| [ PHPXref.com ] | [ Generated: Thu Nov 4 14:43:12 2010 ] | [ Textpattern 4.3.0 ] |
| [ Index ] [ Variables ] [ Functions ] [ Classes ] [ Constants ] [ Statistics ] | ||
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 This is Textpattern 5 6 Copyright 2005 by Dean Allen 7 www.textpattern.com 8 All rights reserved 9 10 Use of this software indicates acceptance of the Textpattern license agreement 11 12 $HeadURL: https://textpattern.googlecode.com/svn/releases/4.3.0/source/textpattern/include/txp_discuss.php $ 13 $LastChangedRevision: 3374 $ 14 15 */ 16 17 if (!defined('txpinterface')) die('txpinterface is undefined.'); 18 19 if ($event == 'discuss') { 20 require_privs('discuss'); 21 22 if(!$step or !in_array($step, array('discuss_delete','discuss_save','discuss_list','discuss_edit','ipban_add','discuss_multi_edit','ipban_list','ipban_unban','discuss_change_pageby'))){ 23 discuss_list(); 24 } else $step(); 25 } 26 27 //------------------------------------------------------------- 28 function discuss_save() 29 { 30 extract(doSlash(gpsa(array('email','name','web','message','ip')))); 31 extract(array_map('assert_int',gpsa(array('discussid','visible','parentid')))); 32 safe_update("txp_discuss", 33 "email = '$email', 34 name = '$name', 35 web = '$web', 36 message = '$message', 37 visible = $visible", 38 "discussid = $discussid"); 39 update_comments_count($parentid); 40 update_lastmod(); 41 42 $message = gTxt('comment_updated', array('{id}' => $discussid)); 43 44 discuss_list($message); 45 } 46 47 //------------------------------------------------------------- 48 49 function short_preview($message) 50 { 51 $message = strip_tags($message); 52 $offset = min(150, strlen($message)); 53 54 if (strpos($message, ' ', $offset) !== false) 55 { 56 $maxpos = strpos($message,' ',$offset); 57 $message = substr($message, 0, $maxpos).'…'; 58 } 59 60 return $message; 61 } 62 63 //------------------------------------------------------------- 64 65 function discuss_list($message = '') 66 { 67 global $event, $comment_list_pageby; 68 69 pagetop(gTxt('list_discussions'), $message); 70 71 echo graf( 72 '<a href="index.php?event=discuss'.a.'step=ipban_list">'.gTxt('list_banned_ips').'</a>' 73 , ' id="list_banned_ips" style="text-align: center;"'); 74 75 extract(gpsa(array('sort', 'dir', 'page', 'crit', 'search_method'))); 76 if ($sort === '') $sort = get_pref('discuss_sort_column', 'date'); 77 if ($dir === '') $dir = get_pref('discuss_sort_dir', 'desc'); 78 $dir = ($dir == 'asc') ? 'asc' : 'desc'; 79 80 switch ($sort) 81 { 82 case 'id': 83 $sort_sql = 'discussid '.$dir; 84 break; 85 86 case 'ip': 87 $sort_sql = 'ip '.$dir; 88 break; 89 90 case 'name': 91 $sort_sql = 'name '.$dir; 92 break; 93 94 case 'email': 95 $sort_sql = 'email '.$dir; 96 break; 97 98 case 'website': 99 $sort_sql = 'web '.$dir; 100 break; 101 102 case 'message': 103 $sort_sql = 'message '.$dir; 104 break; 105 106 case 'status': 107 $sort_sql = 'visible '.$dir; 108 break; 109 110 case 'parent': 111 $sort_sql = 'parentid '.$dir; 112 break; 113 114 default: 115 $sort = 'date'; 116 $sort_sql = 'txp_discuss.posted '.$dir; 117 break; 118 } 119 120 if ($sort != 'date') $sort_sql .= ', txp_discuss.posted asc'; 121 122 set_pref('discuss_sort_column', $sort, 'discuss', 2, '', 0, PREF_PRIVATE); 123 set_pref('discuss_sort_dir', $dir, 'discuss', 2, '', 0, PREF_PRIVATE); 124 125 $switch_dir = ($dir == 'desc') ? 'asc' : 'desc'; 126 127 $criteria = 1; 128 129 if ($search_method and $crit) 130 { 131 $crit_escaped = doSlash(str_replace(array('\\','%','_','\''), array('\\\\','\\%','\\_', '\\\''), $crit)); 132 133 $critsql = array( 134 'id' => "discussid = '$crit_escaped'", 135 'parent' => "parentid = '$crit_escaped'".(intval($crit_escaped) ? '' : " OR title like '%$crit_escaped%'"), 136 'name' => "name like '%$crit_escaped%'", 137 'message' => "message like '%$crit_escaped%'", 138 'email' => "email like '%$crit_escaped%'", 139 'website' => "web like '%$crit_escaped%'", 140 'ip' => "ip like '%$crit_escaped%'", 141 ); 142 143 if (array_key_exists($search_method, $critsql)) 144 { 145 $criteria = $critsql[$search_method]; 146 $limit = 500; 147 } 148 149 else 150 { 151 $search_method = ''; 152 $crit = ''; 153 } 154 } 155 156 else 157 { 158 $search_method = ''; 159 $crit = ''; 160 } 161 162 $counts = getRows( 163 'SELECT visible, COUNT(*) AS c'. 164 ' FROM '.safe_pfx_j('txp_discuss').' LEFT JOIN '.safe_pfx_j('textpattern').' ON txp_discuss.parentid = textpattern.ID'. 165 ' WHERE '. $criteria.' GROUP BY visible' 166 ); 167 168 $count[SPAM] = $count[MODERATE] = $count[VISIBLE] = 0; 169 170 if ($counts) foreach($counts as $c) 171 { 172 $count[$c['visible']] = $c['c']; 173 } 174 175 // grand total comment count 176 $total = $count[SPAM] + $count[MODERATE] + $count[VISIBLE]; 177 178 echo '<div id="'.$event.'_control" class="txp-control-panel">'; 179 180 if ($total < 1) 181 { 182 if ($criteria != 1) 183 { 184 echo n.discuss_search_form($crit, $search_method). 185 n.graf(gTxt('no_results_found'), ' class="indicator"').'</div>'; 186 } 187 188 else 189 { 190 echo graf(gTxt('no_comments_recorded'), ' class="indicator"').'</div>'; 191 } 192 193 return; 194 } 195 196 // paging through displayed comments 197 $total = ((cs('toggle_show_spam')) ? $count[SPAM] : 0) + $count[MODERATE] + $count[VISIBLE]; 198 $limit = max($comment_list_pageby, 15); 199 list($page, $offset, $numPages) = pager($total, $limit, $page); 200 201 echo discuss_search_form($crit, $search_method).'</div>'; 202 203 $spamq = cs('toggle_show_spam') ? '1=1' : 'visible != '.intval(SPAM); 204 205 $rs = safe_query( 206 'SELECT txp_discuss.*, unix_timestamp(txp_discuss.posted) as uPosted, ID as thisid, Section as section, url_title, Title as title, Status, unix_timestamp(textpattern.Posted) as posted'. 207 ' FROM '.safe_pfx_j('txp_discuss').' LEFT JOIN '.safe_pfx_j('textpattern').' ON txp_discuss.parentid = textpattern.ID'. 208 ' WHERE '.$spamq.' AND '.$criteria. 209 ' ORDER BY '.$sort_sql. 210 ' LIMIT '.$offset.', '.$limit 211 ); 212 213 if ($rs) 214 { 215 echo n.'<div id="'.$event.'_container" class="txp-container txp-list">'; 216 echo n.n.'<form name="longform" id="discuss_form" method="post" action="index.php" onsubmit="return verify(\''.gTxt('are_you_sure').'\')">'. 217 218 n.startTable('list','','list','','90%'). 219 n.'<thead>'. 220 n.n.tr( 221 column_head('ID', 'id', 'discuss', true, $switch_dir, $crit, $search_method, (('id' == $sort) ? "$dir " : '').'id'). 222 column_head('date', 'date', 'discuss', true, $switch_dir, $crit, $search_method, (('date' == $sort) ? "$dir " : '').'date posted created'). 223 column_head('name', 'name', 'discuss', true, $switch_dir, $crit, $search_method, (('name' == $sort) ? "$dir " : '').'name'). 224 column_head('message', 'message', 'discuss', true, $switch_dir, $crit, $search_method, (('message' == $sort) ? "$dir " : 'message')). 225 column_head('email', 'email', 'discuss', true, $switch_dir, $crit, $search_method, (('email' == $sort) ? "$dir " : '').'discuss_detail email'). 226 column_head('website', 'website', 'discuss', true, $switch_dir, $crit, $search_method, (('website' == $sort) ? "$dir " : '').'discuss_detail website'). 227 column_head('IP', 'ip', 'discuss', true, $switch_dir, $crit, $search_method, (('ip' == $sort) ? "$dir " : '').'discuss_detail ip'). 228 column_head('status', 'status', 'discuss', true, $switch_dir, $crit, $search_method, (('status' == $sort) ? "$dir " : '').'discuss_detail status'). 229 column_head('parent', 'parent', 'discuss', true, $switch_dir, $crit, $search_method, (('parent' == $sort) ? "$dir " : '').'parent'). 230 hCell('', '', ' class="multi-edit"') 231 ). 232 n.'</thead>'; 233 234 include_once txpath.'/publish/taghandlers.php'; 235 236 $tfoot = n.'<tfoot>'.tr( 237 tda( 238 toggle_box('discuss_detail'), 239 ' class="detail-toggle" colspan="2" style="text-align: left; border: none;"' 240 ). 241 tda( 242 select_buttons(). 243 discuss_multiedit_form($page, $sort, $dir, $crit, $search_method) 244 , ' class="multi-edit" colspan="9" style="text-align: right; border: none;"') 245 ).n.'</tfoot>'; 246 247 echo $tfoot; 248 echo '<tbody>'; 249 250 $ctr = 1; 251 252 while ($a = nextRow($rs)) 253 { 254 extract($a); 255 $parentid = assert_int($parentid); 256 257 $edit_url = '?event=discuss'.a.'step=discuss_edit'.a.'discussid='.$discussid.a.'sort='.$sort. 258 a.'dir='.$dir.a.'page='.$page.a.'search_method='.$search_method.a.'crit='.$crit; 259 260 $dmessage = ($visible == SPAM) ? short_preview($message) : $message; 261 262 switch ($visible) 263 { 264 case VISIBLE: 265 $comment_status = gTxt('visible'); 266 $row_class = 'visible'; 267 break; 268 269 case SPAM: 270 $comment_status = gTxt('spam'); 271 $row_class = 'spam'; 272 break; 273 274 case MODERATE: 275 $comment_status = gTxt('unmoderated'); 276 $row_class = 'moderate'; 277 break; 278 279 default: 280 break; 281 } 282 283 if (empty($thisid)) 284 { 285 $parent = gTxt('article_deleted').' ('.$parentid.')'; 286 $view = ''; 287 } 288 289 else 290 { 291 $parent_title = empty($title) ? '<em>'.gTxt('untitled').'</em>' : escape_title($title); 292 293 $parent = href($parent_title, '?event=article'.a.'step=edit'.a.'ID='.$parentid); 294 295 $view = ''; 296 297 if ($visible == VISIBLE and in_array($Status, array(4,5))) 298 { 299 $view = n.t.'<li class="action-view"><a href="'.permlinkurl($a).'#c'.$discussid.'">'.gTxt('view').'</a></li>'; 300 } 301 } 302 303 echo n.n.tr( 304 305 n.td('<a class="action-edit" href="'.$edit_url.'">'.$discussid.'</a>'. 306 n.'<ul class="discuss_detail actions">'. 307 n.t.'<li class="action-edit"><a href="'.$edit_url.'">'.gTxt('edit').'</a></li>'. 308 $view. 309 n.'</ul>' 310 , 50, 'id'). 311 312 td(gTime($uPosted), '', 'date posted created'). 313 td(htmlspecialchars(soft_wrap($name, 15)), '', 'name'). 314 td(short_preview($dmessage), '', 'message'). 315 td(htmlspecialchars(soft_wrap($email, 15)), '', 'discuss_detail email'). 316 td(htmlspecialchars(soft_wrap($web, 15)), '', 'discuss_detail website'). 317 td($ip, '', 'discuss_detail ip'). 318 td($comment_status, '', 'discuss_detail status'). 319 td($parent, '', 'parent'). 320 td(fInput('checkbox', 'selected[]', $discussid), '', 'multi-edit') 321 , ' class="'.(($ctr%2 == 0) ? 'even' : 'odd').' '.$row_class.'"'); 322 323 $ctr++; 324 } 325 326 if (empty($message)) 327 echo tr(tda(gTxt('just_spam_results_found'),' colspan="9" style="text-align: left; border: none;"')); 328 329 echo '</tbody>'. 330 endTable(). 331 '</form>'. 332 333 n.cookie_box('show_spam'). 334 335 n.'<div id="'.$event.'_navigation" class="txp-navigation">'. 336 nav_form('discuss', $page, $numPages, $sort, $dir, $crit, $search_method, $total, $limit). 337 338 pageby_form('discuss', $comment_list_pageby). 339 n.'</div>'.n.'</div>'; 340 } 341 } 342 343 //------------------------------------------------------------- 344 345 function discuss_search_form($crit, $method) 346 { 347 $methods = array( 348 'id' => gTxt('ID'), 349 'parent' => gTxt('parent'), 350 'name' => gTxt('name'), 351 'message' => gTxt('message'), 352 'email' => gTxt('email'), 353 'website' => gTxt('website'), 354 'ip' => gTxt('IP') 355 ); 356 357 return search_form('discuss', 'list', $crit, $methods, $method, 'message'); 358 } 359 360 //------------------------------------------------------------- 361 362 function discuss_edit() 363 { 364 global $event; 365 366 pagetop(gTxt('edit_comment')); 367 368 extract(gpsa(array('discussid', 'sort', 'dir', 'page', 'crit', 'search_method'))); 369 370 $discussid = assert_int($discussid); 371 372 $rs = safe_row('*, unix_timestamp(posted) as uPosted', 'txp_discuss', "discussid = $discussid"); 373 374 if ($rs) 375 { 376 extract($rs); 377 378 $message = htmlspecialchars($message); 379 380 if (fetch('ip', 'txp_discuss_ipban', 'ip', $ip)) 381 { 382 $ban_step = 'ipban_unban'; 383 $ban_text = gTxt('unban'); 384 } 385 386 else 387 { 388 $ban_step = 'ipban_add'; 389 $ban_text = gTxt('ban'); 390 } 391 392 $ban_link = '[<a class="action-ban" href="?event=discuss'.a.'step='.$ban_step.a.'ip='.$ip. 393 a.'name='.urlencode($name).a.'discussid='.$discussid.'">'.$ban_text.'</a>]'; 394 395 echo '<div id="'.$event.'_container" class="txp-container txp-edit">'. 396 form( 397 startTable('edit', '', 'edit-pane'). 398 stackRows( 399 400 fLabelCell('name'). 401 fInputCell('name', $name, '', '', '', 'name'), 402 403 fLabelCell('IP'). 404 td("$ip $ban_link", '', 'ip'), 405 406 fLabelCell('email'). 407 fInputCell('email', $email, '', '', '', 'email'), 408 409 fLabelCell('website'). 410 fInputCell('web', $web, '', '', '', 'website'), 411 412 fLabelCell('date'). 413 td( 414 safe_strftime('%d %b %Y %X', $uPosted) 415 , '', 'date posted created'), 416 417 tda(gTxt('message')). 418 td( 419 '<textarea name="message" cols="60" rows="15">'.$message.'</textarea>' 420 , '', 'comment message text'), 421 422 fLabelCell('status'). 423 td( 424 selectInput('visible', array( 425 VISIBLE => gTxt('visible'), 426 SPAM => gTxt('spam'), 427 MODERATE => gTxt('unmoderated') 428 ), $visible, false) 429 , '', 'status'), 430 431 td().td(fInput('submit', 'step', gTxt('save'), 'publish')), 432 433 hInput('sort', $sort). 434 hInput('dir', $dir). 435 hInput('page', $page). 436 hInput('crit', $crit). 437 hInput('search_method', $search_method). 438 439 hInput('discussid', $discussid). 440 hInput('parentid', $parentid). 441 hInput('ip', $ip). 442 443 eInput('discuss'). 444 sInput('discuss_save') 445 ). 446 447 endTable() 448 , '', '', 'post', 'edit-form', '', 'discuss_edit_form'),'</div>'; 449 } 450 451 else 452 { 453 echo graf(gTxt('comment_not_found'),' class="indicator"'); 454 } 455 } 456 457 // ------------------------------------------------------------- 458 459 function ipban_add() 460 { 461 extract(gpsa(array('ip', 'name', 'discussid'))); 462 $discussid = assert_int($discussid); 463 464 if (!$ip) 465 { 466 return ipban_list(gTxt('cant_ban_blank_ip')); 467 } 468 469 $ban_exists = fetch('ip', 'txp_discuss_ipban', 'ip', $ip); 470 471 if ($ban_exists) 472 { 473 $message = gTxt('ip_already_banned', array('{ip}' => $ip)); 474 475 return ipban_list($message); 476 } 477 478 $rs = safe_insert('txp_discuss_ipban', " 479 ip = '".doSlash($ip)."', 480 name_used = '".doSlash($name)."', 481 banned_on_message = $discussid, 482 date_banned = now() 483 "); 484 485 // hide all messages from that IP also 486 if ($rs) 487 { 488 safe_update('txp_discuss', "visible = ".SPAM, "ip = '".doSlash($ip)."'"); 489 490 $message = gTxt('ip_banned', array('{ip}' => $ip)); 491 492 return ipban_list($message); 493 } 494 495 ipban_list(); 496 } 497 498 // ------------------------------------------------------------- 499 500 function ipban_unban() 501 { 502 $ip = doSlash(gps('ip')); 503 504 $rs = safe_delete('txp_discuss_ipban', "ip = '$ip'"); 505 506 if ($rs) 507 { 508 $message = gTxt('ip_ban_removed', array('{ip}' => $ip)); 509 510 ipban_list($message); 511 } 512 } 513 514 // ------------------------------------------------------------- 515 516 function ipban_list($message = '') 517 { 518 global $event; 519 520 pageTop(gTxt('list_banned_ips'), $message); 521 522 $rs = safe_rows_start('*, unix_timestamp(date_banned) as uBanned', 'txp_discuss_ipban', 523 "1 = 1 order by date_banned desc"); 524 525 if ($rs and numRows($rs) > 0) 526 { 527 echo '<div id="'.$event.'_ban_container" class="txp-container txp-list">'. 528 startTable('list', '', 'list'). 529 n.'<thead>'. 530 tr( 531 hCell(gTxt('date_banned'), '', ' class="date banned"'). 532 hCell(gTxt('IP'), '', ' class="ip"'). 533 hCell(gTxt('name_used'), '', ' class="name"'). 534 hCell(gTxt('banned_for'), '', ' class="id"'). 535 hCell('', '', ' class="actions"') 536 ). 537 n.'</thead>'; 538 539 echo '<tbody>'; 540 $ctr = 1; 541 542 while ($a = nextRow($rs)) 543 { 544 extract($a); 545 546 echo tr( 547 td( 548 safe_strftime('%d %b %Y %I:%M %p', $uBanned) 549 , 100, 'date banned'). 550 551 td( 552 $ip 553 , 100, 'ip'). 554 555 td( 556 $name_used 557 , 100, 'name'). 558 559 td( 560 '<a href="?event=discuss'.a.'step=discuss_edit'.a.'discussid='.$banned_on_message.'">'. 561 $banned_on_message.'</a>' 562 , 100, 'id'). 563 564 td( 565 '<a class="action-ban" href="?event=discuss'.a.'step=ipban_unban'.a.'ip='.$ip.'">'.gTxt('unban').'</a>' 566 , '', 'actions') 567 , ' class="'.(($ctr%2 == 0) ? 'even' : 'odd').'"' 568 ); 569 570 $ctr++; 571 } 572 573 echo '</tbody>'. 574 endTable(). 575 '</div>'; 576 } 577 578 else 579 { 580 echo graf(gTxt('no_ips_banned'),' class="indicator"'); 581 } 582 } 583 584 // ------------------------------------------------------------- 585 function discuss_change_pageby() 586 { 587 event_change_pageby('comment'); 588 discuss_list(); 589 } 590 591 // ------------------------------------------------------------- 592 593 function discuss_multiedit_form($page, $sort, $dir, $crit, $search_method) 594 { 595 $methods = array( 596 'visible' => gTxt('show'), 597 'unmoderated' => gTxt('hide_unmoderated'), 598 'spam' => gTxt('hide_spam'), 599 'ban' => gTxt('ban_author'), 600 'delete' => gTxt('delete'), 601 ); 602 603 return event_multiedit_form('discuss', $methods, $page, $sort, $dir, $crit, $search_method); 604 } 605 606 // ------------------------------------------------------------- 607 function discuss_multi_edit() 608 { 609 //FIXME, this method needs some refactoring 610 611 $selected = ps('selected'); 612 $method = ps('edit_method'); 613 $done = array(); 614 615 if ($selected and is_array($selected)) 616 { 617 // Get all articles for which we have to update the count 618 foreach($selected as $id) 619 $ids[] = assert_int($id); 620 $parentids = safe_column("DISTINCT parentid","txp_discuss","discussid IN (".implode(',',$ids).")"); 621 622 $rs = safe_rows_start('*', 'txp_discuss', "discussid IN (".implode(',',$ids).")"); 623 while ($row = nextRow($rs)) { 624 extract($row); 625 $id = assert_int($discussid); 626 $parentids[] = $parentid; 627 628 if ($method == 'delete') { 629 // Delete and if succesful update commnet count 630 if (safe_delete('txp_discuss', "discussid = $id")) 631 $done[] = $id; 632 } 633 elseif ($method == 'ban') { 634 // Ban the IP and hide all messages by that IP 635 if (!safe_field('ip', 'txp_discuss_ipban', "ip='".doSlash($ip)."'")) { 636 safe_insert("txp_discuss_ipban", 637 "ip = '".doSlash($ip)."', 638 name_used = '".doSlash($name)."', 639 banned_on_message = $id, 640 date_banned = now() 641 "); 642 safe_update('txp_discuss', 643 "visible = ".SPAM, 644 "ip='".doSlash($ip)."'" 645 ); 646 } 647 $done[] = $id; 648 } 649 elseif ($method == 'spam') { 650 if (safe_update('txp_discuss', 651 "visible = ".SPAM, 652 "discussid = $id" 653 )) 654 $done[] = $id; 655 } 656 elseif ($method == 'unmoderated') { 657 if (safe_update('txp_discuss', 658 "visible = ".MODERATE, 659 "discussid = $id" 660 )) 661 $done[] = $id; 662 } 663 elseif ($method == 'visible') { 664 if (safe_update('txp_discuss', 665 "visible = ".VISIBLE, 666 "discussid = $id" 667 )) 668 $done[] = $id; 669 } 670 671 } 672 673 $done = join(', ', $done); 674 675 if ($done) 676 { 677 // might as well clean up all comment counts while we're here. 678 clean_comment_counts($parentids); 679 680 $messages = array( 681 'delete' => gTxt('comments_deleted', array('{list}' => $done)), 682 'ban' => gTxt('ips_banned', array('{list}' => $done)), 683 'spam' => gTxt('comments_marked_spam', array('{list}' => $done)), 684 'unmoderated' => gTxt('comments_marked_unmoderated', array('{list}' => $done)), 685 'visible' => gTxt('comments_marked_visible', array('{list}' => $done)) 686 ); 687 688 update_lastmod(); 689 690 return discuss_list($messages[$method]); 691 } 692 } 693 694 return discuss_list(); 695 } 696 697 ?>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| [ Powered by PHPXref - Served by Debian GNU/Linux ] |