Context Navigation

source: trunk/comments.php @ 15578

Last change on this file since 15578 was 15578, checked in by mistic100, 12 years ago
feature:2538 little rework of messages system, now can be used on 'loc_end_index' and 'loc_end_picture'
Property svn:eol-style set to `LF`
File size: 15.8 KB

Line
1	<?php
2	// +-----------------------------------------------------------------------+
3	// \| Piwigo - a PHP based photo gallery \|
4	// +-----------------------------------------------------------------------+
5	// \| Copyright(C) 2008-2012 Piwigo Team http://piwigo.org \|
6	// \| Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net \|
7	// \| Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick \|
8	// +-----------------------------------------------------------------------+
9	// \| This program is free software; you can redistribute it and/or modify \|
10	// \| it under the terms of the GNU General Public License as published by \|
11	// \| the Free Software Foundation \|
12	// \| \|
13	// \| This program is distributed in the hope that it will be useful, but \|
14	// \| WITHOUT ANY WARRANTY; without even the implied warranty of \|
15	// \| MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU \|
16	// \| General Public License for more details. \|
17	// \| \|
18	// \| You should have received a copy of the GNU General Public License \|
19	// \| along with this program; if not, write to the Free Software \|
20	// \| Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, \|
21	// \| USA. \|
22	// +-----------------------------------------------------------------------+
23
24	// +-----------------------------------------------------------------------+
25	// \| initialization \|
26	// +-----------------------------------------------------------------------+
27	define('PHPWG_ROOT_PATH','./');
28	include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
29	include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
30
31	if (!$conf['activate_comments'])
32	{
33	page_not_found(null);
34	}
35
36	// +-----------------------------------------------------------------------+
37	// \| Check Access and exit when user status is not ok \|
38	// +-----------------------------------------------------------------------+
39	check_status(ACCESS_GUEST);
40
41	$sort_order = array(
42	'DESC' => l10n('descending'),
43	'ASC' => l10n('ascending')
44	);
45
46	// sort_by : database fields proposed for sorting comments list
47	$sort_by = array(
48	'date' => l10n('comment date'),
49	'image_id' => l10n('photo')
50	);
51
52	// items_number : list of number of items to display per page
53	$items_number = array(5,10,20,50,'all');
54
55	// since when display comments ?
56	//
57	$since_options = array(
58	1 => array('label' => l10n('today'),
59	'clause' => 'date > '.pwg_db_get_recent_period_expression(1)),
60	2 => array('label' => sprintf(l10n('last %d days'), 7),
61	'clause' => 'date > '.pwg_db_get_recent_period_expression(7)),
62	3 => array('label' => sprintf(l10n('last %d days'), 30),
63	'clause' => 'date > '.pwg_db_get_recent_period_expression(30)),
64	4 => array('label' => l10n('the beginning'),
65	'clause' => '1=1') // stupid but generic
66	);
67
68	if (!empty($_GET['since']) && is_numeric($_GET['since']))
69	{
70	$page['since'] = $_GET['since'];
71	}
72	else
73	{
74	$page['since'] = 4;
75	}
76
77	// on which field sorting
78	//
79	$page['sort_by'] = 'date';
80	// if the form was submitted, it overloads default behaviour
81	if (isset($_GET['sort_by']) and isset($sort_by[$_GET['sort_by']]) )
82	{
83	$page['sort_by'] = $_GET['sort_by'];
84	}
85
86	// order to sort
87	//
88	$page['sort_order'] = 'DESC';
89	// if the form was submitted, it overloads default behaviour
90	if (isset($_GET['sort_order']) and isset($sort_order[$_GET['sort_order']]))
91	{
92	$page['sort_order'] = $_GET['sort_order'];
93	}
94
95	// number of items to display
96	//
97	$page['items_number'] = 10;
98	if (isset($_GET['items_number']))
99	{
100	$page['items_number'] = $_GET['items_number'];
101	}
102	if ( !is_numeric($page['items_number']) and $page['items_number']!='all' )
103	{
104	$page['items_number'] = 10;
105	}
106
107	$page['where_clauses'] = array();
108
109	// which category to filter on ?
110	if (isset($_GET['cat']) and 0 != $_GET['cat'])
111	{
112	check_input_parameter('cat', $_GET, false, PATTERN_ID);
113
114	$category_ids = get_subcat_ids(array($_GET['cat']));
115	if (empty($category_ids))
116	{
117	$category_ids = array(-1);
118	}
119
120	$page['where_clauses'][] =
121	'category_id IN ('.implode(',', $category_ids).')';
122	}
123
124	// search a particular author
125	if (!empty($_GET['author']))
126	{
127	$page['where_clauses'][] =
128	'u.'.$conf['user_fields']['username'].' = \''.$_GET['author'].'\'
129	OR author = \''.$_GET['author'].'\'';
130	}
131
132	// search a specific comment (if you're coming directly from an admin
133	// notification email)
134	if (!empty($_GET['comment_id']))
135	{
136	check_input_parameter('comment_id', $_GET, false, PATTERN_ID);
137
138	// currently, the $_GET['comment_id'] is only used by admins from email
139	// for management purpose (validate/delete)
140	if (!is_admin())
141	{
142	$login_url =
143	get_root_url().'identification.php?redirect='
144	.urlencode(urlencode($_SERVER['REQUEST_URI']))
145	;
146	redirect($login_url);
147	}
148
149	$page['where_clauses'][] = 'com.id = '.$_GET['comment_id'];
150	}
151
152	// search a substring among comments content
153	if (!empty($_GET['keyword']))
154	{
155	$page['where_clauses'][] =
156	'('.
157	implode(' AND ',
158	array_map(
159	create_function(
160	'$s',
161	'return "content LIKE \'%$s%\'";'
162	),
163	preg_split('/[\s,;]+/', $_GET['keyword'] )
164	)
165	).
166	')';
167	}
168
169	$page['where_clauses'][] = $since_options[$page['since']]['clause'];
170
171	// which status to filter on ?
172	if ( !is_admin() )
173	{
174	$page['where_clauses'][] = 'validated=\'true\'';
175	}
176
177	$page['where_clauses'][] = get_sql_condition_FandF
178	(
179	array
180	(
181	'forbidden_categories' => 'category_id',
182	'visible_categories' => 'category_id',
183	'visible_images' => 'ic.image_id'
184	),
185	'', true
186	);
187
188	// +-----------------------------------------------------------------------+
189	// \| comments management \|
190	// +-----------------------------------------------------------------------+
191
192	$comment_id = null;
193	$action = null;
194
195	$actions = array('delete', 'validate', 'edit');
196	foreach ($actions as $loop_action)
197	{
198	if (isset($_GET[$loop_action]))
199	{
200	$action = $loop_action;
201	check_input_parameter($action, $_GET, false, PATTERN_ID);
202	$comment_id = $_GET[$action];
203	break;
204	}
205	}
206
207	if (isset($action))
208	{
209	$comment_author_id = get_comment_author_id($comment_id);
210
211	if (can_manage_comment($action, $comment_author_id))
212	{
213	$perform_redirect = false;
214
215	if ('delete' == $action)
216	{
217	check_pwg_token();
218	delete_user_comment($comment_id);
219	$perform_redirect = true;
220	}
221
222	if ('validate' == $action)
223	{
224	check_pwg_token();
225	validate_user_comment($comment_id);
226	$perform_redirect = true;
227	}
228
229	if ('edit' == $action)
230	{
231	if (!empty($_POST['content']))
232	{
233	check_pwg_token();
234	update_user_comment(
235	array(
236	'comment_id' => $_GET['edit'],
237	'image_id' => $_POST['image_id'],
238	'content' => $_POST['content']
239	),
240	$_POST['key']
241	);
242
243	$perform_redirect = true;
244	}
245	else
246	{
247	$edit_comment = $_GET['edit'];
248	}
249	}
250
251	if ($perform_redirect)
252	{
253	$redirect_url =
254	PHPWG_ROOT_PATH
255	.'comments.php'
256	.get_query_string_diff(array('delete','edit','validate','pwg_token'));
257
258	redirect($redirect_url);
259	}
260	}
261	}
262
263	// +-----------------------------------------------------------------------+
264	// \| page header and options \|
265	// +-----------------------------------------------------------------------+
266
267	$title= l10n('User comments');
268	$page['body_id'] = 'theCommentsPage';
269
270	$template->set_filenames(array('comments'=>'comments.tpl'));
271	$template->assign(
272	array(
273	'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
274	'F_KEYWORD'=> @htmlspecialchars(stripslashes($_GET['keyword'], ENT_QUOTES, 'utf-8')),
275	'F_AUTHOR'=> @htmlspecialchars(stripslashes($_GET['author'], ENT_QUOTES, 'utf-8')),
276	)
277	);
278
279	// +-----------------------------------------------------------------------+
280	// \| form construction \|
281	// +-----------------------------------------------------------------------+
282
283	// Search in a particular category
284	$blockname = 'categories';
285
286	$query = '
287	SELECT id, name, uppercats, global_rank
288	FROM '.CATEGORIES_TABLE.'
289	'.get_sql_condition_FandF
290	(
291	array
292	(
293	'forbidden_categories' => 'id',
294	'visible_categories' => 'id'
295	),
296	'WHERE'
297	).'
298	;';
299	display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
300
301	// Filter on recent comments...
302	$tpl_var=array();
303	foreach ($since_options as $id => $option)
304	{
305	$tpl_var[ $id ] = $option['label'];
306	}
307	$template->assign( 'since_options', $tpl_var);
308	$template->assign( 'since_options_selected', $page['since']);
309
310	// Sort by
311	$template->assign( 'sort_by_options', $sort_by);
312	$template->assign( 'sort_by_options_selected', $page['sort_by']);
313
314	// Sorting order
315	$template->assign( 'sort_order_options', $sort_order);
316	$template->assign( 'sort_order_options_selected', $page['sort_order']);
317
318
319	// Number of items
320	$blockname = 'items_number_option';
321	$tpl_var=array();
322	foreach ($items_number as $option)
323	{
324	$tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option);
325	}
326	$template->assign( 'item_number_options', $tpl_var);
327	$template->assign( 'item_number_options_selected', $page['items_number']);
328
329
330	// +-----------------------------------------------------------------------+
331	// \| navigation bar \|
332	// +-----------------------------------------------------------------------+
333
334	if (isset($_GET['start']) and is_numeric($_GET['start']))
335	{
336	$start = $_GET['start'];
337	}
338	else
339	{
340	$start = 0;
341	}
342
343	$query = '
344	SELECT COUNT(DISTINCT(com.id))
345	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
346	INNER JOIN '.COMMENTS_TABLE.' AS com
347	ON ic.image_id = com.image_id
348	LEFT JOIN '.USERS_TABLE.' As u
349	ON u.'.$conf['user_fields']['id'].' = com.author_id
350	WHERE '.implode('
351	AND ', $page['where_clauses']).'
352	;';
353	list($counter) = pwg_db_fetch_row(pwg_query($query));
354
355	$url = PHPWG_ROOT_PATH
356	.'comments.php'
357	.get_query_string_diff(array('start','delete','validate','pwg_token'));
358
359	$navbar = create_navigation_bar($url,
360	$counter,
361	$start,
362	$page['items_number'],
363	'');
364
365	$template->assign('navbar', $navbar);
366
367	// +-----------------------------------------------------------------------+
368	// \| last comments display \|
369	// +-----------------------------------------------------------------------+
370
371	$comments = array();
372	$element_ids = array();
373	$category_ids = array();
374
375	$query = '
376	SELECT com.id AS comment_id,
377	com.image_id,
378	com.author,
379	com.author_id,
380	com.date,
381	com.content,
382	com.validated
383	FROM '.IMAGE_CATEGORY_TABLE.' AS ic
384	INNER JOIN '.COMMENTS_TABLE.' AS com
385	ON ic.image_id = com.image_id
386	LEFT JOIN '.USERS_TABLE.' As u
387	ON u.'.$conf['user_fields']['id'].' = com.author_id
388	WHERE '.implode('
389	AND ', $page['where_clauses']).'
390	GROUP BY comment_id,
391	com.image_id,
392	com.author,
393	com.author_id,
394	com.date,
395	com.content,
396	com.validated
397	ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
398	if ('all' != $page['items_number'])
399	{
400	$query.= '
401	LIMIT '.$page['items_number'].' OFFSET '.$start;
402	}
403	$query.= '
404	;';
405	$result = pwg_query($query);
406	while ($row = pwg_db_fetch_assoc($result))
407	{
408	array_push($comments, $row);
409	array_push($element_ids, $row['image_id']);
410	}
411
412	if (count($comments) > 0)
413	{
414	// retrieving element informations
415	$elements = array();
416	$query = '
417	SELECT *
418	FROM '.IMAGES_TABLE.'
419	WHERE id IN ('.implode(',', $element_ids).')
420	;';
421	$result = pwg_query($query);
422	while ($row = pwg_db_fetch_assoc($result))
423	{
424	$elements[$row['id']] = $row;
425	}
426
427	// retrieving category informations
428	$query = '
429	SELECT c.id, name, permalink, uppercats, com.id as comment_id
430	FROM '.CATEGORIES_TABLE.' AS c
431	LEFT JOIN '.IMAGE_CATEGORY_TABLE.' AS ic
432	ON c.id=ic.category_id
433	LEFT JOIN '.COMMENTS_TABLE.' AS com
434	ON ic.image_id=com.image_id
435	'.get_sql_condition_FandF
436	(
437	array
438	(
439	'forbidden_categories' => 'c.id',
440	'visible_categories' => 'c.id'
441	),
442	'WHERE'
443	).'
444	;';
445	$categories = hash_from_query($query, 'comment_id');
446
447	foreach ($comments as $comment)
448	{
449	if (!empty($elements[$comment['image_id']]['name']))
450	{
451	$name=$elements[$comment['image_id']]['name'];
452	}
453	else
454	{
455	$name=get_name_from_file($elements[$comment['image_id']]['file']);
456	}
457
458	// source of the thumbnail picture
459	$src_image = new SrcImage($elements[$comment['image_id']]);
460
461	// link to the full size picture
462	$url = make_picture_url(
463	array(
464	'category' => $categories[ $comment['comment_id'] ],
465	'image_id' => $comment['image_id'],
466	'image_file' => $elements[$comment['image_id']]['file'],
467	)
468	);
469
470	$tpl_comment = array(
471	'ID' => $comment['comment_id'],
472	'U_PICTURE' => $url,
473	'src_image' => $src_image,
474	'ALT' => $name,
475	'AUTHOR' => trigger_event('render_comment_author', $comment['author']),
476	'DATE'=>format_date($comment['date'], true),
477	'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
478	);
479
480	if (can_manage_comment('delete', $comment['author_id']))
481	{
482	$url =
483	get_root_url()
484	.'comments.php'
485	.get_query_string_diff(array('delete','validate','edit', 'pwg_token'));
486
487	$tpl_comment['U_DELETE'] = add_url_params(
488	$url,
489	array(
490	'delete' => $comment['comment_id'],
491	'pwg_token' => get_pwg_token(),
492	)
493	);
494	}
495
496	if (can_manage_comment('edit', $comment['author_id']))
497	{
498	$url =
499	get_root_url()
500	.'comments.php'
501	.get_query_string_diff(array('edit', 'delete','validate', 'pwg_token'));
502
503	$tpl_comment['U_EDIT'] = add_url_params(
504	$url,
505	array(
506	'edit' => $comment['comment_id']
507	)
508	);
509
510	if (isset($edit_comment) and ($comment['comment_id'] == $edit_comment))
511	{
512	$tpl_comment['IN_EDIT'] = true;
513	$key = get_ephemeral_key(2, $comment['image_id']);
514	$tpl_comment['KEY'] = $key;
515	$tpl_comment['IMAGE_ID'] = $comment['image_id'];
516	$tpl_comment['CONTENT'] = $comment['content'];
517	$tpl_comment['PWG_TOKEN'] = get_pwg_token();
518	}
519	}
520
521	if (can_manage_comment('validate', $comment['author_id']))
522	{
523	if ('true' != $comment['validated'])
524	{
525	$tpl_comment['U_VALIDATE'] = add_url_params(
526	$url,
527	array(
528	'validate'=> $comment['comment_id'],
529	'pwg_token' => get_pwg_token(),
530	)
531	);
532	}
533	}
534	$template->append('comments', $tpl_comment);
535	}
536	}
537
538	$derivative_params = trigger_event('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB) );
539	$template->assign( 'derivative_params', $derivative_params );
540
541	// include menubar
542	$themeconf = $template->get_template_vars('themeconf');
543	if (!isset($themeconf['hide_menu_on']) OR !in_array('theCommentsPage', $themeconf['hide_menu_on']))
544	{
545	include( PHPWG_ROOT_PATH.'include/menubar.inc.php');
546	}
547
548	// +-----------------------------------------------------------------------+
549	// \| html code display \|
550	// +-----------------------------------------------------------------------+
551	include(PHPWG_ROOT_PATH.'include/page_header.php');
552	include(PHPWG_ROOT_PATH.'include/page_messages.php');
553	$template->pparse('comments');
554	include(PHPWG_ROOT_PATH.'include/page_tail.php');
555	?>

Note: See TracBrowser for help on using the repository browser.

Download in other formats: