<?php // +-----------------------------------------------------------------------+ // | Piwigo - a PHP based picture gallery | // +-----------------------------------------------------------------------+ // | Copyright(C) 2008 Piwigo Team http://piwigo.org | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | // | the Free Software Foundation | // | | // | This program is distributed in the hope that it will be useful, but | // | WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | // | General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ if (!defined('PHPWG_ROOT_PATH')) { die ("Hacking attempt!"); } include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); include_once(PHPWG_ROOT_PATH.'admin/include/functions_waiting.inc.php'); // +-----------------------------------------------------------------------+ // | Check Access and exit when user status is not ok | // +-----------------------------------------------------------------------+ check_status(ACCESS_ADMINISTRATOR); // +-----------------------------------------------------------------------+ // | actions | // +-----------------------------------------------------------------------+ if (isset($_POST)) { $to_validate = array(); $to_reject = array(); if (isset($_POST['submit']) and !is_adviser()) { foreach (explode(',', $_POST['list']) as $comment_id) { if (isset($_POST['action-'.$comment_id])) { switch ($_POST['action-'.$comment_id]) { case 'reject' : { array_push($to_reject, $comment_id); break; } case 'validate' : { array_push($to_validate, $comment_id); break; } } } } } else if (isset($_POST['validate-all']) and !empty($_POST['list']) and !is_adviser()) { $to_validate = explode(',', $_POST['list']); } else if (isset($_POST['reject-all']) and !empty($_POST['list']) and !is_adviser()) { $to_reject = explode(',', $_POST['list']); } if (count($to_validate) > 0) { $query = ' UPDATE '.COMMENTS_TABLE.' SET validated = \'true\' , validation_date = NOW() WHERE id IN ('.implode(',', $to_validate).') ;'; pwg_query($query); array_push( $page['infos'], l10n_dec( '%d user comment validated', '%d user comments validated', count($to_validate) ) ); } if (count($to_reject) > 0) { $query = ' DELETE FROM '.COMMENTS_TABLE.' WHERE id IN ('.implode(',', $to_reject).') ;'; pwg_query($query); array_push( $page['infos'], l10n_dec( '%d user comment rejected', '%d user comments rejected', count($to_reject) ) ); } } // +-----------------------------------------------------------------------+ // | template init | // +-----------------------------------------------------------------------+ $template->set_filenames(array('comments'=>'admin/comments.tpl')); // TabSheet initialization waiting_tabsheet(); $template->assign( array( 'F_ACTION' => get_root_url().'admin.php?page=comments' ) ); // +-----------------------------------------------------------------------+ // | comments display | // +-----------------------------------------------------------------------+ $list = array(); $query = ' SELECT c.id, c.image_id, c.date, c.author, c.content, i.path, i.tn_ext FROM '.COMMENTS_TABLE.' AS c INNER JOIN '.IMAGES_TABLE.' AS i ON i.id = c.image_id WHERE validated = \'false\' ORDER BY c.date DESC ;'; $result = pwg_query($query); while ($row = mysql_fetch_assoc($result)) { $thumb = get_thumbnail_url( array( 'id'=>$row['image_id'], 'path'=>$row['path'], 'tn_ext'=>@$row['tn_ext'] ) ); $template->append( 'comments', array( 'U_PICTURE' => PHPWG_ROOT_PATH.'admin.php?page=picture_modify'. '&image_id='.$row['image_id'], 'ID' => $row['id'], 'TN_SRC' => $thumb, 'AUTHOR' => trigger_event('render_comment_author', $row['author']), 'DATE' => format_date($row['date'],'mysql_datetime',true), 'CONTENT' => trigger_event('render_comment_content',$row['content']) ) ); array_push($list, $row['id']); } $template->assign('LIST', implode(',', $list) ); // +-----------------------------------------------------------------------+ // | sending html code | // +-----------------------------------------------------------------------+ $template->assign_var_from_handle('ADMIN_CONTENT', 'comments'); ?>