- Redid most of account.php and fixed quite some bugs!

Check out your new user account stuff and give me some feedback.
3-00
Dries Buytaert 2000-11-25 12:56:04 +00:00
parent 01018b6830
commit 086e72d4b1
7 changed files with 169 additions and 68 deletions

View File

@ -103,7 +103,7 @@ function account_user_edit() {
$output .= "<B>Bio:</B> (255 char. limit)<BR>\n";
$output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->bio</TEXTAREA><BR>\n";
$output .= "<I>Optional. This biographical information is publicly displayed on your user page.</I><P>\n";
$output .= "<B>Singature:</B> (255 char. limit)<BR>\n";
$output .= "<B>Signature:</B> (255 char. limit)<BR>\n";
$output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->signature</TEXTAREA><BR>\n";
$output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n";
$output .= "<B>Password:</B><BR>\n";
@ -190,7 +190,7 @@ function account_page_edit() {
$output .= "</FORM>\n";
$theme->header();
$theme->box("Customize your page", $output);
$theme->box("Edit your settings", $output);
$theme->footer();
}
else {
@ -219,7 +219,6 @@ function account_user($uname) {
global $user, $theme;
if ($user->id && $user->userid == $uname) {
$output .= "<P>Welcome $user->userid! This is <B>your</B> user info page. There are many more, but this one is yours. You are probably most interested in editing something, but if you need to kill some time, this place is as good as any other place.</P>\n";
$output .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TD ALIGN=\"right\"><B>User ID:</B></TD><TD>$user->userid</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Name:</B></TD><TD>". format_data($user->name) ."</TD></TR>\n";
@ -231,7 +230,7 @@ function account_user($uname) {
### Display account information:
$theme->header();
$theme->box("Your user information", $output);
$theme->box("View your information", $output);
$theme->footer();
}
elseif ($uname && $account = account_get_user($uname)) {
@ -249,7 +248,7 @@ function account_user($uname) {
$box2 .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". format_date($comment->timestamp) ."</TD></TR>\n";
$box2 .= " <TR><TD ALIGN=\"right\"><B>Story:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid\">". check_output($comment->story) ."</A></TD></TR>\n";
$box2 .= "</TABLE>\n";
$box2 .= "<BR><BR>\n";
$box2 .= "<P>\n";
$comments++;
}
@ -301,19 +300,18 @@ function account_email_submit($userid, $email) {
$result = db_query("SELECT id FROM users WHERE userid = '". check_output($userid) ."' AND real_email = '". check_output($email) ."'");
if ($account = db_fetch_object($result)) {
$new[userid] = $userid;
$new[passwd] = account_password();
$new[status] = 1;
$new[hash] = substr(md5("$new[userid]. ". time() .""), 0, 12);
$passwd = account_password();
$status = 1;
$hash = substr(md5("$userid. ". time() .""), 0, 12);
user_save($new, 1);
db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '$userid'");
$link = $site_url ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
$message = "$new[userid],\n\n\nyou requested us to e-mail you a new password for your $site_name account. Note that you will need to re-activate your account before you can login. You can do so simply by visiting the URL below:\n\n $link\n\nVisiting this URL will automatically re-activate your account. Once activated you can login using the following information:\n\n username: $new[userid]\n password: $new[passwd]\n\n\n-- $site_name crew\n";
$link = $site_url ."account.php?op=confirm&name=$userid&hash=$hash";
$message = "$userid,\n\n\nyou requested us to e-mail you a new password for your $site_name account. Note that you will need to re-activate your account before you can login. You can do so simply by visiting the URL below:\n\n $link\n\nVisiting this URL will automatically re-activate your account. Once activated you can login using the following information:\n\n username: $userid\n password: $passwd\n\n\n-- $site_name crew\n";
watchdog("message", "new password: `$userid' &lt;$email&gt;");
mail($email, "Account details for $site_name", $message, "From: noreply@$site_url");
mail($email, "Account details for $site_name", $message, "From: noreply");
$output = "Your password and further instructions have been sent to your e-mail address.";
}
@ -350,7 +348,7 @@ function account_create_submit($userid, $email) {
watchdog("message", "new account: `$new[userid]' &lt;$new[real_email]&gt;");
mail($new[real_email], "Account details for $site_name", $message, "From: noreply@$site_url");
mail($new[real_email], "Account details for $site_name", $message, "From: noreply");
$theme->header();
$theme->box("Create new account", "Congratulations! Your member account has been sucessfully created and further instructions on how to activate your account have been sent to your e-mail address.");
@ -397,31 +395,101 @@ function account_password($min_length=6) {
return $password;
}
function account_comments() {
function account_track_comments() {
global $theme, $user;
$info = "<P>This page might be helpful in case you want to keep track of your recent comments in any of the current discussions. You are presented an overview of your comments in each of the stories you participated in along with the number of replies each comment got.\n<P>\n";
$msg = "<P>This page might be helpful in case you want to keep track of your recent comments in any of the current discussions. You are presented an overview of your comments in each of the stories you participated in along with the number of replies each comment got.\n<P>\n";
$sresult = db_query("SELECT s.id, s.subject, COUNT(s.id) as count FROM comments c LEFT JOIN stories s ON c.sid = s.id WHERE c.author = $user->id GROUP BY s.id DESC LIMIT 5");
while ($story = db_fetch_object($sresult)) {
$output .= "<LI>". format_plural($story->count, comment, comments) ." in story `<A HREF=\"discussion.php?id=$story->id\">". check_output($story->subject) ."</A>`:</LI>\n";
$output .= "<LI>". format_plural($story->count, comment, comments) ." attached to story `<A HREF=\"discussion.php?id=$story->id\">". check_output($story->subject) ."</A>`:</LI>\n";
$output .= " <UL>\n";
$cresult = db_query("SELECT * FROM comments WHERE author = $user->id AND sid = $story->id");
while ($comment = db_fetch_object($cresult)) {
$output .= " <LI><A HREF=\"discussion.php?id=$story->id&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A> (<B>". format_plural(discussion_num_replies($comment->cid), "reply", "replies") ."</B>)</LI>\n";
$output .= " <LI><A HREF=\"discussion.php?id=$story->id&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A> - replies: ". discussion_num_replies($comment->cid) ." - score: ". discussion_score($comment) ."</LI>\n";
}
$output .= " </UL>\n";
}
$output = ($output) ? "$info $output" : "$info <CENTER><B>You have not posted any comments recently.</B></CENTER>\n";
$output = ($output) ? "$msg $output" : "$info <CENTER><B>You have not posted any comments recently.</B></CENTER>\n";
$theme->header();
$theme->box("Track your comments", $output);
$theme->footer();
}
function account_track_stories() {
global $theme, $user;
$msg = "<P>This page might be helpful in case you want to keep track of the stories you contributed. You are presented an overview of your stories along with the number of replies each story got.\n<P>\n";
$result = db_query("SELECT s.id, s.subject, s.timestamp, s.category, COUNT(s.id) as count FROM comments c LEFT JOIN stories s ON c.sid = s.id WHERE s.status = 2 AND s.author = $user->id GROUP BY s.id DESC");
while ($story = db_fetch_object($result)) {
$output .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Subject:</B></TD><TD><A HREF=\"discussion.php?id=$story->id\">". check_output($story->subject) ."</A> (". format_plural($story->count, "comment", "comments") .")</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Category:</B></TD><TD><A HREF=\"search.php?category=". urlencode($story->category) ."\">". check_output($story->category) ."</A></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". format_date($story->timestamp) ."</TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "<P>\n";
}
$output = ($output) ? "$msg $output" : "$info <CENTER><B>You have not posted any stories.</B></CENTER>\n";
$theme->header();
$theme->box("Track your stories", $output);
$theme->footer();
}
function account_track_site() {
global $theme, $user, $site_name;
$result1 = db_query("SELECT c.cid, c.pid, c.sid, c.subject, u.userid, s.subject AS story FROM comments c LEFT JOIN users u ON u.id = c.author LEFT JOIN stories s ON s.id = c.sid WHERE s.status = 2 ORDER BY cid DESC LIMIT 10");
while ($comment = db_fetch_object($result1)) {
$box1 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n";
$box1 .= " <TR><TD ALIGN=\"right\"><B>Comment:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD></TR>\n";
$box1 .= " <TR><TD ALIGN=\"right\"><B>Author:</B></TD><TD>". format_username($comment->userid) ."</TD></TR>\n";
$box1 .= " <TR><TD ALIGN=\"right\"><B>Story:</B></TD><TD><A HREF=\"discussion.php?id=$comment->sid\">". check_output($comment->story) ."</A></TD></TR>\n";
$box1 .= "</TABLE>\n";
$box1 .= "<P>\n";
}
$users_total = db_result(db_query("SELECT COUNT(id) FROM users"));
$stories_posted = db_result(db_query("SELECT COUNT(id) FROM stories WHERE status = 2"));
$stories_queued = db_result(db_query("SELECT COUNT(id) FROM stories WHERE status = 1"));
$stories_dumped = db_result(db_query("SELECT COUNT(id) FROM stories WHERE status = 0"));
$result = db_query("SELECT u.userid, COUNT(s.author) AS count FROM stories s LEFT JOIN users u ON s.author = u.id GROUP BY s.author ORDER BY count DESC LIMIT 10");
while ($poster = db_fetch_object($result)) $stories_posters .= format_username($poster->userid) .", ";
$comments_total = db_result(db_query("SELECT COUNT(cid) FROM comments"));
$comments_score = db_result(db_query("SELECT TRUNCATE(AVG(score / votes), 2) FROM comments WHERE votes > 0"));
$result = db_query("SELECT u.userid, COUNT(c.author) AS count FROM comments c LEFT JOIN users u ON c.author = u.id GROUP BY c.author ORDER BY count DESC LIMIT 10");
while ($poster = db_fetch_object($result)) $comments_posters .= format_username($poster->userid) .", ";
$diaries_total = db_result(db_query("SELECT COUNT(id) FROM diaries"));
$result = db_query("SELECT u.userid, COUNT(d.author) AS count FROM diaries d LEFT JOIN users u ON d.author = u.id GROUP BY d.author ORDER BY count DESC LIMIT 10");
while ($poster = db_fetch_object($result)) $diaries_posters .= format_username($poster->userid) .", ";
$box2 .= "<TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"1\">\n";
$box2 .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Users:</B></TD><TD>$users_total users</TD></TR>\n";
$box2 .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Stories:</B></TD><TD>$stories_posted posted, $stories_queued queued, $stories_dumped dumped<BR><I>[most frequent posters: $stories_posters ...]</I></TD></TR>\n";
$box2 .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Comments:</B></TD><TD>$comments_total comments with an average score of $comments_score<BR><I>[most frequent posters: $comments_posters ...]</I></TD></TR>\n";
$box2 .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Diaries:</B></TD><TD>$diaries_total diary entries<BR><I>[most frequent posters: $diaries_posters ...]</I></TD></TR>\n";
$box2 .= "</TABLE>\n";
$theme->header();
$theme->box("Recent comments", $box1);
$theme->box("Site statistics", $box2);
$theme->footer();
}
### Security check:
if (strstr($name, " ") || strstr($hash, " ")) {
watchdog("error", "account: attempt to provide malicious input through URI");
@ -433,30 +501,14 @@ switch ($op) {
account_session_start($userid, $passwd);
header("Location: account.php?op=info");
break;
case "confirm":
account_create_confirm($name, $hash);
break;
case "view":
account_user($name);
break;
case "discussion":
account_comments();
break;
case "logout":
account_session_close();
header("Location: account.php");
break;
case "E-mail password":
account_email_submit($userid, $email);
break;
case "Create account":
account_create_submit($userid, $email);
break;
case "user":
account_user_edit();
break;
case "page":
account_page_edit();
case "confirm":
account_create_confirm($name, $hash);
break;
case "Save user information":
account_user_save($edit);
@ -466,6 +518,46 @@ switch ($op) {
account_page_save($edit);
header("Location: account.php?op=info");
break;
case "logout":
account_session_close();
header("Location: account.php?op=info");
break;
case "view":
switch ($topic) {
case "info":
account_user($user->userid);
break;
case "diary":
header("Location: diary.php?op=view&name=$user->userid");
break;
default:
account_user($name);
}
break;
case "track":
switch ($topic) {
case "site":
account_track_site();
break;
case "stories":
account_track_stories();
break;
default:
account_track_comments();
}
break;
case "edit":
switch ($topic) {
case "user":
account_user_edit();
break;
case "page":
account_page_edit();
break;
default:
header("Location: diary.php?op=edit&name=$user->userid");
}
break;
default:
account_user($user->userid);
}

View File

@ -1,10 +1,5 @@
<?
function discussion_score($comment) {
$value = ($comment->votes) ? ($comment->score / $comment->votes) : (($comment->score) ? $comment->score : 0);
return (strpos($value, ".")) ? substr($value ."00", 0, 4) : $value .".00";
}
function discussion_moderate($moderate) {
global $user, $comment_votes;
@ -249,10 +244,10 @@ function comment_post($pid, $sid, $subject, $comment) {
global $user, $theme;
### Check for fake threads:
$fake = db_result(db_query("SELECT COUNT(*) FROM stories WHERE id = $sid"), 0);
$fake = db_result(db_query("SELECT COUNT(id) FROM stories WHERE id = $sid"), 0);
### Check for duplicate comments:
$duplicate = db_result(db_query("SELECT COUNT(*) FROM comments WHERE pid = '$pid' AND sid = '$sid' AND subject = '". check_input($subject) ."' AND comment = '". check_input($comment) ."'"), 0);
$duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$pid' AND sid = '$sid' AND subject = '". check_input($subject) ."' AND comment = '". check_input($comment) ."'"), 0);
if ($fake != 1) {
watchdog("error", "discussion: attempt to insert fake comment");

View File

@ -83,7 +83,7 @@ $themes = array("Marvin" => array(
"classic theme, white, basic design with a fresh look"),
"Zaphod" => array(
"themes/zaphod/zaphod.theme",
"classis theme, yellow, structured, advanced navigation"),
"classic theme, yellow, structured, advanced navigation"),
"UnConeD" => array(
"themes/unconed/unconed.theme",
"modern theme, gray and blue, high coolness factor"));
@ -129,7 +129,7 @@ $submission_rate = array("comment" => "60", // 60 seconds = 1 minute
# the maximum length (i.e. the maximum number of characters) a
# story, a diary entry, or a comment is allowed to be.
#
$submission_size = 6000; // 6.000 characters is more or less 150 lines
$submission_size = 12000; // 12.000 characters is more or less 300 lines
#
# Watchdog history:

View File

@ -18,6 +18,11 @@ function load_theme() {
return new Theme();
}
function discussion_score($comment) {
$value = ($comment->votes) ? ($comment->score / $comment->votes) : (($comment->score) ? $comment->score : 0);
return (strpos($value, ".")) ? substr($value ."00", 0, 4) : $value .".00";
}
function check_field($message) {
return str_replace("\"", "&quot;", stripslashes($message));
}

View File

@ -103,7 +103,7 @@ function display_calendar($theme, $date) {
}
function display_account($theme) {
global $user;
global $user, $site_name;
if ($user->id) {
@ -113,15 +113,22 @@ function display_account($theme) {
}
### Display account settings:
$content = "<LI><A HREF=\"account.php\">view your information</A></LI>";
$content .= "<LI><A HREF=\"account.php?op=user\">edit your information</A></LI>";
$content .= "<LI><A HREF=\"account.php?op=page\">customize your page</A></LI>";
$content .= "<LI><A HREF=\"account.php?op=discussion\">track your comments</A></LI>";
$content .= "<LI><A HREF=\"submission.php\">moderate submissions</A> (<FONT COLOR=\"red\">". submission_number() ."</FONT>)</LI>";
$content .= "<LI><A HREF=\"diary.php?op=view&name=$user->userid\">update your diary</A></LI>";
$content .= "<LI><A HREF=\"account.php?op=logout\">logout</A></LI>";
$content .= "<LI><A HREF=\"account.php?op=track&topic=comments\">track your comments</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=track&topic=stories\">track your stories</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=track&topic=site\">track $site_name</A></LI>\n";
$content .= "<P>\n";
$content .= "<LI><A HREF=\"submission.php\">submission queue</A> (<FONT COLOR=\"red\">". submission_number() ."</FONT>)</LI>\n";
$content .= "<P>\n";
$content .= "<LI><A HREF=\"account.php?op=edit&topic=diary\">edit your diary</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=edit&topic=user\">edit your information</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=edit&topic=page\">edit your settings</A></LI>\n";
$content .= "<P>\n";
$content .= "<LI><A HREF=\"account.php?op=view&topic=diary\">view your diary</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=view&topic=info\">view your information</A></LI>\n";
$content .= "<P>\n";
$content .= "<LI><A HREF=\"account.php?op=logout\">logout</A></LI>\n";
$theme->box("$user->userid's account", "$content");
$theme->box("$user->userid's account", "$content", "NOWRAP");
}
}

View File

@ -39,17 +39,17 @@
<TABLE BORDER="0" CELLPADDING="8" CELLSPACING="0">
<TR>
<TD WIDTH="30" ROWSPAN="3">&nbsp;</TD>
<TD WIDTH="440"><A HREF=""><IMG SRC="themes/marvin/images/logo.gif" ALT="drop.org" BORDER="0"></A></TD>
<TD WIDTH="180">
<TD><A HREF=""><IMG SRC="themes/marvin/images/logo.gif" ALT="drop.org" BORDER="0"></A></TD>
<TD>
<LI>Create an <A HREF="account.php?op=register">account</A> and <A HREF="submit.php">submit</A> new stories.</LI>
<LI>Send your questions, feedback and bug reports to <A HREF="mailto:info@drop.org">info@drop.org</A>.</LI>
</TD>
</TR>
<TR>
<TD ALIGN="right" COLSPAN="2"><SMALL><A HREF="">home</A> | <A HREF="faq.php">faq</A> | <A HREF="diary.php">diary</A> | <A HREF="search.php">search</A> | <A HREF="submit.php">submit news</A> | <A HREF="account.php">user account</A></SMALL></TD>
<TD ALIGN="right" COLSPAN="2"><SMALL><A HREF="/">home</A> | <A HREF="faq.php">faq</A> | <A HREF="diary.php">diary</A> | <A HREF="search.php">search</A> | <A HREF="submit.php">submit news</A> | <A HREF="account.php">user account</A></SMALL></TD>
</TR>
<TR>
<TD VALIGN="top" WIDTH="440">
<TD VALIGN="top" WIDTH="100%">
<?
}
@ -223,16 +223,16 @@
}
######
# Syntax.......: box($subject, $body);
# Syntax.......: box($subject, $body, $options = "");
# Description..: a function to draw a box/block.
function box($subject, $content) {
function box($subject, $content, $options = "") {
print "\n<!-- box: \"$subject\" -->\n";
print "<TABLE BORDER=\"0\" CELLPADDING=\"0\" CELLSPACING=\"0\" BGCOLOR=\"#000000\" WIDTH=\"100%\">\n";
print " <TR>\n";
print " <TD>\n";
print " <TD $wrap>\n";
print " <TABLE BORDER=\"0\" CELLPADDING=\"5\" CELLSPACING=\"1\" WIDTH=\"100%\">\n";
print " <TR><TD ALIGN=\"center\" BGCOLOR=\"$this->bgcolor1\" WIDTH=\"100%\"><FONT COLOR=\"$this->fgcolor1\"><B>$subject</B></FONT></TD></TR>\n";
print " <TR><TD BGCOLOR=\"#FFFFFF\">$content</TD></TR>\n";
print " <TR><TD BGCOLOR=\"#FFFFFF\" $options>$content</TD></TR>\n";
print " </TABLE>\n";
print " </TD>\n";
print " </TR>\n";
@ -246,7 +246,7 @@
function footer() {
?>
</TD>
<TD VALIGN="top" WIDTH="180">
<TD VALIGN="top">
<?
global $PHP_SELF;
@ -306,6 +306,9 @@
}
}
else {
### Display account:
display_account($this);
### Display new headlines:
display_new_headlines($this);
}
@ -314,7 +317,7 @@
</TR>
<TR>
<TD ALIGN="center" COLSPAN="3">
<SMALL>[ <A HREF="">home</A> | <A HREF="faq.php">faq</A> | <A HREF="diary.php">diary</A> | <A HREF="search.php">search</A> | <A HREF="submit.php">submit news</A> | <A HREF="account.php">user account</A> ]</SMALL>
<SMALL>[ <A HREF="/">home</A> | <A HREF="faq.php">faq</A> | <A HREF="diary.php">diary</A> | <A HREF="search.php">search</A> | <A HREF="submit.php">submit news</A> | <A HREF="account.php">user account</A> ]</SMALL>
</TD>
</TR>
</TABLE>

View File

@ -284,8 +284,7 @@
######
# Syntax.......: box($title, $body);
# Description..: a function to draw a box/block.
function box($subject, $content) {
function box($subject, $content, $options = "") {
?>
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="0" BGCOLOR="<? echo $this->brcolor1; ?>" WIDTH="100%">
<TR><TD>
@ -293,7 +292,7 @@
print "<TABLE BORDER=\"0\" CELLPADDING=\"3\" CELLSPACING=\"1\" WIDTH=\"100%\">";
print " <TR><TD ALIGN=\"center\" BGCOLOR=\"$this->bgcolor1\"><FONT COLOR=\"$this->fgcolor1\"><B>$subject</B></FONT></TD></TR>";
print " <TR><TD BGCOLOR=\"$this->bgcolor2\">$content</TD></TR>";
print " <TR><TD BGCOLOR=\"$this->bgcolor2\" $options>$content</TD></TR>";
print "</TABLE>";
?>