diff options
| -rw-r--r-- | admin/configuration.php | 1 | ||||
| -rw-r--r-- | admin/themes/default/template/configuration.tpl | 7 | ||||
| -rw-r--r-- | include/functions_comment.inc.php | 44 | ||||
| -rw-r--r-- | include/picture_comment.inc.php | 79 | ||||
| -rw-r--r-- | install/config.sql | 1 | ||||
| -rw-r--r-- | install/db/98-database.php | 52 | ||||
| -rw-r--r-- | language/en_UK/admin.lang.php | 1 | ||||
| -rw-r--r-- | language/fr_FR/admin.lang.php | 1 | ||||
| -rw-r--r-- | picture.php | 28 |
9 files changed, 170 insertions, 44 deletions
diff --git a/admin/configuration.php b/admin/configuration.php index c84962e42..2762fb62a 100644 --- a/admin/configuration.php +++ b/admin/configuration.php @@ -63,6 +63,7 @@ $history_checkboxes = array( $comments_checkboxes = array( 'comments_forall', 'comments_validation', + 'comments_update_validation', 'email_admin_on_comment', 'email_admin_on_comment_validation', 'user_can_delete_comment', diff --git a/admin/themes/default/template/configuration.tpl b/admin/themes/default/template/configuration.tpl index e241f220f..a8c2a943f 100644 --- a/admin/themes/default/template/configuration.tpl +++ b/admin/themes/default/template/configuration.tpl @@ -143,6 +143,13 @@ <input type="checkbox" name="comments_validation" {if ($comments.comments_validation)}checked="checked"{/if}> </label> </li> + + <li> + <label> + <span class="property">{'Update Validation'|@translate}</span> + <input type="checkbox" name="comments_update_validation" {if ($comments.comments_update_validation)}checked="checked"{/if}> + </label> + </li> <li> <label> diff --git a/include/functions_comment.inc.php b/include/functions_comment.inc.php index 560a5279b..71aef652d 100644 --- a/include/functions_comment.inc.php +++ b/include/functions_comment.inc.php @@ -263,19 +263,59 @@ function update_user_comment($comment, $post_key) $user_where_clause = ' AND author_id = \''. $GLOBALS['user']['id'].'\''; } + + // should the updated comment must be validated + if (!$conf['comments_update_validation'] or is_admin()) + { + $comment_action='validate'; //one of validate, moderate, reject + } + else + { + $comment_action='moderate'; //one of validate, moderate, reject + } + $query = ' UPDATE '.COMMENTS_TABLE.' SET content = \''.$comment['content'].'\', - validation_date = now() + validated = \''.($comment_action=='validate' ? 'true':'false').'\', + validation_date = '.($comment_action=='validate' ? 'NOW()':'NULL').' WHERE id = '.$comment['comment_id']. $user_where_clause.' ;'; $result = pwg_query($query); - if ($result) { + + // mail admin and ask to validate the comment + if ($result and $conf['email_admin_on_comment_validation'] and 'moderate' == $comment_action) + { + include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php'); + + $comment_url = get_absolute_root_url().'comments.php?comment_id='.$comment['comment_id']; + + $keyargs_content = array + ( + get_l10n_args('Author: %s', stripslashes($GLOBALS['user']['username']) ), + get_l10n_args('Comment: %s', stripslashes($comment['content']) ), + get_l10n_args('', ''), + get_l10n_args('Manage this user comment: %s', $comment_url), + get_l10n_args('', ''), + get_l10n_args('(!) This comment requires validation', ''), + ); + + pwg_mail_notification_admins + ( + get_l10n_args('Comment by %s', stripslashes($GLOBALS['user']['username']) ), + $keyargs_content + ); + } + // just mail admin + else if ($result) + { email_admin('edit', array('author' => $GLOBALS['user']['username'], 'content' => stripslashes($comment['content'])) ); } } + + return $comment_action; } function email_admin($action, $comment) diff --git a/include/picture_comment.inc.php b/include/picture_comment.inc.php index e40a11f09..80f33a27e 100644 --- a/include/picture_comment.inc.php +++ b/include/picture_comment.inc.php @@ -38,52 +38,55 @@ foreach ($related_categories as $category) } } -if ( $page['show_comments'] and isset( $_POST['content'] ) ) +if (!isset($comment_action)) { - if ( is_a_guest() and !$conf['comments_forall'] ) + if ( $page['show_comments'] and isset( $_POST['content'] ) ) { - die ('Session expired'); - } + if ( is_a_guest() and !$conf['comments_forall'] ) + { + die ('Session expired'); + } - $comm = array( - 'author' => trim( @$_POST['author'] ), - 'content' => trim( $_POST['content'] ), - 'image_id' => $page['image_id'], - ); + $comm = array( + 'author' => trim( @$_POST['author'] ), + 'content' => trim( $_POST['content'] ), + 'image_id' => $page['image_id'], + ); - include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); + include_once(PHPWG_ROOT_PATH.'include/functions_comment.inc.php'); - $comment_action = insert_user_comment($comm, @$_POST['key'], $infos ); + $comment_action = insert_user_comment($comm, @$_POST['key'], $infos ); - switch ($comment_action) - { - case 'moderate': - array_push( $infos, l10n('An administrator must authorize your comment before it is visible.') ); - case 'validate': - array_push( $infos, l10n('Your comment has been registered')); - break; - case 'reject': - set_status_header(403); - array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') ); - break; - default: - trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING); - } + switch ($comment_action) + { + case 'moderate': + array_push( $infos, l10n('An administrator must authorize your comment before it is visible.') ); + case 'validate': + array_push( $infos, l10n('Your comment has been registered')); + break; + case 'reject': + set_status_header(403); + array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules') ); + break; + default: + trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING); + } - $template->assign( - ($comment_action=='reject') ? 'errors' : 'infos', - $infos - ); + $template->assign( + ($comment_action=='reject') ? 'errors' : 'infos', + $infos + ); - // allow plugins to notify what's going on - trigger_action( 'user_comment_insertion', - array_merge($comm, array('action'=>$comment_action) ) - ); -} -elseif ( isset($_POST['content']) ) -{ - set_status_header(403); - die('ugly spammer'); + // allow plugins to notify what's going on + trigger_action( 'user_comment_insertion', + array_merge($comm, array('action'=>$comment_action) ) + ); + } + elseif ( isset($_POST['content']) ) + { + set_status_header(403); + die('ugly spammer'); + } } if ($page['show_comments']) diff --git a/install/config.sql b/install/config.sql index dd8c94c67..0741a3a72 100644 --- a/install/config.sql +++ b/install/config.sql @@ -3,6 +3,7 @@ INSERT INTO piwigo_config (param,value,comment) VALUES ('nb_comment_page','10','number of comments to display on each page'); INSERT INTO piwigo_config (param,value,comment) VALUES ('log','true','keep an history of visits on your website'); INSERT INTO piwigo_config (param,value,comment) VALUES ('comments_validation','false','administrators validate users comments before becoming visible'); +INSERT INTO piwigo_config (param,value,comment) VALUES ('comments_update_validation','false','administrators validate users updated comments before becoming visible'); INSERT INTO piwigo_config (param,value,comment) VALUES ('comments_forall','false','even guest not registered can post comments'); INSERT INTO piwigo_config (param,value,comment) VALUES ('user_can_delete_comment','false','administrators can allow user delete their own comments'); INSERT INTO piwigo_config (param,value,comment) VALUES ('user_can_edit_comment','false','administrators can allow user edit their own comments'); diff --git a/install/db/98-database.php b/install/db/98-database.php new file mode 100644 index 000000000..e5bad2267 --- /dev/null +++ b/install/db/98-database.php @@ -0,0 +1,52 @@ +<?php +// +-----------------------------------------------------------------------+ +// | Piwigo - a PHP based photo gallery | +// +-----------------------------------------------------------------------+ +// | Copyright(C) 2008-2011 Piwigo Team http://piwigo.org | +// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | +// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +if (!defined('PHPWG_ROOT_PATH')) +{ + die('Hacking attempt!'); +} + +$upgrade_description = 'add the config parameter comments_update_validation'; + +$query = ' +INSERT INTO '.CONFIG_TABLE.' + ( + param, + value, + comment + ) + VALUES ( + \'comments_update_validation\', + false, + \'administrators validate users updated comments before becoming visible\' + ) +;'; + +pwg_query($query); + +echo +"\n" +. $upgrade_description +."\n" +; +?>
\ No newline at end of file diff --git a/language/en_UK/admin.lang.php b/language/en_UK/admin.lang.php index 1d86a5394..8ba6b2626 100644 --- a/language/en_UK/admin.lang.php +++ b/language/en_UK/admin.lang.php @@ -729,6 +729,7 @@ $lang['user_status_normal'] = "User"; $lang['user_status_webmaster'] = "Webmaster"; $lang['Validate'] = "Validate"; $lang['Validation'] = "Validation"; +$lang['Update Validation'] = "Validation when a comment is modified"; $lang['Version of create_listing_file.php on the remote site and Piwigo must be the same'] = "Versions of create_listing_file.php on the remote site and Piwigo must be the same"; $lang['Version'] = "Version"; $lang['Virtual album added'] = "Virtual album added"; diff --git a/language/fr_FR/admin.lang.php b/language/fr_FR/admin.lang.php index bc7ab447a..51fb5a7c5 100644 --- a/language/fr_FR/admin.lang.php +++ b/language/fr_FR/admin.lang.php @@ -169,6 +169,7 @@ $lang['User comments validation'] = "Validation des commentaires d'utilisateurs" $lang['Users'] = "Utilisateurs"; $lang['Validate'] = "Valider"; $lang['Validation'] = "Validation"; +$lang['Update Validation'] = "Validation quand un commentaire est modifié"; $lang['Version'] = "Version"; $lang['Virtual albums to move'] = 'Albums virtuels à déplacer'; $lang['Virtual album name'] = 'Nom de l\'album virtuel'; diff --git a/picture.php b/picture.php index 5e58bba9a..ba3e144df 100644 --- a/picture.php +++ b/picture.php @@ -189,6 +189,8 @@ function default_picture_content($content, $element_info) // | initialization | // +-----------------------------------------------------------------------+ +$infos = array(); + // caching first_rank, last_rank, current_rank in the displayed // section. This should also help in readability. $page['first_rank'] = 0; @@ -331,7 +333,7 @@ UPDATE '.USER_CACHE_CATEGORIES_TABLE.' { if (!empty($_POST['content'])) { - update_user_comment( + $comment_action = update_user_comment( array( 'comment_id' => $_GET['comment_to_edit'], 'image_id' => $page['image_id'], @@ -340,7 +342,27 @@ UPDATE '.USER_CACHE_CATEGORIES_TABLE.' $_POST['key'] ); - redirect($url_self); + switch ($comment_action) + { + case 'moderate': + array_push($infos, l10n('An administrator must authorize your comment before it is visible.')); + case 'validate': + array_push($infos, l10n('Your comment has been registered')); + break; + case 'reject': + set_status_header(403); + array_push($infos, l10n('Your comment has NOT been registered because it did not pass the validation rules')); + break; + default: + trigger_error('Invalid comment action '.$comment_action, E_USER_WARNING); + } + + $template->assign( + ($comment_action=='reject') ? 'errors' : 'infos', + $infos + ); + + break; } else { @@ -834,8 +856,6 @@ if (isset($picture['current']['comment']) ); } -$infos = array(); - // author if (!empty($picture['current']['author'])) { |