page.php @ 3627:9bccfc2257ad

Visit:

Revision 3627:9bccfc2257ad, 23.0 KB checked in by franck <carnet.franck.paul@…>, 8 years ago (diff)

Use PHP 5.5+ new password functions, closes #2182

Warnings:

$core->auth->crypt($pwd) doesn't return twice the same result for a single $pwd, so if you need this old behaviour use the $core->auth->cryptLegacy($pwd) instead.
$core->auth->checkPassword($pwd) must be used with an uncrypted password string as argument.
if you need a unique UID/key, use http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->cryptLegacy($core->auth->userID())). (may be refined in future)

Line
1	<?php
2	# -- BEGIN LICENSE BLOCK ---------------------------------------
3	#
4	# This file is part of Dotclear 2.
5	#
6	# Copyright (c) 2003-2013 Olivier Meunier & Association Dotclear
7	# Licensed under the GPL version 2.0 license.
8	# See LICENSE file or
9	# http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
10	#
11	# -- END LICENSE BLOCK -----------------------------------------
12	if (!defined('DC_CONTEXT_ADMIN')) { return; }
13	dcPage::check('pages,contentadmin');
14
15	$redir_url = $p_url.'&act=page';
16
17	$post_id = '';
18	$post_dt = '';
19	$post_format = $core->auth->getOption('post_format');
20	$post_editor = $core->auth->getOption('editor');
21	$post_password = '';
22	$post_url = '';
23	$post_lang = $core->auth->getInfo('user_lang');
24	$post_title = '';
25	$post_excerpt = '';
26	$post_excerpt_xhtml = '';
27	$post_content = '';
28	$post_content_xhtml = '';
29	$post_notes = '';
30	$post_status = $core->auth->getInfo('user_post_status');
31	$post_position = 0;
32	$post_open_comment = false;
33	$post_open_tb = false;
34	$post_selected = false;
35
36	$post_media = array();
37
38	$page_title = __('New page');
39
40	$can_view_page = true;
41	$can_edit_page = $core->auth->check('pages,usage',$core->blog->id);
42	$can_publish = $core->auth->check('pages,publish,contentadmin',$core->blog->id);
43	$can_delete = false;
44
45	$post_headlink = '<link rel="%s" title="%s" href="'.html::escapeURL($redir_url).'&id=%s" />';
46	$post_link = '<a href="'.html::escapeURL($redir_url).'&id=%s" title="%s">%s</a>';
47
48	$next_link = $prev_link = $next_headlink = $prev_headlink = null;
49
50	# If user can't publish
51	if (!$can_publish) {
52	$post_status = -2;
53	}
54
55	# Status combo
56	$status_combo = dcAdminCombos::getPostStatusesCombo();
57
58	$img_status_pattern = '<img class="img_select_option" alt="%1$s" title="%1$s" src="images/%2$s" />';
59
60	# Formaters combo
61	$core_formaters = $core->getFormaters();
62	$available_formats = array('' => '');
63	foreach ($core_formaters as $editor => $formats) {
64	foreach ($formats as $format) {
65	$available_formats[$format] = $format;
66	}
67	}
68
69	# Languages combo
70	$rs = $core->blog->getLangs(array('order'=>'asc'));
71	$lang_combo = dcAdminCombos::getLangsCombo($rs,true);
72
73	# Validation flag
74	$bad_dt = false;
75
76	# Get page informations
77	if (!empty($_REQUEST['id']))
78	{
79	$params['post_type'] = 'page';
80	$params['post_id'] = $_REQUEST['id'];
81
82	$post = $core->blog->getPosts($params);
83
84	if ($post->isEmpty())
85	{
86	$core->error->add(__('This page does not exist.'));
87	$can_view_page = false;
88	}
89	else
90	{
91	$post_id = $post->post_id;
92	$post_dt = date('Y-m-d H:i',strtotime($post->post_dt));
93	$post_format = $post->post_format;
94	$post_password = $post->post_password;
95	$post_url = $post->post_url;
96	$post_lang = $post->post_lang;
97	$post_title = $post->post_title;
98	$post_excerpt = $post->post_excerpt;
99	$post_excerpt_xhtml = $post->post_excerpt_xhtml;
100	$post_content = $post->post_content;
101	$post_content_xhtml = $post->post_content_xhtml;
102	$post_notes = $post->post_notes;
103	$post_status = $post->post_status;
104	$post_position = (integer) $post->post_position;
105	$post_open_comment = (boolean) $post->post_open_comment;
106	$post_open_tb = (boolean) $post->post_open_tb;
107	$post_selected = (boolean) $post->post_selected;
108
109	$page_title = __('Edit page');
110
111	$can_edit_page = $post->isEditable();
112	$can_delete= $post->isDeletable();
113
114	$next_rs = $core->blog->getNextPost($post,1);
115	$prev_rs = $core->blog->getNextPost($post,-1);
116
117	if ($next_rs !== null) {
118	$next_link = sprintf($post_link,$next_rs->post_id,
119	html::escapeHTML($next_rs->post_title),__('Next page').' »');
120	$next_headlink = sprintf($post_headlink,'next',
121	html::escapeHTML($next_rs->post_title),$next_rs->post_id);
122	}
123
124	if ($prev_rs !== null) {
125	$prev_link = sprintf($post_link,$prev_rs->post_id,
126	html::escapeHTML($prev_rs->post_title),'« '.__('Previous page'));
127	$prev_headlink = sprintf($post_headlink,'previous',
128	html::escapeHTML($prev_rs->post_title),$prev_rs->post_id);
129	}
130
131	try {
132	$core->media = new dcMedia($core);
133	$post_media = $core->media->getPostMedia($post_id);
134	} catch (Exception $e) {
135	$core->error->add($e->getMessage());
136	}
137	}
138	}
139
140	# Format content
141	if (!empty($_POST) && $can_edit_page)
142	{
143	$post_format = $_POST['post_format'];
144	$post_excerpt = $_POST['post_excerpt'];
145	$post_content = $_POST['post_content'];
146
147	$post_title = $_POST['post_title'];
148
149	if (isset($_POST['post_status'])) {
150	$post_status = (integer) $_POST['post_status'];
151	}
152
153	if (empty($_POST['post_dt'])) {
154	$post_dt = '';
155	} else {
156	try
157	{
158	$post_dt = strtotime($_POST['post_dt']);
159	if ($post_dt == false \|\| $post_dt == -1) {
160	$bad_dt = true;
161	throw new Exception(__('Invalid publication date'));
162	}
163	$post_dt = date('Y-m-d H:i',$post_dt);
164	}
165	catch (Exception $e)
166	{
167	$core->error->add($e->getMessage());
168	}
169	}
170
171	$post_open_comment = !empty($_POST['post_open_comment']);
172	$post_open_tb = !empty($_POST['post_open_tb']);
173	$post_selected = !empty($_POST['post_selected']);
174	$post_lang = $_POST['post_lang'];
175	$post_password = !empty($_POST['post_password']) ? $_POST['post_password'] : null;
176	$post_position = (integer) $_POST['post_position'];
177
178	$post_notes = $_POST['post_notes'];
179
180	if (isset($_POST['post_url'])) {
181	$post_url = $_POST['post_url'];
182	}
183
184	$core->blog->setPostContent(
185	$post_id,$post_format,$post_lang,
186	$post_excerpt,$post_excerpt_xhtml,$post_content,$post_content_xhtml
187	);
188	}
189
190	# Delete page
191	if (!empty($_POST['delete']) && $can_delete)
192	{
193	try {
194	# --BEHAVIOR-- adminBeforePageDelete
195	$core->callBehavior('adminBeforePageDelete',$post_id);
196	$core->blog->delPost($post_id);
197	http::redirect($p_url);
198	} catch (Exception $e) {
199	$core->error->add($e->getMessage());
200	}
201	}
202
203	# Create or update page
204	if (!empty($_POST) && !empty($_POST['save']) && $can_edit_page && !$bad_dt)
205	{
206	$cur = $core->con->openCursor($core->prefix.'post');
207
208	# Magic tweak :)
209	$core->blog->settings->system->post_url_format = $page_url_format;
210
211	$cur->post_type = 'page';
212	$cur->post_title = $post_title;
213	$cur->post_dt = $post_dt ? date('Y-m-d H:i:00',strtotime($post_dt)) : '';
214	$cur->post_format = $post_format;
215	$cur->post_password = $post_password;
216	$cur->post_lang = $post_lang;
217	$cur->post_title = $post_title;
218	$cur->post_excerpt = $post_excerpt;
219	$cur->post_excerpt_xhtml = $post_excerpt_xhtml;
220	$cur->post_content = $post_content;
221	$cur->post_content_xhtml = $post_content_xhtml;
222	$cur->post_notes = $post_notes;
223	$cur->post_status = $post_status;
224	$cur->post_position = $post_position;
225	$cur->post_open_comment = (integer) $post_open_comment;
226	$cur->post_open_tb = (integer) $post_open_tb;
227	$cur->post_selected = (integer) $post_selected;
228
229	if (isset($_POST['post_url'])) {
230	$cur->post_url = $post_url;
231	}
232
233	# Update post
234	if ($post_id)
235	{
236	try
237	{
238	# --BEHAVIOR-- adminBeforePageUpdate
239	$core->callBehavior('adminBeforePageUpdate',$cur,$post_id);
240
241	$core->blog->updPost($post_id,$cur);
242
243	# --BEHAVIOR-- adminAfterPageUpdate
244	$core->callBehavior('adminAfterPageUpdate',$cur,$post_id);
245
246	http::redirect($redir_url.'&id='.$post_id.'&upd=1');
247	}
248	catch (Exception $e)
249	{
250	$core->error->add($e->getMessage());
251	}
252	}
253	else
254	{
255	$cur->user_id = $core->auth->userID();
256
257	try
258	{
259	# --BEHAVIOR-- adminBeforePageCreate
260	$core->callBehavior('adminBeforePageCreate',$cur);
261
262	$return_id = $core->blog->addPost($cur);
263
264	# --BEHAVIOR-- adminAfterPageCreate
265	$core->callBehavior('adminAfterPageCreate',$cur,$return_id);
266
267	http::redirect($redir_url.'&id='.$return_id.'&crea=1');
268	}
269	catch (Exception $e)
270	{
271	$core->error->add($e->getMessage());
272	}
273	}
274	}
275
276	/* DISPLAY
277	-------------------------------------------------------- */
278	$default_tab = 'edit-entry';
279	if (!$can_edit_page) {
280	$default_tab = '';
281	}
282	if (!empty($_GET['co'])) {
283	$default_tab = 'comments';
284	}
285
286	$admin_post_behavior = '';
287	if ($post_editor) {
288	$p_edit = $c_edit = '';
289	if (!empty($post_editor[$post_format])) {
290	$p_edit = $post_editor[$post_format];
291	}
292	if (!empty($post_editor['xhtml'])) {
293	$c_edit = $post_editor['xhtml'];
294	}
295	if ($p_edit == $c_edit) {
296	$admin_post_behavior .= $core->callBehavior('adminPostEditor',
297	$p_edit,'page',array('#post_excerpt','#post_content','#comment_content'),$post_format);
298	} else {
299	$admin_post_behavior .= $core->callBehavior('adminPostEditor',
300	$p_edit,'page',array('#post_excerpt','#post_content'),$post_format);
301	$admin_post_behavior .= $core->callBehavior('adminPostEditor',
302	$c_edit,'comment',array('#comment_content'),'xhtml');
303	}
304	}
305
306	?>
307	<html>
308	<head>
309	<title><?php echo $page_title.' - '.__('Pages'); ?></title>
310	<script type="text/javascript">
311	<?php echo dcPage::jsVar('dotclear.msg.confirm_delete_post',__("Are you sure you want to delete this page?")); ?>
312	</script>
313	<?php echo
314	dcPage::jsDatePicker().
315	dcPage::jsModal().
316	dcPage::jsLoad('js/_post.js').
317	$admin_post_behavior.
318	dcPage::jsConfirmClose('entry-form','comment-form').
319	# --BEHAVIOR-- adminPageHeaders
320	$core->callBehavior('adminPageHeaders').
321	dcPage::jsPageTabs($default_tab).
322	$next_headlink."\n".$prev_headlink;
323	?>
324	</head>
325
326	<body>
327
328	<?php
329
330	if ($post_id) {
331	switch ($post_status) {
332	case 1:
333	$img_status = sprintf($img_status_pattern,__('Published'),'check-on.png');
334	break;
335	case 0:
336	$img_status = sprintf($img_status_pattern,__('Unpublished'),'check-off.png');
337	break;
338	case -1:
339	$img_status = sprintf($img_status_pattern,__('Scheduled'),'scheduled.png');
340	break;
341	case -2:
342	$img_status = sprintf($img_status_pattern,__('Pending'),'check-wrn.png');
343	break;
344	default:
345	$img_status = '';
346	}
347	$edit_entry_title = '“'.html::escapeHTML($post_title).'”'.' '.$img_status;
348	} else {
349	$edit_entry_title = $page_title;
350	}
351	echo dcPage::breadcrumb(
352	array(
353	html::escapeHTML($core->blog->name) => '',
354	__('Pages') => $p_url,
355	$edit_entry_title => ''
356	));
357
358	if (!empty($_GET['upd'])) {
359	dcPage::success(__('Page has been successfully updated.'));
360	}
361	elseif (!empty($_GET['crea'])) {
362	dcPage::success(__('Page has been successfully created.'));
363	}
364	elseif (!empty($_GET['attached'])) {
365	dcPage::success(__('File has been successfully attached.'));
366	}
367	elseif (!empty($_GET['rmattach'])) {
368	dcPage::success(__('Attachment has been successfully removed.'));
369	}
370
371	# XHTML conversion
372	if (!empty($_GET['xconv']))
373	{
374	$post_excerpt = $post_excerpt_xhtml;
375	$post_content = $post_content_xhtml;
376	$post_format = 'xhtml';
377
378	dcPage::message(__('Don\'t forget to validate your XHTML conversion by saving your post.'));
379	}
380
381	if ($post_id && $post->post_status == 1) {
382	echo '<p><a class="onblog_link outgoing" href="'.$post->getURL().'" title="'.html::escapeHTML($post_title).'">'.__('Go to this page on the site').' <img src="images/outgoing-blue.png" alt="" /></a></p>';
383	}
384
385	echo '';
386
387	if ($post_id)
388	{
389	echo '<p class="nav_prevnext">';
390	if ($prev_link) { echo $prev_link; }
391	if ($next_link && $prev_link) { echo ' \| '; }
392	if ($next_link) { echo $next_link; }
393
394	# --BEHAVIOR-- adminPageNavLinks
395	$core->callBehavior('adminPageNavLinks',isset($post) ? $post : null);
396
397	echo '</p>';
398	}
399
400	# Exit if we cannot view page
401	if (!$can_view_page) {
402	echo '</body></html>';
403	return;
404	}
405
406
407	/* Post form if we can edit page
408	-------------------------------------------------------- */
409	if ($can_edit_page)
410	{
411	$sidebar_items = new ArrayObject(array(
412	'status-box' => array(
413	'title' => __('Status'),
414	'items' => array(
415	'post_status' =>
416	'<p><label for="post_status">'.__('Page status').'</label> '.
417	form::combo('post_status',$status_combo,$post_status,'','',!$can_publish).
418	'</p>',
419	'post_dt' =>
420	'<p><label for="post_dt">'.__('Publication date and hour').'</label>'.
421	form::field('post_dt',16,16,$post_dt,($bad_dt ? 'invalid' : '')).
422	'</p>',
423	'post_lang' =>
424	'<p><label for="post_lang">'.__('Page language').'</label>'.
425	form::combo('post_lang',$lang_combo,$post_lang).
426	'</p>',
427	'post_format' =>
428	'<div>'.
429	'<h5 id="label_format"><label for="post_format" class="classic">'.__('Text formatting').'</label></h5>'.
430	'<p>'.form::combo('post_format',$available_formats,$post_format,'maximal').'</p>'.
431	'<p class="format_control control_wiki">'.
432	'<a id="convert-xhtml" class="button'.($post_id && $post_format != 'wiki' ? ' hide' : '').
433	'" href="'.html::escapeURL($redir_url).'&id='.$post_id.'&xconv=1">'.
434	__('Convert to XHTML').'</a></p></div>')),
435	'metas-box' => array(
436	'title' => __('Filing'),
437	'items' => array(
438	'post_position' =>
439	'<p><label for="post_position" class="classic">'.__('Page position').'</label> '.
440	form::field('post_position',3,3,(string) $post_position).
441	'</p>')),
442	'options-box' => array(
443	'title' => __('Options'),
444	'items' => array(
445	'post_open_comment_tb' =>
446	'<div>'.
447	'<h5 id="label_comment_tb">'.__('Comments and trackbacks list').'</h5>'.
448	'<p><label for="post_open_comment" class="classic">'.
449	form::checkbox('post_open_comment',1,$post_open_comment).' '.
450	__('Accept comments').'</label></p>'.
451	($core->blog->settings->system->allow_comments ?
452	(isContributionAllowed($post_id,strtotime($post_dt),true) ?
453	'' :
454	'<p class="form-note warn">'.
455	__('Warning: Comments are not more accepted for this entry.').'</p>') :
456	'<p class="form-note warn">'.
457	__('Comments are not accepted on this blog so far.').'</p>').
458	'<p><label for="post_open_tb" class="classic">'.
459	form::checkbox('post_open_tb',1,$post_open_tb).' '.
460	__('Accept trackbacks').'</label></p>'.
461	($core->blog->settings->system->allow_trackbacks ?
462	(isContributionAllowed($post_id,strtotime($post_dt),false) ?
463	'' :
464	'<p class="form-note warn">'.
465	__('Warning: Trackbacks are not more accepted for this entry.').'</p>') :
466	'<p class="form-note warn">'.__('Trackbacks are not accepted on this blog so far.').'</p>').
467	'</div>',
468	'post_hide' =>
469	'<p><label for="post_selected" class="classic">'.form::checkbox('post_selected',1,$post_selected).' '.
470	__('Hide in widget Pages').'</label>'.
471	'</p>',
472	'post_password' =>
473	'<p><label for="post_password">'.__('Password').'</label>'.
474	form::field('post_password',10,32,html::escapeHTML($post_password),'maximal').
475	'</p>',
476	'post_url' =>
477	'<div class="lockable">'.
478	'<p><label for="post_url">'.__('Edit basename').'</label>'.
479	form::field('post_url',10,255,html::escapeHTML($post_url),'maximal').
480	'</p>'.
481	'<p class="form-note warn">'.
482	__('Warning: If you set the URL manually, it may conflict with another page.').
483	'</p></div>'
484	))));
485	$main_items = new ArrayObject(array(
486	"post_title" =>
487	'<p class="col">'.
488	'<label class="required no-margin bold" for="post_title"><abbr title="'.__('Required field').'">*</abbr> '.__('Title:').'</label>'.
489	form::field('post_title',20,255,html::escapeHTML($post_title),'maximal').
490	'</p>',
491
492	"post_excerpt" =>
493	'<p class="area" id="excerpt-area"><label for="post_excerpt" class="bold">'.__('Excerpt:').' <span class="form-note">'.
494	__('Introduction to the page.').'</span></label> '.
495	form::textarea('post_excerpt',50,5,html::escapeHTML($post_excerpt)).
496	'</p>',
497
498	"post_content" =>
499	'<p class="area" id="content-area"><label class="required bold" '.
500	'for="post_content"><abbr title="'.__('Required field').'">*</abbr> '.__('Content:').'</label> '.
501	form::textarea('post_content',50,$core->auth->getOption('edit_size'),html::escapeHTML($post_content)).
502	'</p>',
503
504	"post_notes" =>
505	'<p class="area" id="notes-area"><label for="post_notes" class="bold">'.__('Personal notes:').' <span class="form-note">'.
506	__('Unpublished notes.').'</span></label>'.
507	form::textarea('post_notes',50,5,html::escapeHTML($post_notes)).
508	'</p>'
509	)
510	);
511
512	# --BEHAVIOR-- adminPostFormItems
513	$core->callBehavior('adminPageFormItems',$main_items,$sidebar_items, isset($post) ? $post : null);
514
515	echo '<div class="multi-part" title="'.($post_id ? __('Edit page') : __('New page')).
516	sprintf(' &rsaquo; %s',$post_format).'" id="edit-entry">';
517	echo '<form action="'.html::escapeURL($redir_url).'" method="post" id="entry-form">';
518
519	echo '<div id="entry-wrapper">';
520	echo '<div id="entry-content"><div class="constrained">';
521	echo '<h3 class="out-of-screen-if-js">'.__('Edit page').'</h3>';
522
523
524	foreach ($main_items as $id => $item) {
525	echo $item;
526	}
527
528	# --BEHAVIOR-- adminPageForm
529	$core->callBehavior('adminPageForm',isset($post) ? $post : null);
530
531	echo
532	'<p class="border-top">'.
533	($post_id ? form::hidden('id',$post_id) : '').
534	'<input type="submit" value="'.__('Save').' (s)" '.
535	'accesskey="s" name="save" /> ';
536
537	if ($post_id) {
538	$preview_url = $core->blog->url.
539	$core->url->getURLFor('pagespreview',
540	$core->auth->userID().'/'.
541	http::browserUID(DC_MASTER_KEY.$core->auth->userID().$core->auth->cryptLegacy($core->auth->userID())).
542	'/'.$post->post_url);
543	echo '<a id="post-preview" href="'.$preview_url.'" class="button" accesskey="p">'.__('Preview').' (p)'.'</a>';
544	} else {
545	echo
546	'<a id="post-cancel" href="'.$core->adminurl->get('admin.home').'" class="button" accesskey="c">'.__('Cancel').' (c)</a>';
547	}
548
549	echo
550	($can_delete ? ' <input type="submit" class="delete" value="'.__('Delete').'" name="delete" />' : '').
551	$core->formNonce().
552	'</p>';
553
554	echo '</div></div>'; // End #entry-content
555	echo '</div>'; // End #entry-wrapper
556
557	echo '<div id="entry-sidebar" role="complementary">';
558
559	foreach ($sidebar_items as $id => $c) {
560	echo '<div id="'.$id.'" class="sb-box">'.
561	'<h4>'.$c['title'].'</h4>';
562	foreach ($c['items'] as $e_name=>$e_content) {
563	echo $e_content;
564	}
565	echo '</div>';
566	}
567
568	# --BEHAVIOR-- adminPageFormSidebar
569	$core->callBehavior('adminPageFormSidebar',isset($post) ? $post : null);
570
571	echo '</div>'; // End #entry-sidebar
572
573	echo '</form>';
574
575	# --BEHAVIOR-- adminPostForm
576	$core->callBehavior('adminPageAfterForm',isset($post) ? $post : null);
577
578	echo '</div>'; // End
579
580	if ($post_id && !empty($post_media))
581	{
582	echo
583	'<form action="'.$core->adminurl->get('admin.post.media').'" id="attachment-remove-hide" method="post">'.
584	'<div>'.form::hidden(array('post_id'),$post_id).
585	form::hidden(array('media_id'),'').
586	form::hidden(array('remove'),1).
587	$core->formNonce().'</div></form>';
588	}
589	}
590
591
592	/* Comments and trackbacks
593	-------------------------------------------------------- */
594	if ($post_id)
595	{
596	$params = array('post_id' => $post_id, 'order' => 'comment_dt ASC');
597
598	$comments = $core->blog->getComments(array_merge($params,array('comment_trackback'=>0)));
599	$trackbacks = $core->blog->getComments(array_merge($params,array('comment_trackback'=>1)));
600
601	# Actions combo box
602	$combo_action = array();
603	if ($can_edit_page && $core->auth->check('publish,contentadmin',$core->blog->id))
604	{
605	$combo_action[__('Publish')] = 'publish';
606	$combo_action[__('Unpublish')] = 'unpublish';
607	$combo_action[__('Mark as pending')] = 'pending';
608	$combo_action[__('Mark as junk')] = 'junk';
609	}
610
611	if ($can_edit_page && $core->auth->check('delete,contentadmin',$core->blog->id))
612	{
613	$combo_action[__('Delete')] = 'delete';
614	}
615
616	$has_action = !empty($combo_action) && (!$trackbacks->isEmpty() \|\| !$comments->isEmpty());
617
618	echo
619	'<div id="comments" class="multi-part" title="'.__('Comments').'">';
620
621	echo
622	'<p class="top-add"><a class="button add" href="#comment-form">'.__('Add a comment').'</a></p>';
623
624	if ($has_action) {
625	echo '<form action="comments_actions.php" method="post">';
626	}
627
628	echo '<h3>'.__('Trackbacks').'</h3>';
629
630	if (!$trackbacks->isEmpty()) {
631	showComments($trackbacks,$has_action);
632	} else {
633	echo '<p>'.__('No trackback').'</p>';
634	}
635
636	echo '<h3>'.__('Comments').'</h3>';
637	if (!$comments->isEmpty()) {
638	showComments($comments,$has_action);
639	} else {
640	echo '<p>'.__('No comments').'</p>';
641	}
642
643	if ($has_action) {
644	echo
645	'<div class="two-cols">'.
646	'<p class="col checkboxes-helpers"></p>'.
647
648	'<p class="col right"><label for="action" class="classic">'.__('Selected comments action:').'</label> '.
649	form::combo('action',$combo_action).
650	form::hidden('redir',html::escapeURL($redir_url).'&id='.$post_id.'&co=1').
651	$core->formNonce().
652	'<input type="submit" value="'.__('ok').'" /></p>'.
653	'</div>'.
654	'</form>';
655	}
656	/* Add a comment
657	-------------------------------------------------------- */
658
659	echo
660	'<div class="fieldset clear">'.
661	'<h3>'.__('Add a comment').'</h3>'.
662
663	'<form action="'.$core->adminurl->get('admin.comment').'" method="post" id="comment-form">'.
664	'<div class="constrained">'.
665	'<p><label for="comment_author" class="required"><abbr title="'.__('Required field').'">*</abbr> '.__('Name:').'</label>'.
666	form::field('comment_author',30,255,html::escapeHTML($core->auth->getInfo('user_cn'))).
667	'</p>'.
668
669	'<p><label for="comment_email">'.__('Email:').'</label>'.
670	form::field('comment_email',30,255,html::escapeHTML($core->auth->getInfo('user_email'))).
671	'</p>'.
672
673	'<p><label for="comment_site">'.__('Web site:').'</label>'.
674	form::field('comment_site',30,255,html::escapeHTML($core->auth->getInfo('user_url'))).
675	'</p>'.
676
677	'<p class="area"><label for="comment_content" class="required"><abbr title="'.__('Required field').'">*</abbr> '.
678	__('Comment:').'</label> '.
679	form::textarea('comment_content',50,8,html::escapeHTML('')).
680	'</p>'.
681
682	'<p>'.form::hidden('post_id',$post_id).
683	$core->formNonce().
684	'<input type="submit" name="add" value="'.__('Save').'" /></p>'.
685	'</div>'. #constrained
686
687	'</form>'.
688	'</div>'. #add comment
689	'</div>'; #comments
690	}
691
692	# Controls comments or trakbacks capabilities
693	function isContributionAllowed($id,$dt,$com=true)
694	{
695	global $core;
696
697	if (!$id) {
698	return true;
699	}
700	if ($com) {
701	if (($core->blog->settings->system->comments_ttl == 0) \|\|
702	(time() - $core->blog->settings->system->comments_ttl*86400 < $dt)) {
703	return true;
704	}
705	} else {
706	if (($core->blog->settings->system->trackbacks_ttl == 0) \|\|
707	(time() - $core->blog->settings->system->trackbacks_ttl*86400 < $dt)) {
708	return true;
709	}
710	}
711	return false;
712	}
713
714	# Show comments or trackbacks
715	function showComments($rs,$has_action)
716	{
717	global $core;
718
719	echo
720	'<table class="comments-list"><tr>'.
721	'<th colspan="2" class="nowrap first">'.__('Author').'</th>'.
722	'<th>'.__('Date').'</th>'.
723	'<th class="nowrap">'.__('IP address').'</th>'.
724	'<th>'.__('Status').'</th>'.
725	'<th>'.__('Edit').'</th>'.
726	'</tr>';
727
728	while($rs->fetch())
729	{
730	$comment_url = $core->adminurl->get('admin.comment',array('id' => $rs->comment_id));
731
732	$img = '<img alt="%1$s" title="%1$s" src="images/%2$s" />';
733	switch ($rs->comment_status) {
734	case 1:
735	$img_status = sprintf($img,__('Published'),'check-on.png');
736	break;
737	case 0:
738	$img_status = sprintf($img,__('Unpublished'),'check-off.png');
739	break;
740	case -1:
741	$img_status = sprintf($img,__('Pending'),'check-wrn.png');
742	break;
743	case -2:
744	$img_status = sprintf($img,__('Junk'),'junk.png');
745	break;
746	}
747
748	echo
749	'<tr class="line'.($rs->comment_status != 1 ? ' offline' : '').'"'.
750	' id="c'.$rs->comment_id.'">'.
751
752	'<td class="nowrap">'.
753	($has_action ? form::checkbox(array('comments[]'),$rs->comment_id,'','','',0,'title="'.__('Select this comment').'"') : '').'</td>'.
754	'<td class="maximal">'.$rs->comment_author.'</td>'.
755	'<td class="nowrap">'.dt::dt2str(__('%Y-%m-%d %H:%M'),$rs->comment_dt).'</td>'.
756	'<td class="nowrap"><a href="'.$core->adminurl->get('admin.comment',array('ip' => $rs->comment_ip)).'">'.$rs->comment_ip.'</a></td>'.
757	'<td class="nowrap status">'.$img_status.'</td>'.
758	'<td class="nowrap status"><a href="'.$comment_url.'">'.
759	'<img src="images/edit-mini.png" alt="" title="'.__('Edit this comment').'" /> '.__('Edit').'</a></td>'.
760
761	'</tr>';
762	}
763
764	echo '</table>';
765	}
766	dcPage::helpBlock('page','core_wiki');
767	?>
768	</body>
769	</html>

Note: See TracBrowser for help on using the repository browser.

Dotclear

Context Navigation

source: plugins/pages/page.php @ 3627:9bccfc2257ad

Download in other formats:

Sites map