source: trunk/include/picture_comment.inc.php @ 20384

Last change on this file since 20384 was 19703, checked in by plg, 11 years ago

update Piwigo headers to 2013 (the end of the world didn't occur as expected on r12922)

  • Property svn:eol-style set to LF
File size: 8.4 KB
Line 
1<?php
2// +-----------------------------------------------------------------------+
3// | Piwigo - a PHP based photo gallery                                    |
4// +-----------------------------------------------------------------------+
5// | Copyright(C) 2008-2013 Piwigo Team                  http://piwigo.org |
6// | Copyright(C) 2003-2008 PhpWebGallery Team    http://phpwebgallery.net |
7// | Copyright(C) 2002-2003 Pierrick LE GALL   http://le-gall.net/pierrick |
8// +-----------------------------------------------------------------------+
9// | This program is free software; you can redistribute it and/or modify  |
10// | it under the terms of the GNU General Public License as published by  |
11// | the Free Software Foundation                                          |
12// |                                                                       |
13// | This program is distributed in the hope that it will be useful, but   |
14// | WITHOUT ANY WARRANTY; without even the implied warranty of            |
15// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU      |
16// | General Public License for more details.                              |
17// |                                                                       |
18// | You should have received a copy of the GNU General Public License     |
19// | along with this program; if not, write to the Free Software           |
20// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, |
21// | USA.                                                                  |
22// +-----------------------------------------------------------------------+
23
24/**
25 * This file is included by the picture page to manage user comments
26 *
27 */
28
29// the picture is commentable if it belongs at least to one category which
30// is commentable
31$page['show_comments'] = false;
32foreach ($related_categories as $category)
33{
34  if ($category['commentable']=='true')
35  {
36    $page['show_comments'] = true;
37    break;
38  }
39}
40
41if ( $page['show_comments'] and isset( $_POST['content'] ) )
42{
43  if ( is_a_guest() and !$conf['comments_forall'] )
44  {
45    die ('Session expired');
46  }
47
48  $comm = array(
49    'author' => trim( @$_POST['author'] ),
50    'content' => trim( $_POST['content'] ),
51    'website_url' => trim( $_POST['website_url'] ),
52    'email' => trim( @$_POST['email'] ),
53    'image_id' => $page['image_id'],
54   );
55
56  include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php');
57
58  $comment_action = insert_user_comment($comm, @$_POST['key'], $page['errors']);
59
60  switch ($comment_action)
61  {
62    case 'moderate':
63      array_push($page['infos'], l10n('An administrator must authorize your comment before it is visible.') );
64    case 'validate':
65      array_push($page['infos'], l10n('Your comment has been registered'));
66      break;
67    case 'reject':
68      set_status_header(403);
69      array_push($page['errors'], l10n('Your comment has NOT been registered because it did not pass the validation rules') );
70      break;
71    default:
72      trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING);
73  }
74
75  // allow plugins to notify what's going on
76  trigger_action( 'user_comment_insertion',
77      array_merge($comm, array('action'=>$comment_action) )
78    );
79}
80elseif ( isset($_POST['content']) )
81{
82  set_status_header(403);
83  die('ugly spammer');
84}
85
86if ($page['show_comments'])
87{
88  if ( !is_admin() )
89  {
90    $validated_clause = '  AND validated = \'true\'';
91  }
92  else
93  {
94    $validated_clause = '';
95  }
96
97  // number of comments for this picture
98  $query = '
99SELECT
100    COUNT(*) AS nb_comments
101  FROM '.COMMENTS_TABLE.'
102  WHERE image_id = '.$page['image_id']
103  .$validated_clause.'
104;';
105  $row = pwg_db_fetch_assoc( pwg_query( $query ) );
106
107  // navigation bar creation
108  if (!isset($page['start']))
109  {
110    $page['start'] = 0;
111  }
112
113  $navigation_bar = create_navigation_bar(
114    duplicate_picture_url(array(), array('start')),
115    $row['nb_comments'],
116    $page['start'],
117    $conf['nb_comment_page'],
118    true // We want a clean URL
119    );
120
121  $template->assign(
122    array(
123      'COMMENT_COUNT' => $row['nb_comments'],
124      'navbar' => $navigation_bar,
125      )
126    );
127
128  if ($row['nb_comments'] > 0)
129  {
130    // comments order (get, session, conf)
131    if (!empty($_GET['comments_order']) && in_array(strtoupper($_GET['comments_order']), array('ASC', 'DESC')))
132    {
133      pwg_set_session_var('comments_order', $_GET['comments_order']);
134    }
135    $comments_order = pwg_get_session_var('comments_order', $conf['comments_order']);
136
137    $template->assign(array(
138      'COMMENTS_ORDER_URL' => add_url_params( duplicate_picture_url(), array('comments_order'=> ($comments_order == 'ASC' ? 'DESC' : 'ASC') ) ),
139      'COMMENTS_ORDER_TITLE' => $comments_order == 'ASC' ? l10n('Show latest comments first') : l10n('Show oldest comments first'),
140      ));
141
142    $query = '
143SELECT
144    com.id,
145    author,
146    author_id,
147    u.'.$conf['user_fields']['email'].' AS user_email,
148    date,
149    image_id,
150    website_url,
151    com.email,
152    content,
153    validated
154  FROM '.COMMENTS_TABLE.' AS com
155  LEFT JOIN '.USERS_TABLE.' AS u
156    ON u.'.$conf['user_fields']['id'].' = author_id
157  WHERE image_id = '.$page['image_id'].'
158    '.$validated_clause.'
159  ORDER BY date '.$comments_order.'
160  LIMIT '.$conf['nb_comment_page'].' OFFSET '.$page['start'].'
161;';
162    $result = pwg_query( $query );
163
164    while ($row = pwg_db_fetch_assoc($result))
165    {
166      if ($row['author'] == 'guest')
167      {
168        $row['author'] = l10n('guest');
169      }
170
171      $email = null;
172      if (!empty($row['user_email']))
173      {
174        $email = $row['user_email'];
175      }
176      elseif (!empty($row['email']))
177      {
178        $email = $row['email'];
179      }
180
181      $tpl_comment =
182        array(
183          'ID' => $row['id'],
184          'AUTHOR' => trigger_event('render_comment_author', $row['author']),
185          'DATE' => format_date($row['date'], true),
186          'CONTENT' => trigger_event('render_comment_content',$row['content']),
187          'WEBSITE_URL' => $row['website_url'],
188        );
189
190      if (can_manage_comment('delete', $row['author_id']))
191      {
192        $tpl_comment['U_DELETE'] = add_url_params(
193          $url_self,
194          array(
195            'action'=>'delete_comment',
196            'comment_to_delete'=>$row['id'],
197            'pwg_token' => get_pwg_token(),
198            )
199          );
200      }
201      if (can_manage_comment('edit', $row['author_id']))
202      {
203        $tpl_comment['U_EDIT'] = add_url_params(
204          $url_self,
205          array(
206            'action'=>'edit_comment',
207            'comment_to_edit'=>$row['id'],
208            )
209          );
210          if (isset($edit_comment) and ($row['id'] == $edit_comment))
211          {
212            $tpl_comment['IN_EDIT'] = true;
213            $key = get_ephemeral_key(2, $page['image_id']);
214            $tpl_comment['KEY'] = $key;
215            $tpl_comment['CONTENT'] = $row['content'];
216            $tpl_comment['PWG_TOKEN'] = get_pwg_token();
217            $tpl_comment['U_CANCEL'] = $url_self;
218          }
219      }
220      if (is_admin())
221      {
222        $tpl_comment['EMAIL'] = $email;
223
224        if ($row['validated'] != 'true')
225        {
226          $tpl_comment['U_VALIDATE'] = add_url_params(
227                  $url_self,
228                  array(
229                    'action' => 'validate_comment',
230                    'comment_to_validate' => $row['id'],
231                    'pwg_token' => get_pwg_token(),
232                    )
233                  );
234        }
235      }
236      $template->append('comments', $tpl_comment);
237    }
238  }
239
240  $show_add_comment_form = true;
241  if (isset($edit_comment))
242  {
243    $show_add_comment_form = false;
244  }
245  if (is_a_guest() and !$conf['comments_forall'])
246  {
247    $show_add_comment_form = false;
248  }
249
250  if ($show_add_comment_form)
251  {
252    $key = get_ephemeral_key(3, $page['image_id']);
253
254    $tpl_var =  array(
255        'F_ACTION' =>         $url_self,
256        'KEY' =>              $key,
257        'CONTENT' =>          '',
258        'SHOW_AUTHOR' =>      !is_classic_user(),
259        'AUTHOR_MANDATORY' => $conf['comments_author_mandatory'],
260        'AUTHOR' =>           '',
261        'WEBSITE_URL' =>      '',
262        'SHOW_EMAIL' =>       !is_classic_user() or empty($user['email']),
263        'EMAIL_MANDATORY' =>  $conf['comments_email_mandatory'],
264        'EMAIL' =>            '',
265      );
266
267    if ('reject'==@$comment_action)
268    {
269      foreach( array('content', 'author', 'website_url', 'email') as $k)
270      {
271        $tpl_var[strtoupper($k)] = htmlspecialchars( stripslashes(@$_POST[$k]) );
272      }
273    }
274    $template->assign('comment_add', $tpl_var);
275  }
276}
277
278?>
Note: See TracBrowser for help on using the repository browser.