Location: PHPKode > projects > Gnew > Gnew-2013.1/admin/comments.php
<?php
// -----------------------------------------------------------------------------
// $Id: comments.php 682 2013-03-28 14:17:41Z raoul $
//
// Copyright (C) 2013 Raoul Proença
// License: GNU GPL version 3 (see copying.txt file)
// Website: http://www.gnew.fr/
// -----------------------------------------------------------------------------
// This program is free software: you can redistribute it and/or modify it under
// the terms of the GNU General Public License as published by the Free Software
// Foundation, either version 3 of the License, or (at your option) any later
// version.
//
// This program is distributed in the hope that it will be useful, but WITHOUT
// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
// details.
//
// You should have received a copy of the GNU General Public License along with
// this program. If not, see <http://www.gnu.org/licenses/>.
// -----------------------------------------------------------------------------

include('./../includes/common.php');

page_header($lang['ADMIN_COMMENTS']);

// Administrator?
if ($users['user_level'] < 4)
{
    error_template($lang['ERROR_LEVEL_ACCESS']);
}
else
{
    // Edit?
    if (isset($_POST['edit_comment']))
    {
        $error = '';
        if (!trim($_POST['comment_subject']))
        {
            $error .= $lang['ERROR_NO_SUBJECT'];
        }
        if (!trim($_POST['comment_text']))
        {
            $error .= $lang['ERROR_NO_TEXT'];
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            if ($settings['allow_html'])
            {
                $comment_text = do_html($_POST['comment_text']);
            }
            else
            {
                $comment_text = utf8_entities($_POST['comment_text']);
            }
            $comment_text = make_clickable($comment_text);
            $comment_text = do_bbcodes($comment_text);
            if ($settings['allow_emoticons'])
            {
                $comment_text = do_emoticons($comment_text);
            }
            $sql->query('UPDATE ' . TABLE_COMMENTS . '
                         SET comment_active = \'' . $_POST['comment_active'] . '\', comment_subject = \'' . utf8_entities($_POST['comment_subject']) . '\', comment_text = \'' . $comment_text . '\', comment_edition = \'' . time() . '\', edition_id = \'' . $_SESSION['user_id'] . '\', edition_name = \'' . $users['user_name'] . '\'
                         WHERE comment_id = \'' . $_POST['comment_id'] . '\'');
            make_comments_feed();
            $GLOBALS['cache']->clean(TABLE_COMMENTS);
            success_template($lang['COMMENT_EDITED'], './../comments/index.php?news_id=' . $_POST['news_id'] . '&story_id=' . $_POST['story_id']);
        }
    }
    // Delete?
    elseif (isset($_POST['delete_comment']))
    {
        $error = '';
        // First comment of a story?
        if ($_POST['story_id'] == $_POST['comment_id'])
        {
            $i = $comments_per_story = 0;
            $queries = array();
            $sql->query('SELECT user_id, COUNT(*) AS comments_per_user
                         FROM ' . TABLE_COMMENTS . '
                         WHERE story_id = \'' . $_POST['story_id'] . '\'
                         GROUP BY user_id
                         ORDER BY user_id');
            while ($table_comments = $sql->fetch())
            {
                $comments_per_story += $table_comments['comments_per_user'];
                $queries[$i] = 'UPDATE ' . TABLE_USERS . '
                                SET user_comments = user_comments - ' . $table_comments['comments_per_user'] . '
                                WHERE user_id = \'' . $table_comments['user_id'] . '\'';
                $i++;
            }
            for ($j = 0; $j < $i; $j++)
            {
                $sql->query($queries[$j]);
            }
            $sql->query('UPDATE ' . TABLE_NEWS . '
                         SET news_comments = news_comments - ' . $comments_per_story . '
                         WHERE news_id = \'' . $_POST['news_id'] . '\'');
            $sql->query('DELETE FROM ' . TABLE_COMMENTS . '
                         WHERE story_id = \'' . $_POST['story_id'] . '\'');
            $GLOBALS['cache']->clean(TABLE_COMMENTS);
            $GLOBALS['cache']->clean(TABLE_NEWS);
            
        }
        // Other comment
        else
        {
            // Replies
            $sql->query('SELECT comment_id
                         FROM ' . TABLE_COMMENTS . '
                         WHERE reply_id = \'' . $_POST['comment_id'] . '\'');
            $num_replies = $sql->num_rows();
            if ($num_replies > 0)
            {
                $error .= sprintf($num_replies > 1 ? $lang['ERROR_COMMENT_DELETE_REPLIES'] : $lang['ERROR_COMMENT_DELETE_REPLY'], $num_replies);
            }
            else
            {
                $sql->query('SELECT user_id
                             FROM ' . TABLE_COMMENTS . '
                             WHERE comment_id = \'' . $_POST['comment_id'] . '\'');
                $table_comments = $sql->fetch();
                $sql->query('UPDATE ' . TABLE_NEWS . '
                             SET news_comments = news_comments - 1
                             WHERE news_id = \'' . $_POST['news_id'] . '\'');
                $sql->query('UPDATE ' . TABLE_USERS . '
                             SET user_comments = user_comments - 1
                             WHERE user_id = \'' . $table_comments['user_id'] . '\'');
                $sql->query('DELETE FROM ' . TABLE_COMMENTS . '
                             WHERE comment_id = \'' . $_POST['comment_id'] . '\'');
                $GLOBALS['cache']->clean(TABLE_COMMENTS);
                $GLOBALS['cache']->clean(TABLE_NEWS);
                $GLOBALS['cache']->clean(TABLE_USERS);
            }
        }
        if ($error)
        {
            error_template($error);
        }
        else
        {
            make_comments_feed();
            // Redirect to news
            if ($_POST['story_id'] == $_POST['comment_id'])
            {
                success_template($lang['COMMENT_DELETED'], './../comments/index.php?news_id=' . $_POST['news_id']);
            }
            // Redirect to story in news
            else
            {
                success_template($lang['COMMENT_DELETED'], './../comments/index.php?news_id=' . $_POST['news_id'] . '&story_id=' . $_POST['story_id']);
            }
        }
    }
    // Edit form
    else
    {
        // Check query
        if (!empty($_GET['comment_id']) && string_is_int($_GET['comment_id']))
        {
            $sql->query('SELECT story_id, news_id, comment_active, comment_subject, comment_text
                         FROM ' . TABLE_COMMENTS . '
                         WHERE comment_id = \'' . $_GET['comment_id'] . '\'');
            $table_comments = $sql->fetch();
            // Check comment
            if (!$table_comments['story_id'])
            {
                error_template($lang['ERROR_QUERY']);
            }
            else
            {
                if ($settings['allow_html'])
                {
                    $html_support = $lang['HTML_ENABLED'];
                }
                else
                {
                    $html_support = $lang['HTML_DISABLED'];
                }
                // Hide comment?
                if ($table_comments['comment_active'])
                {
                    $comment_active_options = '<option value="0">' . $lang['YES'] . '</option><option value="1" selected="selected">' . $lang['NO'] . '</option>';
                }
                else
                {
                    $comment_active_options = '<option value="0" selected="selected">' . $lang['YES'] . '</option><option value="1">' . $lang['NO'] . '</option>';
                }
                $comment_text = undo_emoticons($table_comments['comment_text']);
                $comment_text = undo_bbcodes($comment_text);
                $template->set_file('admin', 'admin/comments/edit.htpl');
                $template->set_var(array('COMMENT_ACTIVE_OPTIONS' => $comment_active_options,
                                         'COMMENT_ID' => $_GET['comment_id'],
                                         'COMMENT_SUBJECT' => $table_comments['comment_subject'],
                                         'COMMENT_TEXT' => $comment_text,
                                         'EMOTICONS_LIST' => get_emoticons_list(0),
                                         'HTML_SUPPORT' => $html_support,
                                         'NEWS_ID' => $table_comments['news_id'],
                                         'STORY_ID' => $table_comments['story_id']));
                $template->parse('admin');
            }
        }
        else
        {
            error_template($lang['ERROR_QUERY']);
        }
    }
}

page_footer();

?>
Return current item: Gnew