merge r12596 from trunk: feature 2500: make 'validate_user_comment' and 'delete_user_comment' working with array

git-svn-id: http://piwigo.org/svn/branches/2.3@12597 68402e56-0260-453c-a942-63ccdbb3a9ee
2026-05-06 05:22:37 +02:00 · 2011-11-11 10:21:58 +00:00
parent f8a63307a7
commit ebd35f045a
2 changed files with 33 additions and 25 deletions
--- a/admin/comments.php
+++ b/admin/comments.php
@@ -48,35 +48,25 @@ if (!empty($_POST))
  }
  else
  {
+    include_once( PHPWG_ROOT_PATH .'include/functions_comment.inc.php' );
    check_input_parameter('comments', $_POST, true, PATTERN_ID);
    
    if (isset($_POST['validate']))
    {
-      $query = '
-UPDATE '.COMMENTS_TABLE.'
-  SET validated = \'true\'
-    , validation_date = NOW()
-  WHERE id IN ('.implode(',', $_POST['comments']).')
-;';
-    pwg_query($query);
+      validate_user_comment($_POST['comments']);

-    array_push(
-      $page['infos'],
-      l10n_dec(
-        '%d user comment validated', '%d user comments validated',
-        count($_POST['comments'])
-        )
-      );
+      array_push(
+        $page['infos'],
+        l10n_dec(
+          '%d user comment validated', '%d user comments validated',
+          count($_POST['comments'])
+          )
+        );
    }

    if (isset($_POST['reject']))
    {
-      $query = '
-DELETE
-  FROM '.COMMENTS_TABLE.'
-  WHERE id IN ('.implode(',', $_POST['comments']).')
-;';
-      pwg_query($query);
+      delete_user_comment($_POST['comments']);

      array_push(
        $page['infos'],
--- a/include/functions_comment.inc.php
+++ b/include/functions_comment.inc.php
@@ -202,21 +202,30 @@ INSERT INTO '.COMMENTS_TABLE.'
 * other users can delete their own comments
 * so to avoid a new sql request we add author in where clause
 *
- * @param comment_id
+ * @param int or array of int comment_id
 */
-function delete_user_comment($comment_id) {
+function delete_user_comment($comment_id)
+{
  $user_where_clause = '';
  if (!is_admin())
  {
    $user_where_clause = '   AND author_id = \''.$GLOBALS['user']['id'].'\'';
  }
+  
+  if (is_array($comment_id))
+    $where_clause = 'id IN('.implode(',', $comment_id).')';
+  else
+    $where_clause = 'id = '.$comment_id;
+    
  $query = '
 DELETE FROM '.COMMENTS_TABLE.'
-  WHERE id = '.$comment_id.
+  WHERE '.$where_clause.
 $user_where_clause.'
 ;';
  $result = pwg_query($query);
-  if ($result) {
+  
+  if ($result) 
+  {
    email_admin('delete', 
                array('author' => $GLOBALS['user']['username'],
                      'comment_id' => $comment_id
@@ -377,13 +386,22 @@ SELECT
  return $author_id;
 }

+/**
+ * Tries to validate a user comment in the database
+ * @param int or array of int comment_id
+ */
 function validate_user_comment($comment_id)
 {
+  if (is_array($comment_id))
+    $where_clause = 'id IN('.implode(',', $comment_id).')';
+  else
+    $where_clause = 'id = '.$comment_id;
+    
  $query = '
 UPDATE '.COMMENTS_TABLE.'
  SET validated = \'true\'
    , validation_date = NOW()
-  WHERE id = '.$comment_id.'
+  WHERE '.$where_clause.'
 ;';
  pwg_query($query);