class.dc.blog.php @ 3565:7b120898d2bd

Visit:

Revision 3565:7b120898d2bd, 63.9 KB checked in by franck <carnet.franck.paul@…>, 8 years ago (diff)
Add MySQL UTF8-MB4 support

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = http::getHostFromURL($this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('Pending');
94	$this->post_status['-1'] = __('Scheduled');
95	$this->post_status['0'] = __('Unpublished');
96	$this->post_status['1'] = __('Published');
97
98	$this->comment_status['-2'] = __('Junk');
99	$this->comment_status['-1'] = __('Pending');
100	$this->comment_status['0'] = __('Unpublished');
101	$this->comment_status['1'] = __('Published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns jQuery version selected for the blog.
124	*/
125	public function getJsJQuery()
126	{
127	$version = $this->settings->system->jquery_version;
128	if ($version == '') {
129	$version = DC_DEFAULT_JQUERY; // defined in inc/prepend.php
130	}
131	return 'jquery/'.$version;
132	}
133
134	/**
135	Returns public URL of specified plugin file.
136	*/
137	public function getPF($pf, $strip_host=true)
138	{
139	$ret = $this->getQmarkURL().'pf='.$pf;
140	if ($strip_host) {
141	$ret = html::stripHostURL($ret);
142	}
143	return $ret;
144	}
145
146	/**
147	Returns public URL of specified var file.
148	*/
149	public function getVF($vf, $strip_host=true)
150	{
151	$ret = $this->getQmarkURL().'vf='.$vf;
152	if ($strip_host) {
153	$ret = html::stripHostURL($ret);
154	}
155	return $ret;
156	}
157
158	/**
159	Returns an entry status name given to a code. Status are translated, never
160	use it for tests. If status code does not exist, returns <i>unpublished</i>.
161
162	@param s <b>integer</b> Status code
163	@return <b>string</b> Blog status name
164	*/
165	public function getPostStatus($s)
166	{
167	if (isset($this->post_status[$s])) {
168	return $this->post_status[$s];
169	}
170	return $this->post_status['0'];
171	}
172
173	/**
174	Returns an array of available entry status codes and names.
175
176	@return <b>array</b> Simple array with codes in keys and names in value
177	*/
178	public function getAllPostStatus()
179	{
180	return $this->post_status;
181	}
182
183	/**
184	Returns an array of available comment status codes and names.
185
186	@return <b>array</b> Simple array with codes in keys and names in value
187	*/
188	public function getAllCommentStatus()
189	{
190	return $this->comment_status;
191	}
192
193	/**
194	Disallows entries password protection. You need to set it to
195	<var>false</var> while serving a public blog.
196
197	@param v <b>boolean</b>
198	*/
199	public function withoutPassword($v)
200	{
201	$this->without_password = (boolean) $v;
202	}
203	//@}
204
205	/// @name Triggers methods
206	//@{
207	/**
208	Updates blog last update date. Should be called every time you change
209	an element related to the blog.
210	*/
211	public function triggerBlog()
212	{
213	$cur = $this->con->openCursor($this->prefix.'blog');
214
215	$cur->blog_upddt = date('Y-m-d H:i:s');
216
217	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
218
219	# --BEHAVIOR-- coreBlogAfterTriggerBlog
220	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
221	}
222
223	/**
224	Updates comment and trackback counters in post table. Should be called
225	every time a comment or trackback is added, removed or changed its status.
226
227	@param id <b>integer</b> Comment ID
228	@param del <b>boolean</b> If comment is delete, set this to true
229	*/
230	public function triggerComment($id,$del=false)
231	{
232	$this->triggerComments($id,$del);
233	}
234
235	/**
236	Updates comments and trackbacks counters in post table. Should be called
237	every time comments or trackbacks are added, removed or changed their status.
238
239	@param ids <b>mixed</b> Comment(s) ID(s)
240	@param del <b>boolean</b> If comment is delete, set this to true
241	@param affected_posts <b>mixed</b> Posts(s) ID(s)
242	*/
243	public function triggerComments($ids, $del=false, $affected_posts=null)
244	{
245	$comments_ids = dcUtils::cleanIds($ids);
246
247	# Get posts affected by comments edition
248	if (empty($affected_posts)) {
249	$strReq =
250	'SELECT post_id '.
251	'FROM '.$this->prefix.'comment '.
252	'WHERE comment_id'.$this->con->in($comments_ids).
253	'GROUP BY post_id';
254
255	$rs = $this->con->select($strReq);
256
257	$affected_posts = array();
258	while ($rs->fetch()) {
259	$affected_posts[] = (integer) $rs->post_id;
260	}
261	}
262
263	if (!is_array($affected_posts) \|\| empty($affected_posts)) {
264	return;
265	}
266
267	# Count number of comments if exists for affected posts
268	$strReq =
269	'SELECT post_id, COUNT(post_id) AS nb_comment, comment_trackback '.
270	'FROM '.$this->prefix.'comment '.
271	'WHERE comment_status = 1 '.
272	'AND post_id'.$this->con->in($affected_posts).
273	'GROUP BY post_id,comment_trackback';
274
275	$rs = $this->con->select($strReq);
276
277	$posts = array();
278	while ($rs->fetch()) {
279	if ($rs->comment_trackback) {
280	$posts[$rs->post_id]['trackback'] = $rs->nb_comment;
281	} else {
282	$posts[$rs->post_id]['comment'] = $rs->nb_comment;
283	}
284	}
285
286	# Update number of comments on affected posts
287	$cur = $this->con->openCursor($this->prefix.'post');
288	foreach($affected_posts as $post_id)
289	{
290	$cur->clean();
291
292	if (!array_key_exists($post_id,$posts)) {
293	$cur->nb_trackback = 0;
294	$cur->nb_comment = 0;
295	} else {
296	$cur->nb_trackback = empty($posts[$post_id]['trackback']) ? 0 : $posts[$post_id]['trackback'];
297	$cur->nb_comment = empty($posts[$post_id]['comment']) ? 0 : $posts[$post_id]['comment'];
298	}
299
300	$cur->update('WHERE post_id = '.$post_id);
301	}
302	}
303	//@}
304
305	/// @name Categories management methods
306	//@{
307	public function categories()
308	{
309	if (!($this->categories instanceof dcCategories)) {
310	$this->categories = new dcCategories($this->core);
311	}
312
313	return $this->categories;
314	}
315
316	/**
317	Retrieves categories. <var>$params</var> is an associative array which can
318	take the following parameters:
319
320	- post_type: Get only entries with given type (default "post")
321	- cat_url: filter on cat_url field
322	- cat_id: filter on cat_id field
323	- start: start with a given category
324	- level: categories level to retrieve
325
326	@param params <b>array</b> Parameters
327	@return <b>record</b>
328	*/
329	public function getCategories($params=array())
330	{
331	$c_params = array();
332	if (isset($params['post_type'])) {
333	$c_params['post_type'] = $params['post_type'];
334	unset($params['post_type']);
335	}
336	$counter = $this->getCategoriesCounter($c_params);
337
338	if (isset($params['without_empty']) && ($params['without_empty'] == false)) {
339	$without_empty = false;
340	} else {
341	$without_empty = $this->core->auth->userID() == false; # Get all categories if in admin display
342	}
343
344	$start = isset($params['start']) ? (integer) $params['start'] : 0;
345	$l = isset($params['level']) ? (integer) $params['level'] : 0;
346
347	$rs = $this->categories()->getChildren($start,null,'desc');
348
349	# Get each categories total posts count
350	$data = array();
351	$stack = array();
352	$level = 0;
353	$cols = $rs->columns();
354	while ($rs->fetch())
355	{
356	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
357
358	if ($rs->level > $level) {
359	$nb_total = $nb_post;
360	$stack[$rs->level] = (integer) $nb_post;
361	} elseif ($rs->level == $level) {
362	$nb_total = $nb_post;
363	$stack[$rs->level] += $nb_post;
364	} else {
365	$nb_total = $stack[$rs->level+1] + $nb_post;
366	if (isset($stack[$rs->level])) {
367	$stack[$rs->level] += $nb_total;
368	} else {
369	$stack[$rs->level] = $nb_total;
370	}
371	unset($stack[$rs->level+1]);
372	}
373
374	if ($nb_total == 0 && $without_empty) {
375	continue;
376	}
377
378	$level = $rs->level;
379
380	$t = array();
381	foreach ($cols as $c) {
382	$t[$c] = $rs->f($c);
383	}
384	$t['nb_post'] = $nb_post;
385	$t['nb_total'] = $nb_total;
386
387	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
388	array_unshift($data,$t);
389	}
390	}
391
392	# We need to apply filter after counting
393	if (isset($params['cat_id']) && $params['cat_id'] !== '')
394	{
395	$found = false;
396	foreach ($data as $v) {
397	if ($v['cat_id'] == $params['cat_id']) {
398	$found = true;
399	$data = array($v);
400	break;
401	}
402	}
403	if (!$found) {
404	$data = array();
405	}
406	}
407
408	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
409	&& !isset($params['cat_id']))
410	{
411	$found = false;
412	foreach ($data as $v) {
413	if ($v['cat_url'] == $params['cat_url']) {
414	$found = true;
415	$data = array($v);
416	break;
417	}
418	}
419	if (!$found) {
420	$data = array();
421	}
422	}
423
424	return staticRecord::newFromArray($data);
425	}
426
427	/**
428	Retrieves a category by its ID.
429
430	@param id <b>integer</b> Category ID
431	@return <b>record</b>
432	*/
433	public function getCategory($id)
434	{
435	return $this->getCategories(array('cat_id' => $id));
436	}
437
438	/**
439	Retrieves parents of a given category.
440
441	@param id <b>integer</b> Category ID
442	@return <b>record</b>
443	*/
444	public function getCategoryParents($id)
445	{
446	return $this->categories()->getParents($id);
447	}
448
449	/**
450	Retrieves first parent of a given category.
451
452	@param id <b>integer</b> Category ID
453	@return <b>record</b>
454	*/
455	public function getCategoryParent($id)
456	{
457	return $this->categories()->getParent($id);
458	}
459
460	/**
461	Retrieves all category's first children
462
463	@param id <b>integer</b> Category ID
464	@return <b>record</b>
465	*/
466	public function getCategoryFirstChildren($id)
467	{
468	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
469	}
470
471	private function getCategoriesCounter($params=array())
472	{
473	$strReq =
474	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
475	'FROM '.$this->prefix.'category AS C '.
476	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
477	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
478
479	if (!$this->core->auth->userID()) {
480	$strReq .= 'AND P.post_status = 1 ';
481	}
482
483	if (!empty($params['post_type'])) {
484	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
485	}
486
487	$strReq .= 'GROUP BY C.cat_id ';
488
489	$rs = $this->con->select($strReq);
490	$counters = array();
491	while ($rs->fetch()) {
492	$counters[$rs->cat_id] = $rs->nb_post;
493	}
494
495	return $counters;
496	}
497
498	/**
499	Creates a new category. Takes a cursor as input and returns the new category
500	ID.
501
502	@param cur <b>cursor</b> Category cursor
503	@return <b>integer</b> New category ID
504	*/
505	public function addCategory($cur,$parent=0)
506	{
507	if (!$this->core->auth->check('categories',$this->id)) {
508	throw new Exception(__('You are not allowed to add categories'));
509	}
510
511	$url = array();
512	if ($parent != 0)
513	{
514	$rs = $this->getCategory($parent);
515	if ($rs->isEmpty()) {
516	$url = array();
517	} else {
518	$url[] = $rs->cat_url;
519	}
520	}
521
522	if ($cur->cat_url == '') {
523	$url[] = text::tidyURL($cur->cat_title,false);
524	} else {
525	$url[] = $cur->cat_url;
526	}
527
528	$cur->cat_url = implode('/',$url);
529
530	$this->getCategoryCursor($cur);
531	$cur->blog_id = (string) $this->id;
532
533	# --BEHAVIOR-- coreBeforeCategoryCreate
534	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
535
536	$id = $this->categories()->addNode($cur,$parent);
537	# Update category's cursor
538	$rs = $this->getCategory($id);
539	if (!$rs->isEmpty()) {
540	$cur->cat_lft = $rs->cat_lft;
541	$cur->cat_rgt = $rs->cat_rgt;
542	}
543
544	# --BEHAVIOR-- coreAfterCategoryCreate
545	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
546	$this->triggerBlog();
547
548	return $cur->cat_id;
549	}
550
551	/**
552	Updates an existing category.
553
554	@param id <b>integer</b> Category ID
555	@param cur <b>cursor</b> Category cursor
556	*/
557	public function updCategory($id,$cur)
558	{
559	if (!$this->core->auth->check('categories',$this->id)) {
560	throw new Exception(__('You are not allowed to update categories'));
561	}
562
563	if ($cur->cat_url == '')
564	{
565	$url = array();
566	$rs = $this->categories()->getParents($id);
567	while ($rs->fetch()) {
568	if ($rs->index() == $rs->count()-1) {
569	$url[] = $rs->cat_url;
570	}
571	}
572
573
574	$url[] = text::tidyURL($cur->cat_title,false);
575	$cur->cat_url = implode('/',$url);
576	}
577
578	$this->getCategoryCursor($cur,$id);
579
580	# --BEHAVIOR-- coreBeforeCategoryUpdate
581	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
582
583	$cur->update(
584	'WHERE cat_id = '.(integer) $id.' '.
585	"AND blog_id = '".$this->con->escape($this->id)."' ");
586
587	# --BEHAVIOR-- coreAfterCategoryUpdate
588	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
589
590	$this->triggerBlog();
591	}
592
593	/**
594	Set category position
595
596	@param id <b>integer</b> Category ID
597	@param left <b>integer</b> Category ID before
598	@param right <b>integer</b> Category ID after
599	*/
600	public function updCategoryPosition($id,$left,$right)
601	{
602	$this->categories()->updatePosition($id,$left,$right);
603	$this->triggerBlog();
604	}
605
606	/**
607	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
608	instead.
609
610	@param id <b>integer</b> Category ID
611	@param order <b>integer</b> Category position
612	*/
613	public function updCategoryOrder($id,$order)
614	{
615	return;
616	}
617
618	/**
619	Set a category parent
620
621	@param id <b>integer</b> Category ID
622	@param parent <b>integer</b> Parent Category ID
623	*/
624	public function setCategoryParent($id,$parent)
625	{
626	$this->categories()->setNodeParent($id,$parent);
627	$this->triggerBlog();
628	}
629
630	/**
631	Set category position
632
633	@param id <b>integer</b> Category ID
634	@param sibling <b>integer</b> Sibling Category ID
635	@param move <b>integer</b> Order (before\|after)
636	*/
637	public function setCategoryPosition($id,$sibling,$move)
638	{
639	$this->categories()->setNodePosition($id,$sibling,$move);
640	$this->triggerBlog();
641	}
642
643	/**
644	Deletes a category.
645
646	@param id <b>integer</b> Category ID
647	*/
648	public function delCategory($id)
649	{
650	if (!$this->core->auth->check('categories',$this->id)) {
651	throw new Exception(__('You are not allowed to delete categories'));
652	}
653
654	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
655	'FROM '.$this->prefix.'post '.
656	'WHERE cat_id = '.(integer) $id.' '.
657	"AND blog_id = '".$this->con->escape($this->id)."' ";
658
659	$rs = $this->con->select($strReq);
660
661	if ($rs->nb_post > 0) {
662	throw new Exception(__('This category is not empty.'));
663	}
664
665	$this->categories()->deleteNode($id,true);
666	$this->triggerBlog();
667	}
668
669	/**
670	Reset categories order and relocate them to first level
671	*/
672	public function resetCategoriesOrder()
673	{
674	if (!$this->core->auth->check('categories',$this->id)) {
675	throw new Exception(__('You are not allowed to reset categories order'));
676	}
677
678	$this->categories()->resetOrder();
679	$this->triggerBlog();
680	}
681
682	private function checkCategory($title,$url,$id=null)
683	{
684	# Let's check if URL is taken...
685	$strReq =
686	'SELECT cat_url FROM '.$this->prefix.'category '.
687	"WHERE cat_url = '".$this->con->escape($url)."' ".
688	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
689	"AND blog_id = '".$this->con->escape($this->id)."' ".
690	'ORDER BY cat_url DESC';
691
692	$rs = $this->con->select($strReq);
693
694	if (!$rs->isEmpty())
695	{
696	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli' \|\| $this->con->driver() == 'mysqlimb4') {
697	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
698	} elseif ($this->con->driver() == 'pgsql') {
699	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
700	} else {
701	$clause = "LIKE '".$this->con->escape($url)."%'";
702	}
703	$strReq =
704	'SELECT cat_url FROM '.$this->prefix.'category '.
705	"WHERE cat_url ".$clause.' '.
706	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
707	"AND blog_id = '".$this->con->escape($this->id)."' ".
708	'ORDER BY cat_url DESC ';
709
710	$rs = $this->con->select($strReq);
711	$a = array();
712	while ($rs->fetch()) {
713	$a[] = $rs->cat_url;
714	}
715
716	natsort($a);
717	$t_url = end($a);
718
719	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
720	$i = (integer) $m[2];
721	$url = $m[1];
722	} else {
723	$i = 1;
724	}
725
726	return $url.($i+1);
727	}
728
729	# URL is empty?
730	if ($url == '') {
731	throw new Exception(__('Empty category URL'));
732	}
733
734	return $url;
735	}
736
737	private function getCategoryCursor($cur,$id=null)
738	{
739	if ($cur->cat_title == '') {
740	throw new Exception(__('You must provide a category title'));
741	}
742
743	# If we don't have any cat_url, let's do one
744	if ($cur->cat_url == '') {
745	$cur->cat_url = text::tidyURL($cur->cat_title,false);
746	}
747
748	# Still empty ?
749	if ($cur->cat_url == '') {
750	throw new Exception(__('You must provide a category URL'));
751	} else {
752	$cur->cat_url = text::tidyURL($cur->cat_url,true);
753	}
754
755	# Check if title or url are unique
756	$cur->cat_url = $this->checkCategory($cur->cat_title,$cur->cat_url,$id);
757
758	if ($cur->cat_desc !== null) {
759	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
760	}
761	}
762	//@}
763
764	/// @name Entries management methods
765	//@{
766	/**
767	Retrieves entries. <b>$params</b> is an array taking the following
768	optionnal parameters:
769
770	- no_content: Don't retrieve entry content (excerpt and content)
771	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
772	- post_id: (integer or array) Get entry with given post_id
773	- post_url: Get entry with given post_url field
774	- user_id: (integer) Get entries belonging to given user ID
775	- cat_id: (string or array) Get entries belonging to given category ID
776	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
777	- cat_url: (string or array) Get entries belonging to given category URL
778	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
779	- post_status: (integer) Get entries with given post_status
780	- post_selected: (boolean) Get select flaged entries
781	- post_year: (integer) Get entries with given year
782	- post_month: (integer) Get entries with given month
783	- post_day: (integer) Get entries with given day
784	- post_lang: Get entries with given language code
785	- search: Get entries corresponding of the following search string
786	- columns: (array) More columns to retrieve
787	- sql: Append SQL string at the end of the query
788	- from: Append SQL string after "FROM" statement in query
789	- order: Order of results (default "ORDER BY post_dt DES")
790	- limit: Limit parameter
791	- sql_only : return the sql request instead of results. Only ids are selected
792	- exclude_post_id : (integer or array) Exclude entries with given post_id
793
794	Please note that on every cat_id or cat_url, you can add ?not to exclude
795	the category and ?sub to get subcategories.
796
797	@param params <b>array</b> Parameters
798	@param count_only <b>boolean</b> Only counts results
799	@return <b>record</b> A record with some more capabilities or the SQL request
800	*/
801	public function getPosts($params=array(),$count_only=false)
802	{
803	# --BEHAVIOR-- coreBlogBeforeGetPosts
804	$params = new ArrayObject($params);
805	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
806
807	if ($count_only)
808	{
809	$strReq = 'SELECT count(DISTINCT P.post_id) ';
810	}
811	elseif (!empty($params['sql_only']))
812	{
813	$strReq = 'SELECT P.post_id ';
814	}
815	else
816	{
817	if (!empty($params['no_content'])) {
818	$content_req = '';
819	} else {
820	$content_req =
821	'post_excerpt, post_excerpt_xhtml, '.
822	'post_content, post_content_xhtml, post_notes, ';
823	}
824
825	if (!empty($params['columns']) && is_array($params['columns'])) {
826	$content_req .= implode(', ',$params['columns']).', ';
827	}
828
829
830	$strReq =
831	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
832	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
833	'post_url, post_lang, post_title, '.$content_req.
834	'post_type, post_meta, '.
835	'post_status, post_firstpub, post_selected, post_position, '.
836	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
837	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
838	'U.user_url, '.
839	'C.cat_title, C.cat_url, C.cat_desc ';
840	}
841
842	$strReq .=
843	'FROM '.$this->prefix.'post P '.
844	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
845	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
846
847	if (!empty($params['from'])) {
848	$strReq .= $params['from'].' ';
849	}
850
851	$strReq .=
852	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
853
854	if (!$this->core->auth->check('contentadmin',$this->id)) {
855	$strReq .= 'AND ((post_status = 1 ';
856
857	if ($this->without_password) {
858	$strReq .= 'AND post_password IS NULL ';
859	}
860	$strReq .= ') ';
861
862	if ($this->core->auth->userID()) {
863	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
864	} else {
865	$strReq .= ') ';
866	}
867	}
868
869	#Adding parameters
870	if (isset($params['post_type']))
871	{
872	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
873	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
874	}
875	}
876	else
877	{
878	$strReq .= "AND post_type = 'post' ";
879	}
880
881	if (isset($params['post_id']) && $params['post_id'] !== '') {
882	if (is_array($params['post_id'])) {
883	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
884	} else {
885	$params['post_id'] = array((integer) $params['post_id']);
886	}
887	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
888	}
889
890	if (isset($params['exclude_post_id']) && $params['exclude_post_id'] !== '') {
891	if (is_array($params['exclude_post_id'])) {
892	array_walk($params['exclude_post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
893	} else {
894	$params['exclude_post_id'] = array((integer) $params['exclude_post_id']);
895	}
896	$strReq .= 'AND P.post_id NOT '.$this->con->in($params['exclude_post_id']);
897	}
898
899	if (isset($params['post_url']) && $params['post_url'] !== '') {
900	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
901	}
902
903	if (!empty($params['user_id'])) {
904	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
905	}
906
907	if (isset($params['cat_id']) && $params['cat_id'] !== '')
908	{
909	if (!is_array($params['cat_id'])) {
910	$params['cat_id'] = array($params['cat_id']);
911	}
912	if (!empty($params['cat_id_not'])) {
913	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
914	}
915	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
916	}
917	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
918	{
919	if (!is_array($params['cat_url'])) {
920	$params['cat_url'] = array($params['cat_url']);
921	}
922	if (!empty($params['cat_url_not'])) {
923	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
924	}
925	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
926	}
927
928	/* Other filters */
929	if (isset($params['post_status'])) {
930	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
931	}
932
933	if (isset($params['post_firstpub'])) {
934	$strReq .= 'AND post_firstpub = '.(integer) $params['post_firstpub'].' ';
935	}
936
937	if (isset($params['post_selected'])) {
938	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
939	}
940
941	if (!empty($params['post_year'])) {
942	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
943	"'".sprintf('%04d',$params['post_year'])."' ";
944	}
945
946	if (!empty($params['post_month'])) {
947	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
948	"'".sprintf('%02d',$params['post_month'])."' ";
949	}
950
951	if (!empty($params['post_day'])) {
952	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
953	"'".sprintf('%02d',$params['post_day'])."' ";
954	}
955
956	if (!empty($params['post_lang'])) {
957	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
958	}
959
960	if (!empty($params['search']))
961	{
962	$words = text::splitWords($params['search']);
963
964	if (!empty($words))
965	{
966	# --BEHAVIOR-- corePostSearch
967	if ($this->core->hasBehavior('corePostSearch')) {
968	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
969	}
970
971	if ($words)
972	{
973	foreach ($words as $i => $w) {
974	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
975	}
976	$strReq .= 'AND '.implode(' AND ',$words).' ';
977	}
978	}
979	}
980
981	if (isset($params['media'])) {
982	if ($params['media'] == '0') {
983	$strReq .= 'AND NOT ';
984	} else {
985	$strReq .= 'AND ';
986	}
987	$strReq .= 'EXISTS (SELECT M.post_id FROM '.$this->prefix.'post_media M '.
988	'WHERE M.post_id = P.post_id ';
989	if (isset($params['link_type'])) {
990	$strReq .= " AND M.link_type ".$this->con->in($params['link_type'])." ";
991	}
992	$strReq .= ")";
993	}
994
995	if (!empty($params['where'])) {
996	$strReq .= $params['where'].' ';
997	}
998
999	if (!empty($params['sql'])) {
1000	$strReq .= $params['sql'].' ';
1001	}
1002
1003	if (!$count_only)
1004	{
1005	if (!empty($params['order'])) {
1006	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
1007	} else {
1008	$strReq .= 'ORDER BY post_dt DESC ';
1009	}
1010	}
1011
1012	if (!$count_only && !empty($params['limit'])) {
1013	$strReq .= $this->con->limit($params['limit']);
1014	}
1015
1016	if (!empty($params['sql_only'])) {
1017	return $strReq;
1018	}
1019
1020	$rs = $this->con->select($strReq);
1021	$rs->core = $this->core;
1022	$rs->_nb_media = array();
1023	$rs->extend('rsExtPost');
1024
1025	# --BEHAVIOR-- coreBlogGetPosts
1026	$this->core->callBehavior('coreBlogGetPosts',$rs);
1027
1028	# --BEHAVIOR-- coreBlogAfterGetPosts
1029	$alt = new arrayObject(array('rs' => null,'params' => $params,'count_only' => $count_only));
1030	$this->core->callBehavior('coreBlogAfterGetPosts',$rs,$alt);
1031	if ($alt['rs'] instanceof record) {
1032	$rs = $alt['rs'];
1033	}
1034
1035	return $rs;
1036	}
1037
1038	/**
1039	Returns a record with post id, title and date for next or previous post
1040	according to the post ID.
1041	$dir could be 1 (next post) or -1 (previous post).
1042
1043	@param post_id <b>integer</b> Post ID
1044	@param dir <b>integer</b> Search direction
1045	@param restrict_to_category <b>boolean</b> Restrict to post with same category
1046	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
1047	@return record
1048	*/
1049	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
1050	{
1051	$dt = $post->post_dt;
1052	$post_id = (integer) $post->post_id;
1053
1054	if($dir > 0) {
1055	$sign = '>';
1056	$order = 'ASC';
1057	}
1058	else {
1059	$sign = '<';
1060	$order = 'DESC';
1061	}
1062
1063	$params['post_type'] = $post->post_type;
1064	$params['limit'] = 1;
1065	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
1066	$params['sql'] =
1067	'AND ( '.
1068	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
1069	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
1070	') ';
1071
1072	if ($restrict_to_category) {
1073	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
1074	}
1075
1076	if ($restrict_to_lang) {
1077	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
1078	}
1079
1080	$rs = $this->getPosts($params);
1081
1082	if ($rs->isEmpty()) {
1083	return null;
1084	}
1085
1086	return $rs;
1087	}
1088
1089	/**
1090	Retrieves different languages and post count on blog, based on post_lang
1091	field. <var>$params</var> is an array taking the following optionnal
1092	parameters:
1093
1094	- post_type: Get only entries with given type (default "post", '' for no type)
1095	- lang: retrieve post count for selected lang
1096	- order: order statement (default post_lang DESC)
1097
1098	@param params <b>array</b> Parameters
1099	@return record
1100	*/
1101	public function getLangs($params=array())
1102	{
1103	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
1104	'FROM '.$this->prefix.'post '.
1105	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1106	"AND post_lang <> '' ".
1107	"AND post_lang IS NOT NULL ";
1108
1109	if (!$this->core->auth->check('contentadmin',$this->id)) {
1110	$strReq .= 'AND ((post_status = 1 ';
1111
1112	if ($this->without_password) {
1113	$strReq .= 'AND post_password IS NULL ';
1114	}
1115	$strReq .= ') ';
1116
1117	if ($this->core->auth->userID()) {
1118	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
1119	} else {
1120	$strReq .= ') ';
1121	}
1122	}
1123
1124	if (isset($params['post_type'])) {
1125	if ($params['post_type'] != '') {
1126	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1127	}
1128	} else {
1129	$strReq .= "AND post_type = 'post' ";
1130	}
1131
1132	if (isset($params['lang'])) {
1133	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
1134	}
1135
1136	$strReq .= 'GROUP BY post_lang ';
1137
1138	$order = 'desc';
1139	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1140	$order = $params['order'];
1141	}
1142	$strReq .= 'ORDER BY post_lang '.$order.' ';
1143
1144	return $this->con->select($strReq);
1145	}
1146
1147	/**
1148	Returns a record with all distinct blog dates and post count.
1149	<var>$params</var> is an array taking the following optionnal parameters:
1150
1151	- type: (day\|month\|year) Get days, months or years
1152	- year: (integer) Get dates for given year
1153	- month: (integer) Get dates for given month
1154	- day: (integer) Get dates for given day
1155	- cat_id: (integer) Category ID filter
1156	- cat_url: Category URL filter
1157	- post_lang: lang of the posts
1158	- next: Get date following match
1159	- previous: Get date before match
1160	- order: Sort by date "ASC" or "DESC"
1161
1162	@param params <b>array</b> Parameters array
1163	@return record
1164	*/
1165	public function getDates($params=array())
1166	{
1167	$dt_f = '%Y-%m-%d';
1168	$dt_fc = '%Y%m%d';
1169	if (isset($params['type'])) {
1170	if ($params['type'] == 'year') {
1171	$dt_f = '%Y-01-01';
1172	$dt_fc = '%Y0101';
1173	} elseif ($params['type'] == 'month') {
1174	$dt_f = '%Y-%m-01';
1175	$dt_fc = '%Y%m01';
1176	}
1177	}
1178	$dt_f .= ' 00:00:00';
1179	$dt_fc .= '000000';
1180
1181	$cat_field = $catReq = $limit = '';
1182
1183	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1184	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1185	$cat_field = ', C.cat_url ';
1186	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1187	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1188	$cat_field = ', C.cat_url ';
1189	}
1190	if (!empty($params['post_lang'])) {
1191	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1192	}
1193
1194	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1195	$cat_field.
1196	',COUNT(P.post_id) AS nb_post '.
1197	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1198	'ON P.cat_id = C.cat_id '.
1199	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1200	$catReq;
1201
1202	if (!$this->core->auth->check('contentadmin',$this->id)) {
1203	$strReq .= 'AND ((post_status = 1 ';
1204
1205	if ($this->without_password) {
1206	$strReq .= 'AND post_password IS NULL ';
1207	}
1208	$strReq .= ') ';
1209
1210	if ($this->core->auth->userID()) {
1211	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1212	} else {
1213	$strReq .= ') ';
1214	}
1215	}
1216
1217	if (!empty($params['post_type'])) {
1218	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1219	} else {
1220	$strReq .= "AND post_type = 'post' ";
1221	}
1222
1223	if (!empty($params['year'])) {
1224	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1225	}
1226
1227	if (!empty($params['month'])) {
1228	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1229	}
1230
1231	if (!empty($params['day'])) {
1232	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1233	}
1234
1235	# Get next or previous date
1236	if (!empty($params['next']) \|\| !empty($params['previous']))
1237	{
1238	if (!empty($params['next'])) {
1239	$pdir = ' > ';
1240	$params['order'] = 'asc';
1241	$dt = $params['next'];
1242	} else {
1243	$pdir = ' < ';
1244	$params['order'] = 'desc';
1245	$dt = $params['previous'];
1246	}
1247
1248	$dt = date('YmdHis',strtotime($dt));
1249
1250	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1251	$limit = $this->con->limit(1);
1252	}
1253
1254	$strReq .= 'GROUP BY dt '.$cat_field;
1255
1256	$order = 'desc';
1257	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1258	$order = $params['order'];
1259	}
1260
1261	$strReq .=
1262	'ORDER BY dt '.$order.' '.
1263	$limit;
1264
1265	$rs = $this->con->select($strReq);
1266	$rs->extend('rsExtDates');
1267	return $rs;
1268	}
1269
1270	/**
1271	Creates a new entry. Takes a cursor as input and returns the new entry
1272	ID.
1273
1274	@param cur <b>cursor</b> Post cursor
1275	@return <b>integer</b> New post ID
1276	*/
1277	public function addPost($cur)
1278	{
1279	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1280	throw new Exception(__('You are not allowed to create an entry'));
1281	}
1282
1283	$this->con->writeLock($this->prefix.'post');
1284	try
1285	{
1286	# Get ID
1287	$rs = $this->con->select(
1288	'SELECT MAX(post_id) '.
1289	'FROM '.$this->prefix.'post '
1290	);
1291
1292	$cur->post_id = (integer) $rs->f(0) + 1;
1293	$cur->blog_id = (string) $this->id;
1294	$cur->post_creadt = date('Y-m-d H:i:s');
1295	$cur->post_upddt = date('Y-m-d H:i:s');
1296	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1297
1298	# Post excerpt and content
1299	$this->getPostContent($cur,$cur->post_id);
1300
1301	$this->getPostCursor($cur);
1302
1303	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1304
1305	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1306	$cur->post_status = -2;
1307	}
1308
1309	# --BEHAVIOR-- coreBeforePostCreate
1310	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1311
1312	$cur->insert();
1313	$this->con->unlock();
1314	}
1315	catch (Exception $e)
1316	{
1317	$this->con->unlock();
1318	throw $e;
1319	}
1320
1321	# --BEHAVIOR-- coreAfterPostCreate
1322	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1323
1324	$this->triggerBlog();
1325
1326	$this->firstPublicationEntries($cur->post_id);
1327
1328	return $cur->post_id;
1329	}
1330
1331	/**
1332	Updates an existing post.
1333
1334	@param id <b>integer</b> Post ID
1335	@param cur <b>cursor</b> Post cursor
1336	*/
1337	public function updPost($id,$cur)
1338	{
1339	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1340	throw new Exception(__('You are not allowed to update entries'));
1341	}
1342
1343	$id = (integer) $id;
1344
1345	if (empty($id)) {
1346	throw new Exception(__('No such entry ID'));
1347	}
1348
1349	# Post excerpt and content
1350	$this->getPostContent($cur,$id);
1351
1352	$this->getPostCursor($cur);
1353
1354	if ($cur->post_url !== null) {
1355	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1356	}
1357
1358	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1359	$cur->unsetField('post_status');
1360	}
1361
1362	$cur->post_upddt = date('Y-m-d H:i:s');
1363
1364	#If user is only "usage", we need to check the post's owner
1365	if (!$this->core->auth->check('contentadmin',$this->id))
1366	{
1367	$strReq = 'SELECT post_id '.
1368	'FROM '.$this->prefix.'post '.
1369	'WHERE post_id = '.$id.' '.
1370	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1371
1372	$rs = $this->con->select($strReq);
1373
1374	if ($rs->isEmpty()) {
1375	throw new Exception(__('You are not allowed to edit this entry'));
1376	}
1377	}
1378
1379	# --BEHAVIOR-- coreBeforePostUpdate
1380	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1381
1382	$cur->update('WHERE post_id = '.$id.' ');
1383
1384	# --BEHAVIOR-- coreAfterPostUpdate
1385	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1386
1387	$this->triggerBlog();
1388
1389	$this->firstPublicationEntries($id);
1390	}
1391
1392	/**
1393	Updates post status.
1394
1395	@param id <b>integer</b> Post ID
1396	@param status <b>integer</b> Post status
1397	*/
1398	public function updPostStatus($id,$status)
1399	{
1400	$this->updPostsStatus($id,$status);
1401	}
1402
1403	/**
1404	Updates posts status.
1405
1406	@param ids <b>mixed</b> Post(s) ID(s)
1407	@param status <b>integer</b> Post status
1408	*/
1409	public function updPostsStatus($ids,$status)
1410	{
1411	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1412	throw new Exception(__('You are not allowed to change this entry status'));
1413	}
1414
1415	$posts_ids = dcUtils::cleanIds($ids);
1416	$status = (integer) $status;
1417
1418	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1419	"AND post_id ".$this->con->in($posts_ids);
1420
1421	#If user can only publish, we need to check the post's owner
1422	if (!$this->core->auth->check('contentadmin',$this->id))
1423	{
1424	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1425	}
1426
1427	$cur = $this->con->openCursor($this->prefix.'post');
1428
1429	$cur->post_status = $status;
1430	$cur->post_upddt = date('Y-m-d H:i:s');
1431
1432	$cur->update($strReq);
1433	$this->triggerBlog();
1434
1435	$this->firstPublicationEntries($posts_ids);
1436	}
1437
1438	/**
1439	Updates post selection.
1440
1441	@param id <b>integer</b> Post ID
1442	@param selected <b>integer</b> Is selected post
1443	*/
1444	public function updPostSelected($id,$selected)
1445	{
1446	$this->updPostsSelected($id,$selected);
1447	}
1448
1449	/**
1450	Updates posts selection.
1451
1452	@param ids <b>mixed</b> Post(s) ID(s)
1453	@param selected <b>integer</b> Is selected post(s)
1454	*/
1455	public function updPostsSelected($ids,$selected)
1456	{
1457	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1458	throw new Exception(__('You are not allowed to change this entry category'));
1459	}
1460
1461	$posts_ids = dcUtils::cleanIds($ids);
1462	$selected = (boolean) $selected;
1463
1464	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1465	"AND post_id ".$this->con->in($posts_ids);
1466
1467	# If user is only usage, we need to check the post's owner
1468	if (!$this->core->auth->check('contentadmin',$this->id))
1469	{
1470	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1471	}
1472
1473	$cur = $this->con->openCursor($this->prefix.'post');
1474
1475	$cur->post_selected = (integer) $selected;
1476	$cur->post_upddt = date('Y-m-d H:i:s');
1477
1478	$cur->update($strReq);
1479	$this->triggerBlog();
1480	}
1481
1482	/**
1483	Updates post category. <var>$cat_id</var> can be null.
1484
1485	@param id <b>integer</b> Post ID
1486	@param cat_id <b>integer</b> Category ID
1487	*/
1488	public function updPostCategory($id,$cat_id)
1489	{
1490	$this->updPostsCategory($id,$cat_id);
1491	}
1492
1493	/**
1494	Updates posts category. <var>$cat_id</var> can be null.
1495
1496	@param ids <b>mixed</b> Post(s) ID(s)
1497	@param cat_id <b>integer</b> Category ID
1498	*/
1499	public function updPostsCategory($ids,$cat_id)
1500	{
1501	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1502	throw new Exception(__('You are not allowed to change this entry category'));
1503	}
1504
1505	$posts_ids = dcUtils::cleanIds($ids);
1506	$cat_id = (integer) $cat_id;
1507
1508	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1509	"AND post_id ".$this->con->in($posts_ids);
1510
1511	# If user is only usage, we need to check the post's owner
1512	if (!$this->core->auth->check('contentadmin',$this->id))
1513	{
1514	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1515	}
1516
1517	$cur = $this->con->openCursor($this->prefix.'post');
1518
1519	$cur->cat_id = ($cat_id ?: null);
1520	$cur->post_upddt = date('Y-m-d H:i:s');
1521
1522	$cur->update($strReq);
1523	$this->triggerBlog();
1524	}
1525
1526	/**
1527	Updates posts category. <var>$new_cat_id</var> can be null.
1528
1529	@param old_cat_id <b>integer</b> Old category ID
1530	@param new_cat_id <b>integer</b> New category ID
1531	*/
1532	public function changePostsCategory($old_cat_id,$new_cat_id)
1533	{
1534	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1535	throw new Exception(__('You are not allowed to change entries category'));
1536	}
1537
1538	$old_cat_id = (integer) $old_cat_id;
1539	$new_cat_id = (integer) $new_cat_id;
1540
1541	$cur = $this->con->openCursor($this->prefix.'post');
1542
1543	$cur->cat_id = ($new_cat_id ?: null);
1544	$cur->post_upddt = date('Y-m-d H:i:s');
1545
1546	$cur->update(
1547	'WHERE cat_id = '.$old_cat_id.' '.
1548	"AND blog_id = '".$this->con->escape($this->id)."' "
1549	);
1550	$this->triggerBlog();
1551	}
1552
1553	/**
1554	Deletes a post.
1555
1556	@param id <b>integer</b> Post ID
1557	*/
1558	public function delPost($id)
1559	{
1560	$this->delPosts($id);
1561	}
1562
1563	/**
1564	Deletes multiple posts.
1565
1566	@param ids <b>mixed</b> Post(s) ID(s)
1567	*/
1568	public function delPosts($ids)
1569	{
1570	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1571	throw new Exception(__('You are not allowed to delete entries'));
1572	}
1573
1574	$posts_ids = dcUtils::cleanIds($ids);
1575
1576	if (empty($posts_ids)) {
1577	throw new Exception(__('No such entry ID'));
1578	}
1579
1580	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1581	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1582	"AND post_id ".$this->con->in($posts_ids);
1583
1584	#If user can only delete, we need to check the post's owner
1585	if (!$this->core->auth->check('contentadmin',$this->id))
1586	{
1587	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1588	}
1589
1590	$this->con->execute($strReq);
1591	$this->triggerBlog();
1592	}
1593
1594	/**
1595	Publishes all entries flaged as "scheduled".
1596	*/
1597	public function publishScheduledEntries()
1598	{
1599	$strReq = 'SELECT post_id, post_dt, post_tz '.
1600	'FROM '.$this->prefix.'post '.
1601	'WHERE post_status = -1 '.
1602	"AND blog_id = '".$this->con->escape($this->id)."' ";
1603
1604	$rs = $this->con->select($strReq);
1605
1606	$now = dt::toUTC(time());
1607	$to_change = new ArrayObject();
1608
1609	if ($rs->isEmpty()) {
1610	return;
1611	}
1612
1613	while ($rs->fetch())
1614	{
1615	# Now timestamp with post timezone
1616	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1617
1618	# Post timestamp
1619	$post_ts = strtotime($rs->post_dt);
1620
1621	# If now_tz >= post_ts, we publish the entry
1622	if ($now_tz >= $post_ts) {
1623	$to_change[] = (integer) $rs->post_id;
1624	}
1625	}
1626	if (count($to_change))
1627	{
1628	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1629	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1630
1631	$strReq =
1632	'UPDATE '.$this->prefix.'post SET '.
1633	'post_status = 1 '.
1634	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1635	'AND post_id '.$this->con->in((array)$to_change).' ';
1636	$this->con->execute($strReq);
1637	$this->triggerBlog();
1638
1639	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1640	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1641
1642	$this->firstPublicationEntries($to_change);
1643	}
1644	}
1645
1646	/**
1647	First publication mecanism (on post create, update, publish, status)
1648
1649	@param ids <b>mixed</b> Post(s) ID(s)
1650	*/
1651	public function firstPublicationEntries($ids)
1652	{
1653	$posts = $this->getPosts(array(
1654	'post_id' => dcUtils::cleanIds($ids),
1655	'post_status' => 1,
1656	'post_firstpub' => 0
1657	));
1658
1659	$to_change = array();
1660	while($posts->fetch()) {
1661
1662	$to_change[] = $posts->post_id;
1663	}
1664
1665	if (count($to_change)) {
1666
1667	$strReq =
1668	'UPDATE '.$this->prefix.'post '.
1669	'SET post_firstpub = 1 '.
1670	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1671	'AND post_id '.$this->con->in((array)$to_change).' ';
1672	$this->con->execute($strReq);
1673
1674	# --BEHAVIOR-- coreFirstPublicationEntries
1675	$this->core->callBehavior('coreFirstPublicationEntries',$this,$to_change);
1676	}
1677	}
1678
1679	/**
1680	Retrieves all users having posts on current blog.
1681
1682	@param post_type <b>string</b> post_type filter (post)
1683	@return record
1684	*/
1685	public function getPostsUsers($post_type='post')
1686	{
1687	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1688	'user_displayname, user_email '.
1689	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1690	'WHERE P.user_id = U.user_id '.
1691	"AND blog_id = '".$this->con->escape($this->id)."' ";
1692
1693	if ($post_type) {
1694	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1695	}
1696
1697	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1698
1699	return $this->con->select($strReq);
1700	}
1701
1702	private function getPostsCategoryFilter($arr,$field='cat_id')
1703	{
1704	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1705
1706	$sub = array();
1707	$not = array();
1708	$queries = array();
1709
1710	foreach ($arr as $v)
1711	{
1712	$v = trim($v);
1713	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1714	$id = array_shift($args);
1715	$args = array_flip($args);
1716
1717	if (isset($args['not'])) { $not[$id] = 1; }
1718	if (isset($args['sub'])) { $sub[$id] = 1; }
1719	if ($field == 'cat_id') {
1720	if (preg_match('/^null$/i',$id)) {
1721	$queries[$id] = 'P.cat_id IS NULL';
1722	}
1723	else {
1724	$queries[$id] = 'P.cat_id = '.(integer) $id;
1725	}
1726	} else {
1727	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1728	}
1729	}
1730
1731	if (!empty($sub)) {
1732	$rs = $this->con->select(
1733	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1734	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1735	'AND '.$field.' '.$this->con->in(array_keys($sub))
1736	);
1737
1738	while ($rs->fetch()) {
1739	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1740	}
1741	}
1742
1743	# Create queries
1744	$sql = array(
1745	0 => array(), # wanted categories
1746	1 => array() # excluded categories
1747	);
1748
1749	foreach ($queries as $id => $q) {
1750	$sql[(integer) isset($not[$id])][] = $q;
1751	}
1752
1753	$sql[0] = implode(' OR ',$sql[0]);
1754	$sql[1] = implode(' OR ',$sql[1]);
1755
1756	if ($sql[0]) {
1757	$sql[0] = '('.$sql[0].')';
1758	} else {
1759	unset($sql[0]);
1760	}
1761
1762	if ($sql[1]) {
1763	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1764	} else {
1765	unset($sql[1]);
1766	}
1767
1768	return implode(' AND ',$sql);
1769	}
1770
1771	private function getPostCursor($cur,$post_id=null)
1772	{
1773	if ($cur->post_title == '') {
1774	throw new Exception(__('No entry title'));
1775	}
1776
1777	if ($cur->post_content == '') {
1778	throw new Exception(__('No entry content'));
1779	}
1780
1781	if ($cur->post_password === '') {
1782	$cur->post_password = null;
1783	}
1784
1785	if ($cur->post_dt == '') {
1786	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1787	$now = time() + $offset;
1788	$cur->post_dt = date('Y-m-d H:i:00',$now);
1789	}
1790
1791	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1792
1793	if ($cur->post_content_xhtml == '') {
1794	throw new Exception(__('No entry content'));
1795	}
1796
1797	# Words list
1798	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1799	&& $cur->post_content_xhtml !== null)
1800	{
1801	$words =
1802	$cur->post_title.' '.
1803	$cur->post_excerpt_xhtml.' '.
1804	$cur->post_content_xhtml;
1805
1806	$cur->post_words = implode(' ',text::splitWords($words));
1807	}
1808
1809	if ($cur->isField('post_firstpub')) {
1810	$cur->unsetField('post_firstpub');
1811	}
1812	}
1813
1814	private function getPostContent($cur,$post_id)
1815	{
1816	$post_excerpt = $cur->post_excerpt;
1817	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1818	$post_content = $cur->post_content;
1819	$post_content_xhtml = $cur->post_content_xhtml;
1820
1821	$this->setPostContent(
1822	$post_id,$cur->post_format,$cur->post_lang,
1823	$post_excerpt,$post_excerpt_xhtml,
1824	$post_content,$post_content_xhtml
1825	);
1826
1827	$cur->post_excerpt = $post_excerpt;
1828	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1829	$cur->post_content = $post_content;
1830	$cur->post_content_xhtml = $post_content_xhtml;
1831	}
1832
1833	/**
1834	Creates post HTML content, taking format and lang into account.
1835
1836	@param post_id <b>integer</b> Post ID
1837	@param format <b>string</b> Post format
1838	@param lang <b>string</b> Post lang
1839	@param excerpt <b>string</b> Post excerpt
1840	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1841	@param content <b>string</b> Post content
1842	@param[out] content_xhtml <b>string</b> Post content HTML
1843	*/
1844	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1845	{
1846	if ($format == 'wiki')
1847	{
1848	$this->core->initWikiPost();
1849	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1850	switch ($this->settings->system->note_title_tag) {
1851	case 1:
1852	$tag = 'h3';
1853	break;
1854	case 2:
1855	$tag = 'p';
1856	break;
1857	default:
1858	$tag = 'h4';
1859	break;
1860	}
1861	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1862	__('Notes').'</'.$tag.'>%s</div>');
1863	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1864	__('Note').'</'.$tag.'>%s</div>');
1865	if (strpos($lang,'fr') === 0) {
1866	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1867	}
1868	}
1869
1870	if ($excerpt) {
1871	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1872	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1873	} else {
1874	$excerpt_xhtml = '';
1875	}
1876
1877	if ($content) {
1878	$content_xhtml = $this->core->callFormater($format,$content);
1879	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1880	} else {
1881	$content_xhtml = '';
1882	}
1883
1884	# --BEHAVIOR-- coreAfterPostContentFormat
1885	$this->core->callBehavior('coreAfterPostContentFormat',array(
1886	'excerpt' => &$excerpt,
1887	'content' => &$content,
1888	'excerpt_xhtml' => &$excerpt_xhtml,
1889	'content_xhtml' => &$content_xhtml
1890	));
1891	}
1892
1893	/**
1894	Returns URL for a post according to blog setting <var>post_url_format</var>.
1895	It will try to guess URL and append some figures if needed.
1896
1897	@param url <b>string</b> Origin URL, could be empty
1898	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1899	@param post_title <b>string</b> Post title
1900	@param post_id <b>integer</b> Post ID
1901	@return <b>string</b> result URL
1902	*/
1903	public function getPostURL($url,$post_dt,$post_title,$post_id)
1904	{
1905	$url = trim($url);
1906
1907	$url_patterns = array(
1908	'{y}' => date('Y',strtotime($post_dt)),
1909	'{m}' => date('m',strtotime($post_dt)),
1910	'{d}' => date('d',strtotime($post_dt)),
1911	'{t}' => text::tidyURL($post_title),
1912	'{id}' => (integer) $post_id
1913	);
1914
1915	# If URL is empty, we create a new one
1916	if ($url == '')
1917	{
1918	# Transform with format
1919	$url = str_replace(
1920	array_keys($url_patterns),
1921	array_values($url_patterns),
1922	$this->settings->system->post_url_format
1923	);
1924	}
1925	else
1926	{
1927	$url = text::tidyURL($url);
1928	}
1929
1930	# Let's check if URL is taken...
1931	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1932	"WHERE post_url = '".$this->con->escape($url)."' ".
1933	'AND post_id <> '.(integer) $post_id. ' '.
1934	"AND blog_id = '".$this->con->escape($this->id)."' ".
1935	'ORDER BY post_url DESC';
1936
1937	$rs = $this->con->select($strReq);
1938
1939	if (!$rs->isEmpty())
1940	{
1941	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli' \|\| $this->con->driver() == 'mysqlimb4') {
1942	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1943	} elseif ($this->con->driver() == 'pgsql') {
1944	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1945	} else {
1946	$clause = "LIKE '".$this->con->escape($url)."%'";
1947	}
1948	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1949	"WHERE post_url ".$clause.' '.
1950	'AND post_id <> '.(integer) $post_id.' '.
1951	"AND blog_id = '".$this->con->escape($this->id)."' ".
1952	'ORDER BY post_url DESC ';
1953
1954	$rs = $this->con->select($strReq);
1955	$a = array();
1956	while ($rs->fetch()) {
1957	$a[] = $rs->post_url;
1958	}
1959
1960	natsort($a);
1961	$t_url = end($a);
1962
1963	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1964	$i = (integer) $m[2];
1965	$url = $m[1];
1966	} else {
1967	$i = 1;
1968	}
1969
1970	return $url.($i+1);
1971	}
1972
1973	# URL is empty?
1974	if ($url == '') {
1975	throw new Exception(__('Empty entry URL'));
1976	}
1977
1978	return $url;
1979	}
1980	//@}
1981
1982	/// @name Comments management methods
1983	//@{
1984	/**
1985	Retrieves comments. <b>$params</b> is an array taking the following
1986	optionnal parameters:
1987
1988	- no_content: Don't retrieve comment content
1989	- post_type: Get only entries with given type (default no type, array for many types)
1990	- post_id: (integer) Get comments belonging to given post_id
1991	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1992	- comment_id: (integer or array) Get comment with given ID (or IDs)
1993	- comment_site: (string) Get comments with given comment_site
1994	- comment_status: (integer) Get comments with given comment_status
1995	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1996	- comment_ip: (string) Get comments with given IP address
1997	- post_url: Get entry with given post_url field
1998	- user_id: (integer) Get entries belonging to given user ID
1999	- q_author: Search comments by author
2000	- sql: Append SQL string at the end of the query
2001	- from: Append SQL string after "FROM" statement in query
2002	- order: Order of results (default "ORDER BY comment_dt DES")
2003	- limit: Limit parameter
2004	- sql_only : return the sql request instead of results. Only ids are selected
2005
2006	@param params <b>array</b> Parameters
2007	@param count_only <b>boolean</b> Only counts results
2008	@return <b>record</b> A record with some more capabilities
2009	*/
2010	public function getComments($params=array(),$count_only=false)
2011	{
2012	if ($count_only)
2013	{
2014	$strReq = 'SELECT count(comment_id) ';
2015	}
2016	elseif (!empty($params['sql_only']))
2017	{
2018	$strReq = 'SELECT P.post_id ';
2019	}
2020	else
2021	{
2022	if (!empty($params['no_content'])) {
2023	$content_req = '';
2024	} else {
2025	$content_req = 'comment_content, ';
2026	}
2027
2028	if (!empty($params['columns']) && is_array($params['columns'])) {
2029	$content_req .= implode(', ',$params['columns']).', ';
2030	}
2031
2032	$strReq =
2033	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
2034	'comment_author, comment_email, comment_site, '.
2035	$content_req.' comment_trackback, comment_status, '.
2036	'comment_spam_status, comment_spam_filter, comment_ip, '.
2037	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
2038	'P.post_dt, P.user_id, U.user_email, U.user_url ';
2039	}
2040
2041	$strReq .=
2042	'FROM '.$this->prefix.'comment C '.
2043	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
2044	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
2045
2046	if (!empty($params['from'])) {
2047	$strReq .= $params['from'].' ';
2048	}
2049
2050	$strReq .=
2051	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
2052
2053	if (!$this->core->auth->check('contentadmin',$this->id)) {
2054	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
2055
2056	if ($this->without_password) {
2057	$strReq .= 'AND post_password IS NULL ';
2058	}
2059	$strReq .= ') ';
2060
2061	if ($this->core->auth->userID()) {
2062	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
2063	} else {
2064	$strReq .= ') ';
2065	}
2066	}
2067
2068	if (!empty($params['post_type']))
2069	{
2070	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
2071	}
2072
2073	if (isset($params['post_id']) && $params['post_id'] !== '') {
2074	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
2075	}
2076
2077	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
2078	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
2079	}
2080
2081	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
2082	if (is_array($params['comment_id'])) {
2083	array_walk($params['comment_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
2084	} else {
2085	$params['comment_id'] = array((integer) $params['comment_id']);
2086	}
2087	$strReq .= 'AND comment_id '.$this->con->in($params['comment_id']);
2088	}
2089
2090	if (isset($params['comment_email'])) {
2091	$comment_email = $this->con->escape(str_replace('*','%',$params['comment_email']));
2092	$strReq .= "AND comment_email LIKE '".$comment_email."' ";
2093	}
2094
2095	if (isset($params['comment_site'])) {
2096	$comment_site = $this->con->escape(str_replace('*','%',$params['comment_site']));
2097	$strReq .= "AND comment_site LIKE '".$comment_site."' ";
2098	}
2099
2100	if (isset($params['comment_status'])) {
2101	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
2102	}
2103
2104	if (!empty($params['comment_status_not']))
2105	{
2106	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
2107	}
2108
2109	if (isset($params['comment_trackback'])) {
2110	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
2111	}
2112
2113	if (isset($params['comment_ip'])) {
2114	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
2115	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
2116	}
2117
2118	if (isset($params['q_author'])) {
2119	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
2120	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
2121	}
2122
2123	if (!empty($params['search']))
2124	{
2125	$words = text::splitWords($params['search']);
2126
2127	if (!empty($words))
2128	{
2129	# --BEHAVIOR coreCommentSearch
2130	if ($this->core->hasBehavior('coreCommentSearch')) {
2131	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
2132	}
2133
2134	if ($words)
2135	{
2136	foreach ($words as $i => $w) {
2137	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
2138	}
2139	$strReq .= 'AND '.implode(' AND ',$words).' ';
2140	}
2141	}
2142	}
2143
2144	if (!empty($params['sql'])) {
2145	$strReq .= $params['sql'].' ';
2146	}
2147
2148	if (!$count_only)
2149	{
2150	if (!empty($params['order'])) {
2151	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
2152	} else {
2153	$strReq .= 'ORDER BY comment_dt DESC ';
2154	}
2155	}
2156
2157	if (!$count_only && !empty($params['limit'])) {
2158	$strReq .= $this->con->limit($params['limit']);
2159	}
2160
2161	if (!empty($params['sql_only'])) {
2162	return $strReq;
2163	}
2164
2165	$rs = $this->con->select($strReq);
2166	$rs->core = $this->core;
2167	$rs->extend('rsExtComment');
2168
2169	# --BEHAVIOR-- coreBlogGetComments
2170	$this->core->callBehavior('coreBlogGetComments',$rs);
2171
2172	return $rs;
2173	}
2174
2175	/**
2176	Creates a new comment. Takes a cursor as input and returns the new comment
2177	ID.
2178
2179	@param cur <b>cursor</b> Comment cursor
2180	@return <b>integer</b> New comment ID
2181	*/
2182	public function addComment($cur)
2183	{
2184	$this->con->writeLock($this->prefix.'comment');
2185	try
2186	{
2187	# Get ID
2188	$rs = $this->con->select(
2189	'SELECT MAX(comment_id) '.
2190	'FROM '.$this->prefix.'comment '
2191	);
2192
2193	$cur->comment_id = (integer) $rs->f(0) + 1;
2194	$cur->comment_upddt = date('Y-m-d H:i:s');
2195
2196	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
2197	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
2198	$cur->comment_tz = $this->settings->system->blog_timezone;
2199
2200	$this->getCommentCursor($cur);
2201
2202	if ($cur->comment_ip === null) {
2203	$cur->comment_ip = http::realIP();
2204	}
2205
2206	# --BEHAVIOR-- coreBeforeCommentCreate
2207	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
2208
2209	$cur->insert();
2210	$this->con->unlock();
2211	}
2212	catch (Exception $e)
2213	{
2214	$this->con->unlock();
2215	throw $e;
2216	}
2217
2218	# --BEHAVIOR-- coreAfterCommentCreate
2219	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
2220
2221	$this->triggerComment($cur->comment_id);
2222	if ($cur->comment_status != -2) {
2223	$this->triggerBlog();
2224	}
2225	return $cur->comment_id;
2226	}
2227
2228	/**
2229	Updates an existing comment.
2230
2231	@param id <b>integer</b> Comment ID
2232	@param cur <b>cursor</b> Comment cursor
2233	*/
2234	public function updComment($id,$cur)
2235	{
2236	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
2237	throw new Exception(__('You are not allowed to update comments'));
2238	}
2239
2240	$id = (integer) $id;
2241
2242	if (empty($id)) {
2243	throw new Exception(__('No such comment ID'));
2244	}
2245
2246	$rs = $this->getComments(array('comment_id' => $id));
2247
2248	if ($rs->isEmpty()) {
2249	throw new Exception(__('No such comment ID'));
2250	}
2251
2252	#If user is only usage, we need to check the post's owner
2253	if (!$this->core->auth->check('contentadmin',$this->id))
2254	{
2255	if ($rs->user_id != $this->core->auth->userID()) {
2256	throw new Exception(__('You are not allowed to update this comment'));
2257	}
2258	}
2259
2260	$this->getCommentCursor($cur);
2261
2262	$cur->comment_upddt = date('Y-m-d H:i:s');
2263
2264	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2265	$cur->unsetField('comment_status');
2266	}
2267
2268	# --BEHAVIOR-- coreBeforeCommentUpdate
2269	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2270
2271	$cur->update('WHERE comment_id = '.$id.' ');
2272
2273	# --BEHAVIOR-- coreAfterCommentUpdate
2274	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2275
2276	$this->triggerComment($id);
2277	$this->triggerBlog();
2278	}
2279
2280	/**
2281	Updates comment status.
2282
2283	@param id <b>integer</b> Comment ID
2284	@param status <b>integer</b> Comment status
2285	*/
2286	public function updCommentStatus($id,$status)
2287	{
2288	$this->updCommentsStatus($id,$status);
2289	}
2290
2291	/**
2292	Updates comments status.
2293
2294	@param ids <b>mixed</b> Comment(s) ID(s)
2295	@param status <b>integer</b> Comment status
2296	*/
2297	public function updCommentsStatus($ids,$status)
2298	{
2299	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2300	throw new Exception(__("You are not allowed to change this comment's status"));
2301	}
2302
2303	$co_ids = dcUtils::cleanIds($ids);
2304	$status = (integer) $status;
2305
2306	$strReq =
2307	'UPDATE '.$this->prefix.'comment '.
2308	'SET comment_status = '.$status.' ';
2309	$strReq .=
2310	'WHERE comment_id'.$this->con->in($co_ids).
2311	'AND post_id in (SELECT tp.post_id '.
2312	'FROM '.$this->prefix.'post tp '.
2313	"WHERE tp.blog_id = '".$this->con->escape($this->id)."' ";
2314	if (!$this->core->auth->check('contentadmin',$this->id))
2315	{
2316	$strReq .=
2317	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2318	}
2319	$strReq .= ')';
2320	$this->con->execute($strReq);
2321	$this->triggerComments($co_ids);
2322	$this->triggerBlog();
2323	}
2324
2325	/**
2326	Delete a comment
2327
2328	@param id <b>integer</b> Comment ID
2329	*/
2330	public function delComment($id)
2331	{
2332	$this->delComments($id);
2333	}
2334
2335	/**
2336	Delete comments
2337
2338	@param ids <b>mixed</b> Comment(s) ID(s)
2339	*/
2340	public function delComments($ids)
2341	{
2342	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2343	throw new Exception(__('You are not allowed to delete comments'));
2344	}
2345
2346	$co_ids = dcUtils::cleanIds($ids);
2347
2348	if (empty($co_ids)) {
2349	throw new Exception(__('No such comment ID'));
2350	}
2351
2352	# Retrieve posts affected by comments edition
2353	$affected_posts = array();
2354	$strReq =
2355	'SELECT post_id '.
2356	'FROM '.$this->prefix.'comment '.
2357	'WHERE comment_id'.$this->con->in($co_ids).
2358	'GROUP BY post_id';
2359
2360	$rs = $this->con->select($strReq);
2361
2362	while ($rs->fetch()) {
2363	$affected_posts[] = (integer) $rs->post_id;
2364	}
2365
2366	$strReq =
2367	'DELETE FROM '.$this->prefix.'comment '.
2368	'WHERE comment_id'.$this->con->in($co_ids).' '.
2369	'AND post_id in (SELECT tp.post_id '.
2370	'FROM '.$this->prefix.'post tp '.
2371	"WHERE tp.blog_id = '".$this->con->escape($this->id)."' ";
2372	#If user can only delete, we need to check the post's owner
2373	if (!$this->core->auth->check('contentadmin',$this->id))
2374	{
2375	$strReq .=
2376	"AND tp.user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2377	}
2378	$strReq .= ")";
2379	$this->con->execute($strReq);
2380	$this->triggerComments($co_ids, true, $affected_posts);
2381	$this->triggerBlog();
2382	}
2383
2384	public function delJunkComments()
2385	{
2386	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2387	throw new Exception(__('You are not allowed to delete comments'));
2388	}
2389
2390	$strReq =
2391	'DELETE FROM '.$this->prefix.'comment '.
2392	'WHERE comment_status = -2 '.
2393	'AND post_id in (SELECT tp.post_id '.
2394	'FROM '.$this->prefix.'post tp '.
2395	"WHERE tp.blog_id = '".$this->con->escape($this->id)."' ";
2396	#If user can only delete, we need to check the post's owner
2397	if (!$this->core->auth->check('contentadmin',$this->id))
2398	{
2399	$strReq .=
2400	"AND tp.user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2401	}
2402	$strReq .= ")";
2403	$this->con->execute($strReq);
2404	$this->triggerBlog();
2405	}
2406
2407	private function getCommentCursor($cur)
2408	{
2409	if ($cur->comment_content !== null && $cur->comment_content == '') {
2410	throw new Exception(__('You must provide a comment'));
2411	}
2412
2413	if ($cur->comment_author !== null && $cur->comment_author == '') {
2414	throw new Exception(__('You must provide an author name'));
2415	}
2416
2417	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2418	throw new Exception(__('Email address is not valid.'));
2419	}
2420
2421	if ($cur->comment_site !== null && $cur->comment_site != '') {
2422	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
2423	$cur->comment_site = 'http://'.$cur->comment_site;
2424	}else{
2425	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
2426	}
2427	}
2428
2429	if ($cur->comment_status === null) {
2430	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2431	}
2432
2433	# Words list
2434	if ($cur->comment_content !== null)
2435	{
2436	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2437	}
2438	}
2439	//@}
2440	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 3565:7b120898d2bd

Download in other formats:

Sites map