break;
case 'delete_comment':
check_pwg_token();
include_once PHPWG_ROOT_PATH . 'include/functions_comment.inc.php';
check_input_parameter('comment_to_delete', $_GET, false, PATTERN_ID);
$author_id = get_comment_author_id($_GET['comment_to_delete']);
if (can_manage_comment('delete', $author_id)) {
delete_user_comment($_GET['comment_to_delete']);
}
redirect($url_self);
case 'validate_comment':
check_pwg_token();
include_once PHPWG_ROOT_PATH . 'include/functions_comment.inc.php';
check_input_parameter('comment_to_validate', $_GET, false, PATTERN_ID);
$author_id = get_comment_author_id($_GET['comment_to_validate']);
if (can_manage_comment('validate', $author_id)) {
validate_user_comment($_GET['comment_to_validate']);
}
redirect($url_self);
}
}
//---------- incrementation of the number of hits
$inc_hit_count = !isset($_POST['content']);
// don't increment counter if in the Mozilla Firefox prefetch
if (isset($_SERVER['HTTP_X_MOZ']) and $_SERVER['HTTP_X_MOZ'] == 'prefetch') {
$inc_hit_count = false;
} else {
// don't increment counter if comming from the same picture (actions)
if (pwg_get_session_var('referer_image_id', 0) == $page['image_id']) {
$inc_hit_count = false;
}
$author = l10n('guest');
}
} else {
$author = stripslashes($row['username']);
}
$tpl_comment = array('ID' => $row['id'], 'AUTHOR' => trigger_change('render_comment_author', $author), 'DATE' => format_date($row['date'], true), 'CONTENT' => trigger_change('render_comment_content', $row['content'], 'guestbook'), 'WEBSITE' => $row['website']);
if ($conf['guestbook']['activate_rating']) {
$tpl_comment['STARS'] = get_stars($row['rate'], get_root_url() . GUESTBOOK_PATH . 'template/jquery.raty/');
}
if (is_admin() and !empty($row['email'])) {
$tpl_comment['EMAIL'] = $row['email'];
}
if (can_manage_comment('delete', $row['author_id'])) {
$tpl_comment['U_DELETE'] = add_url_params($url_self, array('action' => 'delete_comment', 'comment_to_delete' => $row['id'], 'pwg_token' => get_pwg_token()));
}
if (can_manage_comment('edit', $row['author_id'])) {
$tpl_comment['U_EDIT'] = add_url_params($url_self, array('action' => 'edit_comment', 'comment_to_edit' => $row['id']));
if (isset($edit_comment) and $row['id'] == $edit_comment) {
$tpl_comment['IN_EDIT'] = true;
$tpl_comment['KEY'] = get_ephemeral_key(2);
$tpl_comment['CONTENT'] = $row['content'];
$tpl_comment['PWG_TOKEN'] = get_pwg_token();
$tpl_comment['U_CANCEL'] = $url_self;
}
}
if (is_admin()) {
if ($row['validated'] != 'true') {
$tpl_comment['U_VALIDATE'] = add_url_params($url_self, array('action' => 'validate_comment', 'comment_to_validate' => $row['id'], 'pwg_token' => get_pwg_token()));
}
}
$template->append('comments', $tpl_comment);
if (can_manage_comment('delete', $comment['author_id'])) {
$tpl_comment['U_DELETE'] = add_url_params($url_self, array('delete' => $comment['comment_id'], 'pwg_token' => get_pwg_token()));
}
if (can_manage_comment('edit', $comment['author_id'])) {
$tpl_comment['U_EDIT'] = add_url_params($url_self, array('edit' => $comment['comment_id']));
if (isset($edit_comment) and $comment['comment_id'] == $edit_comment) {
$tpl_comment['IN_EDIT'] = true;
$key = get_ephemeral_key(2, $comment['image_id']);
$tpl_comment['KEY'] = $key;
$tpl_comment['IMAGE_ID'] = $comment['image_id'];
$tpl_comment['CONTENT'] = $comment['content'];
$tpl_comment['PWG_TOKEN'] = get_pwg_token();
$tpl_comment['U_CANCEL'] = $url_self;
}
}
if (can_manage_comment('validate', $comment['author_id'])) {
if ('true' != $comment['validated']) {
$tpl_comment['U_VALIDATE'] = add_url_params($url_self, array('validate' => $comment['comment_id'], 'pwg_token' => get_pwg_token()));
}
}
$template->append('comments', $tpl_comment);
}
}
$derivative_params = trigger_change('get_comments_derivative_params', ImageStdParams::get_by_type(IMG_THUMB));
$template->assign('derivative_params', $derivative_params);
// include menubar
$themeconf = $template->get_template_vars('themeconf');
if (!isset($themeconf['hide_menu_on']) or !in_array('theCommentsPage', $themeconf['hide_menu_on'])) {
include PHPWG_ROOT_PATH . 'include/menubar.inc.php';
}
// +-----------------------------------------------------------------------+