class.dc.blog.php @ 2316:f8620977a163

Visit:

Revision 2316:f8620977a163, 63.6 KB checked in by franck <carnet.franck.paul@…>, 12 years ago (diff)
Revamp query for PostgreSQL in order to use DISTNICT ON rather than GROUP BY, in getPosts(), addresses #989

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_RC_PATH')) { return; }
13
14	/**
15	@ingroup DC_CORE
16	@nosubgrouping
17	@brief Dotclear blog class.
18
19	Dotclear blog class instance is provided by dcCore $blog property.
20	*/
21	class dcBlog
22	{
23	/** @var dcCore dcCore instance */
24	protected $core;
25	/** @var connection Database connection object */
26	public $con;
27	/** @var string Database table prefix */
28	public $prefix;
29
30	/** @var string Blog ID */
31	public $id;
32	/** @var string Blog unique ID */
33	public $uid;
34	/** @var string Blog name */
35	public $name;
36	/** @var string Blog description */
37	public $desc;
38	/** @var string Blog URL */
39	public $url;
40	/** @var string Blog host */
41	public $host;
42	/** @var string Blog creation date */
43	public $creadt;
44	/** @var string Blog last update date */
45	public $upddt;
46	/** @var string Blog status */
47	public $status;
48
49	/** @var dcSettings dcSettings object */
50	public $settings;
51	/** @var string Blog theme path */
52	public $themes_path;
53	/** @var string Blog public path */
54	public $public_path;
55
56	private $post_status = array();
57	private $comment_status = array();
58
59	private $categories;
60
61	/** @var boolean Disallow entries password protection */
62	public $without_password = true;
63
64	/**
65	Inits dcBlog object
66
67	@param core <b>dcCore</b> Dotclear core reference
68	@param id <b>string</b> Blog ID
69	*/
70	public function __construct($core, $id)
71	{
72	$this->con =& $core->con;
73	$this->prefix = $core->prefix;
74	$this->core =& $core;
75
76	if (($b = $this->core->getBlog($id)) !== false)
77	{
78	$this->id = $id;
79	$this->uid = $b->blog_uid;
80	$this->name = $b->blog_name;
81	$this->desc = $b->blog_desc;
82	$this->url = $b->blog_url;
83	$this->host = http::getHostFromURL($this->url);
84	$this->creadt = strtotime($b->blog_creadt);
85	$this->upddt = strtotime($b->blog_upddt);
86	$this->status = $b->blog_status;
87
88	$this->settings = new dcSettings($this->core,$this->id);
89
90	$this->themes_path = path::fullFromRoot($this->settings->system->themes_path,DC_ROOT);
91	$this->public_path = path::fullFromRoot($this->settings->system->public_path,DC_ROOT);
92
93	$this->post_status['-2'] = __('Pending');
94	$this->post_status['-1'] = __('Scheduled');
95	$this->post_status['0'] = __('Unpublished');
96	$this->post_status['1'] = __('Published');
97
98	$this->comment_status['-2'] = __('Junk');
99	$this->comment_status['-1'] = __('Pending');
100	$this->comment_status['0'] = __('Unpublished');
101	$this->comment_status['1'] = __('Published');
102
103	# --BEHAVIOR-- coreBlogConstruct
104	$this->core->callBehavior('coreBlogConstruct',$this);
105	}
106	}
107
108	/// @name Common public methods
109	//@{
110	/**
111	Returns blog URL ending with a question mark.
112	*/
113	public function getQmarkURL()
114	{
115	if (substr($this->url,-1) != '?') {
116	return $this->url.'?';
117	}
118
119	return $this->url;
120	}
121
122	/**
123	Returns an entry status name given to a code. Status are translated, never
124	use it for tests. If status code does not exist, returns <i>unpublished</i>.
125
126	@param s <b>integer</b> Status code
127	@return <b>string</b> Blog status name
128	*/
129	public function getPostStatus($s)
130	{
131	if (isset($this->post_status[$s])) {
132	return $this->post_status[$s];
133	}
134	return $this->post_status['0'];
135	}
136
137	/**
138	Returns an array of available entry status codes and names.
139
140	@return <b>array</b> Simple array with codes in keys and names in value
141	*/
142	public function getAllPostStatus()
143	{
144	return $this->post_status;
145	}
146
147	/**
148	Returns an array of available comment status codes and names.
149
150	@return <b>array</b> Simple array with codes in keys and names in value
151	*/
152	public function getAllCommentStatus()
153	{
154	return $this->comment_status;
155	}
156
157	/**
158	Disallows entries password protection. You need to set it to
159	<var>false</var> while serving a public blog.
160
161	@param v <b>boolean</b>
162	*/
163	public function withoutPassword($v)
164	{
165	$this->without_password = (boolean) $v;
166	}
167	//@}
168
169	/// @name Triggers methods
170	//@{
171	/**
172	Updates blog last update date. Should be called every time you change
173	an element related to the blog.
174	*/
175	public function triggerBlog()
176	{
177	$cur = $this->con->openCursor($this->prefix.'blog');
178
179	$cur->blog_upddt = date('Y-m-d H:i:s');
180
181	$cur->update("WHERE blog_id = '".$this->con->escape($this->id)."' ");
182
183	# --BEHAVIOR-- coreBlogAfterTriggerBlog
184	$this->core->callBehavior('coreBlogAfterTriggerBlog',$cur);
185	}
186
187	/**
188	Updates comment and trackback counters in post table. Should be called
189	every time a comment or trackback is added, removed or changed its status.
190
191	@param id <b>integer</b> Comment ID
192	@param del <b>boolean</b> If comment is delete, set this to true
193	*/
194	public function triggerComment($id,$del=false)
195	{
196	$this->triggerComments($id,$del);
197	}
198
199	/**
200	Updates comments and trackbacks counters in post table. Should be called
201	every time comments or trackbacks are added, removed or changed their status.
202
203	@param ids <b>mixed</b> Comment(s) ID(s)
204	@param del <b>boolean</b> If comment is delete, set this to true
205	@param affected_posts <b>mixed</b> Posts(s) ID(s)
206	*/
207	public function triggerComments($ids, $del=false, $affected_posts=null)
208	{
209	$comments_ids = dcUtils::cleanIds($ids);
210
211	# Get posts affected by comments edition
212	if (empty($affected_posts)) {
213	$strReq =
214	'SELECT post_id '.
215	'FROM '.$this->prefix.'comment '.
216	'WHERE comment_id'.$this->con->in($comments_ids).
217	'GROUP BY post_id';
218
219	$rs = $this->con->select($strReq);
220
221	$affected_posts = array();
222	while ($rs->fetch()) {
223	$affected_posts[] = (integer) $rs->post_id;
224	}
225	}
226
227	if (!is_array($affected_posts) \|\| empty($affected_posts)) {
228	return;
229	}
230
231	# Count number of comments if exists for affected posts
232	$strReq =
233	'SELECT post_id, COUNT(post_id) AS nb_comment, comment_trackback '.
234	'FROM '.$this->prefix.'comment '.
235	'WHERE comment_status = 1 '.
236	'AND post_id'.$this->con->in($affected_posts).
237	'GROUP BY post_id,comment_trackback';
238
239	$rs = $this->con->select($strReq);
240
241	$posts = array();
242	while ($rs->fetch()) {
243	if ($rs->comment_trackback) {
244	$posts[$rs->post_id]['trackback'] = $rs->nb_comment;
245	} else {
246	$posts[$rs->post_id]['comment'] = $rs->nb_comment;
247	}
248	}
249
250	# Update number of comments on affected posts
251	$cur = $this->con->openCursor($this->prefix.'post');
252	foreach($affected_posts as $post_id)
253	{
254	$cur->clean();
255
256	if (!array_key_exists($post_id,$posts)) {
257	$cur->nb_trackback = 0;
258	$cur->nb_comment = 0;
259	} else {
260	$cur->nb_trackback = empty($posts[$post_id]['trackback']) ? 0 : $posts[$post_id]['trackback'];
261	$cur->nb_comment = empty($posts[$post_id]['comment']) ? 0 : $posts[$post_id]['comment'];
262	}
263
264	$cur->update('WHERE post_id = '.$post_id);
265	}
266	}
267	//@}
268
269	/// @name Categories management methods
270	//@{
271	public function categories()
272	{
273	if (!($this->categories instanceof dcCategories)) {
274	$this->categories = new dcCategories($this->core);
275	}
276
277	return $this->categories;
278	}
279
280	/**
281	Retrieves categories. <var>$params</var> is an associative array which can
282	take the following parameters:
283
284	- post_type: Get only entries with given type (default "post")
285	- cat_url: filter on cat_url field
286	- cat_id: filter on cat_id field
287	- start: start with a given category
288	- level: categories level to retrieve
289
290	@param params <b>array</b> Parameters
291	@return <b>record</b>
292	*/
293	public function getCategories($params=array())
294	{
295	$c_params = array();
296	if (isset($params['post_type'])) {
297	$c_params['post_type'] = $params['post_type'];
298	unset($params['post_type']);
299	}
300	$counter = $this->getCategoriesCounter($c_params);
301
302	if (isset($params['without_empty']) && ($params['without_empty'] == false)) {
303	$without_empty = false;
304	} else {
305	$without_empty = $this->core->auth->userID() == false; # Get all categories if in admin display
306	}
307
308	$start = isset($params['start']) ? (integer) $params['start'] : 0;
309	$l = isset($params['level']) ? (integer) $params['level'] : 0;
310
311	$rs = $this->categories()->getChildren($start,null,'desc');
312
313	# Get each categories total posts count
314	$data = array();
315	$stack = array();
316	$level = 0;
317	$cols = $rs->columns();
318	while ($rs->fetch())
319	{
320	$nb_post = isset($counter[$rs->cat_id]) ? (integer) $counter[$rs->cat_id] : 0;
321
322	if ($rs->level > $level) {
323	$nb_total = $nb_post;
324	$stack[$rs->level] = (integer) $nb_post;
325	} elseif ($rs->level == $level) {
326	$nb_total = $nb_post;
327	$stack[$rs->level] += $nb_post;
328	} else {
329	$nb_total = $stack[$rs->level+1] + $nb_post;
330	if (isset($stack[$rs->level])) {
331	$stack[$rs->level] += $nb_total;
332	} else {
333	$stack[$rs->level] = $nb_total;
334	}
335	unset($stack[$rs->level+1]);
336	}
337
338	if ($nb_total == 0 && $without_empty) {
339	continue;
340	}
341
342	$level = $rs->level;
343
344	$t = array();
345	foreach ($cols as $c) {
346	$t[$c] = $rs->f($c);
347	}
348	$t['nb_post'] = $nb_post;
349	$t['nb_total'] = $nb_total;
350
351	if ($l == 0 \|\| ($l > 0 && $l == $rs->level)) {
352	array_unshift($data,$t);
353	}
354	}
355
356	# We need to apply filter after counting
357	if (isset($params['cat_id']) && $params['cat_id'] !== '')
358	{
359	$found = false;
360	foreach ($data as $v) {
361	if ($v['cat_id'] == $params['cat_id']) {
362	$found = true;
363	$data = array($v);
364	break;
365	}
366	}
367	if (!$found) {
368	$data = array();
369	}
370	}
371
372	if (isset($params['cat_url']) && ($params['cat_url'] !== '')
373	&& !isset($params['cat_id']))
374	{
375	$found = false;
376	foreach ($data as $v) {
377	if ($v['cat_url'] == $params['cat_url']) {
378	$found = true;
379	$data = array($v);
380	break;
381	}
382	}
383	if (!$found) {
384	$data = array();
385	}
386	}
387
388	return staticRecord::newFromArray($data);
389	}
390
391	/**
392	Retrieves a category by its ID.
393
394	@param id <b>integer</b> Category ID
395	@return <b>record</b>
396	*/
397	public function getCategory($id)
398	{
399	return $this->getCategories(array('cat_id' => $id));
400	}
401
402	/**
403	Retrieves parents of a given category.
404
405	@param id <b>integer</b> Category ID
406	@return <b>record</b>
407	*/
408	public function getCategoryParents($id)
409	{
410	return $this->categories()->getParents($id);
411	}
412
413	/**
414	Retrieves first parent of a given category.
415
416	@param id <b>integer</b> Category ID
417	@return <b>record</b>
418	*/
419	public function getCategoryParent($id)
420	{
421	return $this->categories()->getParent($id);
422	}
423
424	/**
425	Retrieves all category's first children
426
427	@param id <b>integer</b> Category ID
428	@return <b>record</b>
429	*/
430	public function getCategoryFirstChildren($id)
431	{
432	return $this->getCategories(array('start' => $id,'level' => $id == 0 ? 1 : 2));
433	}
434
435	private function getCategoriesCounter($params=array())
436	{
437	$strReq =
438	'SELECT C.cat_id, COUNT(P.post_id) AS nb_post '.
439	'FROM '.$this->prefix.'category AS C '.
440	'JOIN '.$this->prefix."post P ON (C.cat_id = P.cat_id AND P.blog_id = '".$this->con->escape($this->id)."' ) ".
441	"WHERE C.blog_id = '".$this->con->escape($this->id)."' ";
442
443	if (!$this->core->auth->userID()) {
444	$strReq .= 'AND P.post_status = 1 ';
445	}
446
447	if (!empty($params['post_type'])) {
448	$strReq .= 'AND P.post_type '.$this->con->in($params['post_type']);
449	}
450
451	$strReq .= 'GROUP BY C.cat_id ';
452
453	$rs = $this->con->select($strReq);
454	$counters = array();
455	while ($rs->fetch()) {
456	$counters[$rs->cat_id] = $rs->nb_post;
457	}
458
459	return $counters;
460	}
461
462	/**
463	Creates a new category. Takes a cursor as input and returns the new category
464	ID.
465
466	@param cur <b>cursor</b> Category cursor
467	@return <b>integer</b> New category ID
468	*/
469	public function addCategory($cur,$parent=0)
470	{
471	if (!$this->core->auth->check('categories',$this->id)) {
472	throw new Exception(__('You are not allowed to add categories'));
473	}
474
475	$url = array();
476	if ($parent != 0)
477	{
478	$rs = $this->getCategory($parent);
479	if ($rs->isEmpty()) {
480	$url = array();
481	} else {
482	$url[] = $rs->cat_url;
483	}
484	}
485
486	if ($cur->cat_url == '') {
487	$url[] = text::tidyURL($cur->cat_title,false);
488	} else {
489	$url[] = $cur->cat_url;
490	}
491
492	$cur->cat_url = implode('/',$url);
493
494	$this->getCategoryCursor($cur);
495	$cur->blog_id = (string) $this->id;
496
497	# --BEHAVIOR-- coreBeforeCategoryCreate
498	$this->core->callBehavior('coreBeforeCategoryCreate',$this,$cur);
499
500	$id = $this->categories()->addNode($cur,$parent);
501	# Update category's cursor
502	$rs = $this->getCategory($id);
503	if (!$rs->isEmpty()) {
504	$cur->cat_lft = $rs->cat_lft;
505	$cur->cat_rgt = $rs->cat_rgt;
506	}
507
508	# --BEHAVIOR-- coreAfterCategoryCreate
509	$this->core->callBehavior('coreAfterCategoryCreate',$this,$cur);
510	$this->triggerBlog();
511
512	return $cur->cat_id;
513	}
514
515	/**
516	Updates an existing category.
517
518	@param id <b>integer</b> Category ID
519	@param cur <b>cursor</b> Category cursor
520	*/
521	public function updCategory($id,$cur)
522	{
523	if (!$this->core->auth->check('categories',$this->id)) {
524	throw new Exception(__('You are not allowed to update categories'));
525	}
526
527	if ($cur->cat_url == '')
528	{
529	$url = array();
530	$rs = $this->categories()->getParents($id);
531	while ($rs->fetch()) {
532	if ($rs->index() == $rs->count()-1) {
533	$url[] = $rs->cat_url;
534	}
535	}
536
537
538	$url[] = text::tidyURL($cur->cat_title,false);
539	$cur->cat_url = implode('/',$url);
540	}
541
542	$this->getCategoryCursor($cur,$id);
543
544	# --BEHAVIOR-- coreBeforeCategoryUpdate
545	$this->core->callBehavior('coreBeforeCategoryUpdate',$this,$cur);
546
547	$cur->update(
548	'WHERE cat_id = '.(integer) $id.' '.
549	"AND blog_id = '".$this->con->escape($this->id)."' ");
550
551	# --BEHAVIOR-- coreAfterCategoryUpdate
552	$this->core->callBehavior('coreAfterCategoryUpdate',$this,$cur);
553
554	$this->triggerBlog();
555	}
556
557	/**
558	Set category position
559
560	@param id <b>integer</b> Category ID
561	@param left <b>integer</b> Category ID before
562	@param right <b>integer</b> Category ID after
563	*/
564	public function updCategoryPosition($id,$left,$right)
565	{
566	$this->categories()->updatePosition($id,$left,$right);
567	$this->triggerBlog();
568	}
569
570	/**
571	DEPRECATED METHOD. Use dcBlog::setCategoryParent and dcBlog::moveCategory
572	instead.
573
574	@param id <b>integer</b> Category ID
575	@param order <b>integer</b> Category position
576	*/
577	public function updCategoryOrder($id,$order)
578	{
579	return;
580	}
581
582	/**
583	Set a category parent
584
585	@param id <b>integer</b> Category ID
586	@param parent <b>integer</b> Parent Category ID
587	*/
588	public function setCategoryParent($id,$parent)
589	{
590	$this->categories()->setNodeParent($id,$parent);
591	$this->triggerBlog();
592	}
593
594	/**
595	Set category position
596
597	@param id <b>integer</b> Category ID
598	@param sibling <b>integer</b> Sibling Category ID
599	@param move <b>integer</b> Order (before\|after)
600	*/
601	public function setCategoryPosition($id,$sibling,$move)
602	{
603	$this->categories()->setNodePosition($id,$sibling,$move);
604	$this->triggerBlog();
605	}
606
607	/**
608	Deletes a category.
609
610	@param id <b>integer</b> Category ID
611	*/
612	public function delCategory($id)
613	{
614	if (!$this->core->auth->check('categories',$this->id)) {
615	throw new Exception(__('You are not allowed to delete categories'));
616	}
617
618	$strReq = 'SELECT COUNT(post_id) AS nb_post '.
619	'FROM '.$this->prefix.'post '.
620	'WHERE cat_id = '.(integer) $id.' '.
621	"AND blog_id = '".$this->con->escape($this->id)."' ";
622
623	$rs = $this->con->select($strReq);
624
625	if ($rs->nb_post > 0) {
626	throw new Exception(__('This category is not empty.'));
627	}
628
629	$this->categories()->deleteNode($id,true);
630	$this->triggerBlog();
631	}
632
633	/**
634	Reset categories order and relocate them to first level
635	*/
636	public function resetCategoriesOrder()
637	{
638	if (!$this->core->auth->check('categories',$this->id)) {
639	throw new Exception(__('You are not allowed to reset categories order'));
640	}
641
642	$this->categories()->resetOrder();
643	$this->triggerBlog();
644	}
645
646	private function checkCategory($title,$url,$id=null)
647	{
648	# Let's check if URL is taken...
649	$strReq =
650	'SELECT cat_url FROM '.$this->prefix.'category '.
651	"WHERE cat_url = '".$this->con->escape($url)."' ".
652	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
653	"AND blog_id = '".$this->con->escape($this->id)."' ".
654	'ORDER BY cat_url DESC';
655
656	$rs = $this->con->select($strReq);
657
658	if (!$rs->isEmpty())
659	{
660	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
661	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
662	} elseif ($this->con->driver() == 'pgsql') {
663	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
664	} else {
665	$clause = "LIKE '".$this->con->escape($url)."%'";
666	}
667	$strReq =
668	'SELECT cat_url FROM '.$this->prefix.'category '.
669	"WHERE cat_url ".$clause.' '.
670	($id ? 'AND cat_id <> '.(integer) $id. ' ' : '').
671	"AND blog_id = '".$this->con->escape($this->id)."' ".
672	'ORDER BY cat_url DESC ';
673
674	$rs = $this->con->select($strReq);
675	$a = array();
676	while ($rs->fetch()) {
677	$a[] = $rs->cat_url;
678	}
679
680	natsort($a);
681	$t_url = end($a);
682
683	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
684	$i = (integer) $m[2];
685	$url = $m[1];
686	} else {
687	$i = 1;
688	}
689
690	return $url.($i+1);
691	}
692
693	# URL is empty?
694	if ($url == '') {
695	throw new Exception(__('Empty category URL'));
696	}
697
698	return $url;
699	}
700
701	private function getCategoryCursor($cur,$id=null)
702	{
703	if ($cur->cat_title == '') {
704	throw new Exception(__('You must provide a category title'));
705	}
706
707	# If we don't have any cat_url, let's do one
708	if ($cur->cat_url == '') {
709	$cur->cat_url = text::tidyURL($cur->cat_title,false);
710	}
711
712	# Still empty ?
713	if ($cur->cat_url == '') {
714	throw new Exception(__('You must provide a category URL'));
715	} else {
716	$cur->cat_url = text::tidyURL($cur->cat_url,true);
717	}
718
719	# Check if title or url are unique
720	$cur->cat_url = $this->checkCategory($cur->cat_title,$cur->cat_url,$id);
721
722	if ($cur->cat_desc !== null) {
723	$cur->cat_desc = $this->core->HTMLfilter($cur->cat_desc);
724	}
725	}
726	//@}
727
728	/// @name Entries management methods
729	//@{
730	/**
731	Retrieves entries. <b>$params</b> is an array taking the following
732	optionnal parameters:
733
734	- no_content: Don't retrieve entry content (excerpt and content)
735	- post_type: Get only entries with given type (default "post", array for many types and '' for no type)
736	- post_id: (integer or array) Get entry with given post_id
737	- post_url: Get entry with given post_url field
738	- user_id: (integer) Get entries belonging to given user ID
739	- cat_id: (string or array) Get entries belonging to given category ID
740	- cat_id_not: deprecated (use cat_id with "id ?not" instead)
741	- cat_url: (string or array) Get entries belonging to given category URL
742	- cat_url_not: deprecated (use cat_url with "url ?not" instead)
743	- post_status: (integer) Get entries with given post_status
744	- post_selected: (boolean) Get select flaged entries
745	- post_year: (integer) Get entries with given year
746	- post_month: (integer) Get entries with given month
747	- post_day: (integer) Get entries with given day
748	- post_lang: Get entries with given language code
749	- search: Get entries corresponding of the following search string
750	- columns: (array) More columns to retrieve
751	- sql: Append SQL string at the end of the query
752	- from: Append SQL string after "FROM" statement in query
753	- order: Order of results (default "ORDER BY post_dt DES")
754	- limit: Limit parameter
755	- sql_only : return the sql request instead of results. Only ids are selected
756	- exclude_post_id : (integer or array) Exclude entries with given post_id
757
758	Please note that on every cat_id or cat_url, you can add ?not to exclude
759	the category and ?sub to get subcategories.
760
761	@param params <b>array</b> Parameters
762	@param count_only <b>boolean</b> Only counts results
763	@return <b>record</b> A record with some more capabilities or the SQL request
764	*/
765	public function getPosts($params=array(),$count_only=false)
766	{
767	# --BEHAVIOR-- coreBlogBeforeGetPosts
768	$params = new ArrayObject($params);
769	$this->core->callBehavior('coreBlogBeforeGetPosts',$params);
770
771	if ($count_only)
772	{
773	$strReq = 'SELECT count(DISTINCT P.post_id) ';
774	}
775	elseif (!empty($params['sql_only']))
776	{
777	if ($this->core->con->driver() == 'pgsql' && isset($params['media'])) {
778	$strReq = 'SELECT DISTINCT ON (P.post_id) P.post_id ';
779	} else {
780	$strReq = 'SELECT P.post_id ';
781	}
782	}
783	else
784	{
785	if (!empty($params['no_content'])) {
786	$content_req = '';
787	} else {
788	$content_req =
789	'post_excerpt, post_excerpt_xhtml, '.
790	'post_content, post_content_xhtml, post_notes, ';
791	}
792
793	if (!empty($params['columns']) && is_array($params['columns'])) {
794	$content_req .= implode(', ',$params['columns']).', ';
795	}
796
797	if ($this->core->con->driver() == 'pgsql' && isset($params['media'])) {
798	$strReq = 'SELECT DISTINCT ON (P.post_id) ';
799	} else {
800	$strReq = 'SELECT ';
801	}
802	$strReq .=
803	'P.post_id, P.blog_id, P.user_id, P.cat_id, post_dt, '.
804	'post_tz, post_creadt, post_upddt, post_format, post_password, '.
805	'post_url, post_lang, post_title, '.$content_req.
806	'post_type, post_meta, post_status, post_selected, post_position, '.
807	'post_open_comment, post_open_tb, nb_comment, nb_trackback, '.
808	'U.user_name, U.user_firstname, U.user_displayname, U.user_email, '.
809	'U.user_url, '.
810	'C.cat_title, C.cat_url, C.cat_desc ';
811	}
812
813	$strReq .=
814	'FROM '.$this->prefix.'post P '.
815	'INNER JOIN '.$this->prefix.'user U ON U.user_id = P.user_id '.
816	'LEFT OUTER JOIN '.$this->prefix.'category C ON P.cat_id = C.cat_id ';
817
818	if (isset($params['media'])) {
819	if ($params['media'] == '0') {
820	$strReq .= 'LEFT OUTER JOIN '.$this->prefix.'post_media M on P.post_id = M.post_id ';
821	} else {
822	$strReq .= 'INNER JOIN '.$this->prefix.'post_media M on P.post_id = M.post_id ';
823	}
824	if (isset($params['link_type'])) {
825	$strReq .= " and M.link_type ".$this->con->in($params['link_type'])." ";
826	}
827	}
828
829	if (!empty($params['from'])) {
830	$strReq .= $params['from'].' ';
831	}
832
833	$strReq .=
834	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
835
836	if (!$this->core->auth->check('contentadmin',$this->id)) {
837	$strReq .= 'AND ((post_status = 1 ';
838
839	if ($this->without_password) {
840	$strReq .= 'AND post_password IS NULL ';
841	}
842	$strReq .= ') ';
843
844	if ($this->core->auth->userID()) {
845	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
846	} else {
847	$strReq .= ') ';
848	}
849	}
850
851	#Adding parameters
852	if (isset($params['post_type']))
853	{
854	if (is_array($params['post_type']) \|\| $params['post_type'] != '') {
855	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
856	}
857	}
858	else
859	{
860	$strReq .= "AND post_type = 'post' ";
861	}
862
863	if (isset($params['post_id']) && $params['post_id'] !== '') {
864	if (is_array($params['post_id'])) {
865	array_walk($params['post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
866	} else {
867	$params['post_id'] = array((integer) $params['post_id']);
868	}
869	$strReq .= 'AND P.post_id '.$this->con->in($params['post_id']);
870	}
871
872	if (isset($params['exclude_post_id']) && $params['exclude_post_id'] !== '') {
873	if (is_array($params['exclude_post_id'])) {
874	array_walk($params['exclude_post_id'],create_function('&$v,$k','if($v!==null){$v=(integer)$v;}'));
875	} else {
876	$params['exclude_post_id'] = array((integer) $params['exclude_post_id']);
877	}
878	$strReq .= 'AND P.post_id NOT '.$this->con->in($params['exclude_post_id']);
879	}
880
881	if (isset($params['post_url']) && $params['post_url'] !== '') {
882	$strReq .= "AND post_url = '".$this->con->escape($params['post_url'])."' ";
883	}
884
885	if (!empty($params['user_id'])) {
886	$strReq .= "AND U.user_id = '".$this->con->escape($params['user_id'])."' ";
887	}
888
889	if (isset($params['cat_id']) && $params['cat_id'] !== '')
890	{
891	if (!is_array($params['cat_id'])) {
892	$params['cat_id'] = array($params['cat_id']);
893	}
894	if (!empty($params['cat_id_not'])) {
895	array_walk($params['cat_id'],create_function('&$v,$k','$v=$v." ?not";'));
896	}
897	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_id'],'cat_id').' ';
898	}
899	elseif (isset($params['cat_url']) && $params['cat_url'] !== '')
900	{
901	if (!is_array($params['cat_url'])) {
902	$params['cat_url'] = array($params['cat_url']);
903	}
904	if (!empty($params['cat_url_not'])) {
905	array_walk($params['cat_url'],create_function('&$v,$k','$v=$v." ?not";'));
906	}
907	$strReq .= 'AND '.$this->getPostsCategoryFilter($params['cat_url'],'cat_url').' ';
908	}
909
910	/* Other filters */
911	if (isset($params['post_status'])) {
912	$strReq .= 'AND post_status = '.(integer) $params['post_status'].' ';
913	}
914
915	if (isset($params['post_selected'])) {
916	$strReq .= 'AND post_selected = '.(integer) $params['post_selected'].' ';
917	}
918
919	if (!empty($params['post_year'])) {
920	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y').' = '.
921	"'".sprintf('%04d',$params['post_year'])."' ";
922	}
923
924	if (!empty($params['post_month'])) {
925	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m').' = '.
926	"'".sprintf('%02d',$params['post_month'])."' ";
927	}
928
929	if (!empty($params['post_day'])) {
930	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d').' = '.
931	"'".sprintf('%02d',$params['post_day'])."' ";
932	}
933
934	if (!empty($params['post_lang'])) {
935	$strReq .= "AND P.post_lang = '".$this->con->escape($params['post_lang'])."' ";
936	}
937
938	if (!empty($params['search']))
939	{
940	$words = text::splitWords($params['search']);
941
942	if (!empty($words))
943	{
944	# --BEHAVIOR-- corePostSearch
945	if ($this->core->hasBehavior('corePostSearch')) {
946	$this->core->callBehavior('corePostSearch',$this->core,array(&$words,&$strReq,&$params));
947	}
948
949	if ($words)
950	{
951	foreach ($words as $i => $w) {
952	$words[$i] = "post_words LIKE '%".$this->con->escape($w)."%'";
953	}
954	$strReq .= 'AND '.implode(' AND ',$words).' ';
955	}
956	}
957	}
958
959	if (isset($params['media'])) {
960	if ($params['media'] == '0') {
961	$strReq .= ' AND M.post_id IS NULL ';
962	}
963	}
964
965	if (!empty($params['sql'])) {
966	$strReq .= $params['sql'].' ';
967	}
968
969	if ($this->core->con->driver() != 'pgsql' && !$count_only && isset($params['media'])) {
970	$strReq .= ' GROUP BY P.post_id ';
971	}
972
973	if (!$count_only)
974	{
975	if (!empty($params['order'])) {
976	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
977	} else {
978	$strReq .= 'ORDER BY post_dt DESC ';
979	}
980	}
981
982	if (!$count_only && !empty($params['limit'])) {
983	$strReq .= $this->con->limit($params['limit']);
984	}
985
986	if (!empty($params['sql_only'])) {
987	return $strReq;
988	}
989
990	$rs = $this->con->select($strReq);
991	$rs->core = $this->core;
992	$rs->_nb_media = array();
993	$rs->extend('rsExtPost');
994
995	# --BEHAVIOR-- coreBlogGetPosts
996	$this->core->callBehavior('coreBlogGetPosts',$rs);
997
998	return $rs;
999	}
1000
1001	/**
1002	Returns a record with post id, title and date for next or previous post
1003	according to the post ID.
1004	$dir could be 1 (next post) or -1 (previous post).
1005
1006	@param post_id <b>integer</b> Post ID
1007	@param dir <b>integer</b> Search direction
1008	@param restrict_to_category <b>boolean</b> Restrict to post with same category
1009	@param restrict_to_lang <b>boolean</b> Restrict to post with same lang
1010	@return record
1011	*/
1012	public function getNextPost($post,$dir,$restrict_to_category=false, $restrict_to_lang=false)
1013	{
1014	$dt = $post->post_dt;
1015	$post_id = (integer) $post->post_id;
1016
1017	if($dir > 0) {
1018	$sign = '>';
1019	$order = 'ASC';
1020	}
1021	else {
1022	$sign = '<';
1023	$order = 'DESC';
1024	}
1025
1026	$params['post_type'] = $post->post_type;
1027	$params['limit'] = 1;
1028	$params['order'] = 'post_dt '.$order.', P.post_id '.$order;
1029	$params['sql'] =
1030	'AND ( '.
1031	" (post_dt = '".$this->con->escape($dt)."' AND P.post_id ".$sign." ".$post_id.") ".
1032	" OR post_dt ".$sign." '".$this->con->escape($dt)."' ".
1033	') ';
1034
1035	if ($restrict_to_category) {
1036	$params['sql'] .= $post->cat_id ? 'AND P.cat_id = '.(integer) $post->cat_id.' ' : 'AND P.cat_id IS NULL ';
1037	}
1038
1039	if ($restrict_to_lang) {
1040	$params['sql'] .= $post->post_lang ? 'AND P.post_lang = \''. $this->con->escape($post->post_lang) .'\' ': 'AND P.post_lang IS NULL ';
1041	}
1042
1043	$rs = $this->getPosts($params);
1044
1045	if ($rs->isEmpty()) {
1046	return null;
1047	}
1048
1049	return $rs;
1050	}
1051
1052	/**
1053	Retrieves different languages and post count on blog, based on post_lang
1054	field. <var>$params</var> is an array taking the following optionnal
1055	parameters:
1056
1057	- post_type: Get only entries with given type (default "post", '' for no type)
1058	- lang: retrieve post count for selected lang
1059	- order: order statement (default post_lang DESC)
1060
1061	@param params <b>array</b> Parameters
1062	@return record
1063	*/
1064	public function getLangs($params=array())
1065	{
1066	$strReq = 'SELECT COUNT(post_id) as nb_post, post_lang '.
1067	'FROM '.$this->prefix.'post '.
1068	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1069	"AND post_lang <> '' ".
1070	"AND post_lang IS NOT NULL ";
1071
1072	if (!$this->core->auth->check('contentadmin',$this->id)) {
1073	$strReq .= 'AND ((post_status = 1 ';
1074
1075	if ($this->without_password) {
1076	$strReq .= 'AND post_password IS NULL ';
1077	}
1078	$strReq .= ') ';
1079
1080	if ($this->core->auth->userID()) {
1081	$strReq .= "OR user_id = '".$this->con->escape($this->core->auth->userID())."')";
1082	} else {
1083	$strReq .= ') ';
1084	}
1085	}
1086
1087	if (isset($params['post_type'])) {
1088	if ($params['post_type'] != '') {
1089	$strReq .= "AND post_type = '".$this->con->escape($params['post_type'])."' ";
1090	}
1091	} else {
1092	$strReq .= "AND post_type = 'post' ";
1093	}
1094
1095	if (isset($params['lang'])) {
1096	$strReq .= "AND post_lang = '".$this->con->escape($params['lang'])."' ";
1097	}
1098
1099	$strReq .= 'GROUP BY post_lang ';
1100
1101	$order = 'desc';
1102	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1103	$order = $params['order'];
1104	}
1105	$strReq .= 'ORDER BY post_lang '.$order.' ';
1106
1107	return $this->con->select($strReq);
1108	}
1109
1110	/**
1111	Returns a record with all distinct blog dates and post count.
1112	<var>$params</var> is an array taking the following optionnal parameters:
1113
1114	- type: (day\|month\|year) Get days, months or years
1115	- year: (integer) Get dates for given year
1116	- month: (integer) Get dates for given month
1117	- day: (integer) Get dates for given day
1118	- cat_id: (integer) Category ID filter
1119	- cat_url: Category URL filter
1120	- post_lang: lang of the posts
1121	- next: Get date following match
1122	- previous: Get date before match
1123	- order: Sort by date "ASC" or "DESC"
1124
1125	@param params <b>array</b> Parameters array
1126	@return record
1127	*/
1128	public function getDates($params=array())
1129	{
1130	$dt_f = '%Y-%m-%d';
1131	$dt_fc = '%Y%m%d';
1132	if (isset($params['type'])) {
1133	if ($params['type'] == 'year') {
1134	$dt_f = '%Y-01-01';
1135	$dt_fc = '%Y0101';
1136	} elseif ($params['type'] == 'month') {
1137	$dt_f = '%Y-%m-01';
1138	$dt_fc = '%Y%m01';
1139	}
1140	}
1141	$dt_f .= ' 00:00:00';
1142	$dt_fc .= '000000';
1143
1144	$cat_field = $catReq = $limit = '';
1145
1146	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1147	$catReq = 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1148	$cat_field = ', C.cat_url ';
1149	} elseif (isset($params['cat_url']) && $params['cat_url'] !== '') {
1150	$catReq = "AND C.cat_url = '".$this->con->escape($params['cat_url'])."' ";
1151	$cat_field = ', C.cat_url ';
1152	}
1153	if (!empty($params['post_lang'])) {
1154	$catReq = 'AND P.post_lang = \''. $params['post_lang'].'\' ';
1155	}
1156
1157	$strReq = 'SELECT DISTINCT('.$this->con->dateFormat('post_dt',$dt_f).') AS dt '.
1158	$cat_field.
1159	',COUNT(P.post_id) AS nb_post '.
1160	'FROM '.$this->prefix.'post P LEFT JOIN '.$this->prefix.'category C '.
1161	'ON P.cat_id = C.cat_id '.
1162	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ".
1163	$catReq;
1164
1165	if (!$this->core->auth->check('contentadmin',$this->id)) {
1166	$strReq .= 'AND ((post_status = 1 ';
1167
1168	if ($this->without_password) {
1169	$strReq .= 'AND post_password IS NULL ';
1170	}
1171	$strReq .= ') ';
1172
1173	if ($this->core->auth->userID()) {
1174	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1175	} else {
1176	$strReq .= ') ';
1177	}
1178	}
1179
1180	if (!empty($params['post_type'])) {
1181	$strReq .= "AND post_type ".$this->con->in($params['post_type'])." ";
1182	} else {
1183	$strReq .= "AND post_type = 'post' ";
1184	}
1185
1186	if (!empty($params['year'])) {
1187	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%Y')." = '".sprintf('%04d',$params['year'])."' ";
1188	}
1189
1190	if (!empty($params['month'])) {
1191	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%m')." = '".sprintf('%02d',$params['month'])."' ";
1192	}
1193
1194	if (!empty($params['day'])) {
1195	$strReq .= 'AND '.$this->con->dateFormat('post_dt','%d')." = '".sprintf('%02d',$params['day'])."' ";
1196	}
1197
1198	# Get next or previous date
1199	if (!empty($params['next']) \|\| !empty($params['previous']))
1200	{
1201	if (!empty($params['next'])) {
1202	$pdir = ' > ';
1203	$params['order'] = 'asc';
1204	$dt = $params['next'];
1205	} else {
1206	$pdir = ' < ';
1207	$params['order'] = 'desc';
1208	$dt = $params['previous'];
1209	}
1210
1211	$dt = date('YmdHis',strtotime($dt));
1212
1213	$strReq .= 'AND '.$this->con->dateFormat('post_dt',$dt_fc).$pdir."'".$dt."' ";
1214	$limit = $this->con->limit(1);
1215	}
1216
1217	$strReq .= 'GROUP BY dt '.$cat_field;
1218
1219	$order = 'desc';
1220	if (!empty($params['order']) && preg_match('/^(desc\|asc)$/i',$params['order'])) {
1221	$order = $params['order'];
1222	}
1223
1224	$strReq .=
1225	'ORDER BY dt '.$order.' '.
1226	$limit;
1227
1228	$rs = $this->con->select($strReq);
1229	$rs->extend('rsExtDates');
1230	return $rs;
1231	}
1232
1233	/**
1234	Creates a new entry. Takes a cursor as input and returns the new entry
1235	ID.
1236
1237	@param cur <b>cursor</b> Post cursor
1238	@return <b>integer</b> New post ID
1239	*/
1240	public function addPost($cur)
1241	{
1242	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1243	throw new Exception(__('You are not allowed to create an entry'));
1244	}
1245
1246	$this->con->writeLock($this->prefix.'post');
1247	try
1248	{
1249	# Get ID
1250	$rs = $this->con->select(
1251	'SELECT MAX(post_id) '.
1252	'FROM '.$this->prefix.'post '
1253	);
1254
1255	$cur->post_id = (integer) $rs->f(0) + 1;
1256	$cur->blog_id = (string) $this->id;
1257	$cur->post_creadt = date('Y-m-d H:i:s');
1258	$cur->post_upddt = date('Y-m-d H:i:s');
1259	$cur->post_tz = $this->core->auth->getInfo('user_tz');
1260
1261	# Post excerpt and content
1262	$this->getPostContent($cur,$cur->post_id);
1263
1264	$this->getPostCursor($cur);
1265
1266	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$cur->post_id);
1267
1268	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1269	$cur->post_status = -2;
1270	}
1271
1272	# --BEHAVIOR-- coreBeforePostCreate
1273	$this->core->callBehavior('coreBeforePostCreate',$this,$cur);
1274
1275	$cur->insert();
1276	$this->con->unlock();
1277	}
1278	catch (Exception $e)
1279	{
1280	$this->con->unlock();
1281	throw $e;
1282	}
1283
1284	# --BEHAVIOR-- coreAfterPostCreate
1285	$this->core->callBehavior('coreAfterPostCreate',$this,$cur);
1286
1287	$this->triggerBlog();
1288
1289	return $cur->post_id;
1290	}
1291
1292	/**
1293	Updates an existing post.
1294
1295	@param id <b>integer</b> Post ID
1296	@param cur <b>cursor</b> Post cursor
1297	*/
1298	public function updPost($id,$cur)
1299	{
1300	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1301	throw new Exception(__('You are not allowed to update entries'));
1302	}
1303
1304	$id = (integer) $id;
1305
1306	if (empty($id)) {
1307	throw new Exception(__('No such entry ID'));
1308	}
1309
1310	# Post excerpt and content
1311	$this->getPostContent($cur,$id);
1312
1313	$this->getPostCursor($cur);
1314
1315	if ($cur->post_url !== null) {
1316	$cur->post_url = $this->getPostURL($cur->post_url,$cur->post_dt,$cur->post_title,$id);
1317	}
1318
1319	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1320	$cur->unsetField('post_status');
1321	}
1322
1323	$cur->post_upddt = date('Y-m-d H:i:s');
1324
1325	#If user is only "usage", we need to check the post's owner
1326	if (!$this->core->auth->check('contentadmin',$this->id))
1327	{
1328	$strReq = 'SELECT post_id '.
1329	'FROM '.$this->prefix.'post '.
1330	'WHERE post_id = '.$id.' '.
1331	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1332
1333	$rs = $this->con->select($strReq);
1334
1335	if ($rs->isEmpty()) {
1336	throw new Exception(__('You are not allowed to edit this entry'));
1337	}
1338	}
1339
1340	# --BEHAVIOR-- coreBeforePostUpdate
1341	$this->core->callBehavior('coreBeforePostUpdate',$this,$cur);
1342
1343	$cur->update('WHERE post_id = '.$id.' ');
1344
1345	# --BEHAVIOR-- coreAfterPostUpdate
1346	$this->core->callBehavior('coreAfterPostUpdate',$this,$cur);
1347
1348	$this->triggerBlog();
1349	}
1350
1351	/**
1352	Updates post status.
1353
1354	@param id <b>integer</b> Post ID
1355	@param status <b>integer</b> Post status
1356	*/
1357	public function updPostStatus($id,$status)
1358	{
1359	$this->updPostsStatus($id,$status);
1360	}
1361
1362	/**
1363	Updates posts status.
1364
1365	@param ids <b>mixed</b> Post(s) ID(s)
1366	@param status <b>integer</b> Post status
1367	*/
1368	public function updPostsStatus($ids,$status)
1369	{
1370	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
1371	throw new Exception(__('You are not allowed to change this entry status'));
1372	}
1373
1374	$posts_ids = dcUtils::cleanIds($ids);
1375	$status = (integer) $status;
1376
1377	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1378	"AND post_id ".$this->con->in($posts_ids);
1379
1380	#If user can only publish, we need to check the post's owner
1381	if (!$this->core->auth->check('contentadmin',$this->id))
1382	{
1383	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1384	}
1385
1386	$cur = $this->con->openCursor($this->prefix.'post');
1387
1388	$cur->post_status = $status;
1389	$cur->post_upddt = date('Y-m-d H:i:s');
1390
1391	$cur->update($strReq);
1392	$this->triggerBlog();
1393	}
1394
1395	/**
1396	Updates post selection.
1397
1398	@param id <b>integer</b> Post ID
1399	@param selected <b>integer</b> Is selected post
1400	*/
1401	public function updPostSelected($id,$selected)
1402	{
1403	$this->updPostsSelected($id,$selected);
1404	}
1405
1406	/**
1407	Updates posts selection.
1408
1409	@param ids <b>mixed</b> Post(s) ID(s)
1410	@param selected <b>integer</b> Is selected post(s)
1411	*/
1412	public function updPostsSelected($ids,$selected)
1413	{
1414	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1415	throw new Exception(__('You are not allowed to change this entry category'));
1416	}
1417
1418	$posts_ids = dcUtils::cleanIds($ids);
1419	$selected = (boolean) $selected;
1420
1421	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1422	"AND post_id ".$this->con->in($posts_ids);
1423
1424	# If user is only usage, we need to check the post's owner
1425	if (!$this->core->auth->check('contentadmin',$this->id))
1426	{
1427	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1428	}
1429
1430	$cur = $this->con->openCursor($this->prefix.'post');
1431
1432	$cur->post_selected = (integer) $selected;
1433	$cur->post_upddt = date('Y-m-d H:i:s');
1434
1435	$cur->update($strReq);
1436	$this->triggerBlog();
1437	}
1438
1439	/**
1440	Updates post category. <var>$cat_id</var> can be null.
1441
1442	@param id <b>integer</b> Post ID
1443	@param cat_id <b>integer</b> Category ID
1444	*/
1445	public function updPostCategory($id,$cat_id)
1446	{
1447	$this->updPostsCategory($id,$cat_id);
1448	}
1449
1450	/**
1451	Updates posts category. <var>$cat_id</var> can be null.
1452
1453	@param ids <b>mixed</b> Post(s) ID(s)
1454	@param cat_id <b>integer</b> Category ID
1455	*/
1456	public function updPostsCategory($ids,$cat_id)
1457	{
1458	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
1459	throw new Exception(__('You are not allowed to change this entry category'));
1460	}
1461
1462	$posts_ids = dcUtils::cleanIds($ids);
1463	$cat_id = (integer) $cat_id;
1464
1465	$strReq = "WHERE blog_id = '".$this->con->escape($this->id)."' ".
1466	"AND post_id ".$this->con->in($posts_ids);
1467
1468	# If user is only usage, we need to check the post's owner
1469	if (!$this->core->auth->check('contentadmin',$this->id))
1470	{
1471	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1472	}
1473
1474	$cur = $this->con->openCursor($this->prefix.'post');
1475
1476	$cur->cat_id = ($cat_id ? $cat_id : null);
1477	$cur->post_upddt = date('Y-m-d H:i:s');
1478
1479	$cur->update($strReq);
1480	$this->triggerBlog();
1481	}
1482
1483	/**
1484	Updates posts category. <var>$new_cat_id</var> can be null.
1485
1486	@param old_cat_id <b>integer</b> Old category ID
1487	@param new_cat_id <b>integer</b> New category ID
1488	*/
1489	public function changePostsCategory($old_cat_id,$new_cat_id)
1490	{
1491	if (!$this->core->auth->check('contentadmin,categories',$this->id)) {
1492	throw new Exception(__('You are not allowed to change entries category'));
1493	}
1494
1495	$old_cat_id = (integer) $old_cat_id;
1496	$new_cat_id = (integer) $new_cat_id;
1497
1498	$cur = $this->con->openCursor($this->prefix.'post');
1499
1500	$cur->cat_id = ($new_cat_id ? $new_cat_id : null);
1501	$cur->post_upddt = date('Y-m-d H:i:s');
1502
1503	$cur->update(
1504	'WHERE cat_id = '.$old_cat_id.' '.
1505	"AND blog_id = '".$this->con->escape($this->id)."' "
1506	);
1507	$this->triggerBlog();
1508	}
1509
1510	/**
1511	Deletes a post.
1512
1513	@param id <b>integer</b> Post ID
1514	*/
1515	public function delPost($id)
1516	{
1517	$this->delPosts($id);
1518	}
1519
1520	/**
1521	Deletes multiple posts.
1522
1523	@param ids <b>mixed</b> Post(s) ID(s)
1524	*/
1525	public function delPosts($ids)
1526	{
1527	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
1528	throw new Exception(__('You are not allowed to delete entries'));
1529	}
1530
1531	$posts_ids = dcUtils::cleanIds($ids);
1532
1533	if (empty($posts_ids)) {
1534	throw new Exception(__('No such entry ID'));
1535	}
1536
1537	$strReq = 'DELETE FROM '.$this->prefix.'post '.
1538	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1539	"AND post_id ".$this->con->in($posts_ids);
1540
1541	#If user can only delete, we need to check the post's owner
1542	if (!$this->core->auth->check('contentadmin',$this->id))
1543	{
1544	$strReq .= "AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
1545	}
1546
1547	$this->con->execute($strReq);
1548	$this->triggerBlog();
1549	}
1550
1551	/**
1552	Publishes all entries flaged as "scheduled".
1553	*/
1554	public function publishScheduledEntries()
1555	{
1556	$strReq = 'SELECT post_id, post_dt, post_tz '.
1557	'FROM '.$this->prefix.'post '.
1558	'WHERE post_status = -1 '.
1559	"AND blog_id = '".$this->con->escape($this->id)."' ";
1560
1561	$rs = $this->con->select($strReq);
1562
1563	$now = dt::toUTC(time());
1564	$to_change = new ArrayObject();
1565
1566	if ($rs->isEmpty()) {
1567	return;
1568	}
1569
1570	while ($rs->fetch())
1571	{
1572	# Now timestamp with post timezone
1573	$now_tz = $now + dt::getTimeOffset($rs->post_tz,$now);
1574
1575	# Post timestamp
1576	$post_ts = strtotime($rs->post_dt);
1577
1578	# If now_tz >= post_ts, we publish the entry
1579	if ($now_tz >= $post_ts) {
1580	$to_change[] = (integer) $rs->post_id;
1581	}
1582	}
1583	if (count($to_change))
1584	{
1585	# --BEHAVIOR-- coreBeforeScheduledEntriesPublish
1586	$this->core->callBehavior('coreBeforeScheduledEntriesPublish',$this,$to_change);
1587
1588	$strReq =
1589	'UPDATE '.$this->prefix.'post SET '.
1590	'post_status = 1 '.
1591	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1592	'AND post_id '.$this->con->in((array)$to_change).' ';
1593	$this->con->execute($strReq);
1594	$this->triggerBlog();
1595
1596	# --BEHAVIOR-- coreAfterScheduledEntriesPublish
1597	$this->core->callBehavior('coreAfterScheduledEntriesPublish',$this,$to_change);
1598	}
1599
1600	}
1601
1602	/**
1603	Retrieves all users having posts on current blog.
1604
1605	@param post_type <b>string</b> post_type filter (post)
1606	@return record
1607	*/
1608	public function getPostsUsers($post_type='post')
1609	{
1610	$strReq = 'SELECT P.user_id, user_name, user_firstname, '.
1611	'user_displayname, user_email '.
1612	'FROM '.$this->prefix.'post P, '.$this->prefix.'user U '.
1613	'WHERE P.user_id = U.user_id '.
1614	"AND blog_id = '".$this->con->escape($this->id)."' ";
1615
1616	if ($post_type) {
1617	$strReq .= "AND post_type = '".$this->con->escape($post_type)."' ";
1618	}
1619
1620	$strReq .= 'GROUP BY P.user_id, user_name, user_firstname, user_displayname, user_email ';
1621
1622	return $this->con->select($strReq);
1623	}
1624
1625	private function getPostsCategoryFilter($arr,$field='cat_id')
1626	{
1627	$field = $field == 'cat_id' ? 'cat_id' : 'cat_url';
1628
1629	$sub = array();
1630	$not = array();
1631	$queries = array();
1632
1633	foreach ($arr as $v)
1634	{
1635	$v = trim($v);
1636	$args = preg_split('/\s[?]\s/',$v,-1,PREG_SPLIT_NO_EMPTY);
1637	$id = array_shift($args);
1638	$args = array_flip($args);
1639
1640	if (isset($args['not'])) { $not[$id] = 1; }
1641	if (isset($args['sub'])) { $sub[$id] = 1; }
1642	if ($field == 'cat_id') {
1643	if (preg_match('/^null$/i',$id)) {
1644	$queries[$id] = 'P.cat_id IS NULL';
1645	}
1646	else {
1647	$queries[$id] = 'P.cat_id = '.(integer) $id;
1648	}
1649	} else {
1650	$queries[$id] = "C.cat_url = '".$this->con->escape($id)."' ";
1651	}
1652	}
1653
1654	if (!empty($sub)) {
1655	$rs = $this->con->select(
1656	'SELECT cat_id, cat_url, cat_lft, cat_rgt FROM '.$this->prefix.'category '.
1657	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
1658	'AND '.$field.' '.$this->con->in(array_keys($sub))
1659	);
1660
1661	while ($rs->fetch()) {
1662	$queries[$rs->f($field)] = '(C.cat_lft BETWEEN '.$rs->cat_lft.' AND '.$rs->cat_rgt.')';
1663	}
1664	}
1665
1666	# Create queries
1667	$sql = array(
1668	0 => array(), # wanted categories
1669	1 => array() # excluded categories
1670	);
1671
1672	foreach ($queries as $id => $q) {
1673	$sql[(integer) isset($not[$id])][] = $q;
1674	}
1675
1676	$sql[0] = implode(' OR ',$sql[0]);
1677	$sql[1] = implode(' OR ',$sql[1]);
1678
1679	if ($sql[0]) {
1680	$sql[0] = '('.$sql[0].')';
1681	} else {
1682	unset($sql[0]);
1683	}
1684
1685	if ($sql[1]) {
1686	$sql[1] = '(P.cat_id IS NULL OR NOT('.$sql[1].'))';
1687	} else {
1688	unset($sql[1]);
1689	}
1690
1691	return implode(' AND ',$sql);
1692	}
1693
1694	private function getPostCursor($cur,$post_id=null)
1695	{
1696	if ($cur->post_title == '') {
1697	throw new Exception(__('No entry title'));
1698	}
1699
1700	if ($cur->post_content == '') {
1701	throw new Exception(__('No entry content'));
1702	}
1703
1704	if ($cur->post_password === '') {
1705	$cur->post_password = null;
1706	}
1707
1708	if ($cur->post_dt == '') {
1709	$offset = dt::getTimeOffset($this->core->auth->getInfo('user_tz'));
1710	$now = time() + $offset;
1711	$cur->post_dt = date('Y-m-d H:i:00',$now);
1712	}
1713
1714	$post_id = is_int($post_id) ? $post_id : $cur->post_id;
1715
1716	if ($cur->post_content_xhtml == '') {
1717	throw new Exception(__('No entry content'));
1718	}
1719
1720	# Words list
1721	if ($cur->post_title !== null && $cur->post_excerpt_xhtml !== null
1722	&& $cur->post_content_xhtml !== null)
1723	{
1724	$words =
1725	$cur->post_title.' '.
1726	$cur->post_excerpt_xhtml.' '.
1727	$cur->post_content_xhtml;
1728
1729	$cur->post_words = implode(' ',text::splitWords($words));
1730	}
1731	}
1732
1733	private function getPostContent($cur,$post_id)
1734	{
1735	$post_excerpt = $cur->post_excerpt;
1736	$post_excerpt_xhtml = $cur->post_excerpt_xhtml;
1737	$post_content = $cur->post_content;
1738	$post_content_xhtml = $cur->post_content_xhtml;
1739
1740	$this->setPostContent(
1741	$post_id,$cur->post_format,$cur->post_lang,
1742	$post_excerpt,$post_excerpt_xhtml,
1743	$post_content,$post_content_xhtml
1744	);
1745
1746	$cur->post_excerpt = $post_excerpt;
1747	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
1748	$cur->post_content = $post_content;
1749	$cur->post_content_xhtml = $post_content_xhtml;
1750	}
1751
1752	/**
1753	Creates post HTML content, taking format and lang into account.
1754
1755	@param post_id <b>integer</b> Post ID
1756	@param format <b>string</b> Post format
1757	@param lang <b>string</b> Post lang
1758	@param excerpt <b>string</b> Post excerpt
1759	@param[out] excerpt_xhtml <b>string</b> Post excerpt HTML
1760	@param content <b>string</b> Post content
1761	@param[out] content_xhtml <b>string</b> Post content HTML
1762	*/
1763	public function setPostContent($post_id,$format,$lang,&$excerpt,&$excerpt_xhtml,&$content,&$content_xhtml)
1764	{
1765	if ($format == 'wiki')
1766	{
1767	$this->core->initWikiPost();
1768	$this->core->wiki2xhtml->setOpt('note_prefix','pnote-'.$post_id);
1769	switch ($this->settings->system->note_title_tag) {
1770	case 1:
1771	$tag = 'h3';
1772	break;
1773	case 2:
1774	$tag = 'p';
1775	break;
1776	default:
1777	$tag = 'h4';
1778	break;
1779	}
1780	$this->core->wiki2xhtml->setOpt('note_str','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1781	__('Notes').'</'.$tag.'>%s</div>');
1782	$this->core->wiki2xhtml->setOpt('note_str_single','<div class="footnotes"><'.$tag.' class="footnotes-title">'.
1783	__('Note').'</'.$tag.'>%s</div>');
1784	if (strpos($lang,'fr') === 0) {
1785	$this->core->wiki2xhtml->setOpt('active_fr_syntax',1);
1786	}
1787	}
1788
1789	if ($excerpt) {
1790	$excerpt_xhtml = $this->core->callFormater($format,$excerpt);
1791	$excerpt_xhtml = $this->core->HTMLfilter($excerpt_xhtml);
1792	} else {
1793	$excerpt_xhtml = '';
1794	}
1795
1796	if ($content) {
1797	$content_xhtml = $this->core->callFormater($format,$content);
1798	$content_xhtml = $this->core->HTMLfilter($content_xhtml);
1799	} else {
1800	$content_xhtml = '';
1801	}
1802
1803	# --BEHAVIOR-- coreAfterPostContentFormat
1804	$this->core->callBehavior('coreAfterPostContentFormat',array(
1805	'excerpt' => &$excerpt,
1806	'content' => &$content,
1807	'excerpt_xhtml' => &$excerpt_xhtml,
1808	'content_xhtml' => &$content_xhtml
1809	));
1810	}
1811
1812	/**
1813	Returns URL for a post according to blog setting <var>post_url_format</var>.
1814	It will try to guess URL and append some figures if needed.
1815
1816	@param url <b>string</b> Origin URL, could be empty
1817	@param post_dt <b>string</b> Post date (in YYYY-MM-DD HH:mm:ss)
1818	@param post_title <b>string</b> Post title
1819	@param post_id <b>integer</b> Post ID
1820	@return <b>string</b> result URL
1821	*/
1822	public function getPostURL($url,$post_dt,$post_title,$post_id)
1823	{
1824	$url = trim($url);
1825
1826	$url_patterns = array(
1827	'{y}' => date('Y',strtotime($post_dt)),
1828	'{m}' => date('m',strtotime($post_dt)),
1829	'{d}' => date('d',strtotime($post_dt)),
1830	'{t}' => text::tidyURL($post_title),
1831	'{id}' => (integer) $post_id
1832	);
1833
1834	# If URL is empty, we create a new one
1835	if ($url == '')
1836	{
1837	# Transform with format
1838	$url = str_replace(
1839	array_keys($url_patterns),
1840	array_values($url_patterns),
1841	$this->settings->system->post_url_format
1842	);
1843	}
1844	else
1845	{
1846	$url = text::tidyURL($url);
1847	}
1848
1849	# Let's check if URL is taken...
1850	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1851	"WHERE post_url = '".$this->con->escape($url)."' ".
1852	'AND post_id <> '.(integer) $post_id. ' '.
1853	"AND blog_id = '".$this->con->escape($this->id)."' ".
1854	'ORDER BY post_url DESC';
1855
1856	$rs = $this->con->select($strReq);
1857
1858	if (!$rs->isEmpty())
1859	{
1860	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
1861	$clause = "REGEXP '^".$this->con->escape($url)."[0-9]+$'";
1862	} elseif ($this->con->driver() == 'pgsql') {
1863	$clause = "~ '^".$this->con->escape($url)."[0-9]+$'";
1864	} else {
1865	$clause = "LIKE '".$this->con->escape($url)."%'";
1866	}
1867	$strReq = 'SELECT post_url FROM '.$this->prefix.'post '.
1868	"WHERE post_url ".$clause.' '.
1869	'AND post_id <> '.(integer) $post_id.' '.
1870	"AND blog_id = '".$this->con->escape($this->id)."' ".
1871	'ORDER BY post_url DESC ';
1872
1873	$rs = $this->con->select($strReq);
1874	$a = array();
1875	while ($rs->fetch()) {
1876	$a[] = $rs->post_url;
1877	}
1878
1879	natsort($a);
1880	$t_url = end($a);
1881
1882	if (preg_match('/(.*?)([0-9]+)$/',$t_url,$m)) {
1883	$i = (integer) $m[2];
1884	$url = $m[1];
1885	} else {
1886	$i = 1;
1887	}
1888
1889	return $url.($i+1);
1890	}
1891
1892	# URL is empty?
1893	if ($url == '') {
1894	throw new Exception(__('Empty entry URL'));
1895	}
1896
1897	return $url;
1898	}
1899	//@}
1900
1901	/// @name Comments management methods
1902	//@{
1903	/**
1904	Retrieves comments. <b>$params</b> is an array taking the following
1905	optionnal parameters:
1906
1907	- no_content: Don't retrieve comment content
1908	- post_type: Get only entries with given type (default no type, array for many types)
1909	- post_id: (integer) Get comments belonging to given post_id
1910	- cat_id: (integer or array) Get comments belonging to entries of given category ID
1911	- comment_id: (integer) Get comment with given ID
1912	- comment_site: (string) Get comments with given comment_site
1913	- comment_status: (integer) Get comments with given comment_status
1914	- comment_trackback: (integer) Get only comments (0) or trackbacks (1)
1915	- comment_ip: (string) Get comments with given IP address
1916	- post_url: Get entry with given post_url field
1917	- user_id: (integer) Get entries belonging to given user ID
1918	- q_author: Search comments by author
1919	- sql: Append SQL string at the end of the query
1920	- from: Append SQL string after "FROM" statement in query
1921	- order: Order of results (default "ORDER BY comment_dt DES")
1922	- limit: Limit parameter
1923	- sql_only : return the sql request instead of results. Only ids are selected
1924
1925	@param params <b>array</b> Parameters
1926	@param count_only <b>boolean</b> Only counts results
1927	@return <b>record</b> A record with some more capabilities
1928	*/
1929	public function getComments($params=array(),$count_only=false)
1930	{
1931	if ($count_only)
1932	{
1933	$strReq = 'SELECT count(comment_id) ';
1934	}
1935	elseif (!empty($params['sql_only']))
1936	{
1937	$strReq = 'SELECT P.post_id ';
1938	}
1939	else
1940	{
1941	if (!empty($params['no_content'])) {
1942	$content_req = '';
1943	} else {
1944	$content_req = 'comment_content, ';
1945	}
1946
1947	if (!empty($params['columns']) && is_array($params['columns'])) {
1948	$content_req .= implode(', ',$params['columns']).', ';
1949	}
1950
1951	$strReq =
1952	'SELECT C.comment_id, comment_dt, comment_tz, comment_upddt, '.
1953	'comment_author, comment_email, comment_site, '.
1954	$content_req.' comment_trackback, comment_status, '.
1955	'comment_spam_status, comment_spam_filter, comment_ip, '.
1956	'P.post_title, P.post_url, P.post_id, P.post_password, P.post_type, '.
1957	'P.post_dt, P.user_id, U.user_email, U.user_url ';
1958	}
1959
1960	$strReq .=
1961	'FROM '.$this->prefix.'comment C '.
1962	'INNER JOIN '.$this->prefix.'post P ON C.post_id = P.post_id '.
1963	'INNER JOIN '.$this->prefix.'user U ON P.user_id = U.user_id ';
1964
1965	if (!empty($params['from'])) {
1966	$strReq .= $params['from'].' ';
1967	}
1968
1969	$strReq .=
1970	"WHERE P.blog_id = '".$this->con->escape($this->id)."' ";
1971
1972	if (!$this->core->auth->check('contentadmin',$this->id)) {
1973	$strReq .= 'AND ((comment_status = 1 AND P.post_status = 1 ';
1974
1975	if ($this->without_password) {
1976	$strReq .= 'AND post_password IS NULL ';
1977	}
1978	$strReq .= ') ';
1979
1980	if ($this->core->auth->userID()) {
1981	$strReq .= "OR P.user_id = '".$this->con->escape($this->core->auth->userID())."')";
1982	} else {
1983	$strReq .= ') ';
1984	}
1985	}
1986
1987	if (!empty($params['post_type']))
1988	{
1989	$strReq .= 'AND post_type '.$this->con->in($params['post_type']);
1990	}
1991
1992	if (isset($params['post_id']) && $params['post_id'] !== '') {
1993	$strReq .= 'AND P.post_id = '.(integer) $params['post_id'].' ';
1994	}
1995
1996	if (isset($params['cat_id']) && $params['cat_id'] !== '') {
1997	$strReq .= 'AND P.cat_id = '.(integer) $params['cat_id'].' ';
1998	}
1999
2000	if (isset($params['comment_id']) && $params['comment_id'] !== '') {
2001	$strReq .= 'AND comment_id = '.(integer) $params['comment_id'].' ';
2002	}
2003
2004	if (isset($params['comment_site'])) {
2005	$comment_site = $this->con->escape(str_replace('*','%',$params['comment_site']));
2006	$strReq .= "AND comment_site LIKE '".$comment_site."' ";
2007	}
2008
2009	if (isset($params['comment_status'])) {
2010	$strReq .= 'AND comment_status = '.(integer) $params['comment_status'].' ';
2011	}
2012
2013	if (!empty($params['comment_status_not']))
2014	{
2015	$strReq .= 'AND comment_status <> '.(integer) $params['comment_status_not'].' ';
2016	}
2017
2018	if (isset($params['comment_trackback'])) {
2019	$strReq .= 'AND comment_trackback = '.(integer) (boolean) $params['comment_trackback'].' ';
2020	}
2021
2022	if (isset($params['comment_ip'])) {
2023	$comment_ip = $this->con->escape(str_replace('*','%',$params['comment_ip']));
2024	$strReq .= "AND comment_ip LIKE '".$comment_ip."' ";
2025	}
2026
2027	if (isset($params['q_author'])) {
2028	$q_author = $this->con->escape(str_replace('*','%',strtolower($params['q_author'])));
2029	$strReq .= "AND LOWER(comment_author) LIKE '".$q_author."' ";
2030	}
2031
2032	if (!empty($params['search']))
2033	{
2034	$words = text::splitWords($params['search']);
2035
2036	if (!empty($words))
2037	{
2038	# --BEHAVIOR coreCommentSearch
2039	if ($this->core->hasBehavior('coreCommentSearch')) {
2040	$this->core->callBehavior('coreCommentSearch',$this->core,array(&$words,&$strReq,&$params));
2041	}
2042
2043	if ($words)
2044	{
2045	foreach ($words as $i => $w) {
2046	$words[$i] = "comment_words LIKE '%".$this->con->escape($w)."%'";
2047	}
2048	$strReq .= 'AND '.implode(' AND ',$words).' ';
2049	}
2050	}
2051	}
2052
2053	if (!empty($params['sql'])) {
2054	$strReq .= $params['sql'].' ';
2055	}
2056
2057	if (!$count_only)
2058	{
2059	if (!empty($params['order'])) {
2060	$strReq .= 'ORDER BY '.$this->con->escape($params['order']).' ';
2061	} else {
2062	$strReq .= 'ORDER BY comment_dt DESC ';
2063	}
2064	}
2065
2066	if (!$count_only && !empty($params['limit'])) {
2067	$strReq .= $this->con->limit($params['limit']);
2068	}
2069
2070	if (!empty($params['sql_only'])) {
2071	return $strReq;
2072	}
2073
2074	$rs = $this->con->select($strReq);
2075	$rs->core = $this->core;
2076	$rs->extend('rsExtComment');
2077
2078	# --BEHAVIOR-- coreBlogGetComments
2079	$this->core->callBehavior('coreBlogGetComments',$rs);
2080
2081	return $rs;
2082	}
2083
2084	/**
2085	Creates a new comment. Takes a cursor as input and returns the new comment
2086	ID.
2087
2088	@param cur <b>cursor</b> Comment cursor
2089	@return <b>integer</b> New comment ID
2090	*/
2091	public function addComment($cur)
2092	{
2093	$this->con->writeLock($this->prefix.'comment');
2094	try
2095	{
2096	# Get ID
2097	$rs = $this->con->select(
2098	'SELECT MAX(comment_id) '.
2099	'FROM '.$this->prefix.'comment '
2100	);
2101
2102	$cur->comment_id = (integer) $rs->f(0) + 1;
2103	$cur->comment_upddt = date('Y-m-d H:i:s');
2104
2105	$offset = dt::getTimeOffset($this->settings->system->blog_timezone);
2106	$cur->comment_dt = date('Y-m-d H:i:s',time() + $offset);
2107	$cur->comment_tz = $this->settings->system->blog_timezone;
2108
2109	$this->getCommentCursor($cur);
2110
2111	if ($cur->comment_ip === null) {
2112	$cur->comment_ip = http::realIP();
2113	}
2114
2115	# --BEHAVIOR-- coreBeforeCommentCreate
2116	$this->core->callBehavior('coreBeforeCommentCreate',$this,$cur);
2117
2118	$cur->insert();
2119	$this->con->unlock();
2120	}
2121	catch (Exception $e)
2122	{
2123	$this->con->unlock();
2124	throw $e;
2125	}
2126
2127	# --BEHAVIOR-- coreAfterCommentCreate
2128	$this->core->callBehavior('coreAfterCommentCreate',$this,$cur);
2129
2130	$this->triggerComment($cur->comment_id);
2131	if ($cur->comment_status != -2) {
2132	$this->triggerBlog();
2133	}
2134	return $cur->comment_id;
2135	}
2136
2137	/**
2138	Updates an existing comment.
2139
2140	@param id <b>integer</b> Comment ID
2141	@param cur <b>cursor</b> Comment cursor
2142	*/
2143	public function updComment($id,$cur)
2144	{
2145	if (!$this->core->auth->check('usage,contentadmin',$this->id)) {
2146	throw new Exception(__('You are not allowed to update comments'));
2147	}
2148
2149	$id = (integer) $id;
2150
2151	if (empty($id)) {
2152	throw new Exception(__('No such comment ID'));
2153	}
2154
2155	$rs = $this->getComments(array('comment_id' => $id));
2156
2157	if ($rs->isEmpty()) {
2158	throw new Exception(__('No such comment ID'));
2159	}
2160
2161	#If user is only usage, we need to check the post's owner
2162	if (!$this->core->auth->check('contentadmin',$this->id))
2163	{
2164	if ($rs->user_id != $this->core->auth->userID()) {
2165	throw new Exception(__('You are not allowed to update this comment'));
2166	}
2167	}
2168
2169	$this->getCommentCursor($cur);
2170
2171	$cur->comment_upddt = date('Y-m-d H:i:s');
2172
2173	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2174	$cur->unsetField('comment_status');
2175	}
2176
2177	# --BEHAVIOR-- coreBeforeCommentUpdate
2178	$this->core->callBehavior('coreBeforeCommentUpdate',$this,$cur,$rs);
2179
2180	$cur->update('WHERE comment_id = '.$id.' ');
2181
2182	# --BEHAVIOR-- coreAfterCommentUpdate
2183	$this->core->callBehavior('coreAfterCommentUpdate',$this,$cur,$rs);
2184
2185	$this->triggerComment($id);
2186	$this->triggerBlog();
2187	}
2188
2189	/**
2190	Updates comment status.
2191
2192	@param id <b>integer</b> Comment ID
2193	@param status <b>integer</b> Comment status
2194	*/
2195	public function updCommentStatus($id,$status)
2196	{
2197	$this->updCommentsStatus($id,$status);
2198	}
2199
2200	/**
2201	Updates comments status.
2202
2203	@param ids <b>mixed</b> Comment(s) ID(s)
2204	@param status <b>integer</b> Comment status
2205	*/
2206	public function updCommentsStatus($ids,$status)
2207	{
2208	if (!$this->core->auth->check('publish,contentadmin',$this->id)) {
2209	throw new Exception(__("You are not allowed to change this comment's status"));
2210	}
2211
2212	$co_ids = dcUtils::cleanIds($ids);
2213	$status = (integer) $status;
2214
2215	$strReq =
2216	'UPDATE '.$this->prefix.'comment tc ';
2217
2218	# mySQL uses "JOIN" synthax
2219	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
2220	$strReq .=
2221	'JOIN '.$this->prefix.'post tp ON tc.post_id = tp.post_id ';
2222	}
2223
2224	$strReq .=
2225	'SET comment_status = '.$status.' ';
2226
2227	# pgSQL uses "FROM" synthax
2228	if ($this->con->driver() != 'mysql' && $this->con->driver() != 'mysqli') {
2229	$strReq .=
2230	'FROM '.$this->prefix.'post tp ';
2231	}
2232
2233	$strReq .=
2234	"WHERE blog_id = '".$this->con->escape($this->id)."' ".
2235	'AND comment_id'.$this->con->in($co_ids);
2236
2237	# add pgSQL "WHERE" clause
2238	if ($this->con->driver() != 'mysql' && $this->con->driver() != 'mysqli') {
2239	$strReq .=
2240	'AND tc.post_id = tp.post_id ';
2241	}
2242
2243	#If user is only usage, we need to check the post's owner
2244	if (!$this->core->auth->check('contentadmin',$this->id))
2245	{
2246	$strReq .=
2247	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2248	}
2249
2250	$this->con->execute($strReq);
2251	$this->triggerComments($co_ids);
2252	$this->triggerBlog();
2253	}
2254
2255	/**
2256	Delete a comment
2257
2258	@param id <b>integer</b> Comment ID
2259	*/
2260	public function delComment($id)
2261	{
2262	$this->delComments($id);
2263	}
2264
2265	/**
2266	Delete comments
2267
2268	@param ids <b>mixed</b> Comment(s) ID(s)
2269	*/
2270	public function delComments($ids)
2271	{
2272	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2273	throw new Exception(__('You are not allowed to delete comments'));
2274	}
2275
2276	$co_ids = dcUtils::cleanIds($ids);
2277
2278	if (empty($co_ids)) {
2279	throw new Exception(__('No such comment ID'));
2280	}
2281
2282	# Retrieve posts affected by comments edition
2283	$affected_posts = array();
2284	$strReq =
2285	'SELECT post_id '.
2286	'FROM '.$this->prefix.'comment '.
2287	'WHERE comment_id'.$this->con->in($co_ids).
2288	'GROUP BY post_id';
2289
2290	$rs = $this->con->select($strReq);
2291
2292	while ($rs->fetch()) {
2293	$affected_posts[] = (integer) $rs->post_id;
2294	}
2295
2296	# mySQL uses "INNER JOIN" synthax
2297	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
2298	$strReq =
2299	'DELETE FROM tc '.
2300	'USING '.$this->prefix.'comment tc '.
2301	'INNER JOIN '.$this->prefix.'post tp ';
2302	}
2303	# pgSQL uses nothing special
2304	else {
2305	$strReq =
2306	'DELETE FROM '.$this->prefix.'comment tc '.
2307	'USING '.$this->prefix.'post tp ';
2308	}
2309
2310	$strReq .=
2311	'WHERE tc.post_id = tp.post_id '.
2312	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2313	'AND comment_id'.$this->con->in($co_ids);
2314
2315	#If user can only delete, we need to check the post's owner
2316	if (!$this->core->auth->check('contentadmin',$this->id))
2317	{
2318	$strReq .=
2319	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2320	}
2321
2322	$this->con->execute($strReq);
2323	$this->triggerComments($co_ids, true, $affected_posts);
2324	$this->triggerBlog();
2325	}
2326
2327	public function delJunkComments()
2328	{
2329	if (!$this->core->auth->check('delete,contentadmin',$this->id)) {
2330	throw new Exception(__('You are not allowed to delete comments'));
2331	}
2332
2333	# mySQL uses "INNER JOIN" synthax
2334	if ($this->con->driver() == 'mysql' \|\| $this->con->driver() == 'mysqli') {
2335	$strReq =
2336	'DELETE FROM tc '.
2337	'USING '.$this->prefix.'comment tc '.
2338	'INNER JOIN '.$this->prefix.'post tp ';
2339	}
2340	# pgSQL uses nothing special
2341	else {
2342	$strReq =
2343	'DELETE FROM '.$this->prefix.'comment tc '.
2344	'USING '.$this->prefix.'post tp ';
2345	}
2346
2347	$strReq .=
2348	'WHERE tc.post_id = tp.post_id '.
2349	"AND tp.blog_id = '".$this->con->escape($this->id)."' ".
2350	'AND comment_status = -2';
2351
2352	#If user can only delete, we need to check the post's owner
2353	if (!$this->core->auth->check('contentadmin',$this->id))
2354	{
2355	$strReq .=
2356	"AND user_id = '".$this->con->escape($this->core->auth->userID())."' ";
2357	}
2358
2359	$this->con->execute($strReq);
2360	$this->triggerBlog();
2361	}
2362
2363	private function getCommentCursor($cur)
2364	{
2365	if ($cur->comment_content !== null && $cur->comment_content == '') {
2366	throw new Exception(__('You must provide a comment'));
2367	}
2368
2369	if ($cur->comment_author !== null && $cur->comment_author == '') {
2370	throw new Exception(__('You must provide an author name'));
2371	}
2372
2373	if ($cur->comment_email != '' && !text::isEmail($cur->comment_email)) {
2374	throw new Exception(__('Email address is not valid.'));
2375	}
2376
2377	if ($cur->comment_site !== null && $cur->comment_site != '') {
2378	if (!preg_match('\|^http(s?)://\|i',$cur->comment_site, $matches)) {
2379	$cur->comment_site = 'http://'.$cur->comment_site;
2380	}else{
2381	$cur->comment_site = strtolower($matches[0]).substr($cur->comment_site, strlen($matches[0]));
2382	}
2383	}
2384
2385	if ($cur->comment_status === null) {
2386	$cur->comment_status = (integer) $this->settings->system->comments_pub;
2387	}
2388
2389	# Words list
2390	if ($cur->comment_content !== null)
2391	{
2392	$cur->comment_words = implode(' ',text::splitWords($cur->comment_content));
2393	}
2394	}
2395	//@}
2396	}
2397	?>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: inc/core/class.dc.blog.php @ 2316:f8620977a163

Download in other formats:

Sites map