class.dc.blog.php @ 2073:9964def5a701

Visit:

Revision 2073:9964def5a701, 62.6 KB checked in by franck <carnet.franck.paul@…>, 12 years ago (diff)
Fixes some tests on mysqli

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[1179]	6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
[0]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12	if (!defined('DC_RC_PATH')) { return; }
	13
	14	/**
	15	@ingroup DC_CORE
	16	@nosubgrouping
	17	@brief Dotclear blog class.
	18
	19	Dotclear blog class instance is provided by dcCore $blog property.
	20	*/
	21	class dcBlog
	22	{
[337]	23	/** @var dcCore dcCore instance */
	24	protected $core;
	25	/** @var connection Database connection object */
	26	public $con;
	27	/** @var string Database table prefix */
	28	public $prefix;
[0]	29
[337]	30	/** @var string Blog ID */
	31	public $id;
	32	/** @var string Blog unique ID */
	33	public $uid;
	34	/** @var string Blog name */
	35	public $name;
	36	/** @var string Blog description */
	37	public $desc;
	38	/** @var string Blog URL */
	39	public $url;
	40	/** @var string Blog host */
	41	public $host;
	42	/** @var string Blog creation date */
	43	public $creadt;
	44	/** @var string Blog last update date */
	45	public $upddt;
	46	/** @var string Blog status */
	47	public $status;
[0]	48
[337]	49	/** @var dcSettings dcSettings object */
	50	public $settings;
	51	/** @var string Blog theme path */
	52	public $themes_path;
	53	/** @var string Blog public path */
	54	public $public_path;
[0]	55
	56	private $post_status = array();
	57	private $comment_status = array();
	58
	59	private $categories;
	60
[337]	61	/** @var boolean Disallow entries password protection */
	62	public $without_password = true;
[0]	63
	64	/**
	65	Inits dcBlog object
	66
	67	@param core <b>dcCore</b> Dotclear core reference
	68	@param id <b>string</b> Blog ID
	69	*/
	70	public function __construct($core, $id)
	71	{
	72	$this->con =& $core->con;
	73	$this->prefix = $core->prefix;
	74	$this->core =& $core;
	75
	76	if (($b = $this->core->getBlog($id)) !== false)
	77	{
	78	$this->id = $id;
	79	$this->uid = $b->blog_uid;
	80	$this->name = $b->blog_name;
	81	$this->desc = $b->blog_desc;
	82	$this->url = $b->blog_url;
[1244]	83	$this->host = http::getHostFromURL($this->url);
[0]	84	$this->creadt = strtotime($b->blog_creadt);
	85	$this->upddt = strtotime($b->blog_upddt);
	86	$this->status = $b->blog_status;
	87
	88	$this->settings = new dcSettings($this->core,$this->id);
	89
	90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
	91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
	92
[1353]	93	$this->post_status['-2'] = __('Pending');
	94	$this->post_status['-1'] = __('Scheduled');
	95	$this->post_status['0'] = __('Unpublished');
	96	$this->post_status['1'] = __('Published');
[0]	97
[1353]	98	$this->comment_status['-2'] = __('Junk');
	99	$this->comment_status['-1'] = __('Pending');
	100	$this->comment_status['0'] = __('Unpublished');
	101	$this->comment_status['1'] = __('Published');
[0]	102
	103	# --BEHAVIOR-- coreBlogConstruct
	104	$this->core->callBehavior('coreBlogConstruct',$this);
	105	}
	106	}
	107
	108	/// @name Common public methods
	109	//@{
	110	/**
	111	Returns blog URL ending with a question mark.
	112	*/
	113	public function getQmarkURL()
	114	{
	115	if (substr($this->url,-1) != '?') {
	116	return $this->url.'?';
	117	}
	118
	119	return $this->url;
	120	}
	121
	122	/**
	123	Returns an entry status name given to a code. Status are translated, never
	124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
	125
	126	@param s <b>integer</b> Status code
	127	@return <b>string</b> Blog status name
	128	*/
	129	public function getPostStatus($s)
	130	{
	131	if (isset($this->post_status[$s])) {
	132	return $this->post_status[$s];
	133	}
	134	return $this->post_status['0'];
	135	}
	136
	137	/**
	138	Returns an array of available entry status codes and names.
	139
	140	@return <b>array</b> Simple array with codes in keys and names in value
	141	*/
	142	public function getAllPostStatus()
	143	{
	144	return $this->post_status;
	145	}
	146
	147	/**
	148	Returns an array of available comment status codes and names.
	149
	150	@return <b>array</b> Simple array with codes in keys and names in value
	151	*/
	152	public function getAllCommentStatus()
	153	{
	154	return $this->comment_status;
	155	}
	156
	157	/**
	158	Disallows entries password protection. You need to set it to
	159	<var>false</var> while serving a public blog.
	160
	161	@param v <b>boolean</b>
	162	*/
	163	public function withoutPassword($v)
	164	{
	165	$this->without_password = (boolean) $v;
	166	}
	167	//@}
	168
	169	/// @name Triggers methods
	170	//@{
	171	/**
	172	Updates blog last update date. Should be called every time you change
	173	an element related to the blog.
	174	*/
	175	public function triggerBlog()
	176	{
	177	$cur = $this->con->openCursor($this->prefix.'blog');
	178
	179	$cur->blog_upddt = date('Y-m-d H:i:s');
	180
	181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
	182
	183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
	184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
	185	}
	186
	187	/**
	188	Updates comment and trackback counters in post table. Should be called
	189	every time a comment or trackback is added, removed or changed its status.
	190
	191	@param id <b>integer</b> Comment ID
	192	@param del <b>boolean</b> If comment is delete, set this to true
	193	*/
	194	public function triggerComment($id,$del=false)
	195	{
[1042]	196	$this->triggerComments($id,$del);
	197	}
	198
	199	/**
	200	Updates comments and trackbacks counters in post table. Should be called
[1689]	201	every time comments or trackbacks are added, removed or changed their status.
[1042]	202
	203	@param ids <b>mixed</b> Comment(s) ID(s)
	204	@param del <b>boolean</b> If comment is delete, set this to true
[1262]	205	@param affected_posts <b>mixed</b> Posts(s) ID(s)
[1042]	206	*/
[1262]	207	public function triggerComments($ids, $del=false, $affected_posts=null)
[1042]	208	{
[1561]	209	$comments_ids = dcUtils::cleanIds($ids);
[0]	210
[1570]	211	# Get posts affected by comments edition
	212	if (empty($affected_posts)) {
[1262]	213	$strReq =
[1570]	214	'SELECT post_id '.
[1262]	215	'FROM '.$this->prefix.'comment '.
[1561]	216	'WHERE comment_id'.$this->con->in($comments_ids).
[1570]	217	'GROUP BY post_id';
[1262]	218
	219	$rs = $this->con->select($strReq);
	220
[1570]	221	$affected_posts = array();
[1262]	222	while ($rs->fetch()) {
[1570]	223	$affected_posts[] = (integer) $rs->post_id;
[1262]	224	}
[1042]	225	}
[0]	226
[1570]	227	if (!is_array($affected_posts) \|\| empty($affected_posts)) {
	228	return;
	229	}
	230
	231	# Count number of comments if exists for affected posts
[1042]	232	$strReq =
[1570]	233	'SELECT post_id, COUNT(post_id) AS nb_comment, comment_trackback '.
[1042]	234	'FROM '.$this->prefix.'comment '.
[1110]	235	'WHERE comment_status = 1 '.
[1570]	236	'AND post_id'.$this->con->in($affected_posts).
[1042]	237	'GROUP BY post_id,comment_trackback';
	238
[0]	239	$rs = $this->con->select($strReq);
	240
[1570]	241	$posts = array();
[1042]	242	while ($rs->fetch()) {
[1570]	243	if ($rs->comment_trackback) {
	244	$posts[$rs->post_id]['trackback'] = $rs->nb_comment;
	245	} else {
	246	$posts[$rs->post_id]['comment'] = $rs->nb_comment;
	247	}
[1042]	248	}
	249
[1570]	250	# Update number of comments on affected posts
[0]	251	$cur = $this->con->openCursor($this->prefix.'post');
[1570]	252	foreach($affected_posts as $post_id)
[1042]	253	{
[1570]	254	$cur->clean();
[1561]	255
[1570]	256	if (!array_key_exists($post_id,$posts)) {
	257	$cur->nb_trackback = 0;
	258	$cur->nb_comment = 0;
	259	} else {
	260	$cur->nb_trackback = empty($posts[$post_id]['trackback']) ? 0 : $posts[$post_id]['trackback'];
	261	$cur->nb_comment = empty($posts[$post_id]['comment']) ? 0 : $posts[$post_id]['comment'];
[1042]	262	}
	263
[1570]	264	$cur->update('WHERE post_id = '.$post_id);
[0]	265	}
	266	}
	267	//@}
	268
	269	/// @name Categories management methods
	270	//@{
	271	public function categories()
	272	{
	273	if (!($this->categories instanceof dcCategories)) {
	274	$this->categories = new dcCategories($this->core);
	275	}
	276
	277	return $this->categories;
	278	}
	279
	280	/**
	281	Retrieves categories. <var>$params</var> is an associative array which can
	282	take the following parameters:
	283
	284	- post_type: Get only entries with given type (default "post")
	285	- cat_url: filter on cat_url field
	286	- cat_id: filter on cat_id field
	287	- start: start with a given category
	288	- level: categories level to retrieve
	289
	290	@param params <b>array</b> Parameters
	291	@return <b>record</b>
	292	*/
	293	public function getCategories($params=array())
	294	{
	295	$c_params = array();
	296	if (isset($params['post_type'])) {
	297	$c_params['post_type'] = $params['post_type'];
	298	unset($params['post_type']);
	299	}
	300	$counter = $this->getCategoriesCounter($c_params);
	301
[1610]	302	if (isset($params['without_empty']) && ($params['without_empty'] == false)) {
	303	$without_empty = false;
	304	} else {
	305	$without_empty = $this->core->auth->userID() == false; # Get all categories if in admin display
	306	}
[0]	307
	308	$start = isset($params['start']) ? (integer) $params['start'] : 0;
	309	$l = isset($params['level']) ? (integer) $params['level'] : 0;
	310
	311	$rs = $this->categories()->getChildren($start,null,'desc');
	312
	313	# Get each categories total posts count
	314	$data = array();
	315	$stack = array();
	316	$level = 0;
	317	$cols = $rs->columns();
	318	while ($rs->fetch())
	319	{
	320	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
	321
	322	if ($rs->level > $level) {
	323	$nb_total = $nb_post;
	324	$stack[$rs->level] = (integer) $nb_post;
	325	} elseif ($rs->level == $level) {
	326	$nb_total = $nb_post;
	327	$stack[$rs->level] += $nb_post;
	328	} else {
	329	$nb_total = $stack[$rs->level+1] + $nb_post;
	330	if (isset($stack[$rs->level])) {
	331	$stack[$rs->level] += $nb_total;
	332	} else {
	333	$stack[$rs->level] = $nb_total;
	334	}
	335	unset($stack[$rs->level+1]);
	336	}
	337
	338	if ($nb_total == 0 && $without_empty) {
	339	continue;
	340	}
	341
	342	$level = $rs->level;
	343
	344	$t = array();
	345	foreach ($cols as $c) {
	346	$t[$c] = $rs->f($c);
	347	}
	348	$t['nb_post'] = $nb_post;
	349	$t['nb_total'] = $nb_total;
	350
	351	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
	352	array_unshift($data,$t);
	353	}
	354	}
	355
	356	# We need to apply filter after counting
[836]	357	if (isset($params['cat_id']) && $params['cat_id'] !== '')
[0]	358	{
	359	$found = false;
	360	foreach ($data as $v) {
	361	if ($v['cat_id'] == $params['cat_id']) {
	362	$found = true;
	363	$data = array($v);
	364	break;
	365	}
	366	}
	367	if (!$found) {
	368	$data = array();
	369	}
	370	}
	371
[836]	372	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
	373	&& !isset($params['cat_id']))
[0]	374	{
	375	$found = false;
	376	foreach ($data as $v) {
	377	if ($v['cat_url'] == $params['cat_url']) {
	378	$found = true;
	379	$data = array($v);
	380	break;
	381	}
	382	}
	383	if (!$found) {
	384	$data = array();
	385	}
	386	}
	387
	388	return staticRecord::newFromArray($data);
	389	}
	390
	391	/**
	392	Retrieves a category by its ID.
	393
	394	@param id <b>integer</b> Category ID
	395	@return <b>record</b>
	396	*/
	397	public function getCategory($id)
	398	{
	399	return $this->getCategories(array('cat_id' => $id));
	400	}
	401
	402	/**
	403	Retrieves parents of a given category.
	404
	405	@param id <b>integer</b> Category ID
	406	@return <b>record</b>
	407	*/
	408	public function getCategoryParents($id)
	409	{
	410	return $this->categories()->getParents($id);
	411	}
	412
	413	/**
	414	Retrieves first parent of a given category.
	415
	416	@param id <b>integer</b> Category ID
	417	@return <b>record</b>
	418	*/
	419	public function getCategoryParent($id)
	420	{
	421	return $this->categories()->getParent($id);
	422	}
	423
	424	/**
	425	Retrieves all category's first children
	426
	427	@param id <b>integer</b> Category ID
	428	@return <b>record</b>
	429	*/
	430	public function getCategoryFirstChildren($id)
	431	{
	432	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
	433	}
	434
	435	private function getCategoriesCounter($params=array())
	436	{
	437	$strReq =
	438	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
	439	'FROM '.$this->prefix.'category AS C '.
	440	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
	441	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
	442
	443	if (!$this->core->auth->userID()) {
	444	$strReq .= 'AND P.post_status = 1 ';
	445	}
	446
	447	if (!empty($params['post_type'])) {
[302]	448	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
[0]	449	}
	450
	451	$strReq .= 'GROUP BY C.cat_id ';
	452
	453	$rs = $this->con->select($strReq);
	454	$counters = array();
	455	while ($rs->fetch()) {
	456	$counters[$rs->cat_id] = $rs->nb_post;
	457	}
	458
	459	return $counters;
	460	}
	461
	462	/**
	463	Creates a new category. Takes a cursor as input and returns the new category
	464	ID.
	465
	466	@param cur <b>cursor</b> Category cursor
	467	@return <b>integer</b> New category ID
	468	*/
	469	public function addCategory($cur,$parent=0)
	470	{
	471	if (!$this->core->auth->check('categories',$this->id)) {
	472	throw new Exception(__('You are not allowed to add categories'));
	473	}
	474
	475	$url = array();
	476	if ($parent != 0)
	477	{
	478	$rs = $this->getCategory($parent);
	479	if ($rs->isEmpty()) {
	480	$url = array();
	481	} else {
	482	$url[] = $rs->cat_url;
	483	}
	484	}
	485
	486	if ($cur->cat_url == '') {
	487	$url[] = text::tidyURL($cur->cat_title,false);
	488	} else {
	489	$url[] = $cur->cat_url;
	490	}
	491
	492	$cur->cat_url = implode('/',$url);
	493
	494	$this->getCategoryCursor($cur);
	495	$cur->blog_id = (string) $this->id;
	496
	497	# --BEHAVIOR-- coreBeforeCategoryCreate
	498	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
	499
[1261]	500	$id = $this->categories()->addNode($cur,$parent);
	501	# Update category's cursor
	502	$rs = $this->getCategory($id);
	503	if (!$rs->isEmpty()) {
	504	$cur->cat_lft = $rs->cat_lft;
	505	$cur->cat_rgt = $rs->cat_rgt;
	506	}
[0]	507
	508	# --BEHAVIOR-- coreAfterCategoryCreate
	509	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
	510	$this->triggerBlog();
	511
	512	return $cur->cat_id;
	513	}
	514
	515	/**
	516	Updates an existing category.
	517
	518	@param id <b>integer</b> Category ID
	519	@param cur <b>cursor</b> Category cursor
	520	*/
	521	public function updCategory($id,$cur)
	522	{
	523	if (!$this->core->auth->check('categories',$this->id)) {
	524	throw new Exception(__('You are not allowed to update categories'));
	525	}
	526
	527	if ($cur->cat_url == '')
	528	{
	529	$url = array();
	530	$rs = $this->categories()->getParents($id);
	531	while ($rs->fetch()) {
	532	if ($rs->index() == $rs->count()-1) {
	533	$url[] = $rs->cat_url;
	534	}
	535	}
	536
	537
	538	$url[] = text::tidyURL($cur->cat_title,false);
	539	$cur->cat_url = implode('/',$url);
	540	}
	541
	542	$this->getCategoryCursor($cur,$id);
	543
	544	# --BEHAVIOR-- coreBeforeCategoryUpdate
	545	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
	546
	547	$cur->update(
	548	'WHERE cat_id = '.(integer) $id.' '.
	549	"AND blog_id = '".$this->con->escape($this->id)."' ");
	550
	551	# --BEHAVIOR-- coreAfterCategoryUpdate
	552	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
	553
	554	$this->triggerBlog();
	555	}
[1532]	556
	557	/**
	558	Set category position
	559
	560	@param id <b>integer</b> Category ID
	561	@param left <b>integer</b> Category ID before
	562	@param right <b>integer</b> Category ID after
	563	*/
	564	public function updCategoryPosition($id,$left,$right)
	565	{
	566	$this->categories()->updatePosition($id,$left,$right);
	567	$this->triggerBlog();
	568	}
[0]	569
	570	/**
	571	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
	572	instead.
	573
	574	@param id <b>integer</b> Category ID
	575	@param order <b>integer</b> Category position
	576	*/
	577	public function updCategoryOrder($id,$order)
	578	{
	579	return;
	580	}
	581
	582	/**
	583	Set a category parent
	584
	585	@param id <b>integer</b> Category ID
	586	@param parent <b>integer</b> Parent Category ID
	587	*/
	588	public function setCategoryParent($id,$parent)
	589	{
	590	$this->categories()->setNodeParent($id,$parent);
	591	$this->triggerBlog();
	592	}
	593
	594	/**
	595	Set category position
	596
	597	@param id <b>integer</b> Category ID
	598	@param sibling <b>integer</b> Sibling Category ID
	599	@param move <b>integer</b> Order (before\|after)
	600	*/
	601	public function setCategoryPosition($id,$sibling,$move)
	602	{
	603	$this->categories()->setNodePosition($id,$sibling,$move);
	604	$this->triggerBlog();
	605	}
	606
	607	/**
	608	Deletes a category.
	609
	610	@param id <b>integer</b> Category ID
	611	*/
	612	public function delCategory($id)
	613	{
	614	if (!$this->core->auth->check('categories',$this->id)) {
	615	throw new Exception(__('You are not allowed to delete categories'));
	616	}
	617
	618	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
	619	'FROM '.$this->prefix.'post '.
	620	'WHERE cat_id = '.(integer) $id.' '.
	621	"AND blog_id = '".$this->con->escape($this->id)."' ";
	622
	623	$rs = $this->con->select($strReq);
	624
	625	if ($rs->nb_post > 0) {
	626	throw new Exception(__('This category is not empty.'));
	627	}
	628
	629	$this->categories()->deleteNode($id,true);
	630	$this->triggerBlog();
	631	}
	632
	633	/**
	634	Reset categories order and relocate them to first level
	635	*/
	636	public function resetCategoriesOrder()
	637	{
	638	if (!$this->core->auth->check('categories',$this->id)) {
[822]	639	throw new Exception(__('You are not allowed to reset categories order'));
[0]	640	}
	641
	642	$this->categories()->resetOrder();
[734]	643	$this->triggerBlog();
[0]	644	}
	645
	646	private function checkCategory($title,$url,$id=null)
	647	{
[1429]	648	# Let's check if URL is taken...
	649	$strReq =
	650	'SELECT cat_url FROM '.$this->prefix.'category '.
	651	"WHERE cat_url = '".$this->con->escape($url)."' ".
	652	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
	653	"AND blog_id = '".$this->con->escape($this->id)."' ".
	654	'ORDER BY cat_url DESC';
[0]	655
	656	$rs = $this->con->select($strReq);
	657
[1429]	658	if (!$rs->isEmpty())
	659	{
[1743]	660	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
[1429]	661	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
	662	} elseif ($this->con->driver() == 'pgsql') {
	663	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
	664	} else {
	665	$clause = "LIKE '".$this->con->escape($url)."%'";
	666	}
	667	$strReq =
	668	'SELECT cat_url FROM '.$this->prefix.'category '.
	669	"WHERE cat_url ".$clause.' '.
	670	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
	671	"AND blog_id = '".$this->con->escape($this->id)."' ".
	672	'ORDER BY cat_url DESC ';
	673
	674	$rs = $this->con->select($strReq);
	675	$a = array();
	676	while ($rs->fetch()) {
	677	$a[] = $rs->cat_url;
	678	}
	679
	680	natsort($a);
	681	$t_url = end($a);
	682
	683	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
	684	$i = (integer) $m[2];
	685	$url = $m[1];
	686	} else {
	687	$i = 1;
	688	}
	689
	690	return $url.($i+1);
[0]	691	}
[1429]	692
	693	# URL is empty?
	694	if ($url == '') {
	695	throw new Exception(__('Empty category URL'));
	696	}
	697
	698	return $url;
[0]	699	}
	700
	701	private function getCategoryCursor($cur,$id=null)
	702	{
	703	if ($cur->cat_title == '') {
	704	throw new Exception(__('You must provide a category title'));
	705	}
	706
	707	# If we don't have any cat_url, let's do one
	708	if ($cur->cat_url == '') {
	709	$cur->cat_url = text::tidyURL($cur->cat_title,false);
	710	}
	711
	712	# Still empty ?
	713	if ($cur->cat_url == '') {
	714	throw new Exception(__('You must provide a category URL'));
	715	} else {
	716	$cur->cat_url = text::tidyURL($cur->cat_url,true);
	717	}
	718
	719	# Check if title or url are unique
[1429]	720	$cur->cat_url = $this->checkCategory($cur->cat_title,$cur->cat_url,$id);
[0]	721
	722	if ($cur->cat_desc !== null) {
	723	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
	724	}
	725	}
	726	//@}
	727
	728	/// @name Entries management methods
	729	//@{
	730	/**
	731	Retrieves entries. <b>$params</b> is an array taking the following
	732	optionnal parameters:
	733
	734	- no_content: Don't retrieve entry content (excerpt and content)
	735	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
[1541]	736	- post_id: (integer or array) Get entry with given post_id
[0]	737	- post_url: Get entry with given post_url field
	738	- user_id: (integer) Get entries belonging to given user ID
	739	- cat_id: (string or array) Get entries belonging to given category ID
	740	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
	741	- cat_url: (string or array) Get entries belonging to given category URL
	742	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
	743	- post_status: (integer) Get entries with given post_status
	744	- post_selected: (boolean) Get select flaged entries
	745	- post_year: (integer) Get entries with given year
	746	- post_month: (integer) Get entries with given month
	747	- post_day: (integer) Get entries with given day
	748	- post_lang: Get entries with given language code
	749	- search: Get entries corresponding of the following search string
	750	- columns: (array) More columns to retrieve
	751	- sql: Append SQL string at the end of the query
	752	- from: Append SQL string after "FROM" statement in query
	753	- order: Order of results (default "ORDER BY post_dt DES")
	754	- limit: Limit parameter
[774]	755	- sql_only : return the sql request instead of results. Only ids are selected
[1541]	756	- exclude_post_id : (integer or array) Exclude entries with given post_id
[0]	757
	758	Please note that on every cat_id or cat_url, you can add ?not to exclude
	759	the category and ?sub to get subcategories.
	760
	761	@param params <b>array</b> Parameters
	762	@param count_only <b>boolean</b> Only counts results
[191]	763	@return <b>record</b> A record with some more capabilities or the SQL request
[0]	764	*/
[774]	765	public function getPosts($params=array(),$count_only=false)
[0]	766	{
[817]	767	# --BEHAVIOR-- coreBlogBeforeGetPosts
[819]	768	$params = new ArrayObject($params);
[817]	769	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
	770
[0]	771	if ($count_only)
	772	{
	773	$strReq = 'SELECT count(P.post_id) ';
	774	}
[774]	775	elseif (!empty($params['sql_only']))
	776	{
	777	$strReq = 'SELECT P.post_id ';
	778	}
[0]	779	else
	780	{
	781	if (!empty($params['no_content'])) {
	782	$content_req = '';
	783	} else {
	784	$content_req =
	785	'post_excerpt, post_excerpt_xhtml, '.
	786	'post_content, post_content_xhtml, post_notes, ';
	787	}
	788
	789	if (!empty($params['columns']) && is_array($params['columns'])) {
	790	$content_req .= implode(', ',$params['columns']).', ';
	791	}
	792
	793	$strReq =
	794	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
	795	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
	796	'post_url, post_lang, post_title, '.$content_req.
	797	'post_type, post_meta, post_status, post_selected, post_position, '.
	798	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
	799	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
	800	'U.user_url, '.
	801	'C.cat_title, C.cat_url, C.cat_desc ';
	802	}
	803
	804	$strReq .=
	805	'FROM '.$this->prefix.'post P '.
	806	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
	807	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
	808
	809	if (!empty($params['from'])) {
	810	$strReq .= $params['from'].' ';
	811	}
	812
	813	$strReq .=
	814	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
	815
	816	if (!$this->core->auth->check('contentadmin',$this->id)) {
	817	$strReq .= 'AND ((post_status = 1 ';
	818
	819	if ($this->without_password) {
	820	$strReq .= 'AND post_password IS NULL ';
	821	}
	822	$strReq .= ') ';
	823
	824	if ($this->core->auth->userID()) {
	825	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	826	} else {
	827	$strReq .= ') ';
	828	}
	829	}
	830
	831	#Adding parameters
	832	if (isset($params['post_type']))
	833	{
[407]	834	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
	835	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
	836	}
[0]	837	}
	838	else
	839	{
	840	$strReq .= "AND post_type = 'post' ";
	841	}
	842
[836]	843	if (isset($params['post_id']) && $params['post_id'] !== '') {
[0]	844	if (is_array($params['post_id'])) {
	845	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
	846	} else {
	847	$params['post_id'] = array((integer) $params['post_id']);
	848	}
	849	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
	850	}
	851
[1541]	852	if (isset($params['exclude_post_id']) && $params['exclude_post_id'] !== '') {
	853	if (is_array($params['exclude_post_id'])) {
	854	array_walk($params['exclude_post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
	855	} else {
	856	$params['exclude_post_id'] = array((integer) $params['exclude_post_id']);
	857	}
[1544]	858	$strReq .= 'AND P.post_id NOT '.$this->con->in($params['exclude_post_id']);
[1540]	859	}
	860
[836]	861	if (isset($params['post_url']) && $params['post_url'] !== '') {
[0]	862	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
	863	}
	864
	865	if (!empty($params['user_id'])) {
	866	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
	867	}
	868
[836]	869	if (isset($params['cat_id']) && $params['cat_id'] !== '')
[0]	870	{
	871	if (!is_array($params['cat_id'])) {
	872	$params['cat_id'] = array($params['cat_id']);
	873	}
	874	if (!empty($params['cat_id_not'])) {
	875	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
	876	}
	877	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
	878	}
[836]	879	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
[0]	880	{
	881	if (!is_array($params['cat_url'])) {
	882	$params['cat_url'] = array($params['cat_url']);
	883	}
	884	if (!empty($params['cat_url_not'])) {
	885	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
	886	}
	887	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
	888	}
	889
	890	/* Other filters */
	891	if (isset($params['post_status'])) {
	892	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
	893	}
	894
	895	if (isset($params['post_selected'])) {
	896	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
	897	}
	898
	899	if (!empty($params['post_year'])) {
	900	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
	901	"'".sprintf('%04d',$params['post_year'])."' ";
	902	}
	903
	904	if (!empty($params['post_month'])) {
	905	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
	906	"'".sprintf('%02d',$params['post_month'])."' ";
	907	}
	908
	909	if (!empty($params['post_day'])) {
	910	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
	911	"'".sprintf('%02d',$params['post_day'])."' ";
	912	}
	913
	914	if (!empty($params['post_lang'])) {
	915	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
	916	}
	917
	918	if (!empty($params['search']))
	919	{
	920	$words = text::splitWords($params['search']);
	921
	922	if (!empty($words))
	923	{
	924	# --BEHAVIOR-- corePostSearch
	925	if ($this->core->hasBehavior('corePostSearch')) {
	926	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
	927	}
	928
	929	if ($words)
	930	{
	931	foreach ($words as $i => $w) {
	932	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
	933	}
	934	$strReq .= 'AND '.implode(' AND ',$words).' ';
	935	}
	936	}
	937	}
	938
	939	if (!empty($params['sql'])) {
	940	$strReq .= $params['sql'].' ';
	941	}
	942
	943	if (!$count_only)
	944	{
	945	if (!empty($params['order'])) {
	946	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
	947	} else {
	948	$strReq .= 'ORDER BY post_dt DESC ';
	949	}
	950	}
	951
	952	if (!$count_only && !empty($params['limit'])) {
	953	$strReq .= $this->con->limit($params['limit']);
	954	}
	955
[774]	956	if (!empty($params['sql_only'])) {
[191]	957	return $strReq;
	958	}
	959
[0]	960	$rs = $this->con->select($strReq);
	961	$rs->core = $this->core;
	962	$rs->_nb_media = array();
	963	$rs->extend('rsExtPost');
	964
	965	# --BEHAVIOR-- coreBlogGetPosts
	966	$this->core->callBehavior('coreBlogGetPosts',$rs);
	967
	968	return $rs;
	969	}
	970
	971	/**
	972	Returns a record with post id, title and date for next or previous post
	973	according to the post ID.
	974	$dir could be 1 (next post) or -1 (previous post).
	975
	976	@param post_id <b>integer</b> Post ID
	977	@param dir <b>integer</b> Search direction
	978	@param restrict_to_category <b>boolean</b> Restrict to post with same category
	979	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
	980	@return record
	981	*/
	982	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
	983	{
	984	$dt = $post->post_dt;
	985	$post_id = (integer) $post->post_id;
	986
	987	if($dir > 0) {
[336]	988	$sign = '>';
	989	$order = 'ASC';
	990	}
	991	else {
	992	$sign = '<';
	993	$order = 'DESC';
	994	}
[0]	995
	996	$params['post_type'] = $post->post_type;
	997	$params['limit'] = 1;
	998	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
	999	$params['sql'] =
	1000	'AND ( '.
	1001	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
	1002	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
	1003	') ';
	1004
	1005	if ($restrict_to_category) {
	1006	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
	1007	}
	1008
	1009	if ($restrict_to_lang) {
	1010	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
	1011	}
	1012
	1013	$rs = $this->getPosts($params);
	1014
	1015	if ($rs->isEmpty()) {
	1016	return null;
	1017	}
	1018
	1019	return $rs;
	1020	}
	1021
	1022	/**
	1023	Retrieves different languages and post count on blog, based on post_lang
	1024	field. <var>$params</var> is an array taking the following optionnal
	1025	parameters:
	1026
	1027	- post_type: Get only entries with given type (default "post", '' for no type)
	1028	- lang: retrieve post count for selected lang
	1029	- order: order statement (default post_lang DESC)
	1030
	1031	@param params <b>array</b> Parameters
	1032	@return record
	1033	*/
	1034	public function getLangs($params=array())
	1035	{
	1036	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
	1037	'FROM '.$this->prefix.'post '.
	1038	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1039	"AND post_lang <> '' ".
	1040	"AND post_lang IS NOT NULL ";
	1041
	1042	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1043	$strReq .= 'AND ((post_status = 1 ';
	1044
	1045	if ($this->without_password) {
	1046	$strReq .= 'AND post_password IS NULL ';
	1047	}
	1048	$strReq .= ') ';
	1049
	1050	if ($this->core->auth->userID()) {
	1051	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1052	} else {
	1053	$strReq .= ') ';
	1054	}
	1055	}
	1056
	1057	if (isset($params['post_type'])) {
	1058	if ($params['post_type'] != '') {
	1059	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
	1060	}
	1061	} else {
	1062	$strReq .= "AND post_type = 'post' ";
	1063	}
	1064
	1065	if (isset($params['lang'])) {
	1066	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
	1067	}
	1068
	1069	$strReq .= 'GROUP BY post_lang ';
	1070
	1071	$order = 'desc';
	1072	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
	1073	$order = $params['order'];
	1074	}
	1075	$strReq .= 'ORDER BY post_lang '.$order.' ';
	1076
	1077	return $this->con->select($strReq);
	1078	}
	1079
	1080	/**
	1081	Returns a record with all distinct blog dates and post count.
	1082	<var>$params</var> is an array taking the following optionnal parameters:
	1083
	1084	- type: (day\|month\|year) Get days, months or years
	1085	- year: (integer) Get dates for given year
	1086	- month: (integer) Get dates for given month
	1087	- day: (integer) Get dates for given day
	1088	- cat_id: (integer) Category ID filter
	1089	- cat_url: Category URL filter
	1090	- post_lang: lang of the posts
	1091	- next: Get date following match
	1092	- previous: Get date before match
	1093	- order: Sort by date "ASC" or "DESC"
	1094
	1095	@param params <b>array</b> Parameters array
	1096	@return record
	1097	*/
	1098	public function getDates($params=array())
	1099	{
	1100	$dt_f = '%Y-%m-%d';
	1101	$dt_fc = '%Y%m%d';
	1102	if (isset($params['type'])) {
	1103	if ($params['type'] == 'year') {
	1104	$dt_f = '%Y-01-01';
	1105	$dt_fc = '%Y0101';
	1106	} elseif ($params['type'] == 'month') {
	1107	$dt_f = '%Y-%m-01';
	1108	$dt_fc = '%Y%m01';
	1109	}
	1110	}
	1111	$dt_f .= ' 00:00:00';
	1112	$dt_fc .= '000000';
	1113
	1114	$cat_field = $catReq = $limit = '';
	1115
[836]	1116	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
[0]	1117	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
	1118	$cat_field = ', C.cat_url ';
[836]	1119	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
[0]	1120	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
	1121	$cat_field = ', C.cat_url ';
	1122	}
	1123	if (!empty($params['post_lang'])) {
	1124	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
	1125	}
	1126
	1127	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
	1128	$cat_field.
	1129	',COUNT(P.post_id) AS nb_post '.
	1130	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
	1131	'ON P.cat_id = C.cat_id '.
	1132	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
	1133	$catReq;
	1134
	1135	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1136	$strReq .= 'AND ((post_status = 1 ';
	1137
	1138	if ($this->without_password) {
	1139	$strReq .= 'AND post_password IS NULL ';
	1140	}
	1141	$strReq .= ') ';
	1142
	1143	if ($this->core->auth->userID()) {
	1144	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1145	} else {
	1146	$strReq .= ') ';
	1147	}
	1148	}
	1149
	1150	if (!empty($params['post_type'])) {
	1151	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
	1152	} else {
	1153	$strReq .= "AND post_type = 'post' ";
	1154	}
[335]	1155
[0]	1156	if (!empty($params['year'])) {
	1157	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
	1158	}
	1159
	1160	if (!empty($params['month'])) {
	1161	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
	1162	}
	1163
	1164	if (!empty($params['day'])) {
	1165	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
	1166	}
	1167
	1168	# Get next or previous date
	1169	if (!empty($params['next']) \|\| !empty($params['previous']))
	1170	{
	1171	if (!empty($params['next'])) {
	1172	$pdir = ' > ';
	1173	$params['order'] = 'asc';
	1174	$dt = $params['next'];
	1175	} else {
	1176	$pdir = ' < ';
	1177	$params['order'] = 'desc';
	1178	$dt = $params['previous'];
	1179	}
	1180
	1181	$dt = date('YmdHis',strtotime($dt));
	1182
	1183	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
	1184	$limit = $this->con->limit(1);
	1185	}
	1186
	1187	$strReq .= 'GROUP BY dt '.$cat_field;
	1188
	1189	$order = 'desc';
	1190	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
	1191	$order = $params['order'];
	1192	}
	1193
	1194	$strReq .=
	1195	'ORDER BY dt '.$order.' '.
	1196	$limit;
	1197
	1198	$rs = $this->con->select($strReq);
	1199	$rs->extend('rsExtDates');
	1200	return $rs;
	1201	}
	1202
	1203	/**
	1204	Creates a new entry. Takes a cursor as input and returns the new entry
	1205	ID.
	1206
	1207	@param cur <b>cursor</b> Post cursor
	1208	@return <b>integer</b> New post ID
	1209	*/
	1210	public function addPost($cur)
	1211	{
	1212	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1213	throw new Exception(__('You are not allowed to create an entry'));
	1214	}
	1215
	1216	$this->con->writeLock($this->prefix.'post');
	1217	try
	1218	{
	1219	# Get ID
	1220	$rs = $this->con->select(
	1221	'SELECT MAX(post_id) '.
	1222	'FROM '.$this->prefix.'post '
	1223	);
	1224
	1225	$cur->post_id = (integer) $rs->f(0) + 1;
	1226	$cur->blog_id = (string) $this->id;
	1227	$cur->post_creadt = date('Y-m-d H:i:s');
	1228	$cur->post_upddt = date('Y-m-d H:i:s');
	1229	$cur->post_tz = $this->core->auth->getInfo('user_tz');
	1230
	1231	# Post excerpt and content
	1232	$this->getPostContent($cur,$cur->post_id);
	1233
	1234	$this->getPostCursor($cur);
	1235
	1236	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
	1237
	1238	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1239	$cur->post_status = -2;
	1240	}
	1241
	1242	# --BEHAVIOR-- coreBeforePostCreate
	1243	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
	1244
	1245	$cur->insert();
	1246	$this->con->unlock();
	1247	}
	1248	catch (Exception $e)
	1249	{
	1250	$this->con->unlock();
	1251	throw $e;
	1252	}
	1253
	1254	# --BEHAVIOR-- coreAfterPostCreate
	1255	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
	1256
	1257	$this->triggerBlog();
	1258
	1259	return $cur->post_id;
	1260	}
	1261
	1262	/**
	1263	Updates an existing post.
	1264
	1265	@param id <b>integer</b> Post ID
	1266	@param cur <b>cursor</b> Post cursor
	1267	*/
	1268	public function updPost($id,$cur)
	1269	{
	1270	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1271	throw new Exception(__('You are not allowed to update entries'));
	1272	}
	1273
	1274	$id = (integer) $id;
	1275
	1276	if (empty($id)) {
	1277	throw new Exception(__('No such entry ID'));
	1278	}
	1279
	1280	# Post excerpt and content
	1281	$this->getPostContent($cur,$id);
	1282
	1283	$this->getPostCursor($cur);
	1284
	1285	if ($cur->post_url !== null) {
	1286	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
	1287	}
	1288
	1289	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1290	$cur->unsetField('post_status');
	1291	}
	1292
	1293	$cur->post_upddt = date('Y-m-d H:i:s');
	1294
[335]	1295	#If user is only "usage", we need to check the post's owner
[0]	1296	if (!$this->core->auth->check('contentadmin',$this->id))
	1297	{
	1298	$strReq = 'SELECT post_id '.
	1299	'FROM '.$this->prefix.'post '.
	1300	'WHERE post_id = '.$id.' '.
	1301	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1302
	1303	$rs = $this->con->select($strReq);
	1304
	1305	if ($rs->isEmpty()) {
	1306	throw new Exception(__('You are not allowed to edit this entry'));
	1307	}
	1308	}
	1309
	1310	# --BEHAVIOR-- coreBeforePostUpdate
	1311	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
	1312
	1313	$cur->update('WHERE post_id = '.$id.' ');
	1314
	1315	# --BEHAVIOR-- coreAfterPostUpdate
	1316	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
	1317
	1318	$this->triggerBlog();
	1319	}
	1320
	1321	/**
	1322	Updates post status.
	1323
	1324	@param id <b>integer</b> Post ID
	1325	@param status <b>integer</b> Post status
	1326	*/
	1327	public function updPostStatus($id,$status)
	1328	{
[1030]	1329	$this->updPostsStatus($id,$status);
	1330	}
	1331
	1332	/**
	1333	Updates posts status.
	1334
	1335	@param ids <b>mixed</b> Post(s) ID(s)
	1336	@param status <b>integer</b> Post status
	1337	*/
	1338	public function updPostsStatus($ids,$status)
	1339	{
[0]	1340	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1341	throw new Exception(__('You are not allowed to change this entry status'));
	1342	}
	1343
[1030]	1344	$posts_ids = dcUtils::cleanIds($ids);
[0]	1345	$status = (integer) $status;
	1346
[1030]	1347	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1348	"AND post_id ".$this->con->in($posts_ids);
	1349
[0]	1350	#If user can only publish, we need to check the post's owner
	1351	if (!$this->core->auth->check('contentadmin',$this->id))
	1352	{
[1030]	1353	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1354	}
	1355
	1356	$cur = $this->con->openCursor($this->prefix.'post');
	1357
	1358	$cur->post_status = $status;
	1359	$cur->post_upddt = date('Y-m-d H:i:s');
	1360
[1030]	1361	$cur->update($strReq);
[0]	1362	$this->triggerBlog();
	1363	}
	1364
[1030]	1365	/**
	1366	Updates post selection.
	1367
	1368	@param id <b>integer</b> Post ID
	1369	@param selected <b>integer</b> Is selected post
	1370	*/
[0]	1371	public function updPostSelected($id,$selected)
	1372	{
[1030]	1373	$this->updPostsSelected($id,$selected);
	1374	}
	1375
	1376	/**
	1377	Updates posts selection.
	1378
	1379	@param ids <b>mixed</b> Post(s) ID(s)
	1380	@param selected <b>integer</b> Is selected post(s)
	1381	*/
	1382	public function updPostsSelected($ids,$selected)
	1383	{
[0]	1384	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1385	throw new Exception(__('You are not allowed to change this entry category'));
	1386	}
	1387
[1030]	1388	$posts_ids = dcUtils::cleanIds($ids);
[0]	1389	$selected = (boolean) $selected;
	1390
[1030]	1391	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1392	"AND post_id ".$this->con->in($posts_ids);
	1393
[0]	1394	# If user is only usage, we need to check the post's owner
	1395	if (!$this->core->auth->check('contentadmin',$this->id))
	1396	{
[1030]	1397	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1398	}
	1399
	1400	$cur = $this->con->openCursor($this->prefix.'post');
	1401
	1402	$cur->post_selected = (integer) $selected;
	1403	$cur->post_upddt = date('Y-m-d H:i:s');
	1404
[1030]	1405	$cur->update($strReq);
[0]	1406	$this->triggerBlog();
	1407	}
	1408
	1409	/**
	1410	Updates post category. <var>$cat_id</var> can be null.
	1411
	1412	@param id <b>integer</b> Post ID
	1413	@param cat_id <b>integer</b> Category ID
	1414	*/
	1415	public function updPostCategory($id,$cat_id)
	1416	{
[1030]	1417	$this->updPostsCategory($id,$cat_id);
	1418	}
	1419
	1420	/**
	1421	Updates posts category. <var>$cat_id</var> can be null.
	1422
	1423	@param ids <b>mixed</b> Post(s) ID(s)
	1424	@param cat_id <b>integer</b> Category ID
	1425	*/
	1426	public function updPostsCategory($ids,$cat_id)
	1427	{
[0]	1428	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1429	throw new Exception(__('You are not allowed to change this entry category'));
	1430	}
	1431
[1030]	1432	$posts_ids = dcUtils::cleanIds($ids);
[0]	1433	$cat_id = (integer) $cat_id;
	1434
[1030]	1435	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1436	"AND post_id ".$this->con->in($posts_ids);
	1437
[0]	1438	# If user is only usage, we need to check the post's owner
	1439	if (!$this->core->auth->check('contentadmin',$this->id))
	1440	{
[1030]	1441	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1442	}
	1443
	1444	$cur = $this->con->openCursor($this->prefix.'post');
	1445
	1446	$cur->cat_id = ($cat_id ? $cat_id : null);
	1447	$cur->post_upddt = date('Y-m-d H:i:s');
	1448
[1030]	1449	$cur->update($strReq);
[0]	1450	$this->triggerBlog();
	1451	}
	1452
	1453	/**
[1015]	1454	Updates posts category. <var>$new_cat_id</var> can be null.
	1455
	1456	@param old_cat_id <b>integer</b> Old category ID
	1457	@param new_cat_id <b>integer</b> New category ID
	1458	*/
[1030]	1459	public function changePostsCategory($old_cat_id,$new_cat_id)
[1015]	1460	{
	1461	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
	1462	throw new Exception(__('You are not allowed to change entries category'));
	1463	}
	1464
	1465	$old_cat_id = (integer) $old_cat_id;
	1466	$new_cat_id = (integer) $new_cat_id;
	1467
	1468	$cur = $this->con->openCursor($this->prefix.'post');
	1469
	1470	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
	1471	$cur->post_upddt = date('Y-m-d H:i:s');
	1472
	1473	$cur->update(
	1474	'WHERE cat_id = '.$old_cat_id.' '.
	1475	"AND blog_id = '".$this->con->escape($this->id)."' "
	1476	);
	1477	$this->triggerBlog();
	1478	}
	1479
	1480	/**
[0]	1481	Deletes a post.
	1482
	1483	@param id <b>integer</b> Post ID
	1484	*/
	1485	public function delPost($id)
	1486	{
[1030]	1487	$this->delPosts($id);
	1488	}
	1489
	1490	/**
	1491	Deletes multiple posts.
	1492
	1493	@param ids <b>mixed</b> Post(s) ID(s)
	1494	*/
	1495	public function delPosts($ids)
	1496	{
[0]	1497	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	1498	throw new Exception(__('You are not allowed to delete entries'));
	1499	}
	1500
[1030]	1501	$posts_ids = dcUtils::cleanIds($ids);
[0]	1502
[1030]	1503	if (empty($posts_ids)) {
[0]	1504	throw new Exception(__('No such entry ID'));
	1505	}
	1506
[1030]	1507	$strReq = 'DELETE FROM '.$this->prefix.'post '.
	1508	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1509	"AND post_id ".$this->con->in($posts_ids);
	1510
[0]	1511	#If user can only delete, we need to check the post's owner
	1512	if (!$this->core->auth->check('contentadmin',$this->id))
	1513	{
[1030]	1514	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1515	}
	1516
	1517	$this->con->execute($strReq);
	1518	$this->triggerBlog();
	1519	}
	1520
	1521	/**
	1522	Publishes all entries flaged as "scheduled".
	1523	*/
	1524	public function publishScheduledEntries()
	1525	{
	1526	$strReq = 'SELECT post_id, post_dt, post_tz '.
	1527	'FROM '.$this->prefix.'post '.
	1528	'WHERE post_status = -1 '.
	1529	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1530
	1531	$rs = $this->con->select($strReq);
	1532
	1533	$now = dt::toUTC(time());
[833]	1534	$to_change = new ArrayObject();
	1535
[0]	1536	if ($rs->isEmpty()) {
	1537	return;
	1538	}
	1539
	1540	while ($rs->fetch())
	1541	{
	1542	# Now timestamp with post timezone
	1543	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
	1544
	1545	# Post timestamp
	1546	$post_ts = strtotime($rs->post_dt);
	1547
	1548	# If now_tz >= post_ts, we publish the entry
	1549	if ($now_tz >= $post_ts) {
	1550	$to_change[] = (integer) $rs->post_id;
	1551	}
	1552	}
[833]	1553	if (count($to_change))
[0]	1554	{
[811]	1555	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
	1556	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
	1557
[0]	1558	$strReq =
	1559	'UPDATE '.$this->prefix.'post SET '.
	1560	'post_status = 1 '.
	1561	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
[833]	1562	'AND post_id '.$this->con->in((array)$to_change).' ';
[0]	1563	$this->con->execute($strReq);
	1564	$this->triggerBlog();
[811]	1565
	1566	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
	1567	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
[0]	1568	}
[811]	1569
[0]	1570	}
	1571
	1572	/**
	1573	Retrieves all users having posts on current blog.
	1574
	1575	@param post_type <b>string</b> post_type filter (post)
	1576	@return record
	1577	*/
	1578	public function getPostsUsers($post_type='post')
	1579	{
	1580	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
	1581	'user_displayname, user_email '.
	1582	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
	1583	'WHERE P.user_id = U.user_id '.
	1584	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1585
	1586	if ($post_type) {
	1587	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
	1588	}
	1589
	1590	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
	1591
	1592	return $this->con->select($strReq);
	1593	}
	1594
	1595	private function getPostsCategoryFilter($arr,$field='cat_id')
	1596	{
	1597	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
	1598
	1599	$sub = array();
	1600	$not = array();
	1601	$queries = array();
	1602
	1603	foreach ($arr as $v)
	1604	{
	1605	$v = trim($v);
	1606	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
	1607	$id = array_shift($args);
	1608	$args = array_flip($args);
	1609
	1610	if (isset($args['not'])) { $not[$id] = 1; }
	1611	if (isset($args['sub'])) { $sub[$id] = 1; }
	1612	if ($field == 'cat_id') {
	1613	if (preg_match('/^null$/i',$id)) {
	1614	$queries[$id] = 'P.cat_id IS NULL';
	1615	}
	1616	else {
	1617	$queries[$id] = 'P.cat_id = '.(integer) $id;
	1618	}
	1619	} else {
	1620	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
	1621	}
	1622	}
	1623
	1624	if (!empty($sub)) {
	1625	$rs = $this->con->select(
	1626	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
	1627	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1628	'AND '.$field.' '.$this->con->in(array_keys($sub))
	1629	);
	1630
	1631	while ($rs->fetch()) {
	1632	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
	1633	}
	1634	}
	1635
	1636	# Create queries
	1637	$sql = array(
	1638	0 => array(), # wanted categories
	1639	1 => array() # excluded categories
	1640	);
	1641
	1642	foreach ($queries as $id => $q) {
	1643	$sql[(integer) isset($not[$id])][] = $q;
	1644	}
	1645
	1646	$sql[0] = implode(' OR ',$sql[0]);
	1647	$sql[1] = implode(' OR ',$sql[1]);
	1648
	1649	if ($sql[0]) {
	1650	$sql[0] = '('.$sql[0].')';
	1651	} else {
	1652	unset($sql[0]);
	1653	}
	1654
	1655	if ($sql[1]) {
	1656	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
	1657	} else {
	1658	unset($sql[1]);
	1659	}
	1660
	1661	return implode(' AND ',$sql);
	1662	}
	1663
	1664	private function getPostCursor($cur,$post_id=null)
	1665	{
	1666	if ($cur->post_title == '') {
	1667	throw new Exception(__('No entry title'));
	1668	}
	1669
	1670	if ($cur->post_content == '') {
	1671	throw new Exception(__('No entry content'));
	1672	}
	1673
	1674	if ($cur->post_password === '') {
	1675	$cur->post_password = null;
	1676	}
	1677
	1678	if ($cur->post_dt == '') {
	1679	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
	1680	$now = time() + $offset;
	1681	$cur->post_dt = date('Y-m-d H:i:00',$now);
	1682	}
	1683
	1684	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
	1685
	1686	if ($cur->post_content_xhtml == '') {
	1687	throw new Exception(__('No entry content'));
	1688	}
	1689
	1690	# Words list
	1691	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
	1692	&& $cur->post_content_xhtml !== null)
	1693	{
	1694	$words =
	1695	$cur->post_title.' '.
	1696	$cur->post_excerpt_xhtml.' '.
	1697	$cur->post_content_xhtml;
	1698
	1699	$cur->post_words = implode(' ',text::splitWords($words));
	1700	}
	1701	}
	1702
	1703	private function getPostContent($cur,$post_id)
	1704	{
	1705	$post_excerpt = $cur->post_excerpt;
	1706	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
	1707	$post_content = $cur->post_content;
	1708	$post_content_xhtml = $cur->post_content_xhtml;
	1709
	1710	$this->setPostContent(
	1711	$post_id,$cur->post_format,$cur->post_lang,
	1712	$post_excerpt,$post_excerpt_xhtml,
	1713	$post_content,$post_content_xhtml
	1714	);
	1715
	1716	$cur->post_excerpt = $post_excerpt;
	1717	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
	1718	$cur->post_content = $post_content;
	1719	$cur->post_content_xhtml = $post_content_xhtml;
	1720	}
	1721
	1722	/**
	1723	Creates post HTML content, taking format and lang into account.
	1724
	1725	@param post_id <b>integer</b> Post ID
	1726	@param format <b>string</b> Post format
	1727	@param lang <b>string</b> Post lang
	1728	@param excerpt <b>string</b> Post excerpt
	1729	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
	1730	@param content <b>string</b> Post content
	1731	@param[out] content_xhtml <b>string</b> Post content HTML
	1732	*/
	1733	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
	1734	{
	1735	if ($format == 'wiki')
	1736	{
	1737	$this->core->initWikiPost();
	1738	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
[970]	1739	switch ($this->settings->system->note_title_tag) {
	1740	case 1:
	1741	$tag = 'h3';
	1742	break;
	1743	case 2:
	1744	$tag = 'p';
	1745	break;
	1746	default:
	1747	$tag = 'h4';
	1748	break;
	1749	}
	1750	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
	1751	__('Notes').'</'.$tag.'>%s</div>');
	1752	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
	1753	__('Note').'</'.$tag.'>%s</div>');
[0]	1754	if (strpos($lang,'fr') === 0) {
	1755	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
	1756	}
	1757	}
	1758
	1759	if ($excerpt) {
	1760	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
	1761	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
	1762	} else {
	1763	$excerpt_xhtml = '';
	1764	}
	1765
	1766	if ($content) {
	1767	$content_xhtml = $this->core->callFormater($format,$content);
	1768	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
	1769	} else {
	1770	$content_xhtml = '';
	1771	}
	1772
	1773	# --BEHAVIOR-- coreAfterPostContentFormat
	1774	$this->core->callBehavior('coreAfterPostContentFormat',array(
	1775	'excerpt' => &$excerpt,
	1776	'content' => &$content,
	1777	'excerpt_xhtml' => &$excerpt_xhtml,
	1778	'content_xhtml' => &$content_xhtml
	1779	));
	1780	}
	1781
	1782	/**
	1783	Returns URL for a post according to blog setting <var>post_url_format</var>.
	1784	It will try to guess URL and append some figures if needed.
	1785
	1786	@param url <b>string</b> Origin URL, could be empty
	1787	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
	1788	@param post_title <b>string</b> Post title
	1789	@param post_id <b>integer</b> Post ID
	1790	@return <b>string</b> result URL
	1791	*/
	1792	public function getPostURL($url,$post_dt,$post_title,$post_id)
	1793	{
	1794	$url = trim($url);
	1795
	1796	$url_patterns = array(
	1797	'{y}' => date('Y',strtotime($post_dt)),
	1798	'{m}' => date('m',strtotime($post_dt)),
	1799	'{d}' => date('d',strtotime($post_dt)),
	1800	'{t}' => text::tidyURL($post_title),
	1801	'{id}' => (integer) $post_id
	1802	);
	1803
	1804	# If URL is empty, we create a new one
	1805	if ($url == '')
	1806	{
	1807	# Transform with format
	1808	$url = str_replace(
	1809	array_keys($url_patterns),
	1810	array_values($url_patterns),
	1811	$this->settings->system->post_url_format
	1812	);
	1813	}
	1814	else
	1815	{
	1816	$url = text::tidyURL($url);
	1817	}
	1818
	1819	# Let's check if URL is taken...
	1820	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
	1821	"WHERE post_url = '".$this->con->escape($url)."' ".
	1822	'AND post_id <> '.(integer) $post_id. ' '.
	1823	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1824	'ORDER BY post_url DESC';
	1825
	1826	$rs = $this->con->select($strReq);
	1827
	1828	if (!$rs->isEmpty())
	1829	{
[1743]	1830	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
[0]	1831	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
	1832	} elseif ($this->con->driver() == 'pgsql') {
	1833	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
	1834	} else {
	1835	$clause = "LIKE '".$this->con->escape($url)."%'";
	1836	}
	1837	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
	1838	"WHERE post_url ".$clause.' '.
	1839	'AND post_id <> '.(integer) $post_id.' '.
	1840	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1841	'ORDER BY post_url DESC ';
	1842
	1843	$rs = $this->con->select($strReq);
	1844	$a = array();
	1845	while ($rs->fetch()) {
	1846	$a[] = $rs->post_url;
	1847	}
	1848
	1849	natsort($a);
	1850	$t_url = end($a);
	1851
	1852	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
	1853	$i = (integer) $m[2];
	1854	$url = $m[1];
	1855	} else {
	1856	$i = 1;
	1857	}
	1858
	1859	return $url.($i+1);
	1860	}
	1861
	1862	# URL is empty?
	1863	if ($url == '') {
	1864	throw new Exception(__('Empty entry URL'));
	1865	}
	1866
	1867	return $url;
	1868	}
	1869	//@}
	1870
	1871	/// @name Comments management methods
	1872	//@{
	1873	/**
	1874	Retrieves comments. <b>$params</b> is an array taking the following
	1875	optionnal parameters:
	1876
	1877	- no_content: Don't retrieve comment content
	1878	- post_type: Get only entries with given type (default no type, array for many types)
	1879	- post_id: (integer) Get comments belonging to given post_id
	1880	- cat_id: (integer or array) Get comments belonging to entries of given category ID
	1881	- comment_id: (integer) Get comment with given ID
[1689]	1882	- comment_site: (string) Get comments with given comment_site
[0]	1883	- comment_status: (integer) Get comments with given comment_status
	1884	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
	1885	- comment_ip: (string) Get comments with given IP address
	1886	- post_url: Get entry with given post_url field
	1887	- user_id: (integer) Get entries belonging to given user ID
	1888	- q_author: Search comments by author
	1889	- sql: Append SQL string at the end of the query
	1890	- from: Append SQL string after "FROM" statement in query
	1891	- order: Order of results (default "ORDER BY comment_dt DES")
	1892	- limit: Limit parameter
[774]	1893	- sql_only : return the sql request instead of results. Only ids are selected
[0]	1894
	1895	@param params <b>array</b> Parameters
	1896	@param count_only <b>boolean</b> Only counts results
	1897	@return <b>record</b> A record with some more capabilities
	1898	*/
	1899	public function getComments($params=array(),$count_only=false)
	1900	{
	1901	if ($count_only)
	1902	{
	1903	$strReq = 'SELECT count(comment_id) ';
	1904	}
[774]	1905	elseif (!empty($params['sql_only']))
	1906	{
	1907	$strReq = 'SELECT P.post_id ';
	1908	}
[0]	1909	else
	1910	{
	1911	if (!empty($params['no_content'])) {
	1912	$content_req = '';
	1913	} else {
	1914	$content_req = 'comment_content, ';
	1915	}
	1916
	1917	if (!empty($params['columns']) && is_array($params['columns'])) {
	1918	$content_req .= implode(', ',$params['columns']).', ';
	1919	}
	1920
	1921	$strReq =
	1922	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
	1923	'comment_author, comment_email, comment_site, '.
	1924	$content_req.' comment_trackback, comment_status, '.
	1925	'comment_spam_status, comment_spam_filter, comment_ip, '.
	1926	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
	1927	'P.post_dt, P.user_id, U.user_email, U.user_url ';
	1928	}
	1929
	1930	$strReq .=
	1931	'FROM '.$this->prefix.'comment C '.
	1932	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
	1933	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
	1934
	1935	if (!empty($params['from'])) {
	1936	$strReq .= $params['from'].' ';
	1937	}
	1938
	1939	$strReq .=
	1940	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
	1941
	1942	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1943	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
	1944
	1945	if ($this->without_password) {
	1946	$strReq .= 'AND post_password IS NULL ';
	1947	}
	1948	$strReq .= ') ';
	1949
	1950	if ($this->core->auth->userID()) {
	1951	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1952	} else {
	1953	$strReq .= ') ';
	1954	}
	1955	}
	1956
	1957	if (!empty($params['post_type']))
	1958	{
[340]	1959	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
[0]	1960	}
	1961
[836]	1962	if (isset($params['post_id']) && $params['post_id'] !== '') {
[0]	1963	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
	1964	}
	1965
[836]	1966	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
[0]	1967	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
	1968	}
	1969
[836]	1970	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
[0]	1971	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
	1972	}
	1973
[1689]	1974	if (isset($params['comment_site'])) {
	1975	$comment_site = $this->con->escape(str_replace('*','%',$params['comment_site']));
	1976	$strReq .= "AND comment_site LIKE '".$comment_site."' ";
	1977	}
	1978
[0]	1979	if (isset($params['comment_status'])) {
	1980	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
	1981	}
	1982
	1983	if (!empty($params['comment_status_not']))
	1984	{
	1985	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
	1986	}
	1987
	1988	if (isset($params['comment_trackback'])) {
	1989	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
	1990	}
	1991
	1992	if (isset($params['comment_ip'])) {
[1018]	1993	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
	1994	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
[0]	1995	}
	1996
	1997	if (isset($params['q_author'])) {
	1998	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
	1999	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
	2000	}
	2001
	2002	if (!empty($params['search']))
	2003	{
	2004	$words = text::splitWords($params['search']);
	2005
	2006	if (!empty($words))
	2007	{
	2008	# --BEHAVIOR coreCommentSearch
	2009	if ($this->core->hasBehavior('coreCommentSearch')) {
	2010	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
	2011	}
	2012
	2013	if ($words)
	2014	{
	2015	foreach ($words as $i => $w) {
	2016	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
	2017	}
	2018	$strReq .= 'AND '.implode(' AND ',$words).' ';
	2019	}
	2020	}
	2021	}
	2022
	2023	if (!empty($params['sql'])) {
	2024	$strReq .= $params['sql'].' ';
	2025	}
	2026
	2027	if (!$count_only)
	2028	{
	2029	if (!empty($params['order'])) {
	2030	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
	2031	} else {
	2032	$strReq .= 'ORDER BY comment_dt DESC ';
	2033	}
	2034	}
	2035
	2036	if (!$count_only && !empty($params['limit'])) {
	2037	$strReq .= $this->con->limit($params['limit']);
	2038	}
[774]	2039
	2040	if (!empty($params['sql_only'])) {
	2041	return $strReq;
	2042	}
[0]	2043
	2044	$rs = $this->con->select($strReq);
	2045	$rs->core = $this->core;
	2046	$rs->extend('rsExtComment');
	2047
	2048	# --BEHAVIOR-- coreBlogGetComments
	2049	$this->core->callBehavior('coreBlogGetComments',$rs);
	2050
	2051	return $rs;
	2052	}
	2053
	2054	/**
	2055	Creates a new comment. Takes a cursor as input and returns the new comment
	2056	ID.
	2057
	2058	@param cur <b>cursor</b> Comment cursor
	2059	@return <b>integer</b> New comment ID
	2060	*/
	2061	public function addComment($cur)
	2062	{
	2063	$this->con->writeLock($this->prefix.'comment');
	2064	try
	2065	{
	2066	# Get ID
	2067	$rs = $this->con->select(
	2068	'SELECT MAX(comment_id) '.
	2069	'FROM '.$this->prefix.'comment '
	2070	);
	2071
	2072	$cur->comment_id = (integer) $rs->f(0) + 1;
	2073	$cur->comment_upddt = date('Y-m-d H:i:s');
	2074
	2075	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
	2076	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
	2077	$cur->comment_tz = $this->settings->system->blog_timezone;
	2078
	2079	$this->getCommentCursor($cur);
	2080
	2081	if ($cur->comment_ip === null) {
	2082	$cur->comment_ip = http::realIP();
	2083	}
	2084
	2085	# --BEHAVIOR-- coreBeforeCommentCreate
	2086	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
	2087
	2088	$cur->insert();
	2089	$this->con->unlock();
	2090	}
	2091	catch (Exception $e)
	2092	{
	2093	$this->con->unlock();
	2094	throw $e;
	2095	}
	2096
	2097	# --BEHAVIOR-- coreAfterCommentCreate
	2098	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
	2099
	2100	$this->triggerComment($cur->comment_id);
	2101	if ($cur->comment_status != -2) {
	2102	$this->triggerBlog();
	2103	}
	2104	return $cur->comment_id;
	2105	}
	2106
	2107	/**
	2108	Updates an existing comment.
	2109
	2110	@param id <b>integer</b> Comment ID
	2111	@param cur <b>cursor</b> Comment cursor
	2112	*/
	2113	public function updComment($id,$cur)
	2114	{
	2115	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	2116	throw new Exception(__('You are not allowed to update comments'));
	2117	}
	2118
	2119	$id = (integer) $id;
	2120
	2121	if (empty($id)) {
	2122	throw new Exception(__('No such comment ID'));
	2123	}
	2124
	2125	$rs = $this->getComments(array('comment_id' => $id));
	2126
	2127	if ($rs->isEmpty()) {
	2128	throw new Exception(__('No such comment ID'));
	2129	}
	2130
	2131	#If user is only usage, we need to check the post's owner
	2132	if (!$this->core->auth->check('contentadmin',$this->id))
	2133	{
	2134	if ($rs->user_id != $this->core->auth->userID()) {
	2135	throw new Exception(__('You are not allowed to update this comment'));
	2136	}
	2137	}
	2138
	2139	$this->getCommentCursor($cur);
	2140
	2141	$cur->comment_upddt = date('Y-m-d H:i:s');
	2142
	2143	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	2144	$cur->unsetField('comment_status');
	2145	}
	2146
	2147	# --BEHAVIOR-- coreBeforeCommentUpdate
	2148	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
	2149
	2150	$cur->update('WHERE comment_id = '.$id.' ');
	2151
	2152	# --BEHAVIOR-- coreAfterCommentUpdate
	2153	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
	2154
	2155	$this->triggerComment($id);
	2156	$this->triggerBlog();
	2157	}
	2158
	2159	/**
	2160	Updates comment status.
	2161
	2162	@param id <b>integer</b> Comment ID
	2163	@param status <b>integer</b> Comment status
	2164	*/
	2165	public function updCommentStatus($id,$status)
	2166	{
[1041]	2167	$this->updCommentsStatus($id,$status);
	2168	}
	2169
	2170	/**
	2171	Updates comments status.
	2172
	2173	@param ids <b>mixed</b> Comment(s) ID(s)
	2174	@param status <b>integer</b> Comment status
	2175	*/
	2176	public function updCommentsStatus($ids,$status)
	2177	{
[0]	2178	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	2179	throw new Exception(__("You are not allowed to change this comment's status"));
	2180	}
	2181
[1041]	2182	$co_ids = dcUtils::cleanIds($ids);
	2183	$status = (integer) $status;
	2184
	2185	$strReq =
	2186	'UPDATE '.$this->prefix.'comment tc ';
	2187
	2188	# mySQL uses "JOIN" synthax
[1743]	2189	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
[1041]	2190	$strReq .=
	2191	'JOIN '.$this->prefix.'post tp ON tc.post_id = tp.post_id ';
	2192	}
	2193
	2194	$strReq .=
	2195	'SET comment_status = '.$status.' ';
	2196
	2197	# pgSQL uses "FROM" synthax
[2073]	2198	if ($this->con->driver() != 'mysql' && $this->con->driver() != 'mysqli') {
[1041]	2199	$strReq .=
	2200	'FROM '.$this->prefix.'post tp ';
	2201	}
	2202
	2203	$strReq .=
	2204	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	2205	'AND comment_id'.$this->con->in($co_ids);
	2206
	2207	# add pgSQL "WHERE" clause
[2073]	2208	if ($this->con->driver() != 'mysql' && $this->con->driver() != 'mysqli') {
[1041]	2209	$strReq .=
	2210	'AND tc.post_id = tp.post_id ';
	2211	}
	2212
	2213	#If user is only usage, we need to check the post's owner
	2214	if (!$this->core->auth->check('contentadmin',$this->id))
	2215	{
	2216	$strReq .=
	2217	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	2218	}
	2219
	2220	$this->con->execute($strReq);
[1042]	2221	$this->triggerComments($co_ids);
[1041]	2222	$this->triggerBlog();
[0]	2223	}
	2224
	2225	/**
	2226	Delete a comment
	2227
	2228	@param id <b>integer</b> Comment ID
	2229	*/
	2230	public function delComment($id)
	2231	{
[1041]	2232	$this->delComments($id);
	2233	}
	2234
	2235	/**
	2236	Delete comments
	2237
	2238	@param ids <b>mixed</b> Comment(s) ID(s)
	2239	*/
	2240	public function delComments($ids)
	2241	{
[0]	2242	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	2243	throw new Exception(__('You are not allowed to delete comments'));
	2244	}
	2245
[1041]	2246	$co_ids = dcUtils::cleanIds($ids);
[0]	2247
[1262]	2248	if (empty($co_ids)) {
[0]	2249	throw new Exception(__('No such comment ID'));
	2250	}
	2251
[1262]	2252	# Retrieve posts affected by comments edition
	2253	$affected_posts = array();
	2254	$strReq =
[1570]	2255	'SELECT post_id '.
[1262]	2256	'FROM '.$this->prefix.'comment '.
[1570]	2257	'WHERE comment_id'.$this->con->in($co_ids).
	2258	'GROUP BY post_id';
[1262]	2259
	2260	$rs = $this->con->select($strReq);
	2261
	2262	while ($rs->fetch()) {
	2263	$affected_posts[] = (integer) $rs->post_id;
	2264	}
	2265
[1041]	2266	# mySQL uses "INNER JOIN" synthax
[1743]	2267	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
[1041]	2268	$strReq =
	2269	'DELETE FROM tc '.
	2270	'USING '.$this->prefix.'comment tc '.
	2271	'INNER JOIN '.$this->prefix.'post tp ';
	2272	}
	2273	# pgSQL uses nothing special
	2274	else {
	2275	$strReq =
	2276	'DELETE FROM '.$this->prefix.'comment tc '.
	2277	'USING '.$this->prefix.'post tp ';
	2278	}
	2279
	2280	$strReq .=
	2281	'WHERE tc.post_id = tp.post_id '.
	2282	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
	2283	'AND comment_id'.$this->con->in($co_ids);
	2284
[0]	2285	#If user can only delete, we need to check the post's owner
	2286	if (!$this->core->auth->check('contentadmin',$this->id))
	2287	{
[1041]	2288	$strReq .=
	2289	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	2290	}
	2291
[1041]	2292	$this->con->execute($strReq);
[1262]	2293	$this->triggerComments($co_ids, true, $affected_posts);
[0]	2294	$this->triggerBlog();
	2295	}
[1052]	2296
	2297	public function delJunkComments()
	2298	{
	2299	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	2300	throw new Exception(__('You are not allowed to delete comments'));
	2301	}
	2302
	2303	# mySQL uses "INNER JOIN" synthax
[1743]	2304	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
[1052]	2305	$strReq =
	2306	'DELETE FROM tc '.
	2307	'USING '.$this->prefix.'comment tc '.
	2308	'INNER JOIN '.$this->prefix.'post tp ';
	2309	}
	2310	# pgSQL uses nothing special
	2311	else {
	2312	$strReq =
	2313	'DELETE FROM '.$this->prefix.'comment tc '.
	2314	'USING '.$this->prefix.'post tp ';
	2315	}
	2316
	2317	$strReq .=
	2318	'WHERE tc.post_id = tp.post_id '.
	2319	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
	2320	'AND comment_status = -2';
	2321
	2322	#If user can only delete, we need to check the post's owner
	2323	if (!$this->core->auth->check('contentadmin',$this->id))
	2324	{
	2325	$strReq .=
	2326	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	2327	}
	2328
	2329	$this->con->execute($strReq);
	2330	$this->triggerBlog();
	2331	}
[0]	2332
	2333	private function getCommentCursor($cur)
	2334	{
	2335	if ($cur->comment_content !== null && $cur->comment_content == '') {
	2336	throw new Exception(__('You must provide a comment'));
	2337	}
	2338
	2339	if ($cur->comment_author !== null && $cur->comment_author == '') {
	2340	throw new Exception(__('You must provide an author name'));
	2341	}
	2342
	2343	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
	2344	throw new Exception(__('Email address is not valid.'));
	2345	}
	2346
	2347	if ($cur->comment_site !== null && $cur->comment_site != '') {
[1227]	2348	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
[0]	2349	$cur->comment_site = 'http://'.$cur->comment_site;
[1227]	2350	}else{
	2351	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
[0]	2352	}
	2353	}
	2354
	2355	if ($cur->comment_status === null) {
	2356	$cur->comment_status = (integer) $this->settings->system->comments_pub;
	2357	}
	2358
	2359	# Words list
	2360	if ($cur->comment_content !== null)
	2361	{
	2362	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
	2363	}
	2364	}
	2365	//@}
	2366	}
[1532]	2367	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 2073:9964def5a701

Download in other formats:

Sites map