Login   Register  
PHP Classes
elePHPant
Icontem

File: class_comment_admin.php

Recommend this page to a friend!
Stumble It! Stumble It! Bookmark in del.icio.us Bookmark in del.icio.us
  Classes of Peter Klauer  >  Comment  >  class_comment_admin.php  >  Download  
File: class_comment_admin.php
Role: Auxiliary script
Content type: text/plain
Description: Use this class to validate the comments or to delete them
Class: Comment
Manage a comment system using an SQL database
Author: By
Last change: Licens, Version
Date: 3 years ago
Size: 12,435 bytes
 

Contents

Class file image Download
<?php
/*
*  Filename.....: class_comment_admin.php
*  Class........: comment_admin
*  Purpose......: Validate comments
*  Parameter....: none
*  Creation date: 2006-05-25
*  Version......: 0.8
*  License......: LGPL v3
*  Copyright....: Peter Klauer
*        _  __      _ _
*   ||| | |/ /     (_) |        Wirtschaftsinformatiker IHK
*  \. ./| ' / _ __  _| |_ ___   www.ingoknito.de
*  - ^ -|  < | '_ \| | __/ _ \
*  / - \| . \| | | | | || (_) | Peter Klauer
*   ||| |_|\_\_| |_|_|\__\___/  06136-909093
*  Mailto.......: knito@knito.de
*
*  This library is free software; you can redistribute it and/or modify
*  it under the terms of the GNU Lesser General Public License as published by
*  the Free Software Foundation; either version 3 of the License, or
*  (at your option) any later version. http://www.gnu.org/copyleft/lesser.html
*
*  This library is distributed in the hope that it will be useful,
*  but WITHOUT ANY WARRANTY; without even the implied warranty of
*  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*  GNU Lesser General Public License for more details. 
*
*  You should have received a copy of the GNU Lesser General Public License
*  along with this program; if not, write to the Free Software Foundation
*  51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA.
*
*  If you need a commercial license please contact the copyright owner. 
*/


class comment_admin extends comment
{

  var $say_select_all = 'Select all';
  var $say_unselect_all = 'unSelect all';
  var $say_delete_selected = 'delete selected';
  var $say_confirm_selected = 'confirm selected';

  var $say_all = 'all';
  var $say_unvalidated = 'unvalidated';
  var $say_range = 'Range:';

  var $style_validated = 'background-color:#bfb';

  var $only_unvalidated = true;

  # This is a user defined callback function($id_for, $code_for)
  # which may reveal more informations about the commented item
  # let it search for the caption of the commented item in another sql table.
  var $udf_id_for_code_for = ''; // name of the function which takes 2 args: $id_for and $code_for


  function comment_admin( &$sqltable,  $cssdir = './css/' )
  {
    # setting id_for and/or code_for will restrict the
    # admin to only the id_for and code_for which is set
    # if id_for other than 0 or/and code_for other than ''

    $id_for = 0; // every id with value 0, set to reduce rights
    $code_for = ''; // every code with value '', set to reduce rights

    parent::comment( $id_for, $code_for, $sqltable,  $cssdir );
  }


  /**
  * output the admin table with the newest comments in front
  *
  */
  function put()
  {


# # #


if( (isset( $_POST['GO']) and $_POST['GO'] == '1')  )
{

  // Markierte S�tze validieren
  $k = array_keys($_POST);
  for( $i = 0; $i < count($k); $i++ )
  {
    # echo "\n<br>\$k[\$i]=".$k[$i].", \$_POST['\$k[\$i]']=".$_POST[$k[$i]];

    if( substr( $k[$i],0,6 ) == 'valid_' )
    {

      # aus valid_4 mach id_4
      $nr = substr( $k[$i], 3);
      $id = $_POST[$nr];

      switch( $_POST['OK'] )
      {

        case $this->say_confirm_selected:

          $query = "update comments set validated='1' where id='$id'";
          if( $this->debug ) echo "executing: $query";
          $this->execute( 'query', $query );
          break;

        case $this->say_delete_selected:

          $query = "delete from comments where id='$id'";
          if( $this->debug ) echo "executing: $query";
          $this->execute( 'query', $query );
          break;

      } // end of switch $OK

    } // end of $k == valid_

  } // NEXT i


} // end if GO == '1'


# # #

$ps = $_SERVER['PHP_SELF'];
$qs = $_SERVER['QUERY_STRING'];

if( substr( $qs, 0, 1 ) == '?' ) $qs = substr( $qs,1 ); // alles ohne Frachezeichen

$s1 = ''; $s0 = '';
if( isset( $_GET['which'] ) and !isset( $_POST['which']) ) $_POST['which'] = $_GET['which'];
if( isset( $_POST['which'] ) and $_POST['which'] == '1' ) $s1 = ' checked ';
if( isset( $_POST['which'] ) and $_POST['which'] == '0' ) $s0 = ' checked ';

echo "<form method='POST' action='$ps?$qs'>
<noscript><input type='submit' name='btn' value='$this->say_range'></noscript>
<label for='which1'><input onclick='return this.form.submit()' type='radio' $s1 name='which' value='1' id='which1'>$this->say_all</label>
<label for='which0'><input onclick='return this.form.submit()' type='radio' $s0 name='which' value='0' id='which0'>$this->say_unvalidated</label>

</form>";

echo "<form method='POST' action='$ps?$qs'>
<input type='hidden' name='GO' value='1'>
<input type='submit' name='OK' value='$this->say_confirm_selected'>
<input type='submit' name='OK' value='$this->say_delete_selected'>
";


      $datesql = $this->sqlisodate('datetime').', '.
        $this->sqlisodate('lastchanged'); // get a valid date sql string for iso date YYYY-mm-dd HH:ii:ss


      $where = 'where 1=1 '; // mssql does not like "where 1 ", mysql does

      if( isset( $_POST['which'] ) and $_POST['which'] == 1 ) $this->only_unvalidated = false;


      if( $this->only_unvalidated == true )
      {
        $where .= ' and validated=0';
      }

      if( $this->id_for > 0 )
      {
        $where .= " and id_for='$this->id_for'"; // special id_for value
      }

      if( strlen($this->code_for) > 0 )
      {
        $where .= " and code_for='$this->code_for'"; // special code_for value
      }


      $query = "select id, $datesql, nickname, comment, ip, dns, user_agent, id_for, code_for, validated
      from comments $where
      order by datetime desc";

      $r = $this->execute( 'query', $query );
      if( $r and  ( $this->execute( 'num_rows', $r ) > 0 ) )
      {

        $this->sqltable->udf['id'] = 'comment_admin::udf_checkbox';
        $this->sqltable->udf['datetime'] = 'comment_admin::udf_comment';
        $this->sqltable->udf['ip'] = 'comment_admin::udf_summary';

        $this->sqltable->trtagudf = 'comment_admin::tr_color';


        $this->sqltable->showcaptions = false; // we rearrange everything into one cell
        $this->sqltable->style['id'] = 'white-space:nowrap';

        if( strlen( $this->code_for ) > 0 ) $this->hidden['code_for'] = 1;
        if( $this->id_for > 0 ) $this->hidden['id_for'] = 1;

        $this->sqltable->hidden['nickname'] = 1;
        $this->sqltable->hidden['dns'] = 1;
        $this->sqltable->hidden['user_agent'] = 1;

        $this->sqltable->hidden['id_for'] = 1;
        $this->sqltable->hidden['code_for'] = 1;

        $this->sqltable->hidden['comment'] = 1;
        $this->sqltable->hidden['validated'] = 1;
        $this->sqltable->hidden['lastchanged'] = 1;

        $this->sqltable->fillup = false;
        $this->sqltable->index = false;

        echo $this->before_comments;

        echo '<a name="commentsqltable"></a>';


        #
        # Select ALL
        #
        $q = $this->sqltable->adjust_query_string( $qs, 'selectall=1' );
        if( isset( $_POST['which'] ) )
        {
          $q = $this->sqltable->adjust_query_string( $q, 'which='.$_POST['which'] );
        }
        echo "<a href='$ps?$q' title='$this->say_select_all'>$this->say_select_all</a> ";

        #
        # UNSelect ALL
        #
        $q = $this->sqltable->adjust_query_string( $qs, 'selectall=0' );
        if( isset( $_POST['which'] ) )
        {
          $q = $this->sqltable->adjust_query_string( $q, 'which='.$_POST['which'] );
        }

        echo "<a href='$ps?$q' title='$this->say_unselect_all'>$this->say_unselect_all</a>";

        $this->sqltable->anchor = '#commentsqltable';
        $this->sqltable->put( $r );
        $this->sqltable->anchor = '';

        echo $this->after_comments;
        $this->execute( 'free_result', $r );
      }

      echo '</form>';

  } // eof put()


  /**
  * UDF for sqltable column "datetime"
  * Used to arrange multiple columns into one cell
  * @param string $a = original cell value
  * @param object $sqlrowvars = key-value-paired array
  * @param object $myself = initialized object of comment ($this)
  */
  function udf_comment($a, $sqlrowvars, $myself)
  {

    static $counter = 1;

    global $_SERVER;

    #
    # top row of comment contains nickname and dates
    #
    $s1 = '<a name="comment'.$counter.'"></a><div class="commenttopbar">'.
    '<table width="100%" summary="commentheadline"><tr><td class="commentnickname">'.
    $sqlrowvars['nickname'].
    '</td><td align="right" class="commentdatetime">'.$myself->say_entered.': '.
    $sqlrowvars['datetime'].'<br>';

    if( $sqlrowvars['lastchanged'] <> $sqlrowvars['datetime'] )
    {
      $changed = substr( $sqlrowvars['lastchanged'], 10 );
      $s1 .=  $myself->say_lastchanged.': '.$changed;
    }

    $s1 .= '</td></tr></table></div>';


    $text = $sqlrowvars['comment'];

    $edit = 0;
    $today = date( 'Y-m-d' );

    $ps = $_SERVER['PHP_SELF'];
    $qs = $_SERVER['QUERY_STRING'];
    #
    # The following avoids when tidying the generation of &amp;amp;
    #
    $qs = str_replace( '&amp;','&', $qs ); # make &amp; to &
    $qs = str_replace( '&', '&amp;', $qs ); # make & to &amp;

    #
    # Check if the useragent, date, ip and nickname fit together.
    # If yes, then let the user edit his input.
    # Otherwise, just display the text.
    #
    if( strpos( '@'.$sqlrowvars['datetime'], $today ) > 0 )
    {
      if( $_SERVER['REMOTE_ADDR'] == $sqlrowvars['ip'] )
      {
        if( $_SERVER['HTTP_USER_AGENT'] == $sqlrowvars['user_agent'] )
        {
          $edit = 1;
        }
      }
    }

    $begin = '<div class="comment">';

    if( $edit == 1 )
    {
      $s = "<form action='$ps?$qs#comment$counter' method='POST'>
      <textarea name='comment' rows='$myself->comment_rows' cols='$myself->comment_cols'>$text</textarea>
      <input type='hidden' name='id_comment' value='".$sqlrowvars['id']."'>
      <input type='hidden' name='updatecomment' value='1'>
      <input type='submit' name='btn' value='$myself->say_update'>
      </form>";

    }
    else
    {
      $s = '<span>'.$text.'</span>'; // span for css
    }

    $end = '</div>';

    $counter ++; // increase at each row

    return $begin.$s1.$s.$end;

  } // eof callback udf_commentsarrangedata() for sqltable

  /**
  * UDF for sqltable column "ip"
  * Used to arrange multiple columns into one cell
  * @param string $a = original cell value
  * @param object $sqlrowvars = key-value-paired array
  * @param object $myself = initialized object of comment ($this)
  */
  function udf_summary($a, $sqlrowvars, $myself)
  {

    return(
      $sqlrowvars['user_agent'].'<br>'.
      $sqlrowvars['ip'].'<br>'.
      $sqlrowvars['dns'] );

  } // eof callback udf_summary() for sqltable


/**
* callback function for column "id"
* return infos about the comment and the checkbox.
*
* @param integer $id = id value of column
* @param array $all = array of all column values of sql result
* @param object $myself = object of comment_admin
* @return string
*/
function udf_checkbox($id, $all, $myself)
{

  static $a;

  $a++;

  $checked = '';
  if (isset( $_GET['selectall'] ) and $_GET['selectall'] == '1') $checked = ' checked';

  /** Create the checkbox for validating or deleting **/
  $s = "<input$checked id='cb_$a' type='checkbox' name='valid_$a'>".
  "<input type='hidden' name='id_$a' value='$id'>".
  "<label for='cb_$a'> [ $id ]";


  if( strlen( trim( $myself->udf_id_for_code_for ) ) > 0 )
  {
    $s.= '<br>'.eval( "return $myself->udf_id_for_code_for(".$all['id_for'].",'".$all['code_for']."');");
  }
  else
  {
    $s.= '<br>Code: '.$all['code_for'].'<br>Id: '.$all['id_for'];
  }
  return( $s.'</label>' );

} // eof callback udf_checkbox() for sqltable


/**
* callback function for trtagudf
* returns green background for validated items
* @param array $cols = array of all column values
* @param object $myself = object of comment_admin
*/
function tr_color( $cols, $myself )
{

  if( $cols['validated'] == '1' )
  {
    echo " style='$myself->style_validated' ";
  }

} // eof callback function tr_color() for sqltable

} // eoc comment_admin

?>