class.dc.blog.php @ 191:67cb37c57a91

Visit:

Revision 191:67cb37c57a91, 54.2 KB checked in by Franck <carnet.franck.paul@…>, 14 years ago (diff)
Mise en place pour le ticket http://dev.dotclear.org/2.0/ticket/1028

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2010 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	protected $core; ///< <b>dcCore</b> dcCore instance
24	public $con; ///< <b>connection</b> Database connection object
25	public $prefix; ///< <b>string</b> Database table prefix
26
27	public $id; ///< <b>string</b> Blog ID
28	public $uid; ///< <b>string</b> Blog unique ID
29	public $name; ///< <b>string</b> Blog name
30	public $desc; ///< <b>string</b> Blog description
31	public $url; ///< <b>string</b> Blog URL
32	public $host; ///< <b>string</b> Blog host
33	public $creadt; ///< <b>string</b> Blog creation date
34	public $upddt; ///< <b>string</b> Blog last update date
35	public $status; ///< <b>string</b> Blog status
36
37	public $settings; ///< <b>dcSettings</b> dcSettings object
38	public $themes_path; ///< <b>string</b> Blog theme path
39	public $public_path; ///< <b>string</b> Blog public path
40
41	private $post_status = array();
42	private $comment_status = array();
43
44	private $categories;
45
46	public $without_password = true; ///< <b>boolean</b> Disallow entries password protection
47
48	/**
49	Inits dcBlog object
50
51	@param core <b>dcCore</b> Dotclear core reference
52	@param id <b>string</b> Blog ID
53	*/
54	public function __construct($core, $id)
55	{
56	$this->con =& $core->con;
57	$this->prefix = $core->prefix;
58	$this->core =& $core;
59
60	if (($b = $this->core->getBlog($id)) !== false)
61	{
62	$this->id = $id;
63	$this->uid = $b->blog_uid;
64	$this->name = $b->blog_name;
65	$this->desc = $b->blog_desc;
66	$this->url = $b->blog_url;
67	$this->host = preg_replace('\|^([a-z]{3,}://)(.?)/.$\|','$1$2',$this->url);
68	$this->creadt = strtotime($b->blog_creadt);
69	$this->upddt = strtotime($b->blog_upddt);
70	$this->status = $b->blog_status;
71
72	$this->settings = new dcSettings($this->core,$this->id);
73
74	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
75	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
76
77	$this->post_status['-2'] = __('pending');
78	$this->post_status['-1'] = __('scheduled');
79	$this->post_status['0'] = __('unpublished');
80	$this->post_status['1'] = __('published');
81
82	$this->comment_status['-2'] = __('junk');
83	$this->comment_status['-1'] = __('pending');
84	$this->comment_status['0'] = __('unpublished');
85	$this->comment_status['1'] = __('published');
86
87	# --BEHAVIOR-- coreBlogConstruct
88	$this->core->callBehavior('coreBlogConstruct',$this);
89	}
90	}
91
92	/// @name Common public methods
93	//@{
94	/**
95	Returns blog URL ending with a question mark.
96	*/
97	public function getQmarkURL()
98	{
99	if (substr($this->url,-1) != '?') {
100	return $this->url.'?';
101	}
102
103	return $this->url;
104	}
105
106	/**
107	Returns an entry status name given to a code. Status are translated, never
108	use it for tests. If status code does not exist, returns <i>unpublished</i>.
109
110	@param s <b>integer</b> Status code
111	@return <b>string</b> Blog status name
112	*/
113	public function getPostStatus($s)
114	{
115	if (isset($this->post_status[$s])) {
116	return $this->post_status[$s];
117	}
118	return $this->post_status['0'];
119	}
120
121	/**
122	Returns an array of available entry status codes and names.
123
124	@return <b>array</b> Simple array with codes in keys and names in value
125	*/
126	public function getAllPostStatus()
127	{
128	return $this->post_status;
129	}
130
131	/**
132	Returns an array of available comment status codes and names.
133
134	@return <b>array</b> Simple array with codes in keys and names in value
135	*/
136	public function getAllCommentStatus()
137	{
138	return $this->comment_status;
139	}
140
141	/**
142	Disallows entries password protection. You need to set it to
143	<var>false</var> while serving a public blog.
144
145	@param v <b>boolean</b>
146	*/
147	public function withoutPassword($v)
148	{
149	$this->without_password = (boolean) $v;
150	}
151	//@}
152
153	/// @name Triggers methods
154	//@{
155	/**
156	Updates blog last update date. Should be called every time you change
157	an element related to the blog.
158	*/
159	public function triggerBlog()
160	{
161	$cur = $this->con->openCursor($this->prefix.'blog');
162
163	$cur->blog_upddt = date('Y-m-d H:i:s');
164
165	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
166
167	# --BEHAVIOR-- coreBlogAfterTriggerBlog
168	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
169	}
170
171	/**
172	Updates comment and trackback counters in post table. Should be called
173	every time a comment or trackback is added, removed or changed its status.
174
175	@param id <b>integer</b> Comment ID
176	@param del <b>boolean</b> If comment is delete, set this to true
177	*/
178	public function triggerComment($id,$del=false)
179	{
180	$id = (integer) $id;
181
182	$strReq = 'SELECT post_id, comment_trackback '.
183	'FROM '.$this->prefix.'comment '.
184	'WHERE comment_id = '.$id.' ';
185
186	$rs = $this->con->select($strReq);
187
188	$post_id = $rs->post_id;
189	$tb = (boolean) $rs->comment_trackback;
190
191	$strReq = 'SELECT COUNT(post_id) '.
192	'FROM '.$this->prefix.'comment '.
193	'WHERE post_id = '.(integer) $post_id.' '.
194	'AND comment_trackback = '.(integer) $tb.' '.
195	'AND comment_status = 1 ';
196
197	if ($del) {
198	$strReq .= 'AND comment_id <> '.$id.' ';
199	}
200
201	$rs = $this->con->select($strReq);
202
203	$cur = $this->con->openCursor($this->prefix.'post');
204
205	if ($rs->isEmpty()) {
206	return;
207	}
208
209	if ($tb) {
210	$cur->nb_trackback = (integer) $rs->f(0);
211	} else {
212	$cur->nb_comment = (integer) $rs->f(0);
213	}
214
215	$cur->update('WHERE post_id = '.(integer) $post_id);
216	}
217	//@}
218
219	/// @name Categories management methods
220	//@{
221	public function categories()
222	{
223	if (!($this->categories instanceof dcCategories)) {
224	$this->categories = new dcCategories($this->core);
225	}
226
227	return $this->categories;
228	}
229
230	/**
231	Retrieves categories. <var>$params</var> is an associative array which can
232	take the following parameters:
233
234	- post_type: Get only entries with given type (default "post")
235	- cat_url: filter on cat_url field
236	- cat_id: filter on cat_id field
237	- start: start with a given category
238	- level: categories level to retrieve
239
240	@param params <b>array</b> Parameters
241	@return <b>record</b>
242	*/
243	public function getCategories($params=array())
244	{
245	$c_params = array();
246	if (isset($params['post_type'])) {
247	$c_params['post_type'] = $params['post_type'];
248	unset($params['post_type']);
249	}
250	$counter = $this->getCategoriesCounter($c_params);
251
252	$without_empty = $this->core->auth->userID() == false; # For public display
253
254	$start = isset($params['start']) ? (integer) $params['start'] : 0;
255	$l = isset($params['level']) ? (integer) $params['level'] : 0;
256
257	$rs = $this->categories()->getChildren($start,null,'desc');
258
259	# Get each categories total posts count
260	$data = array();
261	$stack = array();
262	$level = 0;
263	$cols = $rs->columns();
264	while ($rs->fetch())
265	{
266	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
267
268	if ($rs->level > $level) {
269	$nb_total = $nb_post;
270	$stack[$rs->level] = (integer) $nb_post;
271	} elseif ($rs->level == $level) {
272	$nb_total = $nb_post;
273	$stack[$rs->level] += $nb_post;
274	} else {
275	$nb_total = $stack[$rs->level+1] + $nb_post;
276	if (isset($stack[$rs->level])) {
277	$stack[$rs->level] += $nb_total;
278	} else {
279	$stack[$rs->level] = $nb_total;
280	}
281	unset($stack[$rs->level+1]);
282	}
283
284	if ($nb_total == 0 && $without_empty) {
285	continue;
286	}
287
288	$level = $rs->level;
289
290	$t = array();
291	foreach ($cols as $c) {
292	$t[$c] = $rs->f($c);
293	}
294	$t['nb_post'] = $nb_post;
295	$t['nb_total'] = $nb_total;
296
297	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
298	array_unshift($data,$t);
299	}
300	}
301
302	# We need to apply filter after counting
303	if (!empty($params['cat_id']))
304	{
305	$found = false;
306	foreach ($data as $v) {
307	if ($v['cat_id'] == $params['cat_id']) {
308	$found = true;
309	$data = array($v);
310	break;
311	}
312	}
313	if (!$found) {
314	$data = array();
315	}
316	}
317
318	if (!empty($params['cat_url']) && empty($params['cat_id']))
319	{
320	$found = false;
321	foreach ($data as $v) {
322	if ($v['cat_url'] == $params['cat_url']) {
323	$found = true;
324	$data = array($v);
325	break;
326	}
327	}
328	if (!$found) {
329	$data = array();
330	}
331	}
332
333	return staticRecord::newFromArray($data);
334	}
335
336	/**
337	Retrieves a category by its ID.
338
339	@param id <b>integer</b> Category ID
340	@return <b>record</b>
341	*/
342	public function getCategory($id)
343	{
344	return $this->getCategories(array('cat_id' => $id));
345	}
346
347	/**
348	Retrieves parents of a given category.
349
350	@param id <b>integer</b> Category ID
351	@return <b>record</b>
352	*/
353	public function getCategoryParents($id)
354	{
355	return $this->categories()->getParents($id);
356	}
357
358	/**
359	Retrieves first parent of a given category.
360
361	@param id <b>integer</b> Category ID
362	@return <b>record</b>
363	*/
364	public function getCategoryParent($id)
365	{
366	return $this->categories()->getParent($id);
367	}
368
369	/**
370	Retrieves all category's first children
371
372	@param id <b>integer</b> Category ID
373	@return <b>record</b>
374	*/
375	public function getCategoryFirstChildren($id)
376	{
377	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
378	}
379
380	private function getCategoriesCounter($params=array())
381	{
382	$strReq =
383	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
384	'FROM '.$this->prefix.'category AS C '.
385	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
386	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
387
388	if (!$this->core->auth->userID()) {
389	$strReq .= 'AND P.post_status = 1 ';
390	}
391
392	if (!empty($params['post_type'])) {
393	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
394	}
395
396	$strReq .= 'GROUP BY C.cat_id ';
397
398	$rs = $this->con->select($strReq);
399	$counters = array();
400	while ($rs->fetch()) {
401	$counters[$rs->cat_id] = $rs->nb_post;
402	}
403
404	return $counters;
405	}
406
407	/**
408	Creates a new category. Takes a cursor as input and returns the new category
409	ID.
410
411	@param cur <b>cursor</b> Category cursor
412	@return <b>integer</b> New category ID
413	*/
414	public function addCategory($cur,$parent=0)
415	{
416	if (!$this->core->auth->check('categories',$this->id)) {
417	throw new Exception(__('You are not allowed to add categories'));
418	}
419
420	$url = array();
421	if ($parent != 0)
422	{
423	$rs = $this->getCategory($parent);
424	if ($rs->isEmpty()) {
425	$url = array();
426	} else {
427	$url[] = $rs->cat_url;
428	}
429	}
430
431	if ($cur->cat_url == '') {
432	$url[] = text::tidyURL($cur->cat_title,false);
433	} else {
434	$url[] = $cur->cat_url;
435	}
436
437	$cur->cat_url = implode('/',$url);
438
439	$this->getCategoryCursor($cur);
440	$cur->blog_id = (string) $this->id;
441
442	# --BEHAVIOR-- coreBeforeCategoryCreate
443	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
444
445	$this->categories()->addNode($cur,$parent);
446
447	# --BEHAVIOR-- coreAfterCategoryCreate
448	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
449	$this->triggerBlog();
450
451	return $cur->cat_id;
452	}
453
454	/**
455	Updates an existing category.
456
457	@param id <b>integer</b> Category ID
458	@param cur <b>cursor</b> Category cursor
459	*/
460	public function updCategory($id,$cur)
461	{
462	if (!$this->core->auth->check('categories',$this->id)) {
463	throw new Exception(__('You are not allowed to update categories'));
464	}
465
466	if ($cur->cat_url == '')
467	{
468	$url = array();
469	$rs = $this->categories()->getParents($id);
470	while ($rs->fetch()) {
471	if ($rs->index() == $rs->count()-1) {
472	$url[] = $rs->cat_url;
473	}
474	}
475
476
477	$url[] = text::tidyURL($cur->cat_title,false);
478	$cur->cat_url = implode('/',$url);
479	}
480
481	$this->getCategoryCursor($cur,$id);
482
483	# --BEHAVIOR-- coreBeforeCategoryUpdate
484	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
485
486	$cur->update(
487	'WHERE cat_id = '.(integer) $id.' '.
488	"AND blog_id = '".$this->con->escape($this->id)."' ");
489
490	# --BEHAVIOR-- coreAfterCategoryUpdate
491	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
492
493	$this->triggerBlog();
494	}
495
496	/**
497	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
498	instead.
499
500	@param id <b>integer</b> Category ID
501	@param order <b>integer</b> Category position
502	*/
503	public function updCategoryOrder($id,$order)
504	{
505	return;
506	}
507
508	/**
509	Set a category parent
510
511	@param id <b>integer</b> Category ID
512	@param parent <b>integer</b> Parent Category ID
513	*/
514	public function setCategoryParent($id,$parent)
515	{
516	$this->categories()->setNodeParent($id,$parent);
517	$this->triggerBlog();
518	}
519
520	/**
521	Set category position
522
523	@param id <b>integer</b> Category ID
524	@param sibling <b>integer</b> Sibling Category ID
525	@param move <b>integer</b> Order (before\|after)
526	*/
527	public function setCategoryPosition($id,$sibling,$move)
528	{
529	$this->categories()->setNodePosition($id,$sibling,$move);
530	$this->triggerBlog();
531	}
532
533	/**
534	Deletes a category.
535
536	@param id <b>integer</b> Category ID
537	*/
538	public function delCategory($id)
539	{
540	if (!$this->core->auth->check('categories',$this->id)) {
541	throw new Exception(__('You are not allowed to delete categories'));
542	}
543
544	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
545	'FROM '.$this->prefix.'post '.
546	'WHERE cat_id = '.(integer) $id.' '.
547	"AND blog_id = '".$this->con->escape($this->id)."' ";
548
549	$rs = $this->con->select($strReq);
550
551	if ($rs->nb_post > 0) {
552	throw new Exception(__('This category is not empty.'));
553	}
554
555	$this->categories()->deleteNode($id,true);
556	$this->triggerBlog();
557	}
558
559	/**
560	Reset categories order and relocate them to first level
561	*/
562	public function resetCategoriesOrder()
563	{
564	if (!$this->core->auth->check('categories',$this->id)) {
565	throw new Exception(__('You are not allowed to delete categories'));
566	}
567
568	$this->categories()->resetOrder();
569	}
570
571	private function checkCategory($title,$url,$id=null)
572	{
573	$strReq = 'SELECT cat_id '.
574	'FROM '.$this->prefix.'category '.
575	"WHERE cat_url = '".$this->con->escape($url)."' ".
576	"AND blog_id = '".$this->con->escape($this->id)."' ";
577
578	if ($id !== null) {
579	$strReq .= 'AND cat_id <> '.(integer) $id.' ';
580	}
581
582	$rs = $this->con->select($strReq);
583
584	if (!$rs->isEmpty()) {
585	throw new Exception(__('Category URL must be unique.'));
586	}
587	}
588
589	private function getCategoryCursor($cur,$id=null)
590	{
591	if ($cur->cat_title == '') {
592	throw new Exception(__('You must provide a category title'));
593	}
594
595	# If we don't have any cat_url, let's do one
596	if ($cur->cat_url == '') {
597	$cur->cat_url = text::tidyURL($cur->cat_title,false);
598	}
599
600	# Still empty ?
601	if ($cur->cat_url == '') {
602	throw new Exception(__('You must provide a category URL'));
603	} else {
604	$cur->cat_url = text::tidyURL($cur->cat_url,true);
605	}
606
607	# Check if title or url are unique
608	$this->checkCategory($cur->cat_title,$cur->cat_url,$id);
609
610	if ($cur->cat_desc !== null) {
611	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
612	}
613	}
614	//@}
615
616	/// @name Entries management methods
617	//@{
618	/**
619	Retrieves entries. <b>$params</b> is an array taking the following
620	optionnal parameters:
621
622	- no_content: Don't retrieve entry content (excerpt and content)
623	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
624	- post_id: (integer) Get entry with given post_id
625	- post_url: Get entry with given post_url field
626	- user_id: (integer) Get entries belonging to given user ID
627	- cat_id: (string or array) Get entries belonging to given category ID
628	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
629	- cat_url: (string or array) Get entries belonging to given category URL
630	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
631	- post_status: (integer) Get entries with given post_status
632	- post_selected: (boolean) Get select flaged entries
633	- post_year: (integer) Get entries with given year
634	- post_month: (integer) Get entries with given month
635	- post_day: (integer) Get entries with given day
636	- post_lang: Get entries with given language code
637	- search: Get entries corresponding of the following search string
638	- columns: (array) More columns to retrieve
639	- sql: Append SQL string at the end of the query
640	- from: Append SQL string after "FROM" statement in query
641	- order: Order of results (default "ORDER BY post_dt DES")
642	- limit: Limit parameter
643
644	Please note that on every cat_id or cat_url, you can add ?not to exclude
645	the category and ?sub to get subcategories.
646
647	@param params <b>array</b> Parameters
648	@param count_only <b>boolean</b> Only counts results
649	@param sql_only <b>boolean</b> Only return SQL request
650	@return <b>record</b> A record with some more capabilities or the SQL request
651	*/
652	public function getPosts($params=array(),$count_only=false,$sql_only=false)
653	{
654	if ($count_only)
655	{
656	$strReq = 'SELECT count(P.post_id) ';
657	}
658	else
659	{
660	if (!empty($params['no_content'])) {
661	$content_req = '';
662	} else {
663	$content_req =
664	'post_excerpt, post_excerpt_xhtml, '.
665	'post_content, post_content_xhtml, post_notes, ';
666	}
667
668	if (!empty($params['columns']) && is_array($params['columns'])) {
669	$content_req .= implode(', ',$params['columns']).', ';
670	}
671
672	$strReq =
673	'SELECT P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
674	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
675	'post_url, post_lang, post_title, '.$content_req.
676	'post_type, post_meta, post_status, post_selected, post_position, '.
677	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
678	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
679	'U.user_url, '.
680	'C.cat_title, C.cat_url, C.cat_desc ';
681	}
682
683	$strReq .=
684	'FROM '.$this->prefix.'post P '.
685	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
686	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
687
688	if (!empty($params['from'])) {
689	$strReq .= $params['from'].' ';
690	}
691
692	$strReq .=
693	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
694
695	if (!$this->core->auth->check('contentadmin',$this->id)) {
696	$strReq .= 'AND ((post_status = 1 ';
697
698	if ($this->without_password) {
699	$strReq .= 'AND post_password IS NULL ';
700	}
701	$strReq .= ') ';
702
703	if ($this->core->auth->userID()) {
704	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
705	} else {
706	$strReq .= ') ';
707	}
708	}
709
710	#Adding parameters
711	if (isset($params['post_type']))
712	{
713	if (is_array($params['post_type']) && !empty($params['post_type'])) {
714	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
715	} elseif ($params['post_type'] != '') {
716	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
717	}
718	}
719	else
720	{
721	$strReq .= "AND post_type = 'post' ";
722	}
723
724	if (!empty($params['post_id'])) {
725	if (is_array($params['post_id'])) {
726	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
727	} else {
728	$params['post_id'] = array((integer) $params['post_id']);
729	}
730	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
731	}
732
733	if (!empty($params['post_url'])) {
734	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
735	}
736
737	if (!empty($params['user_id'])) {
738	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
739	}
740
741	if (!empty($params['cat_id']))
742	{
743	if (!is_array($params['cat_id'])) {
744	$params['cat_id'] = array($params['cat_id']);
745	}
746	if (!empty($params['cat_id_not'])) {
747	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
748	}
749	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
750	}
751	elseif (!empty($params['cat_url']))
752	{
753	if (!is_array($params['cat_url'])) {
754	$params['cat_url'] = array($params['cat_url']);
755	}
756	if (!empty($params['cat_url_not'])) {
757	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
758	}
759	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
760	}
761
762	/* Other filters */
763	if (isset($params['post_status'])) {
764	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
765	}
766
767	if (isset($params['post_selected'])) {
768	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
769	}
770
771	if (!empty($params['post_year'])) {
772	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
773	"'".sprintf('%04d',$params['post_year'])."' ";
774	}
775
776	if (!empty($params['post_month'])) {
777	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
778	"'".sprintf('%02d',$params['post_month'])."' ";
779	}
780
781	if (!empty($params['post_day'])) {
782	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
783	"'".sprintf('%02d',$params['post_day'])."' ";
784	}
785
786	if (!empty($params['post_lang'])) {
787	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
788	}
789
790	if (!empty($params['search']))
791	{
792	$words = text::splitWords($params['search']);
793
794	if (!empty($words))
795	{
796	# --BEHAVIOR-- corePostSearch
797	if ($this->core->hasBehavior('corePostSearch')) {
798	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
799	}
800
801	if ($words)
802	{
803	foreach ($words as $i => $w) {
804	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
805	}
806	$strReq .= 'AND '.implode(' AND ',$words).' ';
807	}
808	}
809	}
810
811	if (!empty($params['sql'])) {
812	$strReq .= $params['sql'].' ';
813	}
814
815	if (!$count_only)
816	{
817	if (!empty($params['order'])) {
818	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
819	} else {
820	$strReq .= 'ORDER BY post_dt DESC ';
821	}
822	}
823
824	if (!$count_only && !empty($params['limit'])) {
825	$strReq .= $this->con->limit($params['limit']);
826	}
827
828	if ($sql_only) {
829	return $strReq;
830	}
831
832	$rs = $this->con->select($strReq);
833	$rs->core = $this->core;
834	$rs->_nb_media = array();
835	$rs->extend('rsExtPost');
836
837	# --BEHAVIOR-- coreBlogGetPosts
838	$this->core->callBehavior('coreBlogGetPosts',$rs);
839
840	return $rs;
841	}
842
843	/**
844	Returns a record with post id, title and date for next or previous post
845	according to the post ID.
846	$dir could be 1 (next post) or -1 (previous post).
847
848	@param post_id <b>integer</b> Post ID
849	@param dir <b>integer</b> Search direction
850	@param restrict_to_category <b>boolean</b> Restrict to post with same category
851	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
852	@return record
853	*/
854	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
855	{
856	$dt = $post->post_dt;
857	$post_id = (integer) $post->post_id;
858
859	if($dir > 0) {
860	$sign = '>';
861	$order = 'ASC';
862	}
863	else {
864	$sign = '<';
865	$order = 'DESC';
866	}
867
868	$params['post_type'] = $post->post_type;
869	$params['limit'] = 1;
870	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
871	$params['sql'] =
872	'AND ( '.
873	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
874	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
875	') ';
876
877	if ($restrict_to_category) {
878	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
879	}
880
881	if ($restrict_to_lang) {
882	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
883	}
884
885	$rs = $this->getPosts($params);
886
887	if ($rs->isEmpty()) {
888	return null;
889	}
890
891	return $rs;
892	}
893
894	/**
895	Retrieves different languages and post count on blog, based on post_lang
896	field. <var>$params</var> is an array taking the following optionnal
897	parameters:
898
899	- post_type: Get only entries with given type (default "post", '' for no type)
900	- lang: retrieve post count for selected lang
901	- order: order statement (default post_lang DESC)
902
903	@param params <b>array</b> Parameters
904	@return record
905	*/
906	public function getLangs($params=array())
907	{
908	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
909	'FROM '.$this->prefix.'post '.
910	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
911	"AND post_lang <> '' ".
912	"AND post_lang IS NOT NULL ";
913
914	if (!$this->core->auth->check('contentadmin',$this->id)) {
915	$strReq .= 'AND ((post_status = 1 ';
916
917	if ($this->without_password) {
918	$strReq .= 'AND post_password IS NULL ';
919	}
920	$strReq .= ') ';
921
922	if ($this->core->auth->userID()) {
923	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
924	} else {
925	$strReq .= ') ';
926	}
927	}
928
929	if (isset($params['post_type'])) {
930	if ($params['post_type'] != '') {
931	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
932	}
933	} else {
934	$strReq .= "AND post_type = 'post' ";
935	}
936
937	if (isset($params['lang'])) {
938	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
939	}
940
941	$strReq .= 'GROUP BY post_lang ';
942
943	$order = 'desc';
944	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
945	$order = $params['order'];
946	}
947	$strReq .= 'ORDER BY post_lang '.$order.' ';
948
949	return $this->con->select($strReq);
950	}
951
952	/**
953	Returns a record with all distinct blog dates and post count.
954	<var>$params</var> is an array taking the following optionnal parameters:
955
956	- type: (day\|month\|year) Get days, months or years
957	- year: (integer) Get dates for given year
958	- month: (integer) Get dates for given month
959	- day: (integer) Get dates for given day
960	- cat_id: (integer) Category ID filter
961	- cat_url: Category URL filter
962	- post_lang: lang of the posts
963	- next: Get date following match
964	- previous: Get date before match
965	- order: Sort by date "ASC" or "DESC"
966
967	@param params <b>array</b> Parameters array
968	@return record
969	*/
970	public function getDates($params=array())
971	{
972	$dt_f = '%Y-%m-%d';
973	$dt_fc = '%Y%m%d';
974	if (isset($params['type'])) {
975	if ($params['type'] == 'year') {
976	$dt_f = '%Y-01-01';
977	$dt_fc = '%Y0101';
978	} elseif ($params['type'] == 'month') {
979	$dt_f = '%Y-%m-01';
980	$dt_fc = '%Y%m01';
981	}
982	}
983	$dt_f .= ' 00:00:00';
984	$dt_fc .= '000000';
985
986	$cat_field = $catReq = $limit = '';
987
988	if (!empty($params['cat_id'])) {
989	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
990	$cat_field = ', C.cat_url ';
991	} elseif (!empty($params['cat_url'])) {
992	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
993	$cat_field = ', C.cat_url ';
994	}
995	if (!empty($params['post_lang'])) {
996	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
997	}
998
999	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1000	$cat_field.
1001	',COUNT(P.post_id) AS nb_post '.
1002	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1003	'ON P.cat_id = C.cat_id '.
1004	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1005	$catReq;
1006
1007	if (!$this->core->auth->check('contentadmin',$this->id)) {
1008	$strReq .= 'AND ((post_status = 1 ';
1009
1010	if ($this->without_password) {
1011	$strReq .= 'AND post_password IS NULL ';
1012	}
1013	$strReq .= ') ';
1014
1015	if ($this->core->auth->userID()) {
1016	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1017	} else {
1018	$strReq .= ') ';
1019	}
1020	}
1021
1022	if (!empty($params['post_type'])) {
1023	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1024	} else {
1025	$strReq .= "AND post_type = 'post' ";
1026	}
1027
1028	if (!empty($params['year'])) {
1029	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1030	}
1031
1032	if (!empty($params['month'])) {
1033	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1034	}
1035
1036	if (!empty($params['day'])) {
1037	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1038	}
1039
1040	# Get next or previous date
1041	if (!empty($params['next']) \|\| !empty($params['previous']))
1042	{
1043	if (!empty($params['next'])) {
1044	$pdir = ' > ';
1045	$params['order'] = 'asc';
1046	$dt = $params['next'];
1047	} else {
1048	$pdir = ' < ';
1049	$params['order'] = 'desc';
1050	$dt = $params['previous'];
1051	}
1052
1053	$dt = date('YmdHis',strtotime($dt));
1054
1055	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1056	$limit = $this->con->limit(1);
1057	}
1058
1059	$strReq .= 'GROUP BY dt '.$cat_field;
1060
1061	$order = 'desc';
1062	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1063	$order = $params['order'];
1064	}
1065
1066	$strReq .=
1067	'ORDER BY dt '.$order.' '.
1068	$limit;
1069
1070	$rs = $this->con->select($strReq);
1071	$rs->extend('rsExtDates');
1072	return $rs;
1073	}
1074
1075	/**
1076	Creates a new entry. Takes a cursor as input and returns the new entry
1077	ID.
1078
1079	@param cur <b>cursor</b> Post cursor
1080	@return <b>integer</b> New post ID
1081	*/
1082	public function addPost($cur)
1083	{
1084	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1085	throw new Exception(__('You are not allowed to create an entry'));
1086	}
1087
1088	$this->con->writeLock($this->prefix.'post');
1089	try
1090	{
1091	# Get ID
1092	$rs = $this->con->select(
1093	'SELECT MAX(post_id) '.
1094	'FROM '.$this->prefix.'post '
1095	);
1096
1097	$cur->post_id = (integer) $rs->f(0) + 1;
1098	$cur->blog_id = (string) $this->id;
1099	$cur->post_creadt = date('Y-m-d H:i:s');
1100	$cur->post_upddt = date('Y-m-d H:i:s');
1101	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1102
1103	# Post excerpt and content
1104	$this->getPostContent($cur,$cur->post_id);
1105
1106	$this->getPostCursor($cur);
1107
1108	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1109
1110	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1111	$cur->post_status = -2;
1112	}
1113
1114	# --BEHAVIOR-- coreBeforePostCreate
1115	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1116
1117	$cur->insert();
1118	$this->con->unlock();
1119	}
1120	catch (Exception $e)
1121	{
1122	$this->con->unlock();
1123	throw $e;
1124	}
1125
1126	# --BEHAVIOR-- coreAfterPostCreate
1127	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1128
1129	$this->triggerBlog();
1130
1131	return $cur->post_id;
1132	}
1133
1134	/**
1135	Updates an existing post.
1136
1137	@param id <b>integer</b> Post ID
1138	@param cur <b>cursor</b> Post cursor
1139	*/
1140	public function updPost($id,$cur)
1141	{
1142	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1143	throw new Exception(__('You are not allowed to update entries'));
1144	}
1145
1146	$id = (integer) $id;
1147
1148	if (empty($id)) {
1149	throw new Exception(__('No such entry ID'));
1150	}
1151
1152	# Post excerpt and content
1153	$this->getPostContent($cur,$id);
1154
1155	$this->getPostCursor($cur);
1156
1157	if ($cur->post_url !== null) {
1158	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1159	}
1160
1161	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1162	$cur->unsetField('post_status');
1163	}
1164
1165	$cur->post_upddt = date('Y-m-d H:i:s');
1166
1167	#�If user is only "usage", we need to check the post's owner
1168	if (!$this->core->auth->check('contentadmin',$this->id))
1169	{
1170	$strReq = 'SELECT post_id '.
1171	'FROM '.$this->prefix.'post '.
1172	'WHERE post_id = '.$id.' '.
1173	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1174
1175	$rs = $this->con->select($strReq);
1176
1177	if ($rs->isEmpty()) {
1178	throw new Exception(__('You are not allowed to edit this entry'));
1179	}
1180	}
1181
1182	# --BEHAVIOR-- coreBeforePostUpdate
1183	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1184
1185	$cur->update('WHERE post_id = '.$id.' ');
1186
1187	# --BEHAVIOR-- coreAfterPostUpdate
1188	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1189
1190	$this->triggerBlog();
1191	}
1192
1193	/**
1194	Updates post status.
1195
1196	@param id <b>integer</b> Post ID
1197	@param status <b>integer</b> Post status
1198	*/
1199	public function updPostStatus($id,$status)
1200	{
1201	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1202	throw new Exception(__('You are not allowed to change this entry status'));
1203	}
1204
1205	$id = (integer) $id;
1206	$status = (integer) $status;
1207
1208	#If user can only publish, we need to check the post's owner
1209	if (!$this->core->auth->check('contentadmin',$this->id))
1210	{
1211	$strReq = 'SELECT post_id '.
1212	'FROM '.$this->prefix.'post '.
1213	'WHERE post_id = '.$id.' '.
1214	"AND blog_id = '".$this->con->escape($this->id)."' ".
1215	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1216
1217	$rs = $this->con->select($strReq);
1218
1219	if ($rs->isEmpty()) {
1220	throw new Exception(__('You are not allowed to change this entry status'));
1221	}
1222	}
1223
1224	$cur = $this->con->openCursor($this->prefix.'post');
1225
1226	$cur->post_status = $status;
1227	$cur->post_upddt = date('Y-m-d H:i:s');
1228
1229	$cur->update(
1230	'WHERE post_id = '.$id.' '.
1231	"AND blog_id = '".$this->con->escape($this->id)."' "
1232	);
1233	$this->triggerBlog();
1234	}
1235
1236	public function updPostSelected($id,$selected)
1237	{
1238	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1239	throw new Exception(__('You are not allowed to change this entry category'));
1240	}
1241
1242	$id = (integer) $id;
1243	$selected = (boolean) $selected;
1244
1245	# If user is only usage, we need to check the post's owner
1246	if (!$this->core->auth->check('contentadmin',$this->id))
1247	{
1248	$strReq = 'SELECT post_id '.
1249	'FROM '.$this->prefix.'post '.
1250	'WHERE post_id = '.$id.' '.
1251	"AND blog_id = '".$this->con->escape($this->id)."' ".
1252	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1253
1254	$rs = $this->con->select($strReq);
1255
1256	if ($rs->isEmpty()) {
1257	throw new Exception(__('You are not allowed to mark this entry as selected'));
1258	}
1259	}
1260
1261	$cur = $this->con->openCursor($this->prefix.'post');
1262
1263	$cur->post_selected = (integer) $selected;
1264	$cur->post_upddt = date('Y-m-d H:i:s');
1265
1266	$cur->update(
1267	'WHERE post_id = '.$id.' '.
1268	"AND blog_id = '".$this->con->escape($this->id)."' "
1269	);
1270	$this->triggerBlog();
1271	}
1272
1273	/**
1274	Updates post category. <var>$cat_id</var> can be null.
1275
1276	@param id <b>integer</b> Post ID
1277	@param cat_id <b>integer</b> Category ID
1278	*/
1279	public function updPostCategory($id,$cat_id)
1280	{
1281	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1282	throw new Exception(__('You are not allowed to change this entry category'));
1283	}
1284
1285	$id = (integer) $id;
1286	$cat_id = (integer) $cat_id;
1287
1288	# If user is only usage, we need to check the post's owner
1289	if (!$this->core->auth->check('contentadmin',$this->id))
1290	{
1291	$strReq = 'SELECT post_id '.
1292	'FROM '.$this->prefix.'post '.
1293	'WHERE post_id = '.$id.' '.
1294	"AND blog_id = '".$this->con->escape($this->id)."' ".
1295	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1296
1297	$rs = $this->con->select($strReq);
1298
1299	if ($rs->isEmpty()) {
1300	throw new Exception(__('You are not allowed to change this entry category'));
1301	}
1302	}
1303
1304	$cur = $this->con->openCursor($this->prefix.'post');
1305
1306	$cur->cat_id = ($cat_id ? $cat_id : null);
1307	$cur->post_upddt = date('Y-m-d H:i:s');
1308
1309	$cur->update(
1310	'WHERE post_id = '.$id.' '.
1311	"AND blog_id = '".$this->con->escape($this->id)."' "
1312	);
1313	$this->triggerBlog();
1314	}
1315
1316	/**
1317	Deletes a post.
1318
1319	@param id <b>integer</b> Post ID
1320	*/
1321	public function delPost($id)
1322	{
1323	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1324	throw new Exception(__('You are not allowed to delete entries'));
1325	}
1326
1327	$id = (integer) $id;
1328
1329	if (empty($id)) {
1330	throw new Exception(__('No such entry ID'));
1331	}
1332
1333	#If user can only delete, we need to check the post's owner
1334	if (!$this->core->auth->check('contentadmin',$this->id))
1335	{
1336	$strReq = 'SELECT post_id '.
1337	'FROM '.$this->prefix.'post '.
1338	'WHERE post_id = '.$id.' '.
1339	"AND blog_id = '".$this->con->escape($this->id)."' ".
1340	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1341
1342	$rs = $this->con->select($strReq);
1343
1344	if ($rs->isEmpty()) {
1345	throw new Exception(__('You are not allowed to delete this entry'));
1346	}
1347	}
1348
1349
1350	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1351	'WHERE post_id = '.$id.' '.
1352	"AND blog_id = '".$this->con->escape($this->id)."' ";
1353
1354	$this->con->execute($strReq);
1355	$this->triggerBlog();
1356	}
1357
1358	/**
1359	Publishes all entries flaged as "scheduled".
1360	*/
1361	public function publishScheduledEntries()
1362	{
1363	$strReq = 'SELECT post_id, post_dt, post_tz '.
1364	'FROM '.$this->prefix.'post '.
1365	'WHERE post_status = -1 '.
1366	"AND blog_id = '".$this->con->escape($this->id)."' ";
1367
1368	$rs = $this->con->select($strReq);
1369
1370	$now = dt::toUTC(time());
1371	$to_change = array();
1372
1373	if ($rs->isEmpty()) {
1374	return;
1375	}
1376
1377	while ($rs->fetch())
1378	{
1379	# Now timestamp with post timezone
1380	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1381
1382	# Post timestamp
1383	$post_ts = strtotime($rs->post_dt);
1384
1385	# If now_tz >= post_ts, we publish the entry
1386	if ($now_tz >= $post_ts) {
1387	$to_change[] = (integer) $rs->post_id;
1388	}
1389	}
1390
1391	if (!empty($to_change))
1392	{
1393	$strReq =
1394	'UPDATE '.$this->prefix.'post SET '.
1395	'post_status = 1 '.
1396	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1397	'AND post_id '.$this->con->in($to_change).' ';
1398
1399	$this->con->execute($strReq);
1400	$this->triggerBlog();
1401	}
1402	}
1403
1404	/**
1405	Retrieves all users having posts on current blog.
1406
1407	@param post_type <b>string</b> post_type filter (post)
1408	@return record
1409	*/
1410	public function getPostsUsers($post_type='post')
1411	{
1412	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1413	'user_displayname, user_email '.
1414	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1415	'WHERE P.user_id = U.user_id '.
1416	"AND blog_id = '".$this->con->escape($this->id)."' ";
1417
1418	if ($post_type) {
1419	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1420	}
1421
1422	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1423
1424	return $this->con->select($strReq);
1425	}
1426
1427	private function getPostsCategoryFilter($arr,$field='cat_id')
1428	{
1429	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1430
1431	$sub = array();
1432	$not = array();
1433	$queries = array();
1434
1435	foreach ($arr as $v)
1436	{
1437	$v = trim($v);
1438	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1439	$id = array_shift($args);
1440	$args = array_flip($args);
1441
1442	if (isset($args['not'])) { $not[$id] = 1; }
1443	if (isset($args['sub'])) { $sub[$id] = 1; }
1444	if ($field == 'cat_id') {
1445	if (preg_match('/^null$/i',$id)) {
1446	$queries[$id] = 'P.cat_id IS NULL';
1447	}
1448	else {
1449	$queries[$id] = 'P.cat_id = '.(integer) $id;
1450	}
1451	} else {
1452	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1453	}
1454	}
1455
1456	if (!empty($sub)) {
1457	$rs = $this->con->select(
1458	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1459	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1460	'AND '.$field.' '.$this->con->in(array_keys($sub))
1461	);
1462
1463	while ($rs->fetch()) {
1464	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1465	}
1466	}
1467
1468	# Create queries
1469	$sql = array(
1470	0 => array(), # wanted categories
1471	1 => array() # excluded categories
1472	);
1473
1474	foreach ($queries as $id => $q) {
1475	$sql[(integer) isset($not[$id])][] = $q;
1476	}
1477
1478	$sql[0] = implode(' OR ',$sql[0]);
1479	$sql[1] = implode(' OR ',$sql[1]);
1480
1481	if ($sql[0]) {
1482	$sql[0] = '('.$sql[0].')';
1483	} else {
1484	unset($sql[0]);
1485	}
1486
1487	if ($sql[1]) {
1488	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1489	} else {
1490	unset($sql[1]);
1491	}
1492
1493	return implode(' AND ',$sql);
1494	}
1495
1496	private function getPostCursor($cur,$post_id=null)
1497	{
1498	if ($cur->post_title == '') {
1499	throw new Exception(__('No entry title'));
1500	}
1501
1502	if ($cur->post_content == '') {
1503	throw new Exception(__('No entry content'));
1504	}
1505
1506	if ($cur->post_password === '') {
1507	$cur->post_password = null;
1508	}
1509
1510	if ($cur->post_dt == '') {
1511	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1512	$now = time() + $offset;
1513	$cur->post_dt = date('Y-m-d H:i:00',$now);
1514	}
1515
1516	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1517
1518	if ($cur->post_content_xhtml == '') {
1519	throw new Exception(__('No entry content'));
1520	}
1521
1522	# Words list
1523	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1524	&& $cur->post_content_xhtml !== null)
1525	{
1526	$words =
1527	$cur->post_title.' '.
1528	$cur->post_excerpt_xhtml.' '.
1529	$cur->post_content_xhtml;
1530
1531	$cur->post_words = implode(' ',text::splitWords($words));
1532	}
1533	}
1534
1535	private function getPostContent($cur,$post_id)
1536	{
1537	$post_excerpt = $cur->post_excerpt;
1538	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1539	$post_content = $cur->post_content;
1540	$post_content_xhtml = $cur->post_content_xhtml;
1541
1542	$this->setPostContent(
1543	$post_id,$cur->post_format,$cur->post_lang,
1544	$post_excerpt,$post_excerpt_xhtml,
1545	$post_content,$post_content_xhtml
1546	);
1547
1548	$cur->post_excerpt = $post_excerpt;
1549	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1550	$cur->post_content = $post_content;
1551	$cur->post_content_xhtml = $post_content_xhtml;
1552	}
1553
1554	/**
1555	Creates post HTML content, taking format and lang into account.
1556
1557	@param post_id <b>integer</b> Post ID
1558	@param format <b>string</b> Post format
1559	@param lang <b>string</b> Post lang
1560	@param excerpt <b>string</b> Post excerpt
1561	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1562	@param content <b>string</b> Post content
1563	@param[out] content_xhtml <b>string</b> Post content HTML
1564	*/
1565	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1566	{
1567	if ($format == 'wiki')
1568	{
1569	$this->core->initWikiPost();
1570	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1571	if (strpos($lang,'fr') === 0) {
1572	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1573	}
1574	}
1575
1576	if ($excerpt) {
1577	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1578	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1579	} else {
1580	$excerpt_xhtml = '';
1581	}
1582
1583	if ($content) {
1584	$content_xhtml = $this->core->callFormater($format,$content);
1585	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1586	} else {
1587	$content_xhtml = '';
1588	}
1589
1590	# --BEHAVIOR-- coreAfterPostContentFormat
1591	$this->core->callBehavior('coreAfterPostContentFormat',array(
1592	'excerpt' => &$excerpt,
1593	'content' => &$content,
1594	'excerpt_xhtml' => &$excerpt_xhtml,
1595	'content_xhtml' => &$content_xhtml
1596	));
1597	}
1598
1599	/**
1600	Returns URL for a post according to blog setting <var>post_url_format</var>.
1601	It will try to guess URL and append some figures if needed.
1602
1603	@param url <b>string</b> Origin URL, could be empty
1604	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1605	@param post_title <b>string</b> Post title
1606	@param post_id <b>integer</b> Post ID
1607	@return <b>string</b> result URL
1608	*/
1609	public function getPostURL($url,$post_dt,$post_title,$post_id)
1610	{
1611	$url = trim($url);
1612
1613	$url_patterns = array(
1614	'{y}' => date('Y',strtotime($post_dt)),
1615	'{m}' => date('m',strtotime($post_dt)),
1616	'{d}' => date('d',strtotime($post_dt)),
1617	'{t}' => text::tidyURL($post_title),
1618	'{id}' => (integer) $post_id
1619	);
1620
1621	# If URL is empty, we create a new one
1622	if ($url == '')
1623	{
1624	# Transform with format
1625	$url = str_replace(
1626	array_keys($url_patterns),
1627	array_values($url_patterns),
1628	$this->settings->system->post_url_format
1629	);
1630	}
1631	else
1632	{
1633	$url = text::tidyURL($url);
1634	}
1635
1636	# Let's check if URL is taken...
1637	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1638	"WHERE post_url = '".$this->con->escape($url)."' ".
1639	'AND post_id <> '.(integer) $post_id. ' '.
1640	"AND blog_id = '".$this->con->escape($this->id)."' ".
1641	'ORDER BY post_url DESC';
1642
1643	$rs = $this->con->select($strReq);
1644
1645	if (!$rs->isEmpty())
1646	{
1647	if ($this->con->driver() == 'mysql') {
1648	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1649	} elseif ($this->con->driver() == 'pgsql') {
1650	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1651	} else {
1652	$clause = "LIKE '".$this->con->escape($url)."%'";
1653	}
1654	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1655	"WHERE post_url ".$clause.' '.
1656	'AND post_id <> '.(integer) $post_id.' '.
1657	"AND blog_id = '".$this->con->escape($this->id)."' ".
1658	'ORDER BY post_url DESC ';
1659
1660	$rs = $this->con->select($strReq);
1661	$a = array();
1662	while ($rs->fetch()) {
1663	$a[] = $rs->post_url;
1664	}
1665
1666	natsort($a);
1667	$t_url = end($a);
1668
1669	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1670	$i = (integer) $m[2];
1671	$url = $m[1];
1672	} else {
1673	$i = 1;
1674	}
1675
1676	return $url.($i+1);
1677	}
1678
1679	# URL is empty?
1680	if ($url == '') {
1681	throw new Exception(__('Empty entry URL'));
1682	}
1683
1684	return $url;
1685	}
1686	//@}
1687
1688	/// @name Comments management methods
1689	//@{
1690	/**
1691	Retrieves comments. <b>$params</b> is an array taking the following
1692	optionnal parameters:
1693
1694	- no_content: Don't retrieve comment content
1695	- post_type: Get only entries with given type (default no type, array for many types)
1696	- post_id: (integer) Get comments belonging to given post_id
1697	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1698	- comment_id: (integer) Get comment with given ID
1699	- comment_status: (integer) Get comments with given comment_status
1700	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1701	- comment_ip: (string) Get comments with given IP address
1702	- post_url: Get entry with given post_url field
1703	- user_id: (integer) Get entries belonging to given user ID
1704	- q_author: Search comments by author
1705	- sql: Append SQL string at the end of the query
1706	- from: Append SQL string after "FROM" statement in query
1707	- order: Order of results (default "ORDER BY comment_dt DES")
1708	- limit: Limit parameter
1709
1710	@param params <b>array</b> Parameters
1711	@param count_only <b>boolean</b> Only counts results
1712	@return <b>record</b> A record with some more capabilities
1713	*/
1714	public function getComments($params=array(),$count_only=false)
1715	{
1716	if ($count_only)
1717	{
1718	$strReq = 'SELECT count(comment_id) ';
1719	}
1720	else
1721	{
1722	if (!empty($params['no_content'])) {
1723	$content_req = '';
1724	} else {
1725	$content_req = 'comment_content, ';
1726	}
1727
1728	if (!empty($params['columns']) && is_array($params['columns'])) {
1729	$content_req .= implode(', ',$params['columns']).', ';
1730	}
1731
1732	$strReq =
1733	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1734	'comment_author, comment_email, comment_site, '.
1735	$content_req.' comment_trackback, comment_status, '.
1736	'comment_spam_status, comment_spam_filter, comment_ip, '.
1737	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1738	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1739	}
1740
1741	$strReq .=
1742	'FROM '.$this->prefix.'comment C '.
1743	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1744	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1745
1746	if (!empty($params['from'])) {
1747	$strReq .= $params['from'].' ';
1748	}
1749
1750	$strReq .=
1751	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1752
1753	if (!$this->core->auth->check('contentadmin',$this->id)) {
1754	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1755
1756	if ($this->without_password) {
1757	$strReq .= 'AND post_password IS NULL ';
1758	}
1759	$strReq .= ') ';
1760
1761	if ($this->core->auth->userID()) {
1762	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1763	} else {
1764	$strReq .= ') ';
1765	}
1766	}
1767
1768	if (!empty($params['post_type']))
1769	{
1770	if (is_array($params['post_type']) && !empty($params['post_type'])) {
1771	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1772	} else {
1773	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1774	}
1775	}
1776
1777	if (!empty($params['post_id'])) {
1778	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1779	}
1780
1781	if (!empty($params['cat_id'])) {
1782	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1783	}
1784
1785	if (!empty($params['comment_id'])) {
1786	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
1787	}
1788
1789	if (isset($params['comment_status'])) {
1790	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
1791	}
1792
1793	if (!empty($params['comment_status_not']))
1794	{
1795	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
1796	}
1797
1798	if (isset($params['comment_trackback'])) {
1799	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
1800	}
1801
1802	if (isset($params['comment_ip'])) {
1803	$strReq .= "AND comment_ip = '".$this->con->escape($params['comment_ip'])."' ";
1804	}
1805
1806	if (isset($params['q_author'])) {
1807	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
1808	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
1809	}
1810
1811	if (!empty($params['search']))
1812	{
1813	$words = text::splitWords($params['search']);
1814
1815	if (!empty($words))
1816	{
1817	# --BEHAVIOR coreCommentSearch
1818	if ($this->core->hasBehavior('coreCommentSearch')) {
1819	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
1820	}
1821
1822	if ($words)
1823	{
1824	foreach ($words as $i => $w) {
1825	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
1826	}
1827	$strReq .= 'AND '.implode(' AND ',$words).' ';
1828	}
1829	}
1830	}
1831
1832	if (!empty($params['sql'])) {
1833	$strReq .= $params['sql'].' ';
1834	}
1835
1836	if (!$count_only)
1837	{
1838	if (!empty($params['order'])) {
1839	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
1840	} else {
1841	$strReq .= 'ORDER BY comment_dt DESC ';
1842	}
1843	}
1844
1845	if (!$count_only && !empty($params['limit'])) {
1846	$strReq .= $this->con->limit($params['limit']);
1847	}
1848
1849	$rs = $this->con->select($strReq);
1850	$rs->core = $this->core;
1851	$rs->extend('rsExtComment');
1852
1853	# --BEHAVIOR-- coreBlogGetComments
1854	$this->core->callBehavior('coreBlogGetComments',$rs);
1855
1856	return $rs;
1857	}
1858
1859	/**
1860	Creates a new comment. Takes a cursor as input and returns the new comment
1861	ID.
1862
1863	@param cur <b>cursor</b> Comment cursor
1864	@return <b>integer</b> New comment ID
1865	*/
1866	public function addComment($cur)
1867	{
1868	$this->con->writeLock($this->prefix.'comment');
1869	try
1870	{
1871	# Get ID
1872	$rs = $this->con->select(
1873	'SELECT MAX(comment_id) '.
1874	'FROM '.$this->prefix.'comment '
1875	);
1876
1877	$cur->comment_id = (integer) $rs->f(0) + 1;
1878	$cur->comment_upddt = date('Y-m-d H:i:s');
1879
1880	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
1881	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
1882	$cur->comment_tz = $this->settings->system->blog_timezone;
1883
1884	$this->getCommentCursor($cur);
1885
1886	if ($cur->comment_ip === null) {
1887	$cur->comment_ip = http::realIP();
1888	}
1889
1890	# --BEHAVIOR-- coreBeforeCommentCreate
1891	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
1892
1893	$cur->insert();
1894	$this->con->unlock();
1895	}
1896	catch (Exception $e)
1897	{
1898	$this->con->unlock();
1899	throw $e;
1900	}
1901
1902	# --BEHAVIOR-- coreAfterCommentCreate
1903	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
1904
1905	$this->triggerComment($cur->comment_id);
1906	if ($cur->comment_status != -2) {
1907	$this->triggerBlog();
1908	}
1909	return $cur->comment_id;
1910	}
1911
1912	/**
1913	Updates an existing comment.
1914
1915	@param id <b>integer</b> Comment ID
1916	@param cur <b>cursor</b> Comment cursor
1917	*/
1918	public function updComment($id,$cur)
1919	{
1920	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1921	throw new Exception(__('You are not allowed to update comments'));
1922	}
1923
1924	$id = (integer) $id;
1925
1926	if (empty($id)) {
1927	throw new Exception(__('No such comment ID'));
1928	}
1929
1930	$rs = $this->getComments(array('comment_id' => $id));
1931
1932	if ($rs->isEmpty()) {
1933	throw new Exception(__('No such comment ID'));
1934	}
1935
1936	#If user is only usage, we need to check the post's owner
1937	if (!$this->core->auth->check('contentadmin',$this->id))
1938	{
1939	if ($rs->user_id != $this->core->auth->userID()) {
1940	throw new Exception(__('You are not allowed to update this comment'));
1941	}
1942	}
1943
1944	$this->getCommentCursor($cur);
1945
1946	$cur->comment_upddt = date('Y-m-d H:i:s');
1947
1948	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1949	$cur->unsetField('comment_status');
1950	}
1951
1952	# --BEHAVIOR-- coreBeforeCommentUpdate
1953	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
1954
1955	$cur->update('WHERE comment_id = '.$id.' ');
1956
1957	# --BEHAVIOR-- coreAfterCommentUpdate
1958	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
1959
1960	$this->triggerComment($id);
1961	$this->triggerBlog();
1962	}
1963
1964	/**
1965	Updates comment status.
1966
1967	@param id <b>integer</b> Comment ID
1968	@param status <b>integer</b> Comment status
1969	*/
1970	public function updCommentStatus($id,$status)
1971	{
1972	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1973	throw new Exception(__("You are not allowed to change this comment's status"));
1974	}
1975
1976	$cur = $this->con->openCursor($this->prefix.'comment');
1977	$cur->comment_status = (integer) $status;
1978	$this->updComment($id,$cur);
1979	}
1980
1981	/**
1982	Delete a comment
1983
1984	@param id <b>integer</b> Comment ID
1985	*/
1986	public function delComment($id)
1987	{
1988	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1989	throw new Exception(__('You are not allowed to delete comments'));
1990	}
1991
1992	$id = (integer) $id;
1993
1994	if (empty($id)) {
1995	throw new Exception(__('No such comment ID'));
1996	}
1997
1998	#If user can only delete, we need to check the post's owner
1999	if (!$this->core->auth->check('contentadmin',$this->id))
2000	{
2001	$strReq = 'SELECT P.post_id '.
2002	'FROM '.$this->prefix.'post P, '.$this->prefix.'comment C '.
2003	'WHERE P.post_id = C.post_id '.
2004	"AND P.blog_id = '".$this->con->escape($this->id)."' ".
2005	'AND comment_id = '.$id.' '.
2006	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2007
2008	$rs = $this->con->select($strReq);
2009
2010	if ($rs->isEmpty()) {
2011	throw new Exception(__('You are not allowed to delete this comment'));
2012	}
2013	}
2014
2015	$strReq = 'DELETE FROM '.$this->prefix.'comment '.
2016	'WHERE comment_id = '.$id.' ';
2017
2018	$this->triggerComment($id,true);
2019	$this->con->execute($strReq);
2020	$this->triggerBlog();
2021	}
2022
2023	private function getCommentCursor($cur)
2024	{
2025	if ($cur->comment_content !== null && $cur->comment_content == '') {
2026	throw new Exception(__('You must provide a comment'));
2027	}
2028
2029	if ($cur->comment_author !== null && $cur->comment_author == '') {
2030	throw new Exception(__('You must provide an author name'));
2031	}
2032
2033	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2034	throw new Exception(__('Email address is not valid.'));
2035	}
2036
2037	if ($cur->comment_site !== null && $cur->comment_site != '') {
2038	if (!preg_match('\|^http(s?)://\|',$cur->comment_site)) {
2039	$cur->comment_site = 'http://'.$cur->comment_site;
2040	}
2041	}
2042
2043	if ($cur->comment_status === null) {
2044	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2045	}
2046
2047	# Words list
2048	if ($cur->comment_content !== null)
2049	{
2050	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2051	}
2052	}
2053	//@}
2054	}
2055	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 191:67cb37c57a91

Download in other formats:

Sites map