b2evolution PHP Cross Reference Blogging Systems

Source: /inc/comments/_comments.ctrl.php - 736 lines - 22555 bytes - Text - Print

Description: This file implements the UI controller for managing comments. b2evolution - {@link http://b2evolution.net/} Released under GNU GPL License - {@link http://b2evolution.net/about/license.html}

   1  <?php
   2  /**
   3   * This file implements the UI controller for managing comments.
   4   *
   5   * b2evolution - {@link http://b2evolution.net/}
   6   * Released under GNU GPL License - {@link http://b2evolution.net/about/license.html}
   7   * @copyright (c)2003-2014 by Francois Planque - {@link http://fplanque.com/}
   8   *
   9   * {@internal Open Source relicensing agreement:
  10   * }}
  11   *
  12   * @package admin
  13   *
  14   * {@internal Below is a list of authors who have contributed to design/coding of this file: }}
  15   * @author fplanque: Francois PLANQUE.
  16   *
  17   * @version $Id: _comments.ctrl.php 6136 2014-03-08 07:59:48Z manuel $
  18   */
  19  if( !defined('EVO_MAIN_INIT') ) die( 'Please, do not access this page directly.' );
  20  
  21  /**
  22   * @var AdminUI
  23   */
  24  global $AdminUI;
  25  
  26  /**
  27   * @var UserSettings
  28   */
  29  global $UserSettings;
  30  
  31  $action = param_action( 'list' );
  32  
  33  /*
  34   * Init the objects we want to work on.
  35   */
  36  switch( $action )
  37  {
  38      case 'edit':
  39      case 'update':
  40      case 'switch_view':
  41      case 'publish':
  42      case 'restrict':
  43      case 'deprecate':
  44      case 'delete_url':
  45      case 'update_publish':
  46      case 'delete':
  47          param( 'comment_ID', 'integer', true );
  48          $edited_Comment = & Comment_get_by_ID( $comment_ID );
  49  
  50          $edited_Comment_Item = & $edited_Comment->get_Item();
  51          set_working_blog( $edited_Comment_Item->get_blog_ID() );
  52          $BlogCache = & get_BlogCache();
  53          $Blog = & $BlogCache->get_by_ID( $blog );
  54  
  55          // Some users can delete & change a status of comments in their own posts, set corresponding permlevel
  56          if( $action == 'publish' || $action == 'update_publish' )
  57          { // Load the new comment status from publish request and set perm check values
  58              $publish_status = param( 'publish_status', 'string', '' );
  59              $check_permname = 'comment!'.$publish_status;
  60              $check_permlevel = ( $action == 'publish' ) ? 'moderate' : 'edit';
  61          }
  62          elseif( $action == 'deprecate' )
  63          { // set perm check values
  64              $check_permname = 'comment!deprecated';
  65              $check_permlevel = 'moderate';
  66          }
  67          else
  68          { // set default perm check values
  69              $comment_status = param( 'comment_status', 'string', 'CURSTATUS' );
  70              $check_permname = 'comment!'.$comment_status;
  71              $check_permlevel = ( $action == 'delete' ) ? 'delete' : 'edit';
  72          }
  73          // Check permission:
  74          $current_User->check_perm( $check_permname, $check_permlevel, true, $edited_Comment );
  75  
  76          $comment_title = '';
  77          $comment_content = htmlspecialchars_decode( $edited_Comment->content );
  78  
  79          // Format content for editing, if we were not already in editing...
  80          $Plugins_admin = & get_Plugins_admin();
  81          $params = array( 'object_type' => 'Comment', 'object_Blog' => & $Blog );
  82          $Plugins_admin->unfilter_contents( $comment_title /* by ref */, $comment_content /* by ref */, $edited_Comment_Item->get_renderers_validated(), $params );
  83  
  84          // Where are we going to redirect to?
  85          param( 'redirect_to', 'url', url_add_param( $admin_url, 'ctrl=items&blog='.$blog.'&p='.$edited_Comment_Item->ID, '&' ) );
  86          break;
  87  
  88      case 'elevate':
  89          global $blog;
  90          load_class( 'items/model/_item.class.php', 'Item' );
  91  
  92          param( 'comment_ID', 'integer', true );
  93          $edited_Comment = & Comment_get_by_ID( $comment_ID );
  94  
  95          $BlogCache = & get_BlogCache();
  96          $Blog = & $BlogCache->get_by_ID( $blog );
  97  
  98          // Check permission:
  99          $current_User->check_perm( 'blog_post!draft', 'edit', true, $blog );
 100          break;
 101  
 102      case 'trash_delete':
 103          param( 'blog_ID', 'integer', 0 );
 104  
 105          // Check permission:
 106          $current_User->check_perm( 'blogs', 'editall', true );
 107          break;
 108  
 109      case 'emptytrash':
 110          // Check permission:
 111          $current_User->check_perm( 'blogs', 'all', true );
 112          break;
 113  
 114      case 'list':
 115      case 'mass_delete':
 116          if( $action == 'mass_delete' )
 117          { // Check permission:
 118              $current_User->check_perm( 'blogs', 'all', true );
 119          }
 120  
 121          // Check permission:
 122          $selected = autoselect_blog( 'blog_comments', 'edit' );
 123          if( ! $selected )
 124          { // No blog could be selected
 125              $Messages->add( T_('You have no permission to edit comments.' ), 'error' );
 126              $action = 'nil';
 127          }
 128          elseif( set_working_blog( $selected ) )    // set $blog & memorize in user prefs
 129          { // Selected a new blog:
 130              $BlogCache = & get_BlogCache();
 131              $Blog = & $BlogCache->get_by_ID( $blog );
 132          }
 133          break;
 134  
 135      case 'spam':
 136          // Used for quick SPAM vote of comments
 137          // Check that this action request is not a CSRF hacked request:
 138          $Session->assert_received_crumb( 'comment' );
 139  
 140          param( 'comment_ID', 'integer', true );
 141          $edited_Comment = & Comment_get_by_ID( $comment_ID );
 142  
 143          $edited_Comment_Item = & $edited_Comment->get_Item();
 144          set_working_blog( $edited_Comment_Item->get_blog_ID() );
 145          $BlogCache = & get_BlogCache();
 146          $Blog = & $BlogCache->get_by_ID( $blog );
 147  
 148          // Check permission for spam voting
 149          $current_User->check_perm( 'blog_vote_spam_comments', 'edit', true, $Blog->ID );
 150  
 151          if( $edited_Comment !== false )
 152          { // The comment still exists
 153              if( $current_User->ID != $edited_Comment->author_user_ID )
 154              { // Do not allow users to vote on their own comments
 155                  $edited_Comment->set_vote( 'spam', param( 'value', 'string' ) );
 156                  $edited_Comment->dbupdate();
 157              }
 158          }
 159  
 160          // Where are we going to redirect to?
 161          param( 'redirect_to', 'url', url_add_param( $admin_url, 'ctrl=comments&blog='.$blog.'&filter=restore', '&' ) );
 162  
 163          // Redirect so that a reload doesn't write to the DB twice:
 164          header_redirect( $redirect_to, 303 ); // Will EXIT
 165          // We have EXITed already at this point!!
 166          break;
 167  
 168      default:
 169          debug_die( 'unhandled action 1' );
 170  }
 171  
 172  // Set the third level tab
 173  param( 'tab3', 'string', '', true );
 174  
 175  $AdminUI->breadcrumbpath_init();
 176  $AdminUI->breadcrumbpath_add( T_('Contents'), '?ctrl=items&amp;blog=$blog$&amp;tab=full&amp;filter=restore' );
 177  $AdminUI->breadcrumbpath_add( T_('Comments'), '?ctrl=comments&amp;blog=$blog$&amp;filter=restore' );
 178  switch( $tab3 )
 179  {
 180      case 'listview':
 181          $AdminUI->breadcrumbpath_add( T_('List view'), '?ctrl=comments&amp;blog=$blog$&amp;tab3='.$tab3.'&amp;filter=restore' );
 182          break;
 183  
 184      case 'fullview':
 185          $AdminUI->breadcrumbpath_add( T_('Full text view'), '?ctrl=comments&amp;blog=$blog$&amp;tab3='.$tab3.'&amp;filter=restore' );
 186          break;
 187  }
 188  
 189  $AdminUI->set_path( 'items' );    // Sublevel may be attached below
 190  
 191  /**
 192   * Perform action:
 193   */
 194  switch( $action )
 195  {
 196      case 'nil':
 197          // Do nothing
 198          break;
 199  
 200  
 201      case 'edit':
 202          $AdminUI->title_titlearea = T_('Editing comment').' #'.$edited_Comment->ID;
 203  
 204          // Generate available blogs list:
 205          $AdminUI->set_coll_list_params( 'blog_comments', 'edit',
 206                          array( 'ctrl' => 'comments', 'filter' => 'restore' ), NULL, '' );
 207  
 208          /*
 209           * Add sub menu entries:
 210           * We do this here instead of _header because we need to include all filter params into regenerate_url()
 211           */
 212          attach_browse_tabs( false );
 213  
 214          $AdminUI->set_path( 'items', 'comments' );
 215  
 216          $AdminUI->breadcrumbpath_add( sprintf( T_('Comment #%s'), $edited_Comment->ID ), '?ctrl=comments&amp;comment_ID='.$edited_Comment->ID.'&amp;action=edit' );
 217          $AdminUI->breadcrumbpath_add( T_('Edit'), '?ctrl=comments&amp;comment_ID='.$edited_Comment->ID.'&amp;action=edit' );
 218          break;
 219  
 220  
 221      case 'update_publish':
 222      case 'update':
 223      case 'switch_view':
 224          // fp> TODO: $edited_Comment->load_from_Request( true );
 225  
 226          // Check that this action request is not a CSRF hacked request:
 227          $Session->assert_received_crumb( 'comment' );
 228  
 229          if( ! $edited_Comment->get_author_User() )
 230          { // If this is not a member comment
 231              param( 'newcomment_author', 'string', true );
 232              param( 'newcomment_author_email', 'string' );
 233              param( 'newcomment_author_url', 'string' );
 234              param( 'comment_allow_msgform', 'integer', 0 /* checkbox */ );
 235  
 236              param_check_not_empty( 'newcomment_author', T_('Please enter an author name.'), '' );
 237              $edited_Comment->set( 'author', $newcomment_author );
 238              param_check_email( 'newcomment_author_email', false );
 239              $edited_Comment->set( 'author_email', $newcomment_author_email );
 240              param_check_url( 'newcomment_author_url', 'posting', '' ); // Give posting permissions here
 241              $edited_Comment->set( 'author_url', $newcomment_author_url );
 242              $edited_Comment->set( 'allow_msgform', $comment_allow_msgform );
 243          }
 244  
 245          // Move to different post
 246          if( param( 'moveto_post', 'string', false ) )
 247          { // Move to post is set
 248  
 249              $comment_Item = & $edited_Comment->get_Item();
 250              if( $comment_Item->ID != $moveto_post )
 251              { // Move to post was changed
 252                  // Check destination post
 253                  $ItemCache = & get_ItemCache();
 254                  if( ( $dest_Item = $ItemCache->get_by_ID( $moveto_post, false, false) ) !== false )
 255                  { // the item exists
 256  
 257                      $dest_Item_Blog = & $dest_Item->get_Blog();
 258                      $dest_Item_Blog_User = & $dest_Item_Blog->get_owner_User();
 259  
 260                      $comment_Item_Blog = & $comment_Item->get_Blog();
 261                      $comment_Item_Blog_User = & $comment_Item_Blog->get_owner_User();
 262  
 263                      if( ($current_User->ID == $dest_Item_Blog_User->ID &&
 264                          $current_User->ID == $comment_Item_Blog_User->ID ) ||
 265                          ( $current_User->check_perm( 'blog_admin', 'edit', false, $dest_Item_Blog->ID ) &&
 266                          $current_User->check_perm( 'blog_admin', 'edit', false, $comment_Item_Blog->ID ) ) )
 267                      { // current user is the owner of both the source and the destination blogs or current user is admin for both blogs
 268                          $edited_Comment->set_Item( $dest_Item );
 269                      }
 270                      else
 271                      {
 272                          $Messages->add( T_('Destination post blog owner is different!'), 'error' );
 273                      }
 274                  }
 275                  else
 276                  { // the item doesn't exists
 277                      $Messages->add( sprintf( T_('Post ID &laquo;%d&raquo; does not exist!'), $moveto_post ), 'error' );
 278                  }
 279              }
 280          }
 281  
 282          $edited_Comment_Item = $edited_Comment->get_Item();
 283          $edited_Comment_Item->load_Blog();
 284          if( $edited_Comment_Item->Blog->get_setting( 'allow_html_comment' ) )
 285          {    // HTML is allowed for this comment
 286              $text_format = 'html';
 287          }
 288          else
 289          {    // HTML is disallowed for this comment
 290              $text_format = 'htmlspecialchars';
 291          }
 292  
 293          // Content:
 294          param( 'content', $text_format );
 295          // Don't allow the hidden text in comment content
 296          $content = str_replace( '<!', '&lt;!', $content );
 297  
 298          // Renderers:
 299          if( param( 'renderers_displayed', 'integer', 0 ) )
 300          { // use "renderers" value only if it has been displayed (may be empty)
 301              global $Plugins;
 302              $renderers = $Plugins->validate_renderer_list( param( 'renderers', 'array/string', array() ), array( 'Comment' => & $edited_Comment ) );
 303              $edited_Comment->set_renderers( $renderers );
 304          }
 305  
 306          // Trigger event: a Plugin could add a $category="error" message here..
 307          // This must get triggered before any internal validation and must pass all relevant params.
 308          // The OpenID plugin will validate a given OpenID here (via redirect and coming back here).
 309          $Plugins->trigger_event( 'CommentFormSent', array(
 310                  'dont_remove_pre' => true,
 311                  'comment_post_ID' => $edited_Comment_Item->ID,
 312                  'comment' => & $content,
 313              ) );
 314  
 315          param_check_html( 'content', T_('Invalid comment text.') );    // Check this is backoffice content (NOT with comment rules)
 316          param_check_not_empty( 'content', T_('Empty comment content is not allowed.') );
 317          $edited_Comment->set( 'content', get_param( 'content' ) );
 318  
 319          if( $current_User->check_perm( 'blog_edit_ts', 'edit', false, $Blog->ID ) )
 320          { // We use user date
 321              param_date( 'comment_issue_date', T_('Please enter a valid comment date.'), true );
 322              if( strlen(get_param('comment_issue_date')) )
 323              { // only set it, if a date was given:
 324                  param_time( 'comment_issue_time' );
 325                  $edited_Comment->set( 'date', form_date( get_param( 'comment_issue_date' ), get_param( 'comment_issue_time' ) ) ); // TODO: cleanup...
 326              }
 327          }
 328  
 329          param( 'comment_rating', 'integer', NULL );
 330          $edited_Comment->set_from_Request( 'rating' );
 331  
 332          $comment_status = param( 'comment_status', 'string', 'published' );
 333          if( $action == 'update_publish' )
 334          {
 335              $comment_status = $publish_status;
 336          }
 337          $old_comment_status = $edited_Comment->get( 'status' );
 338          $edited_Comment->set( 'status', $comment_status );
 339  
 340          param( 'comment_nofollow', 'integer', 0 );
 341          $edited_Comment->set_from_Request( 'nofollow' );
 342  
 343          if( $Messages->has_errors() )
 344          {    // There have been some validation errors:
 345              break;
 346          }
 347  
 348          if( $old_comment_status != $comment_status )
 349          { // Comment moderation is done, handle moderation "secret"
 350              $edited_Comment->handle_qm_secret();
 351          }
 352  
 353          // If action is switch_view then don't save the edited Comment yet, only change the edit view
 354          if( $action != 'switch_view' )
 355          { // UPDATE DB:
 356              $edited_Comment->dbupdate();    // Commit update to the DB
 357  
 358              if( $edited_Comment->status == 'published' )
 359              { // comment status was set to published or it was already published, needs to handle notifications
 360                  $edited_Comment->handle_notifications( false, $current_User->ID );
 361              }
 362  
 363              $Messages->add( T_('Comment has been updated.'), 'success' );
 364  
 365              header_redirect( $redirect_to );
 366              /* exited */
 367          }
 368  
 369          break;
 370  
 371  
 372      case 'publish':
 373          // Check that this action request is not a CSRF hacked request:
 374          $Session->assert_received_crumb( 'comment' );
 375  
 376          $edited_Comment->set( 'status', $publish_status );
 377          // Comment moderation is done, handle moderation "secret"
 378          $edited_Comment->handle_qm_secret();
 379  
 380          $edited_Comment->dbupdate();    // Commit update to the DB
 381  
 382          // comment status was set to published, needs to handle notifications
 383          $edited_Comment->handle_notifications( false, $current_User->ID );
 384  
 385          // Set the success message corresponding for the new status
 386          switch( $edited_Comment->status )
 387          {
 388              case 'published':
 389                  $success_message = T_('Comment has been published.');
 390                  break;
 391              case 'community':
 392                  $success_message = T_('The comment is now visible by the community.');
 393                  break;
 394              case 'protected':
 395                  $success_message = T_('The comment is now visible by the members.');
 396                  break;
 397              case 'review':
 398                  $success_message = T_('The comment is now visible by moderators.');
 399                  break;
 400              default:
 401                  $success_message = T_('Comment has been updated.');
 402                  break;
 403          }
 404          $Messages->add( $success_message, 'success' );
 405  
 406          header_redirect( $redirect_to );
 407          /* exited */
 408          break;
 409  
 410  
 411      case 'restrict':
 412          // Check that this action request is not a CSRF hacked request:
 413          $Session->assert_received_crumb( 'comment' );
 414  
 415          $edited_Comment->set( 'status', $comment_status );
 416          // Comment moderation is done, handle moderation "secret"
 417          $edited_Comment->handle_qm_secret();
 418  
 419          $edited_Comment->dbupdate();    // Commit update to the DB
 420  
 421          $Messages->add( T_('Comment has been restricted.'), 'success' );
 422  
 423          header_redirect( $redirect_to );
 424          /* exited */
 425          break;
 426  
 427  
 428      case 'deprecate':
 429          // Check that this action request is not a CSRF hacked request:
 430          $Session->assert_received_crumb( 'comment' );
 431  
 432          $edited_Comment->set('status', 'deprecated' );
 433          // Comment moderation is done, handle moderation "secret"
 434          $edited_Comment->handle_qm_secret();
 435  
 436          $edited_Comment->dbupdate();    // Commit update to the DB
 437  
 438          $Messages->add( T_('Comment has been deprecated.'), 'success' );
 439  
 440          header_redirect( $redirect_to );
 441          /* exited */
 442          break;
 443  
 444  
 445      case 'delete_url':
 446          // Check that this action request is not a CSRF hacked request:
 447          $Session->assert_received_crumb( 'comment' );
 448  
 449          $edited_Comment->set('author_url', NULL );
 450  
 451          $edited_Comment->dbupdate();    // Commit update to the DB
 452  
 453          $Messages->add( T_('Comment url has been deleted.'), 'success' );
 454  
 455          header_redirect( $redirect_to );
 456          /* exited */
 457          break;
 458  
 459  
 460      case 'delete':
 461          // Check that this action request is not a CSRF hacked request:
 462          $Session->assert_received_crumb( 'comment' );
 463  
 464          // fp> TODO: non JS confirm
 465          $success_message = ( $edited_Comment->status == 'trash' ) ? T_('Comment has been deleted.') : T_('Comment has been recycled.');
 466  
 467          // Delete from DB:
 468          $edited_Comment->dbdelete();
 469  
 470          $Messages->add( $success_message, 'success' );
 471  
 472          header_redirect( $redirect_to );
 473          break;
 474  
 475  
 476  
 477      case 'trash_delete':
 478          // Check that this action request is not a CSRF hacked request:
 479          $Session->assert_received_crumb( 'comment' );
 480  
 481          $query = 'SELECT T_comments.*
 482                      FROM T_blogs LEFT OUTER JOIN T_categories ON blog_ID = cat_blog_ID
 483                          LEFT OUTER JOIN T_items__item ON cat_ID = post_main_cat_ID
 484                          LEFT OUTER JOIN T_comments ON post_ID = comment_post_ID
 485                      WHERE comment_status = "trash"';
 486  
 487          if( isset($blog_ID) && ( $blog_ID != 0 ) )
 488          {
 489              $query .=  'AND blog_ID='.$blog_ID;
 490          }
 491  
 492          $DB->begin();
 493          $trash_comments = $DB->get_results( $query, OBJECT, 'get_trash_comments' );
 494  
 495          $result = true;
 496          foreach( $trash_comments as $row_stats )
 497          {
 498              $Comment = new Comment( $row_stats );
 499              $result = $result && $Comment->dbdelete();
 500              if( !$result )
 501              {
 502                  $DB->rollback();
 503                  break;
 504              }
 505          }
 506  
 507          if( $result )
 508          {
 509              $DB->commit();
 510              $Messages->add( T_('Recycle bin contents were successfully deleted.'), 'success' );
 511          }
 512          else
 513          {
 514              $Messages->add( T_('Could not empty recycle bin.'), 'error' );
 515          }
 516  
 517          header_redirect( regenerate_url( 'action', 'action=list', '', '&' ) );
 518          break;
 519  
 520      case 'emptytrash':
 521          /*
 522           * Trash comments:
 523           */
 524          $AdminUI->title_titlearea = T_('Comment recycle bins');
 525  
 526          /*
 527           * Add sub menu entries:
 528           * We do this here instead of _header because we need to include all filter params into regenerate_url()
 529           */
 530          attach_browse_tabs( false );
 531  
 532          $AdminUI->set_path( 'items', 'comments' );
 533  
 534          $AdminUI->breadcrumbpath_add( T_('Comment recycle bins'), '?ctrl=comments&amp;action=emptytrash' );
 535          break;
 536  
 537      case 'elevate':
 538          // Check that this action request is not a CSRF hacked request:
 539          $Session->assert_received_crumb( 'comment' );
 540  
 541          $item_content = $edited_Comment->get_author_name().' '.T_( 'wrote' ).': <blockquote>'.$edited_Comment->get_content().'</blockquote>';
 542          $new_Item = new Item();
 543          $new_Item->set( 'status', 'draft' );
 544          $new_Item->set_creator_by_login( $current_User->login );
 545          $new_Item->set( 'main_cat_ID', $Blog->get_default_cat_ID() );
 546          $new_Item->set( 'title', T_( 'Elevated from comment' ) );
 547          $new_Item->set( 'content', $item_content );
 548  
 549          if( !$new_Item->dbinsert() )
 550          {
 551              $Messages->add( T_( 'Unable to create the new post!' ), 'error' );
 552              break;
 553          }
 554  
 555          $edited_Comment->set( 'status', 'deprecated' );
 556          $edited_Comment->dbupdate();
 557  
 558          header_redirect( url_add_param( $admin_url, 'ctrl=items&blog='.$blog.'&action=edit&p='.$new_Item->ID, '&' ) );
 559          break;
 560  
 561      case 'list':
 562      case 'mass_delete':
 563          /*
 564           * Latest comments:
 565           */
 566          $AdminUI->title_titlearea = T_('Latest comments');
 567  
 568          // Generate available blogs list:
 569          $AdminUI->set_coll_list_params( 'blog_comments', 'edit',
 570                          array( 'ctrl' => 'comments', 'filter' => 'restore' ), NULL, '' );
 571  
 572          /*
 573           * Add sub menu entries:
 574           * We do this here instead of _header because we need to include all filter params into regenerate_url()
 575           */
 576          attach_browse_tabs();
 577  
 578          $AdminUI->append_path_level( 'comments' );
 579  
 580          if( empty( $tab3 ) )
 581          {
 582              $tab3 = 'fullview';
 583          }
 584  
 585          $AdminUI->set_path( 'items', 'comments', $tab3 );
 586  
 587          $comments_list_param_prefix = 'cmnt_';
 588          if( !empty( $tab3 ) )
 589          {    // Use different param prefix for each tab
 590              $comments_list_param_prefix .= $tab3.'_';
 591          }
 592          /*
 593           * List of comments to display:
 594           */
 595          $CommentList = new CommentList2( $Blog, NULL, 'CommentCache', $comments_list_param_prefix, $tab3 );
 596  
 597          // Filter list:
 598          $CommentList->set_default_filters( array(
 599                  'statuses' => get_visibility_statuses( 'keys', array( 'redirected', 'trash' ) ),
 600                  //'comments' => $UserSettings->get( 'results_per_page' ),
 601              ) );
 602  
 603          $CommentList->load_from_Request();
 604  
 605          /**
 606           * Mass delete comments
 607           */
 608          param( 'mass_type', 'string', '' );
 609          if( $action == 'mass_delete' && !empty( $mass_type ) )
 610          {
 611              // Check that this action request is not a CSRF hacked request:
 612              $Session->assert_received_crumb( 'comment' );
 613  
 614              // Init the comment list query, but don't execute it
 615              $CommentList->query_init();
 616              // Set sql query to get deletable comment ids
 617              $deletable_comments_query = 'SELECT DISTINCT '.$CommentList->Cache->dbIDname.' '
 618                      .$CommentList->CommentQuery->get_from()
 619                      .$CommentList->CommentQuery->get_where();
 620  
 621              // Set an action param to display a correct template
 622              $process_action = $action;
 623              unset( $_POST['actionArray'] );
 624              set_param( 'action', 'list' );
 625  
 626              // Try to obtain some serious time to do some serious processing (15 minutes)
 627              set_max_execution_time( 10000 );
 628          }
 629  
 630          break;
 631  
 632      default:
 633          debug_die( 'unhandled action 2' );
 634  }
 635  
 636  
 637  /*
 638   * Page navigation:
 639   */
 640  
 641  $AdminUI->set_path( 'items', 'comments' );
 642  
 643  if( ( $action == 'edit' ) || ( $action == 'update_publish' ) || ( $action == 'update' ) || ( $action == 'elevate' ) )
 644  { // load date picker style for _comment.form.php
 645      require_css( 'ui.datepicker.css' );
 646  }
 647  
 648  require_css( 'rsc/css/blog_base.css', true ); // Default styles for the blog navigation
 649  require_js( 'communication.js' ); // auto requires jQuery
 650  // Colorbox (a lightweight Lightbox alternative) allows to zoom on images and do slideshows with groups of images:
 651  require_js_helper( 'colorbox' );
 652  
 653  // Display <html><head>...</head> section! (Note: should be done early if actions do not redirect)
 654  $AdminUI->disp_html_head();
 655  
 656  // Display title, menu, messages, etc. (Note: messages MUST be displayed AFTER the actions)
 657  $AdminUI->disp_body_top();
 658  
 659  /**
 660   * Display payload:
 661   */
 662  switch( $action )
 663  {
 664      case 'nil':
 665          // Do nothing
 666          break;
 667  
 668  
 669      case 'edit':
 670      case 'elevate':
 671      case 'update_publish':
 672      case 'update':    // on error
 673      case 'switch_view':
 674          // Begin payload block:
 675          $AdminUI->disp_payload_begin();
 676  
 677          // Display VIEW:
 678          $AdminUI->disp_view( 'comments/views/_comment.form.php' );
 679  
 680  
 681          // End payload block:
 682          $AdminUI->disp_payload_end();
 683          break;
 684  
 685      case 'emptytrash':
 686          // Begin payload block:
 687          $AdminUI->disp_payload_begin();
 688  
 689          // Display VIEW:
 690          $AdminUI->disp_view( 'comments/views/_trash_comments.view.php' );
 691  
 692          // End payload block:
 693          $AdminUI->disp_payload_end();
 694          break;
 695  
 696      case 'list':
 697      default:
 698          // Begin payload block:
 699          $AdminUI->disp_payload_begin();
 700  
 701          echo '<table class="browse" cellspacing="0" cellpadding="0" border="0"><tr>';
 702          echo '<td class="browse_left_col">';
 703  
 704          if( ! empty( $process_action ) && $process_action == 'mass_delete' && !empty( $mass_type ) )
 705          { // Mass deleting of the comments
 706              comment_mass_delete_process( $mass_type, $deletable_comments_query );
 707              $CommentList->reset();
 708          }
 709  
 710          // Display VIEW:
 711          if( $tab3 == 'fullview' )
 712          {
 713              $AdminUI->disp_view( 'comments/views/_browse_comments.view.php' );
 714          }
 715          else
 716          {
 717              $AdminUI->disp_view( 'comments/views/_comment_list_table.view.php' );
 718          }
 719          echo '</td>';
 720  
 721          echo '<td class="browse_right_col">';
 722              // Display VIEW:
 723              $AdminUI->disp_view( 'comments/views/_comments_sidebar.view.php' );
 724          echo '</td>';
 725  
 726          echo '</tr></table>';
 727  
 728          // End payload block:
 729          $AdminUI->disp_payload_end();
 730          break;
 731  }
 732  
 733  // Display body bottom, debug info and close </html>:
 734  $AdminUI->disp_global_footer();
 735  
 736  ?>

title

Description

title

Description

title

Description

title

title

Body