Commit 4a6c6de7 authored by Dries's avatar Dries

Huge update - I don't have time to write everything down but the directory

structure changes, some sections are expanded.  Take a look at the source
code or ask me to elaborate on certain issues/topics.
parent 73077e87
<?
function admin_header() {
include "config.inc";
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD><TITLE><? echo $sitename; ?> - administration</TITLE></HEAD>
<STYLE>
body { font-family: helvetica, arial; }
h1 { font-size: 14pt; font-weight: bold; color: #006699; }
h2 { font-family: helvetica, arial; font-size: 12pt; font-weight: bold; }
h3 { font-family: helvetica, arial; font-size: 14pt; font-weight: bold; }
th { font-family: helvetica, arial; text-align: center; background-color: #C0C0C0; color: #447744; }
td { font-family: helvetica, arial; }
</STYLE>
<BODY BGCOLOR="#FFFFFF" LINK="#0000FF" VLINK="#000099" ALINK="#FF0000">
<TABLE BORDER="1">
<TR>
<TD ALIGN="left" VALIGN="top" WIDTH="100">
<P>
<LI><A HREF="admin.php?section=accounts">accounts</A></LI>
<LI><A HREF="admin.php?section=bans">bans</A></LI>
<LI><A HREF="admin.php?section=logs">logs</A></LI>
<LI><A HREF="admin.php?section=stories">stories</A></LI>
<LI><A HREF="admin.php?section=info">info</A></LI>
<P>
<LI><A HREF="">home</A></LI>
</TD>
<TD>
<?
}
function admin_footer() {
?>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
<?
}
?>
\ No newline at end of file
<?
function admin_icon($name) {
global $section;
if ($name == $section) print " <TD ALIGN=\"center\" BGCOLOR=\"#CCCCCC\"><A HREF=\"admin.php?section=$name\"><IMG SRC=\"images/admin-$name.png\" BORDER=\"0\"></A><BR>$name</TD>\n";
else print " <TD ALIGN=\"center\" VALIGN=\"middle\"><A HREF=\"admin.php?section=$name\"><IMG SRC=\"images/admin-$name.png\" BORDER=\"0\"></A><BR>$name</TD>\n";
}
function admin_header() {
global $sitename, $section, $status;
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD><TITLE><? echo $sitename; ?> administration center</TITLE></HEAD>
<STYLE>
body { font-family: helvetica, arial; }
h1 { font-size: 14pt; font-weight: bold; color: #006699; }
h2 { font-family: helvetica, arial; font-size: 12pt; font-weight: bold; }
h3 { font-family: helvetica, arial; font-size: 14pt; font-weight: bold; }
th { font-family: helvetica, arial; text-align: center; background-color: #CCCCCC; color: #885555; }
td { font-family: helvetica, arial; }
</STYLE>
<BODY BGCOLOR="#FFFFFF" LINK="#006699" VLINK="#004499" ALINK="#FF0000">
<TABLE BORDER="0" CELLPADDING="0" CELLSPACING="2" WIDTH="780">
<TR><TD COLSPAN="10"><H1><? echo "$sitename"; ?> administration center</H1></TD></TR>
<TR><TD BGCOLOR="#000000" COLSPAN="10" WIDTH="100%"><IMG SRC="images/pixel.gif" WIDTH="1" HEIGHT="1" ALT=""></TD></TR>
<TR>
<?
admin_icon("stories");
admin_icon("comments");
admin_icon("diaries");
admin_icon("accounts");
admin_icon("misc");
admin_icon("bans");
admin_icon("logs");
admin_icon("stats");
admin_icon("info");
admin_icon("home");
?>
</TR>
<TR><TD BGCOLOR="#000000" COLSPAN="10" WIDTH="100%"><IMG SRC="images/pixel.gif" WIDTH="1" HEIGHT="0" ALT=""></TD></TR>
<TR><TD COLSPAN="10">&nbsp;</TD></TR>
<?
if ($status) {
?>
<TR><TD COLSPAN="10"><BIG><B>status:</B> <? echo $status; ?></BIG></TD></TR>
<TR><TD COLSPAN="10">&nbsp;</TD></TR>
<?
}
?>
<TR>
<TD COLSPAN="10">
<?
}
function admin_box($title, $body) {
print "<TABLE BORDER=\"0\" CELLPADDING=\"0\" CELLSPACING=\"2\" WIDTH=\"100%\">\n";
print " <TR><TD><FONT COLOR=\"#83997A\"><B>$title</B></A></TD></TR>\n";
print " <TR><TD BGCOLOR=\"#000000\" WIDTH=\"100%\"><IMG SRC=\"images/pixel.gif\" WIDTH=\"1\" HEIGHT=\"0\" ALT=\"\"></TD></TR>\n";
print " <TR><TD>&nbsp;</TD></TR>\n";
print " <TR><TD>$body</TD></TR>\n";
print "</TABLE>\n";
print "<BR><BR>\n";
}
function admin_footer() {
?>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>
<?
}
?>
\ No newline at end of file
<?
include "includes/function.inc";
class backend {
// Channel properties:
var $id;
var $url;
var $site;
var $file;
var $contact;
var $timestamp;
// Contains the raw rdf/rss/xml file:
var $data;
// Contains the parsed rdf/rss/xml file:
var $headlines = array(); // latest headlines
#####
# Syntax.......: backend(...);
# Description..: Constructor - initializes the internal variables.
#
function backend($id, $site, $url, $file, $contact, $timout = 1800) {
### Get channel info:
$result = db_query("SELECT * FROM channel WHERE id = '$id' OR site = '$site'");
if ($channel = db_fetch_object($result)) {
### Initialize internal variables:
$this->id = $channel->id;
$this->site = $channel->site;
$this->file = $channel->file;
$this->url = $channel->url;
$this->contact = $channel->contact;
$this->timestamp = $channel->timestamp;
### Check to see whether we have to update our headlines first:
if (time() - $this->timestamp > $timout) $this->url2sql();
### Read headlines:
$result = db_query("SELECT * FROM headlines WHERE id = $this->id ORDER BY number");
while ($headline = db_fetch_object($result)) {
array_push($this->headlines, "<A HREF=\"$headline->link\">$headline->title</A>");
}
}
else {
$this->site = $site;
$this->url = $url;
$this->file = $file;
$this->contact = $contact;
}
}
#####
# Syntax.......: rdf2sql(optional timout value in seconds);
# Description..: Reads a RDF file from a server, parses it and inserts
# the fresh data in a MySQL table.
#
function rdf2sql($timout = 10) {
if ($this->file) {
### Decode URL:
$url = parse_url($this->file);
$host = $url[host];
$port = $url[port] ? $url[port] : 80;
$path = $url[path];
// print "<PRE><B>Debug:</B> $url - $host - $port - $path</PRE>";
### Retrieve data from website:
$fp = fsockopen($host, $port, &$errno, &$errstr, $timout);
if ($fp) {
### Get data from URL:
fputs($fp, "GET $path HTTP/1.0\n");
fputs($fp, "User-Agent: headline grabber\n");
fputs($fp, "Host: ". $host ."\n");
fputs($fp, "Accept: */*\n\n");
while(!feof($fp)) $data .= fgets($fp, 128);
// print "<PRE>$data</PRE><HR>";
if (strstr($data, "200 OK")) {
### Remove existing entries:
$result = db_query("DELETE FROM headlines WHERE id = $this->id");
### Strip all 'junk':
$data = ereg_replace("<?xml.*/image>", "", $data);
$data = ereg_replace("</rdf.*", "", $data);
$data = chop($data);
### Iterating through our data processing each entry/item:
$items = explode("</item>", $data);
$number = 0;
for (reset($items); $item = current($items); next($items)) {
### Extract data:
$link = ereg_replace(".*<link>", "", $item);
$link = ereg_replace("</link>.*", "", $link);
$title = ereg_replace(".*<title>", "", $item);
$title = ereg_replace("</title>.*", "", $title);
### Clean headlines:
$title = stripslashes(fixquotes($title));
### Count the number of stories:
$number += 1;
### Insert item in database:
$result = db_query("INSERT INTO headlines (id, title, link, number) VALUES('$this->id', '$title', '$link', '$number')");
}
### Mark channels as being updated:
$result = db_query("UPDATE channel SET timestamp = '". time() ."' WHERE id = $this->id");
$this->timestamp = time();
}
else print "<HR>RDF parser: 404 error?<BR><BR><PRE>$data</PRE><HR>";
}
}
}
#####
# Syntax.......: rss2sql(optional timout value in seconds);
# Description..: Reads a RSS file from a server, parses it and inserts
# the fresh data in a MySQL table.
#
function rss2sql($timout = 10) {
print "backend->rss2sql : TODO<BR>";
}
#####
# Syntax.......: xml2sql(optional timout value in seconds);
# Description..: Reads a XML file from a server, parses it and inserts
# the fresh data in a MySQL table.
#
function xml2sql($timout = 10) {
print "backend->xml2sql : TODO<BR>";
}
#####
# Syntax.......: url2sql(optional timout value in seconds);
# Description..: Generic function to fetch fresh headlines. It checks whether
# we are dealing with a remote RDF, RSS or XML file and calls
# the appropriate function to fetch the headline. The function
# is an abstraction towards the programmer as he doesn't need
# to know with what file extension we are dealing.
#
function url2sql($timout = 10) {
if (strstr($this->file, ".rdf")) $this->rdf2sql($timout);
if (strstr($this->file, ".rss")) $this->rss2sql($timout);
if (strstr($this->file, ".xml")) $this->xml2sql($timout);
}
#####
# Syntax.......:
# Description..:
#
function displayHeadlines($timout = 1800) {
global $theme;
### Get channel info:
$result = db_query("SELECT * FROM channel WHERE site = '$this->site'");
if ($this->id) {
### Check to see whether we have to update our headlines first:
if (time() - $this->timestamp > $timout) $this->url2sql();
### Grab headlines from database:
$result = db_query("SELECT * FROM headlines WHERE id = $this->id ORDER BY number");
while ($headline = db_fetch_object($result)) {
$content .= "<LI><A HREF=\"$headline->link\">$headline->title</A></LI>";
}
### Add timestamp:
$update = round((time() - $this->timestamp) / 60);
$content .= "<P ALIGN=\"right\">[ <A HREF=\"backend.php?op=reset&site=$this->site\"><FONT COLOR=\"$theme->hlcolor2\">reset</FONT></A> | updated $update min. ago ]</P>";
### Display box:
$theme->box("$this->site", $content);
}
else print "<P>Warning: something whiched happened: specified channel could not be found in database.</P>";
}
#####
# Syntax.......: add()
# Description..: Adds this backend to the database.
#
function add() {
### Add channel:
$result = db_query("INSERT INTO channel (site, file, url, contact, timestamp) VALUES ('$this->site', '$this->file', '$this->url', '$this->contact', 42)");
}
#####
# Syntax.......: delete()
# Description..: Deletes this backend
#
function delete() {
### Delete channel:
$result = db_query("DELETE FROM channel WHERE id = $this->id");
### Delete headlines:
$result = db_query("DELETE FROM headlines WHERE id = $this->id");
}
#####
# Syntax.......: refresh()
# Description..: Deletes all headlines associated with this backend.
#
function refresh() {
### Delete headlines:
$result = db_query("DELETE FROM headlines WHERE id = $this->id");
### Mark channel as invalid to enforce an update:
$result = db_query("UPDATE channel SET timestamp = 42 WHERE id = $this->id");
}
#####
# Syntax.......: dump()
# Description..: Dumps the content of this class to screen.
#
function dump() {
print "<B>Dump backend:</B><BR>";
print "Id: $this->id<BR>";
print "Site: $this->site<BR>";
print "URL: $this->url<BR>";
print "File: $this->file<BR>";
print "Contact: $this->contact<BR>";
}
}
?>
<?
class calendar {
var $date;
function calendar($date) {
$this->date = $date;
}
function display() {
global $PHP_SELF;
### Extract information from the given date:
$month = date("n", $this->date);
$year = date("Y", $this->date);
$day = date("d", $this->date);
### Extract first day of the month:
$first = date("w", mktime(0, 0, 0, $month, 1, $year));
### Extract last day of the month:
$last = date("t", mktime(0, 0, 0, $month, 1, $year));
### Calculate previous and next months dates:
$prev = mktime(0, 0, 0, $month - 1, $day, $year);
$next = mktime(0, 0, 0, $month + 1, $day, $year);
### Generate calendar header:
$output .= "\n<!-- calendar -->\n";
$output .= "<TABLE WIDTH=\"100%\" BORDER=\"1\" CELLSPACING=\"0\" CELLPADDING=\"1\">\n";
$output .= " <TR><TD ALIGN=\"center\" COLSPAN=\"7\"><SMALL><A HREF=\"$PHP_SELF?date=$prev\">&lt;</A> &nbsp; ". date("F Y", $this->date) ." &nbsp; <A HREF=\"$PHP_SELF?date=$next\">&gt;</A></SMALL></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"center\"><SMALL>S</SMALL></TD><TD ALIGN=\"center\"><SMALL>M</SMALL></TD><TD ALIGN=\"center\"><SMALL>T</SMALL></TD><TD ALIGN=\"center\"><SMALL>W</SMALL></TD><TD ALIGN=\"center\"><SMALL>T</SMALL></TD><TD ALIGN=\"center\"><SMALL>F</SMALL></TD><TD ALIGN=\"center\"><SMALL>S</SMALL></TD></TR>\n";
### Initialize temporary variables:
$nday = 1;
$sday = $first;
### Loop through all the days of the month:
while ($nday <= $last) {
### Set up blank days for first week of the month:
if ($first) {
$output .= " <TR><TD COLSPAN=\"$first\">&nbsp</TD>\n";
$first = 0;
}
### Start every week on a new line:
if ($sday == 0) $output .= " <TR>\n";
### Print one cell:
$date = mktime(24, 0, 0, $month, $nday, $year);
if ($nday == $day) $output .= " <TD ALIGN=\"center\"><SMALL><B>$nday</B></SMALL></TD>\n";
else if ($date > time()) $output .= " <TD ALIGN=\"center\"><SMALL>$nday</SMALL></TD>\n";
else $output .= " <TD ALIGN=\"center\"><SMALL><A HREF=\"$PHP_SELF?date=$date\" STYLE=\"text-decoration: none;\">$nday</A></SMALL></TD>\n";
### Start every week on a new line:
if ($sday == 6) $output .= " </TR>\n";
### Update temporary variables:
$sday++;
$sday = $sday % 7;
$nday++;
}
### Complete the calendar:
if ($sday) {
$end = 7 - $sday;
$output .= " <TD COLSPAN=\"$end\">&nbsp;</TD>\n </TR>\n";
}
$output .= "</TABLE>\n\n";
### Return calendar:
return $output;
}
}
?>
......@@ -9,7 +9,7 @@
$dbpass = "Abc123";
$dbname = "dries";
#$dbhost = "";
#$dbhost = "localhost";
#$dbuname = "dries";
#$dbpass = "oakley";
#$dbname = "dries";
......@@ -85,7 +85,7 @@
"themes/zaphod/zaphod.theme",
"yellow, simple"),
"UnConeD" => array(
"themes/UnConeD/theme.class.php",
"themes/unconed/unconed.theme",
"gray, flashy"));
#
......@@ -110,6 +110,6 @@
# Set to '1' if you are using Windows so the engine won't try
# to send out mails and such. When using Unix or Linux, set
# to '0'
$system = 0;
$mail = 0;
?>
\ No newline at end of file
......@@ -8,9 +8,9 @@
*/
function db_connect() {
include "config.inc";
global $dbhost, $dbuname, $dbpass, $dbname;
mysql_pconnect($dbhost, $dbuname, $dbpass) or die(mysql_Error());
mysql_select_db("$dbname") or die ("Unable to select database");
mysql_select_db($dbname) or die ("Unable to select database");
// NOTE: we are using a persistent connection!
}
......
<?
include "database.inc";
include "log.inc";
include "includes/database.inc";
include "includes/log.inc";
function id2story($id) {
### Perform query:
......@@ -38,7 +38,7 @@ function check_input($message) {
}
function check_output($message) {
include "config.inc";
global $allowed_html;
return nl2br(strip_tags(stripslashes($message), $allowed_html));
}
......@@ -77,7 +77,7 @@ function format_data($field, $replacement = "<I>n/a</I>") {
function format_username($username, $admin = 0) {
if ($username) return ($admin) ? "<A HREF=\"admin.php?section=accounts&op=view&name=$username\">$username</A>" : "<A HREF=\"account.php?op=view&name=$username\">$username</A>";
else { include "config.inc"; return $anonymous; }
else { global $anonymous; return $anonymous; }
}
function format_email_address($address) {
......
......@@ -11,9 +11,7 @@ function submission_score($id) {
}
function submission_vote($id, $vote, $comment) {
global $user;
include "config.inc";
global $user, $submission_post_threshold, $submission_dump_threshold;
if (!user_getHistory($user->history, "s$id")) {
### Update submission's score- and votes-field:
......
<?
include "user.class.php";
include "includes/user.inc";
function display_morelink($theme, $story) {
return ($story->article) ? "[ <A HREF=\"discussion.php?id=$story->id\"><FONT COLOR=\"$theme->hlcolor2\"><B>read more</B></FONT></A> | ". strlen($story->article) ." bytes | <A HREF=\"discussion.php?id=$story->id\"><FONT COLOR=\"$theme->hlcolor2\">". format_plural($story->comments, "comment", "comments") ."</FONT></A> ]" : "[ <A HREF=\"discussion.php?id=$story->id\"><FONT COLOR=\"$theme->hlcolor2\">". format_plural($story->comments, "comment", "comments") ."</FONT></A> ]";
}
function displayModerationResults($theme, $story) {
function display_moderation_results($theme, $story) {
global $user;
if ($user->id && $story->id && $vote = user_getHistory($user->history, "s$story->id")) {
......@@ -22,7 +22,7 @@ function displayModerationResults($theme, $story) {
}
}
function displayRelatedLinks($theme, $story) {
function display_related_links($theme, $story) {
### Parse story for <A HREF="">-tags:
$text = stripslashes("$story->abstract $story->updates $story->article");
while ($text = stristr($text, "<A HREF=")) {
......@@ -40,7 +40,7 @@ function displayRelatedLinks($theme, $story) {
$theme->box("Related links", $content);
}
function displayOldHeadlines($theme, $num = 10) {
function display_old_headlines($theme, $num = 10) {
global $user;
if ($user->storynum) $result = db_query("SELECT id, subject, timestamp FROM stories WHERE status = 2 ORDER BY timestamp DESC LIMIT $user->storynum, $num");
......@@ -58,19 +58,22 @@ function displayOldHeadlines($theme, $num = 10) {
$theme->box("Older headlines", $content);
}
function displayCommentModeration($id) {
function display_comment_moderation($id, $author, $score, $votes) {
global $user, $comment_votes;
if ($user && !user_getHistory($user->history, "c$id")) {
if ($user && $user->userid != $author && !user_getHistory($user->history, "c$id")) {
$output .= "<SELECT NAME=\"moderate[$id]\">\n";
foreach ($comment_votes as $key=>$value) $output .= " <OPTION VALUE=\"$value\">$key</OPTION>\n";
$output .= "</SELECT>\n";
}
else {
$output .= "<TABLE BORDER=\"0\" CELLSPACING=\"1\" CELLPADDING=\"0\"><TR><TD>score:</TD><TD>$score</TD></TR><TR><TD>votes:</TD><TD>$votes</TR></TABLE>";
}
print $output;
}
function displayNewDiaries($theme, $num = 20) {
function display_new_diaries($theme, $num = 20) {
$result = db_query("SELECT u.userid, d.timestamp FROM diaries d LEFT JOIN users u ON d.author = u.id ORDER BY timestamp DESC LIMIT $num");
while ($diary = db_fetch_object($result)) {
......@@ -84,7 +87,7 @@ function displayNewDiaries($theme, $num = 20) {
$theme->box("Recent diary entries", $content);
}
function displayNewHeadlines($theme, $num = 10) {
function display_new_headlines($theme, $num = 10) {
global $user;
$content = "";
......@@ -94,51 +97,16 @@ function displayNewHeadlines($theme, $num = 10) {
$theme->box("Latest headlines", $content);
}
function displayAdminblock($theme) {
$result = db_query("SELECT title, content FROM blocks");
while (list($title, $content) = mysql_fetch_array($result)) {
$theme->box($title, nl2br($content));
}
}
function displayUserblock($theme) {
global $user;
if ($user && $user->ublockon) {
$content .= "<P ALIGN=\"right\">[ <A HREF=\"account.php?op=edithome\"><FONT COLOR=\"$theme->hlcolor2\">edit</FONT></A> | <A HREF=\"account.php?op=discussion\"><FONT COLOR=\"$theme->hlcolor2\">Track comments</FONT></A> | <A HREF=\"account.php?op=logout\"><FONT COLOR=\"$theme->hlcolor2\">logout</FONT></A>]</P>";
$theme->box("$user->userid's box", $user->content);
}
}
function displayLogin($theme) {
global $user;
if ($user && $user->userid) {
### Display userblock if any:
displayUserblock();
}
else {
$content = "<CENTER><FORM METHOD=\"post\" ACTION=\"account.php\">\n";
$content .= "<P>Username:<BR><INPUT NAME=userid MAXLENGTH=50 SIZE=12></P>\n";
$content .= "<P>Password:<BR> <INPUT TYPE=password NAME=passwd MAXLENGTH=25 SIZE=12></P>\n";
$content .= "<INPUT TYPE=submit NAME=op VALUE=\"Login\">\n";
$content .= "</FORM>\n";
$content .= "<P><A HREF=\"account.php?op=new\">Register</A> as new user.<BR><A HREF=\"account.php?op=forgot\">Forgot</A> your password?</P></CENTER>";
$theme->box("Login", $content);
}
}
function displayCalendar($theme, $date) {
include "calendar.class.php";
function display_calendar($theme, $date) {
include "includes/calendar.inc";
$calendar = new calendar($date);
$theme->box("Browse archives", $calendar->display());
}
function displayAccount($theme) {
function display_account($theme) {
global $user;
if ($user && $user->userid) {
function submission_number() {
$result = db_query("SELECT COUNT(id) FROM stories WHERE status = 1");
return ($result) ? mysql_result($result, 0) : 0;
......@@ -157,10 +125,4 @@ function submission_number() {
}
}
function displayPoll($theme) {
global $answer, $answer1, $answer2, $answer3, $answer4, $answer5, $answer6, $id, $method, $section, $poll, $question;
// Pass the URI and FORM parameters along to poll.php.
$box = 1;
include "poll.php";
}
?>
<?
include "config.inc";
include "function.inc";
include "template.inc";
include "includes/config.inc";
include "includes/function.inc";
include "includes/template.inc";
global $user;
......
<?
$access = array("Administrator" => 0x00000001,
"User manager" => 0x00000002,
"News manager" => 0x00000004);
class User {
function User($userid, $passwd="") {
$result = db_query("SELECT * FROM users WHERE LOWER(userid) = LOWER('$userid') && passwd = PASSWORD('$passwd') && STATUS = 0");
if (db_num_rows($result) == 1) {
foreach (db_fetch_row($result) as $key=>$value) { $field = mysql_field_name($result, $key); $this->$field = stripslashes($value); $this->field[] = $field; }
}
}
}
function user_save() {
global $user;
### Compose query to update user record:
}
function user_rehash() {
global $user;
$result = db_query("SELECT * FROM users WHERE id=$user->id");
if (db_num_rows($result) == 1) {
foreach (db_fetch_array($result) as $key=>$value) { $user->$key = stripslashes($value); }
}
}
function user_valid($access = 0) {
global $user;
if ($user->userid) {
user_rehash(); // synchronisation purpose
$user->last_access = time();
$user->last_host = ($GLOBALS[REMOTE_HOST]) ? $GLOBALS[REMOTE_HOST] : $GLOBALS[REMOTE_ADDR];
db_query("UPDATE users SET last_access = '$user->last_access', last_host = '$user->last_host' WHERE id = $user->id");
if ($user->access & $access || $access == 0) return 1;
}
return 0;
}
function user_getHistory($history, $field) {
$data = explode(";", $history);
for (reset($data); current($data); next($data)) {
$entry = explode(":", current($data));
if (reset($entry) == $field) $rval = end($entry);
}
return $rval;
}
function user_setHistory(&$user, $field, $value) {
$history = $user->history;
if (!$value) {
### remove entry: