]164              )
165      ).
166    ')';
167}
168
[1716]169$page['where_clauses'][] = $since_options[$page['since']]['clause'];
170
[1598]171// which status to filter on ?
[1716]172if ( !is_admin() )
[1598]173{
[4367]174  $page['where_clauses'][] = 'validated=\'true\'';
[1598]175}
176
[1716]177$page['where_clauses'][] = get_sql_condition_FandF
178  (
179    array
180      (
181        'forbidden_categories' => 'category_id',
182        'visible_categories' => 'category_id',
183        'visible_images' => 'ic.image_id'
184      ),
185    '', true
186  );
[1598]187
[579]188// +-----------------------------------------------------------------------+
189// |                         comments management                           |
190// +-----------------------------------------------------------------------+
[1598]191
[5195]192$comment_id = null;
193$action = null;
194
195$actions = array('delete', 'validate', 'edit');
196foreach ($actions as $loop_action)
197{
198  if (isset($_GET[$loop_action]))
199  {
[5199]200    $action = $loop_action;
[5195]201    check_input_parameter($action, $_GET, false, PATTERN_ID);
202    $comment_id = $_GET[$action];
203    break;
204  }
[579]205}
[1617]206
[5195]207if (isset($action))
[3445]208{
[5195]209  $comment_author_id = get_comment_author_id($comment_id);
[5199]210
[5195]211  if (can_manage_comment($action, $comment_author_id))
[3445]212  {
[5195]213    $perform_redirect = false;
[5199]214
[5195]215    if ('delete' == $action)
216    {
[13865]217      check_pwg_token();
[5195]218      delete_user_comment($comment_id);
219      $perform_redirect = true;
220    }
[3445]221
[5195]222    if ('validate' == $action)
223    {
[13865]224      check_pwg_token();
[5195]225      validate_user_comment($comment_id);
226      $perform_redirect = true;
227    }
[5199]228
[5195]229    if ('edit' == $action)
230    {
231      if (!empty($_POST['content']))
232      {
[13865]233        check_pwg_token();
[5195]234        update_user_comment(
235          array(
236            'comment_id' => $_GET['edit'],
237            'image_id' => $_POST['image_id'],
238            'content' => $_POST['content']
239            ),
240          $_POST['key']
241          );
[5199]242
[12765]243        $perform_redirect = true;
[5195]244      }
245      else
246      {
247        $edit_comment = $_GET['edit'];
248      }
249    }
[5199]250
[5195]251    if ($perform_redirect)
252    {
253      $redirect_url =
254        PHPWG_ROOT_PATH
255        .'comments.php'
[12765]256        .get_query_string_diff(array('delete','edit','validate','pwg_token'));
[5199]257
[5195]258      redirect($redirect_url);
259    }
[3445]260  }
261}
262
[579]263// +-----------------------------------------------------------------------+
264// |                       page header and options                         |
265// +-----------------------------------------------------------------------+
[355]266
[2268]267$title= l10n('User comments');
[850]268$page['body_id'] = 'theCommentsPage';
269
[579]270$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]271$template->assign(
[579]272  array(
[796]273    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]274    'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
275    'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]276    )
277  );
[355]278
[796]279// +-----------------------------------------------------------------------+
280// |                          form construction                            |
281// +-----------------------------------------------------------------------+
282
283// Search in a particular category
[2223]284$blockname = 'categories';
[796]285
286$query = '
[1861]287SELECT id, name, uppercats, global_rank
[1677]288  FROM '.CATEGORIES_TABLE.'
289'.get_sql_condition_FandF
290  (
291    array
292      (
293        'forbidden_categories' => 'id',
294        'visible_categories' => 'id'
295      ),
296    'WHERE'
297  ).'
[796]298;';
299display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
300
301// Filter on recent comments...
[2223]302$tpl_var=array();
[796]303foreach ($since_options as $id => $option)
304{
[2223]305  $tpl_var[ $id ] = $option['label'];
[355]306}
[2223]307$template->assign( 'since_options', $tpl_var);
308$template->assign( 'since_options_selected', $page['since']);
[796]309
310// Sort by
[2223]311$template->assign( 'sort_by_options', $sort_by);
312$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]313
314// Sorting order
[2223]315$template->assign( 'sort_order_options', $sort_order);
316$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]317
318
319// Number of items
320$blockname = 'items_number_option';
[2223]321$tpl_var=array();
[796]322foreach ($items_number as $option)
323{
[2223]324  $tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]325}
[2223]326$template->assign( 'item_number_options', $tpl_var);
327$template->assign( 'item_number_options_selected', $page['items_number']);
[796]328
[2223]329
[579]330// +-----------------------------------------------------------------------+
[796]331// |                            navigation bar                             |
332// +-----------------------------------------------------------------------+
333
334if (isset($_GET['start']) and is_numeric($_GET['start']))
335{
336  $start = $_GET['start'];
337}
338else
339{
340  $start = 0;
341}
342
343$query = '
[3450]344SELECT COUNT(DISTINCT(com.id))
[796]345  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]346    INNER JOIN '.COMMENTS_TABLE.' AS com
[796]347    ON ic.image_id = com.image_id
[4139]348    LEFT JOIN '.USERS_TABLE.' As u
349    ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]350  WHERE '.implode('
351    AND ', $page['where_clauses']).'
[796]352;';
[4325]353list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]354
[1598]355$url = PHPWG_ROOT_PATH
356    .'comments.php'
[5195]357  .get_query_string_diff(array('start','delete','validate','pwg_token'));
[796]358
359$navbar = create_navigation_bar($url,
360                                $counter,
361                                $start,
362                                $page['items_number'],
363                                '');
364
[3172]365$template->assign('navbar', $navbar);
[796]366
367// +-----------------------------------------------------------------------+
[579]368// |                        last comments display                          |
369// +-----------------------------------------------------------------------+
[355]370
[796]371$comments = array();
372$element_ids = array();
373$category_ids = array();
374
[579]375$query = '
[6596]376SELECT com.id AS comment_id,
377       com.image_id,
378       com.author,
379       com.author_id,
380       com.date,
381       com.content,
382       com.validated
[796]383  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]384    INNER JOIN '.COMMENTS_TABLE.' AS com
[796]385    ON ic.image_id = com.image_id
[4139]386    LEFT JOIN '.USERS_TABLE.' As u
387    ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]388  WHERE '.implode('
389    AND ', $page['where_clauses']).'
[6596]390  GROUP BY comment_id,
391       com.image_id,
392       com.author,
393       com.author_id,
394       com.date,
395       com.content,
396       com.validated
[796]397  ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
398if ('all' != $page['items_number'])
399{
400  $query.= '
[4334]401  LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]402}
403$query.= '
[579]404;';
[587]405$result = pwg_query($query);
[4325]406while ($row = pwg_db_fetch_assoc($result))
[393]407{
[796]408  array_push($comments, $row);
409  array_push($element_ids, $row['image_id']);
[393]410}
[796]411
412if (count($comments) > 0)
[579]413{
[796]414  // retrieving element informations
415  $elements = array();
[579]416  $query = '
[12930]417SELECT *
[579]418  FROM '.IMAGES_TABLE.'
[796]419  WHERE id IN ('.implode(',', $element_ids).')
[579]420;';
[796]421  $result = pwg_query($query);
[4325]422  while ($row = pwg_db_fetch_assoc($result))
[579]423  {
[796]424    $elements[$row['id']] = $row;
[579]425  }
[721]426
[796]427  // retrieving category informations
[579]428  $query = '
[6596]429SELECT c.id, name, permalink, uppercats, com.id as comment_id
430  FROM '.CATEGORIES_TABLE.' AS c
431  LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
432  ON c.id=ic.category_id
433  LEFT JOIN '.COMMENTS_TABLE.' AS com
434  ON ic.image_id=com.image_id
[6601]435  '.get_sql_condition_FandF
436    (
437      array
438      (
439        'forbidden_categories' => 'c.id',
440        'visible_categories' => 'c.id'
441       ),
442      'WHERE'
443     ).'
[796]444;';
[6596]445  $categories = hash_from_query($query, 'comment_id');
[796]446
447  foreach ($comments as $comment)
[579]448  {
[796]449    if (!empty($elements[$comment['image_id']]['name']))
[166]450    {
[1598]451      $name=$elements[$comment['image_id']]['name'];
[166]452    }
[796]453    else
454    {
[1598]455      $name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]456    }
[1090]457
[796]458    // source of the thumbnail picture
[12930]459    $src_image = new SrcImage($elements[$comment['image_id']]);
[1090]460
[796]461    // link to the full size picture
[1090]462    $url = make_picture_url(
[796]463      array(
[6596]464        'category' => $categories[ $comment['comment_id'] ],
[5195]465        'image_id' => $comment['image_id'],
466        'image_file' => $elements[$comment['image_id']]['file'],
467        )
468      );
[5199]469
[5195]470    $tpl_comment = array(
[11261]471      'ID' => $comment['comment_id'],
[5195]472      'U_PICTURE' => $url,
[12930]473      'src_image' => $src_image,
[5195]474      'ALT' => $name,
475      'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
476      'DATE'=>format_date($comment['date'], true),
477      'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
478      );
[1598]479
[3487]480    if (can_manage_comment('delete', $comment['author_id']))
[1598]481    {
[5195]482      $url =
483        get_root_url()
484        .'comments.php'
485        .get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
[5199]486
[5195]487      $tpl_comment['U_DELETE'] = add_url_params(
488        $url,
489        array(
490          'delete' => $comment['comment_id'],
491          'pwg_token' => get_pwg_token(),
492          )
493        );
[3445]494    }
[5199]495
[3450]496    if (can_manage_comment('edit', $comment['author_id']))
[3445]497    {
[5195]498      $url =
499        get_root_url()
500        .'comments.php'
501        .get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
[5199]502
[5195]503      $tpl_comment['U_EDIT'] = add_url_params(
504        $url,
505        array(
[13865]506          'edit' => $comment['comment_id']
[5195]507          )
508        );
[5199]509
[3487]510      if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]511      {
[12930]512        $tpl_comment['IN_EDIT'] = true;
513        $key = get_ephemeral_key(2, $comment['image_id']);
514        $tpl_comment['KEY'] = $key;
515        $tpl_comment['IMAGE_ID'] = $comment['image_id'];
516        $tpl_comment['CONTENT'] = $comment['content'];
[13865]517        $tpl_comment['PWG_TOKEN'] = get_pwg_token();
[1598]518      }
519    }
[3445]520
[5195]521    if (can_manage_comment('validate', $comment['author_id']))
[3445]522    {
[5195]523      if ('true' != $comment['validated'])
524      {
525        $tpl_comment['U_VALIDATE'] = add_url_params(
526          $url,
527          array(
528            'validate'=> $comment['comment_id'],
529            'pwg_token' => get_pwg_token(),
530            )
531          );
532      }
[3445]533    }
[2223]534    $template->append('comments', $tpl_comment);
[166]535  }
[579]536}
[10812]537
[12930]538$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
539$template->assign( 'derivative_params', $derivative_params );
540
[10812]541// include menubar
542$themeconf = $template->get_template_vars('themeconf');
[10824]543if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]544{
545  include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
546}
547
[579]548// +-----------------------------------------------------------------------+
549// |                           html code display                           |
550// +-----------------------------------------------------------------------+
[2107]551include(PHPWG_ROOT_PATH.'include/page_header.php');
[2223]552$template->pparse('comments');
[1598]553include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]554?>
Note: See TracBrowser for help on using the repository browser.