1<?php 2/** 3 * XOOPS comments 4 * 5 * You may not change or alter any portion of this comment or credits 6 * of supporting developers from this source code or any supporting source code 7 * which is considered copyrighted (c) material of the original comment or credit authors. 8 * This program is distributed in the hope that it will be useful, 9 * but WITHOUT ANY WARRANTY; without even the implied warranty of 10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 11 * 12 * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) 13 * @license GNU GPL 2 (http://www.gnu.org/licenses/gpl-2.0.html) 14 * @package kernel 15 * @since 2.0.0 16 * @author Kazumi Ono (AKA onokazu) http://www.myweb.ne.jp/, http://jp.xoops.org/ 17 */ 18 19defined('XOOPS_ROOT_PATH') || exit('Restricted access'); 20 21include_once XOOPS_ROOT_PATH . '/class/xoopstree.php'; 22require_once XOOPS_ROOT_PATH . '/kernel/object.php'; 23include_once XOOPS_ROOT_PATH . '/language/' . $GLOBALS['xoopsConfig']['language'] . '/comment.php'; 24 25$GLOBALS['xoopsLogger']->addDeprecated("'/class/xoopscommments.php' is deprecated since XOOPS 2.5.4, please use '/kernel/comment.php' instead."); 26 27/** 28 * Xoops Comments Object Class 29 * 30 * @author Kazumi Ono <onokazu@xoops.org> 31 * @author John Neill <catzwolf@xoops.org> 32 * @copyright (c) 2000-2016 XOOPS Project (www.xoops.org) 33 * @package kernel 34 * @subpackage comments 35 * @access public 36 */ 37class XoopsComments extends XoopsObject 38{ 39 public $ctable; 40 public $db; 41 42 /** 43 * @param $ctable 44 * @param null|array $id 45 */ 46 public function __construct($ctable, $id = null) 47 { 48 $this->ctable = $ctable; 49 $this->db = XoopsDatabaseFactory::getDatabaseConnection(); 50 parent::__construct(); 51 $this->initVar('comment_id', XOBJ_DTYPE_INT, null, false); 52 $this->initVar('item_id', XOBJ_DTYPE_INT, null, false); 53 $this->initVar('order', XOBJ_DTYPE_INT, null, false); 54 $this->initVar('mode', XOBJ_DTYPE_OTHER, null, false); 55 $this->initVar('subject', XOBJ_DTYPE_TXTBOX, null, false, 255); 56 $this->initVar('comment', XOBJ_DTYPE_TXTAREA, null, false, null); 57 $this->initVar('ip', XOBJ_DTYPE_OTHER, null, false); 58 $this->initVar('pid', XOBJ_DTYPE_INT, 0, false); 59 $this->initVar('date', XOBJ_DTYPE_INT, null, false); 60 $this->initVar('nohtml', XOBJ_DTYPE_INT, 1, false); 61 $this->initVar('nosmiley', XOBJ_DTYPE_INT, 0, false); 62 $this->initVar('noxcode', XOBJ_DTYPE_INT, 0, false); 63 $this->initVar('user_id', XOBJ_DTYPE_INT, null, false); 64 $this->initVar('icon', XOBJ_DTYPE_OTHER, null, false); 65 $this->initVar('prefix', XOBJ_DTYPE_OTHER, null, false); 66 if (!empty($id)) { 67 if (is_array($id)) { 68 $this->assignVars($id); 69 } else { 70 $this->load((int)$id); 71 } 72 } 73 } 74 75 /** 76 * Load Comment by ID 77 * 78 * @param int $id 79 */ 80 public function load($id) 81 { 82 $id = (int)$id; 83 $sql = 'SELECT * FROM ' . $this->ctable . ' WHERE comment_id=' . $id; 84 $arr = $this->db->fetchArray($this->db->query($sql)); 85 $this->assignVars($arr); 86 } 87 88 /** 89 * Save Comment 90 * 91 * @return int 92 */ 93 public function store() 94 { 95 if (!$this->cleanVars()) { 96 return false; 97 } 98 foreach ($this->cleanVars as $k => $v) { 99 $$k = $v; 100 } 101 $isnew = false; 102 if (empty($comment_id)) { 103 $isnew = true; 104 $comment_id = $this->db->genId($this->ctable . '_comment_id_seq'); 105 $sql = sprintf("INSERT INTO %s (comment_id, pid, item_id, date, user_id, ip, subject, comment, nohtml, nosmiley, noxcode, icon) VALUES (%u, %u, %u, %u, %u, '%s', '%s', '%s', %u, %u, %u, '%s')", $this->ctable, $comment_id, $pid, $item_id, time(), $user_id, $ip, $subject, $comment, $nohtml, $nosmiley, $noxcode, $icon); 106 } else { 107 $sql = sprintf("UPDATE %s SET subject = '%s', comment = '%s', nohtml = %u, nosmiley = %u, noxcode = %u, icon = '%s' WHERE comment_id = %u", $this->ctable, $subject, $comment, $nohtml, $nosmiley, $noxcode, $icon, $comment_id); 108 } 109 if (!$result = $this->db->query($sql)) { 110 //echo $sql; 111 return false; 112 } 113 if (empty($comment_id)) { 114 $comment_id = $this->db->getInsertId(); 115 } 116 if ($isnew != false) { 117 $sql = sprintf('UPDATE %s SET posts = posts+1 WHERE uid = %u', $this->db->prefix('users'), $user_id); 118 if (!$result = $this->db->query($sql)) { 119 echo 'Could not update user posts.'; 120 } 121 } 122 123 return $comment_id; 124 } 125 126 /** 127 * Enter description here... 128 * 129 * @return int 130 */ 131 public function delete() 132 { 133 $sql = sprintf('DELETE FROM %s WHERE comment_id = %u', $this->ctable, $this->getVar('comment_id')); 134 if (!$result = $this->db->query($sql)) { 135 return false; 136 } 137 $sql = sprintf('UPDATE %s SET posts = posts-1 WHERE uid = %u', $this->db->prefix('users'), $this->getVar('user_id')); 138 if (!$result = $this->db->query($sql)) { 139 echo 'Could not update user posts.'; 140 } 141 $mytree = new XoopsTree($this->ctable, 'comment_id', 'pid'); 142 $arr = $mytree->getAllChild($this->getVar('comment_id'), 'comment_id'); 143 $size = count($arr); 144 if ($size > 0) { 145 for ($i = 0; $i < $size; ++$i) { 146 $sql = sprintf('DELETE FROM %s WHERE comment_bid = %u', $this->ctable, $arr[$i]['comment_id']); 147 if (!$result = $this->db->query($sql)) { 148 echo 'Could not delete comment.'; 149 } 150 $sql = sprintf('UPDATE %s SET posts = posts-1 WHERE uid = %u', $this->db->prefix('users'), $arr[$i]['user_id']); 151 if (!$result = $this->db->query($sql)) { 152 echo 'Could not update user posts.'; 153 } 154 } 155 } 156 157 return ($size + 1); 158 } 159 160 /** 161 * Get Comments Tree 162 * 163 * @return unknown 164 */ 165 public function getCommentTree() 166 { 167 $mytree = new XoopsTree($this->ctable, 'comment_id', 'pid'); 168 $ret = array(); 169 $tarray = $mytree->getChildTreeArray($this->getVar('comment_id'), 'comment_id'); 170 foreach ($tarray as $ele) { 171 $ret[] = new XoopsComments($this->ctable, $ele); 172 } 173 174 return $ret; 175 } 176 177 /** 178 * Get All Comments using criteria match 179 * 180 * @param array $criteria 181 * @param bool $asobject 182 * @param string $orderby 183 * @param int $limit 184 * @param int $start 185 * @return array 186 */ 187 public function getAllComments($criteria = array(), $asobject = true, $orderby = 'comment_id ASC', $limit = 0, $start = 0) 188 { 189 $ret = array(); 190 $where_query = ''; 191 if (is_array($criteria) && count($criteria) > 0) { 192 $where_query = ' WHERE'; 193 foreach ($criteria as $c) { 194 $where_query .= " $c AND"; 195 } 196 $where_query = substr($where_query, 0, -4); 197 } 198 if (!$asobject) { 199 $sql = 'SELECT comment_id FROM ' . $this->ctable . "$where_query ORDER BY $orderby"; 200 $result = $this->db->query($sql, $limit, $start); 201 while (false !== ($myrow = $this->db->fetchArray($result))) { 202 $ret[] = $myrow['comment_id']; 203 } 204 } else { 205 $sql = 'SELECT * FROM ' . $this->ctable . '' . $where_query . " ORDER BY $orderby"; 206 $result = $this->db->query($sql, $limit, $start); 207 while (false !== ($myrow = $this->db->fetchArray($result))) { 208 $ret[] = new XoopsComments($this->ctable, $myrow); 209 } 210 } 211 212 //echo $sql; 213 return $ret; 214 } 215 216 /** 217 * Enter printNavBar 218 * 219 * @param int $item_id 220 * @param string $mode 221 * @param int $order 222 */ 223 public function printNavBar($item_id, $mode = 'flat', $order = 1) 224 { 225 global $xoopsConfig, $xoopsUser; 226 echo "<form method='get' action='" . $_SERVER['PHP_SELF'] . "'><table width='100%' border='0' cellspacing='1' cellpadding='2'><tr><td class='bg1' align='center'><select name='mode'><option value='nocomments'"; 227 if ($mode === 'nocomments') { 228 echo " selected"; 229 } 230 echo '>' . _NOCOMMENTS . "</option><option value='flat'"; 231 if ($mode === 'flat') { 232 echo " selected"; 233 } 234 echo '>' . _FLAT . "</option><option value='thread'"; 235 if ($mode === 'thread' || $mode == '') { 236 echo " selected"; 237 } 238 echo '>' . _THREADED . "</option></select><select name='order'><option value='0'"; 239 if ($order != 1) { 240 echo " selected"; 241 } 242 echo '>' . _OLDESTFIRST . "</option><option value='1'"; 243 if ($order == 1) { 244 echo " selected"; 245 } 246 echo '>' . _NEWESTFIRST . "</option></select><input type='hidden' name='item_id' value='" . (int)$item_id . "' /><input type='submit' value='" . _CM_REFRESH . "' />"; 247 if ($xoopsConfig['anonpost'] == 1 || $xoopsUser) { 248 if ($mode !== 'flat' || $mode !== 'nocomments' || $mode !== 'thread') { 249 $mode = 'flat'; 250 } 251 echo " <input type='button' onclick='location=\"newcomment.php?item_id=" . (int)$item_id . '&order=' . (int)$order . '&mode=' . $mode . "\"' value='" . _CM_POSTCOMMENT . "' />"; 252 } 253 echo '</td></tr></table></form>'; 254 } 255 256 /** 257 * Show Thread 258 * 259 */ 260 public function showThreadHead() 261 { 262 openThread(); 263 } 264 265 /** 266 * Enter description here... 267 * 268 * @param string $order 269 * @param string $mode 270 * @param int $adminview 271 * @param int $color_num 272 */ 273 public function showThreadPost($order, $mode, $adminview = 0, $color_num = 1) 274 { 275 global $xoopsConfig, $xoopsUser; 276 $edit_image = ''; 277 $reply_image = ''; 278 $delete_image = ''; 279 $post_date = formatTimestamp($this->getVar('date'), 'm'); 280 if ($this->getVar('user_id') != 0) { 281 $poster = new XoopsUser($this->getVar('user_id')); 282 if (!$poster->isActive()) { 283 $poster = 0; 284 } 285 } else { 286 $poster = 0; 287 } 288 if ($this->getVar('icon') != null && $this->getVar('icon') != '') { 289 $subject_image = "<a name='" . $this->getVar('comment_id') . "' id='" . $this->getVar('comment_id') . "'></a><img src='" . XOOPS_URL . '/images/subject/' . $this->getVar('icon') . "' alt='' />"; 290 } else { 291 $subject_image = "<a name='" . $this->getVar('comment_id') . "' id='" . $this->getVar('comment_id') . "'></a><img src='" . XOOPS_URL . "/images/icons/no_posticon.gif' alt='' />"; 292 } 293 if ($adminview) { 294 $ip_image = "<img src='" . XOOPS_URL . "/images/icons/ip.gif' alt='" . $this->getVar('ip') . "' />"; 295 } else { 296 $ip_image = "<img src='" . XOOPS_URL . "/images/icons/ip.gif' alt='' />"; 297 } 298 if ($adminview || ($xoopsUser && $this->getVar('user_id') == $xoopsUser->getVar('uid'))) { 299 $edit_image = "<a href='editcomment.php?comment_id=" . $this->getVar('comment_id') . '&mode=' . $mode . '&order=' . (int)$order . "'><img src='" . XOOPS_URL . "/images/icons/edit.gif' alt='" . _EDIT . "' /></a>"; 300 } 301 if ($xoopsConfig['anonpost'] || $xoopsUser) { 302 $reply_image = "<a href='replycomment.php?comment_id=" . $this->getVar('comment_id') . '&mode=' . $mode . '&order=' . (int)$order . "'><img src='" . XOOPS_URL . "/images/icons/reply.gif' alt='" . _REPLY . "' /></a>"; 303 } 304 if ($adminview) { 305 $delete_image = "<a href='deletecomment.php?comment_id=" . $this->getVar('comment_id') . '&mode=' . $mode . '&order=' . (int)$order . "'><img src='" . XOOPS_URL . "/images/icons/delete.gif' alt='" . _DELETE . "' /></a>"; 306 } 307 308 if ($poster) { 309 $text = $this->getVar('comment'); 310 if ($poster->getVar('attachsig')) { 311 $text .= '<p><br>_________________<br>' . $poster->user_sig() . '</p>'; 312 } 313 $reg_date = _CM_JOINED; 314 $reg_date .= formatTimestamp($poster->getVar('user_regdate'), 's'); 315 $posts = _CM_POSTS; 316 $posts .= $poster->getVar('posts'); 317 $user_from = _CM_FROM; 318 $user_from .= $poster->getVar('user_from'); 319 $rank = $poster->rank(); 320 if ($rank['image'] != '') { 321 $rank['image'] = "<img src='" . XOOPS_UPLOAD_URL . '/' . $rank['image'] . "' alt='' />"; 322 } 323 $avatar_image = "<img src='" . XOOPS_UPLOAD_URL . '/' . $poster->getVar('user_avatar') . "' alt='' />"; 324 $online_image = ''; 325 if ($poster->isOnline()) { 326 $online_image = "<span style='color:#ee0000;font-weight:bold;'>" . _CM_ONLINE . '</span>'; 327 } 328 $profile_image = "<a href='" . XOOPS_URL . '/userinfo.php?uid=' . $poster->getVar('uid') . "'><img src='" . XOOPS_URL . "/images/icons/profile.gif' alt='" . _PROFILE . "' /></a>"; 329 $pm_image = ''; 330 if ($xoopsUser) { 331 $pm_image = "<a href='javascript:openWithSelfMain(\"" . XOOPS_URL . '/pmlite.php?send2=1&to_userid=' . $poster->getVar('uid') . "\",\"pmlite\",565,500);'><img src='" . XOOPS_URL . "/images/icons/pm.gif' alt='" . sprintf(_SENDPMTO, $poster->getVar('uname', 'E')) . "' /></a>"; 332 } 333 $email_image = ''; 334 if ($poster->getVar('user_viewemail')) { 335 $email_image = "<a href='mailto:" . $poster->getVar('email', 'E') . "'><img src='" . XOOPS_URL . "/images/icons/email.gif' alt='" . sprintf(_SENDEMAILTO, $poster->getVar('uname', 'E')) . "' /></a>"; 336 } 337 $posterurl = $poster->getVar('url'); 338 $www_image = ''; 339 if ($posterurl != '') { 340 $www_image = "<a href='$posterurl' rel='external'><img src='" . XOOPS_URL . "/images/icons/www.gif' alt='" . _VISITWEBSITE . "' /></a>"; 341 } 342 $icq_image = ''; 343 if ($poster->getVar('user_icq') != '') { 344 $icq_image = "<a href='http://wwp.icq.com/scripts/search.dll?to=" . $poster->getVar('user_icq', 'E') . "'><img src='" . XOOPS_URL . "/images/icons/icq_add.gif' alt='" . _ADD . "' /></a>"; 345 } 346 $aim_image = ''; 347 if ($poster->getVar('user_aim') != '') { 348 $aim_image = "<a href='aim:goim?screenname=" . $poster->getVar('user_aim', 'E') . '&message=Hi+' . $poster->getVar('user_aim') . "+Are+you+there?'><img src='" . XOOPS_URL . "/images/icons/aim.gif' alt='aim' /></a>"; 349 } 350 $yim_image = ''; 351 if ($poster->getVar('user_yim') != '') { 352 $yim_image = "<a href='http://edit.yahoo.com/config/send_webmesg?.target=" . $poster->getVar('user_yim', 'E') . "&.src=pg'><img src='" . XOOPS_URL . "/images/icons/yim.gif' alt='yim' /></a>"; 353 } 354 $msnm_image = ''; 355 if ($poster->getVar('user_msnm') != '') { 356 $msnm_image = "<a href='" . XOOPS_URL . '/userinfo.php?uid=' . $poster->getVar('uid') . "'><img src='" . XOOPS_URL . "/images/icons/msnm.gif' alt='msnm' /></a>"; 357 } 358 showThread($color_num, $subject_image, $this->getVar('subject'), $text, $post_date, $ip_image, $reply_image, $edit_image, $delete_image, $poster->getVar('uname'), $rank['title'], $rank['image'], $avatar_image, $reg_date, $posts, $user_from, $online_image, $profile_image, $pm_image, $email_image, $www_image, $icq_image, $aim_image, $yim_image, $msnm_image); 359 } else { 360 showThread($color_num, $subject_image, $this->getVar('subject'), $this->getVar('comment'), $post_date, $ip_image, $reply_image, $edit_image, $delete_image, $xoopsConfig['anonymous']); 361 } 362 } 363 364 /** 365 * Show Thread Footer 366 * 367 */ 368 public function showThreadFoot() 369 { 370 closeThread(); 371 } 372 373 /** 374 * Show Thread Head 375 * 376 * @param int|string $width 377 */ 378 public function showTreeHead($width = '100%') 379 { 380 echo "<table border='0' class='outer' cellpadding='0' cellspacing='0' align='center' width='$width'><tr class='bg3' align='center'><td colspan='3'>" . _CM_REPLIES . "</td></tr><tr class='bg3' align='left'><td width='60%' class='fg2'>" . _CM_TITLE . "</td><td width='20%' class='fg2'>" . _CM_POSTER . "</td><td class='fg2'>" . _CM_POSTED . '</td></tr>'; 381 } 382 383 /** 384 * Show Tree Items 385 * 386 * @param string $order 387 * @param string $mode 388 * @param int $color_num 389 */ 390 public function showTreeItem($order, $mode, $color_num) 391 { 392 $bg = 'odd'; 393 if ($color_num == 1) { 394 $bg = 'even'; 395 } 396 $prefix = str_replace('.', ' ', $this->getVar('prefix')); 397 $date = formatTimestamp($this->getVar('date'), 'm'); 398 $icon = 'icons/no_posticon.gif'; 399 if ($this->getVar('icon') != '') { 400 $icon = 'subject/' . $this->getVar('icon', 'E'); 401 } 402 echo "<tr class='$bg' align='left'><td>" . $prefix . "<img src='" . XOOPS_URL . '/images/' . $icon . "'> <a href='" . $_SERVER['PHP_SELF'] . '?item_id=' . $this->getVar('item_id') . '&comment_id=' . $this->getVar('comment_id') . '&mode=' . $mode . '&order=' . $order . '#' . $this->getVar('comment_id') . "'>" . $this->getVar('subject') . "</a></td><td><a href='" . XOOPS_URL . '/userinfo.php?uid=' . $this->getVar('user_id') . "'>" . XoopsUser::getUnameFromId($this->getVar('user_id')) . '</a></td><td>' . $date . '</td></tr>'; 403 } 404 405 /** 406 * Show Thread Foot 407 * 408 */ 409 public function showTreeFoot() 410 { 411 echo '</table><br>'; 412 } 413} 414