/**
* Получить одну статью по ее ID.
*
* @param integer $id ид статьи
* @param integer $user ид текущего пользователя
*
* @return <type>
*/
public function getArticle($id, $user_id, $force = false)
{
global $DB;
$sql = 'SELECT an.*,
file.fname, file.path, file.ftype, file.width, file.height,
u.uname, u.usurname, u.login,
au.rated, au.rate_value, au.bookmark, au.lastviewtime, au.hidden_threads
FROM articles_new as an
LEFT JOIN file ON file.id = an.logo
LEFT JOIN articles_users au ON au.article_id = an.id ' . (!$force ? 'AND au.user_id = ?' : '') . '
INNER JOIN users as u ON u.uid = an.user_id
WHERE an.id = ?';
$tsql = 'SELECT name, word_id FROM articles_word as aw INNER JOIN words w ON w.id = aw.word_id WHERE article_id = ?i';
$tags = $DB->rows($tsql, $id);
if ($force) {
$res = $DB->query($sql, $id);
} else {
$res = $DB->query($sql, $user_id, $id);
}
$error = $DB->error;
if ($error) {
$error = parse_db_error($error);
} else {
$ret = pg_fetch_row($res, null, PGSQL_ASSOC);
if (!$ret) {
return false;
}
$ret['kwords'] = $tags;
}
validate_code_style($ret['msgtext']);
return $ret;
}
/**
* Регистрируем, редактируем сообщение.
*
* @param mixed $fields Поля выборки
* @param integer $commune_id ИД сообщества
* @param integer $user_id Тот, кто правит или тот, кто изменяет сообщение.
* @param integer $message_id ИД сообщения
* @param mixed $attach Вложение
* @param string $question Вопрос для опросов. Если NULL, то голосование не добавляется и не изменяется.
* @param array $new_answers Массив с новыми ответами, которые необходимо добавить в опросам
* @param array $answers_exists Массив с существующими ответами на вопросы, в котором: индекс - id ответа, значение - текст ответа.
* Если прав на изменение ответов нет, то текст ответа любой, но в текущем варианте права есть всегда.
* Если ответа нет в этом массиве, то он удалится и из таблицы БД.
* @return string array Данные по выборке, наче null
*/
function CreateMessage($fields, $commune_id, $user_id, $message_id = NULL, $attach = NULL, $question = NULL, $new_answers = NULL, $answers_exists = NULL, $multiple = NULL)
{
validate_code_style($fields["msgtext"]);
global $DB;
$pos = $fields['pos'] ? $fields['pos'] : 'NULL';
// позиция для топиков, которые закрепляются сверху (если -1, значит не изменять позицию)
$pos_updated = FALSE;
$close_comments = $fields['close_comments'] ? 't' : 'f';
$is_private = $fields['is_private'] ? 't' : 'f';
$is_edit = false;
if ($message_id === NULL) {
$parent_id = $fields['parent_id'];
if ($pos < 0) {
$pos = 'NULL';
}
if ($parent_id !== NULL && $parent_id != '') {
$sql = "SELECT theme_id FROM commune_messages WHERE id = ?";
$theme_id = $DB->val($sql, $parent_id);
if ($DB->error) {
return NULL;
}
} else {
$sql = "SELECT re_pos_commune_themes({$commune_id}, NULL, {$pos});\n INSERT INTO commune_themes (commune_id, pos, close_comments, is_private, category_id) VALUES ({$commune_id}, {$pos}, '{$close_comments}', '{$is_private}', " . ($fields['category_id'] == 0 ? 'NULL' : $fields['category_id']) . ") RETURNING id";
$theme_id = $DB->val($sql);
if (!$DB->error) {
$pos_updated = TRUE;
} else {
return NULL;
}
// !!! ошибку выдать.
$parent_id = null;
}
$sModVal = is_pro() ? 'NULL' : '0';
$insert_table = self::getTableName('commune_messages', $commune_id);
$sql = "INSERT INTO {$insert_table} (parent_id, theme_id, user_id, msgtext, title, youtube_link, moderator_status)\n VALUES (?, ?, ?, ?, ?, ?, {$sModVal}) RETURNING id, theme_id, parent_id";
$res = $DB->query($sql, $parent_id, $theme_id, $user_id, $fields['msgtext'], $fields['title'], $fields['youtube_link']);
} else {
$sUserId = $DB->val('SELECT user_id FROM commune_messages WHERE id = ?i', $message_id);
$u_status = commune::GetUserCommuneRel($commune_id, get_uid(false));
if ($sUserId != $_SESSION['uid'] && !hasPermissions('communes') && !($u_status['is_moderator'] == 1 || $u_status['is_admin'] == 1 || $u_status['is_author'] == 1)) {
return 0;
// Чужой топик редактировать нельзя если ты не админ сайта
}
$is_edit = true;
$sModer = '';
$sql = '';
if ($user_id == $_SESSION['uid'] && !hasPermissions('communes') && !is_pro()) {
// автор, не админ, не про - отправить на модерирование
$sModer = ' , moderator_status = 0 ';
}
$sql .= "UPDATE commune_messages \n SET modified_id = ?i,\n\t\t\t\t modified_time = LOCALTIMESTAMP,\n msgtext = ?,\n title = ?,\n youtube_link = ?" . $sModer . '' . "\n WHERE id = ?i RETURNING id, theme_id, parent_id";
$res = $DB->query($sql, $user_id, $fields['msgtext'], $fields['title'], $fields['youtube_link'], $message_id);
}
if ($res && pg_affected_rows($res)) {
list($message_id, $theme_id, $parent_id) = pg_fetch_row($res);
self::checkWysiwygInlineImages($message_id, $fields['msgtext'], $is_edit);
if ((!$is_edit || $user_id == $_SESSION['uid'] && !hasPermissions('communes')) && !is_pro()) {
/*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' );
require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php' );
$stop_words = new stop_words();
$aEx = is_array($answers_exists) && $answers_exists ? $answers_exists : '';
$aNew = is_array($new_answers) && $new_answers ? $new_answers : '';
$nStopWordsCnt = $stop_words->calculate( $fields['msgtext'], $fields['title'], $question, $aEx, $aNew );
$DB->insert( 'moderation', array('rec_id' => $message_id, 'rec_type' => user_content::MODER_COMMUNITY, 'stop_words_cnt' => $nStopWordsCnt) );*/
}
//
if ($attach) {
$max = self::getMaxSort($message_id);
foreach ($attach as $file) {
$max++;
//$at_sql = "INSERT INTO commune_attach (cid, fid, small,sort) VALUES('{$message_id}', '{$file->id}', '{$file->is_smalled}','{$max}')";
//$DB->squery($at_sql);
$file->updateFileParams(array('src_id' => $message_id, 'small' => $file->is_smalled, 'sort' => $max), false);
}
}
if ($parent_id === NULL || $parent_id == '') {
$sql = "UPDATE commune_themes SET close_comments = '{$close_comments}', is_private = '{$is_private}', category_id=" . ($fields['category_id'] == 0 ? 'NULL' : $fields['category_id']) . " WHERE id = {$theme_id}";
if (!$DB->squery($sql)) {
return NULL;
}
}
if ($theme_id && !$parent_id) {
/* опросы */
$change_access = true;
if ($question !== NULL && $question != '') {
$sql = "SELECT COUNT(*) FROM commune_poll WHERE theme_id = ?i";
$p = $DB->val($sql, $theme_id);
if ($p && $change_access) {
$m = $multiple !== NULL ? $multiple ? ", multiple = 't'" : ", multiple = 'f'" : "";
$sql = "UPDATE commune_poll SET question = '{$question}' {$m} WHERE theme_id = {$theme_id};";
} else {
if (!$p) {
$sql = "INSERT INTO commune_poll (theme_id, question, closed, multiple) VALUES ({$theme_id}, '{$question}', 'f', " . ($multiple ? "'t'" : "'f'") . ");";
}
}
$sql .= "DELETE FROM commune_poll_answers WHERE theme_id = {$theme_id}" . ($answers_exists && is_array($answers_exists) ? " AND id NOT IN (" . implode(",", array_keys($answers_exists)) . ");" : ";");
if ($change_access && is_array($answers_exists)) {
foreach ($answers_exists as $id => $answer) {
$sql .= "UPDATE commune_poll_answers SET answer = '{$answer}' WHERE id = {$id} AND theme_id = {$theme_id};";
}
}
if (is_array($new_answers)) {
foreach ($new_answers as $answer) {
$sql .= "INSERT INTO commune_poll_answers (theme_id, answer) VALUES ({$theme_id}, '{$answer}');";
}
}
if ($sql) {
if (!$DB->squery($sql)) {
return NULL;
}
}
} else {
$DB->query("DELETE FROM commune_poll WHERE theme_id = ?i", $theme_id);
}
/* --- */
if (!$pos_updated && $pos != -1) {
$sql = '';
$sql .= "SELECT re_pos_commune_themes({$commune_id}, (SELECT pos FROM commune_themes WHERE id = {$theme_id}), {$pos});";
$sql .= "UPDATE commune_themes SET pos = {$pos} WHERE id = {$theme_id}";
$DB->squery($sql);
}
}
return pg_fetch_result($res, 0, 0);
}
return NULL;
}
</div>
<div class="b-layout__right b-layout__right_relative b-layout__right_width_72ps b-layout__right_margleft_3ps b-layout__right_float_left">
<div id="blocked-reason-<?php
echo $id;
?>
">
<?php
if ($comm['is_blocked'] == 't') {
echo __commPrntBlockedBlock($comm['blocked_reason'], $comm['blocked_time'], $comm['admin_login'], "{$comm['admin_name']} {$comm['admin_uname']}", $comm['id']);
}
?>
</div>
<?php
foreach ($topics as $top) {
if ($top["msgtext"]) {
validate_code_style($top["msgtext"]);
}
if ($top['user_is_banned'] && !($user_mod & commune::MOD_ADMIN) || $top['member_is_banned'] && $top['user_id'] != get_uid(false) && !($user_mod & (commune::MOD_ADMIN | commune::MOD_COMM_AUTHOR | commune::MOD_COMM_MANAGER)) || intval($top["deleted_id"]) != 0 && !hasPermissions("adm") || $top['is_private'] == 't' && $top['user_id'] != $uid && !($user_mod & (commune::MOD_ADMIN | commune::MOD_COMM_AUTHOR | commune::MOD_COMM_MANAGER))) {
continue;
}
?>
<?php
// печатаем топик
if (!$comm['is_blocked'] || $user_mod & commune::MOD_MODER) {
?>
<a name="o<?php
echo $alert && $message_id ? '' : $top['id'];
?>
"></a>
<div id='idTop_<?php
echo $top['id'];
/**
* Функция создания/обновления комментария
*
* @param array $params Данные на сохранение
* @param integer $cid Ид комментария для редактирования
* @param integer $author UID автора комментария
* @return boolean
*/
protected function save($params = array(), $cid = null, $author = 0)
{
$DB = new DB('master');
$model = $this->model();
if ($this->_options['readonly']) {
return false;
}
$insert_fields = array();
$insert_data = array();
validate_code_style($params["msgtext"]);
#0024876
foreach ($model['comments']['fields'] as $k => $v) {
if (isset($params[$k])) {
$insert_fields[] = $v;
$insert_data[] = $params[$k];
}
}
if (!$cid) {
if (isset($model['comments']['fields']['created_time'])) {
$insert_fields[] = $model['comments']['fields']['created_time'];
$insert_data[] = 'NOW()';
}
$sModFld = !empty($model['comments']['fields']['moderator_status']) ? ', ' . $model['comments']['fields']['moderator_status'] : '';
$sModVal = !empty($model['comments']['fields']['moderator_status']) ? ', ' . (is_pro() ? 'NULL' : '0') : '';
// Новый комментарий
$insert_table = $model['comments']['insert_table'] != '' ? $model['comments']['insert_table'] : $model['comments']['table'];
$sql[] = "INSERT INTO " . $insert_table . " (" . implode(", ", $insert_fields) . "{$sModFld}) ";
$sql[] = "VALUES ('" . implode("', '", $insert_data) . "'{$sModVal}) ";
$sql[] = "RETURNING " . $model['comments']['fields']['id'];
} else {
// Обновление коммента
$sql[] = "UPDATE " . $model['comments']['table'] . " SET ";
if (isset($model['comments']['fields']['modified']) && isset($model['comments']['fields']['modified_time'])) {
$insert_fields[] = $model['comments']['fields']['modified'];
$insert_data[] = get_uid(false);
$insert_fields[] = $model['comments']['fields']['modified_time'];
$insert_data[] = 'NOW()';
}
if ($author == get_uid(false) && !$model['permissions'] && !empty($model['comments']['fields']['moderator_status']) && !empty($model['moderation_rec_type']) && !is_pro()) {
/*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' );
$insert_fields[] = $model['comments']['fields']['moderator_status'];
$insert_data[] = '0';
$stop_words = new stop_words();
$nStopWordsCnt = $stop_words->calculate( $params[$model['comments']['fields']['msgtext']] );
$nSortOrder = !empty($model['moderation_sort_order']) ? $model['moderation_sort_order'] : 3;
$GLOBALS['DB']->insert( 'moderation', array('rec_id' => $cid, 'rec_type' => $model['moderation_rec_type'], 'stop_words_cnt' => $nStopWordsCnt, 'sort_order' => $nSortOrder) );*/
}
$update_sql = array();
foreach ($insert_fields as $i => $field) {
if ($field != $model['comments']['fields']['msgtext'] && $field != $model['comments']['fields']['modified'] && $field != $model['comments']['fields']['modified_time'] && $field != $model['comments']['fields']['moderator_status'] && $field != $model['comments']['fields']['yt'] && $field != $model['comments']['fields']['access']) {
continue;
}
$update_sql[] = $field . " = '{$insert_data[$i]}'";
}
$sql[] = implode(", ", $update_sql);
$sql[] = "WHERE " . $model['comments']['fields']['id'] . " = " . $cid;
$sql[] = "RETURNING " . $model['comments']['fields']['id'];
}
$sql = implode(" ", $sql);
if (($res = $DB->squery($sql)) && pg_affected_rows($res)) {
list($newid) = pg_fetch_row($res);
if (!$cid && $sModFld && !is_pro()) {
/*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' );
$stop_words = new stop_words();
$nStopWordsCnt = $stop_words->calculate( $params[$model['comments']['fields']['msgtext']] );
$nSortOrder = !empty($model['moderation_sort_order']) ? $model['moderation_sort_order'] : 3;
$GLOBALS['DB']->insert( 'moderation', array('rec_id' => $newid, 'rec_type' => $model['moderation_rec_type'], 'stop_words_cnt' => $nStopWordsCnt, 'sort_order' => $nSortOrder) );*/
}
}
if (count($params['rmattaches']) && $cid) {
$file = new CFile();
$file->table = $model['attaches']['file_table'];
// TODO добавить проверку идентификаторов аттачей к комменту $cid, пропускать, если левый
foreach ($params['rmattaches'] as $attach) {
// if(!isset($comment_attaches[$attach])) continue;
$file->Delete($attach);
}
}
if (isset($model['attaches']) && isset($params['attaches']) && count($params['attaches'])) {
if ($model['attaches']['table'] == $model['attaches']['file_table']) {
foreach ($params['attaches'] as $file) {
$p = array();
foreach ($model['attaches']['fields'] as $k => $v) {
switch ($k) {
case 'small':
$p[$v] = $file['tn'] == 2 ? true : false;
break;
case 'file':
$p[$v] = $file['f_id'];
break;
case 'comment':
$p[$v] = $newid;
break;
case 'temp':
$p[$v] = false;
break;
case 'inline':
$p[$v] = false;
break;
case 'sort':
$p[$v] = intval($v);
break;
}
}
$cfile = new CFile($file['f_id']);
$cfile->table = $model['attaches']['table'];
$cfile->updateFileParams($p, false);
}
} else {
$insert_fields = array();
$insert_data = array();
foreach ($model['attaches']['fields'] as $k => $v) {
$insert_fields[] = $v;
}
$sql = "INSERT INTO " . $model['attaches']['table'] . " (" . implode(', ', $insert_fields) . ") VALUES ";
$insert_sql = array();
foreach ($params['attaches'] as $file) {
$f_sql = array();
foreach ($model['attaches']['fields'] as $k => $v) {
switch ($k) {
case 'small':
$f_sql[] = $file['tn'] == 2 ? "'t'" : "'f'";
break;
case 'file':
$f_sql[] = $file['f_id'];
break;
case 'comment':
$f_sql[] = $newid;
break;
case 'temp':
$f_sql[] = "'f'";
break;
case 'inline':
$f_sql[] = "'f'";
break;
case 'sort':
$f_sql[] = intval($v);
break;
default:
$f_sql[] = __paramValue('string', $v);
}
}
if (count($f_sql) > 1) {
$insert_sql[] = "(" . implode(", ", $f_sql) . ")";
}
}
if (count($insert_sql)) {
$sql .= implode(", ", $insert_sql);
$DB->squery($sql);
}
}
}
$this->checkWysiwygInlineImages($newid, $params['msgtext'], $cid);
return $newid;
}
