diff options
Diffstat (limited to 'BSF/comments.php')
-rw-r--r-- | BSF/comments.php | 394 |
1 files changed, 394 insertions, 0 deletions
diff --git a/BSF/comments.php b/BSF/comments.php new file mode 100644 index 000000000..555986328 --- /dev/null +++ b/BSF/comments.php @@ -0,0 +1,394 @@ +<?php +// +-----------------------------------------------------------------------+ +// | Piwigo - a PHP based picture gallery | +// +-----------------------------------------------------------------------+ +// | Copyright(C) 2008 Piwigo Team http://piwigo.org | +// | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | +// | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | +// +-----------------------------------------------------------------------+ +// | This program is free software; you can redistribute it and/or modify | +// | it under the terms of the GNU General Public License as published by | +// | the Free Software Foundation | +// | | +// | This program is distributed in the hope that it will be useful, but | +// | WITHOUT ANY WARRANTY; without even the implied warranty of | +// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | +// | General Public License for more details. | +// | | +// | You should have received a copy of the GNU General Public License | +// | along with this program; if not, write to the Free Software | +// | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | +// | USA. | +// +-----------------------------------------------------------------------+ + +// +-----------------------------------------------------------------------+ +// | initialization | +// +-----------------------------------------------------------------------+ +define('PHPWG_ROOT_PATH','./'); +include_once(PHPWG_ROOT_PATH.'include/common.inc.php'); + +// +-----------------------------------------------------------------------+ +// | Check Access and exit when user status is not ok | +// +-----------------------------------------------------------------------+ +check_status(ACCESS_GUEST); + +$sort_order = array( + 'DESC' => l10n('descending'), + 'ASC' => l10n('ascending') + ); + +// sort_by : database fields proposed for sorting comments list +$sort_by = array( + 'date' => l10n('comment date'), + 'image_id' => l10n('picture') + ); + +// items_number : list of number of items to display per page +$items_number = array(5,10,20,50,'all'); + +// since when display comments ? +// +$since_options = array( + 1 => array('label' => l10n('today'), + 'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 1 DAY)'), + 2 => array('label' => sprintf(l10n('last %d days'), 7), + 'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 7 DAY)'), + 3 => array('label' => sprintf(l10n('last %d days'), 30), + 'clause' => 'date > SUBDATE(CURDATE(), INTERVAL 30 DAY)'), + 4 => array('label' => l10n('the beginning'), + 'clause' => '1=1') // stupid but generic + ); + +$page['since'] = isset($_GET['since']) ? $_GET['since'] : 4; + +// on which field sorting +// +$page['sort_by'] = 'date'; +// if the form was submitted, it overloads default behaviour +if (isset($_GET['sort_by'])) +{ + $page['sort_by'] = $_GET['sort_by']; +} + +// order to sort +// +$page['sort_order'] = 'DESC'; +// if the form was submitted, it overloads default behaviour +if (isset($_GET['sort_order'])) +{ + $page['sort_order'] = $_GET['sort_order']; +} + +// number of items to display +// +$page['items_number'] = 10; +if (isset($_GET['items_number'])) +{ + $page['items_number'] = $_GET['items_number']; +} + +$page['where_clauses'] = array(); + +// which category to filter on ? +if (isset($_GET['cat']) and 0 != $_GET['cat']) +{ + $page['where_clauses'][] = + 'category_id IN ('.implode(',', get_subcat_ids(array($_GET['cat']))).')'; +} + +// search a particular author +if (isset($_GET['author']) and !empty($_GET['author'])) +{ + $page['where_clauses'][] = 'com.author = \''.$_GET['author'].'\''; +} + +// search a substring among comments content +if (isset($_GET['keyword']) and !empty($_GET['keyword'])) +{ + $page['where_clauses'][] = + '('. + implode(' AND ', + array_map( + create_function( + '$s', + 'return "content LIKE \'%$s%\'";' + ), + preg_split('/[\s,;]+/', $_GET['keyword'] ) + ) + ). + ')'; +} + +$page['where_clauses'][] = $since_options[$page['since']]['clause']; + +// which status to filter on ? +if ( !is_admin() ) +{ + $page['where_clauses'][] = 'validated="true"'; +} + +$page['where_clauses'][] = get_sql_condition_FandF + ( + array + ( + 'forbidden_categories' => 'category_id', + 'visible_categories' => 'category_id', + 'visible_images' => 'ic.image_id' + ), + '', true + ); + +// +-----------------------------------------------------------------------+ +// | comments management | +// +-----------------------------------------------------------------------+ +if (isset($_GET['delete']) and is_numeric($_GET['delete']) + and !is_adviser() ) +{// comments deletion + check_status(ACCESS_ADMINISTRATOR); + $query = ' +DELETE FROM '.COMMENTS_TABLE.' + WHERE id='.$_GET['delete'].' +;'; + pwg_query($query); +} + +if (isset($_GET['validate']) and is_numeric($_GET['validate']) + and !is_adviser() ) +{ // comments validation + check_status(ACCESS_ADMINISTRATOR); + $query = ' +UPDATE '.COMMENTS_TABLE.' + SET validated = \'true\' + , validation_date = NOW() + WHERE id='.$_GET['validate'].' +;'; + pwg_query($query); +} + +// +-----------------------------------------------------------------------+ +// | page header and options | +// +-----------------------------------------------------------------------+ + +$title= l10n('User comments'); +$page['body_id'] = 'theCommentsPage'; + +$template->set_filenames(array('comments'=>'comments.tpl')); +$template->assign( + array( + 'F_ACTION'=>PHPWG_ROOT_PATH.'comments.php', + 'F_KEYWORD'=>@htmlspecialchars(stripslashes($_GET['keyword'])), + 'F_AUTHOR'=>@htmlspecialchars(stripslashes($_GET['author'])), + ) + ); + +// +-----------------------------------------------------------------------+ +// | form construction | +// +-----------------------------------------------------------------------+ + +// Search in a particular category +$blockname = 'categories'; + +$query = ' +SELECT id, name, uppercats, global_rank + FROM '.CATEGORIES_TABLE.' +'.get_sql_condition_FandF + ( + array + ( + 'forbidden_categories' => 'id', + 'visible_categories' => 'id' + ), + 'WHERE' + ).' +;'; +display_select_cat_wrapper($query, array(@$_GET['cat']), $blockname, true); + +// Filter on recent comments... +$tpl_var=array(); +foreach ($since_options as $id => $option) +{ + $tpl_var[ $id ] = $option['label']; +} +$template->assign( 'since_options', $tpl_var); +$template->assign( 'since_options_selected', $page['since']); + +// Sort by +$template->assign( 'sort_by_options', $sort_by); +$template->assign( 'sort_by_options_selected', $page['sort_by']); + +// Sorting order +$template->assign( 'sort_order_options', $sort_order); +$template->assign( 'sort_order_options_selected', $page['sort_order']); + + +// Number of items +$blockname = 'items_number_option'; +$tpl_var=array(); +foreach ($items_number as $option) +{ + $tpl_var[ $option ] = is_numeric($option) ? $option : l10n($option); +} +$template->assign( 'item_number_options', $tpl_var); +$template->assign( 'item_number_options_selected', $page['items_number']); + + +// +-----------------------------------------------------------------------+ +// | navigation bar | +// +-----------------------------------------------------------------------+ + +if (isset($_GET['start']) and is_numeric($_GET['start'])) +{ + $start = $_GET['start']; +} +else +{ + $start = 0; +} + +$query = ' +SELECT COUNT(DISTINCT(id)) + FROM '.IMAGE_CATEGORY_TABLE.' AS ic + INNER JOIN '.COMMENTS_TABLE.' AS com + ON ic.image_id = com.image_id + WHERE '.implode(' + AND ', $page['where_clauses']).' +;'; +list($counter) = mysql_fetch_row(pwg_query($query)); + +$url = PHPWG_ROOT_PATH + .'comments.php' + .get_query_string_diff(array('start','delete','validate')); + +$navbar = create_navigation_bar($url, + $counter, + $start, + $page['items_number'], + ''); + +$template->assign('NAVBAR', $navbar); + +// +-----------------------------------------------------------------------+ +// | last comments display | +// +-----------------------------------------------------------------------+ + +$comments = array(); +$element_ids = array(); +$category_ids = array(); + +$query = ' +SELECT com.id AS comment_id + , com.image_id + , ic.category_id + , com.author + , com.date + , com.content + , com.id AS comment_id + , com.validated + FROM '.IMAGE_CATEGORY_TABLE.' AS ic + INNER JOIN '.COMMENTS_TABLE.' AS com + ON ic.image_id = com.image_id + WHERE '.implode(' + AND ', $page['where_clauses']).' + GROUP BY comment_id + ORDER BY '.$page['sort_by'].' '.$page['sort_order']; +if ('all' != $page['items_number']) +{ + $query.= ' + LIMIT '.$start.','.$page['items_number']; +} +$query.= ' +;'; +$result = pwg_query($query); +while ($row = mysql_fetch_assoc($result)) +{ + array_push($comments, $row); + array_push($element_ids, $row['image_id']); + array_push($category_ids, $row['category_id']); +} + +if (count($comments) > 0) +{ + // retrieving element informations + $elements = array(); + $query = ' +SELECT id, name, file, path, tn_ext + FROM '.IMAGES_TABLE.' + WHERE id IN ('.implode(',', $element_ids).') +;'; + $result = pwg_query($query); + while ($row = mysql_fetch_assoc($result)) + { + $elements[$row['id']] = $row; + } + + // retrieving category informations + $query = ' +SELECT id, name, permalink, uppercats + FROM '.CATEGORIES_TABLE.' + WHERE id IN ('.implode(',', $category_ids).') +;'; + $categories = hash_from_query($query, 'id'); + + foreach ($comments as $comment) + { + if (!empty($elements[$comment['image_id']]['name'])) + { + $name=$elements[$comment['image_id']]['name']; + } + else + { + $name=get_name_from_file($elements[$comment['image_id']]['file']); + } + + // source of the thumbnail picture + $thumbnail_src = get_thumbnail_url( $elements[$comment['image_id']] ); + + // link to the full size picture + $url = make_picture_url( + array( + 'category' => $categories[ $comment['category_id'] ], + 'image_id' => $comment['image_id'], + 'image_file' => $elements[$comment['image_id']]['file'], + ) + ); + + $author = $comment['author']; + if (empty($comment['author'])) + { + $author = l10n('guest'); + } + + $tpl_comment = + array( + 'U_PICTURE' => $url, + 'TN_SRC' => $thumbnail_src, + 'ALT' => $name, + 'AUTHOR' => trigger_event('render_comment_author', $author), + 'DATE'=>format_date($comment['date'],'mysql_datetime',true), + 'CONTENT'=>trigger_event('render_comment_content',$comment['content']), + ); + + if ( is_admin() ) + { + $url = get_root_url().'comments.php'.get_query_string_diff(array('delete','validate')); + $tpl_comment['U_DELETE'] = add_url_params($url, + array('delete'=>$comment['comment_id']) + ); + + if ($comment['validated'] != 'true') + { + $tpl_comment['U_VALIDATE'] = add_url_params($url, + array('validate'=>$comment['comment_id']) + ); + } + } + $template->append('comments', $tpl_comment); + } +} +// +-----------------------------------------------------------------------+ +// | html code display | +// +-----------------------------------------------------------------------+ +include(PHPWG_ROOT_PATH.'include/page_header.php'); +$template->pparse('comments'); +include(PHPWG_ROOT_PATH.'include/page_tail.php'); +?>
\ No newline at end of file |