class.dc.blog.php @ 1570:f06130921ca2

Visit:

Revision 1570:f06130921ca2, 61.6 KB checked in by Denis Jean-Chirstian <contact@…>, 12 years ago (diff)
Another way to fix comments count, adresses #1401

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('pending');
94	$this->post_status['-1'] = __('scheduled');
95	$this->post_status['0'] = __('unpublished');
96	$this->post_status['1'] = __('published');
97
98	$this->comment_status['-2'] = __('junk');
99	$this->comment_status['-1'] = __('pending');
100	$this->comment_status['0'] = __('unpublished');
101	$this->comment_status['1'] = __('published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns an entry status name given to a code. Status are translated, never
124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
125
126	@param s <b>integer</b> Status code
127	@return <b>string</b> Blog status name
128	*/
129	public function getPostStatus($s)
130	{
131	if (isset($this->post_status[$s])) {
132	return $this->post_status[$s];
133	}
134	return $this->post_status['0'];
135	}
136
137	/**
138	Returns an array of available entry status codes and names.
139
140	@return <b>array</b> Simple array with codes in keys and names in value
141	*/
142	public function getAllPostStatus()
143	{
144	return $this->post_status;
145	}
146
147	/**
148	Returns an array of available comment status codes and names.
149
150	@return <b>array</b> Simple array with codes in keys and names in value
151	*/
152	public function getAllCommentStatus()
153	{
154	return $this->comment_status;
155	}
156
157	/**
158	Disallows entries password protection. You need to set it to
159	<var>false</var> while serving a public blog.
160
161	@param v <b>boolean</b>
162	*/
163	public function withoutPassword($v)
164	{
165	$this->without_password = (boolean) $v;
166	}
167	//@}
168
169	/// @name Triggers methods
170	//@{
171	/**
172	Updates blog last update date. Should be called every time you change
173	an element related to the blog.
174	*/
175	public function triggerBlog()
176	{
177	$cur = $this->con->openCursor($this->prefix.'blog');
178
179	$cur->blog_upddt = date('Y-m-d H:i:s');
180
181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
182
183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
185	}
186
187	/**
188	Updates comment and trackback counters in post table. Should be called
189	every time a comment or trackback is added, removed or changed its status.
190
191	@param id <b>integer</b> Comment ID
192	@param del <b>boolean</b> If comment is delete, set this to true
193	*/
194	public function triggerComment($id,$del=false)
195	{
196	$this->triggerComments($id,$del);
197	}
198
199	/**
200	Updates comments and trackbacks counters in post table. Should be called
201	every time comments or trackbacks are added, removed or changed there status.
202
203	@param ids <b>mixed</b> Comment(s) ID(s)
204	@param del <b>boolean</b> If comment is delete, set this to true
205	@param affected_posts <b>mixed</b> Posts(s) ID(s)
206	*/
207	public function triggerComments($ids, $del=false, $affected_posts=null)
208	{
209	$comments_ids = dcUtils::cleanIds($ids);
210
211	# Get posts affected by comments edition
212	if (empty($affected_posts)) {
213	$strReq =
214	'SELECT post_id '.
215	'FROM '.$this->prefix.'comment '.
216	'WHERE comment_id'.$this->con->in($comments_ids).
217	'GROUP BY post_id';
218
219	$rs = $this->con->select($strReq);
220
221	$affected_posts = array();
222	while ($rs->fetch()) {
223	$affected_posts[] = (integer) $rs->post_id;
224	}
225	}
226
227	if (!is_array($affected_posts) \|\| empty($affected_posts)) {
228	return;
229	}
230
231	# Count number of comments if exists for affected posts
232	$strReq =
233	'SELECT post_id, COUNT(post_id) AS nb_comment, comment_trackback '.
234	'FROM '.$this->prefix.'comment '.
235	'WHERE comment_status = 1 '.
236	'AND post_id'.$this->con->in($affected_posts).
237	'GROUP BY post_id,comment_trackback';
238
239	$rs = $this->con->select($strReq);
240
241	$posts = array();
242	while ($rs->fetch()) {
243	if ($rs->comment_trackback) {
244	$posts[$rs->post_id]['trackback'] = $rs->nb_comment;
245	} else {
246	$posts[$rs->post_id]['comment'] = $rs->nb_comment;
247	}
248	}
249
250	# Update number of comments on affected posts
251	$cur = $this->con->openCursor($this->prefix.'post');
252	foreach($affected_posts as $post_id)
253	{
254	$cur->clean();
255
256	if (!array_key_exists($post_id,$posts)) {
257	$cur->nb_trackback = 0;
258	$cur->nb_comment = 0;
259	} else {
260	$cur->nb_trackback = empty($posts[$post_id]['trackback']) ? 0 : $posts[$post_id]['trackback'];
261	$cur->nb_comment = empty($posts[$post_id]['comment']) ? 0 : $posts[$post_id]['comment'];
262	}
263
264	$cur->update('WHERE post_id = '.$post_id);
265	}
266	}
267	//@}
268
269	/// @name Categories management methods
270	//@{
271	public function categories()
272	{
273	if (!($this->categories instanceof dcCategories)) {
274	$this->categories = new dcCategories($this->core);
275	}
276
277	return $this->categories;
278	}
279
280	/**
281	Retrieves categories. <var>$params</var> is an associative array which can
282	take the following parameters:
283
284	- post_type: Get only entries with given type (default "post")
285	- cat_url: filter on cat_url field
286	- cat_id: filter on cat_id field
287	- start: start with a given category
288	- level: categories level to retrieve
289
290	@param params <b>array</b> Parameters
291	@return <b>record</b>
292	*/
293	public function getCategories($params=array())
294	{
295	$c_params = array();
296	if (isset($params['post_type'])) {
297	$c_params['post_type'] = $params['post_type'];
298	unset($params['post_type']);
299	}
300	$counter = $this->getCategoriesCounter($c_params);
301
302	$without_empty = $this->core->auth->userID() == false; # For public display
303
304	$start = isset($params['start']) ? (integer) $params['start'] : 0;
305	$l = isset($params['level']) ? (integer) $params['level'] : 0;
306
307	$rs = $this->categories()->getChildren($start,null,'desc');
308
309	# Get each categories total posts count
310	$data = array();
311	$stack = array();
312	$level = 0;
313	$cols = $rs->columns();
314	while ($rs->fetch())
315	{
316	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
317
318	if ($rs->level > $level) {
319	$nb_total = $nb_post;
320	$stack[$rs->level] = (integer) $nb_post;
321	} elseif ($rs->level == $level) {
322	$nb_total = $nb_post;
323	$stack[$rs->level] += $nb_post;
324	} else {
325	$nb_total = $stack[$rs->level+1] + $nb_post;
326	if (isset($stack[$rs->level])) {
327	$stack[$rs->level] += $nb_total;
328	} else {
329	$stack[$rs->level] = $nb_total;
330	}
331	unset($stack[$rs->level+1]);
332	}
333
334	if ($nb_total == 0 && $without_empty) {
335	continue;
336	}
337
338	$level = $rs->level;
339
340	$t = array();
341	foreach ($cols as $c) {
342	$t[$c] = $rs->f($c);
343	}
344	$t['nb_post'] = $nb_post;
345	$t['nb_total'] = $nb_total;
346
347	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
348	array_unshift($data,$t);
349	}
350	}
351
352	# We need to apply filter after counting
353	if (isset($params['cat_id']) && $params['cat_id'] !== '')
354	{
355	$found = false;
356	foreach ($data as $v) {
357	if ($v['cat_id'] == $params['cat_id']) {
358	$found = true;
359	$data = array($v);
360	break;
361	}
362	}
363	if (!$found) {
364	$data = array();
365	}
366	}
367
368	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
369	&& !isset($params['cat_id']))
370	{
371	$found = false;
372	foreach ($data as $v) {
373	if ($v['cat_url'] == $params['cat_url']) {
374	$found = true;
375	$data = array($v);
376	break;
377	}
378	}
379	if (!$found) {
380	$data = array();
381	}
382	}
383
384	return staticRecord::newFromArray($data);
385	}
386
387	/**
388	Retrieves a category by its ID.
389
390	@param id <b>integer</b> Category ID
391	@return <b>record</b>
392	*/
393	public function getCategory($id)
394	{
395	return $this->getCategories(array('cat_id' => $id));
396	}
397
398	/**
399	Retrieves parents of a given category.
400
401	@param id <b>integer</b> Category ID
402	@return <b>record</b>
403	*/
404	public function getCategoryParents($id)
405	{
406	return $this->categories()->getParents($id);
407	}
408
409	/**
410	Retrieves first parent of a given category.
411
412	@param id <b>integer</b> Category ID
413	@return <b>record</b>
414	*/
415	public function getCategoryParent($id)
416	{
417	return $this->categories()->getParent($id);
418	}
419
420	/**
421	Retrieves all category's first children
422
423	@param id <b>integer</b> Category ID
424	@return <b>record</b>
425	*/
426	public function getCategoryFirstChildren($id)
427	{
428	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
429	}
430
431	private function getCategoriesCounter($params=array())
432	{
433	$strReq =
434	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
435	'FROM '.$this->prefix.'category AS C '.
436	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
437	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
438
439	if (!$this->core->auth->userID()) {
440	$strReq .= 'AND P.post_status = 1 ';
441	}
442
443	if (!empty($params['post_type'])) {
444	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
445	}
446
447	$strReq .= 'GROUP BY C.cat_id ';
448
449	$rs = $this->con->select($strReq);
450	$counters = array();
451	while ($rs->fetch()) {
452	$counters[$rs->cat_id] = $rs->nb_post;
453	}
454
455	return $counters;
456	}
457
458	/**
459	Creates a new category. Takes a cursor as input and returns the new category
460	ID.
461
462	@param cur <b>cursor</b> Category cursor
463	@return <b>integer</b> New category ID
464	*/
465	public function addCategory($cur,$parent=0)
466	{
467	if (!$this->core->auth->check('categories',$this->id)) {
468	throw new Exception(__('You are not allowed to add categories'));
469	}
470
471	$url = array();
472	if ($parent != 0)
473	{
474	$rs = $this->getCategory($parent);
475	if ($rs->isEmpty()) {
476	$url = array();
477	} else {
478	$url[] = $rs->cat_url;
479	}
480	}
481
482	if ($cur->cat_url == '') {
483	$url[] = text::tidyURL($cur->cat_title,false);
484	} else {
485	$url[] = $cur->cat_url;
486	}
487
488	$cur->cat_url = implode('/',$url);
489
490	$this->getCategoryCursor($cur);
491	$cur->blog_id = (string) $this->id;
492
493	# --BEHAVIOR-- coreBeforeCategoryCreate
494	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
495
496	$id = $this->categories()->addNode($cur,$parent);
497	# Update category's cursor
498	$rs = $this->getCategory($id);
499	if (!$rs->isEmpty()) {
500	$cur->cat_lft = $rs->cat_lft;
501	$cur->cat_rgt = $rs->cat_rgt;
502	}
503
504	# --BEHAVIOR-- coreAfterCategoryCreate
505	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
506	$this->triggerBlog();
507
508	return $cur->cat_id;
509	}
510
511	/**
512	Updates an existing category.
513
514	@param id <b>integer</b> Category ID
515	@param cur <b>cursor</b> Category cursor
516	*/
517	public function updCategory($id,$cur)
518	{
519	if (!$this->core->auth->check('categories',$this->id)) {
520	throw new Exception(__('You are not allowed to update categories'));
521	}
522
523	if ($cur->cat_url == '')
524	{
525	$url = array();
526	$rs = $this->categories()->getParents($id);
527	while ($rs->fetch()) {
528	if ($rs->index() == $rs->count()-1) {
529	$url[] = $rs->cat_url;
530	}
531	}
532
533
534	$url[] = text::tidyURL($cur->cat_title,false);
535	$cur->cat_url = implode('/',$url);
536	}
537
538	$this->getCategoryCursor($cur,$id);
539
540	# --BEHAVIOR-- coreBeforeCategoryUpdate
541	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
542
543	$cur->update(
544	'WHERE cat_id = '.(integer) $id.' '.
545	"AND blog_id = '".$this->con->escape($this->id)."' ");
546
547	# --BEHAVIOR-- coreAfterCategoryUpdate
548	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
549
550	$this->triggerBlog();
551	}
552
553	/**
554	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
555	instead.
556
557	@param id <b>integer</b> Category ID
558	@param order <b>integer</b> Category position
559	*/
560	public function updCategoryOrder($id,$order)
561	{
562	return;
563	}
564
565	/**
566	Set a category parent
567
568	@param id <b>integer</b> Category ID
569	@param parent <b>integer</b> Parent Category ID
570	*/
571	public function setCategoryParent($id,$parent)
572	{
573	$this->categories()->setNodeParent($id,$parent);
574	$this->triggerBlog();
575	}
576
577	/**
578	Set category position
579
580	@param id <b>integer</b> Category ID
581	@param sibling <b>integer</b> Sibling Category ID
582	@param move <b>integer</b> Order (before\|after)
583	*/
584	public function setCategoryPosition($id,$sibling,$move)
585	{
586	$this->categories()->setNodePosition($id,$sibling,$move);
587	$this->triggerBlog();
588	}
589
590	/**
591	Deletes a category.
592
593	@param id <b>integer</b> Category ID
594	*/
595	public function delCategory($id)
596	{
597	if (!$this->core->auth->check('categories',$this->id)) {
598	throw new Exception(__('You are not allowed to delete categories'));
599	}
600
601	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
602	'FROM '.$this->prefix.'post '.
603	'WHERE cat_id = '.(integer) $id.' '.
604	"AND blog_id = '".$this->con->escape($this->id)."' ";
605
606	$rs = $this->con->select($strReq);
607
608	if ($rs->nb_post > 0) {
609	throw new Exception(__('This category is not empty.'));
610	}
611
612	$this->categories()->deleteNode($id,true);
613	$this->triggerBlog();
614	}
615
616	/**
617	Reset categories order and relocate them to first level
618	*/
619	public function resetCategoriesOrder()
620	{
621	if (!$this->core->auth->check('categories',$this->id)) {
622	throw new Exception(__('You are not allowed to reset categories order'));
623	}
624
625	$this->categories()->resetOrder();
626	$this->triggerBlog();
627	}
628
629	private function checkCategory($title,$url,$id=null)
630	{
631	# Let's check if URL is taken...
632	$strReq =
633	'SELECT cat_url FROM '.$this->prefix.'category '.
634	"WHERE cat_url = '".$this->con->escape($url)."' ".
635	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
636	"AND blog_id = '".$this->con->escape($this->id)."' ".
637	'ORDER BY cat_url DESC';
638
639	$rs = $this->con->select($strReq);
640
641	if (!$rs->isEmpty())
642	{
643	if ($this->con->driver() == 'mysql') {
644	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
645	} elseif ($this->con->driver() == 'pgsql') {
646	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
647	} else {
648	$clause = "LIKE '".$this->con->escape($url)."%'";
649	}
650	$strReq =
651	'SELECT cat_url FROM '.$this->prefix.'category '.
652	"WHERE cat_url ".$clause.' '.
653	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
654	"AND blog_id = '".$this->con->escape($this->id)."' ".
655	'ORDER BY cat_url DESC ';
656
657	$rs = $this->con->select($strReq);
658	$a = array();
659	while ($rs->fetch()) {
660	$a[] = $rs->cat_url;
661	}
662
663	natsort($a);
664	$t_url = end($a);
665
666	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
667	$i = (integer) $m[2];
668	$url = $m[1];
669	} else {
670	$i = 1;
671	}
672
673	return $url.($i+1);
674	}
675
676	# URL is empty?
677	if ($url == '') {
678	throw new Exception(__('Empty category URL'));
679	}
680
681	return $url;
682	}
683
684	private function getCategoryCursor($cur,$id=null)
685	{
686	if ($cur->cat_title == '') {
687	throw new Exception(__('You must provide a category title'));
688	}
689
690	# If we don't have any cat_url, let's do one
691	if ($cur->cat_url == '') {
692	$cur->cat_url = text::tidyURL($cur->cat_title,false);
693	}
694
695	# Still empty ?
696	if ($cur->cat_url == '') {
697	throw new Exception(__('You must provide a category URL'));
698	} else {
699	$cur->cat_url = text::tidyURL($cur->cat_url,true);
700	}
701
702	# Check if title or url are unique
703	$cur->cat_url = $this->checkCategory($cur->cat_title,$cur->cat_url,$id);
704
705	if ($cur->cat_desc !== null) {
706	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
707	}
708	}
709	//@}
710
711	/// @name Entries management methods
712	//@{
713	/**
714	Retrieves entries. <b>$params</b> is an array taking the following
715	optionnal parameters:
716
717	- no_content: Don't retrieve entry content (excerpt and content)
718	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
719	- post_id: (integer or array) Get entry with given post_id
720	- post_url: Get entry with given post_url field
721	- user_id: (integer) Get entries belonging to given user ID
722	- cat_id: (string or array) Get entries belonging to given category ID
723	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
724	- cat_url: (string or array) Get entries belonging to given category URL
725	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
726	- post_status: (integer) Get entries with given post_status
727	- post_selected: (boolean) Get select flaged entries
728	- post_year: (integer) Get entries with given year
729	- post_month: (integer) Get entries with given month
730	- post_day: (integer) Get entries with given day
731	- post_lang: Get entries with given language code
732	- search: Get entries corresponding of the following search string
733	- columns: (array) More columns to retrieve
734	- sql: Append SQL string at the end of the query
735	- from: Append SQL string after "FROM" statement in query
736	- order: Order of results (default "ORDER BY post_dt DES")
737	- limit: Limit parameter
738	- sql_only : return the sql request instead of results. Only ids are selected
739	- exclude_post_id : (integer or array) Exclude entries with given post_id
740
741	Please note that on every cat_id or cat_url, you can add ?not to exclude
742	the category and ?sub to get subcategories.
743
744	@param params <b>array</b> Parameters
745	@param count_only <b>boolean</b> Only counts results
746	@return <b>record</b> A record with some more capabilities or the SQL request
747	*/
748	public function getPosts($params=array(),$count_only=false)
749	{
750	# --BEHAVIOR-- coreBlogBeforeGetPosts
751	$params = new ArrayObject($params);
752	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
753
754	if ($count_only)
755	{
756	$strReq = 'SELECT count(P.post_id) ';
757	}
758	elseif (!empty($params['sql_only']))
759	{
760	$strReq = 'SELECT P.post_id ';
761	}
762	else
763	{
764	if (!empty($params['no_content'])) {
765	$content_req = '';
766	} else {
767	$content_req =
768	'post_excerpt, post_excerpt_xhtml, '.
769	'post_content, post_content_xhtml, post_notes, ';
770	}
771
772	if (!empty($params['columns']) && is_array($params['columns'])) {
773	$content_req .= implode(', ',$params['columns']).', ';
774	}
775
776	$strReq =
777	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
778	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
779	'post_url, post_lang, post_title, '.$content_req.
780	'post_type, post_meta, post_status, post_selected, post_position, '.
781	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
782	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
783	'U.user_url, '.
784	'C.cat_title, C.cat_url, C.cat_desc ';
785	}
786
787	$strReq .=
788	'FROM '.$this->prefix.'post P '.
789	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
790	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
791
792	if (!empty($params['from'])) {
793	$strReq .= $params['from'].' ';
794	}
795
796	$strReq .=
797	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
798
799	if (!$this->core->auth->check('contentadmin',$this->id)) {
800	$strReq .= 'AND ((post_status = 1 ';
801
802	if ($this->without_password) {
803	$strReq .= 'AND post_password IS NULL ';
804	}
805	$strReq .= ') ';
806
807	if ($this->core->auth->userID()) {
808	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
809	} else {
810	$strReq .= ') ';
811	}
812	}
813
814	#Adding parameters
815	if (isset($params['post_type']))
816	{
817	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
818	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
819	}
820	}
821	else
822	{
823	$strReq .= "AND post_type = 'post' ";
824	}
825
826	if (isset($params['post_id']) && $params['post_id'] !== '') {
827	if (is_array($params['post_id'])) {
828	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
829	} else {
830	$params['post_id'] = array((integer) $params['post_id']);
831	}
832	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
833	}
834
835	if (isset($params['exclude_post_id']) && $params['exclude_post_id'] !== '') {
836	if (is_array($params['exclude_post_id'])) {
837	array_walk($params['exclude_post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
838	} else {
839	$params['exclude_post_id'] = array((integer) $params['exclude_post_id']);
840	}
841	$strReq .= 'AND P.post_id NOT '.$this->con->in($params['exclude_post_id']);
842	}
843
844	if (isset($params['post_url']) && $params['post_url'] !== '') {
845	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
846	}
847
848	if (!empty($params['user_id'])) {
849	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
850	}
851
852	if (isset($params['cat_id']) && $params['cat_id'] !== '')
853	{
854	if (!is_array($params['cat_id'])) {
855	$params['cat_id'] = array($params['cat_id']);
856	}
857	if (!empty($params['cat_id_not'])) {
858	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
859	}
860	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
861	}
862	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
863	{
864	if (!is_array($params['cat_url'])) {
865	$params['cat_url'] = array($params['cat_url']);
866	}
867	if (!empty($params['cat_url_not'])) {
868	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
869	}
870	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
871	}
872
873	/* Other filters */
874	if (isset($params['post_status'])) {
875	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
876	}
877
878	if (isset($params['post_selected'])) {
879	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
880	}
881
882	if (!empty($params['post_year'])) {
883	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
884	"'".sprintf('%04d',$params['post_year'])."' ";
885	}
886
887	if (!empty($params['post_month'])) {
888	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
889	"'".sprintf('%02d',$params['post_month'])."' ";
890	}
891
892	if (!empty($params['post_day'])) {
893	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
894	"'".sprintf('%02d',$params['post_day'])."' ";
895	}
896
897	if (!empty($params['post_lang'])) {
898	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
899	}
900
901	if (!empty($params['search']))
902	{
903	$words = text::splitWords($params['search']);
904
905	if (!empty($words))
906	{
907	# --BEHAVIOR-- corePostSearch
908	if ($this->core->hasBehavior('corePostSearch')) {
909	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
910	}
911
912	if ($words)
913	{
914	foreach ($words as $i => $w) {
915	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
916	}
917	$strReq .= 'AND '.implode(' AND ',$words).' ';
918	}
919	}
920	}
921
922	if (!empty($params['sql'])) {
923	$strReq .= $params['sql'].' ';
924	}
925
926	if (!$count_only)
927	{
928	if (!empty($params['order'])) {
929	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
930	} else {
931	$strReq .= 'ORDER BY post_dt DESC ';
932	}
933	}
934
935	if (!$count_only && !empty($params['limit'])) {
936	$strReq .= $this->con->limit($params['limit']);
937	}
938
939	if (!empty($params['sql_only'])) {
940	return $strReq;
941	}
942
943	$rs = $this->con->select($strReq);
944	$rs->core = $this->core;
945	$rs->_nb_media = array();
946	$rs->extend('rsExtPost');
947
948	# --BEHAVIOR-- coreBlogGetPosts
949	$this->core->callBehavior('coreBlogGetPosts',$rs);
950
951	return $rs;
952	}
953
954	/**
955	Returns a record with post id, title and date for next or previous post
956	according to the post ID.
957	$dir could be 1 (next post) or -1 (previous post).
958
959	@param post_id <b>integer</b> Post ID
960	@param dir <b>integer</b> Search direction
961	@param restrict_to_category <b>boolean</b> Restrict to post with same category
962	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
963	@return record
964	*/
965	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
966	{
967	$dt = $post->post_dt;
968	$post_id = (integer) $post->post_id;
969
970	if($dir > 0) {
971	$sign = '>';
972	$order = 'ASC';
973	}
974	else {
975	$sign = '<';
976	$order = 'DESC';
977	}
978
979	$params['post_type'] = $post->post_type;
980	$params['limit'] = 1;
981	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
982	$params['sql'] =
983	'AND ( '.
984	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
985	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
986	') ';
987
988	if ($restrict_to_category) {
989	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
990	}
991
992	if ($restrict_to_lang) {
993	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
994	}
995
996	$rs = $this->getPosts($params);
997
998	if ($rs->isEmpty()) {
999	return null;
1000	}
1001
1002	return $rs;
1003	}
1004
1005	/**
1006	Retrieves different languages and post count on blog, based on post_lang
1007	field. <var>$params</var> is an array taking the following optionnal
1008	parameters:
1009
1010	- post_type: Get only entries with given type (default "post", '' for no type)
1011	- lang: retrieve post count for selected lang
1012	- order: order statement (default post_lang DESC)
1013
1014	@param params <b>array</b> Parameters
1015	@return record
1016	*/
1017	public function getLangs($params=array())
1018	{
1019	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
1020	'FROM '.$this->prefix.'post '.
1021	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1022	"AND post_lang <> '' ".
1023	"AND post_lang IS NOT NULL ";
1024
1025	if (!$this->core->auth->check('contentadmin',$this->id)) {
1026	$strReq .= 'AND ((post_status = 1 ';
1027
1028	if ($this->without_password) {
1029	$strReq .= 'AND post_password IS NULL ';
1030	}
1031	$strReq .= ') ';
1032
1033	if ($this->core->auth->userID()) {
1034	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
1035	} else {
1036	$strReq .= ') ';
1037	}
1038	}
1039
1040	if (isset($params['post_type'])) {
1041	if ($params['post_type'] != '') {
1042	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1043	}
1044	} else {
1045	$strReq .= "AND post_type = 'post' ";
1046	}
1047
1048	if (isset($params['lang'])) {
1049	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
1050	}
1051
1052	$strReq .= 'GROUP BY post_lang ';
1053
1054	$order = 'desc';
1055	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1056	$order = $params['order'];
1057	}
1058	$strReq .= 'ORDER BY post_lang '.$order.' ';
1059
1060	return $this->con->select($strReq);
1061	}
1062
1063	/**
1064	Returns a record with all distinct blog dates and post count.
1065	<var>$params</var> is an array taking the following optionnal parameters:
1066
1067	- type: (day\|month\|year) Get days, months or years
1068	- year: (integer) Get dates for given year
1069	- month: (integer) Get dates for given month
1070	- day: (integer) Get dates for given day
1071	- cat_id: (integer) Category ID filter
1072	- cat_url: Category URL filter
1073	- post_lang: lang of the posts
1074	- next: Get date following match
1075	- previous: Get date before match
1076	- order: Sort by date "ASC" or "DESC"
1077
1078	@param params <b>array</b> Parameters array
1079	@return record
1080	*/
1081	public function getDates($params=array())
1082	{
1083	$dt_f = '%Y-%m-%d';
1084	$dt_fc = '%Y%m%d';
1085	if (isset($params['type'])) {
1086	if ($params['type'] == 'year') {
1087	$dt_f = '%Y-01-01';
1088	$dt_fc = '%Y0101';
1089	} elseif ($params['type'] == 'month') {
1090	$dt_f = '%Y-%m-01';
1091	$dt_fc = '%Y%m01';
1092	}
1093	}
1094	$dt_f .= ' 00:00:00';
1095	$dt_fc .= '000000';
1096
1097	$cat_field = $catReq = $limit = '';
1098
1099	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1100	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1101	$cat_field = ', C.cat_url ';
1102	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1103	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1104	$cat_field = ', C.cat_url ';
1105	}
1106	if (!empty($params['post_lang'])) {
1107	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1108	}
1109
1110	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1111	$cat_field.
1112	',COUNT(P.post_id) AS nb_post '.
1113	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1114	'ON P.cat_id = C.cat_id '.
1115	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1116	$catReq;
1117
1118	if (!$this->core->auth->check('contentadmin',$this->id)) {
1119	$strReq .= 'AND ((post_status = 1 ';
1120
1121	if ($this->without_password) {
1122	$strReq .= 'AND post_password IS NULL ';
1123	}
1124	$strReq .= ') ';
1125
1126	if ($this->core->auth->userID()) {
1127	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1128	} else {
1129	$strReq .= ') ';
1130	}
1131	}
1132
1133	if (!empty($params['post_type'])) {
1134	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1135	} else {
1136	$strReq .= "AND post_type = 'post' ";
1137	}
1138
1139	if (!empty($params['year'])) {
1140	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1141	}
1142
1143	if (!empty($params['month'])) {
1144	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1145	}
1146
1147	if (!empty($params['day'])) {
1148	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1149	}
1150
1151	# Get next or previous date
1152	if (!empty($params['next']) \|\| !empty($params['previous']))
1153	{
1154	if (!empty($params['next'])) {
1155	$pdir = ' > ';
1156	$params['order'] = 'asc';
1157	$dt = $params['next'];
1158	} else {
1159	$pdir = ' < ';
1160	$params['order'] = 'desc';
1161	$dt = $params['previous'];
1162	}
1163
1164	$dt = date('YmdHis',strtotime($dt));
1165
1166	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1167	$limit = $this->con->limit(1);
1168	}
1169
1170	$strReq .= 'GROUP BY dt '.$cat_field;
1171
1172	$order = 'desc';
1173	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1174	$order = $params['order'];
1175	}
1176
1177	$strReq .=
1178	'ORDER BY dt '.$order.' '.
1179	$limit;
1180
1181	$rs = $this->con->select($strReq);
1182	$rs->extend('rsExtDates');
1183	return $rs;
1184	}
1185
1186	/**
1187	Creates a new entry. Takes a cursor as input and returns the new entry
1188	ID.
1189
1190	@param cur <b>cursor</b> Post cursor
1191	@return <b>integer</b> New post ID
1192	*/
1193	public function addPost($cur)
1194	{
1195	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1196	throw new Exception(__('You are not allowed to create an entry'));
1197	}
1198
1199	$this->con->writeLock($this->prefix.'post');
1200	try
1201	{
1202	# Get ID
1203	$rs = $this->con->select(
1204	'SELECT MAX(post_id) '.
1205	'FROM '.$this->prefix.'post '
1206	);
1207
1208	$cur->post_id = (integer) $rs->f(0) + 1;
1209	$cur->blog_id = (string) $this->id;
1210	$cur->post_creadt = date('Y-m-d H:i:s');
1211	$cur->post_upddt = date('Y-m-d H:i:s');
1212	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1213
1214	# Post excerpt and content
1215	$this->getPostContent($cur,$cur->post_id);
1216
1217	$this->getPostCursor($cur);
1218
1219	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1220
1221	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1222	$cur->post_status = -2;
1223	}
1224
1225	# --BEHAVIOR-- coreBeforePostCreate
1226	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1227
1228	$cur->insert();
1229	$this->con->unlock();
1230	}
1231	catch (Exception $e)
1232	{
1233	$this->con->unlock();
1234	throw $e;
1235	}
1236
1237	# --BEHAVIOR-- coreAfterPostCreate
1238	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1239
1240	$this->triggerBlog();
1241
1242	return $cur->post_id;
1243	}
1244
1245	/**
1246	Updates an existing post.
1247
1248	@param id <b>integer</b> Post ID
1249	@param cur <b>cursor</b> Post cursor
1250	*/
1251	public function updPost($id,$cur)
1252	{
1253	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1254	throw new Exception(__('You are not allowed to update entries'));
1255	}
1256
1257	$id = (integer) $id;
1258
1259	if (empty($id)) {
1260	throw new Exception(__('No such entry ID'));
1261	}
1262
1263	# Post excerpt and content
1264	$this->getPostContent($cur,$id);
1265
1266	$this->getPostCursor($cur);
1267
1268	if ($cur->post_url !== null) {
1269	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1270	}
1271
1272	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1273	$cur->unsetField('post_status');
1274	}
1275
1276	$cur->post_upddt = date('Y-m-d H:i:s');
1277
1278	#If user is only "usage", we need to check the post's owner
1279	if (!$this->core->auth->check('contentadmin',$this->id))
1280	{
1281	$strReq = 'SELECT post_id '.
1282	'FROM '.$this->prefix.'post '.
1283	'WHERE post_id = '.$id.' '.
1284	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1285
1286	$rs = $this->con->select($strReq);
1287
1288	if ($rs->isEmpty()) {
1289	throw new Exception(__('You are not allowed to edit this entry'));
1290	}
1291	}
1292
1293	# --BEHAVIOR-- coreBeforePostUpdate
1294	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1295
1296	$cur->update('WHERE post_id = '.$id.' ');
1297
1298	# --BEHAVIOR-- coreAfterPostUpdate
1299	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1300
1301	$this->triggerBlog();
1302	}
1303
1304	/**
1305	Updates post status.
1306
1307	@param id <b>integer</b> Post ID
1308	@param status <b>integer</b> Post status
1309	*/
1310	public function updPostStatus($id,$status)
1311	{
1312	$this->updPostsStatus($id,$status);
1313	}
1314
1315	/**
1316	Updates posts status.
1317
1318	@param ids <b>mixed</b> Post(s) ID(s)
1319	@param status <b>integer</b> Post status
1320	*/
1321	public function updPostsStatus($ids,$status)
1322	{
1323	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1324	throw new Exception(__('You are not allowed to change this entry status'));
1325	}
1326
1327	$posts_ids = dcUtils::cleanIds($ids);
1328	$status = (integer) $status;
1329
1330	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1331	"AND post_id ".$this->con->in($posts_ids);
1332
1333	#If user can only publish, we need to check the post's owner
1334	if (!$this->core->auth->check('contentadmin',$this->id))
1335	{
1336	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1337	}
1338
1339	$cur = $this->con->openCursor($this->prefix.'post');
1340
1341	$cur->post_status = $status;
1342	$cur->post_upddt = date('Y-m-d H:i:s');
1343
1344	$cur->update($strReq);
1345	$this->triggerBlog();
1346	}
1347
1348	/**
1349	Updates post selection.
1350
1351	@param id <b>integer</b> Post ID
1352	@param selected <b>integer</b> Is selected post
1353	*/
1354	public function updPostSelected($id,$selected)
1355	{
1356	$this->updPostsSelected($id,$selected);
1357	}
1358
1359	/**
1360	Updates posts selection.
1361
1362	@param ids <b>mixed</b> Post(s) ID(s)
1363	@param selected <b>integer</b> Is selected post(s)
1364	*/
1365	public function updPostsSelected($ids,$selected)
1366	{
1367	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1368	throw new Exception(__('You are not allowed to change this entry category'));
1369	}
1370
1371	$posts_ids = dcUtils::cleanIds($ids);
1372	$selected = (boolean) $selected;
1373
1374	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1375	"AND post_id ".$this->con->in($posts_ids);
1376
1377	# If user is only usage, we need to check the post's owner
1378	if (!$this->core->auth->check('contentadmin',$this->id))
1379	{
1380	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1381	}
1382
1383	$cur = $this->con->openCursor($this->prefix.'post');
1384
1385	$cur->post_selected = (integer) $selected;
1386	$cur->post_upddt = date('Y-m-d H:i:s');
1387
1388	$cur->update($strReq);
1389	$this->triggerBlog();
1390	}
1391
1392	/**
1393	Updates post category. <var>$cat_id</var> can be null.
1394
1395	@param id <b>integer</b> Post ID
1396	@param cat_id <b>integer</b> Category ID
1397	*/
1398	public function updPostCategory($id,$cat_id)
1399	{
1400	$this->updPostsCategory($id,$cat_id);
1401	}
1402
1403	/**
1404	Updates posts category. <var>$cat_id</var> can be null.
1405
1406	@param ids <b>mixed</b> Post(s) ID(s)
1407	@param cat_id <b>integer</b> Category ID
1408	*/
1409	public function updPostsCategory($ids,$cat_id)
1410	{
1411	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1412	throw new Exception(__('You are not allowed to change this entry category'));
1413	}
1414
1415	$posts_ids = dcUtils::cleanIds($ids);
1416	$cat_id = (integer) $cat_id;
1417
1418	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1419	"AND post_id ".$this->con->in($posts_ids);
1420
1421	# If user is only usage, we need to check the post's owner
1422	if (!$this->core->auth->check('contentadmin',$this->id))
1423	{
1424	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1425	}
1426
1427	$cur = $this->con->openCursor($this->prefix.'post');
1428
1429	$cur->cat_id = ($cat_id ? $cat_id : null);
1430	$cur->post_upddt = date('Y-m-d H:i:s');
1431
1432	$cur->update($strReq);
1433	$this->triggerBlog();
1434	}
1435
1436	/**
1437	Updates posts category. <var>$new_cat_id</var> can be null.
1438
1439	@param old_cat_id <b>integer</b> Old category ID
1440	@param new_cat_id <b>integer</b> New category ID
1441	*/
1442	public function changePostsCategory($old_cat_id,$new_cat_id)
1443	{
1444	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1445	throw new Exception(__('You are not allowed to change entries category'));
1446	}
1447
1448	$old_cat_id = (integer) $old_cat_id;
1449	$new_cat_id = (integer) $new_cat_id;
1450
1451	$cur = $this->con->openCursor($this->prefix.'post');
1452
1453	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
1454	$cur->post_upddt = date('Y-m-d H:i:s');
1455
1456	$cur->update(
1457	'WHERE cat_id = '.$old_cat_id.' '.
1458	"AND blog_id = '".$this->con->escape($this->id)."' "
1459	);
1460	$this->triggerBlog();
1461	}
1462
1463	/**
1464	Deletes a post.
1465
1466	@param id <b>integer</b> Post ID
1467	*/
1468	public function delPost($id)
1469	{
1470	$this->delPosts($id);
1471	}
1472
1473	/**
1474	Deletes multiple posts.
1475
1476	@param ids <b>mixed</b> Post(s) ID(s)
1477	*/
1478	public function delPosts($ids)
1479	{
1480	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1481	throw new Exception(__('You are not allowed to delete entries'));
1482	}
1483
1484	$posts_ids = dcUtils::cleanIds($ids);
1485
1486	if (empty($posts_ids)) {
1487	throw new Exception(__('No such entry ID'));
1488	}
1489
1490	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1491	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1492	"AND post_id ".$this->con->in($posts_ids);
1493
1494	#If user can only delete, we need to check the post's owner
1495	if (!$this->core->auth->check('contentadmin',$this->id))
1496	{
1497	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1498	}
1499
1500	$this->con->execute($strReq);
1501	$this->triggerBlog();
1502	}
1503
1504	/**
1505	Publishes all entries flaged as "scheduled".
1506	*/
1507	public function publishScheduledEntries()
1508	{
1509	$strReq = 'SELECT post_id, post_dt, post_tz '.
1510	'FROM '.$this->prefix.'post '.
1511	'WHERE post_status = -1 '.
1512	"AND blog_id = '".$this->con->escape($this->id)."' ";
1513
1514	$rs = $this->con->select($strReq);
1515
1516	$now = dt::toUTC(time());
1517	$to_change = new ArrayObject();
1518
1519	if ($rs->isEmpty()) {
1520	return;
1521	}
1522
1523	while ($rs->fetch())
1524	{
1525	# Now timestamp with post timezone
1526	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1527
1528	# Post timestamp
1529	$post_ts = strtotime($rs->post_dt);
1530
1531	# If now_tz >= post_ts, we publish the entry
1532	if ($now_tz >= $post_ts) {
1533	$to_change[] = (integer) $rs->post_id;
1534	}
1535	}
1536	if (count($to_change))
1537	{
1538	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1539	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1540
1541	$strReq =
1542	'UPDATE '.$this->prefix.'post SET '.
1543	'post_status = 1 '.
1544	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1545	'AND post_id '.$this->con->in((array)$to_change).' ';
1546	$this->con->execute($strReq);
1547	$this->triggerBlog();
1548
1549	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1550	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1551	}
1552
1553	}
1554
1555	/**
1556	Retrieves all users having posts on current blog.
1557
1558	@param post_type <b>string</b> post_type filter (post)
1559	@return record
1560	*/
1561	public function getPostsUsers($post_type='post')
1562	{
1563	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1564	'user_displayname, user_email '.
1565	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1566	'WHERE P.user_id = U.user_id '.
1567	"AND blog_id = '".$this->con->escape($this->id)."' ";
1568
1569	if ($post_type) {
1570	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1571	}
1572
1573	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1574
1575	return $this->con->select($strReq);
1576	}
1577
1578	private function getPostsCategoryFilter($arr,$field='cat_id')
1579	{
1580	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1581
1582	$sub = array();
1583	$not = array();
1584	$queries = array();
1585
1586	foreach ($arr as $v)
1587	{
1588	$v = trim($v);
1589	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1590	$id = array_shift($args);
1591	$args = array_flip($args);
1592
1593	if (isset($args['not'])) { $not[$id] = 1; }
1594	if (isset($args['sub'])) { $sub[$id] = 1; }
1595	if ($field == 'cat_id') {
1596	if (preg_match('/^null$/i',$id)) {
1597	$queries[$id] = 'P.cat_id IS NULL';
1598	}
1599	else {
1600	$queries[$id] = 'P.cat_id = '.(integer) $id;
1601	}
1602	} else {
1603	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1604	}
1605	}
1606
1607	if (!empty($sub)) {
1608	$rs = $this->con->select(
1609	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1610	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1611	'AND '.$field.' '.$this->con->in(array_keys($sub))
1612	);
1613
1614	while ($rs->fetch()) {
1615	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1616	}
1617	}
1618
1619	# Create queries
1620	$sql = array(
1621	0 => array(), # wanted categories
1622	1 => array() # excluded categories
1623	);
1624
1625	foreach ($queries as $id => $q) {
1626	$sql[(integer) isset($not[$id])][] = $q;
1627	}
1628
1629	$sql[0] = implode(' OR ',$sql[0]);
1630	$sql[1] = implode(' OR ',$sql[1]);
1631
1632	if ($sql[0]) {
1633	$sql[0] = '('.$sql[0].')';
1634	} else {
1635	unset($sql[0]);
1636	}
1637
1638	if ($sql[1]) {
1639	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1640	} else {
1641	unset($sql[1]);
1642	}
1643
1644	return implode(' AND ',$sql);
1645	}
1646
1647	private function getPostCursor($cur,$post_id=null)
1648	{
1649	if ($cur->post_title == '') {
1650	throw new Exception(__('No entry title'));
1651	}
1652
1653	if ($cur->post_content == '') {
1654	throw new Exception(__('No entry content'));
1655	}
1656
1657	if ($cur->post_password === '') {
1658	$cur->post_password = null;
1659	}
1660
1661	if ($cur->post_dt == '') {
1662	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1663	$now = time() + $offset;
1664	$cur->post_dt = date('Y-m-d H:i:00',$now);
1665	}
1666
1667	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1668
1669	if ($cur->post_content_xhtml == '') {
1670	throw new Exception(__('No entry content'));
1671	}
1672
1673	# Words list
1674	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1675	&& $cur->post_content_xhtml !== null)
1676	{
1677	$words =
1678	$cur->post_title.' '.
1679	$cur->post_excerpt_xhtml.' '.
1680	$cur->post_content_xhtml;
1681
1682	$cur->post_words = implode(' ',text::splitWords($words));
1683	}
1684	}
1685
1686	private function getPostContent($cur,$post_id)
1687	{
1688	$post_excerpt = $cur->post_excerpt;
1689	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1690	$post_content = $cur->post_content;
1691	$post_content_xhtml = $cur->post_content_xhtml;
1692
1693	$this->setPostContent(
1694	$post_id,$cur->post_format,$cur->post_lang,
1695	$post_excerpt,$post_excerpt_xhtml,
1696	$post_content,$post_content_xhtml
1697	);
1698
1699	$cur->post_excerpt = $post_excerpt;
1700	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1701	$cur->post_content = $post_content;
1702	$cur->post_content_xhtml = $post_content_xhtml;
1703	}
1704
1705	/**
1706	Creates post HTML content, taking format and lang into account.
1707
1708	@param post_id <b>integer</b> Post ID
1709	@param format <b>string</b> Post format
1710	@param lang <b>string</b> Post lang
1711	@param excerpt <b>string</b> Post excerpt
1712	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1713	@param content <b>string</b> Post content
1714	@param[out] content_xhtml <b>string</b> Post content HTML
1715	*/
1716	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1717	{
1718	if ($format == 'wiki')
1719	{
1720	$this->core->initWikiPost();
1721	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1722	switch ($this->settings->system->note_title_tag) {
1723	case 1:
1724	$tag = 'h3';
1725	break;
1726	case 2:
1727	$tag = 'p';
1728	break;
1729	default:
1730	$tag = 'h4';
1731	break;
1732	}
1733	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1734	__('Notes').'</'.$tag.'>%s</div>');
1735	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1736	__('Note').'</'.$tag.'>%s</div>');
1737	if (strpos($lang,'fr') === 0) {
1738	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1739	}
1740	}
1741
1742	if ($excerpt) {
1743	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1744	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1745	} else {
1746	$excerpt_xhtml = '';
1747	}
1748
1749	if ($content) {
1750	$content_xhtml = $this->core->callFormater($format,$content);
1751	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1752	} else {
1753	$content_xhtml = '';
1754	}
1755
1756	# --BEHAVIOR-- coreAfterPostContentFormat
1757	$this->core->callBehavior('coreAfterPostContentFormat',array(
1758	'excerpt' => &$excerpt,
1759	'content' => &$content,
1760	'excerpt_xhtml' => &$excerpt_xhtml,
1761	'content_xhtml' => &$content_xhtml
1762	));
1763	}
1764
1765	/**
1766	Returns URL for a post according to blog setting <var>post_url_format</var>.
1767	It will try to guess URL and append some figures if needed.
1768
1769	@param url <b>string</b> Origin URL, could be empty
1770	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1771	@param post_title <b>string</b> Post title
1772	@param post_id <b>integer</b> Post ID
1773	@return <b>string</b> result URL
1774	*/
1775	public function getPostURL($url,$post_dt,$post_title,$post_id)
1776	{
1777	$url = trim($url);
1778
1779	$url_patterns = array(
1780	'{y}' => date('Y',strtotime($post_dt)),
1781	'{m}' => date('m',strtotime($post_dt)),
1782	'{d}' => date('d',strtotime($post_dt)),
1783	'{t}' => text::tidyURL($post_title),
1784	'{id}' => (integer) $post_id
1785	);
1786
1787	# If URL is empty, we create a new one
1788	if ($url == '')
1789	{
1790	# Transform with format
1791	$url = str_replace(
1792	array_keys($url_patterns),
1793	array_values($url_patterns),
1794	$this->settings->system->post_url_format
1795	);
1796	}
1797	else
1798	{
1799	$url = text::tidyURL($url);
1800	}
1801
1802	# Let's check if URL is taken...
1803	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1804	"WHERE post_url = '".$this->con->escape($url)."' ".
1805	'AND post_id <> '.(integer) $post_id. ' '.
1806	"AND blog_id = '".$this->con->escape($this->id)."' ".
1807	'ORDER BY post_url DESC';
1808
1809	$rs = $this->con->select($strReq);
1810
1811	if (!$rs->isEmpty())
1812	{
1813	if ($this->con->driver() == 'mysql') {
1814	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1815	} elseif ($this->con->driver() == 'pgsql') {
1816	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1817	} else {
1818	$clause = "LIKE '".$this->con->escape($url)."%'";
1819	}
1820	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1821	"WHERE post_url ".$clause.' '.
1822	'AND post_id <> '.(integer) $post_id.' '.
1823	"AND blog_id = '".$this->con->escape($this->id)."' ".
1824	'ORDER BY post_url DESC ';
1825
1826	$rs = $this->con->select($strReq);
1827	$a = array();
1828	while ($rs->fetch()) {
1829	$a[] = $rs->post_url;
1830	}
1831
1832	natsort($a);
1833	$t_url = end($a);
1834
1835	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1836	$i = (integer) $m[2];
1837	$url = $m[1];
1838	} else {
1839	$i = 1;
1840	}
1841
1842	return $url.($i+1);
1843	}
1844
1845	# URL is empty?
1846	if ($url == '') {
1847	throw new Exception(__('Empty entry URL'));
1848	}
1849
1850	return $url;
1851	}
1852	//@}
1853
1854	/// @name Comments management methods
1855	//@{
1856	/**
1857	Retrieves comments. <b>$params</b> is an array taking the following
1858	optionnal parameters:
1859
1860	- no_content: Don't retrieve comment content
1861	- post_type: Get only entries with given type (default no type, array for many types)
1862	- post_id: (integer) Get comments belonging to given post_id
1863	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1864	- comment_id: (integer) Get comment with given ID
1865	- comment_status: (integer) Get comments with given comment_status
1866	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1867	- comment_ip: (string) Get comments with given IP address
1868	- post_url: Get entry with given post_url field
1869	- user_id: (integer) Get entries belonging to given user ID
1870	- q_author: Search comments by author
1871	- sql: Append SQL string at the end of the query
1872	- from: Append SQL string after "FROM" statement in query
1873	- order: Order of results (default "ORDER BY comment_dt DES")
1874	- limit: Limit parameter
1875	- sql_only : return the sql request instead of results. Only ids are selected
1876
1877	@param params <b>array</b> Parameters
1878	@param count_only <b>boolean</b> Only counts results
1879	@return <b>record</b> A record with some more capabilities
1880	*/
1881	public function getComments($params=array(),$count_only=false)
1882	{
1883	if ($count_only)
1884	{
1885	$strReq = 'SELECT count(comment_id) ';
1886	}
1887	elseif (!empty($params['sql_only']))
1888	{
1889	$strReq = 'SELECT P.post_id ';
1890	}
1891	else
1892	{
1893	if (!empty($params['no_content'])) {
1894	$content_req = '';
1895	} else {
1896	$content_req = 'comment_content, ';
1897	}
1898
1899	if (!empty($params['columns']) && is_array($params['columns'])) {
1900	$content_req .= implode(', ',$params['columns']).', ';
1901	}
1902
1903	$strReq =
1904	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1905	'comment_author, comment_email, comment_site, '.
1906	$content_req.' comment_trackback, comment_status, '.
1907	'comment_spam_status, comment_spam_filter, comment_ip, '.
1908	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1909	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1910	}
1911
1912	$strReq .=
1913	'FROM '.$this->prefix.'comment C '.
1914	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1915	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1916
1917	if (!empty($params['from'])) {
1918	$strReq .= $params['from'].' ';
1919	}
1920
1921	$strReq .=
1922	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1923
1924	if (!$this->core->auth->check('contentadmin',$this->id)) {
1925	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1926
1927	if ($this->without_password) {
1928	$strReq .= 'AND post_password IS NULL ';
1929	}
1930	$strReq .= ') ';
1931
1932	if ($this->core->auth->userID()) {
1933	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1934	} else {
1935	$strReq .= ') ';
1936	}
1937	}
1938
1939	if (!empty($params['post_type']))
1940	{
1941	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1942	}
1943
1944	if (isset($params['post_id']) && $params['post_id'] !== '') {
1945	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1946	}
1947
1948	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1949	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1950	}
1951
1952	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
1953	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
1954	}
1955
1956	if (isset($params['comment_status'])) {
1957	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
1958	}
1959
1960	if (!empty($params['comment_status_not']))
1961	{
1962	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
1963	}
1964
1965	if (isset($params['comment_trackback'])) {
1966	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
1967	}
1968
1969	if (isset($params['comment_ip'])) {
1970	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
1971	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
1972	}
1973
1974	if (isset($params['q_author'])) {
1975	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
1976	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
1977	}
1978
1979	if (!empty($params['search']))
1980	{
1981	$words = text::splitWords($params['search']);
1982
1983	if (!empty($words))
1984	{
1985	# --BEHAVIOR coreCommentSearch
1986	if ($this->core->hasBehavior('coreCommentSearch')) {
1987	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
1988	}
1989
1990	if ($words)
1991	{
1992	foreach ($words as $i => $w) {
1993	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
1994	}
1995	$strReq .= 'AND '.implode(' AND ',$words).' ';
1996	}
1997	}
1998	}
1999
2000	if (!empty($params['sql'])) {
2001	$strReq .= $params['sql'].' ';
2002	}
2003
2004	if (!$count_only)
2005	{
2006	if (!empty($params['order'])) {
2007	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
2008	} else {
2009	$strReq .= 'ORDER BY comment_dt DESC ';
2010	}
2011	}
2012
2013	if (!$count_only && !empty($params['limit'])) {
2014	$strReq .= $this->con->limit($params['limit']);
2015	}
2016
2017	if (!empty($params['sql_only'])) {
2018	return $strReq;
2019	}
2020
2021	$rs = $this->con->select($strReq);
2022	$rs->core = $this->core;
2023	$rs->extend('rsExtComment');
2024
2025	# --BEHAVIOR-- coreBlogGetComments
2026	$this->core->callBehavior('coreBlogGetComments',$rs);
2027
2028	return $rs;
2029	}
2030
2031	/**
2032	Creates a new comment. Takes a cursor as input and returns the new comment
2033	ID.
2034
2035	@param cur <b>cursor</b> Comment cursor
2036	@return <b>integer</b> New comment ID
2037	*/
2038	public function addComment($cur)
2039	{
2040	$this->con->writeLock($this->prefix.'comment');
2041	try
2042	{
2043	# Get ID
2044	$rs = $this->con->select(
2045	'SELECT MAX(comment_id) '.
2046	'FROM '.$this->prefix.'comment '
2047	);
2048
2049	$cur->comment_id = (integer) $rs->f(0) + 1;
2050	$cur->comment_upddt = date('Y-m-d H:i:s');
2051
2052	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
2053	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
2054	$cur->comment_tz = $this->settings->system->blog_timezone;
2055
2056	$this->getCommentCursor($cur);
2057
2058	if ($cur->comment_ip === null) {
2059	$cur->comment_ip = http::realIP();
2060	}
2061
2062	# --BEHAVIOR-- coreBeforeCommentCreate
2063	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
2064
2065	$cur->insert();
2066	$this->con->unlock();
2067	}
2068	catch (Exception $e)
2069	{
2070	$this->con->unlock();
2071	throw $e;
2072	}
2073
2074	# --BEHAVIOR-- coreAfterCommentCreate
2075	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
2076
2077	$this->triggerComment($cur->comment_id);
2078	if ($cur->comment_status != -2) {
2079	$this->triggerBlog();
2080	}
2081	return $cur->comment_id;
2082	}
2083
2084	/**
2085	Updates an existing comment.
2086
2087	@param id <b>integer</b> Comment ID
2088	@param cur <b>cursor</b> Comment cursor
2089	*/
2090	public function updComment($id,$cur)
2091	{
2092	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
2093	throw new Exception(__('You are not allowed to update comments'));
2094	}
2095
2096	$id = (integer) $id;
2097
2098	if (empty($id)) {
2099	throw new Exception(__('No such comment ID'));
2100	}
2101
2102	$rs = $this->getComments(array('comment_id' => $id));
2103
2104	if ($rs->isEmpty()) {
2105	throw new Exception(__('No such comment ID'));
2106	}
2107
2108	#If user is only usage, we need to check the post's owner
2109	if (!$this->core->auth->check('contentadmin',$this->id))
2110	{
2111	if ($rs->user_id != $this->core->auth->userID()) {
2112	throw new Exception(__('You are not allowed to update this comment'));
2113	}
2114	}
2115
2116	$this->getCommentCursor($cur);
2117
2118	$cur->comment_upddt = date('Y-m-d H:i:s');
2119
2120	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2121	$cur->unsetField('comment_status');
2122	}
2123
2124	# --BEHAVIOR-- coreBeforeCommentUpdate
2125	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2126
2127	$cur->update('WHERE comment_id = '.$id.' ');
2128
2129	# --BEHAVIOR-- coreAfterCommentUpdate
2130	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2131
2132	$this->triggerComment($id);
2133	$this->triggerBlog();
2134	}
2135
2136	/**
2137	Updates comment status.
2138
2139	@param id <b>integer</b> Comment ID
2140	@param status <b>integer</b> Comment status
2141	*/
2142	public function updCommentStatus($id,$status)
2143	{
2144	$this->updCommentsStatus($id,$status);
2145	}
2146
2147	/**
2148	Updates comments status.
2149
2150	@param ids <b>mixed</b> Comment(s) ID(s)
2151	@param status <b>integer</b> Comment status
2152	*/
2153	public function updCommentsStatus($ids,$status)
2154	{
2155	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2156	throw new Exception(__("You are not allowed to change this comment's status"));
2157	}
2158
2159	$co_ids = dcUtils::cleanIds($ids);
2160	$status = (integer) $status;
2161
2162	$strReq =
2163	'UPDATE '.$this->prefix.'comment tc ';
2164
2165	# mySQL uses "JOIN" synthax
2166	if ($this->con->driver() == 'mysql') {
2167	$strReq .=
2168	'JOIN '.$this->prefix.'post tp ON tc.post_id = tp.post_id ';
2169	}
2170
2171	$strReq .=
2172	'SET comment_status = '.$status.' ';
2173
2174	# pgSQL uses "FROM" synthax
2175	if ($this->con->driver() != 'mysql') {
2176	$strReq .=
2177	'FROM '.$this->prefix.'post tp ';
2178	}
2179
2180	$strReq .=
2181	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
2182	'AND comment_id'.$this->con->in($co_ids);
2183
2184	# add pgSQL "WHERE" clause
2185	if ($this->con->driver() != 'mysql') {
2186	$strReq .=
2187	'AND tc.post_id = tp.post_id ';
2188	}
2189
2190	#If user is only usage, we need to check the post's owner
2191	if (!$this->core->auth->check('contentadmin',$this->id))
2192	{
2193	$strReq .=
2194	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2195	}
2196
2197	$this->con->execute($strReq);
2198	$this->triggerComments($co_ids);
2199	$this->triggerBlog();
2200	}
2201
2202	/**
2203	Delete a comment
2204
2205	@param id <b>integer</b> Comment ID
2206	*/
2207	public function delComment($id)
2208	{
2209	$this->delComments($id);
2210	}
2211
2212	/**
2213	Delete comments
2214
2215	@param ids <b>mixed</b> Comment(s) ID(s)
2216	*/
2217	public function delComments($ids)
2218	{
2219	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2220	throw new Exception(__('You are not allowed to delete comments'));
2221	}
2222
2223	$co_ids = dcUtils::cleanIds($ids);
2224
2225	if (empty($co_ids)) {
2226	throw new Exception(__('No such comment ID'));
2227	}
2228
2229	# Retrieve posts affected by comments edition
2230	$affected_posts = array();
2231	$strReq =
2232	'SELECT post_id '.
2233	'FROM '.$this->prefix.'comment '.
2234	'WHERE comment_id'.$this->con->in($co_ids).
2235	'GROUP BY post_id';
2236
2237	$rs = $this->con->select($strReq);
2238
2239	while ($rs->fetch()) {
2240	$affected_posts[] = (integer) $rs->post_id;
2241	}
2242
2243	# mySQL uses "INNER JOIN" synthax
2244	if ($this->con->driver() == 'mysql') {
2245	$strReq =
2246	'DELETE FROM tc '.
2247	'USING '.$this->prefix.'comment tc '.
2248	'INNER JOIN '.$this->prefix.'post tp ';
2249	}
2250	# pgSQL uses nothing special
2251	else {
2252	$strReq =
2253	'DELETE FROM '.$this->prefix.'comment tc '.
2254	'USING '.$this->prefix.'post tp ';
2255	}
2256
2257	$strReq .=
2258	'WHERE tc.post_id = tp.post_id '.
2259	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2260	'AND comment_id'.$this->con->in($co_ids);
2261
2262	#If user can only delete, we need to check the post's owner
2263	if (!$this->core->auth->check('contentadmin',$this->id))
2264	{
2265	$strReq .=
2266	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2267	}
2268
2269	$this->con->execute($strReq);
2270	$this->triggerComments($co_ids, true, $affected_posts);
2271	$this->triggerBlog();
2272	}
2273
2274	public function delJunkComments()
2275	{
2276	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2277	throw new Exception(__('You are not allowed to delete comments'));
2278	}
2279
2280	# mySQL uses "INNER JOIN" synthax
2281	if ($this->con->driver() == 'mysql') {
2282	$strReq =
2283	'DELETE FROM tc '.
2284	'USING '.$this->prefix.'comment tc '.
2285	'INNER JOIN '.$this->prefix.'post tp ';
2286	}
2287	# pgSQL uses nothing special
2288	else {
2289	$strReq =
2290	'DELETE FROM '.$this->prefix.'comment tc '.
2291	'USING '.$this->prefix.'post tp ';
2292	}
2293
2294	$strReq .=
2295	'WHERE tc.post_id = tp.post_id '.
2296	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2297	'AND comment_status = -2';
2298
2299	#If user can only delete, we need to check the post's owner
2300	if (!$this->core->auth->check('contentadmin',$this->id))
2301	{
2302	$strReq .=
2303	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2304	}
2305
2306	$this->con->execute($strReq);
2307	$this->triggerBlog();
2308	}
2309
2310	private function getCommentCursor($cur)
2311	{
2312	if ($cur->comment_content !== null && $cur->comment_content == '') {
2313	throw new Exception(__('You must provide a comment'));
2314	}
2315
2316	if ($cur->comment_author !== null && $cur->comment_author == '') {
2317	throw new Exception(__('You must provide an author name'));
2318	}
2319
2320	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2321	throw new Exception(__('Email address is not valid.'));
2322	}
2323
2324	if ($cur->comment_site !== null && $cur->comment_site != '') {
2325	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
2326	$cur->comment_site = 'http://'.$cur->comment_site;
2327	}else{
2328	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
2329	}
2330	}
2331
2332	if ($cur->comment_status === null) {
2333	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2334	}
2335
2336	# Words list
2337	if ($cur->comment_content !== null)
2338	{
2339	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2340	}
2341	}
2342	//@}
2343	}
2344	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 1570:f06130921ca2

Download in other formats:

Sites map