Context Navigation

source: trunk/comments.php @ 21188

Last change on this file since 21188 was 20609, checked in by rvelices, 11 years ago
replaced page_messages.php with a function to call
Property svn:eol-style set to `LF`
File size: 17.7 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[19703]	5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[12887]	31	if (!$conf['activate_comments'])
	32	{
	33	page_not_found(null);
	34	}
	35
[1072]	36	// +-----------------------------------------------------------------------+
	37	// \| Check Access and exit when user status is not ok \|
	38	// +-----------------------------------------------------------------------+
	39	check_status(ACCESS_GUEST);
	40
[796]	41	$sort_order = array(
[2223]	42	'DESC' => l10n('descending'),
	43	'ASC' => l10n('ascending')
[796]	44	);
	45
	46	// sort_by : database fields proposed for sorting comments list
	47	$sort_by = array(
[2223]	48	'date' => l10n('comment date'),
[8711]	49	'image_id' => l10n('photo')
[796]	50	);
	51
	52	// items_number : list of number of items to display per page
	53	$items_number = array(5,10,20,50,'all');
	54
[19303]	55	// if the default value is not in the expected values, we add it in the $items_number array
	56	if (!in_array($conf['comments_page_nb_comments'], $items_number))
	57	{
	58	$items_number_new = array();
	59
	60	$is_inserted = false;
	61
	62	foreach ($items_number as $number)
	63	{
	64	if ($number > $conf['comments_page_nb_comments'] or ($number == 'all' and !$is_inserted))
	65	{
	66	$items_number_new[] = $conf['comments_page_nb_comments'];
	67	$is_inserted = true;
	68	}
	69
	70	$items_number_new[] = $number;
	71	}
	72
	73	$items_number = $items_number_new;
	74	}
	75
[796]	76	// since when display comments ?
	77	//
	78	$since_options = array(
	79	1 => array('label' => l10n('today'),
[4367]	80	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[796]	81	2 => array('label' => sprintf(l10n('last %d days'), 7),
[4367]	82	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[796]	83	3 => array('label' => sprintf(l10n('last %d days'), 30),
[4367]	84	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]	85	4 => array('label' => l10n('the beginning'),
	86	'clause' => '1=1') // stupid but generic
	87	);
[18063]	88
	89	trigger_action('loc_begin_comments');
[796]	90
[4139]	91	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	92	{
	93	$page['since'] = $_GET['since'];
	94	}
	95	else
	96	{
	97	$page['since'] = 4;
	98	}
[796]	99
	100	// on which field sorting
	101	//
	102	$page['sort_by'] = 'date';
	103	// if the form was submitted, it overloads default behaviour
[2757]	104	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	105	{
[796]	106	$page['sort_by'] = $_GET['sort_by'];
[393]	107	}
[796]	108
	109	// order to sort
	110	//
[2223]	111	$page['sort_order'] = 'DESC';
[796]	112	// if the form was submitted, it overloads default behaviour
[2757]	113	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	114	{
[2223]	115	$page['sort_order'] = $_GET['sort_order'];
[393]	116	}
[796]	117
	118	// number of items to display
	119	//
[19303]	120	$page['items_number'] = $conf['comments_page_nb_comments'];
[796]	121	if (isset($_GET['items_number']))
	122	{
	123	$page['items_number'] = $_GET['items_number'];
	124	}
[3600]	125	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	126	{
	127	$page['items_number'] = 10;
	128	}
[796]	129
[1716]	130	$page['where_clauses'] = array();
	131
[796]	132	// which category to filter on ?
	133	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	134	{
[6910]	135	check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]	136
	137	$category_ids = get_subcat_ids(array($_GET['cat']));
[9679]	138	if (empty($category_ids))
[7488]	139	{
	140	$category_ids = array(-1);
	141	}
[12930]	142
[1716]	143	$page['where_clauses'][] =
[7488]	144	'category_id IN ('.implode(',', $category_ids).')';
[796]	145	}
	146
	147	// search a particular author
[4139]	148	if (!empty($_GET['author']))
[796]	149	{
[3487]	150	$page['where_clauses'][] =
	151	'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
	152	OR author = \''.$_GET['author'].'\'';
[796]	153	}
	154
[5195]	155	// search a specific comment (if you're coming directly from an admin
	156	// notification email)
	157	if (!empty($_GET['comment_id']))
	158	{
	159	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
	160
	161	// currently, the $_GET['comment_id'] is only used by admins from email
	162	// for management purpose (validate/delete)
	163	if (!is_admin())
	164	{
	165	$login_url =
	166	get_root_url().'identification.php?redirect='
	167	.urlencode(urlencode($_SERVER['REQUEST_URI']))
	168	;
	169	redirect($login_url);
	170	}
	171
	172	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
	173	}
	174
[796]	175	// search a substring among comments content
[4139]	176	if (!empty($_GET['keyword']))
[796]	177	{
[1716]	178	$page['where_clauses'][] =
[796]	179	'('.
	180	implode(' AND ',
	181	array_map(
	182	create_function(
	183	'$s',
	184	'return "content LIKE \'%$s%\'";'
	185	),
[2012]	186	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	187	)
	188	).
	189	')';
	190	}
	191
[1716]	192	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	193
[1598]	194	// which status to filter on ?
[1716]	195	if ( !is_admin() )
[1598]	196	{
[4367]	197	$page['where_clauses'][] = 'validated=\'true\'';
[1598]	198	}
	199
[1716]	200	$page['where_clauses'][] = get_sql_condition_FandF
	201	(
	202	array
	203	(
	204	'forbidden_categories' => 'category_id',
	205	'visible_categories' => 'category_id',
	206	'visible_images' => 'ic.image_id'
	207	),
	208	'', true
	209	);
[1598]	210
[579]	211	// +-----------------------------------------------------------------------+
	212	// \| comments management \|
	213	// +-----------------------------------------------------------------------+
[1598]	214
[5195]	215	$comment_id = null;
	216	$action = null;
	217
	218	$actions = array('delete', 'validate', 'edit');
	219	foreach ($actions as $loop_action)
	220	{
	221	if (isset($_GET[$loop_action]))
	222	{
[5199]	223	$action = $loop_action;
[5195]	224	check_input_parameter($action, $_GET, false, PATTERN_ID);
	225	$comment_id = $_GET[$action];
	226	break;
	227	}
[579]	228	}
[1617]	229
[5195]	230	if (isset($action))
[3445]	231	{
[5195]	232	$comment_author_id = get_comment_author_id($comment_id);
[5199]	233
[5195]	234	if (can_manage_comment($action, $comment_author_id))
[3445]	235	{
[5195]	236	$perform_redirect = false;
[5199]	237
[5195]	238	if ('delete' == $action)
	239	{
[13865]	240	check_pwg_token();
[5195]	241	delete_user_comment($comment_id);
	242	$perform_redirect = true;
	243	}
[3445]	244
[5195]	245	if ('validate' == $action)
	246	{
[13865]	247	check_pwg_token();
[5195]	248	validate_user_comment($comment_id);
	249	$perform_redirect = true;
	250	}
[5199]	251
[5195]	252	if ('edit' == $action)
	253	{
	254	if (!empty($_POST['content']))
	255	{
[13865]	256	check_pwg_token();
[18995]	257	$comment_action = update_user_comment(
[5195]	258	array(
	259	'comment_id' => $_GET['edit'],
	260	'image_id' => $_POST['image_id'],
[18995]	261	'content' => $_POST['content'],
	262	'website_url' => @$_POST['website_url'],
[5195]	263	),
	264	$_POST['key']
	265	);
[18995]	266
	267	switch ($comment_action)
	268	{
	269	case 'moderate':
	270	$_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
	271	case 'validate':
	272	$_SESSION['page_infos'][] = l10n('Your comment has been registered');
	273	$perform_redirect = true;
	274	break;
	275	case 'reject':
	276	$_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
	277	break;
	278	default:
	279	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
	280	}
[5195]	281	}
[18995]	282
	283	$edit_comment = $_GET['edit'];
[5195]	284	}
[5199]	285
[5195]	286	if ($perform_redirect)
	287	{
	288	$redirect_url =
	289	PHPWG_ROOT_PATH
	290	.'comments.php'
[12765]	291	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
[5199]	292
[5195]	293	redirect($redirect_url);
	294	}
[3445]	295	}
	296	}
	297
[579]	298	// +-----------------------------------------------------------------------+
	299	// \| page header and options \|
	300	// +-----------------------------------------------------------------------+
[355]	301
[2268]	302	$title= l10n('User comments');
[850]	303	$page['body_id'] = 'theCommentsPage';
	304
[579]	305	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	306	$template->assign(
[579]	307	array(
[796]	308	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	309	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	310	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	311	)
	312	);
[355]	313
[796]	314	// +-----------------------------------------------------------------------+
	315	// \| form construction \|
	316	// +-----------------------------------------------------------------------+
	317
	318	// Search in a particular category
[2223]	319	$blockname = 'categories';
[796]	320
	321	$query = '
[1861]	322	SELECT id, name, uppercats, global_rank
[1677]	323	FROM '.CATEGORIES_TABLE.'
	324	'.get_sql_condition_FandF
	325	(
	326	array
	327	(
	328	'forbidden_categories' => 'id',
	329	'visible_categories' => 'id'
	330	),
	331	'WHERE'
	332	).'
[796]	333	;';
	334	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	335
	336	// Filter on recent comments...
[2223]	337	$tpl_var=array();
[796]	338	foreach ($since_options as $id => $option)
	339	{
[2223]	340	$tpl_var[ $id ] = $option['label'];
[355]	341	}
[2223]	342	$template->assign( 'since_options', $tpl_var);
	343	$template->assign( 'since_options_selected', $page['since']);
[796]	344
	345	// Sort by
[2223]	346	$template->assign( 'sort_by_options', $sort_by);
	347	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	348
	349	// Sorting order
[2223]	350	$template->assign( 'sort_order_options', $sort_order);
	351	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	352
	353
	354	// Number of items
	355	$blockname = 'items_number_option';
[2223]	356	$tpl_var=array();
[796]	357	foreach ($items_number as $option)
	358	{
[2223]	359	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	360	}
[2223]	361	$template->assign( 'item_number_options', $tpl_var);
	362	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	363
[2223]	364
[579]	365	// +-----------------------------------------------------------------------+
[796]	366	// \| navigation bar \|
	367	// +-----------------------------------------------------------------------+
	368
	369	if (isset($_GET['start']) and is_numeric($_GET['start']))
	370	{
	371	$start = $_GET['start'];
	372	}
	373	else
	374	{
	375	$start = 0;
	376	}
	377
	378	$query = '
[3450]	379	SELECT COUNT(DISTINCT(com.id))
[796]	380	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]	381	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	382	ON ic.image_id = com.image_id
[4139]	383	LEFT JOIN '.USERS_TABLE.' As u
	384	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	385	WHERE '.implode('
	386	AND ', $page['where_clauses']).'
[796]	387	;';
[4325]	388	list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]	389
[1598]	390	$url = PHPWG_ROOT_PATH
	391	.'comments.php'
[5195]	392	.get_query_string_diff(array('start','delete','validate','pwg_token'));
[796]	393
	394	$navbar = create_navigation_bar($url,
	395	$counter,
	396	$start,
	397	$page['items_number'],
	398	'');
	399
[3172]	400	$template->assign('navbar', $navbar);
[796]	401
[15924]	402	$url_self = PHPWG_ROOT_PATH
	403	.'comments.php'
	404	.get_query_string_diff(array('edit','delete','validate','pwg_token'));
	405
[796]	406	// +-----------------------------------------------------------------------+
[579]	407	// \| last comments display \|
	408	// +-----------------------------------------------------------------------+
[355]	409
[796]	410	$comments = array();
	411	$element_ids = array();
	412	$category_ids = array();
	413
[579]	414	$query = '
[6596]	415	SELECT com.id AS comment_id,
	416	com.image_id,
	417	com.author,
	418	com.author_id,
[18164]	419	u.'.$conf['user_fields']['email'].' AS user_email,
	420	com.email,
[6596]	421	com.date,
[17351]	422	com.website_url,
[6596]	423	com.content,
	424	com.validated
[796]	425	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]	426	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	427	ON ic.image_id = com.image_id
[4139]	428	LEFT JOIN '.USERS_TABLE.' As u
	429	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	430	WHERE '.implode('
	431	AND ', $page['where_clauses']).'
[6596]	432	GROUP BY comment_id,
	433	com.image_id,
	434	com.author,
	435	com.author_id,
	436	com.date,
	437	com.content,
	438	com.validated
[796]	439	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	440	if ('all' != $page['items_number'])
	441	{
	442	$query.= '
[4334]	443	LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]	444	}
	445	$query.= '
[579]	446	;';
[587]	447	$result = pwg_query($query);
[4325]	448	while ($row = pwg_db_fetch_assoc($result))
[393]	449	{
[796]	450	array_push($comments, $row);
	451	array_push($element_ids, $row['image_id']);
[393]	452	}
[796]	453
	454	if (count($comments) > 0)
[579]	455	{
[796]	456	// retrieving element informations
	457	$elements = array();
[579]	458	$query = '
[12930]	459	SELECT *
[579]	460	FROM '.IMAGES_TABLE.'
[796]	461	WHERE id IN ('.implode(',', $element_ids).')
[579]	462	;';
[796]	463	$result = pwg_query($query);
[4325]	464	while ($row = pwg_db_fetch_assoc($result))
[579]	465	{
[796]	466	$elements[$row['id']] = $row;
[579]	467	}
[721]	468
[796]	469	// retrieving category informations
[579]	470	$query = '
[6596]	471	SELECT c.id, name, permalink, uppercats, com.id as comment_id
	472	FROM '.CATEGORIES_TABLE.' AS c
	473	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
	474	ON c.id=ic.category_id
	475	LEFT JOIN '.COMMENTS_TABLE.' AS com
	476	ON ic.image_id=com.image_id
[6601]	477	'.get_sql_condition_FandF
	478	(
	479	array
	480	(
	481	'forbidden_categories' => 'c.id',
	482	'visible_categories' => 'c.id'
	483	),
	484	'WHERE'
	485	).'
[796]	486	;';
[6596]	487	$categories = hash_from_query($query, 'comment_id');
[796]	488
	489	foreach ($comments as $comment)
[579]	490	{
[796]	491	if (!empty($elements[$comment['image_id']]['name']))
[166]	492	{
[1598]	493	$name=$elements[$comment['image_id']]['name'];
[166]	494	}
[796]	495	else
	496	{
[1598]	497	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	498	}
[1090]	499
[796]	500	// source of the thumbnail picture
[12930]	501	$src_image = new SrcImage($elements[$comment['image_id']]);
[1090]	502
[796]	503	// link to the full size picture
[1090]	504	$url = make_picture_url(
[796]	505	array(
[6596]	506	'category' => $categories[ $comment['comment_id'] ],
[5195]	507	'image_id' => $comment['image_id'],
	508	'image_file' => $elements[$comment['image_id']]['file'],
	509	)
	510	);
[18164]	511
	512	$email = null;
	513	if (!empty($comment['user_email']))
	514	{
	515	$email = $comment['user_email'];
	516	}
	517	else if (!empty($comment['email']))
	518	{
	519	$email = $comment['email'];
	520	}
[5199]	521
[5195]	522	$tpl_comment = array(
[11261]	523	'ID' => $comment['comment_id'],
[5195]	524	'U_PICTURE' => $url,
[12930]	525	'src_image' => $src_image,
[5195]	526	'ALT' => $name,
	527	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
[17351]	528	'WEBSITE_URL' => $comment['website_url'],
[5195]	529	'DATE'=>format_date($comment['date'], true),
	530	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
	531	);
[18164]	532
	533	if (is_admin())
	534	{
	535	$tpl_comment['EMAIL'] = $email;
	536	}
[1598]	537
[3487]	538	if (can_manage_comment('delete', $comment['author_id']))
[1598]	539	{
[5195]	540	$url =
	541	get_root_url()
	542	.'comments.php'
	543	.get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
[5199]	544
[5195]	545	$tpl_comment['U_DELETE'] = add_url_params(
	546	$url,
	547	array(
	548	'delete' => $comment['comment_id'],
	549	'pwg_token' => get_pwg_token(),
	550	)
	551	);
[3445]	552	}
[5199]	553
[3450]	554	if (can_manage_comment('edit', $comment['author_id']))
[3445]	555	{
[5195]	556	$url =
	557	get_root_url()
	558	.'comments.php'
	559	.get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
[5199]	560
[5195]	561	$tpl_comment['U_EDIT'] = add_url_params(
	562	$url,
	563	array(
[13865]	564	'edit' => $comment['comment_id']
[5195]	565	)
	566	);
[5199]	567
[3487]	568	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	569	{
[12930]	570	$tpl_comment['IN_EDIT'] = true;
	571	$key = get_ephemeral_key(2, $comment['image_id']);
	572	$tpl_comment['KEY'] = $key;
	573	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	574	$tpl_comment['CONTENT'] = $comment['content'];
[13865]	575	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
[15924]	576	$tpl_comment['U_CANCEL'] = $url_self;
[1598]	577	}
	578	}
[3445]	579
[5195]	580	if (can_manage_comment('validate', $comment['author_id']))
[3445]	581	{
[5195]	582	if ('true' != $comment['validated'])
	583	{
	584	$tpl_comment['U_VALIDATE'] = add_url_params(
	585	$url,
	586	array(
	587	'validate'=> $comment['comment_id'],
	588	'pwg_token' => get_pwg_token(),
	589	)
	590	);
	591	}
[3445]	592	}
[2223]	593	$template->append('comments', $tpl_comment);
[166]	594	}
[579]	595	}
[10812]	596
[12930]	597	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
	598	$template->assign( 'derivative_params', $derivative_params );
	599
[10812]	600	// include menubar
	601	$themeconf = $template->get_template_vars('themeconf');
[10824]	602	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]	603	{
	604	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
	605	}
	606
[579]	607	// +-----------------------------------------------------------------------+
	608	// \| html code display \|
	609	// +-----------------------------------------------------------------------+
[2107]	610	include(PHPWG_ROOT_PATH.'include/page_header.php');
[18063]	611	trigger_action('loc_end_comments');
[20609]	612	flush_page_messages();
[2223]	613	$template->pparse('comments');
[1598]	614	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	615	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: