- improved web interface of cron module.

- improved web interface of account module.

- added simple permission system with both administrators
  and regular users. It can be made more fine-grained but
  it will do for now.

- various small enhancements to the other modules, but
  nothing big.

admin.php

 <?
 
 // temporary permission solution:
-if (!$user->id || $user->id > 4) exit();
+if (!$user->id || ($user->permissions != 1 && $user->id > 1)) exit();
 
 include "includes/admin.inc";
 include "includes/cron.inc";

includes/function.inc

@@ -62,15 +62,15 @@ function format_plural($count, $singular, $plural) {
 }
 
 function format_interval($timestamp) {
-  if ($timestamp > 86400) {
+  if ($timestamp >= 86400) {
     $output .= format_plural(floor($timestamp / 86400), "day ", "days ");
     $timestamp = $timestamp % 86400;
   }
-  if ($timestamp > 3600) {
+  if ($timestamp >= 3600) {
     $output .= format_plural(floor($timestamp / 3600), "hour ", "hours ");
     $timestamp = $timestamp % 3600;
   }
-  if ($timestamp > 60) {
+  if ($timestamp >= 60) {
     $output .= floor($timestamp / 60) ." min ";
     $timestamp = $timestamp % 60;
   }

includes/user.inc

@@ -15,7 +15,7 @@ function user_save($data, $id = 0) {
   
   foreach ($data as $key=>$value) {
     if ($key == "passwd") $query .= "$key = PASSWORD('". addslashes($value) ."'), ";
-    else $query .= "$key='". addslashes($value) ."', ";
+    else $query .= "$key = '". addslashes($value) ."', ";
   }
   
   if (empty($id)) {

modules/account.module

@@ -8,17 +8,18 @@ function account_cron() {
 }
 
 function account_display($order = "username") {
-  $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "homepage" => "url", "hostname" => "last_host", "last access date" => "last_access", "real e-mail address" => "real_email", "real name" => "name", "status" => "status", "theme" => "theme", "timezone" => "timezone", "username" => "userid");
-  $show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "status" => "status");
+  $sort = array("ID" => "id", "fake e-mail address" => "fake_email", "hostname" => "last_host DESC", "last access date" => "last_access DESC", "real e-mail address" => "real_email", "real name" => "name", "permissions" => "permissions", "status" => "status", "theme" => "theme", "timezone" => "timezone DESC", "username" => "userid");
+  $show = array("ID" => "id", "username" => "userid", "$order" => "$sort[$order]", "homepage" => "url");
   $stat = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
+  $perm = array(0 => "regular user", 1 => "administrator");
 
   // Perform query:
-  $result = db_query("SELECT u.id, u.userid, u.$sort[$order], u.status FROM users u ORDER BY $sort[$order]");
+  $result = db_query("SELECT u.id, u.userid, u.". strtok($sort[$order], " ") .", u.url FROM users u ORDER BY $sort[$order]");
   
   // Generate output:
   $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
   $output .= " <TR>\n";
-  $output .= "  <TH ALIGN=\"right\" COLSPAN=\"". (sizeof($show) + 1) ."\">\n";
+  $output .= "  <TH ALIGN=\"right\" COLSPAN=\"". (sizeof($show) + 2) ."\">\n";
   $output .= "   <FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
   $output .= "    <SELECT NAME=\"order\">\n";
   foreach ($sort as $key=>$value) {
@@ -30,25 +31,29 @@ function account_display($order = "username") {
   $output .= "  </TH>\n";
   $output .= " </TR>\n";
   $output .= " <TR>\n";
+
   foreach ($show as $key=>$value) {
     $output .= " <TH>$key</TH>\n";
   }
-  $output .= "  <TH>operations</TH>\n";
+  $output .= "  <TH COLSPAN=\"2\">operations</TH>\n";
   $output .= " </TR>\n";
 
   while ($account = db_fetch_array($result)) {
     $output .= " <TR>\n";
     foreach ($show as $key=>$value) {
-      switch($value) {
+      switch($value = strtok($value, " ")) {
 	case "real_email":
           $output .= "  <TD>". format_email($account[$value]) ."</TD>\n";
           break;
         case "last_access":
-          $output .= "  <TD>". format_date($account[$value]) ."</TD>\n";
+          $output .= "  <TD>". format_interval(time() - $account[$value]) ." ago</TD>\n";
           break;
 	case "status":         
           $output .= "  <TD ALIGN=\"center\">". $stat[$account[$value]] ."</TD>\n";
           break;
+        case "permissions":
+          $output .= "  <TD ALIGN=\"center\">". $perm[$account[$value]] ."</TD>\n";
+          break;
         case "timezone":
           $output .= "  <TD ALIGN=\"center\">". format_data($account[$value] / 3600) ."</TD>\n";
           break;
@@ -62,7 +67,7 @@ function account_display($order = "username") {
           $output .= "  <TD>". format_data($account[$value]) ."</TD>\n";
       }
     }
-    $output .= "  <TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account[userid]\">view</A></TD>\n";
+    $output .= "  <TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=view&name=$account[userid]\">view</A></TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=account&op=edit&name=$account[userid]\">edit</A></TD>\n";
     $output .= " </TR>\n";
   }
   $output .= "</TABLE>\n";
@@ -86,8 +91,60 @@ function account_comments($id) {
   return $output;
 }
 
+function account_save($name, $edit) {
+  foreach ($edit as $key=>$value) {
+    $query .= "$key = '". addslashes($value) ."', ";
+  }
+  db_query("UPDATE users SET $query last_access = '". time() ."' WHERE userid = '$name'");
+
+  watchdog("message", "account: modified user '$name'");
+}
+
+function account_edit($name) {
+  $status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
+  $permissions = array(0 => "regular user", 1 => "administrator");
+
+  $result = db_query("SELECT * FROM users WHERE userid = '$name'");
+
+  if ($account = db_fetch_object($result)) {
+    foreach ($status as $key=>$value) {
+      $stat .= " <OPTION VALUE=\"$key\"". (($account->status == $key) ? " SELECTED" : "") .">$value</OPTION>\n"; 
+    }
+    $stat = "<SELECT NAME=\"edit[status]\">\n$stat</SELECT>\n";
+
+    foreach ($permissions as $key=>$value) {
+      $perm .= " <OPTION VALUE=\"$key\"". (($account->permissions == $key) ? " SELECTED" : "") .">$value</OPTION>\n"; 
+    }
+    $perm = "<SELECT NAME=\"edit[permissions]\">\n$perm</SELECT>\n";
+
+    $output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
+    $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>ID:</B></TD><TD>$account->id</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Status:</B></TD><TD>$stat</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Username:</B></TD><TD>$account->userid</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Real name:</B></TD><TD>". format_data($account->name) ."</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Fake e-mail address:</B></TD><TD><INPUT NAME=\"edit[fake_email]\" SIZE=\"55\" VALUE=\"$account->fake_email\"></TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>URL of homepage:</B></TD><TD><INPUT NAME=\"edit[url]\" SIZE=\"55\" VALUE=\"$account->url\"></TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Permissions:</B></TD><TD>$perm</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Last access:</B></TD><TD>". format_date($account->last_access) ." from $account->last_host</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Bio information:</B></TD><TD><TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->bio</TEXTAREA></TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Signature:</B></TD><TD><TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">$account->signature</TEXTAREA></TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Theme:</B></TD><TD>". format_data($account->theme) ."</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Timezone:</B></TD><TD>". format_data($account->timezone / 3600) ."</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Submitted stories:</B></TD><TD>". format_data(account_stories($account->id)) ."</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\" VALIGN=\"top\"><B>Submitted comments:</B></TD><TD>". format_data(account_comments($account->id)) ."</TD></TR>\n";
+    $output .= "</TABLE>\n";
+    $output .= "<INPUT NAME=\"name\" TYPE=\"hidden\" VALUE=\"$account->userid\">\n";
+    $output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Save account\">\n";
+    $output .= "</FORM>\n";
+    print "$output";
+  }
+}
+
 function account_view($name) {
   $status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
+  $permissions = array(0 => "regular user", 1 => "administrator");
 
   $result = db_query("SELECT * FROM users WHERE userid = '$name'");
 
@@ -100,6 +157,7 @@ function account_view($name) {
     $output .= " <TR><TD ALIGN=\"right\"><B>Real e-mail address:</B></TD><TD>". format_email($account->real_email) ."</TD></TR>\n";
     $output .= " <TR><TD ALIGN=\"right\"><B>Fake e-mail address:</B></TD><TD>". format_data($account->fake_email) ."</TD></TR>\n";
     $output .= " <TR><TD ALIGN=\"right\"><B>URL of homepage:</B></TD><TD>". format_url($account->url) ."</TD></TR>\n";
+    $output .= " <TR><TD ALIGN=\"right\"><B>Permissions:</B></TD><TD>". $permissions[$account->permissions] ."</TD></TR>\n";
     $output .= " <TR><TD ALIGN=\"right\"><B>Last access:</B></TD><TD>". format_date($account->last_access) ." from $account->last_host</TD></TR>\n";
     $output .= " <TR><TD ALIGN=\"right\"><B>Bio information:</B></TD><TD>". format_data($account->bio) ."</TD></TR>\n";
     $output .= " <TR><TD ALIGN=\"right\"><B>Signature:</B></TD><TD>". format_data($account->signature) ."</TD></TR>\n";
@@ -113,12 +171,19 @@ function account_view($name) {
 }
 
 function account_admin() {
-  global $op, $name, $order;
+  global $op, $edit, $order, $name;
 
   switch ($op) {
+    case "edit":
+      account_edit($name);
+      break;
     case "view":
       account_view($name);
       break;
+    case "Save account":
+      account_save($name, $edit);
+      account_view($name);
+      break;
     case "Update":
       account_display($order);
       break;

modules/backend.class

@@ -16,7 +16,7 @@ class backend {
   // Contains the parsed rdf/rss/xml file:
   var $headlines = array();   // latest headlines
 
-  function backend($id, $site, $url, $file, $contact, $timout = 1800) {
+  function backend($id, $site, $url, $file, $contact, $timout = 3600) {
     // Get channel info:
     $result = db_query("SELECT * FROM channel WHERE id = '$id' OR site = '$site'");
 

modules/backend.module

@@ -44,7 +44,10 @@ function backend_page() {
 }
 
 function backend_cron() {
-  // update backends
+  $result = db_query("SELECT * FROM channel");
+  while ($channel = db_fetch_object($result)) {
+    $backend = new Backend($channel->id);
+  }
 }
 
 function backend_admin_main() {

modules/ban.module

@@ -32,7 +32,7 @@ function ban_display($category = "") {
   $output .= "   <FORM ACTION=\"admin.php?mod=ban\" METHOD=\"post\">\n";
   $output .= "    <SELECT NAME=\"category\">\n";
   for (reset($type2index); $cur = current($type2index); next($type2index)) {
-    $output .= "     <OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">Sort by ". key($type2index) ."</OPTION>\n";
+    $output .= "     <OPTION VALUE=\"$cur\"". ($cur == $category ? " SELECTED" : "") .">Bans by ". key($type2index) ."</OPTION>\n";
   }
   $output .= "    </SELECT>\n";
   $output .= "    <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";

modules/comment.module

@@ -34,7 +34,7 @@ function comment_edit($id) {
 
 function comment_save($id, $subject, $comment) {
   db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
-  watchdog("message", "modified comment `$subject'.");
+  watchdog("message", "comment: modified `$subject'");
 }
 
 function comment_display($order = "date") {

modules/comment/comment.module

@@ -34,7 +34,7 @@ function comment_edit($id) {
 
 function comment_save($id, $subject, $comment) {
   db_query("UPDATE comments SET subject = '". check_input($subject) ."', comment = '". check_input($comment) ."' WHERE cid = $id");
-  watchdog("message", "modified comment `$subject'.");
+  watchdog("message", "comment: modified `$subject'");
 }
 
 function comment_display($order = "date") {

modules/cron.module

@@ -9,27 +9,43 @@ function cron_reset($name) {
   cron_delete($name);
 }
 
+function cron_save($edit) {
+  foreach ($edit as $key=>$value) {
+    db_query("UPDATE cron SET scheduled = '$value' WHERE module = '$key'");
+  }
+}
+
 function cron_display() {
+  $intervals = array(300, 900, 1800, 3600, 7200, 10800, 21600, 43200, 86400, 172800, 259200, 604800, 1209600, 2419200);
+
   // Perform query:
   $result = db_query("SELECT * FROM cron");
  
   // Generate output:
+  $output .= "<FORM ACTION=\"admin.php?mod=cron\" METHOD=\"post\">\n";
   $output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
-  $output .= " <TR><TH>module</TH><TH>interval</TH><TH>last exection</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
+  $output .= " <TR><TH>module</TH><TH>period</TH><TH>last execution</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
   while ($cron = db_fetch_object($result)) {
-    $output .= " <TR><TD>". check_output($cron->module) ."</TD><TD>every ". format_interval($cron->scheduled) ."</TD><TD>". format_interval(time() - $cron->timestamp) ." ago</TD><TD ALIGN=\"center\"><A HREF=\"cron.php\">execute</A></TD><TD><A HREF=\"admin.php?mod=cron&op=reset&name=$cron->module\">reset</A></TD></TR>\n";
+    foreach ($intervals as $value) $period .= "<OPTION VALUE=\"$value\"". (($cron->scheduled == $value) ? " SELECTED" : "") .">every ". format_interval($value) ."</OPTION>\n";
+    $output .= " <TR><TD>". check_output($cron->module) ."</TD><TD><SELECT NAME=\"edit[$cron->module]\">$period</SELECT></TD><TD>". format_interval(time() - $cron->timestamp) ." ago</TD><TD ALIGN=\"center\"><A HREF=\"cron.php\">execute</A></TD><TD><A HREF=\"admin.php?mod=cron&op=reset&name=$cron->module\">reset</A></TD></TR>\n";
+    unset($period);
   }
   $output .= "</TABLE>\n";
+  $output .= "<INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Save crons\">\n";
+  $output .= "</FORM>\n";
   print $output;
 }
 
 function cron_admin() {
-  global $op, $name;
+  global $op, $edit, $name;
 
   switch($op) {
     case "reset":
       cron_reset($name);
       break;
+    case "Save crons":
+      cron_save($edit);
+      break;
   }
   
   cron_display();

modules/diary.module

@@ -218,7 +218,7 @@ function diary_admin_edit($id) {
 
 function diary_admin_save($id, $text) {
   db_query("UPDATE diaries SET text = '". check_input($text) ."' WHERE id = $id");
-  watchdog("message", "modified diary entry #$id.");
+  watchdog("message", "diary: modified entry #$id.");
 }
 
 function diary_admin_display($order = "date") {

modules/story.module

@@ -63,7 +63,7 @@ function story_edit($id) {
 
 function story_save($id, $subject, $abstract, $updates, $article, $category, $status) {
   db_query("UPDATE stories SET subject = '". check_input($subject) ."', abstract = '". check_input($abstract) ."', updates = '". check_input($updates) ."', article = '". check_input($article) ."', category = '". check_input($category) ."', status = '$status' WHERE id = $id");
-  watchdog("message", "modified story `$subject'.");
+  watchdog("message", "story: modified `$subject'");
 }
 
 function story_display($order = "date") {

modules/story/story.module

@@ -63,7 +63,7 @@ function story_edit($id) {
 
 function story_save($id, $subject, $abstract, $updates, $article, $category, $status) {
   db_query("UPDATE stories SET subject = '". check_input($subject) ."', abstract = '". check_input($abstract) ."', updates = '". check_input($updates) ."', article = '". check_input($article) ."', category = '". check_input($category) ."', status = '$status' WHERE id = $id");
-  watchdog("message", "modified story `$subject'.");
+  watchdog("message", "story: modified `$subject'");
 }
 
 function story_display($order = "date") {