diff options
| author | Dries Buytaert <dries@buytaert.net> | 2000-10-10 10:51:00 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2000-10-10 10:51:00 +0000 |
| commit | 73077e8778cfd890f51023f6683e70904317cc6f (patch) | |
| tree | 11b301ad20fab849befa36fd0f14f49b91338efc | |
| parent | 44af9b9b43d7bc7b299fbf6beced1055be127e91 (diff) | |
| download | brdo-73077e8778cfd890f51023f6683e70904317cc6f.tar.gz brdo-73077e8778cfd890f51023f6683e70904317cc6f.tar.bz2 | |
A lot of (non-visual) updates!
| -rw-r--r-- | account.php | 391 | ||||
| -rw-r--r-- | admin.php | 345 | ||||
| -rw-r--r-- | backend.php | 4 | ||||
| -rw-r--r-- | diary.php | 2 | ||||
| -rw-r--r-- | discussion.php | 18 | ||||
| -rw-r--r-- | error.php | 5 | ||||
| -rw-r--r-- | faq.php | 5 | ||||
| -rw-r--r-- | index.php | 2 | ||||
| -rw-r--r-- | search.php | 2 | ||||
| -rw-r--r-- | submission.php | 10 | ||||
| -rw-r--r-- | submit.php | 2 |
11 files changed, 522 insertions, 264 deletions
diff --git a/account.php b/account.php index c714f1e36..2c30239f5 100644 --- a/account.php +++ b/account.php @@ -1,32 +1,171 @@ <? -include "theme.inc"; +include "includes/theme.inc"; -function account_getUser($uname) { + +function account_get_user($uname) { $result = db_query("SELECT * FROM users WHERE userid = '$uname'"); return db_fetch_object($result); } -function showLogin($userid = "") { - $output .= "<FORM ACTION=\"account.php\" METHOD=post>\n"; - $output .= " <TABLE BORDER=0 CELLPADDING=2 CELLSPACING=2>\n"; - $output .= " <TR><TH>User ID:</TH><TD><INPUT NAME=userid VALUE=\"$userid\"></TD></TR>\n"; - $output .= " <TR><TH>Password:</TH><TD><INPUT NAME=passwd TYPE=password></TD></TR>\n"; - $output .= " <TR><TD ALIGN=center><INPUT NAME=op TYPE=submit VALUE=\"Login\"></TD></TR>\n"; - $output .= " <TR><TD ALIGN=center><A HREF=\"account.php?op=new\">Register</A> as new user.</A></TD></TR>\n"; - $output .= " <TR><TD COLSPAN=2>$user->ublock</TD></TR>\n"; +function account_login($userid = "") { + $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n"; + $output .= " <TABLE BORDER=\"0\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n"; + $output .= " <TR><TH>User ID:</TH><TD><INPUT NAME=\"userid\" VALUE=\"$userid\"></TD></TR>\n"; + $output .= " <TR><TH>Password:</TH><TD><INPUT NAME=\"passwd\" TYPE=\"password\"></TD></TR>\n"; + $output .= " <TR><TD ALIGN=\"center\"><INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Login\"></TD></TR>\n"; + $output .= " <TR><TD ALIGN=\"center\"><A HREF=\"account.php?op=new\">Register</A> as new user.</A></TD></TR>\n"; + $output .= " <TR><TD COLSPAN=\"2\">$user->ublock</TD></TR>\n"; $output .= " </TABLE>\n"; $output .= "</FORM>\n"; return $output; } -function showAccess() { - global $user, $access; - foreach ($access as $key=>$value) if ($user->access & $value) $result .= "$key<BR>"; - return $result; +function account_session_start($userid, $passwd) { + global $user; + session_start(); + $user = new User($userid, $passwd); + if ($user && user_valid()) { + session_register("user"); + watchdog(1, "session opened for user `$user->userid'."); + } + else { + watchdog(2, "failed login for user `$userid'."); + } +} + +function account_session_close() { + global $user; + watchdog(1, "session closed for user `$user->userid'."); + session_unset(); + session_destroy(); + unset($user); +} + +function account_user_edit() { + global $theme, $user; + + if ($user->id && user_valid()) { + ### Generate output/content: + $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n"; + $output .= "<B>Real name:</B><BR>\n"; + $output .= "<INPUT NAME=\"edit[name]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->name\"><BR>\n"; + $output .= "<I>Optional.</I><P>\n"; + $output .= "<B>Real e-mail address:</B><BR>\n"; + $output .= "<INPUT NAME=\"edit[email]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->email\"><BR>\n"; + $output .= "<I>Required, but never displayed publicly: needed in case you lose your password.</I><P>\n"; + $output .= "<B>Fake e-mail address:</B><BR>\n"; + $output .= "<INPUT NAME=\"edit[femail]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->femail\"><BR>\n"; + $output .= "<I>Optional, and displayed publicly by your comments. You may spam proof it if you want.</I><P>\n"; + $output .= "<B>URL of homepage:</B><BR>\n"; + $output .= "<INPUT NAME=\"edit[url]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"$user->url\"><BR>\n"; + $output .= "<I>Optional, but make sure you enter fully qualified URLs only. That is, remember to include \"http://\".</I><P>\n"; + $output .= "<B>Bio:</B> (255 char. limit)<BR>\n"; + $output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->bio</TEXTAREA><BR>\n"; + $output .= "<I>Optional. This biographical information is publicly displayed on your user page.</I><P>\n"; + $output .= "<B>Singature:</B> (255 char. limit)<BR>\n"; + $output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$user->signature</TEXTAREA><BR>\n"; + $output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n"; + $output .= "<B>Password:</B><BR>\n"; + $output .= "<INPUT TYPE=\"password\" NAME=\"edit[pass1]\" SIZE=\"10\" MAXLENGTH=\"20\"><INPUT TYPE=\"password\" NAME=\"edit[pass2]\" SIZE=\"10\" MAXLENGTH=\"20\"><BR>\n"; + $output .= "<I>Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.</I><P>\n"; + $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save user information\"><BR>\n"; + $output .= "</FORM>\n"; + + ### Display output/content: + $theme->header(); + $theme->box("Edit your information", $output); + $theme->footer(); + } + else { + $theme->header(); + $theme->box("Login", account_login($userid)); + $theme->footer(); + } +} + +function account_user_save($edit) { + global $user; + if ($user && user_valid()) { + $data[name] = $edit[name]; + $data[email] = $edit[email]; + $data[femail] = $edit[femail]; + $data[url] = $edit[url]; + $data[bio] = $edit[bio]; + $data[signature] = $edit[signature]; + if ($edit[pass1] == $edit[pass2] && !empty($edit[pass1])) { $data[passwd] = $edit[pass1]; } + dbsave("users", $data, $user->id); + user_rehash(); + } +} + +function account_page_edit() { + global $theme, $themes, $user; + + if ($user && user_valid()) { + ### Generate output/content: + $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n"; + $output .= "<B>Theme:</B><BR>\n"; + + ### Loop (dynamically) through all available themes: + foreach ($themes as $key=>$value) { + $options .= "<OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>"; + } + + $output .= "<SELECT NAME=\"edit[theme]\">$options</SELECT><BR>\n"; + $output .= "<I>Selecting a different theme will change the look and feel of the site.</I><P>\n"; + $output .= "<B>Maximum number of stories:</B><BR>\n"; + $output .= "<INPUT NAME=\"edit[storynum]\" MAXLENGTH=\"3\" SIZE=\"3\" VALUE=\"$user->storynum\"><P>\n"; + $output .= "<I>The maximum number of stories that will be displayed on the main page.</I><P>\n"; + $options = "<OPTION VALUE=\"nested\"". ($user->umode == "nested" ? " SELECTED" : "") .">Nested</OPTION>"; + $options .= "<OPTION VALUE=\"flat\"". ($user->umode == "flat" ? " SELECTED" : "") .">Flat</OPTION>"; + $options .= "<OPTION VALUE=\"threaded\"". ($user->umode == "threaded" ? " SELECTED" : "") .">Threaded</OPTION>"; + $output .= "<B>Comment display mode:</B><BR>\n"; + $output .= "<SELECT NAME=\"edit[umode]\">$options</SELECT><P>\n"; + $options = "<OPTION VALUE=\"0\"". ($user->uorder == 0 ? " SELECTED" : "") .">Oldest first</OPTION>"; + $options .= "<OPTION VALUE=\"1\"". ($user->uorder == 1 ? " SELECTED" : "") .">Newest first</OPTION>"; + $options .= "<OPTION VALUE=\"2\"". ($user->uorder == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>"; + $output .= "<B>Comment sort order:</B><BR>\n"; + $output .= "<SELECT NAME=\"edit[uorder]\">$options</SELECT><P>\n"; + $options = "<OPTION VALUE=\"-1\"". ($user->thold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>"; + $options .= "<OPTION VALUE=\"0\"". ($user->thold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>"; + $options .= "<OPTION VALUE=\"1\"". ($user->thold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>"; + $options .= "<OPTION VALUE=\"2\"". ($user->thold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>"; + $options .= "<OPTION VALUE=\"3\"". ($user->thold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>"; + $options .= "<OPTION VALUE=\"4\"". ($user->thold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>"; + $options .= "<OPTION VALUE=\"5\"". ($user->thold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>"; + $output .= "<B>Comment threshold:</B><BR>\n"; + $output .= "<SELECT NAME=\"edit[thold]\">$options</SELECT><BR>\n"; + $output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n"; + $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save page settings\"><BR>\n"; + $output .= "</FORM>\n"; + + ### Display output/content: + $theme->header(); + $theme->box("Customize your page", $output); + $theme->footer(); + } + else { + $theme->header(); + $theme->box("Login", account_login($userid)); + $theme->footer(); + } +} + +function account_page_save($edit) { + global $user; + if ($user && user_valid()) { + $data[theme] = $edit[theme]; + $data[storynum] = $edit[storynum]; + $data[umode] = $edit[umode]; + $data[uorder] = $edit[uorder]; + $data[thold] = $edit[thold]; + dbsave("users", $data, $user->id); + user_rehash(); + } } -function showUser($uname) { +function account_user($uname) { global $user, $theme; if ($user && $uname && $user->userid == $uname) { @@ -45,7 +184,7 @@ function showUser($uname) { $theme->box("Your user information", $output); $theme->footer(); } - elseif ($uname && $account = account_getUser($uname)) { + elseif ($uname && $account = account_get_user($uname)) { $box1 .= "<TABLE BORDER=\"0\" CELLPADDING=\"1\" CELLSPACING=\"1\">\n"; $box1 .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n"; $box1 .= " <TR><TD ALIGN=\"right\"><B>E-mail:</B></TD><TD>". format_email_address($account->femail) ."</TD></TR>\n"; @@ -80,12 +219,40 @@ function showUser($uname) { else { ### Display login form: $theme->header(); - $theme->box("Login", showLogin($userid)); + $theme->box("Login", account_login($userid)); $theme->footer(); } } -function newUser($user = "", $error = "") { +function account_register() { + if ($rval = account_validate($new)) { + account_new($new, "<B>Error: $rval</B>"); + } + else { + ### Generate new password: + $new[passwd] = account_password(); + dbsave("users", $new); + + if ($mail == 1) { + ### Display account information: + $theme->header(); + $theme->box("Account details", "Your password is: <B>$new[passwd]</B><BR><A HREF=\"account.php?op=Login&userid=$new[userid]&passwd=$new[passwd]\">Login</A> to change your personal settings."); + $theme->footer(); + } + else { + ### Send e-mail with account details: + mail($new[email], "Account details for $sitename", "$new[userid],\n\nyour $sitename member account has been created succesfully. To be able to use it, you must login using the information below. Please save this mail for further reference.\n\n username: $new[userid]\n e-mail: $new[email]\n password: $new[passwd]\n\nThis password is generated by a randomizer. It is recommended that you change this password immediately.\n\n$contact_signature", "From: $contact_email\nX-Mailer: PHP/" . phpversion()); + + ### Display account information: + $theme->header(); + $theme->box("Account details", "Your member account has been created and the details necessary to login have been sent to your e-mail account <B>$new[email]</B>. Once you received the account confirmation, hit <A HREF=\"account.php\">this link</A> to login."); + $theme->footer(); + } + watchdog(1, "new user `$new[userid]' registered with e-mail address `$new[email]'"); + } +} + +function account_new($user = "", $error = "") { global $theme; $output .= "<FORM ACTION=\"account.php\" METHOD=post>\n"; @@ -103,8 +270,8 @@ function newUser($user = "", $error = "") { $theme->footer(); } -function validateUser($user) { - include "ban.inc"; +function account_validate($user) { + include "includes/ban.inc"; ### Verify username and e-mail address: $user[userid] = trim($user[userid]); @@ -123,15 +290,15 @@ function validateUser($user) { return($rval); } -function account_makePassword($min_length=6) { +function account_password($min_length=6) { mt_srand((double)microtime() * 1000000); $words = array("foo","bar","guy","neo","tux","moo","sun","asm","dot","god","axe","geek","nerd","fish","hack","star","mice","warp","moon","hero","cola","girl","fish","java","perl","boss","dark","sith","jedi","drop","mojo"); while(strlen($password) < $min_length) $password .= $words[mt_rand(0, count($words))]; return $password; } -function account_track_comments() { - global $user; +function account_comments() { + global $theme, $user; $output .= "<P>This page might be helpful in case you want to keep track of your most recent comments in any of the discussions. You are given an overview of your comments in each of the stories you participates in along with the number of replies each comment got.\n<P>\n"; @@ -148,192 +315,52 @@ function account_track_comments() { } $output .= " </UL>\n"; } - - return $output; + + $theme->header(); + $theme->box("Track your comments", $output); + $theme->footer(); } switch ($op) { case "Login": - session_start(); - $user = new User($userid, $passwd); - if ($user && user_valid()) { - session_register("user"); - watchdog(1, "session opened for user `$user->userid'."); - } - else { - watchdog(2, "failed login for user `$userid'."); - } - showUser($user->userid); + account_session_start($userid, $passwd); + header("Location: account.php?op=info"); break; case "new": - newUser(); + account_new(); break; case "view": - showUser($name); + account_user($name); break; case "info": - showUser($user->userid); + account_user($user->userid); break; case "discussion": - $theme->header(); - $theme->box("Track your comments", account_track_comments()); - $theme->footer(); + account_comments(); break; case "logout": - watchdog(1, "session closed for user `$user->userid'."); - session_unset(); - session_destroy(); - unset($user); - showUser(); + account_session_close(); + header("Location: account.php"); break; case "Register": - if ($rval = validateUser($new)) { newUser($new, "<B>Error: $rval</B>"); } - else { - ### Generate new password: - $new[passwd] = account_makePassword(); - dbsave("users", $new); - - if ($system == 1) { - ### Display account information: - $theme->header(); - $theme->box("Account details", "Your password is: <B>$new[passwd]</B><BR><A HREF=\"account.php?op=Login&userid=$new[userid]&passwd=$new[passwd]\">Login</A> to change your personal settings."); - $theme->footer(); - } else { - ### Send e-mail with account details: - mail($new[email], "Account details for $sitename", "$user->name,\n\nyour $sitename member account has been created succesfully. To be able to use it, you must login using the information below. Please save this mail for further reference.\n\n username: $new[userid]\n e-mail: $new[email]\n password: $new[passwd]\n\nThis password is generated by a randomizer. It is recommended that you change this password immediately.\n\n$contact_signature", "From: $contact_email\nX-Mailer: PHP/" . phpversion()); - - ### Display account information: - $theme->header(); - $theme->box("Account details", "Your member account has been created and the details necessary to login have been sent to your e-mail account <B>$new[email]</B>. Once you received the account confirmation, hit <A HREF=\"account.php\">this link</A> to login."); - $theme->footer(); - } - - watchdog(1, "new user `$new[userid]' registered with e-mail address `$new[email]'"); - } + account_register($new); break; case "user": - if ($user->id && user_valid()) { - ### Generate output/content: - $output .= "<FORM ACTION=\"account.php\" METHOD=post>\n"; - $output .= "<B>Real name:</B><BR>\n"; - $output .= "<INPUT NAME=\"edit[name]\" MAXLENGTH=55 SIZE=30 VALUE=\"$user->name\"><BR>\n"; - $output .= "<I>Optional.</I><P>\n"; - $output .= "<B>Real e-mail address:</B><BR>\n"; - $output .= "<INPUT NAME=\"edit[email]\" MAXLENGTH=55 SIZE=30 VALUE=\"$user->email\"><BR>\n"; - $output .= "<I>Required, but never displayed publicly: needed in case you lose your password.</I><P>\n"; - $output .= "<B>Fake e-mail address:</B><BR>\n"; - $output .= "<INPUT NAME=\"edit[femail]\" MAXLENGTH=55 SIZE=30 VALUE=\"$user->femail\"><BR>\n"; - $output .= "<I>Optional, and displayed publicly by your comments. You may spam proof it if you want.</I><P>\n"; - $output .= "<B>URL of homepage:</B><BR>\n"; - $output .= "<INPUT NAME=\"edit[url]\" MAXLENGTH=55 SIZE=30 VALUE=\"$user->url\"><BR>\n"; - $output .= "<I>Optional, but make sure you enter fully qualified URLs only. That is, remember to include \"http://\".</I><P>\n"; - $output .= "<B>Bio:</B> (255 char. limit)<BR>\n"; - $output .= "<TEXTAREA NAME=\"edit[bio]\" COLS=35 ROWS=5 WRAP=virtual>$user->bio</TEXTAREA><BR>\n"; - $output .= "<I>Optional. This biographical information is publicly displayed on your user page.</I><P>\n"; - $output .= "<B>User block:</B> (255 char. limit)<BR>\n"; - $output .= "<TEXTAREA NAME=\"edit[ublock]\" COLS=35 ROWS=5 WRAP=virtual>$user->ublock</TEXTAREA><BR>\n"; - $output .= "<INPUT NAME=\"edit[ublockon]\" TYPE=checkbox". ($user->ublockon == 1 ? " CHECKED" : "") ."> Enable user block<BR>\n"; - $output .= "<I>Enable the checkbox and whatever you enter below will appear on your costum main page.</I><P>\n"; - $output .= "<B>Password:</B><BR>\n"; - $output .= "<INPUT TYPE=password NAME=\"edit[pass1]\" SIZE=10 MAXLENGTH=20> <INPUT TYPE=password NAME=edit[pass2] SIZE=10 MAXLENGTH=20><BR>\n"; - $output .= "<I>Enter your new password twice if you want to change your current password or leave it blank if you are happy with your current password.</I><P>\n"; - $output .= "<INPUT TYPE=submit NAME=op VALUE=\"Save user information\"><BR>\n"; - $output .= "</FORM>\n"; - - ### Display output/content: - $theme->header(); - $theme->box("Edit your information", $output); - $theme->footer(); - } - else { - $theme->header(); - $theme->box("Login", showLogin($userid)); - $theme->footer(); - } + account_user_edit(); break; case "page": - if ($user && user_valid()) { - ### Generate output/content: - $output .= "<FORM ACTION=\"account.php\" METHOD=post>\n"; - $output .= "<B>Theme:</B><BR>\n"; - - ### Loop (dynamically) through all available themes: - foreach ($themes as $key=>$value) { - $options .= "<OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>"; - } - - $output .= "<SELECT NAME=\"edit[theme]\">$options</SELECT><BR>\n"; - $output .= "<I>Selecting a different theme will change the look and feel of the site.</I><P>\n"; - $output .= "<B>Maximum number of stories:</B><BR>\n"; - $output .= "<INPUT NAME=\"edit[storynum]\" MAXLENGTH=3 SIZE=3 VALUE=\"$user->storynum\"><P>\n"; - $output .= "<I>The maximum number of stories that will be displayed on the main page.</I><P>\n"; - $options = "<OPTION VALUE=\"nested\"". ($user->umode == 'nested' ? " SELECTED" : "") .">Nested</OPTION>"; - $options .= "<OPTION VALUE=\"flat\"". ($user->umode == 'flat' ? " SELECTED" : "") .">Flat</OPTION>"; - $options .= "<OPTION VALUE=\"threaded\"". ($user->umode == 'threaded' ? " SELECTED" : "") .">Threaded</OPTION>"; - $output .= "<B>Comment display mode:</B><BR>\n"; - $output .= "<SELECT NAME=\"edit[umode]\">$options</SELECT><P>\n"; - $options = "<OPTION VALUE=0". ($user->uorder == 0 ? " SELECTED" : "") .">Oldest first</OPTION>"; - $options .= "<OPTION VALUE=1". ($user->uorder == 1 ? " SELECTED" : "") .">Newest first</OPTION>"; - $options .= "<OPTION VALUE=2". ($user->uorder == 2 ? " SELECTED" : "") .">Highest scoring first</OPTION>"; - $output .= "<B>Comment sort order:</B><BR>\n"; - $output .= "<SELECT NAME=\"edit[uorder]\">$options</SELECT><P>\n"; - $options = "<OPTION VALUE=\"-1\"". ($user->thold == -1 ? " SELECTED" : "") .">-1: Display uncut and raw comments.</OPTION>"; - $options .= "<OPTION VALUE=0". ($user->thold == 0 ? " SELECTED" : "") .">0: Display almost all comments.</OPTION>"; - $options .= "<OPTION VALUE=1". ($user->thold == 1 ? " SELECTED" : "") .">1: Display almost no anonymous comments.</OPTION>"; - $options .= "<OPTION VALUE=2". ($user->thold == 2 ? " SELECTED" : "") .">2: Display comments with score +2 only.</OPTION>"; - $options .= "<OPTION VALUE=3". ($user->thold == 3 ? " SELECTED" : "") .">3: Display comments with score +3 only.</OPTION>"; - $options .= "<OPTION VALUE=4". ($user->thold == 4 ? " SELECTED" : "") .">4: Display comments with score +4 only.</OPTION>"; - $options .= "<OPTION VALUE=5". ($user->thold == 5 ? " SELECTED" : "") .">5: Display comments with score +5 only.</OPTION>"; - $output .= "<B>Comment threshold:</B><BR>\n"; - $output .= "<SELECT NAME=\"edit[thold]\">$options</SELECT><BR>\n"; - $output .= "<I>Comments that scored less than this setting will be ignored. Anonymous comments start at 0, comments of people logged on start at 1 and moderators can add and subtract points.</I><P>\n"; - $output .= "<B>Singature:</B> (255 char. limit)<BR>\n"; - $output .= "<TEXTAREA NAME=\"edit[signature]\" COLS=35 ROWS=5 WRAP=virtual>$user->signature</TEXTAREA><BR>\n"; - $output .= "<I>Optional. This information will be publicly displayed at the end of your comments. </I><P>\n"; - $output .= "<INPUT TYPE=submit NAME=op VALUE=\"Save page settings\"><BR>\n"; - $output .= "</FORM>\n"; - - ### Display output/content: - $theme->header(); - $theme->box("Customize your page", $output); - $theme->footer(); - } - else { - $theme->header(); - $theme->box("Login", showLogin($userid)); - $theme->footer(); - } + account_page_edit(); break; case "Save user information": - if ($user && user_valid()) { - $data[name] = $edit[name]; - $data[email] = $edit[email]; - $data[femail] = $edit[femail]; - $data[url] = $edit[url]; - $data[bio] = $edit[bio]; - $data[ublock] = $edit[ublock]; - $data[ublockon] = $edit[ublockon]; - if ($edit[pass1] == $edit[pass2] && !empty($edit[pass1])) { $data[passwd] = $edit[pass1]; } - dbsave("users", $data, $user->id); - user_rehash(); - } - showUser($user->userid); + account_user_save($edit); + account_user($user->userid); break; case "Save page settings": - if ($user && user_valid()) { - $data[theme] = $edit[theme]; - $data[storynum] = $edit[storynum]; - $data[umode] = $edit[umode]; - $data[uorder] = $edit[uorder]; - $data[thold] = $edit[thold]; - $data[signature] = $edit[signature]; - dbsave("users", $data, $user->id); - user_rehash(); - } + account_page_save($edit); header("Location: account.php?op=info"); break; default: - showUser($user->userid); + account_user($user->userid); } ?>
\ No newline at end of file @@ -3,14 +3,11 @@ // TEMPORARY SECURITY PATCH: if ($user->userid != "Dries") exit(); - /* * Account administration: */ function account_display($order = "username") { - global $PHP_SELF; - $sort = array("ID" => "id", "fake e-mail address" => "femail", "homepage" => "url", "hostname" => "last_host", "last access date" => "last_access", "real e-mail address" => "email", "real name" => "name", "status" => "status", "theme" => "theme", "username" => "userid"); $show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "status" => "status"); @@ -18,11 +15,10 @@ function account_display($order = "username") { $result = db_query("SELECT u.id, u.userid, u.$sort[$order], u.status FROM users u ORDER BY $sort[$order]"); ### Generate output: - $output .= "<H3>Accounts:</H3>\n"; $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR>\n"; $output .= " <TH ALIGN=\"right\" COLSPAN=\"". (sizeof($show) + 1) ."\">\n"; - $output .= " <FORM ACTION=\"$PHP_SELF?section=accounts\" METHOD=\"post\">\n"; + $output .= " <FORM ACTION=\"admin.php?section=accounts\" METHOD=\"post\">\n"; $output .= " <SELECT NAME=\"order\">\n"; foreach ($sort as $key=>$value) { $output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n"; @@ -91,7 +87,6 @@ function account_view($name) { $result = db_query("SELECT * FROM users WHERE userid = '$name'"); if ($account = db_fetch_object($result)) { - $output .= "<H3>Accounts:</H3>\n"; $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR><TD ALIGN=\"right\"><B>ID:</B></TD><TD>$account->id</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n"; @@ -114,8 +109,6 @@ function account_view($name) { * Log administration: */ function log_display($order = "date") { - global $PHP_SELF, $anonymous; - $colors = array("#FFFFFF", "#FFFFFF", "#90EE90", "#CD5C5C"); $fields = array("date" => "id DESC", "username" => "user", "message" => "message DESC", "level" => "level DESC"); @@ -123,11 +116,10 @@ function log_display($order = "date") { $result = db_query("SELECT l.*, u.userid FROM logs l LEFT JOIN users u ON l.user = u.id ORDER BY l.$fields[$order]"); ### Generate output: - $output .= "<H3>Logs:</H3>\n"; $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR>\n"; $output .= " <TH ALIGN=\"right\" COLSPAN=\"4\">\n"; - $output .= " <FORM ACTION=\"$PHP_SELF?section=logs\" METHOD=\"post\">\n"; + $output .= " <FORM ACTION=\"admin.php?section=logs\" METHOD=\"post\">\n"; $output .= " <SELECT NAME=\"order\">\n"; foreach ($fields as $key=>$value) { $output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n"; @@ -145,7 +137,7 @@ function log_display($order = "date") { $output .= " </TR>\n"; while ($log = db_fetch_object($result)) { - $output .= " <TR BGCOLOR=\"". $colors[$log->level] ."\"><TD>". date("D d/m, H:m:s", $log->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($log->userid, 1) ."</A></TD><TD>". substr($log->message, 0, 44) ."</TD><TD ALIGN=\"center\"><A HREF=\"$PHP_SELF?section=logs&op=view&id=$log->id\">more</A></TD></TR>\n"; + $output .= " <TR BGCOLOR=\"". $colors[$log->level] ."\"><TD>". date("D d/m, H:m:s", $log->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($log->userid, 1) ."</A></TD><TD>". substr($log->message, 0, 44) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=logs&op=view&id=$log->id\">more</A></TD></TR>\n"; } $output .= "</TABLE>\n"; @@ -154,14 +146,12 @@ function log_display($order = "date") { } function log_view($id) { - ### Perform query: $result = db_query("SELECT l.*, u.userid FROM logs l LEFT JOIN users u ON l.user = u.id WHERE l.id = $id"); if ($log = db_fetch_object($result)) { - $output .= "<H3>Logs:</H3>\n"; $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Level:</B></TD><TD>$log->level</TD></TR>\n"; - $output .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". date("l, F d, Y - H:i A", $log->timestamp) ."</TD></TR>\n"; + $output .= " <TR><TD ALIGN=\"right\"><B>Date:</B></TD><TD>". format_date($log->timestamp, "extra large") ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>User:</B></TD><TD>". format_username($log->userid, 1) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Message:</B></TD><TD>$log->message</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Hostname:</B></TD><TD>$log->hostname</TD></TR>\n"; @@ -176,20 +166,18 @@ function log_view($id) { function ban_check($mask, $category) { $ban = ban_match($mask, $category); - $output .= "<H3>Status:</H3>\n"; $output .= "". ($ban ? "Matched ban '<B>$ban->mask</B>' with reason: <I>$ban->reason</I>.<P>\n" : "No matching bans for '$mask'.<P>\n") .""; print $output; } function ban_new($mask, $category, $reason) { ban_add($mask, $category, $reason, &$message); - $output .= "<H3>Status:</H3>\n"; $output .= "$message\n"; print $output; } function ban_display($category = "") { - global $PHP_SELF, $type2index; + global $type2index; ### initialize variable: $category = $category ? $category : 1; @@ -198,11 +186,10 @@ function ban_display($category = "") { $result = db_query("SELECT * FROM bans WHERE type = $category ORDER BY mask"); ### Generate output: - $output .= "<H3>Bans:</H3>\n"; $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR>\n"; $output .= " <TH COLSPAN=\"3\">\n"; - $output .= " <FORM ACTION=\"$PHP_SELF?section=bans\" METHOD=\"post\">\n"; + $output .= " <FORM ACTION=\"admin.php?section=bans\" METHOD=\"post\">\n"; $output .= " <SELECT NAME=\"category\">\n"; for (reset($type2index); $cur = current($type2index); next($type2index)) { $output .= " <OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">Sort by ". key($type2index) ."</OPTION>\n"; @@ -219,7 +206,7 @@ function ban_display($category = "") { $output .= " </TR>\n"; while ($ban = db_fetch_object($result)) { - $output .= " <TR><TD>$ban->mask</TD><TD>$ban->reason</TD><TD ALIGN=\"center\"><A HREF=\"$PHP_SELF?section=bans&op=delete&category=$category&id=$ban->id\">delete</A></TD></TR>\n"; + $output .= " <TR><TD>$ban->mask</TD><TD>$ban->reason</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=bans&op=delete&category=$category&id=$ban->id\">delete</A></TD></TR>\n"; } $output .= " <TR><TD COLSPAN=\"3\"><SMALL>%: matches any number of characters, even zero characters.<BR>_: matches exactly one character.</SMALL></TD></TR>\n"; @@ -227,7 +214,7 @@ function ban_display($category = "") { $output .= "<BR><HR>\n"; $output .= "<H3>Add new ban:</H3>\n"; - $output .= "<FORM ACTION=\"$PHP_SELF?section=bans\" METHOD=\"post\">\n"; + $output .= "<FORM ACTION=\"admin.php?section=bans\" METHOD=\"post\">\n"; $output .= "<B>Banmask:</B><BR>\n"; $output .= "<INPUT TYPE=\"text\" NAME=\"mask\" SIZE=\"35\"><P>\n"; $output .= "<B>Type:</B><BR>\n"; @@ -243,7 +230,7 @@ function ban_display($category = "") { $output .= "<BR><HR>\n"; $output .= "<H3>Ban check:</H3>\n"; - $output .= "<FORM ACTION=\"$PHP_SELF?section=bans\" METHOD=\"post\">\n"; + $output .= "<FORM ACTION=\"admin.php?section=bans\" METHOD=\"post\">\n"; $output .= "<B>Banmask:</B><BR>\n"; $output .= "<INPUT TYPE=\"text\" NAME=\"mask\" SIZE=\"35\"><P>\n"; $output .= "<B>Type:</B><BR>\n"; @@ -259,21 +246,219 @@ function ban_display($category = "") { } /* + * Comments administration: + */ + +function comment_edit($id) { + $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = $id"); + + $comment = db_fetch_object($result); + + $output .= "<FORM ACTION=\"admin.php?section=comments&op=save&id=$id\" METHOD=\"post\">\n"; + + $output .= "<P>\n"; + $output .= " <B>Author:</B><BR>\n"; + $output .= " ". format_username($comment->userid, 1) ."\n"; + $output .= "</P>\n"; + + $output .= "<P>\n"; + $output .= " <B>Subject:</B><BR>\n"; + $output .= " <INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". stripslashes($comment->subject) ."\"><BR>\n"; + $output .= "</P>\n"; + + $output .= "<P>\n"; + $output .= "<B>Comment:</B><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". stripslashes($comment->comment) ."</TEXTAREA><BR>\n"; + $output .= "</P>\n"; + + $output .= "<P>\n"; + $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save comment\">\n"; + $output .= "</P>\n"; + $output .= "</FORM>\n"; + + print $output; +} + +function comment_save($id, $subject, $comment) { + db_query("UPDATE comments SET subject = '". addslashes($subject) ."', comment = '". addslashes($comment) ."' WHERE cid = $id"); + watchdog(1, "modified comment `$subject'."); +} + +function comment_display($order = "date") { + ### Initialize variables: + $fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject"); + + ### Perform SQL query: + $result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50"); + + ### Display stories: + $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; + $output .= " <TR>\n"; + $output .= " <TH ALIGN=\"right\" COLSPAN=\"5\">\n"; + $output .= " <FORM ACTION=\"admin.php?section=comments\" METHOD=\"post\">\n"; + $output .= " <SELECT NAME=\"order\">\n"; + foreach ($fields as $key=>$value) { + $output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n"; + } + $output .= " </SELECT>\n"; + $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n"; + $output .= " </FORM>\n"; + $output .= " </TH>\n"; + $output .= " </TR>\n"; + + $output .= " <TR>\n"; + $output .= " <TH>subject</TH>\n"; + $output .= " <TH>author</TH>\n"; + $output .= " <TH>operations</TH>\n"; + $output .= " </TR>\n"; + + while ($comment = db_fetch_object($result)) { + $output .= " <TR><TD><A HREF=\"discussion.php?id=$comment->sid&cid=$comment->cid&pid=$comment->pid\">$comment->subject</A></TD><TD>". format_username($comment->userid, 1) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=comments&op=edit&id=$comment->cid\">edit</A></TD></TR>\n"; + } + + $output .= "</TABLE>\n"; + + print $output; +} + +/* + * Statistics administration: + */ +function stats_display() { + # + # Story statistics: + # + $result = db_query("SELECT s.subject, c.sid, COUNT(c.sid) AS count, u.userid FROM comments c, stories s LEFT JOIN users u ON s.author = u.id WHERE s.id = c.sid GROUP BY c.sid ORDER BY count DESC LIMIT 20;"); + while ($stat = db_fetch_object($result)) $output1 .= "<I><A HREF=\"discussion.php?id=$stat->sid\">$stat->subject</A></I> by ". format_username($stat->userid, 1) .": ". format_plural($stat->count, "comment", "comments") ."<BR>\n"; + admin_box("Story statistics", $output1); + + # + # Poster statistics: + # + $result = db_query("SELECT u.userid, COUNT(s.author) AS count FROM stories s LEFT JOIN users u ON s.author = u.id GROUP BY s.author ORDER BY count DESC LIMIT 20"); + while ($stat = db_fetch_object($result)) $output2 .= "". format_username($stat->userid) .": ". format_plural($stat->count, "story", "stories") ."<BR>\n"; + admin_box("Poster statistics", $output2); + + # + # Category statistics: + # + $result = db_query("SELECT category, COUNT(category) AS count FROM stories GROUP by category ORDER BY count DESC"); + while ($stat = db_fetch_object($result)) $output3 .= "$stat->category: ". format_plural($stat->count, "story", "stories") ."<BR>\n"; + admin_box("Category statistics", $output3); + + # + # Theme statistics: + # + $result = db_query("SELECT theme, COUNT(id) AS count FROM users GROUP BY theme ORDER BY count DESC"); + while ($stat = db_fetch_object($result)) $output4 .= "<I>$stat->theme</I>-theme: ". format_plural($stat->count, "user", "users") ."<BR>\n"; + admin_box("Theme statistics", $output4); +} + +/* + * Diary administration: + */ +function diary_edit($id) { + $result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id WHERE d.id = $id"); + + $diary = db_fetch_object($result); + + $output .= "<FORM ACTION=\"admin.php?section=diaries&op=save&id=$id\" METHOD=\"post\">\n"; + + $output .= "<P>\n"; + $output .= " <B>Author:</B><BR>\n"; + $output .= " ". format_username($diary->userid, 1) ."\n"; + $output .= "</P>\n"; + + $output .= "<P>\n"; + $output .= "<B>Diary entry:</B><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"text\">". stripslashes($diary->text) ."</TEXTAREA><BR>\n"; + $output .= "</P>\n"; + + $output .= "<P>\n"; + $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save diary entry\">\n"; + $output .= "</P>\n"; + $output .= "</FORM>\n"; + + print $output; +} + +function diary_save($id, $text) { + db_query("UPDATE diaries SET text = '". addslashes($text) ."' WHERE id = $id"); + watchdog(1, "modified diary entry #$id."); +} + +function diary_display($order = "date") { + ### Initialize variables: + $fields = array("author" => "author", "date" => "timestamp DESC"); + + ### Perform SQL query: + $result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON u.id = d.author ORDER BY d.$fields[$order] LIMIT 50"); + + ### Display stories: + $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; + $output .= " <TR>\n"; + $output .= " <TH ALIGN=\"right\" COLSPAN=\"5\">\n"; + $output .= " <FORM ACTION=\"admin.php?section=diaries\" METHOD=\"post\">\n"; + $output .= " <SELECT NAME=\"order\">\n"; + foreach ($fields as $key=>$value) { + $output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n"; + } + $output .= " </SELECT>\n"; + $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n"; + $output .= " </FORM>\n"; + $output .= " </TH>\n"; + $output .= " </TR>\n"; + + $output .= " <TR>\n"; + $output .= " <TH>subject</TH>\n"; + $output .= " <TH>author</TH>\n"; + $output .= " <TH>operations</TH>\n"; + $output .= " </TR>\n"; + + while ($diary = db_fetch_object($result)) { + $output .= " <TR><TD><A HREF=\"diary.php?op=view&name=$diary->userid\">$diary->userid on ". format_date($diary->date, "small") ."</A></TD><TD>". format_username($diary->userid, 1) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=diaries&op=edit&id=$diary->id\">edit</A></TD></TR>\n"; + } + + $output .= "</TABLE>\n"; + + print $output; +} + +/* + * Home administration: + */ +function home_display() { + print "<BR><BR><BIG><CENTER><A HREF=\"\">home</A></CENTER></BIG>\n"; +} + +/* + * Misc administration: + */ +function misc_display() { + print "<BIG>Upcoming features:</BIG>"; + print "<UL>\n"; + print " <LI>backup functionality</LI>\n"; + print " <LI>thresholds settings</LI>\n"; + print " <LI>...</LI>\n"; + print "</UL>\n"; +} + + +/* * Story administration: */ function story_edit($id) { - global $PHP_SELF, $anonymous, $categories; + global $categories; - $result = db_query("SELECT stories.*, users.userid FROM stories LEFT JOIN users ON stories.author = users.id WHERE stories.id = $id"); + $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.id = $id"); $story = db_fetch_object($result); - $output .= "<FORM ACTION=\"$PHP_SELF?section=stories&op=save&id=$id\" METHOD=\"post\">\n"; + $output .= "<FORM ACTION=\"admin.php?section=stories&op=save&id=$id\" METHOD=\"post\">\n"; $output .= "<P>\n"; $output .= " <B>Author:</B><BR>\n"; - if ($story->userid) $output .= " <A HREF=\"admin.php?section=accounts&op=view&id=$story->author\">$story->userid</A>\n"; - else $output .= " $anonymous\n"; + $output .= " ". format_username($story->userid) ."\n"; $output .= "</P>\n"; $output .= "<P>\n"; @@ -323,18 +508,11 @@ function story_edit($id) { } function story_save($id, $subject, $abstract, $updates, $article, $category, $status) { - global $PHP_SELF; - - ### Add submission to SQL table: db_query("UPDATE stories SET subject = '". addslashes($subject) ."', abstract = '". addslashes($abstract) ."', updates = '". addslashes($updates) ."', article = '". addslashes($article) ."', category = '". addslashes($category) ."', status = '$status' WHERE id = $id"); - - ### Add log entry: watchdog(1, "modified story `$subject'."); } function story_display($order = "date") { - global $PHP_SELF; - ### Initialize variables: $status = array("deleted", "pending", "public"); $fields = array("author" => "author", "category" => "category", "date" => "timestamp DESC", "status" => "status DESC"); @@ -343,11 +521,10 @@ function story_display($order = "date") { $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON u.id = s.author ORDER BY s.$fields[$order]"); ### Display stories: - $output .= "<H3>Stories:</H3>\n"; $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR>\n"; $output .= " <TH ALIGN=\"right\" COLSPAN=\"5\">\n"; - $output .= " <FORM ACTION=\"$PHP_SELF?section=stories\" METHOD=\"post\">\n"; + $output .= " <FORM ACTION=\"admin.php?section=stories\" METHOD=\"post\">\n"; $output .= " <SELECT NAME=\"order\">\n"; foreach ($fields as $key=>$value) { $output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n"; @@ -367,7 +544,7 @@ function story_display($order = "date") { $output .= " </TR>\n"; while ($story = db_fetch_object($result)) { - $output .= " <TR><TD><A HREF=\"discussion.php?id=$story->id\">$story->subject</A></TD><TD>". format_username($story->userid, 1) ."</TD><TD>$story->category</TD><TD ALIGN=\"center\">". $status[$story->status] ."</TD><TD ALIGN=\"center\"><A HREF=\"$PHP_SELF?section=stories&op=edit&id=$story->id\">edit</A></TD></TR>\n"; + $output .= " <TR><TD><A HREF=\"discussion.php?id=$story->id\">$story->subject</A></TD><TD>". format_username($story->userid, 1) ."</TD><TD>$story->category</TD><TD ALIGN=\"center\">". $status[$story->status] ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=stories&op=edit&id=$story->id\">edit</A></TD></TR>\n"; } $output .= "</TABLE>\n"; @@ -376,15 +553,75 @@ function story_display($order = "date") { } function info_display() { - phpinfo(); + include "includes/config.inc"; + + $output .= "sitename: $sitename<BR>\n"; + $output .= "e-mail address: $contact_email<BR>\n"; + $output .= "signature: $contact_signature<BR>\n"; + $output .= "send e-mail notifications: $notify<BR>\n"; + $output .= "allowed HTML tags: <I>". htmlspecialchars($allowed_html) ."</I><BR>\n"; + $output .= "anonymous user: $anonymous<BR>\n"; + $output .= "submission post threshold: $submission_post_threshold<BR>\n"; + $output .= "submission dump threshold: $submission_dump_threshold<BR>\n"; + + admin_box("$sitename settings", $output); } -include "function.inc"; -include "admin.inc"; +include "includes/config.inc"; +include "includes/function.inc"; +include "includes/admin.inc"; admin_header(); switch ($section) { + case "stories": + switch ($op) { + case "edit": + story_edit($id); + break; + case "Save story": + story_save($id, $subject, $abstract, $updates, $article, $category, $status); + story_edit($id); + break; + case "Update": + story_display($order); + break; + default: + story_display(); + } + break; + case "comments": + switch ($op) { + case "edit": + comment_edit($id); + break; + case "Save comment": + comment_save($id, $subject, $comment); + comment_edit($id); + break; + case "Update": + comment_display($order); + break; + default: + comment_display(); + } + break; + case "diaries": + switch ($op) { + case "edit": + diary_edit($id); + break; + case "Save diary entry": + diary_save($id, $text); + diary_edit($id); + break; + case "Update": + diary_display($order); + break; + default: + diary_display(); + } + break; case "accounts": switch ($op) { case "view": @@ -397,8 +634,11 @@ switch ($section) { account_display(); } break; + case "misc": + misc_display(); + break; case "bans": - include "ban.inc"; + include "includes/ban.inc"; switch ($op) { case "Add ban": ban_new($mask, $category, $reason); @@ -428,26 +668,17 @@ switch ($section) { log_display(); } break; - case "stories": - switch ($op) { - case "edit": - story_edit($id); - break; - case "Save story": - story_save($id, $subject, $abstract, $updates, $article, $category, $status); - story_edit($id); - break; - case "Update": - story_display($order); - break; - default: - story_display(); - } + case "stats": + stats_display(); break; case "info": info_display(); + break; + case "home": + home_display(); + break; default: - print "Welcome to the adminstration page!"; + print "<BR><BR><CENTER>Welcome to the adminstration center!</CENTER>\n"; } admin_footer(); diff --git a/backend.php b/backend.php index a0eabf120..8812d4b9d 100644 --- a/backend.php +++ b/backend.php @@ -87,8 +87,8 @@ function adminMain() { print "<BR><BR>"; } -include "backend.class.php"; -include "theme.inc"; +include "includes/backend.inc"; +include "includes/theme.inc"; $theme->header(); @@ -1,6 +1,6 @@ <? -include "theme.inc"; +include "includes/theme.inc"; function diary_overview($num = 20) { global $theme, $user; diff --git a/discussion.php b/discussion.php index f94a7ac2c..3014e9954 100644 --- a/discussion.php +++ b/discussion.php @@ -1,7 +1,7 @@ <? function discussion_score($comment) { - $value = ($comments->votes) ? $comment->score / $comment->votes : ($comments->score) ? $comments->score : 0; + $value = ($comment->votes) ? ($comment->score / $comment->votes) : (($comment->score) ? $comment->score : 0); return (strpos($value, ".")) ? substr($value ."00", 0, 4) : $value .".00"; } @@ -35,7 +35,7 @@ function discussion_kids($cid, $mode, $level = 0, $dummy = 0) { $comments++; $link = "<A HREF=\"discussion.php?op=reply&sid=$comment->sid&pid=$comment->cid\"><FONT COLOR=\"$theme->hlcolor2\">reply to this comment</FONT></A>"; - $theme->comment($comment->userid, stripslashes($comment->subject), stripslashes($comment->comment), $comment->timestamp, stripslashes($comment->url), stripslashes($comment->femail), discussion_score($comment), $comment->cid, $link); + $theme->comment($comment->userid, stripslashes($comment->subject), stripslashes($comment->comment), $comment->timestamp, stripslashes($comment->url), stripslashes($comment->femail), discussion_score($comment), $comment->votes, $comment->cid, $link); discussion_kids($comment->cid, $mode, $level + 1, $dummy + 1); } @@ -45,7 +45,7 @@ function discussion_kids($cid, $mode, $level = 0, $dummy = 0) { while ($comment = db_fetch_object($result)) { if ($comment->score >= $thold) { $link = "<A HREF=\"discussion.php?op=reply&sid=$comment->sid&pid=$comment->cid\"><FONT COLOR=\"$theme->hlcolor2\">reply to this comment</FONT></A>"; - $theme->comment($comment->userid, check_output($comment->subject), check_output($comment->comment), $comment->timestamp, $comment->url, $comment->femail, discussion_score($comment), $comment->cid, $link); + $theme->comment($comment->userid, check_output($comment->subject), check_output($comment->comment), $comment->timestamp, $comment->url, $comment->femail, discussion_score($comment), $comment->votes, $comment->cid, $link); } discussion_kids($comment->cid, $mode); } @@ -151,10 +151,10 @@ function discussion_display($sid, $pid, $cid, $level = 0) { ### Display the comments: if (empty($mode) || $mode == "threaded") { $thread = discussion_childs($comment->cid); - $theme->comment($comment->userid, check_output($comment->subject), check_output($comment->comment), $comment->timestamp, $comment->url, $comment->femail, $comment->score, $comment->cid, $link, $thread); + $theme->comment($comment->userid, check_output($comment->subject), check_output($comment->comment), $comment->timestamp, $comment->url, $comment->femail, discussion_score($comment), $comment->votes, $comment->cid, $link, $thread); } else { - $theme->comment($comment->userid, check_output($comment->subject), check_output($comment->comment), $comment->timestamp, $comment->url, $comment->femail, $comment->score, $comment->cid, $link); + $theme->comment($comment->userid, check_output($comment->subject), check_output($comment->comment), $comment->timestamp, $comment->url, $comment->femail, discussion_score($comment), $comment->votes, $comment->cid, $link); discussion_kids($comment->cid, $mode, $level); } } @@ -170,7 +170,7 @@ function discussion_reply($pid, $sid) { ### Extract parent-information/data: if ($pid) { $item = db_fetch_object(db_query("SELECT comments.*, users.userid FROM comments LEFT JOIN users ON comments.author = users.id WHERE comments.cid = $pid")); - $theme->comment($item->userid, check_output(stripslashes($item->subject)), check_output(stripslashes($item->comment)), $item->timestamp, stripslashes($item->url), stripslashes($item->femail), $item->score, $item->cid, "reply to this comment"); + $theme->comment($item->userid, check_output(stripslashes($item->subject)), check_output(stripslashes($item->comment)), $item->timestamp, stripslashes($item->url), stripslashes($item->femail), discussion_score($comment), $comment->votes, $item->cid, "reply to this comment"); } else { $item = db_fetch_object(db_query("SELECT stories.*, users.userid FROM stories LEFT JOIN users ON stories.author = users.id WHERE stories.status != 0 AND stories.id = $sid")); @@ -221,8 +221,8 @@ function comment_preview($pid, $sid, $subject, $comment) { global $anonymous, $user, $theme; ### Preview comment: - if ($user) $theme->comment("", check_output(stripslashes($subject)), check_output(stripslashes($comment)), time(), "", "", "na", "", "reply to this comment"); - else $theme->comment($user->userid, check_output(stripslashes($subject)), check_output(stripslashes($comment)), time(), stripslashes($user->url), stripslashes($user->femail), "na", "", "reply to this comment"); + if ($user) $theme->comment("", check_output(stripslashes($subject)), check_output(stripslashes($comment)), time(), "", "", "na", "", "", "reply to this comment"); + else $theme->comment($user->userid, check_output(stripslashes($subject)), check_output(stripslashes($comment)), time(), stripslashes($user->url), stripslashes($user->femail), "na", "", "", "reply to this comment"); ### Build reply form: $output .= "<FORM ACTION=\"discussion.php\" METHOD=\"post\">\n"; @@ -302,7 +302,7 @@ function comment_post($pid, $sid, $subject, $comment) { } } -include "theme.inc"; +include "includes/theme.inc"; switch($op) { case "Preview comment": @@ -35,8 +35,9 @@ $message = "unknown error"; } - include "database.inc"; - include "log.inc"; + include "includes/database.inc"; + include "includes/log.inc"; + watchdog(3, "message: `$message' - requested url: $REDIRECT_URL - referring url: $HTTP_REFERER"); ?> @@ -1,5 +1,5 @@ <? -include "theme.inc"; +include "includes/theme.inc"; $output = " <DL> @@ -45,6 +45,9 @@ $output = " <DT><B>Can I syndicate content from this site?</B></DT> <DD>--- under construction ---<P></DD> + <DT><B>I found a bug or encountered a problem, what do I do?</B></DT> + <DD>Write us a bugreport or send us a patch! Writing a good bug report takes patience, but doing it right the first time saves time for us and for you. It is most helpful when a good description of the problem is included in the bug report. That is, a good example of all the things you did that led to the problem and the problem itself exactly described. The best reports are those that include a full example showing how to reproduce the bug or problem.<P></DD> + <DT><B>Is the source code of this site available?</B></DT> <DD>This site is powered by <A HREF=\"http://www.fsf.org/\">Free Software</A>; including <A HREF=\"http://www.apache.org/\">Apache</A>, <A HREF=\"http://www.php.net/\">PHP</A>, <A HREF=\"http://www.mysql.com/\">MySQL</A> and <A HREF=\"http://www.linux.com/\">Linux</A>, and is inspired by several <A HREF=\"http://www.fsf.org/\">Free Software</A> projects. Therefor we have decided to make the software engine of this site available under terms of GPL.<P>However, the sources are <B>not</B> available yet at this time, but will be released as soon we have a first, well-rounded source tree that has proven to be stable. If you can't wait or in case you have big plans (like `total domination') with the engine, don't hesitate to contact us and we might grant you CVS access.<P></DD> @@ -1,6 +1,6 @@ <? -include "theme.inc"; +include "includes/theme.inc"; ### Initialize/pre-process variables: $number = ($user->storynum) ? $user->storynum : 10; diff --git a/search.php b/search.php index 004848beb..18ef2c3b7 100644 --- a/search.php +++ b/search.php @@ -1,6 +1,6 @@ <? - include "theme.inc"; + include "includes/theme.inc"; $theme->header(); diff --git a/submission.php b/submission.php index 35db5290d..a9466a422 100644 --- a/submission.php +++ b/submission.php @@ -1,12 +1,10 @@ <? -include "submission.inc"; -include "theme.inc"; +include "includes/submission.inc"; +include "includes/theme.inc"; function submission_displayMain() { global $PHP_SELF, $theme, $user; - include "config.inc"; - ### Perform query: $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.status = 1 ORDER BY s.id"); @@ -25,14 +23,12 @@ function submission_displayMain() { } function submission_displayItem($id) { - global $PHP_SELF, $theme, $user; + global $PHP_SELF, $theme, $user, $submission_votes; if ($vote = user_getHistory($user->history, "s$id")) { header("Location: discussion.php?id=$id"); } else { - include "config.inc"; - $result = db_query("SELECT s.*, u.userid FROM stories s LEFT JOIN users u ON s.author = u.id WHERE s.id = $id"); $submission = db_fetch_object($result); diff --git a/submit.php b/submit.php index 052dd90f5..88bd38faa 100644 --- a/submit.php +++ b/submit.php @@ -146,7 +146,7 @@ function submit_submit($subject, $abstract, $article, $category) { watchdog(1, "added new submission with subject `$subject'."); } -include "theme.inc"; +include "includes/theme.inc"; switch($op) { case "Preview submission": |