function text_display_prepare($string_entr)
{
return transfo_url(nl2br(htmlentities(stripslashes($string_entr))));
}
function display_documents()
{
$rights = user_privilege_level();
if ($rights > 0) {
echo '<h1>Documentation :</h1>';
if (is_logged() || isset($_SESSION['confirmation_agreement']) && $_SESSION['confirmation_agreement'] == "ok") {
if (isset($_SESSION['transient_display'])) {
echo $_SESSION['transient_display'];
unset($_SESSION['transient_display']);
}
// Formulaire de tri/filtrage des documents
echo '<div class="enlarge_lowresol"><form method="post" action="?action=docs_filter_change">
<table class="tab_form_close">
<tr>
<td>
Catégorie :
</td>
<td>
<select name="category_filter">';
$tail = "<option value=\"0\">Toutes</option>";
$result = @mysql_query("SELECT category_id,category_name FROM document_category");
if ($result) {
while ($row = @mysql_fetch_assoc($result)) {
// Autant se prémunir contre une corruption des données en base, ça ne coûte rien (sauf du CPU ^^)
if (isset($_SESSION["document_category_filter"]) && $row["category_id"] == $_SESSION["document_category_filter"]) {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '" selected="selected">' . htmlentities($row["category_name"]) . '</option>';
} else {
$tail .= '<option value="' . htmlentities($row["category_id"]) . '">' . htmlentities($row["category_name"]) . '</option>';
}
}
@mysql_free_result($result);
}
echo $tail . '</select></td>
<td>
Rechercher :
</td>
<td>';
if (isset($_SESSION["document_search"]) && !empty($_SESSION["document_search"])) {
echo '<input type="text" name="docsearch" value="' . htmlentities($_SESSION["document_search"]) . '" />';
} else {
echo '<input type="text" name="docsearch" />';
}
echo '</td>
<td>
Trier par :
</td>
<td>
<select name="sorting">';
$tail = "";
if (isset($_SESSION["documents_ordering"])) {
$thread_ordering = $_SESSION["documents_ordering"];
if ($thread_ordering == 1) {
$tail = "<option value=\"1\" selected=\"selected\">Date</option><option value=\"2\">Pertinence</option>";
} elseif ($thread_ordering == 2) {
$tail = "<option value=\"1\">Date</option><option value=\"2\" selected=\"selected\">Pertinence</option>";
}
} else {
$tail = "<option value=\"1\">Date</option><option value=\"2\">Pertinence</option>";
}
echo $tail . '</select></td>
<td><input type="hidden" name="form_name" value="document_display_param" /></td>
<td><input type="submit" value="Valider" /></td>
</tr>
</table></form></div>';
// Construction de la recherche
$need_to_search = false;
$string_search = "";
if (isset($_SESSION["document_search"]) && !empty($_SESSION["document_search"])) {
$need_to_search = true;
$string_search = mysql_real_escape_string($_SESSION["document_search"]);
$query = "SELECT D.document_id, D.name, D.description, D.filedate, C.category_name, MATCH(D.description) AGAINST ('{$string_search}' IN BOOLEAN MODE) AS score\n\t\t\t\t\tFROM document D, document_category C\n\t\t\t\t\tWHERE D.category=C.category_id";
$query_count = "SELECT COUNT(*) AS NUM_RES\n\t\t\t\t\tFROM document\n\t\t\t\t\tWHERE MATCH(description) AGAINST ('{$string_search}')";
} else {
$query = "SELECT D.document_id,D.name,D.description,D.filedate,C.category_name FROM document D, document_category C\n\t\t\t\t\tWHERE D.category=C.category_id";
$query_count = "SELECT COUNT(*) AS NUM_RES FROM document";
}
if (isset($_SESSION["document_category_filter"]) && $_SESSION["document_category_filter"] > 0) {
$id_categ = mysql_real_escape_string($_SESSION["document_category_filter"]);
$query .= " AND C.category_id={$id_categ}";
if ($need_to_search) {
$query_count .= " AND category={$id_categ}";
} else {
$query_count .= " WHERE category={$id_categ}";
}
}
$res = @mysql_query($query_count);
$num_res = -1;
if ($res && ($num_res = @mysql_fetch_assoc($res))) {
$num_res = $num_res["NUM_RES"];
@mysql_free_result($res);
}
$mandatory_post_tri = false;
if ($need_to_search) {
$query .= " AND MATCH(D.description) AGAINST ('{$string_search}' IN BOOLEAN MODE)";
}
if ($need_to_search && $_SESSION["documents_ordering"] == 2) {
$query .= " ORDER BY score DESC";
} else {
$query .= " ORDER BY filedate DESC";
}
if ($num_res > -1) {
if (!isset($_SESSION["document_page"]) || !is_numeric($_SESSION["document_page"])) {
$_SESSION["document_page"] = 1;
}
if (!($_SESSION["document_page"] > 0)) {
$_SESSION["document_page"] = 1;
}
$offset = round(10 * ($_SESSION["document_page"] - 1));
if ($offset >= $num_res) {
$offset = 0;
$_SESSION["document_page"] = 1;
}
$query .= " LIMIT {$offset},10";
} else {
$_SESSION["document_page"] = 1;
}
$change_page = "";
if ($num_res > 10) {
$change_page .= '<div class="bottom_page_choice">';
for ($i = 1; $i < ceil($num_res / 10) + 1; $i++) {
if ($i == $_SESSION["document_page"]) {
$change_page .= "{$i} ";
} else {
$change_page .= '<a href="?action=change_document_page&num_page=' . $i . '">' . $i . '</a> ';
}
}
$change_page .= '</div><br/>';
echo $change_page;
} else {
echo '<br />';
}
$result = @mysql_query($query);
// Exécution de la requête de recherche des documents proprement dite
if ($result) {
$compteur = 0;
while ($row = mysql_fetch_assoc($result)) {
if ($compteur > 0) {
echo '<div class="newsterminator">
<hr />
</div>';
}
$doc_id = htmlentities($row["document_id"]);
$name = htmlentities(stripslashes($row["name"]));
$description = nl2br(htmlentities(stripslashes($row["description"])));
$date = htmlentities(transfo_date($row["filedate"]));
$category = htmlentities($row["category_name"]);
echo '
<div class="newstitle">
<a href="pdf_display.php?document_id=' . $doc_id . '" target="_blank">' . $name . ' [#' . $doc_id . ']' . '</a>
</div>
<div class="newsundertitle">
' . $date . ' - ' . $category . '
</div>
<div class="newscontent">
' . transfo_url($description) . '
</div>';
if ($rights > 3) {
echo '<div class="newsendlinks">
<a href="?action=edit_doc&document_id=' . $doc_id . '">Editer</a>
<a href="?action=remove_doc&document_id=' . $doc_id . '">Supprimer</a>
</div>';
}
$compteur++;
}
if ($compteur == 0) {
echo '<div class="warning">Aucun document correspondant aux critères fixés n\'est disponible pour le moment</div>';
} else {
echo $change_page . '<div class="newsterminator"><hr />' . NOM_ECOLE . '</div>';
}
@mysql_free_result($result);
} else {
echo '<div class="warning">Erreur lors du chargement</div>';
}
} else {
echo '<div class="warning">Il est nécessaire d\'approuver au préalable les <a href="index.php?action=display_useterms&allow_direct_accept=true">conditions d\'utilisation</a></div>';
}
} else {
need_ecole_member_privilege(1);
}
}