From 8a866e6d51ba27eecc186e7001bfcc4af42e6dfe Mon Sep 17 00:00:00 2001 From: Dries Buytaert Date: Thu, 2 Nov 2000 09:23:07 +0000 Subject: [PATCH] - Fixed quote bug in the comment tracker. (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ... --- account.php | 10 +++--- admin.php | 69 ++++++++++++++++---------------------- discussion.php | 6 ++-- includes/admin.inc | 2 +- includes/calendar.inc | 2 +- includes/config.inc | 16 ++++----- includes/story.inc | 14 ++++++++ includes/template.inc | 4 +-- submit.php | 4 ++- themes/marvin/marvin.theme | 37 +++----------------- 10 files changed, 71 insertions(+), 93 deletions(-) create mode 100644 includes/story.inc diff --git a/account.php b/account.php index 9c5a4e63d66..79267fa9ab3 100644 --- a/account.php +++ b/account.php @@ -204,9 +204,9 @@ function account_user($uname) { $result = db_query("SELECT c.cid, c.pid, c.sid, c.subject, c.timestamp, s.subject AS story FROM comments c LEFT JOIN users u ON u.id = c.author LEFT JOIN stories s ON s.id = c.sid WHERE u.userid = '$uname' AND c.timestamp > ". (time() - 1209600) ." ORDER BY cid DESC LIMIT 10"); while ($comment = db_fetch_object($result)) { $box2 .= "\n"; - $box2 .= " \n"; + $box2 .= " \n"; $box2 .= " \n"; - $box2 .= " \n"; + $box2 .= " \n"; $box2 .= "
Comment:sid&cid=$comment->cid&pid=$comment->pid\">$comment->subject
Comment:sid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."
Date:". format_date($comment->timestamp) ."
Story:sid\">$comment->story
Story:sid\">". check_output($comment->story) ."
\n"; $box2 .= "

\n"; $comments++; @@ -348,17 +348,17 @@ function account_password($min_length=6) { function account_comments() { global $theme, $user; - $info = "

This page might be helpful in case you want to keep track of your most recent comments in any of the discussions. You are given an overview of your comments in each of the stories you participates in along with the number of replies each comment got.\n

\n"; + $info = "

This page might be helpful in case you want to keep track of your recent comments in any of the current discussions. You are presented an overview of your comments in each of the stories you participated in along with the number of replies each comment got.\n

\n"; $sresult = db_query("SELECT s.id, s.subject, COUNT(s.id) as count FROM comments c LEFT JOIN stories s ON c.sid = s.id WHERE c.author = $user->id GROUP BY s.id DESC LIMIT 5"); while ($story = db_fetch_object($sresult)) { - $output .= "

  • ". format_plural($story->count, comment, comments) ." in story `id\">$story->subject`:
    • \n"; + $output .= "
  • ". format_plural($story->count, comment, comments) ." in story `id\">". check_output($story->subject) ."`:
    • \n"; $output .= " \n"; } diff --git a/admin.php b/admin.php index 18c39747120..105d9645a39 100644 --- a/admin.php +++ b/admin.php @@ -1,28 +1,13 @@ userid != "Dries") exit(); - if(!$PHP_AUTH_USER) { - Header("WWW-Authenticate: Basic realm=\"Admin Area\""); - Header("HTTP/1.0 401 Unauthorized"); - echo "The cow says: Moo! You can't come in!\n"; - exit; - } else { - if ($PHP_AUTH_PW != "mOo!") - { - Header("WWW-Authenticate: Basic realm=\"Admin Area\""); - Header("HTTP/1.0 401 Unauthorized"); - echo "The cow says: Moo! You can't come in!\n"; - exit; - } - } + // TEMPORARY SOLUTION: + if ($user->id > 4) exit; /* * Account administration: */ - function account_display($order = "username") { - $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "homepage" => "url", "hostname" => "last_host", "last access date" => "last_access", "real e-mail address" => "real_email", "real name" => "name", "status" => "status", "theme" => "theme", "username" => "userid"); + $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "homepage" => "url", "hostname" => "last_host", "last access date" => "last_access", "real e-mail address" => "real_email", "real name" => "name", "status" => "status", "theme" => "theme", "timezone" => "timezone", "username" => "userid"); $show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "status" => "status"); $stat = array(0 => "blocked", 1 => "not confirmed", 2 => "open"); @@ -63,6 +48,9 @@ function account_display($order = "username") { case "status": $output .= " ". $stat[$account[$value]] ."\n"; break; + case "timezone": + $output .= " ". format_data($account[$value] / 3600) ."\n"; + break; case "url": $output .= " ". format_url($account[$value]) ."\n"; break; @@ -84,7 +72,7 @@ function account_display($order = "username") { function account_stories($id) { $result = db_query("SELECT * FROM stories WHERE author = $id ORDER BY timestamp DESC"); while ($story = db_fetch_object($result)) { - $output .= "
  • id\">$story->subject
    • \n"; + $output .= "
  • id\">". check_output($story->subject) ."
    • \n"; } return $output; } @@ -92,7 +80,7 @@ function account_stories($id) { function account_comments($id) { $result = db_query("SELECT * FROM comments WHERE author = $id ORDER BY timestamp DESC"); while ($comment = db_fetch_object($result)) { - $output .= "
  • sid&cid=$comment->cid&pid=$comment->pid\">$comment->subject
    • \n"; + $output .= "
  • sid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."
    • \n"; } return $output; } @@ -115,6 +103,7 @@ function account_view($name) { $output .= " Bio information:". format_data($account->bio) ."\n"; $output .= " Signature:". format_data($account->signature) ."\n"; $output .= " Theme:". format_data($account->theme) ."\n"; + $output .= " Timezone:". format_data($account->timezone / 3600) ."\n"; $output .= " Submitted stories:". format_data(account_stories($account->id)) ."\n"; $output .= " Submitted comments:". format_data(account_comments($account->id)) ."\n"; $output .= "\n"; @@ -123,9 +112,9 @@ function account_view($name) { } /* - * Log administration: + * Watchdog administration: */ -function log_display($order = "date") { +function watchdog_display($order = "date") { $colors = array("#FFFFFF", "#FFFFFF", "#90EE90", "#CD5C5C"); $fields = array("date" => "id DESC", "username" => "user", "location" => "location", "message" => "message DESC", "level" => "level DESC"); @@ -136,7 +125,7 @@ function log_display($order = "date") { $output .= "\n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; $output .= " \n"; - $output .= " \n"; $output .= " \n"; + $output .= " \n"; $output .= " \n"; $output .= " \n"; - while ($log = db_fetch_object($result)) { - $output .= " level] ."\">\n"; + while ($watchdog = db_fetch_object($result)) { + $output .= " level] ."\">\n"; } $output .= "
    \n"; - $output .= "
    \n"; + $output .= " \n"; $output .= "
    dateusermessageuseroperations
    ". format_date($log->timestamp) ."". format_username($log->userid, 1) ."". substr($log->message, 0, 44) ."id\">more
    ". format_date($watchdog->timestamp) ."". substr(check_output($watchdog->message), 0, 44) ."". format_username($watchdog->userid, 1) ."id\">more
    \n"; @@ -162,17 +151,17 @@ function log_display($order = "date") { print $output; } -function log_view($id) { +function watchdog_view($id) { $result = db_query("SELECT l.*, u.userid FROM watchdog l LEFT JOIN users u ON l.user = u.id WHERE l.id = $id"); - if ($log = db_fetch_object($result)) { + if ($watchdog = db_fetch_object($result)) { $output .= "\n"; - $output .= " \n"; - $output .= " \n"; - $output .= " \n"; - $output .= " \n"; - $output .= " \n"; - $output .= " \n"; + $output .= " \n"; + $output .= " \n"; + $output .= " \n"; + $output .= " \n"; + $output .= " \n"; + $output .= " \n"; $output .= "
    Level:$log->level
    Date:". format_date($log->timestamp, "extra large") ."
    User:". format_username($log->userid, 1) ."
    Location:$log->location
    Message:$log->message
    Hostname:$log->hostname
    Level:$watchdog->level
    Date:". format_date($watchdog->timestamp, "extra large") ."
    User:". format_username($watchdog->userid, 1) ."
    Location:$watchdog->location
    Message:$watchdog->message
    Hostname:$watchdog->hostname
    \n"; print $output; } @@ -331,7 +320,7 @@ function comment_display($order = "date") { $output .= " \n"; while ($comment = db_fetch_object($result)) { - $output .= " sid&cid=$comment->cid&pid=$comment->pid\">$comment->subject". format_username($comment->userid, 1) ."cid\">edit\n"; + $output .= " sid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."". format_username($comment->userid, 1) ."cid\">edit\n"; } $output .= "\n"; @@ -562,7 +551,7 @@ function story_display($order = "date") { $output .= " \n"; while ($story = db_fetch_object($result)) { - $output .= " id\">$story->subject". format_username($story->userid, 1) ."$story->category". $status[$story->status] ."id\">edit\n"; + $output .= " id\">". check_output($story->subject) ."". format_username($story->userid, 1) ."$story->category". $status[$story->status] ."id\">edit\n"; } $output .= "\n"; @@ -675,16 +664,16 @@ switch ($section) { ban_display($category); } break; - case "logs": + case "watchdog": switch ($op) { case "view": - log_view($id); + watchdog_view($id); break; case "Update": - log_display($order); + watchdog_display($order); break; default: - log_display(); + watchdog_display(); } break; case "stats": diff --git a/discussion.php b/discussion.php index b5f8805f58c..24c6d6ab069 100644 --- a/discussion.php +++ b/discussion.php @@ -152,7 +152,7 @@ function discussion_display($sid, $pid, $cid, $level = 0) { } function discussion_reply($pid, $sid) { - global $user, $theme; + global $user, $theme, $allowed_html; ### Extract parent-information/data: if ($pid) { @@ -183,6 +183,7 @@ function discussion_reply($pid, $sid) { $output .= "

    \n"; $output .= " Comment:
    \n"; $output .= "
    \n"; + $output .= " Allowed HTML tags: ". htmlspecialchars($allowed_html) .".\n"; $output .= "

    \n"; ### Hidden fields: @@ -197,7 +198,7 @@ function discussion_reply($pid, $sid) { } function comment_preview($pid, $sid, $subject, $comment) { - global $user, $theme; + global $user, $theme, $allowed_html; ### Preview comment: $theme->comment($user->userid, check_output($subject), check_output($comment), time(), check_output($user->url), check_output($user->fake_email), "", "", "", "reply to this comment"); @@ -221,6 +222,7 @@ function comment_preview($pid, $sid, $subject, $comment) { $output .= "

    \n"; $output .= " Comment:
    \n"; $output .= "
    \n"; + $output .= " Allowed HTML tags: ". htmlspecialchars($allowed_html) .".\n"; $output .= "

    \n"; ### Hidden fields: diff --git a/includes/admin.inc b/includes/admin.inc index 5f7d889ae9d..08c8642c4dd 100644 --- a/includes/admin.inc +++ b/includes/admin.inc @@ -34,7 +34,7 @@ function admin_header() { admin_icon("accounts"); admin_icon("misc"); admin_icon("bans"); - admin_icon("logs"); + admin_icon("watchdog"); admin_icon("stats"); admin_icon("info"); admin_icon("home"); diff --git a/includes/calendar.inc b/includes/calendar.inc index 561363c3343..3748c36997e 100644 --- a/includes/calendar.inc +++ b/includes/calendar.inc @@ -1,6 +1,6 @@ userid = $userid; + $this->subject = $subject; + $this->abstract = $abstract; + $this->article = $article; + $this->category = $category; + $this->timestamp = $timestamp; + } +} + +?> \ No newline at end of file diff --git a/includes/template.inc b/includes/template.inc index 0190d4293e3..61d1d97dbe0 100644 --- a/includes/template.inc +++ b/includes/template.inc @@ -12,7 +12,7 @@ function display_moderation_results($theme, $story) { $output .= "

    \n"; $output .= "Other people voted:
    \n"; - $result = db_query("SELECT * FROM users WHERE history LIKE '%s$story->id%'"); + $result = db_query("SELECT * FROM users WHERE id != $user->id AND history LIKE '%s$story->id%'"); while ($account = db_fetch_object($result)) { $output .= "". format_username($account->userid) ." voted `". user_getHistory($account->history, "s$story->id") ."'.
    "; } @@ -98,7 +98,7 @@ function display_new_headlines($theme, $num = 10) { function display_calendar($theme, $date) { include "includes/calendar.inc"; - $calendar = new calendar($date); + $calendar = new Calendar($date); $theme->box("Browse archives", $calendar->display()); } diff --git a/submit.php b/submit.php index f255fde5b50..18eeb2a429f 100644 --- a/submit.php +++ b/submit.php @@ -58,6 +58,8 @@ function submit_enter() { function submit_preview($subject, $abstract, $article, $category) { global $categories, $allowed_html, $theme, $user; + include "includes/story.inc"; + $output .= "\n"; $output .= "

    \n"; @@ -118,7 +120,7 @@ function submit_preview($subject, $abstract, $article, $category) { $output .= "\n"; $theme->header(); - $theme->preview($user->userid, check_output($subject), check_output($abstract), "", check_output($article), format_date(time(), "extra large"), check_output($category), "we-hate-typoes"); + $theme->article(new Story($user->userid, check_output($subject), check_output($abstract), check_output($article), check_output($category), time())); $theme->box("Submit a story", $output); $theme->footer(); } diff --git a/themes/marvin/marvin.theme b/themes/marvin/marvin.theme index 3bd0d154c97..5512ebe1b6a 100644 --- a/themes/marvin/marvin.theme +++ b/themes/marvin/marvin.theme @@ -38,7 +38,7 @@ - + \n"; print " \n"; print " \n"; print " \n"; print " \n"; @@ -86,13 +86,13 @@ # comments). It's what you get when you followed for # instance one of read-more links on the main page. function article($story, $reply) { - print "\n\n"; + print "\n\n"; print "
       drop.org
  • Create an account and submit new stories.
    • @@ -64,7 +64,7 @@ print "
    \"\"
    \n"; - print " Posted by ". format_username($story->userid) ." on ". format_date($story->timestamp, "extra large"). ""; ?>department) print "
    from the $story->department dept."; ?>    		category) ."\">$story->category\n"; + print " Submitted by ". format_username($story->userid) ." on ". format_date($story->timestamp, "extra large"). ""; ?>department) print "
    from the $story->department dept."; ?>    		category) ."\">$story->category\n"; print "
     
    \n"; print " \n"; print " \n"; print " \n"; print " \n"; print " \n"; print " \n"; @@ -230,35 +230,6 @@ print "
    \n\n"; } - ###### - # Syntax.......: preview(...); - # Description..: this function is used to preview a story and is used at - # different parts of the homepage: when a visitors sumbits - # news, when an editor wants to post news, when people - # check the entries in the sumbission queue, etc. - function preview($author, $subject, $abstract, $updates, $article, $timestamp, $category, $department) { - print "
    \"\"   $story->subject
    \"\"
    \n"; - print " Posted by ". format_username($story->userid) ." on ". format_date($story->timestamp, "extra large") .""; ?>department) print "
    from the $story->department dept."; ?>    		category) ."\">$story->category\n"; + print " Submitted by ". format_username($story->userid) ." on ". format_date($story->timestamp, "extra large") .""; ?>department) print "
    from the $story->department dept."; ?>    		category) ."\">$story->category\n"; print "
     
    "; - print " "; - print " "; - print " "; - print " "; - print " "; - print " "; - print " "; - print " "; - print " "; - print " "; - print " "; - print "
    $subject
    \"\"
    "; - print " Posted by ". format_username($author) ." on $timestamp"; ?>from the $department dept."; ?>$category\n"; - print "
     
    "; - if ($abstract) print "

    ". check_output($abstract, 1) ."

    "; - if ($comments) print "

    bgcolor2\">Editor's note: ". check_output($comments, 1) ."

    "; - if ($article) print "

    ". check_output($article, 1) ."

    "; - print "
     
    $link
    "; - print "

    "; - } - ###### # Syntax.......: box($subject, $body); # Description..: a function to draw a box/block.