class.dc.blog.php @ 506:f97697c66830

Visit:

Revision 506:f97697c66830, 55.0 KB checked in by Dsls <dsls@…>, 14 years ago (diff)
Comment.php form filters setup. Renamed dcFilter::setValues to setFormValues, setValues is now the setter for $values[] Added textFilter.

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2010 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	protected $core; ///< <b>dcCore</b> dcCore instance
24	public $con; ///< <b>connection</b> Database connection object
25	public $prefix; ///< <b>string</b> Database table prefix
26
27	public $id; ///< <b>string</b> Blog ID
28	public $uid; ///< <b>string</b> Blog unique ID
29	public $name; ///< <b>string</b> Blog name
30	public $desc; ///< <b>string</b> Blog description
31	public $url; ///< <b>string</b> Blog URL
32	public $host; ///< <b>string</b> Blog host
33	public $creadt; ///< <b>string</b> Blog creation date
34	public $upddt; ///< <b>string</b> Blog last update date
35	public $status; ///< <b>string</b> Blog status
36
37	public $settings; ///< <b>dcSettings</b> dcSettings object
38	public $themes_path; ///< <b>string</b> Blog theme path
39	public $public_path; ///< <b>string</b> Blog public path
40
41	private $post_status = array();
42	private $comment_status = array();
43
44	private $categories;
45
46	public $without_password = true; ///< <b>boolean</b> Disallow entries password protection
47
48	/**
49	Inits dcBlog object
50
51	@param core <b>dcCore</b> Dotclear core reference
52	@param id <b>string</b> Blog ID
53	*/
54	public function __construct($core, $id)
55	{
56	$this->con =& $core->con;
57	$this->prefix = $core->prefix;
58	$this->core =& $core;
59
60	if (($b = $this->core->getBlog($id)) !== false)
61	{
62	$this->id = $id;
63	$this->uid = $b->blog_uid;
64	$this->name = $b->blog_name;
65	$this->desc = $b->blog_desc;
66	$this->url = $b->blog_url;
67	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
68	$this->creadt = strtotime($b->blog_creadt);
69	$this->upddt = strtotime($b->blog_upddt);
70	$this->status = $b->blog_status;
71
72	$this->settings = new dcSettings($this->core,$this->id);
73
74	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
75	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
76
77	$this->post_status['-2'] = __('pending');
78	$this->post_status['-1'] = __('scheduled');
79	$this->post_status['0'] = __('unpublished');
80	$this->post_status['1'] = __('published');
81
82	$this->comment_status['-2'] = __('junk');
83	$this->comment_status['-1'] = __('pending');
84	$this->comment_status['0'] = __('unpublished');
85	$this->comment_status['1'] = __('published');
86
87	# --BEHAVIOR-- coreBlogConstruct
88	$this->core->callBehavior('coreBlogConstruct',$this);
89	}
90	}
91
92	/**
93	Returns sql statement for a given parameter.
94	Computes in() or not_in lists in parameter
95
96	@param params <b>array</b> query parameters
97	@param param_name <b>array</b> parameter to check
98	@param sql column <b>array</b> sql column matching parameter name
99
100	@return <b>string</b> the generated SQL statement
101	*/
102	protected function getInParamStr($params, $param_name, $sql_column) {
103	$not='';
104	if (isset($params[$param_name.'_not'])) {
105	$not = "NOT ";
106	}
107	return $sql_column.' '.$not.$this->con->in($params[$param_name]).' ';
108	}
109
110	/// @name Common public methods
111	//@{
112	/**
113	Returns blog URL ending with a question mark.
114	*/
115	public function getQmarkURL()
116	{
117	if (substr($this->url,-1) != '?') {
118	return $this->url.'?';
119	}
120
121	return $this->url;
122	}
123
124	/**
125	Returns an entry status name given to a code. Status are translated, never
126	use it for tests. If status code does not exist, returns <i>unpublished</i>.
127
128	@param s <b>integer</b> Status code
129	@return <b>string</b> Blog status name
130	*/
131	public function getPostStatus($s)
132	{
133	if (isset($this->post_status[$s])) {
134	return $this->post_status[$s];
135	}
136	return $this->post_status['0'];
137	}
138
139	/**
140	Returns an array of available entry status codes and names.
141
142	@return <b>array</b> Simple array with codes in keys and names in value
143	*/
144	public function getAllPostStatus()
145	{
146	return $this->post_status;
147	}
148
149	/**
150	Returns an array of available comment status codes and names.
151
152	@return <b>array</b> Simple array with codes in keys and names in value
153	*/
154	public function getAllCommentStatus()
155	{
156	return $this->comment_status;
157	}
158
159	/**
160	Disallows entries password protection. You need to set it to
161	<var>false</var> while serving a public blog.
162
163	@param v <b>boolean</b>
164	*/
165	public function withoutPassword($v)
166	{
167	$this->without_password = (boolean) $v;
168	}
169	//@}
170
171	/// @name Triggers methods
172	//@{
173	/**
174	Updates blog last update date. Should be called every time you change
175	an element related to the blog.
176	*/
177	public function triggerBlog()
178	{
179	$cur = $this->con->openCursor($this->prefix.'blog');
180
181	$cur->blog_upddt = date('Y-m-d H:i:s');
182
183	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
184
185	# --BEHAVIOR-- coreBlogAfterTriggerBlog
186	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
187	}
188
189	/**
190	Updates comment and trackback counters in post table. Should be called
191	every time a comment or trackback is added, removed or changed its status.
192
193	@param id <b>integer</b> Comment ID
194	@param del <b>boolean</b> If comment is delete, set this to true
195	*/
196	public function triggerComment($id,$del=false)
197	{
198	$id = (integer) $id;
199
200	$strReq = 'SELECT post_id, comment_trackback '.
201	'FROM '.$this->prefix.'comment '.
202	'WHERE comment_id = '.$id.' ';
203
204	$rs = $this->con->select($strReq);
205
206	$post_id = $rs->post_id;
207	$tb = (boolean) $rs->comment_trackback;
208
209	$strReq = 'SELECT COUNT(post_id) '.
210	'FROM '.$this->prefix.'comment '.
211	'WHERE post_id = '.(integer) $post_id.' '.
212	'AND comment_trackback = '.(integer) $tb.' '.
213	'AND comment_status = 1 ';
214
215	if ($del) {
216	$strReq .= 'AND comment_id <> '.$id.' ';
217	}
218
219	$rs = $this->con->select($strReq);
220
221	$cur = $this->con->openCursor($this->prefix.'post');
222
223	if ($rs->isEmpty()) {
224	return;
225	}
226
227	if ($tb) {
228	$cur->nb_trackback = (integer) $rs->f(0);
229	} else {
230	$cur->nb_comment = (integer) $rs->f(0);
231	}
232
233	$cur->update('WHERE post_id = '.(integer) $post_id);
234	}
235	//@}
236
237	/// @name Categories management methods
238	//@{
239	public function categories()
240	{
241	if (!($this->categories instanceof dcCategories)) {
242	$this->categories = new dcCategories($this->core);
243	}
244
245	return $this->categories;
246	}
247
248	/**
249	Retrieves categories. <var>$params</var> is an associative array which can
250	take the following parameters:
251
252	- post_type: Get only entries with given type (default "post")
253	- cat_url: filter on cat_url field
254	- cat_id: filter on cat_id field
255	- start: start with a given category
256	- level: categories level to retrieve
257
258	@param params <b>array</b> Parameters
259	@return <b>record</b>
260	*/
261	public function getCategories($params=array())
262	{
263	$c_params = array();
264	if (isset($params['post_type'])) {
265	$c_params['post_type'] = $params['post_type'];
266	unset($params['post_type']);
267	}
268	$counter = $this->getCategoriesCounter($c_params);
269
270	$without_empty = $this->core->auth->userID() == false; # For public display
271
272	$start = isset($params['start']) ? (integer) $params['start'] : 0;
273	$l = isset($params['level']) ? (integer) $params['level'] : 0;
274
275	$rs = $this->categories()->getChildren($start,null,'desc');
276
277	# Get each categories total posts count
278	$data = array();
279	$stack = array();
280	$level = 0;
281	$cols = $rs->columns();
282	while ($rs->fetch())
283	{
284	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
285
286	if ($rs->level > $level) {
287	$nb_total = $nb_post;
288	$stack[$rs->level] = (integer) $nb_post;
289	} elseif ($rs->level == $level) {
290	$nb_total = $nb_post;
291	$stack[$rs->level] += $nb_post;
292	} else {
293	$nb_total = $stack[$rs->level+1] + $nb_post;
294	if (isset($stack[$rs->level])) {
295	$stack[$rs->level] += $nb_total;
296	} else {
297	$stack[$rs->level] = $nb_total;
298	}
299	unset($stack[$rs->level+1]);
300	}
301
302	if ($nb_total == 0 && $without_empty) {
303	continue;
304	}
305
306	$level = $rs->level;
307
308	$t = array();
309	foreach ($cols as $c) {
310	$t[$c] = $rs->f($c);
311	}
312	$t['nb_post'] = $nb_post;
313	$t['nb_total'] = $nb_total;
314
315	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
316	array_unshift($data,$t);
317	}
318	}
319
320	# We need to apply filter after counting
321	if (!empty($params['cat_id']))
322	{
323	$found = false;
324	foreach ($data as $v) {
325	if ($v['cat_id'] == $params['cat_id']) {
326	$found = true;
327	$data = array($v);
328	break;
329	}
330	}
331	if (!$found) {
332	$data = array();
333	}
334	}
335
336	if (!empty($params['cat_url']) && empty($params['cat_id']))
337	{
338	$found = false;
339	foreach ($data as $v) {
340	if ($v['cat_url'] == $params['cat_url']) {
341	$found = true;
342	$data = array($v);
343	break;
344	}
345	}
346	if (!$found) {
347	$data = array();
348	}
349	}
350
351	return staticRecord::newFromArray($data);
352	}
353
354	/**
355	Retrieves a category by its ID.
356
357	@param id <b>integer</b> Category ID
358	@return <b>record</b>
359	*/
360	public function getCategory($id)
361	{
362	return $this->getCategories(array('cat_id' => $id));
363	}
364
365	/**
366	Retrieves parents of a given category.
367
368	@param id <b>integer</b> Category ID
369	@return <b>record</b>
370	*/
371	public function getCategoryParents($id)
372	{
373	return $this->categories()->getParents($id);
374	}
375
376	/**
377	Retrieves first parent of a given category.
378
379	@param id <b>integer</b> Category ID
380	@return <b>record</b>
381	*/
382	public function getCategoryParent($id)
383	{
384	return $this->categories()->getParent($id);
385	}
386
387	/**
388	Retrieves all category's first children
389
390	@param id <b>integer</b> Category ID
391	@return <b>record</b>
392	*/
393	public function getCategoryFirstChildren($id)
394	{
395	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
396	}
397
398	private function getCategoriesCounter($params=array())
399	{
400	$strReq =
401	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
402	'FROM '.$this->prefix.'category AS C '.
403	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
404	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
405
406	if (!$this->core->auth->userID()) {
407	$strReq .= 'AND P.post_status = 1 ';
408	}
409
410	if (!empty($params['post_type'])) {
411	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
412	}
413
414	$strReq .= 'GROUP BY C.cat_id ';
415
416	$rs = $this->con->select($strReq);
417	$counters = array();
418	while ($rs->fetch()) {
419	$counters[$rs->cat_id] = $rs->nb_post;
420	}
421
422	return $counters;
423	}
424
425	/**
426	Creates a new category. Takes a cursor as input and returns the new category
427	ID.
428
429	@param cur <b>cursor</b> Category cursor
430	@return <b>integer</b> New category ID
431	*/
432	public function addCategory($cur,$parent=0)
433	{
434	if (!$this->core->auth->check('categories',$this->id)) {
435	throw new Exception(__('You are not allowed to add categories'));
436	}
437
438	$url = array();
439	if ($parent != 0)
440	{
441	$rs = $this->getCategory($parent);
442	if ($rs->isEmpty()) {
443	$url = array();
444	} else {
445	$url[] = $rs->cat_url;
446	}
447	}
448
449	if ($cur->cat_url == '') {
450	$url[] = text::tidyURL($cur->cat_title,false);
451	} else {
452	$url[] = $cur->cat_url;
453	}
454
455	$cur->cat_url = implode('/',$url);
456
457	$this->getCategoryCursor($cur);
458	$cur->blog_id = (string) $this->id;
459
460	# --BEHAVIOR-- coreBeforeCategoryCreate
461	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
462
463	$this->categories()->addNode($cur,$parent);
464
465	# --BEHAVIOR-- coreAfterCategoryCreate
466	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
467	$this->triggerBlog();
468
469	return $cur->cat_id;
470	}
471
472	/**
473	Updates an existing category.
474
475	@param id <b>integer</b> Category ID
476	@param cur <b>cursor</b> Category cursor
477	*/
478	public function updCategory($id,$cur)
479	{
480	if (!$this->core->auth->check('categories',$this->id)) {
481	throw new Exception(__('You are not allowed to update categories'));
482	}
483
484	if ($cur->cat_url == '')
485	{
486	$url = array();
487	$rs = $this->categories()->getParents($id);
488	while ($rs->fetch()) {
489	if ($rs->index() == $rs->count()-1) {
490	$url[] = $rs->cat_url;
491	}
492	}
493
494
495	$url[] = text::tidyURL($cur->cat_title,false);
496	$cur->cat_url = implode('/',$url);
497	}
498
499	$this->getCategoryCursor($cur,$id);
500
501	# --BEHAVIOR-- coreBeforeCategoryUpdate
502	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
503
504	$cur->update(
505	'WHERE cat_id = '.(integer) $id.' '.
506	"AND blog_id = '".$this->con->escape($this->id)."' ");
507
508	# --BEHAVIOR-- coreAfterCategoryUpdate
509	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
510
511	$this->triggerBlog();
512	}
513
514	/**
515	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
516	instead.
517
518	@param id <b>integer</b> Category ID
519	@param order <b>integer</b> Category position
520	*/
521	public function updCategoryOrder($id,$order)
522	{
523	return;
524	}
525
526	/**
527	Set a category parent
528
529	@param id <b>integer</b> Category ID
530	@param parent <b>integer</b> Parent Category ID
531	*/
532	public function setCategoryParent($id,$parent)
533	{
534	$this->categories()->setNodeParent($id,$parent);
535	$this->triggerBlog();
536	}
537
538	/**
539	Set category position
540
541	@param id <b>integer</b> Category ID
542	@param sibling <b>integer</b> Sibling Category ID
543	@param move <b>integer</b> Order (before\|after)
544	*/
545	public function setCategoryPosition($id,$sibling,$move)
546	{
547	$this->categories()->setNodePosition($id,$sibling,$move);
548	$this->triggerBlog();
549	}
550
551	/**
552	Deletes a category.
553
554	@param id <b>integer</b> Category ID
555	*/
556	public function delCategory($id)
557	{
558	if (!$this->core->auth->check('categories',$this->id)) {
559	throw new Exception(__('You are not allowed to delete categories'));
560	}
561
562	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
563	'FROM '.$this->prefix.'post '.
564	'WHERE cat_id = '.(integer) $id.' '.
565	"AND blog_id = '".$this->con->escape($this->id)."' ";
566
567	$rs = $this->con->select($strReq);
568
569	if ($rs->nb_post > 0) {
570	throw new Exception(__('This category is not empty.'));
571	}
572
573	$this->categories()->deleteNode($id,true);
574	$this->triggerBlog();
575	}
576
577	/**
578	Reset categories order and relocate them to first level
579	*/
580	public function resetCategoriesOrder()
581	{
582	if (!$this->core->auth->check('categories',$this->id)) {
583	throw new Exception(__('You are not allowed to delete categories'));
584	}
585
586	$this->categories()->resetOrder();
587	}
588
589	private function checkCategory($title,$url,$id=null)
590	{
591	$strReq = 'SELECT cat_id '.
592	'FROM '.$this->prefix.'category '.
593	"WHERE cat_url = '".$this->con->escape($url)."' ".
594	"AND blog_id = '".$this->con->escape($this->id)."' ";
595
596	if ($id !== null) {
597	$strReq .= 'AND cat_id <> '.(integer) $id.' ';
598	}
599
600	$rs = $this->con->select($strReq);
601
602	if (!$rs->isEmpty()) {
603	throw new Exception(__('Category URL must be unique.'));
604	}
605	}
606
607	private function getCategoryCursor($cur,$id=null)
608	{
609	if ($cur->cat_title == '') {
610	throw new Exception(__('You must provide a category title'));
611	}
612
613	# If we don't have any cat_url, let's do one
614	if ($cur->cat_url == '') {
615	$cur->cat_url = text::tidyURL($cur->cat_title,false);
616	}
617
618	# Still empty ?
619	if ($cur->cat_url == '') {
620	throw new Exception(__('You must provide a category URL'));
621	} else {
622	$cur->cat_url = text::tidyURL($cur->cat_url,true);
623	}
624
625	# Check if title or url are unique
626	$this->checkCategory($cur->cat_title,$cur->cat_url,$id);
627
628	if ($cur->cat_desc !== null) {
629	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
630	}
631	}
632	//@}
633
634	/// @name Entries management methods
635	//@{
636	/**
637	Retrieves entries. <b>$params</b> is an array taking the following
638	optionnal parameters:
639
640	- no_content: Don't retrieve entry content (excerpt and content)
641	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
642	- post_id: (integer) Get entry with given post_id
643	- post_url: Get entry with given post_url field
644	- user_id: (integer) Get entries belonging to given user ID
645	- cat_id: (string or array) Get entries belonging to given category ID
646	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
647	- cat_url: (string or array) Get entries belonging to given category URL
648	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
649	- post_status: (integer) Get entries with given post_status
650	- post_selected: (boolean) Get select flaged entries
651	- post_year: (integer) Get entries with given year
652	- post_month: (integer) Get entries with given month
653	- post_day: (integer) Get entries with given day
654	- post_lang: Get entries with given language code
655	- search: Get entries corresponding of the following search string
656	- columns: (array) More columns to retrieve
657	- sql: Append SQL string at the end of the query
658	- from: Append SQL string after "FROM" statement in query
659	- order: Order of results (default "ORDER BY post_dt DES")
660	- limit: Limit parameter
661
662	Please note that on every cat_id or cat_url, you can add ?not to exclude
663	the category and ?sub to get subcategories.
664
665	@param params <b>array</b> Parameters
666	@param count_only <b>boolean</b> Only counts results
667	@param sql_only <b>boolean</b> Only return SQL request
668	@return <b>record</b> A record with some more capabilities or the SQL request
669	*/
670	public function getPosts($params=array(),$count_only=false,$sql_only=false)
671	{
672	if ($count_only)
673	{
674	$strReq = 'SELECT count(P.post_id) ';
675	}
676	else
677	{
678	if (!empty($params['no_content'])) {
679	$content_req = '';
680	} else {
681	$content_req =
682	'post_excerpt, post_excerpt_xhtml, '.
683	'post_content, post_content_xhtml, post_notes, ';
684	}
685
686	if (!empty($params['columns']) && is_array($params['columns'])) {
687	$content_req .= implode(', ',$params['columns']).', ';
688	}
689
690	$strReq =
691	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
692	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
693	'post_url, post_lang, post_title, '.$content_req.
694	'post_type, post_meta, post_status, post_selected, post_position, '.
695	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
696	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
697	'U.user_url, '.
698	'C.cat_title, C.cat_url, C.cat_desc ';
699	}
700
701	$strReq .=
702	'FROM '.$this->prefix.'post P '.
703	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
704	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
705
706	if (!empty($params['from'])) {
707	$strReq .= $params['from'].' ';
708	}
709
710	$strReq .=
711	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
712
713	if (!$this->core->auth->check('contentadmin',$this->id)) {
714	$strReq .= 'AND ((post_status = 1 ';
715
716	if ($this->without_password) {
717	$strReq .= 'AND post_password IS NULL ';
718	}
719	$strReq .= ') ';
720
721	if ($this->core->auth->userID()) {
722	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
723	} else {
724	$strReq .= ') ';
725	}
726	}
727
728	#Adding parameters
729	if (isset($params['post_type']))
730	{
731	if (is_array($params['post_type']) && !empty($params['post_type'])) {
732	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
733	} elseif ($params['post_type'] != '') {
734	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
735	}
736	}
737	else
738	{
739	$strReq .= "AND post_type = 'post' ";
740	}
741
742	if (!empty($params['post_id'])) {
743	if (is_array($params['post_id'])) {
744	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
745	} else {
746	$params['post_id'] = array((integer) $params['post_id']);
747	}
748	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
749	}
750
751	if (!empty($params['post_url'])) {
752	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
753	}
754
755	if (!empty($params['user_id'])) {
756	$strReq .= 'AND '.$this->getInParamStr($params,'user_id','U.user_id');
757	}
758
759	if (!empty($params['cat_id']))
760	{
761	if (!is_array($params['cat_id'])) {
762	$params['cat_id'] = array($params['cat_id']);
763	}
764	if (!empty($params['cat_id_not'])) {
765	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
766	}
767	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
768	}
769	elseif (!empty($params['cat_url']))
770	{
771	if (!is_array($params['cat_url'])) {
772	$params['cat_url'] = array($params['cat_url']);
773	}
774	if (!empty($params['cat_url_not'])) {
775	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
776	}
777	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
778	}
779
780	/* Other filters */
781	if (isset($params['post_status'])) {
782	$strReq .= 'AND '.$this->getInParamStr($params,'post_status','post_status');
783	}
784
785	if (isset($params['post_selected'])) {
786	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
787	}
788
789	if (!empty($params['post_year'])) {
790	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
791	"'".sprintf('%04d',$params['post_year'])."' ";
792	}
793
794	if (!empty($params['post_month'])) {
795	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
796	"'".sprintf('%02d',$params['post_month'])."' ";
797	}
798
799	if (!empty($params['post_day'])) {
800	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
801	"'".sprintf('%02d',$params['post_day'])."' ";
802	}
803
804	if (!empty($params['post_lang'])) {
805	$strReq .= 'AND '.$this->getInParamStr($params,'post_lang','P.post_lang');
806	}
807
808	if (!empty($params['search']))
809	{
810	$words = text::splitWords($params['search']);
811
812	if (!empty($words))
813	{
814	# --BEHAVIOR-- corePostSearch
815	if ($this->core->hasBehavior('corePostSearch')) {
816	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
817	}
818
819	if ($words)
820	{
821	foreach ($words as $i => $w) {
822	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
823	}
824	$strReq .= 'AND '.implode(' AND ',$words).' ';
825	}
826	}
827	}
828
829	if (!empty($params['sql'])) {
830	$strReq .= $params['sql'].' ';
831	}
832
833	if (!$count_only)
834	{
835	if (!empty($params['order'])) {
836	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
837	} else {
838	$strReq .= 'ORDER BY post_dt DESC ';
839	}
840	}
841
842	if (!$count_only && !empty($params['limit'])) {
843	$strReq .= $this->con->limit($params['limit']);
844	}
845
846	if ($sql_only) {
847	return $strReq;
848	}
849
850	$rs = $this->con->select($strReq);
851	$rs->core = $this->core;
852	$rs->_nb_media = array();
853	$rs->extend('rsExtPost');
854
855	# --BEHAVIOR-- coreBlogGetPosts
856	$this->core->callBehavior('coreBlogGetPosts',$rs);
857
858	return $rs;
859	}
860
861	/**
862	Returns a record with post id, title and date for next or previous post
863	according to the post ID.
864	$dir could be 1 (next post) or -1 (previous post).
865
866	@param post_id <b>integer</b> Post ID
867	@param dir <b>integer</b> Search direction
868	@param restrict_to_category <b>boolean</b> Restrict to post with same category
869	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
870	@return record
871	*/
872	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
873	{
874	$dt = $post->post_dt;
875	$post_id = (integer) $post->post_id;
876
877	if($dir > 0) {
878	$sign = '>';
879	$order = 'ASC';
880	}
881	else {
882	$sign = '<';
883	$order = 'DESC';
884	}
885
886	$params['post_type'] = $post->post_type;
887	$params['limit'] = 1;
888	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
889	$params['sql'] =
890	'AND ( '.
891	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
892	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
893	') ';
894
895	if ($restrict_to_category) {
896	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
897	}
898
899	if ($restrict_to_lang) {
900	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
901	}
902
903	$rs = $this->getPosts($params);
904
905	if ($rs->isEmpty()) {
906	return null;
907	}
908
909	return $rs;
910	}
911
912	/**
913	Retrieves different languages and post count on blog, based on post_lang
914	field. <var>$params</var> is an array taking the following optionnal
915	parameters:
916
917	- post_type: Get only entries with given type (default "post", '' for no type)
918	- lang: retrieve post count for selected lang
919	- order: order statement (default post_lang DESC)
920
921	@param params <b>array</b> Parameters
922	@return record
923	*/
924	public function getLangs($params=array())
925	{
926	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
927	'FROM '.$this->prefix.'post '.
928	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
929	"AND post_lang <> '' ".
930	"AND post_lang IS NOT NULL ";
931
932	if (!$this->core->auth->check('contentadmin',$this->id)) {
933	$strReq .= 'AND ((post_status = 1 ';
934
935	if ($this->without_password) {
936	$strReq .= 'AND post_password IS NULL ';
937	}
938	$strReq .= ') ';
939
940	if ($this->core->auth->userID()) {
941	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
942	} else {
943	$strReq .= ') ';
944	}
945	}
946
947	if (isset($params['post_type'])) {
948	if ($params['post_type'] != '') {
949	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
950	}
951	} else {
952	$strReq .= "AND post_type = 'post' ";
953	}
954
955	if (isset($params['lang'])) {
956	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
957	}
958
959	$strReq .= 'GROUP BY post_lang ';
960
961	$order = 'desc';
962	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
963	$order = $params['order'];
964	}
965	$strReq .= 'ORDER BY post_lang '.$order.' ';
966
967	return $this->con->select($strReq);
968	}
969
970	/**
971	Returns a record with all distinct blog dates and post count.
972	<var>$params</var> is an array taking the following optionnal parameters:
973
974	- type: (day\|month\|year) Get days, months or years
975	- year: (integer) Get dates for given year
976	- month: (integer) Get dates for given month
977	- day: (integer) Get dates for given day
978	- cat_id: (integer) Category ID filter
979	- cat_url: Category URL filter
980	- post_lang: lang of the posts
981	- next: Get date following match
982	- previous: Get date before match
983	- order: Sort by date "ASC" or "DESC"
984
985	@param params <b>array</b> Parameters array
986	@return record
987	*/
988	public function getDates($params=array())
989	{
990	$dt_f = '%Y-%m-%d';
991	$dt_fc = '%Y%m%d';
992	if (isset($params['type'])) {
993	if ($params['type'] == 'year') {
994	$dt_f = '%Y-01-01';
995	$dt_fc = '%Y0101';
996	} elseif ($params['type'] == 'month') {
997	$dt_f = '%Y-%m-01';
998	$dt_fc = '%Y%m01';
999	}
1000	}
1001	$dt_f .= ' 00:00:00';
1002	$dt_fc .= '000000';
1003
1004	$cat_field = $catReq = $limit = '';
1005
1006	if (!empty($params['cat_id'])) {
1007	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1008	$cat_field = ', C.cat_url ';
1009	} elseif (!empty($params['cat_url'])) {
1010	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1011	$cat_field = ', C.cat_url ';
1012	}
1013	if (!empty($params['post_lang'])) {
1014	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1015	}
1016
1017	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1018	$cat_field.
1019	',COUNT(P.post_id) AS nb_post '.
1020	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1021	'ON P.cat_id = C.cat_id '.
1022	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1023	$catReq;
1024
1025	if (!$this->core->auth->check('contentadmin',$this->id)) {
1026	$strReq .= 'AND ((post_status = 1 ';
1027
1028	if ($this->without_password) {
1029	$strReq .= 'AND post_password IS NULL ';
1030	}
1031	$strReq .= ') ';
1032
1033	if ($this->core->auth->userID()) {
1034	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1035	} else {
1036	$strReq .= ') ';
1037	}
1038	}
1039
1040	if (!empty($params['post_type'])) {
1041	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1042	} else {
1043	$strReq .= "AND post_type = 'post' ";
1044	}
1045
1046	if (!empty($params['year'])) {
1047	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1048	}
1049
1050	if (!empty($params['month'])) {
1051	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1052	}
1053
1054	if (!empty($params['day'])) {
1055	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1056	}
1057
1058	# Get next or previous date
1059	if (!empty($params['next']) \|\| !empty($params['previous']))
1060	{
1061	if (!empty($params['next'])) {
1062	$pdir = ' > ';
1063	$params['order'] = 'asc';
1064	$dt = $params['next'];
1065	} else {
1066	$pdir = ' < ';
1067	$params['order'] = 'desc';
1068	$dt = $params['previous'];
1069	}
1070
1071	$dt = date('YmdHis',strtotime($dt));
1072
1073	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1074	$limit = $this->con->limit(1);
1075	}
1076
1077	$strReq .= 'GROUP BY dt '.$cat_field;
1078
1079	$order = 'desc';
1080	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1081	$order = $params['order'];
1082	}
1083
1084	$strReq .=
1085	'ORDER BY dt '.$order.' '.
1086	$limit;
1087
1088	$rs = $this->con->select($strReq);
1089	$rs->extend('rsExtDates');
1090	return $rs;
1091	}
1092
1093	/**
1094	Creates a new entry. Takes a cursor as input and returns the new entry
1095	ID.
1096
1097	@param cur <b>cursor</b> Post cursor
1098	@return <b>integer</b> New post ID
1099	*/
1100	public function addPost($cur)
1101	{
1102	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1103	throw new Exception(__('You are not allowed to create an entry'));
1104	}
1105
1106	$this->con->writeLock($this->prefix.'post');
1107	try
1108	{
1109	# Get ID
1110	$rs = $this->con->select(
1111	'SELECT MAX(post_id) '.
1112	'FROM '.$this->prefix.'post '
1113	);
1114
1115	$cur->post_id = (integer) $rs->f(0) + 1;
1116	$cur->blog_id = (string) $this->id;
1117	$cur->post_creadt = date('Y-m-d H:i:s');
1118	$cur->post_upddt = date('Y-m-d H:i:s');
1119	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1120
1121	# Post excerpt and content
1122	$this->getPostContent($cur,$cur->post_id);
1123
1124	$this->getPostCursor($cur);
1125
1126	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1127
1128	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1129	$cur->post_status = -2;
1130	}
1131
1132	# --BEHAVIOR-- coreBeforePostCreate
1133	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1134
1135	$cur->insert();
1136	$this->con->unlock();
1137	}
1138	catch (Exception $e)
1139	{
1140	$this->con->unlock();
1141	throw $e;
1142	}
1143
1144	# --BEHAVIOR-- coreAfterPostCreate
1145	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1146
1147	$this->triggerBlog();
1148
1149	return $cur->post_id;
1150	}
1151
1152	/**
1153	Updates an existing post.
1154
1155	@param id <b>integer</b> Post ID
1156	@param cur <b>cursor</b> Post cursor
1157	*/
1158	public function updPost($id,$cur)
1159	{
1160	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1161	throw new Exception(__('You are not allowed to update entries'));
1162	}
1163
1164	$id = (integer) $id;
1165
1166	if (empty($id)) {
1167	throw new Exception(__('No such entry ID'));
1168	}
1169
1170	# Post excerpt and content
1171	$this->getPostContent($cur,$id);
1172
1173	$this->getPostCursor($cur);
1174
1175	if ($cur->post_url !== null) {
1176	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1177	}
1178
1179	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1180	$cur->unsetField('post_status');
1181	}
1182
1183	$cur->post_upddt = date('Y-m-d H:i:s');
1184
1185	#�If user is only "usage", we need to check the post's owner
1186	if (!$this->core->auth->check('contentadmin',$this->id))
1187	{
1188	$strReq = 'SELECT post_id '.
1189	'FROM '.$this->prefix.'post '.
1190	'WHERE post_id = '.$id.' '.
1191	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1192
1193	$rs = $this->con->select($strReq);
1194
1195	if ($rs->isEmpty()) {
1196	throw new Exception(__('You are not allowed to edit this entry'));
1197	}
1198	}
1199
1200	# --BEHAVIOR-- coreBeforePostUpdate
1201	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1202
1203	$cur->update('WHERE post_id = '.$id.' ');
1204
1205	# --BEHAVIOR-- coreAfterPostUpdate
1206	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1207
1208	$this->triggerBlog();
1209	}
1210
1211	/**
1212	Updates post status.
1213
1214	@param id <b>integer</b> Post ID
1215	@param status <b>integer</b> Post status
1216	*/
1217	public function updPostStatus($id,$status)
1218	{
1219	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1220	throw new Exception(__('You are not allowed to change this entry status'));
1221	}
1222
1223	$id = (integer) $id;
1224	$status = (integer) $status;
1225
1226	#If user can only publish, we need to check the post's owner
1227	if (!$this->core->auth->check('contentadmin',$this->id))
1228	{
1229	$strReq = 'SELECT post_id '.
1230	'FROM '.$this->prefix.'post '.
1231	'WHERE post_id = '.$id.' '.
1232	"AND blog_id = '".$this->con->escape($this->id)."' ".
1233	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1234
1235	$rs = $this->con->select($strReq);
1236
1237	if ($rs->isEmpty()) {
1238	throw new Exception(__('You are not allowed to change this entry status'));
1239	}
1240	}
1241
1242	$cur = $this->con->openCursor($this->prefix.'post');
1243
1244	$cur->post_status = $status;
1245	$cur->post_upddt = date('Y-m-d H:i:s');
1246
1247	$cur->update(
1248	'WHERE post_id = '.$id.' '.
1249	"AND blog_id = '".$this->con->escape($this->id)."' "
1250	);
1251	$this->triggerBlog();
1252	}
1253
1254	public function updPostSelected($id,$selected)
1255	{
1256	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1257	throw new Exception(__('You are not allowed to change this entry category'));
1258	}
1259
1260	$id = (integer) $id;
1261	$selected = (boolean) $selected;
1262
1263	# If user is only usage, we need to check the post's owner
1264	if (!$this->core->auth->check('contentadmin',$this->id))
1265	{
1266	$strReq = 'SELECT post_id '.
1267	'FROM '.$this->prefix.'post '.
1268	'WHERE post_id = '.$id.' '.
1269	"AND blog_id = '".$this->con->escape($this->id)."' ".
1270	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1271
1272	$rs = $this->con->select($strReq);
1273
1274	if ($rs->isEmpty()) {
1275	throw new Exception(__('You are not allowed to mark this entry as selected'));
1276	}
1277	}
1278
1279	$cur = $this->con->openCursor($this->prefix.'post');
1280
1281	$cur->post_selected = (integer) $selected;
1282	$cur->post_upddt = date('Y-m-d H:i:s');
1283
1284	$cur->update(
1285	'WHERE post_id = '.$id.' '.
1286	"AND blog_id = '".$this->con->escape($this->id)."' "
1287	);
1288	$this->triggerBlog();
1289	}
1290
1291	/**
1292	Updates post category. <var>$cat_id</var> can be null.
1293
1294	@param id <b>integer</b> Post ID
1295	@param cat_id <b>integer</b> Category ID
1296	*/
1297	public function updPostCategory($id,$cat_id)
1298	{
1299	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1300	throw new Exception(__('You are not allowed to change this entry category'));
1301	}
1302
1303	$id = (integer) $id;
1304	$cat_id = (integer) $cat_id;
1305
1306	# If user is only usage, we need to check the post's owner
1307	if (!$this->core->auth->check('contentadmin',$this->id))
1308	{
1309	$strReq = 'SELECT post_id '.
1310	'FROM '.$this->prefix.'post '.
1311	'WHERE post_id = '.$id.' '.
1312	"AND blog_id = '".$this->con->escape($this->id)."' ".
1313	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1314
1315	$rs = $this->con->select($strReq);
1316
1317	if ($rs->isEmpty()) {
1318	throw new Exception(__('You are not allowed to change this entry category'));
1319	}
1320	}
1321
1322	$cur = $this->con->openCursor($this->prefix.'post');
1323
1324	$cur->cat_id = ($cat_id ? $cat_id : null);
1325	$cur->post_upddt = date('Y-m-d H:i:s');
1326
1327	$cur->update(
1328	'WHERE post_id = '.$id.' '.
1329	"AND blog_id = '".$this->con->escape($this->id)."' "
1330	);
1331	$this->triggerBlog();
1332	}
1333
1334	/**
1335	Deletes a post.
1336
1337	@param id <b>integer</b> Post ID
1338	*/
1339	public function delPost($id)
1340	{
1341	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1342	throw new Exception(__('You are not allowed to delete entries'));
1343	}
1344
1345	$id = (integer) $id;
1346
1347	if (empty($id)) {
1348	throw new Exception(__('No such entry ID'));
1349	}
1350
1351	#If user can only delete, we need to check the post's owner
1352	if (!$this->core->auth->check('contentadmin',$this->id))
1353	{
1354	$strReq = 'SELECT post_id '.
1355	'FROM '.$this->prefix.'post '.
1356	'WHERE post_id = '.$id.' '.
1357	"AND blog_id = '".$this->con->escape($this->id)."' ".
1358	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1359
1360	$rs = $this->con->select($strReq);
1361
1362	if ($rs->isEmpty()) {
1363	throw new Exception(__('You are not allowed to delete this entry'));
1364	}
1365	}
1366
1367
1368	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1369	'WHERE post_id = '.$id.' '.
1370	"AND blog_id = '".$this->con->escape($this->id)."' ";
1371
1372	$this->con->execute($strReq);
1373	$this->triggerBlog();
1374	}
1375
1376	/**
1377	Publishes all entries flaged as "scheduled".
1378	*/
1379	public function publishScheduledEntries()
1380	{
1381	$strReq = 'SELECT post_id, post_dt, post_tz '.
1382	'FROM '.$this->prefix.'post '.
1383	'WHERE post_status = -1 '.
1384	"AND blog_id = '".$this->con->escape($this->id)."' ";
1385
1386	$rs = $this->con->select($strReq);
1387
1388	$now = dt::toUTC(time());
1389	$to_change = array();
1390
1391	if ($rs->isEmpty()) {
1392	return;
1393	}
1394
1395	while ($rs->fetch())
1396	{
1397	# Now timestamp with post timezone
1398	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1399
1400	# Post timestamp
1401	$post_ts = strtotime($rs->post_dt);
1402
1403	# If now_tz >= post_ts, we publish the entry
1404	if ($now_tz >= $post_ts) {
1405	$to_change[] = (integer) $rs->post_id;
1406	}
1407	}
1408
1409	if (!empty($to_change))
1410	{
1411	$strReq =
1412	'UPDATE '.$this->prefix.'post SET '.
1413	'post_status = 1 '.
1414	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1415	'AND post_id '.$this->con->in($to_change).' ';
1416
1417	$this->con->execute($strReq);
1418	$this->triggerBlog();
1419	}
1420	}
1421
1422	/**
1423	Retrieves all users having posts on current blog.
1424
1425	@param post_type <b>string</b> post_type filter (post)
1426	@return record
1427	*/
1428	public function getPostsUsers($post_type='post')
1429	{
1430	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1431	'user_displayname, user_email '.
1432	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1433	'WHERE P.user_id = U.user_id '.
1434	"AND blog_id = '".$this->con->escape($this->id)."' ";
1435
1436	if ($post_type) {
1437	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1438	}
1439
1440	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1441
1442	return $this->con->select($strReq);
1443	}
1444
1445	private function getPostsCategoryFilter($arr,$field='cat_id')
1446	{
1447	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1448	$sub = array();
1449	$not = array();
1450	$queries = array();
1451
1452	foreach ($arr as $v)
1453	{
1454	$v = trim($v);
1455	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1456	$id = array_shift($args);
1457	$args = array_flip($args);
1458
1459	if (isset($args['not'])) { $not[$id] = 1; }
1460	if (isset($args['sub'])) { $sub[$id] = 1; }
1461	$nullExcluded = false;
1462	if ($field == 'cat_id') {
1463	if (preg_match('/^null$/i',$id)) {
1464	$queries[$id] = 'P.cat_id IS NULL';
1465	if ($not[$id]) {
1466	$nullExcluded = true;
1467	}
1468	}
1469	else {
1470	$queries[$id] = 'P.cat_id = '.(integer) $id;
1471	}
1472	} else {
1473	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1474	}
1475	}
1476
1477	if (!empty($sub)) {
1478	$rs = $this->con->select(
1479	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1480	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1481	'AND '.$field.' '.$this->con->in(array_keys($sub))
1482	);
1483
1484	while ($rs->fetch()) {
1485	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1486	}
1487	}
1488
1489	# Create queries
1490	$sql = array(
1491	0 => array(), # wanted categories
1492	1 => array() # excluded categories
1493	);
1494
1495	foreach ($queries as $id => $q) {
1496	$sql[(integer) isset($not[$id])][] = $q;
1497	}
1498
1499	$sql[0] = implode(' OR ',$sql[0]);
1500	$sql[1] = implode(' OR ',$sql[1]);
1501
1502	if ($sql[0]) {
1503	$sql[0] = '('.$sql[0].')';
1504	} else {
1505	unset($sql[0]);
1506	}
1507
1508	if ($sql[1]) {
1509	if ($nullExcluded) {
1510	$sql[1] = 'NOT('.$sql[1].')';
1511	} else {
1512	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1513	}
1514	} else {
1515	unset($sql[1]);
1516	}
1517	return implode(' AND ',$sql);
1518	}
1519
1520	private function getPostCursor($cur,$post_id=null)
1521	{
1522	if ($cur->post_title == '') {
1523	throw new Exception(__('No entry title'));
1524	}
1525
1526	if ($cur->post_content == '') {
1527	throw new Exception(__('No entry content'));
1528	}
1529
1530	if ($cur->post_password === '') {
1531	$cur->post_password = null;
1532	}
1533
1534	if ($cur->post_dt == '') {
1535	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1536	$now = time() + $offset;
1537	$cur->post_dt = date('Y-m-d H:i:00',$now);
1538	}
1539
1540	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1541
1542	if ($cur->post_content_xhtml == '') {
1543	throw new Exception(__('No entry content'));
1544	}
1545
1546	# Words list
1547	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1548	&& $cur->post_content_xhtml !== null)
1549	{
1550	$words =
1551	$cur->post_title.' '.
1552	$cur->post_excerpt_xhtml.' '.
1553	$cur->post_content_xhtml;
1554
1555	$cur->post_words = implode(' ',text::splitWords($words));
1556	}
1557	}
1558
1559	private function getPostContent($cur,$post_id)
1560	{
1561	$post_excerpt = $cur->post_excerpt;
1562	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1563	$post_content = $cur->post_content;
1564	$post_content_xhtml = $cur->post_content_xhtml;
1565
1566	$this->setPostContent(
1567	$post_id,$cur->post_format,$cur->post_lang,
1568	$post_excerpt,$post_excerpt_xhtml,
1569	$post_content,$post_content_xhtml
1570	);
1571
1572	$cur->post_excerpt = $post_excerpt;
1573	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1574	$cur->post_content = $post_content;
1575	$cur->post_content_xhtml = $post_content_xhtml;
1576	}
1577
1578	/**
1579	Creates post HTML content, taking format and lang into account.
1580
1581	@param post_id <b>integer</b> Post ID
1582	@param format <b>string</b> Post format
1583	@param lang <b>string</b> Post lang
1584	@param excerpt <b>string</b> Post excerpt
1585	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1586	@param content <b>string</b> Post content
1587	@param[out] content_xhtml <b>string</b> Post content HTML
1588	*/
1589	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1590	{
1591	if ($format == 'wiki')
1592	{
1593	$this->core->initWikiPost();
1594	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1595	if (strpos($lang,'fr') === 0) {
1596	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1597	}
1598	}
1599
1600	if ($excerpt) {
1601	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1602	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1603	} else {
1604	$excerpt_xhtml = '';
1605	}
1606
1607	if ($content) {
1608	$content_xhtml = $this->core->callFormater($format,$content);
1609	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1610	} else {
1611	$content_xhtml = '';
1612	}
1613
1614	# --BEHAVIOR-- coreAfterPostContentFormat
1615	$this->core->callBehavior('coreAfterPostContentFormat',array(
1616	'excerpt' => &$excerpt,
1617	'content' => &$content,
1618	'excerpt_xhtml' => &$excerpt_xhtml,
1619	'content_xhtml' => &$content_xhtml
1620	));
1621	}
1622
1623	/**
1624	Returns URL for a post according to blog setting <var>post_url_format</var>.
1625	It will try to guess URL and append some figures if needed.
1626
1627	@param url <b>string</b> Origin URL, could be empty
1628	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1629	@param post_title <b>string</b> Post title
1630	@param post_id <b>integer</b> Post ID
1631	@return <b>string</b> result URL
1632	*/
1633	public function getPostURL($url,$post_dt,$post_title,$post_id)
1634	{
1635	$url = trim($url);
1636
1637	$url_patterns = array(
1638	'{y}' => date('Y',strtotime($post_dt)),
1639	'{m}' => date('m',strtotime($post_dt)),
1640	'{d}' => date('d',strtotime($post_dt)),
1641	'{t}' => text::tidyURL($post_title),
1642	'{id}' => (integer) $post_id
1643	);
1644
1645	# If URL is empty, we create a new one
1646	if ($url == '')
1647	{
1648	# Transform with format
1649	$url = str_replace(
1650	array_keys($url_patterns),
1651	array_values($url_patterns),
1652	$this->settings->system->post_url_format
1653	);
1654	}
1655	else
1656	{
1657	$url = text::tidyURL($url);
1658	}
1659
1660	# Let's check if URL is taken...
1661	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1662	"WHERE post_url = '".$this->con->escape($url)."' ".
1663	'AND post_id <> '.(integer) $post_id. ' '.
1664	"AND blog_id = '".$this->con->escape($this->id)."' ".
1665	'ORDER BY post_url DESC';
1666
1667	$rs = $this->con->select($strReq);
1668
1669	if (!$rs->isEmpty())
1670	{
1671	if ($this->con->driver() == 'mysql') {
1672	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1673	} elseif ($this->con->driver() == 'pgsql') {
1674	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1675	} else {
1676	$clause = "LIKE '".$this->con->escape($url)."%'";
1677	}
1678	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1679	"WHERE post_url ".$clause.' '.
1680	'AND post_id <> '.(integer) $post_id.' '.
1681	"AND blog_id = '".$this->con->escape($this->id)."' ".
1682	'ORDER BY post_url DESC ';
1683
1684	$rs = $this->con->select($strReq);
1685	$a = array();
1686	while ($rs->fetch()) {
1687	$a[] = $rs->post_url;
1688	}
1689
1690	natsort($a);
1691	$t_url = end($a);
1692
1693	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1694	$i = (integer) $m[2];
1695	$url = $m[1];
1696	} else {
1697	$i = 1;
1698	}
1699
1700	return $url.($i+1);
1701	}
1702
1703	# URL is empty?
1704	if ($url == '') {
1705	throw new Exception(__('Empty entry URL'));
1706	}
1707
1708	return $url;
1709	}
1710	//@}
1711
1712	/// @name Comments management methods
1713	//@{
1714	/**
1715	Retrieves comments. <b>$params</b> is an array taking the following
1716	optionnal parameters:
1717
1718	- no_content: Don't retrieve comment content
1719	- post_type: Get only entries with given type (default no type, array for many types)
1720	- post_id: (integer) Get comments belonging to given post_id
1721	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1722	- comment_id: (integer) Get comment with given ID
1723	- comment_status: (integer) Get comments with given comment_status
1724	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1725	- comment_ip: (string) Get comments with given IP address
1726	- post_url: Get entry with given post_url field
1727	- user_id: (integer) Get entries belonging to given user ID
1728	- q_author: Search comments by author
1729	- sql: Append SQL string at the end of the query
1730	- from: Append SQL string after "FROM" statement in query
1731	- order: Order of results (default "ORDER BY comment_dt DES")
1732	- limit: Limit parameter
1733
1734	@param params <b>array</b> Parameters
1735	@param count_only <b>boolean</b> Only counts results
1736	@return <b>record</b> A record with some more capabilities
1737	*/
1738	public function getComments($params=array(),$count_only=false)
1739	{
1740	if ($count_only)
1741	{
1742	$strReq = 'SELECT count(comment_id) ';
1743	}
1744	else
1745	{
1746	if (!empty($params['no_content'])) {
1747	$content_req = '';
1748	} else {
1749	$content_req = 'comment_content, ';
1750	}
1751
1752	if (!empty($params['columns']) && is_array($params['columns'])) {
1753	$content_req .= implode(', ',$params['columns']).', ';
1754	}
1755
1756	$strReq =
1757	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1758	'comment_author, comment_email, comment_site, '.
1759	$content_req.' comment_trackback, comment_status, '.
1760	'comment_spam_status, comment_spam_filter, comment_ip, '.
1761	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1762	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1763	}
1764
1765	$strReq .=
1766	'FROM '.$this->prefix.'comment C '.
1767	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1768	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1769
1770	if (!empty($params['from'])) {
1771	$strReq .= $params['from'].' ';
1772	}
1773
1774	$strReq .=
1775	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1776
1777	if (!$this->core->auth->check('contentadmin',$this->id)) {
1778	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1779
1780	if ($this->without_password) {
1781	$strReq .= 'AND post_password IS NULL ';
1782	}
1783	$strReq .= ') ';
1784
1785	if ($this->core->auth->userID()) {
1786	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1787	} else {
1788	$strReq .= ') ';
1789	}
1790	}
1791
1792	if (!empty($params['post_type']))
1793	{
1794	if (is_array($params['post_type']) && !empty($params['post_type'])) {
1795	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1796	} else {
1797	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1798	}
1799	}
1800
1801	if (!empty($params['post_id'])) {
1802	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1803	}
1804
1805	if (!empty($params['cat_id'])) {
1806	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1807	}
1808
1809	if (!empty($params['comment_id'])) {
1810	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
1811	}
1812
1813	if (isset($params['comment_status'])) {
1814	$strReq .= 'AND '.$this->getInParamStr($params,'comment_status','comment_status');
1815	}
1816	elseif (!empty($params['comment_status_not'])) // older method, deprecated
1817	{
1818	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
1819	}
1820
1821	if (isset($params['comment_trackback'])) {
1822	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
1823	}
1824
1825	if (isset($params['comment_ip'])) {
1826	$strReq .= "AND comment_ip = '".$this->con->escape($params['comment_ip'])."' ";
1827	}
1828
1829	if (isset($params['q_author'])) {
1830	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
1831	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
1832	}
1833
1834	if (!empty($params['search']))
1835	{
1836	$words = text::splitWords($params['search']);
1837
1838	if (!empty($words))
1839	{
1840	# --BEHAVIOR coreCommentSearch
1841	if ($this->core->hasBehavior('coreCommentSearch')) {
1842	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
1843	}
1844
1845	if ($words)
1846	{
1847	foreach ($words as $i => $w) {
1848	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
1849	}
1850	$strReq .= 'AND '.implode(' AND ',$words).' ';
1851	}
1852	}
1853	}
1854
1855	if (!empty($params['sql'])) {
1856	$strReq .= $params['sql'].' ';
1857	}
1858
1859	if (!$count_only)
1860	{
1861	if (!empty($params['order'])) {
1862	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
1863	} else {
1864	$strReq .= 'ORDER BY comment_dt DESC ';
1865	}
1866	}
1867
1868	if (!$count_only && !empty($params['limit'])) {
1869	$strReq .= $this->con->limit($params['limit']);
1870	}
1871
1872	$rs = $this->con->select($strReq);
1873	$rs->core = $this->core;
1874	$rs->extend('rsExtComment');
1875
1876	# --BEHAVIOR-- coreBlogGetComments
1877	$this->core->callBehavior('coreBlogGetComments',$rs);
1878
1879	return $rs;
1880	}
1881
1882	/**
1883	Creates a new comment. Takes a cursor as input and returns the new comment
1884	ID.
1885
1886	@param cur <b>cursor</b> Comment cursor
1887	@return <b>integer</b> New comment ID
1888	*/
1889	public function addComment($cur)
1890	{
1891	$this->con->writeLock($this->prefix.'comment');
1892	try
1893	{
1894	# Get ID
1895	$rs = $this->con->select(
1896	'SELECT MAX(comment_id) '.
1897	'FROM '.$this->prefix.'comment '
1898	);
1899
1900	$cur->comment_id = (integer) $rs->f(0) + 1;
1901	$cur->comment_upddt = date('Y-m-d H:i:s');
1902
1903	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
1904	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
1905	$cur->comment_tz = $this->settings->system->blog_timezone;
1906
1907	$this->getCommentCursor($cur);
1908
1909	if ($cur->comment_ip === null) {
1910	$cur->comment_ip = http::realIP();
1911	}
1912
1913	# --BEHAVIOR-- coreBeforeCommentCreate
1914	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
1915
1916	$cur->insert();
1917	$this->con->unlock();
1918	}
1919	catch (Exception $e)
1920	{
1921	$this->con->unlock();
1922	throw $e;
1923	}
1924
1925	# --BEHAVIOR-- coreAfterCommentCreate
1926	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
1927
1928	$this->triggerComment($cur->comment_id);
1929	if ($cur->comment_status != -2) {
1930	$this->triggerBlog();
1931	}
1932	return $cur->comment_id;
1933	}
1934
1935	/**
1936	Updates an existing comment.
1937
1938	@param id <b>integer</b> Comment ID
1939	@param cur <b>cursor</b> Comment cursor
1940	*/
1941	public function updComment($id,$cur)
1942	{
1943	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1944	throw new Exception(__('You are not allowed to update comments'));
1945	}
1946
1947	$id = (integer) $id;
1948
1949	if (empty($id)) {
1950	throw new Exception(__('No such comment ID'));
1951	}
1952
1953	$rs = $this->getComments(array('comment_id' => $id));
1954
1955	if ($rs->isEmpty()) {
1956	throw new Exception(__('No such comment ID'));
1957	}
1958
1959	#If user is only usage, we need to check the post's owner
1960	if (!$this->core->auth->check('contentadmin',$this->id))
1961	{
1962	if ($rs->user_id != $this->core->auth->userID()) {
1963	throw new Exception(__('You are not allowed to update this comment'));
1964	}
1965	}
1966
1967	$this->getCommentCursor($cur);
1968
1969	$cur->comment_upddt = date('Y-m-d H:i:s');
1970
1971	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1972	$cur->unsetField('comment_status');
1973	}
1974
1975	# --BEHAVIOR-- coreBeforeCommentUpdate
1976	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
1977
1978	$cur->update('WHERE comment_id = '.$id.' ');
1979
1980	# --BEHAVIOR-- coreAfterCommentUpdate
1981	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
1982
1983	$this->triggerComment($id);
1984	$this->triggerBlog();
1985	}
1986
1987	/**
1988	Updates comment status.
1989
1990	@param id <b>integer</b> Comment ID
1991	@param status <b>integer</b> Comment status
1992	*/
1993	public function updCommentStatus($id,$status)
1994	{
1995	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1996	throw new Exception(__("You are not allowed to change this comment's status"));
1997	}
1998
1999	$cur = $this->con->openCursor($this->prefix.'comment');
2000	$cur->comment_status = (integer) $status;
2001	$this->updComment($id,$cur);
2002	}
2003
2004	/**
2005	Delete a comment
2006
2007	@param id <b>integer</b> Comment ID
2008	*/
2009	public function delComment($id)
2010	{
2011	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2012	throw new Exception(__('You are not allowed to delete comments'));
2013	}
2014
2015	$id = (integer) $id;
2016
2017	if (empty($id)) {
2018	throw new Exception(__('No such comment ID'));
2019	}
2020
2021	#If user can only delete, we need to check the post's owner
2022	if (!$this->core->auth->check('contentadmin',$this->id))
2023	{
2024	$strReq = 'SELECT P.post_id '.
2025	'FROM '.$this->prefix.'post P, '.$this->prefix.'comment C '.
2026	'WHERE P.post_id = C.post_id '.
2027	"AND P.blog_id = '".$this->con->escape($this->id)."' ".
2028	'AND comment_id = '.$id.' '.
2029	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2030
2031	$rs = $this->con->select($strReq);
2032
2033	if ($rs->isEmpty()) {
2034	throw new Exception(__('You are not allowed to delete this comment'));
2035	}
2036	}
2037
2038	$strReq = 'DELETE FROM '.$this->prefix.'comment '.
2039	'WHERE comment_id = '.$id.' ';
2040
2041	$this->triggerComment($id,true);
2042	$this->con->execute($strReq);
2043	$this->triggerBlog();
2044	}
2045
2046	private function getCommentCursor($cur)
2047	{
2048	if ($cur->comment_content !== null && $cur->comment_content == '') {
2049	throw new Exception(__('You must provide a comment'));
2050	}
2051
2052	if ($cur->comment_author !== null && $cur->comment_author == '') {
2053	throw new Exception(__('You must provide an author name'));
2054	}
2055
2056	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2057	throw new Exception(__('Email address is not valid.'));
2058	}
2059
2060	if ($cur->comment_site !== null && $cur->comment_site != '') {
2061	if (!preg_match('\|^http(s?)://\|',$cur->comment_site)) {
2062	$cur->comment_site = 'http://'.$cur->comment_site;
2063	}
2064	}
2065
2066	if ($cur->comment_status === null) {
2067	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2068	}
2069
2070	# Words list
2071	if ($cur->comment_content !== null)
2072	{
2073	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2074	}
2075	}
2076	//@}
2077	}
2078	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 506:f97697c66830

Download in other formats:

Sites map