/** * Получить одну статью по ее ID. * * @param integer $id ид статьи * @param integer $user ид текущего пользователя * * @return <type> */ public function getArticle($id, $user_id, $force = false) { global $DB; $sql = 'SELECT an.*, file.fname, file.path, file.ftype, file.width, file.height, u.uname, u.usurname, u.login, au.rated, au.rate_value, au.bookmark, au.lastviewtime, au.hidden_threads FROM articles_new as an LEFT JOIN file ON file.id = an.logo LEFT JOIN articles_users au ON au.article_id = an.id ' . (!$force ? 'AND au.user_id = ?' : '') . ' INNER JOIN users as u ON u.uid = an.user_id WHERE an.id = ?'; $tsql = 'SELECT name, word_id FROM articles_word as aw INNER JOIN words w ON w.id = aw.word_id WHERE article_id = ?i'; $tags = $DB->rows($tsql, $id); if ($force) { $res = $DB->query($sql, $id); } else { $res = $DB->query($sql, $user_id, $id); } $error = $DB->error; if ($error) { $error = parse_db_error($error); } else { $ret = pg_fetch_row($res, null, PGSQL_ASSOC); if (!$ret) { return false; } $ret['kwords'] = $tags; } validate_code_style($ret['msgtext']); return $ret; }
/** * Регистрируем, редактируем сообщение. * * @param mixed $fields Поля выборки * @param integer $commune_id ИД сообщества * @param integer $user_id Тот, кто правит или тот, кто изменяет сообщение. * @param integer $message_id ИД сообщения * @param mixed $attach Вложение * @param string $question Вопрос для опросов. Если NULL, то голосование не добавляется и не изменяется. * @param array $new_answers Массив с новыми ответами, которые необходимо добавить в опросам * @param array $answers_exists Массив с существующими ответами на вопросы, в котором: индекс - id ответа, значение - текст ответа. * Если прав на изменение ответов нет, то текст ответа любой, но в текущем варианте права есть всегда. * Если ответа нет в этом массиве, то он удалится и из таблицы БД. * @return string array Данные по выборке, наче null */ function CreateMessage($fields, $commune_id, $user_id, $message_id = NULL, $attach = NULL, $question = NULL, $new_answers = NULL, $answers_exists = NULL, $multiple = NULL) { validate_code_style($fields["msgtext"]); global $DB; $pos = $fields['pos'] ? $fields['pos'] : 'NULL'; // позиция для топиков, которые закрепляются сверху (если -1, значит не изменять позицию) $pos_updated = FALSE; $close_comments = $fields['close_comments'] ? 't' : 'f'; $is_private = $fields['is_private'] ? 't' : 'f'; $is_edit = false; if ($message_id === NULL) { $parent_id = $fields['parent_id']; if ($pos < 0) { $pos = 'NULL'; } if ($parent_id !== NULL && $parent_id != '') { $sql = "SELECT theme_id FROM commune_messages WHERE id = ?"; $theme_id = $DB->val($sql, $parent_id); if ($DB->error) { return NULL; } } else { $sql = "SELECT re_pos_commune_themes({$commune_id}, NULL, {$pos});\n INSERT INTO commune_themes (commune_id, pos, close_comments, is_private, category_id) VALUES ({$commune_id}, {$pos}, '{$close_comments}', '{$is_private}', " . ($fields['category_id'] == 0 ? 'NULL' : $fields['category_id']) . ") RETURNING id"; $theme_id = $DB->val($sql); if (!$DB->error) { $pos_updated = TRUE; } else { return NULL; } // !!! ошибку выдать. $parent_id = null; } $sModVal = is_pro() ? 'NULL' : '0'; $insert_table = self::getTableName('commune_messages', $commune_id); $sql = "INSERT INTO {$insert_table} (parent_id, theme_id, user_id, msgtext, title, youtube_link, moderator_status)\n VALUES (?, ?, ?, ?, ?, ?, {$sModVal}) RETURNING id, theme_id, parent_id"; $res = $DB->query($sql, $parent_id, $theme_id, $user_id, $fields['msgtext'], $fields['title'], $fields['youtube_link']); } else { $sUserId = $DB->val('SELECT user_id FROM commune_messages WHERE id = ?i', $message_id); $u_status = commune::GetUserCommuneRel($commune_id, get_uid(false)); if ($sUserId != $_SESSION['uid'] && !hasPermissions('communes') && !($u_status['is_moderator'] == 1 || $u_status['is_admin'] == 1 || $u_status['is_author'] == 1)) { return 0; // Чужой топик редактировать нельзя если ты не админ сайта } $is_edit = true; $sModer = ''; $sql = ''; if ($user_id == $_SESSION['uid'] && !hasPermissions('communes') && !is_pro()) { // автор, не админ, не про - отправить на модерирование $sModer = ' , moderator_status = 0 '; } $sql .= "UPDATE commune_messages \n SET modified_id = ?i,\n\t\t\t\t modified_time = LOCALTIMESTAMP,\n msgtext = ?,\n title = ?,\n youtube_link = ?" . $sModer . '' . "\n WHERE id = ?i RETURNING id, theme_id, parent_id"; $res = $DB->query($sql, $user_id, $fields['msgtext'], $fields['title'], $fields['youtube_link'], $message_id); } if ($res && pg_affected_rows($res)) { list($message_id, $theme_id, $parent_id) = pg_fetch_row($res); self::checkWysiwygInlineImages($message_id, $fields['msgtext'], $is_edit); if ((!$is_edit || $user_id == $_SESSION['uid'] && !hasPermissions('communes')) && !is_pro()) { /*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' ); require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/user_content.php' ); $stop_words = new stop_words(); $aEx = is_array($answers_exists) && $answers_exists ? $answers_exists : ''; $aNew = is_array($new_answers) && $new_answers ? $new_answers : ''; $nStopWordsCnt = $stop_words->calculate( $fields['msgtext'], $fields['title'], $question, $aEx, $aNew ); $DB->insert( 'moderation', array('rec_id' => $message_id, 'rec_type' => user_content::MODER_COMMUNITY, 'stop_words_cnt' => $nStopWordsCnt) );*/ } // if ($attach) { $max = self::getMaxSort($message_id); foreach ($attach as $file) { $max++; //$at_sql = "INSERT INTO commune_attach (cid, fid, small,sort) VALUES('{$message_id}', '{$file->id}', '{$file->is_smalled}','{$max}')"; //$DB->squery($at_sql); $file->updateFileParams(array('src_id' => $message_id, 'small' => $file->is_smalled, 'sort' => $max), false); } } if ($parent_id === NULL || $parent_id == '') { $sql = "UPDATE commune_themes SET close_comments = '{$close_comments}', is_private = '{$is_private}', category_id=" . ($fields['category_id'] == 0 ? 'NULL' : $fields['category_id']) . " WHERE id = {$theme_id}"; if (!$DB->squery($sql)) { return NULL; } } if ($theme_id && !$parent_id) { /* опросы */ $change_access = true; if ($question !== NULL && $question != '') { $sql = "SELECT COUNT(*) FROM commune_poll WHERE theme_id = ?i"; $p = $DB->val($sql, $theme_id); if ($p && $change_access) { $m = $multiple !== NULL ? $multiple ? ", multiple = 't'" : ", multiple = 'f'" : ""; $sql = "UPDATE commune_poll SET question = '{$question}' {$m} WHERE theme_id = {$theme_id};"; } else { if (!$p) { $sql = "INSERT INTO commune_poll (theme_id, question, closed, multiple) VALUES ({$theme_id}, '{$question}', 'f', " . ($multiple ? "'t'" : "'f'") . ");"; } } $sql .= "DELETE FROM commune_poll_answers WHERE theme_id = {$theme_id}" . ($answers_exists && is_array($answers_exists) ? " AND id NOT IN (" . implode(",", array_keys($answers_exists)) . ");" : ";"); if ($change_access && is_array($answers_exists)) { foreach ($answers_exists as $id => $answer) { $sql .= "UPDATE commune_poll_answers SET answer = '{$answer}' WHERE id = {$id} AND theme_id = {$theme_id};"; } } if (is_array($new_answers)) { foreach ($new_answers as $answer) { $sql .= "INSERT INTO commune_poll_answers (theme_id, answer) VALUES ({$theme_id}, '{$answer}');"; } } if ($sql) { if (!$DB->squery($sql)) { return NULL; } } } else { $DB->query("DELETE FROM commune_poll WHERE theme_id = ?i", $theme_id); } /* --- */ if (!$pos_updated && $pos != -1) { $sql = ''; $sql .= "SELECT re_pos_commune_themes({$commune_id}, (SELECT pos FROM commune_themes WHERE id = {$theme_id}), {$pos});"; $sql .= "UPDATE commune_themes SET pos = {$pos} WHERE id = {$theme_id}"; $DB->squery($sql); } } return pg_fetch_result($res, 0, 0); } return NULL; }
</div> <div class="b-layout__right b-layout__right_relative b-layout__right_width_72ps b-layout__right_margleft_3ps b-layout__right_float_left"> <div id="blocked-reason-<?php echo $id; ?> "> <?php if ($comm['is_blocked'] == 't') { echo __commPrntBlockedBlock($comm['blocked_reason'], $comm['blocked_time'], $comm['admin_login'], "{$comm['admin_name']} {$comm['admin_uname']}", $comm['id']); } ?> </div> <?php foreach ($topics as $top) { if ($top["msgtext"]) { validate_code_style($top["msgtext"]); } if ($top['user_is_banned'] && !($user_mod & commune::MOD_ADMIN) || $top['member_is_banned'] && $top['user_id'] != get_uid(false) && !($user_mod & (commune::MOD_ADMIN | commune::MOD_COMM_AUTHOR | commune::MOD_COMM_MANAGER)) || intval($top["deleted_id"]) != 0 && !hasPermissions("adm") || $top['is_private'] == 't' && $top['user_id'] != $uid && !($user_mod & (commune::MOD_ADMIN | commune::MOD_COMM_AUTHOR | commune::MOD_COMM_MANAGER))) { continue; } ?> <?php // печатаем топик if (!$comm['is_blocked'] || $user_mod & commune::MOD_MODER) { ?> <a name="o<?php echo $alert && $message_id ? '' : $top['id']; ?> "></a> <div id='idTop_<?php echo $top['id'];
/** * Функция создания/обновления комментария * * @param array $params Данные на сохранение * @param integer $cid Ид комментария для редактирования * @param integer $author UID автора комментария * @return boolean */ protected function save($params = array(), $cid = null, $author = 0) { $DB = new DB('master'); $model = $this->model(); if ($this->_options['readonly']) { return false; } $insert_fields = array(); $insert_data = array(); validate_code_style($params["msgtext"]); #0024876 foreach ($model['comments']['fields'] as $k => $v) { if (isset($params[$k])) { $insert_fields[] = $v; $insert_data[] = $params[$k]; } } if (!$cid) { if (isset($model['comments']['fields']['created_time'])) { $insert_fields[] = $model['comments']['fields']['created_time']; $insert_data[] = 'NOW()'; } $sModFld = !empty($model['comments']['fields']['moderator_status']) ? ', ' . $model['comments']['fields']['moderator_status'] : ''; $sModVal = !empty($model['comments']['fields']['moderator_status']) ? ', ' . (is_pro() ? 'NULL' : '0') : ''; // Новый комментарий $insert_table = $model['comments']['insert_table'] != '' ? $model['comments']['insert_table'] : $model['comments']['table']; $sql[] = "INSERT INTO " . $insert_table . " (" . implode(", ", $insert_fields) . "{$sModFld}) "; $sql[] = "VALUES ('" . implode("', '", $insert_data) . "'{$sModVal}) "; $sql[] = "RETURNING " . $model['comments']['fields']['id']; } else { // Обновление коммента $sql[] = "UPDATE " . $model['comments']['table'] . " SET "; if (isset($model['comments']['fields']['modified']) && isset($model['comments']['fields']['modified_time'])) { $insert_fields[] = $model['comments']['fields']['modified']; $insert_data[] = get_uid(false); $insert_fields[] = $model['comments']['fields']['modified_time']; $insert_data[] = 'NOW()'; } if ($author == get_uid(false) && !$model['permissions'] && !empty($model['comments']['fields']['moderator_status']) && !empty($model['moderation_rec_type']) && !is_pro()) { /*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' ); $insert_fields[] = $model['comments']['fields']['moderator_status']; $insert_data[] = '0'; $stop_words = new stop_words(); $nStopWordsCnt = $stop_words->calculate( $params[$model['comments']['fields']['msgtext']] ); $nSortOrder = !empty($model['moderation_sort_order']) ? $model['moderation_sort_order'] : 3; $GLOBALS['DB']->insert( 'moderation', array('rec_id' => $cid, 'rec_type' => $model['moderation_rec_type'], 'stop_words_cnt' => $nStopWordsCnt, 'sort_order' => $nSortOrder) );*/ } $update_sql = array(); foreach ($insert_fields as $i => $field) { if ($field != $model['comments']['fields']['msgtext'] && $field != $model['comments']['fields']['modified'] && $field != $model['comments']['fields']['modified_time'] && $field != $model['comments']['fields']['moderator_status'] && $field != $model['comments']['fields']['yt'] && $field != $model['comments']['fields']['access']) { continue; } $update_sql[] = $field . " = '{$insert_data[$i]}'"; } $sql[] = implode(", ", $update_sql); $sql[] = "WHERE " . $model['comments']['fields']['id'] . " = " . $cid; $sql[] = "RETURNING " . $model['comments']['fields']['id']; } $sql = implode(" ", $sql); if (($res = $DB->squery($sql)) && pg_affected_rows($res)) { list($newid) = pg_fetch_row($res); if (!$cid && $sModFld && !is_pro()) { /*require_once( $_SERVER['DOCUMENT_ROOT'] . '/classes/stop_words.php' ); $stop_words = new stop_words(); $nStopWordsCnt = $stop_words->calculate( $params[$model['comments']['fields']['msgtext']] ); $nSortOrder = !empty($model['moderation_sort_order']) ? $model['moderation_sort_order'] : 3; $GLOBALS['DB']->insert( 'moderation', array('rec_id' => $newid, 'rec_type' => $model['moderation_rec_type'], 'stop_words_cnt' => $nStopWordsCnt, 'sort_order' => $nSortOrder) );*/ } } if (count($params['rmattaches']) && $cid) { $file = new CFile(); $file->table = $model['attaches']['file_table']; // TODO добавить проверку идентификаторов аттачей к комменту $cid, пропускать, если левый foreach ($params['rmattaches'] as $attach) { // if(!isset($comment_attaches[$attach])) continue; $file->Delete($attach); } } if (isset($model['attaches']) && isset($params['attaches']) && count($params['attaches'])) { if ($model['attaches']['table'] == $model['attaches']['file_table']) { foreach ($params['attaches'] as $file) { $p = array(); foreach ($model['attaches']['fields'] as $k => $v) { switch ($k) { case 'small': $p[$v] = $file['tn'] == 2 ? true : false; break; case 'file': $p[$v] = $file['f_id']; break; case 'comment': $p[$v] = $newid; break; case 'temp': $p[$v] = false; break; case 'inline': $p[$v] = false; break; case 'sort': $p[$v] = intval($v); break; } } $cfile = new CFile($file['f_id']); $cfile->table = $model['attaches']['table']; $cfile->updateFileParams($p, false); } } else { $insert_fields = array(); $insert_data = array(); foreach ($model['attaches']['fields'] as $k => $v) { $insert_fields[] = $v; } $sql = "INSERT INTO " . $model['attaches']['table'] . " (" . implode(', ', $insert_fields) . ") VALUES "; $insert_sql = array(); foreach ($params['attaches'] as $file) { $f_sql = array(); foreach ($model['attaches']['fields'] as $k => $v) { switch ($k) { case 'small': $f_sql[] = $file['tn'] == 2 ? "'t'" : "'f'"; break; case 'file': $f_sql[] = $file['f_id']; break; case 'comment': $f_sql[] = $newid; break; case 'temp': $f_sql[] = "'f'"; break; case 'inline': $f_sql[] = "'f'"; break; case 'sort': $f_sql[] = intval($v); break; default: $f_sql[] = __paramValue('string', $v); } } if (count($f_sql) > 1) { $insert_sql[] = "(" . implode(", ", $f_sql) . ")"; } } if (count($insert_sql)) { $sql .= implode(", ", $insert_sql); $DB->squery($sql); } } } $this->checkWysiwygInlineImages($newid, $params['msgtext'], $cid); return $newid; }