Commit dcfcd99c authored by Dries's avatar Dries

- improved web interface of cron module.

- improved web interface of account module.

- added simple permission system with both administrators
  and regular users. It can be made more fine-grained but
  it will do for now.

- various small enhancements to the other modules, but
  nothing big.
parent 62588af9
<?
// temporary permission solution:
if (!$user->id || $user->id > 4) exit();
if (!$user->id || ($user->permissions != 1 && $user->id > 1)) exit();
include "includes/admin.inc";
include "includes/cron.inc";
......
......@@ -62,15 +62,15 @@ function format_plural($count, $singular, $plural) {
}
function format_interval($timestamp) {
if ($timestamp > 86400) {
if ($timestamp >= 86400) {
$output .= format_plural(floor($timestamp / 86400), "day ", "days ");
$timestamp = $timestamp % 86400;
}
if ($timestamp > 3600) {
if ($timestamp >= 3600) {
$output .= format_plural(floor($timestamp / 3600), "hour ", "hours ");
$timestamp = $timestamp % 3600;
}
if ($timestamp > 60) {
if ($timestamp >= 60) {
$output .= floor($timestamp / 60) ." min ";
$timestamp = $timestamp % 60;
}
......
......@@ -15,7 +15,7 @@ function user_save($data, $id = 0) {
foreach ($data as $key=>$value) {
if ($key == "passwd") $query .= "$key = PASSWORD('". addslashes($value) ."'), ";
else $query .= "$key='". addslashes($value) ."', ";
else $query .= "$key = '". addslashes($value) ."', ";
}
if (empty($id)) {
......
......@@ -8,17 +8,18 @@ function account_cron() {
}
function account_display($order = "username") {
$sort = array("ID" => "id", "fake e-mail address" => "fake_email", "homepage" => "url", "hostname" => "last_host", "last access date" => "last_access", "real e-mail address" => "real_email", "real name" => "name", "status" => "status", "theme" => "theme", "timezone" => "timezone", "username" => "userid");
$show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "status" => "status");
$sort = array("ID" => "id", "fake e-mail address" => "fake_email", "hostname" => "last_host DESC", "last access date" => "last_access DESC", "real e-mail address" => "real_email", "real name" => "name", "permissions" => "permissions", "status" => "status", "theme" => "theme", "timezone" => "timezone DESC", "username" => "userid");
$show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "homepage" => "url");
$stat = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$perm = array(0 => "regular user", 1 => "administrator");
// Perform query:
$result = db_query("SELECT u.id, u.userid, u.$sort[$order], u.status FROM users u ORDER BY $sort[$order]");
$result = db_query("SELECT u.id, u.userid, u.". strtok($sort[$order], " ") .", u.url FROM users u ORDER BY $sort[$order]");
// Generate output:
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR>\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"". (sizeof($show) + 1) ."\">\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"". (sizeof($show) + 2) ."\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"order\">\n";
foreach ($sort as $key=>$value) {
......@@ -30,25 +31,29 @@ function account_display($order = "username") {
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR>\n";
foreach ($show as $key=>$value) {
$output .= " <TH>$key</TH>\n";
}
$output .= " <TH>operations</TH>\n";
$output .= " <TH COLSPAN=\"2\">operations</TH>\n";
$output .= " </TR>\n";
while ($account = db_fetch_array($result)) {
$output .= " <TR>\n";
foreach ($show as $key=>$value) {
switch($value) {
switch($value = strtok($value, " ")) {
case "real_email":
$output .= " <TD>". format_email($account[$value]) ."</TD>\n";
break;
case "last_access":
$output .= " <TD>". format_date($account[$value]) ."</TD>\n";
$output .= " <TD>". format_interval(time() - $account[$value]) ." ago</TD>\n";
break;
case "status":
$output .= " <TD ALIGN=\"center\">". $stat[$account[$value]] ."</TD>\n";
break;
case "permissions":
$output .= " <TD ALIGN=\"center\">". $perm[$account[$value]] ."</TD>\n";
break;
case "timezone":
$output .= " <TD ALIGN=\"center\">". format_data($account[$value] / 3600) ."</TD>\n";
break;
......@@ -62,7 +67,7 @@ function account_display($order = "username") {
$output .= " <TD>". format_data($account[$value]) ."</TD>\n";
}
}
$output .= " <TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account[userid]\">view</A></TD>\n";
$output .= " <TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account[userid]\">view</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=$account[userid]\">edit</A></TD>\n";
$output .= " </TR>\n";
}
$output .= "</TABLE>\n";
......@@ -86,8 +91,60 @@ function account_comments($id) {
return $output;
}
function account_save($name, $edit) {
foreach ($edit as $key=>$value) {
$query .= "$key = '". addslashes($value) ."', ";
}
db_query("UPDATE users SET $query last_access = '". time() ."' WHERE userid = '$name'");
watchdog("message", "account: modified user '$name'");
}
function account_edit($name) {
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$permissions = array(0 => "regular user", 1 => "administrator");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
foreach ($status as $key=>$value) {
$stat .= " <OPTION VALUE=\"$key\"". (($account->status == $key) ? " SELECTED" : "") .">$value</OPTION>\n";
}
$stat = "<SELECT NAME=\"edit[status]\">\n$stat</SELECT>\n";
foreach ($permissions as $key=>$value) {
$perm .= " <OPTION VALUE=\"$key\"". (($account->permissions == $key) ? " SELECTED" : "") .">$value</OPTION>\n";
}
$perm = "<SELECT NAME=\"edit[permissions]\">\n$perm</SELECT>\n";
$output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TD ALIGN=\"right\"><B>ID:</B></TD><TD>$account->id</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Status:</B></TD><TD>$stat</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Real name:</B></TD><TD>". format_data($account->name) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Fake e-mail address:</B></TD><TD><INPUT NAME=\"edit[fake_email]\" SIZE=\"55\" VALUE=\"$account->fake_email\"></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>URL of homepage:</B></TD><TD><INPUT NAME=\"edit[url]\" SIZE=\"55\" VALUE=\"$account->url\"></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Permissions:</B></TD><TD>$perm</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Last access:</B></TD><TD>". format_date($account->last_access) ." from $account->last_host</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Bio information:</B></TD><TD><TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->bio</TEXTAREA></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Signature:</B></TD><TD><TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->signature</TEXTAREA></TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Theme:</B></TD><TD>". format_data($account->theme) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Timezone:</B></TD><TD>". format_data($account->timezone / 3600) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Submitted stories:</B></TD><TD>". format_data(account_stories($account->id)) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Submitted comments:</B></TD><TD>". format_data(account_comments($account->id)) ."</TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "<INPUT NAME=\"name\" TYPE=\"hidden\" VALUE=\"$account->userid\">\n";
$output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Save account\">\n";
$output .= "</FORM>\n";
print "$output";
}
}
function account_view($name) {
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$permissions = array(0 => "regular user", 1 => "administrator");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
......@@ -100,6 +157,7 @@ function account_view($name) {
$output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Fake e-mail address:</B></TD><TD>". format_data($account->fake_email) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>URL of homepage:</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Permissions:</B></TD><TD>". $permissions[$account->permissions] ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Last access:</B></TD><TD>". format_date($account->last_access) ." from $account->last_host</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Bio information:</B></TD><TD>". format_data($account->bio) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"right\"><B>Signature:</B></TD><TD>". format_data($account->signature) ."</TD></TR>\n";
......@@ -113,12 +171,19 @@ function account_view($name) {
}
function account_admin() {
global $op, $name, $order;
global $op, $edit, $order, $name;
switch ($op) {
case "edit":
account_edit($name);
break;
case "view":
account_view($name);
break;
case "Save account":
account_save($name, $edit);
account_view($name);
break;
case "Update":
account_display($order);
break;
......
......@@ -16,7 +16,7 @@ class backend {
// Contains the parsed rdf/rss/xml file:
var $headlines = array(); // latest headlines
function backend($id, $site, $url, $file, $contact, $timout = 1800) {
function backend($id, $site, $url, $file, $contact, $timout = 3600) {
// Get channel info:
$result = db_query("SELECT * FROM channel WHERE id = '$id' OR site = '$site'");
......
......@@ -44,7 +44,10 @@ function backend_page() {
}
function backend_cron() {
// update backends
$result = db_query("SELECT * FROM channel");
while ($channel = db_fetch_object($result)) {
$backend = new Backend($channel->id);
}
}
function backend_admin_main() {
......
......@@ -32,7 +32,7 @@ function ban_display($category = "") {
$output .= " <FORM ACTION=\"admin.php?mod=ban\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"category\">\n";
for (reset($type2index); $cur = current($type2index); next($type2index)) {
$output .= " <OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">Sort by ". key($type2index) ."</OPTION>\n";
$output .= " <OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">Bans by ". key($type2index) ."</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
......
......@@ -34,7 +34,7 @@ function comment_edit($id) {
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
watchdog("message", "modified comment `$subject'.");
watchdog("message", "comment: modified `$subject'");
}
function comment_display($order = "date") {
......
......@@ -34,7 +34,7 @@ function comment_edit($id) {
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
watchdog("message", "modified comment `$subject'.");
watchdog("message", "comment: modified `$subject'");
}
function comment_display($order = "date") {
......
......@@ -9,27 +9,43 @@ function cron_reset($name) {
cron_delete($name);
}
function cron_save($edit) {
foreach ($edit as $key=>$value) {
db_query("UPDATE cron SET scheduled = '$value' WHERE module = '$key'");
}
}
function cron_display() {
$intervals = array(300, 900, 1800, 3600, 7200, 10800, 21600, 43200, 86400, 172800, 259200, 604800, 1209600, 2419200);
// Perform query:
$result = db_query("SELECT * FROM cron");
// Generate output:
$output .= "<FORM ACTION=\"admin.php?mod=cron\" METHOD=\"post\">\n";
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR><TH>module</TH><TH>interval</TH><TH>last exection</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
$output .= " <TR><TH>module</TH><TH>period</TH><TH>last execution</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
while ($cron = db_fetch_object($result)) {
$output .= " <TR><TD>". check_output($cron->module) ."</TD><TD>every ". format_interval($cron->scheduled) ."</TD><TD>". format_interval(time() - $cron->timestamp) ." ago</TD><TD ALIGN=\"center\"><A HREF=\"cron.php\">execute</A></TD><TD><A HREF=\"admin.php?mod=cron&op=reset&name=$cron->module\">reset</A></TD></TR>\n";
foreach ($intervals as $value) $period .= "<OPTION VALUE=\"$value\"". (($cron->scheduled == $value) ? " SELECTED" : "") .">every ". format_interval($value) ."</OPTION>\n";
$output .= " <TR><TD>". check_output($cron->module) ."</TD><TD><SELECT NAME=\"edit[$cron->module]\">$period</SELECT></TD><TD>". format_interval(time() - $cron->timestamp) ." ago</TD><TD ALIGN=\"center\"><A HREF=\"cron.php\">execute</A></TD><TD><A HREF=\"admin.php?mod=cron&op=reset&name=$cron->module\">reset</A></TD></TR>\n";
unset($period);
}
$output .= "</TABLE>\n";
$output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Save crons\">\n";
$output .= "</FORM>\n";
print $output;
}
function cron_admin() {
global $op, $name;
global $op, $edit, $name;
switch($op) {
case "reset":
cron_reset($name);
break;
case "Save crons":
cron_save($edit);
break;
}
cron_display();
......
......@@ -218,7 +218,7 @@ function diary_admin_edit($id) {
function diary_admin_save($id, $text) {
db_query("UPDATE diaries SET text = '". check_input($text) ."' WHERE id = $id");
watchdog("message", "modified diary entry #$id.");
watchdog("message", "diary: modified entry #$id.");
}
function diary_admin_display($order = "date") {
......
......@@ -63,7 +63,7 @@ function story_edit($id) {
function story_save($id, $subject, $abstract, $updates, $article, $category, $status) {
db_query("UPDATE stories SET subject = '". check_input($subject) ."', abstract = '". check_input($abstract) ."', updates = '". check_input($updates) ."', article = '". check_input($article) ."', category = '". check_input($category) ."', status = '$status' WHERE id = $id");
watchdog("message", "modified story `$subject'.");
watchdog("message", "story: modified `$subject'");
}
function story_display($order = "date") {
......
......@@ -63,7 +63,7 @@ function story_edit($id) {
function story_save($id, $subject, $abstract, $updates, $article, $category, $status) {
db_query("UPDATE stories SET subject = '". check_input($subject) ."', abstract = '". check_input($abstract) ."', updates = '". check_input($updates) ."', article = '". check_input($article) ."', category = '". check_input($category) ."', status = '$status' WHERE id = $id");
watchdog("message", "modified story `$subject'.");
watchdog("message", "story: modified `$subject'");
}
function story_display($order = "date") {
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment