Commit 14ddbc47 authored by Dries's avatar Dries

- Created 2 new functions:
    + path_uri(): returns the fully-qualified URI of your drupal site.
    + path_img(): returns the image directory or http://image-server.com/
                  in case you prefer to load-balance bandwidth usage.

  Replaced all occurences of the variable "site_url" with path_uri()
  and removed "site_url" from "setting.module".

- Drastically simplified the node_save() API, which should make the
  node-forms more secure.  Updated "story.module", "book.module",
  "forum.module", "page.module" and "node.module" to reflect this
  change.  This is needs more testing so hit it, beat it, tease it.

- Fixed an occasional glitch in the configuration file loading logic.

- Made "queue.module" display an informative notice when an anonymous
  user tries accessing the moderation queue.

- Updated the hard-coded information in drupal.module a bit.
parent 1da587a9
......@@ -251,7 +251,7 @@ function account_email_submit($userid, $email) {
db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '$userid'");
$link = variable_get(site_url, "http://drupal/") ."account.php?op=confirm&name=$userid&hash=$hash";
$link = path_uri() ."account.php?op=confirm&name=$userid&hash=$hash";
$subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
$message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $userid, "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $passwd));
......@@ -288,7 +288,7 @@ function account_create_submit($userid, $email) {
$user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "status" => 1, "hash" => $new[hash]));
$link = variable_get(site_url, "http://" . $HTTP_HOST . substr($REQUEST_URI,0,strrpos($REQUEST_URI,"/")) . "/") ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
$link = path_uri() ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
$subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
$message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $new[userid], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $new[passwd]));
......
......@@ -5,7 +5,8 @@
function conf_init() {
global $HTTP_HOST, $REQUEST_URI;
$file = strtolower(strtr($HTTP_HOST ."". substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")), "/:", ".."));
return file_exists("includes/$file.php") ? $file : "setting";
while ($file && !file_exists("includes/$file.php")) $file = substr($file, 0, strrpos($file, "."));
return $file ? $file : "setting";
}
function error_handler($errno, $message, $filename, $line, $variables) {
......@@ -37,6 +38,20 @@ function throttle($type, $rate) {
}
}
function path_uri() {
global $HTTP_HOST, $REQUEST_URI;
$REQUEST_URI = strstr("export/", $REQUEST_URI);
return "http://". $HTTP_HOST . substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")) ."/";
}
function path_img() {
// use "http://your-image-server.com/ if you want to host images on a seperate server.
return "./images/";
}
function notice_account() {
return t("This page requires a valid user account. Please <A HREF=\"account.php\">create a user account</A> and <A HREF=\"account.php\">login</A> prior to accessing it.");
}
function check_textfield($message) {
return strip_tags(str_replace("\"", "&quot;", stripslashes($message)));
......
......@@ -51,7 +51,7 @@ function node_get_comments($nid) {
return $comment->number ? $comment->number : 0;
}
function node_save($node) {
function node_save($node, $filter) {
global $user, $status;
$rows = array(nid, pid, lid, cid, tid, log, type, title, score, votes, author, status, comment, promote, moderate, timestamp);
......@@ -63,11 +63,13 @@ function node_save($node) {
$u2 = array();
foreach ($node as $field=>$value) {
if (in_array($field, $rows)) {
array_push($u1, check_input($field) ." = '". check_input($value) ."'");
}
else {
array_push($u2, check_input($field) ." = '". check_input($value) ."'");
if (in_array($field, $filter)) {
if (in_array($field, $rows)) {
array_push($u1, check_input($field) ." = '". check_input($value) ."'");
}
else {
array_push($u2, check_input($field) ." = '". check_input($value) ."'");
}
}
}
......@@ -89,23 +91,20 @@ function node_save($node) {
// verify submission rate:
throttle("post node", variable_get(max_node_rate, 900));
// setup default values:
$node = array_merge(array(title => "?", author => $user->id, type => "?", pid => 0, cid => 0, tid => 0, log => "node created", status => (category_submission($node[cid]) ? $status[queued] : $status[posted]) , score => 0, votes => 0, comment => category_comment($node[cid]), promote => category_promote($node[cid]), moderate => topic_moderate($node[tid]), timestamp => time()), $node);
// prepare queries:
$f1 = array();
$v1 = array();
$f2 = array();
$v2 = array();
foreach ($filter as $field=>$value) {
$k = check_input(is_numeric($field) ? $value : $field);
$v = check_input(is_numeric($field) ? $node[$value] : $filter[$field]);
foreach ($node as $field=>$value) {
if (in_array($field, $rows)) {
array_push($f1, check_input($field));
array_push($v1, "'". check_input($value) ."'");
print "$k => $v ($field, $value)<BR>";
if (in_array($k, $rows)) {
$f1[] = $k;
$v1[] = "'$v'";
}
else {
array_push($f2, check_input($field));
array_push($v2, "'". check_input($value) ."'");
$f2[] = $k;
$v2[] = "'$v'";
}
}
......@@ -115,14 +114,14 @@ function node_save($node) {
$v2 = implode(", ", $v2);
// insert data, try to roll-back when something goes wrong:
$result = db_query("INSERT INTO node ($f1) VALUES ($v1)");
$result = db_query("INSERT INTO node ($f1) VALUES ($v1)", 1);
if ($result && $nid = db_insert_id()) {
$result = db_query("INSERT INTO $node[type] ($f2, nid) VALUES ($v2, $nid)");
$result = db_query("INSERT INTO $filter[type] ($f2, nid) VALUES ($v2, $nid)", 1);
if ($result && $lid = db_insert_id()) {
$result = db_query("UPDATE node SET lid = '$lid' WHERE nid = '$nid'");
$result = db_query("UPDATE node SET lid = '$lid' WHERE nid = '$nid'", 1);
if ($result) {
if (($node[pid]) && ($node[status] == $status[posted])) {
db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$node[pid]'");
db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$node[pid]'", 1);
}
watchdog("special", "node: added '$node[title]'");
}
......@@ -131,7 +130,7 @@ function node_save($node) {
}
}
else {
db_query("DELETE FROM node WHERE nid = '$nid'");
db_query("DELETE FROM node WHERE nid = '$nid'", 1);
watchdog("warning", "node: added '$node[title]' - failed");
}
}
......
<?php
#
# Database settings:
#
......@@ -58,6 +57,6 @@
$languages = array("en" => "English");
# This line prevents users from accessing your settings file:
die();
die("access denied");
?>
\ No newline at end of file
......@@ -124,8 +124,10 @@ function book_form($edit = array()) {
$form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
}
$form .= form_hidden("pid", $edit[pid]);
$form .= form_hidden("nid", $edit[nid]);
if ($edit[nid] > 0) {
$form .= form_hidden("pid", $edit[pid]);
$form .= form_hidden("nid", $edit[nid]);
}
if (!$edit) {
$form .= form_submit(t("Preview"));
......@@ -143,7 +145,14 @@ function book_form($edit = array()) {
}
function book_save($edit) {
node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "book")), array(userid => $edit[userid])));
global $status, $user;
if (!$edit[nid]) {
node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), log, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "book", votes => 0, weight));
}
else if (user_access($user)) {
node_save($edit, array(body, cid, log, parent, tid, title, type => "book", weight));
}
}
function book_parent($nid) {
......@@ -174,26 +183,6 @@ function book_tree($parent = "", $depth = 0) {
return $output;
}
/*
function book_tree($parent = 0, $depth = 0) {
global $PHP_SELF, $status;
// if (($parent > 0) && ($depth < 3 || strstr($PHP_SELF,"admin.php"))) {
if ($depth < 3 || strstr($PHP_SELF,"admin.php")) {
$result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE n.type = 'book' AND n.status = '$status[posted]' AND b.parent = '$parent' ORDER BY b.weight", 1);
$output .= "<UL>";
while ($node = db_fetch_object($result)) {
$output .= "<LI><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A>";
if ($PHP_SELF == "/admin.php") $output .= " <SMALL>(weight: $node->weight/$node->parent, status: $node->status) (<A HREF=\"admin.php?mod=book&op=edit&id=$node->nid\">edit</A>)</SMALL>\n";
if ($node->pid) $output .= book_tree($node->pid, $depth + 1);
$output .= book_tree($node->nid, $depth + 1);
}
$output .= "</UL>";
}
return $output;
}
*/
function book_list($query = array()) {
return node_overview($query);
}
......
......@@ -124,8 +124,10 @@ function book_form($edit = array()) {
$form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
}
$form .= form_hidden("pid", $edit[pid]);
$form .= form_hidden("nid", $edit[nid]);
if ($edit[nid] > 0) {
$form .= form_hidden("pid", $edit[pid]);
$form .= form_hidden("nid", $edit[nid]);
}
if (!$edit) {
$form .= form_submit(t("Preview"));
......@@ -143,7 +145,14 @@ function book_form($edit = array()) {
}
function book_save($edit) {
node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "book")), array(userid => $edit[userid])));
global $status, $user;
if (!$edit[nid]) {
node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), log, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "book", votes => 0, weight));
}
else if (user_access($user)) {
node_save($edit, array(body, cid, log, parent, tid, title, type => "book", weight));
}
}
function book_parent($nid) {
......@@ -174,26 +183,6 @@ function book_tree($parent = "", $depth = 0) {
return $output;
}
/*
function book_tree($parent = 0, $depth = 0) {
global $PHP_SELF, $status;
// if (($parent > 0) && ($depth < 3 || strstr($PHP_SELF,"admin.php"))) {
if ($depth < 3 || strstr($PHP_SELF,"admin.php")) {
$result = db_query("SELECT n.*, b.* FROM node n LEFT JOIN book b ON n.nid = b.nid AND n.lid = b.lid WHERE n.type = 'book' AND n.status = '$status[posted]' AND b.parent = '$parent' ORDER BY b.weight", 1);
$output .= "<UL>";
while ($node = db_fetch_object($result)) {
$output .= "<LI><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A>";
if ($PHP_SELF == "/admin.php") $output .= " <SMALL>(weight: $node->weight/$node->parent, status: $node->status) (<A HREF=\"admin.php?mod=book&op=edit&id=$node->nid\">edit</A>)</SMALL>\n";
if ($node->pid) $output .= book_tree($node->pid, $depth + 1);
$output .= book_tree($node->nid, $depth + 1);
}
$output .= "</UL>";
}
return $output;
}
*/
function book_list($query = array()) {
return node_overview($query);
}
......
......@@ -18,16 +18,16 @@ function drupal_page() {
$theme->box("Screenshots", $output);
*/
$output = "<H3>Download</H3>\n";
$output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">drupal 2.00</A> (2001/03/15 - latest version)</LI>\n";
$output .= " <LI>drupal 1.00 (2001/01/15)</LI>\n";
$output .= "<H3>Documentation</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">drupal handbook</A></LI>\n";
$output .= "<H3>Mailing lists</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=mailing+lists\">mailing lists</A></LI>";
$output .= "<H3>Development</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=development\">drupal development</A> (<A HREF=\"node.php?title=CVS\">CVS</A>)</LI>\n";
$theme->box("Support and development", $output);
$output = "<H3>Download Drupal</H3>\n";
$output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">Drupal 2.00</A> (2001/03/15 - latest version)</LI>\n";
$output .= " <LI>Drupal 1.00 (2001/01/15)</LI>\n";
$output .= "<H3>Drupal documentation</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">Drupal handbook</A></LI>\n";
$output .= "<H3>Drupal mailing lists</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=mailing+lists\">Mailing list information</A></LI>";
$output .= "<H3>Drupal development</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=development\">Development information</A>, <A HREF=\"node.php?title=CVS\">CVS instructions</A>, <A HREF=\"module.php?mod=cvs\">CVS log messages</A></LI>\n";
$theme->box("Drupal support and development", $output);
$theme->footer();
}
......
......@@ -18,16 +18,16 @@ function drupal_page() {
$theme->box("Screenshots", $output);
*/
$output = "<H3>Download</H3>\n";
$output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">drupal 2.00</A> (2001/03/15 - latest version)</LI>\n";
$output .= " <LI>drupal 1.00 (2001/01/15)</LI>\n";
$output .= "<H3>Documentation</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">drupal handbook</A></LI>\n";
$output .= "<H3>Mailing lists</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=mailing+lists\">mailing lists</A></LI>";
$output .= "<H3>Development</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=development\">drupal development</A> (<A HREF=\"node.php?title=CVS\">CVS</A>)</LI>\n";
$theme->box("Support and development", $output);
$output = "<H3>Download Drupal</H3>\n";
$output .= " <LI><A HREF=\"drupal/drupal-2.00.tgz\">Drupal 2.00</A> (2001/03/15 - latest version)</LI>\n";
$output .= " <LI>Drupal 1.00 (2001/01/15)</LI>\n";
$output .= "<H3>Drupal documentation</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=drupal+handbook\">Drupal handbook</A></LI>\n";
$output .= "<H3>Drupal mailing lists</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=mailing+lists\">Mailing list information</A></LI>";
$output .= "<H3>Drupal development</H3>\n";
$output .= " <LI><A HREF=\"node.php?title=development\">Development information</A>, <A HREF=\"node.php?title=CVS\">CVS instructions</A>, <A HREF=\"module.php?mod=cvs\">CVS log messages</A></LI>\n";
$theme->box("Drupal support and development", $output);
$theme->footer();
}
......
......@@ -23,8 +23,11 @@ function forum_form($edit = array()) {
}
function forum_save($edit) {
global $status;
node_save(array_merge($edit, array(type => "forum", status => $status[posted])));
global $user, $status;
if (user_access($user)) {
node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "forum", votes => 0));
}
}
function forum_num_comments($nid) {
......
......@@ -23,8 +23,11 @@ function forum_form($edit = array()) {
}
function forum_save($edit) {
global $status;
node_save(array_merge($edit, array(type => "forum", status => $status[posted])));
global $user, $status;
if (user_access($user)) {
node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "forum", votes => 0));
}
}
function forum_num_comments($nid) {
......
......@@ -64,7 +64,7 @@ function headline_help() {
<P>Drupal's headline module both imports and exports RDF/RSS headlines.</P>
<P>A lot of news-oriented websites are now publishing news (headlines) and making their content available through XML, RSS and RDF backend files. They syndicate free content and allow retrieval and further transmission, aggregation, and online publication. In its current state, drupal's headline module supports RDF and RSS backends.</P>
<P>RSS was originally developed by Netscape to allow adding news channels to "My Netscape" sites, but it has since become adopted as the <I>de facto</I> net standard for distributing headlines and brief dynamic texts.</P>
<P>The headline module goes out to a list of configured news sites once an hour or so (driven by cron), downloads new RSS/RDF data and makes it available to your visitors. In addition, your headlines are exported as well and can be retrieved by other sites from <CODE><?php echo variable_get(site_url, "http://yourdomain.com/"); ?>export/headlines.rdf</CODE>.</P>
<P>The headline module goes out to a list of configured news sites once an hour or so (driven by cron), downloads new RSS/RDF data and makes it available to your visitors. In addition, your headlines are exported as well and can be retrieved by other sites from <CODE><?php echo path_uri(); ?>export/headlines.rdf</CODE>.</P>
<?php
}
......@@ -146,7 +146,7 @@ function headline_admin_add($id) {
function headline_admin_edit($id) {
$result = db_query("SELECT * FROM channel WHERE id='$id' ORDER BY id");
if ($channel = db_fetch_object($result)) {
if ($channel = db_fetch_object($result)) {
$output .= " <FORM ACTION=\"admin.php?mod=headline\" METHOD=\"post\">\n";
$output .= " <INPUT TYPE=\"hidden\" NAME=\"id\" VALUE=\"$id\">\n";
$output .= " <P>\n";
......@@ -235,7 +235,7 @@ function headline_export_rdf() {
print "<channel>\n";
print " <title>". variable_get(site_name, "drupal") ."</title>\n";
print " <link>". variable_get(site_url, "http://drupal/") ."</link>\n";
print " <link>". path_uri() ."</link>\n";
print " <description>". variable_get(site_name, "drupal") ."</description>\n";
print "</channel>\n";
......@@ -244,7 +244,7 @@ function headline_export_rdf() {
while ($node = db_fetch_object($result)) {
print "<item>\n";
print " <title>". check_export($node->title) ."</title>\n";
print " <link>". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid</link>\n";
print " <link>". path_uri() ."node.php?id=$node->nid</link>\n";
print "</item>\n";
}
......@@ -262,9 +262,9 @@ function headline_export_rss() {
print "xmlns:rdf=\"http://www.w3.org/1999/02/22-rdf-syntax-ns#\"\n";
print "xmlns=\"http://purl.org/rss/1.0/\">\n\n";
print "<channel rdf:about=\"". variable_get(site_url, "http://drupal/") ."export/headlinesRSS10.rdf\">\n";
print "<channel rdf:about=\"". path_uri() ."export/headlinesRSS10.rdf\">\n";
print " <title>". variable_get(site_name, "drupal") ."</title>\n";
print " <link>". variable_get(site_url, "http://drupal/") ."</link>\n";
print " <link>". path_uri() ."</link>\n";
print " <description>". variable_get(site_name, "drupal") ."</description>\n";
print " <items>\n";
......@@ -273,7 +273,7 @@ function headline_export_rss() {
$result = db_query("SELECT * FROM node WHERE promote = '1' AND status = '$status[posted]' ORDER BY timestamp DESC LIMIT 10");
while ($node = db_fetch_object($result)) {
print " <rdf:li resource=\"". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid\" />\n";
print " <rdf:li resource=\"". path_uri() ."node.php?id=$node->nid\" />\n";
}
print " </rdf:Seq>\n";
......@@ -283,9 +283,9 @@ function headline_export_rss() {
$result = db_query("SELECT * FROM node WHERE promote = '1' AND status = '$status[posted]' ORDER BY timestamp DESC LIMIT 10");
while ($node = db_fetch_object($result)) {
print "<item rdf:about=\"". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid\">\n";
print "<item rdf:about=\"". path_uri() ."node.php?id=$node->nid\">\n";
print " <title>". check_export($node->title) ."</title>\n";
print " <link>". variable_get(site_url, "http://drupal/") ."node.php?id=$node->nid</link>\n";
print " <link>". path_uri() ."node.php?id=$node->nid</link>\n";
if ($node->abstract) print " <description>". check_output($node->abstract, 1) ."</description>\n";
if ($node->body) print " <description>". check_output($node->body, 1) ."</description>\n";
......
<?php
$GLOBALS[format] = array(0 => HTML, 1 => PHP, 2 => text);
$GLOBALS[format] = array(0 => "HTML", 1 => "PHP", 2 => "text");
function page_view($node, $main = 0) {
global $format, $theme;
......@@ -37,8 +37,11 @@ function page_form($edit = array()) {
}
function page_save($edit) {
global $status;
node_save(array_merge($edit, array(type => "page", status => $status[posted])));
global $status, $user;
if (user_access($user)) {
node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), format, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "page", votes => 0));
}
}
function page_query($type = "") {
......
<?php
$GLOBALS[format] = array(0 => HTML, 1 => PHP, 2 => text);
$GLOBALS[format] = array(0 => "HTML", 1 => "PHP", 2 => "text");
function page_view($node, $main = 0) {
global $format, $theme;
......@@ -37,8 +37,11 @@ function page_form($edit = array()) {
}
function page_save($edit) {
global $status;
node_save(array_merge($edit, array(type => "page", status => $status[posted])));
global $status, $user;
if (user_access($user)) {
node_save($edit, array(author => $user->id, body, cid, comment => category_comment($edit[cid]), format, moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => $status[posted], tid, timestamp => time(), title, type => "page", votes => 0));
}
}
function page_query($type = "") {
......
......@@ -97,7 +97,7 @@ function queue_node($id) {
}
function queue_page() {
global $id, $op, $user, $vote;
global $id, $op, $theme, $user, $vote;
if ($user->id) {
switch($op) {
......@@ -112,6 +112,11 @@ function queue_page() {
break;
}
}
else {
$theme->header();
$theme->box(t("Moderation queue"), notice_account());
$theme->footer();
}
}
?>
......@@ -6,7 +6,6 @@ function settings_conf() {
// general settings:
$output .= form_textfield(t("Name"), "site_name", variable_get(site_name, "drupal"), 30, 55, t("The name of this website."));
$output .= form_textfield(t("Slogan"), "site_slogan", variable_get(site_slogan, ""), 30, 55, t("The slogan of this website"));
$output .= form_textfield(t("URL"), "site_url", variable_get(site_url, "http://drupal/"), 30, 55, t("The fully qualified URL of this website: starts with \"http://\" and ends with a trailing slash!"));
$output .= form_textfield(t("E-mail address"), "site_mail", variable_get(site_mail, "root@localhost"), 30, 55, t("A valid e-mail address for this website, used by the auto-mailer to create new user accounts."));
$output .= form_textarea(t("Footer message"), "site_footer", variable_get(site_footer, ""), 55, 3, t("This text will be displayed at the bottom of each page. Useful for adding a copyright notice to your pages."));
$output .= form_textfield(t("Anonymous user"), "anonymous", variable_get(anonymous, "Anonymous"), 30, 55, t("The name used to indicate anonymous users."));
......
......@@ -45,8 +45,9 @@ function story_form($edit = array()) {
$form .= form_textarea(t("Body"), "body", $edit[body], 50, 15, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
// hidden fields:
$form .= form_hidden("timestamp", $edit[timestamp]);
$form .= form_hidden("nid", $edit[nid]);
if ($edit[nid] > 0) {
$form .= form_hidden("nid", $edit[nid]);
}
if (!$edit) {
$form .= form_submit(t("Preview"));
......@@ -68,7 +69,14 @@ function story_form($edit = array()) {
}
function story_save($edit) {
node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "story")), array(userid => $edit[userid])));
global $status, $user;
if (!$edit[nid]) {
node_save($edit, array(abstract, author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "story", votes => 0));
}
else if (user_access($user)) {
node_save($edit, array(abstract, body, cid, tid, title, type => "story"));
}
}
function story_block() {
......
......@@ -45,8 +45,9 @@ function story_form($edit = array()) {
$form .= form_textarea(t("Body"), "body", $edit[body], 50, 15, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
// hidden fields:
$form .= form_hidden("timestamp", $edit[timestamp]);
$form .= form_hidden("nid", $edit[nid]);
if ($edit[nid] > 0) {
$form .= form_hidden("nid", $edit[nid]);
}
if (!$edit) {
$form .= form_submit(t("Preview"));
......@@ -68,7 +69,14 @@ function story_form($edit = array()) {
}
function story_save($edit) {
node_save(array_diff(array_merge($edit, array(nid => $edit[nid], type => "story")), array(userid => $edit[userid])));
global $status, $user;
if (!$edit[nid]) {
node_save($edit, array(abstract, author => $user->id, body, cid, comment => category_comment($edit[cid]), moderate => topic_moderate($edit[tid]), promote => category_promote($edit[cid]), score => 0, status => (category_submission($edit[cid]) ? $status[queued] : $status[posted]), tid, timestamp => time(), title, type => "story", votes => 0));
}
else if (user_access($user)) {
node_save($edit, array(abstract, body, cid, tid, title, type => "story"));
}
}
function story_block() {
......
......@@ -27,7 +27,7 @@
}
}
else {
$theme->box("Submit", t("This page requires a valid user account. Please <A HREF=\"account.php\">login</A> prior to accessing it."));
$theme->box("Submit", notice_account());
}
$theme->footer();
......
......@@ -51,10 +51,10 @@ function header() {
-->
</style>
<script language="JavaScript" type="text/javascript"><!--
<script language="JavaScript" type="text/javascript"><!--
function b(title,content) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\">" + title + "</td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\">" + content + "</td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\"><img src=\"themes/goofy/images/null.gif\" width=\"150\" height=\"1\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");}
function s(title,subleft,subright,body) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\" colspan=\"2\">" + title + "</td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\"><small>" + subleft + "</small></td><td class=\"lgcnt\" nowrap><div align=\"right\">" + subright + "</div></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><hr color=\"#404040\" size=\"1\">" + body + "</div></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");}
function c(subject,mod,author,date,body) {document.writeln("<table border=\"0\" cellspacing=\"0\" cellpadding=\"0\" width=\"100%\"><tr><td><img src=\"themes/goofy/images/or-ul.png\" alt=\"\"></td><td class=\"oru\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/or-ur.png\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" valign=\"top\" colspan=\"2\"><table border=\"0\" cellpadding=\"0\" cellspacing=\"1\" width=\"100%\"><tr><td valign=\"top\" width=\"5%\"><div align=\"right\"><b><?php echo t("Subject"); ?>:</b>&nbsp;</div></td><td width=\"80%\"><b>" + subject + "</b></td><td rowspan=\"3\" valign=\"middle\" width=\"15%\"><div align=\"right\">" + mod + "</div></td></tr><tr><td valign=\"top\"><div align=\"right\"><?php echo t("Author"); ?>:&nbsp;</div></td><td>" + author + "</td></tr><tr><td><div align=\"right\"><?php echo t("Date"); ?>:&nbsp;</div></td><td>" + date + "</td></tr></table></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"orl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"orcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"5\" alt=\"\"></td><td class=\"orr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr><tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" height=\"4\" alt=\"\"></td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr>");if(body){document.writeln("<tr><td class=\"lgl\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td class=\"lgcnt\" width=\"100%\" colspan=\"2\">" + body + "</td><td class=\"lgr\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td></tr>");};document.writeln("<tr><td><img src=\"themes/goofy/images/lg-dl.png\" alt=\"\"></td><td class=\"lgd\" width=\"100%\" colspan=\"2\"><img src=\"themes/goofy/images/null.gif\" alt=\"\"></td><td><img src=\"themes/goofy/images/lg-dr.png\" alt=\"\"></td></tr></table><br>");}
function c(subject,mod,author