| [ Index ] |
|
Code source de Plume CMS 1.2.2 |
1 <?php 2 /* -*- tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ 3 /* 4 # ***** BEGIN LICENSE BLOCK ***** 5 # This file is part of Plume CMS, a website management application. 6 # Copyright (C) 2001-2005 Loic d'Anterroches and contributors. 7 # 8 # Plume CMS is free software; you can redistribute it and/or modify 9 # it under the terms of the GNU General Public License as published by 10 # the Free Software Foundation; either version 2 of the License, or 11 # (at your option) any later version. 12 # 13 # Plume CMS is distributed in the hope that it will be useful, 14 # but WITHOUT ANY WARRANTY; without even the implied warranty of 15 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 16 # GNU General Public License for more details. 17 # 18 # You should have received a copy of the GNU General Public License 19 # along with this program; if not, write to the Free Software 20 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA 21 # 22 # ***** END LICENSE BLOCK ***** */ 23 24 require_once dirname(__FILE__).'/../extinc/class.recordset.php'; 25 26 define('PX_COMMENT_TYPE_INTERN', -1); 27 define('PX_COMMENT_TYPE_NORMAL', 1); 28 define('PX_COMMENT_TYPE_TRACKBACK', 2); 29 30 define('PX_RESOURCE_STATUS_JUNK', 6); 31 32 /** 33 * Constants used for the status of the comments: 34 * 35 * define('PX_RESOURCE_STATUS_VALIDE', 1); 36 * define('PX_RESOURCE_STATUS_OFFLINE', 2); 37 * define('PX_RESOURCE_STATUS_TOBEVALIDATED', 5); 38 * 39 * Defined in class.resource.php 40 */ 41 42 class Comment extends RecordSet 43 { 44 var $con = null; 45 46 /** 47 * Constructor. 48 */ 49 function Comment($data='') 50 { 51 parent::RecordSet($data); 52 } 53 54 /** 55 * Load the Comment 56 * 57 * @param int Comment id ('') 58 * @return bool Success 59 */ 60 function load($id='') 61 { 62 if (empty($id)) { 63 $id = $this->f('comment_id'); 64 } 65 if (!empty($id)) { 66 $sql = SQL::getCommentById($id, $this->f('resource_id')); 67 $this->getConnection(); 68 if (($rs = $this->con->select($sql)) !== false) { 69 parent::RecordSet($rs->getData()); 70 } else { 71 $this->setError('MySQL: '.$this->con->error(), 500); 72 return false; 73 } 74 } else { 75 return false; 76 } 77 return true; 78 } 79 80 81 /** 82 * Set the data of a comment. 83 * 84 * @param string Author name 85 * @param string Author email 86 * @param string Author website 87 * @param string Content 88 * @param int Resource id 89 * @param string IP address 90 * @param int Status (PX_RESOURCE_STATUS_VALIDE) 91 * @param int Type of comment (PX_COMMENT_TYPE_NORMAL) 92 * @param int User id ('') 93 * @return bool Success 94 */ 95 function set($author, $email, $website, $content, $resource_id, $ip, 96 $status=PX_RESOURCE_STATUS_VALIDE, 97 $type=PX_COMMENT_TYPE_NORMAL, $user_id='') 98 { 99 $this->setField('comment_author', $author); 100 $this->setField('comment_email', $email); 101 $this->setField('comment_website', $website); 102 $this->setField('comment_content', $content); 103 $this->setField('resource_id', $resource_id); 104 $this->setField('comment_status', $status); 105 $this->setField('comment_type', $type); 106 $this->setField('comment_ip', $ip); 107 $this->setField('comment_user_id', $user_id); 108 if ($this->f('comment_id') == '') { 109 $this->setField('comment_creation', date::stamp()); 110 } 111 $this->setField('comment_update', date::stamp()); 112 return true; 113 } 114 115 /** 116 * Check the integrity of the comment. 117 * 118 * The error is set if error found. 119 * 120 * @return bool Success 121 */ 122 function check() 123 { 124 if (strlen($this->f('comment_author')) == 0) { 125 $this->setError(__('You need to provide your name.'), 400); 126 } 127 if (false == Validate::checkEmail($this->f('comment_email'))) { 128 $this->setError(__('You need to provide a valid email address.'), 400); 129 } 130 if (strlen($this->f('comment_website')) > 0 && 131 !eregi('^http:\/\/', $this->f('comment_website'))) { 132 $this->setError(__('The website address must start with http://.'), 400); 133 } 134 if (strlen($this->f('comment_content')) == 0) { 135 $this->setError(__('Empty comments are not comments.'), 400); 136 } 137 138 Hook::run('onCheckComment', array('ct' => &$this)); 139 140 if (false !== $this->error()) { 141 return false; 142 } 143 return true; 144 } 145 146 147 /** 148 * Method to get the content of a comment. 149 * 150 * For the moment, replace line breaks with <br /> 151 * 152 * @param string Format of the output 'textarea' or ('safe') 153 * @return string Safe content of the comment. 154 */ 155 function getContent($format='safe') 156 { 157 if ($format == 'safe') { 158 return nl2br(htmlspecialchars($this->f('comment_content'))); 159 } else { 160 return htmlspecialchars($this->f('comment_content')); 161 } 162 163 } 164 165 /* ===================================================================== * 166 * * 167 * Methods for rendering the pages. * 168 * * 169 * Note: All standalone methods. * 170 * ===================================================================== */ 171 172 /** 173 * Action to display/update a comment. 174 * 175 * @param string Server query string 176 * @return int Success code 177 */ 178 function action($query) 179 { 180 Hook::register('onInitTemplate', 'Comment', 'hookOnInitTemplate'); 181 $l10n = new l10n(config::f('lang')); 182 // Easy access 183 $GLOBALS['_PX_render']['last'] = ''; 184 $last =& $GLOBALS['_PX_render']['last']; 185 $GLOBALS['_PX_render']['website'] = ''; 186 $website =& $GLOBALS['_PX_render']['website']; 187 $GLOBALS['_PX_render']['res'] = ''; 188 $res =& $GLOBALS['_PX_render']['res']; 189 $GLOBALS['_PX_render']['ct'] = ''; 190 $ct =& $GLOBALS['_PX_render']['ct']; 191 192 // Parse query string to find the matching resource 193 $id = Comment::parseQueryString($query); 194 if ($id == 0) { 195 return 404; 196 } 197 // Find if the resource exists 198 $con =& pxDBConnect(); 199 $sql = SQL::getResourceByIdentifier($id, '', config::f('website_id')); 200 if (($res = $con->select($sql, 'ResourceSet')) !== false) { 201 if ($res->isEmpty()) { 202 return 404; 203 } 204 } else { 205 $GLOBALS['_PX_render']['error']->setError('MySQL: ' 206 .$con->error(), 500); 207 return 404; 208 } 209 // Load the matching comments if GET, add a comment if POST 210 // If comment does not exists, returns error code 211 // Will be catched up by the 404 at the end 212 $GLOBALS['_PX_render']['res_id'] = $res->f('resource_id'); 213 if ($_SERVER["REQUEST_METHOD"] == 'POST') { 214 include_once dirname(__FILE__).'/lib.form.php'; 215 $author = form::getPostField('c_author'); 216 $email = form::getPostField('c_email'); 217 $website = form::getPostField('c_website'); 218 $content = form::getPostField('c_content'); 219 $preview = form::getPostField('c_preview'); 220 $redirect = form::getPostField('redirect'); 221 $ct = new Comment(); 222 $ct->set($author, $email, $website, $content, $id, 223 $_SERVER["REMOTE_ADDR"], 224 config::f('comment_default_status')); 225 if (strlen($redirect) > 5) { 226 $GLOBALS['_PX_redirect'] = $redirect; 227 $GLOBALS['_PX_render']['ct_redirect'] = $redirect; 228 } else { 229 $GLOBALS['_PX_redirect'] = $res->getPath('fullurl'); 230 } 231 if ($preview) { 232 $ct->check(); 233 } elseif ($ct->check()) { 234 if ((config::f('comment_support') == 1) 235 or (config::f('comment_support') == 2 && 236 $res->f('comment_support') == 1)) { 237 Hook::run('onNewPublicCommentBeforeSave', 238 array('ct' => &$ct, 'res' => &$res)); 239 $ct->commit(); 240 Hook::run('onNewPublicCommentAfterSave', 241 array('ct' => &$ct, 'res' => &$res)); 242 } 243 return 301; 244 } 245 header(FrontEnd::getHeader('comments_post.php')); 246 // Load the template 247 include config::f('manager_path').'/templates/' 248 .config::f('theme_id').'/comments_post.php'; 249 return 200; 250 } else { 251 header(FrontEnd::getHeader('comments_list.php')); 252 // Load the template 253 include config::f('manager_path').'/templates/' 254 .config::f('theme_id').'/comments_list.php'; 255 return 200; 256 } 257 } 258 259 /** 260 * Hook on the initialization of the templates. 261 * 262 * @param string Name of the calling hook 263 * @param array Default parameters (not used) 264 * @return bool Success 265 */ 266 function hookOnInitTemplate($hook, $param) 267 { 268 if (config::f('action') == 'Comment') { 269 $GLOBALS['_PX_render']['website'] = FrontEnd::getWebsite(); 270 } 271 return true; 272 } 273 274 /** 275 * Parse query string. 276 * 277 * @param string Query string 278 * @return int Resource id 279 */ 280 function parseQueryString($query) 281 { 282 $id = 0; 283 if (preg_match('#^/comments/(\d+)/*$#i', $query, $match)) { 284 $id = (int) $match[1]; 285 } 286 return $id; 287 } 288 289 290 /* ===================================================================== * 291 * * 292 * Methods modifying data in the database. * 293 * * 294 * ===================================================================== */ 295 296 /** 297 * Save the data into the database. 298 * 299 * @return bool Success 300 */ 301 function commit() 302 { 303 $this->getConnection(); 304 $update = (0 < (int) $this->f('comment_id')) ? true : false; 305 306 if ($update) { 307 $req = 'UPDATE '.$this->con->pfx.'comments SET 308 resource_id = \''.$this->con->esc($this->f('resource_id')).'\', 309 comment_user_id = \''.$this->con->esc($this->f('comment_user_id')).'\', 310 comment_author = \''.$this->con->esc($this->f('comment_author')).'\', 311 comment_email = \''.$this->con->esc($this->f('comment_email')).'\', 312 comment_website = \''.$this->con->esc($this->f('comment_website')).'\', 313 comment_creation = \''.$this->con->esc($this->f('comment_creation')).'\', 314 comment_update = \''.$this->con->esc($this->f('comment_update')).'\', 315 comment_status = \''.$this->con->esc($this->f('comment_status')).'\', 316 comment_type = \''.$this->con->esc($this->f('comment_type')).'\', 317 comment_content = \''.$this->con->esc($this->f('comment_content')).'\', 318 comment_ip = \''.$this->con->esc($this->f('comment_ip')).'\' 319 WHERE 320 comment_id = \''.$this->con->esc($this->f('comment_id')).'\''; 321 } else { 322 $req = 'INSERT INTO '.$this->con->pfx.'comments SET 323 resource_id = \''.$this->con->esc($this->f('resource_id')).'\', 324 comment_user_id = \''.$this->con->esc($this->f('comment_user_id')).'\', 325 comment_author = \''.$this->con->esc($this->f('comment_author')).'\', 326 comment_email = \''.$this->con->esc($this->f('comment_email')).'\', 327 comment_website = \''.$this->con->esc($this->f('comment_website')).'\', 328 comment_creation = \''.$this->con->esc($this->f('comment_creation')).'\', 329 comment_update = \''.$this->con->esc($this->f('comment_update')).'\', 330 comment_status = \''.$this->con->esc($this->f('comment_status')).'\', 331 comment_type = \''.$this->con->esc($this->f('comment_type')).'\', 332 comment_content = \''.$this->con->esc($this->f('comment_content')).'\', 333 comment_ip = \''.$this->con->esc($this->f('comment_ip')).'\''; 334 } 335 if (!$this->con->execute($req)) { 336 $this->setError('MySQL: '.$this->con->error(), 500); 337 return false; 338 } 339 if (!$update) { 340 if (false == ($id = $this->con->getLastID())) { 341 $this->setError('MySQL: '.$this->con->error(), 500); 342 return false; 343 } 344 $this->setField('comment_id', $id); 345 } 346 include_once dirname(__FILE__).'/class.manager.php'; 347 Manager::triggerMassUpdate(); 348 return true; 349 } 350 351 /** 352 * Remove a comment from the database. 353 * 354 * This a hard remove. 355 * 356 * @return bool Success. 357 */ 358 function remove() 359 { 360 $this->getConnection(); 361 $req = 'DELETE FROM '.$this->con->pfx.'comments WHERE ' 362 .'comment_id=\''.$this->con->esc($this->f('comment_id')).'\''; 363 if (!$this->con->execute($req)) { 364 $this->setError('MySQL: '.$this->con->error(), 500); 365 return false; 366 } 367 $this->setField('comment_id', ''); 368 return true; 369 } 370 371 /** 372 * Get a Connection object for the comment. 373 * It reuses the main connexion object. After calling this method 374 * a Connection object is available as $this->con 375 * It is safe to call it many times. 376 */ 377 function getConnection() 378 { 379 if ($this->con === null) $this->con =& pxDBConnect(); 380 } 381 382 } 383 384 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Mon Nov 26 11:57:01 2007 | par Balluche grâce à PHPXref 0.7 |
|
|