#!/usr/bin/perl # MimerDesk # Web based groupware and eLearning environment # www.mimerdesk.org # # Copyright (C) 2001 Ionstream Ltd. # www.ionstream.fi # # This program is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by the Free # Software Foundation; either version 2 of the License, or (at your option) # any later version. # # This program is distributed with a hope that it will be useful, but # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # for more details. # # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. # $Id: product_review.html,v 1.12 2002/07/15 19:15:33 inf Exp $ #"""""""""""""""""""""""""""""""""""""""""# # # # MimerDesk: product review stuff # # ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ # # (c) Ionstream Oy 1999 - 2001 # # # # Programmed by: Hannes Muurinen # # # #_________________________________________# use lib::MimerDesk; use strict; use vars qw($form $APPLICATION $USER $IP $LAST_ACT $FORWARDED $TIME_USED $IDLE $no_year_given $ACTIVEGRP $REVIEWS_NAME $admin_status $GROUPACTIVOR $PRODUCT_INFO $PRODUCT_CATEGORY $PRODUCT_REVIEW $REVIEW_COMMENT $edit_on $trans $default_none_given_text ); use CGI::Carp "fatalsToBrowser"; sub print_template; read_config('../config/mimerdesk.cfg'); $config{'theme'} = 'default'; $APPLICATION = 'Resources - Reviews'; $no_year_given = -2147483648; # the default epoch value in databases for 'no publishing year given' # database table names: $PRODUCT_INFO = 'product_info'; $PRODUCT_CATEGORY = 'product_category'; $PRODUCT_REVIEW = 'product_review'; $REVIEW_COMMENT = 'review_comment'; $edit_on = 'true'; # The main program ################### initialize(); $form = decode_multipart(); $form->{'ID'} =~ tr/0-9//cd; $form->{'auth'} =~ tr/0-9a-z//cd; ($USER, $IP, $LAST_ACT, $FORWARDED, $TIME_USED, $IDLE, $ACTIVEGRP) = authenticate($form->{'ID'}, $form->{'auth'}, $form->{'changeGroup'}); $trans = lib::MimerDesk->new_gettext(program => 'product_review',language => $config{'language'}); $REVIEWS_NAME = $trans->gettext('Public reviews'); $APPLICATION = $trans->gettext('Resources - Reviews'); $default_none_given_text = '-'; #check if the program should behave as a group tool: if ($form->{'grouptool'} =~ /^\d+$/) { lock_tables('READ', 'groupusers'); db_list("SELECT RIGHTS,USER FROM groupusers where USER = '$USER' and GID = '$form->{'grouptool'}'"); while (my $ref = $sth->fetchrow_hashref()) { $admin_status = $ref->{'RIGHTS'}; $GROUPACTIVOR = $ref->{'USER'}; } db_end(); unlock_tables(); if (!$GROUPACTIVOR) { lock_tables('READ', 'users'); db_list("SELECT * FROM users where nimi = '$USER'"); while (my $ref = $sth->fetchrow_hashref()) {$admin_status = $ref->{'flags'};} db_end(); unlock_tables(); } else { # group databases: $PRODUCT_INFO = "$form->{'grouptool'}_$PRODUCT_INFO"; $PRODUCT_CATEGORY = "$form->{'grouptool'}_$PRODUCT_CATEGORY"; $PRODUCT_REVIEW = "$form->{'grouptool'}_$PRODUCT_REVIEW"; $REVIEW_COMMENT = "$form->{'grouptool'}_$REVIEW_COMMENT"; lock_tables('READ', 'groups'); db_list("SELECT GRPNAME,GID FROM groups where GID = '$form->{'grouptool'}'"); while (my $ref = $sth->fetchrow_hashref()) {$REVIEWS_NAME = tagged('a', {href => "group.html?ID=$form->{'ID'}&auth=$form->{'auth'}&changeGroup=$ref->{'GID'}", onMouseOver => "doClock(); return true", class => "contentLinkBlue", content => $ref->{'GRPNAME'}});} db_end(); unlock_tables(); } } else { lock_tables('READ', 'users'); db_list("SELECT * FROM users where nimi = '$USER'"); while (my $ref = $sth->fetchrow_hashref()) {$admin_status = $ref->{'flags'};} db_end(); unlock_tables(); } $edit_on = '' if $admin_status !~ /R0/; #only people with 'R0' status can do some serious stuff check_form_data(); add_review_comment() if ($form->{'postaa'}); print_template("$config{'theme'}_product_review"); # Subs: ########### sub print_template { my ($template, $ref, $fulltemplate, $calendar, $navigation_right, $calinfo, $navigation_left); $template = shift; print_header('pragma'); $ref = get_template('maintemplate',$template); $ref->{'maintemplate'} =~ s/<>/$ref->{$template}/m; $fulltemplate = $ref->{'maintemplate'}; if ($GROUPACTIVOR) { $fulltemplate = create_buttons($fulltemplate, 'Group', 'Reviews', $form); $APPLICATION = $trans->gettext('Group - Reviews'); } else {$fulltemplate = create_buttons($fulltemplate, 'Resources', 'Reviews', $form);} $fulltemplate =~ s/<>/minea/gm; $ref = get_template('js_doClock', 'js_help', 'js_gotosite'); my $stuff = $ref->{'js_doClock'}.$ref->{'js_help'}.$ref->{'js_gotosite'}; $fulltemplate =~ s/<>/$stuff/ms; $fulltemplate =~ s/<>/$form->{'grouptool'}/msg; $fulltemplate =~ s/<>/$REVIEWS_NAME/msg; $fulltemplate =~ s/<>/MimerDesk\: $APPLICATION/ms; $fulltemplate = replace_product_tags($fulltemplate); $fulltemplate = replace_tags($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}, $TIME_USED); $fulltemplate = add_popups($fulltemplate, $USER, $form->{'auth'}, $form->{'ID'}); print $fulltemplate; db_end('disconnect'); exit; } ######################################################################### # replace_product_tags - replaces some HTML-tags # #-----------------------------------------------------------------------# # replace_product_tags($some_text_with_tags) # # # # Usage: # # $HTML = replace_product_tags($HTML) # # # ######################################################################### sub replace_product_tags { my $template = shift; my ($picture, $datetime, $product_name, $author, $pub_datetime, $isbn, $info, $publisher, $some_HTML, $product_user, $categoryID, @custom_shit, @custom_names); lock_tables('READ', $PRODUCT_INFO, $PRODUCT_CATEGORY); db_list("SELECT * FROM $PRODUCT_INFO where IDnumber = '$form->{'productID'}'"); while (my $ref = $sth->fetchrow_hashref()) { $picture = $ref->{'picture'}; $product_name = $ref->{'name'}; $author = $ref->{'custom0'}; $pub_datetime = $ref->{'pub_datetime'}; @custom_shit = ($ref->{'custom0'},$ref->{'custom1'},$ref->{'custom2'},$ref->{'custom3'},$ref->{'custom4'}); $info = $ref->{'other_info'}; $product_user = $ref->{'sender'}; $categoryID = $ref->{'categoryID'}; } db_end(); db_list("SELECT c0_name,c1_name,c2_name,c3_name,c4_name,name,category FROM $PRODUCT_CATEGORY where IDnumber = '$categoryID'"); while (my $ref = $sth->fetchrow_hashref()) { @custom_names = ($ref->{'c0_name'},$ref->{'c1_name'},$ref->{'c2_name'},$ref->{'c3_name'},$ref->{'c4_name'}); $template =~ s/<>/$ref->{'category'} : $ref->{'name'}/ms; } db_end(); unlock_tables(); my $pub_date = $pub_datetime; $pub_date = $default_none_given_text if $pub_datetime == $no_year_given; foreach (0..4) {$custom_shit[$_] = $default_none_given_text if $custom_shit[$_] eq '';} $info =~ s/\n/
/gm; if ($info ne '') {$some_HTML = startrow(bgcolor => '#CEDFE8') . column(colspan => '2', class => 'content', content => $trans->gettext('Item description / other info')) . endrow() . startrow(bgcolor => '#FFFFFF') . column(colspan => '2', class => 'content', content => tag('br').tag('blockquote').$info.endtag('blockquote').tag('br')) . endrow(); } else {$some_HTML = '';} $template =~ s/<>/$some_HTML/ms; if ($product_user eq $USER) {$some_HTML = startrow(bgcolor => '#CEDFE8') . column(align => 'left', colspan => '2', class => 'content', content => tagged('a',{href => "products.html?ID=$form->{'ID'}&auth=$form->{'auth'}&productID=$form->{'productID'}&addproduct=Modify&showproducts=$categoryID&grouptool=$form->{'grouptool'}", onMouseOver => 'doClock(); return true', class => 'blackTitleLink', content => image(src => '<>edit.gif', border => '0', alt => $trans->gettext('Edit item information'))}) . ' ') . endrow(); } else {$some_HTML = '';} $template =~ s/<>/$some_HTML/ms; if ($picture eq '') {$picture = "$config{'loc_pictures'}/nopic.gif";} else {$picture = "$config{'loc_server'}/newspics/" . $picture;} $template =~ s/<>/$picture/ms; $template =~ s/<>/$product_name/ms; $template =~ s/<>/$product_name/msg; $template =~ s/<>/$pub_date/ms; $template =~ s/<>/$form->{'productID'}/msg; $template =~ s/<>/$categoryID/msg; $some_HTML = ''; foreach(0..4) {$some_HTML .= startrow() . column(width => '20%', bgcolor => '#CEDFE8', class => 'content', content => $custom_names[$_]) . column(width => '80%', class => 'content', bgcolor=> '#FFFFFF', content => $custom_shit[$_]) . endrow() if $custom_names[$_] ne '';} $template =~ s/<>/$some_HTML/ms; $some_HTML = get_review_list($form->{'productID'}); $template =~ s/<>/$some_HTML/ms; if ($form->{'productrevID'}) { $some_HTML = get_review($form->{'productrevID'}); $template =~ s/<>/$some_HTML/ms; $some_HTML = make_review_comment_form($form->{'productrevID'}); $template =~ s/<>/$some_HTML/ms; } else { $template =~ s/<>//ms; $template =~ s/<>//ms; } $some_HTML = get_review_comments($form->{'productrevID'}); $template =~ s/<>/$some_HTML/ms; return $template; } ################################################################################# # get_review_comments - fetches the comments from DB # #-------------------------------------------------------------------------------# # get_review_comments($product_review_ID) # # # # Retrieves the comments of the review according to the product_review_ID given # # as argument. # # # # Usage: # # $comments_in_HTML = get_review_comments($product_review_ID) # # # ################################################################################# sub get_review_comments { my $productrID = shift; my $comment_table = ''; db_list("SELECT * FROM $REVIEW_COMMENT where reviewID = '$productrID' order by datetime"); while (my $ref = $sth->fetchrow_hashref()) { my @post_date = utc_epoch2date($ref->{'datetime'}); $ref->{'comment'} =~ s/\n/
/gm; $comment_table .= startrow(bgcolor => '#CEDFE8') . column(align => 'left', content => " $ref->{'user'} / $post_date[5]/$post_date[4]/$post_date[3] $post_date[2]:$post_date[1]") . endrow() . startrow(bgcolor => '#FFFFFF') . column(align => 'left', content => tag('br') . $ref->{'comment'} . tag('br') . tag('br')) . endrow(); } db_end(); if ($comment_table ne '') { $comment_table = starttable(width => '100%', border => '0', cellspacing => '1', cellpadding => '3', gridcolor => '#000000'). startrow(bgcolor => '#AABFD7') . column(align => 'left', content => $trans->gettext('Comments on the review:')) . endrow(). $comment_table . endtable('hasgrid'); } return $comment_table; } ################################################################################# # get_review - fetches the review from the DB # #-------------------------------------------------------------------------------# # get_review($review_ID) # # # # Returns the review with the given ID from the database as HTML code. # # # # Usage: # # $review_in_HTML = get_review($review_ID) # # # ################################################################################# sub get_review { my $productrevID = shift; my $review_table = ''; my ($datetime, $headline, $review, $reviewer, $rating, $product_name); db_list("SELECT * FROM $PRODUCT_REVIEW where IDnumber = '$productrevID'"); while (my $ref = $sth->fetchrow_hashref()) { $datetime = $ref->{'datetime'}; $headline = $ref->{'headline'}; $review = $ref->{'review'}; $reviewer = $ref->{'user'}; $rating = $ref->{'rating'}; } db_end(); $review = itag_replacer($review); $review = urlify($review); my @postingdate = utc_epoch2date($datetime); db_list("SELECT name FROM $PRODUCT_INFO where IDnumber = '$form->{'productID'}'"); while (my $ref = $sth->fetchrow_hashref()) {$product_name = $ref->{'name'};} db_end(); $review =~ s/\n/
/gm; $review_table = startrow(bgcolor => '#AABFD7') . column(align => 'left', width => '100%', content => sprintf($trans->gettext('Review of the item %s'),$product_name)) . endrow() . startrow() . column(align => 'left', width => '100%', bgcolor => '#CEDFE8', content => tagged('span', {class => 'blackTitle', content => $headline}) . " - $reviewer / \t$postingdate[5]/$postingdate[4]/$postingdate[3] $postingdate[2]:$postingdate[1]") . endrow() . startrow() . column(align => 'left', width => '100%', bgcolor => '#FFFFFF', valign => 'top', content => tag('br') . $review . tag('br') . tag('br') . tag('br') . tagged('b', {content => $trans->gettext('Rating: ') . "$rating/5"}) . tag('br') . tag('br')) . endrow(); $review_table .= startrow(bgcolor => '#CEDFE8', align => 'left') . column(width => '100%', content => tagged('a',{href => "product_review_add.html?ID=$form->{'ID'}&auth=$form->{'auth'}&productrevID=$productrevID&action=Modify&grouptool=$form->{'grouptool'}", onMouseOver => 'doClock(); return true', class => 'blackTitleLink', content => $trans->gettext('Modify the review')})) . endrow() if $reviewer eq $USER; return $review_table; } ################################################################################# # get_review_list - fetches the review list from the DB # #-------------------------------------------------------------------------------# # get_review_list($product_ID) # # # # Returns the review list for the given product from the database as HTML code. # # # # Usage: # # $review_list_in_HTML = get_review_list($product_ID) # # # ################################################################################# sub get_review_list { my $productID = shift; my $review_table = startrow(bgcolor => '#AABFD7') . column(class => 'blackTitleLink', align => 'left', width => '20%', content => $trans->gettext('Date and time')) . column(class => 'blackTitleLink', align => 'left', width => '45%', content => $trans->gettext('Headline')) . column(class => 'blackTitleLink', align => 'left', width => '25%', content => $trans->gettext('Posted by')) . column(class => 'blackTitleLink', align => 'left', width => '10%', content => $trans->gettext('Rating')) . endrow(); my $review_table2 = ''; db_list("SELECT * FROM $PRODUCT_REVIEW where productID = '$productID' order by datetime"); while (my $ref = $sth->fetchrow_hashref()) { my @postingdate = utc_epoch2date($ref->{'datetime'}); # the current review is highlighted: my ($link); if ($ref->{'IDnumber'} == $form->{'productrevID'}) { $link = tagged('b', {content => ">$ref->{'headline'}"});} else { $link = tagged('a', {href => "product_review.html?ID=$form->{'ID'}&auth=$form->{'auth'}&productrevID=$ref->{'IDnumber'}&grouptool=$form->{'grouptool'}", onMouseOver => 'doClock(); return true', class => 'contentLinkBlue', content => $ref->{'headline'}});} $review_table2 .= startrow(bgcolor => '#FFFFFF') . column(class => 'content', valign => 'top', content => "$postingdate[5]/$postingdate[4]/$postingdate[3] $postingdate[2]:$postingdate[1]") . column(class => 'content', align => 'left', valign => 'top', content => $link) . column(class => 'content', align => 'left', valign => 'top', content => $ref->{'user'}) . column(class => 'content', align => 'left', valign => 'top', content => "$ref->{'rating'}/5") . endrow(); } db_end(); $review_table2 = startrow(bgcolor => '#FFFFFF') . column(class => 'content', align => 'left', valign => 'top', colspan => '4', content => $trans->gettext('No reviews of this item found!')) . endrow() if $review_table2 eq ''; return $review_table . $review_table2; } ################################################################################# # check_form_data - checks the form data # #-------------------------------------------------------------------------------# # check_form_data() # # # # Usage: # # check_form_data() # # # ################################################################################# sub check_form_data { if ($form->{'productrevID'}) { lock_tables('READ', $PRODUCT_REVIEW); db_list("SELECT productID FROM $PRODUCT_REVIEW where IDnumber = '$form->{'productrevID'}'"); while (my $ref = $sth->fetchrow_hashref()) { $form->{'productID'} = $ref->{'productID'} } db_end(); unlock_tables(); } redirect("products.html?ID=$form->{'ID'}&auth=$form->{'auth'}&grouptool=$form->{'grouptool'}") if (!$form->{'productID'} or $form->{'productID'} !~ /^[0-9]+$/); } ################################################################################# # make_review_comment_form - generates the review comment form # #-------------------------------------------------------------------------------# # make_review_comment_form($productrevID) # # # # Returns the review comment form for the given review as HTML code. # # # # Usage: # # $form_in_HTML = make_review_comment_form($productrevID) # # # ################################################################################# sub make_review_comment_form { my $productrevID = shift; my $comment_form = startform(name => 'comments', action => 'product_review.html') . hiddenfield('ID',$form->{'ID'}) . hiddenfield('auth',$form->{'auth'}) . hiddenfield('productID',$form->{'productID'}) . hiddenfield('productrevID',$productrevID) . hiddenfield('postaa','') . hiddenfield('grouptool',$form->{'grouptool'}) . qq[] . starttable(width => '65%', border => '0', cellspacing => '1', cellpadding => '3', width => '65%', gridcolor => '#000000', align => 'center') . startrow(bgcolor => '#AABFD7') . column(class => 'content', content => $trans->gettext('Comment the review:')) . endrow() . startrow(bgcolor => '#FFFFFF') . column(class => 'content', content => textarea(name => 'commentText', cols => '65', rows => '5', wrap => 'VIRTUAL')) . endrow() . startrow(bgcolor => '#FFFFFF') . column(class => 'content', content => tagged('a', {href => 'javascript:doposting()', onMouseOver => 'doClock(); return true', content => image(src => '<>postcomment.gif', border => '0', alt => $trans->gettext('Post the comment'))})) . endrow() . endtable('hasgrid'). endform(); return $comment_form; } ################################################################################# # add_review_comment - adds the review comment to the database # #-------------------------------------------------------------------------------# # add_review_comment() # # # # All the arguments are read from the form. # # # # Usage: # # add_review_comment() # # # ################################################################################# sub add_review_comment { my $epoch = time; ($epoch, $form->{'productrevID'}, $form->{'commentText'}) = prepare_fordb($epoch, $form->{'productrevID'}, $form->{'commentText'}); db_list("insert into $REVIEW_COMMENT values (NULL,'$USER','$epoch','$form->{'productrevID'}','$form->{'commentText'}')"); db_end(); }