class.dc.blog.php @ 3134:95c191363892

Visit:

Revision 3134:95c191363892, 62.3 KB checked in by franck <carnet.franck.paul@…>, 10 years ago (diff)
Open the door to some funny things with this new behavior

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = http::getHostFromURL($this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('Pending');
94	$this->post_status['-1'] = __('Scheduled');
95	$this->post_status['0'] = __('Unpublished');
96	$this->post_status['1'] = __('Published');
97
98	$this->comment_status['-2'] = __('Junk');
99	$this->comment_status['-1'] = __('Pending');
100	$this->comment_status['0'] = __('Unpublished');
101	$this->comment_status['1'] = __('Published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns jQuery version selected for the blog.
124	*/
125	public function getJsJQuery()
126	{
127	$version = $this->settings->system->jquery_version;
128	if ($version == '') {
129	$version = DC_DEFAULT_JQUERY; // defined in inc/prepend.php
130	}
131	return 'jquery/'.$version;
132	}
133
134	/**
135	Returns public URL of specified plugin file.
136	*/
137	public function getPF($pf, $strip_host=true)
138	{
139	$ret = $this->getQmarkURL().'pf='.$pf;
140	if ($strip_host) {
141	$ret = html::stripHostURL($ret);
142	}
143	return $ret;
144	}
145
146	/**
147	Returns an entry status name given to a code. Status are translated, never
148	use it for tests. If status code does not exist, returns <i>unpublished</i>.
149
150	@param s <b>integer</b> Status code
151	@return <b>string</b> Blog status name
152	*/
153	public function getPostStatus($s)
154	{
155	if (isset($this->post_status[$s])) {
156	return $this->post_status[$s];
157	}
158	return $this->post_status['0'];
159	}
160
161	/**
162	Returns an array of available entry status codes and names.
163
164	@return <b>array</b> Simple array with codes in keys and names in value
165	*/
166	public function getAllPostStatus()
167	{
168	return $this->post_status;
169	}
170
171	/**
172	Returns an array of available comment status codes and names.
173
174	@return <b>array</b> Simple array with codes in keys and names in value
175	*/
176	public function getAllCommentStatus()
177	{
178	return $this->comment_status;
179	}
180
181	/**
182	Disallows entries password protection. You need to set it to
183	<var>false</var> while serving a public blog.
184
185	@param v <b>boolean</b>
186	*/
187	public function withoutPassword($v)
188	{
189	$this->without_password = (boolean) $v;
190	}
191	//@}
192
193	/// @name Triggers methods
194	//@{
195	/**
196	Updates blog last update date. Should be called every time you change
197	an element related to the blog.
198	*/
199	public function triggerBlog()
200	{
201	$cur = $this->con->openCursor($this->prefix.'blog');
202
203	$cur->blog_upddt = date('Y-m-d H:i:s');
204
205	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
206
207	# --BEHAVIOR-- coreBlogAfterTriggerBlog
208	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
209	}
210
211	/**
212	Updates comment and trackback counters in post table. Should be called
213	every time a comment or trackback is added, removed or changed its status.
214
215	@param id <b>integer</b> Comment ID
216	@param del <b>boolean</b> If comment is delete, set this to true
217	*/
218	public function triggerComment($id,$del=false)
219	{
220	$this->triggerComments($id,$del);
221	}
222
223	/**
224	Updates comments and trackbacks counters in post table. Should be called
225	every time comments or trackbacks are added, removed or changed their status.
226
227	@param ids <b>mixed</b> Comment(s) ID(s)
228	@param del <b>boolean</b> If comment is delete, set this to true
229	@param affected_posts <b>mixed</b> Posts(s) ID(s)
230	*/
231	public function triggerComments($ids, $del=false, $affected_posts=null)
232	{
233	$comments_ids = dcUtils::cleanIds($ids);
234
235	# Get posts affected by comments edition
236	if (empty($affected_posts)) {
237	$strReq =
238	'SELECT post_id '.
239	'FROM '.$this->prefix.'comment '.
240	'WHERE comment_id'.$this->con->in($comments_ids).
241	'GROUP BY post_id';
242
243	$rs = $this->con->select($strReq);
244
245	$affected_posts = array();
246	while ($rs->fetch()) {
247	$affected_posts[] = (integer) $rs->post_id;
248	}
249	}
250
251	if (!is_array($affected_posts) \|\| empty($affected_posts)) {
252	return;
253	}
254
255	# Count number of comments if exists for affected posts
256	$strReq =
257	'SELECT post_id, COUNT(post_id) AS nb_comment, comment_trackback '.
258	'FROM '.$this->prefix.'comment '.
259	'WHERE comment_status = 1 '.
260	'AND post_id'.$this->con->in($affected_posts).
261	'GROUP BY post_id,comment_trackback';
262
263	$rs = $this->con->select($strReq);
264
265	$posts = array();
266	while ($rs->fetch()) {
267	if ($rs->comment_trackback) {
268	$posts[$rs->post_id]['trackback'] = $rs->nb_comment;
269	} else {
270	$posts[$rs->post_id]['comment'] = $rs->nb_comment;
271	}
272	}
273
274	# Update number of comments on affected posts
275	$cur = $this->con->openCursor($this->prefix.'post');
276	foreach($affected_posts as $post_id)
277	{
278	$cur->clean();
279
280	if (!array_key_exists($post_id,$posts)) {
281	$cur->nb_trackback = 0;
282	$cur->nb_comment = 0;
283	} else {
284	$cur->nb_trackback = empty($posts[$post_id]['trackback']) ? 0 : $posts[$post_id]['trackback'];
285	$cur->nb_comment = empty($posts[$post_id]['comment']) ? 0 : $posts[$post_id]['comment'];
286	}
287
288	$cur->update('WHERE post_id = '.$post_id);
289	}
290	}
291	//@}
292
293	/// @name Categories management methods
294	//@{
295	public function categories()
296	{
297	if (!($this->categories instanceof dcCategories)) {
298	$this->categories = new dcCategories($this->core);
299	}
300
301	return $this->categories;
302	}
303
304	/**
305	Retrieves categories. <var>$params</var> is an associative array which can
306	take the following parameters:
307
308	- post_type: Get only entries with given type (default "post")
309	- cat_url: filter on cat_url field
310	- cat_id: filter on cat_id field
311	- start: start with a given category
312	- level: categories level to retrieve
313
314	@param params <b>array</b> Parameters
315	@return <b>record</b>
316	*/
317	public function getCategories($params=array())
318	{
319	$c_params = array();
320	if (isset($params['post_type'])) {
321	$c_params['post_type'] = $params['post_type'];
322	unset($params['post_type']);
323	}
324	$counter = $this->getCategoriesCounter($c_params);
325
326	if (isset($params['without_empty']) && ($params['without_empty'] == false)) {
327	$without_empty = false;
328	} else {
329	$without_empty = $this->core->auth->userID() == false; # Get all categories if in admin display
330	}
331
332	$start = isset($params['start']) ? (integer) $params['start'] : 0;
333	$l = isset($params['level']) ? (integer) $params['level'] : 0;
334
335	$rs = $this->categories()->getChildren($start,null,'desc');
336
337	# Get each categories total posts count
338	$data = array();
339	$stack = array();
340	$level = 0;
341	$cols = $rs->columns();
342	while ($rs->fetch())
343	{
344	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
345
346	if ($rs->level > $level) {
347	$nb_total = $nb_post;
348	$stack[$rs->level] = (integer) $nb_post;
349	} elseif ($rs->level == $level) {
350	$nb_total = $nb_post;
351	$stack[$rs->level] += $nb_post;
352	} else {
353	$nb_total = $stack[$rs->level+1] + $nb_post;
354	if (isset($stack[$rs->level])) {
355	$stack[$rs->level] += $nb_total;
356	} else {
357	$stack[$rs->level] = $nb_total;
358	}
359	unset($stack[$rs->level+1]);
360	}
361
362	if ($nb_total == 0 && $without_empty) {
363	continue;
364	}
365
366	$level = $rs->level;
367
368	$t = array();
369	foreach ($cols as $c) {
370	$t[$c] = $rs->f($c);
371	}
372	$t['nb_post'] = $nb_post;
373	$t['nb_total'] = $nb_total;
374
375	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
376	array_unshift($data,$t);
377	}
378	}
379
380	# We need to apply filter after counting
381	if (isset($params['cat_id']) && $params['cat_id'] !== '')
382	{
383	$found = false;
384	foreach ($data as $v) {
385	if ($v['cat_id'] == $params['cat_id']) {
386	$found = true;
387	$data = array($v);
388	break;
389	}
390	}
391	if (!$found) {
392	$data = array();
393	}
394	}
395
396	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
397	&& !isset($params['cat_id']))
398	{
399	$found = false;
400	foreach ($data as $v) {
401	if ($v['cat_url'] == $params['cat_url']) {
402	$found = true;
403	$data = array($v);
404	break;
405	}
406	}
407	if (!$found) {
408	$data = array();
409	}
410	}
411
412	return staticRecord::newFromArray($data);
413	}
414
415	/**
416	Retrieves a category by its ID.
417
418	@param id <b>integer</b> Category ID
419	@return <b>record</b>
420	*/
421	public function getCategory($id)
422	{
423	return $this->getCategories(array('cat_id' => $id));
424	}
425
426	/**
427	Retrieves parents of a given category.
428
429	@param id <b>integer</b> Category ID
430	@return <b>record</b>
431	*/
432	public function getCategoryParents($id)
433	{
434	return $this->categories()->getParents($id);
435	}
436
437	/**
438	Retrieves first parent of a given category.
439
440	@param id <b>integer</b> Category ID
441	@return <b>record</b>
442	*/
443	public function getCategoryParent($id)
444	{
445	return $this->categories()->getParent($id);
446	}
447
448	/**
449	Retrieves all category's first children
450
451	@param id <b>integer</b> Category ID
452	@return <b>record</b>
453	*/
454	public function getCategoryFirstChildren($id)
455	{
456	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
457	}
458
459	private function getCategoriesCounter($params=array())
460	{
461	$strReq =
462	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
463	'FROM '.$this->prefix.'category AS C '.
464	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
465	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
466
467	if (!$this->core->auth->userID()) {
468	$strReq .= 'AND P.post_status = 1 ';
469	}
470
471	if (!empty($params['post_type'])) {
472	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
473	}
474
475	$strReq .= 'GROUP BY C.cat_id ';
476
477	$rs = $this->con->select($strReq);
478	$counters = array();
479	while ($rs->fetch()) {
480	$counters[$rs->cat_id] = $rs->nb_post;
481	}
482
483	return $counters;
484	}
485
486	/**
487	Creates a new category. Takes a cursor as input and returns the new category
488	ID.
489
490	@param cur <b>cursor</b> Category cursor
491	@return <b>integer</b> New category ID
492	*/
493	public function addCategory($cur,$parent=0)
494	{
495	if (!$this->core->auth->check('categories',$this->id)) {
496	throw new Exception(__('You are not allowed to add categories'));
497	}
498
499	$url = array();
500	if ($parent != 0)
501	{
502	$rs = $this->getCategory($parent);
503	if ($rs->isEmpty()) {
504	$url = array();
505	} else {
506	$url[] = $rs->cat_url;
507	}
508	}
509
510	if ($cur->cat_url == '') {
511	$url[] = text::tidyURL($cur->cat_title,false);
512	} else {
513	$url[] = $cur->cat_url;
514	}
515
516	$cur->cat_url = implode('/',$url);
517
518	$this->getCategoryCursor($cur);
519	$cur->blog_id = (string) $this->id;
520
521	# --BEHAVIOR-- coreBeforeCategoryCreate
522	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
523
524	$id = $this->categories()->addNode($cur,$parent);
525	# Update category's cursor
526	$rs = $this->getCategory($id);
527	if (!$rs->isEmpty()) {
528	$cur->cat_lft = $rs->cat_lft;
529	$cur->cat_rgt = $rs->cat_rgt;
530	}
531
532	# --BEHAVIOR-- coreAfterCategoryCreate
533	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
534	$this->triggerBlog();
535
536	return $cur->cat_id;
537	}
538
539	/**
540	Updates an existing category.
541
542	@param id <b>integer</b> Category ID
543	@param cur <b>cursor</b> Category cursor
544	*/
545	public function updCategory($id,$cur)
546	{
547	if (!$this->core->auth->check('categories',$this->id)) {
548	throw new Exception(__('You are not allowed to update categories'));
549	}
550
551	if ($cur->cat_url == '')
552	{
553	$url = array();
554	$rs = $this->categories()->getParents($id);
555	while ($rs->fetch()) {
556	if ($rs->index() == $rs->count()-1) {
557	$url[] = $rs->cat_url;
558	}
559	}
560
561
562	$url[] = text::tidyURL($cur->cat_title,false);
563	$cur->cat_url = implode('/',$url);
564	}
565
566	$this->getCategoryCursor($cur,$id);
567
568	# --BEHAVIOR-- coreBeforeCategoryUpdate
569	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
570
571	$cur->update(
572	'WHERE cat_id = '.(integer) $id.' '.
573	"AND blog_id = '".$this->con->escape($this->id)."' ");
574
575	# --BEHAVIOR-- coreAfterCategoryUpdate
576	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
577
578	$this->triggerBlog();
579	}
580
581	/**
582	Set category position
583
584	@param id <b>integer</b> Category ID
585	@param left <b>integer</b> Category ID before
586	@param right <b>integer</b> Category ID after
587	*/
588	public function updCategoryPosition($id,$left,$right)
589	{
590	$this->categories()->updatePosition($id,$left,$right);
591	$this->triggerBlog();
592	}
593
594	/**
595	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
596	instead.
597
598	@param id <b>integer</b> Category ID
599	@param order <b>integer</b> Category position
600	*/
601	public function updCategoryOrder($id,$order)
602	{
603	return;
604	}
605
606	/**
607	Set a category parent
608
609	@param id <b>integer</b> Category ID
610	@param parent <b>integer</b> Parent Category ID
611	*/
612	public function setCategoryParent($id,$parent)
613	{
614	$this->categories()->setNodeParent($id,$parent);
615	$this->triggerBlog();
616	}
617
618	/**
619	Set category position
620
621	@param id <b>integer</b> Category ID
622	@param sibling <b>integer</b> Sibling Category ID
623	@param move <b>integer</b> Order (before\|after)
624	*/
625	public function setCategoryPosition($id,$sibling,$move)
626	{
627	$this->categories()->setNodePosition($id,$sibling,$move);
628	$this->triggerBlog();
629	}
630
631	/**
632	Deletes a category.
633
634	@param id <b>integer</b> Category ID
635	*/
636	public function delCategory($id)
637	{
638	if (!$this->core->auth->check('categories',$this->id)) {
639	throw new Exception(__('You are not allowed to delete categories'));
640	}
641
642	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
643	'FROM '.$this->prefix.'post '.
644	'WHERE cat_id = '.(integer) $id.' '.
645	"AND blog_id = '".$this->con->escape($this->id)."' ";
646
647	$rs = $this->con->select($strReq);
648
649	if ($rs->nb_post > 0) {
650	throw new Exception(__('This category is not empty.'));
651	}
652
653	$this->categories()->deleteNode($id,true);
654	$this->triggerBlog();
655	}
656
657	/**
658	Reset categories order and relocate them to first level
659	*/
660	public function resetCategoriesOrder()
661	{
662	if (!$this->core->auth->check('categories',$this->id)) {
663	throw new Exception(__('You are not allowed to reset categories order'));
664	}
665
666	$this->categories()->resetOrder();
667	$this->triggerBlog();
668	}
669
670	private function checkCategory($title,$url,$id=null)
671	{
672	# Let's check if URL is taken...
673	$strReq =
674	'SELECT cat_url FROM '.$this->prefix.'category '.
675	"WHERE cat_url = '".$this->con->escape($url)."' ".
676	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
677	"AND blog_id = '".$this->con->escape($this->id)."' ".
678	'ORDER BY cat_url DESC';
679
680	$rs = $this->con->select($strReq);
681
682	if (!$rs->isEmpty())
683	{
684	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
685	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
686	} elseif ($this->con->driver() == 'pgsql') {
687	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
688	} else {
689	$clause = "LIKE '".$this->con->escape($url)."%'";
690	}
691	$strReq =
692	'SELECT cat_url FROM '.$this->prefix.'category '.
693	"WHERE cat_url ".$clause.' '.
694	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
695	"AND blog_id = '".$this->con->escape($this->id)."' ".
696	'ORDER BY cat_url DESC ';
697
698	$rs = $this->con->select($strReq);
699	$a = array();
700	while ($rs->fetch()) {
701	$a[] = $rs->cat_url;
702	}
703
704	natsort($a);
705	$t_url = end($a);
706
707	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
708	$i = (integer) $m[2];
709	$url = $m[1];
710	} else {
711	$i = 1;
712	}
713
714	return $url.($i+1);
715	}
716
717	# URL is empty?
718	if ($url == '') {
719	throw new Exception(__('Empty category URL'));
720	}
721
722	return $url;
723	}
724
725	private function getCategoryCursor($cur,$id=null)
726	{
727	if ($cur->cat_title == '') {
728	throw new Exception(__('You must provide a category title'));
729	}
730
731	# If we don't have any cat_url, let's do one
732	if ($cur->cat_url == '') {
733	$cur->cat_url = text::tidyURL($cur->cat_title,false);
734	}
735
736	# Still empty ?
737	if ($cur->cat_url == '') {
738	throw new Exception(__('You must provide a category URL'));
739	} else {
740	$cur->cat_url = text::tidyURL($cur->cat_url,true);
741	}
742
743	# Check if title or url are unique
744	$cur->cat_url = $this->checkCategory($cur->cat_title,$cur->cat_url,$id);
745
746	if ($cur->cat_desc !== null) {
747	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
748	}
749	}
750	//@}
751
752	/// @name Entries management methods
753	//@{
754	/**
755	Retrieves entries. <b>$params</b> is an array taking the following
756	optionnal parameters:
757
758	- no_content: Don't retrieve entry content (excerpt and content)
759	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
760	- post_id: (integer or array) Get entry with given post_id
761	- post_url: Get entry with given post_url field
762	- user_id: (integer) Get entries belonging to given user ID
763	- cat_id: (string or array) Get entries belonging to given category ID
764	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
765	- cat_url: (string or array) Get entries belonging to given category URL
766	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
767	- post_status: (integer) Get entries with given post_status
768	- post_selected: (boolean) Get select flaged entries
769	- post_year: (integer) Get entries with given year
770	- post_month: (integer) Get entries with given month
771	- post_day: (integer) Get entries with given day
772	- post_lang: Get entries with given language code
773	- search: Get entries corresponding of the following search string
774	- columns: (array) More columns to retrieve
775	- sql: Append SQL string at the end of the query
776	- from: Append SQL string after "FROM" statement in query
777	- order: Order of results (default "ORDER BY post_dt DES")
778	- limit: Limit parameter
779	- sql_only : return the sql request instead of results. Only ids are selected
780	- exclude_post_id : (integer or array) Exclude entries with given post_id
781
782	Please note that on every cat_id or cat_url, you can add ?not to exclude
783	the category and ?sub to get subcategories.
784
785	@param params <b>array</b> Parameters
786	@param count_only <b>boolean</b> Only counts results
787	@return <b>record</b> A record with some more capabilities or the SQL request
788	*/
789	public function getPosts($params=array(),$count_only=false)
790	{
791	# --BEHAVIOR-- coreBlogBeforeGetPosts
792	$params = new ArrayObject($params);
793	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
794
795	if ($count_only)
796	{
797	$strReq = 'SELECT count(DISTINCT P.post_id) ';
798	}
799	elseif (!empty($params['sql_only']))
800	{
801	$strReq = 'SELECT P.post_id ';
802	}
803	else
804	{
805	if (!empty($params['no_content'])) {
806	$content_req = '';
807	} else {
808	$content_req =
809	'post_excerpt, post_excerpt_xhtml, '.
810	'post_content, post_content_xhtml, post_notes, ';
811	}
812
813	if (!empty($params['columns']) && is_array($params['columns'])) {
814	$content_req .= implode(', ',$params['columns']).', ';
815	}
816
817
818	$strReq =
819	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
820	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
821	'post_url, post_lang, post_title, '.$content_req.
822	'post_type, post_meta, post_status, post_selected, post_position, '.
823	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
824	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
825	'U.user_url, '.
826	'C.cat_title, C.cat_url, C.cat_desc ';
827	}
828
829	$strReq .=
830	'FROM '.$this->prefix.'post P '.
831	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
832	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
833
834	if (!empty($params['from'])) {
835	$strReq .= $params['from'].' ';
836	}
837
838	$strReq .=
839	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
840
841	if (!$this->core->auth->check('contentadmin',$this->id)) {
842	$strReq .= 'AND ((post_status = 1 ';
843
844	if ($this->without_password) {
845	$strReq .= 'AND post_password IS NULL ';
846	}
847	$strReq .= ') ';
848
849	if ($this->core->auth->userID()) {
850	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
851	} else {
852	$strReq .= ') ';
853	}
854	}
855
856	#Adding parameters
857	if (isset($params['post_type']))
858	{
859	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
860	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
861	}
862	}
863	else
864	{
865	$strReq .= "AND post_type = 'post' ";
866	}
867
868	if (isset($params['post_id']) && $params['post_id'] !== '') {
869	if (is_array($params['post_id'])) {
870	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
871	} else {
872	$params['post_id'] = array((integer) $params['post_id']);
873	}
874	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
875	}
876
877	if (isset($params['exclude_post_id']) && $params['exclude_post_id'] !== '') {
878	if (is_array($params['exclude_post_id'])) {
879	array_walk($params['exclude_post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
880	} else {
881	$params['exclude_post_id'] = array((integer) $params['exclude_post_id']);
882	}
883	$strReq .= 'AND P.post_id NOT '.$this->con->in($params['exclude_post_id']);
884	}
885
886	if (isset($params['post_url']) && $params['post_url'] !== '') {
887	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
888	}
889
890	if (!empty($params['user_id'])) {
891	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
892	}
893
894	if (isset($params['cat_id']) && $params['cat_id'] !== '')
895	{
896	if (!is_array($params['cat_id'])) {
897	$params['cat_id'] = array($params['cat_id']);
898	}
899	if (!empty($params['cat_id_not'])) {
900	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
901	}
902	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
903	}
904	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
905	{
906	if (!is_array($params['cat_url'])) {
907	$params['cat_url'] = array($params['cat_url']);
908	}
909	if (!empty($params['cat_url_not'])) {
910	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
911	}
912	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
913	}
914
915	/* Other filters */
916	if (isset($params['post_status'])) {
917	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
918	}
919
920	if (isset($params['post_selected'])) {
921	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
922	}
923
924	if (!empty($params['post_year'])) {
925	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
926	"'".sprintf('%04d',$params['post_year'])."' ";
927	}
928
929	if (!empty($params['post_month'])) {
930	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
931	"'".sprintf('%02d',$params['post_month'])."' ";
932	}
933
934	if (!empty($params['post_day'])) {
935	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
936	"'".sprintf('%02d',$params['post_day'])."' ";
937	}
938
939	if (!empty($params['post_lang'])) {
940	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
941	}
942
943	if (!empty($params['search']))
944	{
945	$words = text::splitWords($params['search']);
946
947	if (!empty($words))
948	{
949	# --BEHAVIOR-- corePostSearch
950	if ($this->core->hasBehavior('corePostSearch')) {
951	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
952	}
953
954	if ($words)
955	{
956	foreach ($words as $i => $w) {
957	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
958	}
959	$strReq .= 'AND '.implode(' AND ',$words).' ';
960	}
961	}
962	}
963
964	if (isset($params['media'])) {
965	if ($params['media'] == '0') {
966	$strReq .= 'AND NOT ';
967	} else {
968	$strReq .= 'AND ';
969	}
970	$strReq .= 'EXISTS (SELECT M.post_id FROM '.$this->prefix.'post_media M '.
971	'WHERE M.post_id = P.post_id ';
972	if (isset($params['link_type'])) {
973	$strReq .= " AND M.link_type ".$this->con->in($params['link_type'])." ";
974	}
975	$strReq .= ")";
976	}
977
978	if (!empty($params['where'])) {
979	$strReq .= $params['where'].' ';
980	}
981
982	if (!empty($params['sql'])) {
983	$strReq .= $params['sql'].' ';
984	}
985
986	if (!$count_only)
987	{
988	if (!empty($params['order'])) {
989	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
990	} else {
991	$strReq .= 'ORDER BY post_dt DESC ';
992	}
993	}
994
995	if (!$count_only && !empty($params['limit'])) {
996	$strReq .= $this->con->limit($params['limit']);
997	}
998
999	if (!empty($params['sql_only'])) {
1000	return $strReq;
1001	}
1002
1003	$rs = $this->con->select($strReq);
1004	$rs->core = $this->core;
1005	$rs->_nb_media = array();
1006	$rs->extend('rsExtPost');
1007
1008	# --BEHAVIOR-- coreBlogGetPosts
1009	$this->core->callBehavior('coreBlogGetPosts',$rs);
1010
1011	# --BEHAVIOR-- coreBlogAfterGetPosts
1012	$alt = new arrayObject(array('rs' => null,'params' => $params,'count_only' => $count_only));
1013	$this->core->callBehavior('coreBlogAfterGetPosts',$rs,$alt);
1014	if ($alt['rs'] instanceof record) {
1015	$rs = $alt['rs'];
1016	}
1017
1018	return $rs;
1019	}
1020
1021	/**
1022	Returns a record with post id, title and date for next or previous post
1023	according to the post ID.
1024	$dir could be 1 (next post) or -1 (previous post).
1025
1026	@param post_id <b>integer</b> Post ID
1027	@param dir <b>integer</b> Search direction
1028	@param restrict_to_category <b>boolean</b> Restrict to post with same category
1029	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
1030	@return record
1031	*/
1032	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
1033	{
1034	$dt = $post->post_dt;
1035	$post_id = (integer) $post->post_id;
1036
1037	if($dir > 0) {
1038	$sign = '>';
1039	$order = 'ASC';
1040	}
1041	else {
1042	$sign = '<';
1043	$order = 'DESC';
1044	}
1045
1046	$params['post_type'] = $post->post_type;
1047	$params['limit'] = 1;
1048	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
1049	$params['sql'] =
1050	'AND ( '.
1051	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
1052	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
1053	') ';
1054
1055	if ($restrict_to_category) {
1056	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
1057	}
1058
1059	if ($restrict_to_lang) {
1060	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
1061	}
1062
1063	$rs = $this->getPosts($params);
1064
1065	if ($rs->isEmpty()) {
1066	return null;
1067	}
1068
1069	return $rs;
1070	}
1071
1072	/**
1073	Retrieves different languages and post count on blog, based on post_lang
1074	field. <var>$params</var> is an array taking the following optionnal
1075	parameters:
1076
1077	- post_type: Get only entries with given type (default "post", '' for no type)
1078	- lang: retrieve post count for selected lang
1079	- order: order statement (default post_lang DESC)
1080
1081	@param params <b>array</b> Parameters
1082	@return record
1083	*/
1084	public function getLangs($params=array())
1085	{
1086	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
1087	'FROM '.$this->prefix.'post '.
1088	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1089	"AND post_lang <> '' ".
1090	"AND post_lang IS NOT NULL ";
1091
1092	if (!$this->core->auth->check('contentadmin',$this->id)) {
1093	$strReq .= 'AND ((post_status = 1 ';
1094
1095	if ($this->without_password) {
1096	$strReq .= 'AND post_password IS NULL ';
1097	}
1098	$strReq .= ') ';
1099
1100	if ($this->core->auth->userID()) {
1101	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
1102	} else {
1103	$strReq .= ') ';
1104	}
1105	}
1106
1107	if (isset($params['post_type'])) {
1108	if ($params['post_type'] != '') {
1109	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1110	}
1111	} else {
1112	$strReq .= "AND post_type = 'post' ";
1113	}
1114
1115	if (isset($params['lang'])) {
1116	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
1117	}
1118
1119	$strReq .= 'GROUP BY post_lang ';
1120
1121	$order = 'desc';
1122	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1123	$order = $params['order'];
1124	}
1125	$strReq .= 'ORDER BY post_lang '.$order.' ';
1126
1127	return $this->con->select($strReq);
1128	}
1129
1130	/**
1131	Returns a record with all distinct blog dates and post count.
1132	<var>$params</var> is an array taking the following optionnal parameters:
1133
1134	- type: (day\|month\|year) Get days, months or years
1135	- year: (integer) Get dates for given year
1136	- month: (integer) Get dates for given month
1137	- day: (integer) Get dates for given day
1138	- cat_id: (integer) Category ID filter
1139	- cat_url: Category URL filter
1140	- post_lang: lang of the posts
1141	- next: Get date following match
1142	- previous: Get date before match
1143	- order: Sort by date "ASC" or "DESC"
1144
1145	@param params <b>array</b> Parameters array
1146	@return record
1147	*/
1148	public function getDates($params=array())
1149	{
1150	$dt_f = '%Y-%m-%d';
1151	$dt_fc = '%Y%m%d';
1152	if (isset($params['type'])) {
1153	if ($params['type'] == 'year') {
1154	$dt_f = '%Y-01-01';
1155	$dt_fc = '%Y0101';
1156	} elseif ($params['type'] == 'month') {
1157	$dt_f = '%Y-%m-01';
1158	$dt_fc = '%Y%m01';
1159	}
1160	}
1161	$dt_f .= ' 00:00:00';
1162	$dt_fc .= '000000';
1163
1164	$cat_field = $catReq = $limit = '';
1165
1166	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1167	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1168	$cat_field = ', C.cat_url ';
1169	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1170	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1171	$cat_field = ', C.cat_url ';
1172	}
1173	if (!empty($params['post_lang'])) {
1174	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1175	}
1176
1177	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1178	$cat_field.
1179	',COUNT(P.post_id) AS nb_post '.
1180	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1181	'ON P.cat_id = C.cat_id '.
1182	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1183	$catReq;
1184
1185	if (!$this->core->auth->check('contentadmin',$this->id)) {
1186	$strReq .= 'AND ((post_status = 1 ';
1187
1188	if ($this->without_password) {
1189	$strReq .= 'AND post_password IS NULL ';
1190	}
1191	$strReq .= ') ';
1192
1193	if ($this->core->auth->userID()) {
1194	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1195	} else {
1196	$strReq .= ') ';
1197	}
1198	}
1199
1200	if (!empty($params['post_type'])) {
1201	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1202	} else {
1203	$strReq .= "AND post_type = 'post' ";
1204	}
1205
1206	if (!empty($params['year'])) {
1207	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1208	}
1209
1210	if (!empty($params['month'])) {
1211	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1212	}
1213
1214	if (!empty($params['day'])) {
1215	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1216	}
1217
1218	# Get next or previous date
1219	if (!empty($params['next']) \|\| !empty($params['previous']))
1220	{
1221	if (!empty($params['next'])) {
1222	$pdir = ' > ';
1223	$params['order'] = 'asc';
1224	$dt = $params['next'];
1225	} else {
1226	$pdir = ' < ';
1227	$params['order'] = 'desc';
1228	$dt = $params['previous'];
1229	}
1230
1231	$dt = date('YmdHis',strtotime($dt));
1232
1233	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1234	$limit = $this->con->limit(1);
1235	}
1236
1237	$strReq .= 'GROUP BY dt '.$cat_field;
1238
1239	$order = 'desc';
1240	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1241	$order = $params['order'];
1242	}
1243
1244	$strReq .=
1245	'ORDER BY dt '.$order.' '.
1246	$limit;
1247
1248	$rs = $this->con->select($strReq);
1249	$rs->extend('rsExtDates');
1250	return $rs;
1251	}
1252
1253	/**
1254	Creates a new entry. Takes a cursor as input and returns the new entry
1255	ID.
1256
1257	@param cur <b>cursor</b> Post cursor
1258	@return <b>integer</b> New post ID
1259	*/
1260	public function addPost($cur)
1261	{
1262	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1263	throw new Exception(__('You are not allowed to create an entry'));
1264	}
1265
1266	$this->con->writeLock($this->prefix.'post');
1267	try
1268	{
1269	# Get ID
1270	$rs = $this->con->select(
1271	'SELECT MAX(post_id) '.
1272	'FROM '.$this->prefix.'post '
1273	);
1274
1275	$cur->post_id = (integer) $rs->f(0) + 1;
1276	$cur->blog_id = (string) $this->id;
1277	$cur->post_creadt = date('Y-m-d H:i:s');
1278	$cur->post_upddt = date('Y-m-d H:i:s');
1279	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1280
1281	# Post excerpt and content
1282	$this->getPostContent($cur,$cur->post_id);
1283
1284	$this->getPostCursor($cur);
1285
1286	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1287
1288	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1289	$cur->post_status = -2;
1290	}
1291
1292	# --BEHAVIOR-- coreBeforePostCreate
1293	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1294
1295	$cur->insert();
1296	$this->con->unlock();
1297	}
1298	catch (Exception $e)
1299	{
1300	$this->con->unlock();
1301	throw $e;
1302	}
1303
1304	# --BEHAVIOR-- coreAfterPostCreate
1305	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1306
1307	$this->triggerBlog();
1308
1309	return $cur->post_id;
1310	}
1311
1312	/**
1313	Updates an existing post.
1314
1315	@param id <b>integer</b> Post ID
1316	@param cur <b>cursor</b> Post cursor
1317	*/
1318	public function updPost($id,$cur)
1319	{
1320	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1321	throw new Exception(__('You are not allowed to update entries'));
1322	}
1323
1324	$id = (integer) $id;
1325
1326	if (empty($id)) {
1327	throw new Exception(__('No such entry ID'));
1328	}
1329
1330	# Post excerpt and content
1331	$this->getPostContent($cur,$id);
1332
1333	$this->getPostCursor($cur);
1334
1335	if ($cur->post_url !== null) {
1336	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1337	}
1338
1339	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1340	$cur->unsetField('post_status');
1341	}
1342
1343	$cur->post_upddt = date('Y-m-d H:i:s');
1344
1345	#If user is only "usage", we need to check the post's owner
1346	if (!$this->core->auth->check('contentadmin',$this->id))
1347	{
1348	$strReq = 'SELECT post_id '.
1349	'FROM '.$this->prefix.'post '.
1350	'WHERE post_id = '.$id.' '.
1351	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1352
1353	$rs = $this->con->select($strReq);
1354
1355	if ($rs->isEmpty()) {
1356	throw new Exception(__('You are not allowed to edit this entry'));
1357	}
1358	}
1359
1360	# --BEHAVIOR-- coreBeforePostUpdate
1361	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1362
1363	$cur->update('WHERE post_id = '.$id.' ');
1364
1365	# --BEHAVIOR-- coreAfterPostUpdate
1366	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1367
1368	$this->triggerBlog();
1369	}
1370
1371	/**
1372	Updates post status.
1373
1374	@param id <b>integer</b> Post ID
1375	@param status <b>integer</b> Post status
1376	*/
1377	public function updPostStatus($id,$status)
1378	{
1379	$this->updPostsStatus($id,$status);
1380	}
1381
1382	/**
1383	Updates posts status.
1384
1385	@param ids <b>mixed</b> Post(s) ID(s)
1386	@param status <b>integer</b> Post status
1387	*/
1388	public function updPostsStatus($ids,$status)
1389	{
1390	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1391	throw new Exception(__('You are not allowed to change this entry status'));
1392	}
1393
1394	$posts_ids = dcUtils::cleanIds($ids);
1395	$status = (integer) $status;
1396
1397	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1398	"AND post_id ".$this->con->in($posts_ids);
1399
1400	#If user can only publish, we need to check the post's owner
1401	if (!$this->core->auth->check('contentadmin',$this->id))
1402	{
1403	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1404	}
1405
1406	$cur = $this->con->openCursor($this->prefix.'post');
1407
1408	$cur->post_status = $status;
1409	$cur->post_upddt = date('Y-m-d H:i:s');
1410
1411	$cur->update($strReq);
1412	$this->triggerBlog();
1413	}
1414
1415	/**
1416	Updates post selection.
1417
1418	@param id <b>integer</b> Post ID
1419	@param selected <b>integer</b> Is selected post
1420	*/
1421	public function updPostSelected($id,$selected)
1422	{
1423	$this->updPostsSelected($id,$selected);
1424	}
1425
1426	/**
1427	Updates posts selection.
1428
1429	@param ids <b>mixed</b> Post(s) ID(s)
1430	@param selected <b>integer</b> Is selected post(s)
1431	*/
1432	public function updPostsSelected($ids,$selected)
1433	{
1434	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1435	throw new Exception(__('You are not allowed to change this entry category'));
1436	}
1437
1438	$posts_ids = dcUtils::cleanIds($ids);
1439	$selected = (boolean) $selected;
1440
1441	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1442	"AND post_id ".$this->con->in($posts_ids);
1443
1444	# If user is only usage, we need to check the post's owner
1445	if (!$this->core->auth->check('contentadmin',$this->id))
1446	{
1447	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1448	}
1449
1450	$cur = $this->con->openCursor($this->prefix.'post');
1451
1452	$cur->post_selected = (integer) $selected;
1453	$cur->post_upddt = date('Y-m-d H:i:s');
1454
1455	$cur->update($strReq);
1456	$this->triggerBlog();
1457	}
1458
1459	/**
1460	Updates post category. <var>$cat_id</var> can be null.
1461
1462	@param id <b>integer</b> Post ID
1463	@param cat_id <b>integer</b> Category ID
1464	*/
1465	public function updPostCategory($id,$cat_id)
1466	{
1467	$this->updPostsCategory($id,$cat_id);
1468	}
1469
1470	/**
1471	Updates posts category. <var>$cat_id</var> can be null.
1472
1473	@param ids <b>mixed</b> Post(s) ID(s)
1474	@param cat_id <b>integer</b> Category ID
1475	*/
1476	public function updPostsCategory($ids,$cat_id)
1477	{
1478	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1479	throw new Exception(__('You are not allowed to change this entry category'));
1480	}
1481
1482	$posts_ids = dcUtils::cleanIds($ids);
1483	$cat_id = (integer) $cat_id;
1484
1485	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1486	"AND post_id ".$this->con->in($posts_ids);
1487
1488	# If user is only usage, we need to check the post's owner
1489	if (!$this->core->auth->check('contentadmin',$this->id))
1490	{
1491	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1492	}
1493
1494	$cur = $this->con->openCursor($this->prefix.'post');
1495
1496	$cur->cat_id = ($cat_id ? $cat_id : null);
1497	$cur->post_upddt = date('Y-m-d H:i:s');
1498
1499	$cur->update($strReq);
1500	$this->triggerBlog();
1501	}
1502
1503	/**
1504	Updates posts category. <var>$new_cat_id</var> can be null.
1505
1506	@param old_cat_id <b>integer</b> Old category ID
1507	@param new_cat_id <b>integer</b> New category ID
1508	*/
1509	public function changePostsCategory($old_cat_id,$new_cat_id)
1510	{
1511	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1512	throw new Exception(__('You are not allowed to change entries category'));
1513	}
1514
1515	$old_cat_id = (integer) $old_cat_id;
1516	$new_cat_id = (integer) $new_cat_id;
1517
1518	$cur = $this->con->openCursor($this->prefix.'post');
1519
1520	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
1521	$cur->post_upddt = date('Y-m-d H:i:s');
1522
1523	$cur->update(
1524	'WHERE cat_id = '.$old_cat_id.' '.
1525	"AND blog_id = '".$this->con->escape($this->id)."' "
1526	);
1527	$this->triggerBlog();
1528	}
1529
1530	/**
1531	Deletes a post.
1532
1533	@param id <b>integer</b> Post ID
1534	*/
1535	public function delPost($id)
1536	{
1537	$this->delPosts($id);
1538	}
1539
1540	/**
1541	Deletes multiple posts.
1542
1543	@param ids <b>mixed</b> Post(s) ID(s)
1544	*/
1545	public function delPosts($ids)
1546	{
1547	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1548	throw new Exception(__('You are not allowed to delete entries'));
1549	}
1550
1551	$posts_ids = dcUtils::cleanIds($ids);
1552
1553	if (empty($posts_ids)) {
1554	throw new Exception(__('No such entry ID'));
1555	}
1556
1557	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1558	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1559	"AND post_id ".$this->con->in($posts_ids);
1560
1561	#If user can only delete, we need to check the post's owner
1562	if (!$this->core->auth->check('contentadmin',$this->id))
1563	{
1564	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1565	}
1566
1567	$this->con->execute($strReq);
1568	$this->triggerBlog();
1569	}
1570
1571	/**
1572	Publishes all entries flaged as "scheduled".
1573	*/
1574	public function publishScheduledEntries()
1575	{
1576	$strReq = 'SELECT post_id, post_dt, post_tz '.
1577	'FROM '.$this->prefix.'post '.
1578	'WHERE post_status = -1 '.
1579	"AND blog_id = '".$this->con->escape($this->id)."' ";
1580
1581	$rs = $this->con->select($strReq);
1582
1583	$now = dt::toUTC(time());
1584	$to_change = new ArrayObject();
1585
1586	if ($rs->isEmpty()) {
1587	return;
1588	}
1589
1590	while ($rs->fetch())
1591	{
1592	# Now timestamp with post timezone
1593	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1594
1595	# Post timestamp
1596	$post_ts = strtotime($rs->post_dt);
1597
1598	# If now_tz >= post_ts, we publish the entry
1599	if ($now_tz >= $post_ts) {
1600	$to_change[] = (integer) $rs->post_id;
1601	}
1602	}
1603	if (count($to_change))
1604	{
1605	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1606	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1607
1608	$strReq =
1609	'UPDATE '.$this->prefix.'post SET '.
1610	'post_status = 1 '.
1611	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1612	'AND post_id '.$this->con->in((array)$to_change).' ';
1613	$this->con->execute($strReq);
1614	$this->triggerBlog();
1615
1616	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1617	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1618	}
1619
1620	}
1621
1622	/**
1623	Retrieves all users having posts on current blog.
1624
1625	@param post_type <b>string</b> post_type filter (post)
1626	@return record
1627	*/
1628	public function getPostsUsers($post_type='post')
1629	{
1630	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1631	'user_displayname, user_email '.
1632	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1633	'WHERE P.user_id = U.user_id '.
1634	"AND blog_id = '".$this->con->escape($this->id)."' ";
1635
1636	if ($post_type) {
1637	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1638	}
1639
1640	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1641
1642	return $this->con->select($strReq);
1643	}
1644
1645	private function getPostsCategoryFilter($arr,$field='cat_id')
1646	{
1647	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1648
1649	$sub = array();
1650	$not = array();
1651	$queries = array();
1652
1653	foreach ($arr as $v)
1654	{
1655	$v = trim($v);
1656	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1657	$id = array_shift($args);
1658	$args = array_flip($args);
1659
1660	if (isset($args['not'])) { $not[$id] = 1; }
1661	if (isset($args['sub'])) { $sub[$id] = 1; }
1662	if ($field == 'cat_id') {
1663	if (preg_match('/^null$/i',$id)) {
1664	$queries[$id] = 'P.cat_id IS NULL';
1665	}
1666	else {
1667	$queries[$id] = 'P.cat_id = '.(integer) $id;
1668	}
1669	} else {
1670	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1671	}
1672	}
1673
1674	if (!empty($sub)) {
1675	$rs = $this->con->select(
1676	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1677	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1678	'AND '.$field.' '.$this->con->in(array_keys($sub))
1679	);
1680
1681	while ($rs->fetch()) {
1682	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1683	}
1684	}
1685
1686	# Create queries
1687	$sql = array(
1688	0 => array(), # wanted categories
1689	1 => array() # excluded categories
1690	);
1691
1692	foreach ($queries as $id => $q) {
1693	$sql[(integer) isset($not[$id])][] = $q;
1694	}
1695
1696	$sql[0] = implode(' OR ',$sql[0]);
1697	$sql[1] = implode(' OR ',$sql[1]);
1698
1699	if ($sql[0]) {
1700	$sql[0] = '('.$sql[0].')';
1701	} else {
1702	unset($sql[0]);
1703	}
1704
1705	if ($sql[1]) {
1706	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1707	} else {
1708	unset($sql[1]);
1709	}
1710
1711	return implode(' AND ',$sql);
1712	}
1713
1714	private function getPostCursor($cur,$post_id=null)
1715	{
1716	if ($cur->post_title == '') {
1717	throw new Exception(__('No entry title'));
1718	}
1719
1720	if ($cur->post_content == '') {
1721	throw new Exception(__('No entry content'));
1722	}
1723
1724	if ($cur->post_password === '') {
1725	$cur->post_password = null;
1726	}
1727
1728	if ($cur->post_dt == '') {
1729	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1730	$now = time() + $offset;
1731	$cur->post_dt = date('Y-m-d H:i:00',$now);
1732	}
1733
1734	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1735
1736	if ($cur->post_content_xhtml == '') {
1737	throw new Exception(__('No entry content'));
1738	}
1739
1740	# Words list
1741	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1742	&& $cur->post_content_xhtml !== null)
1743	{
1744	$words =
1745	$cur->post_title.' '.
1746	$cur->post_excerpt_xhtml.' '.
1747	$cur->post_content_xhtml;
1748
1749	$cur->post_words = implode(' ',text::splitWords($words));
1750	}
1751	}
1752
1753	private function getPostContent($cur,$post_id)
1754	{
1755	$post_excerpt = $cur->post_excerpt;
1756	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1757	$post_content = $cur->post_content;
1758	$post_content_xhtml = $cur->post_content_xhtml;
1759
1760	$this->setPostContent(
1761	$post_id,$cur->post_format,$cur->post_lang,
1762	$post_excerpt,$post_excerpt_xhtml,
1763	$post_content,$post_content_xhtml
1764	);
1765
1766	$cur->post_excerpt = $post_excerpt;
1767	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1768	$cur->post_content = $post_content;
1769	$cur->post_content_xhtml = $post_content_xhtml;
1770	}
1771
1772	/**
1773	Creates post HTML content, taking format and lang into account.
1774
1775	@param post_id <b>integer</b> Post ID
1776	@param format <b>string</b> Post format
1777	@param lang <b>string</b> Post lang
1778	@param excerpt <b>string</b> Post excerpt
1779	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1780	@param content <b>string</b> Post content
1781	@param[out] content_xhtml <b>string</b> Post content HTML
1782	*/
1783	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1784	{
1785	if ($format == 'wiki')
1786	{
1787	$this->core->initWikiPost();
1788	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1789	switch ($this->settings->system->note_title_tag) {
1790	case 1:
1791	$tag = 'h3';
1792	break;
1793	case 2:
1794	$tag = 'p';
1795	break;
1796	default:
1797	$tag = 'h4';
1798	break;
1799	}
1800	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1801	__('Notes').'</'.$tag.'>%s</div>');
1802	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1803	__('Note').'</'.$tag.'>%s</div>');
1804	if (strpos($lang,'fr') === 0) {
1805	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1806	}
1807	}
1808
1809	if ($excerpt) {
1810	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1811	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1812	} else {
1813	$excerpt_xhtml = '';
1814	}
1815
1816	if ($content) {
1817	$content_xhtml = $this->core->callFormater($format,$content);
1818	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1819	} else {
1820	$content_xhtml = '';
1821	}
1822
1823	# --BEHAVIOR-- coreAfterPostContentFormat
1824	$this->core->callBehavior('coreAfterPostContentFormat',array(
1825	'excerpt' => &$excerpt,
1826	'content' => &$content,
1827	'excerpt_xhtml' => &$excerpt_xhtml,
1828	'content_xhtml' => &$content_xhtml
1829	));
1830	}
1831
1832	/**
1833	Returns URL for a post according to blog setting <var>post_url_format</var>.
1834	It will try to guess URL and append some figures if needed.
1835
1836	@param url <b>string</b> Origin URL, could be empty
1837	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1838	@param post_title <b>string</b> Post title
1839	@param post_id <b>integer</b> Post ID
1840	@return <b>string</b> result URL
1841	*/
1842	public function getPostURL($url,$post_dt,$post_title,$post_id)
1843	{
1844	$url = trim($url);
1845
1846	$url_patterns = array(
1847	'{y}' => date('Y',strtotime($post_dt)),
1848	'{m}' => date('m',strtotime($post_dt)),
1849	'{d}' => date('d',strtotime($post_dt)),
1850	'{t}' => text::tidyURL($post_title),
1851	'{id}' => (integer) $post_id
1852	);
1853
1854	# If URL is empty, we create a new one
1855	if ($url == '')
1856	{
1857	# Transform with format
1858	$url = str_replace(
1859	array_keys($url_patterns),
1860	array_values($url_patterns),
1861	$this->settings->system->post_url_format
1862	);
1863	}
1864	else
1865	{
1866	$url = text::tidyURL($url);
1867	}
1868
1869	# Let's check if URL is taken...
1870	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1871	"WHERE post_url = '".$this->con->escape($url)."' ".
1872	'AND post_id <> '.(integer) $post_id. ' '.
1873	"AND blog_id = '".$this->con->escape($this->id)."' ".
1874	'ORDER BY post_url DESC';
1875
1876	$rs = $this->con->select($strReq);
1877
1878	if (!$rs->isEmpty())
1879	{
1880	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
1881	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1882	} elseif ($this->con->driver() == 'pgsql') {
1883	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1884	} else {
1885	$clause = "LIKE '".$this->con->escape($url)."%'";
1886	}
1887	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1888	"WHERE post_url ".$clause.' '.
1889	'AND post_id <> '.(integer) $post_id.' '.
1890	"AND blog_id = '".$this->con->escape($this->id)."' ".
1891	'ORDER BY post_url DESC ';
1892
1893	$rs = $this->con->select($strReq);
1894	$a = array();
1895	while ($rs->fetch()) {
1896	$a[] = $rs->post_url;
1897	}
1898
1899	natsort($a);
1900	$t_url = end($a);
1901
1902	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1903	$i = (integer) $m[2];
1904	$url = $m[1];
1905	} else {
1906	$i = 1;
1907	}
1908
1909	return $url.($i+1);
1910	}
1911
1912	# URL is empty?
1913	if ($url == '') {
1914	throw new Exception(__('Empty entry URL'));
1915	}
1916
1917	return $url;
1918	}
1919	//@}
1920
1921	/// @name Comments management methods
1922	//@{
1923	/**
1924	Retrieves comments. <b>$params</b> is an array taking the following
1925	optionnal parameters:
1926
1927	- no_content: Don't retrieve comment content
1928	- post_type: Get only entries with given type (default no type, array for many types)
1929	- post_id: (integer) Get comments belonging to given post_id
1930	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1931	- comment_id: (integer or array) Get comment with given ID (or IDs)
1932	- comment_site: (string) Get comments with given comment_site
1933	- comment_status: (integer) Get comments with given comment_status
1934	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1935	- comment_ip: (string) Get comments with given IP address
1936	- post_url: Get entry with given post_url field
1937	- user_id: (integer) Get entries belonging to given user ID
1938	- q_author: Search comments by author
1939	- sql: Append SQL string at the end of the query
1940	- from: Append SQL string after "FROM" statement in query
1941	- order: Order of results (default "ORDER BY comment_dt DES")
1942	- limit: Limit parameter
1943	- sql_only : return the sql request instead of results. Only ids are selected
1944
1945	@param params <b>array</b> Parameters
1946	@param count_only <b>boolean</b> Only counts results
1947	@return <b>record</b> A record with some more capabilities
1948	*/
1949	public function getComments($params=array(),$count_only=false)
1950	{
1951	if ($count_only)
1952	{
1953	$strReq = 'SELECT count(comment_id) ';
1954	}
1955	elseif (!empty($params['sql_only']))
1956	{
1957	$strReq = 'SELECT P.post_id ';
1958	}
1959	else
1960	{
1961	if (!empty($params['no_content'])) {
1962	$content_req = '';
1963	} else {
1964	$content_req = 'comment_content, ';
1965	}
1966
1967	if (!empty($params['columns']) && is_array($params['columns'])) {
1968	$content_req .= implode(', ',$params['columns']).', ';
1969	}
1970
1971	$strReq =
1972	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1973	'comment_author, comment_email, comment_site, '.
1974	$content_req.' comment_trackback, comment_status, '.
1975	'comment_spam_status, comment_spam_filter, comment_ip, '.
1976	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1977	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1978	}
1979
1980	$strReq .=
1981	'FROM '.$this->prefix.'comment C '.
1982	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1983	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1984
1985	if (!empty($params['from'])) {
1986	$strReq .= $params['from'].' ';
1987	}
1988
1989	$strReq .=
1990	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1991
1992	if (!$this->core->auth->check('contentadmin',$this->id)) {
1993	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1994
1995	if ($this->without_password) {
1996	$strReq .= 'AND post_password IS NULL ';
1997	}
1998	$strReq .= ') ';
1999
2000	if ($this->core->auth->userID()) {
2001	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
2002	} else {
2003	$strReq .= ') ';
2004	}
2005	}
2006
2007	if (!empty($params['post_type']))
2008	{
2009	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
2010	}
2011
2012	if (isset($params['post_id']) && $params['post_id'] !== '') {
2013	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
2014	}
2015
2016	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
2017	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
2018	}
2019
2020	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
2021	if (is_array($params['comment_id'])) {
2022	array_walk($params['comment_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
2023	} else {
2024	$params['comment_id'] = array((integer) $params['comment_id']);
2025	}
2026	$strReq .= 'AND comment_id '.$this->con->in($params['comment_id']);
2027	}
2028
2029	if (isset($params['comment_site'])) {
2030	$comment_site = $this->con->escape(str_replace('*','%',$params['comment_site']));
2031	$strReq .= "AND comment_site LIKE '".$comment_site."' ";
2032	}
2033
2034	if (isset($params['comment_status'])) {
2035	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
2036	}
2037
2038	if (!empty($params['comment_status_not']))
2039	{
2040	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
2041	}
2042
2043	if (isset($params['comment_trackback'])) {
2044	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
2045	}
2046
2047	if (isset($params['comment_ip'])) {
2048	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
2049	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
2050	}
2051
2052	if (isset($params['q_author'])) {
2053	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
2054	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
2055	}
2056
2057	if (!empty($params['search']))
2058	{
2059	$words = text::splitWords($params['search']);
2060
2061	if (!empty($words))
2062	{
2063	# --BEHAVIOR coreCommentSearch
2064	if ($this->core->hasBehavior('coreCommentSearch')) {
2065	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
2066	}
2067
2068	if ($words)
2069	{
2070	foreach ($words as $i => $w) {
2071	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
2072	}
2073	$strReq .= 'AND '.implode(' AND ',$words).' ';
2074	}
2075	}
2076	}
2077
2078	if (!empty($params['sql'])) {
2079	$strReq .= $params['sql'].' ';
2080	}
2081
2082	if (!$count_only)
2083	{
2084	if (!empty($params['order'])) {
2085	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
2086	} else {
2087	$strReq .= 'ORDER BY comment_dt DESC ';
2088	}
2089	}
2090
2091	if (!$count_only && !empty($params['limit'])) {
2092	$strReq .= $this->con->limit($params['limit']);
2093	}
2094
2095	if (!empty($params['sql_only'])) {
2096	return $strReq;
2097	}
2098
2099	$rs = $this->con->select($strReq);
2100	$rs->core = $this->core;
2101	$rs->extend('rsExtComment');
2102
2103	# --BEHAVIOR-- coreBlogGetComments
2104	$this->core->callBehavior('coreBlogGetComments',$rs);
2105
2106	return $rs;
2107	}
2108
2109	/**
2110	Creates a new comment. Takes a cursor as input and returns the new comment
2111	ID.
2112
2113	@param cur <b>cursor</b> Comment cursor
2114	@return <b>integer</b> New comment ID
2115	*/
2116	public function addComment($cur)
2117	{
2118	$this->con->writeLock($this->prefix.'comment');
2119	try
2120	{
2121	# Get ID
2122	$rs = $this->con->select(
2123	'SELECT MAX(comment_id) '.
2124	'FROM '.$this->prefix.'comment '
2125	);
2126
2127	$cur->comment_id = (integer) $rs->f(0) + 1;
2128	$cur->comment_upddt = date('Y-m-d H:i:s');
2129
2130	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
2131	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
2132	$cur->comment_tz = $this->settings->system->blog_timezone;
2133
2134	$this->getCommentCursor($cur);
2135
2136	if ($cur->comment_ip === null) {
2137	$cur->comment_ip = http::realIP();
2138	}
2139
2140	# --BEHAVIOR-- coreBeforeCommentCreate
2141	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
2142
2143	$cur->insert();
2144	$this->con->unlock();
2145	}
2146	catch (Exception $e)
2147	{
2148	$this->con->unlock();
2149	throw $e;
2150	}
2151
2152	# --BEHAVIOR-- coreAfterCommentCreate
2153	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
2154
2155	$this->triggerComment($cur->comment_id);
2156	if ($cur->comment_status != -2) {
2157	$this->triggerBlog();
2158	}
2159	return $cur->comment_id;
2160	}
2161
2162	/**
2163	Updates an existing comment.
2164
2165	@param id <b>integer</b> Comment ID
2166	@param cur <b>cursor</b> Comment cursor
2167	*/
2168	public function updComment($id,$cur)
2169	{
2170	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
2171	throw new Exception(__('You are not allowed to update comments'));
2172	}
2173
2174	$id = (integer) $id;
2175
2176	if (empty($id)) {
2177	throw new Exception(__('No such comment ID'));
2178	}
2179
2180	$rs = $this->getComments(array('comment_id' => $id));
2181
2182	if ($rs->isEmpty()) {
2183	throw new Exception(__('No such comment ID'));
2184	}
2185
2186	#If user is only usage, we need to check the post's owner
2187	if (!$this->core->auth->check('contentadmin',$this->id))
2188	{
2189	if ($rs->user_id != $this->core->auth->userID()) {
2190	throw new Exception(__('You are not allowed to update this comment'));
2191	}
2192	}
2193
2194	$this->getCommentCursor($cur);
2195
2196	$cur->comment_upddt = date('Y-m-d H:i:s');
2197
2198	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2199	$cur->unsetField('comment_status');
2200	}
2201
2202	# --BEHAVIOR-- coreBeforeCommentUpdate
2203	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2204
2205	$cur->update('WHERE comment_id = '.$id.' ');
2206
2207	# --BEHAVIOR-- coreAfterCommentUpdate
2208	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2209
2210	$this->triggerComment($id);
2211	$this->triggerBlog();
2212	}
2213
2214	/**
2215	Updates comment status.
2216
2217	@param id <b>integer</b> Comment ID
2218	@param status <b>integer</b> Comment status
2219	*/
2220	public function updCommentStatus($id,$status)
2221	{
2222	$this->updCommentsStatus($id,$status);
2223	}
2224
2225	/**
2226	Updates comments status.
2227
2228	@param ids <b>mixed</b> Comment(s) ID(s)
2229	@param status <b>integer</b> Comment status
2230	*/
2231	public function updCommentsStatus($ids,$status)
2232	{
2233	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2234	throw new Exception(__("You are not allowed to change this comment's status"));
2235	}
2236
2237	$co_ids = dcUtils::cleanIds($ids);
2238	$status = (integer) $status;
2239
2240	$strReq =
2241	'UPDATE '.$this->prefix.'comment '.
2242	'SET comment_status = '.$status.' ';
2243	$strReq .=
2244	'WHERE comment_id'.$this->con->in($co_ids).
2245	'AND post_id in (SELECT tp.post_id '.
2246	'FROM '.$this->prefix.'post tp '.
2247	"WHERE tp.blog_id = '".$this->con->escape($this->id)."' ";
2248	if (!$this->core->auth->check('contentadmin',$this->id))
2249	{
2250	$strReq .=
2251	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2252	}
2253	$strReq .= ')';
2254	$this->con->execute($strReq);
2255	$this->triggerComments($co_ids);
2256	$this->triggerBlog();
2257	}
2258
2259	/**
2260	Delete a comment
2261
2262	@param id <b>integer</b> Comment ID
2263	*/
2264	public function delComment($id)
2265	{
2266	$this->delComments($id);
2267	}
2268
2269	/**
2270	Delete comments
2271
2272	@param ids <b>mixed</b> Comment(s) ID(s)
2273	*/
2274	public function delComments($ids)
2275	{
2276	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2277	throw new Exception(__('You are not allowed to delete comments'));
2278	}
2279
2280	$co_ids = dcUtils::cleanIds($ids);
2281
2282	if (empty($co_ids)) {
2283	throw new Exception(__('No such comment ID'));
2284	}
2285
2286	# Retrieve posts affected by comments edition
2287	$affected_posts = array();
2288	$strReq =
2289	'SELECT post_id '.
2290	'FROM '.$this->prefix.'comment '.
2291	'WHERE comment_id'.$this->con->in($co_ids).
2292	'GROUP BY post_id';
2293
2294	$rs = $this->con->select($strReq);
2295
2296	while ($rs->fetch()) {
2297	$affected_posts[] = (integer) $rs->post_id;
2298	}
2299
2300	$strReq =
2301	'DELETE FROM '.$this->prefix.'comment '.
2302	'WHERE comment_id'.$this->con->in($co_ids).' '.
2303	'AND post_id in (SELECT tp.post_id '.
2304	'FROM '.$this->prefix.'post tp '.
2305	"WHERE tp.blog_id = '".$this->con->escape($this->id)."' ";
2306	#If user can only delete, we need to check the post's owner
2307	if (!$this->core->auth->check('contentadmin',$this->id))
2308	{
2309	$strReq .=
2310	"AND tp.user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2311	}
2312	$strReq .= ")";
2313	$this->con->execute($strReq);
2314	$this->triggerComments($co_ids, true, $affected_posts);
2315	$this->triggerBlog();
2316	}
2317
2318	public function delJunkComments()
2319	{
2320	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2321	throw new Exception(__('You are not allowed to delete comments'));
2322	}
2323
2324	$strReq =
2325	'DELETE FROM '.$this->prefix.'comment '.
2326	'WHERE comment_status = -2 '.
2327	'AND post_id in (SELECT tp.post_id '.
2328	'FROM '.$this->prefix.'post tp '.
2329	"WHERE tp.blog_id = '".$this->con->escape($this->id)."' ";
2330	#If user can only delete, we need to check the post's owner
2331	if (!$this->core->auth->check('contentadmin',$this->id))
2332	{
2333	$strReq .=
2334	"AND tp.user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2335	}
2336	$strReq .= ")";
2337	$this->con->execute($strReq);
2338	$this->triggerBlog();
2339	}
2340
2341	private function getCommentCursor($cur)
2342	{
2343	if ($cur->comment_content !== null && $cur->comment_content == '') {
2344	throw new Exception(__('You must provide a comment'));
2345	}
2346
2347	if ($cur->comment_author !== null && $cur->comment_author == '') {
2348	throw new Exception(__('You must provide an author name'));
2349	}
2350
2351	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2352	throw new Exception(__('Email address is not valid.'));
2353	}
2354
2355	if ($cur->comment_site !== null && $cur->comment_site != '') {
2356	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
2357	$cur->comment_site = 'http://'.$cur->comment_site;
2358	}else{
2359	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
2360	}
2361	}
2362
2363	if ($cur->comment_status === null) {
2364	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2365	}
2366
2367	# Words list
2368	if ($cur->comment_content !== null)
2369	{
2370	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2371	}
2372	}
2373	//@}
2374	}

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 3134:95c191363892

Download in other formats:

Sites map