From 8213f5b2627a6b63db9f84b572918bd7e3254dff Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Fri, 6 Apr 2001 14:14:16 +0000
Subject: A lot of small changes (search-n-replace) make a big commit:

  - fixed update bug in book.module
  - provide a log message when both adding and updating book pages
  - all configurable variables are now accessed through "variable_get()":
  - rewrote watchdog and submission throttle and removed watchdog.inc
  - improved robustness of sections.inc
  - imporved story.module
  - updated ./database/database.sql
---
 includes/comment.inc   | 10 ++++++----
 includes/common.inc    | 20 ++++++++++++++++++-
 includes/function.inc  |  2 +-
 includes/hostname.conf | 12 -----------
 includes/node.inc      |  4 +++-
 includes/search.inc    |  2 +-
 includes/section.inc   | 18 ++++++++---------
 includes/theme.inc     |  6 +++---
 includes/variable.inc  | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++
 includes/watchdog.inc  | 32 ------------------------------
 10 files changed, 96 insertions(+), 64 deletions(-)
 create mode 100644 includes/variable.inc
 delete mode 100644 includes/watchdog.inc

(limited to 'includes')

diff --git a/includes/comment.inc b/includes/comment.inc
index 4e1a74f2c..23c79717a 100644
--- a/includes/comment.inc
+++ b/includes/comment.inc
@@ -124,6 +124,8 @@ function comment_preview($pid, $id, $subject, $comment) {
 function comment_post($pid, $id, $subject, $comment) {
   global $theme, $user;
 
+  throttle("post comment", variable_get(max_comment_rate, 60));
+
   // Check for duplicate comments:
   $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$pid' AND lid = '$id' AND subject = '$subject' AND comment = '$comment'"), 0);
 
@@ -135,7 +137,7 @@ function comment_post($pid, $id, $subject, $comment) {
     $subject = ($subject) ? $subject : substr($comment, 0, 29);
 
     // Add watchdog entry:
-    watchdog("comment", "comment: added '$subject'");
+    watchdog("special", "comment: added '$subject'");
 
     // Add comment to database:
     db_query("INSERT INTO comments (lid, pid, author, subject, comment, hostname, timestamp, score) VALUES ('$id', '$pid', '$user->id', '$subject', '$comment', '". getenv("REMOTE_ADDR") ."', '". time() ."', '". ($user->userid ? 1 : 0) ."')");
@@ -281,9 +283,9 @@ function comment_render($lid, $cid) {
   // Pre-process variables:
   $lid = empty($lid) ? 0 : $lid;
   $cid = empty($cid) ? 0 : $cid;
-  $mode  = ($user->id) ? $user->mode : variable_get("default_comment_mode", 4);
-  $order = ($user->id) ? $user->sort : variable_get("default_comment_order", 1);
-  $threshold = ($user->id) ? $user->threshold : variable_get("default_comment_threshold", 3);
+  $mode  = ($user->id) ? $user->mode : variable_get(default_comment_mode, 4);
+  $order = ($user->id) ? $user->sort : variable_get(default_comment_order, 1);
+  $threshold = ($user->id) ? $user->threshold : variable_get(default_comment_threshold, 3);
 
   if ($user->id) {
     // Comment control:
diff --git a/includes/common.inc b/includes/common.inc
index 3dece2c39..81127c22c 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -9,12 +9,30 @@ function conf_init() {
   return $file;
 }
 
+function watchdog($type, $message) {
+  global $user, $watchdog, $PHP_SELF;
+  $link = ($mod) ? $mod : substr(strrchr($PHP_SELF, "/"), 1, strrchr($PHP_SELF, "/") - 4);
+  db_query("INSERT INTO watchdog (user, type, link, message, location, hostname, timestamp) VALUES ('$user->id', '". check_input($type) ."', '". check_input($link) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."', '". time() ."')");
+}
+
+function throttle($type, $rate) {
+  if (!(user_access($user, "watchdog") || user_access($user, "comment") || user_access($user, "node"))) {
+    if ($throttle = db_fetch_object(db_query("SELECT * FROM watchdog WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) {
+      watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type");
+      header("Location: error.php?op=throttle");
+      exit();
+    }
+    else {
+      watchdog($type, "throttle control");
+    }
+  }
+}
+
 $conf = conf_init();
 
 include_once "includes/$conf.conf";
 include_once "includes/database.inc";
 include_once "includes/variable.inc";
-include_once "includes/watchdog.inc";
 include_once "includes/function.inc";
 include_once "includes/comment.inc";
 include_once "includes/module.inc";
diff --git a/includes/function.inc b/includes/function.inc
index 809fd4ed9..00a4a14f7 100644
--- a/includes/function.inc
+++ b/includes/function.inc
@@ -81,7 +81,7 @@ function format_date($timestamp, $type = "medium") {
 function format_username($username) {
   global $user;
   if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=$username\">$username</A>" : "<A HREF=\"account.php?op=view&name=$username\">$username</A>");
-  else { global $anonymous; return $anonymous; }
+  else return variable_get(anonymous, "Anonymous");
 }
 
 function format_email($address) {
diff --git a/includes/hostname.conf b/includes/hostname.conf
index 871110493..1c2528323 100644
--- a/includes/hostname.conf
+++ b/includes/hostname.conf
@@ -8,13 +8,6 @@ $db_user = "username";
 $db_pass = "password";
 $db_name = "database";
 
-#
-# Administrative information
-#
-$site_name = "site name";
-$site_url = "http://yourdomain.com/";  // add a trailing slash
-$site_email = "info@yourdomain.com";
-
 #
 # Comment votes:
 #   The keys of this associative array are displayed in each comment's selection box whereas the corresponding values represent the mathematical calculation to be performed to update a comment's value.
@@ -33,11 +26,6 @@ $comment_votes = array("none" => "none",
 #
 $allowed_html = "<A><B><BLOCKQUOTE><CODE><DD><DL><DT><EM><HR><I><LI><SMALL><OL><U><UL>";
 
-#
-# Name for anonymous users:
-#
-$anonymous = "Anonymous Chicken";
-
 #
 # Themes:
 #   The first theme listed in this associative array will automatically become the default theme.
diff --git a/includes/node.inc b/includes/node.inc
index 462fc7a47..75b1fdc8c 100644
--- a/includes/node.inc
+++ b/includes/node.inc
@@ -52,7 +52,7 @@ function node_save($node) {
 
     if ($u1 = implode(", ", $u1)) db_query("UPDATE node SET $u1 WHERE nid = '$node[nid]'");
     if ($u2 = implode(", ", $u2)) db_query("UPDATE $n->type SET $u2 WHERE nid = '$node[nid]'");
-    if ($n->pid && ($node[status] == $status[posted])) db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$node[pid]'");
+    if ($n->pid && ($node[status] == $status[posted])) db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$n->pid'");
 
     watchdog("message", "node: modified '$n->title'");
   }
@@ -63,6 +63,8 @@ function node_save($node) {
       watchdog("warning", "node: duplicate '$node[title]'");
     }
     else {
+      throttle("post node", variable_get(max_node_rate, 900));
+
       // setup default values:
       $node = array_merge(array(title => "?", author => $user->id, type => "?", pid => 0, log => "node created", status => $status[queued], score => 0, votes => 0, timestamp => time()), $node);
 
diff --git a/includes/search.inc b/includes/search.inc
index cf47ebda8..851bc3a3a 100644
--- a/includes/search.inc
+++ b/includes/search.inc
@@ -15,7 +15,7 @@ function search_data($keys, $type) {
     foreach ($result as $entry) {
       $output .= "<P>\n";
       $output .= " <B><U><A HREF=\"$entry[link]\">$entry[title]</A></U></B><BR>";
-      $output .= " <SMALL>$site_url$entry[link]". ($entry[user] ? " - ". format_username($entry[user]) : "") ."". ($entry[date] ? " - ". format_date($entry[date], "small") : "") ."</SMALL>";
+      $output .= " <SMALL>$entry[link]". ($entry[user] ? " - ". format_username($entry[user]) : "") ."". ($entry[date] ? " - ". format_date($entry[date], "small") : "") ."</SMALL>";
       $output .= "</P>\n";
     }
   }
diff --git a/includes/section.inc b/includes/section.inc
index c816818d4..ad25b179c 100644
--- a/includes/section.inc
+++ b/includes/section.inc
@@ -7,19 +7,19 @@ function section_get() {
   return $array;
 }
 
-function section_post_threshold($section, $threshold = 5) {
-  $result = db_query("SELECT post FROM sections WHERE name = '". check_input($section) ."'");
-  return ($result) ? db_result($result, 0) : $threshold;
+function section_post_threshold($section, $default) {
+  $section = db_fetch_object(db_query("SELECT post AS threshold FROM sections WHERE name = '". check_input($section) ."'"));
+  return $section->threshold ? $section->threshold : $default;
 }
 
-function section_dump_threshold($section, $threshold = - 3) {
-  $result = db_query("SELECT dump FROM sections WHERE name = '". check_input($section) ."'");
-  return ($result) ? db_result($result, 0) : $threshold;
+function section_dump_threshold($section, $default) {
+  $section = db_fetch_object(db_query("SELECT dump AS threshold FROM sections WHERE name = '". check_input($section) ."'"));
+  return $section->threshold ? $section->threshold : $default;
 }
 
-function section_timout_threshold($section, $threshold = 10) {
-  $result = db_query("SELECT timout FROM sections WHERE name = '". check_input($section) ."'");
-  return ($result) ? db_result($result, 0) : $threshold;
+function section_timout_threshold($section, $default) {
+  $section = db_fetch_object(db_query("SELECT timout AS threshold FROM sections WHERE name = '". check_input($section) ."'"));
+  return $section->threshold ? $section->threshold : $default;
 }
 
 ?>
\ No newline at end of file
diff --git a/includes/theme.inc b/includes/theme.inc
index ad2bbeebb..c973868b4 100644
--- a/includes/theme.inc
+++ b/includes/theme.inc
@@ -28,7 +28,7 @@ function theme_menu($name, $module) {
 }
 
 function theme_account($theme) {
-  global $user, $site_name, $links, $menu;
+  global $user, $links, $menu;
 
   if ($user->id) {
 
@@ -38,7 +38,7 @@ function theme_account($theme) {
     // Display account settings:
     $content .= "<LI><A HREF=\"account.php?op=track&topic=comments\">". t("track your comments") ."</A></LI>\n";
     $content .= "<LI><A HREF=\"account.php?op=track&topic=nodes\">". t("track your nodes") ."</A></LI>\n";
-    $content .= "<LI><A HREF=\"account.php?op=track&topic=site\">". strtr(t("track %a"), array("%a" => $site_name)) ."</A></LI>\n";
+    $content .= "<LI><A HREF=\"account.php?op=track&topic=site\">". strtr(t("track %a"), array("%a" => variable_get(site_name, "drupal"))) ."</A></LI>\n";
     $content .= "<P>\n";
     $content .= "<LI><A HREF=\"account.php?op=edit&topic=user\">". t("edit your information") ."</A></LI>\n";
     $content .= "<LI><A HREF=\"account.php?op=edit&topic=site\">". t("edit your preferences") ."</A></LI>\n";
@@ -46,7 +46,7 @@ function theme_account($theme) {
     $content .= "<P>\n";
 
     if (user_access($user)) {
-      $content .= "<LI><A HREF=\"admin.php\">administer ". $site_name ."</A></LI>\n";
+      $content .= "<LI><A HREF=\"admin.php\">administer ". variable_get(site_name, "drupal") ."</A></LI>\n";
       $content .= "<P>\n";
     }
 
diff --git a/includes/variable.inc b/includes/variable.inc
new file mode 100644
index 000000000..20beb5efd
--- /dev/null
+++ b/includes/variable.inc
@@ -0,0 +1,54 @@
+<?php
+
+function variable_init($conf = array()) {
+  $result = db_query("SELECT * FROM variable");
+  while ($variable = db_fetch_object($result)) $conf[$variable->name] = $variable->value;
+  return $conf;
+}
+
+function handler_post_threshold($node, $default) {
+  if ($node->type) {
+    $function = $node->type ."_post_threshold";
+    return $function($node, $default);
+  }
+  else {
+    return $default;
+  }
+}
+
+function handler_dump_threshold($node, $default) {
+  if ($node->type) {
+    $function = $node->type ."_dump_threshold";
+    return $function($node, $default);
+  }
+  else {
+    return $default;
+  }
+}
+
+function handler_timout_threshold($node, $default) {
+  if ($node->type) {
+    $function = $node->type ."_timout_threshold";
+    return $function($node, $default);
+  }
+  else {
+    return $default;
+  }
+}
+
+function variable_get($name, $default, $object = 0) {
+  global $conf;
+
+  switch ($name) {
+    case "post_threshold":
+      return handler_post_threshold($object, $default);
+    case "dump_threshold":
+      return handler_dump_threshold($object, $default);
+    case "timout_threshold":
+      return handler_timout_threshold($object, $default);
+    default:
+      return ($conf[$name] ? $conf[$name] : $default);
+  }
+}
+
+?>
\ No newline at end of file
diff --git a/includes/watchdog.inc b/includes/watchdog.inc
deleted file mode 100644
index 9b28f3904..000000000
--- a/includes/watchdog.inc
+++ /dev/null
@@ -1,32 +0,0 @@
-<?php
-
-$watchdog = array("comment" => array("0", variable_get("max_comment_rate", 60)),
-                  "node"    => array("1", variable_get("max_node_rate", 900)),
-                  "message" => array("3", "0"),
-                  "warning" => array("4", "0"),
-                  "error"   => array("5", "0"));
-
-function watchdog($id, $message) {
-  global $user, $watchdog, $watchdog_history;
-
-  // flood protection:
-  if ($watchdog[$id][1] && !user_access($user, "watchdog")) {
-    if ($log = db_fetch_object(db_query("SELECT * FROM watchdog WHERE hostname = '". getenv("REMOTE_ADDR") ."' AND level = '". $watchdog[$id][0] ."'"))) {
-      if (time() - $log->timestamp < $watchdog[$id][1]) {
-        watchdog("warning", "'". getenv("REMOTE_ADDR") ."' exceeded '$id' submission rate");
-        header("Location: error.php?op=flood");
-        exit();
-      }
-    }
-  }
-
-  // perform query to add new watchdog entry:
-  db_query("INSERT INTO watchdog (level, timestamp, user, message, location, hostname) VALUES ('". $watchdog[$id][0] ."', '". time() ."', '". check_input($user->id) ."', '". check_input(check_output($message)) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."')");
-}
-
-function watchdog_clean($history = 302400) {
-  $timestamp = time() - $history;
-  db_query("DELETE FROM watchdog WHERE timestamp < $timestamp");
-}
-
-?>
-- 
cgit v1.2.3