Context Navigation

source: trunk/comments.php @ 16472

Last change on this file since 16472 was 15924, checked in by mistic100, 12 years ago
on comment_list add link to exit from comment edition
Property svn:eol-style set to `LF`
File size: 16.0 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[12922]	5	// \| Copyright(C) 2008-2012 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[12887]	31	if (!$conf['activate_comments'])
	32	{
	33	page_not_found(null);
	34	}
	35
[1072]	36	// +-----------------------------------------------------------------------+
	37	// \| Check Access and exit when user status is not ok \|
	38	// +-----------------------------------------------------------------------+
	39	check_status(ACCESS_GUEST);
	40
[796]	41	$sort_order = array(
[2223]	42	'DESC' => l10n('descending'),
	43	'ASC' => l10n('ascending')
[796]	44	);
	45
	46	// sort_by : database fields proposed for sorting comments list
	47	$sort_by = array(
[2223]	48	'date' => l10n('comment date'),
[8711]	49	'image_id' => l10n('photo')
[796]	50	);
	51
	52	// items_number : list of number of items to display per page
	53	$items_number = array(5,10,20,50,'all');
	54
	55	// since when display comments ?
	56	//
	57	$since_options = array(
	58	1 => array('label' => l10n('today'),
[4367]	59	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[796]	60	2 => array('label' => sprintf(l10n('last %d days'), 7),
[4367]	61	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[796]	62	3 => array('label' => sprintf(l10n('last %d days'), 30),
[4367]	63	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]	64	4 => array('label' => l10n('the beginning'),
	65	'clause' => '1=1') // stupid but generic
	66	);
	67
[4139]	68	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	69	{
	70	$page['since'] = $_GET['since'];
	71	}
	72	else
	73	{
	74	$page['since'] = 4;
	75	}
[796]	76
	77	// on which field sorting
	78	//
	79	$page['sort_by'] = 'date';
	80	// if the form was submitted, it overloads default behaviour
[2757]	81	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	82	{
[796]	83	$page['sort_by'] = $_GET['sort_by'];
[393]	84	}
[796]	85
	86	// order to sort
	87	//
[2223]	88	$page['sort_order'] = 'DESC';
[796]	89	// if the form was submitted, it overloads default behaviour
[2757]	90	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	91	{
[2223]	92	$page['sort_order'] = $_GET['sort_order'];
[393]	93	}
[796]	94
	95	// number of items to display
	96	//
[1814]	97	$page['items_number'] = 10;
[796]	98	if (isset($_GET['items_number']))
	99	{
	100	$page['items_number'] = $_GET['items_number'];
	101	}
[3600]	102	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	103	{
	104	$page['items_number'] = 10;
	105	}
[796]	106
[1716]	107	$page['where_clauses'] = array();
	108
[796]	109	// which category to filter on ?
	110	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	111	{
[6910]	112	check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]	113
	114	$category_ids = get_subcat_ids(array($_GET['cat']));
[9679]	115	if (empty($category_ids))
[7488]	116	{
	117	$category_ids = array(-1);
	118	}
[12930]	119
[1716]	120	$page['where_clauses'][] =
[7488]	121	'category_id IN ('.implode(',', $category_ids).')';
[796]	122	}
	123
	124	// search a particular author
[4139]	125	if (!empty($_GET['author']))
[796]	126	{
[3487]	127	$page['where_clauses'][] =
	128	'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
	129	OR author = \''.$_GET['author'].'\'';
[796]	130	}
	131
[5195]	132	// search a specific comment (if you're coming directly from an admin
	133	// notification email)
	134	if (!empty($_GET['comment_id']))
	135	{
	136	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
	137
	138	// currently, the $_GET['comment_id'] is only used by admins from email
	139	// for management purpose (validate/delete)
	140	if (!is_admin())
	141	{
	142	$login_url =
	143	get_root_url().'identification.php?redirect='
	144	.urlencode(urlencode($_SERVER['REQUEST_URI']))
	145	;
	146	redirect($login_url);
	147	}
	148
	149	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
	150	}
	151
[796]	152	// search a substring among comments content
[4139]	153	if (!empty($_GET['keyword']))
[796]	154	{
[1716]	155	$page['where_clauses'][] =
[796]	156	'('.
	157	implode(' AND ',
	158	array_map(
	159	create_function(
	160	'$s',
	161	'return "content LIKE \'%$s%\'";'
	162	),
[2012]	163	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	164	)
	165	).
	166	')';
	167	}
	168
[1716]	169	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	170
[1598]	171	// which status to filter on ?
[1716]	172	if ( !is_admin() )
[1598]	173	{
[4367]	174	$page['where_clauses'][] = 'validated=\'true\'';
[1598]	175	}
	176
[1716]	177	$page['where_clauses'][] = get_sql_condition_FandF
	178	(
	179	array
	180	(
	181	'forbidden_categories' => 'category_id',
	182	'visible_categories' => 'category_id',
	183	'visible_images' => 'ic.image_id'
	184	),
	185	'', true
	186	);
[1598]	187
[579]	188	// +-----------------------------------------------------------------------+
	189	// \| comments management \|
	190	// +-----------------------------------------------------------------------+
[1598]	191
[5195]	192	$comment_id = null;
	193	$action = null;
	194
	195	$actions = array('delete', 'validate', 'edit');
	196	foreach ($actions as $loop_action)
	197	{
	198	if (isset($_GET[$loop_action]))
	199	{
[5199]	200	$action = $loop_action;
[5195]	201	check_input_parameter($action, $_GET, false, PATTERN_ID);
	202	$comment_id = $_GET[$action];
	203	break;
	204	}
[579]	205	}
[1617]	206
[5195]	207	if (isset($action))
[3445]	208	{
[5195]	209	$comment_author_id = get_comment_author_id($comment_id);
[5199]	210
[5195]	211	if (can_manage_comment($action, $comment_author_id))
[3445]	212	{
[5195]	213	$perform_redirect = false;
[5199]	214
[5195]	215	if ('delete' == $action)
	216	{
[13865]	217	check_pwg_token();
[5195]	218	delete_user_comment($comment_id);
	219	$perform_redirect = true;
	220	}
[3445]	221
[5195]	222	if ('validate' == $action)
	223	{
[13865]	224	check_pwg_token();
[5195]	225	validate_user_comment($comment_id);
	226	$perform_redirect = true;
	227	}
[5199]	228
[5195]	229	if ('edit' == $action)
	230	{
	231	if (!empty($_POST['content']))
	232	{
[13865]	233	check_pwg_token();
[5195]	234	update_user_comment(
	235	array(
	236	'comment_id' => $_GET['edit'],
	237	'image_id' => $_POST['image_id'],
	238	'content' => $_POST['content']
	239	),
	240	$_POST['key']
	241	);
[5199]	242
[12765]	243	$perform_redirect = true;
[5195]	244	}
	245	else
	246	{
	247	$edit_comment = $_GET['edit'];
	248	}
	249	}
[5199]	250
[5195]	251	if ($perform_redirect)
	252	{
	253	$redirect_url =
	254	PHPWG_ROOT_PATH
	255	.'comments.php'
[12765]	256	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
[5199]	257
[5195]	258	redirect($redirect_url);
	259	}
[3445]	260	}
	261	}
	262
[579]	263	// +-----------------------------------------------------------------------+
	264	// \| page header and options \|
	265	// +-----------------------------------------------------------------------+
[355]	266
[2268]	267	$title= l10n('User comments');
[850]	268	$page['body_id'] = 'theCommentsPage';
	269
[579]	270	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	271	$template->assign(
[579]	272	array(
[796]	273	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	274	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	275	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	276	)
	277	);
[355]	278
[796]	279	// +-----------------------------------------------------------------------+
	280	// \| form construction \|
	281	// +-----------------------------------------------------------------------+
	282
	283	// Search in a particular category
[2223]	284	$blockname = 'categories';
[796]	285
	286	$query = '
[1861]	287	SELECT id, name, uppercats, global_rank
[1677]	288	FROM '.CATEGORIES_TABLE.'
	289	'.get_sql_condition_FandF
	290	(
	291	array
	292	(
	293	'forbidden_categories' => 'id',
	294	'visible_categories' => 'id'
	295	),
	296	'WHERE'
	297	).'
[796]	298	;';
	299	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	300
	301	// Filter on recent comments...
[2223]	302	$tpl_var=array();
[796]	303	foreach ($since_options as $id => $option)
	304	{
[2223]	305	$tpl_var[ $id ] = $option['label'];
[355]	306	}
[2223]	307	$template->assign( 'since_options', $tpl_var);
	308	$template->assign( 'since_options_selected', $page['since']);
[796]	309
	310	// Sort by
[2223]	311	$template->assign( 'sort_by_options', $sort_by);
	312	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	313
	314	// Sorting order
[2223]	315	$template->assign( 'sort_order_options', $sort_order);
	316	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	317
	318
	319	// Number of items
	320	$blockname = 'items_number_option';
[2223]	321	$tpl_var=array();
[796]	322	foreach ($items_number as $option)
	323	{
[2223]	324	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	325	}
[2223]	326	$template->assign( 'item_number_options', $tpl_var);
	327	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	328
[2223]	329
[579]	330	// +-----------------------------------------------------------------------+
[796]	331	// \| navigation bar \|
	332	// +-----------------------------------------------------------------------+
	333
	334	if (isset($_GET['start']) and is_numeric($_GET['start']))
	335	{
	336	$start = $_GET['start'];
	337	}
	338	else
	339	{
	340	$start = 0;
	341	}
	342
	343	$query = '
[3450]	344	SELECT COUNT(DISTINCT(com.id))
[796]	345	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]	346	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	347	ON ic.image_id = com.image_id
[4139]	348	LEFT JOIN '.USERS_TABLE.' As u
	349	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	350	WHERE '.implode('
	351	AND ', $page['where_clauses']).'
[796]	352	;';
[4325]	353	list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]	354
[1598]	355	$url = PHPWG_ROOT_PATH
	356	.'comments.php'
[5195]	357	.get_query_string_diff(array('start','delete','validate','pwg_token'));
[796]	358
	359	$navbar = create_navigation_bar($url,
	360	$counter,
	361	$start,
	362	$page['items_number'],
	363	'');
	364
[3172]	365	$template->assign('navbar', $navbar);
[796]	366
[15924]	367	$url_self = PHPWG_ROOT_PATH
	368	.'comments.php'
	369	.get_query_string_diff(array('edit','delete','validate','pwg_token'));
	370
[796]	371	// +-----------------------------------------------------------------------+
[579]	372	// \| last comments display \|
	373	// +-----------------------------------------------------------------------+
[355]	374
[796]	375	$comments = array();
	376	$element_ids = array();
	377	$category_ids = array();
	378
[579]	379	$query = '
[6596]	380	SELECT com.id AS comment_id,
	381	com.image_id,
	382	com.author,
	383	com.author_id,
	384	com.date,
	385	com.content,
	386	com.validated
[796]	387	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]	388	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	389	ON ic.image_id = com.image_id
[4139]	390	LEFT JOIN '.USERS_TABLE.' As u
	391	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	392	WHERE '.implode('
	393	AND ', $page['where_clauses']).'
[6596]	394	GROUP BY comment_id,
	395	com.image_id,
	396	com.author,
	397	com.author_id,
	398	com.date,
	399	com.content,
	400	com.validated
[796]	401	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	402	if ('all' != $page['items_number'])
	403	{
	404	$query.= '
[4334]	405	LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]	406	}
	407	$query.= '
[579]	408	;';
[587]	409	$result = pwg_query($query);
[4325]	410	while ($row = pwg_db_fetch_assoc($result))
[393]	411	{
[796]	412	array_push($comments, $row);
	413	array_push($element_ids, $row['image_id']);
[393]	414	}
[796]	415
	416	if (count($comments) > 0)
[579]	417	{
[796]	418	// retrieving element informations
	419	$elements = array();
[579]	420	$query = '
[12930]	421	SELECT *
[579]	422	FROM '.IMAGES_TABLE.'
[796]	423	WHERE id IN ('.implode(',', $element_ids).')
[579]	424	;';
[796]	425	$result = pwg_query($query);
[4325]	426	while ($row = pwg_db_fetch_assoc($result))
[579]	427	{
[796]	428	$elements[$row['id']] = $row;
[579]	429	}
[721]	430
[796]	431	// retrieving category informations
[579]	432	$query = '
[6596]	433	SELECT c.id, name, permalink, uppercats, com.id as comment_id
	434	FROM '.CATEGORIES_TABLE.' AS c
	435	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
	436	ON c.id=ic.category_id
	437	LEFT JOIN '.COMMENTS_TABLE.' AS com
	438	ON ic.image_id=com.image_id
[6601]	439	'.get_sql_condition_FandF
	440	(
	441	array
	442	(
	443	'forbidden_categories' => 'c.id',
	444	'visible_categories' => 'c.id'
	445	),
	446	'WHERE'
	447	).'
[796]	448	;';
[6596]	449	$categories = hash_from_query($query, 'comment_id');
[796]	450
	451	foreach ($comments as $comment)
[579]	452	{
[796]	453	if (!empty($elements[$comment['image_id']]['name']))
[166]	454	{
[1598]	455	$name=$elements[$comment['image_id']]['name'];
[166]	456	}
[796]	457	else
	458	{
[1598]	459	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	460	}
[1090]	461
[796]	462	// source of the thumbnail picture
[12930]	463	$src_image = new SrcImage($elements[$comment['image_id']]);
[1090]	464
[796]	465	// link to the full size picture
[1090]	466	$url = make_picture_url(
[796]	467	array(
[6596]	468	'category' => $categories[ $comment['comment_id'] ],
[5195]	469	'image_id' => $comment['image_id'],
	470	'image_file' => $elements[$comment['image_id']]['file'],
	471	)
	472	);
[5199]	473
[5195]	474	$tpl_comment = array(
[11261]	475	'ID' => $comment['comment_id'],
[5195]	476	'U_PICTURE' => $url,
[12930]	477	'src_image' => $src_image,
[5195]	478	'ALT' => $name,
	479	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
	480	'DATE'=>format_date($comment['date'], true),
	481	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
	482	);
[1598]	483
[3487]	484	if (can_manage_comment('delete', $comment['author_id']))
[1598]	485	{
[5195]	486	$url =
	487	get_root_url()
	488	.'comments.php'
	489	.get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
[5199]	490
[5195]	491	$tpl_comment['U_DELETE'] = add_url_params(
	492	$url,
	493	array(
	494	'delete' => $comment['comment_id'],
	495	'pwg_token' => get_pwg_token(),
	496	)
	497	);
[3445]	498	}
[5199]	499
[3450]	500	if (can_manage_comment('edit', $comment['author_id']))
[3445]	501	{
[5195]	502	$url =
	503	get_root_url()
	504	.'comments.php'
	505	.get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
[5199]	506
[5195]	507	$tpl_comment['U_EDIT'] = add_url_params(
	508	$url,
	509	array(
[13865]	510	'edit' => $comment['comment_id']
[5195]	511	)
	512	);
[5199]	513
[3487]	514	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	515	{
[12930]	516	$tpl_comment['IN_EDIT'] = true;
	517	$key = get_ephemeral_key(2, $comment['image_id']);
	518	$tpl_comment['KEY'] = $key;
	519	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	520	$tpl_comment['CONTENT'] = $comment['content'];
[13865]	521	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
[15924]	522	$tpl_comment['U_CANCEL'] = $url_self;
[1598]	523	}
	524	}
[3445]	525
[5195]	526	if (can_manage_comment('validate', $comment['author_id']))
[3445]	527	{
[5195]	528	if ('true' != $comment['validated'])
	529	{
	530	$tpl_comment['U_VALIDATE'] = add_url_params(
	531	$url,
	532	array(
	533	'validate'=> $comment['comment_id'],
	534	'pwg_token' => get_pwg_token(),
	535	)
	536	);
	537	}
[3445]	538	}
[2223]	539	$template->append('comments', $tpl_comment);
[166]	540	}
[579]	541	}
[10812]	542
[12930]	543	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
	544	$template->assign( 'derivative_params', $derivative_params );
	545
[10812]	546	// include menubar
	547	$themeconf = $template->get_template_vars('themeconf');
[10824]	548	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]	549	{
	550	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
	551	}
	552
[579]	553	// +-----------------------------------------------------------------------+
	554	// \| html code display \|
	555	// +-----------------------------------------------------------------------+
[2107]	556	include(PHPWG_ROOT_PATH.'include/page_header.php');
[15578]	557	include(PHPWG_ROOT_PATH.'include/page_messages.php');
[2223]	558	$template->pparse('comments');
[1598]	559	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	560	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: