From a95c2a68aaededb5538da3df4d40c88879c4c45d Mon Sep 17 00:00:00 2001
From: Dries Buytaert <dries@buytaert.net>
Date: Sun, 30 Dec 2001 16:16:38 +0000
Subject: [PATCH] - import.module:
+ Improved input filtering; this should make the news items look
more consistent in terms of mark-up.
+ Quoted all array indices: converted all instances of $foo[bar]
to $foo["bar"]. Made various other changes to make the import
module compliant with the coding style.
- theme.inc:
+ Fixed small XHTML glitch
- comment system:
+ Made it possible for users to edit their comments (when certain
criteria are matched).
+ Renamed the SQL table field "lid" to "nid" and updated the code
to reflect this change: this is a rather /annoying/ change that
has been asked for a few times. It will impact the contributed
BBS/forum modules and requires a tiny SQL update:
sql> ALTER TABLE comments CHANGE lid nid int(10) NOT NULL;
+ Moved most (all?) of the comment related logic from node.php to
comment.module where it belongs. This also marks a first step
towards removing/reducing "node.php".
+ Added a delete button to the comment admin form and made it so
that Drupal prompts for confirmation prior to deleting a comment
from the database. This behavior is similar to that of deleting
nodes.
+ Disabled comment moderation for now.
+ Some of the above changes will make it easier to integrate the
upcomcing mail-to-web and web-to-mail gateways. They are part
of a bigger plan. ;)
- node system:
+ Made it so that updating nodes (like for instance updating blog
entries) won't trigger the submission rate throttle.
+ Fixed a small glitch where a node's title wasn't always passed
to the $theme->header() function.
+ Made "node_array()" and "node_object()" more generic and named
them "object2array()" and "array2object()".
+ Moved most (all?) of the comment related logic from node.php to
comment.module where it belongs. This also marks a first step
towards removing/reducing "node.php".
- misc:
+ Applied three patches by Foxen. One to improve performance of
the book module, and two other patches to fix small glitches in
common.inc. Thanks Foxen!
---
includes/common.inc | 40 ++++-
includes/theme.inc | 2 +-
modules/aggregator.module | 159 ++++++++--------
modules/aggregator/aggregator.module | 159 ++++++++--------
modules/book.module | 47 +++--
modules/book/book.module | 47 +++--
modules/comment.module | 259 ++++++++++++++++++---------
modules/comment/comment.module | 259 ++++++++++++++++++---------
modules/forum.module | 4 +-
modules/forum/forum.module | 4 +-
modules/import.module | 159 ++++++++--------
modules/node.module | 58 ++----
modules/node/node.module | 58 ++----
modules/tracker.module | 8 +-
modules/tracker/tracker.module | 8 +-
node.php | 56 +-----
update.php | 5 +
17 files changed, 744 insertions(+), 588 deletions(-)
diff --git a/includes/common.inc b/includes/common.inc
index 6f70e48206ed..7c398663e1d0 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -50,6 +50,34 @@ function throttle($type, $rate) {
}
}
+function array2object($node) {
+
+ if (is_array($node)) {
+ foreach ($node as $key => $value) {
+ $object->$key = $value;
+ }
+ }
+ else {
+ $object = $node;
+ }
+
+ return $object;
+}
+
+function object2array($node) {
+
+ if (is_object($node)) {
+ foreach ($node as $key => $value) {
+ $array[$key] = $value;
+ }
+ }
+ else {
+ $array = $node;
+ }
+
+ return $array;
+}
+
function path_uri() {
global $HTTP_HOST, $REQUEST_URI;
return "http://". $HTTP_HOST . substr($REQUEST_URI, 0, strrpos($REQUEST_URI, "/")) ."/";
@@ -287,7 +315,7 @@ function check_input($text) {
}
function check_output($text, $nl2br = 0) {
- return ($text) ? ($nl2br ? nl2br(stripslashes($text)) : stripslashes($text)) : message_na();
+ return ($text) ? ($nl2br ? str_replace("\r", "", str_replace("\n", "<br />", stripslashes($text))) : stripslashes($text)) : message_na();
}
function check_file($filename) {
@@ -542,14 +570,16 @@ function link_node($node, $main = 0) {
function timer_start() {
global $timer;
- $timer = explode(" ", microtime());
+ list($usec, $sec) = explode(" ", microtime());
+ $timer = (float)$usec + (float)$sec;
}
function timer_print() {
global $timer;
- $stop = explode(" ", microtime());
- $diff = $stop[0] - $timer[0];
- print "<pre>execution time: $diff ms</pre>";
+ list($usec, $sec) = explode(" ", microtime());
+ $stop = (float)$usec + (float)$sec;
+ $diff = $stop - $timer;
+ print "<pre>execution time: $diff sec</pre>";
}
function query_print() {
diff --git a/includes/theme.inc b/includes/theme.inc
index 6279fa0ed70f..29ee3d8a6579 100644
--- a/includes/theme.inc
+++ b/includes/theme.inc
@@ -27,7 +27,7 @@ function user($region) {
if ($user->uid) {
// Display account settings:
- $output .= "<div width=\"125\">\n";
+ $output .= "<div style=\"width: 125;\">\n";
foreach (module_list() as $name) {
if (module_hook($name, "link")) {
diff --git a/modules/aggregator.module b/modules/aggregator.module
index 31f73c77d6de..da166264143e 100644
--- a/modules/aggregator.module
+++ b/modules/aggregator.module
@@ -3,11 +3,11 @@
function import_help() {
?>
- <P>In Drupal you have <I>feeds</I> and <I>bundles</I>. Feeds define news sources and bundles categoriz syndicated content by source, topic or any other heuristic. Bundles provide a generalized way of creating composite feeds. They allow you, for example, to combine various sport-related feeds into one bundle called "Sport".</P>
- <P>You can have several providers of news feeds. You can add a feed by clicking the "add feed" link on the import administration pages. Give the feed a name, supply the URI and a comma-separated list of attributes that you want to associate the feed with. The update interval defines how often Drupal should go out to try and grab fresh content. The expiration time defines how long syndicated content is kept in the database. So set the update and expiration time and save your settings. You have just defined your first feed. If you have more feeds repeat as necessary.</P>
- <P>To verify whether your feed works, press "update items" at the overview page. The number of items that have been sucessfully fetched, should then become visible in the third column of the feed overview.</P>
- <P>Now you have to define some bundles. Bundles look for feeds that contain one of the keywords associated with the bundle and display those feeds together. To define a bundle you have to give it a name and a comma-separated list of keywords just like this is the case for feeds.</P>
- <P>Your newly created bundle will now show up in the list of blocks that you can see at the block related administration pages. There you can customize where and when your bundles will be displayed.</P>
+ <p>In Drupal you have <i>feeds</i> and <i>bundles</i>. Feeds define news sources and bundles categoriz syndicated content by source, topic or any other heuristic. Bundles provide a generalized way of creating composite feeds. They allow you, for example, to combine various sport-related feeds into one bundle called "Sport".</p>
+ <p>You can have several providers of news feeds. You can add a feed by clicking the "add feed" link on the import administration pages. Give the feed a name, supply the URI and a comma-separated list of attributes that you want to associate the feed with. The update interval defines how often Drupal should go out to try and grab fresh content. The expiration time defines how long syndicated content is kept in the database. So set the update and expiration time and save your settings. You have just defined your first feed. If you have more feeds repeat as necessary.</p>
+ <p>To verify whether your feed works, press "update items" at the overview page. The number of items that have been sucessfully fetched, should then become visible in the third column of the feed overview.</p>
+ <p>Now you have to define some bundles. Bundles look for feeds that contain one of the keywords associated with the bundle and display those feeds together. To define a bundle you have to give it a name and a comma-separated list of keywords just like this is the case for feeds.</p>
+ <p>Your newly created bundle will now show up in the list of blocks that you can see at the block related administration pages. There you can customize where and when your bundles will be displayed.</p>
<?php
}
@@ -15,6 +15,7 @@ function import_conf_options() {
$number = array(5 => 5, 10 => 10, 15 => 15, 20 => 20, 25 => 25, 30 => 30, 35 => 35, 40 => 40, 45 => 45, 50 => 50, 55 => 55, 60 => 60, 65 => 65, 70 => 70, 75 => 75, 80 => 80, 85 => 85, 90 => 90, 95 => 95, 100 => 100);
$output .= form_select("Items per block", "import_block_limit", variable_get("import_block_limit", 15), $number, "The maximum number of items displayed in one block.");
$output .= form_select("Items per page", "import_page_limit", variable_get("import_page_limit", 75), $number, "The maximum number of items displayed on one page.");
+
return $output;
}
@@ -52,7 +53,7 @@ function import_format_item($item, $feed = 0) {
global $theme, $user;
if ($user->uid && user_access("post blogs")) {
- $output .= "<a href=\"module.php?mod=node&op=add&type=blog&iid=$item->iid\"><img src=\"". $theme->image("blog.gif") ."\" border=\"0\" width=\"12\" height=\"16\" alt=\"" . t("Blog this item") . "\" /></a> ";
+ $output .= "<a href=\"module.php?mod=node&op=add&type=blog&iid=$item->iid\"><img src=\"". $theme->image("blog.gif") ."\" border=\"0\" width=\"12\" height=\"16\" alt=\"". t("Blog this item") ."\" /></a> ";
}
$output .= "<a href=\"". check_output($item->link) ."\" target=\"new\">". check_output($item->title) ."</a>";
@@ -95,9 +96,9 @@ function import_get_bundles($attributes = 0) {
$i = 0;
while ($bundle = db_fetch_object($result)) {
- $block[$i][subject] = $bundle->title;
- $block[$i][content] = import_bundle_block($bundle->attributes) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=bundle&id=$bundle->bid\">". t("more") ."</a></div></p>";
- $block[$i][info] = "$bundle->title bundle";
+ $block[$i]["subject"] = $bundle->title;
+ $block[$i]["content"] = import_bundle_block($bundle->attributes) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=bundle&id=$bundle->bid\">". t("more") ."</a></div></p>";
+ $block[$i]["info"] = "$bundle->title bundle";
$i++;
}
@@ -110,9 +111,9 @@ function import_get_feeds($attributes = 0) {
$i = 0;
while ($feed = db_fetch_object($result)) {
- $block[$i][subject] = $feed->title;
- $block[$i][content] = import_feed_block($feed) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=feed&id=$feed->fid\">". t("more") ."</a></div></p>";
- $block[$i][info] = "$feed->title feed";
+ $block[$i]["subject"] = $feed->title;
+ $block[$i]["content"] = import_feed_block($feed) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=feed&id=$feed->fid\">". t("more") ."</a></div></p>";
+ $block[$i]["info"] = "$feed->title feed";
$i++;
}
@@ -121,8 +122,8 @@ function import_get_feeds($attributes = 0) {
}
function import_remove($feed) {
- db_query("DELETE FROM item WHERE fid = '$feed[fid]'");
- return "feed '$feed[title]' reset.";
+ db_query("DELETE FROM item WHERE fid = '". $feed["fid"] ."'");
+ return "feed '". $feed["title"] ."' reset.";
}
function import_refresh($feed) {
@@ -131,15 +132,15 @@ function import_refresh($feed) {
** Check whether the feed is properly configured:
*/
- if (!ereg("^http://|ftp://", $feed[url])) {
- watchdog("warning", "import: invalid or missing URL for '$feed[title]'");
+ if (!ereg("^http://|ftp://", $feed["url"])) {
+ watchdog("warning", "import: invalid or missing URL for '". $feed["title"] ."'");
}
/*
** Grab the headlines:
*/
- if ($fp = @fopen($feed[url], "r")) {
+ if ($fp = @fopen($feed["url"], "r")) {
// fetch data:
while (!feof($fp)) {
$data .= fgets($fp, 128);
@@ -167,7 +168,14 @@ function import_refresh($feed) {
eregi("<link>(.*)</link>", $channel, $link);
eregi("<description>(.*)</description>", $channel, $description);
- db_query("UPDATE feed SET timestamp = '". time() ."', link = '". check_input($link[1]) ."', description = '". check_input($description[1]) ."' WHERE fid = '". $feed[fid] ."'");
+ /*
+ ** Strip invalid tags and provide default values (if required):
+ */
+
+ $link = strip_tags($link[1]);
+ $description = filter(strtr($description[1], $tt));
+
+ db_query("UPDATE feed SET timestamp = '". time() ."', link = '". check_input($link) ."', description = '". check_input($description) ."' WHERE fid = '". $feed["fid"] ."'");
/*
** Extract and process individual items:
@@ -193,8 +201,9 @@ function import_refresh($feed) {
*/
$title = strip_tags(strtr($title[1] ? $title[1] : substr(strip_tags(strtr($description[1], $tt)), 0, 30), $tt));
- $link = $link[1] ? $link[1] : $feed[link];
- $description = strtr($description[1], $tt);
+ $link = strip_tags($link[1] ? $link[1] : $feed["link"]);
+ $author = strip_tags($author[1]);
+ $description = filter(strtr($description[1], $tt));
// print "<pre>title = ". htmlentities($title) ."\n\ndescription = ". htmlentities($description) ."\n\nlink = ". htmlentities($link) ."</pre><hr />";
@@ -202,12 +211,12 @@ function import_refresh($feed) {
** Save this item:
*/
- import_save_item(array(fid => $feed[fid], title => $title, link => $link, author => $author[1], description => $description, attributes => $feed[attributes]));
+ import_save_item(array(fid => $feed["fid"], title => $title, link => $link, author => $author, description => $description, attributes => $feed["attributes"]));
}
}
/*
- ** Remove expired items:
+ ** Remove all the old, expired items:
*/
unset($items);
@@ -224,50 +233,50 @@ function import_refresh($feed) {
}
else {
- watchdog("warning", "import: failed to syndicate from '$feed[title]'". ($errstr ? ": $errstr" : ""));
+ watchdog("warning", "import: failed to syndicate from '". $feed["title"] ."'". ($errstr ? ": $errstr" : ""));
}
- return "feed '$feed[title]' updated.";
+ return "feed '". $feed["title"] ."' updated.";
}
function import_save_item($edit) {
- if ($edit[iid] && $edit[title]) {
- db_query("UPDATE item SET title = '". check_input($edit[title]) ."', link = '". check_input($edit[link]) ."', author = '". check_input($edit[author]) ."', description = '". check_input($edit[description]) ."', attributes = '". check_input($edit[attributes]) ."' WHERE iid = '$edit[iid]'");
+ if ($edit["iid"] && $edit["title"]) {
+ db_query("UPDATE item SET title = '". check_input($edit["title"]) ."', link = '". check_input($edit["link"]) ."', author = '". check_input($edit["author"]) ."', description = '". check_input($edit["description"]) ."', attributes = '". check_input($edit["attributes"]) ."' WHERE iid = '". check_input($edit["iid"]) ."'");
}
- else if ($edit[iid]) {
- db_query("DELETE FROM item WHERE iid = '". check_input($edit[iid]) ."'");
+ else if ($edit["iid"]) {
+ db_query("DELETE FROM item WHERE iid = '". check_input($edit["iid"]) ."'");
}
- else if ($edit[title] && $edit[link]) {
- if (!db_fetch_object(db_query("SELECT iid FROM item WHERE title = '". check_input($edit[title]) ."' AND link = '". check_input($edit[link]) ."' AND description = '". check_input($edit[description]) ."'"))) {
- db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('". check_input($edit[fid]) ."', '". check_input($edit[title]) ."', '". check_input($edit[link]) ."', '". check_input($edit[author]) ."', '". check_input($edit[description]) ."', '". check_input($edit[attributes]) ."', '". time() ."')");
+ else if ($edit["title"] && $edit["link"]) {
+ if (!db_fetch_object(db_query("SELECT iid FROM item WHERE title = '". check_input($edit["title"]) ."' AND link = '". check_input($edit["link"]) ."' AND description = '". check_input($edit["description"]) ."'"))) {
+ db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('". check_input($edit["fid"]) ."', '". check_input($edit["title"]) ."', '". check_input($edit["link"]) ."', '". check_input($edit["author"]) ."', '". check_input($edit["description"]) ."', '". check_input($edit["attributes"]) ."', '". time() ."')");
}
}
}
function import_form_bundle($edit = array()) {
- $form .= form_textfield("Title", "title", $edit[title], 50, 64, "The name of the bundle.");
- $form .= form_textfield("Attributes", "attributes", $edit[attributes], 50, 128, "A comma-seperated list of keywords describing the bundle.");
+ $form .= form_textfield("Title", "title", $edit["title"], 50, 64, "The name of the bundle.");
+ $form .= form_textfield("Attributes", "attributes", $edit["attributes"], 50, 128, "A comma-seperated list of keywords describing the bundle.");
$form .= form_submit("Submit");
- if ($edit[bid]) {
+ if ($edit["bid"]) {
$form .= form_submit("Delete");
- $form .= form_hidden("bid", $edit[bid]);
+ $form .= form_hidden("bid", $edit["bid"]);
}
return form($form);
}
function import_save_bundle($edit) {
- if ($edit[bid] && $edit[title]) {
- db_query("UPDATE bundle SET title = '". check_input($edit[title]) ."', attributes = '". check_input($edit[attributes]) ."' WHERE bid = '". check_input($edit[bid]) ."'");
+ if ($edit["bid"] && $edit["title"]) {
+ db_query("UPDATE bundle SET title = '". check_input($edit["title"]) ."', attributes = '". check_input($edit["attributes"]) ."' WHERE bid = '". check_input($edit["bid"]) ."'");
}
- else if ($edit[bid]) {
- db_query("DELETE FROM bundle WHERE bid = '". check_input($edit[bid]) ."'");
+ else if ($edit["bid"]) {
+ db_query("DELETE FROM bundle WHERE bid = '". check_input($edit["bid"]) ."'");
}
- else if ($edit[title]) {
- db_query("INSERT INTO bundle (title, attributes) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[attributes]) ."')");
+ else if ($edit["title"]) {
+ db_query("INSERT INTO bundle (title, attributes) VALUES ('". check_input($edit["title"]) ."', '". check_input($edit["attributes"]) ."')");
}
module_rehash_blocks("import");
@@ -277,39 +286,41 @@ function import_form_feed($edit = array()) {
$period = array(900 => format_interval(900), 1800 => format_interval(1800), 3600 => format_interval(3600), 7200 => format_interval(7200), 10800 => format_interval(10800), 21600 => format_interval(21600), 32400 => format_interval(32400), 43200 => format_interval(43200), 64800 => format_interval(64800), 86400 => format_interval(86400), 172800 => format_interval(172800), 259200 => format_interval(259200), 604800 => format_interval(604800), 1209600 => format_interval(1209600), 2419200 => format_interval(2419200));
- if ($edit[refresh] == "") $edit[refresh] = 3600;
+ if ($edit["refresh"] == "") {
+ $edit["refresh"] = 3600;
+ }
- $form .= form_textfield("Title", "title", $edit[title], 50, 64, "The name of the feed; typically the name of the website you syndicate content from.");
- $form .= form_textfield("Url", "url", $edit[url], 50, 128, "The fully-qualified URL of the feed.");
- $form .= form_textfield("Attributes", "attributes", $edit[attributes], 50, 128, "A comma-seperated list of keywords describing the feed.");
- $form .= form_select("Update interval", "refresh", $edit[refresh], $period, "The refresh interval indicating how often you want to update this feed. Requires crontab.");
+ $form .= form_textfield("Title", "title", $edit["title"], 50, 64, "The name of the feed; typically the name of the website you syndicate content from.");
+ $form .= form_textfield("Url", "url", $edit["url"], 50, 128, "The fully-qualified URL of the feed.");
+ $form .= form_textfield("Attributes", "attributes", $edit["attributes"], 50, 128, "A comma-seperated list of keywords describing the feed.");
+ $form .= form_select("Update interval", "refresh", $edit["refresh"], $period, "The refresh interval indicating how often you want to update this feed. Requires crontab.");
$form .= form_submit("Submit");
- if ($edit[fid]) {
+ if ($edit["fid"]) {
$form .= form_submit("Delete");
- $form .= form_hidden("fid", $edit[fid]);
+ $form .= form_hidden("fid", $edit["fid"]);
}
return form($form);
}
function import_save_feed($edit) {
- if ($edit[fid] && $edit[title]) {
- db_query("UPDATE feed SET title = '". check_input($edit[title]) ."', url = '". check_input($edit[url]) ."', attributes = '". check_input($edit[attributes]) ."', refresh = '". check_input($edit[refresh]) ."' WHERE fid = '". check_input($edit[fid]) ."'");
- db_query("DELETE FROM item WHERE fid = '". check_input($edit[fid]) ."'");
+ if ($edit["fid"] && $edit["title"]) {
+ db_query("UPDATE feed SET title = '". check_input($edit["title"]) ."', url = '". check_input($edit["url"]) ."', attributes = '". check_input($edit["attributes"]) ."', refresh = '". check_input($edit["refresh"]) ."' WHERE fid = '". check_input($edit["fid"]) ."'");
+ db_query("DELETE FROM item WHERE fid = '". check_input($edit["fid"]) ."'");
}
- else if ($edit[fid]) {
- db_query("DELETE FROM feed WHERE fid = '". check_input($edit[fid]) ."'");
- db_query("DELETE FROM item WHERE fid = '". check_input($edit[fid]) ."'");
+ else if ($edit["fid"]) {
+ db_query("DELETE FROM feed WHERE fid = '". check_input($edit["fid"]) ."'");
+ db_query("DELETE FROM item WHERE fid = '". check_input($edit["fid"]) ."'");
}
- else if ($edit[title]) {
- db_query("INSERT INTO feed (title, url, attributes, refresh) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[url]) ."', '". check_input($edit[attributes]) ."', '". check_input($edit[refresh]) ."')");
+ else if ($edit["title"]) {
+ db_query("INSERT INTO feed (title, url, attributes, refresh) VALUES ('". check_input($edit["title"]) ."', '". check_input($edit["url"]) ."', '". check_input($edit["attributes"]) ."', '". check_input($edit["refresh"]) ."')");
}
}
function import_save_attributes($edit) {
- foreach($edit as $iid => $value) {
+ foreach ($edit as $iid => $value) {
db_query("UPDATE item SET attributes = '". check_input($value) ."' WHERE iid = '". check_input($iid) ."'");
}
return "attributes has been saved";
@@ -359,7 +370,7 @@ function import_fd_collect($edit) {
set_time_limit(180);
- if ($fp = @fopen($edit[url], "r")) {
+ if ($fp = @fopen($edit["url"], "r")) {
// fetch data:
while (!feof($fp)) {
$data .= fgets($fp, 128);
@@ -373,7 +384,7 @@ function import_fd_collect($edit) {
$items = explode("</channel>", $data);
foreach ($items as $item) {
- unset ($link, $title);
+ unset($link, $title);
// print "<pre>item = ". htmlentities($item) ."\n\n</pre>";
@@ -394,7 +405,7 @@ function import_fd_collect($edit) {
return form($output);
}
else {
- print status("failed to open '$edit[url]': $errstr.");
+ print status("failed to open '". $edit["url"] ."': $errstr.");
}
}
@@ -413,7 +424,7 @@ function import_tag() {
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
$output .= " <tr><th>time</th><th>feed</th><th>item</th></tr>\n";
while ($item = db_fetch_object($result)) {
- $output .= " <tr><td valign=\"top\" nowrap=\"nowrap\">". format_date($item->timestamp, "custom", "m/d/y") ."<br />".format_date($item->timestamp, "custom", "H:i") ."</td><td align=\"center\" valign=\"top\" nowrap=\"nowrap\"><a href=\"admin.php?mod=import&type=feed&op=edit&id=$item->fid\">". check_output($item->feed) ."</a></td><td><a href=\"". check_output($item->link) ."\">". check_output($item->title) ."</a>". ($item->description ? "<br /><small><i>". check_output($item->description, 1) ."</i></small>" : "") ."<br /><input type=\"text\" name=\"edit[$item->iid]\" value=\"". check_form($item->attributes) ."\" size=\"50\" /></td></tr>\n";
+ $output .= " <tr><td valign=\"top\" nowrap=\"nowrap\">". format_date($item->timestamp, "custom", "m/d/y") ."<br />". format_date($item->timestamp, "custom", "H:i") ."</td><td align=\"center\" valign=\"top\" nowrap=\"nowrap\"><a href=\"admin.php?mod=import&type=feed&op=edit&id=$item->fid\">". check_output($item->feed) ."</a></td><td><a href=\"". check_output($item->link) ."\">". check_output($item->title) ."</a>". ($item->description ? "<br /><small><i>". check_output($item->description, 1) ."</i></small>" : "") ."<br /><input type=\"text\" name=\"edit[$item->iid]\" value=\"". check_form($item->attributes) ."\" size=\"50\" /></td></tr>\n";
}
$output .= "</table>\n";
$output .= "<input type=\"submit\" name=\"op\" value=\"Save attributes\" />\n";
@@ -428,21 +439,25 @@ function import_admin() {
print "<small><a href=\"admin.php?mod=import&type=feed&op=add\">add new feed</a> | <a href=\"admin.php?mod=import&type=bundle&op=add\">add new bundle</a> | <a href=\"admin.php?mod=import&op=fd\">import feeds</a> | <a href=\"admin.php?mod=import&op=tag\">tag items</a> | <a href=\"admin.php?mod=import&op=view\">overview</a> | <a href=\"admin.php?mod=import&op=help\">help</a></small><hr />";
- switch($op) {
+ switch ($op) {
case "help":
print import_help();
break;
case "add":
- if ($type == "bundle")
+ if ($type == "bundle") {
print import_form_bundle();
- else
+ }
+ else {
print import_form_feed();
+ }
break;
case "edit":
- if ($type == "bundle")
+ if ($type == "bundle") {
print import_form_bundle(import_get_bundle($id));
- else
+ }
+ else {
print import_form_feed(import_get_feed($id));
+ }
break;
case "fd":
print import_fd_form();
@@ -470,16 +485,16 @@ function import_admin() {
print import_tag();
break;
case "Delete":
- $edit[title] = 0;
+ $edit["title"] = 0;
// fall through:
case "Submit":
- if ($type == "bundle")
+ if ($type == "bundle") {
print status(import_save_bundle($edit));
- else
+ }
+ else {
print status(import_save_feed($edit));
+ }
// fall through:
- print import_view();
- break;
default:
print import_view();
}
@@ -675,7 +690,7 @@ function import_page() {
global $op, $id;
if (user_access("access news feeds")) {
- switch($op) {
+ switch ($op) {
case "feed":
import_page_feed($id);
break;
diff --git a/modules/aggregator/aggregator.module b/modules/aggregator/aggregator.module
index 31f73c77d6de..da166264143e 100644
--- a/modules/aggregator/aggregator.module
+++ b/modules/aggregator/aggregator.module
@@ -3,11 +3,11 @@
function import_help() {
?>
- <P>In Drupal you have <I>feeds</I> and <I>bundles</I>. Feeds define news sources and bundles categoriz syndicated content by source, topic or any other heuristic. Bundles provide a generalized way of creating composite feeds. They allow you, for example, to combine various sport-related feeds into one bundle called "Sport".</P>
- <P>You can have several providers of news feeds. You can add a feed by clicking the "add feed" link on the import administration pages. Give the feed a name, supply the URI and a comma-separated list of attributes that you want to associate the feed with. The update interval defines how often Drupal should go out to try and grab fresh content. The expiration time defines how long syndicated content is kept in the database. So set the update and expiration time and save your settings. You have just defined your first feed. If you have more feeds repeat as necessary.</P>
- <P>To verify whether your feed works, press "update items" at the overview page. The number of items that have been sucessfully fetched, should then become visible in the third column of the feed overview.</P>
- <P>Now you have to define some bundles. Bundles look for feeds that contain one of the keywords associated with the bundle and display those feeds together. To define a bundle you have to give it a name and a comma-separated list of keywords just like this is the case for feeds.</P>
- <P>Your newly created bundle will now show up in the list of blocks that you can see at the block related administration pages. There you can customize where and when your bundles will be displayed.</P>
+ <p>In Drupal you have <i>feeds</i> and <i>bundles</i>. Feeds define news sources and bundles categoriz syndicated content by source, topic or any other heuristic. Bundles provide a generalized way of creating composite feeds. They allow you, for example, to combine various sport-related feeds into one bundle called "Sport".</p>
+ <p>You can have several providers of news feeds. You can add a feed by clicking the "add feed" link on the import administration pages. Give the feed a name, supply the URI and a comma-separated list of attributes that you want to associate the feed with. The update interval defines how often Drupal should go out to try and grab fresh content. The expiration time defines how long syndicated content is kept in the database. So set the update and expiration time and save your settings. You have just defined your first feed. If you have more feeds repeat as necessary.</p>
+ <p>To verify whether your feed works, press "update items" at the overview page. The number of items that have been sucessfully fetched, should then become visible in the third column of the feed overview.</p>
+ <p>Now you have to define some bundles. Bundles look for feeds that contain one of the keywords associated with the bundle and display those feeds together. To define a bundle you have to give it a name and a comma-separated list of keywords just like this is the case for feeds.</p>
+ <p>Your newly created bundle will now show up in the list of blocks that you can see at the block related administration pages. There you can customize where and when your bundles will be displayed.</p>
<?php
}
@@ -15,6 +15,7 @@ function import_conf_options() {
$number = array(5 => 5, 10 => 10, 15 => 15, 20 => 20, 25 => 25, 30 => 30, 35 => 35, 40 => 40, 45 => 45, 50 => 50, 55 => 55, 60 => 60, 65 => 65, 70 => 70, 75 => 75, 80 => 80, 85 => 85, 90 => 90, 95 => 95, 100 => 100);
$output .= form_select("Items per block", "import_block_limit", variable_get("import_block_limit", 15), $number, "The maximum number of items displayed in one block.");
$output .= form_select("Items per page", "import_page_limit", variable_get("import_page_limit", 75), $number, "The maximum number of items displayed on one page.");
+
return $output;
}
@@ -52,7 +53,7 @@ function import_format_item($item, $feed = 0) {
global $theme, $user;
if ($user->uid && user_access("post blogs")) {
- $output .= "<a href=\"module.php?mod=node&op=add&type=blog&iid=$item->iid\"><img src=\"". $theme->image("blog.gif") ."\" border=\"0\" width=\"12\" height=\"16\" alt=\"" . t("Blog this item") . "\" /></a> ";
+ $output .= "<a href=\"module.php?mod=node&op=add&type=blog&iid=$item->iid\"><img src=\"". $theme->image("blog.gif") ."\" border=\"0\" width=\"12\" height=\"16\" alt=\"". t("Blog this item") ."\" /></a> ";
}
$output .= "<a href=\"". check_output($item->link) ."\" target=\"new\">". check_output($item->title) ."</a>";
@@ -95,9 +96,9 @@ function import_get_bundles($attributes = 0) {
$i = 0;
while ($bundle = db_fetch_object($result)) {
- $block[$i][subject] = $bundle->title;
- $block[$i][content] = import_bundle_block($bundle->attributes) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=bundle&id=$bundle->bid\">". t("more") ."</a></div></p>";
- $block[$i][info] = "$bundle->title bundle";
+ $block[$i]["subject"] = $bundle->title;
+ $block[$i]["content"] = import_bundle_block($bundle->attributes) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=bundle&id=$bundle->bid\">". t("more") ."</a></div></p>";
+ $block[$i]["info"] = "$bundle->title bundle";
$i++;
}
@@ -110,9 +111,9 @@ function import_get_feeds($attributes = 0) {
$i = 0;
while ($feed = db_fetch_object($result)) {
- $block[$i][subject] = $feed->title;
- $block[$i][content] = import_feed_block($feed) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=feed&id=$feed->fid\">". t("more") ."</a></div></p>";
- $block[$i][info] = "$feed->title feed";
+ $block[$i]["subject"] = $feed->title;
+ $block[$i]["content"] = import_feed_block($feed) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=feed&id=$feed->fid\">". t("more") ."</a></div></p>";
+ $block[$i]["info"] = "$feed->title feed";
$i++;
}
@@ -121,8 +122,8 @@ function import_get_feeds($attributes = 0) {
}
function import_remove($feed) {
- db_query("DELETE FROM item WHERE fid = '$feed[fid]'");
- return "feed '$feed[title]' reset.";
+ db_query("DELETE FROM item WHERE fid = '". $feed["fid"] ."'");
+ return "feed '". $feed["title"] ."' reset.";
}
function import_refresh($feed) {
@@ -131,15 +132,15 @@ function import_refresh($feed) {
** Check whether the feed is properly configured:
*/
- if (!ereg("^http://|ftp://", $feed[url])) {
- watchdog("warning", "import: invalid or missing URL for '$feed[title]'");
+ if (!ereg("^http://|ftp://", $feed["url"])) {
+ watchdog("warning", "import: invalid or missing URL for '". $feed["title"] ."'");
}
/*
** Grab the headlines:
*/
- if ($fp = @fopen($feed[url], "r")) {
+ if ($fp = @fopen($feed["url"], "r")) {
// fetch data:
while (!feof($fp)) {
$data .= fgets($fp, 128);
@@ -167,7 +168,14 @@ function import_refresh($feed) {
eregi("<link>(.*)</link>", $channel, $link);
eregi("<description>(.*)</description>", $channel, $description);
- db_query("UPDATE feed SET timestamp = '". time() ."', link = '". check_input($link[1]) ."', description = '". check_input($description[1]) ."' WHERE fid = '". $feed[fid] ."'");
+ /*
+ ** Strip invalid tags and provide default values (if required):
+ */
+
+ $link = strip_tags($link[1]);
+ $description = filter(strtr($description[1], $tt));
+
+ db_query("UPDATE feed SET timestamp = '". time() ."', link = '". check_input($link) ."', description = '". check_input($description) ."' WHERE fid = '". $feed["fid"] ."'");
/*
** Extract and process individual items:
@@ -193,8 +201,9 @@ function import_refresh($feed) {
*/
$title = strip_tags(strtr($title[1] ? $title[1] : substr(strip_tags(strtr($description[1], $tt)), 0, 30), $tt));
- $link = $link[1] ? $link[1] : $feed[link];
- $description = strtr($description[1], $tt);
+ $link = strip_tags($link[1] ? $link[1] : $feed["link"]);
+ $author = strip_tags($author[1]);
+ $description = filter(strtr($description[1], $tt));
// print "<pre>title = ". htmlentities($title) ."\n\ndescription = ". htmlentities($description) ."\n\nlink = ". htmlentities($link) ."</pre><hr />";
@@ -202,12 +211,12 @@ function import_refresh($feed) {
** Save this item:
*/
- import_save_item(array(fid => $feed[fid], title => $title, link => $link, author => $author[1], description => $description, attributes => $feed[attributes]));
+ import_save_item(array(fid => $feed["fid"], title => $title, link => $link, author => $author, description => $description, attributes => $feed["attributes"]));
}
}
/*
- ** Remove expired items:
+ ** Remove all the old, expired items:
*/
unset($items);
@@ -224,50 +233,50 @@ function import_refresh($feed) {
}
else {
- watchdog("warning", "import: failed to syndicate from '$feed[title]'". ($errstr ? ": $errstr" : ""));
+ watchdog("warning", "import: failed to syndicate from '". $feed["title"] ."'". ($errstr ? ": $errstr" : ""));
}
- return "feed '$feed[title]' updated.";
+ return "feed '". $feed["title"] ."' updated.";
}
function import_save_item($edit) {
- if ($edit[iid] && $edit[title]) {
- db_query("UPDATE item SET title = '". check_input($edit[title]) ."', link = '". check_input($edit[link]) ."', author = '". check_input($edit[author]) ."', description = '". check_input($edit[description]) ."', attributes = '". check_input($edit[attributes]) ."' WHERE iid = '$edit[iid]'");
+ if ($edit["iid"] && $edit["title"]) {
+ db_query("UPDATE item SET title = '". check_input($edit["title"]) ."', link = '". check_input($edit["link"]) ."', author = '". check_input($edit["author"]) ."', description = '". check_input($edit["description"]) ."', attributes = '". check_input($edit["attributes"]) ."' WHERE iid = '". check_input($edit["iid"]) ."'");
}
- else if ($edit[iid]) {
- db_query("DELETE FROM item WHERE iid = '". check_input($edit[iid]) ."'");
+ else if ($edit["iid"]) {
+ db_query("DELETE FROM item WHERE iid = '". check_input($edit["iid"]) ."'");
}
- else if ($edit[title] && $edit[link]) {
- if (!db_fetch_object(db_query("SELECT iid FROM item WHERE title = '". check_input($edit[title]) ."' AND link = '". check_input($edit[link]) ."' AND description = '". check_input($edit[description]) ."'"))) {
- db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('". check_input($edit[fid]) ."', '". check_input($edit[title]) ."', '". check_input($edit[link]) ."', '". check_input($edit[author]) ."', '". check_input($edit[description]) ."', '". check_input($edit[attributes]) ."', '". time() ."')");
+ else if ($edit["title"] && $edit["link"]) {
+ if (!db_fetch_object(db_query("SELECT iid FROM item WHERE title = '". check_input($edit["title"]) ."' AND link = '". check_input($edit["link"]) ."' AND description = '". check_input($edit["description"]) ."'"))) {
+ db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('". check_input($edit["fid"]) ."', '". check_input($edit["title"]) ."', '". check_input($edit["link"]) ."', '". check_input($edit["author"]) ."', '". check_input($edit["description"]) ."', '". check_input($edit["attributes"]) ."', '". time() ."')");
}
}
}
function import_form_bundle($edit = array()) {
- $form .= form_textfield("Title", "title", $edit[title], 50, 64, "The name of the bundle.");
- $form .= form_textfield("Attributes", "attributes", $edit[attributes], 50, 128, "A comma-seperated list of keywords describing the bundle.");
+ $form .= form_textfield("Title", "title", $edit["title"], 50, 64, "The name of the bundle.");
+ $form .= form_textfield("Attributes", "attributes", $edit["attributes"], 50, 128, "A comma-seperated list of keywords describing the bundle.");
$form .= form_submit("Submit");
- if ($edit[bid]) {
+ if ($edit["bid"]) {
$form .= form_submit("Delete");
- $form .= form_hidden("bid", $edit[bid]);
+ $form .= form_hidden("bid", $edit["bid"]);
}
return form($form);
}
function import_save_bundle($edit) {
- if ($edit[bid] && $edit[title]) {
- db_query("UPDATE bundle SET title = '". check_input($edit[title]) ."', attributes = '". check_input($edit[attributes]) ."' WHERE bid = '". check_input($edit[bid]) ."'");
+ if ($edit["bid"] && $edit["title"]) {
+ db_query("UPDATE bundle SET title = '". check_input($edit["title"]) ."', attributes = '". check_input($edit["attributes"]) ."' WHERE bid = '". check_input($edit["bid"]) ."'");
}
- else if ($edit[bid]) {
- db_query("DELETE FROM bundle WHERE bid = '". check_input($edit[bid]) ."'");
+ else if ($edit["bid"]) {
+ db_query("DELETE FROM bundle WHERE bid = '". check_input($edit["bid"]) ."'");
}
- else if ($edit[title]) {
- db_query("INSERT INTO bundle (title, attributes) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[attributes]) ."')");
+ else if ($edit["title"]) {
+ db_query("INSERT INTO bundle (title, attributes) VALUES ('". check_input($edit["title"]) ."', '". check_input($edit["attributes"]) ."')");
}
module_rehash_blocks("import");
@@ -277,39 +286,41 @@ function import_form_feed($edit = array()) {
$period = array(900 => format_interval(900), 1800 => format_interval(1800), 3600 => format_interval(3600), 7200 => format_interval(7200), 10800 => format_interval(10800), 21600 => format_interval(21600), 32400 => format_interval(32400), 43200 => format_interval(43200), 64800 => format_interval(64800), 86400 => format_interval(86400), 172800 => format_interval(172800), 259200 => format_interval(259200), 604800 => format_interval(604800), 1209600 => format_interval(1209600), 2419200 => format_interval(2419200));
- if ($edit[refresh] == "") $edit[refresh] = 3600;
+ if ($edit["refresh"] == "") {
+ $edit["refresh"] = 3600;
+ }
- $form .= form_textfield("Title", "title", $edit[title], 50, 64, "The name of the feed; typically the name of the website you syndicate content from.");
- $form .= form_textfield("Url", "url", $edit[url], 50, 128, "The fully-qualified URL of the feed.");
- $form .= form_textfield("Attributes", "attributes", $edit[attributes], 50, 128, "A comma-seperated list of keywords describing the feed.");
- $form .= form_select("Update interval", "refresh", $edit[refresh], $period, "The refresh interval indicating how often you want to update this feed. Requires crontab.");
+ $form .= form_textfield("Title", "title", $edit["title"], 50, 64, "The name of the feed; typically the name of the website you syndicate content from.");
+ $form .= form_textfield("Url", "url", $edit["url"], 50, 128, "The fully-qualified URL of the feed.");
+ $form .= form_textfield("Attributes", "attributes", $edit["attributes"], 50, 128, "A comma-seperated list of keywords describing the feed.");
+ $form .= form_select("Update interval", "refresh", $edit["refresh"], $period, "The refresh interval indicating how often you want to update this feed. Requires crontab.");
$form .= form_submit("Submit");
- if ($edit[fid]) {
+ if ($edit["fid"]) {
$form .= form_submit("Delete");
- $form .= form_hidden("fid", $edit[fid]);
+ $form .= form_hidden("fid", $edit["fid"]);
}
return form($form);
}
function import_save_feed($edit) {
- if ($edit[fid] && $edit[title]) {
- db_query("UPDATE feed SET title = '". check_input($edit[title]) ."', url = '". check_input($edit[url]) ."', attributes = '". check_input($edit[attributes]) ."', refresh = '". check_input($edit[refresh]) ."' WHERE fid = '". check_input($edit[fid]) ."'");
- db_query("DELETE FROM item WHERE fid = '". check_input($edit[fid]) ."'");
+ if ($edit["fid"] && $edit["title"]) {
+ db_query("UPDATE feed SET title = '". check_input($edit["title"]) ."', url = '". check_input($edit["url"]) ."', attributes = '". check_input($edit["attributes"]) ."', refresh = '". check_input($edit["refresh"]) ."' WHERE fid = '". check_input($edit["fid"]) ."'");
+ db_query("DELETE FROM item WHERE fid = '". check_input($edit["fid"]) ."'");
}
- else if ($edit[fid]) {
- db_query("DELETE FROM feed WHERE fid = '". check_input($edit[fid]) ."'");
- db_query("DELETE FROM item WHERE fid = '". check_input($edit[fid]) ."'");
+ else if ($edit["fid"]) {
+ db_query("DELETE FROM feed WHERE fid = '". check_input($edit["fid"]) ."'");
+ db_query("DELETE FROM item WHERE fid = '". check_input($edit["fid"]) ."'");
}
- else if ($edit[title]) {
- db_query("INSERT INTO feed (title, url, attributes, refresh) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[url]) ."', '". check_input($edit[attributes]) ."', '". check_input($edit[refresh]) ."')");
+ else if ($edit["title"]) {
+ db_query("INSERT INTO feed (title, url, attributes, refresh) VALUES ('". check_input($edit["title"]) ."', '". check_input($edit["url"]) ."', '". check_input($edit["attributes"]) ."', '". check_input($edit["refresh"]) ."')");
}
}
function import_save_attributes($edit) {
- foreach($edit as $iid => $value) {
+ foreach ($edit as $iid => $value) {
db_query("UPDATE item SET attributes = '". check_input($value) ."' WHERE iid = '". check_input($iid) ."'");
}
return "attributes has been saved";
@@ -359,7 +370,7 @@ function import_fd_collect($edit) {
set_time_limit(180);
- if ($fp = @fopen($edit[url], "r")) {
+ if ($fp = @fopen($edit["url"], "r")) {
// fetch data:
while (!feof($fp)) {
$data .= fgets($fp, 128);
@@ -373,7 +384,7 @@ function import_fd_collect($edit) {
$items = explode("</channel>", $data);
foreach ($items as $item) {
- unset ($link, $title);
+ unset($link, $title);
// print "<pre>item = ". htmlentities($item) ."\n\n</pre>";
@@ -394,7 +405,7 @@ function import_fd_collect($edit) {
return form($output);
}
else {
- print status("failed to open '$edit[url]': $errstr.");
+ print status("failed to open '". $edit["url"] ."': $errstr.");
}
}
@@ -413,7 +424,7 @@ function import_tag() {
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
$output .= " <tr><th>time</th><th>feed</th><th>item</th></tr>\n";
while ($item = db_fetch_object($result)) {
- $output .= " <tr><td valign=\"top\" nowrap=\"nowrap\">". format_date($item->timestamp, "custom", "m/d/y") ."<br />".format_date($item->timestamp, "custom", "H:i") ."</td><td align=\"center\" valign=\"top\" nowrap=\"nowrap\"><a href=\"admin.php?mod=import&type=feed&op=edit&id=$item->fid\">". check_output($item->feed) ."</a></td><td><a href=\"". check_output($item->link) ."\">". check_output($item->title) ."</a>". ($item->description ? "<br /><small><i>". check_output($item->description, 1) ."</i></small>" : "") ."<br /><input type=\"text\" name=\"edit[$item->iid]\" value=\"". check_form($item->attributes) ."\" size=\"50\" /></td></tr>\n";
+ $output .= " <tr><td valign=\"top\" nowrap=\"nowrap\">". format_date($item->timestamp, "custom", "m/d/y") ."<br />". format_date($item->timestamp, "custom", "H:i") ."</td><td align=\"center\" valign=\"top\" nowrap=\"nowrap\"><a href=\"admin.php?mod=import&type=feed&op=edit&id=$item->fid\">". check_output($item->feed) ."</a></td><td><a href=\"". check_output($item->link) ."\">". check_output($item->title) ."</a>". ($item->description ? "<br /><small><i>". check_output($item->description, 1) ."</i></small>" : "") ."<br /><input type=\"text\" name=\"edit[$item->iid]\" value=\"". check_form($item->attributes) ."\" size=\"50\" /></td></tr>\n";
}
$output .= "</table>\n";
$output .= "<input type=\"submit\" name=\"op\" value=\"Save attributes\" />\n";
@@ -428,21 +439,25 @@ function import_admin() {
print "<small><a href=\"admin.php?mod=import&type=feed&op=add\">add new feed</a> | <a href=\"admin.php?mod=import&type=bundle&op=add\">add new bundle</a> | <a href=\"admin.php?mod=import&op=fd\">import feeds</a> | <a href=\"admin.php?mod=import&op=tag\">tag items</a> | <a href=\"admin.php?mod=import&op=view\">overview</a> | <a href=\"admin.php?mod=import&op=help\">help</a></small><hr />";
- switch($op) {
+ switch ($op) {
case "help":
print import_help();
break;
case "add":
- if ($type == "bundle")
+ if ($type == "bundle") {
print import_form_bundle();
- else
+ }
+ else {
print import_form_feed();
+ }
break;
case "edit":
- if ($type == "bundle")
+ if ($type == "bundle") {
print import_form_bundle(import_get_bundle($id));
- else
+ }
+ else {
print import_form_feed(import_get_feed($id));
+ }
break;
case "fd":
print import_fd_form();
@@ -470,16 +485,16 @@ function import_admin() {
print import_tag();
break;
case "Delete":
- $edit[title] = 0;
+ $edit["title"] = 0;
// fall through:
case "Submit":
- if ($type == "bundle")
+ if ($type == "bundle") {
print status(import_save_bundle($edit));
- else
+ }
+ else {
print status(import_save_feed($edit));
+ }
// fall through:
- print import_view();
- break;
default:
print import_view();
}
@@ -675,7 +690,7 @@ function import_page() {
global $op, $id;
if (user_access("access news feeds")) {
- switch($op) {
+ switch ($op) {
case "feed":
import_page_feed($id);
break;
diff --git a/modules/book.module b/modules/book.module
index b463dd43f2bc..37b9a2352076 100644
--- a/modules/book.module
+++ b/modules/book.module
@@ -423,7 +423,7 @@ function book_toc_recurse($nid, $indent, $toc, $children) {
return $toc;
}
-function book_toc($parent = "", $indent = "", $toc = array()) {
+function book_toc($parent = 0, $indent = "", $toc = array()) {
$result = db_query("SELECT n.nid, n.title, b.parent FROM node n LEFT JOIN book b ON n.nid = b.nid WHERE n.type = 'book' AND n.status = '1' ORDER BY b.weight, n.title");
@@ -446,46 +446,43 @@ function book_toc($parent = "", $indent = "", $toc = array()) {
** Iterate root book nodes:
*/
- $toc = book_toc_recurse(0, $indent, $toc, $children, $titles);
+ $toc = book_toc_recurse($parent, $indent, $toc, $children);
return $toc;
}
-function book_tree($parent = "", $depth = 0) {
- if ($depth < 3) {
+function book_tree_recurse($nid, $depth, $children) {
- /*
- ** Select all child nodes and render them into a table of contents:
- */
-
- $result = db_query("SELECT n.nid FROM node n LEFT JOIN book b ON n.nid = b.nid WHERE b.parent = '$parent' AND (n.moderate = 0 OR n.revisions != '') ORDER BY b.weight, n.title");
-
- while ($page = db_fetch_object($result)) {
- // load the node:
- $node = node_load(array("nid" => $page->nid));
-
- // take the most recent approved revision:
- if ($node->moderate) {
- $node = book_revision_load($node, array("moderate" => 0, "status" => 1));
- }
-
- if ($node) {
- // output the content:
+ if ($depth > 1) {
+ if ($children[$nid]) {
+ foreach ($children[$nid] as $foo => $node) {
$output .= "<li><a href=\"node.php?id=$node->nid\">". check_output($node->title) ."</a></li>";
-
- // build the sub-tree of each child:
- $output .= book_tree($node->nid, $depth + 1);
+ $output .= book_tree_recurse($node->nid, $depth - 1, $children);
}
}
+ }
+
+ return $output;
+}
+
- $output = "<ul>$output</ul>";
+function book_tree($parent = 0, $depth = 3) {
+
+ $result = db_query("SELECT n.nid, n.title, b.parent FROM node n LEFT JOIN book b ON n.nid = b.nid WHERE n.type = 'book' AND n.status = '1' ORDER BY b.weight, n.title");
+ while ($node = db_fetch_object($result)) {
+ $list = $children[$node->parent] ? $children[$node->parent] : array();
+ array_push($list, $node);
+ $children[$node->parent] = $list;
}
+ $output = book_tree_recurse($parent, $depth, $children);
+ $output = "<ul>$output</ul>";
return $output;
}
+
function book_render() {
global $theme;
diff --git a/modules/book/book.module b/modules/book/book.module
index b463dd43f2bc..37b9a2352076 100644
--- a/modules/book/book.module
+++ b/modules/book/book.module
@@ -423,7 +423,7 @@ function book_toc_recurse($nid, $indent, $toc, $children) {
return $toc;
}
-function book_toc($parent = "", $indent = "", $toc = array()) {
+function book_toc($parent = 0, $indent = "", $toc = array()) {
$result = db_query("SELECT n.nid, n.title, b.parent FROM node n LEFT JOIN book b ON n.nid = b.nid WHERE n.type = 'book' AND n.status = '1' ORDER BY b.weight, n.title");
@@ -446,46 +446,43 @@ function book_toc($parent = "", $indent = "", $toc = array()) {
** Iterate root book nodes:
*/
- $toc = book_toc_recurse(0, $indent, $toc, $children, $titles);
+ $toc = book_toc_recurse($parent, $indent, $toc, $children);
return $toc;
}
-function book_tree($parent = "", $depth = 0) {
- if ($depth < 3) {
+function book_tree_recurse($nid, $depth, $children) {
- /*
- ** Select all child nodes and render them into a table of contents:
- */
-
- $result = db_query("SELECT n.nid FROM node n LEFT JOIN book b ON n.nid = b.nid WHERE b.parent = '$parent' AND (n.moderate = 0 OR n.revisions != '') ORDER BY b.weight, n.title");
-
- while ($page = db_fetch_object($result)) {
- // load the node:
- $node = node_load(array("nid" => $page->nid));
-
- // take the most recent approved revision:
- if ($node->moderate) {
- $node = book_revision_load($node, array("moderate" => 0, "status" => 1));
- }
-
- if ($node) {
- // output the content:
+ if ($depth > 1) {
+ if ($children[$nid]) {
+ foreach ($children[$nid] as $foo => $node) {
$output .= "<li><a href=\"node.php?id=$node->nid\">". check_output($node->title) ."</a></li>";
-
- // build the sub-tree of each child:
- $output .= book_tree($node->nid, $depth + 1);
+ $output .= book_tree_recurse($node->nid, $depth - 1, $children);
}
}
+ }
+
+ return $output;
+}
+
- $output = "<ul>$output</ul>";
+function book_tree($parent = 0, $depth = 3) {
+
+ $result = db_query("SELECT n.nid, n.title, b.parent FROM node n LEFT JOIN book b ON n.nid = b.nid WHERE n.type = 'book' AND n.status = '1' ORDER BY b.weight, n.title");
+ while ($node = db_fetch_object($result)) {
+ $list = $children[$node->parent] ? $children[$node->parent] : array();
+ array_push($list, $node);
+ $children[$node->parent] = $list;
}
+ $output = book_tree_recurse($parent, $depth, $children);
+ $output = "<ul>$output</ul>";
return $output;
}
+
function book_render() {
global $theme;
diff --git a/modules/comment.module b/modules/comment.module
index e527fa87d1dc..a315589729b1 100644
--- a/modules/comment.module
+++ b/modules/comment.module
@@ -1,32 +1,33 @@
<?
// $Id$
-$GLOBALS["cmodes"] = array(1 => "List - min", 2 => "List - max", 3 => "Threaded - min", 4 => "Threaded - max");
-$GLOBALS["corder"] = array(1 => "Date - new", 2 => "Date - old", 3 => "Rate - high", 4 => "Rate - low");
+$GLOBALS["cmodes"] = array(1 => "Flat list - collapsed", 2 => "Flat list - expanded", 3 => "Threaded list - collapsed", 4 => "Threaded list - expanded");
+$GLOBALS["corder"] = array(1 => "Date - oldest first", 2 => "Date - newest first");
-function comment_moderate($moderate) {
+function comment_settings($mode, $order, $threshold) {
global $user;
- if ($user->uid && $moderate) {
- foreach ($moderate as $cid => $score) {
- if ($score > 0 && $score < 6) {
- if (db_fetch_object(db_query("SELECT * FROM moderate WHERE uid = '". check_query($user->uid) ."' AND cid = '". check_query($cid) ."'"))) {
- db_query("UPDATE moderate SET score = '". check_query($score) ."' WHERE uid = '". check_query($user->uid) ."' AND cid = '". check_query($cid) ."'");
- }
- else {
- db_query("INSERT INTO moderate (uid, cid, score, timestamp) VALUES ('". check_query($user->uid) ."', '". check_query($cid) ."', '". check_query($score) ."', '". time() ."')");
- }
- }
- }
+ if ($user->uid) {
+ $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
}
}
-function comment_settings($mode, $order, $threshold) {
+function comment_access($op, $comment) {
global $user;
- if ($user->uid) {
- $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
+ if ($op == "edit") {
+
+ /*
+ ** Authenticated users can edit their comments as long they have
+ ** not been replied to. This, in order to avoid people changing
+ ** or revising their statements based on the replies their posts
+ ** got. Furthermore, users can't reply to their own comments and
+ ** are encouraged to extend their original comment.
+ */
+
+ return $user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0;
}
+
}
function comment_form($edit) {
@@ -44,8 +45,9 @@ function comment_form($edit) {
$form .= form_textarea(t("Comment"), "comment", $edit["comment"] ? $edit["comment"] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
// preview button:
+ $form .= form_hidden("cid", $edit["cid"]);
$form .= form_hidden("pid", $edit["pid"]);
- $form .= form_hidden("id", $edit["id"]);
+ $form .= form_hidden("nid", $edit["nid"]);
if (!$edit["comment"]) {
$form .= form_submit(t("Preview comment"));
@@ -58,7 +60,17 @@ function comment_form($edit) {
return form($form);
}
-function comment_reply($pid, $id) {
+function comment_edit($cid) {
+ global $user;
+
+ $comment = db_fetch_object(db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$cid'"));
+
+ if (comment_access("edit", $comment)) {
+ comment_preview(object2array($comment));
+ }
+}
+
+function comment_reply($pid, $nid) {
global $theme;
if ($pid) {
@@ -66,12 +78,12 @@ function comment_reply($pid, $id) {
comment_view($comment, t("reply to this comment"));
}
else {
- node_view(node_load(array("nid" => $id)));
+ node_view(node_load(array("nid" => $nid)));
$pid = 0;
}
if (user_access("post comments")) {
- $theme->box(t("Reply"), comment_form(array(pid=>$pid, id=>$id)));
+ $theme->box(t("Reply"), comment_form(array("pid" => $pid, "nid" => $nid)));
}
else {
$theme->box(t("Reply"), t("You are not authorized to post comments."));
@@ -111,12 +123,6 @@ function comment_post($edit) {
global $theme, $user;
if (user_access("post comments")) {
- /*
- ** Check the user's comment submission rate. If exceeded,
- ** throttle() will bail out.
- */
-
- throttle("post comment", variable_get(max_comment_rate, 60));
/*
** Validate the comment's subject. If not specified, extract
@@ -136,34 +142,69 @@ function comment_post($edit) {
** validated/filtered data to perform such check.
*/
- $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_input($edit["pid"]) ."' AND lid = '". check_input($edit["id"]) ."' AND subject = '". check_input($edit["subject"]) ."' AND comment = '". check_input($edit["comment"]) ."'"), 0);
+ $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_query($edit["pid"]) ."' AND nid = '". check_query($edit["nid"]) ."' AND subject = '". check_query($edit["subject"]) ."' AND comment = '". check_query($edit["comment"]) ."'"), 0);
if ($duplicate != 0) {
watchdog("warning", "comment: duplicate '". $edit["subject"] ."'");
}
else {
- /*
- ** Add the comment to database:
- */
- db_query("INSERT INTO comments (lid, pid, uid, subject, comment, hostname, timestamp) VALUES ('". check_query($edit["id"]) ."', '". check_query($edit["pid"]) ."', '$user->uid', '". check_query($edit["subject"]) ."', '". check_query($edit["comment"]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
+ if ($edit["cid"]) {
- /*
- ** Add entry to the watchdog log:
- */
+ /*
+ ** Update the comment in the database. Note that the update
+ ** query will fail if the comment isn't owned by the current
+ ** user.
+ */
+
+ db_query("UPDATE comments SET subject = '". check_query($edit["subject"]) ."', comment = '". check_query($edit["comment"]) ."' WHERE cid = '". check_query($edit["cid"]) ."' AND uid = '$user->uid'");
+
+ /*
+ ** Add entry to the watchdog log:
+ */
+
+ watchdog("special", "comment: updated '". $edit["subject"] ."'");
+ }
+ else {
+ /*
+ ** Check the user's comment submission rate. If exceeded,
+ ** throttle() will bail out.
+ */
+
+ throttle("post comment", variable_get("max_comment_rate", 60));
+
+ /*
+ ** Add the comment to database:
+ */
+
+ db_query("INSERT INTO comments (nid, pid, uid, subject, comment, hostname, timestamp) VALUES ('". check_query($edit["nid"]) ."', '". check_query($edit["pid"]) ."', '$user->uid', '". check_query($edit["subject"]) ."', '". check_query($edit["comment"]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
+
+ /*
+ ** Add entry to the watchdog log:
+ */
- watchdog("special", "comment: added '". $edit["subject"] ."'");
+ watchdog("special", "comment: added '". $edit["subject"] ."'");
+ }
/*
** Clear the cache:
*/
cache_clear();
+
}
}
+
+ /*
+ ** Redirect the user the node he commented on:
+ */
+
+ $url = "node.php?id=". $edit["nid"];
+ drupal_goto($url);
+
}
-function comment_num_replies($id, $count = 0) {
+function comment_num_replies($id) {
$result = db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$id'");
return ($result) ? db_result($result, 0) : 0;
@@ -173,6 +214,9 @@ function comment_num_replies($id, $count = 0) {
function comment_moderation($comment) {
global $user;
+ // XXX: disabled for now
+ return "";
+
$values = array("--", "1", "2", "3", "4", "5");
$moderate = db_fetch_object(db_query("SELECT * FROM moderate WHERE cid = '$comment->cid' AND uid = '$user->uid'"));
@@ -187,6 +231,9 @@ function comment_moderation($comment) {
}
function comment_threshold($threshold) {
+ // XXX: disabled for now
+ return "";
+
for ($i = 0; $i < 6; $i++) $options .= " <option value=\"$i\"". ($threshold == $i ? " SELECTED" : "") .">". t("Visibility") ." - $i</option>";
return "<select name=\"threshold\">$options</select>\n";
}
@@ -205,15 +252,15 @@ function comment_order($order) {
return "<select name=\"order\">$options</select>\n";
}
-function comment_query($lid, $order, $pid = -1) {
+function comment_query($nid, $order, $pid = -1) {
- $query .= "SELECT c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name, AVG(m.score) AS score, COUNT(m.cid) AS votes FROM comments c LEFT JOIN users u ON c.uid = u.uid LEFT JOIN moderate m ON c.cid = m.cid WHERE c.lid = '$lid'";
+ $query .= "SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.nid = '$nid'";
if ($pid >= 0) {
$query .= " AND pid = '$pid'";
}
- $query .= " GROUP BY c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name";
+ $query .= " GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name";
if ($order == 1) {
$query .= " ORDER BY c.timestamp DESC";
@@ -221,12 +268,6 @@ function comment_query($lid, $order, $pid = -1) {
else if ($order == 2) {
$query .= " ORDER BY c.timestamp";
}
- else if ($order == 3) {
- $query .= " ORDER BY score DESC";
- }
- else if ($order == 4) {
- $query .= " ORDER BY score";
- }
return db_query($query);
@@ -242,12 +283,12 @@ function comment_visible($comment, $threshold = 0) {
}
function comment_links($comment, $return = 1) {
- global $theme;
+ global $user, $theme;
$links = array();
if ($return) {
- $links[] = "<a href=\"node.php?id=$comment->lid#$comment->cid\"><font color=\"$theme->type\">". t("return") ."</font></a>";
+ $links[] = "<a href=\"node.php?id=$comment->nid#$comment->cid\"><font color=\"$theme->type\">". t("return") ."</font></a>";
}
if (user_access("administer comments")) {
@@ -255,9 +296,15 @@ function comment_links($comment, $return = 1) {
}
if (user_access("post comments")) {
- $links[] = "<a href=\"node.php?op=reply&id=$comment->lid&pid=$comment->cid\"><font color=\"$theme->type\">". t("reply to this comment") ."</font></a>";
+ if (comment_access("edit", $comment)) {
+ $links[] = "<a href=\"module.php?mod=comment&op=edit&id=$comment->cid\"><font color=\"$theme->type\">". t("edit your comment") ."</font></a>";
+ }
+ else {
+ $links[] = "<a href=\"module.php?mod=comment&op=reply&id=$comment->nid&pid=$comment->cid\"><font color=\"$theme->type\">". t("reply to this comment") ."</font></a>";
+ }
}
+
return $theme->links($links);
}
@@ -268,7 +315,7 @@ function comment_view($comment, $folded = 0) {
$theme->comment($comment, $folded);
}
else {
- print "<a href=\"node.php?id=$comment->lid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a> by ". format_name($comment) ." <small>(". ($comment->score ? $comment->score : "--") ." / $comment->votes)</small><p />";
+ print "<a href=\"node.php?id=$comment->nid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a> by ". format_name($comment) ."</small><p />";
}
}
@@ -300,7 +347,7 @@ function comment_thread_max($comments, $threshold, $pid = 0, $level = 0) {
foreach ($comments as $comment) {
if ($comment->pid == $pid) {
print "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr><td width=\"". ($level * 25) ."\"> </td><td>\n";
- comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
+ comment_view($comment, comment_links($comment, 0));
print "</td></tr></table>\n";
comment_thread_max($comments, $threshold, $comment->cid, $level + 1);
@@ -309,7 +356,7 @@ function comment_thread_max($comments, $threshold, $pid = 0, $level = 0) {
}
-function comment_render($lid, $cid) {
+function comment_render($nid, $cid) {
global $user, $theme, $mode, $order, $threshold, $REQUEST_URI;
if (user_access("access comments")) {
@@ -318,8 +365,8 @@ function comment_render($lid, $cid) {
** Pre-process variables:
*/
- if (empty($lid)) {
- $lid = 0;
+ if (empty($nid)) {
+ $nid = 0;
}
if (empty($cid)) {
@@ -327,15 +374,16 @@ function comment_render($lid, $cid) {
}
if (empty($mode)) {
- $mode = $user->uid ? $user->mode : variable_get(default_comment_mode, 4);
+ $mode = $user->uid ? $user->mode : variable_get("default_comment_mode", 4);
}
if (empty($order)) {
- $order = $user->uid ? $user->sort : variable_get(default_comment_order, 1);
+ $order = $user->uid ? $user->sort : variable_get("default_comment_order", 1);
}
if (empty($threshold)) {
- $threshold = $user->uid ? $user->threshold : variable_get(default_comment_threshold, 3);
+ // $threshold = $user->uid ? $user->threshold : variable_get("default_comment_threshold", 3);
+ $threshold = 0;
}
print "<a name=\"comment\"></a>\n";
@@ -348,31 +396,31 @@ function comment_render($lid, $cid) {
$theme->box(t("Control panel"), $theme->comment_controls($threshold, $mode, $order));
if ($cid > 0) {
- $result = db_query("SELECT c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name, AVG(m.score) AS score, COUNT(m.cid) AS votes FROM comments c LEFT JOIN users u ON c.uid = u.uid LEFT JOIN moderate m ON c.cid = m.cid WHERE c.cid = '$cid' GROUP BY c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name");
+ $result = db_query("SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$cid' GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name");
if ($comment = db_fetch_object($result)) {
comment_view($comment, comment_links($comment));
}
}
else {
if ($mode == 1) {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
print "<table border=\"0\" cellpadding=\"2\" cellspacing=\"2\">\n";
print " <tr><th>Subject</th><th>Author</th><th>Date</th><th>Score</th></tr>\n";
while ($comment = db_fetch_object($result)) {
if (comment_visible($comment, $threshold)) {
- print " <tr><td><a href=\"node.php?id=$comment->lid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td>$comment->score</td></tr>\n";
+ print " <tr><td><a href=\"node.php?id=$comment->nid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td>$comment->score</td></tr>\n";
}
}
print "</table>\n";
}
else if ($mode == 2) {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
while ($comment = db_fetch_object($result)) {
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
}
}
else if ($mode == 3) {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
while ($comment = db_fetch_object($result)) {
$comments[] = $comment;
}
@@ -382,7 +430,7 @@ function comment_render($lid, $cid) {
}
}
else {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
while ($comment = db_fetch_object($result)) {
$comments[] = $comment;
}
@@ -402,7 +450,7 @@ function comment_search($keys) {
global $PHP_SELF;
$result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
- $find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
+ $find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->nid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
}
return $find;
}
@@ -435,7 +483,7 @@ function comment_link($type, $node = 0, $main = 0) {
*/
if (user_access("post comments")) {
- $links[] = "<a href=\"node.php?id=$node->nid&op=comment#comment\">". t("add new comment") ."</a>";
+ $links[] = "<a href=\"module.php?mod=comment&op=reply&id=$node->nid#comment\">". t("add new comment") ."</a>";
}
}
}
@@ -451,7 +499,7 @@ function comment_node_link($node) {
** Edit comments:
*/
- $result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE lid = '$node->nid' ORDER BY c.timestamp");
+ $result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE nid = '$node->nid' ORDER BY c.timestamp");
$output .= "<h3>". t("Edit comments") ."</h3>";
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">";
@@ -467,7 +515,42 @@ function comment_node_link($node) {
}
}
-function comment_edit($id) {
+
+function comment_save($id, $edit) {
+ db_query("UPDATE comments SET subject = '". check_query(filter($edit["subject"])) ."', comment = '". check_query(filter($edit["comment"])) ."' WHERE cid = '$id'");
+ watchdog("special", "comment: modified '". $edit["subject"] ."'");
+}
+
+function comment_page() {
+ global $theme, $op, $edit, $id, $pid, $cid;
+
+ switch ($op) {
+ case "edit":
+ $theme->header();
+ comment_edit(check_query($id));
+ $theme->footer();
+ break;
+ case "reply":
+ $theme->header();
+ comment_reply(check_query($pid), check_query($id));
+ $theme->footer();
+ break;
+ case t("Preview comment"):
+ $theme->header();
+ comment_preview($edit);
+ $theme->footer();
+ break;
+ case t("Post comment"):
+ comment_post($edit);
+ break;
+ case t("Update settings"):
+ comment_settings(check_query($mode), check_query($order), check_query($threshold));
+ break;
+ default:
+ }
+}
+
+function comment_admin_edit($id) {
$result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
@@ -475,33 +558,41 @@ function comment_edit($id) {
$form .= form_item(t("Author"), format_name($comment));
$form .= form_textfield(t("Subject"), "subject", $comment->subject, 70, 128);
$form .= form_textarea(t("Comment"), "comment", $comment->comment, 70, 15);
+ $form .= form_hidden("cid", $id);
$form .= form_submit(t("Submit"));
+ $form .= form_submit(t("Delete"));
return form($form);
}
-function comment_save($id, $edit) {
- db_query("UPDATE comments SET subject = '". check_query(filter($edit["subject"])) ."', comment = '". check_query(filter($edit["comment"])) ."' WHERE cid = '$id'");
- watchdog("special", "comment: modified '". $edit["subject"] ."'");
-}
-
-function comment_overview() {
+function comment_admin_overview() {
$result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.uid ORDER BY timestamp DESC LIMIT 50");
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
$output .= " <tr><th>subject</th><th>author</th><th>date</th><th colspan=\"2\">operations</th></tr>\n";
while ($comment = db_fetch_object($result)) {
- $output .= " <tr><td><a href=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td><a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</a></td><td><a href=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</a></td></tr>\n";
+ $output .= " <tr><td><a href=\"node.php?id=$comment->nid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td><a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</a></td><td><a href=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</a></td></tr>\n";
}
$output .= "</table>\n";
return $output;
}
-function comment_delete($id) {
- db_query("DELETE FROM comments WHERE cid = '$id'");
- db_query("DELETE FROM moderate WHERE cid = '$id'");
- watchdog("special", "comment: deleted '$id'");
+function comment_delete($edit) {
+
+ if ($edit["confirm"]) {
+ db_query("DELETE FROM comments WHERE cid = '". check_query($edit["cid"]) ."'");
+ watchdog("special", "comment: deleted comment #". $edit["cid"]);
+ }
+ else {
+ $output .= form_item(t("Confirm deletion"), "");
+ $output .= form_hidden("cid", $edit["cid"]);
+ $output .= form_hidden("confirm", 1);
+ $output .= form_submit(t("Delete"));
+ $output = form($output);
+ }
+
+ return $output;
}
function comment_admin() {
@@ -513,21 +604,23 @@ function comment_admin() {
switch ($op) {
case "edit":
- print comment_edit($id);
+ print comment_admin_edit($id);
break;
case "search":
print search_type("comment", "admin.php?mod=comment&op=search");
break;
case "delete":
- print comment_delete(check_query($id));
- print comment_overview();
+ print comment_delete(array("cid" => $id));
+ break;
+ case t("Delete"):
+ print comment_delete($edit);
break;
case t("Submit"):
print status(comment_save(check_query($id), $edit));
- print comment_overview();
+ print comment_admin_overview();
break;
default:
- print comment_overview();
+ print comment_admin_overview();
}
}
else {
diff --git a/modules/comment/comment.module b/modules/comment/comment.module
index e527fa87d1dc..a315589729b1 100644
--- a/modules/comment/comment.module
+++ b/modules/comment/comment.module
@@ -1,32 +1,33 @@
<?
// $Id$
-$GLOBALS["cmodes"] = array(1 => "List - min", 2 => "List - max", 3 => "Threaded - min", 4 => "Threaded - max");
-$GLOBALS["corder"] = array(1 => "Date - new", 2 => "Date - old", 3 => "Rate - high", 4 => "Rate - low");
+$GLOBALS["cmodes"] = array(1 => "Flat list - collapsed", 2 => "Flat list - expanded", 3 => "Threaded list - collapsed", 4 => "Threaded list - expanded");
+$GLOBALS["corder"] = array(1 => "Date - oldest first", 2 => "Date - newest first");
-function comment_moderate($moderate) {
+function comment_settings($mode, $order, $threshold) {
global $user;
- if ($user->uid && $moderate) {
- foreach ($moderate as $cid => $score) {
- if ($score > 0 && $score < 6) {
- if (db_fetch_object(db_query("SELECT * FROM moderate WHERE uid = '". check_query($user->uid) ."' AND cid = '". check_query($cid) ."'"))) {
- db_query("UPDATE moderate SET score = '". check_query($score) ."' WHERE uid = '". check_query($user->uid) ."' AND cid = '". check_query($cid) ."'");
- }
- else {
- db_query("INSERT INTO moderate (uid, cid, score, timestamp) VALUES ('". check_query($user->uid) ."', '". check_query($cid) ."', '". check_query($score) ."', '". time() ."')");
- }
- }
- }
+ if ($user->uid) {
+ $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
}
}
-function comment_settings($mode, $order, $threshold) {
+function comment_access($op, $comment) {
global $user;
- if ($user->uid) {
- $user = user_save($user, array("mode" => $mode, "sort" => $order, "threshold" => $threshold));
+ if ($op == "edit") {
+
+ /*
+ ** Authenticated users can edit their comments as long they have
+ ** not been replied to. This, in order to avoid people changing
+ ** or revising their statements based on the replies their posts
+ ** got. Furthermore, users can't reply to their own comments and
+ ** are encouraged to extend their original comment.
+ */
+
+ return $user->uid && $user->uid == $comment->uid && comment_num_replies($comment->cid) == 0;
}
+
}
function comment_form($edit) {
@@ -44,8 +45,9 @@ function comment_form($edit) {
$form .= form_textarea(t("Comment"), "comment", $edit["comment"] ? $edit["comment"] : $user->signature, 70, 10, t("Allowed HTML tags") .": ". htmlspecialchars(variable_get("allowed_html", "")));
// preview button:
+ $form .= form_hidden("cid", $edit["cid"]);
$form .= form_hidden("pid", $edit["pid"]);
- $form .= form_hidden("id", $edit["id"]);
+ $form .= form_hidden("nid", $edit["nid"]);
if (!$edit["comment"]) {
$form .= form_submit(t("Preview comment"));
@@ -58,7 +60,17 @@ function comment_form($edit) {
return form($form);
}
-function comment_reply($pid, $id) {
+function comment_edit($cid) {
+ global $user;
+
+ $comment = db_fetch_object(db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$cid'"));
+
+ if (comment_access("edit", $comment)) {
+ comment_preview(object2array($comment));
+ }
+}
+
+function comment_reply($pid, $nid) {
global $theme;
if ($pid) {
@@ -66,12 +78,12 @@ function comment_reply($pid, $id) {
comment_view($comment, t("reply to this comment"));
}
else {
- node_view(node_load(array("nid" => $id)));
+ node_view(node_load(array("nid" => $nid)));
$pid = 0;
}
if (user_access("post comments")) {
- $theme->box(t("Reply"), comment_form(array(pid=>$pid, id=>$id)));
+ $theme->box(t("Reply"), comment_form(array("pid" => $pid, "nid" => $nid)));
}
else {
$theme->box(t("Reply"), t("You are not authorized to post comments."));
@@ -111,12 +123,6 @@ function comment_post($edit) {
global $theme, $user;
if (user_access("post comments")) {
- /*
- ** Check the user's comment submission rate. If exceeded,
- ** throttle() will bail out.
- */
-
- throttle("post comment", variable_get(max_comment_rate, 60));
/*
** Validate the comment's subject. If not specified, extract
@@ -136,34 +142,69 @@ function comment_post($edit) {
** validated/filtered data to perform such check.
*/
- $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_input($edit["pid"]) ."' AND lid = '". check_input($edit["id"]) ."' AND subject = '". check_input($edit["subject"]) ."' AND comment = '". check_input($edit["comment"]) ."'"), 0);
+ $duplicate = db_result(db_query("SELECT COUNT(cid) FROM comments WHERE pid = '". check_query($edit["pid"]) ."' AND nid = '". check_query($edit["nid"]) ."' AND subject = '". check_query($edit["subject"]) ."' AND comment = '". check_query($edit["comment"]) ."'"), 0);
if ($duplicate != 0) {
watchdog("warning", "comment: duplicate '". $edit["subject"] ."'");
}
else {
- /*
- ** Add the comment to database:
- */
- db_query("INSERT INTO comments (lid, pid, uid, subject, comment, hostname, timestamp) VALUES ('". check_query($edit["id"]) ."', '". check_query($edit["pid"]) ."', '$user->uid', '". check_query($edit["subject"]) ."', '". check_query($edit["comment"]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
+ if ($edit["cid"]) {
- /*
- ** Add entry to the watchdog log:
- */
+ /*
+ ** Update the comment in the database. Note that the update
+ ** query will fail if the comment isn't owned by the current
+ ** user.
+ */
+
+ db_query("UPDATE comments SET subject = '". check_query($edit["subject"]) ."', comment = '". check_query($edit["comment"]) ."' WHERE cid = '". check_query($edit["cid"]) ."' AND uid = '$user->uid'");
+
+ /*
+ ** Add entry to the watchdog log:
+ */
+
+ watchdog("special", "comment: updated '". $edit["subject"] ."'");
+ }
+ else {
+ /*
+ ** Check the user's comment submission rate. If exceeded,
+ ** throttle() will bail out.
+ */
+
+ throttle("post comment", variable_get("max_comment_rate", 60));
+
+ /*
+ ** Add the comment to database:
+ */
+
+ db_query("INSERT INTO comments (nid, pid, uid, subject, comment, hostname, timestamp) VALUES ('". check_query($edit["nid"]) ."', '". check_query($edit["pid"]) ."', '$user->uid', '". check_query($edit["subject"]) ."', '". check_query($edit["comment"]) ."', '". getenv("REMOTE_ADDR") ."', '". time() ."')");
+
+ /*
+ ** Add entry to the watchdog log:
+ */
- watchdog("special", "comment: added '". $edit["subject"] ."'");
+ watchdog("special", "comment: added '". $edit["subject"] ."'");
+ }
/*
** Clear the cache:
*/
cache_clear();
+
}
}
+
+ /*
+ ** Redirect the user the node he commented on:
+ */
+
+ $url = "node.php?id=". $edit["nid"];
+ drupal_goto($url);
+
}
-function comment_num_replies($id, $count = 0) {
+function comment_num_replies($id) {
$result = db_query("SELECT COUNT(cid) FROM comments WHERE pid = '$id'");
return ($result) ? db_result($result, 0) : 0;
@@ -173,6 +214,9 @@ function comment_num_replies($id, $count = 0) {
function comment_moderation($comment) {
global $user;
+ // XXX: disabled for now
+ return "";
+
$values = array("--", "1", "2", "3", "4", "5");
$moderate = db_fetch_object(db_query("SELECT * FROM moderate WHERE cid = '$comment->cid' AND uid = '$user->uid'"));
@@ -187,6 +231,9 @@ function comment_moderation($comment) {
}
function comment_threshold($threshold) {
+ // XXX: disabled for now
+ return "";
+
for ($i = 0; $i < 6; $i++) $options .= " <option value=\"$i\"". ($threshold == $i ? " SELECTED" : "") .">". t("Visibility") ." - $i</option>";
return "<select name=\"threshold\">$options</select>\n";
}
@@ -205,15 +252,15 @@ function comment_order($order) {
return "<select name=\"order\">$options</select>\n";
}
-function comment_query($lid, $order, $pid = -1) {
+function comment_query($nid, $order, $pid = -1) {
- $query .= "SELECT c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name, AVG(m.score) AS score, COUNT(m.cid) AS votes FROM comments c LEFT JOIN users u ON c.uid = u.uid LEFT JOIN moderate m ON c.cid = m.cid WHERE c.lid = '$lid'";
+ $query .= "SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.nid = '$nid'";
if ($pid >= 0) {
$query .= " AND pid = '$pid'";
}
- $query .= " GROUP BY c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name";
+ $query .= " GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name";
if ($order == 1) {
$query .= " ORDER BY c.timestamp DESC";
@@ -221,12 +268,6 @@ function comment_query($lid, $order, $pid = -1) {
else if ($order == 2) {
$query .= " ORDER BY c.timestamp";
}
- else if ($order == 3) {
- $query .= " ORDER BY score DESC";
- }
- else if ($order == 4) {
- $query .= " ORDER BY score";
- }
return db_query($query);
@@ -242,12 +283,12 @@ function comment_visible($comment, $threshold = 0) {
}
function comment_links($comment, $return = 1) {
- global $theme;
+ global $user, $theme;
$links = array();
if ($return) {
- $links[] = "<a href=\"node.php?id=$comment->lid#$comment->cid\"><font color=\"$theme->type\">". t("return") ."</font></a>";
+ $links[] = "<a href=\"node.php?id=$comment->nid#$comment->cid\"><font color=\"$theme->type\">". t("return") ."</font></a>";
}
if (user_access("administer comments")) {
@@ -255,9 +296,15 @@ function comment_links($comment, $return = 1) {
}
if (user_access("post comments")) {
- $links[] = "<a href=\"node.php?op=reply&id=$comment->lid&pid=$comment->cid\"><font color=\"$theme->type\">". t("reply to this comment") ."</font></a>";
+ if (comment_access("edit", $comment)) {
+ $links[] = "<a href=\"module.php?mod=comment&op=edit&id=$comment->cid\"><font color=\"$theme->type\">". t("edit your comment") ."</font></a>";
+ }
+ else {
+ $links[] = "<a href=\"module.php?mod=comment&op=reply&id=$comment->nid&pid=$comment->cid\"><font color=\"$theme->type\">". t("reply to this comment") ."</font></a>";
+ }
}
+
return $theme->links($links);
}
@@ -268,7 +315,7 @@ function comment_view($comment, $folded = 0) {
$theme->comment($comment, $folded);
}
else {
- print "<a href=\"node.php?id=$comment->lid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a> by ". format_name($comment) ." <small>(". ($comment->score ? $comment->score : "--") ." / $comment->votes)</small><p />";
+ print "<a href=\"node.php?id=$comment->nid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a> by ". format_name($comment) ."</small><p />";
}
}
@@ -300,7 +347,7 @@ function comment_thread_max($comments, $threshold, $pid = 0, $level = 0) {
foreach ($comments as $comment) {
if ($comment->pid == $pid) {
print "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\"><tr><td width=\"". ($level * 25) ."\"> </td><td>\n";
- comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
+ comment_view($comment, comment_links($comment, 0));
print "</td></tr></table>\n";
comment_thread_max($comments, $threshold, $comment->cid, $level + 1);
@@ -309,7 +356,7 @@ function comment_thread_max($comments, $threshold, $pid = 0, $level = 0) {
}
-function comment_render($lid, $cid) {
+function comment_render($nid, $cid) {
global $user, $theme, $mode, $order, $threshold, $REQUEST_URI;
if (user_access("access comments")) {
@@ -318,8 +365,8 @@ function comment_render($lid, $cid) {
** Pre-process variables:
*/
- if (empty($lid)) {
- $lid = 0;
+ if (empty($nid)) {
+ $nid = 0;
}
if (empty($cid)) {
@@ -327,15 +374,16 @@ function comment_render($lid, $cid) {
}
if (empty($mode)) {
- $mode = $user->uid ? $user->mode : variable_get(default_comment_mode, 4);
+ $mode = $user->uid ? $user->mode : variable_get("default_comment_mode", 4);
}
if (empty($order)) {
- $order = $user->uid ? $user->sort : variable_get(default_comment_order, 1);
+ $order = $user->uid ? $user->sort : variable_get("default_comment_order", 1);
}
if (empty($threshold)) {
- $threshold = $user->uid ? $user->threshold : variable_get(default_comment_threshold, 3);
+ // $threshold = $user->uid ? $user->threshold : variable_get("default_comment_threshold", 3);
+ $threshold = 0;
}
print "<a name=\"comment\"></a>\n";
@@ -348,31 +396,31 @@ function comment_render($lid, $cid) {
$theme->box(t("Control panel"), $theme->comment_controls($threshold, $mode, $order));
if ($cid > 0) {
- $result = db_query("SELECT c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name, AVG(m.score) AS score, COUNT(m.cid) AS votes FROM comments c LEFT JOIN users u ON c.uid = u.uid LEFT JOIN moderate m ON c.cid = m.cid WHERE c.cid = '$cid' GROUP BY c.cid, c.pid, c.lid, c.subject, c.comment, c.timestamp, u.uid, u.name");
+ $result = db_query("SELECT c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$cid' GROUP BY c.cid, c.pid, c.nid, c.subject, c.comment, c.timestamp, u.uid, u.name");
if ($comment = db_fetch_object($result)) {
comment_view($comment, comment_links($comment));
}
}
else {
if ($mode == 1) {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
print "<table border=\"0\" cellpadding=\"2\" cellspacing=\"2\">\n";
print " <tr><th>Subject</th><th>Author</th><th>Date</th><th>Score</th></tr>\n";
while ($comment = db_fetch_object($result)) {
if (comment_visible($comment, $threshold)) {
- print " <tr><td><a href=\"node.php?id=$comment->lid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td>$comment->score</td></tr>\n";
+ print " <tr><td><a href=\"node.php?id=$comment->nid&cid=$comment->cid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td>$comment->score</td></tr>\n";
}
}
print "</table>\n";
}
else if ($mode == 2) {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
while ($comment = db_fetch_object($result)) {
comment_view($comment, (comment_visible($comment, $threshold) ? comment_links($comment, 0) : 0));
}
}
else if ($mode == 3) {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
while ($comment = db_fetch_object($result)) {
$comments[] = $comment;
}
@@ -382,7 +430,7 @@ function comment_render($lid, $cid) {
}
}
else {
- $result = comment_query($lid, $order);
+ $result = comment_query($nid, $order);
while ($comment = db_fetch_object($result)) {
$comments[] = $comment;
}
@@ -402,7 +450,7 @@ function comment_search($keys) {
global $PHP_SELF;
$result = db_query("SELECT c.*, u.name FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.subject LIKE '%$keys%' OR c.comment LIKE '%$keys%' ORDER BY c.timestamp DESC LIMIT 20");
while ($comment = db_fetch_object($result)) {
- $find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->lid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
+ $find[$i++] = array("title" => check_output($comment->subject), "link" => (strstr($PHP_SELF, "admin.php") ? "admin.php?mod=comment&op=edit&id=$comment->cid" : "node.php?id=$comment->nid&cid=$comment->cid"), "user" => $comment->name, "date" => $comment->timestamp);
}
return $find;
}
@@ -435,7 +483,7 @@ function comment_link($type, $node = 0, $main = 0) {
*/
if (user_access("post comments")) {
- $links[] = "<a href=\"node.php?id=$node->nid&op=comment#comment\">". t("add new comment") ."</a>";
+ $links[] = "<a href=\"module.php?mod=comment&op=reply&id=$node->nid#comment\">". t("add new comment") ."</a>";
}
}
}
@@ -451,7 +499,7 @@ function comment_node_link($node) {
** Edit comments:
*/
- $result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE lid = '$node->nid' ORDER BY c.timestamp");
+ $result = db_query("SELECT c.cid, c.subject, u.uid, u.name FROM comments c LEFT JOIN users u ON u.uid = c.uid WHERE nid = '$node->nid' ORDER BY c.timestamp");
$output .= "<h3>". t("Edit comments") ."</h3>";
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">";
@@ -467,7 +515,42 @@ function comment_node_link($node) {
}
}
-function comment_edit($id) {
+
+function comment_save($id, $edit) {
+ db_query("UPDATE comments SET subject = '". check_query(filter($edit["subject"])) ."', comment = '". check_query(filter($edit["comment"])) ."' WHERE cid = '$id'");
+ watchdog("special", "comment: modified '". $edit["subject"] ."'");
+}
+
+function comment_page() {
+ global $theme, $op, $edit, $id, $pid, $cid;
+
+ switch ($op) {
+ case "edit":
+ $theme->header();
+ comment_edit(check_query($id));
+ $theme->footer();
+ break;
+ case "reply":
+ $theme->header();
+ comment_reply(check_query($pid), check_query($id));
+ $theme->footer();
+ break;
+ case t("Preview comment"):
+ $theme->header();
+ comment_preview($edit);
+ $theme->footer();
+ break;
+ case t("Post comment"):
+ comment_post($edit);
+ break;
+ case t("Update settings"):
+ comment_settings(check_query($mode), check_query($order), check_query($threshold));
+ break;
+ default:
+ }
+}
+
+function comment_admin_edit($id) {
$result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON c.uid = u.uid WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
@@ -475,33 +558,41 @@ function comment_edit($id) {
$form .= form_item(t("Author"), format_name($comment));
$form .= form_textfield(t("Subject"), "subject", $comment->subject, 70, 128);
$form .= form_textarea(t("Comment"), "comment", $comment->comment, 70, 15);
+ $form .= form_hidden("cid", $id);
$form .= form_submit(t("Submit"));
+ $form .= form_submit(t("Delete"));
return form($form);
}
-function comment_save($id, $edit) {
- db_query("UPDATE comments SET subject = '". check_query(filter($edit["subject"])) ."', comment = '". check_query(filter($edit["comment"])) ."' WHERE cid = '$id'");
- watchdog("special", "comment: modified '". $edit["subject"] ."'");
-}
-
-function comment_overview() {
+function comment_admin_overview() {
$result = db_query("SELECT c.*, u.name, u.uid FROM comments c LEFT JOIN users u ON u.uid = c.uid ORDER BY timestamp DESC LIMIT 50");
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
$output .= " <tr><th>subject</th><th>author</th><th>date</th><th colspan=\"2\">operations</th></tr>\n";
while ($comment = db_fetch_object($result)) {
- $output .= " <tr><td><a href=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td><a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</a></td><td><a href=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</a></td></tr>\n";
+ $output .= " <tr><td><a href=\"node.php?id=$comment->nid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</a></td><td>". format_name($comment) ."</td><td>". format_date($comment->timestamp, "small") ."</td><td><a href=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</a></td><td><a href=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</a></td></tr>\n";
}
$output .= "</table>\n";
return $output;
}
-function comment_delete($id) {
- db_query("DELETE FROM comments WHERE cid = '$id'");
- db_query("DELETE FROM moderate WHERE cid = '$id'");
- watchdog("special", "comment: deleted '$id'");
+function comment_delete($edit) {
+
+ if ($edit["confirm"]) {
+ db_query("DELETE FROM comments WHERE cid = '". check_query($edit["cid"]) ."'");
+ watchdog("special", "comment: deleted comment #". $edit["cid"]);
+ }
+ else {
+ $output .= form_item(t("Confirm deletion"), "");
+ $output .= form_hidden("cid", $edit["cid"]);
+ $output .= form_hidden("confirm", 1);
+ $output .= form_submit(t("Delete"));
+ $output = form($output);
+ }
+
+ return $output;
}
function comment_admin() {
@@ -513,21 +604,23 @@ function comment_admin() {
switch ($op) {
case "edit":
- print comment_edit($id);
+ print comment_admin_edit($id);
break;
case "search":
print search_type("comment", "admin.php?mod=comment&op=search");
break;
case "delete":
- print comment_delete(check_query($id));
- print comment_overview();
+ print comment_delete(array("cid" => $id));
+ break;
+ case t("Delete"):
+ print comment_delete($edit);
break;
case t("Submit"):
print status(comment_save(check_query($id), $edit));
- print comment_overview();
+ print comment_admin_overview();
break;
default:
- print comment_overview();
+ print comment_admin_overview();
}
}
else {
diff --git a/modules/forum.module b/modules/forum.module
index 94f28766f51c..8086a88267b2 100644
--- a/modules/forum.module
+++ b/modules/forum.module
@@ -58,12 +58,12 @@ function forum_form(&$node, &$help, &$error) {
function forum_num_comments($nid) {
- $value = db_fetch_object(db_query("SELECT COUNT(cid) AS count FROM comments WHERE lid = '$nid'"));
+ $value = db_fetch_object(db_query("SELECT COUNT(cid) AS count FROM comments WHERE nid = '$nid'"));
return ($value) ? $value->count : 0;
}
function forum_last_comment($nid) {
- $value = db_fetch_object(db_query("SELECT timestamp FROM comments WHERE lid = '$nid' ORDER BY timestamp DESC LIMIT 1"));
+ $value = db_fetch_object(db_query("SELECT timestamp FROM comments WHERE nid = '$nid' ORDER BY timestamp DESC LIMIT 1"));
return ($value) ? format_date($value->timestamp, "small") : " ";
}
diff --git a/modules/forum/forum.module b/modules/forum/forum.module
index 94f28766f51c..8086a88267b2 100644
--- a/modules/forum/forum.module
+++ b/modules/forum/forum.module
@@ -58,12 +58,12 @@ function forum_form(&$node, &$help, &$error) {
function forum_num_comments($nid) {
- $value = db_fetch_object(db_query("SELECT COUNT(cid) AS count FROM comments WHERE lid = '$nid'"));
+ $value = db_fetch_object(db_query("SELECT COUNT(cid) AS count FROM comments WHERE nid = '$nid'"));
return ($value) ? $value->count : 0;
}
function forum_last_comment($nid) {
- $value = db_fetch_object(db_query("SELECT timestamp FROM comments WHERE lid = '$nid' ORDER BY timestamp DESC LIMIT 1"));
+ $value = db_fetch_object(db_query("SELECT timestamp FROM comments WHERE nid = '$nid' ORDER BY timestamp DESC LIMIT 1"));
return ($value) ? format_date($value->timestamp, "small") : " ";
}
diff --git a/modules/import.module b/modules/import.module
index 31f73c77d6de..da166264143e 100644
--- a/modules/import.module
+++ b/modules/import.module
@@ -3,11 +3,11 @@
function import_help() {
?>
- <P>In Drupal you have <I>feeds</I> and <I>bundles</I>. Feeds define news sources and bundles categoriz syndicated content by source, topic or any other heuristic. Bundles provide a generalized way of creating composite feeds. They allow you, for example, to combine various sport-related feeds into one bundle called "Sport".</P>
- <P>You can have several providers of news feeds. You can add a feed by clicking the "add feed" link on the import administration pages. Give the feed a name, supply the URI and a comma-separated list of attributes that you want to associate the feed with. The update interval defines how often Drupal should go out to try and grab fresh content. The expiration time defines how long syndicated content is kept in the database. So set the update and expiration time and save your settings. You have just defined your first feed. If you have more feeds repeat as necessary.</P>
- <P>To verify whether your feed works, press "update items" at the overview page. The number of items that have been sucessfully fetched, should then become visible in the third column of the feed overview.</P>
- <P>Now you have to define some bundles. Bundles look for feeds that contain one of the keywords associated with the bundle and display those feeds together. To define a bundle you have to give it a name and a comma-separated list of keywords just like this is the case for feeds.</P>
- <P>Your newly created bundle will now show up in the list of blocks that you can see at the block related administration pages. There you can customize where and when your bundles will be displayed.</P>
+ <p>In Drupal you have <i>feeds</i> and <i>bundles</i>. Feeds define news sources and bundles categoriz syndicated content by source, topic or any other heuristic. Bundles provide a generalized way of creating composite feeds. They allow you, for example, to combine various sport-related feeds into one bundle called "Sport".</p>
+ <p>You can have several providers of news feeds. You can add a feed by clicking the "add feed" link on the import administration pages. Give the feed a name, supply the URI and a comma-separated list of attributes that you want to associate the feed with. The update interval defines how often Drupal should go out to try and grab fresh content. The expiration time defines how long syndicated content is kept in the database. So set the update and expiration time and save your settings. You have just defined your first feed. If you have more feeds repeat as necessary.</p>
+ <p>To verify whether your feed works, press "update items" at the overview page. The number of items that have been sucessfully fetched, should then become visible in the third column of the feed overview.</p>
+ <p>Now you have to define some bundles. Bundles look for feeds that contain one of the keywords associated with the bundle and display those feeds together. To define a bundle you have to give it a name and a comma-separated list of keywords just like this is the case for feeds.</p>
+ <p>Your newly created bundle will now show up in the list of blocks that you can see at the block related administration pages. There you can customize where and when your bundles will be displayed.</p>
<?php
}
@@ -15,6 +15,7 @@ function import_conf_options() {
$number = array(5 => 5, 10 => 10, 15 => 15, 20 => 20, 25 => 25, 30 => 30, 35 => 35, 40 => 40, 45 => 45, 50 => 50, 55 => 55, 60 => 60, 65 => 65, 70 => 70, 75 => 75, 80 => 80, 85 => 85, 90 => 90, 95 => 95, 100 => 100);
$output .= form_select("Items per block", "import_block_limit", variable_get("import_block_limit", 15), $number, "The maximum number of items displayed in one block.");
$output .= form_select("Items per page", "import_page_limit", variable_get("import_page_limit", 75), $number, "The maximum number of items displayed on one page.");
+
return $output;
}
@@ -52,7 +53,7 @@ function import_format_item($item, $feed = 0) {
global $theme, $user;
if ($user->uid && user_access("post blogs")) {
- $output .= "<a href=\"module.php?mod=node&op=add&type=blog&iid=$item->iid\"><img src=\"". $theme->image("blog.gif") ."\" border=\"0\" width=\"12\" height=\"16\" alt=\"" . t("Blog this item") . "\" /></a> ";
+ $output .= "<a href=\"module.php?mod=node&op=add&type=blog&iid=$item->iid\"><img src=\"". $theme->image("blog.gif") ."\" border=\"0\" width=\"12\" height=\"16\" alt=\"". t("Blog this item") ."\" /></a> ";
}
$output .= "<a href=\"". check_output($item->link) ."\" target=\"new\">". check_output($item->title) ."</a>";
@@ -95,9 +96,9 @@ function import_get_bundles($attributes = 0) {
$i = 0;
while ($bundle = db_fetch_object($result)) {
- $block[$i][subject] = $bundle->title;
- $block[$i][content] = import_bundle_block($bundle->attributes) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=bundle&id=$bundle->bid\">". t("more") ."</a></div></p>";
- $block[$i][info] = "$bundle->title bundle";
+ $block[$i]["subject"] = $bundle->title;
+ $block[$i]["content"] = import_bundle_block($bundle->attributes) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=bundle&id=$bundle->bid\">". t("more") ."</a></div></p>";
+ $block[$i]["info"] = "$bundle->title bundle";
$i++;
}
@@ -110,9 +111,9 @@ function import_get_feeds($attributes = 0) {
$i = 0;
while ($feed = db_fetch_object($result)) {
- $block[$i][subject] = $feed->title;
- $block[$i][content] = import_feed_block($feed) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=feed&id=$feed->fid\">". t("more") ."</a></div></p>";
- $block[$i][info] = "$feed->title feed";
+ $block[$i]["subject"] = $feed->title;
+ $block[$i]["content"] = import_feed_block($feed) ."<p><div align=\"right\"><a href=\"module.php?mod=import&op=feed&id=$feed->fid\">". t("more") ."</a></div></p>";
+ $block[$i]["info"] = "$feed->title feed";
$i++;
}
@@ -121,8 +122,8 @@ function import_get_feeds($attributes = 0) {
}
function import_remove($feed) {
- db_query("DELETE FROM item WHERE fid = '$feed[fid]'");
- return "feed '$feed[title]' reset.";
+ db_query("DELETE FROM item WHERE fid = '". $feed["fid"] ."'");
+ return "feed '". $feed["title"] ."' reset.";
}
function import_refresh($feed) {
@@ -131,15 +132,15 @@ function import_refresh($feed) {
** Check whether the feed is properly configured:
*/
- if (!ereg("^http://|ftp://", $feed[url])) {
- watchdog("warning", "import: invalid or missing URL for '$feed[title]'");
+ if (!ereg("^http://|ftp://", $feed["url"])) {
+ watchdog("warning", "import: invalid or missing URL for '". $feed["title"] ."'");
}
/*
** Grab the headlines:
*/
- if ($fp = @fopen($feed[url], "r")) {
+ if ($fp = @fopen($feed["url"], "r")) {
// fetch data:
while (!feof($fp)) {
$data .= fgets($fp, 128);
@@ -167,7 +168,14 @@ function import_refresh($feed) {
eregi("<link>(.*)</link>", $channel, $link);
eregi("<description>(.*)</description>", $channel, $description);
- db_query("UPDATE feed SET timestamp = '". time() ."', link = '". check_input($link[1]) ."', description = '". check_input($description[1]) ."' WHERE fid = '". $feed[fid] ."'");
+ /*
+ ** Strip invalid tags and provide default values (if required):
+ */
+
+ $link = strip_tags($link[1]);
+ $description = filter(strtr($description[1], $tt));
+
+ db_query("UPDATE feed SET timestamp = '". time() ."', link = '". check_input($link) ."', description = '". check_input($description) ."' WHERE fid = '". $feed["fid"] ."'");
/*
** Extract and process individual items:
@@ -193,8 +201,9 @@ function import_refresh($feed) {
*/
$title = strip_tags(strtr($title[1] ? $title[1] : substr(strip_tags(strtr($description[1], $tt)), 0, 30), $tt));
- $link = $link[1] ? $link[1] : $feed[link];
- $description = strtr($description[1], $tt);
+ $link = strip_tags($link[1] ? $link[1] : $feed["link"]);
+ $author = strip_tags($author[1]);
+ $description = filter(strtr($description[1], $tt));
// print "<pre>title = ". htmlentities($title) ."\n\ndescription = ". htmlentities($description) ."\n\nlink = ". htmlentities($link) ."</pre><hr />";
@@ -202,12 +211,12 @@ function import_refresh($feed) {
** Save this item:
*/
- import_save_item(array(fid => $feed[fid], title => $title, link => $link, author => $author[1], description => $description, attributes => $feed[attributes]));
+ import_save_item(array(fid => $feed["fid"], title => $title, link => $link, author => $author, description => $description, attributes => $feed["attributes"]));
}
}
/*
- ** Remove expired items:
+ ** Remove all the old, expired items:
*/
unset($items);
@@ -224,50 +233,50 @@ function import_refresh($feed) {
}
else {
- watchdog("warning", "import: failed to syndicate from '$feed[title]'". ($errstr ? ": $errstr" : ""));
+ watchdog("warning", "import: failed to syndicate from '". $feed["title"] ."'". ($errstr ? ": $errstr" : ""));
}
- return "feed '$feed[title]' updated.";
+ return "feed '". $feed["title"] ."' updated.";
}
function import_save_item($edit) {
- if ($edit[iid] && $edit[title]) {
- db_query("UPDATE item SET title = '". check_input($edit[title]) ."', link = '". check_input($edit[link]) ."', author = '". check_input($edit[author]) ."', description = '". check_input($edit[description]) ."', attributes = '". check_input($edit[attributes]) ."' WHERE iid = '$edit[iid]'");
+ if ($edit["iid"] && $edit["title"]) {
+ db_query("UPDATE item SET title = '". check_input($edit["title"]) ."', link = '". check_input($edit["link"]) ."', author = '". check_input($edit["author"]) ."', description = '". check_input($edit["description"]) ."', attributes = '". check_input($edit["attributes"]) ."' WHERE iid = '". check_input($edit["iid"]) ."'");
}
- else if ($edit[iid]) {
- db_query("DELETE FROM item WHERE iid = '". check_input($edit[iid]) ."'");
+ else if ($edit["iid"]) {
+ db_query("DELETE FROM item WHERE iid = '". check_input($edit["iid"]) ."'");
}
- else if ($edit[title] && $edit[link]) {
- if (!db_fetch_object(db_query("SELECT iid FROM item WHERE title = '". check_input($edit[title]) ."' AND link = '". check_input($edit[link]) ."' AND description = '". check_input($edit[description]) ."'"))) {
- db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('". check_input($edit[fid]) ."', '". check_input($edit[title]) ."', '". check_input($edit[link]) ."', '". check_input($edit[author]) ."', '". check_input($edit[description]) ."', '". check_input($edit[attributes]) ."', '". time() ."')");
+ else if ($edit["title"] && $edit["link"]) {
+ if (!db_fetch_object(db_query("SELECT iid FROM item WHERE title = '". check_input($edit["title"]) ."' AND link = '". check_input($edit["link"]) ."' AND description = '". check_input($edit["description"]) ."'"))) {
+ db_query("INSERT INTO item (fid, title, link, author, description, attributes, timestamp) VALUES ('". check_input($edit["fid"]) ."', '". check_input($edit["title"]) ."', '". check_input($edit["link"]) ."', '". check_input($edit["author"]) ."', '". check_input($edit["description"]) ."', '". check_input($edit["attributes"]) ."', '". time() ."')");
}
}
}
function import_form_bundle($edit = array()) {
- $form .= form_textfield("Title", "title", $edit[title], 50, 64, "The name of the bundle.");
- $form .= form_textfield("Attributes", "attributes", $edit[attributes], 50, 128, "A comma-seperated list of keywords describing the bundle.");
+ $form .= form_textfield("Title", "title", $edit["title"], 50, 64, "The name of the bundle.");
+ $form .= form_textfield("Attributes", "attributes", $edit["attributes"], 50, 128, "A comma-seperated list of keywords describing the bundle.");
$form .= form_submit("Submit");
- if ($edit[bid]) {
+ if ($edit["bid"]) {
$form .= form_submit("Delete");
- $form .= form_hidden("bid", $edit[bid]);
+ $form .= form_hidden("bid", $edit["bid"]);
}
return form($form);
}
function import_save_bundle($edit) {
- if ($edit[bid] && $edit[title]) {
- db_query("UPDATE bundle SET title = '". check_input($edit[title]) ."', attributes = '". check_input($edit[attributes]) ."' WHERE bid = '". check_input($edit[bid]) ."'");
+ if ($edit["bid"] && $edit["title"]) {
+ db_query("UPDATE bundle SET title = '". check_input($edit["title"]) ."', attributes = '". check_input($edit["attributes"]) ."' WHERE bid = '". check_input($edit["bid"]) ."'");
}
- else if ($edit[bid]) {
- db_query("DELETE FROM bundle WHERE bid = '". check_input($edit[bid]) ."'");
+ else if ($edit["bid"]) {
+ db_query("DELETE FROM bundle WHERE bid = '". check_input($edit["bid"]) ."'");
}
- else if ($edit[title]) {
- db_query("INSERT INTO bundle (title, attributes) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[attributes]) ."')");
+ else if ($edit["title"]) {
+ db_query("INSERT INTO bundle (title, attributes) VALUES ('". check_input($edit["title"]) ."', '". check_input($edit["attributes"]) ."')");
}
module_rehash_blocks("import");
@@ -277,39 +286,41 @@ function import_form_feed($edit = array()) {
$period = array(900 => format_interval(900), 1800 => format_interval(1800), 3600 => format_interval(3600), 7200 => format_interval(7200), 10800 => format_interval(10800), 21600 => format_interval(21600), 32400 => format_interval(32400), 43200 => format_interval(43200), 64800 => format_interval(64800), 86400 => format_interval(86400), 172800 => format_interval(172800), 259200 => format_interval(259200), 604800 => format_interval(604800), 1209600 => format_interval(1209600), 2419200 => format_interval(2419200));
- if ($edit[refresh] == "") $edit[refresh] = 3600;
+ if ($edit["refresh"] == "") {
+ $edit["refresh"] = 3600;
+ }
- $form .= form_textfield("Title", "title", $edit[title], 50, 64, "The name of the feed; typically the name of the website you syndicate content from.");
- $form .= form_textfield("Url", "url", $edit[url], 50, 128, "The fully-qualified URL of the feed.");
- $form .= form_textfield("Attributes", "attributes", $edit[attributes], 50, 128, "A comma-seperated list of keywords describing the feed.");
- $form .= form_select("Update interval", "refresh", $edit[refresh], $period, "The refresh interval indicating how often you want to update this feed. Requires crontab.");
+ $form .= form_textfield("Title", "title", $edit["title"], 50, 64, "The name of the feed; typically the name of the website you syndicate content from.");
+ $form .= form_textfield("Url", "url", $edit["url"], 50, 128, "The fully-qualified URL of the feed.");
+ $form .= form_textfield("Attributes", "attributes", $edit["attributes"], 50, 128, "A comma-seperated list of keywords describing the feed.");
+ $form .= form_select("Update interval", "refresh", $edit["refresh"], $period, "The refresh interval indicating how often you want to update this feed. Requires crontab.");
$form .= form_submit("Submit");
- if ($edit[fid]) {
+ if ($edit["fid"]) {
$form .= form_submit("Delete");
- $form .= form_hidden("fid", $edit[fid]);
+ $form .= form_hidden("fid", $edit["fid"]);
}
return form($form);
}
function import_save_feed($edit) {
- if ($edit[fid] && $edit[title]) {
- db_query("UPDATE feed SET title = '". check_input($edit[title]) ."', url = '". check_input($edit[url]) ."', attributes = '". check_input($edit[attributes]) ."', refresh = '". check_input($edit[refresh]) ."' WHERE fid = '". check_input($edit[fid]) ."'");
- db_query("DELETE FROM item WHERE fid = '". check_input($edit[fid]) ."'");
+ if ($edit["fid"] && $edit["title"]) {
+ db_query("UPDATE feed SET title = '". check_input($edit["title"]) ."', url = '". check_input($edit["url"]) ."', attributes = '". check_input($edit["attributes"]) ."', refresh = '". check_input($edit["refresh"]) ."' WHERE fid = '". check_input($edit["fid"]) ."'");
+ db_query("DELETE FROM item WHERE fid = '". check_input($edit["fid"]) ."'");
}
- else if ($edit[fid]) {
- db_query("DELETE FROM feed WHERE fid = '". check_input($edit[fid]) ."'");
- db_query("DELETE FROM item WHERE fid = '". check_input($edit[fid]) ."'");
+ else if ($edit["fid"]) {
+ db_query("DELETE FROM feed WHERE fid = '". check_input($edit["fid"]) ."'");
+ db_query("DELETE FROM item WHERE fid = '". check_input($edit["fid"]) ."'");
}
- else if ($edit[title]) {
- db_query("INSERT INTO feed (title, url, attributes, refresh) VALUES ('". check_input($edit[title]) ."', '". check_input($edit[url]) ."', '". check_input($edit[attributes]) ."', '". check_input($edit[refresh]) ."')");
+ else if ($edit["title"]) {
+ db_query("INSERT INTO feed (title, url, attributes, refresh) VALUES ('". check_input($edit["title"]) ."', '". check_input($edit["url"]) ."', '". check_input($edit["attributes"]) ."', '". check_input($edit["refresh"]) ."')");
}
}
function import_save_attributes($edit) {
- foreach($edit as $iid => $value) {
+ foreach ($edit as $iid => $value) {
db_query("UPDATE item SET attributes = '". check_input($value) ."' WHERE iid = '". check_input($iid) ."'");
}
return "attributes has been saved";
@@ -359,7 +370,7 @@ function import_fd_collect($edit) {
set_time_limit(180);
- if ($fp = @fopen($edit[url], "r")) {
+ if ($fp = @fopen($edit["url"], "r")) {
// fetch data:
while (!feof($fp)) {
$data .= fgets($fp, 128);
@@ -373,7 +384,7 @@ function import_fd_collect($edit) {
$items = explode("</channel>", $data);
foreach ($items as $item) {
- unset ($link, $title);
+ unset($link, $title);
// print "<pre>item = ". htmlentities($item) ."\n\n</pre>";
@@ -394,7 +405,7 @@ function import_fd_collect($edit) {
return form($output);
}
else {
- print status("failed to open '$edit[url]': $errstr.");
+ print status("failed to open '". $edit["url"] ."': $errstr.");
}
}
@@ -413,7 +424,7 @@ function import_tag() {
$output .= "<table border=\"1\" cellpadding=\"2\" cellspacing=\"2\">\n";
$output .= " <tr><th>time</th><th>feed</th><th>item</th></tr>\n";
while ($item = db_fetch_object($result)) {
- $output .= " <tr><td valign=\"top\" nowrap=\"nowrap\">". format_date($item->timestamp, "custom", "m/d/y") ."<br />".format_date($item->timestamp, "custom", "H:i") ."</td><td align=\"center\" valign=\"top\" nowrap=\"nowrap\"><a href=\"admin.php?mod=import&type=feed&op=edit&id=$item->fid\">". check_output($item->feed) ."</a></td><td><a href=\"". check_output($item->link) ."\">". check_output($item->title) ."</a>". ($item->description ? "<br /><small><i>". check_output($item->description, 1) ."</i></small>" : "") ."<br /><input type=\"text\" name=\"edit[$item->iid]\" value=\"". check_form($item->attributes) ."\" size=\"50\" /></td></tr>\n";
+ $output .= " <tr><td valign=\"top\" nowrap=\"nowrap\">". format_date($item->timestamp, "custom", "m/d/y") ."<br />". format_date($item->timestamp, "custom", "H:i") ."</td><td align=\"center\" valign=\"top\" nowrap=\"nowrap\"><a href=\"admin.php?mod=import&type=feed&op=edit&id=$item->fid\">". check_output($item->feed) ."</a></td><td><a href=\"". check_output($item->link) ."\">". check_output($item->title) ."</a>". ($item->description ? "<br /><small><i>". check_output($item->description, 1) ."</i></small>" : "") ."<br /><input type=\"text\" name=\"edit[$item->iid]\" value=\"". check_form($item->attributes) ."\" size=\"50\" /></td></tr>\n";
}
$output .= "</table>\n";
$output .= "<input type=\"submit\" name=\"op\" value=\"Save attributes\" />\n";
@@ -428,21 +439,25 @@ function import_admin() {
print "<small><a href=\"admin.php?mod=import&type=feed&op=add\">add new feed</a> | <a href=\"admin.php?mod=import&type=bundle&op=add\">add new bundle</a> | <a href=\"admin.php?mod=import&op=fd\">import feeds</a> | <a href=\"admin.php?mod=import&op=tag\">tag items</a> | <a href=\"admin.php?mod=import&op=view\">overview</a> | <a href=\"admin.php?mod=import&op=help\">help</a></small><hr />";
- switch($op) {
+ switch ($op) {
case "help":
print import_help();
break;
case "add":
- if ($type == "bundle")
+ if ($type == "bundle") {
print import_form_bundle();
- else
+ }
+ else {
print import_form_feed();
+ }
break;
case "edit":
- if ($type == "bundle")
+ if ($type == "bundle") {
print import_form_bundle(import_get_bundle($id));
- else
+ }
+ else {
print import_form_feed(import_get_feed($id));
+ }
break;
case "fd":
print import_fd_form();
@@ -470,16 +485,16 @@ function import_admin() {
print import_tag();
break;
case "Delete":
- $edit[title] = 0;
+ $edit["title"] = 0;
// fall through:
case "Submit":
- if ($type == "bundle")
+ if ($type == "bundle") {
print status(import_save_bundle($edit));
- else
+ }
+ else {
print status(import_save_feed($edit));
+ }
// fall through:
- print import_view();
- break;
default:
print import_view();
}
@@ -675,7 +690,7 @@ function import_page() {
global $op, $id;
if (user_access("access news feeds")) {
- switch($op) {
+ switch ($op) {
case "feed":
import_page_feed($id);
break;
diff --git a/modules/node.module b/modules/node.module
index 60c9af813a15..52e6a3d481dc 100644
--- a/modules/node.module
+++ b/modules/node.module
@@ -19,7 +19,7 @@ function node_index() {
}
function node_get_comments($nid) {
- $comment = db_fetch_object(db_query("SELECT COUNT(c.lid) AS number FROM node n LEFT JOIN comments c ON n.nid = c.lid WHERE n.nid = '$nid' GROUP BY n.nid"));
+ $comment = db_fetch_object(db_query("SELECT COUNT(c.nid) AS number FROM node n LEFT JOIN comments c ON n.nid = c.nid WHERE n.nid = '$nid' GROUP BY n.nid"));
return $comment->number ? $comment->number : 0;
}
@@ -67,34 +67,6 @@ function node_invoke($node, $name, $arg = 0) {
}
}
-function node_object($node) {
-
- if (is_array($node)) {
- foreach ($node as $key => $value) {
- $object->$key = $value;
- }
- }
- else {
- $object = $node;
- }
-
- return $object;
-}
-
-function node_array($node) {
-
- if (is_object($node)) {
- foreach ($node as $key => $value) {
- $array[$key] = $value;
- }
- }
- else {
- $array = $node;
- }
-
- return $array;
-}
-
function node_load($conditions) {
/*
@@ -232,9 +204,7 @@ function node_save($node, $filter) {
function node_view($node, $main = 0) {
global $theme;
- if (is_array($node)) {
- $node = node_object($node);
- }
+ $node = array2object($node);
/*
** The "view" hook can be implemented to overwrite the default function
@@ -265,9 +235,7 @@ function node_access($op, $node = 0) {
** Convert the node to an object if necessary:
*/
- if (is_array($node)) {
- $node = node_object($node);
- }
+ $node = array2object($node);
/*
** Construct a function:
@@ -720,7 +688,7 @@ function node_validate($node, &$error) {
** Convert the node to an object if necessary:
*/
- $node = node_object($node);
+ $node = array2object($node);
/*
** Validate the title field:
@@ -950,7 +918,7 @@ function node_preview($node) {
** Convert the array to an object:
*/
- $node = node_object($node);
+ $node = array2object($node);
/*
** Load the user's name when needed:
@@ -1007,13 +975,6 @@ function node_submit($node) {
if (user_access("post content")) {
- /*
- ** Verify a user's submission rate and avoid duplicate nodes being
- ** inserted:
- */
-
- throttle("node", variable_get("max_node_rate", 900));
-
/*
** Fixup the node when required:
*/
@@ -1067,6 +1028,13 @@ function node_submit($node) {
if (node_access("create", $node)) {
+ /*
+ ** Verify a user's submission rate and avoid duplicate nodes being
+ ** inserted:
+ */
+
+ throttle("node", variable_get("max_node_rate", 900));
+
/*
** Compile a list of the node fields and their default values that users
** and administrators are allowed to save when inserting a new node.
@@ -1135,7 +1103,7 @@ function node_delete($edit) {
*/
db_query("DELETE FROM node WHERE nid = '$node->nid'");
- db_query("DELETE FROM comments WHERE lid = '$node->nid'");
+ db_query("DELETE FROM comments WHERE nid = '$node->nid'");
/*
** Call the node specific callback (if any):
diff --git a/modules/node/node.module b/modules/node/node.module
index 60c9af813a15..52e6a3d481dc 100644
--- a/modules/node/node.module
+++ b/modules/node/node.module
@@ -19,7 +19,7 @@ function node_index() {
}
function node_get_comments($nid) {
- $comment = db_fetch_object(db_query("SELECT COUNT(c.lid) AS number FROM node n LEFT JOIN comments c ON n.nid = c.lid WHERE n.nid = '$nid' GROUP BY n.nid"));
+ $comment = db_fetch_object(db_query("SELECT COUNT(c.nid) AS number FROM node n LEFT JOIN comments c ON n.nid = c.nid WHERE n.nid = '$nid' GROUP BY n.nid"));
return $comment->number ? $comment->number : 0;
}
@@ -67,34 +67,6 @@ function node_invoke($node, $name, $arg = 0) {
}
}
-function node_object($node) {
-
- if (is_array($node)) {
- foreach ($node as $key => $value) {
- $object->$key = $value;
- }
- }
- else {
- $object = $node;
- }
-
- return $object;
-}
-
-function node_array($node) {
-
- if (is_object($node)) {
- foreach ($node as $key => $value) {
- $array[$key] = $value;
- }
- }
- else {
- $array = $node;
- }
-
- return $array;
-}
-
function node_load($conditions) {
/*
@@ -232,9 +204,7 @@ function node_save($node, $filter) {
function node_view($node, $main = 0) {
global $theme;
- if (is_array($node)) {
- $node = node_object($node);
- }
+ $node = array2object($node);
/*
** The "view" hook can be implemented to overwrite the default function
@@ -265,9 +235,7 @@ function node_access($op, $node = 0) {
** Convert the node to an object if necessary:
*/
- if (is_array($node)) {
- $node = node_object($node);
- }
+ $node = array2object($node);
/*
** Construct a function:
@@ -720,7 +688,7 @@ function node_validate($node, &$error) {
** Convert the node to an object if necessary:
*/
- $node = node_object($node);
+ $node = array2object($node);
/*
** Validate the title field:
@@ -950,7 +918,7 @@ function node_preview($node) {
** Convert the array to an object:
*/
- $node = node_object($node);
+ $node = array2object($node);
/*
** Load the user's name when needed:
@@ -1007,13 +975,6 @@ function node_submit($node) {
if (user_access("post content")) {
- /*
- ** Verify a user's submission rate and avoid duplicate nodes being
- ** inserted:
- */
-
- throttle("node", variable_get("max_node_rate", 900));
-
/*
** Fixup the node when required:
*/
@@ -1067,6 +1028,13 @@ function node_submit($node) {
if (node_access("create", $node)) {
+ /*
+ ** Verify a user's submission rate and avoid duplicate nodes being
+ ** inserted:
+ */
+
+ throttle("node", variable_get("max_node_rate", 900));
+
/*
** Compile a list of the node fields and their default values that users
** and administrators are allowed to save when inserting a new node.
@@ -1135,7 +1103,7 @@ function node_delete($edit) {
*/
db_query("DELETE FROM node WHERE nid = '$node->nid'");
- db_query("DELETE FROM comments WHERE lid = '$node->nid'");
+ db_query("DELETE FROM comments WHERE nid = '$node->nid'");
/*
** Call the node specific callback (if any):
diff --git a/modules/tracker.module b/modules/tracker.module
index 6e8314d848a9..4234f4786267 100644
--- a/modules/tracker.module
+++ b/modules/tracker.module
@@ -16,20 +16,20 @@ function tracker_comments($id = 0) {
$period = time() - 259200; // all comments of the past 3 days
if ($id) {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.timestamp > $period AND c.uid = '". check_input($id) ."' GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.nid = n.nid WHERE c.timestamp > $period AND c.uid = '". check_input($id) ."' GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
}
else {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.timestamp > $period GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.nid = n.nid WHERE c.timestamp > $period GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
}
while ($node = db_fetch_object($sresult)) {
$output .= format_plural($node->comments, "comment", "comments") ." ". t("attached to node") ." <a href=\"node.php?id=$node->nid\">". check_output($node->title) ."</a>:\n";
if ($id) {
- $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND uid = '". check_input($id) ."' AND lid = '$node->nid' ORDER BY cid DESC");
+ $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND uid = '". check_input($id) ."' AND nid = '$node->nid' ORDER BY cid DESC");
}
else {
- $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND lid = '$node->nid' ORDER BY cid DESC");
+ $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND nid = '$node->nid' ORDER BY cid DESC");
}
$output .= "<ul>";
diff --git a/modules/tracker/tracker.module b/modules/tracker/tracker.module
index 6e8314d848a9..4234f4786267 100644
--- a/modules/tracker/tracker.module
+++ b/modules/tracker/tracker.module
@@ -16,20 +16,20 @@ function tracker_comments($id = 0) {
$period = time() - 259200; // all comments of the past 3 days
if ($id) {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.timestamp > $period AND c.uid = '". check_input($id) ."' GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.nid = n.nid WHERE c.timestamp > $period AND c.uid = '". check_input($id) ."' GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
}
else {
- $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.lid = n.nid WHERE c.timestamp > $period GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
+ $sresult = db_query("SELECT n.nid, n.title, COUNT(n.nid) AS comments, MAX(c.timestamp) AS last_comment FROM comments c LEFT JOIN node n ON c.nid = n.nid WHERE c.timestamp > $period GROUP BY n.nid, n.title DESC ORDER BY last_comment DESC LIMIT 10");
}
while ($node = db_fetch_object($sresult)) {
$output .= format_plural($node->comments, "comment", "comments") ." ". t("attached to node") ." <a href=\"node.php?id=$node->nid\">". check_output($node->title) ."</a>:\n";
if ($id) {
- $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND uid = '". check_input($id) ."' AND lid = '$node->nid' ORDER BY cid DESC");
+ $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND uid = '". check_input($id) ."' AND nid = '$node->nid' ORDER BY cid DESC");
}
else {
- $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND lid = '$node->nid' ORDER BY cid DESC");
+ $cresult = db_query("SELECT * FROM comments WHERE timestamp > $period AND nid = '$node->nid' ORDER BY cid DESC");
}
$output .= "<ul>";
diff --git a/node.php b/node.php
index e01fc98141ef..48ceb3dcb540 100644
--- a/node.php
+++ b/node.php
@@ -10,56 +10,16 @@ function node_render($node) {
if (user_access("access content")) {
+ $theme->header(check_output($node->title));
+
+ node_view($node);
+
if ($node->comment) {
- switch($op) {
- case t("Preview comment"):
- $theme->header();
- comment_preview($edit);
- $theme->footer();
- break;
- case t("Post comment"):
- comment_post($edit);
- $theme->header(check_output($node->title));
- node_view($node);
- comment_render($edit[id], $cid);
- $theme->footer();
- break;
- case "comment":
- $theme->header();
- comment_reply(check_query($cid), check_query($id));
- $theme->footer();
- break;
- case "reply":
- $theme->header();
- comment_reply(check_query($pid), check_query($id));
- $theme->footer();
- break;
- case t("Update settings"):
- comment_settings(check_query($mode), check_query($order), check_query($threshold));
- $theme->header(check_output($node->title));
- node_view($node);
- comment_render($id, $cid);
- $theme->footer();
- break;
- case t("Update ratings"):
- comment_moderate($moderate["comment"]);
- $theme->header(check_output($node->title));
- node_view($node);
- comment_render($id, $cid);
- $theme->footer();
- break;
- default:
- $theme->header(check_output($node->title));
- node_view($node);
- comment_render($id, $cid);
- $theme->footer();
- }
- }
- else {
- $theme->header();
- node_view($node);
- $theme->footer();
+ comment_render($id, $cid);
}
+
+ $theme->footer();
+
}
else {
$theme->header();
diff --git a/update.php b/update.php
index a49f4fe1d812..1cc0d1c814c1 100644
--- a/update.php
+++ b/update.php
@@ -40,6 +40,7 @@
"2001-12-09" => "update_13",
"2001-12-16" => "update_14",
"2001-12-24" => "update_15",
+ "2001-12-30" => "update_16",
);
// Update functions
@@ -291,6 +292,10 @@ function update_15() {
update_sql("ALTER TABLE feed DROP uncache;");
}
+function update_16() {
+ update_sql("ALTER TABLE comments CHANGE lid nid int(10) NOT NULL;");
+}
+
// System functions
function update_sql($sql) {
global $edit;
--
GitLab