class.dc.blog.php @ 970:047d7b4a6ffd

Visit:

Revision 970:047d7b4a6ffd, 55.4 KB checked in by franck <carnet.franck.paul@…>, 13 years ago (diff)
Notes' title can be now enclosed in h4 (default), h3 or p HTML tag. Fixes #1246

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[270]	6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
[0]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12	if (!defined('DC_RC_PATH')) { return; }
	13
	14	/**
	15	@ingroup DC_CORE
	16	@nosubgrouping
	17	@brief Dotclear blog class.
	18
	19	Dotclear blog class instance is provided by dcCore $blog property.
	20	*/
	21	class dcBlog
	22	{
[337]	23	/** @var dcCore dcCore instance */
	24	protected $core;
	25	/** @var connection Database connection object */
	26	public $con;
	27	/** @var string Database table prefix */
	28	public $prefix;
[0]	29
[337]	30	/** @var string Blog ID */
	31	public $id;
	32	/** @var string Blog unique ID */
	33	public $uid;
	34	/** @var string Blog name */
	35	public $name;
	36	/** @var string Blog description */
	37	public $desc;
	38	/** @var string Blog URL */
	39	public $url;
	40	/** @var string Blog host */
	41	public $host;
	42	/** @var string Blog creation date */
	43	public $creadt;
	44	/** @var string Blog last update date */
	45	public $upddt;
	46	/** @var string Blog status */
	47	public $status;
[0]	48
[337]	49	/** @var dcSettings dcSettings object */
	50	public $settings;
	51	/** @var string Blog theme path */
	52	public $themes_path;
	53	/** @var string Blog public path */
	54	public $public_path;
[0]	55
	56	private $post_status = array();
	57	private $comment_status = array();
	58
	59	private $categories;
	60
[337]	61	/** @var boolean Disallow entries password protection */
	62	public $without_password = true;
[0]	63
	64	/**
	65	Inits dcBlog object
	66
	67	@param core <b>dcCore</b> Dotclear core reference
	68	@param id <b>string</b> Blog ID
	69	*/
	70	public function __construct($core, $id)
	71	{
	72	$this->con =& $core->con;
	73	$this->prefix = $core->prefix;
	74	$this->core =& $core;
	75
	76	if (($b = $this->core->getBlog($id)) !== false)
	77	{
	78	$this->id = $id;
	79	$this->uid = $b->blog_uid;
	80	$this->name = $b->blog_name;
	81	$this->desc = $b->blog_desc;
	82	$this->url = $b->blog_url;
	83	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
	84	$this->creadt = strtotime($b->blog_creadt);
	85	$this->upddt = strtotime($b->blog_upddt);
	86	$this->status = $b->blog_status;
	87
	88	$this->settings = new dcSettings($this->core,$this->id);
	89
	90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
	91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
	92
	93	$this->post_status['-2'] = __('pending');
	94	$this->post_status['-1'] = __('scheduled');
	95	$this->post_status['0'] = __('unpublished');
	96	$this->post_status['1'] = __('published');
	97
	98	$this->comment_status['-2'] = __('junk');
	99	$this->comment_status['-1'] = __('pending');
	100	$this->comment_status['0'] = __('unpublished');
	101	$this->comment_status['1'] = __('published');
	102
	103	# --BEHAVIOR-- coreBlogConstruct
	104	$this->core->callBehavior('coreBlogConstruct',$this);
	105	}
	106	}
	107
	108	/// @name Common public methods
	109	//@{
	110	/**
	111	Returns blog URL ending with a question mark.
	112	*/
	113	public function getQmarkURL()
	114	{
	115	if (substr($this->url,-1) != '?') {
	116	return $this->url.'?';
	117	}
	118
	119	return $this->url;
	120	}
	121
	122	/**
	123	Returns an entry status name given to a code. Status are translated, never
	124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
	125
	126	@param s <b>integer</b> Status code
	127	@return <b>string</b> Blog status name
	128	*/
	129	public function getPostStatus($s)
	130	{
	131	if (isset($this->post_status[$s])) {
	132	return $this->post_status[$s];
	133	}
	134	return $this->post_status['0'];
	135	}
	136
	137	/**
	138	Returns an array of available entry status codes and names.
	139
	140	@return <b>array</b> Simple array with codes in keys and names in value
	141	*/
	142	public function getAllPostStatus()
	143	{
	144	return $this->post_status;
	145	}
	146
	147	/**
	148	Returns an array of available comment status codes and names.
	149
	150	@return <b>array</b> Simple array with codes in keys and names in value
	151	*/
	152	public function getAllCommentStatus()
	153	{
	154	return $this->comment_status;
	155	}
	156
	157	/**
	158	Disallows entries password protection. You need to set it to
	159	<var>false</var> while serving a public blog.
	160
	161	@param v <b>boolean</b>
	162	*/
	163	public function withoutPassword($v)
	164	{
	165	$this->without_password = (boolean) $v;
	166	}
	167	//@}
	168
	169	/// @name Triggers methods
	170	//@{
	171	/**
	172	Updates blog last update date. Should be called every time you change
	173	an element related to the blog.
	174	*/
	175	public function triggerBlog()
	176	{
	177	$cur = $this->con->openCursor($this->prefix.'blog');
	178
	179	$cur->blog_upddt = date('Y-m-d H:i:s');
	180
	181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
	182
	183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
	184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
	185	}
	186
	187	/**
	188	Updates comment and trackback counters in post table. Should be called
	189	every time a comment or trackback is added, removed or changed its status.
	190
	191	@param id <b>integer</b> Comment ID
	192	@param del <b>boolean</b> If comment is delete, set this to true
	193	*/
	194	public function triggerComment($id,$del=false)
	195	{
	196	$id = (integer) $id;
	197
	198	$strReq = 'SELECT post_id, comment_trackback '.
	199	'FROM '.$this->prefix.'comment '.
	200	'WHERE comment_id = '.$id.' ';
	201
	202	$rs = $this->con->select($strReq);
	203
	204	$post_id = $rs->post_id;
	205	$tb = (boolean) $rs->comment_trackback;
	206
	207	$strReq = 'SELECT COUNT(post_id) '.
	208	'FROM '.$this->prefix.'comment '.
	209	'WHERE post_id = '.(integer) $post_id.' '.
	210	'AND comment_trackback = '.(integer) $tb.' '.
	211	'AND comment_status = 1 ';
	212
	213	if ($del) {
	214	$strReq .= 'AND comment_id <> '.$id.' ';
	215	}
	216
	217	$rs = $this->con->select($strReq);
	218
	219	$cur = $this->con->openCursor($this->prefix.'post');
	220
	221	if ($rs->isEmpty()) {
	222	return;
	223	}
	224
	225	if ($tb) {
	226	$cur->nb_trackback = (integer) $rs->f(0);
	227	} else {
	228	$cur->nb_comment = (integer) $rs->f(0);
	229	}
	230
	231	$cur->update('WHERE post_id = '.(integer) $post_id);
	232	}
	233	//@}
	234
	235	/// @name Categories management methods
	236	//@{
	237	public function categories()
	238	{
	239	if (!($this->categories instanceof dcCategories)) {
	240	$this->categories = new dcCategories($this->core);
	241	}
	242
	243	return $this->categories;
	244	}
	245
	246	/**
	247	Retrieves categories. <var>$params</var> is an associative array which can
	248	take the following parameters:
	249
	250	- post_type: Get only entries with given type (default "post")
	251	- cat_url: filter on cat_url field
	252	- cat_id: filter on cat_id field
	253	- start: start with a given category
	254	- level: categories level to retrieve
	255
	256	@param params <b>array</b> Parameters
	257	@return <b>record</b>
	258	*/
	259	public function getCategories($params=array())
	260	{
	261	$c_params = array();
	262	if (isset($params['post_type'])) {
	263	$c_params['post_type'] = $params['post_type'];
	264	unset($params['post_type']);
	265	}
	266	$counter = $this->getCategoriesCounter($c_params);
	267
	268	$without_empty = $this->core->auth->userID() == false; # For public display
	269
	270	$start = isset($params['start']) ? (integer) $params['start'] : 0;
	271	$l = isset($params['level']) ? (integer) $params['level'] : 0;
	272
	273	$rs = $this->categories()->getChildren($start,null,'desc');
	274
	275	# Get each categories total posts count
	276	$data = array();
	277	$stack = array();
	278	$level = 0;
	279	$cols = $rs->columns();
	280	while ($rs->fetch())
	281	{
	282	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
	283
	284	if ($rs->level > $level) {
	285	$nb_total = $nb_post;
	286	$stack[$rs->level] = (integer) $nb_post;
	287	} elseif ($rs->level == $level) {
	288	$nb_total = $nb_post;
	289	$stack[$rs->level] += $nb_post;
	290	} else {
	291	$nb_total = $stack[$rs->level+1] + $nb_post;
	292	if (isset($stack[$rs->level])) {
	293	$stack[$rs->level] += $nb_total;
	294	} else {
	295	$stack[$rs->level] = $nb_total;
	296	}
	297	unset($stack[$rs->level+1]);
	298	}
	299
	300	if ($nb_total == 0 && $without_empty) {
	301	continue;
	302	}
	303
	304	$level = $rs->level;
	305
	306	$t = array();
	307	foreach ($cols as $c) {
	308	$t[$c] = $rs->f($c);
	309	}
	310	$t['nb_post'] = $nb_post;
	311	$t['nb_total'] = $nb_total;
	312
	313	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
	314	array_unshift($data,$t);
	315	}
	316	}
	317
	318	# We need to apply filter after counting
[836]	319	if (isset($params['cat_id']) && $params['cat_id'] !== '')
[0]	320	{
	321	$found = false;
	322	foreach ($data as $v) {
	323	if ($v['cat_id'] == $params['cat_id']) {
	324	$found = true;
	325	$data = array($v);
	326	break;
	327	}
	328	}
	329	if (!$found) {
	330	$data = array();
	331	}
	332	}
	333
[836]	334	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
	335	&& !isset($params['cat_id']))
[0]	336	{
	337	$found = false;
	338	foreach ($data as $v) {
	339	if ($v['cat_url'] == $params['cat_url']) {
	340	$found = true;
	341	$data = array($v);
	342	break;
	343	}
	344	}
	345	if (!$found) {
	346	$data = array();
	347	}
	348	}
	349
	350	return staticRecord::newFromArray($data);
	351	}
	352
	353	/**
	354	Retrieves a category by its ID.
	355
	356	@param id <b>integer</b> Category ID
	357	@return <b>record</b>
	358	*/
	359	public function getCategory($id)
	360	{
	361	return $this->getCategories(array('cat_id' => $id));
	362	}
	363
	364	/**
	365	Retrieves parents of a given category.
	366
	367	@param id <b>integer</b> Category ID
	368	@return <b>record</b>
	369	*/
	370	public function getCategoryParents($id)
	371	{
	372	return $this->categories()->getParents($id);
	373	}
	374
	375	/**
	376	Retrieves first parent of a given category.
	377
	378	@param id <b>integer</b> Category ID
	379	@return <b>record</b>
	380	*/
	381	public function getCategoryParent($id)
	382	{
	383	return $this->categories()->getParent($id);
	384	}
	385
	386	/**
	387	Retrieves all category's first children
	388
	389	@param id <b>integer</b> Category ID
	390	@return <b>record</b>
	391	*/
	392	public function getCategoryFirstChildren($id)
	393	{
	394	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
	395	}
	396
	397	private function getCategoriesCounter($params=array())
	398	{
	399	$strReq =
	400	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
	401	'FROM '.$this->prefix.'category AS C '.
	402	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
	403	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
	404
	405	if (!$this->core->auth->userID()) {
	406	$strReq .= 'AND P.post_status = 1 ';
	407	}
	408
	409	if (!empty($params['post_type'])) {
[302]	410	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
[0]	411	}
	412
	413	$strReq .= 'GROUP BY C.cat_id ';
	414
	415	$rs = $this->con->select($strReq);
	416	$counters = array();
	417	while ($rs->fetch()) {
	418	$counters[$rs->cat_id] = $rs->nb_post;
	419	}
	420
	421	return $counters;
	422	}
	423
	424	/**
	425	Creates a new category. Takes a cursor as input and returns the new category
	426	ID.
	427
	428	@param cur <b>cursor</b> Category cursor
	429	@return <b>integer</b> New category ID
	430	*/
	431	public function addCategory($cur,$parent=0)
	432	{
	433	if (!$this->core->auth->check('categories',$this->id)) {
	434	throw new Exception(__('You are not allowed to add categories'));
	435	}
	436
	437	$url = array();
	438	if ($parent != 0)
	439	{
	440	$rs = $this->getCategory($parent);
	441	if ($rs->isEmpty()) {
	442	$url = array();
	443	} else {
	444	$url[] = $rs->cat_url;
	445	}
	446	}
	447
	448	if ($cur->cat_url == '') {
	449	$url[] = text::tidyURL($cur->cat_title,false);
	450	} else {
	451	$url[] = $cur->cat_url;
	452	}
	453
	454	$cur->cat_url = implode('/',$url);
	455
	456	$this->getCategoryCursor($cur);
	457	$cur->blog_id = (string) $this->id;
	458
	459	# --BEHAVIOR-- coreBeforeCategoryCreate
	460	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
	461
	462	$this->categories()->addNode($cur,$parent);
	463
	464	# --BEHAVIOR-- coreAfterCategoryCreate
	465	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
	466	$this->triggerBlog();
	467
	468	return $cur->cat_id;
	469	}
	470
	471	/**
	472	Updates an existing category.
	473
	474	@param id <b>integer</b> Category ID
	475	@param cur <b>cursor</b> Category cursor
	476	*/
	477	public function updCategory($id,$cur)
	478	{
	479	if (!$this->core->auth->check('categories',$this->id)) {
	480	throw new Exception(__('You are not allowed to update categories'));
	481	}
	482
	483	if ($cur->cat_url == '')
	484	{
	485	$url = array();
	486	$rs = $this->categories()->getParents($id);
	487	while ($rs->fetch()) {
	488	if ($rs->index() == $rs->count()-1) {
	489	$url[] = $rs->cat_url;
	490	}
	491	}
	492
	493
	494	$url[] = text::tidyURL($cur->cat_title,false);
	495	$cur->cat_url = implode('/',$url);
	496	}
	497
	498	$this->getCategoryCursor($cur,$id);
	499
	500	# --BEHAVIOR-- coreBeforeCategoryUpdate
	501	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
	502
	503	$cur->update(
	504	'WHERE cat_id = '.(integer) $id.' '.
	505	"AND blog_id = '".$this->con->escape($this->id)."' ");
	506
	507	# --BEHAVIOR-- coreAfterCategoryUpdate
	508	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
	509
	510	$this->triggerBlog();
	511	}
	512
	513	/**
	514	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
	515	instead.
	516
	517	@param id <b>integer</b> Category ID
	518	@param order <b>integer</b> Category position
	519	*/
	520	public function updCategoryOrder($id,$order)
	521	{
	522	return;
	523	}
	524
	525	/**
	526	Set a category parent
	527
	528	@param id <b>integer</b> Category ID
	529	@param parent <b>integer</b> Parent Category ID
	530	*/
	531	public function setCategoryParent($id,$parent)
	532	{
	533	$this->categories()->setNodeParent($id,$parent);
	534	$this->triggerBlog();
	535	}
	536
	537	/**
	538	Set category position
	539
	540	@param id <b>integer</b> Category ID
	541	@param sibling <b>integer</b> Sibling Category ID
	542	@param move <b>integer</b> Order (before\|after)
	543	*/
	544	public function setCategoryPosition($id,$sibling,$move)
	545	{
	546	$this->categories()->setNodePosition($id,$sibling,$move);
	547	$this->triggerBlog();
	548	}
	549
	550	/**
	551	Deletes a category.
	552
	553	@param id <b>integer</b> Category ID
	554	*/
	555	public function delCategory($id)
	556	{
	557	if (!$this->core->auth->check('categories',$this->id)) {
	558	throw new Exception(__('You are not allowed to delete categories'));
	559	}
	560
	561	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
	562	'FROM '.$this->prefix.'post '.
	563	'WHERE cat_id = '.(integer) $id.' '.
	564	"AND blog_id = '".$this->con->escape($this->id)."' ";
	565
	566	$rs = $this->con->select($strReq);
	567
	568	if ($rs->nb_post > 0) {
	569	throw new Exception(__('This category is not empty.'));
	570	}
	571
	572	$this->categories()->deleteNode($id,true);
	573	$this->triggerBlog();
	574	}
	575
	576	/**
	577	Reset categories order and relocate them to first level
	578	*/
	579	public function resetCategoriesOrder()
	580	{
	581	if (!$this->core->auth->check('categories',$this->id)) {
[822]	582	throw new Exception(__('You are not allowed to reset categories order'));
[0]	583	}
	584
	585	$this->categories()->resetOrder();
[734]	586	$this->triggerBlog();
[0]	587	}
	588
	589	private function checkCategory($title,$url,$id=null)
	590	{
	591	$strReq = 'SELECT cat_id '.
	592	'FROM '.$this->prefix.'category '.
	593	"WHERE cat_url = '".$this->con->escape($url)."' ".
	594	"AND blog_id = '".$this->con->escape($this->id)."' ";
	595
	596	if ($id !== null) {
	597	$strReq .= 'AND cat_id <> '.(integer) $id.' ';
	598	}
	599
	600	$rs = $this->con->select($strReq);
	601
	602	if (!$rs->isEmpty()) {
	603	throw new Exception(__('Category URL must be unique.'));
	604	}
	605	}
	606
	607	private function getCategoryCursor($cur,$id=null)
	608	{
	609	if ($cur->cat_title == '') {
	610	throw new Exception(__('You must provide a category title'));
	611	}
	612
	613	# If we don't have any cat_url, let's do one
	614	if ($cur->cat_url == '') {
	615	$cur->cat_url = text::tidyURL($cur->cat_title,false);
	616	}
	617
	618	# Still empty ?
	619	if ($cur->cat_url == '') {
	620	throw new Exception(__('You must provide a category URL'));
	621	} else {
	622	$cur->cat_url = text::tidyURL($cur->cat_url,true);
	623	}
	624
	625	# Check if title or url are unique
	626	$this->checkCategory($cur->cat_title,$cur->cat_url,$id);
	627
	628	if ($cur->cat_desc !== null) {
	629	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
	630	}
	631	}
	632	//@}
	633
	634	/// @name Entries management methods
	635	//@{
	636	/**
	637	Retrieves entries. <b>$params</b> is an array taking the following
	638	optionnal parameters:
	639
	640	- no_content: Don't retrieve entry content (excerpt and content)
	641	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
	642	- post_id: (integer) Get entry with given post_id
	643	- post_url: Get entry with given post_url field
	644	- user_id: (integer) Get entries belonging to given user ID
	645	- cat_id: (string or array) Get entries belonging to given category ID
	646	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
	647	- cat_url: (string or array) Get entries belonging to given category URL
	648	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
	649	- post_status: (integer) Get entries with given post_status
	650	- post_selected: (boolean) Get select flaged entries
	651	- post_year: (integer) Get entries with given year
	652	- post_month: (integer) Get entries with given month
	653	- post_day: (integer) Get entries with given day
	654	- post_lang: Get entries with given language code
	655	- search: Get entries corresponding of the following search string
	656	- columns: (array) More columns to retrieve
	657	- sql: Append SQL string at the end of the query
	658	- from: Append SQL string after "FROM" statement in query
	659	- order: Order of results (default "ORDER BY post_dt DES")
	660	- limit: Limit parameter
[774]	661	- sql_only : return the sql request instead of results. Only ids are selected
[0]	662
	663	Please note that on every cat_id or cat_url, you can add ?not to exclude
	664	the category and ?sub to get subcategories.
	665
	666	@param params <b>array</b> Parameters
	667	@param count_only <b>boolean</b> Only counts results
[191]	668	@return <b>record</b> A record with some more capabilities or the SQL request
[0]	669	*/
[774]	670	public function getPosts($params=array(),$count_only=false)
[0]	671	{
[817]	672	# --BEHAVIOR-- coreBlogBeforeGetPosts
[819]	673	$params = new ArrayObject($params);
[817]	674	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
	675
[0]	676	if ($count_only)
	677	{
	678	$strReq = 'SELECT count(P.post_id) ';
	679	}
[774]	680	elseif (!empty($params['sql_only']))
	681	{
	682	$strReq = 'SELECT P.post_id ';
	683	}
[0]	684	else
	685	{
	686	if (!empty($params['no_content'])) {
	687	$content_req = '';
	688	} else {
	689	$content_req =
	690	'post_excerpt, post_excerpt_xhtml, '.
	691	'post_content, post_content_xhtml, post_notes, ';
	692	}
	693
	694	if (!empty($params['columns']) && is_array($params['columns'])) {
	695	$content_req .= implode(', ',$params['columns']).', ';
	696	}
	697
	698	$strReq =
	699	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
	700	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
	701	'post_url, post_lang, post_title, '.$content_req.
	702	'post_type, post_meta, post_status, post_selected, post_position, '.
	703	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
	704	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
	705	'U.user_url, '.
	706	'C.cat_title, C.cat_url, C.cat_desc ';
	707	}
	708
	709	$strReq .=
	710	'FROM '.$this->prefix.'post P '.
	711	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
	712	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
	713
	714	if (!empty($params['from'])) {
	715	$strReq .= $params['from'].' ';
	716	}
	717
	718	$strReq .=
	719	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
	720
	721	if (!$this->core->auth->check('contentadmin',$this->id)) {
	722	$strReq .= 'AND ((post_status = 1 ';
	723
	724	if ($this->without_password) {
	725	$strReq .= 'AND post_password IS NULL ';
	726	}
	727	$strReq .= ') ';
	728
	729	if ($this->core->auth->userID()) {
	730	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	731	} else {
	732	$strReq .= ') ';
	733	}
	734	}
	735
	736	#Adding parameters
	737	if (isset($params['post_type']))
	738	{
[407]	739	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
	740	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
	741	}
[0]	742	}
	743	else
	744	{
	745	$strReq .= "AND post_type = 'post' ";
	746	}
	747
[836]	748	if (isset($params['post_id']) && $params['post_id'] !== '') {
[0]	749	if (is_array($params['post_id'])) {
	750	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
	751	} else {
	752	$params['post_id'] = array((integer) $params['post_id']);
	753	}
	754	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
	755	}
	756
[836]	757	if (isset($params['post_url']) && $params['post_url'] !== '') {
[0]	758	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
	759	}
	760
	761	if (!empty($params['user_id'])) {
	762	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
	763	}
	764
[836]	765	if (isset($params['cat_id']) && $params['cat_id'] !== '')
[0]	766	{
	767	if (!is_array($params['cat_id'])) {
	768	$params['cat_id'] = array($params['cat_id']);
	769	}
	770	if (!empty($params['cat_id_not'])) {
	771	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
	772	}
	773	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
	774	}
[836]	775	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
[0]	776	{
	777	if (!is_array($params['cat_url'])) {
	778	$params['cat_url'] = array($params['cat_url']);
	779	}
	780	if (!empty($params['cat_url_not'])) {
	781	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
	782	}
	783	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
	784	}
	785
	786	/* Other filters */
	787	if (isset($params['post_status'])) {
	788	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
	789	}
	790
	791	if (isset($params['post_selected'])) {
	792	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
	793	}
	794
	795	if (!empty($params['post_year'])) {
	796	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
	797	"'".sprintf('%04d',$params['post_year'])."' ";
	798	}
	799
	800	if (!empty($params['post_month'])) {
	801	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
	802	"'".sprintf('%02d',$params['post_month'])."' ";
	803	}
	804
	805	if (!empty($params['post_day'])) {
	806	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
	807	"'".sprintf('%02d',$params['post_day'])."' ";
	808	}
	809
	810	if (!empty($params['post_lang'])) {
	811	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
	812	}
	813
	814	if (!empty($params['search']))
	815	{
	816	$words = text::splitWords($params['search']);
	817
	818	if (!empty($words))
	819	{
	820	# --BEHAVIOR-- corePostSearch
	821	if ($this->core->hasBehavior('corePostSearch')) {
	822	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
	823	}
	824
	825	if ($words)
	826	{
	827	foreach ($words as $i => $w) {
	828	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
	829	}
	830	$strReq .= 'AND '.implode(' AND ',$words).' ';
	831	}
	832	}
	833	}
	834
	835	if (!empty($params['sql'])) {
	836	$strReq .= $params['sql'].' ';
	837	}
	838
	839	if (!$count_only)
	840	{
	841	if (!empty($params['order'])) {
	842	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
	843	} else {
	844	$strReq .= 'ORDER BY post_dt DESC ';
	845	}
	846	}
	847
	848	if (!$count_only && !empty($params['limit'])) {
	849	$strReq .= $this->con->limit($params['limit']);
	850	}
	851
[774]	852	if (!empty($params['sql_only'])) {
[191]	853	return $strReq;
	854	}
	855
[0]	856	$rs = $this->con->select($strReq);
	857	$rs->core = $this->core;
	858	$rs->_nb_media = array();
	859	$rs->extend('rsExtPost');
	860
	861	# --BEHAVIOR-- coreBlogGetPosts
	862	$this->core->callBehavior('coreBlogGetPosts',$rs);
	863
	864	return $rs;
	865	}
	866
	867	/**
	868	Returns a record with post id, title and date for next or previous post
	869	according to the post ID.
	870	$dir could be 1 (next post) or -1 (previous post).
	871
	872	@param post_id <b>integer</b> Post ID
	873	@param dir <b>integer</b> Search direction
	874	@param restrict_to_category <b>boolean</b> Restrict to post with same category
	875	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
	876	@return record
	877	*/
	878	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
	879	{
	880	$dt = $post->post_dt;
	881	$post_id = (integer) $post->post_id;
	882
	883	if($dir > 0) {
[336]	884	$sign = '>';
	885	$order = 'ASC';
	886	}
	887	else {
	888	$sign = '<';
	889	$order = 'DESC';
	890	}
[0]	891
	892	$params['post_type'] = $post->post_type;
	893	$params['limit'] = 1;
	894	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
	895	$params['sql'] =
	896	'AND ( '.
	897	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
	898	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
	899	') ';
	900
	901	if ($restrict_to_category) {
	902	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
	903	}
	904
	905	if ($restrict_to_lang) {
	906	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
	907	}
	908
	909	$rs = $this->getPosts($params);
	910
	911	if ($rs->isEmpty()) {
	912	return null;
	913	}
	914
	915	return $rs;
	916	}
	917
	918	/**
	919	Retrieves different languages and post count on blog, based on post_lang
	920	field. <var>$params</var> is an array taking the following optionnal
	921	parameters:
	922
	923	- post_type: Get only entries with given type (default "post", '' for no type)
	924	- lang: retrieve post count for selected lang
	925	- order: order statement (default post_lang DESC)
	926
	927	@param params <b>array</b> Parameters
	928	@return record
	929	*/
	930	public function getLangs($params=array())
	931	{
	932	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
	933	'FROM '.$this->prefix.'post '.
	934	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	935	"AND post_lang <> '' ".
	936	"AND post_lang IS NOT NULL ";
	937
	938	if (!$this->core->auth->check('contentadmin',$this->id)) {
	939	$strReq .= 'AND ((post_status = 1 ';
	940
	941	if ($this->without_password) {
	942	$strReq .= 'AND post_password IS NULL ';
	943	}
	944	$strReq .= ') ';
	945
	946	if ($this->core->auth->userID()) {
	947	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
	948	} else {
	949	$strReq .= ') ';
	950	}
	951	}
	952
	953	if (isset($params['post_type'])) {
	954	if ($params['post_type'] != '') {
	955	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
	956	}
	957	} else {
	958	$strReq .= "AND post_type = 'post' ";
	959	}
	960
	961	if (isset($params['lang'])) {
	962	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
	963	}
	964
	965	$strReq .= 'GROUP BY post_lang ';
	966
	967	$order = 'desc';
	968	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
	969	$order = $params['order'];
	970	}
	971	$strReq .= 'ORDER BY post_lang '.$order.' ';
	972
	973	return $this->con->select($strReq);
	974	}
	975
	976	/**
	977	Returns a record with all distinct blog dates and post count.
	978	<var>$params</var> is an array taking the following optionnal parameters:
	979
	980	- type: (day\|month\|year) Get days, months or years
	981	- year: (integer) Get dates for given year
	982	- month: (integer) Get dates for given month
	983	- day: (integer) Get dates for given day
	984	- cat_id: (integer) Category ID filter
	985	- cat_url: Category URL filter
	986	- post_lang: lang of the posts
	987	- next: Get date following match
	988	- previous: Get date before match
	989	- order: Sort by date "ASC" or "DESC"
	990
	991	@param params <b>array</b> Parameters array
	992	@return record
	993	*/
	994	public function getDates($params=array())
	995	{
	996	$dt_f = '%Y-%m-%d';
	997	$dt_fc = '%Y%m%d';
	998	if (isset($params['type'])) {
	999	if ($params['type'] == 'year') {
	1000	$dt_f = '%Y-01-01';
	1001	$dt_fc = '%Y0101';
	1002	} elseif ($params['type'] == 'month') {
	1003	$dt_f = '%Y-%m-01';
	1004	$dt_fc = '%Y%m01';
	1005	}
	1006	}
	1007	$dt_f .= ' 00:00:00';
	1008	$dt_fc .= '000000';
	1009
	1010	$cat_field = $catReq = $limit = '';
	1011
[836]	1012	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
[0]	1013	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
	1014	$cat_field = ', C.cat_url ';
[836]	1015	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
[0]	1016	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
	1017	$cat_field = ', C.cat_url ';
	1018	}
	1019	if (!empty($params['post_lang'])) {
	1020	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
	1021	}
	1022
	1023	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
	1024	$cat_field.
	1025	',COUNT(P.post_id) AS nb_post '.
	1026	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
	1027	'ON P.cat_id = C.cat_id '.
	1028	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
	1029	$catReq;
	1030
	1031	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1032	$strReq .= 'AND ((post_status = 1 ';
	1033
	1034	if ($this->without_password) {
	1035	$strReq .= 'AND post_password IS NULL ';
	1036	}
	1037	$strReq .= ') ';
	1038
	1039	if ($this->core->auth->userID()) {
	1040	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1041	} else {
	1042	$strReq .= ') ';
	1043	}
	1044	}
	1045
	1046	if (!empty($params['post_type'])) {
	1047	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
	1048	} else {
	1049	$strReq .= "AND post_type = 'post' ";
	1050	}
[335]	1051
[0]	1052	if (!empty($params['year'])) {
	1053	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
	1054	}
	1055
	1056	if (!empty($params['month'])) {
	1057	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
	1058	}
	1059
	1060	if (!empty($params['day'])) {
	1061	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
	1062	}
	1063
	1064	# Get next or previous date
	1065	if (!empty($params['next']) \|\| !empty($params['previous']))
	1066	{
	1067	if (!empty($params['next'])) {
	1068	$pdir = ' > ';
	1069	$params['order'] = 'asc';
	1070	$dt = $params['next'];
	1071	} else {
	1072	$pdir = ' < ';
	1073	$params['order'] = 'desc';
	1074	$dt = $params['previous'];
	1075	}
	1076
	1077	$dt = date('YmdHis',strtotime($dt));
	1078
	1079	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
	1080	$limit = $this->con->limit(1);
	1081	}
	1082
	1083	$strReq .= 'GROUP BY dt '.$cat_field;
	1084
	1085	$order = 'desc';
	1086	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
	1087	$order = $params['order'];
	1088	}
	1089
	1090	$strReq .=
	1091	'ORDER BY dt '.$order.' '.
	1092	$limit;
	1093
	1094	$rs = $this->con->select($strReq);
	1095	$rs->extend('rsExtDates');
	1096	return $rs;
	1097	}
	1098
	1099	/**
	1100	Creates a new entry. Takes a cursor as input and returns the new entry
	1101	ID.
	1102
	1103	@param cur <b>cursor</b> Post cursor
	1104	@return <b>integer</b> New post ID
	1105	*/
	1106	public function addPost($cur)
	1107	{
	1108	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1109	throw new Exception(__('You are not allowed to create an entry'));
	1110	}
	1111
	1112	$this->con->writeLock($this->prefix.'post');
	1113	try
	1114	{
	1115	# Get ID
	1116	$rs = $this->con->select(
	1117	'SELECT MAX(post_id) '.
	1118	'FROM '.$this->prefix.'post '
	1119	);
	1120
	1121	$cur->post_id = (integer) $rs->f(0) + 1;
	1122	$cur->blog_id = (string) $this->id;
	1123	$cur->post_creadt = date('Y-m-d H:i:s');
	1124	$cur->post_upddt = date('Y-m-d H:i:s');
	1125	$cur->post_tz = $this->core->auth->getInfo('user_tz');
	1126
	1127	# Post excerpt and content
	1128	$this->getPostContent($cur,$cur->post_id);
	1129
	1130	$this->getPostCursor($cur);
	1131
	1132	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
	1133
	1134	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1135	$cur->post_status = -2;
	1136	}
	1137
	1138	# --BEHAVIOR-- coreBeforePostCreate
	1139	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
	1140
	1141	$cur->insert();
	1142	$this->con->unlock();
	1143	}
	1144	catch (Exception $e)
	1145	{
	1146	$this->con->unlock();
	1147	throw $e;
	1148	}
	1149
	1150	# --BEHAVIOR-- coreAfterPostCreate
	1151	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
	1152
	1153	$this->triggerBlog();
	1154
	1155	return $cur->post_id;
	1156	}
	1157
	1158	/**
	1159	Updates an existing post.
	1160
	1161	@param id <b>integer</b> Post ID
	1162	@param cur <b>cursor</b> Post cursor
	1163	*/
	1164	public function updPost($id,$cur)
	1165	{
	1166	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1167	throw new Exception(__('You are not allowed to update entries'));
	1168	}
	1169
	1170	$id = (integer) $id;
	1171
	1172	if (empty($id)) {
	1173	throw new Exception(__('No such entry ID'));
	1174	}
	1175
	1176	# Post excerpt and content
	1177	$this->getPostContent($cur,$id);
	1178
	1179	$this->getPostCursor($cur);
	1180
	1181	if ($cur->post_url !== null) {
	1182	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
	1183	}
	1184
	1185	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1186	$cur->unsetField('post_status');
	1187	}
	1188
	1189	$cur->post_upddt = date('Y-m-d H:i:s');
	1190
[335]	1191	#If user is only "usage", we need to check the post's owner
[0]	1192	if (!$this->core->auth->check('contentadmin',$this->id))
	1193	{
	1194	$strReq = 'SELECT post_id '.
	1195	'FROM '.$this->prefix.'post '.
	1196	'WHERE post_id = '.$id.' '.
	1197	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1198
	1199	$rs = $this->con->select($strReq);
	1200
	1201	if ($rs->isEmpty()) {
	1202	throw new Exception(__('You are not allowed to edit this entry'));
	1203	}
	1204	}
	1205
	1206	# --BEHAVIOR-- coreBeforePostUpdate
	1207	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
	1208
	1209	$cur->update('WHERE post_id = '.$id.' ');
	1210
	1211	# --BEHAVIOR-- coreAfterPostUpdate
	1212	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
	1213
	1214	$this->triggerBlog();
	1215	}
	1216
	1217	/**
	1218	Updates post status.
	1219
	1220	@param id <b>integer</b> Post ID
	1221	@param status <b>integer</b> Post status
	1222	*/
	1223	public function updPostStatus($id,$status)
	1224	{
	1225	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1226	throw new Exception(__('You are not allowed to change this entry status'));
	1227	}
	1228
	1229	$id = (integer) $id;
	1230	$status = (integer) $status;
	1231
	1232	#If user can only publish, we need to check the post's owner
	1233	if (!$this->core->auth->check('contentadmin',$this->id))
	1234	{
	1235	$strReq = 'SELECT post_id '.
	1236	'FROM '.$this->prefix.'post '.
	1237	'WHERE post_id = '.$id.' '.
	1238	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1239	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1240
	1241	$rs = $this->con->select($strReq);
	1242
	1243	if ($rs->isEmpty()) {
	1244	throw new Exception(__('You are not allowed to change this entry status'));
	1245	}
	1246	}
	1247
	1248	$cur = $this->con->openCursor($this->prefix.'post');
	1249
	1250	$cur->post_status = $status;
	1251	$cur->post_upddt = date('Y-m-d H:i:s');
	1252
	1253	$cur->update(
	1254	'WHERE post_id = '.$id.' '.
	1255	"AND blog_id = '".$this->con->escape($this->id)."' "
	1256	);
	1257	$this->triggerBlog();
	1258	}
	1259
	1260	public function updPostSelected($id,$selected)
	1261	{
	1262	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1263	throw new Exception(__('You are not allowed to change this entry category'));
	1264	}
	1265
	1266	$id = (integer) $id;
	1267	$selected = (boolean) $selected;
	1268
	1269	# If user is only usage, we need to check the post's owner
	1270	if (!$this->core->auth->check('contentadmin',$this->id))
	1271	{
	1272	$strReq = 'SELECT post_id '.
	1273	'FROM '.$this->prefix.'post '.
	1274	'WHERE post_id = '.$id.' '.
	1275	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1276	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1277
	1278	$rs = $this->con->select($strReq);
	1279
	1280	if ($rs->isEmpty()) {
	1281	throw new Exception(__('You are not allowed to mark this entry as selected'));
	1282	}
	1283	}
	1284
	1285	$cur = $this->con->openCursor($this->prefix.'post');
	1286
	1287	$cur->post_selected = (integer) $selected;
	1288	$cur->post_upddt = date('Y-m-d H:i:s');
	1289
	1290	$cur->update(
	1291	'WHERE post_id = '.$id.' '.
	1292	"AND blog_id = '".$this->con->escape($this->id)."' "
	1293	);
	1294	$this->triggerBlog();
	1295	}
	1296
	1297	/**
	1298	Updates post category. <var>$cat_id</var> can be null.
	1299
	1300	@param id <b>integer</b> Post ID
	1301	@param cat_id <b>integer</b> Category ID
	1302	*/
	1303	public function updPostCategory($id,$cat_id)
	1304	{
	1305	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1306	throw new Exception(__('You are not allowed to change this entry category'));
	1307	}
	1308
	1309	$id = (integer) $id;
	1310	$cat_id = (integer) $cat_id;
	1311
	1312	# If user is only usage, we need to check the post's owner
	1313	if (!$this->core->auth->check('contentadmin',$this->id))
	1314	{
	1315	$strReq = 'SELECT post_id '.
	1316	'FROM '.$this->prefix.'post '.
	1317	'WHERE post_id = '.$id.' '.
	1318	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1319	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1320
	1321	$rs = $this->con->select($strReq);
	1322
	1323	if ($rs->isEmpty()) {
	1324	throw new Exception(__('You are not allowed to change this entry category'));
	1325	}
	1326	}
	1327
	1328	$cur = $this->con->openCursor($this->prefix.'post');
	1329
	1330	$cur->cat_id = ($cat_id ? $cat_id : null);
	1331	$cur->post_upddt = date('Y-m-d H:i:s');
	1332
	1333	$cur->update(
	1334	'WHERE post_id = '.$id.' '.
	1335	"AND blog_id = '".$this->con->escape($this->id)."' "
	1336	);
	1337	$this->triggerBlog();
	1338	}
	1339
	1340	/**
	1341	Deletes a post.
	1342
	1343	@param id <b>integer</b> Post ID
	1344	*/
	1345	public function delPost($id)
	1346	{
	1347	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	1348	throw new Exception(__('You are not allowed to delete entries'));
	1349	}
	1350
	1351	$id = (integer) $id;
	1352
	1353	if (empty($id)) {
	1354	throw new Exception(__('No such entry ID'));
	1355	}
	1356
	1357	#If user can only delete, we need to check the post's owner
	1358	if (!$this->core->auth->check('contentadmin',$this->id))
	1359	{
	1360	$strReq = 'SELECT post_id '.
	1361	'FROM '.$this->prefix.'post '.
	1362	'WHERE post_id = '.$id.' '.
	1363	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1364	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1365
	1366	$rs = $this->con->select($strReq);
	1367
	1368	if ($rs->isEmpty()) {
	1369	throw new Exception(__('You are not allowed to delete this entry'));
	1370	}
	1371	}
	1372
	1373
	1374	$strReq = 'DELETE FROM '.$this->prefix.'post '.
	1375	'WHERE post_id = '.$id.' '.
	1376	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1377
	1378	$this->con->execute($strReq);
	1379	$this->triggerBlog();
	1380	}
	1381
	1382	/**
	1383	Publishes all entries flaged as "scheduled".
	1384	*/
	1385	public function publishScheduledEntries()
	1386	{
	1387	$strReq = 'SELECT post_id, post_dt, post_tz '.
	1388	'FROM '.$this->prefix.'post '.
	1389	'WHERE post_status = -1 '.
	1390	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1391
	1392	$rs = $this->con->select($strReq);
	1393
	1394	$now = dt::toUTC(time());
[833]	1395	$to_change = new ArrayObject();
	1396
[0]	1397	if ($rs->isEmpty()) {
	1398	return;
	1399	}
	1400
	1401	while ($rs->fetch())
	1402	{
	1403	# Now timestamp with post timezone
	1404	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
	1405
	1406	# Post timestamp
	1407	$post_ts = strtotime($rs->post_dt);
	1408
	1409	# If now_tz >= post_ts, we publish the entry
	1410	if ($now_tz >= $post_ts) {
	1411	$to_change[] = (integer) $rs->post_id;
	1412	}
	1413	}
[833]	1414	if (count($to_change))
[0]	1415	{
[811]	1416	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
	1417	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
	1418
[0]	1419	$strReq =
	1420	'UPDATE '.$this->prefix.'post SET '.
	1421	'post_status = 1 '.
	1422	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
[833]	1423	'AND post_id '.$this->con->in((array)$to_change).' ';
[0]	1424	$this->con->execute($strReq);
	1425	$this->triggerBlog();
[811]	1426
	1427	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
	1428	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
[0]	1429	}
[811]	1430
[0]	1431	}
	1432
	1433	/**
	1434	Retrieves all users having posts on current blog.
	1435
	1436	@param post_type <b>string</b> post_type filter (post)
	1437	@return record
	1438	*/
	1439	public function getPostsUsers($post_type='post')
	1440	{
	1441	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
	1442	'user_displayname, user_email '.
	1443	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
	1444	'WHERE P.user_id = U.user_id '.
	1445	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1446
	1447	if ($post_type) {
	1448	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
	1449	}
	1450
	1451	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
	1452
	1453	return $this->con->select($strReq);
	1454	}
	1455
	1456	private function getPostsCategoryFilter($arr,$field='cat_id')
	1457	{
	1458	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
	1459
	1460	$sub = array();
	1461	$not = array();
	1462	$queries = array();
	1463
	1464	foreach ($arr as $v)
	1465	{
	1466	$v = trim($v);
	1467	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
	1468	$id = array_shift($args);
	1469	$args = array_flip($args);
	1470
	1471	if (isset($args['not'])) { $not[$id] = 1; }
	1472	if (isset($args['sub'])) { $sub[$id] = 1; }
	1473	if ($field == 'cat_id') {
	1474	if (preg_match('/^null$/i',$id)) {
	1475	$queries[$id] = 'P.cat_id IS NULL';
	1476	}
	1477	else {
	1478	$queries[$id] = 'P.cat_id = '.(integer) $id;
	1479	}
	1480	} else {
	1481	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
	1482	}
	1483	}
	1484
	1485	if (!empty($sub)) {
	1486	$rs = $this->con->select(
	1487	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
	1488	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1489	'AND '.$field.' '.$this->con->in(array_keys($sub))
	1490	);
	1491
	1492	while ($rs->fetch()) {
	1493	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
	1494	}
	1495	}
	1496
	1497	# Create queries
	1498	$sql = array(
	1499	0 => array(), # wanted categories
	1500	1 => array() # excluded categories
	1501	);
	1502
	1503	foreach ($queries as $id => $q) {
	1504	$sql[(integer) isset($not[$id])][] = $q;
	1505	}
	1506
	1507	$sql[0] = implode(' OR ',$sql[0]);
	1508	$sql[1] = implode(' OR ',$sql[1]);
	1509
	1510	if ($sql[0]) {
	1511	$sql[0] = '('.$sql[0].')';
	1512	} else {
	1513	unset($sql[0]);
	1514	}
	1515
	1516	if ($sql[1]) {
	1517	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
	1518	} else {
	1519	unset($sql[1]);
	1520	}
	1521
	1522	return implode(' AND ',$sql);
	1523	}
	1524
	1525	private function getPostCursor($cur,$post_id=null)
	1526	{
	1527	if ($cur->post_title == '') {
	1528	throw new Exception(__('No entry title'));
	1529	}
	1530
	1531	if ($cur->post_content == '') {
	1532	throw new Exception(__('No entry content'));
	1533	}
	1534
	1535	if ($cur->post_password === '') {
	1536	$cur->post_password = null;
	1537	}
	1538
	1539	if ($cur->post_dt == '') {
	1540	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
	1541	$now = time() + $offset;
	1542	$cur->post_dt = date('Y-m-d H:i:00',$now);
	1543	}
	1544
	1545	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
	1546
	1547	if ($cur->post_content_xhtml == '') {
	1548	throw new Exception(__('No entry content'));
	1549	}
	1550
	1551	# Words list
	1552	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
	1553	&& $cur->post_content_xhtml !== null)
	1554	{
	1555	$words =
	1556	$cur->post_title.' '.
	1557	$cur->post_excerpt_xhtml.' '.
	1558	$cur->post_content_xhtml;
	1559
	1560	$cur->post_words = implode(' ',text::splitWords($words));
	1561	}
	1562	}
	1563
	1564	private function getPostContent($cur,$post_id)
	1565	{
	1566	$post_excerpt = $cur->post_excerpt;
	1567	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
	1568	$post_content = $cur->post_content;
	1569	$post_content_xhtml = $cur->post_content_xhtml;
	1570
	1571	$this->setPostContent(
	1572	$post_id,$cur->post_format,$cur->post_lang,
	1573	$post_excerpt,$post_excerpt_xhtml,
	1574	$post_content,$post_content_xhtml
	1575	);
	1576
	1577	$cur->post_excerpt = $post_excerpt;
	1578	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
	1579	$cur->post_content = $post_content;
	1580	$cur->post_content_xhtml = $post_content_xhtml;
	1581	}
	1582
	1583	/**
	1584	Creates post HTML content, taking format and lang into account.
	1585
	1586	@param post_id <b>integer</b> Post ID
	1587	@param format <b>string</b> Post format
	1588	@param lang <b>string</b> Post lang
	1589	@param excerpt <b>string</b> Post excerpt
	1590	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
	1591	@param content <b>string</b> Post content
	1592	@param[out] content_xhtml <b>string</b> Post content HTML
	1593	*/
	1594	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
	1595	{
	1596	if ($format == 'wiki')
	1597	{
	1598	$this->core->initWikiPost();
	1599	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
[970]	1600	switch ($this->settings->system->note_title_tag) {
	1601	case 1:
	1602	$tag = 'h3';
	1603	break;
	1604	case 2:
	1605	$tag = 'p';
	1606	break;
	1607	default:
	1608	$tag = 'h4';
	1609	break;
	1610	}
	1611	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
	1612	__('Notes').'</'.$tag.'>%s</div>');
	1613	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
	1614	__('Note').'</'.$tag.'>%s</div>');
[0]	1615	if (strpos($lang,'fr') === 0) {
	1616	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
	1617	}
	1618	}
	1619
	1620	if ($excerpt) {
	1621	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
	1622	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
	1623	} else {
	1624	$excerpt_xhtml = '';
	1625	}
	1626
	1627	if ($content) {
	1628	$content_xhtml = $this->core->callFormater($format,$content);
	1629	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
	1630	} else {
	1631	$content_xhtml = '';
	1632	}
	1633
	1634	# --BEHAVIOR-- coreAfterPostContentFormat
	1635	$this->core->callBehavior('coreAfterPostContentFormat',array(
	1636	'excerpt' => &$excerpt,
	1637	'content' => &$content,
	1638	'excerpt_xhtml' => &$excerpt_xhtml,
	1639	'content_xhtml' => &$content_xhtml
	1640	));
	1641	}
	1642
	1643	/**
	1644	Returns URL for a post according to blog setting <var>post_url_format</var>.
	1645	It will try to guess URL and append some figures if needed.
	1646
	1647	@param url <b>string</b> Origin URL, could be empty
	1648	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
	1649	@param post_title <b>string</b> Post title
	1650	@param post_id <b>integer</b> Post ID
	1651	@return <b>string</b> result URL
	1652	*/
	1653	public function getPostURL($url,$post_dt,$post_title,$post_id)
	1654	{
	1655	$url = trim($url);
	1656
	1657	$url_patterns = array(
	1658	'{y}' => date('Y',strtotime($post_dt)),
	1659	'{m}' => date('m',strtotime($post_dt)),
	1660	'{d}' => date('d',strtotime($post_dt)),
	1661	'{t}' => text::tidyURL($post_title),
	1662	'{id}' => (integer) $post_id
	1663	);
	1664
	1665	# If URL is empty, we create a new one
	1666	if ($url == '')
	1667	{
	1668	# Transform with format
	1669	$url = str_replace(
	1670	array_keys($url_patterns),
	1671	array_values($url_patterns),
	1672	$this->settings->system->post_url_format
	1673	);
	1674	}
	1675	else
	1676	{
	1677	$url = text::tidyURL($url);
	1678	}
	1679
	1680	# Let's check if URL is taken...
	1681	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
	1682	"WHERE post_url = '".$this->con->escape($url)."' ".
	1683	'AND post_id <> '.(integer) $post_id. ' '.
	1684	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1685	'ORDER BY post_url DESC';
	1686
	1687	$rs = $this->con->select($strReq);
	1688
	1689	if (!$rs->isEmpty())
	1690	{
	1691	if ($this->con->driver() == 'mysql') {
	1692	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
	1693	} elseif ($this->con->driver() == 'pgsql') {
	1694	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
	1695	} else {
	1696	$clause = "LIKE '".$this->con->escape($url)."%'";
	1697	}
	1698	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
	1699	"WHERE post_url ".$clause.' '.
	1700	'AND post_id <> '.(integer) $post_id.' '.
	1701	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1702	'ORDER BY post_url DESC ';
	1703
	1704	$rs = $this->con->select($strReq);
	1705	$a = array();
	1706	while ($rs->fetch()) {
	1707	$a[] = $rs->post_url;
	1708	}
	1709
	1710	natsort($a);
	1711	$t_url = end($a);
	1712
	1713	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
	1714	$i = (integer) $m[2];
	1715	$url = $m[1];
	1716	} else {
	1717	$i = 1;
	1718	}
	1719
	1720	return $url.($i+1);
	1721	}
	1722
	1723	# URL is empty?
	1724	if ($url == '') {
	1725	throw new Exception(__('Empty entry URL'));
	1726	}
	1727
	1728	return $url;
	1729	}
	1730	//@}
	1731
	1732	/// @name Comments management methods
	1733	//@{
	1734	/**
	1735	Retrieves comments. <b>$params</b> is an array taking the following
	1736	optionnal parameters:
	1737
	1738	- no_content: Don't retrieve comment content
	1739	- post_type: Get only entries with given type (default no type, array for many types)
	1740	- post_id: (integer) Get comments belonging to given post_id
	1741	- cat_id: (integer or array) Get comments belonging to entries of given category ID
	1742	- comment_id: (integer) Get comment with given ID
	1743	- comment_status: (integer) Get comments with given comment_status
	1744	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
	1745	- comment_ip: (string) Get comments with given IP address
	1746	- post_url: Get entry with given post_url field
	1747	- user_id: (integer) Get entries belonging to given user ID
	1748	- q_author: Search comments by author
	1749	- sql: Append SQL string at the end of the query
	1750	- from: Append SQL string after "FROM" statement in query
	1751	- order: Order of results (default "ORDER BY comment_dt DES")
	1752	- limit: Limit parameter
[774]	1753	- sql_only : return the sql request instead of results. Only ids are selected
[0]	1754
	1755	@param params <b>array</b> Parameters
	1756	@param count_only <b>boolean</b> Only counts results
	1757	@return <b>record</b> A record with some more capabilities
	1758	*/
	1759	public function getComments($params=array(),$count_only=false)
	1760	{
	1761	if ($count_only)
	1762	{
	1763	$strReq = 'SELECT count(comment_id) ';
	1764	}
[774]	1765	elseif (!empty($params['sql_only']))
	1766	{
	1767	$strReq = 'SELECT P.post_id ';
	1768	}
[0]	1769	else
	1770	{
	1771	if (!empty($params['no_content'])) {
	1772	$content_req = '';
	1773	} else {
	1774	$content_req = 'comment_content, ';
	1775	}
	1776
	1777	if (!empty($params['columns']) && is_array($params['columns'])) {
	1778	$content_req .= implode(', ',$params['columns']).', ';
	1779	}
	1780
	1781	$strReq =
	1782	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
	1783	'comment_author, comment_email, comment_site, '.
	1784	$content_req.' comment_trackback, comment_status, '.
	1785	'comment_spam_status, comment_spam_filter, comment_ip, '.
	1786	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
	1787	'P.post_dt, P.user_id, U.user_email, U.user_url ';
	1788	}
	1789
	1790	$strReq .=
	1791	'FROM '.$this->prefix.'comment C '.
	1792	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
	1793	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
	1794
	1795	if (!empty($params['from'])) {
	1796	$strReq .= $params['from'].' ';
	1797	}
	1798
	1799	$strReq .=
	1800	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
	1801
	1802	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1803	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
	1804
	1805	if ($this->without_password) {
	1806	$strReq .= 'AND post_password IS NULL ';
	1807	}
	1808	$strReq .= ') ';
	1809
	1810	if ($this->core->auth->userID()) {
	1811	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1812	} else {
	1813	$strReq .= ') ';
	1814	}
	1815	}
	1816
	1817	if (!empty($params['post_type']))
	1818	{
[340]	1819	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
[0]	1820	}
	1821
[836]	1822	if (isset($params['post_id']) && $params['post_id'] !== '') {
[0]	1823	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
	1824	}
	1825
[836]	1826	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
[0]	1827	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
	1828	}
	1829
[836]	1830	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
[0]	1831	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
	1832	}
	1833
	1834	if (isset($params['comment_status'])) {
	1835	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
	1836	}
	1837
	1838	if (!empty($params['comment_status_not']))
	1839	{
	1840	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
	1841	}
	1842
	1843	if (isset($params['comment_trackback'])) {
	1844	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
	1845	}
	1846
	1847	if (isset($params['comment_ip'])) {
	1848	$strReq .= "AND comment_ip = '".$this->con->escape($params['comment_ip'])."' ";
	1849	}
	1850
	1851	if (isset($params['q_author'])) {
	1852	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
	1853	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
	1854	}
	1855
	1856	if (!empty($params['search']))
	1857	{
	1858	$words = text::splitWords($params['search']);
	1859
	1860	if (!empty($words))
	1861	{
	1862	# --BEHAVIOR coreCommentSearch
	1863	if ($this->core->hasBehavior('coreCommentSearch')) {
	1864	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
	1865	}
	1866
	1867	if ($words)
	1868	{
	1869	foreach ($words as $i => $w) {
	1870	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
	1871	}
	1872	$strReq .= 'AND '.implode(' AND ',$words).' ';
	1873	}
	1874	}
	1875	}
	1876
	1877	if (!empty($params['sql'])) {
	1878	$strReq .= $params['sql'].' ';
	1879	}
	1880
	1881	if (!$count_only)
	1882	{
	1883	if (!empty($params['order'])) {
	1884	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
	1885	} else {
	1886	$strReq .= 'ORDER BY comment_dt DESC ';
	1887	}
	1888	}
	1889
	1890	if (!$count_only && !empty($params['limit'])) {
	1891	$strReq .= $this->con->limit($params['limit']);
	1892	}
[774]	1893
	1894	if (!empty($params['sql_only'])) {
	1895	return $strReq;
	1896	}
[0]	1897
	1898	$rs = $this->con->select($strReq);
	1899	$rs->core = $this->core;
	1900	$rs->extend('rsExtComment');
	1901
	1902	# --BEHAVIOR-- coreBlogGetComments
	1903	$this->core->callBehavior('coreBlogGetComments',$rs);
	1904
	1905	return $rs;
	1906	}
	1907
	1908	/**
	1909	Creates a new comment. Takes a cursor as input and returns the new comment
	1910	ID.
	1911
	1912	@param cur <b>cursor</b> Comment cursor
	1913	@return <b>integer</b> New comment ID
	1914	*/
	1915	public function addComment($cur)
	1916	{
	1917	$this->con->writeLock($this->prefix.'comment');
	1918	try
	1919	{
	1920	# Get ID
	1921	$rs = $this->con->select(
	1922	'SELECT MAX(comment_id) '.
	1923	'FROM '.$this->prefix.'comment '
	1924	);
	1925
	1926	$cur->comment_id = (integer) $rs->f(0) + 1;
	1927	$cur->comment_upddt = date('Y-m-d H:i:s');
	1928
	1929	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
	1930	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
	1931	$cur->comment_tz = $this->settings->system->blog_timezone;
	1932
	1933	$this->getCommentCursor($cur);
	1934
	1935	if ($cur->comment_ip === null) {
	1936	$cur->comment_ip = http::realIP();
	1937	}
	1938
	1939	# --BEHAVIOR-- coreBeforeCommentCreate
	1940	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
	1941
	1942	$cur->insert();
	1943	$this->con->unlock();
	1944	}
	1945	catch (Exception $e)
	1946	{
	1947	$this->con->unlock();
	1948	throw $e;
	1949	}
	1950
	1951	# --BEHAVIOR-- coreAfterCommentCreate
	1952	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
	1953
	1954	$this->triggerComment($cur->comment_id);
	1955	if ($cur->comment_status != -2) {
	1956	$this->triggerBlog();
	1957	}
	1958	return $cur->comment_id;
	1959	}
	1960
	1961	/**
	1962	Updates an existing comment.
	1963
	1964	@param id <b>integer</b> Comment ID
	1965	@param cur <b>cursor</b> Comment cursor
	1966	*/
	1967	public function updComment($id,$cur)
	1968	{
	1969	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1970	throw new Exception(__('You are not allowed to update comments'));
	1971	}
	1972
	1973	$id = (integer) $id;
	1974
	1975	if (empty($id)) {
	1976	throw new Exception(__('No such comment ID'));
	1977	}
	1978
	1979	$rs = $this->getComments(array('comment_id' => $id));
	1980
	1981	if ($rs->isEmpty()) {
	1982	throw new Exception(__('No such comment ID'));
	1983	}
	1984
	1985	#If user is only usage, we need to check the post's owner
	1986	if (!$this->core->auth->check('contentadmin',$this->id))
	1987	{
	1988	if ($rs->user_id != $this->core->auth->userID()) {
	1989	throw new Exception(__('You are not allowed to update this comment'));
	1990	}
	1991	}
	1992
	1993	$this->getCommentCursor($cur);
	1994
	1995	$cur->comment_upddt = date('Y-m-d H:i:s');
	1996
	1997	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1998	$cur->unsetField('comment_status');
	1999	}
	2000
	2001	# --BEHAVIOR-- coreBeforeCommentUpdate
	2002	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
	2003
	2004	$cur->update('WHERE comment_id = '.$id.' ');
	2005
	2006	# --BEHAVIOR-- coreAfterCommentUpdate
	2007	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
	2008
	2009	$this->triggerComment($id);
	2010	$this->triggerBlog();
	2011	}
	2012
	2013	/**
	2014	Updates comment status.
	2015
	2016	@param id <b>integer</b> Comment ID
	2017	@param status <b>integer</b> Comment status
	2018	*/
	2019	public function updCommentStatus($id,$status)
	2020	{
	2021	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	2022	throw new Exception(__("You are not allowed to change this comment's status"));
	2023	}
	2024
	2025	$cur = $this->con->openCursor($this->prefix.'comment');
	2026	$cur->comment_status = (integer) $status;
	2027	$this->updComment($id,$cur);
	2028	}
	2029
	2030	/**
	2031	Delete a comment
	2032
	2033	@param id <b>integer</b> Comment ID
	2034	*/
	2035	public function delComment($id)
	2036	{
	2037	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	2038	throw new Exception(__('You are not allowed to delete comments'));
	2039	}
	2040
	2041	$id = (integer) $id;
	2042
	2043	if (empty($id)) {
	2044	throw new Exception(__('No such comment ID'));
	2045	}
	2046
	2047	#If user can only delete, we need to check the post's owner
	2048	if (!$this->core->auth->check('contentadmin',$this->id))
	2049	{
	2050	$strReq = 'SELECT P.post_id '.
	2051	'FROM '.$this->prefix.'post P, '.$this->prefix.'comment C '.
	2052	'WHERE P.post_id = C.post_id '.
	2053	"AND P.blog_id = '".$this->con->escape($this->id)."' ".
	2054	'AND comment_id = '.$id.' '.
	2055	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	2056
	2057	$rs = $this->con->select($strReq);
	2058
	2059	if ($rs->isEmpty()) {
	2060	throw new Exception(__('You are not allowed to delete this comment'));
	2061	}
	2062	}
	2063
	2064	$strReq = 'DELETE FROM '.$this->prefix.'comment '.
	2065	'WHERE comment_id = '.$id.' ';
	2066
	2067	$this->triggerComment($id,true);
	2068	$this->con->execute($strReq);
	2069	$this->triggerBlog();
	2070	}
	2071
	2072	private function getCommentCursor($cur)
	2073	{
	2074	if ($cur->comment_content !== null && $cur->comment_content == '') {
	2075	throw new Exception(__('You must provide a comment'));
	2076	}
	2077
	2078	if ($cur->comment_author !== null && $cur->comment_author == '') {
	2079	throw new Exception(__('You must provide an author name'));
	2080	}
	2081
	2082	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
	2083	throw new Exception(__('Email address is not valid.'));
	2084	}
	2085
	2086	if ($cur->comment_site !== null && $cur->comment_site != '') {
	2087	if (!preg_match('\|^http(s?)://\|',$cur->comment_site)) {
	2088	$cur->comment_site = 'http://'.$cur->comment_site;
	2089	}
	2090	}
	2091
	2092	if ($cur->comment_status === null) {
	2093	$cur->comment_status = (integer) $this->settings->system->comments_pub;
	2094	}
	2095
	2096	# Words list
	2097	if ($cur->comment_content !== null)
	2098	{
	2099	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
	2100	}
	2101	}
	2102	//@}
	2103	}
[335]	2104	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 970:047d7b4a6ffd

Download in other formats:

Sites map