Commit 7a972dae authored by Dries's avatar Dries

- node system:
   + made a small change in the node overview page in the admin section
     such that it lists both new and updated pages by default.

   + reworked the filter-mechanism: it is not 100% finished yet but it
     sure is taking shape.
parent 6f4d9d56
......@@ -9,6 +9,7 @@ function blog_conf_options() {
}
function blog_node($field) {
global $user;
......@@ -47,7 +48,7 @@ function blog_save($op, $node) {
}
if ($op == "create") {
return array("promote" => 0, "moderate" => 1, "status" => 1);
return array("body" => filter($node->body), "promote" => 0, "moderate" => 1, "status" => 1);
}
if ($op == "decline") {
......@@ -67,7 +68,7 @@ function blog_save($op, $node) {
** entries through the admin pages.
*/
return array("promote" => 0, "moderate" => 1, "score" => 0, "votes" => 0, "users" => 0);
return array("body" => filter($node->body), "promote" => 0, "moderate" => 1, "score" => 0, "votes" => 0, "users" => 0);
}
else if (user_access("adminster nodes")) {
/*
......
......@@ -9,6 +9,7 @@ function blog_conf_options() {
}
function blog_node($field) {
global $user;
......@@ -47,7 +48,7 @@ function blog_save($op, $node) {
}
if ($op == "create") {
return array("promote" => 0, "moderate" => 1, "status" => 1);
return array("body" => filter($node->body), "promote" => 0, "moderate" => 1, "status" => 1);
}
if ($op == "decline") {
......@@ -67,7 +68,7 @@ function blog_save($op, $node) {
** entries through the admin pages.
*/
return array("promote" => 0, "moderate" => 1, "score" => 0, "votes" => 0, "users" => 0);
return array("body" => filter($node->body), "promote" => 0, "moderate" => 1, "score" => 0, "votes" => 0, "users" => 0);
}
else if (user_access("adminster nodes")) {
/*
......
......@@ -310,8 +310,13 @@ function book_body($node) {
** Make sure only authorized users can preview PHP pages.
*/
if ($op == t("Preview") && !user_access("adminster nodes")) {
return;
if ($op == t("Preview")) {
if (user_access("adminster nodes")) {
$node->body = stripslashes($node->body); // see also book_form()
}
else {
return;
}
}
ob_start();
......
......@@ -310,8 +310,13 @@ function book_body($node) {
** Make sure only authorized users can preview PHP pages.
*/
if ($op == t("Preview") && !user_access("adminster nodes")) {
return;
if ($op == t("Preview")) {
if (user_access("adminster nodes")) {
$node->body = stripslashes($node->body); // see also book_form()
}
else {
return;
}
}
ob_start();
......
......@@ -178,11 +178,12 @@ function node_save($node, $filter) {
** Insert a new node:
*/
// set some required fields:
// Set some required fields:
$node->created = time();
$node->changed = time();
$node->nid = db_result(db_query("SELECT MAX(nid) + 1 FROM node"));
// prepare the query:
// Prepare the query:
foreach ($node as $key => $value) {
if (in_array($key, $fields)) {
$k[] = check_query($key);
......@@ -190,10 +191,10 @@ function node_save($node, $filter) {
}
}
// insert the node into the database:
// Insert the node into the database:
db_query("INSERT INTO node (". implode(", ", $k) .") VALUES (". implode(", ", $v) .")");
// call the node specific callback (if any):
// Call the node specific callback (if any):
module_invoke($node->type, "insert", $node);
}
else {
......@@ -202,20 +203,20 @@ function node_save($node, $filter) {
** Update an existing node:
*/
// set some required fields:
// Set some required fields:
$node->changed = time();
// prepare the query:
// Prepare the query:
foreach ($node as $key => $value) {
if (in_array($key, $fields)) {
$q[] = check_query($key) ." = '". check_query($value) ."'";
}
}
// update the node in the database:
// Update the node in the database:
db_query("UPDATE node SET ". implode(", ", $q) ." WHERE nid = '$node->nid'");
// call the node specific callback (if any):
// Call the node specific callback (if any):
module_invoke($node->type, "update", $node);
}
......@@ -484,7 +485,7 @@ function node_admin_nodes() {
$queries = array(array("ORDER BY n.created DESC", "new nodes"), array("ORDER BY n.changed DESC", "updated nodes"), array("WHERE n.status = 1 AND n.moderate = 0 ORDER BY n.nid DESC", "published nodes"), array("WHERE n.status = 0 AND n.moderate = 0 ORDER BY n.nid DESC", "non-published nodes"), array("WHERE n.status = 1 AND n.moderate = 1 ORDER BY n.nid DESC", "pending nodes"), array("WHERE n.status = 1 AND n.promote = 1 ORDER BY n.nid DESC", "promoted nodes"));
$result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.uid = u.uid ". $queries[$query ? $query : 0][0] ." LIMIT 50");
$result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.uid = u.uid ". $queries[$query ? $query : 1][0] ." LIMIT 50");
foreach ($queries as $key => $value) {
$links[] = "<a href=\"admin.php?mod=node&op=nodes&query=$key\">$value[1]</a>";
......@@ -929,47 +930,53 @@ function node_edit($id) {
return $output;
}
function node_preview($edit) {
function node_preview($node) {
/*
** Convert the array to an object:
*/
$node = node_object($node);
/*
** Load the user's name when needed:
*/
if (isset($edit["name"])) {
/*
** The use of isset() is mandatory in the context of user IDs as uid
** 0 denotes the anonymous user.
*/
if ($user = user_load(array("name" => $edit["name"]))) {
$edit["uid"] = $user->uid;
if (isset($node->name)) {
/*
** The use of isset() is mandatory in the context of user IDs as uid
** 0 denotes the anonymous user.
*/
if ($user = user_load(array("name" => $node->name))) {
$node->uid = $user->uid;
}
else {
$edit["uid"] = 0; // anonymous user
$node->uid = 0; // anonymous user
}
}
else if ($edit["uid"]) {
$user = user_load(array("uid" => $edit["uid"]));
$edit["name"] = $user->name;
$user = user_load(array("uid" => $node->uid));
$node->name = $user->name;
}
/*
** Set the created time when needed:
*/
if (empty($edit["nid"])) {
$edit["created"] = time();
if (empty($node->nid)) {
$node->created = time();
}
/*
** Apply the required filters:
*/
foreach ($edit as $key => $value) {
$node->$key = check_output($value);
/*
** NOTE: we can't do a check_query() or check_input() here as they
** add slashes which results in breakage.
*/
if ($node->nid) {
$node = array_merge($node, module_invoke($node->type, "save", "update", $node));
}
else {
$node = array_merge($node, module_invoke($node->type, "save", "create", $node));
}
/*
......@@ -978,7 +985,7 @@ function node_preview($edit) {
node_view($node);
return node_form($edit);
return node_form($node);
}
function node_submit($node) {
......
......@@ -178,11 +178,12 @@ function node_save($node, $filter) {
** Insert a new node:
*/
// set some required fields:
// Set some required fields:
$node->created = time();
$node->changed = time();
$node->nid = db_result(db_query("SELECT MAX(nid) + 1 FROM node"));
// prepare the query:
// Prepare the query:
foreach ($node as $key => $value) {
if (in_array($key, $fields)) {
$k[] = check_query($key);
......@@ -190,10 +191,10 @@ function node_save($node, $filter) {
}
}
// insert the node into the database:
// Insert the node into the database:
db_query("INSERT INTO node (". implode(", ", $k) .") VALUES (". implode(", ", $v) .")");
// call the node specific callback (if any):
// Call the node specific callback (if any):
module_invoke($node->type, "insert", $node);
}
else {
......@@ -202,20 +203,20 @@ function node_save($node, $filter) {
** Update an existing node:
*/
// set some required fields:
// Set some required fields:
$node->changed = time();
// prepare the query:
// Prepare the query:
foreach ($node as $key => $value) {
if (in_array($key, $fields)) {
$q[] = check_query($key) ." = '". check_query($value) ."'";
}
}
// update the node in the database:
// Update the node in the database:
db_query("UPDATE node SET ". implode(", ", $q) ." WHERE nid = '$node->nid'");
// call the node specific callback (if any):
// Call the node specific callback (if any):
module_invoke($node->type, "update", $node);
}
......@@ -484,7 +485,7 @@ function node_admin_nodes() {
$queries = array(array("ORDER BY n.created DESC", "new nodes"), array("ORDER BY n.changed DESC", "updated nodes"), array("WHERE n.status = 1 AND n.moderate = 0 ORDER BY n.nid DESC", "published nodes"), array("WHERE n.status = 0 AND n.moderate = 0 ORDER BY n.nid DESC", "non-published nodes"), array("WHERE n.status = 1 AND n.moderate = 1 ORDER BY n.nid DESC", "pending nodes"), array("WHERE n.status = 1 AND n.promote = 1 ORDER BY n.nid DESC", "promoted nodes"));
$result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.uid = u.uid ". $queries[$query ? $query : 0][0] ." LIMIT 50");
$result = db_query("SELECT n.*, u.name, u.uid FROM node n LEFT JOIN users u ON n.uid = u.uid ". $queries[$query ? $query : 1][0] ." LIMIT 50");
foreach ($queries as $key => $value) {
$links[] = "<a href=\"admin.php?mod=node&op=nodes&query=$key\">$value[1]</a>";
......@@ -929,47 +930,53 @@ function node_edit($id) {
return $output;
}
function node_preview($edit) {
function node_preview($node) {
/*
** Convert the array to an object:
*/
$node = node_object($node);
/*
** Load the user's name when needed:
*/
if (isset($edit["name"])) {
/*
** The use of isset() is mandatory in the context of user IDs as uid
** 0 denotes the anonymous user.
*/
if ($user = user_load(array("name" => $edit["name"]))) {
$edit["uid"] = $user->uid;
if (isset($node->name)) {
/*
** The use of isset() is mandatory in the context of user IDs as uid
** 0 denotes the anonymous user.
*/
if ($user = user_load(array("name" => $node->name))) {
$node->uid = $user->uid;
}
else {
$edit["uid"] = 0; // anonymous user
$node->uid = 0; // anonymous user
}
}
else if ($edit["uid"]) {
$user = user_load(array("uid" => $edit["uid"]));
$edit["name"] = $user->name;
$user = user_load(array("uid" => $node->uid));
$node->name = $user->name;
}
/*
** Set the created time when needed:
*/
if (empty($edit["nid"])) {
$edit["created"] = time();
if (empty($node->nid)) {
$node->created = time();
}
/*
** Apply the required filters:
*/
foreach ($edit as $key => $value) {
$node->$key = check_output($value);
/*
** NOTE: we can't do a check_query() or check_input() here as they
** add slashes which results in breakage.
*/
if ($node->nid) {
$node = array_merge($node, module_invoke($node->type, "save", "update", $node));
}
else {
$node = array_merge($node, module_invoke($node->type, "save", "create", $node));
}
/*
......@@ -978,7 +985,7 @@ function node_preview($edit) {
node_view($node);
return node_form($edit);
return node_form($node);
}
function node_submit($node) {
......
......@@ -65,16 +65,23 @@ function page_link($type) {
function page_body($node) {
global $theme, $op;
/*
** Make sure only authorized users can preview static (PHP)
** pages.
*/
if ($op == t("Preview") && !user_access("adminster nodes")) {
return;
}
if ($node->format) {
/*
** Make sure only authorized users can preview static (PHP)
** pages.
*/
if ($op == t("Preview")) {
if (user_access("adminster nodes")) {
$node->body = stripslashes($node->body); // see also page_form()
}
else {
return;
}
}
ob_start();
eval($node->body);
$output = ob_get_contents();
......
......@@ -65,16 +65,23 @@ function page_link($type) {
function page_body($node) {
global $theme, $op;
/*
** Make sure only authorized users can preview static (PHP)
** pages.
*/
if ($op == t("Preview") && !user_access("adminster nodes")) {
return;
}
if ($node->format) {
/*
** Make sure only authorized users can preview static (PHP)
** pages.
*/
if ($op == t("Preview")) {
if (user_access("adminster nodes")) {
$node->body = stripslashes($node->body); // see also page_form()
}
else {
return;
}
}
ob_start();
eval($node->body);
$output = ob_get_contents();
......
......@@ -32,17 +32,12 @@ function story_save($op, $node) {
}
if ($op == "create") {
return array("moderate" => 1);
return array("body" => filter($node->body), "moderate" => 1);
}
if ($op == "decline") {
return array("status" => 0, "promote" => 0);
}
if ($op == "update") {
return array("status");
}
}
function story_help() {
......
......@@ -32,17 +32,12 @@ function story_save($op, $node) {
}
if ($op == "create") {
return array("moderate" => 1);
return array("body" => filter($node->body), "moderate" => 1);
}
if ($op == "decline") {
return array("status" => 0, "promote" => 0);
}
if ($op == "update") {
return array("status");
}
}
function story_help() {
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment