bug 1328: backport the pwg_token on trunk

bug 1329: backport the check_input_parameter on trunk feature 1026: add pwg_token feature for edit/delete comment. Heavy refactoring on this feature to make the code simpler and easier to maintain (I hope). git-svn-id: http://piwigo.org/svn/trunk@5195 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-06-02 04:15:05 +02:00 · 2010-03-19 22:25:39 +00:00
parent ff7e537e2b
commit c695136e4d
26 changed files with 433 additions and 170 deletions
@@ -170,28 +170,25 @@ INSERT INTO '.COMMENTS_TABLE.'

    $comm['id'] = pwg_db_insert_id(COMMENTS_TABLE);

-    if (($comment_action=='validate' and $conf['email_admin_on_comment']) or
-        ($comment_action!='validate' and $conf['email_admin_on_comment_validation']))
+    if ($conf['email_admin_on_comment']
+        or ($conf['email_admin_on_comment_validation'] and 'moderate' == $comment_action))
    {
      include_once(PHPWG_ROOT_PATH.'include/functions_mail.inc.php');

-      $del_url = get_absolute_root_url().'comments.php?delete='.$comm['id'];
+      $comment_url = get_absolute_root_url().'comments.php?comment_id='.$comm['id'];

      $keyargs_content = array
      (
        get_l10n_args('Author: %s', stripslashes($comm['author']) ),
        get_l10n_args('Comment: %s', stripslashes($comm['content']) ),
        get_l10n_args('', ''),
-        get_l10n_args('Delete: %s', $del_url)
+        get_l10n_args('Manage this user comment: %s', $comment_url)
      );

-      if ($comment_action!='validate')
+      if ('moderate' == $comment_action)
      {
-        $keyargs_content[] =
-          get_l10n_args('', '');
-        $keyargs_content[] =
-          get_l10n_args('Validate: %s',
-            get_absolute_root_url().'comments.php?validate='.$comm['id']);
+        $keyargs_content[] = get_l10n_args('', '');
+        $keyargs_content[] = get_l10n_args('(!) This comment requires validation', '');
      }

      pwg_mail_notification_admins
@@ -212,7 +209,6 @@ INSERT INTO '.COMMENTS_TABLE.'
 *
 * @param comment_id
 */
-
 function delete_user_comment($comment_id) {
  $user_where_clause = '';
  if (!is_admin())
@@ -337,4 +333,41 @@ function email_admin($action, $comment)
 			       $keyargs_content
 			       );
 }
+
+function get_comment_author_id($comment_id, $die_on_error=true)
+{
+  $query = '
+SELECT
+    author_id
+  FROM '.COMMENTS_TABLE.'
+  WHERE id = '.$comment_id.'
+;';
+  $result = pwg_query($query);
+  if (pwg_db_num_rows($result) == 0)
+  {
+    if ($die_on_error)
+    {
+      fatal_error('Unknown comment identifier');
+    }
+    else
+    {
+      return false;
+    }
+  }
+  
+  list($author_id) = pwg_db_fetch_row($result);
+
+  return $author_id;
+}
+
+function validate_user_comment($comment_id)
+{
+  $query = '
+UPDATE '.COMMENTS_TABLE.'
+  SET validated = "true"
+    , validation_date = NOW()
+  WHERE id = '.$comment_id.'
+;';
+  pwg_query($query);
+}
 ?>