diff options
| -rw-r--r-- | account.php | 21 | ||||
| -rw-r--r-- | admin.php | 9 | ||||
| -rw-r--r-- | diary.php | 15 | ||||
| -rw-r--r-- | includes/config.inc | 22 | ||||
| -rw-r--r-- | includes/function.inc | 12 | ||||
| -rw-r--r-- | submission.php | 4 | ||||
| -rw-r--r-- | submit.php | 2 | ||||
| -rw-r--r-- | themes/marvin/marvin.theme | 18 |
8 files changed, 62 insertions, 41 deletions
diff --git a/account.php b/account.php index f349ff226..9c5a4e63d 100644 --- a/account.php +++ b/account.php @@ -106,17 +106,24 @@ function account_page_edit() { global $theme, $themes, $user; if ($user->id) { - ### Generate output/content: $output .= "<FORM ACTION=\"account.php\" METHOD=\"post\">\n"; $output .= "<B>Theme:</B><BR>\n"; - ### Loop (dynamically) through all available themes: foreach ($themes as $key=>$value) { - $options .= "<OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>"; + $options1 .= " <OPTION VALUE=\"$key\"". (($user->theme == $key) ? " SELECTED" : "") .">$key - $value[1]</OPTION>\n"; } - $output .= "<SELECT NAME=\"edit[theme]\">$options</SELECT><BR>\n"; + $output .= "<SELECT NAME=\"edit[theme]\">\n$options1</SELECT><BR>\n"; $output .= "<I>Selecting a different theme will change the look and feel of the site.</I><P>\n"; + $output .= "<B>Timezone:</B><BR>\n"; + + $date = time() - date("Z"); + for ($zone = -43200; $zone <= 43200; $zone += 3600) { + $options2 .= " <OPTION VALUE=\"$zone\"". (($user->timezone == $zone) ? " SELECTED" : "") .">". date("l, F dS, Y - h:i A", $date + $zone) ." (GMT ". $zone / 3600 .")</OPTION>\n"; + } + + $output .= "<SELECT NAME=\"edit[timezone]\">\n$options2</SELECT><BR>\n"; + $output .= "<I>Select what time you currently have and your timezone settings will be set appropriate.</I><P>\n"; $output .= "<B>Maximum number of stories:</B><BR>\n"; $output .= "<INPUT NAME=\"edit[stories]\" MAXLENGTH=\"3\" SIZE=\"3\" VALUE=\"$user->stories\"><P>\n"; $output .= "<I>The maximum number of stories that will be displayed on the main page.</I><P>\n"; @@ -143,7 +150,6 @@ function account_page_edit() { $output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save page settings\"><BR>\n"; $output .= "</FORM>\n"; - ### Display output/content: $theme->header(); $theme->box("Customize your page", $output); $theme->footer(); @@ -159,6 +165,7 @@ function account_page_save($edit) { global $user; if ($user->id) { $data[theme] = $edit[theme]; + $data[timezone] = $edit[timezone]; $data[stories] = $edit[stories]; $data[mode] = $edit[mode]; $data[sort] = $edit[sort]; @@ -276,8 +283,6 @@ function account_register_enter($user = "", $error = "") { function account_register_submit($new) { global $theme, $mail, $sitename, $siteurl; - $siteurl = "www.drop.org"; // temporary solution - if ($rval = account_validate($new)) { account_register_enter($new, "$rval"); } @@ -288,7 +293,7 @@ function account_register_submit($new) { user_save($new); - $link = "http://$siteurl/account.php?op=confirm&name=$new[userid]&hash=$new[hash]"; + $link = $siteurl ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]"; $message = "$new[userid],\n\n\nsomeone signed up for a user account on $sitename and supplied this email address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail.\n\nIf this was you, you have to activate your account first before you can login. You can do so simply by visiting the URL below:\n\n $link\n\nVisiting this URL will automatically activate your account. Once activated you can login using the following information:\n\n username: $new[userid]\n password: $new[passwd]\n\n\n-- $sitename crew\n"; mail($new[real_email], "Account details for $sitename", $message, "From: noreply@$sitename"); @@ -10,6 +10,7 @@ if ($user->userid != "Dries") exit(); function account_display($order = "username") { $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "homepage" => "url", "hostname" => "last_host", "last access date" => "last_access", "real e-mail address" => "real_email", "real name" => "name", "status" => "status", "theme" => "theme", "username" => "userid"); $show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "status" => "status"); + $stat = array(0 => "blocked", 1 => "not confirmed", 2 => "open"); ### Perform query: $result = db_query("SELECT u.id, u.userid, u.$sort[$order], u.status FROM users u ORDER BY $sort[$order]"); @@ -46,7 +47,7 @@ function account_display($order = "username") { $output .= " <TD>". format_date($account[$value]) ."</TD>\n"; break; case "status": - $output .= " <TD ALIGN=\"center\"><I>todo</I></TD>\n"; + $output .= " <TD ALIGN=\"center\">". $stat[$account[$value]] ."</TD>\n"; break; case "url": $output .= " <TD>". format_url($account[$value]) ."</TD>\n"; @@ -83,12 +84,14 @@ function account_comments($id) { } function account_view($name) { - ### Perform query: + $status = array(0 => "blocked", 1 => "not confirmed", 2 => "open"); + $result = db_query("SELECT * FROM users WHERE userid = '$name'"); if ($account = db_fetch_object($result)) { $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n"; $output .= " <TR><TD ALIGN=\"right\"><B>ID:</B></TD><TD>$account->id</TD></TR>\n"; + $output .= " <TR><TD ALIGN=\"right\"><B>Status:</B></TD><TD>". $status[$account->status] ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Real name:</B></TD><TD>". format_data($account->name) ."</TD></TR>\n"; $output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n"; @@ -137,7 +140,7 @@ function log_display($order = "date") { $output .= " </TR>\n"; while ($log = db_fetch_object($result)) { - $output .= " <TR BGCOLOR=\"". $colors[$log->level] ."\"><TD>". date("D d/m, H:m:s", $log->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($log->userid, 1) ."</A></TD><TD>". substr($log->message, 0, 44) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=logs&op=view&id=$log->id\">more</A></TD></TR>\n"; + $output .= " <TR BGCOLOR=\"". $colors[$log->level] ."\"><TD>". format_date($log->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($log->userid, 1) ."</A></TD><TD>". substr($log->message, 0, 44) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?section=logs&op=view&id=$log->id\">more</A></TD></TR>\n"; } $output .= "</TABLE>\n"; @@ -17,7 +17,7 @@ function diary_overview($num = 20) { $output .= "<DL>\n"; $output .= " <DD><P><B>$diary->userid wrote:</B></P></DD>\n"; $output .= " <DL>\n"; - $output .= " <DD><P>". check_output($diary->text) ."</P><P>[ <A HREF=\"diary.php?op=view&name=$diary->userid\">more</A> ]</P></DD>\n"; + $output .= " <DD><P>". check_output($diary->text, 1) ."</P><P>[ <A HREF=\"diary.php?op=view&name=$diary->userid\">more</A> ]</P></DD>\n"; $output .= " </DL>\n"; $output .= "</DL>\n"; } @@ -38,7 +38,7 @@ function diary_entry($timestamp, $text, $id = 0) { else { $output .= "<DL>\n"; $output .= " <DT><B>". date("l, F jS", $timestamp) .":</B></DT>\n"; - $output .= " <DD><P>". check_output($text) ."</P></DD>\n"; + $output .= " <DD><P>". check_output($text, 1) ."</P></DD>\n"; $output .= "</DL>\n"; } return $output; @@ -97,7 +97,7 @@ function diary_edit($id) { $output .= "<P>\n"; $output .= " <B>Edit diary entry:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_input(stripslashes($diary->text)) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_input($diary->text) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; @@ -123,13 +123,14 @@ function diary_preview($text, $timestamp, $id = 0) { $output .= "<P>\n"; $output .= " <B>Preview diary entry:</B><BR>\n"; - $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". stripslashes($text) ."</TEXTAREA><BR>\n"; + $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". check_output($text) ."</TEXTAREA><BR>\n"; $output .= " <SMALL><I>Allowed HTML tags: ". htmlspecialchars($allowed_html) .".</I></SMALL>\n"; $output .= "</P>\n"; $output .= "<P>\n"; $output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n"; - $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\"> <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit diary entry\">\n"; + $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\">\n"; + $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit diary entry\">\n"; $output .= "</P>\n"; $output .= "</FORM>\n"; @@ -143,11 +144,11 @@ function diary_submit($text, $id = 0) { global $user, $theme; if ($id) { - db_query("UPDATE diaries SET text = '". addslashes($text) ."' WHERE id = $id"); + db_query("UPDATE diaries SET text = '". check_input($text) ."' WHERE id = $id"); watchdog(1, "old diary entry updated"); } else { - db_query("INSERT INTO diaries (author, text, timestamp) VALUES ('$user->id', '". addslashes($text) ."', '". time() ."')"); + db_query("INSERT INTO diaries (author, text, timestamp) VALUES ('$user->id', '". check_input($text) ."', '". time() ."')"); watchdog(1, "new diary entry added"); } header("Location: diary.php?op=view&name=$user->userid"); diff --git a/includes/config.inc b/includes/config.inc index 61ff05f86..c5fdffd8f 100644 --- a/includes/config.inc +++ b/includes/config.inc @@ -4,20 +4,19 @@ # MySQL settings: # - -### www.drop.org: +### http://www.drop.org/: #$dbhost = "zind.net"; #$dbuname = "droporg"; #$dbpass = "DropIes"; #$dbname = "droporg"; -### beta.drop.org: +### http://beta.drop.org/: $dbhost = "zind.net"; $dbuname = "dries"; $dbpass = "Abc123"; $dbname = "dries"; -### localhost Dries: +### http://dione/: #$dbhost = ""; #$dbuname = "dries"; #$dbpass = "oakley"; @@ -27,12 +26,13 @@ $dbname = "dries"; # Name of the site # $sitename = "drop.org"; +$siteurl = "http://www.drop.org/"; # # Contact information: # The contact information will be used to send out automated mails # to users, account holders or visitors. -$contact_email = "droppies@zind.net"; +$contact_email = "droppies@drop.org"; # # Notify: @@ -49,12 +49,19 @@ $notify = 0; $notify_email = $contact_email; $notify_subject = "submission: "; $notify_message = "New submission: '$subject'\n\n$story"; -$notify_from = "droppies@zind.net"; +$notify_from = "droppies@drop.org"; # # Comment meta reasons: # -$comment_votes = array("none" => "none", "-1" => "- 1", "0" => "+ 0", "+1" => "+ 1", "+2" => "+ 2", "+3" => "+ 3", "+4" => "+ 4", "+5" => "+ 5"); +$comment_votes = array("none" => "none", + "-1" => "- 1", + "0" => "+ 0", + "+1" => "+ 1", + "+2" => "+ 2", + "+3" => "+ 3", + "+4" => "+ 4", + "+5" => "+ 5"); # # Categories: @@ -82,7 +89,6 @@ $allowed_html = "<A><B><BR><DD><DL><DT><EM><HR><I><IL><SMALL><OL><U><UL>"; # $anonymous = "Anonymous Chicken"; - # # Themes: # the first theme listed in the associative array `$themes' will diff --git a/includes/function.inc b/includes/function.inc index c9b80e0a6..1331a21e6 100644 --- a/includes/function.inc +++ b/includes/function.inc @@ -24,12 +24,14 @@ function check_field($message) { } function check_input($message) { - return strip_tags($message); + global $allowed_html; + return strip_tags(addslashes($message), $allowed_html); } -function check_output($message) { +function check_output($message, $nl2br = 0) { global $allowed_html; - return strip_tags(stripslashes($message), $allowed_html); + if ($nl2br == 1) return nl2br(strip_tags(stripslashes($message), $allowed_html)); + else return strip_tags(stripslashes($message), $allowed_html); } function discussion_num_replies($id, $count = 0) { @@ -49,6 +51,10 @@ function format_plural($count, $one, $more) { } function format_date($timestamp, $type = "medium") { + global $user; + + $timestamp += ($user->timezone) ? $user->timezone - date("Z") : 0; + switch ($type) { case "small": $date = date("D, m/d/y - H:i", $timestamp); diff --git a/submission.php b/submission.php index 0bb537433..cff39dc6c 100644 --- a/submission.php +++ b/submission.php @@ -12,8 +12,8 @@ function submission_displayMain() { $content .= "<TABLE BORDER=\"0\" CELLSPACING=\"4\" CELLPADDING=\"4\">\n"; $content .= " <TR BGCOLOR=\"$bgcolor1\"><TH>Subject</TH><TH>Category</TH><TH>Date</TH><TH>Author</TH><TH>Score</TH></TR>\n"; while ($submission = db_fetch_object($result)) { - if (user_getHistory($user->history, "s$submission->id")) $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">". check_output($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\">". submission_score($submission->id) ."</TD></TR>\n"; - else $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">". check_output($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">vote</A></TD></TR>\n"; + if (user_getHistory($user->history, "s$submission->id")) $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">". stripslashes($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\">". submission_score($submission->id) ."</TD></TR>\n"; + else $content .= " <TR><TD WIDTH=\"100%\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">". stripslashes($submission->subject) ."</A></TD><TD>$submission->category</TD><TD ALIGN=\"center\">". date("Y-m-d", $submission->timestamp) ."<BR>". date("H:m:s", $submission->timestamp) ."</TD><TD ALIGN=\"center\">". format_username($submission->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"$PHP_SELF?op=view&id=$submission->id\">vote</A></TD></TR>\n"; } $content .= "</TABLE>\n"; diff --git a/submit.php b/submit.php index 6a42ce4b4..f255fde5b 100644 --- a/submit.php +++ b/submit.php @@ -118,7 +118,7 @@ function submit_preview($subject, $abstract, $article, $category) { $output .= "</FORM>\n"; $theme->header(); - $theme->preview($user->userid, check_output($subject), check_output($abstract), "", check_output($article), date("l, F d, Y - H:i A", time()), check_output($category), "we-hate-typoes"); + $theme->preview($user->userid, check_output($subject), check_output($abstract), "", check_output($article), format_date(time(), "extra large"), check_output($category), "we-hate-typoes"); $theme->box("Submit a story", $output); $theme->footer(); } diff --git a/themes/marvin/marvin.theme b/themes/marvin/marvin.theme index d60f0b7e4..bb24cc758 100644 --- a/themes/marvin/marvin.theme +++ b/themes/marvin/marvin.theme @@ -39,13 +39,17 @@ <TABLE BORDER="0" CELLPADDING="8" CELLSPACING="0"> <TR> <TD ROWSPAN="3" WIDTH="30"> </TD> - <TD COLSPAN="2"><A HREF="" ><IMG SRC="themes/marvin/images/logo.gif" ALT="drop.org" BORDER="0"></A></TD> + <TD WIDTH="470"><A HREF=""><IMG SRC="themes/marvin/images/logo.gif" ALT="drop.org" BORDER="0"></A></TD> + <TD WIDTH="180"> + <LI>Create an <A HREF="account.php?op=register">account</A> and <A HREF="submit.php">submit</A> new stories.</LI> + <LI>Send your questions, feedback and bug reports to <A HREF="mailto:info@drop.org">info@drop.org</A>.</LI> + </TD> </TR> <TR> <TD ALIGN="right" COLSPAN="2"><SMALL><A HREF="">home</A> | <A HREF="faq.php">faq</A> | <A HREF="diary.php">diary</A> | <A HREF="search.php">search</A> | <A HREF="submit.php">submit news</A> | <A HREF="account.php">user account</A></SMALL></TD> </TR> <TR> - <TD VALIGN="top" WIDTH="470"> + <TD VALIGN="top"> <? } @@ -54,15 +58,13 @@ # Description..: a function to draw an abstract story box, that is the # boxes displayed on the main page. function abstract($story) { - $story->timestamp = date("l, F d, Y - h:i:s A", $story->timestamp); - print "\n<!-- story: \"$story->subject\" -->\n"; print "<TABLE BORDER=\"0\" CELLPADDING=\"0\" CELLSPACING=\"2\" WIDTH=\"100%\">\n"; print " <TR><TD COLSPAN=\"2\"><IMG SRC=\"themes/marvin/images/drop.gif\" ALT=\"\"> <B>$story->subject</B></TD></TR>\n"; print " <TR VALIGN=\"bottom\"><TD COLSPAN=\"2\" BGCOLOR=\"#000000\" WIDTH=\"100%\"><IMG SRC=\"themes/marvin/images/pixel.gif\" WIDTH=\"1\" HEIGHT=\"0\" ALT=\"\"></TD></TR>\n"; print " <TR>\n"; print " <TD>\n"; - print " <FONT COLOR=\"#7C7C7C\"><SMALL>Posted by ". format_username($story->userid) ." on $story->timestamp"; ?><? if ($story->department) print "<BR>from the $story->department dept."; ?><? print "</SMALL></FONT></TD><TD ALIGN=\"right\" VALIGN=\"top\" NOWRAP><SMALL><A HREF=\"search.php?category=". urlencode($story->category) ."\"><FONT COLOR=\"#83997A\">$story->category</FONT></A></SMALL>\n"; + print " <FONT COLOR=\"#7C7C7C\"><SMALL>Posted by ". format_username($story->userid) ." on ". format_date($story->timestamp, "extra large"). ""; ?><? if ($story->department) print "<BR>from the $story->department dept."; ?><? print "</SMALL></FONT></TD><TD ALIGN=\"right\" VALIGN=\"top\" NOWRAP><SMALL><A HREF=\"search.php?category=". urlencode($story->category) ."\"><FONT COLOR=\"#83997A\">$story->category</FONT></A></SMALL>\n"; print " </TD>\n"; print " </TR>\n"; print " <TR><TD COLSPAN=\"2\"> </TD></TR>\n"; @@ -84,15 +86,13 @@ # comments). It's what you get when you followed for # instance one of read-more links on the main page. function article($story, $reply) { - $story->timestamp = date("l, F d, Y - h:i:s A", $story->timestamp); - print "\n<!-- story: \"$story->subject\" -->\n"; print "<TABLE BORDER=\"0\" CELLPADDING=\"0\" CELLSPACING=\"2\" WIDTH=\"100%\">\n"; print " <TR><TD COLSPAN=\"2\"><IMG SRC=\"themes/marvin/images/drop.gif\" ALT=\"\"> <B>$story->subject</B></TD></TR>\n"; print " <TR VALIGN=\"bottom\"><TD COLSPAN=\"2\" BGCOLOR=\"#000000\" WIDTH=\"100%\"><IMG SRC=\"themes/marvin/images/pixel.gif\" WIDTH=\"1\" HEIGHT=\"0\" ALT=\"\"></TD></TR>\n"; print " <TR>\n"; print " <TD>\n"; - print " <FONT COLOR=\"#7C7C7C\"><SMALL>Posted by ". format_username($story->userid) ." on $story->timestamp"; ?><? if ($story->department) print "<BR>from the $story->department dept."; ?><? print "</SMALL></FONT></TD><TD ALIGN=\"right\" VALIGN=\"top\" NOWRAP><SMALL><A HREF=\"search.php?category=". urlencode($story->category) ."\"><FONT COLOR=\"#83997A\">$story->category</FONT></A></SMALL>\n"; + print " <FONT COLOR=\"#7C7C7C\"><SMALL>Posted by ". format_username($story->userid) ." on ". format_date($story->timestamp, "extra large") .""; ?><? if ($story->department) print "<BR>from the $story->department dept."; ?><? print "</SMALL></FONT></TD><TD ALIGN=\"right\" VALIGN=\"top\" NOWRAP><SMALL><A HREF=\"search.php?category=". urlencode($story->category) ."\"><FONT COLOR=\"#83997A\">$story->category</FONT></A></SMALL>\n"; print " </TD>\n"; print " </TR>\n"; print " <TR><TD COLSPAN=\"2\"> </TD></TR>\n"; @@ -283,7 +283,7 @@ function footer() { ?> </TD> - <TD VALIGN="top" WIDTH="180"> + <TD VALIGN="top"> <? global $PHP_SELF; |