class.dc.blog.php @ 1015:10227e338321

Visit:

Revision 1015:10227e338321, 56.2 KB checked in by JcDenis, 13 years ago (diff)
Fix #1171 : Add ability to delete non empty category (and move its content)

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2011 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('pending');
94	$this->post_status['-1'] = __('scheduled');
95	$this->post_status['0'] = __('unpublished');
96	$this->post_status['1'] = __('published');
97
98	$this->comment_status['-2'] = __('junk');
99	$this->comment_status['-1'] = __('pending');
100	$this->comment_status['0'] = __('unpublished');
101	$this->comment_status['1'] = __('published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns an entry status name given to a code. Status are translated, never
124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
125
126	@param s <b>integer</b> Status code
127	@return <b>string</b> Blog status name
128	*/
129	public function getPostStatus($s)
130	{
131	if (isset($this->post_status[$s])) {
132	return $this->post_status[$s];
133	}
134	return $this->post_status['0'];
135	}
136
137	/**
138	Returns an array of available entry status codes and names.
139
140	@return <b>array</b> Simple array with codes in keys and names in value
141	*/
142	public function getAllPostStatus()
143	{
144	return $this->post_status;
145	}
146
147	/**
148	Returns an array of available comment status codes and names.
149
150	@return <b>array</b> Simple array with codes in keys and names in value
151	*/
152	public function getAllCommentStatus()
153	{
154	return $this->comment_status;
155	}
156
157	/**
158	Disallows entries password protection. You need to set it to
159	<var>false</var> while serving a public blog.
160
161	@param v <b>boolean</b>
162	*/
163	public function withoutPassword($v)
164	{
165	$this->without_password = (boolean) $v;
166	}
167	//@}
168
169	/// @name Triggers methods
170	//@{
171	/**
172	Updates blog last update date. Should be called every time you change
173	an element related to the blog.
174	*/
175	public function triggerBlog()
176	{
177	$cur = $this->con->openCursor($this->prefix.'blog');
178
179	$cur->blog_upddt = date('Y-m-d H:i:s');
180
181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
182
183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
185	}
186
187	/**
188	Updates comment and trackback counters in post table. Should be called
189	every time a comment or trackback is added, removed or changed its status.
190
191	@param id <b>integer</b> Comment ID
192	@param del <b>boolean</b> If comment is delete, set this to true
193	*/
194	public function triggerComment($id,$del=false)
195	{
196	$id = (integer) $id;
197
198	$strReq = 'SELECT post_id, comment_trackback '.
199	'FROM '.$this->prefix.'comment '.
200	'WHERE comment_id = '.$id.' ';
201
202	$rs = $this->con->select($strReq);
203
204	$post_id = $rs->post_id;
205	$tb = (boolean) $rs->comment_trackback;
206
207	$strReq = 'SELECT COUNT(post_id) '.
208	'FROM '.$this->prefix.'comment '.
209	'WHERE post_id = '.(integer) $post_id.' '.
210	'AND comment_trackback = '.(integer) $tb.' '.
211	'AND comment_status = 1 ';
212
213	if ($del) {
214	$strReq .= 'AND comment_id <> '.$id.' ';
215	}
216
217	$rs = $this->con->select($strReq);
218
219	$cur = $this->con->openCursor($this->prefix.'post');
220
221	if ($rs->isEmpty()) {
222	return;
223	}
224
225	if ($tb) {
226	$cur->nb_trackback = (integer) $rs->f(0);
227	} else {
228	$cur->nb_comment = (integer) $rs->f(0);
229	}
230
231	$cur->update('WHERE post_id = '.(integer) $post_id);
232	}
233	//@}
234
235	/// @name Categories management methods
236	//@{
237	public function categories()
238	{
239	if (!($this->categories instanceof dcCategories)) {
240	$this->categories = new dcCategories($this->core);
241	}
242
243	return $this->categories;
244	}
245
246	/**
247	Retrieves categories. <var>$params</var> is an associative array which can
248	take the following parameters:
249
250	- post_type: Get only entries with given type (default "post")
251	- cat_url: filter on cat_url field
252	- cat_id: filter on cat_id field
253	- start: start with a given category
254	- level: categories level to retrieve
255
256	@param params <b>array</b> Parameters
257	@return <b>record</b>
258	*/
259	public function getCategories($params=array())
260	{
261	$c_params = array();
262	if (isset($params['post_type'])) {
263	$c_params['post_type'] = $params['post_type'];
264	unset($params['post_type']);
265	}
266	$counter = $this->getCategoriesCounter($c_params);
267
268	$without_empty = $this->core->auth->userID() == false; # For public display
269
270	$start = isset($params['start']) ? (integer) $params['start'] : 0;
271	$l = isset($params['level']) ? (integer) $params['level'] : 0;
272
273	$rs = $this->categories()->getChildren($start,null,'desc');
274
275	# Get each categories total posts count
276	$data = array();
277	$stack = array();
278	$level = 0;
279	$cols = $rs->columns();
280	while ($rs->fetch())
281	{
282	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
283
284	if ($rs->level > $level) {
285	$nb_total = $nb_post;
286	$stack[$rs->level] = (integer) $nb_post;
287	} elseif ($rs->level == $level) {
288	$nb_total = $nb_post;
289	$stack[$rs->level] += $nb_post;
290	} else {
291	$nb_total = $stack[$rs->level+1] + $nb_post;
292	if (isset($stack[$rs->level])) {
293	$stack[$rs->level] += $nb_total;
294	} else {
295	$stack[$rs->level] = $nb_total;
296	}
297	unset($stack[$rs->level+1]);
298	}
299
300	if ($nb_total == 0 && $without_empty) {
301	continue;
302	}
303
304	$level = $rs->level;
305
306	$t = array();
307	foreach ($cols as $c) {
308	$t[$c] = $rs->f($c);
309	}
310	$t['nb_post'] = $nb_post;
311	$t['nb_total'] = $nb_total;
312
313	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
314	array_unshift($data,$t);
315	}
316	}
317
318	# We need to apply filter after counting
319	if (isset($params['cat_id']) && $params['cat_id'] !== '')
320	{
321	$found = false;
322	foreach ($data as $v) {
323	if ($v['cat_id'] == $params['cat_id']) {
324	$found = true;
325	$data = array($v);
326	break;
327	}
328	}
329	if (!$found) {
330	$data = array();
331	}
332	}
333
334	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
335	&& !isset($params['cat_id']))
336	{
337	$found = false;
338	foreach ($data as $v) {
339	if ($v['cat_url'] == $params['cat_url']) {
340	$found = true;
341	$data = array($v);
342	break;
343	}
344	}
345	if (!$found) {
346	$data = array();
347	}
348	}
349
350	return staticRecord::newFromArray($data);
351	}
352
353	/**
354	Retrieves a category by its ID.
355
356	@param id <b>integer</b> Category ID
357	@return <b>record</b>
358	*/
359	public function getCategory($id)
360	{
361	return $this->getCategories(array('cat_id' => $id));
362	}
363
364	/**
365	Retrieves parents of a given category.
366
367	@param id <b>integer</b> Category ID
368	@return <b>record</b>
369	*/
370	public function getCategoryParents($id)
371	{
372	return $this->categories()->getParents($id);
373	}
374
375	/**
376	Retrieves first parent of a given category.
377
378	@param id <b>integer</b> Category ID
379	@return <b>record</b>
380	*/
381	public function getCategoryParent($id)
382	{
383	return $this->categories()->getParent($id);
384	}
385
386	/**
387	Retrieves all category's first children
388
389	@param id <b>integer</b> Category ID
390	@return <b>record</b>
391	*/
392	public function getCategoryFirstChildren($id)
393	{
394	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
395	}
396
397	private function getCategoriesCounter($params=array())
398	{
399	$strReq =
400	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
401	'FROM '.$this->prefix.'category AS C '.
402	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
403	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
404
405	if (!$this->core->auth->userID()) {
406	$strReq .= 'AND P.post_status = 1 ';
407	}
408
409	if (!empty($params['post_type'])) {
410	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
411	}
412
413	$strReq .= 'GROUP BY C.cat_id ';
414
415	$rs = $this->con->select($strReq);
416	$counters = array();
417	while ($rs->fetch()) {
418	$counters[$rs->cat_id] = $rs->nb_post;
419	}
420
421	return $counters;
422	}
423
424	/**
425	Creates a new category. Takes a cursor as input and returns the new category
426	ID.
427
428	@param cur <b>cursor</b> Category cursor
429	@return <b>integer</b> New category ID
430	*/
431	public function addCategory($cur,$parent=0)
432	{
433	if (!$this->core->auth->check('categories',$this->id)) {
434	throw new Exception(__('You are not allowed to add categories'));
435	}
436
437	$url = array();
438	if ($parent != 0)
439	{
440	$rs = $this->getCategory($parent);
441	if ($rs->isEmpty()) {
442	$url = array();
443	} else {
444	$url[] = $rs->cat_url;
445	}
446	}
447
448	if ($cur->cat_url == '') {
449	$url[] = text::tidyURL($cur->cat_title,false);
450	} else {
451	$url[] = $cur->cat_url;
452	}
453
454	$cur->cat_url = implode('/',$url);
455
456	$this->getCategoryCursor($cur);
457	$cur->blog_id = (string) $this->id;
458
459	# --BEHAVIOR-- coreBeforeCategoryCreate
460	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
461
462	$this->categories()->addNode($cur,$parent);
463
464	# --BEHAVIOR-- coreAfterCategoryCreate
465	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
466	$this->triggerBlog();
467
468	return $cur->cat_id;
469	}
470
471	/**
472	Updates an existing category.
473
474	@param id <b>integer</b> Category ID
475	@param cur <b>cursor</b> Category cursor
476	*/
477	public function updCategory($id,$cur)
478	{
479	if (!$this->core->auth->check('categories',$this->id)) {
480	throw new Exception(__('You are not allowed to update categories'));
481	}
482
483	if ($cur->cat_url == '')
484	{
485	$url = array();
486	$rs = $this->categories()->getParents($id);
487	while ($rs->fetch()) {
488	if ($rs->index() == $rs->count()-1) {
489	$url[] = $rs->cat_url;
490	}
491	}
492
493
494	$url[] = text::tidyURL($cur->cat_title,false);
495	$cur->cat_url = implode('/',$url);
496	}
497
498	$this->getCategoryCursor($cur,$id);
499
500	# --BEHAVIOR-- coreBeforeCategoryUpdate
501	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
502
503	$cur->update(
504	'WHERE cat_id = '.(integer) $id.' '.
505	"AND blog_id = '".$this->con->escape($this->id)."' ");
506
507	# --BEHAVIOR-- coreAfterCategoryUpdate
508	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
509
510	$this->triggerBlog();
511	}
512
513	/**
514	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
515	instead.
516
517	@param id <b>integer</b> Category ID
518	@param order <b>integer</b> Category position
519	*/
520	public function updCategoryOrder($id,$order)
521	{
522	return;
523	}
524
525	/**
526	Set a category parent
527
528	@param id <b>integer</b> Category ID
529	@param parent <b>integer</b> Parent Category ID
530	*/
531	public function setCategoryParent($id,$parent)
532	{
533	$this->categories()->setNodeParent($id,$parent);
534	$this->triggerBlog();
535	}
536
537	/**
538	Set category position
539
540	@param id <b>integer</b> Category ID
541	@param sibling <b>integer</b> Sibling Category ID
542	@param move <b>integer</b> Order (before\|after)
543	*/
544	public function setCategoryPosition($id,$sibling,$move)
545	{
546	$this->categories()->setNodePosition($id,$sibling,$move);
547	$this->triggerBlog();
548	}
549
550	/**
551	Deletes a category.
552
553	@param id <b>integer</b> Category ID
554	*/
555	public function delCategory($id)
556	{
557	if (!$this->core->auth->check('categories',$this->id)) {
558	throw new Exception(__('You are not allowed to delete categories'));
559	}
560
561	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
562	'FROM '.$this->prefix.'post '.
563	'WHERE cat_id = '.(integer) $id.' '.
564	"AND blog_id = '".$this->con->escape($this->id)."' ";
565
566	$rs = $this->con->select($strReq);
567
568	if ($rs->nb_post > 0) {
569	throw new Exception(__('This category is not empty.'));
570	}
571
572	$this->categories()->deleteNode($id,true);
573	$this->triggerBlog();
574	}
575
576	/**
577	Reset categories order and relocate them to first level
578	*/
579	public function resetCategoriesOrder()
580	{
581	if (!$this->core->auth->check('categories',$this->id)) {
582	throw new Exception(__('You are not allowed to reset categories order'));
583	}
584
585	$this->categories()->resetOrder();
586	$this->triggerBlog();
587	}
588
589	private function checkCategory($title,$url,$id=null)
590	{
591	$strReq = 'SELECT cat_id '.
592	'FROM '.$this->prefix.'category '.
593	"WHERE cat_url = '".$this->con->escape($url)."' ".
594	"AND blog_id = '".$this->con->escape($this->id)."' ";
595
596	if ($id !== null) {
597	$strReq .= 'AND cat_id <> '.(integer) $id.' ';
598	}
599
600	$rs = $this->con->select($strReq);
601
602	if (!$rs->isEmpty()) {
603	throw new Exception(__('Category URL must be unique.'));
604	}
605	}
606
607	private function getCategoryCursor($cur,$id=null)
608	{
609	if ($cur->cat_title == '') {
610	throw new Exception(__('You must provide a category title'));
611	}
612
613	# If we don't have any cat_url, let's do one
614	if ($cur->cat_url == '') {
615	$cur->cat_url = text::tidyURL($cur->cat_title,false);
616	}
617
618	# Still empty ?
619	if ($cur->cat_url == '') {
620	throw new Exception(__('You must provide a category URL'));
621	} else {
622	$cur->cat_url = text::tidyURL($cur->cat_url,true);
623	}
624
625	# Check if title or url are unique
626	$this->checkCategory($cur->cat_title,$cur->cat_url,$id);
627
628	if ($cur->cat_desc !== null) {
629	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
630	}
631	}
632	//@}
633
634	/// @name Entries management methods
635	//@{
636	/**
637	Retrieves entries. <b>$params</b> is an array taking the following
638	optionnal parameters:
639
640	- no_content: Don't retrieve entry content (excerpt and content)
641	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
642	- post_id: (integer) Get entry with given post_id
643	- post_url: Get entry with given post_url field
644	- user_id: (integer) Get entries belonging to given user ID
645	- cat_id: (string or array) Get entries belonging to given category ID
646	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
647	- cat_url: (string or array) Get entries belonging to given category URL
648	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
649	- post_status: (integer) Get entries with given post_status
650	- post_selected: (boolean) Get select flaged entries
651	- post_year: (integer) Get entries with given year
652	- post_month: (integer) Get entries with given month
653	- post_day: (integer) Get entries with given day
654	- post_lang: Get entries with given language code
655	- search: Get entries corresponding of the following search string
656	- columns: (array) More columns to retrieve
657	- sql: Append SQL string at the end of the query
658	- from: Append SQL string after "FROM" statement in query
659	- order: Order of results (default "ORDER BY post_dt DES")
660	- limit: Limit parameter
661	- sql_only : return the sql request instead of results. Only ids are selected
662
663	Please note that on every cat_id or cat_url, you can add ?not to exclude
664	the category and ?sub to get subcategories.
665
666	@param params <b>array</b> Parameters
667	@param count_only <b>boolean</b> Only counts results
668	@return <b>record</b> A record with some more capabilities or the SQL request
669	*/
670	public function getPosts($params=array(),$count_only=false)
671	{
672	# --BEHAVIOR-- coreBlogBeforeGetPosts
673	$params = new ArrayObject($params);
674	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
675
676	if ($count_only)
677	{
678	$strReq = 'SELECT count(P.post_id) ';
679	}
680	elseif (!empty($params['sql_only']))
681	{
682	$strReq = 'SELECT P.post_id ';
683	}
684	else
685	{
686	if (!empty($params['no_content'])) {
687	$content_req = '';
688	} else {
689	$content_req =
690	'post_excerpt, post_excerpt_xhtml, '.
691	'post_content, post_content_xhtml, post_notes, ';
692	}
693
694	if (!empty($params['columns']) && is_array($params['columns'])) {
695	$content_req .= implode(', ',$params['columns']).', ';
696	}
697
698	$strReq =
699	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
700	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
701	'post_url, post_lang, post_title, '.$content_req.
702	'post_type, post_meta, post_status, post_selected, post_position, '.
703	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
704	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
705	'U.user_url, '.
706	'C.cat_title, C.cat_url, C.cat_desc ';
707	}
708
709	$strReq .=
710	'FROM '.$this->prefix.'post P '.
711	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
712	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
713
714	if (!empty($params['from'])) {
715	$strReq .= $params['from'].' ';
716	}
717
718	$strReq .=
719	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
720
721	if (!$this->core->auth->check('contentadmin',$this->id)) {
722	$strReq .= 'AND ((post_status = 1 ';
723
724	if ($this->without_password) {
725	$strReq .= 'AND post_password IS NULL ';
726	}
727	$strReq .= ') ';
728
729	if ($this->core->auth->userID()) {
730	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
731	} else {
732	$strReq .= ') ';
733	}
734	}
735
736	#Adding parameters
737	if (isset($params['post_type']))
738	{
739	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
740	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
741	}
742	}
743	else
744	{
745	$strReq .= "AND post_type = 'post' ";
746	}
747
748	if (isset($params['post_id']) && $params['post_id'] !== '') {
749	if (is_array($params['post_id'])) {
750	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
751	} else {
752	$params['post_id'] = array((integer) $params['post_id']);
753	}
754	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
755	}
756
757	if (isset($params['post_url']) && $params['post_url'] !== '') {
758	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
759	}
760
761	if (!empty($params['user_id'])) {
762	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
763	}
764
765	if (isset($params['cat_id']) && $params['cat_id'] !== '')
766	{
767	if (!is_array($params['cat_id'])) {
768	$params['cat_id'] = array($params['cat_id']);
769	}
770	if (!empty($params['cat_id_not'])) {
771	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
772	}
773	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
774	}
775	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
776	{
777	if (!is_array($params['cat_url'])) {
778	$params['cat_url'] = array($params['cat_url']);
779	}
780	if (!empty($params['cat_url_not'])) {
781	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
782	}
783	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
784	}
785
786	/* Other filters */
787	if (isset($params['post_status'])) {
788	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
789	}
790
791	if (isset($params['post_selected'])) {
792	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
793	}
794
795	if (!empty($params['post_year'])) {
796	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
797	"'".sprintf('%04d',$params['post_year'])."' ";
798	}
799
800	if (!empty($params['post_month'])) {
801	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
802	"'".sprintf('%02d',$params['post_month'])."' ";
803	}
804
805	if (!empty($params['post_day'])) {
806	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
807	"'".sprintf('%02d',$params['post_day'])."' ";
808	}
809
810	if (!empty($params['post_lang'])) {
811	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
812	}
813
814	if (!empty($params['search']))
815	{
816	$words = text::splitWords($params['search']);
817
818	if (!empty($words))
819	{
820	# --BEHAVIOR-- corePostSearch
821	if ($this->core->hasBehavior('corePostSearch')) {
822	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
823	}
824
825	if ($words)
826	{
827	foreach ($words as $i => $w) {
828	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
829	}
830	$strReq .= 'AND '.implode(' AND ',$words).' ';
831	}
832	}
833	}
834
835	if (!empty($params['sql'])) {
836	$strReq .= $params['sql'].' ';
837	}
838
839	if (!$count_only)
840	{
841	if (!empty($params['order'])) {
842	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
843	} else {
844	$strReq .= 'ORDER BY post_dt DESC ';
845	}
846	}
847
848	if (!$count_only && !empty($params['limit'])) {
849	$strReq .= $this->con->limit($params['limit']);
850	}
851
852	if (!empty($params['sql_only'])) {
853	return $strReq;
854	}
855
856	$rs = $this->con->select($strReq);
857	$rs->core = $this->core;
858	$rs->_nb_media = array();
859	$rs->extend('rsExtPost');
860
861	# --BEHAVIOR-- coreBlogGetPosts
862	$this->core->callBehavior('coreBlogGetPosts',$rs);
863
864	return $rs;
865	}
866
867	/**
868	Returns a record with post id, title and date for next or previous post
869	according to the post ID.
870	$dir could be 1 (next post) or -1 (previous post).
871
872	@param post_id <b>integer</b> Post ID
873	@param dir <b>integer</b> Search direction
874	@param restrict_to_category <b>boolean</b> Restrict to post with same category
875	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
876	@return record
877	*/
878	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
879	{
880	$dt = $post->post_dt;
881	$post_id = (integer) $post->post_id;
882
883	if($dir > 0) {
884	$sign = '>';
885	$order = 'ASC';
886	}
887	else {
888	$sign = '<';
889	$order = 'DESC';
890	}
891
892	$params['post_type'] = $post->post_type;
893	$params['limit'] = 1;
894	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
895	$params['sql'] =
896	'AND ( '.
897	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
898	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
899	') ';
900
901	if ($restrict_to_category) {
902	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
903	}
904
905	if ($restrict_to_lang) {
906	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
907	}
908
909	$rs = $this->getPosts($params);
910
911	if ($rs->isEmpty()) {
912	return null;
913	}
914
915	return $rs;
916	}
917
918	/**
919	Retrieves different languages and post count on blog, based on post_lang
920	field. <var>$params</var> is an array taking the following optionnal
921	parameters:
922
923	- post_type: Get only entries with given type (default "post", '' for no type)
924	- lang: retrieve post count for selected lang
925	- order: order statement (default post_lang DESC)
926
927	@param params <b>array</b> Parameters
928	@return record
929	*/
930	public function getLangs($params=array())
931	{
932	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
933	'FROM '.$this->prefix.'post '.
934	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
935	"AND post_lang <> '' ".
936	"AND post_lang IS NOT NULL ";
937
938	if (!$this->core->auth->check('contentadmin',$this->id)) {
939	$strReq .= 'AND ((post_status = 1 ';
940
941	if ($this->without_password) {
942	$strReq .= 'AND post_password IS NULL ';
943	}
944	$strReq .= ') ';
945
946	if ($this->core->auth->userID()) {
947	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
948	} else {
949	$strReq .= ') ';
950	}
951	}
952
953	if (isset($params['post_type'])) {
954	if ($params['post_type'] != '') {
955	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
956	}
957	} else {
958	$strReq .= "AND post_type = 'post' ";
959	}
960
961	if (isset($params['lang'])) {
962	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
963	}
964
965	$strReq .= 'GROUP BY post_lang ';
966
967	$order = 'desc';
968	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
969	$order = $params['order'];
970	}
971	$strReq .= 'ORDER BY post_lang '.$order.' ';
972
973	return $this->con->select($strReq);
974	}
975
976	/**
977	Returns a record with all distinct blog dates and post count.
978	<var>$params</var> is an array taking the following optionnal parameters:
979
980	- type: (day\|month\|year) Get days, months or years
981	- year: (integer) Get dates for given year
982	- month: (integer) Get dates for given month
983	- day: (integer) Get dates for given day
984	- cat_id: (integer) Category ID filter
985	- cat_url: Category URL filter
986	- post_lang: lang of the posts
987	- next: Get date following match
988	- previous: Get date before match
989	- order: Sort by date "ASC" or "DESC"
990
991	@param params <b>array</b> Parameters array
992	@return record
993	*/
994	public function getDates($params=array())
995	{
996	$dt_f = '%Y-%m-%d';
997	$dt_fc = '%Y%m%d';
998	if (isset($params['type'])) {
999	if ($params['type'] == 'year') {
1000	$dt_f = '%Y-01-01';
1001	$dt_fc = '%Y0101';
1002	} elseif ($params['type'] == 'month') {
1003	$dt_f = '%Y-%m-01';
1004	$dt_fc = '%Y%m01';
1005	}
1006	}
1007	$dt_f .= ' 00:00:00';
1008	$dt_fc .= '000000';
1009
1010	$cat_field = $catReq = $limit = '';
1011
1012	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1013	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1014	$cat_field = ', C.cat_url ';
1015	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1016	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1017	$cat_field = ', C.cat_url ';
1018	}
1019	if (!empty($params['post_lang'])) {
1020	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1021	}
1022
1023	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1024	$cat_field.
1025	',COUNT(P.post_id) AS nb_post '.
1026	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1027	'ON P.cat_id = C.cat_id '.
1028	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1029	$catReq;
1030
1031	if (!$this->core->auth->check('contentadmin',$this->id)) {
1032	$strReq .= 'AND ((post_status = 1 ';
1033
1034	if ($this->without_password) {
1035	$strReq .= 'AND post_password IS NULL ';
1036	}
1037	$strReq .= ') ';
1038
1039	if ($this->core->auth->userID()) {
1040	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1041	} else {
1042	$strReq .= ') ';
1043	}
1044	}
1045
1046	if (!empty($params['post_type'])) {
1047	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1048	} else {
1049	$strReq .= "AND post_type = 'post' ";
1050	}
1051
1052	if (!empty($params['year'])) {
1053	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1054	}
1055
1056	if (!empty($params['month'])) {
1057	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1058	}
1059
1060	if (!empty($params['day'])) {
1061	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1062	}
1063
1064	# Get next or previous date
1065	if (!empty($params['next']) \|\| !empty($params['previous']))
1066	{
1067	if (!empty($params['next'])) {
1068	$pdir = ' > ';
1069	$params['order'] = 'asc';
1070	$dt = $params['next'];
1071	} else {
1072	$pdir = ' < ';
1073	$params['order'] = 'desc';
1074	$dt = $params['previous'];
1075	}
1076
1077	$dt = date('YmdHis',strtotime($dt));
1078
1079	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1080	$limit = $this->con->limit(1);
1081	}
1082
1083	$strReq .= 'GROUP BY dt '.$cat_field;
1084
1085	$order = 'desc';
1086	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1087	$order = $params['order'];
1088	}
1089
1090	$strReq .=
1091	'ORDER BY dt '.$order.' '.
1092	$limit;
1093
1094	$rs = $this->con->select($strReq);
1095	$rs->extend('rsExtDates');
1096	return $rs;
1097	}
1098
1099	/**
1100	Creates a new entry. Takes a cursor as input and returns the new entry
1101	ID.
1102
1103	@param cur <b>cursor</b> Post cursor
1104	@return <b>integer</b> New post ID
1105	*/
1106	public function addPost($cur)
1107	{
1108	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1109	throw new Exception(__('You are not allowed to create an entry'));
1110	}
1111
1112	$this->con->writeLock($this->prefix.'post');
1113	try
1114	{
1115	# Get ID
1116	$rs = $this->con->select(
1117	'SELECT MAX(post_id) '.
1118	'FROM '.$this->prefix.'post '
1119	);
1120
1121	$cur->post_id = (integer) $rs->f(0) + 1;
1122	$cur->blog_id = (string) $this->id;
1123	$cur->post_creadt = date('Y-m-d H:i:s');
1124	$cur->post_upddt = date('Y-m-d H:i:s');
1125	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1126
1127	# Post excerpt and content
1128	$this->getPostContent($cur,$cur->post_id);
1129
1130	$this->getPostCursor($cur);
1131
1132	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1133
1134	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1135	$cur->post_status = -2;
1136	}
1137
1138	# --BEHAVIOR-- coreBeforePostCreate
1139	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1140
1141	$cur->insert();
1142	$this->con->unlock();
1143	}
1144	catch (Exception $e)
1145	{
1146	$this->con->unlock();
1147	throw $e;
1148	}
1149
1150	# --BEHAVIOR-- coreAfterPostCreate
1151	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1152
1153	$this->triggerBlog();
1154
1155	return $cur->post_id;
1156	}
1157
1158	/**
1159	Updates an existing post.
1160
1161	@param id <b>integer</b> Post ID
1162	@param cur <b>cursor</b> Post cursor
1163	*/
1164	public function updPost($id,$cur)
1165	{
1166	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1167	throw new Exception(__('You are not allowed to update entries'));
1168	}
1169
1170	$id = (integer) $id;
1171
1172	if (empty($id)) {
1173	throw new Exception(__('No such entry ID'));
1174	}
1175
1176	# Post excerpt and content
1177	$this->getPostContent($cur,$id);
1178
1179	$this->getPostCursor($cur);
1180
1181	if ($cur->post_url !== null) {
1182	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1183	}
1184
1185	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1186	$cur->unsetField('post_status');
1187	}
1188
1189	$cur->post_upddt = date('Y-m-d H:i:s');
1190
1191	#If user is only "usage", we need to check the post's owner
1192	if (!$this->core->auth->check('contentadmin',$this->id))
1193	{
1194	$strReq = 'SELECT post_id '.
1195	'FROM '.$this->prefix.'post '.
1196	'WHERE post_id = '.$id.' '.
1197	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1198
1199	$rs = $this->con->select($strReq);
1200
1201	if ($rs->isEmpty()) {
1202	throw new Exception(__('You are not allowed to edit this entry'));
1203	}
1204	}
1205
1206	# --BEHAVIOR-- coreBeforePostUpdate
1207	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1208
1209	$cur->update('WHERE post_id = '.$id.' ');
1210
1211	# --BEHAVIOR-- coreAfterPostUpdate
1212	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1213
1214	$this->triggerBlog();
1215	}
1216
1217	/**
1218	Updates post status.
1219
1220	@param id <b>integer</b> Post ID
1221	@param status <b>integer</b> Post status
1222	*/
1223	public function updPostStatus($id,$status)
1224	{
1225	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1226	throw new Exception(__('You are not allowed to change this entry status'));
1227	}
1228
1229	$id = (integer) $id;
1230	$status = (integer) $status;
1231
1232	#If user can only publish, we need to check the post's owner
1233	if (!$this->core->auth->check('contentadmin',$this->id))
1234	{
1235	$strReq = 'SELECT post_id '.
1236	'FROM '.$this->prefix.'post '.
1237	'WHERE post_id = '.$id.' '.
1238	"AND blog_id = '".$this->con->escape($this->id)."' ".
1239	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1240
1241	$rs = $this->con->select($strReq);
1242
1243	if ($rs->isEmpty()) {
1244	throw new Exception(__('You are not allowed to change this entry status'));
1245	}
1246	}
1247
1248	$cur = $this->con->openCursor($this->prefix.'post');
1249
1250	$cur->post_status = $status;
1251	$cur->post_upddt = date('Y-m-d H:i:s');
1252
1253	$cur->update(
1254	'WHERE post_id = '.$id.' '.
1255	"AND blog_id = '".$this->con->escape($this->id)."' "
1256	);
1257	$this->triggerBlog();
1258	}
1259
1260	public function updPostSelected($id,$selected)
1261	{
1262	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1263	throw new Exception(__('You are not allowed to change this entry category'));
1264	}
1265
1266	$id = (integer) $id;
1267	$selected = (boolean) $selected;
1268
1269	# If user is only usage, we need to check the post's owner
1270	if (!$this->core->auth->check('contentadmin',$this->id))
1271	{
1272	$strReq = 'SELECT post_id '.
1273	'FROM '.$this->prefix.'post '.
1274	'WHERE post_id = '.$id.' '.
1275	"AND blog_id = '".$this->con->escape($this->id)."' ".
1276	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1277
1278	$rs = $this->con->select($strReq);
1279
1280	if ($rs->isEmpty()) {
1281	throw new Exception(__('You are not allowed to mark this entry as selected'));
1282	}
1283	}
1284
1285	$cur = $this->con->openCursor($this->prefix.'post');
1286
1287	$cur->post_selected = (integer) $selected;
1288	$cur->post_upddt = date('Y-m-d H:i:s');
1289
1290	$cur->update(
1291	'WHERE post_id = '.$id.' '.
1292	"AND blog_id = '".$this->con->escape($this->id)."' "
1293	);
1294	$this->triggerBlog();
1295	}
1296
1297	/**
1298	Updates post category. <var>$cat_id</var> can be null.
1299
1300	@param id <b>integer</b> Post ID
1301	@param cat_id <b>integer</b> Category ID
1302	*/
1303	public function updPostCategory($id,$cat_id)
1304	{
1305	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1306	throw new Exception(__('You are not allowed to change this entry category'));
1307	}
1308
1309	$id = (integer) $id;
1310	$cat_id = (integer) $cat_id;
1311
1312	# If user is only usage, we need to check the post's owner
1313	if (!$this->core->auth->check('contentadmin',$this->id))
1314	{
1315	$strReq = 'SELECT post_id '.
1316	'FROM '.$this->prefix.'post '.
1317	'WHERE post_id = '.$id.' '.
1318	"AND blog_id = '".$this->con->escape($this->id)."' ".
1319	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1320
1321	$rs = $this->con->select($strReq);
1322
1323	if ($rs->isEmpty()) {
1324	throw new Exception(__('You are not allowed to change this entry category'));
1325	}
1326	}
1327
1328	$cur = $this->con->openCursor($this->prefix.'post');
1329
1330	$cur->cat_id = ($cat_id ? $cat_id : null);
1331	$cur->post_upddt = date('Y-m-d H:i:s');
1332
1333	$cur->update(
1334	'WHERE post_id = '.$id.' '.
1335	"AND blog_id = '".$this->con->escape($this->id)."' "
1336	);
1337	$this->triggerBlog();
1338	}
1339
1340	/**
1341	Updates posts category. <var>$new_cat_id</var> can be null.
1342
1343	@param old_cat_id <b>integer</b> Old category ID
1344	@param new_cat_id <b>integer</b> New category ID
1345	*/
1346	public function updPostsCategory($old_cat_id,$new_cat_id)
1347	{
1348	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1349	throw new Exception(__('You are not allowed to change entries category'));
1350	}
1351
1352	$old_cat_id = (integer) $old_cat_id;
1353	$new_cat_id = (integer) $new_cat_id;
1354
1355	$cur = $this->con->openCursor($this->prefix.'post');
1356
1357	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
1358	$cur->post_upddt = date('Y-m-d H:i:s');
1359
1360	$cur->update(
1361	'WHERE cat_id = '.$old_cat_id.' '.
1362	"AND blog_id = '".$this->con->escape($this->id)."' "
1363	);
1364	$this->triggerBlog();
1365	}
1366
1367	/**
1368	Deletes a post.
1369
1370	@param id <b>integer</b> Post ID
1371	*/
1372	public function delPost($id)
1373	{
1374	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1375	throw new Exception(__('You are not allowed to delete entries'));
1376	}
1377
1378	$id = (integer) $id;
1379
1380	if (empty($id)) {
1381	throw new Exception(__('No such entry ID'));
1382	}
1383
1384	#If user can only delete, we need to check the post's owner
1385	if (!$this->core->auth->check('contentadmin',$this->id))
1386	{
1387	$strReq = 'SELECT post_id '.
1388	'FROM '.$this->prefix.'post '.
1389	'WHERE post_id = '.$id.' '.
1390	"AND blog_id = '".$this->con->escape($this->id)."' ".
1391	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1392
1393	$rs = $this->con->select($strReq);
1394
1395	if ($rs->isEmpty()) {
1396	throw new Exception(__('You are not allowed to delete this entry'));
1397	}
1398	}
1399
1400
1401	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1402	'WHERE post_id = '.$id.' '.
1403	"AND blog_id = '".$this->con->escape($this->id)."' ";
1404
1405	$this->con->execute($strReq);
1406	$this->triggerBlog();
1407	}
1408
1409	/**
1410	Publishes all entries flaged as "scheduled".
1411	*/
1412	public function publishScheduledEntries()
1413	{
1414	$strReq = 'SELECT post_id, post_dt, post_tz '.
1415	'FROM '.$this->prefix.'post '.
1416	'WHERE post_status = -1 '.
1417	"AND blog_id = '".$this->con->escape($this->id)."' ";
1418
1419	$rs = $this->con->select($strReq);
1420
1421	$now = dt::toUTC(time());
1422	$to_change = new ArrayObject();
1423
1424	if ($rs->isEmpty()) {
1425	return;
1426	}
1427
1428	while ($rs->fetch())
1429	{
1430	# Now timestamp with post timezone
1431	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1432
1433	# Post timestamp
1434	$post_ts = strtotime($rs->post_dt);
1435
1436	# If now_tz >= post_ts, we publish the entry
1437	if ($now_tz >= $post_ts) {
1438	$to_change[] = (integer) $rs->post_id;
1439	}
1440	}
1441	if (count($to_change))
1442	{
1443	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1444	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1445
1446	$strReq =
1447	'UPDATE '.$this->prefix.'post SET '.
1448	'post_status = 1 '.
1449	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1450	'AND post_id '.$this->con->in((array)$to_change).' ';
1451	$this->con->execute($strReq);
1452	$this->triggerBlog();
1453
1454	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1455	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1456	}
1457
1458	}
1459
1460	/**
1461	Retrieves all users having posts on current blog.
1462
1463	@param post_type <b>string</b> post_type filter (post)
1464	@return record
1465	*/
1466	public function getPostsUsers($post_type='post')
1467	{
1468	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1469	'user_displayname, user_email '.
1470	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1471	'WHERE P.user_id = U.user_id '.
1472	"AND blog_id = '".$this->con->escape($this->id)."' ";
1473
1474	if ($post_type) {
1475	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1476	}
1477
1478	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1479
1480	return $this->con->select($strReq);
1481	}
1482
1483	private function getPostsCategoryFilter($arr,$field='cat_id')
1484	{
1485	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1486
1487	$sub = array();
1488	$not = array();
1489	$queries = array();
1490
1491	foreach ($arr as $v)
1492	{
1493	$v = trim($v);
1494	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1495	$id = array_shift($args);
1496	$args = array_flip($args);
1497
1498	if (isset($args['not'])) { $not[$id] = 1; }
1499	if (isset($args['sub'])) { $sub[$id] = 1; }
1500	if ($field == 'cat_id') {
1501	if (preg_match('/^null$/i',$id)) {
1502	$queries[$id] = 'P.cat_id IS NULL';
1503	}
1504	else {
1505	$queries[$id] = 'P.cat_id = '.(integer) $id;
1506	}
1507	} else {
1508	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1509	}
1510	}
1511
1512	if (!empty($sub)) {
1513	$rs = $this->con->select(
1514	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1515	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1516	'AND '.$field.' '.$this->con->in(array_keys($sub))
1517	);
1518
1519	while ($rs->fetch()) {
1520	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1521	}
1522	}
1523
1524	# Create queries
1525	$sql = array(
1526	0 => array(), # wanted categories
1527	1 => array() # excluded categories
1528	);
1529
1530	foreach ($queries as $id => $q) {
1531	$sql[(integer) isset($not[$id])][] = $q;
1532	}
1533
1534	$sql[0] = implode(' OR ',$sql[0]);
1535	$sql[1] = implode(' OR ',$sql[1]);
1536
1537	if ($sql[0]) {
1538	$sql[0] = '('.$sql[0].')';
1539	} else {
1540	unset($sql[0]);
1541	}
1542
1543	if ($sql[1]) {
1544	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1545	} else {
1546	unset($sql[1]);
1547	}
1548
1549	return implode(' AND ',$sql);
1550	}
1551
1552	private function getPostCursor($cur,$post_id=null)
1553	{
1554	if ($cur->post_title == '') {
1555	throw new Exception(__('No entry title'));
1556	}
1557
1558	if ($cur->post_content == '') {
1559	throw new Exception(__('No entry content'));
1560	}
1561
1562	if ($cur->post_password === '') {
1563	$cur->post_password = null;
1564	}
1565
1566	if ($cur->post_dt == '') {
1567	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1568	$now = time() + $offset;
1569	$cur->post_dt = date('Y-m-d H:i:00',$now);
1570	}
1571
1572	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1573
1574	if ($cur->post_content_xhtml == '') {
1575	throw new Exception(__('No entry content'));
1576	}
1577
1578	# Words list
1579	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1580	&& $cur->post_content_xhtml !== null)
1581	{
1582	$words =
1583	$cur->post_title.' '.
1584	$cur->post_excerpt_xhtml.' '.
1585	$cur->post_content_xhtml;
1586
1587	$cur->post_words = implode(' ',text::splitWords($words));
1588	}
1589	}
1590
1591	private function getPostContent($cur,$post_id)
1592	{
1593	$post_excerpt = $cur->post_excerpt;
1594	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1595	$post_content = $cur->post_content;
1596	$post_content_xhtml = $cur->post_content_xhtml;
1597
1598	$this->setPostContent(
1599	$post_id,$cur->post_format,$cur->post_lang,
1600	$post_excerpt,$post_excerpt_xhtml,
1601	$post_content,$post_content_xhtml
1602	);
1603
1604	$cur->post_excerpt = $post_excerpt;
1605	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1606	$cur->post_content = $post_content;
1607	$cur->post_content_xhtml = $post_content_xhtml;
1608	}
1609
1610	/**
1611	Creates post HTML content, taking format and lang into account.
1612
1613	@param post_id <b>integer</b> Post ID
1614	@param format <b>string</b> Post format
1615	@param lang <b>string</b> Post lang
1616	@param excerpt <b>string</b> Post excerpt
1617	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1618	@param content <b>string</b> Post content
1619	@param[out] content_xhtml <b>string</b> Post content HTML
1620	*/
1621	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1622	{
1623	if ($format == 'wiki')
1624	{
1625	$this->core->initWikiPost();
1626	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1627	switch ($this->settings->system->note_title_tag) {
1628	case 1:
1629	$tag = 'h3';
1630	break;
1631	case 2:
1632	$tag = 'p';
1633	break;
1634	default:
1635	$tag = 'h4';
1636	break;
1637	}
1638	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1639	__('Notes').'</'.$tag.'>%s</div>');
1640	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1641	__('Note').'</'.$tag.'>%s</div>');
1642	if (strpos($lang,'fr') === 0) {
1643	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1644	}
1645	}
1646
1647	if ($excerpt) {
1648	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1649	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1650	} else {
1651	$excerpt_xhtml = '';
1652	}
1653
1654	if ($content) {
1655	$content_xhtml = $this->core->callFormater($format,$content);
1656	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1657	} else {
1658	$content_xhtml = '';
1659	}
1660
1661	# --BEHAVIOR-- coreAfterPostContentFormat
1662	$this->core->callBehavior('coreAfterPostContentFormat',array(
1663	'excerpt' => &$excerpt,
1664	'content' => &$content,
1665	'excerpt_xhtml' => &$excerpt_xhtml,
1666	'content_xhtml' => &$content_xhtml
1667	));
1668	}
1669
1670	/**
1671	Returns URL for a post according to blog setting <var>post_url_format</var>.
1672	It will try to guess URL and append some figures if needed.
1673
1674	@param url <b>string</b> Origin URL, could be empty
1675	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1676	@param post_title <b>string</b> Post title
1677	@param post_id <b>integer</b> Post ID
1678	@return <b>string</b> result URL
1679	*/
1680	public function getPostURL($url,$post_dt,$post_title,$post_id)
1681	{
1682	$url = trim($url);
1683
1684	$url_patterns = array(
1685	'{y}' => date('Y',strtotime($post_dt)),
1686	'{m}' => date('m',strtotime($post_dt)),
1687	'{d}' => date('d',strtotime($post_dt)),
1688	'{t}' => text::tidyURL($post_title),
1689	'{id}' => (integer) $post_id
1690	);
1691
1692	# If URL is empty, we create a new one
1693	if ($url == '')
1694	{
1695	# Transform with format
1696	$url = str_replace(
1697	array_keys($url_patterns),
1698	array_values($url_patterns),
1699	$this->settings->system->post_url_format
1700	);
1701	}
1702	else
1703	{
1704	$url = text::tidyURL($url);
1705	}
1706
1707	# Let's check if URL is taken...
1708	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1709	"WHERE post_url = '".$this->con->escape($url)."' ".
1710	'AND post_id <> '.(integer) $post_id. ' '.
1711	"AND blog_id = '".$this->con->escape($this->id)."' ".
1712	'ORDER BY post_url DESC';
1713
1714	$rs = $this->con->select($strReq);
1715
1716	if (!$rs->isEmpty())
1717	{
1718	if ($this->con->driver() == 'mysql') {
1719	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1720	} elseif ($this->con->driver() == 'pgsql') {
1721	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1722	} else {
1723	$clause = "LIKE '".$this->con->escape($url)."%'";
1724	}
1725	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1726	"WHERE post_url ".$clause.' '.
1727	'AND post_id <> '.(integer) $post_id.' '.
1728	"AND blog_id = '".$this->con->escape($this->id)."' ".
1729	'ORDER BY post_url DESC ';
1730
1731	$rs = $this->con->select($strReq);
1732	$a = array();
1733	while ($rs->fetch()) {
1734	$a[] = $rs->post_url;
1735	}
1736
1737	natsort($a);
1738	$t_url = end($a);
1739
1740	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1741	$i = (integer) $m[2];
1742	$url = $m[1];
1743	} else {
1744	$i = 1;
1745	}
1746
1747	return $url.($i+1);
1748	}
1749
1750	# URL is empty?
1751	if ($url == '') {
1752	throw new Exception(__('Empty entry URL'));
1753	}
1754
1755	return $url;
1756	}
1757	//@}
1758
1759	/// @name Comments management methods
1760	//@{
1761	/**
1762	Retrieves comments. <b>$params</b> is an array taking the following
1763	optionnal parameters:
1764
1765	- no_content: Don't retrieve comment content
1766	- post_type: Get only entries with given type (default no type, array for many types)
1767	- post_id: (integer) Get comments belonging to given post_id
1768	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1769	- comment_id: (integer) Get comment with given ID
1770	- comment_status: (integer) Get comments with given comment_status
1771	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1772	- comment_ip: (string) Get comments with given IP address
1773	- post_url: Get entry with given post_url field
1774	- user_id: (integer) Get entries belonging to given user ID
1775	- q_author: Search comments by author
1776	- sql: Append SQL string at the end of the query
1777	- from: Append SQL string after "FROM" statement in query
1778	- order: Order of results (default "ORDER BY comment_dt DES")
1779	- limit: Limit parameter
1780	- sql_only : return the sql request instead of results. Only ids are selected
1781
1782	@param params <b>array</b> Parameters
1783	@param count_only <b>boolean</b> Only counts results
1784	@return <b>record</b> A record with some more capabilities
1785	*/
1786	public function getComments($params=array(),$count_only=false)
1787	{
1788	if ($count_only)
1789	{
1790	$strReq = 'SELECT count(comment_id) ';
1791	}
1792	elseif (!empty($params['sql_only']))
1793	{
1794	$strReq = 'SELECT P.post_id ';
1795	}
1796	else
1797	{
1798	if (!empty($params['no_content'])) {
1799	$content_req = '';
1800	} else {
1801	$content_req = 'comment_content, ';
1802	}
1803
1804	if (!empty($params['columns']) && is_array($params['columns'])) {
1805	$content_req .= implode(', ',$params['columns']).', ';
1806	}
1807
1808	$strReq =
1809	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1810	'comment_author, comment_email, comment_site, '.
1811	$content_req.' comment_trackback, comment_status, '.
1812	'comment_spam_status, comment_spam_filter, comment_ip, '.
1813	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1814	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1815	}
1816
1817	$strReq .=
1818	'FROM '.$this->prefix.'comment C '.
1819	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1820	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1821
1822	if (!empty($params['from'])) {
1823	$strReq .= $params['from'].' ';
1824	}
1825
1826	$strReq .=
1827	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1828
1829	if (!$this->core->auth->check('contentadmin',$this->id)) {
1830	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1831
1832	if ($this->without_password) {
1833	$strReq .= 'AND post_password IS NULL ';
1834	}
1835	$strReq .= ') ';
1836
1837	if ($this->core->auth->userID()) {
1838	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1839	} else {
1840	$strReq .= ') ';
1841	}
1842	}
1843
1844	if (!empty($params['post_type']))
1845	{
1846	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1847	}
1848
1849	if (isset($params['post_id']) && $params['post_id'] !== '') {
1850	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1851	}
1852
1853	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1854	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1855	}
1856
1857	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
1858	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
1859	}
1860
1861	if (isset($params['comment_status'])) {
1862	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
1863	}
1864
1865	if (!empty($params['comment_status_not']))
1866	{
1867	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
1868	}
1869
1870	if (isset($params['comment_trackback'])) {
1871	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
1872	}
1873
1874	if (isset($params['comment_ip'])) {
1875	$strReq .= "AND comment_ip = '".$this->con->escape($params['comment_ip'])."' ";
1876	}
1877
1878	if (isset($params['q_author'])) {
1879	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
1880	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
1881	}
1882
1883	if (!empty($params['search']))
1884	{
1885	$words = text::splitWords($params['search']);
1886
1887	if (!empty($words))
1888	{
1889	# --BEHAVIOR coreCommentSearch
1890	if ($this->core->hasBehavior('coreCommentSearch')) {
1891	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
1892	}
1893
1894	if ($words)
1895	{
1896	foreach ($words as $i => $w) {
1897	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
1898	}
1899	$strReq .= 'AND '.implode(' AND ',$words).' ';
1900	}
1901	}
1902	}
1903
1904	if (!empty($params['sql'])) {
1905	$strReq .= $params['sql'].' ';
1906	}
1907
1908	if (!$count_only)
1909	{
1910	if (!empty($params['order'])) {
1911	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
1912	} else {
1913	$strReq .= 'ORDER BY comment_dt DESC ';
1914	}
1915	}
1916
1917	if (!$count_only && !empty($params['limit'])) {
1918	$strReq .= $this->con->limit($params['limit']);
1919	}
1920
1921	if (!empty($params['sql_only'])) {
1922	return $strReq;
1923	}
1924
1925	$rs = $this->con->select($strReq);
1926	$rs->core = $this->core;
1927	$rs->extend('rsExtComment');
1928
1929	# --BEHAVIOR-- coreBlogGetComments
1930	$this->core->callBehavior('coreBlogGetComments',$rs);
1931
1932	return $rs;
1933	}
1934
1935	/**
1936	Creates a new comment. Takes a cursor as input and returns the new comment
1937	ID.
1938
1939	@param cur <b>cursor</b> Comment cursor
1940	@return <b>integer</b> New comment ID
1941	*/
1942	public function addComment($cur)
1943	{
1944	$this->con->writeLock($this->prefix.'comment');
1945	try
1946	{
1947	# Get ID
1948	$rs = $this->con->select(
1949	'SELECT MAX(comment_id) '.
1950	'FROM '.$this->prefix.'comment '
1951	);
1952
1953	$cur->comment_id = (integer) $rs->f(0) + 1;
1954	$cur->comment_upddt = date('Y-m-d H:i:s');
1955
1956	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
1957	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
1958	$cur->comment_tz = $this->settings->system->blog_timezone;
1959
1960	$this->getCommentCursor($cur);
1961
1962	if ($cur->comment_ip === null) {
1963	$cur->comment_ip = http::realIP();
1964	}
1965
1966	# --BEHAVIOR-- coreBeforeCommentCreate
1967	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
1968
1969	$cur->insert();
1970	$this->con->unlock();
1971	}
1972	catch (Exception $e)
1973	{
1974	$this->con->unlock();
1975	throw $e;
1976	}
1977
1978	# --BEHAVIOR-- coreAfterCommentCreate
1979	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
1980
1981	$this->triggerComment($cur->comment_id);
1982	if ($cur->comment_status != -2) {
1983	$this->triggerBlog();
1984	}
1985	return $cur->comment_id;
1986	}
1987
1988	/**
1989	Updates an existing comment.
1990
1991	@param id <b>integer</b> Comment ID
1992	@param cur <b>cursor</b> Comment cursor
1993	*/
1994	public function updComment($id,$cur)
1995	{
1996	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1997	throw new Exception(__('You are not allowed to update comments'));
1998	}
1999
2000	$id = (integer) $id;
2001
2002	if (empty($id)) {
2003	throw new Exception(__('No such comment ID'));
2004	}
2005
2006	$rs = $this->getComments(array('comment_id' => $id));
2007
2008	if ($rs->isEmpty()) {
2009	throw new Exception(__('No such comment ID'));
2010	}
2011
2012	#If user is only usage, we need to check the post's owner
2013	if (!$this->core->auth->check('contentadmin',$this->id))
2014	{
2015	if ($rs->user_id != $this->core->auth->userID()) {
2016	throw new Exception(__('You are not allowed to update this comment'));
2017	}
2018	}
2019
2020	$this->getCommentCursor($cur);
2021
2022	$cur->comment_upddt = date('Y-m-d H:i:s');
2023
2024	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2025	$cur->unsetField('comment_status');
2026	}
2027
2028	# --BEHAVIOR-- coreBeforeCommentUpdate
2029	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2030
2031	$cur->update('WHERE comment_id = '.$id.' ');
2032
2033	# --BEHAVIOR-- coreAfterCommentUpdate
2034	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2035
2036	$this->triggerComment($id);
2037	$this->triggerBlog();
2038	}
2039
2040	/**
2041	Updates comment status.
2042
2043	@param id <b>integer</b> Comment ID
2044	@param status <b>integer</b> Comment status
2045	*/
2046	public function updCommentStatus($id,$status)
2047	{
2048	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2049	throw new Exception(__("You are not allowed to change this comment's status"));
2050	}
2051
2052	$cur = $this->con->openCursor($this->prefix.'comment');
2053	$cur->comment_status = (integer) $status;
2054	$this->updComment($id,$cur);
2055	}
2056
2057	/**
2058	Delete a comment
2059
2060	@param id <b>integer</b> Comment ID
2061	*/
2062	public function delComment($id)
2063	{
2064	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2065	throw new Exception(__('You are not allowed to delete comments'));
2066	}
2067
2068	$id = (integer) $id;
2069
2070	if (empty($id)) {
2071	throw new Exception(__('No such comment ID'));
2072	}
2073
2074	#If user can only delete, we need to check the post's owner
2075	if (!$this->core->auth->check('contentadmin',$this->id))
2076	{
2077	$strReq = 'SELECT P.post_id '.
2078	'FROM '.$this->prefix.'post P, '.$this->prefix.'comment C '.
2079	'WHERE P.post_id = C.post_id '.
2080	"AND P.blog_id = '".$this->con->escape($this->id)."' ".
2081	'AND comment_id = '.$id.' '.
2082	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2083
2084	$rs = $this->con->select($strReq);
2085
2086	if ($rs->isEmpty()) {
2087	throw new Exception(__('You are not allowed to delete this comment'));
2088	}
2089	}
2090
2091	$strReq = 'DELETE FROM '.$this->prefix.'comment '.
2092	'WHERE comment_id = '.$id.' ';
2093
2094	$this->triggerComment($id,true);
2095	$this->con->execute($strReq);
2096	$this->triggerBlog();
2097	}
2098
2099	private function getCommentCursor($cur)
2100	{
2101	if ($cur->comment_content !== null && $cur->comment_content == '') {
2102	throw new Exception(__('You must provide a comment'));
2103	}
2104
2105	if ($cur->comment_author !== null && $cur->comment_author == '') {
2106	throw new Exception(__('You must provide an author name'));
2107	}
2108
2109	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2110	throw new Exception(__('Email address is not valid.'));
2111	}
2112
2113	if ($cur->comment_site !== null && $cur->comment_site != '') {
2114	if (!preg_match('\|^http(s?)://\|',$cur->comment_site)) {
2115	$cur->comment_site = 'http://'.$cur->comment_site;
2116	}
2117	}
2118
2119	if ($cur->comment_status === null) {
2120	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2121	}
2122
2123	# Words list
2124	if ($cur->comment_content !== null)
2125	{
2126	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2127	}
2128	}
2129	//@}
2130	}
2131	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 1015:10227e338321

Download in other formats:

Sites map