- Timestamp:
- Dec 22, 2013, 8:30:51 PM (10 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
extensions/Comments_on_Albums/trunk/include/coa_albums.php
r21347 r26089 1 1 <?php 2 2 /* Code adapted from include/picture_comment.inc.php and picture.php */ 3 if (!defined('PHPWG_ROOT_PATH'))die('Hacking attempt!');4 5 global $ conf, $user;3 defined('COA_ID') or die('Hacking attempt!'); 4 5 global $template, $page, $conf, $pwg_loaded_plugins, $user; 6 6 7 7 // +-----------------------------------------------------------------------+ … … 12 12 $url_self = duplicate_index_url(array( 13 13 'category' => array( 14 'id' => $category['id'], 15 'name' => $category['name'], 14 'id' => $category['id'], 15 'name' => $category['name'], 16 16 'permalink' => $category['permalink'] 17 ), 17 ), 18 18 array('start') 19 19 )); … … 23 23 // | actions | 24 24 // +-----------------------------------------------------------------------+ 25 if (isset($_GET['action'])) 25 if (isset($_GET['action'])) 26 26 { 27 switch ($_GET['action']) 28 { 29 case 'edit_comment' : 30 { 31 include_once(COA_PATH.'include/functions_comment.inc.php'); // custom fonctions27 switch ($_GET['action']) 28 { 29 case 'edit_comment' : 30 { 31 include_once(COA_PATH.'include/functions_comment.inc.php'); 32 32 check_input_parameter('comment_to_edit', $_GET, false, PATTERN_ID); 33 33 $author_id = get_comment_author_id_albums($_GET['comment_to_edit']); 34 34 35 if (can_manage_comment('edit', $author_id)) 36 { 37 if (!empty($_POST['content'])) 35 if (can_manage_comment('edit', $author_id)) 36 { 37 if (!empty($_POST['content'])) 38 38 { 39 39 check_pwg_token(); … … 42 42 'comment_id' => $_GET['comment_to_edit'], 43 43 'category_id' => $category['id'], 44 'content' => $_POST['content'] 44 'content' => $_POST['content'], 45 'website_url' => @$_POST['website_url'], 45 46 ), 46 47 $_POST['key'] 47 48 ); 48 49 49 50 $perform_redirect = false; 50 51 switch ($comment_action) … … 69 70 } 70 71 unset($_POST['content']); 71 } 72 else 72 } 73 else 73 74 { 74 75 $edit_comment = $_GET['comment_to_edit']; 75 76 } 77 78 $template->assign('DISPLAY_COMMENTS_BLOCK', true); 76 79 break; 77 80 } 78 81 } 79 case 'delete_comment' : 82 case 'delete_comment' : 80 83 { 81 84 check_pwg_token(); 82 83 include_once(COA_PATH.'include/functions_comment.inc.php'); // custom fonctions84 85 86 include_once(COA_PATH.'include/functions_comment.inc.php'); 87 85 88 check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID); 86 89 87 90 $author_id = get_comment_author_id_albums($_GET['comment_to_delete']); 88 91 89 if (can_manage_comment('delete', $author_id)) 92 if (can_manage_comment('delete', $author_id)) 90 93 { 91 94 delete_user_comment_albums($_GET['comment_to_delete']); … … 94 97 redirect($url_self); 95 98 } 96 case 'validate_comment' : 99 case 'validate_comment' : 97 100 { 98 101 check_pwg_token(); 99 100 include_once(COA_PATH.'include/functions_comment.inc.php'); // custom fonctions101 102 103 include_once(COA_PATH.'include/functions_comment.inc.php'); 104 102 105 check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID); 103 106 104 107 $author_id = get_comment_author_id_albums($_GET['comment_to_validate']); 105 108 106 if (can_manage_comment('validate', $author_id)) 109 if (can_manage_comment('validate', $author_id)) 107 110 { 108 111 validate_user_comment_albums($_GET['comment_to_validate']); … … 118 121 // | insert comment | 119 122 // +-----------------------------------------------------------------------+ 120 if ($category['commentable'] and isset($_POST['content'])) 123 if ($category['commentable'] and isset($_POST['content'])) 121 124 { 122 if (is_a_guest() and !$conf['comments_forall']) 125 if (is_a_guest() and !$conf['comments_forall']) 123 126 { 124 127 die('Session expired'); 125 128 } 126 129 127 130 $comm = array( 128 131 'author' => trim( @$_POST['author'] ), … … 133 136 ); 134 137 135 include_once(COA_PATH.'include/functions_comment.inc.php'); // custom fonctions136 138 include_once(COA_PATH.'include/functions_comment.inc.php'); 139 137 140 $comment_action = insert_user_comment_albums($comm, @$_POST['key'], $page['errors']); 138 141 139 switch ($comment_action) 142 switch ($comment_action) 140 143 { 141 144 case 'moderate': 142 array_push($page['infos'], l10n('An administrator must authorize your comment before it is visible.'));145 $page['infos'][] = l10n('An administrator must authorize your comment before it is visible.'); 143 146 case 'validate': 144 array_push($page['infos'], l10n('Your comment has been registered'));147 $page['infos'][] = l10n('Your comment has been registered'); 145 148 break; 146 149 case 'reject': 147 150 set_status_header(403); 148 array_push($page['errors'], l10n('Your comment has NOT been registered because it did not pass the validation rules'));151 $page['errors'][] = l10n('Your comment has NOT been registered because it did not pass the validation rules'); 149 152 break; 150 153 default: 151 154 trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING); 152 155 } 153 156 154 157 // allow plugins to notify what's going on 155 158 trigger_action( 'user_comment_insertion', 156 159 array_merge($comm, array('action'=>$comment_action) ) 157 160 ); 158 161 159 162 $template->assign('DISPLAY_COMMENTS_BLOCK', true); 160 } 161 else if (isset($_POST['content'])) 163 } 164 else if (isset($_POST['content'])) 162 165 { 163 166 set_status_header(403); … … 169 172 // | display comments | 170 173 // +-----------------------------------------------------------------------+ 171 if ($category['commentable']) 174 if ($category['commentable']) 172 175 { 173 if (!is_admin()) 176 if (isset($_GET['coa_open'])) 177 { 178 $template->assign('DISPLAY_COMMENTS_BLOCK', true); 179 } 180 181 if (!is_admin()) 174 182 { 175 183 $validated_clause = " AND validated = 'true'"; 176 } 177 else 184 } 185 else 178 186 { 179 187 $validated_clause = null; … … 182 190 // number of comments for this category 183 191 $query = ' 184 SELECT 192 SELECT 185 193 COUNT(*) AS nb_comments 186 194 FROM '.COA_TABLE.' … … 190 198 $row = pwg_db_fetch_assoc(pwg_query($query)); 191 199 192 // navigation bar creation, can't use $_GET['start'] because used by thumbnails navigation bar 193 if (isset($_GET['start_comments'])) 200 // navigation bar creation 201 // can't use $_GET['start'] because used by thumbnails navigation bar 202 if (isset($_GET['start_comments'])) 194 203 { 195 204 $page['start_comments'] = $_GET['start_comments']; 196 } 197 else 205 } 206 else 198 207 { 199 208 $page['start_comments'] = 0; 200 209 } 201 include_once(COA_PATH.'include/functions.inc.php'); // custom fonctions 202 203 $navigation_bar = create_comment_navigation_bar( 204 duplicate_index_url(array(), array('start')), 210 211 $navigation_bar = create_navigation_bar( 212 add_url_params(duplicate_index_url(array(), array('start_comments')), array('coa_open'=>null)), 205 213 $row['nb_comments'], 206 214 $page['start_comments'], 207 $conf['nb_comment_page'] 215 $conf['nb_comment_page'], 216 false, 217 'start_comments' 208 218 ); 209 219 … … 215 225 ); 216 226 217 if ($row['nb_comments'] > 0) 227 if ($row['nb_comments'] > 0) 218 228 { 219 229 // comments order (get, session, conf) … … 225 235 226 236 $template->assign(array( 227 'COMMENTS_ORDER_URL' => add_url_params( duplicate_index_url(), array('comments_order'=> ($comments_order == 'ASC' ? 'DESC' : 'ASC')) ),237 'COMMENTS_ORDER_URL' => add_url_params(duplicate_index_url(), array('comments_order'=> ($comments_order == 'ASC' ? 'DESC' : 'ASC'), 'coa_open'=>null ) ), 228 238 'COMMENTS_ORDER_TITLE' => $comments_order == 'ASC' ? l10n('Show latest comments first') : l10n('Show oldest comments first'), 229 239 )); 230 240 231 241 // get comments 232 242 $query = ' … … 235 245 com.author, 236 246 com.author_id, 237 u.'.$conf['user_fields']['username'].' AS username,238 247 u.'.$conf['user_fields']['email'].' AS user_email, 248 com.date, 249 com.category_id, 250 com.website_url, 239 251 com.email, 240 com.date,241 com.website_url,242 com.category_id,243 252 com.content, 244 253 com.validated … … 253 262 $result = pwg_query($query); 254 263 255 while ($row = pwg_db_fetch_assoc($result)) 264 while ($row = pwg_db_fetch_assoc($result)) 256 265 { 257 266 if ($row['author'] == 'guest') … … 259 268 $row['author'] = l10n('guest'); 260 269 } 261 270 262 271 $email = null; 263 272 if (!empty($row['user_email'])) … … 269 278 $email = $row['email']; 270 279 } 271 280 272 281 // comment content 273 282 $tpl_comment = array( … … 275 284 'AUTHOR' => trigger_event('render_comment_author', $row['author']), 276 285 'DATE' => format_date($row['date'], true), 286 'CONTENT' => trigger_event('render_comment_content', $row['content'], 'album'), 277 287 'WEBSITE_URL' => $row['website_url'], 278 'CONTENT' => trigger_event('render_comment_content', $row['content'], 'album'),279 288 ); 280 289 281 290 // rights 282 if (can_manage_comment('delete', $row['author_id'])) 291 if (can_manage_comment('delete', $row['author_id'])) 283 292 { 284 293 $tpl_comment['U_DELETE'] = add_url_params( 285 $url_self, 294 $url_self, 286 295 array( 287 296 'action' => 'delete_comment', … … 291 300 ); 292 301 } 293 if (can_manage_comment('edit', $row['author_id'])) 302 if (can_manage_comment('edit', $row['author_id'])) 294 303 { 295 304 $tpl_comment['U_EDIT'] = add_url_params( 296 $url_self, 305 $url_self, 297 306 array( 298 307 'action' => 'edit_comment', … … 300 309 ) 301 310 ); 302 if (isset($edit_comment) and ($row['id'] == $edit_comment)) 311 if (isset($edit_comment) and ($row['id'] == $edit_comment)) 303 312 { 304 313 $tpl_comment['IN_EDIT'] = true; … … 307 316 $tpl_comment['CONTENT'] = $row['content']; 308 317 $tpl_comment['PWG_TOKEN'] = get_pwg_token(); 318 $tpl_comment['U_CANCEL'] = $url_self; 309 319 } 310 320 } … … 312 322 { 313 323 $tpl_comment['EMAIL'] = $email; 314 315 if ($row['validated'] != 'true') 324 325 if ($row['validated'] != 'true') 316 326 { 317 327 $tpl_comment['U_VALIDATE'] = add_url_params( 318 $url_self, 328 $url_self, 319 329 array( 320 330 'action' => 'validate_comment', … … 325 335 } 326 336 } 327 337 328 338 $template->append('comments', $tpl_comment); 329 339 } … … 332 342 // comment form 333 343 $show_add_comment_form = true; 334 if (isset($edit_comment)) 344 if (isset($edit_comment)) 335 345 { 336 346 $show_add_comment_form = false; 337 347 } 338 if (is_a_guest() and !$conf['comments_forall']) 348 if (is_a_guest() and !$conf['comments_forall']) 339 349 { 340 350 $show_add_comment_form = false; 341 351 } 342 352 343 if ($show_add_comment_form) 353 if ($show_add_comment_form) 344 354 { 345 355 $key = get_ephemeral_key(3, $category['id']); 346 347 $template->assign('comment_add', 348 array( 356 357 $tpl_var = array( 349 358 'F_ACTION' => $url_self, 350 359 'KEY' => $key, 351 'CONTENT' => stripslashes(@$_POST['content']),360 'CONTENT' => '', 352 361 'SHOW_AUTHOR' => !is_classic_user(), 353 362 'AUTHOR_MANDATORY' => $conf['comments_author_mandatory'], 354 'AUTHOR' => stripslashes(@$_POST['author']),355 'WEBSITE_URL' => stripslashes(@$_POST['website_url']),363 'AUTHOR' => '', 364 'WEBSITE_URL' => '', 356 365 'SHOW_EMAIL' => !is_classic_user() or empty($user['email']), 357 366 'EMAIL_MANDATORY' => $conf['comments_email_mandatory'], 358 'EMAIL' => stripslashes(@$_POST['email']), 359 ) 360 ); 361 } 362 367 'EMAIL' => '', 368 ); 369 370 if ('reject'==@$comment_action) 371 { 372 foreach (array('content', 'author', 'website_url', 'email') as $k) 373 { 374 $tpl_var[strtoupper($k)] = htmlspecialchars( stripslashes(@$_POST[$k]) ); 375 } 376 } 377 $template->assign('comment_add', $tpl_var); 378 } 379 363 380 // template 364 381 $template->assign(array( 365 'COA_PATH' => COA_PATH, // for css366 'COA_ABSOLUTE_PATH' => dirname(__FILE__) .'/../', // for template382 'COA_PATH' => COA_PATH, 383 'COA_ABSOLUTE_PATH' => realpath(COA_PATH) . '/', 367 384 )); 368 369 $template->set_filename('comments_on_albums', dirname(__FILE__) .'/../template/albums.tpl'); 370 if (isset($pwg_loaded_plugins['rv_tscroller']) AND count($page['navigation_bar']) != 0) 385 386 $template->set_filename('comments_on_albums', realpath(COA_PATH . 'template/albums.tpl')); 387 388 if (isset($pwg_loaded_plugins['rv_tscroller']) and count($page['navigation_bar']) != 0) 371 389 { 372 390 $template->assign('COMMENTS_ON_TOP', true); … … 378 396 } 379 397 } 380 381 ?>
Note: See TracChangeset
for help on using the changeset viewer.