<?php // +-----------------------------------------------------------------------+ // | Piwigo - a PHP based picture gallery | // +-----------------------------------------------------------------------+ // | Copyright(C) 2008 Piwigo Team http://piwigo.org | // | Copyright(C) 2003-2008 PhpWebGallery Team http://phpwebgallery.net | // | Copyright(C) 2002-2003 Pierrick LE GALL http://le-gall.net/pierrick | // +-----------------------------------------------------------------------+ // | This program is free software; you can redistribute it and/or modify | // | it under the terms of the GNU General Public License as published by | // | the Free Software Foundation | // | | // | This program is distributed in the hope that it will be useful, but | // | WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | // | General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to the Free Software | // | Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, | // | USA. | // +-----------------------------------------------------------------------+ if (!defined('PHPWG_ROOT_PATH')) { die ("Hacking attempt!"); } include_once(PHPWG_ROOT_PATH.'admin/include/functions.php'); // +-----------------------------------------------------------------------+ // | Check Access and exit when user status is not ok | // +-----------------------------------------------------------------------+ check_status(ACCESS_ADMINISTRATOR); // +-----------------------------------------------------------------------+ // | initialization | // +-----------------------------------------------------------------------+ if (isset($_GET['start']) and is_numeric($_GET['start'])) { $start = $_GET['start']; } else { $start = 0; } $elements_per_page=10; if (isset($_GET['display']) and is_numeric($_GET['display'])) { $elements_per_page = $_GET['display']; } $order_by_index=0; if (isset($_GET['order_by']) and is_numeric($_GET['order_by'])) { $order_by_index = $_GET['order_by']; } $page['user_filter'] = ''; if (isset($_GET['users'])) { if ($_GET['users'] == 'user') { $page['user_filter'] = ' AND r.user_id <> '.$conf['guest_id']; } elseif ($_GET['users'] == 'guest') { $page['user_filter'] = ' AND r.user_id = '.$conf['guest_id']; } } if (isset($_GET['del']) and !is_adviser()) { $del_params = urldecode( $_GET['del'] ); parse_str($del_params, $vars); if ( !is_numeric($vars['e']) or !is_numeric($vars['u']) ) { die('Hacking attempt'); } $query = ' DELETE FROM '. RATE_TABLE .' WHERE element_id=' . $vars['e'] . ' AND user_id=' . $vars['u'] . ' AND anonymous_id=\'' . $vars['a'] . '\' ;'; pwg_query($query); update_average_rate( $vars['e'] ); } $users = array(); $query = ' SELECT '.$conf['user_fields']['username'].' as username, '.$conf['user_fields']['id'].' as id FROM '.USERS_TABLE.' ;'; $result = pwg_query($query); while ($row = mysql_fetch_array($result)) { $users[$row['id']]=$row['username']; } $query = 'SELECT COUNT(DISTINCT(i.id)) FROM '.RATE_TABLE.' AS r, '.IMAGES_TABLE.' AS i WHERE r.element_id=i.id'. $page['user_filter'] . ';'; list($nb_images) = mysql_fetch_row(pwg_query($query)); // +-----------------------------------------------------------------------+ // | template init | // +-----------------------------------------------------------------------+ $template->set_filename('rating', 'admin/rating.tpl'); $template->assign( array( 'NAVBAR' => create_navigation_bar( PHPWG_ROOT_PATH.'admin.php'.get_query_string_diff(array('start','del')), $nb_images, $start, $elements_per_page ), 'F_ACTION' => PHPWG_ROOT_PATH.'admin.php', 'DISPLAY' => $elements_per_page, 'NB_ELEMENTS' => $nb_images, ) ); $available_order_by= array( array(l10n('Rate date'), 'recently_rated DESC'), array(l10n('Average rate'), 'average_rate DESC'), array(l10n('Number of rates'), 'nb_rates DESC'), array(l10n('Sum of rates'), 'sum_rates DESC'), array(l10n('Controversy'), 'std_rates DESC'), array(l10n('File name'), 'file DESC'), array(l10n('Creation date'), 'date_creation DESC'), array(l10n('Post date'), 'date_available DESC'), ); for ($i=0; $i<count($available_order_by); $i++) { $template->append( 'order_by_options', $available_order_by[$i][0] ); } $template->assign('order_by_options_selected', array($order_by_index) ); $user_options = array( 'all' => l10n('all'), 'user' => l10n('Users'), 'guest' => l10n('Guests'), ); $template->assign('user_options', $user_options ); $template->assign('user_options_selected', array(@$_GET['users']) ); $query = ' SELECT i.id, i.path, i.file, i.tn_ext, i.average_rate, i.storage_category_id, MAX(r.date) AS recently_rated, COUNT(r.rate) AS nb_rates, SUM(r.rate) AS sum_rates, ROUND(STD(r.rate),2) AS std_rates FROM '.RATE_TABLE.' AS r LEFT JOIN '.IMAGES_TABLE.' AS i ON r.element_id = i.id WHERE 1 = 1 ' . $page['user_filter'] . ' GROUP BY r.element_id ORDER BY ' . $available_order_by[$order_by_index][1] .' LIMIT '.$start.','.$elements_per_page.' ;'; $images = array(); $result = pwg_query($query); while ($row = mysql_fetch_assoc($result)) { array_push($images, $row); } $template->assign( 'images', array() ); foreach ($images as $image) { $thumbnail_src = get_thumbnail_url($image); $image_url = PHPWG_ROOT_PATH.'admin.php?page=picture_modify'. '&image_id='.$image['id']; $query = 'SELECT * FROM '.RATE_TABLE.' AS r WHERE r.element_id='.$image['id'] . ' ORDER BY date DESC;'; $result = pwg_query($query); $nb_rates = mysql_num_rows($result); $tpl_image = array( 'U_THUMB' => $thumbnail_src, 'U_URL' => $image_url, 'AVG_RATE' => $image['average_rate'], 'STD_RATE' => $image['std_rates'], 'SUM_RATE' => $image['sum_rates'], 'NB_RATES' => (int)$image['nb_rates'], 'NB_RATES_TOTAL' => (int)$nb_rates, 'FILE' => $image['file'], 'rates' => array() ); while ($row = mysql_fetch_array($result)) { $url_del = PHPWG_ROOT_PATH.'admin.php'. get_query_string_diff(array('del')); $del_param = 'e='.$image['id']. '&u='.$row['user_id']. '&a='.$row['anonymous_id']; $url_del .= '&del='.urlencode(urlencode($del_param)); if ( isset($users[$row['user_id']]) ) { $user = $users[$row['user_id']]; } else { $user = '? '. $row['user_id']; } if ( strlen($row['anonymous_id'])>0 ) { $user .= '('.$row['anonymous_id'].')'; } $tpl_image['rates'][] = array( 'DATE' => format_date($row['date']), 'RATE' => $row['rate'], 'USER' => $user, 'U_DELETE' => $url_del ); } $template->append( 'images', $tpl_image ); } // +-----------------------------------------------------------------------+ // | sending html code | // +-----------------------------------------------------------------------+ $template->assign_var_from_handle('ADMIN_CONTENT', 'rating'); ?>