source: trunk/comments.php @ 2134

Last change on this file since 2134 was 2134, checked in by rvelices, 17 years ago
  • changed htmlentities to htmlspecialchars in comments.php (utf-8 issue)
  • web service explorer in utf-8
  • removed warning in function load_language
  • feature: show_queries also shows number of selected rows or number of affected rows
  • Property svn:eol-style set to LF
  • Property svn:keywords set to Author Date Id Revision
File size: 13.0 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | PhpWebGallery - a PHP based picture gallery                           |
4// | Copyright (C) 2002-2003 Pierrick LE GALL - pierrick@phpwebgallery.net |
5// | Copyright (C) 2003-2007 PhpWebGallery Team - http://phpwebgallery.net |
6// +-----------------------------------------------------------------------+
7// | file          : $Id: comments.php 2134 2007-10-11 00:10:41Z rvelices $
8// | last update   : $Date: 2007-10-11 00:10:41 +0000 (Thu, 11 Oct 2007) $
9// | last modifier : $Author: rvelices $
10// | revision      : $Revision: 2134 $
11// +-----------------------------------------------------------------------+
12// | This program is free software; you can redistribute it and/or modify  |
13// | it under the terms of the GNU General Public License as published by  |
14// | the Free Software Foundation                                          |
15// |                                                                       |
16// | This program is distributed in the hope that it will be useful, but   |
17// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
18// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
19// | General Public License for more details.                              |
20// |                                                                       |
21// | You should have received a copy of the GNU General Public License     |
22// | along with this program; if not, write to the Free Software           |
23// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
24// | USA.                                                                  |
25// +-----------------------------------------------------------------------+
26
27// +-----------------------------------------------------------------------+
28// |                           initialization                              |
29// +-----------------------------------------------------------------------+
30define('PHPWG_ROOT_PATH','./');
31include_once(PHPWG_ROOT_PATH.'include/common.inc.php');
32
33// +-----------------------------------------------------------------------+
34// | Check Access and exit when user status is not ok                      |
35// +-----------------------------------------------------------------------+
36check_status(ACCESS_GUEST);
37
38$sort_order = array(
39  'descending' => 'DESC',
40  'ascending' => 'ASC'
41  );
42
43// sort_by : database fields proposed for sorting comments list
44$sort_by = array(
45  'date' => 'comment date',
46  'image_id' => 'picture'
47  );
48
49// items_number : list of number of items to display per page
50$items_number = array(5,10,20,50,'all');
51
52// since when display comments ?
53//
54$since_options = array(
55  1 => array('label' => l10n('today'),
56             'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'),
57  2 => array('label' => sprintf(l10n('last %d days'), 7),
58             'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'),
59  3 => array('label' => sprintf(l10n('last %d days'), 30),
60             'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'),
61  4 => array('label' => l10n('the beginning'),
62             'clause' => '1=1') // stupid but generic
63  );
64
65$page['since'] = isset($_GET['since']) ? $_GET['since'] : 4;
66
67// on which field sorting
68//
69$page['sort_by'] = 'date';
70// if the form was submitted, it overloads default behaviour
71if (isset($_GET['sort_by']))
72{
73  $page['sort_by'] = $_GET['sort_by'];
74}
75
76// order to sort
77//
78$page['sort_order'] = $sort_order['descending'];
79// if the form was submitted, it overloads default behaviour
80if (isset($_GET['sort_order']))
81{
82  $page['sort_order'] = $sort_order[$_GET['sort_order']];
83}
84
85// number of items to display
86//
87$page['items_number'] = 10;
88if (isset($_GET['items_number']))
89{
90  $page['items_number'] = $_GET['items_number'];
91}
92
93$page['where_clauses'] = array();
94
95// which category to filter on ?
96if (isset($_GET['cat']) and 0 != $_GET['cat'])
97{
98  $page['where_clauses'][] =
99    'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')';
100}
101
102// search a particular author
103if (isset($_GET['author']) and !empty($_GET['author']))
104{
105  $page['where_clauses'][] = 'com.author = \''.$_GET['author'].'\'';
106}
107
108// search a substring among comments content
109if (isset($_GET['keyword']) and !empty($_GET['keyword']))
110{
111  $page['where_clauses'][] =
112    '('.
113    implode(' AND ',
114            array_map(
115              create_function(
116                '$s',
117                'return "content LIKE \'%$s%\'";'
118                ),
119              preg_split('/[\s,;]+/', $_GET['keyword'] )
120              )
121      ).
122    ')';
123}
124
125$page['where_clauses'][] = $since_options[$page['since']]['clause'];
126
127// which status to filter on ?
128if ( !is_admin() )
129{
130  $page['where_clauses'][] = 'validated="true"';
131}
132
133$page['where_clauses'][] = get_sql_condition_FandF
134  (
135    array
136      (
137        'forbidden_categories' => 'category_id',
138        'visible_categories' => 'category_id',
139        'visible_images' => 'ic.image_id'
140      ),
141    '', true
142  );
143
144// +-----------------------------------------------------------------------+
145// |                         comments management                           |
146// +-----------------------------------------------------------------------+
147if (isset($_GET['delete']) and is_numeric($_GET['delete'])
148      and !is_adviser() )
149{// comments deletion
150  check_status(ACCESS_ADMINISTRATOR);
151  $query = '
152DELETE FROM '.COMMENTS_TABLE.'
153  WHERE id='.$_GET['delete'].'
154;';
155  pwg_query($query);
156}
157
158if (isset($_GET['validate']) and is_numeric($_GET['validate'])
159      and !is_adviser() )
160{  // comments validation
161  check_status(ACCESS_ADMINISTRATOR);
162  $query = '
163UPDATE '.COMMENTS_TABLE.'
164  SET validated = \'true\'
165  , validation_date = NOW()
166  WHERE id='.$_GET['validate'].'
167;';
168  pwg_query($query);
169}
170
171// +-----------------------------------------------------------------------+
172// |                       page header and options                         |
173// +-----------------------------------------------------------------------+
174
175$title= l10n('title_comments');
176$page['body_id'] = 'theCommentsPage';
177
178$template->set_filenames(array('comments'=>'comments.tpl'));
179$template->assign_vars(
180  array(
181    'L_COMMENT_TITLE' => $title,
182
183    'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php',
184    'F_KEYWORD'=>@htmlspecialchars(stripslashes($_GET['keyword'])),
185    'F_AUTHOR'=>@htmlspecialchars(stripslashes($_GET['author'])),
186
187    'U_HOME' => make_index_url(),
188    )
189  );
190
191// +-----------------------------------------------------------------------+
192// |                          form construction                            |
193// +-----------------------------------------------------------------------+
194
195// Search in a particular category
196$blockname = 'category';
197
198$template->assign_block_vars(
199  $blockname,
200  array('SELECTED' => '',
201        'VALUE'=> 0,
202        'OPTION' => '------------'
203    ));
204
205$query = '
206SELECT id, name, uppercats, global_rank
207  FROM '.CATEGORIES_TABLE.'
208'.get_sql_condition_FandF
209  (
210    array
211      (
212        'forbidden_categories' => 'id',
213        'visible_categories' => 'id'
214      ),
215    'WHERE'
216  ).'
217;';
218display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true);
219
220// Filter on recent comments...
221$blockname = 'since_option';
222
223foreach ($since_options as $id => $option)
224{
225  $selected = ($id == $page['since']) ? 'selected="selected"' : '';
226
227  $template->assign_block_vars(
228    $blockname,
229    array('SELECTED' => $selected,
230          'VALUE'=> $id,
231          'CONTENT' => $option['label']
232      ));
233}
234
235// Sort by
236$blockname = 'sort_by_option';
237
238foreach ($sort_by as $key => $value)
239{
240  $selected = ($key == $page['sort_by']) ? 'selected="selected"' : '';
241
242  $template->assign_block_vars(
243    $blockname,
244    array('SELECTED' => $selected,
245          'VALUE'=> $key,
246          'CONTENT' => l10n($value)
247      ));
248}
249
250// Sorting order
251$blockname = 'sort_order_option';
252
253foreach (array_keys($sort_order) as $option)
254{
255  $selected = ($option == $page['sort_order']) ? 'selected="selected"' : '';
256
257  $template->assign_block_vars(
258    $blockname,
259    array('SELECTED' => $selected,
260          'VALUE'=> $option,
261          'CONTENT' => l10n($option)
262      ));
263}
264
265// Number of items
266$blockname = 'items_number_option';
267
268foreach ($items_number as $option)
269{
270  $selected = ($option == $page['items_number']) ? 'selected="selected"' : '';
271
272  $template->assign_block_vars(
273    $blockname,
274    array('SELECTED' => $selected,
275          'VALUE'=> $option,
276          'CONTENT' => is_numeric($option) ? $option : l10n($option)
277      ));
278}
279
280// +-----------------------------------------------------------------------+
281// |                            navigation bar                             |
282// +-----------------------------------------------------------------------+
283
284if (isset($_GET['start']) and is_numeric($_GET['start']))
285{
286  $start = $_GET['start'];
287}
288else
289{
290  $start = 0;
291}
292
293$query = '
294SELECT COUNT(DISTINCT(id))
295  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
296    INNER JOIN '.COMMENTS_TABLE.' AS com
297    ON ic.image_id = com.image_id
298  WHERE '.implode('
299    AND ', $page['where_clauses']).'
300;';
301list($counter) = mysql_fetch_row(pwg_query($query));
302
303$url = PHPWG_ROOT_PATH
304    .'comments.php'
305    .get_query_string_diff(array('start','delete','validate'));
306
307$navbar = create_navigation_bar($url,
308                                $counter,
309                                $start,
310                                $page['items_number'],
311                                '');
312
313$template->assign_vars(array('NAVBAR' => $navbar));
314
315// +-----------------------------------------------------------------------+
316// |                        last comments display                          |
317// +-----------------------------------------------------------------------+
318
319$comments = array();
320$element_ids = array();
321$category_ids = array();
322
323$query = '
324SELECT com.id AS comment_id
325     , com.image_id
326     , ic.category_id
327     , com.author
328     , com.date
329     , com.content
330     , com.id AS comment_id
331     , com.validated
332  FROM '.IMAGE_CATEGORY_TABLE.' AS ic
333    INNER JOIN '.COMMENTS_TABLE.' AS com
334    ON ic.image_id = com.image_id
335  WHERE '.implode('
336    AND ', $page['where_clauses']).'
337  GROUP BY comment_id
338  ORDER BY '.$page['sort_by'].' '.$page['sort_order'];
339if ('all' != $page['items_number'])
340{
341  $query.= '
342  LIMIT '.$start.','.$page['items_number'];
343}
344$query.= '
345;';
346$result = pwg_query($query);
347while ($row = mysql_fetch_assoc($result))
348{
349  array_push($comments, $row);
350  array_push($element_ids, $row['image_id']);
351  array_push($category_ids, $row['category_id']);
352}
353
354if (count($comments) > 0)
355{
356  // retrieving element informations
357  $elements = array();
358  $query = '
359SELECT id, name, file, path, tn_ext
360  FROM '.IMAGES_TABLE.'
361  WHERE id IN ('.implode(',', $element_ids).')
362;';
363  $result = pwg_query($query);
364  while ($row = mysql_fetch_assoc($result))
365  {
366    $elements[$row['id']] = $row;
367  }
368
369  // retrieving category informations
370  $query = '
371SELECT id, name, permalink, uppercats
372  FROM '.CATEGORIES_TABLE.'
373  WHERE id IN ('.implode(',', $category_ids).')
374;';
375  $categories = hash_from_query($query, 'id');
376
377  foreach ($comments as $comment)
378  {
379    if (!empty($elements[$comment['image_id']]['name']))
380    {
381      $name=$elements[$comment['image_id']]['name'];
382    }
383    else
384    {
385      $name=get_name_from_file($elements[$comment['image_id']]['file']);
386    }
387
388    // source of the thumbnail picture
389    $thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] );
390
391    // link to the full size picture
392    $url = make_picture_url(
393            array(
394              'category' => $categories[ $comment['category_id'] ],
395              'image_id' => $comment['image_id'],
396              'image_file' => $elements[$comment['image_id']]['file'],
397            )
398          );
399
400    $author = $comment['author'];
401    if (empty($comment['author']))
402    {
403      $author = l10n('guest');
404    }
405
406    $template->assign_block_vars(
407      'comment',
408      array(
409        'U_PICTURE' => $url,
410        'TN_SRC' => $thumbnail_src,
411        'ALT' => $name,
412        'AUTHOR' => trigger_event('render_comment_author', $author),
413        'DATE'=>format_date($comment['date'],'mysql_datetime',true),
414        'CONTENT'=>trigger_event('render_comment_content',$comment['content']),
415        ));
416
417    if ( is_admin() )
418    {
419      $url = get_root_url().'comments.php'.get_query_string_diff(array('delete','validate'));
420      $template->assign_block_vars(
421        'comment.action_delete',
422        array(
423          'U_DELETE' => add_url_params($url,
424                          array('delete'=>$comment['comment_id'])
425                         ),
426          ));
427      if ($comment['validated'] != 'true')
428      {
429        $template->assign_block_vars(
430          'comment.action_validate',
431          array(
432            'U_VALIDATE' => add_url_params($url,
433                            array('validate'=>$comment['comment_id'])
434                           ),
435            ));
436      }
437    }
438  }
439}
440// +-----------------------------------------------------------------------+
441// |                           html code display                           |
442// +-----------------------------------------------------------------------+
443include(PHPWG_ROOT_PATH.'include/page_header.php');
444$template->parse('comments');
445include(PHPWG_ROOT_PATH.'include/page_tail.php');
446?>
Note: See TracBrowser for help on using the repository browser.