Commit fead09a8 authored by Dries's avatar Dries

Welp. Large commit ahead.

CHANGES:

- Added "read" and "write" permissions into drupal but removed
  it again because - when finished after 3 hours of work - it
  was considered nothing but added complexity that didn't buy
  us anything. :I

  (I'll explain this in detail on the mailing list, I guess.)

- Added a very simple help.module to group all available
  documentation on a single page.

- Fixed bug in node_control(), book.module: UnConeD forgot to
  global $user when updating the combobox code.

- Removed static wishlist.module: in future, the wishlist can
  be maintained as a page in our collaborative book.

- Revised most of settings.module: tidied up the code and the
  descriptions to accompany the settings and introduced a new
  "default maximum number of nodes to display on the main page"
  variable.

- Revised most of comment.module: the administration interface
  looks better now, integrated node permissions, and -finally-
  made it possible to delete comments.

- Polished on:
   + account.module
   + structure.module
   + locale.module
   + module.module
   + forum.module

- Form-ified:
   + account.php
   + account.module
   + setting.module
   + cvs.module
   + submit.php
   + comment.module
   + forum.module
   + book.module
   + page.module
   + locale.module

- Updated CHANGELOG

INFO:

- Designed a "generic tracker system with optional backends"
  on paper.  The idea is to allow registered users to hot-list
  certain topics, individual nodes or threads (comments) and
  to "plug-in" output backends like - for instance - an e-mail
  digest.  The design requires "intelligent blocks" though.


TODO:

- I want to tidy up the headline.module and backend.class as
  well as merge in headlineRSS10.module.  Julian spent quite
  some time working on headline.module but I'm not sure what
  he changed and whether he'd contribute it back?
parent c8d16d76
......@@ -2,7 +2,6 @@ drupal x.xx, xx/xx/xxxx
-----------------------
- major overhaul of the entire underlying design:
* everything is based on nodes: nodes are a conceptual "black box" to couple and manage different types of content and that promotes reusing existing code, thus reducing the complexity and size of drupal as well as improving long-term stability.
* introduced links/drupal tags: [[link]]
- rewrote submission/moderation queue:
* renamed submission.module to moderation.module
* updated submission forms
......@@ -11,17 +10,26 @@ drupal x.xx, xx/xx/xxxx
- removed ban module and integrated it in account.module as "access control":
* access control is based on much more powerful regular expressions (regex) now rather than on MySQL pattern matching.
- rewrote watchdog and submission throttle
- rewrote section code and renamed it to structure.module
- rewrote section code and renamed it to structure.module:
* supports both "categories" and "topics" (cfr. Scoop, SlashCode)
* added "auto-post new submissions" feature versus "moderate new submissions".
- added settings.module:
* moved most configuration options to the administration section
- added page.module:
* allows creation of static (and dynamic) pages through the administration interface
- added help.module:
* groups all available documentation on installed modules on a single page.
- added cvs.module and cvs-to-sql.pl:
* allows to display and mail CVS log messages as digests.
- various updates:
* introduced links/drupal tags: [[link]]
* added preview functionality when submitting new content (such as a story) from the administration pages.
* made the administration section only show those links a user has access to.
* made all modules use specific form_* functions to guarantee a rock-solid forms and more consistent layout.
* improved account module:
+ added "access control" to allow/deny certain usernames/e-mail addresses/hostnames
* improved comment module
* improved comment module:
+ made it possible to permanently delete comments
* improved rating module
* improved story module:
+ added preview functionality for administrators
......
This diff is collapsed.
......@@ -151,8 +151,12 @@ function format_text($text) {
return preg_replace($src, $dst, $text);
}
function form($action, $form, $method = "post") {
return "<FORM ACTION=\"$action\" METHOD=\"$method\">\n$form</FORM>\n";
}
function form_item($title, $value, $description = 0) {
return ($description) ? "<B>$title:</B><BR>$value<BR><SMALL><I>$description</I></SMALL><P>" : "<B>$title:</B><BR>$value<P>\n";
return ($description) ? "<B>$title:</B><BR>$value<BR><SMALL><I>$description</I></SMALL><P>\n" : "<B>$title:</B><BR>$value<P>\n";
}
function form_textfield($title, $name, $value, $size, $maxlength, $description = 0) {
......@@ -163,17 +167,17 @@ function form_textarea($title, $name, $value, $cols, $rows, $description = 0) {
return form_item($title, "<TEXTAREA WRAP=\"virtual\" COLS=\"$cols\" ROWS=\"$rows\" NAME=\"edit[$name]\">". check_textarea($value) ."</TEXTAREA>", $description);
}
function form_select($title, $name, $options, $value, $description = 0) {
function form_select($title, $name, $value, $options, $description = 0) {
foreach ($options as $key=>$choice) $select .= "<OPTION VALUE=\"$key\"". ($key == $value ? " SELECTED" : "") .">". check_select($choice) ."</OPTION>";
return form_item($title, "<SELECT NAME=\"edit[$name]\">$select</SELECT>", $description);
}
function form_hidden($name, $value) {
return "<INPUT TYPE=\"hidden\" NAME=\"edit[$name]\" VALUE=\"$value\">";
return "<INPUT TYPE=\"hidden\" NAME=\"edit[$name]\" VALUE=\"". check_textfield($value) ."\">\n";
}
function form_submit($value) {
return "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"$value\">\n";
return "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"". check_textfield($value) ."\">\n";
}
$conf = conf_init();
......
......@@ -164,7 +164,7 @@ function node_status($node, $index = -1) {
}
function node_control($node) {
global $REQUEST_URI;
global $user, $REQUEST_URI;
?>
<SCRIPT>
......@@ -178,10 +178,12 @@ function visit(site) {
</SCRIPT>
<?php
if ($user->id)
if ($user->id) {
$choices = array("node.php?id=$node->nid" => t("view node"), "submit.php?mod=$node->type" => t("add node"), "submit.php?mod=$node->type&op=update&id=$node->nid" => t("update node"), "node.php?op=history&id=$node->nid" => t("view history"));
else
}
else {
$choices = array("node.php?id=$node->nid" => t("view node"), "node.php?op=history&id=$node->nid" => t("view history"));
}
$output .= "<FORM METHOD=\"get\" ACTION=\"\">\n";
foreach ($choices as $key => $value) $options .= "<OPTION VALUE=\"$key\"". (strstr($REQUEST_URI,"/$key") ? " SELECTED" : "") .">". check_select($value) ."</OPTION>\n";
......@@ -193,7 +195,7 @@ function visit(site) {
function node_visible($node) {
global $user, $status;
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access($user, "node");
return ($node->status == $status[posted]) || ($node->status == $status[queued] && $user->id) || user_access($user, $node->type) || user_access($user, "node");
}
?>
?>
\ No newline at end of file
......@@ -4,7 +4,7 @@
if (variable_get(dev_timing, 0)) timer_start();
$result = db_query("SELECT nid FROM node WHERE promote = '1' AND status = '$status[posted]' AND timestamp <= ". ($date > 0 ? $date : time()) ." ". ($category ? "AND cid = '$category'" : "") ." ". ($topic ? "AND tid = '$topic'" : "") ." ORDER BY timestamp DESC LIMIT ". ($user->nodes ? $user->nodes : 10));
$result = db_query("SELECT nid FROM node WHERE promote = '1' AND status = '$status[posted]' AND timestamp <= ". ($date > 0 ? $date : time()) ." ". ($category ? "AND cid = '$category'" : "") ." ". ($topic ? "AND tid = '$topic'" : "") ." ORDER BY timestamp DESC LIMIT ". ($user->nodes ? $user->nodes : variable_get(default_nodes_main, 10)));
$theme->header();
while ($node = db_fetch_object($result)) {
......
......@@ -69,7 +69,7 @@ function account_ac() {
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TH>mask</TH><TH>type</TH><TH>reason</TH><TH>oparations</TH></TR>\n";
while ($rule = db_fetch_object($result)) {
$output .= " <TR><TD>$rule->mask</TD><TD ALIGN=\"center\">$rule->type</TD><TD>". check_output($rule->reason) ."</TD><TD><A HREF=\"admin.php?mod=account&op=delete+rule&id=$rule->id\">delete rule</A></TD></TR>\n";
$output .= " <TR><TD>$rule->mask</TD><TD ALIGN=\"center\">$rule->type</TD><TD>". check_output($rule->reason) ."</TD><TD><A HREF=\"admin.php?mod=account&op=delete&id=$rule->id\">delete rule</A></TD></TR>\n";
}
$output .= " <TR><TD><INPUT TYPE=\"text\" NAME=\"edit[mask]\"></TD><TD><SELECT NAME=\"edit[type]\">\n$type</SELECT></TD><TD><INPUT TYPE=\"text\" NAME=\"edit[reason]\"></TD><TD><INPUT NAME=\"op\" TYPE=\"submit\" VALUE=\"Add rule\"></TD></TR>\n";
$output .= " <TR><TD COLSPAN=\"4\"><SMALL><I>Use <A HREF=\"admin.php?mod=account&op=help\">regular expressions</A> (regexs) to specify the mask pattern.</I></SMALL></TD></TR>\n";
......@@ -117,7 +117,7 @@ function account_blocks($id) {
}
function account_nodes($id) {
$result = db_query("SELECT * FROM node WHERE author = $id ORDER BY timestamp DESC");
$result = db_query("SELECT * FROM node WHERE author = $id ORDER BY timestamp DESC LIMIT 30");
while ($node = db_fetch_object($result)) {
$output .= "<LI><A HREF=\"node.php?id=$node->nid\">$node->title</A> ($node->type)</LI>\n";
}
......@@ -125,7 +125,7 @@ function account_nodes($id) {
}
function account_comments($id) {
$result = db_query("SELECT * FROM comments WHERE author = '$id' ORDER BY timestamp DESC");
$result = db_query("SELECT * FROM comments WHERE author = '$id' ORDER BY timestamp DESC LIMIT 30");
while ($comment = db_fetch_object($result)) {
$output .= "<LI><A HREF=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">$comment->subject</A></LI>\n";
}
......@@ -158,33 +158,28 @@ function access($name, $module) {
$access .= "<OPTION VALUE=\"$name\"". (user_access($account, $name) ? " SELECTED" : "") .">$name</OPTION>";
}
$status = array(0 => "blocked", 1 => "not confirmed", 2 => "open");
$status = array("blocked", "not confirmed", "open");
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
foreach ($status as $key=>$value) {
$stat .= " <OPTION VALUE=\"$key\"". (($account->status == $key) ? " SELECTED" : "") .">$value</OPTION>\n";
}
module_iterate("access");
$output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$output .= "<B>ID:</B><BR>$account->id<P>\n";
$output .= "<B>Username:</B><BR>". check_output($account->userid) ."<P>\n";
$output .= "<B>Status:</B><BR><SELECT NAME=\"edit[status]\">\n$stat</SELECT><P>\n";
$output .= "<B>Administrator access:</B><BR><SELECT NAME=\"edit[access][]\" MULTIPLE=\"true\" SIZE=\"10\">$access</SELECT><P>\n";
$output .= "<B>Real name:</B><BR><INPUT NAME=\"edit[name]\" SIZE=\"55\" VALUE=\"". check_textfield($account->name). "\"><P>\n";
$output .= "<B>Real e-mail address:</B><BR><INPUT NAME=\"edit[real_email]\" SIZE=\"55\" VALUE=\"". check_textfield($account->real_email) ."\"><P>\n";
$output .= "<B>Fake e-mail address:</B><BR><INPUT NAME=\"edit[fake_email]\" SIZE=\"55\" VALUE=\"". check_textfield($account->fake_email) ."\"><P>\n";
$output .= "<B>URL of homepage:</B><BR><INPUT NAME=\"edit[url]\" SIZE=\"55\" VALUE=\"". check_textfield($account->url) ."\"><P>\n";
$output .= "<B>Bio information:</B><BR><TEXTAREA NAME=\"edit[bio]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">". check_textarea($account->bio) ."</TEXTAREA><P>\n";
$output .= "<B>Signature:</B><BR><TEXTAREA NAME=\"edit[signature]\" COLS=\"35\" ROWS=\"5\" WRAP=\"virtual\">". check_textarea($account->signature) ."</TEXTAREA><P>\n";
$output .= "<INPUT TYPE=\"hidden\" NAME=\"name\" VALUE=\"$account->userid\">\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"View account\">\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save account\">\n";
$output .= "</FORM>\n";
return $output;
$form .= form_item("ID", $account->id);
$form .= form_item(t("Username"), check_output($account->userid));
$form .= form_select(t("Status"), "status", $account->status, array("blocked", "not confirmed", "open"));
$form .= form_item(t("Administrator access"), "<SELECT NAME=\"edit[access][]\" MULTIPLE=\"true\" SIZE=\"10\">$access</SELECT>");
$form .= form_textfield(t("Real name"), "name", $account->name, 30, 55);
$form .= form_textfield(t("Real e-mail address"), "real_email", $account->real_email, 30, 55);
$form .= form_textfield(t("Fake e-mail address"), "fake_email", $account->fake_email, 30, 55);
$form .= form_textfield(t("Homepage"), "url", $account->url, 30, 55);
$form .= form_textarea(t("Bio"), "bio", $account->bio, 35, 5);
$form .= form_textarea(t("Signature"), "signature", $account->signature, 35, 5);
$form .= form_hidden("userid", $account->userid);
$form .= form_submit("View account");
$form .= form_submit("Save account");
return form("admin.php?mod=account", $form);
}
}
......@@ -194,7 +189,10 @@ function account_view($name) {
$result = db_query("SELECT * FROM users WHERE userid = '$name'");
if ($account = db_fetch_object($result)) {
$output .= "<FORM ACTION=\"admin.php?mod=account\" METHOD=\"post\">\n";
$form .= form_hidden("userid", $account->userid);
$form .= form_submit("Edit account");
$form .= form_submit("Delete account");
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"3\" CELLSPACING=\"0\">\n";
$output .= " <TR><TH>ID:</TH><TD>$account->id</TD></TR>\n";
$output .= " <TR><TH>Username:</TH><TD>$account->userid</TD></TR>\n";
......@@ -203,19 +201,19 @@ function account_view($name) {
$output .= " <TR><TH>Real name:</TH><TD>". check_output($account->name) ."</TD></TR>\n";
$output .= " <TR><TH>Real e-mail address:</TH><TD>". format_email($account->real_email) ."</TD></TR>\n";
$output .= " <TR><TH>Fake e-mail address:</TH><TD>". check_output($account->fake_email) ."</TD></TR>\n";
$output .= " <TR><TH>URL of homepage:</TH><TD>". format_url($account->url) ."</TD></TR>\n";
$output .= " <TR><TH>Homepage:</TH><TD>". format_url($account->url) ."</TD></TR>\n";
$output .= " <TR><TH>Last access:</TH><TD>". format_date($account->last_access) ." from ". check_output($account->last_host) ."</TD></TR>\n";
$output .= " <TR><TH>User rating:</TH><TD>". check_output($account->rating) ."</TD></TR>\n";
$output .= " <TR><TH>Bio information:</TH><TD>". check_output($account->bio) ."</TD></TR>\n";
$output .= " <TR><TH><B>Signature:</TH><TD>". check_output($account->signature) ."</TD></TR>\n";
$output .= " <TR><TH>Bio:</TH><TD>". check_output($account->bio) ."</TD></TR>\n";
$output .= " <TR><TH>Signature:</TH><TD>". check_output($account->signature) ."</TD></TR>\n";
$output .= " <TR><TH>Theme:</TH><TD>". check_output($account->theme) ."</TD></TR>\n";
$output .= " <TR><TH>Timezone:</TH><TD>". check_output($account->timezone / 3600) ."</TD></TR>\n";
$output .= " <TR><TH>Selected blocks:</TH><TD>". check_output(account_blocks($account->id)) ."</TD></TR>\n";
$output .= " <TR><TH>Submitted nodes:</TH><TD>". check_output(account_nodes($account->id)) ."</TD></TR>\n";
$output .= " <TR><TH>Submitted comments:</TH><TD>". check_output(account_comments($account->id)) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"center\" COLSPAN=\"2\"><INPUT TYPE=\"hidden\" NAME=\"name\" VALUE=\"$account->userid\"><INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Edit account\"><INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Delete account\"></TD></TR>\n";
$output .= " <TR><TH>Recent nodes:</TH><TD>". check_output(account_nodes($account->id)) ."</TD></TR>\n";
$output .= " <TR><TH>Recent comments:</TH><TD>". check_output(account_comments($account->id)) ."</TD></TR>\n";
$output .= " <TR><TD ALIGN=\"center\" COLSPAN=\"2\">". form("admin.php?mod=account", $form) ."</TD></TR>\n";
$output .= "</TABLE>\n";
$output .= "</FORM>\n";
return $output;
}
}
......@@ -244,13 +242,12 @@ function account_admin() {
print status(account_ac_check($edit));
print account_ac();
break;
case "delete rule":
case "delete":
print status(account_ac_del($id));
print account_ac();
break;
case "Delete account":
case "delete":
print status(account_delete(check_input($name)));
print status(account_delete($edit[userid]));
print account_overview(account_query($type));
break;
case "Edit account":
......@@ -268,8 +265,8 @@ function account_admin() {
print search_data($keys, $mod);
break;
case "Save account":
print status(account_edit_save(check_input($name), $edit));
print account_view(check_input($name));
print status(account_edit_save(check_input($edit[userid]), $edit));
print account_view(check_input($edit[userid]));
break;
case "View account":
case "view":
......
......@@ -94,47 +94,43 @@ function book_toc($parent = 0, $indent = "", $toc = array()) {
function book_form($edit = array()) {
global $allowed_html, $PHP_SELF, $REQUEST_URI, $user;
$output .= "<FORM ACTION=\"$REQUEST_URI\" METHOD=\"post\">\n";
$output .= form_item(t("Author"), format_username(($edit[userid] ? $edit[userid] : $user->userid)));
$output .= form_hidden(userid, $edit[userid]);
$output .= form_textfield(t("Subject"), "title", $edit[title], 50, 128);
$output .= form_item(t("Category"), category_form_select("book", $edit));
$form .= form_item(t("Author"), format_username(($edit[userid] ? $edit[userid] : $user->userid)));
$form .= form_hidden(userid, $edit[userid]);
$form .= form_textfield(t("Subject"), "title", $edit[title], 50, 64);
$form .= form_item(t("Category"), category_form_select("book", $edit));
if ($edit[pid]) {
$node = node_get_object("nid", $edit[pid]);
$output .= form_item(t("Parent"), "<A HREF=\"node.php?id=$node->id\">". check_output($node->title) ."</A>", t("The parent subject or category the page belongs in."));
$output .= form_hidden("parent". $edit[parent]);
$form .= form_item(t("Parent"), "<A HREF=\"node.php?id=$node->id\">". check_output($node->title) ."</A>", t("The parent subject or category the page belongs in."));
$form .= form_hidden("parent". $edit[parent]);
}
else {
$output .= form_select(t("Parent"), "parent", user_access($user, "book") ? array_merge(array(0 => "&nbsp;"), book_toc()) : book_toc(), $edit[parent], t("The parent subject or category the page belongs in."));
$form .= form_select(t("Parent"), "parent", $edit[parent], user_access($user, "book") ? array_merge(array(0 => "&nbsp;"), book_toc()) : book_toc(), t("The parent subject or category the page belongs in."));
}
$output .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$output .= form_textarea(t("Log message"), "log", $edit[log], 50, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
$form .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$form .= form_textarea(t("Log message"), "log", $edit[log], 50, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
if (user_access($user, "book")) {
$output .= form_select(t("Weight"), "weight", array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), $edit[weight], t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
$form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
}
$form .= form_hidden("pid", $edit[pid]);
$form .= form_hidden("nid", $edit[nid]);
if (!$edit) {
$output .= form_submit(t("Preview"));
$form .= form_submit(t("Preview"));
}
else if (!$edit[title]) {
$output .= "<FONT COLOR=\"red\">". t("Warning: you did not supply a title.") ."</FONT><P>\n";
$output .= form_submit(t("Preview"));
$form .= "<FONT COLOR=\"red\">". t("Warning: you did not supply a title.") ."</FONT><P>\n";
$form .= form_submit(t("Preview"));
}
else {
$output .= form_submit(t("Preview"));
$output .= form_submit(t("Submit"));
$form .= form_submit(t("Preview"));
$form .= form_submit(t("Submit"));
}
$output .= form_hidden("pid", $edit[pid]);
$output .= form_hidden("nid", $edit[nid]);
$output .= "</FORM>\n";
return $output;
return form($REQUEST_URI, $form);
}
function book_save($edit) {
......
......@@ -94,47 +94,43 @@ function book_toc($parent = 0, $indent = "", $toc = array()) {
function book_form($edit = array()) {
global $allowed_html, $PHP_SELF, $REQUEST_URI, $user;
$output .= "<FORM ACTION=\"$REQUEST_URI\" METHOD=\"post\">\n";
$output .= form_item(t("Author"), format_username(($edit[userid] ? $edit[userid] : $user->userid)));
$output .= form_hidden(userid, $edit[userid]);
$output .= form_textfield(t("Subject"), "title", $edit[title], 50, 128);
$output .= form_item(t("Category"), category_form_select("book", $edit));
$form .= form_item(t("Author"), format_username(($edit[userid] ? $edit[userid] : $user->userid)));
$form .= form_hidden(userid, $edit[userid]);
$form .= form_textfield(t("Subject"), "title", $edit[title], 50, 64);
$form .= form_item(t("Category"), category_form_select("book", $edit));
if ($edit[pid]) {
$node = node_get_object("nid", $edit[pid]);
$output .= form_item(t("Parent"), "<A HREF=\"node.php?id=$node->id\">". check_output($node->title) ."</A>", t("The parent subject or category the page belongs in."));
$output .= form_hidden("parent". $edit[parent]);
$form .= form_item(t("Parent"), "<A HREF=\"node.php?id=$node->id\">". check_output($node->title) ."</A>", t("The parent subject or category the page belongs in."));
$form .= form_hidden("parent". $edit[parent]);
}
else {
$output .= form_select(t("Parent"), "parent", user_access($user, "book") ? array_merge(array(0 => "&nbsp;"), book_toc()) : book_toc(), $edit[parent], t("The parent subject or category the page belongs in."));
$form .= form_select(t("Parent"), "parent", $edit[parent], user_access($user, "book") ? array_merge(array(0 => "&nbsp;"), book_toc()) : book_toc(), t("The parent subject or category the page belongs in."));
}
$output .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$output .= form_textarea(t("Log message"), "log", $edit[log], 50, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
$form .= form_textarea(t("Content"), "body", $edit[body], 50, 10, t("Allowed HTML tags") .": ". htmlspecialchars($allowed_html));
$form .= form_textarea(t("Log message"), "log", $edit[log], 50, 5, t("An explanation of the additions or updates being made to help the group understand your motivations."));
if (user_access($user, "book")) {
$output .= form_select(t("Weight"), "weight", array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), $edit[weight], t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
$form .= form_select(t("Weight"), "weight", $edit[weight], array(0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30), t("The heavier nodes will sink and the lighter nodes will be positioned nearer the top."));
}
$form .= form_hidden("pid", $edit[pid]);
$form .= form_hidden("nid", $edit[nid]);
if (!$edit) {
$output .= form_submit(t("Preview"));
$form .= form_submit(t("Preview"));
}
else if (!$edit[title]) {
$output .= "<FONT COLOR=\"red\">". t("Warning: you did not supply a title.") ."</FONT><P>\n";
$output .= form_submit(t("Preview"));
$form .= "<FONT COLOR=\"red\">". t("Warning: you did not supply a title.") ."</FONT><P>\n";
$form .= form_submit(t("Preview"));
}
else {
$output .= form_submit(t("Preview"));
$output .= form_submit(t("Submit"));
$form .= form_submit(t("Preview"));
$form .= form_submit(t("Submit"));
}
$output .= form_hidden("pid", $edit[pid]);
$output .= form_hidden("nid", $edit[nid]);
$output .= "</FORM>\n";
return $output;
return form($REQUEST_URI, $form);
}
function book_save($edit) {
......
......@@ -15,90 +15,53 @@ function comment_find($keys) {
function comment_edit($id) {
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
$output .= "<FORM ACTION=\"admin.php?mod=comment&op=save&id=$id\" METHOD=\"post\">\n";
$output .= "<B>Author:</B><BR>\n";
$output .= format_username($comment->userid) ."<P>\n";
$output .= "<B>Subject:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\"><P>\n";
$form .= form_item(t("Author"), format_username($comment->userid));
$form .= form_textfield(t("Subject"), "subject", $comment->subject, 50, 128);
$form .= form_textarea(t("Comment"), "comment", $comment->comment, 50, 10);
$form .= form_submit("Save comment");
$output .= "<B>Comment:</B><BR>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save comment\">\n";
$output .= "</FORM>\n";
print $output;
return form("admin.php?mod=comment&id=$id", $form);
}
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '$subject', comment = '$comment' WHERE cid = '$id'");
watchdog("message", "comment: modified '$subject'");
function comment_save($id, $edit) {
db_query("UPDATE comments SET subject = '". check_input($edit[subject]) ."', comment = '". check_input($edit[comment]) ."' WHERE cid = '$id'");
watchdog("message", "comment: modified '$edit[subject]'");
}
function comment_display($order = "date") {
// Initialize variables:
$fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject");
// Perform SQL query:
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50");
function comment_display() {
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY timestamp DESC LIMIT 50");
// Display comments:
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR>\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"3\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=comment\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"order\">\n";
foreach ($fields as $key=>$value) {
$output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
$output .= " </FORM>\n";
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR>\n";
$output .= " <TH>subject</TH>\n";
$output .= " <TH>author</TH>\n";
$output .= " <TH>operations</TH>\n";
$output .= " </TR>\n";
$output .= " <TR><TH>subject</TH><TH>author</TH><TH>date</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
while ($comment = db_fetch_object($result)) {
$output .= " <TR><TD><A HREF=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD><TD>". format_username($comment->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit</A></TD></TR>\n";
$output .= " <TR><TD><A HREF=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD><TD>". format_username($comment->userid) ."</TD><TD>". format_date($comment->timestamp, "small") ."</TD><TD><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</A></TD><TD><A HREF=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
print $output;
return $output;
}
function comment_admin() {
global $op, $id, $mod, $keys, $subject, $comment, $order;
global $op, $id, $edit, $mod, $keys, $order;
print "<SMALL><A HREF=\"admin.php?mod=comment\">overview</A> | <A HREF=\"admin.php?mod=comment&op=search\">search comment</A></SMALL><HR>\n";
switch ($op) {
case "edit":
comment_edit($id);
print comment_edit($id);
break;
case "search":
print search_form($keys);
print search_data($keys, $mod);
break;
case "Save comment":
comment_save(check_input($id), check_input($subject), check_input($comment));
comment_display();
break;
case "Update":
comment_display(check_input($order));
print status(comment_save(check_input($id), $edit));
print comment_display();
break;
default:
comment_display();
print comment_display();
}
}
......
......@@ -15,90 +15,53 @@ function comment_find($keys) {
function comment_edit($id) {
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON c.author = u.id WHERE c.cid = '$id'");
$comment = db_fetch_object($result);
$output .= "<FORM ACTION=\"admin.php?mod=comment&op=save&id=$id\" METHOD=\"post\">\n";
$output .= "<B>Author:</B><BR>\n";
$output .= format_username($comment->userid) ."<P>\n";
$output .= "<B>Subject:</B><BR>\n";
$output .= "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=\"50\" VALUE=\"". check_textfield($comment->subject) ."\"><P>\n";
$form .= form_item(t("Author"), format_username($comment->userid));
$form .= form_textfield(t("Subject"), "subject", $comment->subject, 50, 128);
$form .= form_textarea(t("Comment"), "comment", $comment->comment, 50, 10);
$form .= form_submit("Save comment");
$output .= "<B>Comment:</B><BR>\n";
$output .= "<TEXTAREA WRAP=\"virtual\" COLS=\"50\" ROWS=\"10\" NAME=\"comment\">". check_textarea($comment->comment) ."</TEXTAREA><P>\n";
$output .= "<INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Save comment\">\n";
$output .= "</FORM>\n";
print $output;
return form("admin.php?mod=comment&id=$id", $form);
}
function comment_save($id, $subject, $comment) {
db_query("UPDATE comments SET subject = '$subject', comment = '$comment' WHERE cid = '$id'");
watchdog("message", "comment: modified '$subject'");
function comment_save($id, $edit) {
db_query("UPDATE comments SET subject = '". check_input($edit[subject]) ."', comment = '". check_input($edit[comment]) ."' WHERE cid = '$id'");
watchdog("message", "comment: modified '$edit[subject]'");
}
function comment_display($order = "date") {
// Initialize variables:
$fields = array("author" => "author", "date" => "timestamp DESC", "subject" => "subject");
// Perform SQL query:
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY c.$fields[$order] LIMIT 50");
function comment_display() {
$result = db_query("SELECT c.*, u.userid FROM comments c LEFT JOIN users u ON u.id = c.author ORDER BY timestamp DESC LIMIT 50");
// Display comments:
$output .= "<TABLE BORDER=\"1\" CELLPADDING=\"2\" CELLSPACING=\"2\">\n";
$output .= " <TR>\n";
$output .= " <TH ALIGN=\"right\" COLSPAN=\"3\">\n";
$output .= " <FORM ACTION=\"admin.php?mod=comment\" METHOD=\"post\">\n";
$output .= " <SELECT NAME=\"order\">\n";
foreach ($fields as $key=>$value) {
$output .= " <OPTION VALUE=\"$key\"". ($key == $order ? " SELECTED" : "") .">Sort by $key</OPTION>\n";
}
$output .= " </SELECT>\n";
$output .= " <INPUT TYPE=\"submit\" NAME=\"op\" VALUE=\"Update\">\n";
$output .= " </FORM>\n";
$output .= " </TH>\n";
$output .= " </TR>\n";
$output .= " <TR>\n";
$output .= " <TH>subject</TH>\n";
$output .= " <TH>author</TH>\n";
$output .= " <TH>operations</TH>\n";
$output .= " </TR>\n";
$output .= " <TR><TH>subject</TH><TH>author</TH><TH>date</TH><TH COLSPAN=\"2\">operations</TH></TR>\n";
while ($comment = db_fetch_object($result)) {
$output .= " <TR><TD><A HREF=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD><TD>". format_username($comment->userid) ."</TD><TD ALIGN=\"center\"><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit</A></TD></TR>\n";
$output .= " <TR><TD><A HREF=\"node.php?id=$comment->lid&cid=$comment->cid&pid=$comment->pid#$comment->cid\">". check_output($comment->subject) ."</A></TD><TD>". format_username($comment->userid) ."</TD><TD>". format_date($comment->timestamp, "small") ."</TD><TD><A HREF=\"admin.php?mod=comment&op=edit&id=$comment->cid\">edit comment</A></TD><TD><A HREF=\"admin.php?mod=comment&op=delete&id=$comment->cid\">delete comment</A></TD></TR>\n";
}
$output .= "</TABLE>\n";
print $output;
return $output;
}
function comment_admin() {
global $op, $id, $mod, $keys, $subject, $comment, $order;
global $op, $id, $edit, $mod, $keys, $order;
print "<SMALL><A HREF=\"admin.php?mod=comment\">overview</A> | <A HREF=\"admin.php?mod=comment&op=search\">search comment</A></SMALL><HR>\n";
switch ($op) {
case "edit":
comment_edit($id);
print comment_edit($id);
break;
case "search":
print search_form($keys);
print search_data($keys, $mod);
break;
case "Save comment":
comment_save(check_input($id), check_input($subject), check_input($comment));
comment_display();
break;
case "Update":
comment_display(check_input($order));
print status(comment_save(check_input($id), $edit));
print comment_display();
break;
default:
comment_display();
print comment_display();
}
}
......
......@@ -17,10 +17,7 @@ function cvs_cron() {
}
function cvs_conf() {
$output .= "<B>Recepient for log messages:</B><BR>\n";
$output .= "<INPUT NAME=\"edit[cvs_mail]\" MAXLENGTH=\"55\" SIZE=\"30\" VALUE=\"". variable_get(cvs_mail, "root@localhost") ."\"><BR>\n";
$output .= "<I><SMALL>The e-mail address to mail the CVS log messages to. Multiple recipients can be specified by putting a comma between each address.</SMALL></I><P>\n";
return $output;
return form_textfield(t("CVS digest recepient"), "cvs_mail", variable_get(cvs_mail, "root@localhost"), 30, 55, t("The e-mail address to mail the CVS log messages to. Multiple recipients can be specified by putting a comma between each address."));
}
function cvs_page() {
......
......@@ -14,25 +14,22 @@ function forum_status() {
return array(dumped, posted);
}
function forum_view($node) {
global $theme;
$output .= "<P><A HREF=\"module.php?mod=forum\">Forum</A> / <B><A HREF=\"node.php?id=$node->nid\">". check_output($node->title) ."</A></B>:</P><P>". check_output($node->body) ."</P>";
$theme->box(t("Discussion forum"), $output);
}
function forum_form($edit = array()) {
global $format;
$output .= "<FORM ACTION=\"admin.php?mod=forum\" METHOD=\"post\">\n";