<?php
/*
* Filename.....: class_comment_admin.php
* Class........: comment_admin
* Purpose......: Validate comments
* Parameter....: none
* Creation date: 2006-05-25
* Version......: 0.8
* License......: LGPL v3
* Copyright....: Peter Klauer
* _ __ _ _
* ||| | |/ / (_) | Wirtschaftsinformatiker IHK
* \. ./| ' / _ __ _| |_ ___ www.ingoknito.de
* - ^ -| < | '_ \| | __/ _ \
* / - \| . \| | | | | || (_) | Peter Klauer
* ||| |_|\_\_| |_|_|\__\___/ 06136-909093
* Mailto.......: knito@knito.de
*
* This library is free software; you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version. http://www.gnu.org/copyleft/lesser.html
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with this program; if not, write to the Free Software Foundation
* 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA.
*
* If you need a commercial license please contact the copyright owner.
*/
class comment_admin extends comment
{
var $say_select_all = 'Select all';
var $say_unselect_all = 'unSelect all';
var $say_delete_selected = 'delete selected';
var $say_confirm_selected = 'confirm selected';
var $say_all = 'all';
var $say_unvalidated = 'unvalidated';
var $say_range = 'Range:';
var $style_validated = 'background-color:#bfb';
var $only_unvalidated = true;
# This is a user defined callback function($id_for, $code_for)
# which may reveal more informations about the commented item
# let it search for the caption of the commented item in another sql table.
var $udf_id_for_code_for = ''; // name of the function which takes 2 args: $id_for and $code_for
function comment_admin( &$sqltable, $cssdir = './css/' )
{
# setting id_for and/or code_for will restrict the
# admin to only the id_for and code_for which is set
# if id_for other than 0 or/and code_for other than ''
$id_for = 0; // every id with value 0, set to reduce rights
$code_for = ''; // every code with value '', set to reduce rights
parent::comment( $id_for, $code_for, $sqltable, $cssdir );
}
/**
* output the admin table with the newest comments in front
*
*/
function put()
{
# # #
if( (isset( $_POST['GO']) and $_POST['GO'] == '1') )
{
// Markierte S�tze validieren
$k = array_keys($_POST);
for( $i = 0; $i < count($k); $i++ )
{
# echo "\n<br>\$k[\$i]=".$k[$i].", \$_POST['\$k[\$i]']=".$_POST[$k[$i]];
if( substr( $k[$i],0,6 ) == 'valid_' )
{
# aus valid_4 mach id_4
$nr = substr( $k[$i], 3);
$id = $_POST[$nr];
switch( $_POST['OK'] )
{
case $this->say_confirm_selected:
$query = "update comments set validated='1' where id='$id'";
if( $this->debug ) echo "executing: $query";
$this->execute( 'query', $query );
break;
case $this->say_delete_selected:
$query = "delete from comments where id='$id'";
if( $this->debug ) echo "executing: $query";
$this->execute( 'query', $query );
break;
} // end of switch $OK
} // end of $k == valid_
} // NEXT i
} // end if GO == '1'
# # #
$ps = $_SERVER['PHP_SELF'];
$qs = $_SERVER['QUERY_STRING'];
if( substr( $qs, 0, 1 ) == '?' ) $qs = substr( $qs,1 ); // alles ohne Frachezeichen
$s1 = ''; $s0 = '';
if( isset( $_GET['which'] ) and !isset( $_POST['which']) ) $_POST['which'] = $_GET['which'];
if( isset( $_POST['which'] ) and $_POST['which'] == '1' ) $s1 = ' checked ';
if( isset( $_POST['which'] ) and $_POST['which'] == '0' ) $s0 = ' checked ';
echo "<form method='POST' action='$ps?$qs'>
<noscript><input type='submit' name='btn' value='$this->say_range'></noscript>
<label for='which1'><input onclick='return this.form.submit()' type='radio' $s1 name='which' value='1' id='which1'>$this->say_all</label>
<label for='which0'><input onclick='return this.form.submit()' type='radio' $s0 name='which' value='0' id='which0'>$this->say_unvalidated</label>
</form>";
echo "<form method='POST' action='$ps?$qs'>
<input type='hidden' name='GO' value='1'>
<input type='submit' name='OK' value='$this->say_confirm_selected'>
<input type='submit' name='OK' value='$this->say_delete_selected'>
";
$datesql = $this->sqlisodate('datetime').', '.
$this->sqlisodate('lastchanged'); // get a valid date sql string for iso date YYYY-mm-dd HH:ii:ss
$where = 'where 1=1 '; // mssql does not like "where 1 ", mysql does
if( isset( $_POST['which'] ) and $_POST['which'] == 1 ) $this->only_unvalidated = false;
if( $this->only_unvalidated == true )
{
$where .= ' and validated=0';
}
if( $this->id_for > 0 )
{
$where .= " and id_for='$this->id_for'"; // special id_for value
}
if( strlen($this->code_for) > 0 )
{
$where .= " and code_for='$this->code_for'"; // special code_for value
}
$query = "select id, $datesql, nickname, comment, ip, dns, user_agent, id_for, code_for, validated
from comments $where
order by datetime desc";
$r = $this->execute( 'query', $query );
if( $r and ( $this->execute( 'num_rows', $r ) > 0 ) )
{
$this->sqltable->udf['id'] = 'comment_admin::udf_checkbox';
$this->sqltable->udf['datetime'] = 'comment_admin::udf_comment';
$this->sqltable->udf['ip'] = 'comment_admin::udf_summary';
$this->sqltable->trtagudf = 'comment_admin::tr_color';
$this->sqltable->showcaptions = false; // we rearrange everything into one cell
$this->sqltable->style['id'] = 'white-space:nowrap';
if( strlen( $this->code_for ) > 0 ) $this->hidden['code_for'] = 1;
if( $this->id_for > 0 ) $this->hidden['id_for'] = 1;
$this->sqltable->hidden['nickname'] = 1;
$this->sqltable->hidden['dns'] = 1;
$this->sqltable->hidden['user_agent'] = 1;
$this->sqltable->hidden['id_for'] = 1;
$this->sqltable->hidden['code_for'] = 1;
$this->sqltable->hidden['comment'] = 1;
$this->sqltable->hidden['validated'] = 1;
$this->sqltable->hidden['lastchanged'] = 1;
$this->sqltable->fillup = false;
$this->sqltable->index = false;
echo $this->before_comments;
echo '<a name="commentsqltable"></a>';
#
# Select ALL
#
$q = $this->sqltable->adjust_query_string( $qs, 'selectall=1' );
if( isset( $_POST['which'] ) )
{
$q = $this->sqltable->adjust_query_string( $q, 'which='.$_POST['which'] );
}
echo "<a href='$ps?$q' title='$this->say_select_all'>$this->say_select_all</a> ";
#
# UNSelect ALL
#
$q = $this->sqltable->adjust_query_string( $qs, 'selectall=0' );
if( isset( $_POST['which'] ) )
{
$q = $this->sqltable->adjust_query_string( $q, 'which='.$_POST['which'] );
}
echo "<a href='$ps?$q' title='$this->say_unselect_all'>$this->say_unselect_all</a>";
$this->sqltable->anchor = '#commentsqltable';
$this->sqltable->put( $r );
$this->sqltable->anchor = '';
echo $this->after_comments;
$this->execute( 'free_result', $r );
}
echo '</form>';
} // eof put()
/**
* UDF for sqltable column "datetime"
* Used to arrange multiple columns into one cell
* @param string $a = original cell value
* @param object $sqlrowvars = key-value-paired array
* @param object $myself = initialized object of comment ($this)
*/
function udf_comment($a, $sqlrowvars, $myself)
{
static $counter = 1;
global $_SERVER;
#
# top row of comment contains nickname and dates
#
$s1 = '<a name="comment'.$counter.'"></a><div class="commenttopbar">'.
'<table width="100%" summary="commentheadline"><tr><td class="commentnickname">'.
$sqlrowvars['nickname'].
'</td><td align="right" class="commentdatetime">'.$myself->say_entered.': '.
$sqlrowvars['datetime'].'<br>';
if( $sqlrowvars['lastchanged'] <> $sqlrowvars['datetime'] )
{
$changed = substr( $sqlrowvars['lastchanged'], 10 );
$s1 .= $myself->say_lastchanged.': '.$changed;
}
$s1 .= '</td></tr></table></div>';
$text = $sqlrowvars['comment'];
$edit = 0;
$today = date( 'Y-m-d' );
$ps = $_SERVER['PHP_SELF'];
$qs = $_SERVER['QUERY_STRING'];
#
# The following avoids when tidying the generation of &amp;
#
$qs = str_replace( '&','&', $qs ); # make & to &
$qs = str_replace( '&', '&', $qs ); # make & to &
#
# Check if the useragent, date, ip and nickname fit together.
# If yes, then let the user edit his input.
# Otherwise, just display the text.
#
if( strpos( '@'.$sqlrowvars['datetime'], $today ) > 0 )
{
if( $_SERVER['REMOTE_ADDR'] == $sqlrowvars['ip'] )
{
if( $_SERVER['HTTP_USER_AGENT'] == $sqlrowvars['user_agent'] )
{
$edit = 1;
}
}
}
$begin = '<div class="comment">';
if( $edit == 1 )
{
$s = "<form action='$ps?$qs#comment$counter' method='POST'>
<textarea name='comment' rows='$myself->comment_rows' cols='$myself->comment_cols'>$text</textarea>
<input type='hidden' name='id_comment' value='".$sqlrowvars['id']."'>
<input type='hidden' name='updatecomment' value='1'>
<input type='submit' name='btn' value='$myself->say_update'>
</form>";
}
else
{
$s = '<span>'.$text.'</span>'; // span for css
}
$end = '</div>';
$counter ++; // increase at each row
return $begin.$s1.$s.$end;
} // eof callback udf_commentsarrangedata() for sqltable
/**
* UDF for sqltable column "ip"
* Used to arrange multiple columns into one cell
* @param string $a = original cell value
* @param object $sqlrowvars = key-value-paired array
* @param object $myself = initialized object of comment ($this)
*/
function udf_summary($a, $sqlrowvars, $myself)
{
return(
$sqlrowvars['user_agent'].'<br>'.
$sqlrowvars['ip'].'<br>'.
$sqlrowvars['dns'] );
} // eof callback udf_summary() for sqltable
/**
* callback function for column "id"
* return infos about the comment and the checkbox.
*
* @param integer $id = id value of column
* @param array $all = array of all column values of sql result
* @param object $myself = object of comment_admin
* @return string
*/
function udf_checkbox($id, $all, $myself)
{
static $a;
$a++;
$checked = '';
if (isset( $_GET['selectall'] ) and $_GET['selectall'] == '1') $checked = ' checked';
/** Create the checkbox for validating or deleting **/
$s = "<input$checked id='cb_$a' type='checkbox' name='valid_$a'>".
"<input type='hidden' name='id_$a' value='$id'>".
"<label for='cb_$a'> [ $id ]";
if( strlen( trim( $myself->udf_id_for_code_for ) ) > 0 )
{
$s.= '<br>'.eval( "return $myself->udf_id_for_code_for(".$all['id_for'].",'".$all['code_for']."');");
}
else
{
$s.= '<br>Code: '.$all['code_for'].'<br>Id: '.$all['id_for'];
}
return( $s.'</label>' );
} // eof callback udf_checkbox() for sqltable
/**
* callback function for trtagudf
* returns green background for validated items
* @param array $cols = array of all column values
* @param object $myself = object of comment_admin
*/
function tr_color( $cols, $myself )
{
if( $cols['validated'] == '1' )
{
echo " style='$myself->style_validated' ";
}
} // eof callback function tr_color() for sqltable
} // eoc comment_admin
?>
|