Context Navigation

source: trunk/comments.php @ 26640

Last change on this file since 26640 was 26461, checked in by mistic100, 10 years ago
Update headers to 2014. Happy new year!!
Property svn:eol-style set to `LF`
File size: 17.2 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[8728]	3	// \| Piwigo - a PHP based photo gallery \|
[2297]	4	// +-----------------------------------------------------------------------+
[26461]	5	// \| Copyright(C) 2008-2014 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[12887]	31	if (!$conf['activate_comments'])
	32	{
	33	page_not_found(null);
	34	}
	35
[1072]	36	// +-----------------------------------------------------------------------+
	37	// \| Check Access and exit when user status is not ok \|
	38	// +-----------------------------------------------------------------------+
	39	check_status(ACCESS_GUEST);
	40
[26088]	41	$url_self = PHPWG_ROOT_PATH.'comments.php'
	42	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
	43
[796]	44	$sort_order = array(
[2223]	45	'DESC' => l10n('descending'),
	46	'ASC' => l10n('ascending')
[796]	47	);
	48
	49	// sort_by : database fields proposed for sorting comments list
	50	$sort_by = array(
[2223]	51	'date' => l10n('comment date'),
[8711]	52	'image_id' => l10n('photo')
[796]	53	);
	54
	55	// items_number : list of number of items to display per page
	56	$items_number = array(5,10,20,50,'all');
	57
[19303]	58	// if the default value is not in the expected values, we add it in the $items_number array
	59	if (!in_array($conf['comments_page_nb_comments'], $items_number))
	60	{
	61	$items_number_new = array();
	62
	63	$is_inserted = false;
	64
	65	foreach ($items_number as $number)
	66	{
	67	if ($number > $conf['comments_page_nb_comments'] or ($number == 'all' and !$is_inserted))
	68	{
	69	$items_number_new[] = $conf['comments_page_nb_comments'];
	70	$is_inserted = true;
	71	}
	72
	73	$items_number_new[] = $number;
	74	}
	75
	76	$items_number = $items_number_new;
	77	}
	78
[796]	79	// since when display comments ?
	80	//
	81	$since_options = array(
	82	1 => array('label' => l10n('today'),
[4367]	83	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
[25005]	84	2 => array('label' => l10n('last %d days', 7),
[4367]	85	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
[25005]	86	3 => array('label' => l10n('last %d days', 30),
[4367]	87	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
[796]	88	4 => array('label' => l10n('the beginning'),
	89	'clause' => '1=1') // stupid but generic
	90	);
[18063]	91
	92	trigger_action('loc_begin_comments');
[796]	93
[4139]	94	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	95	{
	96	$page['since'] = $_GET['since'];
	97	}
	98	else
	99	{
	100	$page['since'] = 4;
	101	}
[796]	102
	103	// on which field sorting
	104	//
	105	$page['sort_by'] = 'date';
	106	// if the form was submitted, it overloads default behaviour
[2757]	107	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	108	{
[796]	109	$page['sort_by'] = $_GET['sort_by'];
[393]	110	}
[796]	111
	112	// order to sort
	113	//
[2223]	114	$page['sort_order'] = 'DESC';
[796]	115	// if the form was submitted, it overloads default behaviour
[2757]	116	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	117	{
[2223]	118	$page['sort_order'] = $_GET['sort_order'];
[393]	119	}
[796]	120
	121	// number of items to display
	122	//
[19303]	123	$page['items_number'] = $conf['comments_page_nb_comments'];
[796]	124	if (isset($_GET['items_number']))
	125	{
	126	$page['items_number'] = $_GET['items_number'];
	127	}
[3600]	128	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	129	{
	130	$page['items_number'] = 10;
	131	}
[796]	132
[1716]	133	$page['where_clauses'] = array();
	134
[796]	135	// which category to filter on ?
	136	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	137	{
[6910]	138	check_input_parameter('cat', $_GET, false, PATTERN_ID);
[7488]	139
	140	$category_ids = get_subcat_ids(array($_GET['cat']));
[9679]	141	if (empty($category_ids))
[7488]	142	{
	143	$category_ids = array(-1);
	144	}
[12930]	145
[1716]	146	$page['where_clauses'][] =
[7488]	147	'category_id IN ('.implode(',', $category_ids).')';
[796]	148	}
	149
	150	// search a particular author
[4139]	151	if (!empty($_GET['author']))
[796]	152	{
[3487]	153	$page['where_clauses'][] =
[22142]	154	'(u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\' OR author = \''.$_GET['author'].'\')';
[796]	155	}
	156
[5195]	157	// search a specific comment (if you're coming directly from an admin
	158	// notification email)
	159	if (!empty($_GET['comment_id']))
	160	{
	161	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
	162
	163	// currently, the $_GET['comment_id'] is only used by admins from email
	164	// for management purpose (validate/delete)
	165	if (!is_admin())
	166	{
	167	$login_url =
	168	get_root_url().'identification.php?redirect='
	169	.urlencode(urlencode($_SERVER['REQUEST_URI']))
	170	;
	171	redirect($login_url);
	172	}
	173
	174	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
	175	}
	176
[796]	177	// search a substring among comments content
[4139]	178	if (!empty($_GET['keyword']))
[796]	179	{
[1716]	180	$page['where_clauses'][] =
[796]	181	'('.
	182	implode(' AND ',
	183	array_map(
	184	create_function(
	185	'$s',
	186	'return "content LIKE \'%$s%\'";'
	187	),
[2012]	188	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	189	)
	190	).
	191	')';
	192	}
	193
[1716]	194	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	195
[1598]	196	// which status to filter on ?
[1716]	197	if ( !is_admin() )
[1598]	198	{
[4367]	199	$page['where_clauses'][] = 'validated=\'true\'';
[1598]	200	}
	201
[1716]	202	$page['where_clauses'][] = get_sql_condition_FandF
	203	(
	204	array
	205	(
	206	'forbidden_categories' => 'category_id',
	207	'visible_categories' => 'category_id',
	208	'visible_images' => 'ic.image_id'
	209	),
	210	'', true
	211	);
[1598]	212
[579]	213	// +-----------------------------------------------------------------------+
	214	// \| comments management \|
	215	// +-----------------------------------------------------------------------+
[1598]	216
[5195]	217	$comment_id = null;
	218	$action = null;
	219
	220	$actions = array('delete', 'validate', 'edit');
	221	foreach ($actions as $loop_action)
	222	{
	223	if (isset($_GET[$loop_action]))
	224	{
[5199]	225	$action = $loop_action;
[5195]	226	check_input_parameter($action, $_GET, false, PATTERN_ID);
	227	$comment_id = $_GET[$action];
	228	break;
	229	}
[579]	230	}
[1617]	231
[5195]	232	if (isset($action))
[3445]	233	{
[5195]	234	$comment_author_id = get_comment_author_id($comment_id);
[5199]	235
[5195]	236	if (can_manage_comment($action, $comment_author_id))
[3445]	237	{
[5195]	238	$perform_redirect = false;
[5199]	239
[5195]	240	if ('delete' == $action)
	241	{
[13865]	242	check_pwg_token();
[5195]	243	delete_user_comment($comment_id);
	244	$perform_redirect = true;
	245	}
[3445]	246
[5195]	247	if ('validate' == $action)
	248	{
[13865]	249	check_pwg_token();
[5195]	250	validate_user_comment($comment_id);
	251	$perform_redirect = true;
	252	}
[5199]	253
[5195]	254	if ('edit' == $action)
	255	{
	256	if (!empty($_POST['content']))
	257	{
[13865]	258	check_pwg_token();
[18995]	259	$comment_action = update_user_comment(
[5195]	260	array(
	261	'comment_id' => $_GET['edit'],
	262	'image_id' => $_POST['image_id'],
[18995]	263	'content' => $_POST['content'],
	264	'website_url' => @$_POST['website_url'],
[5195]	265	),
	266	$_POST['key']
	267	);
[18995]	268
	269	switch ($comment_action)
	270	{
	271	case 'moderate':
	272	$_SESSION['page_infos'][] = l10n('An administrator must authorize your comment before it is visible.');
	273	case 'validate':
	274	$_SESSION['page_infos'][] = l10n('Your comment has been registered');
	275	$perform_redirect = true;
	276	break;
	277	case 'reject':
	278	$_SESSION['page_errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules');
	279	break;
	280	default:
	281	trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
	282	}
[5195]	283	}
[18995]	284
	285	$edit_comment = $_GET['edit'];
[5195]	286	}
[5199]	287
[5195]	288	if ($perform_redirect)
	289	{
[26088]	290	redirect($url_self);
[5195]	291	}
[3445]	292	}
	293	}
	294
[579]	295	// +-----------------------------------------------------------------------+
	296	// \| page header and options \|
	297	// +-----------------------------------------------------------------------+
[355]	298
[2268]	299	$title= l10n('User comments');
[850]	300	$page['body_id'] = 'theCommentsPage';
	301
[579]	302	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	303	$template->assign(
[579]	304	array(
[796]	305	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	306	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	307	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	308	)
	309	);
[355]	310
[796]	311	// +-----------------------------------------------------------------------+
	312	// \| form construction \|
	313	// +-----------------------------------------------------------------------+
	314
	315	// Search in a particular category
[2223]	316	$blockname = 'categories';
[796]	317
	318	$query = '
[1861]	319	SELECT id, name, uppercats, global_rank
[1677]	320	FROM '.CATEGORIES_TABLE.'
	321	'.get_sql_condition_FandF
	322	(
	323	array
	324	(
	325	'forbidden_categories' => 'id',
	326	'visible_categories' => 'id'
	327	),
	328	'WHERE'
	329	).'
[796]	330	;';
	331	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	332
	333	// Filter on recent comments...
[2223]	334	$tpl_var=array();
[796]	335	foreach ($since_options as $id => $option)
	336	{
[2223]	337	$tpl_var[ $id ] = $option['label'];
[355]	338	}
[2223]	339	$template->assign( 'since_options', $tpl_var);
	340	$template->assign( 'since_options_selected', $page['since']);
[796]	341
	342	// Sort by
[2223]	343	$template->assign( 'sort_by_options', $sort_by);
	344	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	345
	346	// Sorting order
[2223]	347	$template->assign( 'sort_order_options', $sort_order);
	348	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	349
	350
	351	// Number of items
	352	$blockname = 'items_number_option';
[2223]	353	$tpl_var=array();
[796]	354	foreach ($items_number as $option)
	355	{
[2223]	356	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	357	}
[2223]	358	$template->assign( 'item_number_options', $tpl_var);
	359	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	360
[2223]	361
[579]	362	// +-----------------------------------------------------------------------+
[796]	363	// \| navigation bar \|
	364	// +-----------------------------------------------------------------------+
	365
	366	if (isset($_GET['start']) and is_numeric($_GET['start']))
	367	{
	368	$start = $_GET['start'];
	369	}
	370	else
	371	{
	372	$start = 0;
	373	}
	374
	375	$query = '
[3450]	376	SELECT COUNT(DISTINCT(com.id))
[796]	377	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[5199]	378	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	379	ON ic.image_id = com.image_id
[4139]	380	LEFT JOIN '.USERS_TABLE.' As u
	381	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	382	WHERE '.implode('
	383	AND ', $page['where_clauses']).'
[796]	384	;';
[4325]	385	list($counter) = pwg_db_fetch_row(pwg_query($query));
[796]	386
[26088]	387	$url = PHPWG_ROOT_PATH.'comments.php'
	388	.get_query_string_diff(array('start','edit','delete','validate','pwg_token'));
[796]	389
	390	$navbar = create_navigation_bar($url,
	391	$counter,
	392	$start,
	393	$page['items_number'],
	394	'');
	395
[3172]	396	$template->assign('navbar', $navbar);
[796]	397
	398	// +-----------------------------------------------------------------------+
[579]	399	// \| last comments display \|
	400	// +-----------------------------------------------------------------------+
[355]	401
[796]	402	$comments = array();
	403	$element_ids = array();
	404	$category_ids = array();
	405
[579]	406	$query = '
[6596]	407	SELECT com.id AS comment_id,
	408	com.image_id,
	409	com.author,
	410	com.author_id,
[18164]	411	u.'.$conf['user_fields']['email'].' AS user_email,
	412	com.email,
[6596]	413	com.date,
[17351]	414	com.website_url,
[6596]	415	com.content,
	416	com.validated
[796]	417	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[6601]	418	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	419	ON ic.image_id = com.image_id
[4139]	420	LEFT JOIN '.USERS_TABLE.' As u
	421	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	422	WHERE '.implode('
	423	AND ', $page['where_clauses']).'
[6596]	424	GROUP BY comment_id,
	425	com.image_id,
	426	com.author,
	427	com.author_id,
	428	com.date,
	429	com.content,
	430	com.validated
[796]	431	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	432	if ('all' != $page['items_number'])
	433	{
	434	$query.= '
[4334]	435	LIMIT '.$page['items_number'].' OFFSET '.$start;
[796]	436	}
	437	$query.= '
[579]	438	;';
[587]	439	$result = pwg_query($query);
[4325]	440	while ($row = pwg_db_fetch_assoc($result))
[393]	441	{
[25018]	442	$comments[] = $row;
	443	$element_ids[] = $row['image_id'];
[393]	444	}
[796]	445
	446	if (count($comments) > 0)
[579]	447	{
[796]	448	// retrieving element informations
	449	$elements = array();
[579]	450	$query = '
[12930]	451	SELECT *
[579]	452	FROM '.IMAGES_TABLE.'
[796]	453	WHERE id IN ('.implode(',', $element_ids).')
[579]	454	;';
[796]	455	$result = pwg_query($query);
[4325]	456	while ($row = pwg_db_fetch_assoc($result))
[579]	457	{
[796]	458	$elements[$row['id']] = $row;
[579]	459	}
[721]	460
[796]	461	// retrieving category informations
[579]	462	$query = '
[6596]	463	SELECT c.id, name, permalink, uppercats, com.id as comment_id
	464	FROM '.CATEGORIES_TABLE.' AS c
	465	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
	466	ON c.id=ic.category_id
	467	LEFT JOIN '.COMMENTS_TABLE.' AS com
	468	ON ic.image_id=com.image_id
[6601]	469	'.get_sql_condition_FandF
	470	(
	471	array
	472	(
	473	'forbidden_categories' => 'c.id',
	474	'visible_categories' => 'c.id'
	475	),
	476	'WHERE'
	477	).'
[796]	478	;';
[6596]	479	$categories = hash_from_query($query, 'comment_id');
[796]	480
	481	foreach ($comments as $comment)
[579]	482	{
[796]	483	if (!empty($elements[$comment['image_id']]['name']))
[166]	484	{
[1598]	485	$name=$elements[$comment['image_id']]['name'];
[166]	486	}
[796]	487	else
	488	{
[1598]	489	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	490	}
[1090]	491
[796]	492	// source of the thumbnail picture
[12930]	493	$src_image = new SrcImage($elements[$comment['image_id']]);
[1090]	494
[796]	495	// link to the full size picture
[1090]	496	$url = make_picture_url(
[796]	497	array(
[6596]	498	'category' => $categories[ $comment['comment_id'] ],
[5195]	499	'image_id' => $comment['image_id'],
	500	'image_file' => $elements[$comment['image_id']]['file'],
	501	)
	502	);
[18164]	503
	504	$email = null;
	505	if (!empty($comment['user_email']))
	506	{
	507	$email = $comment['user_email'];
	508	}
	509	else if (!empty($comment['email']))
	510	{
	511	$email = $comment['email'];
	512	}
[5199]	513
[5195]	514	$tpl_comment = array(
[11261]	515	'ID' => $comment['comment_id'],
[5195]	516	'U_PICTURE' => $url,
[12930]	517	'src_image' => $src_image,
[5195]	518	'ALT' => $name,
	519	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
[17351]	520	'WEBSITE_URL' => $comment['website_url'],
[5195]	521	'DATE'=>format_date($comment['date'], true),
	522	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
	523	);
[18164]	524
	525	if (is_admin())
	526	{
	527	$tpl_comment['EMAIL'] = $email;
	528	}
[1598]	529
[3487]	530	if (can_manage_comment('delete', $comment['author_id']))
[1598]	531	{
[5195]	532	$tpl_comment['U_DELETE'] = add_url_params(
[26088]	533	$url_self,
[5195]	534	array(
	535	'delete' => $comment['comment_id'],
	536	'pwg_token' => get_pwg_token(),
	537	)
	538	);
[3445]	539	}
[5199]	540
[3450]	541	if (can_manage_comment('edit', $comment['author_id']))
[3445]	542	{
[5195]	543	$tpl_comment['U_EDIT'] = add_url_params(
[26088]	544	$url_self,
[5195]	545	array(
[13865]	546	'edit' => $comment['comment_id']
[5195]	547	)
	548	);
[5199]	549
[3487]	550	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	551	{
[12930]	552	$tpl_comment['IN_EDIT'] = true;
	553	$key = get_ephemeral_key(2, $comment['image_id']);
	554	$tpl_comment['KEY'] = $key;
	555	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	556	$tpl_comment['CONTENT'] = $comment['content'];
[13865]	557	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
[15924]	558	$tpl_comment['U_CANCEL'] = $url_self;
[1598]	559	}
	560	}
[3445]	561
[5195]	562	if (can_manage_comment('validate', $comment['author_id']))
[3445]	563	{
[5195]	564	if ('true' != $comment['validated'])
	565	{
	566	$tpl_comment['U_VALIDATE'] = add_url_params(
[26088]	567	$url_self,
[5195]	568	array(
	569	'validate'=> $comment['comment_id'],
	570	'pwg_token' => get_pwg_token(),
	571	)
	572	);
	573	}
[3445]	574	}
[2223]	575	$template->append('comments', $tpl_comment);
[166]	576	}
[579]	577	}
[10812]	578
[12930]	579	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
	580	$template->assign( 'derivative_params', $derivative_params );
	581
[10812]	582	// include menubar
	583	$themeconf = $template->get_template_vars('themeconf');
[10824]	584	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
[10812]	585	{
	586	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
	587	}
	588
[579]	589	// +-----------------------------------------------------------------------+
	590	// \| html code display \|
	591	// +-----------------------------------------------------------------------+
[2107]	592	include(PHPWG_ROOT_PATH.'include/page_header.php');
[18063]	593	trigger_action('loc_end_comments');
[20609]	594	flush_page_messages();
[2223]	595	$template->pparse('comments');
[1598]	596	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	597	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: