Context Navigation

source: trunk/comments.php @ 25836

Last change on this file since 25836 was 25018, checked in by mistic100, 11 years ago
remove all array_push (50% slower than []) + some changes missing for feature:2978
Property svn:eol-style set to `LF`
File size: 17.6 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[19703]	5	// \| Copyright(C) 2008-2013 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[12887]	31	if (!$conf['activate_comments'])
	32	{
	33	page_not_found(null);
	34	}
	35
[1072]	36	// +-----------------------------------------------------------------------+
	37	// \| Check Access and exit when user status is not ok \|
	38	// +-----------------------------------------------------------------------+
	39	check_status(ACCESS_GUEST);
	40
[796]	41	$sort_order = array(
[2223]	42	'DESC' => l10n('descending'),
	43	'ASC' => l10n('ascending')
[796]	44	);
	45
	46	// sort_by : database fields proposed for sorting comments list
	47	$sort_by = array(
[2223]	48	'date' => l10n('comment date'),
[8711]	49	'image_id' => l10n('photo')
[796]	50	);
	51
	52	// items_number : list of number of items to display per page
	53	$items_number = array(5,10,20,50,'all');
	54
[19303]	55	// if the default value is not in the expected values, we add it in the $items_number array
	56	if (!in_array($conf['comments_page_nb_comments'], $items_number))
	57	{
	58	$items_number_new = array();
	59
	60	$is_inserted = false;
	61
	62	foreach ($items_number as $number)
	63	{
	64	if ($number > $conf['comments_page_nb_comments'] or ($number == 'all' and !$is_inserted))
	65	{
	66	$items_number_new[] = $conf['comments_page_nb_comments'];
	67	$is_inserted = true;
	68	}
	69
	70	$items_number_new[] = $number;
	71	}
	72
	73	$items_number = $items_number_new;
	74	}
	75
[796]	76	// since when display comments ?
	77	//
	78	$since_options = array(
	79	1 => array('label' => l10n('today'),
[4367]	80	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[25005]	81	2 => array('label' => l10n('last %d days', 7),
[4367]	82	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[25005]	83	3 => array('label' => l10n('last %d days', 30),
[4367]	84	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]	85	4 => array('label' => l10n('the beginning'),
	86	'clause' => '1=1') // stupid but generic
	87	);
[18063]	88
	89	trigger_action('loc_begin_comments');
[796]	90
[4139]	91	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	92	{
	93	$page['since'] = $_GET['since'];
	94	}
	95	else
	96	{
	97	$page['since'] = 4;
	98	}
[796]	99
	100	// on which field sorting
	101	//
	102	$page['sort_by'] = 'date';
	103	// if the form was submitted, it overloads default behaviour
[2757]	104	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	105	{
[796]	106	$page['sort_by'] = $_GET['sort_by'];
[393]	107	}
[796]	108
	109	// order to sort
	110	//
[2223]	111	$page['sort_order'] = 'DESC';
[796]	112	// if the form was submitted, it overloads default behaviour
[2757]	113	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	114	{
[2223]	115	$page['sort_order'] = $_GET['sort_order'];
[393]	116	}
[796]	117
	118	// number of items to display
	119	//
[19303]	120	$page['items_number'] = $conf['comments_page_nb_comments'];
[796]	121	if (isset($_GET['items_number']))
	122	{
	123	$page['items_number'] = $_GET['items_number'];
	124	}
[3600]	125	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	126	{
	127	$page['items_number'] = 10;
	128	}
[796]	129
[1716]	130	$page['where_clauses'] = array();
	131
[796]	132	// which category to filter on ?
	133	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	134	{
[6910]	135	check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]	136
	137	$category_ids = get_subcat_ids(array($_GET['cat']));
[9679]	138	if (empty($category_ids))
[7488]	139	{
	140	$category_ids = array(-1);
	141	}
[12930]	142
[1716]	143	$page['where_clauses'][] =
[7488]	144	'category_id IN ('.implode(',', $category_ids).')';
[796]	145	}
	146
	147	// search a particular author
[4139]	148	if (!empty($_GET['author']))
[796]	149	{
[3487]	150	$page['where_clauses'][] =
[22142]	151	'(u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\' OR author = \''.$_GET['author'].'\')';
[796]	152	}
	153
[5195]	154	// search a specific comment (if you're coming directly from an admin
	155	// notification email)
	156	if (!empty($_GET['comment_id']))
	157	{
	158	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
	159
	160	// currently, the $_GET['comment_id'] is only used by admins from email
	161	// for management purpose (validate/delete)
	162	if (!is_admin())
	163	{
	164	$login_url =
	165	get_root_url().'identification.php?redirect='
	166	.urlencode(urlencode($_SERVER['REQUEST_URI']))
	167	;
	168	redirect($login_url);
	169	}
	170
	171	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
	172	}
	173
[796]	174	// search a substring among comments content
[4139]	175	if (!empty($_GET['keyword']))
[796]	176	{
[1716]	177	$page['where_clauses'][] =
[796]	178	'('.
	179	implode(' AND ',
	180	array_map(
	181	create_function(
	182	'$s',
	183	'return "content LIKE \'%$s%\'";'
	184	),
[2012]	185	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	186	)
	187	).
	188	')';
	189	}
	190
[1716]	191	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	192
[1598]	193	// which status to filter on ?
[1716]	194	if ( !is_admin() )
[1598]	195	{
[4367]	196	$page['where_clauses'][] = 'validated=\'true\'';
[1598]	197	}
	198
[1716]	199	$page['where_clauses'][] = get_sql_condition_FandF
	200	(
	201	array
	202	(
	203	'forbidden_categories' => 'category_id',
	204	'visible_categories' => 'category_id',
	205	'visible_images' => 'ic.image_id'
	206	),
	207	'', true
	208	);
[1598]	209
[579]	210	// +-----------------------------------------------------------------------+
	211	// \| comments management \|
	212	// +-----------------------------------------------------------------------+
[1598]	213
[5195]	214	$comment_id = null;
	215	$action = null;
	216
	217	$actions = array('delete', 'validate', 'edit');
	218	foreach ($actions as $loop_action)
	219	{
	220	if (isset($_GET[$loop_action]))
	221	{
[5199]	222	$action = $loop_action;
[5195]	223	check_input_parameter($action, $_GET, false, PATTERN_ID);
	224	$comment_id = $_GET[$action];
	225	break;
	226	}
[579]	227	}
[1617]	228
[5195]	229	if (isset($action))
[3445]	230	{
[5195]	231	$comment_author_id = get_comment_author_id($comment_id);
[5199]	232
[5195]	233	if (can_manage_comment($action, $comment_author_id))
[3445]	234	{
[5195]	235	$perform_redirect = false;
[5199]	236
[5195]	237	if ('delete' == $action)
	238	{
[13865]	239	check_pwg_token();
[5195]	240	delete_user_comment($comment_id);
	241	$perform_redirect = true;
	242	}
[3445]	243
[5195]	244	if ('validate' == $action)
	245	{
[13865]	246	check_pwg_token();
[5195]	247	validate_user_comment($comment_id);
	248	$perform_redirect = true;
	249	}
[5199]	250
[5195]	251	if ('edit' == $action)
	252	{
	253	if (!empty($_POST['content']))
	254	{
[13865]	255	check_pwg_token();
[18995]	256	$comment_action = update_user_comment(
[5195]	257	array(
	258	'comment_id' => $_GET['edit'],
	259	'image_id' => $_POST['image_id'],
[18995]	260	'content' => $_POST['content'],
	261	'website_url' => @$_POST['website_url'],
[5195]	262	),
	263	$_POST['key']
	264	);
[18995]	265
	266	switch ($comment_action)
	267	{
	268	case 'moderate':
	269	$_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
	270	case 'validate':
	271	$_SESSION['page_infos'][] = l10n('Your comment has been registered');
	272	$perform_redirect = true;
	273	break;
	274	case 'reject':
	275	$_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
	276	break;
	277	default:
	278	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
	279	}
[5195]	280	}
[18995]	281
	282	$edit_comment = $_GET['edit'];
[5195]	283	}
[5199]	284
[5195]	285	if ($perform_redirect)
	286	{
	287	$redirect_url =
	288	PHPWG_ROOT_PATH
	289	.'comments.php'
[12765]	290	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
[5199]	291
[5195]	292	redirect($redirect_url);
	293	}
[3445]	294	}
	295	}
	296
[579]	297	// +-----------------------------------------------------------------------+
	298	// \| page header and options \|
	299	// +-----------------------------------------------------------------------+
[355]	300
[2268]	301	$title= l10n('User comments');
[850]	302	$page['body_id'] = 'theCommentsPage';
	303
[579]	304	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	305	$template->assign(
[579]	306	array(
[796]	307	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	308	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	309	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	310	)
	311	);
[355]	312
[796]	313	// +-----------------------------------------------------------------------+
	314	// \| form construction \|
	315	// +-----------------------------------------------------------------------+
	316
	317	// Search in a particular category
[2223]	318	$blockname = 'categories';
[796]	319
	320	$query = '
[1861]	321	SELECT id, name, uppercats, global_rank
[1677]	322	FROM '.CATEGORIES_TABLE.'
	323	'.get_sql_condition_FandF
	324	(
	325	array
	326	(
	327	'forbidden_categories' => 'id',
	328	'visible_categories' => 'id'
	329	),
	330	'WHERE'
	331	).'
[796]	332	;';
	333	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	334
	335	// Filter on recent comments...
[2223]	336	$tpl_var=array();
[796]	337	foreach ($since_options as $id => $option)
	338	{
[2223]	339	$tpl_var[ $id ] = $option['label'];
[355]	340	}
[2223]	341	$template->assign( 'since_options', $tpl_var);
	342	$template->assign( 'since_options_selected', $page['since']);
[796]	343
	344	// Sort by
[2223]	345	$template->assign( 'sort_by_options', $sort_by);
	346	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	347
	348	// Sorting order
[2223]	349	$template->assign( 'sort_order_options', $sort_order);
	350	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	351
	352
	353	// Number of items
	354	$blockname = 'items_number_option';
[2223]	355	$tpl_var=array();
[796]	356	foreach ($items_number as $option)
	357	{
[2223]	358	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	359	}
[2223]	360	$template->assign( 'item_number_options', $tpl_var);
	361	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	362
[2223]	363
[579]	364	// +-----------------------------------------------------------------------+
[796]	365	// \| navigation bar \|
	366	// +-----------------------------------------------------------------------+
	367
	368	if (isset($_GET['start']) and is_numeric($_GET['start']))
	369	{
	370	$start = $_GET['start'];
	371	}
	372	else
	373	{
	374	$start = 0;
	375	}
	376
	377	$query = '
[3450]	378	SELECT COUNT(DISTINCT(com.id))
[796]	379	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]	380	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	381	ON ic.image_id = com.image_id
[4139]	382	LEFT JOIN '.USERS_TABLE.' As u
	383	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	384	WHERE '.implode('
	385	AND ', $page['where_clauses']).'
[796]	386	;';
[4325]	387	list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]	388
[1598]	389	$url = PHPWG_ROOT_PATH
	390	.'comments.php'
[5195]	391	.get_query_string_diff(array('start','delete','validate','pwg_token'));
[796]	392
	393	$navbar = create_navigation_bar($url,
	394	$counter,
	395	$start,
	396	$page['items_number'],
	397	'');
	398
[3172]	399	$template->assign('navbar', $navbar);
[796]	400
[15924]	401	$url_self = PHPWG_ROOT_PATH
	402	.'comments.php'
	403	.get_query_string_diff(array('edit','delete','validate','pwg_token'));
	404
[796]	405	// +-----------------------------------------------------------------------+
[579]	406	// \| last comments display \|
	407	// +-----------------------------------------------------------------------+
[355]	408
[796]	409	$comments = array();
	410	$element_ids = array();
	411	$category_ids = array();
	412
[579]	413	$query = '
[6596]	414	SELECT com.id AS comment_id,
	415	com.image_id,
	416	com.author,
	417	com.author_id,
[18164]	418	u.'.$conf['user_fields']['email'].' AS user_email,
	419	com.email,
[6596]	420	com.date,
[17351]	421	com.website_url,
[6596]	422	com.content,
	423	com.validated
[796]	424	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]	425	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	426	ON ic.image_id = com.image_id
[4139]	427	LEFT JOIN '.USERS_TABLE.' As u
	428	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	429	WHERE '.implode('
	430	AND ', $page['where_clauses']).'
[6596]	431	GROUP BY comment_id,
	432	com.image_id,
	433	com.author,
	434	com.author_id,
	435	com.date,
	436	com.content,
	437	com.validated
[796]	438	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	439	if ('all' != $page['items_number'])
	440	{
	441	$query.= '
[4334]	442	LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]	443	}
	444	$query.= '
[579]	445	;';
[587]	446	$result = pwg_query($query);
[4325]	447	while ($row = pwg_db_fetch_assoc($result))
[393]	448	{
[25018]	449	$comments[] = $row;
	450	$element_ids[] = $row['image_id'];
[393]	451	}
[796]	452
	453	if (count($comments) > 0)
[579]	454	{
[796]	455	// retrieving element informations
	456	$elements = array();
[579]	457	$query = '
[12930]	458	SELECT *
[579]	459	FROM '.IMAGES_TABLE.'
[796]	460	WHERE id IN ('.implode(',', $element_ids).')
[579]	461	;';
[796]	462	$result = pwg_query($query);
[4325]	463	while ($row = pwg_db_fetch_assoc($result))
[579]	464	{
[796]	465	$elements[$row['id']] = $row;
[579]	466	}
[721]	467
[796]	468	// retrieving category informations
[579]	469	$query = '
[6596]	470	SELECT c.id, name, permalink, uppercats, com.id as comment_id
	471	FROM '.CATEGORIES_TABLE.' AS c
	472	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
	473	ON c.id=ic.category_id
	474	LEFT JOIN '.COMMENTS_TABLE.' AS com
	475	ON ic.image_id=com.image_id
[6601]	476	'.get_sql_condition_FandF
	477	(
	478	array
	479	(
	480	'forbidden_categories' => 'c.id',
	481	'visible_categories' => 'c.id'
	482	),
	483	'WHERE'
	484	).'
[796]	485	;';
[6596]	486	$categories = hash_from_query($query, 'comment_id');
[796]	487
	488	foreach ($comments as $comment)
[579]	489	{
[796]	490	if (!empty($elements[$comment['image_id']]['name']))
[166]	491	{
[1598]	492	$name=$elements[$comment['image_id']]['name'];
[166]	493	}
[796]	494	else
	495	{
[1598]	496	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	497	}
[1090]	498
[796]	499	// source of the thumbnail picture
[12930]	500	$src_image = new SrcImage($elements[$comment['image_id']]);
[1090]	501
[796]	502	// link to the full size picture
[1090]	503	$url = make_picture_url(
[796]	504	array(
[6596]	505	'category' => $categories[ $comment['comment_id'] ],
[5195]	506	'image_id' => $comment['image_id'],
	507	'image_file' => $elements[$comment['image_id']]['file'],
	508	)
	509	);
[18164]	510
	511	$email = null;
	512	if (!empty($comment['user_email']))
	513	{
	514	$email = $comment['user_email'];
	515	}
	516	else if (!empty($comment['email']))
	517	{
	518	$email = $comment['email'];
	519	}
[5199]	520
[5195]	521	$tpl_comment = array(
[11261]	522	'ID' => $comment['comment_id'],
[5195]	523	'U_PICTURE' => $url,
[12930]	524	'src_image' => $src_image,
[5195]	525	'ALT' => $name,
	526	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
[17351]	527	'WEBSITE_URL' => $comment['website_url'],
[5195]	528	'DATE'=>format_date($comment['date'], true),
	529	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
	530	);
[18164]	531
	532	if (is_admin())
	533	{
	534	$tpl_comment['EMAIL'] = $email;
	535	}
[1598]	536
[3487]	537	if (can_manage_comment('delete', $comment['author_id']))
[1598]	538	{
[5195]	539	$url =
	540	get_root_url()
	541	.'comments.php'
	542	.get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
[5199]	543
[5195]	544	$tpl_comment['U_DELETE'] = add_url_params(
	545	$url,
	546	array(
	547	'delete' => $comment['comment_id'],
	548	'pwg_token' => get_pwg_token(),
	549	)
	550	);
[3445]	551	}
[5199]	552
[3450]	553	if (can_manage_comment('edit', $comment['author_id']))
[3445]	554	{
[5195]	555	$url =
	556	get_root_url()
	557	.'comments.php'
	558	.get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
[5199]	559
[5195]	560	$tpl_comment['U_EDIT'] = add_url_params(
	561	$url,
	562	array(
[13865]	563	'edit' => $comment['comment_id']
[5195]	564	)
	565	);
[5199]	566
[3487]	567	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	568	{
[12930]	569	$tpl_comment['IN_EDIT'] = true;
	570	$key = get_ephemeral_key(2, $comment['image_id']);
	571	$tpl_comment['KEY'] = $key;
	572	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	573	$tpl_comment['CONTENT'] = $comment['content'];
[13865]	574	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
[15924]	575	$tpl_comment['U_CANCEL'] = $url_self;
[1598]	576	}
	577	}
[3445]	578
[5195]	579	if (can_manage_comment('validate', $comment['author_id']))
[3445]	580	{
[5195]	581	if ('true' != $comment['validated'])
	582	{
	583	$tpl_comment['U_VALIDATE'] = add_url_params(
	584	$url,
	585	array(
	586	'validate'=> $comment['comment_id'],
	587	'pwg_token' => get_pwg_token(),
	588	)
	589	);
	590	}
[3445]	591	}
[2223]	592	$template->append('comments', $tpl_comment);
[166]	593	}
[579]	594	}
[10812]	595
[12930]	596	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
	597	$template->assign( 'derivative_params', $derivative_params );
	598
[10812]	599	// include menubar
	600	$themeconf = $template->get_template_vars('themeconf');
[10824]	601	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]	602	{
	603	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
	604	}
	605
[579]	606	// +-----------------------------------------------------------------------+
	607	// \| html code display \|
	608	// +-----------------------------------------------------------------------+
[2107]	609	include(PHPWG_ROOT_PATH.'include/page_header.php');
[18063]	610	trigger_action('loc_end_comments');
[20609]	611	flush_page_messages();
[2223]	612	$template->pparse('comments');
[1598]	613	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	614	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: