summaryrefslogtreecommitdiff
path: root/submit.php
Commit message (Collapse)AuthorAge
* - large commit of everything else that has been queued in my backlog:Dries Buytaert2001-03-25
| | | | it's not 100% stable yet
* - fixed small bug in submit.phpDries Buytaert2001-03-12
|
* - applied David Norman's patch to turn all <?'s into fully qualifiedDries Buytaert2001-03-10
| | | | <?php's.
* - more small improvementsDries Buytaert2001-03-08
|
* *** empty log message ***Dries Buytaert2001-03-08
|
* - small bugfixDries Buytaert2001-03-08
|
* - some important changes to our theme API which can be summerized as:Dries Buytaert2001-03-08
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | abstract() + article() = story() abstract() and article() have been merged into a new function story() which looks like: function story($story_object, $reply) { if (!reply) { // full story } else { // main page version / abstract } } This should allow you to "compress" your theme as abstract() and article() tended to be 98% identical. => I didn't really merge your themes so I leave it up to *you* to improved the code!!! Do it ASAP as we release drupal 2.00 in 7 days. In future we'll have similar functions for other content types as for example: review($review, $reply); enquete($enquete, $reply); ...
* A rather large and important update:Dries Buytaert2001-03-07
| | | | revised most of the SQL queries and tried to make drupal as secure as possible (while trying to avoid redundant/duplicate checks). For drupal's sake, try to screw something up. See the mail about PHPNuke being hacked appr. 6 days ago. The one who finds a problem is rewarded a beer (and I'm willing to ship it to Norway if required). I beg you to be evil. Try dumping a table a la "http://localhost/index.php?date=77778;DROP TABLE users" or something. ;)
* - improved the "menu" hookDries Buytaert2001-02-17
| | | | | | - replaced the "open submission queue" (submission.php and submission.inc) with an optional module (submission.module). - tidied up the HTML code of some files
* - More updates on the translation supportDries Buytaert2001-02-17
|
* - initial import of the preliminary translation code.Dries Buytaert2001-02-12
| | | | | | | | - added timer.inc for benchmarking purpose - bugfix for php-clean - bugfix for account.php - removed redundant format_data - ...
* - various updates, bugfixes and improvementsDries Buytaert2001-02-04
|
* - removed redundant spacesDries Buytaert2001-01-26
|
* I know, I know, it is getting nasty lately but I have another large commit ↵Dries Buytaert2001-01-21
| | | | | | after nothing but code. This time I redid the "category"-stuff. Categories - from now on called sections - are now maintained from the admin pages, can have their own post, dump and timout thresholds as discussed earlier (some weeks ago). By tomorrow evening users will be able to enable or disable section as well - i.e. to customize the content of drop.org.
* - fixed "return to parent" glitch when a thread has more then 1 childDries Buytaert2001-01-13
|
* - created 2 new functions; check_textfield() and check_textarea() andDries Buytaert2001-01-13
| | | | | | | | | | | integrated them were appropriate. It works better and the code is more readable then it used to be: (see http://drop.org/discussion.php?id=44&pid=0#0) - story authors can no longer moderate their own stories (requested by Natrak) - fix inie-winnie small detail in theme marvin
* - fixed 2 small bugs in account.phpDries Buytaert2001-01-07
| | | | | | | | | | | | - drastically improved administration section - drastically revamped story administration: added new feature to schedule the publishing of stories - applied correct naming conventions to submission.php - fixed 1 small glitch in boxes - somewhat expanded the documentation = changed one SQL table - updated the faq with info on drupal - ... and more things I forgot about
* - here a bunch of changes to make "drupal" (for now) work with PHP 4.0.4Dries Buytaert2000-12-30
| | | | - tidied up some of the code and mainly working on the documentation
* Surprise, surprise. After nothing but code, a large batch of changes:Dries Buytaert2000-12-29
| | | | | | | | | | | | | | | | | | | | | | - removed droplets - added (optional) admin_blocks module - added (optional) affiliate module - added (optional) about module (only placeholder, under construction) - fixed some tiny bugs (e.g. quote bug in search.php) - partionally rewrote some modules to be big, bad and better - partionally rewrote some modules to be more uniform - added GNU GPL license to CVS Also: - installed PHP 4.0.4 on my localhost and now working towards PHP 4.0.4 compatibility. - I think I'll baptize the engine "drupal". If you have a better idea, try convincing me ASAP. Todo: - more testing (also with PHP 4.0.4) - make "project"-module: download, info, blah blah - complete documentation
* Yet another large batch of updates:Dries Buytaert2000-12-23
| | | | | | | | - I rearranged some of the code and clean-up some of the mess. - Added "blocks" which can be user defined/controlled: check to see. The positioning of blocks is rather basic for the moment, so I'm all open for input on that.
* Again, a large batch of updates - I'm twisting things around here:Dries Buytaert2000-12-16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 1. improved .htaccess to be more "secure": to keep prying eyes out 2. rewrote the administration section from scratch using a modular approach 3. improved the information gathered by error.php - we can now (hopefully) track what bots are crawling us. 4. fixed a bug in submit.php, fixed a bug in theme zaphod, fixed a bug in theme marvin. 5. rewrote cron from scratch - it now interfaces with modules as it should have been from the beginning. Very cool if you ask me - it can use UNIX/Linux crontabs. 6. updated widget.inc to be module aware - needs more work though - maybe this afternoon? 7. updated most modules: small bugfixes, improvements, and even the documentation 8. removed diary.php and made it a module - you can now run a drop.org site without a diary system if someone would prefer so 9. updated all themes to use the new modules where appropriate 10. added a robots.txt because the error message in the watchdog become annoying. 11. added the new configuration system (mutliple vhosts on the same source tree) - use hostname.conf instead of config.inc 12. removed calendar.inc and made it a module 13. added format_interval() to functions.inc (UnConeD) 14. whatever I forgot ...
* - a first file which uses blobs - as a test/debug caseDries Buytaert2000-12-10
|
* - large batch of updated files featuring various changes: big, small andDries Buytaert2000-12-10
| | | | new stuff!
* Another batch with a lot of internal updates, yet no visual changes to theDries Buytaert2000-11-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | site: - watchdog (rewrite): + the collected information provides more details and insights for post-mortem research + input limitation - database abstraction layer: + mysql errors are now verbose and is no longer displayed in a browser - fixes a possible security risk - admin.php: + updated watchdog page + fixed security flaw - diary.php: + fixed nl2br problem - themes: + fixed comment bug in all 3 themes. - misc: + renamed some global variables for sake of consistency: $sitename --> $site_name $siteurl --> $site_url + added input check where (a) exploitable and (b) possible + added input size check + various small improvements + fixed various typoes ... and much, much more in fact.
* - fixed bug in search.phpDries Buytaert2000-11-03
| | | | | | | | | | | - fixed bug in discussion.php - theme update: comment() now takes 3 arguments: $comment - an object with comment data $link - a link to the reply form of that particular comment $thread - the subthread of that particular comment - theme 'marvin' and theme 'zaphod' are updated, theme 'unconed' is left to be done
* - Fixed quote bug in the comment tracker.Dries Buytaert2000-11-02
| | | | | | | | | | | | | | (suggestion UnConeD) - Added anchors to comment links to easy comment navigation. (suggestion UnConeD) - Fixed duplicate `you voted' after moderating a story. (suggestion UnConeD) - Fixed quote bug in administration center. - Expanded user administration with timezone information. - Improved the theme system by eliminating the "preview" function. Let's not make the system more complex then it ought to be. - Refined watchdog administration. - ...
* - fixed a bug in check_input: html stripping was not 100% correct.Dries Buytaert2000-10-30
| | | | | | | | | | | | | - fixed a bug in account.php: the confirmation url is now correct. - improved error checking + security in diary.php. - fixed a bug in the html code of theme zaphod. - improved the date handling: always call format_date(). - expanded account information in administration pages. - added a new variable $siteurl to ./includes/config.inc. - added comment moderation to theme zaphod. - "alter table users add timezone varchar(8);" - !!! added new timezone feature !!! :o)
* This significant commit fixes 99% of all known bugs and improves drop.orgDries Buytaert2000-10-24
| | | | | | | by means of better security checks in order to avoid malicious behavior. In addition, quite some code has been fine-tuned. However, as a result, every theme will require a small update ...
* A big, fat commit with a shitload of internal changes. Not that muchDries Buytaert2000-10-19
| | | | | | | | | | | | | | | | | | | | visual changes: - removed redundant files user.class.php, calendar.class.php and backend.class.php. - converted *all* mysql queries to queries supported by the database abstraction layer. - expanded the watchdog to record more information on what actually happened. - bugfix: anonymous readers where not able to view comments. - bugfix: anonymous readers could gain read-only access to the submission queue. - bugfix: invalid includes in backend.php - bugfix: invalid use of '$user->block' and last but not least: - redid 50% of the user account system
* A lot of (non-visual) updates!Dries Buytaert2000-10-10
|
* * Reorganised a few things and fixed the theme-update bug reported by UCD.Dries Buytaert2000-10-04
|
* ChangelogDries Buytaert2000-10-02
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | --------- - improved the user information page. - improved the story submission page. - fixed comments score bug: '.00' --> 'x.00' - tried fixing the calendar wrapping - UnConeD, is it fixed now? - provided a link back to the submission queue after having voted for a story. - fixed comment subject bug (and security flaw) by replacing quotes by &quot;. - updated theme 'zaphod': fixed 2 bugs. - updated theme 'marvin': fixed 1 bug and improved the layout so things wrap (hopefully) better in Windows. - comments have by default no subject pre-set - if no subject is provided, the user is warned and when a comment eventually got submitted without a subject, a subject is composed using the x first characters of the comment's body. - improved comments on submit.php - corrected a typo in the FAQ. UnConeD ------- - replace 'article.php' by 'discussion.php' - comment() still uses old references to account.php: the parameters you supply to account.php does no longer hold. You have to update those links to the new syntax. - commentcontrol() is outdated - copy paste the one of theme 'marvin' and adjust it to your likings.
* I just commit everything what was queued in my backlog:Dries Buytaert2000-09-26
| | | | | | | | | | - Added a basic implementation of comment moderation - Updated and renamed my 2 themes: I removed redundant boxes and tried to work towards simplicity. - Disabled the other themes as they are broken (I gave you sufficent time to update them). - Removed redundant files. - Added security checks with regard to the usage of HTML tags.
* Various smaller changes: one of the more interesing is the addition of aDries Buytaert2000-09-21
| | | | | check()-function which validates input from forms. The allowed HTML tags can be configured in config.inc.
* Over the last 2 days I redid and reorganized an afwul lot of code andDries Buytaert2000-09-11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | made quite a lot of additions. The most remarkable addition is the diary server, which I slapped together in less then 40 minutes. Most of the other changes are however `unvisible' for the user but add much value to a better maintainability from a developer's objective. Like always, I fixed quite a number of small bugs that creeped into the code so we should have a bigger, better and more stable drop.org. Unfortunatly, some theme update _are_ required: REQUIRED THEME UPDATES: ======================= * use format_username() where usernames are used * use format_date() where timestamps/dates are used * use format_email() where e-mail addresses are displayed * use format_url() where url are displayed * replace 'formatTimestamp' with format_date * replace 'morelink_*' with 'display_morelink' [most of these functions are in function.inc or template.inc] ___PLEASE___ (<- this should get your attention ;) update your themes as soon as possible - it only takes 30 min. to get in sync with the other themes. Don't start whining about the fact you don't know what to change ... either eat the source cookie, or ask me to elaborate on a few changes. Just let me know what's puzzling you and I'll try to help you out! TODO LIST FOR NEXT WEEK ======================= * Add checks for max. text length in textarea's? Is there an HMTL attribute for this or ...? * Comment moderation + mojo * Edit/admin user accounts: block, delete, change permissions, ... * E-mail password, change password, change e-mail address -> extra checks and routines to validate such `special' changes. * Input checking - input filter: bad words, html tags, ...
* A really BIG, BIG UPDATE, after two straight days of nothing but codeDries Buytaert2000-09-04
| | | | | | | | and sleep, new stuff is finally in drop.org. This is a quite large and wide-ranging update, which affects almost all of the system files in one way or another. I fixed quite a lot of bugs and added quite a lot of new features, mostly administrative tools as these were really lacking. It's far from finished but it's a start ...
* * Just a quick testDries Buytaert2000-07-13
|
* * Fixed 2 small bugs in submit.php reported by Pepijn (kangaroot.net).Dries Buytaert2000-07-13
|
* Updates:Dries Buytaert2000-07-13
| | | | | | | | | | | | | | | | | | | -------- * URI/URL enhancements to make the URLs more comprehensive and shorter. * Fixed a bug in submit.php that slipped in during the latest commit. * Changed a few tidbits on the calendar. * Fixed a bug in most themes: $tid --> $cid COUNT(tid) --> COUNT(cid) Updated most themes except for UnConeD's. * Fixed a handful of problems with Jeroen's theme. However, Jeroen's theme is still not working yet - some features are completly missing, making the theme not very useful ... Any known bugs left? If not, I'll head on tonight and add some new features. I'll probably add basic admin tools to edit articles and such. Once done, we can start on the comment moderation.
* Bugfixes:Dries Buytaert2000-07-12
| | | | | | | | | | | | (1) fixed SQL bug in search.php. (2) fixed SQL bug in discussion.php. (3) fixed theme-bug in submit.php. (4) fixed theme-bug in discussion.php. (5) fixed Dries2-theme: it more or less works now though I still have to change the look/layout. Important: (3) and (4) did fix the i-suddenly-seem-to-log-out behavior.
* * Various small bugfixes and enhancements: I think I fixed all bugs IDries Buytaert2000-06-22
| | | | | | knew about. * The code generated by my theme `Dries' is now 90% of the time aligned correctly. :o)
* IMPORANT - IMPORTANT - :)Dries Buytaert2000-06-21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ========================= Wulp. I did a major upgrade by (a) breaking a lot of stuff and (b) by re-doing those things in a much better way. I redesigned the stories and submissions SQL tables, the way they work and the way they co- operate together. In addition, I changed the way parameters are passed to $theme->abstract() and $theme->article(). Instead of passing a sh!tload of parameters that only cluttered the code and required too much pre-processing on the engine-side, we now pass a singly object $story. $story has more variables then the paramaters we used to pass, so it allows for better theming (if you feel like it). I'm not finished yet but I decided to upload my changes so you can start patching and updating your themes: PLEASE update your themes ASAP! I don't plan making heavy changes like this again, so don't get intimiated. ;) You mainly have to update article() and abstract() as well as a minor update of footer(): article(), abstract(): ---------------------- - use the $story object - see my theme! - the morelink can now be themed. Currently you can use the function morelink_bytes() in function.inc to `render' the old morelink. The idea is to make a morelink_words() or morelink_lines() sooner or later because "188 bytes in body" is not half as clear as "52 words in body". Clearly, "52 words" is much more informative. ;-) footer(): --------- - in the article-part, you need to update the displayRelatedLinks(): instead of passing it $sid, you need to pass it $story (after you globaled $story). Everything should display correct on the following pages: - main page - article page (follow a `read more | xxx bytes in bdoy | x comments' link) - submission queue Check if they work with your theme: they should as they work fine for me (theme `Dries') ... If you got stuck, just look at my theme or ask for a hand on the list! Hopefully you can update your themes asap. Thanks in advance.
* Here we go again with a rather large commit:Dries Buytaert2000-06-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixed a lot of annoying bugs and boxed whatever there was left to be boxed. * user.class.php: renamed $user->update() to $user->rehash(). * user.class.php: fixed a typical quote-bug in $user->rehash(). * functions.inc: fixed bug in displayOldHeadlines(). * functions.inc: improved several functions. * account.php: fixed major bug in showUser(). * account.php: added some extra words to the human-readable password-generator(tm). * account.php: boxed ALL functions! Fieuw! * submit.php: add some general information and guidlines on how to post submissions. * config.inc: re-thought the categories to be more generic. * submission.php: minor changes * search.pph: fixed minor bug with the author's names. Woops. I have an exam within 4 hours: back to my books. ;-) -------------------------------------------------------------------- * Anyone could check sumbit.php, sumbission.php and faq.php for typoes? * Anyone could adjust calendar.class.php to fit IE? *huh*huh* * Don't be scared to hack along (see below)! I'll be working on the submissions and comments. -------------------------------------------------------------------- Status of drop v0.10: (make the system erational' and release it.) - submissions: submission queue (75% complete) submission moderation (75% complete) - comments: comment moderation ( 0% complete) comment administration ( 0% complete) fixup timestamp mess ( 0% complete) - user system: mail password ( 0% complete) user administation (50% complete) patch admin.php ( 0% complete) account confirmation ( 0% complete) e-mail confimation upon modification of e-mail address ( 0% complete) - proper handling of forms: text2html, html2text html2txt, txt2html (10% complete) bad-word filter (80% complete) automatic link detection ( 0% complete) allowed HTML-tag checker ( 0% complete) - FAQ: cleanup, disclaimer (50% complete) - theme: box everything (100% complete)
* * Boxed submit.php - whew, it's a pain to edit all those print statements.Dries Buytaert2000-06-16
| | | | | | | * Fixed quite a lot of HTML-bugs in the HTML code generator and cleaned up the generated coded quite a lot. => much better now :)
* Hoeray! I have a first core version of submission moderation up andDries Buytaert2000-06-13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | running. This means people can submit stories, and moderators can moderate stories. When a submission reaches a certain positive threshold (currently set to 2) the submission becomes a story and up it goes. If a submission reaches a certain negative threshold (currently set to -2) the submission is dumped. The fact this is all done by our visitors (without our intervention) makes it truly spiffy imho. The website can live a life on it's own, fed by the visitors. Beware, a lot of work need to be done though ... it's just a first basic implementation with the core functionality. There are quite a lot of things that I'll need to change, extend and improve. But comments, suggestions and ideas are - as always - welcomed. Please read this log message carefully! It features quite a lot of important information. To test the moderation, log in, select theme 'Dries' (the other themes need a small update) and head by clicking the one and only 'submission moderation' link. Don't be afraid to submit lame/funny/useless stories for testing purpose ... as soon we go public, we'll wipe out the story database. ;-) WHAT'S NEW? ----------- * Added 2 new operations to user.class.php to set and retrieve the user's "history". Very evil but required to avoid people voting twice. * Moved dbsave() from account.php to functions.php. In addition, I added a new function to user.class.php called `save()' that ... well, saves the object back to the database. It's (IMHO) a better approach compared to dbsave(): it keeps things organized. ;-) BUGFIXES: --------- * Fixed a (heavy) memory leak in the constructor of user.class.php: mysql_fetch_array() returns an _associative_ array which made the constructor `pollute' the object with a lot of useless variables. * Fixed the slash-problem on the account pages. :-) * Fixed UnConeD's theme glitch, alas the warning. * Fixed the e-mail address not showing in the confirmation email (upon registration). * Fixed the typical quote and backslash problems in submit.php. * submit.php now uses the database abstraction layer. IMPORTANT: ---------- * You can check the new submission system at: http://beta.drop.org/submission.php or by following the `submission moderation' link from my theme. * UnConeD, Jeroen: you'll need to update your themes to take advantage of the new function: displayAccount(). This function will display the `submission moderation' link when a user is logged on. * Natrak: you might want to apply the patches in user.class.php on the other sites using the same user-system.
* * Bugfix: the `story submission'-form is no longer toasted due to the newDries Buytaert2000-06-05
| | | | user system.
* Hopefully this will not break anything *prays*natrak2000-06-02
| | | | ;)
* Imported sourcesDries Buytaert2000-05-18