diff options
| author | Dries Buytaert <dries@buytaert.net> | 2001-05-15 18:38:57 +0000 |
|---|---|---|
| committer | Dries Buytaert <dries@buytaert.net> | 2001-05-15 18:38:57 +0000 |
| commit | 14ddbc473c3ccfc03773bd684cd41255cc951507 (patch) | |
| tree | 3310c06c4323dfc5690d6e78236158b7bac2f428 | |
| parent | 1da587a9d9df433952981da62dda4f2b216799c7 (diff) | |
| download | brdo-14ddbc473c3ccfc03773bd684cd41255cc951507.tar.gz brdo-14ddbc473c3ccfc03773bd684cd41255cc951507.tar.bz2 | |
- Created 2 new functions:
+ path_uri(): returns the fully-qualified URI of your drupal site.
+ path_img(): returns the image directory or http://image-server.com/
in case you prefer to load-balance bandwidth usage.
Replaced all occurences of the variable "site_url" with path_uri()
and removed "site_url" from "setting.module".
- Drastically simplified the node_save() API, which should make the
node-forms more secure. Updated "story.module", "book.module",
"forum.module", "page.module" and "node.module" to reflect this
change. This is needs more testing so hit it, beat it, tease it.
- Fixed an occasional glitch in the configuration file loading logic.
- Made "queue.module" display an informative notice when an anonymous
user tries accessing the moderation queue.
- Updated the hard-coded information in drupal.module a bit.
| -rw-r--r-- | account.php | 4 | ||||
| -rw-r--r-- | includes/common.inc | 17 | ||||
| -rw-r--r-- | includes/node.inc | 47 | ||||
| -rw-r--r-- | includes/setting.php | 3 | ||||
| -rw-r--r-- | modules/book.module | 35 | ||||
| -rw-r--r-- | modules/book/book.module | 35 | ||||
| -rw-r--r-- | modules/drupal.module | 20 | ||||
| -rw-r--r-- | modules/drupal/drupal.module | 20 | ||||
| -rw-r--r-- | modules/forum.module | 7 | ||||
| -rw-r--r-- | modules/forum/forum.module | 7 | ||||
| -rw-r--r-- | modules/headline.module | 18 | ||||
| -rw-r--r-- | modules/page.module | 9 | ||||
| -rw-r--r-- | modules/page/page.module | 9 | ||||
| -rw-r--r-- | modules/queue.module | 7 | ||||
| -rw-r--r-- | modules/settings.module | 1 | ||||
| -rw-r--r-- | modules/story.module | 14 | ||||
| -rw-r--r-- | modules/story/story.module | 14 | ||||
| -rw-r--r-- | submit.php | 2 | ||||
| -rw-r--r-- | themes/goofy/goofy.theme | 32 | ||||
| -rw-r--r-- | themes/yaroon/yaroon.theme | 3 |
20 files changed, 163 insertions, 141 deletions
diff --git a/account.php b/account.php index bb50f4c36..ae124a598 100644 --- a/account.php +++ b/account.php @@ -251,7 +251,7 @@ function account_email_submit($userid, $email) { db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '$userid'"); - $link = variable_get(site_url, "http://drupal/") ."account.php?op=confirm&name=$userid&hash=$hash"; + $link = path_uri() ."account.php?op=confirm&name=$userid&hash=$hash"; $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal"))); $message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $userid, "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $passwd)); @@ -288,7 +288,7 @@ function account_create_submit($userid, $email) { $user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "status" => 1, "hash" => $new[hash])); - $link = variable_get(site_url, "http://" . $HTTP_HOST . substr($REQUEST_URI,0,strrpos($REQUEST_URI,"/")) . "/") ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]"; + $link = path_uri() ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]"; $subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal"))); $message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $new[userid], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $new[passwd])); diff --git a/includes/common.inc b/includes/common.inc index 49b55eb54..99f87a1f4 100644 --- a/includes/common.inc +++ b/includes/common.inc @@ -5,7 +5,8 @@ $na = "<I>na</I>"; function conf_init() { global $HTTP_HOST, $REQUEST_URI; $file = strtolower(strtr($HTTP_HOST ."". substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")), "/:", "..")); - return file_exists("includes/$file.php") ? $file : "setting"; + while ($file && !file_exists("includes/$file.php")) $file = substr($file, 0, strrpos($file, ".")); + return $file ? $file : "setting"; } function error_handler($errno, $message, $filename, $line, $variables) { @@ -37,6 +38,20 @@ function throttle($type, $rate) { } } +function path_uri() { + global $HTTP_HOST, $REQUEST_URI; + $REQUEST_URI = strstr("export/", $REQUEST_URI); + return "http://". $HTTP_HOST . substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")) ."/"; +} + +function path_img() { + // use "http://your-image-server.com/ if you want to host images on a seperate server. + return "./images/"; +} + +function notice_account() { + return t("This page requires a valid user account. Please <A HREF=\"account.php\">create a user account</A> and <A HREF=\"account.php\">login</A> prior to accessing it."); +} function check_textfield($message) { return strip_tags(str_replace("\"", """, stripslashes($message))); diff --git a/includes/node.inc b/includes/node.inc index 7962087d6..138ef4a67 100644 --- a/includes/node.inc +++ b/includes/node.inc @@ -51,7 +51,7 @@ function node_get_comments($nid) { return $comment->number ? $comment->number : 0; } -function node_save($node) { +function node_save($node, $filter) { global $user, $status; $rows = array(nid, pid, lid, cid, tid, log, type, title, score, votes, author, status, comment, promote, moderate, timestamp); @@ -63,11 +63,13 @@ function node_save($node) { $u2 = array(); foreach ($node as $field=>$value) { - if (in_array($field, $rows)) { - array_push($u1, check_input($field) ." = '". check_input($value) ."'"); - } - else { - array_push($u2, check_input($field) ." = '". check_input($value) ."'"); + if (in_array($field, $filter)) { + if (in_array($field, $rows)) { + array_push($u1, check_input($field) ." = '". check_input($value) ."'"); + } + else { + array_push($u2, check_input($field) ." = '". check_input($value) ."'"); + } } } @@ -89,23 +91,20 @@ function node_save($node) { // verify submission rate: throttle("post node", variable_get(max_node_rate, 900)); - // setup default values: - $node = array_merge(array(title => "?", author => $user->id, type => "?", pid => 0, cid => 0, tid => 0, log => "node created", status => (category_submission($node[cid]) ? $status[queued] : $status[posted]) , score => 0, votes => 0, comment => category_comment($node[cid]), promote => category_promote($node[cid]), moderate => topic_moderate($node[tid]), timestamp => time()), $node); - // prepare queries: - $f1 = array(); - $v1 = array(); - $f2 = array(); - $v2 = array(); + foreach ($filter as $field=>$value) { + $k = check_input(is_numeric($field) ? $value : $field); + $v = check_input(is_numeric($field) ? $node[$value] : $filter[$field]); - foreach ($node as $field=>$value) { - if (in_array($field, $rows)) { - array_push($f1, check_input($field)); - array_push($v1, "'". check_input($value) ."'"); + print "$k => $v ($field, $value)<BR>"; + + if (in_array($k, $rows)) { + $f1[] = $k; + $v1[] = "'$v'"; } else { - array_push($f2, check_input($field)); - array_push($v2, "'". check_input($value) ."'"); + $f2[] = $k; + $v2[] = "'$v'"; } } @@ -115,14 +114,14 @@ function node_save($node) { $v2 = implode(", ", $v2); // insert data, try to roll-back when something goes wrong: - $result = db_query("INSERT INTO node ($f1) VALUES ($v1)"); + $result = db_query("INSERT INTO node ($f1) VALUES ($v1)", 1); if ($result && $nid = db_insert_id()) { - $result = db_query("INSERT INTO $node[type] ($f2, nid) VALUES ($v2, $nid)"); + $result = db_query("INSERT INTO $filter[type] ($f2, nid) VALUES ($v2, $nid)", 1); if ($result && $lid = db_insert_id()) { - $result = db_query("UPDATE node SET lid = '$lid' WHERE nid = '$nid'"); + $result = db_query("UPDATE node SET lid = '$lid' WHERE nid = '$nid'", 1); if ($result) { if (($node[pid]) && ($node[status] == $status[posted])) { - db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$node[pid]'"); + db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$node[pid]'", 1); } watchdog("special", "node: added '$node[title]'"); } @@ -131,7 +130,7 @@ function node_save($node) { } } else { - db_query("DELETE FROM node WHERE nid = '$nid'"); + db_query("DELETE FROM node WHERE nid = '$nid'", 1); watchdog("warning", "node: added '$node[title]' - failed"); } } diff --git a/includes/setting.php b/includes/setting.php index d4bc5240b..be4590b00 100644 --- a/includes/setting.php +++ b/includes/setting.php @@ -1,6 +1,5 @@ <?php - # # Database settings: # @@ -58,6 +57,6 @@ $themes = array("UnConeD" => array( $languages = array("en" => "English"); # This line prevents users from accessing your settings file: -die(); +die("access denied"); ?>
\ No newline at end of file diff --git a/modules/book.module b/modules/book.module index defdd8ae6..215d4505b 100644 --- a/modules/book.module +++ b/modules/book.module @@ -124,8 +124,10 @@ function book_form($edit = array()) { $form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top.")); } - $form .= form_hidden("pid", $edit[pid]); - $form .= form_hidden("nid", $edit[nid]); + if ($edit[nid] > 0) { + $form .= form_hidden("pid", $edit[pid]); + $form .= form_hidden("nid", $edit[nid]); + } if (!$edit) { $form .= form_submit(t("Preview")); @@ -143,7 +145,14 @@ function book_form($edit = array()) { } function book_save($edit) { - node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "book")), array(userid => $edit[userid]))); + global $status, $user; + + if (!$edit[nid]) { + node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), log, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "book", votes => 0, weight)); + } + else if (user_access($user)) { + node_save($edit, array(body, cid, log, parent, tid, title, type => "book", weight)); + } } function book_parent($nid) { @@ -174,26 +183,6 @@ function book_tree($parent = "", $depth = 0) { return $output; } -/* -function book_tree($parent = 0, $depth = 0) { - global $PHP_SELF, $status; - - // if (($parent > 0) && ($depth < 3 || strstr($PHP_SELF,"admin.php"))) { - if ($depth < 3 || strstr($PHP_SELF,"admin.php")) { - $result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE n.type = 'book' AND n.status = '$status[posted]' AND b.parent = '$parent' ORDER BY b.weight", 1); - $output .= "<UL>"; - while ($node = db_fetch_object($result)) { - $output .= "<LI><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A>"; - if ($PHP_SELF == "/admin.php") $output .= " <SMALL>(weight: $node->weight/$node->parent, status: $node->status) (<A HREF=\"admin.php?mod=book&op=edit&id=$node->nid\">edit</A>)</SMALL>\n"; - if ($node->pid) $output .= book_tree($node->pid, $depth + 1); - $output .= book_tree($node->nid, $depth + 1); - } - $output .= "</UL>"; - } - return $output; -} -*/ - function book_list($query = array()) { return node_overview($query); } diff --git a/modules/book/book.module b/modules/book/book.module index defdd8ae6..215d4505b 100644 --- a/modules/book/book.module +++ b/modules/book/book.module @@ -124,8 +124,10 @@ function book_form($edit = array()) { $form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top.")); } - $form .= form_hidden("pid", $edit[pid]); - $form .= form_hidden("nid", $edit[nid]); + if ($edit[nid] > 0) { + $form .= form_hidden("pid", $edit[pid]); + $form .= form_hidden("nid", $edit[nid]); + } if (!$edit) { $form .= form_submit(t("Preview")); @@ -143,7 +145,14 @@ function book_form($edit = array()) { } function book_save($edit) { - node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "book")), array(userid => $edit[userid]))); + global $status, $user; + + if (!$edit[nid]) { + node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), log, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "book", votes => 0, weight)); + } + else if (user_access($user)) { + node_save($edit, array(body, cid, log, parent, tid, title, type => "book", weight)); + } } function book_parent($nid) { @@ -174,26 +183,6 @@ function book_tree($parent = "", $depth = 0) { return $output; } -/* -function book_tree($parent = 0, $depth = 0) { - global $PHP_SELF, $status; - - // if (($parent > 0) && ($depth < 3 || strstr($PHP_SELF,"admin.php"))) { - if ($depth < 3 || strstr($PHP_SELF,"admin.php")) { - $result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE n.type = 'book' AND n.status = '$status[posted]' AND b.parent = '$parent' ORDER BY b.weight", 1); - $output .= "<UL>"; - while ($node = db_fetch_object($result)) { - $output .= "<LI><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A>"; - if ($PHP_SELF == "/admin.php") $output .= " <SMALL>(weight: $node->weight/$node->parent, status: $node->status) (<A HREF=\"admin.php?mod=book&op=edit&id=$node->nid\">edit</A>)</SMALL>\n"; - if ($node->pid) $output .= book_tree($node->pid, $depth + 1); - $output .= book_tree($node->nid, $depth + 1); - } - $output .= "</UL>"; - } - return $output; -} -*/ - function book_list($query = array()) { return node_overview($query); } diff --git a/modules/drupal.module b/modules/drupal.module index e92f628a6..b1406ca68 100644 --- a/modules/drupal.module +++ b/modules/drupal.module @@ -18,16 +18,16 @@ function drupal_page() { $theme->box("Screenshots", $output); */ - $output = "<H3>Download</H3>\n"; - $output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">drupal 2.00</A> (2001/03/15 - latest version)</LI>\n"; - $output .= " <LI>drupal 1.00 (2001/01/15)</LI>\n"; - $output .= "<H3>Documentation</H3>\n"; - $output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">drupal handbook</A></LI>\n"; - $output .= "<H3>Mailing lists</H3>\n"; - $output .= " <LI><A HREF=\"node.php?title=mailing+lists\">mailing lists</A></LI>"; - $output .= "<H3>Development</H3>\n"; - $output .= " <LI><A HREF=\"node.php?title=development\">drupal development</A> (<A HREF=\"node.php?title=CVS\">CVS</A>)</LI>\n"; - $theme->box("Support and development", $output); + $output = "<H3>Download Drupal</H3>\n"; + $output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">Drupal 2.00</A> (2001/03/15 - latest version)</LI>\n"; + $output .= " <LI>Drupal 1.00 (2001/01/15)</LI>\n"; + $output .= "<H3>Drupal documentation</H3>\n"; + $output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">Drupal handbook</A></LI>\n"; + $output .= "<H3>Drupal mailing lists</H3>\n"; + $output .= " <LI><A HREF=\"node.php?title=mailing+lists\">Mailing list information</A></LI>"; + $output .= "<H3>Drupal development</H3>\n"; + $output .= " <LI><A HREF=\"node.php?title=development\">Development information</A>, <A HREF=\"node.php?title=CVS\">CVS instructions</A>, <A HREF=\"module.php?mod=cvs\">CVS log messages</A></LI>\n"; + $theme->box("Drupal support and development", $output); $theme->footer(); } diff --git a/modules/drupal/drupal.module b/modules/drupal/drupal.module index e92f628a6..b1406ca68 100644 --- a/modules/drupal/drupal.module +++ b/modules/drupal/drupal.module @@ -18,16 +18,16 @@ function drupal_page() { $theme->box("Screenshots", $output); */ - $output = "<H3>Download</H3>\n"; - $output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">drupal 2.00</A> (2001/03/15 - latest version)</LI>\n"; - $output .= " <LI>drupal 1.00 (2001/01/15)</LI>\n"; - $output .= "<H3>Documentation</H3>\n"; - $output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">drupal handbook</A></LI>\n"; - $output .= "<H3>Mailing lists</H3>\n"; - $output .= " <LI><A HREF=\"node.php?title=mailing+lists\">mailing lists</A></LI>"; - $output .= "<H3>Development</H3>\n"; - $output .= " <LI><A HREF=\"node.php?title=development\">drupal development</A> (<A HREF=\"node.php?title=CVS\">CVS</A>)</LI>\n"; - $theme->box("Support and development", $output); + $output = "<H3>Download Drupal</H3>\n"; + $output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">Drupal 2.00</A> (2001/03/15 - latest version)</LI>\n"; + $output .= " <LI>Drupal 1.00 (2001/01/15)</LI>\n"; + $output .= "<H3>Drupal documentation</H3>\n"; + $output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">Drupal handbook</A></LI>\n"; + $output .= "<H3>Drupal mailing lists</H3>\n"; + $output .= " <LI><A HREF=\"node.php?title=mailing+lists\">Mailing list information</A></LI>"; + $output .= "<H3>Drupal development</H3>\n"; + $output .= " <LI><A HREF=\"node.php?title=development\">Development information</A>, <A HREF=\"node.php?title=CVS\">CVS instructions</A>, <A HREF=\"module.php?mod=cvs\">CVS log messages</A></LI>\n"; + $theme->box("Drupal support and development", $output); $theme->footer(); } diff --git a/modules/forum.module b/modules/forum.module index 5a14831c1..8e3693f5f 100644 --- a/modules/forum.module +++ b/modules/forum.module @@ -23,8 +23,11 @@ function forum_form($edit = array()) { } function forum_save($edit) { - global $status; - node_save(array_merge($edit, array(type => "forum", status => $status[posted]))); + global $user, $status; + + if (user_access($user)) { + node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "forum", votes => 0)); + } } function forum_num_comments($nid) { diff --git a/modules/forum/forum.module b/modules/forum/forum.module index 5a14831c1..8e3693f5f 100644 --- a/modules/forum/forum.module +++ b/modules/forum/forum.module @@ -23,8 +23,11 @@ function forum_form($edit = array()) { } function forum_save($edit) { - global $status; - node_save(array_merge($edit, array(type => "forum", status => $status[posted]))); + global $user, $status; + + if (user_access($user)) { + node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "forum", votes => 0)); + } } function forum_num_comments($nid) { diff --git a/modules/headline.module b/modules/headline.module index 666c694e3..1d4474f00 100644 --- a/modules/headline.module +++ b/modules/headline.module @@ -64,7 +64,7 @@ function headline_help() { <P>Drupal's headline module both imports and exports RDF/RSS headlines.</P> <P>A lot of news-oriented websites are now publishing news (headlines) and making their content available through XML, RSS and RDF backend files. They syndicate free content and allow retrieval and further transmission, aggregation, and online publication. In its current state, drupal's headline module supports RDF and RSS backends.</P> <P>RSS was originally developed by Netscape to allow adding news channels to "My Netscape" sites, but it has since become adopted as the <I>de facto</I> net standard for distributing headlines and brief dynamic texts.</P> - <P>The headline module goes out to a list of configured news sites once an hour or so (driven by cron), downloads new RSS/RDF data and makes it available to your visitors. In addition, your headlines are exported as well and can be retrieved by other sites from <CODE><?php echo variable_get(site_url, "http://yourdomain.com/"); ?>export/headlines.rdf</CODE>.</P> + <P>The headline module goes out to a list of configured news sites once an hour or so (driven by cron), downloads new RSS/RDF data and makes it available to your visitors. In addition, your headlines are exported as well and can be retrieved by other sites from <CODE><?php echo path_uri(); ?>export/headlines.rdf</CODE>.</P> <?php } @@ -146,7 +146,7 @@ function headline_admin_add($id) { function headline_admin_edit($id) { $result = db_query("SELECT * FROM channel WHERE id='$id' ORDER BY id"); - if ($channel = db_fetch_object($result)) { + if ($channel = db_fetch_object($result)) { $output .= " <FORM ACTION=\"admin.php?mod=headline\" METHOD=\"post\">\n"; $output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n"; $output .= " <P>\n"; @@ -235,7 +235,7 @@ function headline_export_rdf() { print "<channel>\n"; print " <title>". variable_get(site_name, "drupal") ."</title>\n"; - print " <link>". variable_get(site_url, "http://drupal/") ."</link>\n"; + print " <link>". path_uri() ."</link>\n"; print " <description>". variable_get(site_name, "drupal") ."</description>\n"; print "</channel>\n"; @@ -244,7 +244,7 @@ function headline_export_rdf() { while ($node = db_fetch_object($result)) { print "<item>\n"; print " <title>". check_export($node->title) ."</title>\n"; - print " <link>". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid</link>\n"; + print " <link>". path_uri() ."node.php?id=$node->nid</link>\n"; print "</item>\n"; } @@ -262,9 +262,9 @@ function headline_export_rss() { print "xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\"\n"; print "xmlns=\"http://purl.org/rss/1.0/\">\n\n"; - print "<channel rdf:about=\"". variable_get(site_url, "http://drupal/") ."export/headlinesRSS10.rdf\">\n"; + print "<channel rdf:about=\"". path_uri() ."export/headlinesRSS10.rdf\">\n"; print " <title>". variable_get(site_name, "drupal") ."</title>\n"; - print " <link>". variable_get(site_url, "http://drupal/") ."</link>\n"; + print " <link>". path_uri() ."</link>\n"; print " <description>". variable_get(site_name, "drupal") ."</description>\n"; print " <items>\n"; @@ -273,7 +273,7 @@ function headline_export_rss() { $result = db_query("SELECT * FROM node WHERE promote = '1' AND status = '$status[posted]' ORDER BY timestamp DESC LIMIT 10"); while ($node = db_fetch_object($result)) { - print " <rdf:li resource=\"". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid\" />\n"; + print " <rdf:li resource=\"". path_uri() ."node.php?id=$node->nid\" />\n"; } print " </rdf:Seq>\n"; @@ -283,9 +283,9 @@ function headline_export_rss() { $result = db_query("SELECT * FROM node WHERE promote = '1' AND status = '$status[posted]' ORDER BY timestamp DESC LIMIT 10"); while ($node = db_fetch_object($result)) { - print "<item rdf:about=\"". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid\">\n"; + print "<item rdf:about=\"". path_uri() ."node.php?id=$node->nid\">\n"; print " <title>". check_export($node->title) ."</title>\n"; - print " <link>". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid</link>\n"; + print " <link>". path_uri() ."node.php?id=$node->nid</link>\n"; if ($node->abstract) print " <description>". check_output($node->abstract, 1) ."</description>\n"; if ($node->body) print " <description>". check_output($node->body, 1) ."</description>\n"; diff --git a/modules/page.module b/modules/page.module index c1c380a11..39ab6f63b 100644 --- a/modules/page.module +++ b/modules/page.module @@ -1,6 +1,6 @@ <?php -$GLOBALS[format] = array(0 => HTML, 1 => PHP, 2 => text); +$GLOBALS[format] = array(0 => "HTML", 1 => "PHP", 2 => "text"); function page_view($node, $main = 0) { global $format, $theme; @@ -37,8 +37,11 @@ function page_form($edit = array()) { } function page_save($edit) { - global $status; - node_save(array_merge($edit, array(type => "page", status => $status[posted]))); + global $status, $user; + + if (user_access($user)) { + node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), format, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "page", votes => 0)); + } } function page_query($type = "") { diff --git a/modules/page/page.module b/modules/page/page.module index c1c380a11..39ab6f63b 100644 --- a/modules/page/page.module +++ b/modules/page/page.module @@ -1,6 +1,6 @@ <?php -$GLOBALS[format] = array(0 => HTML, 1 => PHP, 2 => text); +$GLOBALS[format] = array(0 => "HTML", 1 => "PHP", 2 => "text"); function page_view($node, $main = 0) { global $format, $theme; @@ -37,8 +37,11 @@ function page_form($edit = array()) { } function page_save($edit) { - global $status; - node_save(array_merge($edit, array(type => "page", status => $status[posted]))); + global $status, $user; + + if (user_access($user)) { + node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), format, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "page", votes => 0)); + } } function page_query($type = "") { diff --git a/modules/queue.module b/modules/queue.module index c864e9169..9b0bcfcb9 100644 --- a/modules/queue.module +++ b/modules/queue.module @@ -97,7 +97,7 @@ function queue_node($id) { } function queue_page() { - global $id, $op, $user, $vote; + global $id, $op, $theme, $user, $vote; if ($user->id) { switch($op) { @@ -112,6 +112,11 @@ function queue_page() { break; } } + else { + $theme->header(); + $theme->box(t("Moderation queue"), notice_account()); + $theme->footer(); + } } ?> diff --git a/modules/settings.module b/modules/settings.module index 015d457a8..2edda844a 100644 --- a/modules/settings.module +++ b/modules/settings.module @@ -6,7 +6,6 @@ function settings_conf() { // general settings: $output .= form_textfield(t("Name"), "site_name", variable_get(site_name, "drupal"), 30, 55, t("The name of this website.")); $output .= form_textfield(t("Slogan"), "site_slogan", variable_get(site_slogan, ""), 30, 55, t("The slogan of this website")); - $output .= form_textfield(t("URL"), "site_url", variable_get(site_url, "http://drupal/"), 30, 55, t("The fully qualified URL of this website: starts with \"http://\" and ends with a trailing slash!")); $output .= form_textfield(t("E-mail address"), "site_mail", variable_get(site_mail, "root@localhost"), 30, 55, t("A valid e-mail address for this website, used by the auto-mailer to create new user accounts.")); $output .= form_textarea(t("Footer message"), "site_footer", variable_get(site_footer, ""), 55, 3, t("This text will be displayed at the bottom of each page. Useful for adding a copyright notice to your pages.")); $output .= form_textfield(t("Anonymous user"), "anonymous", variable_get(anonymous, "Anonymous"), 30, 55, t("The name used to indicate anonymous users.")); diff --git a/modules/story.module b/modules/story.module index dfb6c6cef..7f0c1ba64 100644 --- a/modules/story.module +++ b/modules/story.module @@ -45,8 +45,9 @@ function story_form($edit = array()) { $form .= form_textarea(t("Body"), "body", $edit[body], 50, 15, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html)); // hidden fields: - $form .= form_hidden("timestamp", $edit[timestamp]); - $form .= form_hidden("nid", $edit[nid]); + if ($edit[nid] > 0) { + $form .= form_hidden("nid", $edit[nid]); + } if (!$edit) { $form .= form_submit(t("Preview")); @@ -68,7 +69,14 @@ function story_form($edit = array()) { } function story_save($edit) { - node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "story")), array(userid => $edit[userid]))); + global $status, $user; + + if (!$edit[nid]) { + node_save($edit, array(abstract, author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "story", votes => 0)); + } + else if (user_access($user)) { + node_save($edit, array(abstract, body, cid, tid, title, type => "story")); + } } function story_block() { diff --git a/modules/story/story.module b/modules/story/story.module index dfb6c6cef..7f0c1ba64 100644 --- a/modules/story/story.module +++ b/modules/story/story.module @@ -45,8 +45,9 @@ function story_form($edit = array()) { $form .= form_textarea(t("Body"), "body", $edit[body], 50, 15, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html)); // hidden fields: - $form .= form_hidden("timestamp", $edit[timestamp]); - $form .= form_hidden("nid", $edit[nid]); + if ($edit[nid] > 0) { + $form .= form_hidden("nid", $edit[nid]); + } if (!$edit) { $form .= form_submit(t("Preview")); @@ -68,7 +69,14 @@ function story_form($edit = array()) { } function story_save($edit) { - node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "story")), array(userid => $edit[userid]))); + global $status, $user; + + if (!$edit[nid]) { + node_save($edit, array(abstract, author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "story", votes => 0)); + } + else if (user_access($user)) { + node_save($edit, array(abstract, body, cid, tid, title, type => "story")); + } } function story_block() { diff --git a/submit.php b/submit.php index 7e2e6e55c..484e532c8 100644 --- a/submit.php +++ b/submit.php @@ -27,7 +27,7 @@ if ($user->id) { } } else { - $theme->box("Submit", t("This page requires a valid user account. Please <A HREF=\"account.php\">login</A> prior to accessing it.")); + $theme->box("Submit", notice_account()); } $theme->footer(); diff --git a/themes/goofy/goofy.theme b/themes/goofy/goofy.theme index 0d0dfeb97..bc6711591 100644 --- a/themes/goofy/goofy.theme +++ b/themes/goofy/goofy.theme @@ -51,10 +51,10 @@ --> </style> - <script language="JavaScript" type="text/javascript"><!-- + <script language="JavaScript" type="text/javascript"><!-- function b(title,content) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\">" + title + "</td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\">" + content + "</td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" width=\"150\" height=\"1\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");} function s(title,subleft,subright,body) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\" colspan=\"2\">" + title + "</td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\"><small>" + subleft + "</small></td><td class=\"lgcnt\" nowrap><div align=\"right\">" + subright + "</div></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><hr color=\"#404040\" size=\"1\">" + body + "</div></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");} -function c(subject,mod,author,date,body) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\" colspan=\"2\"><table border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"100%\"><tr><td valign=\"top\" width=\"5%\"><div align=\"right\"><b><?php echo t("Subject"); ?>:</b> </div></td><td width=\"80%\"><b>" + subject + "</b></td><td rowspan=\"3\" valign=\"middle\" width=\"15%\"><div align=\"right\">" + mod + "</div></td></tr><tr><td valign=\"top\"><div align=\"right\"><?php echo t("Author"); ?>: </div></td><td>" + author + "</td></tr><tr><td><div align=\"right\"><?php echo t("Date"); ?>: </div></td><td>" + date + "</td></tr></table></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr>");if(body){document.writeln("<tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\">" + body + "</td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr>");};document.writeln("<tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");} +function c(subject,mod,author,date,body) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\" colspan=\"2\"><table border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"100%\"><tr><td valign=\"top\" width=\"5%\"><div align=\"right\"><b><?php echo t("Subject"); ?>:</b> </div></td><td width=\"80%\"><b>" + subject + "</b></td><td rowspan=\"3\" valign=\"middle\" width=\"15%\"><div align=\"right\">" + mod + "</div></td></tr><tr><td valign=\"top\"><div align=\"right\"><?php echo t("Author"); ?>: </div></td><td>" + author + "</td></tr><tr><td><div align=\"right\"><?php echo t("Date"); ?>: </div></td><td>" + date + "</td></tr></table></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr>");if(body){document.writeln("<tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\">" + body + "</td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr>");};document.writeln("<tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");} //--> </script> </head> @@ -70,8 +70,8 @@ function c(subject,mod,author,date,body) {document.writeln("<table border=\"0\" <?php } // close header function - - + + function linksbar() { // helper function to prevent double code ?> <table border="0" cellspacing="0" cellpadding="0" width="100%"> @@ -100,12 +100,12 @@ function c(subject,mod,author,date,body) {document.writeln("<table border=\"0\" $title = check_output($story->title); $subleft = strtr(t("Submitted by %a on %b"), array("%a" => format_username($story->userid), "%b" => format_date($story->timestamp, "large"))); $subright = category_name($story->cid) ." / ". topic_name($story->tid); - $body = check_output($story->abstract, 1) . "<br>" . ((!$main && $story->body)?"<br>" . check_output($story->body, 1):"") . "<hr color=\"#404040\" size=\"1\"><div align=\"right\">" . ($main?theme_morelink($this, $story):""); + $body = check_output($story->abstract, 1) . "<br>" . ((!$main && $story->body)?"<br>" . check_output($story->body, 1):"") . "<hr color=\"#404040\" size=\"1\"><div align=\"right\">" . ($main?theme_morelink($this, $story):""); print "<script language=\"JavaScript\"><!--\ns(\"". $this->stripbreaks(addslashes($title)) ."\",\"". $this->stripbreaks(addslashes($subleft)) ."\",\"". $this->stripbreaks(addslashes($subright)) ."\",\"". $this->stripbreaks(addslashes($body)) ."\"); // -->\n</script>\n"; } // close story function - - + + function comment($comment, $link = "") { echo "<A NAME=\"$comment->cid\"></A>\n"; @@ -117,24 +117,24 @@ function c(subject,mod,author,date,body) {document.writeln("<table border=\"0\" } $body = check_output($comment->comment, 1) . "<br><hr color=\"#404040\" size=\"1\"><div align=\"right\">[ $link ]</div>"; - print "<script language=\"JavaScript\"><!--\nc(\"". $this->stripbreaks(addslashes(check_output($comment->subject))) ."\",\"". $this->stripbreaks(addslashes(comment_moderation($comment))) ."\",\"". $this->stripbreaks(addslashes($author)) ."\",\"". $this->stripbreaks(addslashes(format_date($comment->timestamp))) ."\",\"". $this->stripbreaks(addslashes($body)) ."\"); // -->\n</script>\n"; + print "<script language=\"JavaScript\"><!--\nc(\"". $this->stripbreaks(addslashes(check_output($comment->subject))) ."\",\"". $this->stripbreaks(addslashes(comment_moderation($comment))) ."\",\"". $this->stripbreaks(addslashes($author)) ."\",\"". $this->stripbreaks(addslashes(format_date($comment->timestamp))) ."\",\"". $this->stripbreaks(addslashes($body)) ."\"); // -->\n</script>\n"; } // close comment function - - - + + + function stripbreaks($a) { // helper function for generating the javascripted boxes return str_replace("\n","\\n",str_replace("\r","\\r",$a)); } // close stripbreaks function - + function box($subject, $content, $options = "") { print "<script language=\"JavaScript\"><!--\nb(\"". $this->stripbreaks(addslashes($subject)) ."\",\"". $this->stripbreaks(addslashes($content)) ."\"); // -->\n</script>\n"; } // close box function - - - - + + + + function footer() { ?> </td> diff --git a/themes/yaroon/yaroon.theme b/themes/yaroon/yaroon.theme index 8b82d4f1c..3c1e58b6b 100644 --- a/themes/yaroon/yaroon.theme +++ b/themes/yaroon/yaroon.theme @@ -61,8 +61,7 @@ <tr> <td align="left" valign="middle" width="20%"> <font size="+1"> - <b><a href="<?php echo variable_get(site_url, -"http://drupal/"); ?> "><?php echo variable_get(site_name, "drupal"); ?></a></b> + <b><a href="<?php echo path_uri(); ?>"><?php echo path_uri(); ?></a></b> </font> </td> <td class="spacer1" width="1" height="1"><img src="themes/jeroen2/images/pixel.gif" width="1" height="1" alt="" border="0" /></td> |