function get_votes_from_thread($thread_id)
{
$retour = array("pro_votes" => 0, "against_votes" => 0, "choice" => 0);
$rights = user_privilege_level();
if ($rights > 1) {
if ($rights > 2) {
// Vaut-il mieux faire porter la charge sur le serveur SQL en utilisant deux requ�tes dont une v�rifiant les hashs, ou sur ecole.org en effectuant les v�rifications dans la boucle PHP ?
$result = @mysql_query(sprintf("SELECT vote_id,rand_prop,hash_prop,vote FROM vote WHERE thread_id='%s'", mysql_real_escape_string($thread_id)));
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
if ($row["vote"] == 1) {
$retour["pro_votes"]++;
if (check_property($row["rand_prop"], $row["hash_prop"])) {
$retour["choice"] = $row["vote_id"];
// On note un vote pour et l'ID du vote
}
} elseif ($row["vote"] == 0) {
$retour["against_votes"]++;
if (check_property($row["rand_prop"], $row["hash_prop"])) {
$retour["choice"] = -1 * $row["vote_id"];
// On note un vote contre et l'ID du vote
}
}
}
@mysql_free_result($result);
} else {
$retour["pro_votes"] = -1;
$retour["against_votes"] = -1;
}
} else {
$result = @mysql_query(sprintf("SELECT SUM(vote) AS pro_vote, count(vote) AS total_vote FROM vote WHERE thread_id='%s'", mysql_real_escape_string($thread_id)));
if ($result && ($row = mysql_fetch_assoc($result))) {
if (!isset($row["pro_vote"])) {
$row["pro_vote"] = 0;
}
if (!isset($row["total_vote"])) {
$row["total_vote"] = 0;
}
$retour["pro_votes"] = $row["pro_vote"];
$retour["against_votes"] = $row["total_vote"] - $row["pro_vote"];
@mysql_free_result($result);
} else {
$retour["pro_votes"] = -1;
$retour["against_votes"] = -1;
}
}
} else {
$retour["pro_votes"] = -1;
$retour["against_votes"] = -1;
}
return $retour;
}
function display_post()
{
$privileges = user_privilege_level();
if ($privileges > 1) {
// Titre et messages éventuels
echo '<h1>Consultation des propositions :</h1>
<h2>Pour voter, il faut s\'inscrire <a href="index.php?action=create_account" title="inscription">ICI</a></h2>';
if (isset($_SESSION['transient_display'])) {
echo $_SESSION['transient_display'];
unset($_SESSION['transient_display']);
}
// ******************************************************************* //
// Formulaire pour gérer le filtrage/l'ordonnancement des propositions //
// ******************************************************************* //
// Menu de sélection des idées
$tail = '<div class="enlarge_lowresol">
<form method="post" action="?action=post_filter_change">
<table class="tab_form_close">
<tr>';
// Choix de catégorie
$tail .= '<td>
Catégorie :
</td>
<td>
<select name="category_filter">
<option value="0">Toutes</option>';
$result = @mysql_query("SELECT category_id,category_name FROM thread_category");
// Menu déroulant de choix de catégorie en fonction de ce qui est disponible en base
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
if (isset($_SESSION["thread_category_filter"]) && $row["category_id"] == $_SESSION["thread_category_filter"]) {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '" selected="selected">' . htmlentities($row["category_name"]) . '</option>';
} else {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '">' . htmlentities($row["category_name"]) . '</option>';
}
}
@mysql_free_result($result);
}
$tail .= '</select></td>';
// Menu de filtrage pour les utilisateurs loggés
if (is_logged()) {
$tail .= '<td>
Filtre :
</td>
<td>
<select name="admin_filter">
<option value="0">Aucun</option>';
if ($privileges > 3) {
if (isset($_SESSION["thread_admin_filter"])) {
switch ($_SESSION["thread_admin_filter"]) {
case 1:
$tail .= '<option value="1" selected="selected">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 2:
$tail .= '<option value="1">Mes propositions</option><option value="2" selected="selected">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 3:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3" selected="selected">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 4:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4" selected="selected">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 5:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5" selected="selected">Commentaires non modérés</option>';
break;
default:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
}
} else {
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
}
} else {
if (isset($_SESSION["thread_admin_filter"])) {
switch ($_SESSION["thread_admin_filter"]) {
case 1:
$tail .= '<option value="1" selected="selected">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
break;
case 2:
$tail .= '<option value="1">Mes propositions</option><option value="2" selected="selected">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
break;
case 3:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3" selected="selected">Propositions sans mon vote</option>';
break;
default:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
}
} else {
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
}
}
$tail .= '</select></td>';
}
// Menu pour le tri des résultats
if (isset($_SESSION["thread_ordering"])) {
if (isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 5) {
$tail .= '<td>
Trier par :
</td>
<td>
<select name="sorting" disabled="disabled">
<option value="1" selected="selected">Date</option><option value="2">Nombre de votes favorables</option><option value="3">Proportion de votes favorables</option><option value="4">Nombre total de votes</option>"';
} else {
$tail .= '<td>
Trier par :
</td>
<td>
<select name="sorting">';
switch ($_SESSION["thread_ordering"]) {
case 1:
$tail .= "<option value=\"1\" selected=\"selected\">Date</option><option value=\"2\">Nombre de votes favorables</option><option value=\"3\">Proportion de votes favorables</option><option value=\"4\">Nombre total de votes</option>";
break;
case 2:
$tail .= "<option value=\"1\">Date</option><option value=\"2\" selected=\"selected\">Nombre de votes favorables</option><option value=\"3\">Proportion de votes favorables</option><option value=\"4\">Nombre total de votes</option>";
break;
case 3:
$tail .= "<option value=\"1\">Date</option><option value=\"2\">Nombre de votes favorables</option><option value=\"3\" selected=\"selected\">Proportion de votes favorables</option><option value=\"4\">Nombre total de votes</option>";
break;
case 4:
$tail .= "<option value=\"1\">Date</option><option value=\"2\">Nombre de votes favorables</option><option value=\"3\">Proportion de votes favorables</option><option value=\"4\" selected=\"selected\">Nombre total de votes</option>";
break;
default:
$tail .= "<option value=\"1\">Date</option><option value=\"2\">Nombre de votes favorables</option><option value=\"3\">Proportion de votes favorables</option><option value=\"4\">Nombre total de votes</option>";
}
}
} else {
if (isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 4) {
$tail .= '<td>
Trier par :
</td>
<td>
<select name="sorting" disabled="disabled">
<option value="1">Date</option><option value="2">Nombre de votes favorables</option><option value="3">Proportion de votes favorables</option><option value="4">Nombre total de votes</option>"';
} else {
$tail .= '<td>
Trier par :
</td>
<td>
<select name="sorting">
<option value="1">Date</option><option value="2">Nombre de votes favorables</option><option value="3">Proportion de votes favorables</option><option value="4">Nombre total de votes</option>';
}
}
echo $tail . '
</select>
</td>
<td>
<input type="hidden" name="form_name" value="thread_display_param" />
</td>
<td>
<input type="submit" value="Valider" />
</td>
</tr>
</table>
</form></div>';
$is_admin = $privileges > 3;
// ****************************************************************************** //
// Affichage des résultats selon les paramètres définis dans les menus précédents //
// ****************************************************************************** //
if (isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 5) {
affichage_comments(-1, true);
// Affichage "brutal" des commentaires confié à une autre fonction
} else {
$current_mod = isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 4;
// Mode modération
$vote_filt = isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 3;
// Filtrage selon les votes
// ************************************************************ //
// Construction de la requête de rappatriement des propositions //
// ************************************************************ //
$recherche = "(T.text LIKE '%" . mysql_real_escape_string($_SESSION['thread_admin_recherche']) . "%' OR T.title LIKE '%" . mysql_real_escape_string($_SESSION['thread_admin_recherche']) . "%') AND";
// Requête de base (deux parties pour prendre en comptes les propositions sans votes)
$query_p1 = "(SELECT T.thread_id, T.rand_prop, T.hash_prop, T.title, T.text, T.date, T.is_valid, T.possibly_name, T.already_mod, G.category_name,\n\t\t\t\t\tSUM(V.vote) AS pro_vote, COUNT(V.vote) AS total_vote\n\t\t\t\t\tFROM thread T, thread_category G, vote V\n\t\t\t\t\tWHERE " . $recherche . " V.thread_id=T.thread_id AND G.category_id=T.category";
$query_p2 = "(SELECT T.thread_id, T.rand_prop, T.hash_prop, T.title, T.text, T.date, T.is_valid, T.possibly_name, T.already_mod, G.category_name,\n\t\t\t\t\t0 AS pro_vote, 0 AS total_vote\n\t\t\t\t\tFROM thread T, thread_category G\n\t\t\t\t\tWHERE " . $recherche . " T.thread_id <> ALL (SELECT thread_id FROM vote) AND G.category_id=T.category";
$query_count = "SELECT COUNT(T.thread_id) AS NUM_RES FROM thread T, thread_category G WHERE G.category_id=T.category";
// Requête à part pour déterminer préalablement le nombre de résultats
if (isset($_SESSION["thread_admin_filter"])) {
switch ($_SESSION["thread_admin_filter"]) {
case 0:
// Aucune contrainte si ce n'est une question de droits d'affichage
if (is_logged()) {
if (!$is_admin) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
}
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 1:
// Posts propriétaires
if (is_logged()) {
$query_p1 .= sprintf(" AND (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop)", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop)", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop)", mysql_real_escape_string($_SESSION['login_c']));
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 2:
// Posts commentés
if (is_logged()) {
$query_p1 .= sprintf(" AND T.thread_id IN (SELECT DISTINCT thread_id FROM comment WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND T.thread_id IN (SELECT DISTINCT thread_id FROM comment WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND T.thread_id IN (SELECT DISTINCT thread_id FROM comment WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
if (!$is_admin) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
}
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 3:
// Posts pour lesquels je n'ai pas voté
if (is_logged()) {
$query_p1 .= sprintf(" AND T.thread_id NOT IN (SELECT DISTINCT thread_id FROM vote WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND T.thread_id NOT IN (SELECT DISTINCT thread_id FROM vote WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND T.thread_id NOT IN (SELECT DISTINCT thread_id FROM vote WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
if (!$is_admin) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
}
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 4:
// Propositions non modérées
if ($is_admin) {
$query_p1 .= " AND T.already_mod=0";
$query_p2 .= " AND T.already_mod=0";
$query_count .= " AND T.already_mod=0";
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
default:
// Dans le doute
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
} else {
if (!$is_admin) {
if (is_logged()) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
} else {
$query_p1 .= " AND T.is_valid=1";
$query_p2 .= " AND T.is_valid=1";
$query_count .= " AND T.is_valid=1";
}
}
}
// Filtrage éventuel selon la catégorie
if (isset($_SESSION["thread_category_filter"]) && $_SESSION["thread_category_filter"] > 0) {
$category_searched = mysql_real_escape_string($_SESSION["thread_category_filter"]);
$query_p1 .= " AND T.category={$category_searched}";
$query_p2 .= " AND T.category={$category_searched}";
$query_count .= " AND T.category={$category_searched}";
}
// Regroupement propositions avec/sans votes
$query = $query_p1 . ' GROUP BY T.thread_id, T.rand_prop, T.hash_prop, T.title, T.text, T.date, T.is_valid, T.possibly_name, G.category_name) UNION ' . $query_p2 . ')';
// Détermination du nombre résultats potentiellement retournés, pour connaître la répartition par pages
$num_res = -1;
// Valeur par défaut en cas d'échec
$res = @mysql_query($query_count);
if ($res) {
if ($num_res = mysql_fetch_assoc($res)) {
$num_res = $num_res["NUM_RES"];
}
@mysql_free_result($res);
}
// Suite de la construction de la requête, GROUP et ORDER BY
if (isset($_SESSION["thread_ordering"])) {
switch ($_SESSION["thread_ordering"]) {
case 2:
$query .= " ORDER BY pro_vote DESC";
break;
case 3:
$query .= " ORDER BY pro_vote/total_vote DESC";
break;
case 4:
$query .= " ORDER BY total_vote DESC";
break;
default:
$query .= " ORDER BY date DESC";
break;
}
} else {
$query .= " ORDER BY date DESC";
}
// Fin de la construction de la requête, LIMIT selon la page affichée
$page_to_display = 1;
if (!isset($_SESSION["thread_page"])) {
$_SESSION["thread_page"] = 1;
} else {
$page_to_display = $_SESSION["thread_page"];
if (!is_numeric($page_to_display) || $page_to_display < 1) {
$_SESSION["thread_page"] = 1;
$page_to_display = 1;
}
}
if ($num_res > -1) {
$offset = round(10 * ($page_to_display - 1));
if ($offset >= $num_res) {
$offset = 0;
$_SESSION["thread_page"] = 1;
}
$query .= " LIMIT {$offset},10";
}
// ********************************************************************* //
// Menu de changement de page, sauvegardé pour affichage en base de page //
// ********************************************************************* //
$change_page = "";
if ($num_res > 10) {
$change_page .= '<div class="bottom_page_choice">';
for ($i = 1; $i < ceil($num_res / 10) + 1; $i++) {
if ($i == $_SESSION["thread_page"]) {
$change_page .= "{$i} ";
} else {
$change_page .= '<a href="?action=change_thread_page&num_page=' . $i . '">' . $i . '</a> ';
}
}
$change_page .= '</div><br/>';
echo $change_page;
} else {
echo '<br />';
}
////////////////////////////////////////////////////////
// Exécution de la requête et affichage des résultats //
////////////////////////////////////////////////////////
$result = @mysql_query($query);
if ($result) {
$result_returned = false;
$need_separator = false;
while ($row = mysql_fetch_assoc($result)) {
// Informations diverses sur le post
$result_returned = true;
$thread_id = $row["thread_id"];
$thread_id_affiche = htmlentities($thread_id);
$is_proprio = check_property($row["rand_prop"], $row["hash_prop"]);
$is_valid = $row["is_valid"];
$already_mod = $row["already_mod"];
$check_vote = get_votes_from_thread($thread_id);
$pro_vote = $check_vote["pro_votes"];
$agt_vote = $check_vote["against_votes"];
$per_vote = $check_vote["choice"];
// Hormis l'auteur ou un administrateur, affichage uniquement si le post a été modéré
if ($is_valid || $is_proprio || $privileges > 3) {
if ($need_separator) {
echo '<div class="newsterminator">
<hr />
</div>';
}
$need_separator = true;
// Titre et état de modération
echo '<span class="newstitle" id="' . $thread_id_affiche . '">
' . htmlentities(stripslashes($row["title"])) . ' [#' . $thread_id_affiche . ']
</span>';
if ($privileges > 3) {
if ($already_mod) {
if ($is_valid) {
echo '<img src="rep_img/modere.png" alt="Modéré" class="imgtitlenews" />';
} else {
echo '<img src="rep_img/masque.png" alt="Masqué" class="imgtitlenews" />';
}
} else {
echo '<img src="rep_img/n_modere.png" alt="Non modéré" class="imgtitlenews" />';
}
} elseif ($is_proprio) {
if ($already_mod) {
if (!$is_valid) {
echo '<img src="rep_img/masque.png" alt="Masqué" class="imgtitlenews" />';
}
} else {
echo '<img src="rep_img/n_modere.png" alt="Non modéré" class="imgtitlenews" />';
}
}
// Votes
if ($privileges >= 2) {
echo '<span class="vote">';
if ($per_vote > 0) {
echo '<a href="?action=vote_post&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="rep_img/bright_votepro.png" alt="+1" class="imgvote" /></a>';
} else {
if ($vote_filt) {
echo '<a href="?action=vote_post&order=1&thread_id=' . $thread_id_affiche . '"><img src="rep_img/pale_votepro.png" alt="+1" class="imgvote" /></a>';
} else {
echo '<a href="?action=vote_post&order=1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="rep_img/pale_votepro.png" alt="+1" class="imgvote" /></a>';
}
}
if ($per_vote < 0) {
echo '<a href="?action=vote_post&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="rep_img/bright_voteneg.png" alt="-1" class="imgvote" /></a>';
} else {
if ($vote_filt) {
echo '<a href="?action=vote_post&order=-1&thread_id=' . $thread_id_affiche . '"><img src="rep_img/pale_voteneg.png" alt="-1" class="imgvote" /></a>';
} else {
echo '<a href="?action=vote_post&order=-1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="rep_img/pale_voteneg.png" alt="-1" class="imgvote" /></a>';
}
}
echo '</span>';
}
// Contexte
echo '<div class="newsundertitle">
' . htmlentities(transfo_date($row["date"])) . ' - ' . htmlentities($row["category_name"]);
if (!empty($row["possibly_name"])) {
echo ' - ' . htmlentities($row["possibly_name"]);
}
echo '</div>
<div class="votebar">';
// Etat des votes
if ($pro_vote == 0) {
if ($agt_vote == 0) {
echo '<span class="neutralvote">
<span class="votebarannotation">
+0
</span>
</span>
</div>';
} else {
echo '<span class="againstvote" style="height:100%;width:8px;">
<span class="votebarannotation">
-' . htmlentities($agt_vote) . '
</span>
</span>
</div>';
}
} else {
if ($agt_vote == 0) {
echo '<span class="provote" style="height:100%;width:8px;">
<span class="votebarannotation_pro">
+' . htmlentities($pro_vote) . '
</span>
</span>
</div>';
} else {
$prop_pro = round(100 * $pro_vote / ($agt_vote + $pro_vote));
echo '<span class="provote" style="height:' . $prop_pro . '%;width:8px;">
<span class="votebarannotation_pro">
+' . htmlentities($pro_vote) . '
</span>
</span>
<span class="againstvote" style="height:' . (100 - $prop_pro) . '%;width:8px;">
<span class="votebarannotation">
-' . htmlentities($agt_vote) . '
</span>
</span>
</div>';
}
}
// Corps
echo '<div class="newscontent">' . text_display_prepare($row["text"]) . '</div>';
echo '<div class="newsendlinks">';
if ($is_proprio || $privileges > 4) {
echo '
<a href="?action=edit_post&thread_id=' . $thread_id_affiche . '">Editer</a>
<a href="?action=remove_post&thread_id=' . $thread_id_affiche . '">Supprimer</a>';
if ($is_proprio) {
if (!empty($row["possibly_name"])) {
echo '<a href="?action=anonymization&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">Masquer mon nom</a>';
} else {
echo '<a href="?action=anonymization&order=1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">Afficher mon nom</a>';
}
}
}
if ($is_admin) {
if ($is_valid || !$already_mod) {
if ($current_mod) {
echo '<a href="?action=moderation&order=0&thread_id=' . $thread_id_affiche . '">Refuser</a>';
} else {
echo '<a href="?action=moderation&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">Refuser</a>';
}
}
if (!$is_valid || !$already_mod) {
if ($current_mod) {
echo '<a href="?action=moderation&order=1&thread_id=' . $thread_id_affiche . '">Accepter</a>';
} else {
echo '<a href="?action=moderation&order=1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">Accepter</a>';
}
}
}
// Affichage des commentaires - ferme le div newsendlinks
affichage_comments($thread_id, false);
}
}
// Affichage vide / d'un cadre de choix de page / d'un avertissement sur le nombre de résultats / selon les cas
if ($result_returned) {
echo $change_page . '<div class="newsterminator"><hr />' . NOM_ECOLE . ' </div>';
} else {
echo '<div class="warning">Aucune proposition n\'est disponible selon les critères choisis</div>';
}
@mysql_free_result($result);
} else {
echo '<div class="warning">Erreur lors de la requête</div>';
}
}
} else {
need_ecole_member_privilege(2);
}
}
function display_post()
{
$privileges = user_privilege_level();
if ($privileges > 1) {
// Titre et messages éventuels
if (isset($_SESSION['transient_display'])) {
echo $_SESSION['transient_display'];
unset($_SESSION['transient_display']);
}
// ******************************************************************* //
// Formulaire pour gérer le filtrage/l'ordonnancement des propositions //
// ******************************************************************* //
// Menu de sélection des idées
$tail = '<form class="row" method="post" action="?action=post_filter_change">
<div class="tab_form_close">
';
// Champ de recherche
$tail .= '<input class="span2" placeholder="' . _('Search...') . '"…" type="text" name="admin_recherche" value="' . $_SESSION["thread_admin_recherche"] . '">';
// Choix de catégorie
$tail .= '<select class="span2" name="category_filter">
<option value="0">' . _('Catégories') . '</option>';
$result = @mysql_query("SELECT category_id,category_name FROM thread_category");
// Menu déroulant de choix de catégorie en fonction de ce qui est disponible en base
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
if (isset($_SESSION["thread_category_filter"]) && $row["category_id"] == $_SESSION["thread_category_filter"]) {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '" selected="selected">' . htmlentities($row["category_name"]) . '</option>';
} else {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '">' . htmlentities($row["category_name"]) . '</option>';
}
}
@mysql_free_result($result);
}
$tail .= '</select>';
// Menu de filtrage pour les utilisateurs loggés
if (is_logged()) {
$tail .= '<select class="span2" name="admin_filter">
<option value="0">' . _('No filter') . '</option>';
if ($privileges > 3) {
if (isset($_SESSION["thread_admin_filter"])) {
switch ($_SESSION["thread_admin_filter"]) {
case 1:
$tail .= '<option value="1" selected="selected">' . _('My posts') . '</option><option value="2">' . _('Posts with my comments') . '</option><option value="3">Propositions sans mon vote</option>
<option value="4">' . _('Not moderated posts') . '</option><option value="5">' . _('Not moderated comments') . '</option>';
break;
case 2:
$tail .= '<option value="1">Mes propositions</option><option value="2" selected="selected">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 3:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3" selected="selected">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 4:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4" selected="selected">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
break;
case 5:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5" selected="selected">Commentaires non modérés</option>';
break;
default:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
}
} else {
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>
<option value="4">Propositions non modérées</option><option value="5">Commentaires non modérés</option>';
}
} else {
if (isset($_SESSION["thread_admin_filter"])) {
switch ($_SESSION["thread_admin_filter"]) {
case 1:
$tail .= '<option value="1" selected="selected">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
break;
case 2:
$tail .= '<option value="1">Mes propositions</option><option value="2" selected="selected">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
break;
case 3:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3" selected="selected">Propositions sans mon vote</option>';
break;
default:
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
}
} else {
$tail .= '<option value="1">Mes propositions</option><option value="2">Propositions avec mes commentaires</option><option value="3">Propositions sans mon vote</option>';
}
}
$tail .= '</select></td>';
}
// Menu pour le tri des résultats
if (isset($_SESSION["thread_ordering"])) {
if (isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 5) {
$tail .= _('Sort by') . '
<select name="sorting" class="span2" disabled="disabled">
<option value="1" selected="selected">Date</option><option value="2">Upvotes number</option><option value="3">Upvotes ratio</option><option value="4">' . _('Votes total') . '</option>"';
} else {
$tail .= _('Sort by') . '
<select class="span2" name="sorting">';
switch ($_SESSION["thread_ordering"]) {
case 1:
$tail .= "<option value=\"1\" selected=\"selected\">Date</option><option value=\"2\">Upvotes number</option><option value=\"3\">Upvotes ratio</option><option value=\"4\">" . _('Votes total') . "</option>";
break;
case 2:
$tail .= "<option value=\"1\">Date</option><option value=\"2\" selected=\"selected\">Upvotes number</option><option value=\"3\">Upvotes ratio</option><option value=\"4\">" . _('Votes total') . "</option>";
break;
case 3:
$tail .= "<option value=\"1\">Date</option><option value=\"2\">Upvotes number</option><option value=\"3\" selected=\"selected\">Upvotes ratio</option><option value=\"4\">" . _('Votes total') . "</option>";
break;
case 4:
$tail .= "<option value=\"1\">Date</option><option value=\"2\">Upvotes number</option><option value=\"3\">Upvotes ratio</option><option value=\"4\" selected=\"selected\">" . _('Votes total') . "</option>";
break;
default:
$tail .= "<option value=\"1\">Date</option><option value=\"2\">Upvotes number</option><option value=\"3\">Upvotes ratio</option><option value=\"4\">" . _('Votes total') . "</option>";
}
}
} else {
if (isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 4) {
$tail .= _('Sort by') . '
<select class="span2" name="sorting" disabled="disabled">
<option value="1">Date</option><option value="2">Upvotes number</option><option value="3">Upvotes ratio</option><option value="4">' . _('Votes total') . '</option>"';
} else {
$tail .= _('Sort by') . '
<select class="span2" name="sorting">
<option value="1">Date</option><option value="2">Upvotes number</option><option value="3">Upvotes ratio</option><option value="4">' . _('Votes total') . '</option>';
}
}
echo $tail . '
</select>
<input type="hidden" name="form_name" value="thread_display_param" />
<input type="submit" value="Valider" />
</div>
</form>';
$is_admin = $privileges > 3;
// ****************************************************************************** //
// Affichage des résultats selon les paramètres définis dans les menus précédents //
// ****************************************************************************** //
if (isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 5) {
affichage_comments(-1, true);
// Affichage "brutal" des commentaires confié à une autre fonction
} else {
$current_mod = isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 4;
// Mode modération
$vote_filt = isset($_SESSION["thread_admin_filter"]) && $_SESSION["thread_admin_filter"] == 3;
// Filtrage selon les votes
// ************************************************************ //
// Construction de la requête de rappatriement des propositions //
// ************************************************************ //
$recherche = "(T.text LIKE '%" . mysql_real_escape_string($_SESSION['thread_admin_recherche']) . "%' OR T.title LIKE '%" . mysql_real_escape_string($_SESSION['thread_admin_recherche']) . "%') AND";
// Requête de base (deux parties pour prendre en comptes les propositions sans votes)
$query_p1 = "(SELECT T.thread_id, T.rand_prop, T.hash_prop, T.title, T.text, T.date, T.is_valid, T.possibly_name, T.already_mod, G.category_name,\n\t\t\t\t\tSUM(V.vote) AS pro_vote, COUNT(V.vote) AS total_vote\n\t\t\t\t\tFROM thread T, thread_category G, vote V\n\t\t\t\t\tWHERE " . $recherche . " V.thread_id=T.thread_id AND G.category_id=T.category";
$query_p2 = "(SELECT T.thread_id, T.rand_prop, T.hash_prop, T.title, T.text, T.date, T.is_valid, T.possibly_name, T.already_mod, G.category_name,\n\t\t\t\t\t0 AS pro_vote, 0 AS total_vote\n\t\t\t\t\tFROM thread T, thread_category G \n\t\t\t\t\tWHERE " . $recherche . " T.thread_id <> ALL (SELECT thread_id FROM vote) AND G.category_id=T.category";
$query_count = "SELECT COUNT(T.thread_id) AS NUM_RES FROM thread T, thread_category G WHERE G.category_id=T.category";
// Requête à part pour déterminer préalablement le nombre de résultats
if (isset($_SESSION["thread_admin_filter"])) {
switch ($_SESSION["thread_admin_filter"]) {
case 0:
// Aucune contrainte si ce n'est une question de droits d'affichage
if (is_logged()) {
if (!$is_admin) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
}
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 1:
// Posts propriétaires
if (is_logged()) {
$query_p1 .= sprintf(" AND (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop)", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop)", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop)", mysql_real_escape_string($_SESSION['login_c']));
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 2:
// Posts commentés
if (is_logged()) {
$query_p1 .= sprintf(" AND T.thread_id IN (SELECT DISTINCT thread_id FROM comment WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND T.thread_id IN (SELECT DISTINCT thread_id FROM comment WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND T.thread_id IN (SELECT DISTINCT thread_id FROM comment WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
if (!$is_admin) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
}
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 3:
// Posts pour lesquels je n'ai pas voté
if (is_logged()) {
$query_p1 .= sprintf(" AND T.thread_id NOT IN (SELECT DISTINCT thread_id FROM vote WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND T.thread_id NOT IN (SELECT DISTINCT thread_id FROM vote WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND T.thread_id NOT IN (SELECT DISTINCT thread_id FROM vote WHERE (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
if (!$is_admin) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
}
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
case 4:
// Propositions non modérées
if ($is_admin) {
$query_p1 .= " AND T.already_mod=0";
$query_p2 .= " AND T.already_mod=0";
$query_count .= " AND T.already_mod=0";
} else {
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
break;
default:
// Dans le doute
$query_p1 .= " AND FALSE";
$query_p2 .= " AND FALSE";
$query_count .= " AND FALSE";
}
} else {
if (!$is_admin) {
if (is_logged()) {
$query_p1 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_p2 .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))) AS CHAR)=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
$query_count .= sprintf(" AND (T.is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(T.rand_prop AS CHAR))))=T.hash_prop))", mysql_real_escape_string($_SESSION['login_c']));
} else {
$query_p1 .= " AND T.is_valid=1";
$query_p2 .= " AND T.is_valid=1";
$query_count .= " AND T.is_valid=1";
}
}
}
// Filtrage éventuel selon la catégorie
if (isset($_SESSION["thread_category_filter"]) && $_SESSION["thread_category_filter"] > 0) {
$category_searched = mysql_real_escape_string($_SESSION["thread_category_filter"]);
$query_p1 .= " AND T.category={$category_searched}";
$query_p2 .= " AND T.category={$category_searched}";
$query_count .= " AND T.category={$category_searched}";
}
// Regroupement propositions avec/sans votes
$query = $query_p1 . ' GROUP BY T.thread_id, T.rand_prop, T.hash_prop, T.title, T.text, T.date, T.is_valid, T.possibly_name, G.category_name) UNION ' . $query_p2 . ')';
// Détermination du nombre résultats potentiellement retournés, pour connaître la répartition par pages
$num_res = -1;
// Valeur par défaut en cas d'échec
$res = @mysql_query($query_count);
if ($res) {
if ($num_res = mysql_fetch_assoc($res)) {
$num_res = $num_res["NUM_RES"];
}
@mysql_free_result($res);
}
// Suite de la construction de la requête, GROUP et ORDER BY
if (isset($_SESSION["thread_ordering"])) {
switch ($_SESSION["thread_ordering"]) {
case 2:
$query .= " ORDER BY pro_vote DESC";
break;
case 3:
$query .= " ORDER BY pro_vote/total_vote DESC";
break;
case 4:
$query .= " ORDER BY total_vote DESC";
break;
default:
$query .= " ORDER BY date DESC";
break;
}
} else {
$query .= " ORDER BY date DESC";
}
// Fin de la construction de la requête, LIMIT selon la page affichée
$page_to_display = 1;
if (!isset($_SESSION["thread_page"])) {
$_SESSION["thread_page"] = 1;
} else {
$page_to_display = $_SESSION["thread_page"];
if (!is_numeric($page_to_display) || $page_to_display < 1) {
$_SESSION["thread_page"] = 1;
$page_to_display = 1;
}
}
if ($num_res > -1) {
$offset = round(10 * ($page_to_display - 1));
if ($offset >= $num_res) {
$offset = 0;
$_SESSION["thread_page"] = 1;
}
$query .= " LIMIT {$offset},10";
}
// ********************************************************************* //
// Menu de changement de page, sauvegardé pour affichage en base de page //
// ********************************************************************* //
$change_page = "";
if ($num_res > 10) {
$change_page .= '<div class="bottom_page_choice">';
for ($i = 1; $i < ceil($num_res / 10) + 1; $i++) {
if ($i == $_SESSION["thread_page"]) {
$change_page .= "{$i} ";
} else {
$change_page .= '<a href="?action=change_thread_page&num_page=' . $i . '">' . $i . '</a> ';
}
}
$change_page .= '</div><br/>';
echo $change_page;
} else {
echo '<br />';
}
////////////////////////////////////////////////////////
// Exécution de la requête et affichage des résultats //
////////////////////////////////////////////////////////
$result = @mysql_query($query);
if ($result) {
$result_returned = false;
$need_separator = false;
while ($row = mysql_fetch_assoc($result)) {
// Informations diverses sur le post
$result_returned = true;
$thread_id = $row["thread_id"];
$thread_id_affiche = htmlentities($thread_id);
$is_proprio = check_property($row["rand_prop"], $row["hash_prop"]);
$is_valid = $row["is_valid"];
$already_mod = $row["already_mod"];
$check_vote = get_votes_from_thread($thread_id);
$pro_vote = $check_vote["pro_votes"];
$agt_vote = $check_vote["against_votes"];
$per_vote = $check_vote["choice"];
// Hormis l'auteur ou un administrateur, affichage uniquement si le post a été modéré
if ($is_valid || $is_proprio || $privileges > 3) {
if ($need_separator) {
echo '<hr />';
}
$need_separator = true;
echo '
<article class="feed_item row" id="item-' . $thread_id_affiche . '"">
<div class="span2">
';
// Etat de modération
if ($privileges > 3) {
if ($already_mod) {
if ($is_valid) {
echo '<img src="img/modere.png" alt="Modéré" class="imgtitlenews" />';
} else {
echo '<img src="img/masque.png" alt="Masqué" class="imgtitlenews" />';
}
} else {
echo '<img src="img/n_modere.png" alt="Non modéré" class="imgtitlenews" />';
}
} elseif ($is_proprio) {
if ($already_mod) {
if (!$is_valid) {
echo '<img src="img/masque.png" alt="Masqué" class="imgtitlenews" />';
}
} else {
echo '<img src="img/n_modere.png" alt="Non modéré" class="imgtitlenews" />';
}
}
// Catégories avec images
echo '
<img src="img/placeholder_100x100.gif" alt="icon" class="avatar bordered"/>
';
// Votes
if ($privileges > 2) {
echo '<span class="vote">';
if ($per_vote > 0) {
echo '<a href="?action=vote_post&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="img/bright_votepro.png" alt="+1" class="imgvote" /></a>';
} else {
if ($vote_filt) {
echo '<a href="?action=vote_post&order=1&thread_id=' . $thread_id_affiche . '"><img src="img/pale_votepro.png" alt="+1" class="imgvote" /></a>';
} else {
echo '<a href="?action=vote_post&order=1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="img/pale_votepro.png" alt="+1" class="imgvote" /></a>';
}
}
if ($per_vote < 0) {
echo '<a href="?action=vote_post&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="img/bright_voteneg.png" alt="-1" class="imgvote" /></a>';
} else {
if ($vote_filt) {
echo '<a href="?action=vote_post&order=-1&thread_id=' . $thread_id_affiche . '"><img src="img/pale_voteneg.png" alt="-1" class="imgvote" /></a>';
} else {
echo '<a href="?action=vote_post&order=-1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '"><img src="img/pale_voteneg.png" alt="-1" class="imgvote" /></a>';
}
}
echo '</span>';
}
//close-open columns
echo '
</div>
<div class="span6">';
//add gravatar
echo '
<header class="row">
<div class="span1">
<img src="img/placeholder_50x50.gif" alt="icon" class="avatar bordered"/>
</div>
';
//start meta
echo '
<div class="span5">
<p class="meta">
<small>
Posted by :
';
// name + link to profile
if (!empty($row["possibly_name"])) {
echo '<a href="#">' . htmlentities($row["possibly_name"]) . '</a>';
}
// tags
echo '
with tags : <a href="#">' . htmlentities($row["category_name"]) . '</a>';
//close meta
echo '
</small>
</p>';
// Titre
echo '
<h3>' . htmlentities(stripslashes($row["title"])) . '</h3>';
//share sns buttons + close header
echo '
<section class="sns"><!-- AddThis Button BEGIN -->
<div class="addthis_toolbox addthis_default_style ">
<a class="addthis_button_preferred_1"></a>
<a class="addthis_button_preferred_2"></a>
<a class="addthis_button_preferred_3"></a>
</div>
<script type="text/javascript" src="http://s7.addthis.com/js/250/addthis_widget.js#pubid=xa-4f3e39a4223675c7"></script>
</section><!-- AddThis Button END -->
</div><!--span5 -->
</header>
';
/*
echo('
<div class="votebar">');
// Etat des votes
if ($pro_vote==0)
{
if($agt_vote==0)
{
echo('<span class="neutralvote">
<span class="votebarannotation">
+0
</span>
</span>
</div>');
}
else
{
echo('<span class="againstvote" style="height:100%;width:8px;">
<span class="votebarannotation">
-'.htmlentities($agt_vote).'
</span>
</span>
</div>');
}
}
else
{
if($agt_vote==0)
{
echo('<span class="provote" style="height:100%;width:8px;">
<span class="votebarannotation_pro">
+'.htmlentities($pro_vote).'
</span>
</span>
</div>');
}
else
{
$prop_pro=round(100*$pro_vote/($agt_vote+$pro_vote));
echo('<span class="provote" style="height:'.$prop_pro.'%;width:8px;">
<span class="votebarannotation_pro">
+'.htmlentities($pro_vote).'
</span>
</span>
<span class="againstvote" style="height:'.(100-$prop_pro).'%;width:8px;">
<span class="votebarannotation">
-'.htmlentities($agt_vote).'
</span>
</span>
</div>');
}
}
*/
// Corps du texte
echo '<div class="content"><p>' . text_display_prepare($row["text"]) . '</p></div>';
// utils
echo '<footer class="">';
//upvote
echo '<a class="" href="?action=vote_post&order=' . '1' . '&thread_id=' . $thread_id_affiche . '">' . _('Upvote') . '<i class="icon-thumbs-up"></i>' . '</a>';
echo " - ";
// downvote
echo '<a class="" href="?action=vote_post&order=' . '-1' . '&thread_id=' . $thread_id_affiche . '">' . _('Downvote') . '<i class="icon-thumbs-down"></i>' . '</a>';
echo " - ";
// Date
echo '<time class="" datetime="' . htmlentities(transfo_date($row["date"])) . '">' . htmlentities(transfo_date($row["date"])) . '</time>';
echo " - ";
// comments
affichage_comments($thread_id, false);
// utils delete/edite/anonymize
if ($is_proprio || $privileges > 4) {
echo ' |
<a class="adminutil" href="?action=edit_post&thread_id=' . $thread_id_affiche . '">' . _('Edit') . '</a>
-
<a class="adminutil" href="?action=remove_post&thread_id=' . $thread_id_affiche . '">' . _('Delete') . '</a>';
// hide name
if ($is_proprio) {
if (!empty($row["possibly_name"])) {
echo ' - <a href="?action=anonymization&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">' . _('Hide my name') . '</a>';
} else {
echo ' - <a href="?action=anonymization&order=1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">' . _('Show my name') . '</a>';
}
}
}
if ($is_admin) {
if ($is_valid || !$already_mod) {
if ($current_mod) {
echo '<a href="?action=moderation&order=0&thread_id=' . $thread_id_affiche . '">Refuser</a>';
} else {
echo '<a href="?action=moderation&order=0&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">Refuser</a>';
}
}
if (!$is_valid || !$already_mod) {
if ($current_mod) {
echo '<a href="?action=moderation&order=1&thread_id=' . $thread_id_affiche . '">Accepter</a>';
} else {
echo '<a href="?action=moderation&order=1&thread_id=' . $thread_id_affiche . '#' . $thread_id_affiche . '">Accepter</a>';
}
}
}
echo '</small></footer>';
// COMMENTS
echo '<div class="commentbox">
<article class="comment clearfix">
<header class="span1">
<img src="img/placeholder_50x50.gif" alt="icon" class="avatar bordered"/>
</header>
<div class="com-content span4">
Lorem Ipsum
</div>
<footer>';
//upvote
echo '<a class="" href="?action=vote_post&order=' . '1' . '&thread_id=' . $thread_id_affiche . '">' . _('Upvote') . '<i class="icon-thumbs-up"></i>' . '</a>';
echo " - ";
// downvote
echo '<a class="" href="?action=vote_post&order=' . '-1' . '&thread_id=' . $thread_id_affiche . '">' . _('Downvote') . '<i class="icon-thumbs-down"></i>' . '</a>';
echo " - ";
// timestamp
echo '<time datetime="2010-12-16T11:15Z">16/12/2010 11:15</time>
</footer>
</article>
</div><!-- .commentbox-->
</article><!-- .feeditem -->';
}
}
// Affichage vide / d'un cadre de choix de page / d'un avertissement sur le nombre de résultats / selon les cas
if ($result_returned) {
echo $change_page . '<div class="newsterminator"><hr />' . NOM_ECOLE . ' REFRESH</div>';
} else {
echo '<div class="warning">Aucune proposition n\'est disponible selon les critères choisis</div>';
}
@mysql_free_result($result);
} else {
echo '<div class="warning">Erreur lors de la requête</div>';
}
}
} else {
need_ecole_member_privilege(2);
}
}
*/
include_once "pages_secondlevel/tool.php";
if (is_logged()) {
$email = "{$_SESSION['login_c']}";
$defaultavatar = "img/default-avatar.png";
$size = 80;
$grav_url = "http://www.gravatar.com/avatar/" . md5(strtolower(trim($email))) . "?d=" . urlencode($defaultavatar) . "&s=" . $size;
echo '<img src="' . $grav_url . '" alt="avatar" />';
echo '
<li><a href="?action=logout">' . _('Disconnect') . '</a></li>
<li><a href="?action=change_pass">' . _('Change password') . '</a></li>
<li><a href="?action=delete_account">' . _('Unsubscribe') . '</a></li>
';
if (user_privilege_level() > 3) {
echo '
<a href="?action=new_document">Ajouter un document</a>
';
}
} else {
log_in();
echo '
<li><a href="?action=lost_ids">' . _('Lost your log?') . '</a></li>
<li><a href="?action=create_account">' . _('Register') . '</a></li>
<li><a href="?action=display_useterms">' . _('Terms of use') . '</a></li>
';
}
function edit_doc()
{
if (isset($_SESSION['post'])) {
$_POST = $_SESSION['post'];
unset($_SESSION['post']);
}
$priv = user_privilege_level();
echo '<h1>Edition d\'un document :</h1>';
if ($priv > 3) {
$id = -1;
$titre = "";
$description = "";
$category = "";
$warnings = "";
if (isset($_GET["document_id"])) {
if (is_numeric($_GET["document_id"]) && $_GET["document_id"] > 0) {
$document_id = $_GET["document_id"];
$result = @mysql_query(sprintf("SELECT document_id,name,description,category FROM document WHERE document_id='%s'", mysql_real_escape_string($document_id)));
if ($result && ($row = mysql_fetch_assoc($result))) {
$id = $row["document_id"];
$titre = $row["name"];
$description = $row["description"];
$category = $row["category"];
@mysql_free_result($result);
} else {
$warnings = '<div class="warning">Document inexistant</div>';
}
} else {
$warnings = '<div class="warning">Document inexistant</div>';
}
} else {
$warnings = '<div class="warning">Document à supprimer non précisé</div>';
}
if (empty($warnings) && $id > 0) {
$affich_form = true;
if (isset($_POST['form_name']) && $_POST['form_name'] == "document_edition") {
if ($priv > 3) {
$trait = true;
if (isset($_POST["title"]) && is_string($_POST["title"]) && !empty($_POST["title"])) {
$titre = $_POST["title"];
} else {
$trait = false;
echo '<div class="warning">Titre incorrect</div>';
}
if (isset($_POST["description"]) && is_string($_POST["description"]) && !empty($_POST["description"])) {
$description = $_POST["description"];
} else {
$trait = false;
echo '<div class="warning">Description incorrecte</div>';
}
if (isset($_POST["category"]) && is_numeric($_POST["category"]) && $_POST["category"] > 0) {
$category = $_POST["category"];
} else {
$trait = false;
echo '<div class="warning">Catégorie incorrecte</div>';
}
if ($trait) {
// On vérifie l'existence de la catégorie : le stockage MyIsam n'autorise pas une simple clé étrangère comme dans le cas des posts etc.
$res_temp = @mysql_query(sprintf("SELECT COUNT( * ) AS NUM_ENR FROM document_category WHERE CATEGORY_ID = '%s'", mysql_real_escape_string($category)));
if ($res_temp && ($row = mysql_fetch_assoc($res_temp))) {
if ($row["NUM_ENR"] == 1) {
@mysql_free_result($result);
if (@mysql_query(sprintf("UPDATE document SET name='%s',description='%s',category='%s' WHERE document_id='%s'", mysql_real_escape_string($titre), mysql_real_escape_string($description), mysql_real_escape_string($category), mysql_real_escape_string($id)))) {
echo '<div class="success">Document correctement modifié</div>';
$affich_form = false;
} else {
echo '<div class="warning">Erreur lors de la mise à jour du document</div>';
}
} else {
echo '<div class="warning">Erreur lors de la mise à jour du document</div>';
}
} else {
echo '<div class="warning">Erreur lors de la mise à jour du document</div>';
}
}
} else {
echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>';
}
}
// Affichage du formulaire le cas échéant
if ($affich_form) {
echo '
<form method="post" action="?action=edit_doc&document_id=' . $id . '">
<table class="tab_form">
<tr>
<td>
Titre :
</td>
<td>
<input type="text" name="title" value="' . htmlentities(stripslashes($titre)) . '" />
</td>
</tr>
<tr>
<td>
Catégorie :
</td>
<td>
<select name="category">';
$tail = "";
$result = @mysql_query("SELECT category_id,category_name FROM document_category");
if ($result) {
while ($row = mysql_fetch_assoc($result)) {
if ($category == $row["category_id"]) {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '" selected="selected">' . htmlentities($row["category_name"]) . '</option>';
} else {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '">' . htmlentities($row["category_name"]) . '</option>';
}
}
@mysql_free_result($result);
}
if (empty($tail)) {
$tail = '<option value="0">Défaut</option>';
}
echo $tail . '
</select>
</td>
</tr>
<tr>
<td colspan="2">
<textarea name="description" rows="15" cols="80">' . htmlentities(stripslashes($description)) . '</textarea>
</td>
</tr>
<tr>
<td colspan="2">
<input type="hidden" name="form_name" value="document_edition" />
</td>
</tr>
<tr class="submit_center">
<td colspan="2" rowspan="1">
<input type="submit" value="Valider" />
</td>
</tr>
</table>
</form>';
}
} elseif (!empty($warnings)) {
echo $warnings;
}
} else {
echo '<div class="warning">Vous ne disposez pas des privilèges nécessaires à l\'édition d\'un document</div>';
}
if (isset($_POST)) {
unset($_POST);
}
}
License, or (at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU Affero General Public License for more details.
You should have received a copy of the GNU Affero General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
Contact : nicolas.seichepine.org/?action=contact
*/
session_start();
include_once "config.php";
include_once "script_php/pages_secondlevel/actions.php";
$privileges = user_privilege_level();
$login = $_SESSION['login_c'];
// Demande
if (isset($_GET["action"]) && is_string($_GET["action"])) {
$ccar_to_treat = htmlentities($_GET["action"]);
}
// Appel de la fonction associée à la demande
switch ($ccar_to_treat) {
// appel de la fonction post par Ajax
case "post":
post($_POST['title'], $_POST['message'], $_POST['anonymization'], $_POST['category'], $login, $valid = 0, $output = 'JSON');
break;
case "comments":
get_comments($_POST['thread_id'], $privileges, $login, $output = 'JSON');
break;
case "delete_comment":
function affichage_comments($thread_id, $moderation_mode = false, $unique_mode = false)
{
$privileges = user_privilege_level();
$is_admin = $privileges > 3;
$is_logged = is_logged();
$ancre = htmlentities($thread_id);
if ($moderation_mode) {
if ($is_admin) {
$escaped_name = mysql_real_escape_string($_SESSION['login_c']);
$comments = get_comments($thread_id, $privileges, $escaped_name, $output = '');
if ($comments->result) {
$result_returned = false;
foreach ($comments->data as $thread_id => $row) {
$result_returned = true;
$is_proprio = check_property($row["rand_prop"], $row["hash_prop"]);
$ancre = htmlentities($row["comment_id"]);
$date = $row['date'];
$possibly_name = $row['possibly_name'];
$sec_cid = htmlentities($row["comment_id"]);
$thread_tmp = htmlentities($row["thread_id"]);
$text = text_display_prepare(trim($row["text"]));
// Informations de contexte
display_comment($row, True, $privileges, $is_admin, $unique_mode);
}
if (!$result_returned) {
echo '<div class="warning">Aucun commentaire n\'est disponible selon les critères choisis</div>';
}
} else {
echo '<div class="warning">Erreur lors de la recherche des commentaires non modérés</div>';
}
} else {
echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>';
}
} else {
if ($privileges > 1) {
if (isset($_SESSION["unroll_comment"]) && $_SESSION["unroll_comment"] == $thread_id) {
$escaped_threadid = mysql_real_escape_string($thread_id);
$escaped_name = isset($_SESSION['login_c']) ? mysql_real_escape_string($_SESSION['login_c']) : '';
$comments = get_comments($escaped_threadid, $privileges, $escaped_name, $output = '');
if ($comments->result) {
if ($privileges > 3) {
$result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s'", mysql_real_escape_string($thread_id)));
} else {
if ($is_logged) {
$result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s' AND (is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($thread_id), mysql_real_escape_string($_SESSION['login_c'])));
} else {
$result_temp = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE is_valid=1 AND thread_id='%s'", mysql_real_escape_string($thread_id)));
}
}
if ($row = mysql_fetch_assoc($result_temp)) {
$nb_comment = htmlentities($row["NB_COMMENT"]);
display_speccom($unique_mode, $ancre, $thread_id, $nb_comment, 'roll');
}
@mysql_free_result($result_temp);
foreach ($comments->data as $thread_id => $row) {
$is_proprio = check_property($row["rand_prop"], $row["hash_prop"]);
$is_valid = $row["is_valid"];
if ($is_valid || $is_proprio || $privileges > 3) {
// afficher les commentaires
display_comment($row, $is_logged, $privileges, $unique_mode);
}
}
$text_prec = "";
$anon_prec = "";
if (isset($_SESSION["text_new_comment_rest"])) {
$text_prec = $_SESSION["text_new_comment_rest"];
}
if (isset($_SESSION["text_anonymous_rest"])) {
$anon_prec = 1;
}
if ($privileges > 2) {
// display the form that allows users to post comments
display_comment_form($unique_mode, $ancre, $thread_id, $text_prec, $anon_prec);
}
if (isset($_SESSION["text_new_comment_rest"])) {
unset($_SESSION["text_new_comment_rest"]);
}
if (isset($_SESSION["text_anonymous_rest"])) {
unset($_SESSION["text_anonymous_rest"]);
}
} else {
echo '<div class="warning">Erreur lors de la recherche des commentaires</div></div>';
}
} else {
if ($privileges > 3) {
$result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s'", mysql_real_escape_string($thread_id)));
} else {
if (is_logged()) {
$result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE thread_id='%s' AND (is_valid=1 OR (CAST(SHA1(CONCAT('%s',CAST(rand_prop AS CHAR))) AS CHAR)=hash_prop))", mysql_real_escape_string($thread_id), mysql_real_escape_string($_SESSION['login_c'])));
} else {
$result = @mysql_query(sprintf("SELECT COUNT(*) AS NB_COMMENT FROM comment WHERE is_valid=1 AND thread_id='%s'", mysql_real_escape_string($thread_id)));
}
}
if ($result && ($row = mysql_fetch_assoc($result))) {
$nb_comment = htmlentities($row["NB_COMMENT"]);
display_speccom($unique_mode, $ancre, $thread_id, $nb_comment, 'unroll');
} else {
echo '<div class="warning">Erreur lors de la recherche des commentaires</div></div>';
}
@mysql_free_result($result);
}
} else {
echo '<div class="warning">Vous ne disposez pas des droits nécessaires</div>';
}
}
}
