class.dc.blog.php @ 1532:f6c9584b4677

Visit:

Revision 1532:f6c9584b4677, 61.1 KB checked in by Nicolas <nikrou77@…>, 12 years ago (diff)
Fix issue #1535 : Allow categories to be ordered by drag and drop Need to close isse #655 : duplicated

Rev	Line
[0]	1	<?php
	2	# -- BEGIN LICENSE BLOCK ---------------------------------------
	3	#
	4	# This file is part of Dotclear 2.
	5	#
[1179]	6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
[0]	7	# Licensed under the GPL version 2.0 license.
	8	# See LICENSE file or
	9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
	10	#
	11	# -- END LICENSE BLOCK -----------------------------------------
	12	if (!defined('DC_RC_PATH')) { return; }
	13
	14	/**
	15	@ingroup DC_CORE
	16	@nosubgrouping
	17	@brief Dotclear blog class.
	18
	19	Dotclear blog class instance is provided by dcCore $blog property.
	20	*/
	21	class dcBlog
	22	{
[337]	23	/** @var dcCore dcCore instance */
	24	protected $core;
	25	/** @var connection Database connection object */
	26	public $con;
	27	/** @var string Database table prefix */
	28	public $prefix;
[0]	29
[337]	30	/** @var string Blog ID */
	31	public $id;
	32	/** @var string Blog unique ID */
	33	public $uid;
	34	/** @var string Blog name */
	35	public $name;
	36	/** @var string Blog description */
	37	public $desc;
	38	/** @var string Blog URL */
	39	public $url;
	40	/** @var string Blog host */
	41	public $host;
	42	/** @var string Blog creation date */
	43	public $creadt;
	44	/** @var string Blog last update date */
	45	public $upddt;
	46	/** @var string Blog status */
	47	public $status;
[0]	48
[337]	49	/** @var dcSettings dcSettings object */
	50	public $settings;
	51	/** @var string Blog theme path */
	52	public $themes_path;
	53	/** @var string Blog public path */
	54	public $public_path;
[0]	55
	56	private $post_status = array();
	57	private $comment_status = array();
	58
	59	private $categories;
	60
[337]	61	/** @var boolean Disallow entries password protection */
	62	public $without_password = true;
[0]	63
	64	/**
	65	Inits dcBlog object
	66
	67	@param core <b>dcCore</b> Dotclear core reference
	68	@param id <b>string</b> Blog ID
	69	*/
	70	public function __construct($core, $id)
	71	{
	72	$this->con =& $core->con;
	73	$this->prefix = $core->prefix;
	74	$this->core =& $core;
	75
	76	if (($b = $this->core->getBlog($id)) !== false)
	77	{
	78	$this->id = $id;
	79	$this->uid = $b->blog_uid;
	80	$this->name = $b->blog_name;
	81	$this->desc = $b->blog_desc;
	82	$this->url = $b->blog_url;
[1244]	83	$this->host = http::getHostFromURL($this->url);
[0]	84	$this->creadt = strtotime($b->blog_creadt);
	85	$this->upddt = strtotime($b->blog_upddt);
	86	$this->status = $b->blog_status;
	87
	88	$this->settings = new dcSettings($this->core,$this->id);
	89
	90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
	91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
	92
[1353]	93	$this->post_status['-2'] = __('Pending');
	94	$this->post_status['-1'] = __('Scheduled');
	95	$this->post_status['0'] = __('Unpublished');
	96	$this->post_status['1'] = __('Published');
[0]	97
[1353]	98	$this->comment_status['-2'] = __('Junk');
	99	$this->comment_status['-1'] = __('Pending');
	100	$this->comment_status['0'] = __('Unpublished');
	101	$this->comment_status['1'] = __('Published');
[0]	102
	103	# --BEHAVIOR-- coreBlogConstruct
	104	$this->core->callBehavior('coreBlogConstruct',$this);
	105	}
	106	}
	107
	108	/// @name Common public methods
	109	//@{
	110	/**
	111	Returns blog URL ending with a question mark.
	112	*/
	113	public function getQmarkURL()
	114	{
	115	if (substr($this->url,-1) != '?') {
	116	return $this->url.'?';
	117	}
	118
	119	return $this->url;
	120	}
	121
	122	/**
	123	Returns an entry status name given to a code. Status are translated, never
	124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
	125
	126	@param s <b>integer</b> Status code
	127	@return <b>string</b> Blog status name
	128	*/
	129	public function getPostStatus($s)
	130	{
	131	if (isset($this->post_status[$s])) {
	132	return $this->post_status[$s];
	133	}
	134	return $this->post_status['0'];
	135	}
	136
	137	/**
	138	Returns an array of available entry status codes and names.
	139
	140	@return <b>array</b> Simple array with codes in keys and names in value
	141	*/
	142	public function getAllPostStatus()
	143	{
	144	return $this->post_status;
	145	}
	146
	147	/**
	148	Returns an array of available comment status codes and names.
	149
	150	@return <b>array</b> Simple array with codes in keys and names in value
	151	*/
	152	public function getAllCommentStatus()
	153	{
	154	return $this->comment_status;
	155	}
	156
	157	/**
	158	Disallows entries password protection. You need to set it to
	159	<var>false</var> while serving a public blog.
	160
	161	@param v <b>boolean</b>
	162	*/
	163	public function withoutPassword($v)
	164	{
	165	$this->without_password = (boolean) $v;
	166	}
	167	//@}
	168
	169	/// @name Triggers methods
	170	//@{
	171	/**
	172	Updates blog last update date. Should be called every time you change
	173	an element related to the blog.
	174	*/
	175	public function triggerBlog()
	176	{
	177	$cur = $this->con->openCursor($this->prefix.'blog');
	178
	179	$cur->blog_upddt = date('Y-m-d H:i:s');
	180
	181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
	182
	183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
	184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
	185	}
	186
	187	/**
	188	Updates comment and trackback counters in post table. Should be called
	189	every time a comment or trackback is added, removed or changed its status.
	190
	191	@param id <b>integer</b> Comment ID
	192	@param del <b>boolean</b> If comment is delete, set this to true
	193	*/
	194	public function triggerComment($id,$del=false)
	195	{
[1042]	196	$this->triggerComments($id,$del);
	197	}
	198
	199	/**
	200	Updates comments and trackbacks counters in post table. Should be called
	201	every time comments or trackbacks are added, removed or changed there status.
	202
	203	@param ids <b>mixed</b> Comment(s) ID(s)
	204	@param del <b>boolean</b> If comment is delete, set this to true
	205	*/
[1280]	206	public function triggerComments($ids,$del=false)
[1042]	207	{
	208	$co_ids = dcUtils::cleanIds($ids);
[0]	209
[1042]	210	# a) Retrieve posts affected by comments edition
[1280]	211	$strReq =
	212	'SELECT post_id, comment_trackback '.
	213	'FROM '.$this->prefix.'comment '.
	214	'WHERE comment_id'.$this->con->in($co_ids).
	215	'GROUP BY post_id,comment_trackback';
	216
	217	$rs = $this->con->select($strReq);
	218
	219	$a_ids = $a_tbs = array();
	220	while ($rs->fetch()) {
	221	$a_ids[] = (integer) $rs->post_id;
	222	$a_tbs[] = (integer) $rs->comment_trackback;
[1042]	223	}
[0]	224
[1042]	225	# b) Count comments of each posts previously retrieved
	226	# Note that this does not return posts without comment
	227	$strReq =
	228	'SELECT post_id, COUNT(post_id) AS nb_comment,comment_trackback '.
	229	'FROM '.$this->prefix.'comment '.
[1110]	230	'WHERE comment_status = 1 '.
[1111]	231	(count($a_ids) > 0 ? 'AND post_id'.$this->con->in($a_ids) : ' ');
[0]	232
	233	if ($del) {
[1042]	234	$strReq .=
	235	'AND comment_id NOT'.$this->con->in($co_ids);
[0]	236	}
	237
[1042]	238	$strReq .=
	239	'GROUP BY post_id,comment_trackback';
	240
[0]	241	$rs = $this->con->select($strReq);
	242
[1042]	243	$b_ids = $b_tbs = $b_nbs = array();
	244	while ($rs->fetch()) {
	245	$b_ids[] = (integer) $rs->post_id;
	246	$b_tbs[] = (integer) $rs->comment_trackback;
	247	$b_nbs[] = (integer) $rs->nb_comment;
	248	}
	249
	250	# c) Update comments numbers on posts
	251	# This compare previous requests to update also posts without comment
[0]	252	$cur = $this->con->openCursor($this->prefix.'post');
	253
[1042]	254	foreach($a_ids as $a_key => $a_id)
	255	{
	256	$nb_comment = $nb_trackback = 0;
	257	foreach($b_ids as $b_key => $b_id)
	258	{
	259	if ($a_id != $b_id \|\| $a_tbs[$a_key] != $b_tbs[$b_key]) {
	260	continue;
	261	}
	262
	263	if ($b_tbs[$b_key]) {
	264	$nb_trackback = $b_nbs[$b_key];
	265	} else {
	266	$nb_comment = $b_nbs[$b_key];
	267	}
	268	}
	269
	270	if ($a_tbs[$a_key]) {
	271	$cur->nb_trackback = $nb_trackback;
	272	} else {
	273	$cur->nb_comment = $nb_comment;
	274	}
	275	$cur->update('WHERE post_id = '.$a_id);
[0]	276	}
	277	}
	278	//@}
	279
	280	/// @name Categories management methods
	281	//@{
	282	public function categories()
	283	{
	284	if (!($this->categories instanceof dcCategories)) {
	285	$this->categories = new dcCategories($this->core);
	286	}
	287
	288	return $this->categories;
	289	}
	290
	291	/**
	292	Retrieves categories. <var>$params</var> is an associative array which can
	293	take the following parameters:
	294
	295	- post_type: Get only entries with given type (default "post")
	296	- cat_url: filter on cat_url field
	297	- cat_id: filter on cat_id field
	298	- start: start with a given category
	299	- level: categories level to retrieve
	300
	301	@param params <b>array</b> Parameters
	302	@return <b>record</b>
	303	*/
	304	public function getCategories($params=array())
	305	{
	306	$c_params = array();
	307	if (isset($params['post_type'])) {
	308	$c_params['post_type'] = $params['post_type'];
	309	unset($params['post_type']);
	310	}
	311	$counter = $this->getCategoriesCounter($c_params);
	312
	313	$without_empty = $this->core->auth->userID() == false; # For public display
	314
	315	$start = isset($params['start']) ? (integer) $params['start'] : 0;
	316	$l = isset($params['level']) ? (integer) $params['level'] : 0;
	317
	318	$rs = $this->categories()->getChildren($start,null,'desc');
	319
	320	# Get each categories total posts count
	321	$data = array();
	322	$stack = array();
	323	$level = 0;
	324	$cols = $rs->columns();
	325	while ($rs->fetch())
	326	{
	327	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
	328
	329	if ($rs->level > $level) {
	330	$nb_total = $nb_post;
	331	$stack[$rs->level] = (integer) $nb_post;
	332	} elseif ($rs->level == $level) {
	333	$nb_total = $nb_post;
	334	$stack[$rs->level] += $nb_post;
	335	} else {
	336	$nb_total = $stack[$rs->level+1] + $nb_post;
	337	if (isset($stack[$rs->level])) {
	338	$stack[$rs->level] += $nb_total;
	339	} else {
	340	$stack[$rs->level] = $nb_total;
	341	}
	342	unset($stack[$rs->level+1]);
	343	}
	344
	345	if ($nb_total == 0 && $without_empty) {
	346	continue;
	347	}
	348
	349	$level = $rs->level;
	350
	351	$t = array();
	352	foreach ($cols as $c) {
	353	$t[$c] = $rs->f($c);
	354	}
	355	$t['nb_post'] = $nb_post;
	356	$t['nb_total'] = $nb_total;
	357
	358	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
	359	array_unshift($data,$t);
	360	}
	361	}
	362
	363	# We need to apply filter after counting
[836]	364	if (isset($params['cat_id']) && $params['cat_id'] !== '')
[0]	365	{
	366	$found = false;
	367	foreach ($data as $v) {
	368	if ($v['cat_id'] == $params['cat_id']) {
	369	$found = true;
	370	$data = array($v);
	371	break;
	372	}
	373	}
	374	if (!$found) {
	375	$data = array();
	376	}
	377	}
	378
[836]	379	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
	380	&& !isset($params['cat_id']))
[0]	381	{
	382	$found = false;
	383	foreach ($data as $v) {
	384	if ($v['cat_url'] == $params['cat_url']) {
	385	$found = true;
	386	$data = array($v);
	387	break;
	388	}
	389	}
	390	if (!$found) {
	391	$data = array();
	392	}
	393	}
	394
	395	return staticRecord::newFromArray($data);
	396	}
	397
	398	/**
	399	Retrieves a category by its ID.
	400
	401	@param id <b>integer</b> Category ID
	402	@return <b>record</b>
	403	*/
	404	public function getCategory($id)
	405	{
	406	return $this->getCategories(array('cat_id' => $id));
	407	}
	408
	409	/**
	410	Retrieves parents of a given category.
	411
	412	@param id <b>integer</b> Category ID
	413	@return <b>record</b>
	414	*/
	415	public function getCategoryParents($id)
	416	{
	417	return $this->categories()->getParents($id);
	418	}
	419
	420	/**
	421	Retrieves first parent of a given category.
	422
	423	@param id <b>integer</b> Category ID
	424	@return <b>record</b>
	425	*/
	426	public function getCategoryParent($id)
	427	{
	428	return $this->categories()->getParent($id);
	429	}
	430
	431	/**
	432	Retrieves all category's first children
	433
	434	@param id <b>integer</b> Category ID
	435	@return <b>record</b>
	436	*/
	437	public function getCategoryFirstChildren($id)
	438	{
	439	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
	440	}
	441
	442	private function getCategoriesCounter($params=array())
	443	{
	444	$strReq =
	445	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
	446	'FROM '.$this->prefix.'category AS C '.
	447	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
	448	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
	449
	450	if (!$this->core->auth->userID()) {
	451	$strReq .= 'AND P.post_status = 1 ';
	452	}
	453
	454	if (!empty($params['post_type'])) {
[302]	455	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
[0]	456	}
	457
	458	$strReq .= 'GROUP BY C.cat_id ';
	459
	460	$rs = $this->con->select($strReq);
	461	$counters = array();
	462	while ($rs->fetch()) {
	463	$counters[$rs->cat_id] = $rs->nb_post;
	464	}
	465
	466	return $counters;
	467	}
	468
	469	/**
	470	Creates a new category. Takes a cursor as input and returns the new category
	471	ID.
	472
	473	@param cur <b>cursor</b> Category cursor
	474	@return <b>integer</b> New category ID
	475	*/
	476	public function addCategory($cur,$parent=0)
	477	{
	478	if (!$this->core->auth->check('categories',$this->id)) {
	479	throw new Exception(__('You are not allowed to add categories'));
	480	}
	481
	482	$url = array();
	483	if ($parent != 0)
	484	{
	485	$rs = $this->getCategory($parent);
	486	if ($rs->isEmpty()) {
	487	$url = array();
	488	} else {
	489	$url[] = $rs->cat_url;
	490	}
	491	}
	492
	493	if ($cur->cat_url == '') {
	494	$url[] = text::tidyURL($cur->cat_title,false);
	495	} else {
	496	$url[] = $cur->cat_url;
	497	}
	498
	499	$cur->cat_url = implode('/',$url);
	500
	501	$this->getCategoryCursor($cur);
	502	$cur->blog_id = (string) $this->id;
	503
	504	# --BEHAVIOR-- coreBeforeCategoryCreate
	505	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
	506
[1280]	507	$this->categories()->addNode($cur,$parent);
[0]	508
	509	# --BEHAVIOR-- coreAfterCategoryCreate
	510	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
	511	$this->triggerBlog();
	512
	513	return $cur->cat_id;
	514	}
	515
	516	/**
	517	Updates an existing category.
	518
	519	@param id <b>integer</b> Category ID
	520	@param cur <b>cursor</b> Category cursor
	521	*/
	522	public function updCategory($id,$cur)
	523	{
	524	if (!$this->core->auth->check('categories',$this->id)) {
	525	throw new Exception(__('You are not allowed to update categories'));
	526	}
	527
	528	if ($cur->cat_url == '')
	529	{
	530	$url = array();
	531	$rs = $this->categories()->getParents($id);
	532	while ($rs->fetch()) {
	533	if ($rs->index() == $rs->count()-1) {
	534	$url[] = $rs->cat_url;
	535	}
	536	}
	537
	538
	539	$url[] = text::tidyURL($cur->cat_title,false);
	540	$cur->cat_url = implode('/',$url);
	541	}
	542
	543	$this->getCategoryCursor($cur,$id);
	544
	545	# --BEHAVIOR-- coreBeforeCategoryUpdate
	546	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
	547
	548	$cur->update(
	549	'WHERE cat_id = '.(integer) $id.' '.
	550	"AND blog_id = '".$this->con->escape($this->id)."' ");
	551
	552	# --BEHAVIOR-- coreAfterCategoryUpdate
	553	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
	554
	555	$this->triggerBlog();
	556	}
[1532]	557
	558	/**
	559	Set category position
	560
	561	@param id <b>integer</b> Category ID
	562	@param left <b>integer</b> Category ID before
	563	@param right <b>integer</b> Category ID after
	564	*/
	565	public function updCategoryPosition($id,$left,$right)
	566	{
	567	$this->categories()->updatePosition($id,$left,$right);
	568	$this->triggerBlog();
	569	}
[0]	570
	571	/**
	572	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
	573	instead.
	574
	575	@param id <b>integer</b> Category ID
	576	@param order <b>integer</b> Category position
	577	*/
	578	public function updCategoryOrder($id,$order)
	579	{
	580	return;
	581	}
	582
	583	/**
	584	Set a category parent
	585
	586	@param id <b>integer</b> Category ID
	587	@param parent <b>integer</b> Parent Category ID
	588	*/
	589	public function setCategoryParent($id,$parent)
	590	{
	591	$this->categories()->setNodeParent($id,$parent);
	592	$this->triggerBlog();
	593	}
	594
	595	/**
	596	Set category position
	597
	598	@param id <b>integer</b> Category ID
	599	@param sibling <b>integer</b> Sibling Category ID
	600	@param move <b>integer</b> Order (before\|after)
	601	*/
	602	public function setCategoryPosition($id,$sibling,$move)
	603	{
	604	$this->categories()->setNodePosition($id,$sibling,$move);
	605	$this->triggerBlog();
	606	}
	607
	608	/**
	609	Deletes a category.
	610
	611	@param id <b>integer</b> Category ID
	612	*/
	613	public function delCategory($id)
	614	{
	615	if (!$this->core->auth->check('categories',$this->id)) {
	616	throw new Exception(__('You are not allowed to delete categories'));
	617	}
	618
	619	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
	620	'FROM '.$this->prefix.'post '.
	621	'WHERE cat_id = '.(integer) $id.' '.
	622	"AND blog_id = '".$this->con->escape($this->id)."' ";
	623
	624	$rs = $this->con->select($strReq);
	625
	626	if ($rs->nb_post > 0) {
	627	throw new Exception(__('This category is not empty.'));
	628	}
	629
	630	$this->categories()->deleteNode($id,true);
	631	$this->triggerBlog();
	632	}
	633
	634	/**
	635	Reset categories order and relocate them to first level
	636	*/
	637	public function resetCategoriesOrder()
	638	{
	639	if (!$this->core->auth->check('categories',$this->id)) {
[822]	640	throw new Exception(__('You are not allowed to reset categories order'));
[0]	641	}
	642
	643	$this->categories()->resetOrder();
[734]	644	$this->triggerBlog();
[0]	645	}
	646
	647	private function checkCategory($title,$url,$id=null)
	648	{
[1429]	649	# Let's check if URL is taken...
	650	$strReq =
	651	'SELECT cat_url FROM '.$this->prefix.'category '.
	652	"WHERE cat_url = '".$this->con->escape($url)."' ".
	653	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
	654	"AND blog_id = '".$this->con->escape($this->id)."' ".
	655	'ORDER BY cat_url DESC';
[0]	656
	657	$rs = $this->con->select($strReq);
	658
[1429]	659	if (!$rs->isEmpty())
	660	{
	661	if ($this->con->driver() == 'mysql') {
	662	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
	663	} elseif ($this->con->driver() == 'pgsql') {
	664	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
	665	} else {
	666	$clause = "LIKE '".$this->con->escape($url)."%'";
	667	}
	668	$strReq =
	669	'SELECT cat_url FROM '.$this->prefix.'category '.
	670	"WHERE cat_url ".$clause.' '.
	671	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
	672	"AND blog_id = '".$this->con->escape($this->id)."' ".
	673	'ORDER BY cat_url DESC ';
	674
	675	$rs = $this->con->select($strReq);
	676	$a = array();
	677	while ($rs->fetch()) {
	678	$a[] = $rs->cat_url;
	679	}
	680
	681	natsort($a);
	682	$t_url = end($a);
	683
	684	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
	685	$i = (integer) $m[2];
	686	$url = $m[1];
	687	} else {
	688	$i = 1;
	689	}
	690
	691	return $url.($i+1);
[0]	692	}
[1429]	693
	694	# URL is empty?
	695	if ($url == '') {
	696	throw new Exception(__('Empty category URL'));
	697	}
	698
	699	return $url;
[0]	700	}
	701
	702	private function getCategoryCursor($cur,$id=null)
	703	{
	704	if ($cur->cat_title == '') {
	705	throw new Exception(__('You must provide a category title'));
	706	}
	707
	708	# If we don't have any cat_url, let's do one
	709	if ($cur->cat_url == '') {
	710	$cur->cat_url = text::tidyURL($cur->cat_title,false);
	711	}
	712
	713	# Still empty ?
	714	if ($cur->cat_url == '') {
	715	throw new Exception(__('You must provide a category URL'));
	716	} else {
	717	$cur->cat_url = text::tidyURL($cur->cat_url,true);
	718	}
	719
	720	# Check if title or url are unique
[1429]	721	$cur->cat_url = $this->checkCategory($cur->cat_title,$cur->cat_url,$id);
[0]	722
	723	if ($cur->cat_desc !== null) {
	724	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
	725	}
	726	}
	727	//@}
	728
	729	/// @name Entries management methods
	730	//@{
	731	/**
	732	Retrieves entries. <b>$params</b> is an array taking the following
	733	optionnal parameters:
	734
	735	- no_content: Don't retrieve entry content (excerpt and content)
	736	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
	737	- post_id: (integer) Get entry with given post_id
	738	- post_url: Get entry with given post_url field
	739	- user_id: (integer) Get entries belonging to given user ID
	740	- cat_id: (string or array) Get entries belonging to given category ID
	741	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
	742	- cat_url: (string or array) Get entries belonging to given category URL
	743	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
	744	- post_status: (integer) Get entries with given post_status
	745	- post_selected: (boolean) Get select flaged entries
	746	- post_year: (integer) Get entries with given year
	747	- post_month: (integer) Get entries with given month
	748	- post_day: (integer) Get entries with given day
	749	- post_lang: Get entries with given language code
	750	- search: Get entries corresponding of the following search string
	751	- columns: (array) More columns to retrieve
	752	- sql: Append SQL string at the end of the query
	753	- from: Append SQL string after "FROM" statement in query
	754	- order: Order of results (default "ORDER BY post_dt DES")
	755	- limit: Limit parameter
[774]	756	- sql_only : return the sql request instead of results. Only ids are selected
[0]	757
	758	Please note that on every cat_id or cat_url, you can add ?not to exclude
	759	the category and ?sub to get subcategories.
	760
	761	@param params <b>array</b> Parameters
	762	@param count_only <b>boolean</b> Only counts results
[191]	763	@return <b>record</b> A record with some more capabilities or the SQL request
[0]	764	*/
[774]	765	public function getPosts($params=array(),$count_only=false)
[0]	766	{
[817]	767	# --BEHAVIOR-- coreBlogBeforeGetPosts
[819]	768	$params = new ArrayObject($params);
[817]	769	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
	770
[0]	771	if ($count_only)
	772	{
	773	$strReq = 'SELECT count(P.post_id) ';
	774	}
[774]	775	elseif (!empty($params['sql_only']))
	776	{
	777	$strReq = 'SELECT P.post_id ';
	778	}
[0]	779	else
	780	{
	781	if (!empty($params['no_content'])) {
	782	$content_req = '';
	783	} else {
	784	$content_req =
	785	'post_excerpt, post_excerpt_xhtml, '.
	786	'post_content, post_content_xhtml, post_notes, ';
	787	}
	788
	789	if (!empty($params['columns']) && is_array($params['columns'])) {
	790	$content_req .= implode(', ',$params['columns']).', ';
	791	}
	792
	793	$strReq =
	794	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
	795	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
	796	'post_url, post_lang, post_title, '.$content_req.
	797	'post_type, post_meta, post_status, post_selected, post_position, '.
	798	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
	799	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
	800	'U.user_url, '.
	801	'C.cat_title, C.cat_url, C.cat_desc ';
	802	}
	803
	804	$strReq .=
	805	'FROM '.$this->prefix.'post P '.
	806	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
	807	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
	808
	809	if (!empty($params['from'])) {
	810	$strReq .= $params['from'].' ';
	811	}
	812
	813	$strReq .=
	814	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
	815
	816	if (!$this->core->auth->check('contentadmin',$this->id)) {
	817	$strReq .= 'AND ((post_status = 1 ';
	818
	819	if ($this->without_password) {
	820	$strReq .= 'AND post_password IS NULL ';
	821	}
	822	$strReq .= ') ';
	823
	824	if ($this->core->auth->userID()) {
	825	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	826	} else {
	827	$strReq .= ') ';
	828	}
	829	}
	830
	831	#Adding parameters
	832	if (isset($params['post_type']))
	833	{
[407]	834	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
	835	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
	836	}
[0]	837	}
	838	else
	839	{
	840	$strReq .= "AND post_type = 'post' ";
	841	}
	842
[836]	843	if (isset($params['post_id']) && $params['post_id'] !== '') {
[0]	844	if (is_array($params['post_id'])) {
	845	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
	846	} else {
	847	$params['post_id'] = array((integer) $params['post_id']);
	848	}
	849	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
	850	}
	851
[836]	852	if (isset($params['post_url']) && $params['post_url'] !== '') {
[0]	853	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
	854	}
	855
	856	if (!empty($params['user_id'])) {
	857	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
	858	}
	859
[836]	860	if (isset($params['cat_id']) && $params['cat_id'] !== '')
[0]	861	{
	862	if (!is_array($params['cat_id'])) {
	863	$params['cat_id'] = array($params['cat_id']);
	864	}
	865	if (!empty($params['cat_id_not'])) {
	866	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
	867	}
	868	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
	869	}
[836]	870	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
[0]	871	{
	872	if (!is_array($params['cat_url'])) {
	873	$params['cat_url'] = array($params['cat_url']);
	874	}
	875	if (!empty($params['cat_url_not'])) {
	876	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
	877	}
	878	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
	879	}
	880
	881	/* Other filters */
	882	if (isset($params['post_status'])) {
	883	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
	884	}
	885
	886	if (isset($params['post_selected'])) {
	887	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
	888	}
	889
	890	if (!empty($params['post_year'])) {
	891	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
	892	"'".sprintf('%04d',$params['post_year'])."' ";
	893	}
	894
	895	if (!empty($params['post_month'])) {
	896	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
	897	"'".sprintf('%02d',$params['post_month'])."' ";
	898	}
	899
	900	if (!empty($params['post_day'])) {
	901	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
	902	"'".sprintf('%02d',$params['post_day'])."' ";
	903	}
	904
	905	if (!empty($params['post_lang'])) {
	906	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
	907	}
	908
	909	if (!empty($params['search']))
	910	{
	911	$words = text::splitWords($params['search']);
	912
	913	if (!empty($words))
	914	{
	915	# --BEHAVIOR-- corePostSearch
	916	if ($this->core->hasBehavior('corePostSearch')) {
	917	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
	918	}
	919
	920	if ($words)
	921	{
	922	foreach ($words as $i => $w) {
	923	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
	924	}
	925	$strReq .= 'AND '.implode(' AND ',$words).' ';
	926	}
	927	}
	928	}
	929
	930	if (!empty($params['sql'])) {
	931	$strReq .= $params['sql'].' ';
	932	}
	933
	934	if (!$count_only)
	935	{
	936	if (!empty($params['order'])) {
	937	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
	938	} else {
	939	$strReq .= 'ORDER BY post_dt DESC ';
	940	}
	941	}
	942
	943	if (!$count_only && !empty($params['limit'])) {
	944	$strReq .= $this->con->limit($params['limit']);
	945	}
	946
[774]	947	if (!empty($params['sql_only'])) {
[191]	948	return $strReq;
	949	}
	950
[0]	951	$rs = $this->con->select($strReq);
	952	$rs->core = $this->core;
	953	$rs->_nb_media = array();
	954	$rs->extend('rsExtPost');
	955
	956	# --BEHAVIOR-- coreBlogGetPosts
	957	$this->core->callBehavior('coreBlogGetPosts',$rs);
	958
	959	return $rs;
	960	}
	961
	962	/**
	963	Returns a record with post id, title and date for next or previous post
	964	according to the post ID.
	965	$dir could be 1 (next post) or -1 (previous post).
	966
	967	@param post_id <b>integer</b> Post ID
	968	@param dir <b>integer</b> Search direction
	969	@param restrict_to_category <b>boolean</b> Restrict to post with same category
	970	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
	971	@return record
	972	*/
	973	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
	974	{
	975	$dt = $post->post_dt;
	976	$post_id = (integer) $post->post_id;
	977
	978	if($dir > 0) {
[336]	979	$sign = '>';
	980	$order = 'ASC';
	981	}
	982	else {
	983	$sign = '<';
	984	$order = 'DESC';
	985	}
[0]	986
	987	$params['post_type'] = $post->post_type;
	988	$params['limit'] = 1;
	989	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
	990	$params['sql'] =
	991	'AND ( '.
	992	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
	993	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
	994	') ';
	995
	996	if ($restrict_to_category) {
	997	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
	998	}
	999
	1000	if ($restrict_to_lang) {
	1001	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
	1002	}
	1003
	1004	$rs = $this->getPosts($params);
	1005
	1006	if ($rs->isEmpty()) {
	1007	return null;
	1008	}
	1009
	1010	return $rs;
	1011	}
	1012
	1013	/**
	1014	Retrieves different languages and post count on blog, based on post_lang
	1015	field. <var>$params</var> is an array taking the following optionnal
	1016	parameters:
	1017
	1018	- post_type: Get only entries with given type (default "post", '' for no type)
	1019	- lang: retrieve post count for selected lang
	1020	- order: order statement (default post_lang DESC)
	1021
	1022	@param params <b>array</b> Parameters
	1023	@return record
	1024	*/
	1025	public function getLangs($params=array())
	1026	{
	1027	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
	1028	'FROM '.$this->prefix.'post '.
	1029	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1030	"AND post_lang <> '' ".
	1031	"AND post_lang IS NOT NULL ";
	1032
	1033	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1034	$strReq .= 'AND ((post_status = 1 ';
	1035
	1036	if ($this->without_password) {
	1037	$strReq .= 'AND post_password IS NULL ';
	1038	}
	1039	$strReq .= ') ';
	1040
	1041	if ($this->core->auth->userID()) {
	1042	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1043	} else {
	1044	$strReq .= ') ';
	1045	}
	1046	}
	1047
	1048	if (isset($params['post_type'])) {
	1049	if ($params['post_type'] != '') {
	1050	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
	1051	}
	1052	} else {
	1053	$strReq .= "AND post_type = 'post' ";
	1054	}
	1055
	1056	if (isset($params['lang'])) {
	1057	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
	1058	}
	1059
	1060	$strReq .= 'GROUP BY post_lang ';
	1061
	1062	$order = 'desc';
	1063	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
	1064	$order = $params['order'];
	1065	}
	1066	$strReq .= 'ORDER BY post_lang '.$order.' ';
	1067
	1068	return $this->con->select($strReq);
	1069	}
	1070
	1071	/**
	1072	Returns a record with all distinct blog dates and post count.
	1073	<var>$params</var> is an array taking the following optionnal parameters:
	1074
	1075	- type: (day\|month\|year) Get days, months or years
	1076	- year: (integer) Get dates for given year
	1077	- month: (integer) Get dates for given month
	1078	- day: (integer) Get dates for given day
	1079	- cat_id: (integer) Category ID filter
	1080	- cat_url: Category URL filter
	1081	- post_lang: lang of the posts
	1082	- next: Get date following match
	1083	- previous: Get date before match
	1084	- order: Sort by date "ASC" or "DESC"
	1085
	1086	@param params <b>array</b> Parameters array
	1087	@return record
	1088	*/
	1089	public function getDates($params=array())
	1090	{
	1091	$dt_f = '%Y-%m-%d';
	1092	$dt_fc = '%Y%m%d';
	1093	if (isset($params['type'])) {
	1094	if ($params['type'] == 'year') {
	1095	$dt_f = '%Y-01-01';
	1096	$dt_fc = '%Y0101';
	1097	} elseif ($params['type'] == 'month') {
	1098	$dt_f = '%Y-%m-01';
	1099	$dt_fc = '%Y%m01';
	1100	}
	1101	}
	1102	$dt_f .= ' 00:00:00';
	1103	$dt_fc .= '000000';
	1104
	1105	$cat_field = $catReq = $limit = '';
	1106
[836]	1107	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
[0]	1108	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
	1109	$cat_field = ', C.cat_url ';
[836]	1110	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
[0]	1111	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
	1112	$cat_field = ', C.cat_url ';
	1113	}
	1114	if (!empty($params['post_lang'])) {
	1115	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
	1116	}
	1117
	1118	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
	1119	$cat_field.
	1120	',COUNT(P.post_id) AS nb_post '.
	1121	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
	1122	'ON P.cat_id = C.cat_id '.
	1123	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
	1124	$catReq;
	1125
	1126	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1127	$strReq .= 'AND ((post_status = 1 ';
	1128
	1129	if ($this->without_password) {
	1130	$strReq .= 'AND post_password IS NULL ';
	1131	}
	1132	$strReq .= ') ';
	1133
	1134	if ($this->core->auth->userID()) {
	1135	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1136	} else {
	1137	$strReq .= ') ';
	1138	}
	1139	}
	1140
	1141	if (!empty($params['post_type'])) {
	1142	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
	1143	} else {
	1144	$strReq .= "AND post_type = 'post' ";
	1145	}
[335]	1146
[0]	1147	if (!empty($params['year'])) {
	1148	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
	1149	}
	1150
	1151	if (!empty($params['month'])) {
	1152	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
	1153	}
	1154
	1155	if (!empty($params['day'])) {
	1156	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
	1157	}
	1158
	1159	# Get next or previous date
	1160	if (!empty($params['next']) \|\| !empty($params['previous']))
	1161	{
	1162	if (!empty($params['next'])) {
	1163	$pdir = ' > ';
	1164	$params['order'] = 'asc';
	1165	$dt = $params['next'];
	1166	} else {
	1167	$pdir = ' < ';
	1168	$params['order'] = 'desc';
	1169	$dt = $params['previous'];
	1170	}
	1171
	1172	$dt = date('YmdHis',strtotime($dt));
	1173
	1174	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
	1175	$limit = $this->con->limit(1);
	1176	}
	1177
	1178	$strReq .= 'GROUP BY dt '.$cat_field;
	1179
	1180	$order = 'desc';
	1181	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
	1182	$order = $params['order'];
	1183	}
	1184
	1185	$strReq .=
	1186	'ORDER BY dt '.$order.' '.
	1187	$limit;
	1188
	1189	$rs = $this->con->select($strReq);
	1190	$rs->extend('rsExtDates');
	1191	return $rs;
	1192	}
	1193
	1194	/**
	1195	Creates a new entry. Takes a cursor as input and returns the new entry
	1196	ID.
	1197
	1198	@param cur <b>cursor</b> Post cursor
	1199	@return <b>integer</b> New post ID
	1200	*/
	1201	public function addPost($cur)
	1202	{
	1203	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1204	throw new Exception(__('You are not allowed to create an entry'));
	1205	}
	1206
	1207	$this->con->writeLock($this->prefix.'post');
	1208	try
	1209	{
	1210	# Get ID
	1211	$rs = $this->con->select(
	1212	'SELECT MAX(post_id) '.
	1213	'FROM '.$this->prefix.'post '
	1214	);
	1215
	1216	$cur->post_id = (integer) $rs->f(0) + 1;
	1217	$cur->blog_id = (string) $this->id;
	1218	$cur->post_creadt = date('Y-m-d H:i:s');
	1219	$cur->post_upddt = date('Y-m-d H:i:s');
	1220	$cur->post_tz = $this->core->auth->getInfo('user_tz');
	1221
	1222	# Post excerpt and content
	1223	$this->getPostContent($cur,$cur->post_id);
	1224
	1225	$this->getPostCursor($cur);
	1226
	1227	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
	1228
	1229	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1230	$cur->post_status = -2;
	1231	}
	1232
	1233	# --BEHAVIOR-- coreBeforePostCreate
	1234	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
	1235
	1236	$cur->insert();
	1237	$this->con->unlock();
	1238	}
	1239	catch (Exception $e)
	1240	{
	1241	$this->con->unlock();
	1242	throw $e;
	1243	}
	1244
	1245	# --BEHAVIOR-- coreAfterPostCreate
	1246	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
	1247
	1248	$this->triggerBlog();
	1249
	1250	return $cur->post_id;
	1251	}
	1252
	1253	/**
	1254	Updates an existing post.
	1255
	1256	@param id <b>integer</b> Post ID
	1257	@param cur <b>cursor</b> Post cursor
	1258	*/
	1259	public function updPost($id,$cur)
	1260	{
	1261	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1262	throw new Exception(__('You are not allowed to update entries'));
	1263	}
	1264
	1265	$id = (integer) $id;
	1266
	1267	if (empty($id)) {
	1268	throw new Exception(__('No such entry ID'));
	1269	}
	1270
	1271	# Post excerpt and content
	1272	$this->getPostContent($cur,$id);
	1273
	1274	$this->getPostCursor($cur);
	1275
	1276	if ($cur->post_url !== null) {
	1277	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
	1278	}
	1279
	1280	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1281	$cur->unsetField('post_status');
	1282	}
	1283
	1284	$cur->post_upddt = date('Y-m-d H:i:s');
	1285
[335]	1286	#If user is only "usage", we need to check the post's owner
[0]	1287	if (!$this->core->auth->check('contentadmin',$this->id))
	1288	{
	1289	$strReq = 'SELECT post_id '.
	1290	'FROM '.$this->prefix.'post '.
	1291	'WHERE post_id = '.$id.' '.
	1292	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	1293
	1294	$rs = $this->con->select($strReq);
	1295
	1296	if ($rs->isEmpty()) {
	1297	throw new Exception(__('You are not allowed to edit this entry'));
	1298	}
	1299	}
	1300
	1301	# --BEHAVIOR-- coreBeforePostUpdate
	1302	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
	1303
	1304	$cur->update('WHERE post_id = '.$id.' ');
	1305
	1306	# --BEHAVIOR-- coreAfterPostUpdate
	1307	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
	1308
	1309	$this->triggerBlog();
	1310	}
	1311
	1312	/**
	1313	Updates post status.
	1314
	1315	@param id <b>integer</b> Post ID
	1316	@param status <b>integer</b> Post status
	1317	*/
	1318	public function updPostStatus($id,$status)
	1319	{
[1030]	1320	$this->updPostsStatus($id,$status);
	1321	}
	1322
	1323	/**
	1324	Updates posts status.
	1325
	1326	@param ids <b>mixed</b> Post(s) ID(s)
	1327	@param status <b>integer</b> Post status
	1328	*/
	1329	public function updPostsStatus($ids,$status)
	1330	{
[0]	1331	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	1332	throw new Exception(__('You are not allowed to change this entry status'));
	1333	}
	1334
[1030]	1335	$posts_ids = dcUtils::cleanIds($ids);
[0]	1336	$status = (integer) $status;
	1337
[1030]	1338	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1339	"AND post_id ".$this->con->in($posts_ids);
	1340
[0]	1341	#If user can only publish, we need to check the post's owner
	1342	if (!$this->core->auth->check('contentadmin',$this->id))
	1343	{
[1030]	1344	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1345	}
	1346
	1347	$cur = $this->con->openCursor($this->prefix.'post');
	1348
	1349	$cur->post_status = $status;
	1350	$cur->post_upddt = date('Y-m-d H:i:s');
	1351
[1030]	1352	$cur->update($strReq);
[0]	1353	$this->triggerBlog();
	1354	}
	1355
[1030]	1356	/**
	1357	Updates post selection.
	1358
	1359	@param id <b>integer</b> Post ID
	1360	@param selected <b>integer</b> Is selected post
	1361	*/
[0]	1362	public function updPostSelected($id,$selected)
	1363	{
[1030]	1364	$this->updPostsSelected($id,$selected);
	1365	}
	1366
	1367	/**
	1368	Updates posts selection.
	1369
	1370	@param ids <b>mixed</b> Post(s) ID(s)
	1371	@param selected <b>integer</b> Is selected post(s)
	1372	*/
	1373	public function updPostsSelected($ids,$selected)
	1374	{
[0]	1375	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1376	throw new Exception(__('You are not allowed to change this entry category'));
	1377	}
	1378
[1030]	1379	$posts_ids = dcUtils::cleanIds($ids);
[0]	1380	$selected = (boolean) $selected;
	1381
[1030]	1382	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1383	"AND post_id ".$this->con->in($posts_ids);
	1384
[0]	1385	# If user is only usage, we need to check the post's owner
	1386	if (!$this->core->auth->check('contentadmin',$this->id))
	1387	{
[1030]	1388	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1389	}
	1390
	1391	$cur = $this->con->openCursor($this->prefix.'post');
	1392
	1393	$cur->post_selected = (integer) $selected;
	1394	$cur->post_upddt = date('Y-m-d H:i:s');
	1395
[1030]	1396	$cur->update($strReq);
[0]	1397	$this->triggerBlog();
	1398	}
	1399
	1400	/**
	1401	Updates post category. <var>$cat_id</var> can be null.
	1402
	1403	@param id <b>integer</b> Post ID
	1404	@param cat_id <b>integer</b> Category ID
	1405	*/
	1406	public function updPostCategory($id,$cat_id)
	1407	{
[1030]	1408	$this->updPostsCategory($id,$cat_id);
	1409	}
	1410
	1411	/**
	1412	Updates posts category. <var>$cat_id</var> can be null.
	1413
	1414	@param ids <b>mixed</b> Post(s) ID(s)
	1415	@param cat_id <b>integer</b> Category ID
	1416	*/
	1417	public function updPostsCategory($ids,$cat_id)
	1418	{
[0]	1419	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	1420	throw new Exception(__('You are not allowed to change this entry category'));
	1421	}
	1422
[1030]	1423	$posts_ids = dcUtils::cleanIds($ids);
[0]	1424	$cat_id = (integer) $cat_id;
	1425
[1030]	1426	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1427	"AND post_id ".$this->con->in($posts_ids);
	1428
[0]	1429	# If user is only usage, we need to check the post's owner
	1430	if (!$this->core->auth->check('contentadmin',$this->id))
	1431	{
[1030]	1432	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1433	}
	1434
	1435	$cur = $this->con->openCursor($this->prefix.'post');
	1436
	1437	$cur->cat_id = ($cat_id ? $cat_id : null);
	1438	$cur->post_upddt = date('Y-m-d H:i:s');
	1439
[1030]	1440	$cur->update($strReq);
[0]	1441	$this->triggerBlog();
	1442	}
	1443
	1444	/**
[1015]	1445	Updates posts category. <var>$new_cat_id</var> can be null.
	1446
	1447	@param old_cat_id <b>integer</b> Old category ID
	1448	@param new_cat_id <b>integer</b> New category ID
	1449	*/
[1030]	1450	public function changePostsCategory($old_cat_id,$new_cat_id)
[1015]	1451	{
	1452	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
	1453	throw new Exception(__('You are not allowed to change entries category'));
	1454	}
	1455
	1456	$old_cat_id = (integer) $old_cat_id;
	1457	$new_cat_id = (integer) $new_cat_id;
	1458
	1459	$cur = $this->con->openCursor($this->prefix.'post');
	1460
	1461	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
	1462	$cur->post_upddt = date('Y-m-d H:i:s');
	1463
	1464	$cur->update(
	1465	'WHERE cat_id = '.$old_cat_id.' '.
	1466	"AND blog_id = '".$this->con->escape($this->id)."' "
	1467	);
	1468	$this->triggerBlog();
	1469	}
	1470
	1471	/**
[0]	1472	Deletes a post.
	1473
	1474	@param id <b>integer</b> Post ID
	1475	*/
	1476	public function delPost($id)
	1477	{
[1030]	1478	$this->delPosts($id);
	1479	}
	1480
	1481	/**
	1482	Deletes multiple posts.
	1483
	1484	@param ids <b>mixed</b> Post(s) ID(s)
	1485	*/
	1486	public function delPosts($ids)
	1487	{
[0]	1488	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	1489	throw new Exception(__('You are not allowed to delete entries'));
	1490	}
	1491
[1030]	1492	$posts_ids = dcUtils::cleanIds($ids);
[0]	1493
[1030]	1494	if (empty($posts_ids)) {
[0]	1495	throw new Exception(__('No such entry ID'));
	1496	}
	1497
[1030]	1498	$strReq = 'DELETE FROM '.$this->prefix.'post '.
	1499	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1500	"AND post_id ".$this->con->in($posts_ids);
	1501
[0]	1502	#If user can only delete, we need to check the post's owner
	1503	if (!$this->core->auth->check('contentadmin',$this->id))
	1504	{
[1030]	1505	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	1506	}
	1507
	1508	$this->con->execute($strReq);
	1509	$this->triggerBlog();
	1510	}
	1511
	1512	/**
	1513	Publishes all entries flaged as "scheduled".
	1514	*/
	1515	public function publishScheduledEntries()
	1516	{
	1517	$strReq = 'SELECT post_id, post_dt, post_tz '.
	1518	'FROM '.$this->prefix.'post '.
	1519	'WHERE post_status = -1 '.
	1520	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1521
	1522	$rs = $this->con->select($strReq);
	1523
	1524	$now = dt::toUTC(time());
[833]	1525	$to_change = new ArrayObject();
	1526
[0]	1527	if ($rs->isEmpty()) {
	1528	return;
	1529	}
	1530
	1531	while ($rs->fetch())
	1532	{
	1533	# Now timestamp with post timezone
	1534	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
	1535
	1536	# Post timestamp
	1537	$post_ts = strtotime($rs->post_dt);
	1538
	1539	# If now_tz >= post_ts, we publish the entry
	1540	if ($now_tz >= $post_ts) {
	1541	$to_change[] = (integer) $rs->post_id;
	1542	}
	1543	}
[833]	1544	if (count($to_change))
[0]	1545	{
[811]	1546	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
	1547	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
	1548
[0]	1549	$strReq =
	1550	'UPDATE '.$this->prefix.'post SET '.
	1551	'post_status = 1 '.
	1552	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
[833]	1553	'AND post_id '.$this->con->in((array)$to_change).' ';
[0]	1554	$this->con->execute($strReq);
	1555	$this->triggerBlog();
[811]	1556
	1557	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
	1558	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
[0]	1559	}
[811]	1560
[0]	1561	}
	1562
	1563	/**
	1564	Retrieves all users having posts on current blog.
	1565
	1566	@param post_type <b>string</b> post_type filter (post)
	1567	@return record
	1568	*/
	1569	public function getPostsUsers($post_type='post')
	1570	{
	1571	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
	1572	'user_displayname, user_email '.
	1573	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
	1574	'WHERE P.user_id = U.user_id '.
	1575	"AND blog_id = '".$this->con->escape($this->id)."' ";
	1576
	1577	if ($post_type) {
	1578	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
	1579	}
	1580
	1581	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
	1582
	1583	return $this->con->select($strReq);
	1584	}
	1585
	1586	private function getPostsCategoryFilter($arr,$field='cat_id')
	1587	{
	1588	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
	1589
	1590	$sub = array();
	1591	$not = array();
	1592	$queries = array();
	1593
	1594	foreach ($arr as $v)
	1595	{
	1596	$v = trim($v);
	1597	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
	1598	$id = array_shift($args);
	1599	$args = array_flip($args);
	1600
	1601	if (isset($args['not'])) { $not[$id] = 1; }
	1602	if (isset($args['sub'])) { $sub[$id] = 1; }
	1603	if ($field == 'cat_id') {
	1604	if (preg_match('/^null$/i',$id)) {
	1605	$queries[$id] = 'P.cat_id IS NULL';
	1606	}
	1607	else {
	1608	$queries[$id] = 'P.cat_id = '.(integer) $id;
	1609	}
	1610	} else {
	1611	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
	1612	}
	1613	}
	1614
	1615	if (!empty($sub)) {
	1616	$rs = $this->con->select(
	1617	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
	1618	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	1619	'AND '.$field.' '.$this->con->in(array_keys($sub))
	1620	);
	1621
	1622	while ($rs->fetch()) {
	1623	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
	1624	}
	1625	}
	1626
	1627	# Create queries
	1628	$sql = array(
	1629	0 => array(), # wanted categories
	1630	1 => array() # excluded categories
	1631	);
	1632
	1633	foreach ($queries as $id => $q) {
	1634	$sql[(integer) isset($not[$id])][] = $q;
	1635	}
	1636
	1637	$sql[0] = implode(' OR ',$sql[0]);
	1638	$sql[1] = implode(' OR ',$sql[1]);
	1639
	1640	if ($sql[0]) {
	1641	$sql[0] = '('.$sql[0].')';
	1642	} else {
	1643	unset($sql[0]);
	1644	}
	1645
	1646	if ($sql[1]) {
	1647	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
	1648	} else {
	1649	unset($sql[1]);
	1650	}
	1651
	1652	return implode(' AND ',$sql);
	1653	}
	1654
	1655	private function getPostCursor($cur,$post_id=null)
	1656	{
	1657	if ($cur->post_title == '') {
	1658	throw new Exception(__('No entry title'));
	1659	}
	1660
	1661	if ($cur->post_content == '') {
	1662	throw new Exception(__('No entry content'));
	1663	}
	1664
	1665	if ($cur->post_password === '') {
	1666	$cur->post_password = null;
	1667	}
	1668
	1669	if ($cur->post_dt == '') {
	1670	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
	1671	$now = time() + $offset;
	1672	$cur->post_dt = date('Y-m-d H:i:00',$now);
	1673	}
	1674
	1675	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
	1676
	1677	if ($cur->post_content_xhtml == '') {
	1678	throw new Exception(__('No entry content'));
	1679	}
	1680
	1681	# Words list
	1682	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
	1683	&& $cur->post_content_xhtml !== null)
	1684	{
	1685	$words =
	1686	$cur->post_title.' '.
	1687	$cur->post_excerpt_xhtml.' '.
	1688	$cur->post_content_xhtml;
	1689
	1690	$cur->post_words = implode(' ',text::splitWords($words));
	1691	}
	1692	}
	1693
	1694	private function getPostContent($cur,$post_id)
	1695	{
	1696	$post_excerpt = $cur->post_excerpt;
	1697	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
	1698	$post_content = $cur->post_content;
	1699	$post_content_xhtml = $cur->post_content_xhtml;
	1700
	1701	$this->setPostContent(
	1702	$post_id,$cur->post_format,$cur->post_lang,
	1703	$post_excerpt,$post_excerpt_xhtml,
	1704	$post_content,$post_content_xhtml
	1705	);
	1706
	1707	$cur->post_excerpt = $post_excerpt;
	1708	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
	1709	$cur->post_content = $post_content;
	1710	$cur->post_content_xhtml = $post_content_xhtml;
	1711	}
	1712
	1713	/**
	1714	Creates post HTML content, taking format and lang into account.
	1715
	1716	@param post_id <b>integer</b> Post ID
	1717	@param format <b>string</b> Post format
	1718	@param lang <b>string</b> Post lang
	1719	@param excerpt <b>string</b> Post excerpt
	1720	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
	1721	@param content <b>string</b> Post content
	1722	@param[out] content_xhtml <b>string</b> Post content HTML
	1723	*/
	1724	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
	1725	{
	1726	if ($format == 'wiki')
	1727	{
	1728	$this->core->initWikiPost();
	1729	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
[970]	1730	switch ($this->settings->system->note_title_tag) {
	1731	case 1:
	1732	$tag = 'h3';
	1733	break;
	1734	case 2:
	1735	$tag = 'p';
	1736	break;
	1737	default:
	1738	$tag = 'h4';
	1739	break;
	1740	}
	1741	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
	1742	__('Notes').'</'.$tag.'>%s</div>');
	1743	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
	1744	__('Note').'</'.$tag.'>%s</div>');
[0]	1745	if (strpos($lang,'fr') === 0) {
	1746	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
	1747	}
	1748	}
	1749
	1750	if ($excerpt) {
	1751	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
	1752	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
	1753	} else {
	1754	$excerpt_xhtml = '';
	1755	}
	1756
	1757	if ($content) {
	1758	$content_xhtml = $this->core->callFormater($format,$content);
	1759	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
	1760	} else {
	1761	$content_xhtml = '';
	1762	}
	1763
	1764	# --BEHAVIOR-- coreAfterPostContentFormat
	1765	$this->core->callBehavior('coreAfterPostContentFormat',array(
	1766	'excerpt' => &$excerpt,
	1767	'content' => &$content,
	1768	'excerpt_xhtml' => &$excerpt_xhtml,
	1769	'content_xhtml' => &$content_xhtml
	1770	));
	1771	}
	1772
	1773	/**
	1774	Returns URL for a post according to blog setting <var>post_url_format</var>.
	1775	It will try to guess URL and append some figures if needed.
	1776
	1777	@param url <b>string</b> Origin URL, could be empty
	1778	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
	1779	@param post_title <b>string</b> Post title
	1780	@param post_id <b>integer</b> Post ID
	1781	@return <b>string</b> result URL
	1782	*/
	1783	public function getPostURL($url,$post_dt,$post_title,$post_id)
	1784	{
	1785	$url = trim($url);
	1786
	1787	$url_patterns = array(
	1788	'{y}' => date('Y',strtotime($post_dt)),
	1789	'{m}' => date('m',strtotime($post_dt)),
	1790	'{d}' => date('d',strtotime($post_dt)),
	1791	'{t}' => text::tidyURL($post_title),
	1792	'{id}' => (integer) $post_id
	1793	);
	1794
	1795	# If URL is empty, we create a new one
	1796	if ($url == '')
	1797	{
	1798	# Transform with format
	1799	$url = str_replace(
	1800	array_keys($url_patterns),
	1801	array_values($url_patterns),
	1802	$this->settings->system->post_url_format
	1803	);
	1804	}
	1805	else
	1806	{
	1807	$url = text::tidyURL($url);
	1808	}
	1809
	1810	# Let's check if URL is taken...
	1811	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
	1812	"WHERE post_url = '".$this->con->escape($url)."' ".
	1813	'AND post_id <> '.(integer) $post_id. ' '.
	1814	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1815	'ORDER BY post_url DESC';
	1816
	1817	$rs = $this->con->select($strReq);
	1818
	1819	if (!$rs->isEmpty())
	1820	{
	1821	if ($this->con->driver() == 'mysql') {
	1822	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
	1823	} elseif ($this->con->driver() == 'pgsql') {
	1824	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
	1825	} else {
	1826	$clause = "LIKE '".$this->con->escape($url)."%'";
	1827	}
	1828	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
	1829	"WHERE post_url ".$clause.' '.
	1830	'AND post_id <> '.(integer) $post_id.' '.
	1831	"AND blog_id = '".$this->con->escape($this->id)."' ".
	1832	'ORDER BY post_url DESC ';
	1833
	1834	$rs = $this->con->select($strReq);
	1835	$a = array();
	1836	while ($rs->fetch()) {
	1837	$a[] = $rs->post_url;
	1838	}
	1839
	1840	natsort($a);
	1841	$t_url = end($a);
	1842
	1843	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
	1844	$i = (integer) $m[2];
	1845	$url = $m[1];
	1846	} else {
	1847	$i = 1;
	1848	}
	1849
	1850	return $url.($i+1);
	1851	}
	1852
	1853	# URL is empty?
	1854	if ($url == '') {
	1855	throw new Exception(__('Empty entry URL'));
	1856	}
	1857
	1858	return $url;
	1859	}
	1860	//@}
	1861
	1862	/// @name Comments management methods
	1863	//@{
	1864	/**
	1865	Retrieves comments. <b>$params</b> is an array taking the following
	1866	optionnal parameters:
	1867
	1868	- no_content: Don't retrieve comment content
	1869	- post_type: Get only entries with given type (default no type, array for many types)
	1870	- post_id: (integer) Get comments belonging to given post_id
	1871	- cat_id: (integer or array) Get comments belonging to entries of given category ID
	1872	- comment_id: (integer) Get comment with given ID
	1873	- comment_status: (integer) Get comments with given comment_status
	1874	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
	1875	- comment_ip: (string) Get comments with given IP address
	1876	- post_url: Get entry with given post_url field
	1877	- user_id: (integer) Get entries belonging to given user ID
	1878	- q_author: Search comments by author
	1879	- sql: Append SQL string at the end of the query
	1880	- from: Append SQL string after "FROM" statement in query
	1881	- order: Order of results (default "ORDER BY comment_dt DES")
	1882	- limit: Limit parameter
[774]	1883	- sql_only : return the sql request instead of results. Only ids are selected
[0]	1884
	1885	@param params <b>array</b> Parameters
	1886	@param count_only <b>boolean</b> Only counts results
	1887	@return <b>record</b> A record with some more capabilities
	1888	*/
	1889	public function getComments($params=array(),$count_only=false)
	1890	{
	1891	if ($count_only)
	1892	{
	1893	$strReq = 'SELECT count(comment_id) ';
	1894	}
[774]	1895	elseif (!empty($params['sql_only']))
	1896	{
	1897	$strReq = 'SELECT P.post_id ';
	1898	}
[0]	1899	else
	1900	{
	1901	if (!empty($params['no_content'])) {
	1902	$content_req = '';
	1903	} else {
	1904	$content_req = 'comment_content, ';
	1905	}
	1906
	1907	if (!empty($params['columns']) && is_array($params['columns'])) {
	1908	$content_req .= implode(', ',$params['columns']).', ';
	1909	}
	1910
	1911	$strReq =
	1912	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
	1913	'comment_author, comment_email, comment_site, '.
	1914	$content_req.' comment_trackback, comment_status, '.
	1915	'comment_spam_status, comment_spam_filter, comment_ip, '.
	1916	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
	1917	'P.post_dt, P.user_id, U.user_email, U.user_url ';
	1918	}
	1919
	1920	$strReq .=
	1921	'FROM '.$this->prefix.'comment C '.
	1922	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
	1923	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
	1924
	1925	if (!empty($params['from'])) {
	1926	$strReq .= $params['from'].' ';
	1927	}
	1928
	1929	$strReq .=
	1930	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
	1931
	1932	if (!$this->core->auth->check('contentadmin',$this->id)) {
	1933	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
	1934
	1935	if ($this->without_password) {
	1936	$strReq .= 'AND post_password IS NULL ';
	1937	}
	1938	$strReq .= ') ';
	1939
	1940	if ($this->core->auth->userID()) {
	1941	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
	1942	} else {
	1943	$strReq .= ') ';
	1944	}
	1945	}
	1946
	1947	if (!empty($params['post_type']))
	1948	{
[340]	1949	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
[0]	1950	}
	1951
[836]	1952	if (isset($params['post_id']) && $params['post_id'] !== '') {
[0]	1953	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
	1954	}
	1955
[836]	1956	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
[0]	1957	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
	1958	}
	1959
[836]	1960	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
[0]	1961	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
	1962	}
	1963
	1964	if (isset($params['comment_status'])) {
	1965	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
	1966	}
	1967
	1968	if (!empty($params['comment_status_not']))
	1969	{
	1970	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
	1971	}
	1972
	1973	if (isset($params['comment_trackback'])) {
	1974	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
	1975	}
	1976
	1977	if (isset($params['comment_ip'])) {
[1018]	1978	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
	1979	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
[0]	1980	}
	1981
	1982	if (isset($params['q_author'])) {
	1983	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
	1984	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
	1985	}
	1986
	1987	if (!empty($params['search']))
	1988	{
	1989	$words = text::splitWords($params['search']);
	1990
	1991	if (!empty($words))
	1992	{
	1993	# --BEHAVIOR coreCommentSearch
	1994	if ($this->core->hasBehavior('coreCommentSearch')) {
	1995	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
	1996	}
	1997
	1998	if ($words)
	1999	{
	2000	foreach ($words as $i => $w) {
	2001	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
	2002	}
	2003	$strReq .= 'AND '.implode(' AND ',$words).' ';
	2004	}
	2005	}
	2006	}
	2007
	2008	if (!empty($params['sql'])) {
	2009	$strReq .= $params['sql'].' ';
	2010	}
	2011
	2012	if (!$count_only)
	2013	{
	2014	if (!empty($params['order'])) {
	2015	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
	2016	} else {
	2017	$strReq .= 'ORDER BY comment_dt DESC ';
	2018	}
	2019	}
	2020
	2021	if (!$count_only && !empty($params['limit'])) {
	2022	$strReq .= $this->con->limit($params['limit']);
	2023	}
[774]	2024
	2025	if (!empty($params['sql_only'])) {
	2026	return $strReq;
	2027	}
[0]	2028
	2029	$rs = $this->con->select($strReq);
	2030	$rs->core = $this->core;
	2031	$rs->extend('rsExtComment');
	2032
	2033	# --BEHAVIOR-- coreBlogGetComments
	2034	$this->core->callBehavior('coreBlogGetComments',$rs);
	2035
	2036	return $rs;
	2037	}
	2038
	2039	/**
	2040	Creates a new comment. Takes a cursor as input and returns the new comment
	2041	ID.
	2042
	2043	@param cur <b>cursor</b> Comment cursor
	2044	@return <b>integer</b> New comment ID
	2045	*/
	2046	public function addComment($cur)
	2047	{
	2048	$this->con->writeLock($this->prefix.'comment');
	2049	try
	2050	{
	2051	# Get ID
	2052	$rs = $this->con->select(
	2053	'SELECT MAX(comment_id) '.
	2054	'FROM '.$this->prefix.'comment '
	2055	);
	2056
	2057	$cur->comment_id = (integer) $rs->f(0) + 1;
	2058	$cur->comment_upddt = date('Y-m-d H:i:s');
	2059
	2060	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
	2061	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
	2062	$cur->comment_tz = $this->settings->system->blog_timezone;
	2063
	2064	$this->getCommentCursor($cur);
	2065
	2066	if ($cur->comment_ip === null) {
	2067	$cur->comment_ip = http::realIP();
	2068	}
	2069
	2070	# --BEHAVIOR-- coreBeforeCommentCreate
	2071	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
	2072
	2073	$cur->insert();
	2074	$this->con->unlock();
	2075	}
	2076	catch (Exception $e)
	2077	{
	2078	$this->con->unlock();
	2079	throw $e;
	2080	}
	2081
	2082	# --BEHAVIOR-- coreAfterCommentCreate
	2083	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
	2084
	2085	$this->triggerComment($cur->comment_id);
	2086	if ($cur->comment_status != -2) {
	2087	$this->triggerBlog();
	2088	}
	2089	return $cur->comment_id;
	2090	}
	2091
	2092	/**
	2093	Updates an existing comment.
	2094
	2095	@param id <b>integer</b> Comment ID
	2096	@param cur <b>cursor</b> Comment cursor
	2097	*/
	2098	public function updComment($id,$cur)
	2099	{
	2100	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
	2101	throw new Exception(__('You are not allowed to update comments'));
	2102	}
	2103
	2104	$id = (integer) $id;
	2105
	2106	if (empty($id)) {
	2107	throw new Exception(__('No such comment ID'));
	2108	}
	2109
	2110	$rs = $this->getComments(array('comment_id' => $id));
	2111
	2112	if ($rs->isEmpty()) {
	2113	throw new Exception(__('No such comment ID'));
	2114	}
	2115
	2116	#If user is only usage, we need to check the post's owner
	2117	if (!$this->core->auth->check('contentadmin',$this->id))
	2118	{
	2119	if ($rs->user_id != $this->core->auth->userID()) {
	2120	throw new Exception(__('You are not allowed to update this comment'));
	2121	}
	2122	}
	2123
	2124	$this->getCommentCursor($cur);
	2125
	2126	$cur->comment_upddt = date('Y-m-d H:i:s');
	2127
	2128	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	2129	$cur->unsetField('comment_status');
	2130	}
	2131
	2132	# --BEHAVIOR-- coreBeforeCommentUpdate
	2133	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
	2134
	2135	$cur->update('WHERE comment_id = '.$id.' ');
	2136
	2137	# --BEHAVIOR-- coreAfterCommentUpdate
	2138	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
	2139
	2140	$this->triggerComment($id);
	2141	$this->triggerBlog();
	2142	}
	2143
	2144	/**
	2145	Updates comment status.
	2146
	2147	@param id <b>integer</b> Comment ID
	2148	@param status <b>integer</b> Comment status
	2149	*/
	2150	public function updCommentStatus($id,$status)
	2151	{
[1041]	2152	$this->updCommentsStatus($id,$status);
	2153	}
	2154
	2155	/**
	2156	Updates comments status.
	2157
	2158	@param ids <b>mixed</b> Comment(s) ID(s)
	2159	@param status <b>integer</b> Comment status
	2160	*/
	2161	public function updCommentsStatus($ids,$status)
	2162	{
[0]	2163	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
	2164	throw new Exception(__("You are not allowed to change this comment's status"));
	2165	}
	2166
[1041]	2167	$co_ids = dcUtils::cleanIds($ids);
	2168	$status = (integer) $status;
	2169
	2170	$strReq =
	2171	'UPDATE '.$this->prefix.'comment tc ';
	2172
	2173	# mySQL uses "JOIN" synthax
	2174	if ($this->con->driver() == 'mysql') {
	2175	$strReq .=
	2176	'JOIN '.$this->prefix.'post tp ON tc.post_id = tp.post_id ';
	2177	}
	2178
	2179	$strReq .=
	2180	'SET comment_status = '.$status.' ';
	2181
	2182	# pgSQL uses "FROM" synthax
	2183	if ($this->con->driver() != 'mysql') {
	2184	$strReq .=
	2185	'FROM '.$this->prefix.'post tp ';
	2186	}
	2187
	2188	$strReq .=
	2189	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
	2190	'AND comment_id'.$this->con->in($co_ids);
	2191
	2192	# add pgSQL "WHERE" clause
	2193	if ($this->con->driver() != 'mysql') {
	2194	$strReq .=
	2195	'AND tc.post_id = tp.post_id ';
	2196	}
	2197
	2198	#If user is only usage, we need to check the post's owner
	2199	if (!$this->core->auth->check('contentadmin',$this->id))
	2200	{
	2201	$strReq .=
	2202	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	2203	}
	2204
	2205	$this->con->execute($strReq);
[1042]	2206	$this->triggerComments($co_ids);
[1041]	2207	$this->triggerBlog();
[0]	2208	}
	2209
	2210	/**
	2211	Delete a comment
	2212
	2213	@param id <b>integer</b> Comment ID
	2214	*/
	2215	public function delComment($id)
	2216	{
[1041]	2217	$this->delComments($id);
	2218	}
	2219
	2220	/**
	2221	Delete comments
	2222
	2223	@param ids <b>mixed</b> Comment(s) ID(s)
	2224	*/
	2225	public function delComments($ids)
	2226	{
[0]	2227	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	2228	throw new Exception(__('You are not allowed to delete comments'));
	2229	}
	2230
[1041]	2231	$co_ids = dcUtils::cleanIds($ids);
[0]	2232
[1280]	2233	if (empty($ids)) {
[0]	2234	throw new Exception(__('No such comment ID'));
	2235	}
	2236
[1041]	2237	# mySQL uses "INNER JOIN" synthax
	2238	if ($this->con->driver() == 'mysql') {
	2239	$strReq =
	2240	'DELETE FROM tc '.
	2241	'USING '.$this->prefix.'comment tc '.
	2242	'INNER JOIN '.$this->prefix.'post tp ';
	2243	}
	2244	# pgSQL uses nothing special
	2245	else {
	2246	$strReq =
	2247	'DELETE FROM '.$this->prefix.'comment tc '.
	2248	'USING '.$this->prefix.'post tp ';
	2249	}
	2250
	2251	$strReq .=
	2252	'WHERE tc.post_id = tp.post_id '.
	2253	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
	2254	'AND comment_id'.$this->con->in($co_ids);
	2255
[0]	2256	#If user can only delete, we need to check the post's owner
	2257	if (!$this->core->auth->check('contentadmin',$this->id))
	2258	{
[1041]	2259	$strReq .=
	2260	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
[0]	2261	}
	2262
[1041]	2263	$this->con->execute($strReq);
[1280]	2264	$this->triggerComments($co_ids,true);
[0]	2265	$this->triggerBlog();
	2266	}
[1052]	2267
	2268	public function delJunkComments()
	2269	{
	2270	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
	2271	throw new Exception(__('You are not allowed to delete comments'));
	2272	}
	2273
	2274	# mySQL uses "INNER JOIN" synthax
	2275	if ($this->con->driver() == 'mysql') {
	2276	$strReq =
	2277	'DELETE FROM tc '.
	2278	'USING '.$this->prefix.'comment tc '.
	2279	'INNER JOIN '.$this->prefix.'post tp ';
	2280	}
	2281	# pgSQL uses nothing special
	2282	else {
	2283	$strReq =
	2284	'DELETE FROM '.$this->prefix.'comment tc '.
	2285	'USING '.$this->prefix.'post tp ';
	2286	}
	2287
	2288	$strReq .=
	2289	'WHERE tc.post_id = tp.post_id '.
	2290	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
	2291	'AND comment_status = -2';
	2292
	2293	#If user can only delete, we need to check the post's owner
	2294	if (!$this->core->auth->check('contentadmin',$this->id))
	2295	{
	2296	$strReq .=
	2297	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
	2298	}
	2299
	2300	$this->con->execute($strReq);
	2301	$this->triggerBlog();
	2302	}
[0]	2303
	2304	private function getCommentCursor($cur)
	2305	{
	2306	if ($cur->comment_content !== null && $cur->comment_content == '') {
	2307	throw new Exception(__('You must provide a comment'));
	2308	}
	2309
	2310	if ($cur->comment_author !== null && $cur->comment_author == '') {
	2311	throw new Exception(__('You must provide an author name'));
	2312	}
	2313
	2314	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
	2315	throw new Exception(__('Email address is not valid.'));
	2316	}
	2317
	2318	if ($cur->comment_site !== null && $cur->comment_site != '') {
[1280]	2319	if (!preg_match('\|^http(s?)://\|',$cur->comment_site)) {
[0]	2320	$cur->comment_site = 'http://'.$cur->comment_site;
	2321	}
	2322	}
	2323
	2324	if ($cur->comment_status === null) {
	2325	$cur->comment_status = (integer) $this->settings->system->comments_pub;
	2326	}
	2327
	2328	# Words list
	2329	if ($cur->comment_content !== null)
	2330	{
	2331	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
	2332	}
	2333	}
	2334	//@}
	2335	}
[1532]	2336	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 1532:f6c9584b4677

Download in other formats:

Sites map