PHP Classes

File: class_comment_admin.php

Recommend this page to a friend!
  Classes of Peter Klauer   Comment   class_comment_admin.php   Download  
File: class_comment_admin.php
Role: Auxiliary script
Content type: text/plain
Description: Use this class to validate the comments or to delete them
Class: Comment
Manage a comment system using an SQL database
Author: By
Last change: Licens, Version
Date: 12 years ago
Size: 12,435 bytes
 

Contents

Class file image Download
<?php /* * Filename.....: class_comment_admin.php * Class........: comment_admin * Purpose......: Validate comments * Parameter....: none * Creation date: 2006-05-25 * Version......: 0.8 * License......: LGPL v3 * Copyright....: Peter Klauer * _ __ _ _ * ||| | |/ / (_) | Wirtschaftsinformatiker IHK * \. ./| ' / _ __ _| |_ ___ www.ingoknito.de * - ^ -| < | '_ \| | __/ _ \ * / - \| . \| | | | | || (_) | Peter Klauer * ||| |_|\_\_| |_|_|\__\___/ 06136-909093 * Mailto.......: knito@knito.de * * This library is free software; you can redistribute it and/or modify * it under the terms of the GNU Lesser General Public License as published by * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. http://www.gnu.org/copyleft/lesser.html * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public License * along with this program; if not, write to the Free Software Foundation * 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. * * If you need a commercial license please contact the copyright owner. */ class comment_admin extends comment { var $say_select_all = 'Select all'; var $say_unselect_all = 'unSelect all'; var $say_delete_selected = 'delete selected'; var $say_confirm_selected = 'confirm selected'; var $say_all = 'all'; var $say_unvalidated = 'unvalidated'; var $say_range = 'Range:'; var $style_validated = 'background-color:#bfb'; var $only_unvalidated = true; # This is a user defined callback function($id_for, $code_for) # which may reveal more informations about the commented item # let it search for the caption of the commented item in another sql table. var $udf_id_for_code_for = ''; // name of the function which takes 2 args: $id_for and $code_for function comment_admin( &$sqltable, $cssdir = './css/' ) { # setting id_for and/or code_for will restrict the # admin to only the id_for and code_for which is set # if id_for other than 0 or/and code_for other than '' $id_for = 0; // every id with value 0, set to reduce rights $code_for = ''; // every code with value '', set to reduce rights parent::comment( $id_for, $code_for, $sqltable, $cssdir ); } /** * output the admin table with the newest comments in front * */ function put() { # # # if( (isset( $_POST['GO']) and $_POST['GO'] == '1') ) { // Markierte S�tze validieren $k = array_keys($_POST); for( $i = 0; $i < count($k); $i++ ) { # echo "\n<br>\$k[\$i]=".$k[$i].", \$_POST['\$k[\$i]']=".$_POST[$k[$i]]; if( substr( $k[$i],0,6 ) == 'valid_' ) { # aus valid_4 mach id_4 $nr = substr( $k[$i], 3); $id = $_POST[$nr]; switch( $_POST['OK'] ) { case $this->say_confirm_selected: $query = "update comments set validated='1' where id='$id'"; if( $this->debug ) echo "executing: $query"; $this->execute( 'query', $query ); break; case $this->say_delete_selected: $query = "delete from comments where id='$id'"; if( $this->debug ) echo "executing: $query"; $this->execute( 'query', $query ); break; } // end of switch $OK } // end of $k == valid_ } // NEXT i } // end if GO == '1' # # # $ps = $_SERVER['PHP_SELF']; $qs = $_SERVER['QUERY_STRING']; if( substr( $qs, 0, 1 ) == '?' ) $qs = substr( $qs,1 ); // alles ohne Frachezeichen $s1 = ''; $s0 = ''; if( isset( $_GET['which'] ) and !isset( $_POST['which']) ) $_POST['which'] = $_GET['which']; if( isset( $_POST['which'] ) and $_POST['which'] == '1' ) $s1 = ' checked '; if( isset( $_POST['which'] ) and $_POST['which'] == '0' ) $s0 = ' checked '; echo "<form method='POST' action='$ps?$qs'> <noscript><input type='submit' name='btn' value='$this->say_range'></noscript> <label for='which1'><input onclick='return this.form.submit()' type='radio' $s1 name='which' value='1' id='which1'>$this->say_all</label> <label for='which0'><input onclick='return this.form.submit()' type='radio' $s0 name='which' value='0' id='which0'>$this->say_unvalidated</label> </form>"; echo "<form method='POST' action='$ps?$qs'> <input type='hidden' name='GO' value='1'> <input type='submit' name='OK' value='$this->say_confirm_selected'> <input type='submit' name='OK' value='$this->say_delete_selected'> "; $datesql = $this->sqlisodate('datetime').', '. $this->sqlisodate('lastchanged'); // get a valid date sql string for iso date YYYY-mm-dd HH:ii:ss $where = 'where 1=1 '; // mssql does not like "where 1 ", mysql does if( isset( $_POST['which'] ) and $_POST['which'] == 1 ) $this->only_unvalidated = false; if( $this->only_unvalidated == true ) { $where .= ' and validated=0'; } if( $this->id_for > 0 ) { $where .= " and id_for='$this->id_for'"; // special id_for value } if( strlen($this->code_for) > 0 ) { $where .= " and code_for='$this->code_for'"; // special code_for value } $query = "select id, $datesql, nickname, comment, ip, dns, user_agent, id_for, code_for, validated from comments $where order by datetime desc"; $r = $this->execute( 'query', $query ); if( $r and ( $this->execute( 'num_rows', $r ) > 0 ) ) { $this->sqltable->udf['id'] = 'comment_admin::udf_checkbox'; $this->sqltable->udf['datetime'] = 'comment_admin::udf_comment'; $this->sqltable->udf['ip'] = 'comment_admin::udf_summary'; $this->sqltable->trtagudf = 'comment_admin::tr_color'; $this->sqltable->showcaptions = false; // we rearrange everything into one cell $this->sqltable->style['id'] = 'white-space:nowrap'; if( strlen( $this->code_for ) > 0 ) $this->hidden['code_for'] = 1; if( $this->id_for > 0 ) $this->hidden['id_for'] = 1; $this->sqltable->hidden['nickname'] = 1; $this->sqltable->hidden['dns'] = 1; $this->sqltable->hidden['user_agent'] = 1; $this->sqltable->hidden['id_for'] = 1; $this->sqltable->hidden['code_for'] = 1; $this->sqltable->hidden['comment'] = 1; $this->sqltable->hidden['validated'] = 1; $this->sqltable->hidden['lastchanged'] = 1; $this->sqltable->fillup = false; $this->sqltable->index = false; echo $this->before_comments; echo '<a name="commentsqltable"></a>'; # # Select ALL # $q = $this->sqltable->adjust_query_string( $qs, 'selectall=1' ); if( isset( $_POST['which'] ) ) { $q = $this->sqltable->adjust_query_string( $q, 'which='.$_POST['which'] ); } echo "<a href='$ps?$q' title='$this->say_select_all'>$this->say_select_all</a> "; # # UNSelect ALL # $q = $this->sqltable->adjust_query_string( $qs, 'selectall=0' ); if( isset( $_POST['which'] ) ) { $q = $this->sqltable->adjust_query_string( $q, 'which='.$_POST['which'] ); } echo "<a href='$ps?$q' title='$this->say_unselect_all'>$this->say_unselect_all</a>"; $this->sqltable->anchor = '#commentsqltable'; $this->sqltable->put( $r ); $this->sqltable->anchor = ''; echo $this->after_comments; $this->execute( 'free_result', $r ); } echo '</form>'; } // eof put() /** * UDF for sqltable column "datetime" * Used to arrange multiple columns into one cell * @param string $a = original cell value * @param object $sqlrowvars = key-value-paired array * @param object $myself = initialized object of comment ($this) */ function udf_comment($a, $sqlrowvars, $myself) { static $counter = 1; global $_SERVER; # # top row of comment contains nickname and dates # $s1 = '<a name="comment'.$counter.'"></a><div class="commenttopbar">'. '<table width="100%" summary="commentheadline"><tr><td class="commentnickname">'. $sqlrowvars['nickname']. '</td><td align="right" class="commentdatetime">'.$myself->say_entered.': '. $sqlrowvars['datetime'].'<br>'; if( $sqlrowvars['lastchanged'] <> $sqlrowvars['datetime'] ) { $changed = substr( $sqlrowvars['lastchanged'], 10 ); $s1 .= $myself->say_lastchanged.': '.$changed; } $s1 .= '</td></tr></table></div>'; $text = $sqlrowvars['comment']; $edit = 0; $today = date( 'Y-m-d' ); $ps = $_SERVER['PHP_SELF']; $qs = $_SERVER['QUERY_STRING']; # # The following avoids when tidying the generation of &amp;amp; # $qs = str_replace( '&amp;','&', $qs ); # make &amp; to & $qs = str_replace( '&', '&amp;', $qs ); # make & to &amp; # # Check if the useragent, date, ip and nickname fit together. # If yes, then let the user edit his input. # Otherwise, just display the text. # if( strpos( '@'.$sqlrowvars['datetime'], $today ) > 0 ) { if( $_SERVER['REMOTE_ADDR'] == $sqlrowvars['ip'] ) { if( $_SERVER['HTTP_USER_AGENT'] == $sqlrowvars['user_agent'] ) { $edit = 1; } } } $begin = '<div class="comment">'; if( $edit == 1 ) { $s = "<form action='$ps?$qs#comment$counter' method='POST'> <textarea name='comment' rows='$myself->comment_rows' cols='$myself->comment_cols'>$text</textarea> <input type='hidden' name='id_comment' value='".$sqlrowvars['id']."'> <input type='hidden' name='updatecomment' value='1'> <input type='submit' name='btn' value='$myself->say_update'> </form>"; } else { $s = '<span>'.$text.'</span>'; // span for css } $end = '</div>'; $counter ++; // increase at each row return $begin.$s1.$s.$end; } // eof callback udf_commentsarrangedata() for sqltable /** * UDF for sqltable column "ip" * Used to arrange multiple columns into one cell * @param string $a = original cell value * @param object $sqlrowvars = key-value-paired array * @param object $myself = initialized object of comment ($this) */ function udf_summary($a, $sqlrowvars, $myself) { return( $sqlrowvars['user_agent'].'<br>'. $sqlrowvars['ip'].'<br>'. $sqlrowvars['dns'] ); } // eof callback udf_summary() for sqltable /** * callback function for column "id" * return infos about the comment and the checkbox. * * @param integer $id = id value of column * @param array $all = array of all column values of sql result * @param object $myself = object of comment_admin * @return string */ function udf_checkbox($id, $all, $myself) { static $a; $a++; $checked = ''; if (isset( $_GET['selectall'] ) and $_GET['selectall'] == '1') $checked = ' checked'; /** Create the checkbox for validating or deleting **/ $s = "<input$checked id='cb_$a' type='checkbox' name='valid_$a'>". "<input type='hidden' name='id_$a' value='$id'>". "<label for='cb_$a'> [ $id ]"; if( strlen( trim( $myself->udf_id_for_code_for ) ) > 0 ) { $s.= '<br>'.eval( "return $myself->udf_id_for_code_for(".$all['id_for'].",'".$all['code_for']."');"); } else { $s.= '<br>Code: '.$all['code_for'].'<br>Id: '.$all['id_for']; } return( $s.'</label>' ); } // eof callback udf_checkbox() for sqltable /** * callback function for trtagudf * returns green background for validated items * @param array $cols = array of all column values * @param object $myself = object of comment_admin */ function tr_color( $cols, $myself ) { if( $cols['validated'] == '1' ) { echo " style='$myself->style_validated' "; } } // eof callback function tr_color() for sqltable } // eoc comment_admin ?>