Commit 8213f5b2 authored by Dries's avatar Dries

A lot of small changes (search-n-replace) make a big commit:

  - fixed update bug in book.module
  - provide a log message when both adding and updating book pages
  - all configurable variables are now accessed through "variable_get()":
  - rewrote watchdog and submission throttle and removed watchdog.inc
  - improved robustness of sections.inc
  - imporved story.module
  - updated ./database/database.sql
parent 048664f2
......@@ -10,6 +10,9 @@ drupal x.xx, xx/xx/xxxx
* allows collaborative book writing
- removed ban module and integrated it in account.module as "access control":
* access control is based on much more powerful regular expressions (regex) now rather than on MySQL pattern matching.
- rewrote watchdog and submission throttle
- added settings.module:
* moved most configuration options to the administration section
- various updates:
* added preview functionality when submitting new content (such as a story) from the administration pages.
* made the administration section only show those links a user has access to.
......
......@@ -311,7 +311,7 @@ function account_validate($user) {
}
function account_email_submit($userid, $email) {
global $theme, $site_name, $site_url;
global $theme;
$result = db_query("SELECT id FROM users WHERE userid = '$userid' AND real_email = '$email'");
......@@ -322,9 +322,9 @@ function account_email_submit($userid, $email) {
db_query("UPDATE users SET passwd = PASSWORD('$passwd'), hash = '$hash', status = '$status' WHERE userid = '$userid'");
$link = $site_url ."account.php?op=confirm&name=$userid&hash=$hash";
$subject = strtr(t("Account details for %a"), array("%a" => $site_name));
$message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $userid, "%b" => $site_name, "%c" => $link, "%d" => $passwd));
$link = variable_get(site_url, "http://drupal/") ."account.php?op=confirm&name=$userid&hash=$hash";
$subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
$message = strtr(t("%a,\n\n\nyou requested us to e-mail you a new password for your account at %b. You will need to re-confirm your account or you will not be able to login. To confirm your account updates visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team"), array("%a" => $userid, "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $passwd));
watchdog("message", "new password: `$userid' <$email>");
......@@ -343,7 +343,7 @@ function account_email_submit($userid, $email) {
}
function account_create_submit($userid, $email) {
global $theme, $site_name, $site_url;
global $theme;
$new[userid] = trim($userid);
$new[real_email] = trim($email);
......@@ -359,9 +359,9 @@ function account_create_submit($userid, $email) {
$user = user_save("", array("userid" => $new[userid], "real_email" => $new[real_email], "passwd" => $new[passwd], "status" => 1, "hash" => $new[hash]));
$link = $site_url ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
$subject = strtr(t("Account details for %a"), array("%a" => $site_name));
$message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $new[userid], "%b" => $site_name, "%c" => $link, "%d" => $new[passwd]));
$link = variable_get(site_url, "http://drupal/") ."account.php?op=confirm&name=$new[userid]&hash=$new[hash]";
$subject = strtr(t("Account details for %a"), array("%a" => variable_get(site_name, "drupal")));
$message = strtr(t("%a,\n\n\nsomeone signed up for a user account on %b and supplied this e-mail address as their contact. If it wasn't you, don't get your panties in a knot and simply ignore this mail. If this was you, you will have to confirm your account first or you will not be able to login. To confirm your account visit the URL below:\n\n %c\n\nOnce confirmed you can login using the following username and password:\n\n username: %a\n password: %d\n\n\n-- %b team\n"), array("%a" => $new[userid], "%b" => variable_get(site_name, "drupal"), "%c" => $link, "%d" => $new[passwd]));
watchdog("message", "new account: `$new[userid]' <$new[real_email]>");
......@@ -453,7 +453,7 @@ function account_track_nodes() {
}
function account_track_site() {
global $nstatus, $status, $theme, $user, $site_name;
global $nstatus, $status, $theme, $user;
$period = 259200; // 3 days
......
......@@ -10,7 +10,7 @@ function status($message) {
}
function admin_page($mod) {
global $repository, $site_name, $menu, $modules, $user;
global $repository, $menu, $modules, $user;
function module($name, $module) {
global $menu, $modules, $user;
......@@ -21,7 +21,7 @@ function module($name, $module) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML>
<HEAD><TITLE><?php echo $site_name; ?> administration</TITLE></HEAD>
<HEAD><TITLE><?php echo variable_get(site_name, "drupal"); ?> administration</TITLE></HEAD>
<STYLE>
body { font-family: helvetica, arial; }
h1 { font-size: 18pt; font-weight: bold; color: #990000; }
......
DROP TABLE IF EXISTS access;
CREATE TABLE access (
id tinyint(10) DEFAULT '0' NOT NULL auto_increment,
mask varchar(255) DEFAULT '' NOT NULL,
type varchar(16) DEFAULT '' NOT NULL,
reason text NOT NULL,
UNIQUE mask (mask),
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS affiliates;
CREATE TABLE affiliates (
id int(11) DEFAULT '0' NOT NULL auto_increment,
link varchar(255) DEFAULT '' NOT NULL,
......@@ -8,6 +18,7 @@ CREATE TABLE affiliates (
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS blocks;
CREATE TABLE blocks (
name varchar(64) DEFAULT '' NOT NULL,
module varchar(64) DEFAULT '' NOT NULL,
......@@ -19,6 +30,18 @@ CREATE TABLE blocks (
PRIMARY KEY (name)
);
DROP TABLE IF EXISTS book;
CREATE TABLE book (
lid int(10) unsigned DEFAULT '0' NOT NULL auto_increment,
nid int(10) unsigned DEFAULT '0' NOT NULL,
body text NOT NULL,
section int(10) DEFAULT '0' NOT NULL,
parent int(10) DEFAULT '0' NOT NULL,
weight tinyint(3) DEFAULT '0' NOT NULL,
PRIMARY KEY (lid)
);
DROP TABLE IF EXISTS boxes;
CREATE TABLE boxes (
id tinyint(4) DEFAULT '0' NOT NULL auto_increment,
subject varchar(64) DEFAULT '' NOT NULL,
......@@ -31,17 +54,7 @@ CREATE TABLE boxes (
PRIMARY KEY (id)
);
CREATE TABLE bans (
id tinyint(4) DEFAULT '0' NOT NULL auto_increment,
mask varchar(255) DEFAULT '' NOT NULL,
type tinyint(2) DEFAULT '0' NOT NULL,
reason text NOT NULL,
timestamp int(11),
UNIQUE mask (mask),
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS channel;
CREATE TABLE channel (
id int(11) DEFAULT '0' NOT NULL auto_increment,
site varchar(255) DEFAULT '' NOT NULL,
......@@ -55,11 +68,11 @@ CREATE TABLE channel (
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS comments;
CREATE TABLE comments (
cid int(6) DEFAULT '0' NOT NULL auto_increment,
pid int(6) DEFAULT '0' NOT NULL,
lid int(6) DEFAULT '0' NOT NULL,
link varchar(16) DEFAULT '' NOT NULL,
author int(6) DEFAULT '0' NOT NULL,
subject varchar(64) DEFAULT '' NOT NULL,
comment text NOT NULL,
......@@ -67,10 +80,11 @@ CREATE TABLE comments (
timestamp int(11) DEFAULT '0' NOT NULL,
score int(6) DEFAULT '0' NOT NULL,
votes int(6) DEFAULT '0' NOT NULL,
INDEX lid_link (lid, link),
link varchar(16) DEFAULT '' NOT NULL,
PRIMARY KEY (cid)
);
DROP TABLE IF EXISTS crons;
CREATE TABLE crons (
module varchar(64) DEFAULT '' NOT NULL,
scheduled int(11),
......@@ -78,6 +92,7 @@ CREATE TABLE crons (
PRIMARY KEY (module)
);
DROP TABLE IF EXISTS diaries;
CREATE TABLE diaries (
id int(5) DEFAULT '0' NOT NULL auto_increment,
author int(6) DEFAULT '0' NOT NULL,
......@@ -86,6 +101,7 @@ CREATE TABLE diaries (
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS drupals;
CREATE TABLE drupals (
id int(11) DEFAULT '0' NOT NULL auto_increment,
link varchar(255) DEFAULT '' NOT NULL,
......@@ -95,15 +111,7 @@ CREATE TABLE drupals (
PRIMARY KEY (id)
);
CREATE TABLE faqs (
id int(11) DEFAULT '0' NOT NULL auto_increment,
question varchar(255) DEFAULT '' NOT NULL,
answer text NOT NULL,
weight tinyint(3) DEFAULT '0' NOT NULL,
UNIQUE question (question),
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS headlines;
CREATE TABLE headlines (
id int(11) DEFAULT '0' NOT NULL,
title varchar(255) DEFAULT '' NOT NULL,
......@@ -113,56 +121,74 @@ CREATE TABLE headlines (
UNIQUE link (link)
);
DROP TABLE IF EXISTS layout;
CREATE TABLE layout (
user int(11) DEFAULT '0' NOT NULL,
block varchar(64) DEFAULT '' NOT NULL
);
DROP TABLE IF EXISTS locales;
CREATE TABLE locales (
id int(11) DEFAULT '0' NOT NULL auto_increment,
location varchar(128) DEFAULT '' NOT NULL,
string TEXT DEFAULT '' NOT NULL,
da TEXT DEFAULT '' NOT NULL,
fi TEXT DEFAULT '' NOT NULL,
fr TEXT DEFAULT '' NOT NULL,
en TEXT DEFAULT '' NOT NULL,
es TEXT DEFAULT '' NOT NULL,
nl TEXT DEFAULT '' NOT NULL,
no TEXT DEFAULT '' NOT NULL,
sw TEXT DEFAULT '' NOT NULL,
string text NOT NULL,
da text NOT NULL,
fi text NOT NULL,
fr text NOT NULL,
en text NOT NULL,
es text NOT NULL,
nl text NOT NULL,
no text NOT NULL,
sw text NOT NULL,
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS modules;
CREATE TABLE modules (
name varchar(64) DEFAULT '' NOT NULL,
PRIMARY KEY (name)
);
DROP TABLE IF EXISTS node;
CREATE TABLE node (
nid int(10) unsigned DEFAULT '0' NOT NULL auto_increment,
lid int(10) DEFAULT '0' NOT NULL,
pid int(10) DEFAULT '0' NOT NULL,
log text NOT NULL,
type varchar(16) DEFAULT '' NOT NULL,
title varchar(128) DEFAULT '' NOT NULL,
score int(11) DEFAULT '0' NOT NULL,
votes int(11) DEFAULT '0' NOT NULL,
author int(6) DEFAULT '0' NOT NULL,
status int(4) DEFAULT '1' NOT NULL,
timestamp int(11) DEFAULT '0' NOT NULL,
KEY type (lid,type),
KEY author (author),
KEY title (title,type),
PRIMARY KEY (nid)
);
DROP TABLE IF EXISTS sections;
CREATE TABLE sections (
name varchar(64) DEFAULT '' NOT NULL,
post tinyint(3) DEFAULT '0' NOT NULL,
dump tinyint(3) DEFAULT '0' NOT NULL,
timout tinyint(3) DEFAULT '0' NOT NULL,
status tinyint(2) DEFAULT '0' NOT NULL,
timout tinyint(3) DEFAULT '0' NOT NULL,
PRIMARY KEY (name)
);
CREATE TABLE stories (
id int(11) DEFAULT '0' NOT NULL auto_increment,
author int(6) DEFAULT '0' NOT NULL,
subject varchar(255) DEFAULT '' NOT NULL,
DROP TABLE IF EXISTS story;
CREATE TABLE story (
lid int(10) unsigned DEFAULT '0' NOT NULL auto_increment,
nid int(10) unsigned DEFAULT '0' NOT NULL,
abstract text NOT NULL,
updates text NOT NULL,
article text NOT NULL,
body text NOT NULL,
section varchar(64) DEFAULT '' NOT NULL,
timestamp int(11) DEFAULT '0' NOT NULL,
score int(11) DEFAULT '0' NOT NULL,
votes int(11) DEFAULT '0' NOT NULL,
status int(4) DEFAULT '1',
UNIQUE subject (subject),
PRIMARY KEY (id)
PRIMARY KEY (lid)
);
DROP TABLE IF EXISTS users;
CREATE TABLE users (
id int(10) unsigned DEFAULT '0' NOT NULL auto_increment,
name varchar(60) DEFAULT '' NOT NULL,
......@@ -171,8 +197,8 @@ CREATE TABLE users (
real_email varchar(60) DEFAULT '' NOT NULL,
fake_email varchar(60) DEFAULT '' NOT NULL,
url varchar(100) DEFAULT '' NOT NULL,
stories tinyint(2) DEFAULT '10',
mode tinyint(1) DEFAULT '0',
nodes tinyint(2) DEFAULT '10',
mode tinyint(1) DEFAULT '0' NOT NULL,
sort tinyint(1) DEFAULT '0',
threshold tinyint(1) DEFAULT '0',
bio tinytext NOT NULL,
......@@ -180,24 +206,32 @@ CREATE TABLE users (
signature varchar(255) DEFAULT '' NOT NULL,
last_access int(10) unsigned,
last_host varchar(255),
access varchar(255) DEFAULT '' NOT NULL,
status tinyint(4) DEFAULT '0' NOT NULL,
history text NOT NULL,
hash varchar(12) DEFAULT '' NOT NULL,
rating decimal(8,4) DEFAULT '0' NOT NULL,
timezone varchar(8) DEFAULT '0' NOT NULL,
language varchar(2) DEFAULT '0' NOT NULL,
timezone varchar(8),
rating decimal(8,4),
language char(2) DEFAULT '' NOT NULL,
access varchar(255) DEFAULT '' NOT NULL,
PRIMARY KEY (id)
);
DROP TABLE IF EXISTS variable;
CREATE TABLE variable (
name varchar(32) DEFAULT '' NOT NULL,
value varchar(128) DEFAULT '' NOT NULL,
PRIMARY KEY (name)
);
DROP TABLE IF EXISTS watchdog;
CREATE TABLE watchdog (
id int(5) DEFAULT '0' NOT NULL auto_increment,
level int(2) DEFAULT '0' NOT NULL,
timestamp int(11) DEFAULT '0' NOT NULL,
user int(6) DEFAULT '0' NOT NULL,
type varchar(16) DEFAULT '' NOT NULL,
link varchar(16) DEFAULT '' NOT NULL,
message varchar(255) DEFAULT '' NOT NULL,
location varchar(128) DEFAULT '' NOT NULL,
hostname varchar(128) DEFAULT '' NOT NULL,
timestamp int(11) DEFAULT '0' NOT NULL,
PRIMARY KEY (id)
);
<?php
function error_flood() {
global $site_email;
print "WARNING: submission rate exceeded. We detected too much data or events from your IP. Please wait a few minutes and try again. If you think this is not justified, please contact us at <A HREF=\"mailto:$site_email\">$site_email</A>.";
function error_throttle() {
print "WARNING: submission rate exceeded. We detected too much data or events from your IP. Please wait a few minutes and try again. If you believe this is not justified, please contact us at <A HREF=\"mailto:". variable_get(site_mail, "root@localhost") ."\">". variable_get(site_mail, "root@localhost") ."</A>.";
}
function error_httpd() {
......@@ -42,11 +40,11 @@ function error_httpd() {
include_once "includes/common.inc";
switch ($op) {
case "flood":
error_flood();
case "throttle":
error_throttle();
break;
default:
error_httpd();
}
?>
?>
\ No newline at end of file
......@@ -124,6 +124,8 @@ function comment_preview($pid, $id, $subject, $comment) {
function comment_post($pid, $id, $subject, $comment) {
global $theme, $user;
throttle("post comment", variable_get(max_comment_rate, 60));
// Check for duplicate comments:
$duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$pid' AND lid = '$id' AND subject = '$subject' AND comment = '$comment'"), 0);
......@@ -135,7 +137,7 @@ function comment_post($pid, $id, $subject, $comment) {
$subject = ($subject) ? $subject : substr($comment, 0, 29);
// Add watchdog entry:
watchdog("comment", "comment: added '$subject'");
watchdog("special", "comment: added '$subject'");
// Add comment to database:
db_query("INSERT INTO comments (lid, pid, author, subject, comment, hostname, timestamp, score) VALUES ('$id', '$pid', '$user->id', '$subject', '$comment', '". getenv("REMOTE_ADDR") ."', '". time() ."', '". ($user->userid ? 1 : 0) ."')");
......@@ -281,9 +283,9 @@ function comment_render($lid, $cid) {
// Pre-process variables:
$lid = empty($lid) ? 0 : $lid;
$cid = empty($cid) ? 0 : $cid;
$mode = ($user->id) ? $user->mode : variable_get("default_comment_mode", 4);
$order = ($user->id) ? $user->sort : variable_get("default_comment_order", 1);
$threshold = ($user->id) ? $user->threshold : variable_get("default_comment_threshold", 3);
$mode = ($user->id) ? $user->mode : variable_get(default_comment_mode, 4);
$order = ($user->id) ? $user->sort : variable_get(default_comment_order, 1);
$threshold = ($user->id) ? $user->threshold : variable_get(default_comment_threshold, 3);
if ($user->id) {
// Comment control:
......
......@@ -9,12 +9,30 @@ function conf_init() {
return $file;
}
function watchdog($type, $message) {
global $user, $watchdog, $PHP_SELF;
$link = ($mod) ? $mod : substr(strrchr($PHP_SELF, "/"), 1, strrchr($PHP_SELF, "/") - 4);
db_query("INSERT INTO watchdog (user, type, link, message, location, hostname, timestamp) VALUES ('$user->id', '". check_input($type) ."', '". check_input($link) ."', '". check_input($message) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."', '". time() ."')");
}
function throttle($type, $rate) {
if (!(user_access($user, "watchdog") || user_access($user, "comment") || user_access($user, "node"))) {
if ($throttle = db_fetch_object(db_query("SELECT * FROM watchdog WHERE type = '$type' AND hostname = '". getenv("REMOTE_ADDR") ."' AND ". time() ." - timestamp < $rate"))) {
watchdog("warning", "throttle: '". getenv("REMOTE_ADDR") ."' exceeded submission rate - $throttle->type");
header("Location: error.php?op=throttle");
exit();
}
else {
watchdog($type, "throttle control");
}
}
}
$conf = conf_init();
include_once "includes/$conf.conf";
include_once "includes/database.inc";
include_once "includes/variable.inc";
include_once "includes/watchdog.inc";
include_once "includes/function.inc";
include_once "includes/comment.inc";
include_once "includes/module.inc";
......
......@@ -81,7 +81,7 @@ function format_date($timestamp, $type = "medium") {
function format_username($username) {
global $user;
if ($username) return (user_access($user, "account") ? "<A HREF=\"admin.php?mod=account&op=view&name=$username\">$username</A>" : "<A HREF=\"account.php?op=view&name=$username\">$username</A>");
else { global $anonymous; return $anonymous; }
else return variable_get(anonymous, "Anonymous");
}
function format_email($address) {
......
......@@ -8,13 +8,6 @@ $db_user = "username";
$db_pass = "password";
$db_name = "database";
#
# Administrative information
#
$site_name = "site name";
$site_url = "http://yourdomain.com/"; // add a trailing slash
$site_email = "info@yourdomain.com";
#
# Comment votes:
# The keys of this associative array are displayed in each comment's selection box whereas the corresponding values represent the mathematical calculation to be performed to update a comment's value.
......@@ -33,11 +26,6 @@ $comment_votes = array("none" => "none",
#
$allowed_html = "<A><B><BLOCKQUOTE><CODE><DD><DL><DT><EM><HR><I><LI><SMALL><OL><U><UL>";
#
# Name for anonymous users:
#
$anonymous = "Anonymous Chicken";
#
# Themes:
# The first theme listed in this associative array will automatically become the default theme.
......
......@@ -52,7 +52,7 @@ function node_save($node) {
if ($u1 = implode(", ", $u1)) db_query("UPDATE node SET $u1 WHERE nid = '$node[nid]'");
if ($u2 = implode(", ", $u2)) db_query("UPDATE $n->type SET $u2 WHERE nid = '$node[nid]'");
if ($n->pid && ($node[status] == $status[posted])) db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$node[pid]'");
if ($n->pid && ($node[status] == $status[posted])) db_query("UPDATE node SET status = '$status[expired]' WHERE nid = '$n->pid'");
watchdog("message", "node: modified '$n->title'");
}
......@@ -63,6 +63,8 @@ function node_save($node) {
watchdog("warning", "node: duplicate '$node[title]'");
}
else {
throttle("post node", variable_get(max_node_rate, 900));
// setup default values:
$node = array_merge(array(title => "?", author => $user->id, type => "?", pid => 0, log => "node created", status => $status[queued], score => 0, votes => 0, timestamp => time()), $node);
......
......@@ -15,7 +15,7 @@ function search_data($keys, $type) {
foreach ($result as $entry) {
$output .= "<P>\n";
$output .= " <B><U><A HREF=\"$entry[link]\">$entry[title]</A></U></B><BR>";
$output .= " <SMALL>$site_url$entry[link]". ($entry[user] ? " - ". format_username($entry[user]) : "") ."". ($entry[date] ? " - ". format_date($entry[date], "small") : "") ."</SMALL>";
$output .= " <SMALL>$entry[link]". ($entry[user] ? " - ". format_username($entry[user]) : "") ."". ($entry[date] ? " - ". format_date($entry[date], "small") : "") ."</SMALL>";
$output .= "</P>\n";
}
}
......
......@@ -7,19 +7,19 @@ function section_get() {
return $array;
}
function section_post_threshold($section, $threshold = 5) {
$result = db_query("SELECT post FROM sections WHERE name = '". check_input($section) ."'");
return ($result) ? db_result($result, 0) : $threshold;
function section_post_threshold($section, $default) {
$section = db_fetch_object(db_query("SELECT post AS threshold FROM sections WHERE name = '". check_input($section) ."'"));
return $section->threshold ? $section->threshold : $default;
}
function section_dump_threshold($section, $threshold = - 3) {
$result = db_query("SELECT dump FROM sections WHERE name = '". check_input($section) ."'");
return ($result) ? db_result($result, 0) : $threshold;
function section_dump_threshold($section, $default) {
$section = db_fetch_object(db_query("SELECT dump AS threshold FROM sections WHERE name = '". check_input($section) ."'"));
return $section->threshold ? $section->threshold : $default;
}
function section_timout_threshold($section, $threshold = 10) {
$result = db_query("SELECT timout FROM sections WHERE name = '". check_input($section) ."'");
return ($result) ? db_result($result, 0) : $threshold;
function section_timout_threshold($section, $default) {
$section = db_fetch_object(db_query("SELECT timout AS threshold FROM sections WHERE name = '". check_input($section) ."'"));
return $section->threshold ? $section->threshold : $default;
}
?>
\ No newline at end of file
......@@ -28,7 +28,7 @@ function theme_menu($name, $module) {
}
function theme_account($theme) {
global $user, $site_name, $links, $menu;
global $user, $links, $menu;
if ($user->id) {
......@@ -38,7 +38,7 @@ function theme_account($theme) {
// Display account settings:
$content .= "<LI><A HREF=\"account.php?op=track&topic=comments\">". t("track your comments") ."</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=track&topic=nodes\">". t("track your nodes") ."</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=track&topic=site\">". strtr(t("track %a"), array("%a" => $site_name)) ."</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=track&topic=site\">". strtr(t("track %a"), array("%a" => variable_get(site_name, "drupal"))) ."</A></LI>\n";
$content .= "<P>\n";
$content .= "<LI><A HREF=\"account.php?op=edit&topic=user\">". t("edit your information") ."</A></LI>\n";
$content .= "<LI><A HREF=\"account.php?op=edit&topic=site\">". t("edit your preferences") ."</A></LI>\n";
......@@ -46,7 +46,7 @@ function theme_account($theme) {
$content .= "<P>\n";
if (user_access($user)) {
$content .= "<LI><A HREF=\"admin.php\">administer ". $site_name ."</A></LI>\n";
$content .= "<LI><A HREF=\"admin.php\">administer ". variable_get(site_name, "drupal") ."</A></LI>\n";
$content .= "<P>\n";
}
......
<?php
function variable_init($conf = array()) {
$result = db_query("SELECT * FROM variable");
while ($variable = db_fetch_object($result)) $conf[$variable->name] = $variable->value;
return $conf;
}
function handler_post_threshold($node, $default) {
if ($node->type) {
$function = $node->type ."_post_threshold";
return $function($node, $default);
}
else {
return $default;
}
}
function handler_dump_threshold($node, $default) {
if ($node->type) {
$function = $node->type ."_dump_threshold";
return $function($node, $default);
}
else {
return $default;
}
}
function handler_timout_threshold($node, $default) {
if ($node->type) {
$function = $node->type ."_timout_threshold";
return $function($node, $default);
}
else {
return $default;
}
}
function variable_get($name, $default, $object = 0) {
global $conf;
switch ($name) {
case "post_threshold":
return handler_post_threshold($object, $default);
case "dump_threshold":
return handler_dump_threshold($object, $default);
case "timout_threshold":
return handler_timout_threshold($object, $default);
default:
return ($conf[$name] ? $conf[$name] : $default);
}
}
?>
\ No newline at end of file
<?php
$watchdog = array("comment" => array("0", variable_get("max_comment_rate", 60)),
"node" => array("1", variable_get("max_node_rate", 900)),
"message" => array("3", "0"),
"warning" => array("4", "0"),
"error" => array("5", "0"));
function watchdog($id, $message) {
global $user, $watchdog, $watchdog_history;
// flood protection:
if ($watchdog[$id][1] && !user_access($user, "watchdog")) {
if ($log = db_fetch_object(db_query("SELECT * FROM watchdog WHERE hostname = '". getenv("REMOTE_ADDR") ."' AND level = '". $watchdog[$id][0] ."'"))) {
if (time() - $log->timestamp < $watchdog[$id][1]) {
watchdog("warning", "'". getenv("REMOTE_ADDR") ."' exceeded '$id' submission rate");
header("Location: error.php?op=flood");
exit();
}
}
}
// perform query to add new watchdog entry:
db_query("INSERT INTO watchdog (level, timestamp, user, message, location, hostname) VALUES ('". $watchdog[$id][0] ."', '". time() ."', '". check_input($user->id) ."', '". check_input(check_output($message)) ."', '". check_input(getenv("REQUEST_URI")) ."', '". check_input(getenv("REMOTE_ADDR")) ."')");
}
function watchdog_clean($history = 302400) {
$timestamp = time() - $history;
db_query("DELETE FROM watchdog WHERE timestamp < $timestamp");
}
?>
......@@ -46,8 +46,6 @@ class backend {