diary.php


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154

<?
include "function.inc";
include "theme.inc";


function diary_entry($timestamp, $text, $id = 0) {
  if ($id) {
    $output .= "<DL>\n";
    $output .= " <DT><B>". date("l, F jS", $timestamp) .":</B> </DT>\n";
    $output .= " <DD><P>[ <A HREF=\"diary.php?op=edit&id=$id\">edit</A> ]</P><P>$text</P></DD>\n";
    $output .= "</DL>\n";
  }
  else {
    $output .= "<DL>\n";
    $output .= " <DT><B>". date("l, F jS", $timestamp) .":</B></DT>\n";
    $output .= " <DD><P>$text</P></DD>\n";
    $output .= "</DL>\n";
  }
  return $output;
}

function diary_display($username) {
  global $theme, $user;

  $result = db_query("SELECT d.*, u.userid FROM diaries d LEFT JOIN users u ON d.author = u.id WHERE u.userid = '$username' ORDER BY timestamp DESC");

  if ($username == $user->userid) {
    $output .= diary_entry(time(), "<BIG><A HREF=\"diary.php?op=add\">Add new diary entry!</A></BIG><P>");
    while ($diary = db_fetch_object($result)) $output .= diary_entry($diary->timestamp, $diary->text, $diary->id);
  }
  else {
    while ($diary = db_fetch_object($result)) $output .= diary_entry($diary->timestamp, $diary->text);
  }

  $theme->header();
  $theme->box("Online diary", $output);
  $theme->footer();
}

function diary_add_enter() {
  global $theme, $user;
  
  ### Submission form:
  $output .= "<FORM ACTION=\"diary.php\" METHOD=\"post\">\n";

  $output .= "<P>\n"; 
  $output .= " <B>Enter new diary entry:</B><BR>\n";
  $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\" MAXLENGTH=\"20\"></TEXTAREA><BR>\n";
  $output .= " <SMALL><I>HTML is nice and dandy, but double check those URLs and HTML tags!</I></SMALL>\n";
  $output .= "</P>\n";

  $output .= "<P>\n";
  $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\">\n";
  $output .= "</P>\n";

  $output .= "</FORM>\n";
  
  $theme->header();
  $theme->box("Online diary", $output);
  $theme->footer();
}

function diary_edit_enter($id) {
  global $theme, $user;

  $result = db_query("SELECT * FROM diaries WHERE id = $id");
  $diary = db_fetch_object($result);

  $output .= diary_entry($diary->timestamp, $diary->text);

  $output .= "<FORM ACTION=\"diary.php\" METHOD=\"post\">\n";

  $output .= "<P>\n";
  $output .= " <B>Edit diary entry:</B><BR>\n";
  $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". stripslashes($diary->text) ."</TEXTAREA><BR>\n";
  $output .= " <SMALL><I>HTML is nice and dandy, but double check those URLs and HTML tags!</I></SMALL>\n";
  $output .= "</P>\n";

  $output .= "<P>\n";
  $output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$diary->id\">\n";
  $output .= " <INPUT TYPE=\"hidden\" NAME=\"timestamp\" VALUE=\"$diary->timestamp\">\n";
  $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\"> <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit diary entry\">\n";
  $output .= "</P>\n";

  $output .= "</FORM>\n";
  
  $theme->header();
  $theme->box("Online diary", $output);
  $theme->footer();
}

function diary_preview($text, $timestamp, $id = 0) {
  global $theme, $user;

  $output .= diary_entry($timestamp, $text);

  $output .= "<FORM ACTION=\"diary.php\" METHOD=\"post\">\n";

  $output .= "<P>\n";
  $output .= " <B>Preview diary entry:</B><BR>\n";
  $output .= " <TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"15\" NAME=\"text\">". stripslashes($text) ."</TEXTAREA><BR>\n";
  $output .= " <SMALL><I>HTML is nice and dandy, but double check those URLs and HTML tags!</I></SMALL>\n";
  $output .= "</P>\n";

  $output .= "<P>\n";
  $output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
  $output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Preview diary entry\"> <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Submit diary entry\">\n";
  $output .= "</P>\n";

  $output .= "</FORM>\n";

  $theme->header();
  $theme->box("Online diary", $output);
  $theme->footer();
}

function diary_submit($text, $id = 0) {
  global $user, $theme;

  if ($id) {
    db_query("UPDATE diaries SET text =  '".addslashes($text) ."' WHERE id = $id");
    watchdog(1, "old diary entry updated");
  }
  else {
    db_query("INSERT INTO diaries (author, text, timestamp) VALUES ('$user->id', '". addslashes($text) ."', '". time() ."')");
    watchdog(1, "new diary entry added");
  }
  header("Location: diary.php?op=view&name=$user->userid");
}


switch($op) {
  case "add":
    diary_add_enter();
    break;
  case "edit":
    diary_edit_enter($id);
    break;
  case "view":
    diary_display($name);
    break;
  case "Preview diary entry":
    if ($id) diary_preview($text, $timestamp, $id);
    else diary_preview($text, time());
    break;
  case "Submit diary entry":
    if ($id) diary_submit($text, $id);
    else diary_submit($text);
    break;
  default:
    diary_display($user->userid);
}

?>