class.dc.blog.php @ 1261:797b03c6a9ef

Visit:

Revision 1261:797b03c6a9ef, 60.0 KB checked in by franck <carnet.franck.paul@…>, 12 years ago (diff)
Fix category cursor before corresponding behaviour, fixes #1365, thanks sogos/sogox for patch and tests

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('pending');
94	$this->post_status['-1'] = __('scheduled');
95	$this->post_status['0'] = __('unpublished');
96	$this->post_status['1'] = __('published');
97
98	$this->comment_status['-2'] = __('junk');
99	$this->comment_status['-1'] = __('pending');
100	$this->comment_status['0'] = __('unpublished');
101	$this->comment_status['1'] = __('published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns an entry status name given to a code. Status are translated, never
124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
125
126	@param s <b>integer</b> Status code
127	@return <b>string</b> Blog status name
128	*/
129	public function getPostStatus($s)
130	{
131	if (isset($this->post_status[$s])) {
132	return $this->post_status[$s];
133	}
134	return $this->post_status['0'];
135	}
136
137	/**
138	Returns an array of available entry status codes and names.
139
140	@return <b>array</b> Simple array with codes in keys and names in value
141	*/
142	public function getAllPostStatus()
143	{
144	return $this->post_status;
145	}
146
147	/**
148	Returns an array of available comment status codes and names.
149
150	@return <b>array</b> Simple array with codes in keys and names in value
151	*/
152	public function getAllCommentStatus()
153	{
154	return $this->comment_status;
155	}
156
157	/**
158	Disallows entries password protection. You need to set it to
159	<var>false</var> while serving a public blog.
160
161	@param v <b>boolean</b>
162	*/
163	public function withoutPassword($v)
164	{
165	$this->without_password = (boolean) $v;
166	}
167	//@}
168
169	/// @name Triggers methods
170	//@{
171	/**
172	Updates blog last update date. Should be called every time you change
173	an element related to the blog.
174	*/
175	public function triggerBlog()
176	{
177	$cur = $this->con->openCursor($this->prefix.'blog');
178
179	$cur->blog_upddt = date('Y-m-d H:i:s');
180
181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
182
183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
185	}
186
187	/**
188	Updates comment and trackback counters in post table. Should be called
189	every time a comment or trackback is added, removed or changed its status.
190
191	@param id <b>integer</b> Comment ID
192	@param del <b>boolean</b> If comment is delete, set this to true
193	*/
194	public function triggerComment($id,$del=false)
195	{
196	$this->triggerComments($id,$del);
197	}
198
199	/**
200	Updates comments and trackbacks counters in post table. Should be called
201	every time comments or trackbacks are added, removed or changed there status.
202
203	@param ids <b>mixed</b> Comment(s) ID(s)
204	@param del <b>boolean</b> If comment is delete, set this to true
205	*/
206	public function triggerComments($ids,$del=false)
207	{
208	$co_ids = dcUtils::cleanIds($ids);
209
210	# a) Retrieve posts affected by comments edition
211	$strReq =
212	'SELECT post_id, comment_trackback '.
213	'FROM '.$this->prefix.'comment '.
214	'WHERE comment_id'.$this->con->in($co_ids).
215	'GROUP BY post_id,comment_trackback';
216
217	$rs = $this->con->select($strReq);
218
219	$a_ids = $a_tbs = array();
220	while ($rs->fetch()) {
221	$a_ids[] = (integer) $rs->post_id;
222	$a_tbs[] = (integer) $rs->comment_trackback;
223	}
224
225	# b) Count comments of each posts previously retrieved
226	# Note that this does not return posts without comment
227	$strReq =
228	'SELECT post_id, COUNT(post_id) AS nb_comment,comment_trackback '.
229	'FROM '.$this->prefix.'comment '.
230	'WHERE comment_status = 1 '.
231	(count($a_ids) > 0 ? 'AND post_id'.$this->con->in($a_ids) : ' ');
232
233	if ($del) {
234	$strReq .=
235	'AND comment_id NOT'.$this->con->in($co_ids);
236	}
237
238	$strReq .=
239	'GROUP BY post_id,comment_trackback';
240
241	$rs = $this->con->select($strReq);
242
243	$b_ids = $b_tbs = $b_nbs = array();
244	while ($rs->fetch()) {
245	$b_ids[] = (integer) $rs->post_id;
246	$b_tbs[] = (integer) $rs->comment_trackback;
247	$b_nbs[] = (integer) $rs->nb_comment;
248	}
249
250	# c) Update comments numbers on posts
251	# This compare previous requests to update also posts without comment
252	$cur = $this->con->openCursor($this->prefix.'post');
253
254	foreach($a_ids as $a_key => $a_id)
255	{
256	$nb_comment = $nb_trackback = 0;
257	foreach($b_ids as $b_key => $b_id)
258	{
259	if ($a_id != $b_id \|\| $a_tbs[$a_key] != $b_tbs[$b_key]) {
260	continue;
261	}
262
263	if ($b_tbs[$b_key]) {
264	$nb_trackback = $b_nbs[$b_key];
265	} else {
266	$nb_comment = $b_nbs[$b_key];
267	}
268	}
269
270	if ($a_tbs[$a_key]) {
271	$cur->nb_trackback = $nb_trackback;
272	} else {
273	$cur->nb_comment = $nb_comment;
274	}
275	$cur->update('WHERE post_id = '.$a_id);
276	}
277	}
278	//@}
279
280	/// @name Categories management methods
281	//@{
282	public function categories()
283	{
284	if (!($this->categories instanceof dcCategories)) {
285	$this->categories = new dcCategories($this->core);
286	}
287
288	return $this->categories;
289	}
290
291	/**
292	Retrieves categories. <var>$params</var> is an associative array which can
293	take the following parameters:
294
295	- post_type: Get only entries with given type (default "post")
296	- cat_url: filter on cat_url field
297	- cat_id: filter on cat_id field
298	- start: start with a given category
299	- level: categories level to retrieve
300
301	@param params <b>array</b> Parameters
302	@return <b>record</b>
303	*/
304	public function getCategories($params=array())
305	{
306	$c_params = array();
307	if (isset($params['post_type'])) {
308	$c_params['post_type'] = $params['post_type'];
309	unset($params['post_type']);
310	}
311	$counter = $this->getCategoriesCounter($c_params);
312
313	$without_empty = $this->core->auth->userID() == false; # For public display
314
315	$start = isset($params['start']) ? (integer) $params['start'] : 0;
316	$l = isset($params['level']) ? (integer) $params['level'] : 0;
317
318	$rs = $this->categories()->getChildren($start,null,'desc');
319
320	# Get each categories total posts count
321	$data = array();
322	$stack = array();
323	$level = 0;
324	$cols = $rs->columns();
325	while ($rs->fetch())
326	{
327	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
328
329	if ($rs->level > $level) {
330	$nb_total = $nb_post;
331	$stack[$rs->level] = (integer) $nb_post;
332	} elseif ($rs->level == $level) {
333	$nb_total = $nb_post;
334	$stack[$rs->level] += $nb_post;
335	} else {
336	$nb_total = $stack[$rs->level+1] + $nb_post;
337	if (isset($stack[$rs->level])) {
338	$stack[$rs->level] += $nb_total;
339	} else {
340	$stack[$rs->level] = $nb_total;
341	}
342	unset($stack[$rs->level+1]);
343	}
344
345	if ($nb_total == 0 && $without_empty) {
346	continue;
347	}
348
349	$level = $rs->level;
350
351	$t = array();
352	foreach ($cols as $c) {
353	$t[$c] = $rs->f($c);
354	}
355	$t['nb_post'] = $nb_post;
356	$t['nb_total'] = $nb_total;
357
358	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
359	array_unshift($data,$t);
360	}
361	}
362
363	# We need to apply filter after counting
364	if (isset($params['cat_id']) && $params['cat_id'] !== '')
365	{
366	$found = false;
367	foreach ($data as $v) {
368	if ($v['cat_id'] == $params['cat_id']) {
369	$found = true;
370	$data = array($v);
371	break;
372	}
373	}
374	if (!$found) {
375	$data = array();
376	}
377	}
378
379	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
380	&& !isset($params['cat_id']))
381	{
382	$found = false;
383	foreach ($data as $v) {
384	if ($v['cat_url'] == $params['cat_url']) {
385	$found = true;
386	$data = array($v);
387	break;
388	}
389	}
390	if (!$found) {
391	$data = array();
392	}
393	}
394
395	return staticRecord::newFromArray($data);
396	}
397
398	/**
399	Retrieves a category by its ID.
400
401	@param id <b>integer</b> Category ID
402	@return <b>record</b>
403	*/
404	public function getCategory($id)
405	{
406	return $this->getCategories(array('cat_id' => $id));
407	}
408
409	/**
410	Retrieves parents of a given category.
411
412	@param id <b>integer</b> Category ID
413	@return <b>record</b>
414	*/
415	public function getCategoryParents($id)
416	{
417	return $this->categories()->getParents($id);
418	}
419
420	/**
421	Retrieves first parent of a given category.
422
423	@param id <b>integer</b> Category ID
424	@return <b>record</b>
425	*/
426	public function getCategoryParent($id)
427	{
428	return $this->categories()->getParent($id);
429	}
430
431	/**
432	Retrieves all category's first children
433
434	@param id <b>integer</b> Category ID
435	@return <b>record</b>
436	*/
437	public function getCategoryFirstChildren($id)
438	{
439	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
440	}
441
442	private function getCategoriesCounter($params=array())
443	{
444	$strReq =
445	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
446	'FROM '.$this->prefix.'category AS C '.
447	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
448	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
449
450	if (!$this->core->auth->userID()) {
451	$strReq .= 'AND P.post_status = 1 ';
452	}
453
454	if (!empty($params['post_type'])) {
455	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
456	}
457
458	$strReq .= 'GROUP BY C.cat_id ';
459
460	$rs = $this->con->select($strReq);
461	$counters = array();
462	while ($rs->fetch()) {
463	$counters[$rs->cat_id] = $rs->nb_post;
464	}
465
466	return $counters;
467	}
468
469	/**
470	Creates a new category. Takes a cursor as input and returns the new category
471	ID.
472
473	@param cur <b>cursor</b> Category cursor
474	@return <b>integer</b> New category ID
475	*/
476	public function addCategory($cur,$parent=0)
477	{
478	if (!$this->core->auth->check('categories',$this->id)) {
479	throw new Exception(__('You are not allowed to add categories'));
480	}
481
482	$url = array();
483	if ($parent != 0)
484	{
485	$rs = $this->getCategory($parent);
486	if ($rs->isEmpty()) {
487	$url = array();
488	} else {
489	$url[] = $rs->cat_url;
490	}
491	}
492
493	if ($cur->cat_url == '') {
494	$url[] = text::tidyURL($cur->cat_title,false);
495	} else {
496	$url[] = $cur->cat_url;
497	}
498
499	$cur->cat_url = implode('/',$url);
500
501	$this->getCategoryCursor($cur);
502	$cur->blog_id = (string) $this->id;
503
504	# --BEHAVIOR-- coreBeforeCategoryCreate
505	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
506
507	$id = $this->categories()->addNode($cur,$parent);
508	# Update category's cursor
509	$rs = $this->getCategory($id);
510	if (!$rs->isEmpty()) {
511	$cur->cat_lft = $rs->cat_lft;
512	$cur->cat_rgt = $rs->cat_rgt;
513	}
514
515	# --BEHAVIOR-- coreAfterCategoryCreate
516	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
517	$this->triggerBlog();
518
519	return $cur->cat_id;
520	}
521
522	/**
523	Updates an existing category.
524
525	@param id <b>integer</b> Category ID
526	@param cur <b>cursor</b> Category cursor
527	*/
528	public function updCategory($id,$cur)
529	{
530	if (!$this->core->auth->check('categories',$this->id)) {
531	throw new Exception(__('You are not allowed to update categories'));
532	}
533
534	if ($cur->cat_url == '')
535	{
536	$url = array();
537	$rs = $this->categories()->getParents($id);
538	while ($rs->fetch()) {
539	if ($rs->index() == $rs->count()-1) {
540	$url[] = $rs->cat_url;
541	}
542	}
543
544
545	$url[] = text::tidyURL($cur->cat_title,false);
546	$cur->cat_url = implode('/',$url);
547	}
548
549	$this->getCategoryCursor($cur,$id);
550
551	# --BEHAVIOR-- coreBeforeCategoryUpdate
552	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
553
554	$cur->update(
555	'WHERE cat_id = '.(integer) $id.' '.
556	"AND blog_id = '".$this->con->escape($this->id)."' ");
557
558	# --BEHAVIOR-- coreAfterCategoryUpdate
559	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
560
561	$this->triggerBlog();
562	}
563
564	/**
565	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
566	instead.
567
568	@param id <b>integer</b> Category ID
569	@param order <b>integer</b> Category position
570	*/
571	public function updCategoryOrder($id,$order)
572	{
573	return;
574	}
575
576	/**
577	Set a category parent
578
579	@param id <b>integer</b> Category ID
580	@param parent <b>integer</b> Parent Category ID
581	*/
582	public function setCategoryParent($id,$parent)
583	{
584	$this->categories()->setNodeParent($id,$parent);
585	$this->triggerBlog();
586	}
587
588	/**
589	Set category position
590
591	@param id <b>integer</b> Category ID
592	@param sibling <b>integer</b> Sibling Category ID
593	@param move <b>integer</b> Order (before\|after)
594	*/
595	public function setCategoryPosition($id,$sibling,$move)
596	{
597	$this->categories()->setNodePosition($id,$sibling,$move);
598	$this->triggerBlog();
599	}
600
601	/**
602	Deletes a category.
603
604	@param id <b>integer</b> Category ID
605	*/
606	public function delCategory($id)
607	{
608	if (!$this->core->auth->check('categories',$this->id)) {
609	throw new Exception(__('You are not allowed to delete categories'));
610	}
611
612	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
613	'FROM '.$this->prefix.'post '.
614	'WHERE cat_id = '.(integer) $id.' '.
615	"AND blog_id = '".$this->con->escape($this->id)."' ";
616
617	$rs = $this->con->select($strReq);
618
619	if ($rs->nb_post > 0) {
620	throw new Exception(__('This category is not empty.'));
621	}
622
623	$this->categories()->deleteNode($id,true);
624	$this->triggerBlog();
625	}
626
627	/**
628	Reset categories order and relocate them to first level
629	*/
630	public function resetCategoriesOrder()
631	{
632	if (!$this->core->auth->check('categories',$this->id)) {
633	throw new Exception(__('You are not allowed to reset categories order'));
634	}
635
636	$this->categories()->resetOrder();
637	$this->triggerBlog();
638	}
639
640	private function checkCategory($title,$url,$id=null)
641	{
642	$strReq = 'SELECT cat_id '.
643	'FROM '.$this->prefix.'category '.
644	"WHERE cat_url = '".$this->con->escape($url)."' ".
645	"AND blog_id = '".$this->con->escape($this->id)."' ";
646
647	if ($id !== null) {
648	$strReq .= 'AND cat_id <> '.(integer) $id.' ';
649	}
650
651	$rs = $this->con->select($strReq);
652
653	if (!$rs->isEmpty()) {
654	throw new Exception(__('Category URL must be unique.'));
655	}
656	}
657
658	private function getCategoryCursor($cur,$id=null)
659	{
660	if ($cur->cat_title == '') {
661	throw new Exception(__('You must provide a category title'));
662	}
663
664	# If we don't have any cat_url, let's do one
665	if ($cur->cat_url == '') {
666	$cur->cat_url = text::tidyURL($cur->cat_title,false);
667	}
668
669	# Still empty ?
670	if ($cur->cat_url == '') {
671	throw new Exception(__('You must provide a category URL'));
672	} else {
673	$cur->cat_url = text::tidyURL($cur->cat_url,true);
674	}
675
676	# Check if title or url are unique
677	$this->checkCategory($cur->cat_title,$cur->cat_url,$id);
678
679	if ($cur->cat_desc !== null) {
680	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
681	}
682	}
683	//@}
684
685	/// @name Entries management methods
686	//@{
687	/**
688	Retrieves entries. <b>$params</b> is an array taking the following
689	optionnal parameters:
690
691	- no_content: Don't retrieve entry content (excerpt and content)
692	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
693	- post_id: (integer) Get entry with given post_id
694	- post_url: Get entry with given post_url field
695	- user_id: (integer) Get entries belonging to given user ID
696	- cat_id: (string or array) Get entries belonging to given category ID
697	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
698	- cat_url: (string or array) Get entries belonging to given category URL
699	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
700	- post_status: (integer) Get entries with given post_status
701	- post_selected: (boolean) Get select flaged entries
702	- post_year: (integer) Get entries with given year
703	- post_month: (integer) Get entries with given month
704	- post_day: (integer) Get entries with given day
705	- post_lang: Get entries with given language code
706	- search: Get entries corresponding of the following search string
707	- columns: (array) More columns to retrieve
708	- sql: Append SQL string at the end of the query
709	- from: Append SQL string after "FROM" statement in query
710	- order: Order of results (default "ORDER BY post_dt DES")
711	- limit: Limit parameter
712	- sql_only : return the sql request instead of results. Only ids are selected
713
714	Please note that on every cat_id or cat_url, you can add ?not to exclude
715	the category and ?sub to get subcategories.
716
717	@param params <b>array</b> Parameters
718	@param count_only <b>boolean</b> Only counts results
719	@return <b>record</b> A record with some more capabilities or the SQL request
720	*/
721	public function getPosts($params=array(),$count_only=false)
722	{
723	# --BEHAVIOR-- coreBlogBeforeGetPosts
724	$params = new ArrayObject($params);
725	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
726
727	if ($count_only)
728	{
729	$strReq = 'SELECT count(P.post_id) ';
730	}
731	elseif (!empty($params['sql_only']))
732	{
733	$strReq = 'SELECT P.post_id ';
734	}
735	else
736	{
737	if (!empty($params['no_content'])) {
738	$content_req = '';
739	} else {
740	$content_req =
741	'post_excerpt, post_excerpt_xhtml, '.
742	'post_content, post_content_xhtml, post_notes, ';
743	}
744
745	if (!empty($params['columns']) && is_array($params['columns'])) {
746	$content_req .= implode(', ',$params['columns']).', ';
747	}
748
749	$strReq =
750	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
751	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
752	'post_url, post_lang, post_title, '.$content_req.
753	'post_type, post_meta, post_status, post_selected, post_position, '.
754	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
755	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
756	'U.user_url, '.
757	'C.cat_title, C.cat_url, C.cat_desc ';
758	}
759
760	$strReq .=
761	'FROM '.$this->prefix.'post P '.
762	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
763	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
764
765	if (!empty($params['from'])) {
766	$strReq .= $params['from'].' ';
767	}
768
769	$strReq .=
770	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
771
772	if (!$this->core->auth->check('contentadmin',$this->id)) {
773	$strReq .= 'AND ((post_status = 1 ';
774
775	if ($this->without_password) {
776	$strReq .= 'AND post_password IS NULL ';
777	}
778	$strReq .= ') ';
779
780	if ($this->core->auth->userID()) {
781	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
782	} else {
783	$strReq .= ') ';
784	}
785	}
786
787	#Adding parameters
788	if (isset($params['post_type']))
789	{
790	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
791	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
792	}
793	}
794	else
795	{
796	$strReq .= "AND post_type = 'post' ";
797	}
798
799	if (isset($params['post_id']) && $params['post_id'] !== '') {
800	if (is_array($params['post_id'])) {
801	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
802	} else {
803	$params['post_id'] = array((integer) $params['post_id']);
804	}
805	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
806	}
807
808	if (isset($params['post_url']) && $params['post_url'] !== '') {
809	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
810	}
811
812	if (!empty($params['user_id'])) {
813	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
814	}
815
816	if (isset($params['cat_id']) && $params['cat_id'] !== '')
817	{
818	if (!is_array($params['cat_id'])) {
819	$params['cat_id'] = array($params['cat_id']);
820	}
821	if (!empty($params['cat_id_not'])) {
822	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
823	}
824	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
825	}
826	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
827	{
828	if (!is_array($params['cat_url'])) {
829	$params['cat_url'] = array($params['cat_url']);
830	}
831	if (!empty($params['cat_url_not'])) {
832	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
833	}
834	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
835	}
836
837	/* Other filters */
838	if (isset($params['post_status'])) {
839	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
840	}
841
842	if (isset($params['post_selected'])) {
843	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
844	}
845
846	if (!empty($params['post_year'])) {
847	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
848	"'".sprintf('%04d',$params['post_year'])."' ";
849	}
850
851	if (!empty($params['post_month'])) {
852	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
853	"'".sprintf('%02d',$params['post_month'])."' ";
854	}
855
856	if (!empty($params['post_day'])) {
857	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
858	"'".sprintf('%02d',$params['post_day'])."' ";
859	}
860
861	if (!empty($params['post_lang'])) {
862	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
863	}
864
865	if (!empty($params['search']))
866	{
867	$words = text::splitWords($params['search']);
868
869	if (!empty($words))
870	{
871	# --BEHAVIOR-- corePostSearch
872	if ($this->core->hasBehavior('corePostSearch')) {
873	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
874	}
875
876	if ($words)
877	{
878	foreach ($words as $i => $w) {
879	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
880	}
881	$strReq .= 'AND '.implode(' AND ',$words).' ';
882	}
883	}
884	}
885
886	if (!empty($params['sql'])) {
887	$strReq .= $params['sql'].' ';
888	}
889
890	if (!$count_only)
891	{
892	if (!empty($params['order'])) {
893	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
894	} else {
895	$strReq .= 'ORDER BY post_dt DESC ';
896	}
897	}
898
899	if (!$count_only && !empty($params['limit'])) {
900	$strReq .= $this->con->limit($params['limit']);
901	}
902
903	if (!empty($params['sql_only'])) {
904	return $strReq;
905	}
906
907	$rs = $this->con->select($strReq);
908	$rs->core = $this->core;
909	$rs->_nb_media = array();
910	$rs->extend('rsExtPost');
911
912	# --BEHAVIOR-- coreBlogGetPosts
913	$this->core->callBehavior('coreBlogGetPosts',$rs);
914
915	return $rs;
916	}
917
918	/**
919	Returns a record with post id, title and date for next or previous post
920	according to the post ID.
921	$dir could be 1 (next post) or -1 (previous post).
922
923	@param post_id <b>integer</b> Post ID
924	@param dir <b>integer</b> Search direction
925	@param restrict_to_category <b>boolean</b> Restrict to post with same category
926	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
927	@return record
928	*/
929	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
930	{
931	$dt = $post->post_dt;
932	$post_id = (integer) $post->post_id;
933
934	if($dir > 0) {
935	$sign = '>';
936	$order = 'ASC';
937	}
938	else {
939	$sign = '<';
940	$order = 'DESC';
941	}
942
943	$params['post_type'] = $post->post_type;
944	$params['limit'] = 1;
945	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
946	$params['sql'] =
947	'AND ( '.
948	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
949	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
950	') ';
951
952	if ($restrict_to_category) {
953	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
954	}
955
956	if ($restrict_to_lang) {
957	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
958	}
959
960	$rs = $this->getPosts($params);
961
962	if ($rs->isEmpty()) {
963	return null;
964	}
965
966	return $rs;
967	}
968
969	/**
970	Retrieves different languages and post count on blog, based on post_lang
971	field. <var>$params</var> is an array taking the following optionnal
972	parameters:
973
974	- post_type: Get only entries with given type (default "post", '' for no type)
975	- lang: retrieve post count for selected lang
976	- order: order statement (default post_lang DESC)
977
978	@param params <b>array</b> Parameters
979	@return record
980	*/
981	public function getLangs($params=array())
982	{
983	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
984	'FROM '.$this->prefix.'post '.
985	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
986	"AND post_lang <> '' ".
987	"AND post_lang IS NOT NULL ";
988
989	if (!$this->core->auth->check('contentadmin',$this->id)) {
990	$strReq .= 'AND ((post_status = 1 ';
991
992	if ($this->without_password) {
993	$strReq .= 'AND post_password IS NULL ';
994	}
995	$strReq .= ') ';
996
997	if ($this->core->auth->userID()) {
998	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
999	} else {
1000	$strReq .= ') ';
1001	}
1002	}
1003
1004	if (isset($params['post_type'])) {
1005	if ($params['post_type'] != '') {
1006	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1007	}
1008	} else {
1009	$strReq .= "AND post_type = 'post' ";
1010	}
1011
1012	if (isset($params['lang'])) {
1013	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
1014	}
1015
1016	$strReq .= 'GROUP BY post_lang ';
1017
1018	$order = 'desc';
1019	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1020	$order = $params['order'];
1021	}
1022	$strReq .= 'ORDER BY post_lang '.$order.' ';
1023
1024	return $this->con->select($strReq);
1025	}
1026
1027	/**
1028	Returns a record with all distinct blog dates and post count.
1029	<var>$params</var> is an array taking the following optionnal parameters:
1030
1031	- type: (day\|month\|year) Get days, months or years
1032	- year: (integer) Get dates for given year
1033	- month: (integer) Get dates for given month
1034	- day: (integer) Get dates for given day
1035	- cat_id: (integer) Category ID filter
1036	- cat_url: Category URL filter
1037	- post_lang: lang of the posts
1038	- next: Get date following match
1039	- previous: Get date before match
1040	- order: Sort by date "ASC" or "DESC"
1041
1042	@param params <b>array</b> Parameters array
1043	@return record
1044	*/
1045	public function getDates($params=array())
1046	{
1047	$dt_f = '%Y-%m-%d';
1048	$dt_fc = '%Y%m%d';
1049	if (isset($params['type'])) {
1050	if ($params['type'] == 'year') {
1051	$dt_f = '%Y-01-01';
1052	$dt_fc = '%Y0101';
1053	} elseif ($params['type'] == 'month') {
1054	$dt_f = '%Y-%m-01';
1055	$dt_fc = '%Y%m01';
1056	}
1057	}
1058	$dt_f .= ' 00:00:00';
1059	$dt_fc .= '000000';
1060
1061	$cat_field = $catReq = $limit = '';
1062
1063	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1064	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1065	$cat_field = ', C.cat_url ';
1066	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1067	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1068	$cat_field = ', C.cat_url ';
1069	}
1070	if (!empty($params['post_lang'])) {
1071	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1072	}
1073
1074	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1075	$cat_field.
1076	',COUNT(P.post_id) AS nb_post '.
1077	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1078	'ON P.cat_id = C.cat_id '.
1079	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1080	$catReq;
1081
1082	if (!$this->core->auth->check('contentadmin',$this->id)) {
1083	$strReq .= 'AND ((post_status = 1 ';
1084
1085	if ($this->without_password) {
1086	$strReq .= 'AND post_password IS NULL ';
1087	}
1088	$strReq .= ') ';
1089
1090	if ($this->core->auth->userID()) {
1091	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1092	} else {
1093	$strReq .= ') ';
1094	}
1095	}
1096
1097	if (!empty($params['post_type'])) {
1098	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1099	} else {
1100	$strReq .= "AND post_type = 'post' ";
1101	}
1102
1103	if (!empty($params['year'])) {
1104	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1105	}
1106
1107	if (!empty($params['month'])) {
1108	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1109	}
1110
1111	if (!empty($params['day'])) {
1112	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1113	}
1114
1115	# Get next or previous date
1116	if (!empty($params['next']) \|\| !empty($params['previous']))
1117	{
1118	if (!empty($params['next'])) {
1119	$pdir = ' > ';
1120	$params['order'] = 'asc';
1121	$dt = $params['next'];
1122	} else {
1123	$pdir = ' < ';
1124	$params['order'] = 'desc';
1125	$dt = $params['previous'];
1126	}
1127
1128	$dt = date('YmdHis',strtotime($dt));
1129
1130	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1131	$limit = $this->con->limit(1);
1132	}
1133
1134	$strReq .= 'GROUP BY dt '.$cat_field;
1135
1136	$order = 'desc';
1137	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1138	$order = $params['order'];
1139	}
1140
1141	$strReq .=
1142	'ORDER BY dt '.$order.' '.
1143	$limit;
1144
1145	$rs = $this->con->select($strReq);
1146	$rs->extend('rsExtDates');
1147	return $rs;
1148	}
1149
1150	/**
1151	Creates a new entry. Takes a cursor as input and returns the new entry
1152	ID.
1153
1154	@param cur <b>cursor</b> Post cursor
1155	@return <b>integer</b> New post ID
1156	*/
1157	public function addPost($cur)
1158	{
1159	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1160	throw new Exception(__('You are not allowed to create an entry'));
1161	}
1162
1163	$this->con->writeLock($this->prefix.'post');
1164	try
1165	{
1166	# Get ID
1167	$rs = $this->con->select(
1168	'SELECT MAX(post_id) '.
1169	'FROM '.$this->prefix.'post '
1170	);
1171
1172	$cur->post_id = (integer) $rs->f(0) + 1;
1173	$cur->blog_id = (string) $this->id;
1174	$cur->post_creadt = date('Y-m-d H:i:s');
1175	$cur->post_upddt = date('Y-m-d H:i:s');
1176	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1177
1178	# Post excerpt and content
1179	$this->getPostContent($cur,$cur->post_id);
1180
1181	$this->getPostCursor($cur);
1182
1183	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1184
1185	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1186	$cur->post_status = -2;
1187	}
1188
1189	# --BEHAVIOR-- coreBeforePostCreate
1190	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1191
1192	$cur->insert();
1193	$this->con->unlock();
1194	}
1195	catch (Exception $e)
1196	{
1197	$this->con->unlock();
1198	throw $e;
1199	}
1200
1201	# --BEHAVIOR-- coreAfterPostCreate
1202	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1203
1204	$this->triggerBlog();
1205
1206	return $cur->post_id;
1207	}
1208
1209	/**
1210	Updates an existing post.
1211
1212	@param id <b>integer</b> Post ID
1213	@param cur <b>cursor</b> Post cursor
1214	*/
1215	public function updPost($id,$cur)
1216	{
1217	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1218	throw new Exception(__('You are not allowed to update entries'));
1219	}
1220
1221	$id = (integer) $id;
1222
1223	if (empty($id)) {
1224	throw new Exception(__('No such entry ID'));
1225	}
1226
1227	# Post excerpt and content
1228	$this->getPostContent($cur,$id);
1229
1230	$this->getPostCursor($cur);
1231
1232	if ($cur->post_url !== null) {
1233	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1234	}
1235
1236	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1237	$cur->unsetField('post_status');
1238	}
1239
1240	$cur->post_upddt = date('Y-m-d H:i:s');
1241
1242	#If user is only "usage", we need to check the post's owner
1243	if (!$this->core->auth->check('contentadmin',$this->id))
1244	{
1245	$strReq = 'SELECT post_id '.
1246	'FROM '.$this->prefix.'post '.
1247	'WHERE post_id = '.$id.' '.
1248	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1249
1250	$rs = $this->con->select($strReq);
1251
1252	if ($rs->isEmpty()) {
1253	throw new Exception(__('You are not allowed to edit this entry'));
1254	}
1255	}
1256
1257	# --BEHAVIOR-- coreBeforePostUpdate
1258	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1259
1260	$cur->update('WHERE post_id = '.$id.' ');
1261
1262	# --BEHAVIOR-- coreAfterPostUpdate
1263	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1264
1265	$this->triggerBlog();
1266	}
1267
1268	/**
1269	Updates post status.
1270
1271	@param id <b>integer</b> Post ID
1272	@param status <b>integer</b> Post status
1273	*/
1274	public function updPostStatus($id,$status)
1275	{
1276	$this->updPostsStatus($id,$status);
1277	}
1278
1279	/**
1280	Updates posts status.
1281
1282	@param ids <b>mixed</b> Post(s) ID(s)
1283	@param status <b>integer</b> Post status
1284	*/
1285	public function updPostsStatus($ids,$status)
1286	{
1287	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1288	throw new Exception(__('You are not allowed to change this entry status'));
1289	}
1290
1291	$posts_ids = dcUtils::cleanIds($ids);
1292	$status = (integer) $status;
1293
1294	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1295	"AND post_id ".$this->con->in($posts_ids);
1296
1297	#If user can only publish, we need to check the post's owner
1298	if (!$this->core->auth->check('contentadmin',$this->id))
1299	{
1300	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1301	}
1302
1303	$cur = $this->con->openCursor($this->prefix.'post');
1304
1305	$cur->post_status = $status;
1306	$cur->post_upddt = date('Y-m-d H:i:s');
1307
1308	$cur->update($strReq);
1309	$this->triggerBlog();
1310	}
1311
1312	/**
1313	Updates post selection.
1314
1315	@param id <b>integer</b> Post ID
1316	@param selected <b>integer</b> Is selected post
1317	*/
1318	public function updPostSelected($id,$selected)
1319	{
1320	$this->updPostsSelected($id,$selected);
1321	}
1322
1323	/**
1324	Updates posts selection.
1325
1326	@param ids <b>mixed</b> Post(s) ID(s)
1327	@param selected <b>integer</b> Is selected post(s)
1328	*/
1329	public function updPostsSelected($ids,$selected)
1330	{
1331	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1332	throw new Exception(__('You are not allowed to change this entry category'));
1333	}
1334
1335	$posts_ids = dcUtils::cleanIds($ids);
1336	$selected = (boolean) $selected;
1337
1338	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1339	"AND post_id ".$this->con->in($posts_ids);
1340
1341	# If user is only usage, we need to check the post's owner
1342	if (!$this->core->auth->check('contentadmin',$this->id))
1343	{
1344	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1345	}
1346
1347	$cur = $this->con->openCursor($this->prefix.'post');
1348
1349	$cur->post_selected = (integer) $selected;
1350	$cur->post_upddt = date('Y-m-d H:i:s');
1351
1352	$cur->update($strReq);
1353	$this->triggerBlog();
1354	}
1355
1356	/**
1357	Updates post category. <var>$cat_id</var> can be null.
1358
1359	@param id <b>integer</b> Post ID
1360	@param cat_id <b>integer</b> Category ID
1361	*/
1362	public function updPostCategory($id,$cat_id)
1363	{
1364	$this->updPostsCategory($id,$cat_id);
1365	}
1366
1367	/**
1368	Updates posts category. <var>$cat_id</var> can be null.
1369
1370	@param ids <b>mixed</b> Post(s) ID(s)
1371	@param cat_id <b>integer</b> Category ID
1372	*/
1373	public function updPostsCategory($ids,$cat_id)
1374	{
1375	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1376	throw new Exception(__('You are not allowed to change this entry category'));
1377	}
1378
1379	$posts_ids = dcUtils::cleanIds($ids);
1380	$cat_id = (integer) $cat_id;
1381
1382	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1383	"AND post_id ".$this->con->in($posts_ids);
1384
1385	# If user is only usage, we need to check the post's owner
1386	if (!$this->core->auth->check('contentadmin',$this->id))
1387	{
1388	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1389	}
1390
1391	$cur = $this->con->openCursor($this->prefix.'post');
1392
1393	$cur->cat_id = ($cat_id ? $cat_id : null);
1394	$cur->post_upddt = date('Y-m-d H:i:s');
1395
1396	$cur->update($strReq);
1397	$this->triggerBlog();
1398	}
1399
1400	/**
1401	Updates posts category. <var>$new_cat_id</var> can be null.
1402
1403	@param old_cat_id <b>integer</b> Old category ID
1404	@param new_cat_id <b>integer</b> New category ID
1405	*/
1406	public function changePostsCategory($old_cat_id,$new_cat_id)
1407	{
1408	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1409	throw new Exception(__('You are not allowed to change entries category'));
1410	}
1411
1412	$old_cat_id = (integer) $old_cat_id;
1413	$new_cat_id = (integer) $new_cat_id;
1414
1415	$cur = $this->con->openCursor($this->prefix.'post');
1416
1417	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
1418	$cur->post_upddt = date('Y-m-d H:i:s');
1419
1420	$cur->update(
1421	'WHERE cat_id = '.$old_cat_id.' '.
1422	"AND blog_id = '".$this->con->escape($this->id)."' "
1423	);
1424	$this->triggerBlog();
1425	}
1426
1427	/**
1428	Deletes a post.
1429
1430	@param id <b>integer</b> Post ID
1431	*/
1432	public function delPost($id)
1433	{
1434	$this->delPosts($id);
1435	}
1436
1437	/**
1438	Deletes multiple posts.
1439
1440	@param ids <b>mixed</b> Post(s) ID(s)
1441	*/
1442	public function delPosts($ids)
1443	{
1444	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1445	throw new Exception(__('You are not allowed to delete entries'));
1446	}
1447
1448	$posts_ids = dcUtils::cleanIds($ids);
1449
1450	if (empty($posts_ids)) {
1451	throw new Exception(__('No such entry ID'));
1452	}
1453
1454	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1455	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1456	"AND post_id ".$this->con->in($posts_ids);
1457
1458	#If user can only delete, we need to check the post's owner
1459	if (!$this->core->auth->check('contentadmin',$this->id))
1460	{
1461	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1462	}
1463
1464	$this->con->execute($strReq);
1465	$this->triggerBlog();
1466	}
1467
1468	/**
1469	Publishes all entries flaged as "scheduled".
1470	*/
1471	public function publishScheduledEntries()
1472	{
1473	$strReq = 'SELECT post_id, post_dt, post_tz '.
1474	'FROM '.$this->prefix.'post '.
1475	'WHERE post_status = -1 '.
1476	"AND blog_id = '".$this->con->escape($this->id)."' ";
1477
1478	$rs = $this->con->select($strReq);
1479
1480	$now = dt::toUTC(time());
1481	$to_change = new ArrayObject();
1482
1483	if ($rs->isEmpty()) {
1484	return;
1485	}
1486
1487	while ($rs->fetch())
1488	{
1489	# Now timestamp with post timezone
1490	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1491
1492	# Post timestamp
1493	$post_ts = strtotime($rs->post_dt);
1494
1495	# If now_tz >= post_ts, we publish the entry
1496	if ($now_tz >= $post_ts) {
1497	$to_change[] = (integer) $rs->post_id;
1498	}
1499	}
1500	if (count($to_change))
1501	{
1502	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1503	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1504
1505	$strReq =
1506	'UPDATE '.$this->prefix.'post SET '.
1507	'post_status = 1 '.
1508	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1509	'AND post_id '.$this->con->in((array)$to_change).' ';
1510	$this->con->execute($strReq);
1511	$this->triggerBlog();
1512
1513	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1514	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1515	}
1516
1517	}
1518
1519	/**
1520	Retrieves all users having posts on current blog.
1521
1522	@param post_type <b>string</b> post_type filter (post)
1523	@return record
1524	*/
1525	public function getPostsUsers($post_type='post')
1526	{
1527	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1528	'user_displayname, user_email '.
1529	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1530	'WHERE P.user_id = U.user_id '.
1531	"AND blog_id = '".$this->con->escape($this->id)."' ";
1532
1533	if ($post_type) {
1534	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1535	}
1536
1537	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1538
1539	return $this->con->select($strReq);
1540	}
1541
1542	private function getPostsCategoryFilter($arr,$field='cat_id')
1543	{
1544	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1545
1546	$sub = array();
1547	$not = array();
1548	$queries = array();
1549
1550	foreach ($arr as $v)
1551	{
1552	$v = trim($v);
1553	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1554	$id = array_shift($args);
1555	$args = array_flip($args);
1556
1557	if (isset($args['not'])) { $not[$id] = 1; }
1558	if (isset($args['sub'])) { $sub[$id] = 1; }
1559	if ($field == 'cat_id') {
1560	if (preg_match('/^null$/i',$id)) {
1561	$queries[$id] = 'P.cat_id IS NULL';
1562	}
1563	else {
1564	$queries[$id] = 'P.cat_id = '.(integer) $id;
1565	}
1566	} else {
1567	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1568	}
1569	}
1570
1571	if (!empty($sub)) {
1572	$rs = $this->con->select(
1573	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1574	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1575	'AND '.$field.' '.$this->con->in(array_keys($sub))
1576	);
1577
1578	while ($rs->fetch()) {
1579	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1580	}
1581	}
1582
1583	# Create queries
1584	$sql = array(
1585	0 => array(), # wanted categories
1586	1 => array() # excluded categories
1587	);
1588
1589	foreach ($queries as $id => $q) {
1590	$sql[(integer) isset($not[$id])][] = $q;
1591	}
1592
1593	$sql[0] = implode(' OR ',$sql[0]);
1594	$sql[1] = implode(' OR ',$sql[1]);
1595
1596	if ($sql[0]) {
1597	$sql[0] = '('.$sql[0].')';
1598	} else {
1599	unset($sql[0]);
1600	}
1601
1602	if ($sql[1]) {
1603	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1604	} else {
1605	unset($sql[1]);
1606	}
1607
1608	return implode(' AND ',$sql);
1609	}
1610
1611	private function getPostCursor($cur,$post_id=null)
1612	{
1613	if ($cur->post_title == '') {
1614	throw new Exception(__('No entry title'));
1615	}
1616
1617	if ($cur->post_content == '') {
1618	throw new Exception(__('No entry content'));
1619	}
1620
1621	if ($cur->post_password === '') {
1622	$cur->post_password = null;
1623	}
1624
1625	if ($cur->post_dt == '') {
1626	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1627	$now = time() + $offset;
1628	$cur->post_dt = date('Y-m-d H:i:00',$now);
1629	}
1630
1631	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1632
1633	if ($cur->post_content_xhtml == '') {
1634	throw new Exception(__('No entry content'));
1635	}
1636
1637	# Words list
1638	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1639	&& $cur->post_content_xhtml !== null)
1640	{
1641	$words =
1642	$cur->post_title.' '.
1643	$cur->post_excerpt_xhtml.' '.
1644	$cur->post_content_xhtml;
1645
1646	$cur->post_words = implode(' ',text::splitWords($words));
1647	}
1648	}
1649
1650	private function getPostContent($cur,$post_id)
1651	{
1652	$post_excerpt = $cur->post_excerpt;
1653	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1654	$post_content = $cur->post_content;
1655	$post_content_xhtml = $cur->post_content_xhtml;
1656
1657	$this->setPostContent(
1658	$post_id,$cur->post_format,$cur->post_lang,
1659	$post_excerpt,$post_excerpt_xhtml,
1660	$post_content,$post_content_xhtml
1661	);
1662
1663	$cur->post_excerpt = $post_excerpt;
1664	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1665	$cur->post_content = $post_content;
1666	$cur->post_content_xhtml = $post_content_xhtml;
1667	}
1668
1669	/**
1670	Creates post HTML content, taking format and lang into account.
1671
1672	@param post_id <b>integer</b> Post ID
1673	@param format <b>string</b> Post format
1674	@param lang <b>string</b> Post lang
1675	@param excerpt <b>string</b> Post excerpt
1676	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1677	@param content <b>string</b> Post content
1678	@param[out] content_xhtml <b>string</b> Post content HTML
1679	*/
1680	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1681	{
1682	if ($format == 'wiki')
1683	{
1684	$this->core->initWikiPost();
1685	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1686	switch ($this->settings->system->note_title_tag) {
1687	case 1:
1688	$tag = 'h3';
1689	break;
1690	case 2:
1691	$tag = 'p';
1692	break;
1693	default:
1694	$tag = 'h4';
1695	break;
1696	}
1697	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1698	__('Notes').'</'.$tag.'>%s</div>');
1699	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1700	__('Note').'</'.$tag.'>%s</div>');
1701	if (strpos($lang,'fr') === 0) {
1702	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1703	}
1704	}
1705
1706	if ($excerpt) {
1707	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1708	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1709	} else {
1710	$excerpt_xhtml = '';
1711	}
1712
1713	if ($content) {
1714	$content_xhtml = $this->core->callFormater($format,$content);
1715	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1716	} else {
1717	$content_xhtml = '';
1718	}
1719
1720	# --BEHAVIOR-- coreAfterPostContentFormat
1721	$this->core->callBehavior('coreAfterPostContentFormat',array(
1722	'excerpt' => &$excerpt,
1723	'content' => &$content,
1724	'excerpt_xhtml' => &$excerpt_xhtml,
1725	'content_xhtml' => &$content_xhtml
1726	));
1727	}
1728
1729	/**
1730	Returns URL for a post according to blog setting <var>post_url_format</var>.
1731	It will try to guess URL and append some figures if needed.
1732
1733	@param url <b>string</b> Origin URL, could be empty
1734	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1735	@param post_title <b>string</b> Post title
1736	@param post_id <b>integer</b> Post ID
1737	@return <b>string</b> result URL
1738	*/
1739	public function getPostURL($url,$post_dt,$post_title,$post_id)
1740	{
1741	$url = trim($url);
1742
1743	$url_patterns = array(
1744	'{y}' => date('Y',strtotime($post_dt)),
1745	'{m}' => date('m',strtotime($post_dt)),
1746	'{d}' => date('d',strtotime($post_dt)),
1747	'{t}' => text::tidyURL($post_title),
1748	'{id}' => (integer) $post_id
1749	);
1750
1751	# If URL is empty, we create a new one
1752	if ($url == '')
1753	{
1754	# Transform with format
1755	$url = str_replace(
1756	array_keys($url_patterns),
1757	array_values($url_patterns),
1758	$this->settings->system->post_url_format
1759	);
1760	}
1761	else
1762	{
1763	$url = text::tidyURL($url);
1764	}
1765
1766	# Let's check if URL is taken...
1767	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1768	"WHERE post_url = '".$this->con->escape($url)."' ".
1769	'AND post_id <> '.(integer) $post_id. ' '.
1770	"AND blog_id = '".$this->con->escape($this->id)."' ".
1771	'ORDER BY post_url DESC';
1772
1773	$rs = $this->con->select($strReq);
1774
1775	if (!$rs->isEmpty())
1776	{
1777	if ($this->con->driver() == 'mysql') {
1778	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1779	} elseif ($this->con->driver() == 'pgsql') {
1780	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1781	} else {
1782	$clause = "LIKE '".$this->con->escape($url)."%'";
1783	}
1784	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1785	"WHERE post_url ".$clause.' '.
1786	'AND post_id <> '.(integer) $post_id.' '.
1787	"AND blog_id = '".$this->con->escape($this->id)."' ".
1788	'ORDER BY post_url DESC ';
1789
1790	$rs = $this->con->select($strReq);
1791	$a = array();
1792	while ($rs->fetch()) {
1793	$a[] = $rs->post_url;
1794	}
1795
1796	natsort($a);
1797	$t_url = end($a);
1798
1799	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1800	$i = (integer) $m[2];
1801	$url = $m[1];
1802	} else {
1803	$i = 1;
1804	}
1805
1806	return $url.($i+1);
1807	}
1808
1809	# URL is empty?
1810	if ($url == '') {
1811	throw new Exception(__('Empty entry URL'));
1812	}
1813
1814	return $url;
1815	}
1816	//@}
1817
1818	/// @name Comments management methods
1819	//@{
1820	/**
1821	Retrieves comments. <b>$params</b> is an array taking the following
1822	optionnal parameters:
1823
1824	- no_content: Don't retrieve comment content
1825	- post_type: Get only entries with given type (default no type, array for many types)
1826	- post_id: (integer) Get comments belonging to given post_id
1827	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1828	- comment_id: (integer) Get comment with given ID
1829	- comment_status: (integer) Get comments with given comment_status
1830	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1831	- comment_ip: (string) Get comments with given IP address
1832	- post_url: Get entry with given post_url field
1833	- user_id: (integer) Get entries belonging to given user ID
1834	- q_author: Search comments by author
1835	- sql: Append SQL string at the end of the query
1836	- from: Append SQL string after "FROM" statement in query
1837	- order: Order of results (default "ORDER BY comment_dt DES")
1838	- limit: Limit parameter
1839	- sql_only : return the sql request instead of results. Only ids are selected
1840
1841	@param params <b>array</b> Parameters
1842	@param count_only <b>boolean</b> Only counts results
1843	@return <b>record</b> A record with some more capabilities
1844	*/
1845	public function getComments($params=array(),$count_only=false)
1846	{
1847	if ($count_only)
1848	{
1849	$strReq = 'SELECT count(comment_id) ';
1850	}
1851	elseif (!empty($params['sql_only']))
1852	{
1853	$strReq = 'SELECT P.post_id ';
1854	}
1855	else
1856	{
1857	if (!empty($params['no_content'])) {
1858	$content_req = '';
1859	} else {
1860	$content_req = 'comment_content, ';
1861	}
1862
1863	if (!empty($params['columns']) && is_array($params['columns'])) {
1864	$content_req .= implode(', ',$params['columns']).', ';
1865	}
1866
1867	$strReq =
1868	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1869	'comment_author, comment_email, comment_site, '.
1870	$content_req.' comment_trackback, comment_status, '.
1871	'comment_spam_status, comment_spam_filter, comment_ip, '.
1872	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1873	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1874	}
1875
1876	$strReq .=
1877	'FROM '.$this->prefix.'comment C '.
1878	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1879	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1880
1881	if (!empty($params['from'])) {
1882	$strReq .= $params['from'].' ';
1883	}
1884
1885	$strReq .=
1886	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1887
1888	if (!$this->core->auth->check('contentadmin',$this->id)) {
1889	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1890
1891	if ($this->without_password) {
1892	$strReq .= 'AND post_password IS NULL ';
1893	}
1894	$strReq .= ') ';
1895
1896	if ($this->core->auth->userID()) {
1897	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1898	} else {
1899	$strReq .= ') ';
1900	}
1901	}
1902
1903	if (!empty($params['post_type']))
1904	{
1905	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1906	}
1907
1908	if (isset($params['post_id']) && $params['post_id'] !== '') {
1909	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1910	}
1911
1912	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1913	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1914	}
1915
1916	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
1917	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
1918	}
1919
1920	if (isset($params['comment_status'])) {
1921	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
1922	}
1923
1924	if (!empty($params['comment_status_not']))
1925	{
1926	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
1927	}
1928
1929	if (isset($params['comment_trackback'])) {
1930	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
1931	}
1932
1933	if (isset($params['comment_ip'])) {
1934	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
1935	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
1936	}
1937
1938	if (isset($params['q_author'])) {
1939	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
1940	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
1941	}
1942
1943	if (!empty($params['search']))
1944	{
1945	$words = text::splitWords($params['search']);
1946
1947	if (!empty($words))
1948	{
1949	# --BEHAVIOR coreCommentSearch
1950	if ($this->core->hasBehavior('coreCommentSearch')) {
1951	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
1952	}
1953
1954	if ($words)
1955	{
1956	foreach ($words as $i => $w) {
1957	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
1958	}
1959	$strReq .= 'AND '.implode(' AND ',$words).' ';
1960	}
1961	}
1962	}
1963
1964	if (!empty($params['sql'])) {
1965	$strReq .= $params['sql'].' ';
1966	}
1967
1968	if (!$count_only)
1969	{
1970	if (!empty($params['order'])) {
1971	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
1972	} else {
1973	$strReq .= 'ORDER BY comment_dt DESC ';
1974	}
1975	}
1976
1977	if (!$count_only && !empty($params['limit'])) {
1978	$strReq .= $this->con->limit($params['limit']);
1979	}
1980
1981	if (!empty($params['sql_only'])) {
1982	return $strReq;
1983	}
1984
1985	$rs = $this->con->select($strReq);
1986	$rs->core = $this->core;
1987	$rs->extend('rsExtComment');
1988
1989	# --BEHAVIOR-- coreBlogGetComments
1990	$this->core->callBehavior('coreBlogGetComments',$rs);
1991
1992	return $rs;
1993	}
1994
1995	/**
1996	Creates a new comment. Takes a cursor as input and returns the new comment
1997	ID.
1998
1999	@param cur <b>cursor</b> Comment cursor
2000	@return <b>integer</b> New comment ID
2001	*/
2002	public function addComment($cur)
2003	{
2004	$this->con->writeLock($this->prefix.'comment');
2005	try
2006	{
2007	# Get ID
2008	$rs = $this->con->select(
2009	'SELECT MAX(comment_id) '.
2010	'FROM '.$this->prefix.'comment '
2011	);
2012
2013	$cur->comment_id = (integer) $rs->f(0) + 1;
2014	$cur->comment_upddt = date('Y-m-d H:i:s');
2015
2016	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
2017	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
2018	$cur->comment_tz = $this->settings->system->blog_timezone;
2019
2020	$this->getCommentCursor($cur);
2021
2022	if ($cur->comment_ip === null) {
2023	$cur->comment_ip = http::realIP();
2024	}
2025
2026	# --BEHAVIOR-- coreBeforeCommentCreate
2027	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
2028
2029	$cur->insert();
2030	$this->con->unlock();
2031	}
2032	catch (Exception $e)
2033	{
2034	$this->con->unlock();
2035	throw $e;
2036	}
2037
2038	# --BEHAVIOR-- coreAfterCommentCreate
2039	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
2040
2041	$this->triggerComment($cur->comment_id);
2042	if ($cur->comment_status != -2) {
2043	$this->triggerBlog();
2044	}
2045	return $cur->comment_id;
2046	}
2047
2048	/**
2049	Updates an existing comment.
2050
2051	@param id <b>integer</b> Comment ID
2052	@param cur <b>cursor</b> Comment cursor
2053	*/
2054	public function updComment($id,$cur)
2055	{
2056	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
2057	throw new Exception(__('You are not allowed to update comments'));
2058	}
2059
2060	$id = (integer) $id;
2061
2062	if (empty($id)) {
2063	throw new Exception(__('No such comment ID'));
2064	}
2065
2066	$rs = $this->getComments(array('comment_id' => $id));
2067
2068	if ($rs->isEmpty()) {
2069	throw new Exception(__('No such comment ID'));
2070	}
2071
2072	#If user is only usage, we need to check the post's owner
2073	if (!$this->core->auth->check('contentadmin',$this->id))
2074	{
2075	if ($rs->user_id != $this->core->auth->userID()) {
2076	throw new Exception(__('You are not allowed to update this comment'));
2077	}
2078	}
2079
2080	$this->getCommentCursor($cur);
2081
2082	$cur->comment_upddt = date('Y-m-d H:i:s');
2083
2084	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2085	$cur->unsetField('comment_status');
2086	}
2087
2088	# --BEHAVIOR-- coreBeforeCommentUpdate
2089	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2090
2091	$cur->update('WHERE comment_id = '.$id.' ');
2092
2093	# --BEHAVIOR-- coreAfterCommentUpdate
2094	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2095
2096	$this->triggerComment($id);
2097	$this->triggerBlog();
2098	}
2099
2100	/**
2101	Updates comment status.
2102
2103	@param id <b>integer</b> Comment ID
2104	@param status <b>integer</b> Comment status
2105	*/
2106	public function updCommentStatus($id,$status)
2107	{
2108	$this->updCommentsStatus($id,$status);
2109	}
2110
2111	/**
2112	Updates comments status.
2113
2114	@param ids <b>mixed</b> Comment(s) ID(s)
2115	@param status <b>integer</b> Comment status
2116	*/
2117	public function updCommentsStatus($ids,$status)
2118	{
2119	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2120	throw new Exception(__("You are not allowed to change this comment's status"));
2121	}
2122
2123	$co_ids = dcUtils::cleanIds($ids);
2124	$status = (integer) $status;
2125
2126	$strReq =
2127	'UPDATE '.$this->prefix.'comment tc ';
2128
2129	# mySQL uses "JOIN" synthax
2130	if ($this->con->driver() == 'mysql') {
2131	$strReq .=
2132	'JOIN '.$this->prefix.'post tp ON tc.post_id = tp.post_id ';
2133	}
2134
2135	$strReq .=
2136	'SET comment_status = '.$status.' ';
2137
2138	# pgSQL uses "FROM" synthax
2139	if ($this->con->driver() != 'mysql') {
2140	$strReq .=
2141	'FROM '.$this->prefix.'post tp ';
2142	}
2143
2144	$strReq .=
2145	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
2146	'AND comment_id'.$this->con->in($co_ids);
2147
2148	# add pgSQL "WHERE" clause
2149	if ($this->con->driver() != 'mysql') {
2150	$strReq .=
2151	'AND tc.post_id = tp.post_id ';
2152	}
2153
2154	#If user is only usage, we need to check the post's owner
2155	if (!$this->core->auth->check('contentadmin',$this->id))
2156	{
2157	$strReq .=
2158	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2159	}
2160
2161	$this->con->execute($strReq);
2162	$this->triggerComments($co_ids);
2163	$this->triggerBlog();
2164	}
2165
2166	/**
2167	Delete a comment
2168
2169	@param id <b>integer</b> Comment ID
2170	*/
2171	public function delComment($id)
2172	{
2173	$this->delComments($id);
2174	}
2175
2176	/**
2177	Delete comments
2178
2179	@param ids <b>mixed</b> Comment(s) ID(s)
2180	*/
2181	public function delComments($ids)
2182	{
2183	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2184	throw new Exception(__('You are not allowed to delete comments'));
2185	}
2186
2187	$co_ids = dcUtils::cleanIds($ids);
2188
2189	if (empty($ids)) {
2190	throw new Exception(__('No such comment ID'));
2191	}
2192
2193	# mySQL uses "INNER JOIN" synthax
2194	if ($this->con->driver() == 'mysql') {
2195	$strReq =
2196	'DELETE FROM tc '.
2197	'USING '.$this->prefix.'comment tc '.
2198	'INNER JOIN '.$this->prefix.'post tp ';
2199	}
2200	# pgSQL uses nothing special
2201	else {
2202	$strReq =
2203	'DELETE FROM '.$this->prefix.'comment tc '.
2204	'USING '.$this->prefix.'post tp ';
2205	}
2206
2207	$strReq .=
2208	'WHERE tc.post_id = tp.post_id '.
2209	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2210	'AND comment_id'.$this->con->in($co_ids);
2211
2212	#If user can only delete, we need to check the post's owner
2213	if (!$this->core->auth->check('contentadmin',$this->id))
2214	{
2215	$strReq .=
2216	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2217	}
2218
2219	$this->con->execute($strReq);
2220	$this->triggerComments($co_ids,true);
2221	$this->triggerBlog();
2222	}
2223
2224	public function delJunkComments()
2225	{
2226	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2227	throw new Exception(__('You are not allowed to delete comments'));
2228	}
2229
2230	# mySQL uses "INNER JOIN" synthax
2231	if ($this->con->driver() == 'mysql') {
2232	$strReq =
2233	'DELETE FROM tc '.
2234	'USING '.$this->prefix.'comment tc '.
2235	'INNER JOIN '.$this->prefix.'post tp ';
2236	}
2237	# pgSQL uses nothing special
2238	else {
2239	$strReq =
2240	'DELETE FROM '.$this->prefix.'comment tc '.
2241	'USING '.$this->prefix.'post tp ';
2242	}
2243
2244	$strReq .=
2245	'WHERE tc.post_id = tp.post_id '.
2246	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2247	'AND comment_status = -2';
2248
2249	#If user can only delete, we need to check the post's owner
2250	if (!$this->core->auth->check('contentadmin',$this->id))
2251	{
2252	$strReq .=
2253	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2254	}
2255
2256	$this->con->execute($strReq);
2257	$this->triggerBlog();
2258	}
2259
2260	private function getCommentCursor($cur)
2261	{
2262	if ($cur->comment_content !== null && $cur->comment_content == '') {
2263	throw new Exception(__('You must provide a comment'));
2264	}
2265
2266	if ($cur->comment_author !== null && $cur->comment_author == '') {
2267	throw new Exception(__('You must provide an author name'));
2268	}
2269
2270	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2271	throw new Exception(__('Email address is not valid.'));
2272	}
2273
2274	if ($cur->comment_site !== null && $cur->comment_site != '') {
2275	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
2276	$cur->comment_site = 'http://'.$cur->comment_site;
2277	}else{
2278	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
2279	}
2280	}
2281
2282	if ($cur->comment_status === null) {
2283	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2284	}
2285
2286	# Words list
2287	if ($cur->comment_content !== null)
2288	{
2289	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2290	}
2291	}
2292	//@}
2293	}
2294	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 1261:797b03c6a9ef

Download in other formats:

Sites map