[geeklog-cvs] geeklog-1.3/public_html comment.php,1.41,1.42
geeklog-cvs-admin at lists.geeklog.net
geeklog-cvs-admin at lists.geeklog.net
Mon May 5 12:53:39 EDT 2003
Update of /usr/cvs/geeklog/geeklog-1.3/public_html
In directory internal.geeklog.net:/tmp/cvs-serv5149
Modified Files:
comment.php
Log Message:
A couple of (mostly minor) fixes after a code review, also changed it to use the new speedlimit table & functions.
Index: comment.php
===================================================================
RCS file: /usr/cvs/geeklog/geeklog-1.3/public_html/comment.php,v
retrieving revision 1.41
retrieving revision 1.42
diff -C2 -d -r1.41 -r1.42
*** comment.php 28 Apr 2003 12:55:31 -0000 1.41
--- comment.php 5 May 2003 16:53:37 -0000 1.42
***************
*** 58,79 ****
*
* @param int $uid User ID
- * @param string $save ??
- * @param string $anon Indicates if this is posted anonymously
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
! * @param string $pid ??
* @param string $type Type of object comment is posted to
! * @param string $mode ??
* @param string $postmode Indicates if comment is plain text or HTML
* @return string HTML for comment form
*
*/
! function commentform($uid,$save,$anon,$title,$comment,$sid,$pid='0',$type,$mode,$postmode)
{
global $_TABLES, $HTTP_POST_VARS, $REMOTE_ADDR, $_CONF, $LANG03, $LANG12, $LANG_LOGIN, $_USER;
! if ($uid > 1) {
! $sig = DB_getItem($_TABLES['users'], 'sig', "uid='$uid'");
}
--- 58,84 ----
*
* @param int $uid User ID
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object comment belongs to
! * @param string $pid ID of parent comment
* @param string $type Type of object comment is posted to
! * @param string $mode Mode, e.g. 'preview'
* @param string $postmode Indicates if comment is plain text or HTML
* @return string HTML for comment form
*
*/
! function commentform($uid,$title,$comment,$sid,$pid='0',$type,$mode,$postmode)
{
global $_TABLES, $HTTP_POST_VARS, $REMOTE_ADDR, $_CONF, $LANG03, $LANG12, $LANG_LOGIN, $_USER;
! $retval = '';
!
! if (empty ($postmode)) {
! $postmode = $_CONF['postmode'];
! }
!
! $sig = '';
! if ($uid > 1) {
! $sig = DB_getItem ($_TABLES['users'], 'sig', "uid = '$uid'");
}
***************
*** 92,104 ****
return $retval;
} else {
! DB_query("DELETE FROM {$_TABLES['commentspeedlimit']} WHERE date < unix_timestamp() - {$_CONF['commentspeedlimit']}");
!
! $id = DB_count($_TABLES['commentspeedlimit'], 'ipaddress', $REMOTE_ADDR);
! if ($id > 0) {
! $result = DB_query("SELECT date FROM {$_TABLES['commentspeedlimit']} WHERE ipaddress = '$REMOTE_ADDR'");
! $A = DB_fetchArray($result);
! $last = time() - $A[0];
$retval .= COM_startBlock($LANG12[26])
. $LANG03[7]
--- 97,105 ----
return $retval;
} else {
! COM_clearSpeedlimit ($_CONF['commentspeedlimit'], 'comment');
! $last = COM_checkSpeedlimit ('comment');
+ if ($last > 0) {
$retval .= COM_startBlock($LANG12[26])
. $LANG03[7]
***************
*** 152,160 ****
$mode = 'error';
}
!
! if (empty($postmode)) {
! $postmode = $_CONF['postmode'];
! }
!
$comment_template = new Template($_CONF['path_layout'] . 'comment');
if (($_CONF['advanced_editor'] == 1) && file_exists ($_CONF['path_layout'] . 'comment/commentform_advanced.thtml')) {
--- 153,157 ----
$mode = 'error';
}
!
$comment_template = new Template($_CONF['path_layout'] . 'comment');
if (($_CONF['advanced_editor'] == 1) && file_exists ($_CONF['path_layout'] . 'comment/commentform_advanced.thtml')) {
***************
*** 169,173 ****
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
!
if (!empty($_USER['username'])) {
$comment_template->set_var('uid', $_USER['uid']);
--- 166,170 ----
$comment_template->set_var('pid', $pid);
$comment_template->set_var('type', $type);
!
if (!empty($_USER['username'])) {
$comment_template->set_var('uid', $_USER['uid']);
***************
*** 181,185 ****
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
}
!
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', stripslashes($title));
--- 178,182 ----
$comment_template->set_var('lang_logoutorcreateaccount', $LANG03[04]);
}
!
$comment_template->set_var('lang_title', $LANG03[16]);
$comment_template->set_var('title', stripslashes($title));
***************
*** 196,210 ****
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
$comment_template->set_var('lang_preview', $LANG03[14]);
!
if (($_CONF['skip_preview'] == 1) || ($mode == $LANG03[14])) {
$comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[11] . '">');
}
! $comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
!
return $retval;
}
--- 193,207 ----
$comment_template->set_var('lang_instr_line5', $LANG03[23]);
$comment_template->set_var('lang_preview', $LANG03[14]);
!
if (($_CONF['skip_preview'] == 1) || ($mode == $LANG03[14])) {
$comment_template->set_var('save_option', '<input type="submit" name="mode" value="' . $LANG03[11] . '">');
}
! $comment_template->set_var('end_block', COM_endBlock());
$comment_template->parse('output', 'form');
$retval .= $comment_template->finish($comment_template->get_var('output'));
}
}
!
return $retval;
}
***************
*** 214,232 ****
*
* @param int $uid User ID of user making the comment
- * @param string $save ??
- * @param string $anon Indicates an anonymous post
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object receiving comment
* @param string $pid ID of parent comment
! * @param string $type Type of comment this is (story, poll, etc)
* @param string $postmode Indicates if text is HTML or plain text
* @return string either nothing or HTML formated error
*
*/
! function savecomment($uid,$save,$anon,$title,$comment,$sid,$pid,$type,$postmode)
{
global $_TABLES, $_CONF, $LANG03, $REMOTE_ADDR;
// Get signature
$sig = '';
--- 211,229 ----
*
* @param int $uid User ID of user making the comment
* @param string $title Title of comment
* @param string $comment Text of comment
* @param string $sid ID of object receiving comment
* @param string $pid ID of parent comment
! * @param string $type Type of comment this is (article, poll, etc)
* @param string $postmode Indicates if text is HTML or plain text
* @return string either nothing or HTML formated error
*
*/
! function savecomment($uid,$title,$comment,$sid,$pid,$type,$postmode)
{
global $_TABLES, $_CONF, $LANG03, $REMOTE_ADDR;
+ $retval = '';
+
// Get signature
$sig = '';
***************
*** 258,277 ****
if (!empty($title) && !empty($comment)) {
! DB_save($_TABLES['commentspeedlimit'],'ipaddress, date',"'$REMOTE_ADDR',unix_timestamp()");
DB_save($_TABLES['comments'],'sid,uid,comment,date,title,pid,type',"'$sid',$uid,'$comment',now(),'$title',$pid,'$type'");
!
// See if plugin will handle this to update it's records
PLG_handlePluginComment($type,$sid,'save');
!
// If we reach here then no plugin issued a COM_refresh() so continue
- $comments = DB_count($_TABLES['comments'],'sid',$sid);
-
if ($type == 'poll') {
- if ($comments > 0) {
- DB_change($_TABLES['stories'],'comments',$comments,'sid',$sid);
- }
$retval .= COM_refresh("{$_CONF['site_url']}/pollbooth.php?qid=$sid&aid=-1");
} else {
DB_change($_TABLES['stories'],'comments',$comments,'sid',$sid);
$retval .= COM_refresh("{$_CONF['site_url']}/article.php?story=$sid");
--- 255,270 ----
if (!empty($title) && !empty($comment)) {
! COM_updateSpeedlimit ('comment');
DB_save($_TABLES['comments'],'sid,uid,comment,date,title,pid,type',"'$sid',$uid,'$comment',now(),'$title',$pid,'$type'");
!
// See if plugin will handle this to update it's records
PLG_handlePluginComment($type,$sid,'save');
!
// If we reach here then no plugin issued a COM_refresh() so continue
if ($type == 'poll') {
$retval .= COM_refresh("{$_CONF['site_url']}/pollbooth.php?qid=$sid&aid=-1");
} else {
+ $comments = DB_count($_TABLES['comments'],'sid',$sid);
DB_change($_TABLES['stories'],'comments',$comments,'sid',$sid);
$retval .= COM_refresh("{$_CONF['site_url']}/article.php?story=$sid");
***************
*** 279,288 ****
} else {
$retval .= COM_siteHeader()
! . commentform ($uid, $save, $anon, $title, $comment, $sid, $pid,
! $type, $LANG03[14], $postmode)
. COM_siteFooter();
}
! return $retval;
}
--- 272,281 ----
} else {
$retval .= COM_siteHeader()
! . commentform ($uid, $title, $comment, $sid, $pid, $type,
! $LANG03[14], $postmode)
. COM_siteFooter();
}
! return $retval;
}
***************
*** 292,296 ****
* @param string $cid Comment ID
* @param string $sid ID of object comment belongs to
! * @param string $type Comment type (e.g. story, poll, etc)
* @return string Returns string needed to redirect page to right place
*
--- 285,289 ----
* @param string $cid Comment ID
* @param string $sid ID of object comment belongs to
! * @param string $type Comment type (e.g. article, poll, etc)
* @return string Returns string needed to redirect page to right place
*
***************
*** 300,332 ****
global $_TABLES, $_CONF, $_USER, $REMOTE_ADDR;
if (!empty ($sid) && !empty ($cid) && is_numeric ($cid)) {
$result = DB_query ("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'");
! $P = DB_fetchArray ($result);
if (SEC_hasAccess ($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
! $result = DB_query("SELECT pid FROM {$_TABLES['comments']} WHERE cid = $cid");
! $A = DB_fetchArray($result);
! DB_change($_TABLES['comments'],'pid',$A['pid'],'pid',$cid);
! DB_delete($_TABLES['comments'],'cid',$cid);
// See if plugin will handle this to update it's records
PLG_handlePluginComment($type,$sid,'delete');
- $comments = DB_count($_TABLES['comments'],'sid',$sid);
-
if ($type == 'poll') {
! if ($comments > 0) {
! DB_change($_TABLES['stories'],'comments',$comments,'sid',$sid);
! }
! $retval .= COM_refresh("{$_CONF['site_url']}/pollbooth.php?qid=$sid&aid=-1");
} else {
DB_change($_TABLES['stories'],'comments',$comments,'sid',$sid);
! $retval .= COM_refresh("{$_CONF['site_url']}/article.php?story=$sid");
}
} else {
COM_errorLog ('User ' . $_USER['username'] . ' (IP: ' . $REMOTE_ADDR
. ') tried to illegally delete comment ' . $cid
! . ' from story ' . $sid);
! $retval .= COM_refresh ($_CONF['site_url'] . '/article.php?story=' . $sid);
}
} else {
--- 293,324 ----
global $_TABLES, $_CONF, $_USER, $REMOTE_ADDR;
+ $retval = '';
+
if (!empty ($sid) && !empty ($cid) && is_numeric ($cid)) {
$result = DB_query ("SELECT owner_id,group_id,perm_owner,perm_group,perm_members,perm_anon FROM {$_TABLES['stories']} WHERE sid = '{$sid}'");
! $A = DB_fetchArray ($result);
if (SEC_hasAccess ($A['owner_id'], $A['group_id'], $A['perm_owner'], $A['perm_group'], $A['perm_members'], $A['perm_anon']) == 3) {
! $pid = DB_getItem ($_TABLES['comments'], 'pid', "cid = '$cid'");
! DB_change ($_TABLES['comments'], 'pid', $pid, 'pid', $cid);
! DB_delete ($_TABLES['comments'], 'cid', $cid);
// See if plugin will handle this to update it's records
PLG_handlePluginComment($type,$sid,'delete');
if ($type == 'poll') {
! $retval .= COM_refresh ($_CONF['site_url']
! . '/pollbooth.php?qid=$sid&aid=-1');
} else {
+ $comments = DB_count($_TABLES['comments'],'sid',$sid);
DB_change($_TABLES['stories'],'comments',$comments,'sid',$sid);
! $retval .= COM_refresh ($_CONF['site_url']
! . '/article.php?story=$sid');
}
} else {
COM_errorLog ('User ' . $_USER['username'] . ' (IP: ' . $REMOTE_ADDR
. ') tried to illegally delete comment ' . $cid
! . ' from ' . $type . ' ' . $sid);
! $retval .= COM_refresh ($_CONF['site_url'] . '/index.php');
}
} else {
***************
*** 342,355 ****
case $LANG03[14]: //Preview
$display .= COM_siteHeader()
! . commentform($uid,$save,$anon,$title,$comment,$sid,$pid,$type,$mode,$postmode)
. COM_siteFooter();
break;
case $LANG03[11]: //Submit Comment
! $display .= savecomment($uid,$save,$anon,$title,$comment,$sid,$pid,$type,$postmode);
break;
case $LANG01[28]: //Delete
$display .= deletecomment (strip_tags ($cid), strip_tags ($sid), $type);
break;
! case display:
$display .= COM_siteHeader()
. COM_userComments($sid,$title,$type,$order,'threaded',$pid)
--- 334,347 ----
case $LANG03[14]: //Preview
$display .= COM_siteHeader()
! . commentform($uid,$title,$comment,$sid,$pid,$type,$mode,$postmode)
. COM_siteFooter();
break;
case $LANG03[11]: //Submit Comment
! $display .= savecomment($uid,$title,$comment,$sid,$pid,$type,$postmode);
break;
case $LANG01[28]: //Delete
$display .= deletecomment (strip_tags ($cid), strip_tags ($sid), $type);
break;
! case 'display':
$display .= COM_siteHeader()
. COM_userComments($sid,$title,$type,$order,'threaded',$pid)
***************
*** 359,368 ****
if (!empty($sid)) {
if (empty ($title)) {
! $result = DB_query ("SELECT title FROM {$_TABLES['stories']} WHERE sid = '$sid'");
! $A = DB_fetchArray ($result);
! $title = str_replace('$','$',$A['title']);
}
$display .= COM_siteHeader()
! . commentform('','','',$title,'',$sid,$pid,$type,$mode,$postmode)
. COM_siteFooter();
} else {
--- 351,359 ----
if (!empty($sid)) {
if (empty ($title)) {
! $title = DB_getItem ($_TABLES['stories'], 'title', "sid = '{$sid}'");
! $title = str_replace ('$', '$', $title);
}
$display .= COM_siteHeader()
! . commentform('',$title,'',$sid,$pid,$type,$mode,$postmode)
. COM_siteFooter();
} else {
More information about the geeklog-cvs
mailing list