class.dc.blog.php @ 1542:2de80618299a

Visit:

Revision 1542:2de80618299a, 61.0 KB checked in by Lepeltier kévin, 12 years ago (diff)
Fusion avec 2.5

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('pending');
94	$this->post_status['-1'] = __('scheduled');
95	$this->post_status['0'] = __('unpublished');
96	$this->post_status['1'] = __('published');
97
98	$this->comment_status['-2'] = __('junk');
99	$this->comment_status['-1'] = __('pending');
100	$this->comment_status['0'] = __('unpublished');
101	$this->comment_status['1'] = __('published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns an entry status name given to a code. Status are translated, never
124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
125
126	@param s <b>integer</b> Status code
127	@return <b>string</b> Blog status name
128	*/
129	public function getPostStatus($s)
130	{
131	if (isset($this->post_status[$s])) {
132	return $this->post_status[$s];
133	}
134	return $this->post_status['0'];
135	}
136
137	/**
138	Returns an array of available entry status codes and names.
139
140	@return <b>array</b> Simple array with codes in keys and names in value
141	*/
142	public function getAllPostStatus()
143	{
144	return $this->post_status;
145	}
146
147	/**
148	Returns an array of available comment status codes and names.
149
150	@return <b>array</b> Simple array with codes in keys and names in value
151	*/
152	public function getAllCommentStatus()
153	{
154	return $this->comment_status;
155	}
156
157	/**
158	Disallows entries password protection. You need to set it to
159	<var>false</var> while serving a public blog.
160
161	@param v <b>boolean</b>
162	*/
163	public function withoutPassword($v)
164	{
165	$this->without_password = (boolean) $v;
166	}
167	//@}
168
169	/// @name Triggers methods
170	//@{
171	/**
172	Updates blog last update date. Should be called every time you change
173	an element related to the blog.
174	*/
175	public function triggerBlog()
176	{
177	$cur = $this->con->openCursor($this->prefix.'blog');
178
179	$cur->blog_upddt = date('Y-m-d H:i:s');
180
181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
182
183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
185	}
186
187	/**
188	Updates comment and trackback counters in post table. Should be called
189	every time a comment or trackback is added, removed or changed its status.
190
191	@param id <b>integer</b> Comment ID
192	@param del <b>boolean</b> If comment is delete, set this to true
193	*/
194	public function triggerComment($id,$del=false)
195	{
196	$this->triggerComments($id,$del);
197	}
198
199	/**
200	Updates comments and trackbacks counters in post table. Should be called
201	every time comments or trackbacks are added, removed or changed there status.
202
203	@param ids <b>mixed</b> Comment(s) ID(s)
204	@param del <b>boolean</b> If comment is delete, set this to true
205	@param affected_posts <b>mixed</b> Posts(s) ID(s)
206	*/
207	public function triggerComments($ids, $del=false, $affected_posts=null)
208	{
209	$co_ids = dcUtils::cleanIds($ids);
210	$a_ids = dcUtils::cleanIds($affected_posts);
211	$a_tbs = array();
212
213	# a) Retrieve posts affected by comments edition
214	if (empty($a_ids)) {
215	$strReq =
216	'SELECT post_id, comment_trackback '.
217	'FROM '.$this->prefix.'comment '.
218	'WHERE comment_id'.$this->con->in($co_ids).
219	'GROUP BY post_id,comment_trackback';
220
221	$rs = $this->con->select($strReq);
222
223	while ($rs->fetch()) {
224	$a_ids[] = (integer) $rs->post_id;
225	$a_tbs[] = (integer) $rs->comment_trackback;
226	}
227	}
228
229	# b) Count comments of each posts previously retrieved
230	# Note that this does not return posts without comment
231	$strReq =
232	'SELECT post_id, COUNT(post_id) AS nb_comment,comment_trackback '.
233	'FROM '.$this->prefix.'comment '.
234	'WHERE comment_status = 1 '.
235	(count($a_ids) > 0 ? 'AND post_id'.$this->con->in($a_ids) : ' ');
236
237	if ($del) {
238	$strReq .=
239	'AND comment_id NOT'.$this->con->in($co_ids);
240	}
241
242	$strReq .=
243	'GROUP BY post_id,comment_trackback';
244
245	$rs = $this->con->select($strReq);
246
247	$b_ids = $b_tbs = $b_nbs = array();
248	while ($rs->fetch()) {
249	$b_ids[] = (integer) $rs->post_id;
250	$b_tbs[] = (integer) $rs->comment_trackback;
251	$b_nbs[] = (integer) $rs->nb_comment;
252	}
253
254	# c) Update comments numbers on posts
255	# This compare previous requests to update also posts without comment
256	$cur = $this->con->openCursor($this->prefix.'post');
257
258	foreach($a_ids as $a_key => $a_id)
259	{
260	$nb_comment = $nb_trackback = 0;
261	//$cur->nb_comment = $nb_comment;
262	foreach($b_ids as $b_key => $b_id)
263	{
264	if ($a_id != $b_id \|\| $a_tbs[$a_key] != $b_tbs[$b_key]) {
265	continue;
266	}
267
268	if ($b_tbs[$b_key]) {
269	$nb_trackback = $b_nbs[$b_key];
270	} else {
271	$nb_comment = $b_nbs[$b_key];
272	}
273	}
274
275	if ($a_tbs[$a_key]) {
276	$cur->nb_trackback = $nb_trackback;
277	} else {
278	$cur->nb_comment = $nb_comment;
279	}
280	$cur->update('WHERE post_id = '.$a_id);
281	}
282	}
283	//@}
284
285	/// @name Categories management methods
286	//@{
287	public function categories()
288	{
289	if (!($this->categories instanceof dcCategories)) {
290	$this->categories = new dcCategories($this->core);
291	}
292
293	return $this->categories;
294	}
295
296	/**
297	Retrieves categories. <var>$params</var> is an associative array which can
298	take the following parameters:
299
300	- post_type: Get only entries with given type (default "post")
301	- cat_url: filter on cat_url field
302	- cat_id: filter on cat_id field
303	- start: start with a given category
304	- level: categories level to retrieve
305
306	@param params <b>array</b> Parameters
307	@return <b>record</b>
308	*/
309	public function getCategories($params=array())
310	{
311	$c_params = array();
312	if (isset($params['post_type'])) {
313	$c_params['post_type'] = $params['post_type'];
314	unset($params['post_type']);
315	}
316	$counter = $this->getCategoriesCounter($c_params);
317
318	$without_empty = $this->core->auth->userID() == false; # For public display
319
320	$start = isset($params['start']) ? (integer) $params['start'] : 0;
321	$l = isset($params['level']) ? (integer) $params['level'] : 0;
322
323	$rs = $this->categories()->getChildren($start,null,'desc');
324
325	# Get each categories total posts count
326	$data = array();
327	$stack = array();
328	$level = 0;
329	$cols = $rs->columns();
330	while ($rs->fetch())
331	{
332	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
333
334	if ($rs->level > $level) {
335	$nb_total = $nb_post;
336	$stack[$rs->level] = (integer) $nb_post;
337	} elseif ($rs->level == $level) {
338	$nb_total = $nb_post;
339	$stack[$rs->level] += $nb_post;
340	} else {
341	$nb_total = $stack[$rs->level+1] + $nb_post;
342	if (isset($stack[$rs->level])) {
343	$stack[$rs->level] += $nb_total;
344	} else {
345	$stack[$rs->level] = $nb_total;
346	}
347	unset($stack[$rs->level+1]);
348	}
349
350	if ($nb_total == 0 && $without_empty) {
351	continue;
352	}
353
354	$level = $rs->level;
355
356	$t = array();
357	foreach ($cols as $c) {
358	$t[$c] = $rs->f($c);
359	}
360	$t['nb_post'] = $nb_post;
361	$t['nb_total'] = $nb_total;
362
363	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
364	array_unshift($data,$t);
365	}
366	}
367
368	# We need to apply filter after counting
369	if (isset($params['cat_id']) && $params['cat_id'] !== '')
370	{
371	$found = false;
372	foreach ($data as $v) {
373	if ($v['cat_id'] == $params['cat_id']) {
374	$found = true;
375	$data = array($v);
376	break;
377	}
378	}
379	if (!$found) {
380	$data = array();
381	}
382	}
383
384	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
385	&& !isset($params['cat_id']))
386	{
387	$found = false;
388	foreach ($data as $v) {
389	if ($v['cat_url'] == $params['cat_url']) {
390	$found = true;
391	$data = array($v);
392	break;
393	}
394	}
395	if (!$found) {
396	$data = array();
397	}
398	}
399
400	return staticRecord::newFromArray($data);
401	}
402
403	/**
404	Retrieves a category by its ID.
405
406	@param id <b>integer</b> Category ID
407	@return <b>record</b>
408	*/
409	public function getCategory($id)
410	{
411	return $this->getCategories(array('cat_id' => $id));
412	}
413
414	/**
415	Retrieves parents of a given category.
416
417	@param id <b>integer</b> Category ID
418	@return <b>record</b>
419	*/
420	public function getCategoryParents($id)
421	{
422	return $this->categories()->getParents($id);
423	}
424
425	/**
426	Retrieves first parent of a given category.
427
428	@param id <b>integer</b> Category ID
429	@return <b>record</b>
430	*/
431	public function getCategoryParent($id)
432	{
433	return $this->categories()->getParent($id);
434	}
435
436	/**
437	Retrieves all category's first children
438
439	@param id <b>integer</b> Category ID
440	@return <b>record</b>
441	*/
442	public function getCategoryFirstChildren($id)
443	{
444	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
445	}
446
447	private function getCategoriesCounter($params=array())
448	{
449	$strReq =
450	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
451	'FROM '.$this->prefix.'category AS C '.
452	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
453	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
454
455	if (!$this->core->auth->userID()) {
456	$strReq .= 'AND P.post_status = 1 ';
457	}
458
459	if (!empty($params['post_type'])) {
460	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
461	}
462
463	$strReq .= 'GROUP BY C.cat_id ';
464
465	$rs = $this->con->select($strReq);
466	$counters = array();
467	while ($rs->fetch()) {
468	$counters[$rs->cat_id] = $rs->nb_post;
469	}
470
471	return $counters;
472	}
473
474	/**
475	Creates a new category. Takes a cursor as input and returns the new category
476	ID.
477
478	@param cur <b>cursor</b> Category cursor
479	@return <b>integer</b> New category ID
480	*/
481	public function addCategory($cur,$parent=0)
482	{
483	if (!$this->core->auth->check('categories',$this->id)) {
484	throw new Exception(__('You are not allowed to add categories'));
485	}
486
487	$url = array();
488	if ($parent != 0)
489	{
490	$rs = $this->getCategory($parent);
491	if ($rs->isEmpty()) {
492	$url = array();
493	} else {
494	$url[] = $rs->cat_url;
495	}
496	}
497
498	if ($cur->cat_url == '') {
499	$url[] = text::tidyURL($cur->cat_title,false);
500	} else {
501	$url[] = $cur->cat_url;
502	}
503
504	$cur->cat_url = implode('/',$url);
505
506	$this->getCategoryCursor($cur);
507	$cur->blog_id = (string) $this->id;
508
509	# --BEHAVIOR-- coreBeforeCategoryCreate
510	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
511
512	$id = $this->categories()->addNode($cur,$parent);
513	# Update category's cursor
514	$rs = $this->getCategory($id);
515	if (!$rs->isEmpty()) {
516	$cur->cat_lft = $rs->cat_lft;
517	$cur->cat_rgt = $rs->cat_rgt;
518	}
519
520	# --BEHAVIOR-- coreAfterCategoryCreate
521	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
522	$this->triggerBlog();
523
524	return $cur->cat_id;
525	}
526
527	/**
528	Updates an existing category.
529
530	@param id <b>integer</b> Category ID
531	@param cur <b>cursor</b> Category cursor
532	*/
533	public function updCategory($id,$cur)
534	{
535	if (!$this->core->auth->check('categories',$this->id)) {
536	throw new Exception(__('You are not allowed to update categories'));
537	}
538
539	if ($cur->cat_url == '')
540	{
541	$url = array();
542	$rs = $this->categories()->getParents($id);
543	while ($rs->fetch()) {
544	if ($rs->index() == $rs->count()-1) {
545	$url[] = $rs->cat_url;
546	}
547	}
548
549
550	$url[] = text::tidyURL($cur->cat_title,false);
551	$cur->cat_url = implode('/',$url);
552	}
553
554	$this->getCategoryCursor($cur,$id);
555
556	# --BEHAVIOR-- coreBeforeCategoryUpdate
557	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
558
559	$cur->update(
560	'WHERE cat_id = '.(integer) $id.' '.
561	"AND blog_id = '".$this->con->escape($this->id)."' ");
562
563	# --BEHAVIOR-- coreAfterCategoryUpdate
564	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
565
566	$this->triggerBlog();
567	}
568
569	/**
570	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
571	instead.
572
573	@param id <b>integer</b> Category ID
574	@param order <b>integer</b> Category position
575	*/
576	public function updCategoryOrder($id,$order)
577	{
578	return;
579	}
580
581	/**
582	Set a category parent
583
584	@param id <b>integer</b> Category ID
585	@param parent <b>integer</b> Parent Category ID
586	*/
587	public function setCategoryParent($id,$parent)
588	{
589	$this->categories()->setNodeParent($id,$parent);
590	$this->triggerBlog();
591	}
592
593	/**
594	Set category position
595
596	@param id <b>integer</b> Category ID
597	@param sibling <b>integer</b> Sibling Category ID
598	@param move <b>integer</b> Order (before\|after)
599	*/
600	public function setCategoryPosition($id,$sibling,$move)
601	{
602	$this->categories()->setNodePosition($id,$sibling,$move);
603	$this->triggerBlog();
604	}
605
606	/**
607	Deletes a category.
608
609	@param id <b>integer</b> Category ID
610	*/
611	public function delCategory($id)
612	{
613	if (!$this->core->auth->check('categories',$this->id)) {
614	throw new Exception(__('You are not allowed to delete categories'));
615	}
616
617	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
618	'FROM '.$this->prefix.'post '.
619	'WHERE cat_id = '.(integer) $id.' '.
620	"AND blog_id = '".$this->con->escape($this->id)."' ";
621
622	$rs = $this->con->select($strReq);
623
624	if ($rs->nb_post > 0) {
625	throw new Exception(__('This category is not empty.'));
626	}
627
628	$this->categories()->deleteNode($id,true);
629	$this->triggerBlog();
630	}
631
632	/**
633	Reset categories order and relocate them to first level
634	*/
635	public function resetCategoriesOrder()
636	{
637	if (!$this->core->auth->check('categories',$this->id)) {
638	throw new Exception(__('You are not allowed to reset categories order'));
639	}
640
641	$this->categories()->resetOrder();
642	$this->triggerBlog();
643	}
644
645	private function checkCategory($title,$url,$id=null)
646	{
647	$strReq = 'SELECT cat_id '.
648	'FROM '.$this->prefix.'category '.
649	"WHERE cat_url = '".$this->con->escape($url)."' ".
650	"AND blog_id = '".$this->con->escape($this->id)."' ";
651
652	if ($id !== null) {
653	$strReq .= 'AND cat_id <> '.(integer) $id.' ';
654	}
655
656	$rs = $this->con->select($strReq);
657
658	if (!$rs->isEmpty()) {
659	throw new Exception(__('Category URL must be unique.'));
660	}
661	}
662
663	private function getCategoryCursor($cur,$id=null)
664	{
665	if ($cur->cat_title == '') {
666	throw new Exception(__('You must provide a category title'));
667	}
668
669	# If we don't have any cat_url, let's do one
670	if ($cur->cat_url == '') {
671	$cur->cat_url = text::tidyURL($cur->cat_title,false);
672	}
673
674	# Still empty ?
675	if ($cur->cat_url == '') {
676	throw new Exception(__('You must provide a category URL'));
677	} else {
678	$cur->cat_url = text::tidyURL($cur->cat_url,true);
679	}
680
681	# Check if title or url are unique
682	$this->checkCategory($cur->cat_title,$cur->cat_url,$id);
683
684	if ($cur->cat_desc !== null) {
685	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
686	}
687	}
688	//@}
689
690	/// @name Entries management methods
691	//@{
692	/**
693	Retrieves entries. <b>$params</b> is an array taking the following
694	optionnal parameters:
695
696	- no_content: Don't retrieve entry content (excerpt and content)
697	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
698	- post_id: (integer or array) Get entry with given post_id
699	- post_url: Get entry with given post_url field
700	- user_id: (integer) Get entries belonging to given user ID
701	- cat_id: (string or array) Get entries belonging to given category ID
702	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
703	- cat_url: (string or array) Get entries belonging to given category URL
704	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
705	- post_status: (integer) Get entries with given post_status
706	- post_selected: (boolean) Get select flaged entries
707	- post_year: (integer) Get entries with given year
708	- post_month: (integer) Get entries with given month
709	- post_day: (integer) Get entries with given day
710	- post_lang: Get entries with given language code
711	- search: Get entries corresponding of the following search string
712	- columns: (array) More columns to retrieve
713	- sql: Append SQL string at the end of the query
714	- from: Append SQL string after "FROM" statement in query
715	- order: Order of results (default "ORDER BY post_dt DES")
716	- limit: Limit parameter
717	- sql_only : return the sql request instead of results. Only ids are selected
718	- exclude_post_id : (integer or array) Exclude entries with given post_id
719
720	Please note that on every cat_id or cat_url, you can add ?not to exclude
721	the category and ?sub to get subcategories.
722
723	@param params <b>array</b> Parameters
724	@param count_only <b>boolean</b> Only counts results
725	@return <b>record</b> A record with some more capabilities or the SQL request
726	*/
727	public function getPosts($params=array(),$count_only=false)
728	{
729	# --BEHAVIOR-- coreBlogBeforeGetPosts
730	$params = new ArrayObject($params);
731	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
732
733	if ($count_only)
734	{
735	$strReq = 'SELECT count(P.post_id) ';
736	}
737	elseif (!empty($params['sql_only']))
738	{
739	$strReq = 'SELECT P.post_id ';
740	}
741	else
742	{
743	if (!empty($params['no_content'])) {
744	$content_req = '';
745	} else {
746	$content_req =
747	'post_excerpt, post_excerpt_xhtml, '.
748	'post_content, post_content_xhtml, post_notes, ';
749	}
750
751	if (!empty($params['columns']) && is_array($params['columns'])) {
752	$content_req .= implode(', ',$params['columns']).', ';
753	}
754
755	$strReq =
756	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
757	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
758	'post_url, post_lang, post_title, '.$content_req.
759	'post_type, post_meta, post_status, post_selected, post_position, '.
760	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
761	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
762	'U.user_url, '.
763	'C.cat_title, C.cat_url, C.cat_desc ';
764	}
765
766	$strReq .=
767	'FROM '.$this->prefix.'post P '.
768	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
769	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
770
771	if (!empty($params['from'])) {
772	$strReq .= $params['from'].' ';
773	}
774
775	$strReq .=
776	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
777
778	if (!$this->core->auth->check('contentadmin',$this->id)) {
779	$strReq .= 'AND ((post_status = 1 ';
780
781	if ($this->without_password) {
782	$strReq .= 'AND post_password IS NULL ';
783	}
784	$strReq .= ') ';
785
786	if ($this->core->auth->userID()) {
787	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
788	} else {
789	$strReq .= ') ';
790	}
791	}
792
793	#Adding parameters
794	if (isset($params['post_type']))
795	{
796	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
797	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
798	}
799	}
800	else
801	{
802	$strReq .= "AND post_type = 'post' ";
803	}
804
805	if (isset($params['post_id']) && $params['post_id'] !== '') {
806	if (is_array($params['post_id'])) {
807	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
808	} else {
809	$params['post_id'] = array((integer) $params['post_id']);
810	}
811	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
812	}
813
814	if (isset($params['exclude_post_id']) && $params['exclude_post_id'] !== '') {
815	if (is_array($params['exclude_post_id'])) {
816	array_walk($params['exclude_post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
817	} else {
818	$params['exclude_post_id'] = array((integer) $params['exclude_post_id']);
819	}
820	$strReq .= 'AND P.post_id not in ('.$this->con->in($params['exclude_post_id']).') ';
821	}
822
823	if (isset($params['post_url']) && $params['post_url'] !== '') {
824	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
825	}
826
827	if (!empty($params['user_id'])) {
828	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
829	}
830
831	if (isset($params['cat_id']) && $params['cat_id'] !== '')
832	{
833	if (!is_array($params['cat_id'])) {
834	$params['cat_id'] = array($params['cat_id']);
835	}
836	if (!empty($params['cat_id_not'])) {
837	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
838	}
839	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
840	}
841	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
842	{
843	if (!is_array($params['cat_url'])) {
844	$params['cat_url'] = array($params['cat_url']);
845	}
846	if (!empty($params['cat_url_not'])) {
847	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
848	}
849	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
850	}
851
852	/* Other filters */
853	if (isset($params['post_status'])) {
854	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
855	}
856
857	if (isset($params['post_selected'])) {
858	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
859	}
860
861	if (!empty($params['post_year'])) {
862	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
863	"'".sprintf('%04d',$params['post_year'])."' ";
864	}
865
866	if (!empty($params['post_month'])) {
867	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
868	"'".sprintf('%02d',$params['post_month'])."' ";
869	}
870
871	if (!empty($params['post_day'])) {
872	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
873	"'".sprintf('%02d',$params['post_day'])."' ";
874	}
875
876	if (!empty($params['post_lang'])) {
877	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
878	}
879
880	if (!empty($params['search']))
881	{
882	$words = text::splitWords($params['search']);
883
884	if (!empty($words))
885	{
886	# --BEHAVIOR-- corePostSearch
887	if ($this->core->hasBehavior('corePostSearch')) {
888	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
889	}
890
891	if ($words)
892	{
893	foreach ($words as $i => $w) {
894	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
895	}
896	$strReq .= 'AND '.implode(' AND ',$words).' ';
897	}
898	}
899	}
900
901	if (!empty($params['sql'])) {
902	$strReq .= $params['sql'].' ';
903	}
904
905	if (!$count_only)
906	{
907	if (!empty($params['order'])) {
908	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
909	} else {
910	$strReq .= 'ORDER BY post_dt DESC ';
911	}
912	}
913
914	if (!$count_only && !empty($params['limit'])) {
915	$strReq .= $this->con->limit($params['limit']);
916	}
917
918	if (!empty($params['sql_only'])) {
919	return $strReq;
920	}
921
922	$rs = $this->con->select($strReq);
923	$rs->core = $this->core;
924	$rs->_nb_media = array();
925	$rs->extend('rsExtPost');
926
927	# --BEHAVIOR-- coreBlogGetPosts
928	$this->core->callBehavior('coreBlogGetPosts',$rs);
929
930	return $rs;
931	}
932
933	/**
934	Returns a record with post id, title and date for next or previous post
935	according to the post ID.
936	$dir could be 1 (next post) or -1 (previous post).
937
938	@param post_id <b>integer</b> Post ID
939	@param dir <b>integer</b> Search direction
940	@param restrict_to_category <b>boolean</b> Restrict to post with same category
941	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
942	@return record
943	*/
944	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
945	{
946	$dt = $post->post_dt;
947	$post_id = (integer) $post->post_id;
948
949	if($dir > 0) {
950	$sign = '>';
951	$order = 'ASC';
952	}
953	else {
954	$sign = '<';
955	$order = 'DESC';
956	}
957
958	$params['post_type'] = $post->post_type;
959	$params['limit'] = 1;
960	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
961	$params['sql'] =
962	'AND ( '.
963	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
964	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
965	') ';
966
967	if ($restrict_to_category) {
968	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
969	}
970
971	if ($restrict_to_lang) {
972	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
973	}
974
975	$rs = $this->getPosts($params);
976
977	if ($rs->isEmpty()) {
978	return null;
979	}
980
981	return $rs;
982	}
983
984	/**
985	Retrieves different languages and post count on blog, based on post_lang
986	field. <var>$params</var> is an array taking the following optionnal
987	parameters:
988
989	- post_type: Get only entries with given type (default "post", '' for no type)
990	- lang: retrieve post count for selected lang
991	- order: order statement (default post_lang DESC)
992
993	@param params <b>array</b> Parameters
994	@return record
995	*/
996	public function getLangs($params=array())
997	{
998	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
999	'FROM '.$this->prefix.'post '.
1000	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1001	"AND post_lang <> '' ".
1002	"AND post_lang IS NOT NULL ";
1003
1004	if (!$this->core->auth->check('contentadmin',$this->id)) {
1005	$strReq .= 'AND ((post_status = 1 ';
1006
1007	if ($this->without_password) {
1008	$strReq .= 'AND post_password IS NULL ';
1009	}
1010	$strReq .= ') ';
1011
1012	if ($this->core->auth->userID()) {
1013	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
1014	} else {
1015	$strReq .= ') ';
1016	}
1017	}
1018
1019	if (isset($params['post_type'])) {
1020	if ($params['post_type'] != '') {
1021	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1022	}
1023	} else {
1024	$strReq .= "AND post_type = 'post' ";
1025	}
1026
1027	if (isset($params['lang'])) {
1028	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
1029	}
1030
1031	$strReq .= 'GROUP BY post_lang ';
1032
1033	$order = 'desc';
1034	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1035	$order = $params['order'];
1036	}
1037	$strReq .= 'ORDER BY post_lang '.$order.' ';
1038
1039	return $this->con->select($strReq);
1040	}
1041
1042	/**
1043	Returns a record with all distinct blog dates and post count.
1044	<var>$params</var> is an array taking the following optionnal parameters:
1045
1046	- type: (day\|month\|year) Get days, months or years
1047	- year: (integer) Get dates for given year
1048	- month: (integer) Get dates for given month
1049	- day: (integer) Get dates for given day
1050	- cat_id: (integer) Category ID filter
1051	- cat_url: Category URL filter
1052	- post_lang: lang of the posts
1053	- next: Get date following match
1054	- previous: Get date before match
1055	- order: Sort by date "ASC" or "DESC"
1056
1057	@param params <b>array</b> Parameters array
1058	@return record
1059	*/
1060	public function getDates($params=array())
1061	{
1062	$dt_f = '%Y-%m-%d';
1063	$dt_fc = '%Y%m%d';
1064	if (isset($params['type'])) {
1065	if ($params['type'] == 'year') {
1066	$dt_f = '%Y-01-01';
1067	$dt_fc = '%Y0101';
1068	} elseif ($params['type'] == 'month') {
1069	$dt_f = '%Y-%m-01';
1070	$dt_fc = '%Y%m01';
1071	}
1072	}
1073	$dt_f .= ' 00:00:00';
1074	$dt_fc .= '000000';
1075
1076	$cat_field = $catReq = $limit = '';
1077
1078	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1079	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1080	$cat_field = ', C.cat_url ';
1081	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1082	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1083	$cat_field = ', C.cat_url ';
1084	}
1085	if (!empty($params['post_lang'])) {
1086	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1087	}
1088
1089	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1090	$cat_field.
1091	',COUNT(P.post_id) AS nb_post '.
1092	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1093	'ON P.cat_id = C.cat_id '.
1094	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1095	$catReq;
1096
1097	if (!$this->core->auth->check('contentadmin',$this->id)) {
1098	$strReq .= 'AND ((post_status = 1 ';
1099
1100	if ($this->without_password) {
1101	$strReq .= 'AND post_password IS NULL ';
1102	}
1103	$strReq .= ') ';
1104
1105	if ($this->core->auth->userID()) {
1106	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1107	} else {
1108	$strReq .= ') ';
1109	}
1110	}
1111
1112	if (!empty($params['post_type'])) {
1113	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1114	} else {
1115	$strReq .= "AND post_type = 'post' ";
1116	}
1117
1118	if (!empty($params['year'])) {
1119	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1120	}
1121
1122	if (!empty($params['month'])) {
1123	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1124	}
1125
1126	if (!empty($params['day'])) {
1127	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1128	}
1129
1130	# Get next or previous date
1131	if (!empty($params['next']) \|\| !empty($params['previous']))
1132	{
1133	if (!empty($params['next'])) {
1134	$pdir = ' > ';
1135	$params['order'] = 'asc';
1136	$dt = $params['next'];
1137	} else {
1138	$pdir = ' < ';
1139	$params['order'] = 'desc';
1140	$dt = $params['previous'];
1141	}
1142
1143	$dt = date('YmdHis',strtotime($dt));
1144
1145	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1146	$limit = $this->con->limit(1);
1147	}
1148
1149	$strReq .= 'GROUP BY dt '.$cat_field;
1150
1151	$order = 'desc';
1152	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1153	$order = $params['order'];
1154	}
1155
1156	$strReq .=
1157	'ORDER BY dt '.$order.' '.
1158	$limit;
1159
1160	$rs = $this->con->select($strReq);
1161	$rs->extend('rsExtDates');
1162	return $rs;
1163	}
1164
1165	/**
1166	Creates a new entry. Takes a cursor as input and returns the new entry
1167	ID.
1168
1169	@param cur <b>cursor</b> Post cursor
1170	@return <b>integer</b> New post ID
1171	*/
1172	public function addPost($cur)
1173	{
1174	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1175	throw new Exception(__('You are not allowed to create an entry'));
1176	}
1177
1178	$this->con->writeLock($this->prefix.'post');
1179	try
1180	{
1181	# Get ID
1182	$rs = $this->con->select(
1183	'SELECT MAX(post_id) '.
1184	'FROM '.$this->prefix.'post '
1185	);
1186
1187	$cur->post_id = (integer) $rs->f(0) + 1;
1188	$cur->blog_id = (string) $this->id;
1189	$cur->post_creadt = date('Y-m-d H:i:s');
1190	$cur->post_upddt = date('Y-m-d H:i:s');
1191	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1192
1193	# Post excerpt and content
1194	$this->getPostContent($cur,$cur->post_id);
1195
1196	$this->getPostCursor($cur);
1197
1198	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1199
1200	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1201	$cur->post_status = -2;
1202	}
1203
1204	# --BEHAVIOR-- coreBeforePostCreate
1205	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1206
1207	$cur->insert();
1208	$this->con->unlock();
1209	}
1210	catch (Exception $e)
1211	{
1212	$this->con->unlock();
1213	throw $e;
1214	}
1215
1216	# --BEHAVIOR-- coreAfterPostCreate
1217	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1218
1219	$this->triggerBlog();
1220
1221	return $cur->post_id;
1222	}
1223
1224	/**
1225	Updates an existing post.
1226
1227	@param id <b>integer</b> Post ID
1228	@param cur <b>cursor</b> Post cursor
1229	*/
1230	public function updPost($id,$cur)
1231	{
1232	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1233	throw new Exception(__('You are not allowed to update entries'));
1234	}
1235
1236	$id = (integer) $id;
1237
1238	if (empty($id)) {
1239	throw new Exception(__('No such entry ID'));
1240	}
1241
1242	# Post excerpt and content
1243	$this->getPostContent($cur,$id);
1244
1245	$this->getPostCursor($cur);
1246
1247	if ($cur->post_url !== null) {
1248	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1249	}
1250
1251	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1252	$cur->unsetField('post_status');
1253	}
1254
1255	$cur->post_upddt = date('Y-m-d H:i:s');
1256
1257	#If user is only "usage", we need to check the post's owner
1258	if (!$this->core->auth->check('contentadmin',$this->id))
1259	{
1260	$strReq = 'SELECT post_id '.
1261	'FROM '.$this->prefix.'post '.
1262	'WHERE post_id = '.$id.' '.
1263	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1264
1265	$rs = $this->con->select($strReq);
1266
1267	if ($rs->isEmpty()) {
1268	throw new Exception(__('You are not allowed to edit this entry'));
1269	}
1270	}
1271
1272	# --BEHAVIOR-- coreBeforePostUpdate
1273	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1274
1275	$cur->update('WHERE post_id = '.$id.' ');
1276
1277	# --BEHAVIOR-- coreAfterPostUpdate
1278	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1279
1280	$this->triggerBlog();
1281	}
1282
1283	/**
1284	Updates post status.
1285
1286	@param id <b>integer</b> Post ID
1287	@param status <b>integer</b> Post status
1288	*/
1289	public function updPostStatus($id,$status)
1290	{
1291	$this->updPostsStatus($id,$status);
1292	}
1293
1294	/**
1295	Updates posts status.
1296
1297	@param ids <b>mixed</b> Post(s) ID(s)
1298	@param status <b>integer</b> Post status
1299	*/
1300	public function updPostsStatus($ids,$status)
1301	{
1302	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1303	throw new Exception(__('You are not allowed to change this entry status'));
1304	}
1305
1306	$posts_ids = dcUtils::cleanIds($ids);
1307	$status = (integer) $status;
1308
1309	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1310	"AND post_id ".$this->con->in($posts_ids);
1311
1312	#If user can only publish, we need to check the post's owner
1313	if (!$this->core->auth->check('contentadmin',$this->id))
1314	{
1315	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1316	}
1317
1318	$cur = $this->con->openCursor($this->prefix.'post');
1319
1320	$cur->post_status = $status;
1321	$cur->post_upddt = date('Y-m-d H:i:s');
1322
1323	$cur->update($strReq);
1324	$this->triggerBlog();
1325	}
1326
1327	/**
1328	Updates post selection.
1329
1330	@param id <b>integer</b> Post ID
1331	@param selected <b>integer</b> Is selected post
1332	*/
1333	public function updPostSelected($id,$selected)
1334	{
1335	$this->updPostsSelected($id,$selected);
1336	}
1337
1338	/**
1339	Updates posts selection.
1340
1341	@param ids <b>mixed</b> Post(s) ID(s)
1342	@param selected <b>integer</b> Is selected post(s)
1343	*/
1344	public function updPostsSelected($ids,$selected)
1345	{
1346	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1347	throw new Exception(__('You are not allowed to change this entry category'));
1348	}
1349
1350	$posts_ids = dcUtils::cleanIds($ids);
1351	$selected = (boolean) $selected;
1352
1353	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1354	"AND post_id ".$this->con->in($posts_ids);
1355
1356	# If user is only usage, we need to check the post's owner
1357	if (!$this->core->auth->check('contentadmin',$this->id))
1358	{
1359	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1360	}
1361
1362	$cur = $this->con->openCursor($this->prefix.'post');
1363
1364	$cur->post_selected = (integer) $selected;
1365	$cur->post_upddt = date('Y-m-d H:i:s');
1366
1367	$cur->update($strReq);
1368	$this->triggerBlog();
1369	}
1370
1371	/**
1372	Updates post category. <var>$cat_id</var> can be null.
1373
1374	@param id <b>integer</b> Post ID
1375	@param cat_id <b>integer</b> Category ID
1376	*/
1377	public function updPostCategory($id,$cat_id)
1378	{
1379	$this->updPostsCategory($id,$cat_id);
1380	}
1381
1382	/**
1383	Updates posts category. <var>$cat_id</var> can be null.
1384
1385	@param ids <b>mixed</b> Post(s) ID(s)
1386	@param cat_id <b>integer</b> Category ID
1387	*/
1388	public function updPostsCategory($ids,$cat_id)
1389	{
1390	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1391	throw new Exception(__('You are not allowed to change this entry category'));
1392	}
1393
1394	$posts_ids = dcUtils::cleanIds($ids);
1395	$cat_id = (integer) $cat_id;
1396
1397	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1398	"AND post_id ".$this->con->in($posts_ids);
1399
1400	# If user is only usage, we need to check the post's owner
1401	if (!$this->core->auth->check('contentadmin',$this->id))
1402	{
1403	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1404	}
1405
1406	$cur = $this->con->openCursor($this->prefix.'post');
1407
1408	$cur->cat_id = ($cat_id ? $cat_id : null);
1409	$cur->post_upddt = date('Y-m-d H:i:s');
1410
1411	$cur->update($strReq);
1412	$this->triggerBlog();
1413	}
1414
1415	/**
1416	Updates posts category. <var>$new_cat_id</var> can be null.
1417
1418	@param old_cat_id <b>integer</b> Old category ID
1419	@param new_cat_id <b>integer</b> New category ID
1420	*/
1421	public function changePostsCategory($old_cat_id,$new_cat_id)
1422	{
1423	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1424	throw new Exception(__('You are not allowed to change entries category'));
1425	}
1426
1427	$old_cat_id = (integer) $old_cat_id;
1428	$new_cat_id = (integer) $new_cat_id;
1429
1430	$cur = $this->con->openCursor($this->prefix.'post');
1431
1432	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
1433	$cur->post_upddt = date('Y-m-d H:i:s');
1434
1435	$cur->update(
1436	'WHERE cat_id = '.$old_cat_id.' '.
1437	"AND blog_id = '".$this->con->escape($this->id)."' "
1438	);
1439	$this->triggerBlog();
1440	}
1441
1442	/**
1443	Deletes a post.
1444
1445	@param id <b>integer</b> Post ID
1446	*/
1447	public function delPost($id)
1448	{
1449	$this->delPosts($id);
1450	}
1451
1452	/**
1453	Deletes multiple posts.
1454
1455	@param ids <b>mixed</b> Post(s) ID(s)
1456	*/
1457	public function delPosts($ids)
1458	{
1459	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1460	throw new Exception(__('You are not allowed to delete entries'));
1461	}
1462
1463	$posts_ids = dcUtils::cleanIds($ids);
1464
1465	if (empty($posts_ids)) {
1466	throw new Exception(__('No such entry ID'));
1467	}
1468
1469	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1470	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1471	"AND post_id ".$this->con->in($posts_ids);
1472
1473	#If user can only delete, we need to check the post's owner
1474	if (!$this->core->auth->check('contentadmin',$this->id))
1475	{
1476	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1477	}
1478
1479	$this->con->execute($strReq);
1480	$this->triggerBlog();
1481	}
1482
1483	/**
1484	Publishes all entries flaged as "scheduled".
1485	*/
1486	public function publishScheduledEntries()
1487	{
1488	$strReq = 'SELECT post_id, post_dt, post_tz '.
1489	'FROM '.$this->prefix.'post '.
1490	'WHERE post_status = -1 '.
1491	"AND blog_id = '".$this->con->escape($this->id)."' ";
1492
1493	$rs = $this->con->select($strReq);
1494
1495	$now = dt::toUTC(time());
1496	$to_change = new ArrayObject();
1497
1498	if ($rs->isEmpty()) {
1499	return;
1500	}
1501
1502	while ($rs->fetch())
1503	{
1504	# Now timestamp with post timezone
1505	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1506
1507	# Post timestamp
1508	$post_ts = strtotime($rs->post_dt);
1509
1510	# If now_tz >= post_ts, we publish the entry
1511	if ($now_tz >= $post_ts) {
1512	$to_change[] = (integer) $rs->post_id;
1513	}
1514	}
1515	if (count($to_change))
1516	{
1517	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1518	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1519
1520	$strReq =
1521	'UPDATE '.$this->prefix.'post SET '.
1522	'post_status = 1 '.
1523	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1524	'AND post_id '.$this->con->in((array)$to_change).' ';
1525	$this->con->execute($strReq);
1526	$this->triggerBlog();
1527
1528	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1529	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1530	}
1531
1532	}
1533
1534	/**
1535	Retrieves all users having posts on current blog.
1536
1537	@param post_type <b>string</b> post_type filter (post)
1538	@return record
1539	*/
1540	public function getPostsUsers($post_type='post')
1541	{
1542	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1543	'user_displayname, user_email '.
1544	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1545	'WHERE P.user_id = U.user_id '.
1546	"AND blog_id = '".$this->con->escape($this->id)."' ";
1547
1548	if ($post_type) {
1549	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1550	}
1551
1552	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1553
1554	return $this->con->select($strReq);
1555	}
1556
1557	private function getPostsCategoryFilter($arr,$field='cat_id')
1558	{
1559	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1560
1561	$sub = array();
1562	$not = array();
1563	$queries = array();
1564
1565	foreach ($arr as $v)
1566	{
1567	$v = trim($v);
1568	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1569	$id = array_shift($args);
1570	$args = array_flip($args);
1571
1572	if (isset($args['not'])) { $not[$id] = 1; }
1573	if (isset($args['sub'])) { $sub[$id] = 1; }
1574	if ($field == 'cat_id') {
1575	if (preg_match('/^null$/i',$id)) {
1576	$queries[$id] = 'P.cat_id IS NULL';
1577	}
1578	else {
1579	$queries[$id] = 'P.cat_id = '.(integer) $id;
1580	}
1581	} else {
1582	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1583	}
1584	}
1585
1586	if (!empty($sub)) {
1587	$rs = $this->con->select(
1588	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1589	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1590	'AND '.$field.' '.$this->con->in(array_keys($sub))
1591	);
1592
1593	while ($rs->fetch()) {
1594	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1595	}
1596	}
1597
1598	# Create queries
1599	$sql = array(
1600	0 => array(), # wanted categories
1601	1 => array() # excluded categories
1602	);
1603
1604	foreach ($queries as $id => $q) {
1605	$sql[(integer) isset($not[$id])][] = $q;
1606	}
1607
1608	$sql[0] = implode(' OR ',$sql[0]);
1609	$sql[1] = implode(' OR ',$sql[1]);
1610
1611	if ($sql[0]) {
1612	$sql[0] = '('.$sql[0].')';
1613	} else {
1614	unset($sql[0]);
1615	}
1616
1617	if ($sql[1]) {
1618	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1619	} else {
1620	unset($sql[1]);
1621	}
1622
1623	return implode(' AND ',$sql);
1624	}
1625
1626	private function getPostCursor($cur,$post_id=null)
1627	{
1628	if ($cur->post_title == '') {
1629	throw new Exception(__('No entry title'));
1630	}
1631
1632	if ($cur->post_content == '') {
1633	throw new Exception(__('No entry content'));
1634	}
1635
1636	if ($cur->post_password === '') {
1637	$cur->post_password = null;
1638	}
1639
1640	if ($cur->post_dt == '') {
1641	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1642	$now = time() + $offset;
1643	$cur->post_dt = date('Y-m-d H:i:00',$now);
1644	}
1645
1646	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1647
1648	if ($cur->post_content_xhtml == '') {
1649	throw new Exception(__('No entry content'));
1650	}
1651
1652	# Words list
1653	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1654	&& $cur->post_content_xhtml !== null)
1655	{
1656	$words =
1657	$cur->post_title.' '.
1658	$cur->post_excerpt_xhtml.' '.
1659	$cur->post_content_xhtml;
1660
1661	$cur->post_words = implode(' ',text::splitWords($words));
1662	}
1663	}
1664
1665	private function getPostContent($cur,$post_id)
1666	{
1667	$post_excerpt = $cur->post_excerpt;
1668	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1669	$post_content = $cur->post_content;
1670	$post_content_xhtml = $cur->post_content_xhtml;
1671
1672	$this->setPostContent(
1673	$post_id,$cur->post_format,$cur->post_lang,
1674	$post_excerpt,$post_excerpt_xhtml,
1675	$post_content,$post_content_xhtml
1676	);
1677
1678	$cur->post_excerpt = $post_excerpt;
1679	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1680	$cur->post_content = $post_content;
1681	$cur->post_content_xhtml = $post_content_xhtml;
1682	}
1683
1684	/**
1685	Creates post HTML content, taking format and lang into account.
1686
1687	@param post_id <b>integer</b> Post ID
1688	@param format <b>string</b> Post format
1689	@param lang <b>string</b> Post lang
1690	@param excerpt <b>string</b> Post excerpt
1691	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1692	@param content <b>string</b> Post content
1693	@param[out] content_xhtml <b>string</b> Post content HTML
1694	*/
1695	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1696	{
1697	if ($format == 'wiki')
1698	{
1699	$this->core->initWikiPost();
1700	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1701	switch ($this->settings->system->note_title_tag) {
1702	case 1:
1703	$tag = 'h3';
1704	break;
1705	case 2:
1706	$tag = 'p';
1707	break;
1708	default:
1709	$tag = 'h4';
1710	break;
1711	}
1712	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1713	__('Notes').'</'.$tag.'>%s</div>');
1714	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1715	__('Note').'</'.$tag.'>%s</div>');
1716	if (strpos($lang,'fr') === 0) {
1717	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1718	}
1719	}
1720
1721	if ($excerpt) {
1722	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1723	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1724	} else {
1725	$excerpt_xhtml = '';
1726	}
1727
1728	if ($content) {
1729	$content_xhtml = $this->core->callFormater($format,$content);
1730	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1731	} else {
1732	$content_xhtml = '';
1733	}
1734
1735	# --BEHAVIOR-- coreAfterPostContentFormat
1736	$this->core->callBehavior('coreAfterPostContentFormat',array(
1737	'excerpt' => &$excerpt,
1738	'content' => &$content,
1739	'excerpt_xhtml' => &$excerpt_xhtml,
1740	'content_xhtml' => &$content_xhtml
1741	));
1742	}
1743
1744	/**
1745	Returns URL for a post according to blog setting <var>post_url_format</var>.
1746	It will try to guess URL and append some figures if needed.
1747
1748	@param url <b>string</b> Origin URL, could be empty
1749	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1750	@param post_title <b>string</b> Post title
1751	@param post_id <b>integer</b> Post ID
1752	@return <b>string</b> result URL
1753	*/
1754	public function getPostURL($url,$post_dt,$post_title,$post_id)
1755	{
1756	$url = trim($url);
1757
1758	$url_patterns = array(
1759	'{y}' => date('Y',strtotime($post_dt)),
1760	'{m}' => date('m',strtotime($post_dt)),
1761	'{d}' => date('d',strtotime($post_dt)),
1762	'{t}' => text::tidyURL($post_title),
1763	'{id}' => (integer) $post_id
1764	);
1765
1766	# If URL is empty, we create a new one
1767	if ($url == '')
1768	{
1769	# Transform with format
1770	$url = str_replace(
1771	array_keys($url_patterns),
1772	array_values($url_patterns),
1773	$this->settings->system->post_url_format
1774	);
1775	}
1776	else
1777	{
1778	$url = text::tidyURL($url);
1779	}
1780
1781	# Let's check if URL is taken...
1782	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1783	"WHERE post_url = '".$this->con->escape($url)."' ".
1784	'AND post_id <> '.(integer) $post_id. ' '.
1785	"AND blog_id = '".$this->con->escape($this->id)."' ".
1786	'ORDER BY post_url DESC';
1787
1788	$rs = $this->con->select($strReq);
1789
1790	if (!$rs->isEmpty())
1791	{
1792	if ($this->con->driver() == 'mysql') {
1793	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1794	} elseif ($this->con->driver() == 'pgsql') {
1795	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1796	} else {
1797	$clause = "LIKE '".$this->con->escape($url)."%'";
1798	}
1799	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1800	"WHERE post_url ".$clause.' '.
1801	'AND post_id <> '.(integer) $post_id.' '.
1802	"AND blog_id = '".$this->con->escape($this->id)."' ".
1803	'ORDER BY post_url DESC ';
1804
1805	$rs = $this->con->select($strReq);
1806	$a = array();
1807	while ($rs->fetch()) {
1808	$a[] = $rs->post_url;
1809	}
1810
1811	natsort($a);
1812	$t_url = end($a);
1813
1814	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1815	$i = (integer) $m[2];
1816	$url = $m[1];
1817	} else {
1818	$i = 1;
1819	}
1820
1821	return $url.($i+1);
1822	}
1823
1824	# URL is empty?
1825	if ($url == '') {
1826	throw new Exception(__('Empty entry URL'));
1827	}
1828
1829	return $url;
1830	}
1831	//@}
1832
1833	/// @name Comments management methods
1834	//@{
1835	/**
1836	Retrieves comments. <b>$params</b> is an array taking the following
1837	optionnal parameters:
1838
1839	- no_content: Don't retrieve comment content
1840	- post_type: Get only entries with given type (default no type, array for many types)
1841	- post_id: (integer) Get comments belonging to given post_id
1842	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1843	- comment_id: (integer) Get comment with given ID
1844	- comment_status: (integer) Get comments with given comment_status
1845	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1846	- comment_ip: (string) Get comments with given IP address
1847	- post_url: Get entry with given post_url field
1848	- user_id: (integer) Get entries belonging to given user ID
1849	- q_author: Search comments by author
1850	- sql: Append SQL string at the end of the query
1851	- from: Append SQL string after "FROM" statement in query
1852	- order: Order of results (default "ORDER BY comment_dt DES")
1853	- limit: Limit parameter
1854	- sql_only : return the sql request instead of results. Only ids are selected
1855
1856	@param params <b>array</b> Parameters
1857	@param count_only <b>boolean</b> Only counts results
1858	@return <b>record</b> A record with some more capabilities
1859	*/
1860	public function getComments($params=array(),$count_only=false)
1861	{
1862	if ($count_only)
1863	{
1864	$strReq = 'SELECT count(comment_id) ';
1865	}
1866	elseif (!empty($params['sql_only']))
1867	{
1868	$strReq = 'SELECT P.post_id ';
1869	}
1870	else
1871	{
1872	if (!empty($params['no_content'])) {
1873	$content_req = '';
1874	} else {
1875	$content_req = 'comment_content, ';
1876	}
1877
1878	if (!empty($params['columns']) && is_array($params['columns'])) {
1879	$content_req .= implode(', ',$params['columns']).', ';
1880	}
1881
1882	$strReq =
1883	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1884	'comment_author, comment_email, comment_site, '.
1885	$content_req.' comment_trackback, comment_status, '.
1886	'comment_spam_status, comment_spam_filter, comment_ip, '.
1887	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1888	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1889	}
1890
1891	$strReq .=
1892	'FROM '.$this->prefix.'comment C '.
1893	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1894	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1895
1896	if (!empty($params['from'])) {
1897	$strReq .= $params['from'].' ';
1898	}
1899
1900	$strReq .=
1901	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1902
1903	if (!$this->core->auth->check('contentadmin',$this->id)) {
1904	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1905
1906	if ($this->without_password) {
1907	$strReq .= 'AND post_password IS NULL ';
1908	}
1909	$strReq .= ') ';
1910
1911	if ($this->core->auth->userID()) {
1912	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1913	} else {
1914	$strReq .= ') ';
1915	}
1916	}
1917
1918	if (!empty($params['post_type']))
1919	{
1920	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1921	}
1922
1923	if (isset($params['post_id']) && $params['post_id'] !== '') {
1924	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1925	}
1926
1927	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1928	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1929	}
1930
1931	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
1932	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
1933	}
1934
1935	if (isset($params['comment_status'])) {
1936	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
1937	}
1938
1939	if (!empty($params['comment_status_not']))
1940	{
1941	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
1942	}
1943
1944	if (isset($params['comment_trackback'])) {
1945	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
1946	}
1947
1948	if (isset($params['comment_ip'])) {
1949	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
1950	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
1951	}
1952
1953	if (isset($params['q_author'])) {
1954	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
1955	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
1956	}
1957
1958	if (!empty($params['search']))
1959	{
1960	$words = text::splitWords($params['search']);
1961
1962	if (!empty($words))
1963	{
1964	# --BEHAVIOR coreCommentSearch
1965	if ($this->core->hasBehavior('coreCommentSearch')) {
1966	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
1967	}
1968
1969	if ($words)
1970	{
1971	foreach ($words as $i => $w) {
1972	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
1973	}
1974	$strReq .= 'AND '.implode(' AND ',$words).' ';
1975	}
1976	}
1977	}
1978
1979	if (!empty($params['sql'])) {
1980	$strReq .= $params['sql'].' ';
1981	}
1982
1983	if (!$count_only)
1984	{
1985	if (!empty($params['order'])) {
1986	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
1987	} else {
1988	$strReq .= 'ORDER BY comment_dt DESC ';
1989	}
1990	}
1991
1992	if (!$count_only && !empty($params['limit'])) {
1993	$strReq .= $this->con->limit($params['limit']);
1994	}
1995
1996	if (!empty($params['sql_only'])) {
1997	return $strReq;
1998	}
1999
2000	$rs = $this->con->select($strReq);
2001	$rs->core = $this->core;
2002	$rs->extend('rsExtComment');
2003
2004	# --BEHAVIOR-- coreBlogGetComments
2005	$this->core->callBehavior('coreBlogGetComments',$rs);
2006
2007	return $rs;
2008	}
2009
2010	/**
2011	Creates a new comment. Takes a cursor as input and returns the new comment
2012	ID.
2013
2014	@param cur <b>cursor</b> Comment cursor
2015	@return <b>integer</b> New comment ID
2016	*/
2017	public function addComment($cur)
2018	{
2019	$this->con->writeLock($this->prefix.'comment');
2020	try
2021	{
2022	# Get ID
2023	$rs = $this->con->select(
2024	'SELECT MAX(comment_id) '.
2025	'FROM '.$this->prefix.'comment '
2026	);
2027
2028	$cur->comment_id = (integer) $rs->f(0) + 1;
2029	$cur->comment_upddt = date('Y-m-d H:i:s');
2030
2031	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
2032	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
2033	$cur->comment_tz = $this->settings->system->blog_timezone;
2034
2035	$this->getCommentCursor($cur);
2036
2037	if ($cur->comment_ip === null) {
2038	$cur->comment_ip = http::realIP();
2039	}
2040
2041	# --BEHAVIOR-- coreBeforeCommentCreate
2042	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
2043
2044	$cur->insert();
2045	$this->con->unlock();
2046	}
2047	catch (Exception $e)
2048	{
2049	$this->con->unlock();
2050	throw $e;
2051	}
2052
2053	# --BEHAVIOR-- coreAfterCommentCreate
2054	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
2055
2056	$this->triggerComment($cur->comment_id);
2057	if ($cur->comment_status != -2) {
2058	$this->triggerBlog();
2059	}
2060	return $cur->comment_id;
2061	}
2062
2063	/**
2064	Updates an existing comment.
2065
2066	@param id <b>integer</b> Comment ID
2067	@param cur <b>cursor</b> Comment cursor
2068	*/
2069	public function updComment($id,$cur)
2070	{
2071	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
2072	throw new Exception(__('You are not allowed to update comments'));
2073	}
2074
2075	$id = (integer) $id;
2076
2077	if (empty($id)) {
2078	throw new Exception(__('No such comment ID'));
2079	}
2080
2081	$rs = $this->getComments(array('comment_id' => $id));
2082
2083	if ($rs->isEmpty()) {
2084	throw new Exception(__('No such comment ID'));
2085	}
2086
2087	#If user is only usage, we need to check the post's owner
2088	if (!$this->core->auth->check('contentadmin',$this->id))
2089	{
2090	if ($rs->user_id != $this->core->auth->userID()) {
2091	throw new Exception(__('You are not allowed to update this comment'));
2092	}
2093	}
2094
2095	$this->getCommentCursor($cur);
2096
2097	$cur->comment_upddt = date('Y-m-d H:i:s');
2098
2099	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2100	$cur->unsetField('comment_status');
2101	}
2102
2103	# --BEHAVIOR-- coreBeforeCommentUpdate
2104	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2105
2106	$cur->update('WHERE comment_id = '.$id.' ');
2107
2108	# --BEHAVIOR-- coreAfterCommentUpdate
2109	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2110
2111	$this->triggerComment($id);
2112	$this->triggerBlog();
2113	}
2114
2115	/**
2116	Updates comment status.
2117
2118	@param id <b>integer</b> Comment ID
2119	@param status <b>integer</b> Comment status
2120	*/
2121	public function updCommentStatus($id,$status)
2122	{
2123	$this->updCommentsStatus($id,$status);
2124	}
2125
2126	/**
2127	Updates comments status.
2128
2129	@param ids <b>mixed</b> Comment(s) ID(s)
2130	@param status <b>integer</b> Comment status
2131	*/
2132	public function updCommentsStatus($ids,$status)
2133	{
2134	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2135	throw new Exception(__("You are not allowed to change this comment's status"));
2136	}
2137
2138	$co_ids = dcUtils::cleanIds($ids);
2139	$status = (integer) $status;
2140
2141	$strReq =
2142	'UPDATE '.$this->prefix.'comment tc ';
2143
2144	# mySQL uses "JOIN" synthax
2145	if ($this->con->driver() == 'mysql') {
2146	$strReq .=
2147	'JOIN '.$this->prefix.'post tp ON tc.post_id = tp.post_id ';
2148	}
2149
2150	$strReq .=
2151	'SET comment_status = '.$status.' ';
2152
2153	# pgSQL uses "FROM" synthax
2154	if ($this->con->driver() != 'mysql') {
2155	$strReq .=
2156	'FROM '.$this->prefix.'post tp ';
2157	}
2158
2159	$strReq .=
2160	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
2161	'AND comment_id'.$this->con->in($co_ids);
2162
2163	# add pgSQL "WHERE" clause
2164	if ($this->con->driver() != 'mysql') {
2165	$strReq .=
2166	'AND tc.post_id = tp.post_id ';
2167	}
2168
2169	#If user is only usage, we need to check the post's owner
2170	if (!$this->core->auth->check('contentadmin',$this->id))
2171	{
2172	$strReq .=
2173	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2174	}
2175
2176	$this->con->execute($strReq);
2177	$this->triggerComments($co_ids);
2178	$this->triggerBlog();
2179	}
2180
2181	/**
2182	Delete a comment
2183
2184	@param id <b>integer</b> Comment ID
2185	*/
2186	public function delComment($id)
2187	{
2188	$this->delComments($id);
2189	}
2190
2191	/**
2192	Delete comments
2193
2194	@param ids <b>mixed</b> Comment(s) ID(s)
2195	*/
2196	public function delComments($ids)
2197	{
2198	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2199	throw new Exception(__('You are not allowed to delete comments'));
2200	}
2201
2202	$co_ids = dcUtils::cleanIds($ids);
2203
2204	if (empty($co_ids)) {
2205	throw new Exception(__('No such comment ID'));
2206	}
2207
2208	# Retrieve posts affected by comments edition
2209	$affected_posts = array();
2210	$strReq =
2211	'SELECT distinct(post_id) '.
2212	'FROM '.$this->prefix.'comment '.
2213	'WHERE comment_id'.$this->con->in($co_ids);
2214
2215	$rs = $this->con->select($strReq);
2216
2217	while ($rs->fetch()) {
2218	$affected_posts[] = (integer) $rs->post_id;
2219	}
2220
2221	# mySQL uses "INNER JOIN" synthax
2222	if ($this->con->driver() == 'mysql') {
2223	$strReq =
2224	'DELETE FROM tc '.
2225	'USING '.$this->prefix.'comment tc '.
2226	'INNER JOIN '.$this->prefix.'post tp ';
2227	}
2228	# pgSQL uses nothing special
2229	else {
2230	$strReq =
2231	'DELETE FROM '.$this->prefix.'comment tc '.
2232	'USING '.$this->prefix.'post tp ';
2233	}
2234
2235	$strReq .=
2236	'WHERE tc.post_id = tp.post_id '.
2237	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2238	'AND comment_id'.$this->con->in($co_ids);
2239
2240	#If user can only delete, we need to check the post's owner
2241	if (!$this->core->auth->check('contentadmin',$this->id))
2242	{
2243	$strReq .=
2244	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2245	}
2246
2247	$this->con->execute($strReq);
2248	$this->triggerComments($co_ids, true, $affected_posts);
2249	$this->triggerBlog();
2250	}
2251
2252	public function delJunkComments()
2253	{
2254	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2255	throw new Exception(__('You are not allowed to delete comments'));
2256	}
2257
2258	# mySQL uses "INNER JOIN" synthax
2259	if ($this->con->driver() == 'mysql') {
2260	$strReq =
2261	'DELETE FROM tc '.
2262	'USING '.$this->prefix.'comment tc '.
2263	'INNER JOIN '.$this->prefix.'post tp ';
2264	}
2265	# pgSQL uses nothing special
2266	else {
2267	$strReq =
2268	'DELETE FROM '.$this->prefix.'comment tc '.
2269	'USING '.$this->prefix.'post tp ';
2270	}
2271
2272	$strReq .=
2273	'WHERE tc.post_id = tp.post_id '.
2274	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2275	'AND comment_status = -2';
2276
2277	#If user can only delete, we need to check the post's owner
2278	if (!$this->core->auth->check('contentadmin',$this->id))
2279	{
2280	$strReq .=
2281	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2282	}
2283
2284	$this->con->execute($strReq);
2285	$this->triggerBlog();
2286	}
2287
2288	private function getCommentCursor($cur)
2289	{
2290	if ($cur->comment_content !== null && $cur->comment_content == '') {
2291	throw new Exception(__('You must provide a comment'));
2292	}
2293
2294	if ($cur->comment_author !== null && $cur->comment_author == '') {
2295	throw new Exception(__('You must provide an author name'));
2296	}
2297
2298	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2299	throw new Exception(__('Email address is not valid.'));
2300	}
2301
2302	if ($cur->comment_site !== null && $cur->comment_site != '') {
2303	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
2304	$cur->comment_site = 'http://'.$cur->comment_site;
2305	}else{
2306	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
2307	}
2308	}
2309
2310	if ($cur->comment_status === null) {
2311	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2312	}
2313
2314	# Words list
2315	if ($cur->comment_content !== null)
2316	{
2317	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2318	}
2319	}
2320	//@}
2321	}
2322	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 1542:2de80618299a

Download in other formats:

Sites map