Context Navigation

source: trunk/comments.php @ 4187

Last change on this file since 4187 was 4182, checked in by nikrou, 15 years ago
bug 1220 : fix regression in display when search by author or by keyword contains quote.
Property svn:eol-style set to `LF`
File size: 13.4 KB

Rev	Line
[166]	1	<?php
[354]	2	// +-----------------------------------------------------------------------+
[2297]	3	// \| Piwigo - a PHP based picture gallery \|
	4	// +-----------------------------------------------------------------------+
[3049]	5	// \| Copyright(C) 2008-2009 Piwigo Team http://piwigo.org \|
[2297]	6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
	7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
	8	// +-----------------------------------------------------------------------+
	9	// \| This program is free software; you can redistribute it and/or modify \|
	10	// \| it under the terms of the GNU General Public License as published by \|
	11	// \| the Free Software Foundation \|
	12	// \| \|
	13	// \| This program is distributed in the hope that it will be useful, but \|
	14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
	15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
	16	// \| General Public License for more details. \|
	17	// \| \|
	18	// \| You should have received a copy of the GNU General Public License \|
	19	// \| along with this program; if not, write to the Free Software \|
	20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
	21	// \| USA. \|
	22	// +-----------------------------------------------------------------------+
[166]	23
[579]	24	// +-----------------------------------------------------------------------+
	25	// \| initialization \|
	26	// +-----------------------------------------------------------------------+
[1598]	27	define('PHPWG_ROOT_PATH','./');
	28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
[3445]	29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
[345]	30
[1072]	31	// +-----------------------------------------------------------------------+
	32	// \| Check Access and exit when user status is not ok \|
	33	// +-----------------------------------------------------------------------+
	34	check_status(ACCESS_GUEST);
	35
[796]	36	$sort_order = array(
[2223]	37	'DESC' => l10n('descending'),
	38	'ASC' => l10n('ascending')
[796]	39	);
	40
	41	// sort_by : database fields proposed for sorting comments list
	42	$sort_by = array(
[2223]	43	'date' => l10n('comment date'),
	44	'image_id' => l10n('picture')
[796]	45	);
	46
	47	// items_number : list of number of items to display per page
	48	$items_number = array(5,10,20,50,'all');
	49
	50	// since when display comments ?
	51	//
	52	$since_options = array(
	53	1 => array('label' => l10n('today'),
	54	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'),
	55	2 => array('label' => sprintf(l10n('last %d days'), 7),
	56	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'),
	57	3 => array('label' => sprintf(l10n('last %d days'), 30),
	58	'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'),
	59	4 => array('label' => l10n('the beginning'),
	60	'clause' => '1=1') // stupid but generic
	61	);
	62
[4139]	63	if (!empty($_GET['since']) && is_numeric($_GET['since']))
	64	{
	65	$page['since'] = $_GET['since'];
	66	}
	67	else
	68	{
	69	$page['since'] = 4;
	70	}
[796]	71
	72	// on which field sorting
	73	//
	74	$page['sort_by'] = 'date';
	75	// if the form was submitted, it overloads default behaviour
[2757]	76	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
[393]	77	{
[796]	78	$page['sort_by'] = $_GET['sort_by'];
[393]	79	}
[796]	80
	81	// order to sort
	82	//
[2223]	83	$page['sort_order'] = 'DESC';
[796]	84	// if the form was submitted, it overloads default behaviour
[2757]	85	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
[393]	86	{
[2223]	87	$page['sort_order'] = $_GET['sort_order'];
[393]	88	}
[796]	89
	90	// number of items to display
	91	//
[1814]	92	$page['items_number'] = 10;
[796]	93	if (isset($_GET['items_number']))
	94	{
	95	$page['items_number'] = $_GET['items_number'];
	96	}
[3600]	97	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
[3520]	98	{
	99	$page['items_number'] = 10;
	100	}
[796]	101
[1716]	102	$page['where_clauses'] = array();
	103
[796]	104	// which category to filter on ?
	105	if (isset($_GET['cat']) and 0 != $_GET['cat'])
	106	{
[1716]	107	$page['where_clauses'][] =
[796]	108	'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
	109	}
	110
	111	// search a particular author
[4139]	112	if (!empty($_GET['author']))
[796]	113	{
[3487]	114	$page['where_clauses'][] =
	115	'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
	116	OR author = \''.$_GET['author'].'\'';
[796]	117	}
	118
	119	// search a substring among comments content
[4139]	120	if (!empty($_GET['keyword']))
[796]	121	{
[1716]	122	$page['where_clauses'][] =
[796]	123	'('.
	124	implode(' AND ',
	125	array_map(
	126	create_function(
	127	'$s',
	128	'return "content LIKE \'%$s%\'";'
	129	),
[2012]	130	preg_split('/[\s,;]+/', $_GET['keyword'] )
[796]	131	)
	132	).
	133	')';
	134	}
	135
[1716]	136	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
	137
[1598]	138	// which status to filter on ?
[1716]	139	if ( !is_admin() )
[1598]	140	{
[1716]	141	$page['where_clauses'][] = 'validated="true"';
[1598]	142	}
	143
[1716]	144	$page['where_clauses'][] = get_sql_condition_FandF
	145	(
	146	array
	147	(
	148	'forbidden_categories' => 'category_id',
	149	'visible_categories' => 'category_id',
	150	'visible_images' => 'ic.image_id'
	151	),
	152	'', true
	153	);
[1598]	154
[579]	155	// +-----------------------------------------------------------------------+
	156	// \| comments management \|
	157	// +-----------------------------------------------------------------------+
[1617]	158	if (isset($_GET['delete']) and is_numeric($_GET['delete'])
[3445]	159	and (is_admin() \|\| $conf['user_can_delete_comment']))
[1617]	160	{// comments deletion
[3445]	161	delete_user_comment($_GET['delete']);
[1617]	162	}
[1598]	163
[1617]	164	if (isset($_GET['validate']) and is_numeric($_GET['validate'])
	165	and !is_adviser() )
	166	{ // comments validation
	167	check_status(ACCESS_ADMINISTRATOR);
	168	$query = '
[579]	169	UPDATE '.COMMENTS_TABLE.'
	170	SET validated = \'true\'
[1617]	171	, validation_date = NOW()
[1598]	172	WHERE id='.$_GET['validate'].'
[579]	173	;';
[1617]	174	pwg_query($query);
[579]	175	}
[1617]	176
[3445]	177	if (isset($_GET['edit']) and is_numeric($_GET['edit'])
	178	and (is_admin() \|\| $conf['user_can_edit_comment']))
	179	{
[3487]	180	if (!empty($_POST['content']))
[3445]	181	{
[3487]	182	update_user_comment(array('comment_id' => $_GET['edit'],
[3445]	183	'image_id' => $_POST['image_id'],
	184	'content' => $_POST['content']),
	185	$_POST['key']
[3487]	186	);
[3445]	187
	188	$edit_comment = null;
	189	}
[3487]	190	else
[3445]	191	{
	192	$edit_comment = $_GET['edit'];
	193	}
	194	}
	195
[579]	196	// +-----------------------------------------------------------------------+
	197	// \| page header and options \|
	198	// +-----------------------------------------------------------------------+
[355]	199
[2268]	200	$title= l10n('User comments');
[850]	201	$page['body_id'] = 'theCommentsPage';
	202
[579]	203	$template->set_filenames(array('comments'=>'comments.tpl'));
[2223]	204	$template->assign(
[579]	205	array(
[796]	206	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
[4182]	207	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
	208	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
[579]	209	)
	210	);
[355]	211
[796]	212	// +-----------------------------------------------------------------------+
	213	// \| form construction \|
	214	// +-----------------------------------------------------------------------+
	215
	216	// Search in a particular category
[2223]	217	$blockname = 'categories';
[796]	218
	219	$query = '
[1861]	220	SELECT id, name, uppercats, global_rank
[1677]	221	FROM '.CATEGORIES_TABLE.'
	222	'.get_sql_condition_FandF
	223	(
	224	array
	225	(
	226	'forbidden_categories' => 'id',
	227	'visible_categories' => 'id'
	228	),
	229	'WHERE'
	230	).'
[796]	231	;';
	232	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
	233
	234	// Filter on recent comments...
[2223]	235	$tpl_var=array();
[796]	236	foreach ($since_options as $id => $option)
	237	{
[2223]	238	$tpl_var[ $id ] = $option['label'];
[355]	239	}
[2223]	240	$template->assign( 'since_options', $tpl_var);
	241	$template->assign( 'since_options_selected', $page['since']);
[796]	242
	243	// Sort by
[2223]	244	$template->assign( 'sort_by_options', $sort_by);
	245	$template->assign( 'sort_by_options_selected', $page['sort_by']);
[796]	246
	247	// Sorting order
[2223]	248	$template->assign( 'sort_order_options', $sort_order);
	249	$template->assign( 'sort_order_options_selected', $page['sort_order']);
[796]	250
	251
	252	// Number of items
	253	$blockname = 'items_number_option';
[2223]	254	$tpl_var=array();
[796]	255	foreach ($items_number as $option)
	256	{
[2223]	257	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
[796]	258	}
[2223]	259	$template->assign( 'item_number_options', $tpl_var);
	260	$template->assign( 'item_number_options_selected', $page['items_number']);
[796]	261
[2223]	262
[579]	263	// +-----------------------------------------------------------------------+
[796]	264	// \| navigation bar \|
	265	// +-----------------------------------------------------------------------+
	266
	267	if (isset($_GET['start']) and is_numeric($_GET['start']))
	268	{
	269	$start = $_GET['start'];
	270	}
	271	else
	272	{
	273	$start = 0;
	274	}
	275
	276	$query = '
[3450]	277	SELECT COUNT(DISTINCT(com.id))
[796]	278	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[4139]	279	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	280	ON ic.image_id = com.image_id
[4139]	281	LEFT JOIN '.USERS_TABLE.' As u
	282	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	283	WHERE '.implode('
	284	AND ', $page['where_clauses']).'
[796]	285	;';
	286	list($counter) = mysql_fetch_row(pwg_query($query));
	287
[1598]	288	$url = PHPWG_ROOT_PATH
	289	.'comments.php'
	290	.get_query_string_diff(array('start','delete','validate'));
[796]	291
	292	$navbar = create_navigation_bar($url,
	293	$counter,
	294	$start,
	295	$page['items_number'],
	296	'');
	297
[3172]	298	$template->assign('navbar', $navbar);
[796]	299
	300	// +-----------------------------------------------------------------------+
[579]	301	// \| last comments display \|
	302	// +-----------------------------------------------------------------------+
[355]	303
[796]	304	$comments = array();
	305	$element_ids = array();
	306	$category_ids = array();
	307
[579]	308	$query = '
[796]	309	SELECT com.id AS comment_id
	310	, com.image_id
	311	, ic.category_id
	312	, com.author
[3450]	313	, com.author_id
[796]	314	, com.date
	315	, com.content
[1598]	316	, com.validated
[796]	317	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
[3487]	318	INNER JOIN '.COMMENTS_TABLE.' AS com
[796]	319	ON ic.image_id = com.image_id
[4139]	320	LEFT JOIN '.USERS_TABLE.' As u
	321	ON u.'.$conf['user_fields']['id'].' = com.author_id
[1716]	322	WHERE '.implode('
	323	AND ', $page['where_clauses']).'
[796]	324	GROUP BY comment_id
	325	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
	326	if ('all' != $page['items_number'])
	327	{
	328	$query.= '
	329	LIMIT '.$start.','.$page['items_number'];
	330	}
	331	$query.= '
[579]	332	;';
[587]	333	$result = pwg_query($query);
[1598]	334	while ($row = mysql_fetch_assoc($result))
[393]	335	{
[796]	336	array_push($comments, $row);
	337	array_push($element_ids, $row['image_id']);
	338	array_push($category_ids, $row['category_id']);
[393]	339	}
[796]	340
	341	if (count($comments) > 0)
[579]	342	{
[796]	343	// retrieving element informations
	344	$elements = array();
[579]	345	$query = '
[796]	346	SELECT id, name, file, path, tn_ext
[579]	347	FROM '.IMAGES_TABLE.'
[796]	348	WHERE id IN ('.implode(',', $element_ids).')
[579]	349	;';
[796]	350	$result = pwg_query($query);
[1598]	351	while ($row = mysql_fetch_assoc($result))
[579]	352	{
[796]	353	$elements[$row['id']] = $row;
[579]	354	}
[721]	355
[796]	356	// retrieving category informations
[579]	357	$query = '
[1866]	358	SELECT id, name, permalink, uppercats
[796]	359	FROM '.CATEGORIES_TABLE.'
	360	WHERE id IN ('.implode(',', $category_ids).')
	361	;';
[1866]	362	$categories = hash_from_query($query, 'id');
[796]	363
	364	foreach ($comments as $comment)
[579]	365	{
[796]	366	if (!empty($elements[$comment['image_id']]['name']))
[166]	367	{
[1598]	368	$name=$elements[$comment['image_id']]['name'];
[166]	369	}
[796]	370	else
	371	{
[1598]	372	$name=get_name_from_file($elements[$comment['image_id']]['file']);
[796]	373	}
[1090]	374
[796]	375	// source of the thumbnail picture
[1598]	376	$thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
[1090]	377
[796]	378	// link to the full size picture
[1090]	379	$url = make_picture_url(
	380	array(
[1861]	381	'category' => $categories[ $comment['category_id'] ],
[1090]	382	'image_id' => $comment['image_id'],
	383	'image_file' => $elements[$comment['image_id']]['file'],
	384	)
	385	);
	386
[2223]	387	$tpl_comment =
[796]	388	array(
[1004]	389	'U_PICTURE' => $url,
[848]	390	'TN_SRC' => $thumbnail_src,
[1598]	391	'ALT' => $name,
[3600]	392	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
[3122]	393	'DATE'=>format_date($comment['date'], true),
[1598]	394	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
[2223]	395	);
[1598]	396
[3487]	397	if (can_manage_comment('delete', $comment['author_id']))
[1598]	398	{
[3445]	399	$url = get_root_url().'comments.php'
	400	.get_query_string_diff(array('delete','validate','edit'));
[3487]	401	$tpl_comment['U_DELETE'] =
[3445]	402	add_url_params($url,
	403	array('delete'=>$comment['comment_id'])
	404	);
	405	}
[3450]	406	if (can_manage_comment('edit', $comment['author_id']))
[3445]	407	{
	408	$url = get_root_url().'comments.php'
	409	.get_query_string_diff(array('edit', 'delete','validate'));
[3487]	410	$tpl_comment['U_EDIT'] =
[3445]	411	add_url_params($url,
	412	array('edit'=>$comment['comment_id'])
	413	);
[3487]	414	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
[1598]	415	{
[3445]	416	$tpl_comment['IN_EDIT'] = true;
	417	$key = get_comment_post_key($comment['image_id']);
	418	$tpl_comment['KEY'] = $key;
	419	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
	420	$tpl_comment['CONTENT'] = $comment['content'];
[1598]	421	}
	422	}
[3445]	423
	424	if ( is_admin() && $comment['validated'] != 'true')
	425	{
[3487]	426	$tpl_comment['U_VALIDATE'] =
[3445]	427	add_url_params($url,
	428	array('validate'=>$comment['comment_id'])
	429	);
	430	}
[2223]	431	$template->append('comments', $tpl_comment);
[166]	432	}
[579]	433	}
	434	// +-----------------------------------------------------------------------+
	435	// \| html code display \|
	436	// +-----------------------------------------------------------------------+
[2107]	437	include(PHPWG_ROOT_PATH.'include/page_header.php');
[2223]	438	$template->pparse('comments');
[1598]	439	include(PHPWG_ROOT_PATH.'include/page_tail.php');
[2107]	440	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: